This project has retired. For details please refer to its Attic page.
ValidateCustodyTransfer.java

ValidateCustodyTransfer.java

/*
 * Copyright 2001-2008 The Apache Software Foundation.
 * 
 * Licensed under the Apache License, Version 2.0 (the "License");
 * you may not use this file except in compliance with the License.
 * You may obtain a copy of the License at
 * 
 *      http://www.apache.org/licenses/LICENSE-2.0
 * 
 * Unless required by applicable law or agreed to in writing, software
 * distributed under the License is distributed on an "AS IS" BASIS,
 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 * See the License for the specific language governing permissions and
 * limitations under the License.
 *
 */
package org.apache.juddi.validation;

import java.io.UnsupportedEncodingException;
import java.util.ArrayList;
import java.util.Collections;
import java.util.Date;
import java.util.List;
import java.util.Vector;

import javax.persistence.EntityManager;
import javax.persistence.Query;
import static org.apache.juddi.api.impl.AuthenticatedService.UTF8;

import org.apache.juddi.model.TransferTokenKey;
import org.apache.juddi.model.UddiEntity;
import org.apache.juddi.model.UddiEntityPublisher;
import org.apache.juddi.query.util.DynamicQuery;
import org.apache.juddi.v3.error.ErrorMessage;
import org.apache.juddi.v3.error.FatalErrorException;
import org.apache.juddi.v3.error.InvalidKeyPassedException;
import org.apache.juddi.v3.error.InvalidValueException;
import org.apache.juddi.v3.error.TokenAlreadyExistsException;
import org.apache.juddi.v3.error.TransferNotAllowedException;
import org.apache.juddi.v3.error.UserMismatchException;
import org.apache.juddi.v3.error.ValueNotAllowedException;
import org.uddi.custody_v3.DiscardTransferToken;
import org.uddi.custody_v3.KeyBag;
import org.uddi.custody_v3.TransferEntities;
import org.uddi.v3_service.DispositionReportFaultMessage;

/**
 * @author <a href="mailto:jfaath@apache.org">Jeff Faath</a>
 */
public class ValidateCustodyTransfer extends ValidateUDDIApi {

        public ValidateCustodyTransfer(UddiEntityPublisher publisher) {
                super(publisher);
        }

        public void validateDiscardTransferToken(EntityManager em, DiscardTransferToken body) throws DispositionReportFaultMessage {
                // No null input
                if (body == null) {
                        throw new FatalErrorException(new ErrorMessage("errors.NullInput"));
                }

                KeyBag keyBag = body.getKeyBag();

                // The call must contain at least a transfer token or keyBag
                if (body.getTransferToken() == null && keyBag == null) {
                        throw new FatalErrorException(new ErrorMessage("errors.discardtransfertoken.NoInput"));
                }

                if (keyBag != null) {
                        List<String> keyList = keyBag.getKey();
                        if (keyList == null || keyList.size() == 0) {
                                throw new ValueNotAllowedException(new ErrorMessage("errors.keybag.NoInput"));
                        }

                        // Test that publisher owns keys using operational info.
                        int i = 0;
                        for (String key : keyList) {
                                // Per section 4.4: keys must be case-folded
                                key = key.toLowerCase();
                                keyList.set(i, key);

                                UddiEntity uddiEntity = em.find(UddiEntity.class, key);

				// According to spec, it's ok if a key doesn't match any known entities, it will just be ignored.  However, the publisher must own
                                // the entity in order to discard the associated token.
                                if (uddiEntity != null) {
                                        if (!publisher.isOwner(uddiEntity)) {
                                                throw new UserMismatchException(new ErrorMessage("errors.usermismatch.InvalidOwner", key));
                                        }

                                }

                                i++;
                        }

                }

        }

        public void validateGetTransferToken(EntityManager em, KeyBag keyBag) throws DispositionReportFaultMessage {

                // No null input
                if (keyBag == null) {
                        throw new FatalErrorException(new ErrorMessage("errors.NullInput"));
                }

                List<String> keyList = keyBag.getKey();
                if (keyList == null || keyList.size() == 0) {
                        throw new ValueNotAllowedException(new ErrorMessage("errors.keybag.NoInput"));
                }

                // Test that publisher owns keys using operational info.
                Vector<DynamicQuery.Parameter> params = new Vector<DynamicQuery.Parameter>(0);
                int i = 0;
                for (String key : keyList) {
                        // Per section 4.4: keys must be case-folded
                        key = key.toLowerCase();
                        keyList.set(i, key);

                        UddiEntity uddiEntity = em.find(UddiEntity.class, key);

                        if (uddiEntity == null) {
                                throw new InvalidKeyPassedException(new ErrorMessage("errors.invalidkey.EntityNotFound", key));
                        }

                        // Only BusinessEntities or TModels are allowed to be transferred
                        if (!(uddiEntity instanceof org.apache.juddi.model.BusinessEntity)
                                && !(uddiEntity instanceof org.apache.juddi.model.Tmodel)) {
                                throw new InvalidKeyPassedException(new ErrorMessage("errors.gettransfertoken.InvalidEntity", key));
                        }

                        if (!publisher.isOwner(uddiEntity)) {
                                throw new UserMismatchException(new ErrorMessage("errors.usermismatch.InvalidOwner", key));
                        }

                        // Creating parameters for key-checking query
                        DynamicQuery.Parameter param = new DynamicQuery.Parameter("UPPER(ttk.entityKey)",
                                key.toUpperCase(),
                                DynamicQuery.PREDICATE_EQUALS);
                        params.add(param);

                }

                // Make sure keys aren't implicated in another transfer request
                DynamicQuery checkKeysQry = new DynamicQuery();
                checkKeysQry.append("select ttk.entityKey from TransferTokenKey ttk ");
                checkKeysQry.WHERE().pad().appendGroupedOr(params.toArray(new DynamicQuery.Parameter[0]));

                Query qry = checkKeysQry.buildJPAQuery(em);
                List<?> obj = qry.getResultList();
                if (obj != null && obj.size() > 0) {
                        throw new TokenAlreadyExistsException(new ErrorMessage("errors.gettransfertoken.KeyExists", (String) obj.get(0)));
                }

        }
        
        public void validateTransferLocalEntities(EntityManager em, String transferTokenId, List<String> apiKeyList) throws DispositionReportFaultMessage {
                org.apache.juddi.model.TransferToken modelTransferToken = em.find(org.apache.juddi.model.TransferToken.class, transferTokenId);
                        //JUDDI-272 only block transfer if the destination is not the originator of the token
                        if (modelTransferToken == null) {
                                throw new TransferNotAllowedException(new ErrorMessage("errors.transferentities.TokenNotFound", transferTokenId));
                        }

                        Date now = new Date();
                        if (now.after(modelTransferToken.getExpirationDate())) {
                                throw new TransferNotAllowedException(new ErrorMessage("errors.transferentities.TokenExpired", transferTokenId));
                        }

                        List<TransferTokenKey> transferKeyList = modelTransferToken.getTransferKeys();
                        List<String> modelKeyList = new ArrayList<String>(0);
                        if (transferKeyList != null && transferKeyList.size() > 0) {
                                for (TransferTokenKey ttk : transferKeyList) {
                                        modelKeyList.add(ttk.getEntityKey());
                                }
                        }

                        // The keys in the supplied key bag must match exactly the keys in the stored transfer and the entities must exist
                        Collections.sort(apiKeyList);
                        Collections.sort(modelKeyList);
                        int count = 0;
                        if (modelKeyList.size() != apiKeyList.size()) {
                                throw new TransferNotAllowedException(new ErrorMessage("errors.transferentities.KeySizeMismatch"));
                        }
                        for (String key : apiKeyList) {
                                // Per section 4.4: keys must be case-folded
                                key = key.toLowerCase();
                                apiKeyList.set(count, key);

                                if (!key.equalsIgnoreCase(modelKeyList.get(count))) {
                                        throw new TransferNotAllowedException(new ErrorMessage("errors.transferentities.KeyMismatch", key + " & " + modelKeyList.get(count)));
                                }

                                UddiEntity uddiEntity = em.find(UddiEntity.class, key);
                                if (uddiEntity == null) {
                                        throw new InvalidKeyPassedException(new ErrorMessage("errors.invalidkey.EntityNotFound", key));
                                }
                                count++;
                        }

        }

        /**
         * returns true if all items to be transfered are within this node (no
         * node to node transfers) false for transfer between nodes
         *
         * @param em
         * @param body
         * @return
         * @throws DispositionReportFaultMessage
         */
        public boolean validateTransferEntities(EntityManager em, TransferEntities body) throws DispositionReportFaultMessage {

                boolean ret = true;
                // No null input
                if (body == null) {
                        throw new FatalErrorException(new ErrorMessage("errors.NullInput"));
                }

                org.uddi.custody_v3.TransferToken apiTransferToken = body.getTransferToken();
                if (apiTransferToken == null) {
                        throw new FatalErrorException(new ErrorMessage("errors.transfertoken.NullInput"));
                }

                KeyBag keyBag = body.getKeyBag();
                if (keyBag == null) {
                        throw new FatalErrorException(new ErrorMessage("errors.keybag.NullInput"));
                }

                List<String> apiKeyList = keyBag.getKey();
                if (apiKeyList == null || apiKeyList.size() == 0) {
                        throw new ValueNotAllowedException(new ErrorMessage("errors.keybag.NoInput"));
                }

                String transferTokenId = null;
                try{
                    transferTokenId = new String(apiTransferToken.getOpaqueToken(), UTF8);
                } catch (UnsupportedEncodingException ex) {
                    throw new InvalidValueException(new ErrorMessage("errors.stringEncoding"));
                }
                if (nodeID.equals(apiTransferToken.getNodeID())) {
                        validateTransferLocalEntities(em, transferTokenId, apiKeyList);
                } else {
                        return false;
                }
                return ret;
        }
}