ValidateCustodyTransfer.java
/*
* Copyright 2001-2008 The Apache Software Foundation.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*
*/
package org.apache.juddi.validation;
import java.io.UnsupportedEncodingException;
import java.util.ArrayList;
import java.util.Collections;
import java.util.Date;
import java.util.List;
import java.util.Vector;
import javax.persistence.EntityManager;
import javax.persistence.Query;
import static org.apache.juddi.api.impl.AuthenticatedService.UTF8;
import org.apache.juddi.model.TransferTokenKey;
import org.apache.juddi.model.UddiEntity;
import org.apache.juddi.model.UddiEntityPublisher;
import org.apache.juddi.query.util.DynamicQuery;
import org.apache.juddi.v3.error.ErrorMessage;
import org.apache.juddi.v3.error.FatalErrorException;
import org.apache.juddi.v3.error.InvalidKeyPassedException;
import org.apache.juddi.v3.error.InvalidValueException;
import org.apache.juddi.v3.error.TokenAlreadyExistsException;
import org.apache.juddi.v3.error.TransferNotAllowedException;
import org.apache.juddi.v3.error.UserMismatchException;
import org.apache.juddi.v3.error.ValueNotAllowedException;
import org.uddi.custody_v3.DiscardTransferToken;
import org.uddi.custody_v3.KeyBag;
import org.uddi.custody_v3.TransferEntities;
import org.uddi.v3_service.DispositionReportFaultMessage;
/**
* @author <a href="mailto:jfaath@apache.org">Jeff Faath</a>
*/
public class ValidateCustodyTransfer extends ValidateUDDIApi {
public ValidateCustodyTransfer(UddiEntityPublisher publisher) {
super(publisher);
}
public void validateDiscardTransferToken(EntityManager em, DiscardTransferToken body) throws DispositionReportFaultMessage {
// No null input
if (body == null) {
throw new FatalErrorException(new ErrorMessage("errors.NullInput"));
}
KeyBag keyBag = body.getKeyBag();
// The call must contain at least a transfer token or keyBag
if (body.getTransferToken() == null && keyBag == null) {
throw new FatalErrorException(new ErrorMessage("errors.discardtransfertoken.NoInput"));
}
if (keyBag != null) {
List<String> keyList = keyBag.getKey();
if (keyList == null || keyList.size() == 0) {
throw new ValueNotAllowedException(new ErrorMessage("errors.keybag.NoInput"));
}
// Test that publisher owns keys using operational info.
int i = 0;
for (String key : keyList) {
// Per section 4.4: keys must be case-folded
key = key.toLowerCase();
keyList.set(i, key);
UddiEntity uddiEntity = em.find(UddiEntity.class, key);
// According to spec, it's ok if a key doesn't match any known entities, it will just be ignored. However, the publisher must own
// the entity in order to discard the associated token.
if (uddiEntity != null) {
if (!publisher.isOwner(uddiEntity)) {
throw new UserMismatchException(new ErrorMessage("errors.usermismatch.InvalidOwner", key));
}
}
i++;
}
}
}
public void validateGetTransferToken(EntityManager em, KeyBag keyBag) throws DispositionReportFaultMessage {
// No null input
if (keyBag == null) {
throw new FatalErrorException(new ErrorMessage("errors.NullInput"));
}
List<String> keyList = keyBag.getKey();
if (keyList == null || keyList.size() == 0) {
throw new ValueNotAllowedException(new ErrorMessage("errors.keybag.NoInput"));
}
// Test that publisher owns keys using operational info.
Vector<DynamicQuery.Parameter> params = new Vector<DynamicQuery.Parameter>(0);
int i = 0;
for (String key : keyList) {
// Per section 4.4: keys must be case-folded
key = key.toLowerCase();
keyList.set(i, key);
UddiEntity uddiEntity = em.find(UddiEntity.class, key);
if (uddiEntity == null) {
throw new InvalidKeyPassedException(new ErrorMessage("errors.invalidkey.EntityNotFound", key));
}
// Only BusinessEntities or TModels are allowed to be transferred
if (!(uddiEntity instanceof org.apache.juddi.model.BusinessEntity)
&& !(uddiEntity instanceof org.apache.juddi.model.Tmodel)) {
throw new InvalidKeyPassedException(new ErrorMessage("errors.gettransfertoken.InvalidEntity", key));
}
if (!publisher.isOwner(uddiEntity)) {
throw new UserMismatchException(new ErrorMessage("errors.usermismatch.InvalidOwner", key));
}
// Creating parameters for key-checking query
DynamicQuery.Parameter param = new DynamicQuery.Parameter("UPPER(ttk.entityKey)",
key.toUpperCase(),
DynamicQuery.PREDICATE_EQUALS);
params.add(param);
}
// Make sure keys aren't implicated in another transfer request
DynamicQuery checkKeysQry = new DynamicQuery();
checkKeysQry.append("select ttk.entityKey from TransferTokenKey ttk ");
checkKeysQry.WHERE().pad().appendGroupedOr(params.toArray(new DynamicQuery.Parameter[0]));
Query qry = checkKeysQry.buildJPAQuery(em);
List<?> obj = qry.getResultList();
if (obj != null && obj.size() > 0) {
throw new TokenAlreadyExistsException(new ErrorMessage("errors.gettransfertoken.KeyExists", (String) obj.get(0)));
}
}
public void validateTransferLocalEntities(EntityManager em, String transferTokenId, List<String> apiKeyList) throws DispositionReportFaultMessage {
org.apache.juddi.model.TransferToken modelTransferToken = em.find(org.apache.juddi.model.TransferToken.class, transferTokenId);
//JUDDI-272 only block transfer if the destination is not the originator of the token
if (modelTransferToken == null) {
throw new TransferNotAllowedException(new ErrorMessage("errors.transferentities.TokenNotFound", transferTokenId));
}
Date now = new Date();
if (now.after(modelTransferToken.getExpirationDate())) {
throw new TransferNotAllowedException(new ErrorMessage("errors.transferentities.TokenExpired", transferTokenId));
}
List<TransferTokenKey> transferKeyList = modelTransferToken.getTransferKeys();
List<String> modelKeyList = new ArrayList<String>(0);
if (transferKeyList != null && transferKeyList.size() > 0) {
for (TransferTokenKey ttk : transferKeyList) {
modelKeyList.add(ttk.getEntityKey());
}
}
// The keys in the supplied key bag must match exactly the keys in the stored transfer and the entities must exist
Collections.sort(apiKeyList);
Collections.sort(modelKeyList);
int count = 0;
if (modelKeyList.size() != apiKeyList.size()) {
throw new TransferNotAllowedException(new ErrorMessage("errors.transferentities.KeySizeMismatch"));
}
for (String key : apiKeyList) {
// Per section 4.4: keys must be case-folded
key = key.toLowerCase();
apiKeyList.set(count, key);
if (!key.equalsIgnoreCase(modelKeyList.get(count))) {
throw new TransferNotAllowedException(new ErrorMessage("errors.transferentities.KeyMismatch", key + " & " + modelKeyList.get(count)));
}
UddiEntity uddiEntity = em.find(UddiEntity.class, key);
if (uddiEntity == null) {
throw new InvalidKeyPassedException(new ErrorMessage("errors.invalidkey.EntityNotFound", key));
}
count++;
}
}
/**
* returns true if all items to be transfered are within this node (no
* node to node transfers) false for transfer between nodes
*
* @param em
* @param body
* @return
* @throws DispositionReportFaultMessage
*/
public boolean validateTransferEntities(EntityManager em, TransferEntities body) throws DispositionReportFaultMessage {
boolean ret = true;
// No null input
if (body == null) {
throw new FatalErrorException(new ErrorMessage("errors.NullInput"));
}
org.uddi.custody_v3.TransferToken apiTransferToken = body.getTransferToken();
if (apiTransferToken == null) {
throw new FatalErrorException(new ErrorMessage("errors.transfertoken.NullInput"));
}
KeyBag keyBag = body.getKeyBag();
if (keyBag == null) {
throw new FatalErrorException(new ErrorMessage("errors.keybag.NullInput"));
}
List<String> apiKeyList = keyBag.getKey();
if (apiKeyList == null || apiKeyList.size() == 0) {
throw new ValueNotAllowedException(new ErrorMessage("errors.keybag.NoInput"));
}
String transferTokenId = null;
try{
transferTokenId = new String(apiTransferToken.getOpaqueToken(), UTF8);
} catch (UnsupportedEncodingException ex) {
throw new InvalidValueException(new ErrorMessage("errors.stringEncoding"));
}
if (nodeID.equals(apiTransferToken.getNodeID())) {
validateTransferLocalEntities(em, transferTokenId, apiKeyList);
} else {
return false;
}
return ret;
}
}