Search in sources :

Example 76 with ApiPolicy

use of org.wso2.carbon.apimgt.keymgt.model.entity.ApiPolicy in project carbon-apimgt by wso2.

the class ThrottlePolicyTemplateBuilder method getThrottlePolicyForAPILevel.

/**
 * Generate policy for API level throttling
 *
 * @param policy Policy with level 'api'. Policy can have multiple pipelines and a default condition which will be
 *               used as else condition
 * @return a Map containing a set of policies for each condition group
 * @throws APITemplateException if failed to generate policy
 */
public Map<String, String> getThrottlePolicyForAPILevel(ApiPolicy policy) throws APITemplateException {
    if (log.isDebugEnabled()) {
        log.debug("Generating policy for API Level :" + policy.toString());
    }
    Map<String, String> policyArray = new HashMap<>();
    try {
        VelocityEngine velocityengine = new VelocityEngine();
        APIUtil.initializeVelocityContext(velocityengine);
        velocityengine.setProperty(RuntimeConstants.FILE_RESOURCE_LOADER_PATH, CarbonUtils.getCarbonHome());
        velocityengine.init();
        Template template = velocityengine.getTemplate(getTemplatePathForAPI());
        StringWriter writer;
        VelocityContext context;
        if (policy.getConditionGroups() != null) {
            for (APIPolicyConditionGroup conditionGroup : policy.getConditionGroups()) {
                if (conditionGroup.getDefaultLimit() == null) {
                    continue;
                }
                context = new VelocityContext();
                setConstantContext(context);
                context.put("policy", policy);
                context.put("quotaPolicy", conditionGroup.getDefaultLimit());
                context.put("pipeline", "condition_" + conditionGroup.getConditionGroupId());
                String conditionString = getPolicyCondition(conditionGroup.getCondition());
                JSONArray conditions = new JSONArray();
                conditions.add(getPolicyConditionJson(conditionGroup.getCondition()));
                context.put("condition", " AND " + conditionString);
                context.put("evaluatedConditions", new String(Base64.encodeBase64(conditions.toJSONString().getBytes(StandardCharsets.UTF_8)), StandardCharsets.UTF_8));
                writer = new StringWriter();
                template.merge(context, writer);
                if (log.isDebugEnabled()) {
                    log.debug("Policy : " + writer.toString());
                }
                String policyName = policy.getTenantDomain() + APIConstants.DELEM_UNDERSCORE + PolicyConstants.POLICY_LEVEL_RESOURCE + APIConstants.DELEM_UNDERSCORE + policy.getName() + APIConstants.THROTTLE_POLICY_CONDITION + conditionGroup.getConditionGroupId();
                policyArray.put(policyName, writer.toString());
            }
        }
    } catch (VelocityException e) {
        log.error("Velocity Error", e);
        throw new APITemplateException("Velocity Error", e);
    }
    return policyArray;
}
Also used : VelocityEngine(org.apache.velocity.app.VelocityEngine) APIPolicyConditionGroup(org.wso2.carbon.apimgt.throttle.policy.deployer.dto.APIPolicyConditionGroup) StringWriter(java.io.StringWriter) HashMap(java.util.HashMap) VelocityContext(org.apache.velocity.VelocityContext) JSONArray(org.json.simple.JSONArray) VelocityException(org.apache.velocity.exception.VelocityException) APITemplateException(org.wso2.carbon.apimgt.impl.template.APITemplateException) Template(org.apache.velocity.Template)

Example 77 with ApiPolicy

use of org.wso2.carbon.apimgt.keymgt.model.entity.ApiPolicy in project carbon-apimgt by wso2.

the class PolicyRetriever method getApiPolicy.

/**
 * Get a API policy given the name.
 *
 * @param policyName   policy name
 * @param tenantDomain tenant domain
 * @return API policy
 * @throws ThrottlePolicyDeployerException if failure occurs
 */
public ApiPolicy getApiPolicy(String policyName, String tenantDomain) throws ThrottlePolicyDeployerException {
    String path = APIConstants.SubscriptionValidationResources.API_POLICIES + "?policyName=" + policyName;
    ApiPolicyList apiPolicyList = getPolicies(path, tenantDomain, ApiPolicyList.class);
    if (apiPolicyList.getList() != null && !apiPolicyList.getList().isEmpty()) {
        return apiPolicyList.getList().get(0);
    }
    return null;
}
Also used : ApiPolicyList(org.wso2.carbon.apimgt.throttle.policy.deployer.dto.ApiPolicyList)

Example 78 with ApiPolicy

use of org.wso2.carbon.apimgt.keymgt.model.entity.ApiPolicy in project carbon-apimgt by wso2.

the class PublisherCommonUtils method prepareToCreateAPIByDTO.

/**
 * Prepares the API Model object to be created using the DTO object.
 *
 * @param body        APIDTO of the API
 * @param apiProvider API Provider
 * @param username    Username
 * @param organization  Organization Identifier
 * @return API object to be created
 * @throws APIManagementException Error while creating the API
 */
public static API prepareToCreateAPIByDTO(APIDTO body, APIProvider apiProvider, String username, String organization) throws APIManagementException {
    String context = body.getContext();
    // Make sure context starts with "/". ex: /pizza
    context = context.startsWith("/") ? context : ("/" + context);
    if (body.getAccessControlRoles() != null) {
        String errorMessage = PublisherCommonUtils.validateUserRoles(body.getAccessControlRoles());
        if (!errorMessage.isEmpty()) {
            throw new APIManagementException(errorMessage, ExceptionCodes.INVALID_USER_ROLES);
        }
    }
    if (body.getAdditionalProperties() != null) {
        String errorMessage = PublisherCommonUtils.validateAdditionalProperties(body.getAdditionalProperties());
        if (!errorMessage.isEmpty()) {
            throw new APIManagementException(errorMessage, ExceptionCodes.from(ExceptionCodes.INVALID_ADDITIONAL_PROPERTIES, body.getName(), body.getVersion()));
        }
    }
    if (body.getContext() == null) {
        throw new APIManagementException("Parameter: \"context\" cannot be null", ExceptionCodes.PARAMETER_NOT_PROVIDED);
    } else if (body.getContext().endsWith("/")) {
        throw new APIManagementException("Context cannot end with '/' character", ExceptionCodes.INVALID_CONTEXT);
    }
    if (apiProvider.isApiNameWithDifferentCaseExist(body.getName())) {
        throw new APIManagementException("Error occurred while adding API. API with name " + body.getName() + " already exists.", ExceptionCodes.from(ExceptionCodes.API_NAME_ALREADY_EXISTS, body.getName()));
    }
    if (body.getAuthorizationHeader() == null) {
        body.setAuthorizationHeader(APIUtil.getOAuthConfigurationFromAPIMConfig(APIConstants.AUTHORIZATION_HEADER));
    }
    if (body.getAuthorizationHeader() == null) {
        body.setAuthorizationHeader(APIConstants.AUTHORIZATION_HEADER_DEFAULT);
    }
    if (body.getVisibility() == APIDTO.VisibilityEnum.RESTRICTED && body.getVisibleRoles().isEmpty()) {
        throw new APIManagementException("Valid roles should be added under 'visibleRoles' to restrict " + "the visibility", ExceptionCodes.USER_ROLES_CANNOT_BE_NULL);
    }
    if (body.getVisibleRoles() != null) {
        String errorMessage = PublisherCommonUtils.validateRoles(body.getVisibleRoles());
        if (!errorMessage.isEmpty()) {
            throw new APIManagementException(errorMessage, ExceptionCodes.INVALID_USER_ROLES);
        }
    }
    // Get all existing versions of  api been adding
    List<String> apiVersions = apiProvider.getApiVersionsMatchingApiNameAndOrganization(body.getName(), username, organization);
    if (apiVersions.size() > 0) {
        // If any previous version exists
        for (String version : apiVersions) {
            if (version.equalsIgnoreCase(body.getVersion())) {
                // If version already exists
                if (apiProvider.isDuplicateContextTemplateMatchingOrganization(context, organization)) {
                    throw new APIManagementException("Error occurred while " + "adding the API. A duplicate API already exists for " + context + " in the organization : " + organization, ExceptionCodes.API_ALREADY_EXISTS);
                } else {
                    throw new APIManagementException("Error occurred while adding API. API with name " + body.getName() + " already exists with different context" + context + " in the organization" + " : " + organization, ExceptionCodes.API_ALREADY_EXISTS);
                }
            }
        }
    } else {
        // If no any previous version exists
        if (apiProvider.isDuplicateContextTemplateMatchingOrganization(context, organization)) {
            throw new APIManagementException("Error occurred while adding the API. A duplicate API context already exists for " + context + " in the organization" + " : " + organization, ExceptionCodes.from(ExceptionCodes.API_CONTEXT_ALREADY_EXISTS, context));
        }
    }
    // Check if the user has admin permission before applying a different provider than the current user
    String provider = body.getProvider();
    if (!StringUtils.isBlank(provider) && !provider.equals(username)) {
        if (!APIUtil.hasPermission(username, APIConstants.Permissions.APIM_ADMIN)) {
            if (log.isDebugEnabled()) {
                log.debug("User " + username + " does not have admin permission (" + APIConstants.Permissions.APIM_ADMIN + ") hence provider (" + provider + ") overridden with current user (" + username + ")");
            }
            provider = username;
        } else {
            if (!APIUtil.isUserExist(provider)) {
                throw new APIManagementException("Specified provider " + provider + " not exist.", ExceptionCodes.PARAMETER_NOT_PROVIDED);
            }
        }
    } else {
        // Set username in case provider is null or empty
        provider = username;
    }
    List<String> tiersFromDTO = body.getPolicies();
    // check whether the added API's tiers are all valid
    Set<Tier> definedTiers = apiProvider.getTiers();
    List<String> invalidTiers = getInvalidTierNames(definedTiers, tiersFromDTO);
    if (invalidTiers.size() > 0) {
        throw new APIManagementException("Specified tier(s) " + Arrays.toString(invalidTiers.toArray()) + " are invalid", ExceptionCodes.TIER_NAME_INVALID);
    }
    APIPolicy apiPolicy = apiProvider.getAPIPolicy(username, body.getApiThrottlingPolicy());
    if (apiPolicy == null && body.getApiThrottlingPolicy() != null) {
        throw new APIManagementException("Specified policy " + body.getApiThrottlingPolicy() + " is invalid", ExceptionCodes.UNSUPPORTED_THROTTLE_LIMIT_TYPE);
    }
    API apiToAdd = APIMappingUtil.fromDTOtoAPI(body, provider);
    // only allow CREATED as the stating state for the new api if not status is PROTOTYPED
    if (!APIConstants.PROTOTYPED.equals(apiToAdd.getStatus())) {
        apiToAdd.setStatus(APIConstants.CREATED);
    }
    if (!apiToAdd.isAdvertiseOnly() || StringUtils.isBlank(apiToAdd.getApiOwner())) {
        // we are setting the api owner as the logged in user until we support checking admin privileges and
        // assigning the owner as a different user
        apiToAdd.setApiOwner(provider);
    }
    if (body.getKeyManagers() instanceof List) {
        apiToAdd.setKeyManagers((List<String>) body.getKeyManagers());
    } else if (body.getKeyManagers() == null) {
        apiToAdd.setKeyManagers(Collections.singletonList(APIConstants.KeyManager.API_LEVEL_ALL_KEY_MANAGERS));
    } else {
        throw new APIManagementException("KeyManagers value need to be an array");
    }
    // Set default gatewayVendor
    if (body.getGatewayVendor() == null) {
        apiToAdd.setGatewayVendor(APIConstants.WSO2_GATEWAY_ENVIRONMENT);
    }
    apiToAdd.setOrganization(organization);
    return apiToAdd;
}
Also used : APIManagementException(org.wso2.carbon.apimgt.api.APIManagementException) Tier(org.wso2.carbon.apimgt.api.model.Tier) API(org.wso2.carbon.apimgt.api.model.API) List(java.util.List) ArrayList(java.util.ArrayList) APIPolicy(org.wso2.carbon.apimgt.api.model.policy.APIPolicy)

Example 79 with ApiPolicy

use of org.wso2.carbon.apimgt.keymgt.model.entity.ApiPolicy in project carbon-apimgt by wso2.

the class PolicyUtil method deployPolicy.

/**
 * Deploy the given throttle policy in the Traffic Manager.
 *
 * @param policy      policy object
 * @param policyEvent policy event object which was triggered
 */
public static void deployPolicy(Policy policy, PolicyEvent policyEvent) {
    EventProcessorService eventProcessorService = ServiceReferenceHolder.getInstance().getEventProcessorService();
    ThrottlePolicyTemplateBuilder policyTemplateBuilder = new ThrottlePolicyTemplateBuilder();
    Map<String, String> policiesToDeploy = new HashMap<>();
    List<String> policiesToUndeploy = new ArrayList<>();
    try {
        PrivilegedCarbonContext.startTenantFlow();
        PrivilegedCarbonContext.getThreadLocalCarbonContext().setTenantDomain(APIConstants.SUPER_TENANT_DOMAIN, true);
        String policyFile;
        String policyString;
        if (Policy.PolicyType.SUBSCRIPTION.equals(policy.getType()) && policy instanceof SubscriptionPolicy) {
            // Add Subscription policy
            policyFile = String.join(APIConstants.DELEM_UNDERSCORE, policy.getTenantDomain(), PolicyConstants.POLICY_LEVEL_SUB, policy.getName());
            policyString = policyTemplateBuilder.getThrottlePolicyForSubscriptionLevel((SubscriptionPolicy) policy);
            policiesToDeploy.put(policyFile, policyString);
        } else if (Policy.PolicyType.APPLICATION.equals(policy.getType()) && policy instanceof ApplicationPolicy) {
            // Add Application policy
            policyFile = String.join(APIConstants.DELEM_UNDERSCORE, policy.getTenantDomain(), PolicyConstants.POLICY_LEVEL_APP, policy.getName());
            policyString = policyTemplateBuilder.getThrottlePolicyForAppLevel((ApplicationPolicy) policy);
            policiesToDeploy.put(policyFile, policyString);
        } else if (Policy.PolicyType.API.equals(policy.getType()) && policy instanceof ApiPolicy) {
            // Add API policy
            policiesToDeploy = policyTemplateBuilder.getThrottlePolicyForAPILevel((ApiPolicy) policy);
            String defaultPolicy = policyTemplateBuilder.getThrottlePolicyForAPILevelDefault((ApiPolicy) policy);
            policyFile = String.join(APIConstants.DELEM_UNDERSCORE, policy.getTenantDomain(), PolicyConstants.POLICY_LEVEL_RESOURCE, policy.getName());
            String defaultPolicyName = policyFile + APIConstants.THROTTLE_POLICY_DEFAULT;
            policiesToDeploy.put(defaultPolicyName, defaultPolicy);
            if (policyEvent instanceof APIPolicyEvent) {
                List<Integer> deletedConditionGroupIds = ((APIPolicyEvent) policyEvent).getDeletedConditionGroupIds();
                // Undeploy removed condition groups
                if (deletedConditionGroupIds != null) {
                    for (int conditionGroupId : deletedConditionGroupIds) {
                        policiesToUndeploy.add(policyFile + APIConstants.THROTTLE_POLICY_CONDITION + conditionGroupId);
                    }
                }
            }
        } else if (Policy.PolicyType.GLOBAL.equals(policy.getType()) && policy instanceof GlobalPolicy) {
            // Add Global policy
            GlobalPolicy globalPolicy = (GlobalPolicy) policy;
            policyFile = String.join(APIConstants.DELEM_UNDERSCORE, PolicyConstants.POLICY_LEVEL_GLOBAL, policy.getName());
            policyString = policyTemplateBuilder.getThrottlePolicyForGlobalLevel(globalPolicy);
            policiesToDeploy.put(policyFile, policyString);
        }
        // Undeploy removed policies
        undeployPolicies(policiesToUndeploy);
        for (Map.Entry<String, String> pair : policiesToDeploy.entrySet()) {
            String policyPlanName = pair.getKey();
            String flowString = pair.getValue();
            String executionPlan = null;
            try {
                executionPlan = eventProcessorService.getActiveExecutionPlan(policyPlanName);
            } catch (ExecutionPlanConfigurationException e) {
                // Deploy new policies
                eventProcessorService.deployExecutionPlan(flowString);
            }
            if (executionPlan != null) {
                // Update existing policies
                eventProcessorService.editActiveExecutionPlan(flowString, policyPlanName);
            }
        }
    } catch (APITemplateException e) {
        log.error("Error in creating execution plan", e);
    } catch (ExecutionPlanConfigurationException | ExecutionPlanDependencyValidationException e) {
        log.error("Error in deploying execution plan", e);
    } finally {
        PrivilegedCarbonContext.endTenantFlow();
    }
}
Also used : HashMap(java.util.HashMap) GlobalPolicy(org.wso2.carbon.apimgt.throttle.policy.deployer.dto.GlobalPolicy) ArrayList(java.util.ArrayList) ApiPolicy(org.wso2.carbon.apimgt.throttle.policy.deployer.dto.ApiPolicy) ExecutionPlanConfigurationException(org.wso2.carbon.event.processor.core.exception.ExecutionPlanConfigurationException) EventProcessorService(org.wso2.carbon.event.processor.core.EventProcessorService) ExecutionPlanDependencyValidationException(org.wso2.carbon.event.processor.core.exception.ExecutionPlanDependencyValidationException) SubscriptionPolicy(org.wso2.carbon.apimgt.throttle.policy.deployer.dto.SubscriptionPolicy) APIPolicyEvent(org.wso2.carbon.apimgt.impl.notifier.events.APIPolicyEvent) ApplicationPolicy(org.wso2.carbon.apimgt.throttle.policy.deployer.dto.ApplicationPolicy) APITemplateException(org.wso2.carbon.apimgt.impl.template.APITemplateException) HashMap(java.util.HashMap) Map(java.util.Map)

Example 80 with ApiPolicy

use of org.wso2.carbon.apimgt.keymgt.model.entity.ApiPolicy in project carbon-apimgt by wso2.

the class PolicyUtilTest method testUpdatePolicy_APIType.

@Test
public void testUpdatePolicy_APIType() throws ExecutionPlanConfigurationException, ExecutionPlanDependencyValidationException {
    ApiPolicy policy = TestUtil.getPolicyAPILevel();
    List<Integer> deletedConditionGroupIds = new ArrayList<>();
    deletedConditionGroupIds.add(5);
    deletedConditionGroupIds.add(6);
    APIPolicyEvent policyEvent = new APIPolicyEvent(UUID.randomUUID().toString(), System.currentTimeMillis(), APIConstants.EventType.POLICY_UPDATE.name(), -1234, policy.getTenantDomain(), policy.getId(), policy.getName(), policy.getDefaultLimit().getQuotaType(), null, deletedConditionGroupIds);
    ExecutionPlanConfigurationException executionPlanConfigurationException = Mockito.mock(ExecutionPlanConfigurationException.class);
    Mockito.when(eventProcessorService.getActiveExecutionPlan(policy.getTenantDomain() + "_" + PolicyConstants.POLICY_LEVEL_RESOURCE + "_" + policy.getName() + "_condition_1")).thenThrow(executionPlanConfigurationException);
    Mockito.when(eventProcessorService.getActiveExecutionPlan(policy.getTenantDomain() + "_" + PolicyConstants.POLICY_LEVEL_RESOURCE + "_" + policy.getName() + "_condition_5")).thenReturn("EXECUTION_PLAN");
    Mockito.when(eventProcessorService.getActiveExecutionPlan(policy.getTenantDomain() + "_" + PolicyConstants.POLICY_LEVEL_RESOURCE + "_" + policy.getName() + "_condition_6")).thenReturn("EXECUTION_PLAN");
    Mockito.when(eventProcessorService.getActiveExecutionPlan(policy.getTenantDomain() + "_" + PolicyConstants.POLICY_LEVEL_RESOURCE + "_" + policy.getName() + "_default")).thenReturn("EXECUTION_PLAN");
    PolicyUtil.deployPolicy(policy, policyEvent);
    Mockito.verify(eventProcessorService, Mockito.times(2)).undeployActiveExecutionPlan(Mockito.anyString());
    Mockito.verify(eventProcessorService, Mockito.times(1)).editActiveExecutionPlan(Mockito.anyString(), Mockito.anyString());
    Mockito.verify(eventProcessorService, Mockito.times(1)).deployExecutionPlan(Mockito.anyString());
}
Also used : APIPolicyEvent(org.wso2.carbon.apimgt.impl.notifier.events.APIPolicyEvent) ApiPolicy(org.wso2.carbon.apimgt.throttle.policy.deployer.dto.ApiPolicy) ArrayList(java.util.ArrayList) ExecutionPlanConfigurationException(org.wso2.carbon.event.processor.core.exception.ExecutionPlanConfigurationException) PrepareForTest(org.powermock.core.classloader.annotations.PrepareForTest) Test(org.junit.Test)

Aggregations

APIPolicy (org.wso2.carbon.apimgt.core.models.policy.APIPolicy)87 Test (org.testng.annotations.Test)44 SubscriptionPolicy (org.wso2.carbon.apimgt.core.models.policy.SubscriptionPolicy)40 PolicyDAO (org.wso2.carbon.apimgt.core.dao.PolicyDAO)39 ArrayList (java.util.ArrayList)38 API (org.wso2.carbon.apimgt.core.models.API)33 APIPolicy (org.wso2.carbon.apimgt.api.model.policy.APIPolicy)30 APIGateway (org.wso2.carbon.apimgt.core.api.APIGateway)27 HashMap (java.util.HashMap)25 APILifecycleManager (org.wso2.carbon.apimgt.core.api.APILifecycleManager)22 GatewaySourceGenerator (org.wso2.carbon.apimgt.core.api.GatewaySourceGenerator)22 ApiDAO (org.wso2.carbon.apimgt.core.dao.ApiDAO)22 APIBuilder (org.wso2.carbon.apimgt.core.models.API.APIBuilder)21 Policy (org.wso2.carbon.apimgt.core.models.policy.Policy)20 HashSet (java.util.HashSet)19 Test (org.junit.Test)19 QuotaPolicy (org.wso2.carbon.apimgt.core.models.policy.QuotaPolicy)19 ApplicationPolicy (org.wso2.carbon.apimgt.core.models.policy.ApplicationPolicy)18 PrepareForTest (org.powermock.core.classloader.annotations.PrepareForTest)17 PreparedStatement (java.sql.PreparedStatement)15