Summary Table

Categories Total Count
PII 0
URL 0
DNS 0
EKL 0
IP 0
PORT 0
VsID 0
CF 0
AI 0
VPD 0
PL 0
Other 0

File Content

package gov.va.oneconsult.seoc.api.filter;

import java.io.IOException;
import java.util.HashMap;
import java.util.Map;
import java.util.Map.Entry;

import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.core.annotation.Order;
import org.springframework.stereotype.Component;

import com.fasterxml.jackson.core.Version;
import com.fasterxml.jackson.databind.ObjectMapper;
import com.fasterxml.jackson.databind.module.SimpleModule;

import gov.va.oneconsult.seoc.api.exceptions.BusinessException;
import gov.va.oneconsult.seoc.api.json.SeocGenericResponse;
import gov.va.oneconsult.seoc.api.serializer.StringSerializer;
import gov.va.oneconsult.seoc.api.service.GenericService;
import gov.va.oneconsult.seoc.api.util.Constants;

@Component
@Order(2)
public class MaintenanceFilter implements Filter
{
@Autowired
GenericService genericService;

private static final Logger logger = LoggerFactory.getLogger(MaintenanceFilter.class);

private static ObjectMapper mapper = new ObjectMapper();
private static SimpleModule module = new SimpleModule("Serializer",
new Version(1, 0, 0, null, null, null));

static
{
module.addSerializer((Class<String>) String.class, new StringSerializer());
mapper.registerModule(module);
}

@Override
public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain)
throws BusinessException, IOException, ServletException
{
logger.info(
"Maintenance filter check to determine allowed urls based on the maintenance mode of the application.");

String initialUrl = ((HttpServletRequest) request).getRequestURI();
String method = ((HttpServletRequest) request).getMethod();
String url = initialUrl;
Map<String, String> urlsToScan = new HashMap<String, String>();
//Get if the system is in maintenance
String inMaintBy = genericService.getMaintenanceBy();

//In maintenance will fetch URLs not allowed during maintenance
if (inMaintBy != null && !inMaintBy.isEmpty())
{
urlsToScan = Constants.urlsNotAllowedInMaintenance;
} else //Not in maintenance will fetch URLs allowed during maintenance
{
urlsToScan = Constants.urlsAllowedInMaintenance;
}

//Check only for SEOC operations. Clean up the url to find the actual operation of the url.
if (url != null && url.contains(Constants.ROOT_SEOC_V1))
{
if (url.startsWith("/"))
{
url = url.substring(1);
}
if (url.equalsIgnoreCase(Constants.ROOT_SEOC_V1)
|| url.equalsIgnoreCase(Constants.ROOT_SEOC_V1 + "/"))
{
url = Constants.ROOT_SEOC_V1;
} else
{
url = url.replace(Constants.ROOT_SEOC_V1, "");
if (url.startsWith("/"))
{
url = url.substring(1);
if (url.indexOf("/") != -1)
{
url = url.substring(0, url.indexOf("/"));
}
}
}

for (Entry<String, String> urlEntry : urlsToScan.entrySet())
{
//If operation found in url and method type match. Block the url and sendError PRECONDITION_FAILED.
if (url.equalsIgnoreCase(urlEntry.getKey())
&& urlEntry.getValue().equalsIgnoreCase(method))
{
SeocGenericResponse seocResponse = new SeocGenericResponse();
seocResponse.setInMaintenanceBy(inMaintBy);
String result = mapper.writeValueAsString(seocResponse);
logger.info("UrlInCheckList: " + urlEntry.getKey() + "-" + urlEntry.getValue()
+ " Url Blocked: " + initialUrl + "- Response: " + result);

((HttpServletResponse) response).sendError(412, result);
return;
}
}

}
//If url is not blocked continue the filter chain
chain.doFilter(request, response);
}

@Override
public void init(FilterConfig filterConfig) throws ServletException
{
logger.info("Initializing Maintenance Filter :{}", this);

}

@Override
public void destroy()
{
logger.warn("Destructing Maintenance Filter :{}", this);

}

}