Merge branch 'item_6165_manifest_digest_validation' into 'develop'

Item 6165 : Add optional manifest digest validation See merge request vitam/vitam!7454 (cherry picked from commit f5a372e) 0232ce5a Item 6165 : Add optional manifest digest validation d3a1bd7b Item 6165 : Minor fixes
ProgrammeVitam · Feb 28, 2020 · d91f944 · d91f944
1 parent 87d9307
commit d91f944
Show file tree

Hide file tree

Showing 20 changed files with 725 additions and 79 deletions.
diff --git a/doc/fr/rest/externe/ingest.raml b/doc/fr/rest/externe/ingest.raml
@@ -58,6 +58,15 @@ documentation:
         description: |
             Il indique le workflow à exécuter DEFAULT_WORKFLOW pour lancer le workflow INGEST (avec toutes les étapes) ou BLANK_TEST pour lancer le workflow INGEST-TEST (test à blanc sans les étapes de stockage d'objets et d'indéxation des UA et des GOT) ou encore FILING_SCHEME pour les plans de classements et enfin HOLDING_SCHEME pour les arbres de positionnement
         enum: [ "DEFAULT_WORKFLOW", "BLANK_TEST", "FILING_SCHEME", "HOLDING_SCHEME" ]
+      X-Manifest-Digest-Value:
+        required: false
+        description: |
+            Il indique, si présent, la valeur de l'empreinte attendue du manifest du versement en cours (ex. 3112e4f4f66c70f0565b95ea270c7488f074ace3ab28f74feaa975751b424619ff429490416f1c4b630361ab16f0bb5f16d92f5a867e6f94c886464e95f82ca5). Doit être spécifié en même temps que l'entête X-Manifest-Digest-Algo
+      X-Manifest-Digest-Algo:
+        required: false
+        description: |
+            Il indique, si présent, l'algorithme de l'empreinte du manifest du versement en cours. Doit être spécifié en même temps que l'entête X-Manifest-Digest-Value
+        enum: [ "SHA-512", "SHA-384", "SHA-256" ]
 
   /{operationId}/{type}:
       displayName: IngestsType

diff --git a/sources/common/common-public/src/main/java/fr/gouv/vitam/common/GlobalDataRest.java b/sources/common/common-public/src/main/java/fr/gouv/vitam/common/GlobalDataRest.java
@@ -261,6 +261,18 @@ public class GlobalDataRest {
      */
     public static final String X_CHUNK_MAX_SIZE = "X-Vitam-Chunk-Max-Size";
 
+    /**
+     * Optional. Expected digest value of the manifest file within the SIP archive.
+     * If provided, manifest digest algorithm must be specified also.
+     */
+    public static final String X_MANIFEST_DIGEST_VALUE = "X-Manifest-Digest-Value";
+
+    /**
+     * Optional. Expected digest algorithm of the manifest file within the SIP archive.
+     * If provided, manifest digest value must be specified also.
+     */
+    public static final String X_MANIFEST_DIGEST_ALGORITHM = "X-Manifest-Digest-Algo";
+
     private GlobalDataRest() {
         // empty
     }

diff --git a/sources/common/common-public/src/main/resources/vitam-logbook-messages_fr.properties b/sources/common/common-public/src/main/resources/vitam-logbook-messages_fr.properties
@@ -794,6 +794,14 @@ MANIFEST_FILE_NAME_CHECK.KO=Échec du contrôle du nom du bordereau de transfert
 MANIFEST_FILE_NAME_CHECK.FATAL=Erreur technique lors du contrôle du nom du bordereau de transfert
 MANIFEST_FILE_NAME_CHECK.WARNING=Avertissement lors du contrôle du nom du bordereau de transfert
 
+MANIFEST_DIGEST_CHECK=Contrôle de l''empreinte du bordereau de transfert
+MANIFEST_DIGEST_CHECK.STARTED=Début du contrôle de l''empreinte du bordereau de transfert
+MANIFEST_DIGEST_CHECK.STARTED.OK=Succès du début du contrôle de l''empreinte du bordereau de transfert
+MANIFEST_DIGEST_CHECK.OK=Succès du contrôle de l''empreinte du bordereau de transfert : fichier conforme
+MANIFEST_DIGEST_CHECK.KO=Échec du contrôle de l''empreinte du bordereau de transfert : fichier non conforme
+MANIFEST_DIGEST_CHECK.FATAL=Erreur technique lors du contrôle de l''empreinte du bordereau de transfert
+MANIFEST_DIGEST_CHECK.WARNING=Avertissement lors du contrôle de l''empreinte du bordereau de transfert
+
 CHECK_CONTAINER=Contrôle du format du conteneur du SIP
 CHECK_CONTAINER.STARTED=Début du contrôle du format du conteneur du SIP
 CHECK_CONTAINER.STARTED.OK=Succès du début du contrôle du format du conteneur du SIP

diff --git a/...ernal-client/src/main/java/fr/gouv/vitam/ingest/external/client/IngestExternalClient.java b/...ernal-client/src/main/java/fr/gouv/vitam/ingest/external/client/IngestExternalClient.java
@@ -60,6 +60,20 @@ RequestResponse<Void> ingest(VitamContext vitamContext, InputStream stream,
         String action)
         throws IngestExternalException;
 
+    /**
+     * ingest upload file in local and launch an ingest workflow
+     *
+     *
+     * @param vitamContext the vitam context
+     * @param stream sip input stream
+     * @param ingestRequestParameters ingest request parameters
+     * @return response
+     * @throws IngestExternalException
+     */
+    RequestResponse<Void> ingest(VitamContext vitamContext, InputStream stream,
+        IngestRequestParameters ingestRequestParameters)
+        throws IngestExternalException;
+
     /**
      * Download object stored by ingest operation<br>
      * <br>
@@ -96,4 +110,19 @@ RequestResponse<Void> ingestLocal(VitamContext vitamContext, LocalFile localFile
         String action)
         throws IngestExternalException;
 
+
+    /**
+     * ingest a file that has been uploaded locally on a vitam folder then launch an ingest workflow
+     *
+     *
+     * @param vitamContext the vitam context
+     * @param localFile the localFile information
+     * @param ingestRequestParameters ingest request parameters
+     * @return response
+     * @throws IngestExternalException
+     */
+    RequestResponse<Void> ingestLocal(VitamContext vitamContext, LocalFile localFile,
+        IngestRequestParameters ingestRequestParameters)
+        throws IngestExternalException;
+
 }
diff --git a/...l-client/src/main/java/fr/gouv/vitam/ingest/external/client/IngestExternalClientMock.java b/...l-client/src/main/java/fr/gouv/vitam/ingest/external/client/IngestExternalClientMock.java
@@ -67,6 +67,12 @@ public RequestResponse<Void> ingest(VitamContext vitamContext, InputStream strea
         return r;
     }
 
+    @Override
+    public RequestResponse<Void> ingest(VitamContext vitamContext, InputStream stream,
+        IngestRequestParameters ingestRequestParameters) throws IngestExternalException {
+        return this.ingest(vitamContext, stream, ingestRequestParameters.getContextId(), ingestRequestParameters.getAction());
+    }
+
     @Override
     public Response downloadObjectAsync(VitamContext vitamContext, String objectId,
         IngestCollection type)
@@ -85,4 +91,11 @@ public RequestResponse<Void> ingestLocal(VitamContext vitamContext, LocalFile lo
 
         return r;
     }
+
+    @Override
+    public RequestResponse<Void> ingestLocal(VitamContext vitamContext, LocalFile localFile,
+        IngestRequestParameters ingestRequestParameters)
+        throws IngestExternalException {
+        return ingestLocal(vitamContext, localFile, ingestRequestParameters.getContextId(), ingestRequestParameters.getAction());
+    }
 }
diff --git a/...l-client/src/main/java/fr/gouv/vitam/ingest/external/client/IngestExternalClientRest.java b/...l-client/src/main/java/fr/gouv/vitam/ingest/external/client/IngestExternalClientRest.java
@@ -74,17 +74,25 @@ public RequestResponse<Void> ingest(VitamContext vitamContext, InputStream strea
         String contextId,
         String action)
         throws IngestExternalException {
+        return ingest(vitamContext, stream, new IngestRequestParameters(contextId, action));
+    }
+
+    @Override
+    public RequestResponse<Void> ingest(VitamContext vitamContext, InputStream stream,
+        IngestRequestParameters ingestRequestParameters) throws IngestExternalException {
 
         ParametersChecker.checkParameter("Tenant identifier is a mandatory parameter", vitamContext.getTenantId());
 
         final MultivaluedMap<String, Object> headers = vitamContext.getHeaders();
-        headers.add(GlobalDataRest.X_CONTEXT_ID, contextId);
-        headers.add(GlobalDataRest.X_ACTION, action);
-        headers.add(EXPECT, EXPECT_CONTINUE);
 
         VitamRequestBuilder request = post()
             .withPath(INGEST_URL)
-            .withHeaders(headers)
+            .withHeaders(vitamContext.getHeaders())
+            .withHeader(GlobalDataRest.X_CONTEXT_ID, ingestRequestParameters.getContextId())
+            .withHeader(GlobalDataRest.X_ACTION, ingestRequestParameters.getAction())
+            .withHeaderIgnoreNull(GlobalDataRest.X_MANIFEST_DIGEST_ALGORITHM, ingestRequestParameters.getManifestDigestAlgo())
+            .withHeaderIgnoreNull(GlobalDataRest.X_MANIFEST_DIGEST_VALUE, ingestRequestParameters.getManifestDigestValue())
+            .withHeader(EXPECT, EXPECT_CONTINUE)
             .withBody(stream, "Stream is a mandatory parameter")
             .withOctetContentType()
             .withXMLAccept();
@@ -127,17 +135,22 @@ public Response downloadObjectAsync(VitamContext vitamContext, String objectId,
     public RequestResponse<Void> ingestLocal(VitamContext vitamContext, LocalFile localFile, String contextId,
         String action)
         throws IngestExternalException {
+        return ingestLocal(vitamContext, localFile, new IngestRequestParameters(contextId, action));
+    }
+
+    @Override
+    public RequestResponse<Void> ingestLocal(VitamContext vitamContext, LocalFile localFile,
+        IngestRequestParameters ingestRequestParameters) throws IngestExternalException {
 
         ParametersChecker.checkParameter("Tenant identifier is a mandatory parameter", vitamContext.getTenantId());
-        final MultivaluedMap<String, Object> headers = vitamContext.getHeaders();
-        headers.add(GlobalDataRest.X_CONTEXT_ID, contextId);
-        headers.add(GlobalDataRest.X_ACTION, action);
-        headers.add(EXPECT, EXPECT_CONTINUE);
 
         VitamRequestBuilder request = post()
             .withPath(INGEST_URL)
-            .withHeader(GlobalDataRest.X_CONTEXT_ID, contextId)
-            .withHeader(GlobalDataRest.X_ACTION, action)
+            .withHeaders(vitamContext.getHeaders())
+            .withHeader(GlobalDataRest.X_CONTEXT_ID, ingestRequestParameters.getContextId())
+            .withHeader(GlobalDataRest.X_ACTION, ingestRequestParameters.getAction())
+            .withHeaderIgnoreNull(GlobalDataRest.X_MANIFEST_DIGEST_ALGORITHM, ingestRequestParameters.getManifestDigestAlgo())
+            .withHeaderIgnoreNull(GlobalDataRest.X_MANIFEST_DIGEST_VALUE, ingestRequestParameters.getManifestDigestValue())
             .withHeader(EXPECT, EXPECT_CONTINUE)
             .withBody(localFile, "localFile is a mandatory parameter")
             .withJsonContentType()

diff --git a/...al-client/src/main/java/fr/gouv/vitam/ingest/external/client/IngestRequestParameters.java b/...al-client/src/main/java/fr/gouv/vitam/ingest/external/client/IngestRequestParameters.java
@@ -0,0 +1,66 @@
+/*
+ * Copyright French Prime minister Office/SGMAP/DINSIC/Vitam Program (2015-2020)
+ *
+ * contact.vitam@culture.gouv.fr
+ *
+ * This software is a computer program whose purpose is to implement a digital archiving back-office system managing
+ * high volumetry securely and efficiently.
+ *
+ * This software is governed by the CeCILL-C license under French law and abiding by the rules of distribution of free
+ * software. You can use, modify and/ or redistribute the software under the terms of the CeCILL-C license as
+ * circulated by CEA, CNRS and INRIA at the following URL "https://cecill.info".
+ *
+ * As a counterpart to the access to the source code and rights to copy, modify and redistribute granted by the license,
+ * users are provided only with a limited warranty and the software's author, the holder of the economic rights, and the
+ * successive licensors have only limited liability.
+ *
+ * In this respect, the user's attention is drawn to the risks associated with loading, using, modifying and/or
+ * developing or reproducing the software by the user in light of its specific status of free software, that may mean
+ * that it is complicated to manipulate, and that also therefore means that it is reserved for developers and
+ * experienced professionals having in-depth computer knowledge. Users are therefore encouraged to load and test the
+ * software's suitability as regards their requirements in conditions enabling the security of their systems and/or data
+ * to be ensured and, more generally, to use and operate it in the same conditions as regards security.
+ *
+ * The fact that you are presently reading this means that you have had knowledge of the CeCILL-C license and that you
+ * accept its terms.
+ */
+package fr.gouv.vitam.ingest.external.client;
+
+public class IngestRequestParameters {
+
+    private final String contextId;
+    private final String action;
+    private String manifestDigestValue;
+    private String manifestDigestAlgo;
+
+    public IngestRequestParameters(String contextId, String action) {
+        this.contextId = contextId;
+        this.action = action;
+    }
+
+    public String getContextId() {
+        return contextId;
+    }
+
+    public String getAction() {
+        return action;
+    }
+
+    public String getManifestDigestValue() {
+        return manifestDigestValue;
+    }
+
+    public IngestRequestParameters setManifestDigestValue(String manifestDigestValue) {
+        this.manifestDigestValue = manifestDigestValue;
+        return this;
+    }
+
+    public String getManifestDigestAlgo() {
+        return manifestDigestAlgo;
+    }
+
+    public IngestRequestParameters setManifestDigestAlgo(String manifestDigestAlgo) {
+        this.manifestDigestAlgo = manifestDigestAlgo;
+        return this;
+    }
+}
diff --git a/...ingest-external-core/src/main/java/fr/gouv/vitam/ingest/external/core/IngestExternal.java b/...ingest-external-core/src/main/java/fr/gouv/vitam/ingest/external/core/IngestExternal.java
@@ -61,9 +61,12 @@ PreUploadResume preUploadAndResume(InputStream input, String contextId, GUID gui
      * @param preUploadResume     informations returned
      * @param xAction
      * @param guid
+     * @param manifestDigestValue
+     * @param manifestDigestAlgo
      * @return Response containing as InputStream the ArchiveTransferReply in XML format
      * @throws IngestExternalException thrown if an error occurred in workflow
      */
-    StatusCode upload(PreUploadResume preUploadResume, String xAction, GUID guid)
+    StatusCode upload(PreUploadResume preUploadResume, String xAction, GUID guid, String manifestDigestValue,
+        String manifestDigestAlgo)
         throws IngestExternalException;
 }