PublicFileService

package com.trendmicro.grid.acl.l0;

import com.trendmicro.grid.acl.PublicRequestContext;
import com.trendmicro.grid.acl.RequiredRoles;
import com.trendmicro.grid.acl.Service;
import com.trendmicro.grid.acl.l0.datatypes.*;

import javax.jws.WebMethod;
import javax.jws.WebParam;
import javax.jws.WebResult;
import javax.jws.WebService;
import javax.servlet.annotation.WebServlet;
import javax.xml.ws.ResponseWrapper;
import java.util.Collection;

import static com.trendmicro.grid.acl.l0.KnownRoles.*;

/**
 * Defines public reachable services to query file details.
 *
 * @author Juergen_Kellerer, 2010-04-23
 * @version 1.0
 */
@PublicRequestContext
@WebServlet("/ws/level-0/files")
@WebService(targetNamespace = Level0Constants.NAMESPACE)
public interface PublicFileService extends Service {

	/**
	 * Returns true if the GRID database knows (contains) the given file.
	 * <p/>
	 * Note: Calling this method doesn't make a guarantee whether the file content is stored
	 * inside the GRID, it only checks whether the database knows details on the file.
	 *
	 * @param file the file to check.
	 * @return true if the GRID database contains the file and the file is not labelled as 'unknown',
	 *         false otherwise.
	 * @throws AuthenticationException In case of this service requires authentication and the current user session
	 *                                 is not authenticated or doesn't have the right to access the service.
	 */
	@WebMethod
	@WebResult(name = "fileKnown")
	@RequiredRoles(ROLE_RUN_HASH_QUERIES)
	boolean isFileKnown(
			@WebParam(name = "file") FileIdentifier file) throws AuthenticationException;

	/**
	 * Implements a batch query for {@link #isFileKnown(FileIdentifier)}.
	 *
	 * @param files the files to check.
	 * @return a collection that contains the results of the requested files.
	 * @throws AuthenticationException In case of this service requires authentication and the current user session
	 *                                 is not authenticated or doesn't have the right to access the service.
	 */
	@WebMethod
	@WebResult(name = "fileKnown")
	@RequiredRoles(ROLE_RUN_HASH_QUERIES)
	Collection<Boolean> isFilesKnown(
			@WebParam(name = "file") BatchCollection<FileIdentifier> files) throws AuthenticationException;

	/**
	 * Returns 'Yes' if the GRID database knows that the file is good.
	 *
	 * @param file the file to check.
	 * @return 'Yes' if the GRID database contains the file and the file is tagged as 'clean',
	 *         'No' if the file is not 'clean', 'NotKnown' if the file is not contained in the GRID database.
	 * @throws AuthenticationException In case of this service requires authentication and the current user session
	 *                                 is not authenticated or doesn't have the right to access the service.
	 */
	@WebMethod
	@WebResult(name = "fileKnownGood")
	@RequiredRoles(ROLE_RUN_HASH_QUERIES)
	IsTrueResult isFileKnownGood(
			@WebParam(name = "file") FileIdentifier file) throws AuthenticationException;

	/**
	 * Implements a batch query for {@link #isFileKnownGood(FileIdentifier)}.
	 *
	 * @param files the files to check.
	 * @return a collection that contains the results of the requested files.
	 * @throws AuthenticationException In case of this service requires authentication and the current user session
	 *                                 is not authenticated or doesn't have the right to access the service.
	 */
	@WebMethod
	@WebResult(name = "fileKnownGood")
	@RequiredRoles(ROLE_RUN_HASH_QUERIES)
	Collection<IsTrueResult> isFilesKnownGood(
			@WebParam(name = "file") BatchCollection<FileIdentifier> files) throws AuthenticationException;

	/**
	 * Returns 'Yes' if the GRID database knows that the file is good and not included in the high risk category.
	 *
	 * @param file the file to check.
	 * @return 'Yes' if the GRID database contains the file and the file is tagged as 'clean' and not 'key_loggers'
	 *         and not 'password_crackers' and not 'proxy_anonymizers',
	 *         'No' if the file is not 'clean' or 'key_loggers' or 'password_crackers' or 'proxy_anonymizers',
	 *         'NotKnown' if the file is not contained in the GRID database.
	 * @throws AuthenticationException In case of this service requires authentication and the current user session
	 *                                 is not authenticated or doesn't have the right to access the service.
	 */
	@WebMethod
	@WebResult(name = "filePureWhite")
	@RequiredRoles(ROLE_RUN_HASH_QUERIES)
	IsTrueResult isFilePureWhite(
			@WebParam(name = "file") FileIdentifier file) throws AuthenticationException;

	/**
	 * Implements a batch query for {@link #isFilePureWhite(FileIdentifier)}.
	 *
	 * @param files the files to check.
	 * @return a collection that contains the results of the requested files.
	 * @throws AuthenticationException In case of this service requires authentication and the current user session
	 *                                 is not authenticated or doesn't have the right to access the service.
	 */
	@WebMethod
	@WebResult(name = "filePureWhite")
	@RequiredRoles(ROLE_RUN_HASH_QUERIES)
	Collection<IsTrueResult> isFilesPureWhite(
			@WebParam(name = "file") BatchCollection<FileIdentifier> files) throws AuthenticationException;

	/**
	 * Returns true if the given file is tagged with the specified tags.
	 * <p/>
	 * Example: Check whether a file is known and good:<code><pre>
	 * FileIdentifier id = new FileIdentifier(sha1Hash);
	 * Boolean isClean = publicFileService.isFileTaggedWith(id, "clean");
	 * if (isClean == null) {
	 *    // file is unknown
	 * } else if (isClean) {
	 *    // file is known bood
	 * } else {
	 *    // file is known bad
	 * }
	 * </pre></code>
	 *
	 * @param file The file to verify.
	 * @param tags The tags to check against.
	 * @return True if the tags apply to the file, false if not, 'null' if the file is unknown.
	 * @throws AuthenticationException In case of this service requires authentication and the current user session
	 *                                 is not authenticated or doesn't have the right to access the service.
	 * @deprecated Please use {@link #isFileTaggedWithAll(FileIdentifier, String[])} instead.
	 */
	@Deprecated
	@WebMethod
	@WebResult(name = "result")
	@RequiredRoles(ROLE_RUN_HASH_QUERIES)
	Boolean isFileTaggedWith(
			@WebParam(name = "file") FileIdentifier file,
			@WebParam(name = "tag") String[] tags) throws AuthenticationException;

	/**
	 * Returns true if the given files are tagged with the specified tags.
	 * <p/>
	 * Implements a batch query for {@link #isFileTaggedWith(FileIdentifier, String[])}.
	 * <p/>
	 * <b>Important Note:</b> This method returned incorrect data when 'null' values were contained in the result.
	 * 'Null' values are swallowed by the XML serialization framework, because it considers the booleans
	 * as primitive types. Therefore starting from GACL 1.2, this method substitutes 'null' with 'false'.
	 * Use {@link #isFilesTaggedWithAll(BatchCollection, String[])} instead, to get a 3-way result.
	 *
	 * @param files The files to verify.
	 * @param tags  The tags to check against.
	 * @return True if the tags apply to the files, false if not.
	 * @throws AuthenticationException In case of this service requires authentication and the current user session
	 *                                 is not authenticated or doesn't have the right to access the service.
	 * @deprecated Please use {@link #isFilesTaggedWithAll(BatchCollection, String[])} instead.
	 */
	@Deprecated
	@WebMethod
	@WebResult(name = "result")
	@RequiredRoles(ROLE_RUN_HASH_QUERIES)
	Collection<Boolean> isFilesTaggedWith(
			@WebParam(name = "file") BatchCollection<FileIdentifier> files,
			@WebParam(name = "tag") String[] tags) throws AuthenticationException;

	/**
	 * Returns 'Yes' if the given file is tagged with the specified tags.
	 * <p/>
	 * Example: Check whether a file is known and good:<code><pre>
	 * FileIdentifier id = new FileIdentifier(sha1Hash);
	 * switch(publicFileService.isFileTaggedWithAll(id, "clean")) {
	 *    case Yes:        // file is known good
	 *       break;
	 *    case No:         // file is known bad
	 *       break;
	 *    case NotKnown:   // file is unknown
	 *       break;
	 * }
	 * </pre></code>
	 * <p/>
	 * When querying multiple files, {@link #isFilesTaggedWithAll(BatchCollection, String[])}, may be more efficient.
	 * <p/>
	 * Note: This method is a replacement for {@link #isFileTaggedWith(FileIdentifier, String[])} as a 3-way boolean
	 * is not obvious and not supported in all programming languages.
	 *
	 * @param file The file to verify.
	 * @param tags The tags to check against.
	 * @return True if the tags apply to the file, false if not, 'null' if the file is unknown.
	 * @throws AuthenticationException In case of this service requires authentication and the current user session
	 *                                 is not authenticated or doesn't have the right to access the service.
	 */
	@WebMethod
	@WebResult(name = "result")
	@RequiredRoles(ROLE_RUN_HASH_QUERIES)
	IsTrueResult isFileTaggedWithAll(
			@WebParam(name = "file") FileIdentifier file,
			@WebParam(name = "tag") String[] tags) throws AuthenticationException;

	/**
	 * Returns 'Yes' if the given files are tagged with the specified tags.
	 * <p/>
	 * Implements a batch query for {@link #isFileTaggedWithAll(FileIdentifier, String[])}.
	 * <p/>
	 * Note: This method is a replacement for {@link #isFilesTaggedWith(BatchCollection, String[])} as a 3-way boolean
	 * is not obvious and not supported in all programming languages.
	 *
	 * @param files The files to verify.
	 * @param tags  The tags to check against.
	 * @return a collection that contains the results of the requested files.
	 * @throws AuthenticationException In case of this service requires authentication and the current user session
	 *                                 is not authenticated or doesn't have the right to access the service.
	 */
	@WebMethod
	@WebResult(name = "result")
	@RequiredRoles(ROLE_RUN_HASH_QUERIES)
	Collection<IsTrueResult> isFilesTaggedWithAll(
			@WebParam(name = "file") BatchCollection<FileIdentifier> files,
			@WebParam(name = "tag") String[] tags) throws AuthenticationException;

	/**
	 * Returns all known files that are tagged with the given list of tags.
	 *
	 * @param tags       The tags to get the files for.
	 * @param pageNumber The number of the list page to return, starting from 0 for the first chunk.
	 * @return A chunk of file identifiers for the files tagged with the given tags or
	 *         'null' if no chunk exists under the given number.
	 * @throws AuthenticationException In case of this service requires authentication and the current user session
	 *                                 is not authenticated or doesn't have the right to access the service.
	 */
	@WebMethod
	@WebResult(name = "fileId")
	@RequiredRoles(ROLE_RUN_TAG_MATCHING_QUERIES)
	FileIdentiferListPage getFilesTaggedWith(
			@WebParam(name = "tag") String[] tags,
			@WebParam(name = "pageNumber") int pageNumber) throws AuthenticationException;

	/**
	 * Returns all known files that are matched by the given tag expression.
	 * <p/>
	 * <b>Tag Query Grammar</b><br/>
	 * A common tag query uses a simple search grammar also common for most search engines:
	 * <ul>
	 * <li>Tags are delimited by whitespaces</li>
	 * <li>Adding "-" in front of a tag negates the search (the tag must not be included in results)</li>
	 * <li>Groups can be built by adding braces around tags. Multiple groups are combined with OR
	 * (the same as if multiple individual queries would be combined).</li>
	 * <li>Tags in one group are combined with AND (all have to be included (or excluded when prefixed with "-"))</li>
	 * </ul>
	 * The example query: {@code (mustBeInGroup1 -mustNotBeInGroup1) (mustBeInGroup2 -mustNotBeInGroup2 mustBe2InGroup2)}
	 * selects all files that were tagged with "mustBeInGroup1" but not with "mustNotBeInGroup1" and files that were
	 * tagged with "mustBeInGroup2" and "mustBe2InGroup2" but not "mustNotBeInGroup2".
	 *
	 * @param tagExpression        An expression following the tag query grammar used to identify files.
	 * @param tagExpressionVersion The version of the expression (the most recent version is assumed if omitted).
	 * @param pageNumber           The number of the list page to return, starting from 0 for the first chunk.
	 * @return A chunk of file identifiers for the files, matching the given expression or
	 *         'null' if no chunk exists under the given number.
	 * @throws AuthenticationException In case of this service requires authentication and the current user session
	 *                                 is not authenticated or doesn't have the right to access the service.
	 */
	@WebMethod
	@WebResult(name = "fileId")
	@RequiredRoles(ROLE_RUN_TAG_MATCHING_QUERIES)
	FileIdentiferListPage getMatchingFiles(
			@WebParam(name = "tagQueryExpression") String tagExpression,
			@WebParam(name = "tagQueryExpressionVersion") String tagExpressionVersion,
			@WebParam(name = "pageNumber") int pageNumber) throws AuthenticationException;

	/**
	 * Returns all known files that are matched by the given tag expression and are in the given range.
	 *
	 * @param tagExpression        An expression following the tag query grammar used to identify files.
	 * @param tagExpressionVersion The version of the expression (the most recent version is assumed if omitted).
	 * @param range                The range limiting the output.
	 * @param pageNumber           The number of the list page to return, starting from 0 for the first chunk.
	 * @return A chunk of file identifiers for the files, matching the given expression or
	 *         'null' if no chunk exists under the given number.
	 * @throws AuthenticationException In case of this service requires authentication and the current user session
	 *                                 is not authenticated or doesn't have the right to access the service.
	 */
	@WebMethod
	@WebResult(name = "fileId")
	@RequiredRoles(ROLE_RUN_TAG_MATCHING_QUERIES)
	FileIdentiferListPage getMatchingFilesInRange(
			@WebParam(name = "tagQueryExpression") String tagExpression,
			@WebParam(name = "tagQueryExpressionVersion") String tagExpressionVersion,
			@WebParam(name = "range") Range range,
			@WebParam(name = "pageNumber") int pageNumber) throws AuthenticationException;

	/**
	 * Returns the file information for the given file.
	 *
	 * @param file The file to return the information for.
	 * @return the file information for the given file or 'null' if the file is unknown.
	 * @throws AuthenticationException In case of this service requires authentication and the current user session
	 *                                 is not authenticated or doesn't have the right to access the service.
	 */
	@WebMethod
	@WebResult(name = "information")
	@RequiredRoles(ROLE_RUN_HASH_QUERIES)
	FileInformation getFileInformation(
			@WebParam(name = "file") FileIdentifier file) throws AuthenticationException;

	/**
	 * Returns the file information list for the given files.
	 *
	 * @param files The files to return the information list for.
	 * @return the file information list for the given file. The list may contain 'null'
	 *         entries if the corresponding file was unknown.
	 * @throws AuthenticationException In case of this service requires authentication and the current user session
	 *                                 is not authenticated or doesn't have the right to access the service.
	 */
	@WebMethod
	@WebResult(name = "information")
	@ResponseWrapper( // Adding a custom response wrapper to support 'null' values inside the returned collection.
			className = "com.trendmicro.grid.acl.l0.wrappers.GetFileInformationListResponse")
	@RequiredRoles(ROLE_RUN_HASH_QUERIES)
	Collection<FileInformation> getFileInformationList(
			@WebParam(name = "file") BatchCollection<FileIdentifier> files) throws AuthenticationException;

	/**
	 * Returns the file details for the given file.
	 *
	 * @param file The file to return the details for.
	 * @return the file details for the given file or 'null' if the file is unknown.
	 * @throws AuthenticationException In case of this service requires authentication and the current user session
	 *                                 is not authenticated or doesn't have the right to access the service.
	 */
	@WebMethod
	@WebResult(name = "details")
	@RequiredRoles({ROLE_RUN_HASH_QUERIES, ROLE_ACCESS_DETAILS})
	FileDetails getFileDetails(
			@WebParam(name = "file") FileIdentifier file) throws AuthenticationException;

	/**
	 * Returns the file details list for the given files.
	 *
	 * @param files The files to return the details list for.
	 * @return the file details list for the given file. The list may contain 'null'
	 *         entries if the corresponding file was unknown.
	 * @throws AuthenticationException In case of this service requires authentication and the current user session
	 *                                 is not authenticated or doesn't have the right to access the service.
	 */
	@WebMethod
	@WebResult(name = "details")
	@ResponseWrapper( // Adding a custom response wrapper to support 'null' values inside the returned collection.
			className = "com.trendmicro.grid.acl.l0.wrappers.GetFileDetailsListResponse")
	@RequiredRoles({ROLE_RUN_HASH_QUERIES, ROLE_ACCESS_DETAILS})
	Collection<FileDetails> getFileDetailsList(
			@WebParam(name = "file") BatchCollection<FileIdentifier> files) throws AuthenticationException;
}