diff options
author | Sonsino, Ofir (os0695) <os0695@intl.att.com> | 2018-11-16 15:01:29 +0200 |
---|---|---|
committer | Sonsino, Ofir (os0695) <os0695@intl.att.com> | 2018-11-17 12:51:54 +0200 |
commit | 9a86fc5f609066fb90587c7ccf4a2c340565d79c (patch) | |
tree | bc692161b16e4a877abd2d550cb288731889e5ab | |
parent | 0ce80fac351ec9450ae6905ef4ac5c550649e8f7 (diff) |
Turn role management off by default
Change-Id: Ib8cf6d2a556c249f742ead7e628ae7039918c5c2
Issue-ID: VID-348
Signed-off-by: Sonsino, Ofir (os0695) <os0695@intl.att.com>
6 files changed, 23 insertions, 1 deletions
diff --git a/docs/administration.rst b/docs/administration.rst index 7227e702..1eec480c 100644 --- a/docs/administration.rst +++ b/docs/administration.rst @@ -23,4 +23,7 @@ Actions | ``curl -X POST 'http://vid.api.simpledemo.onap.org:8080/vid/change-management/vnf_workflow_relation' -H 'Accept-Encoding: gzip, deflate' -H 'Content-Type:application/json' -d '{"workflowsDetails":[{"workflowName":"VNF In Place Software Update","vnfDetails":{"UUID":"X-X-X-X","invariantUUID":"Y-Y-Y-Y"}}, {"workflowName":"VNF Scale Out","vnfDetails":{"UUID":"X-X-X-X","invariantUUID":"Y-Y-Y-Y"}}]}'`` - | **VoLTE E2E services deployment support** - | VID supports VoLTE E2E services deployment. In order to trigger the E2E flow, the service category in the model (as SDC generates it) has to be set to "E2E Service".
\ No newline at end of file + | VID supports VoLTE E2E services deployment. In order to trigger the E2E flow, the service category in the model (as SDC generates it) has to be set to "E2E Service". + +- | **Role management support** + | VID supports role management for its users with AAF integration. This feature is turned off by default. In order to activate it, update "role_management_activated" value in system.properties to "true".
\ No newline at end of file diff --git a/docs/configuration.rst b/docs/configuration.rst index 6357d5aa..ab757387 100644 --- a/docs/configuration.rst +++ b/docs/configuration.rst @@ -18,6 +18,9 @@ system.properties file ``db.password`` The password for the VID database +``role_management_activated`` + Role management activation flag, "false" by defauly. Change to "true" in order to activate this feature. + ``aai.server.url.base`` Base URL for the A&AI server diff --git a/epsdk-app-onap/src/main/webapp/WEB-INF/conf/system.properties b/epsdk-app-onap/src/main/webapp/WEB-INF/conf/system.properties index 049ebf0d..6dd885a4 100755 --- a/epsdk-app-onap/src/main/webapp/WEB-INF/conf/system.properties +++ b/epsdk-app-onap/src/main/webapp/WEB-INF/conf/system.properties @@ -106,6 +106,8 @@ decryption_key = AGLDdG4D04BKm2IxIWEr8o== element_map_file_path = app/fusionapp/files/
element_map_icon_path = app/fusionapp/icons/
+role_management_activated = false
+
#aai related properties
#aai.server.url.base=https://aai.api.openecomp.org:8443/aai/
#aai.server.url=https://aai.api.openecomp.org:8443/aai/v8/
diff --git a/epsdk-app-onap/src/main/webapp/WEB-INF/conf/system_template.properties b/epsdk-app-onap/src/main/webapp/WEB-INF/conf/system_template.properties index 06a2e6b5..177a3577 100755 --- a/epsdk-app-onap/src/main/webapp/WEB-INF/conf/system_template.properties +++ b/epsdk-app-onap/src/main/webapp/WEB-INF/conf/system_template.properties @@ -63,6 +63,8 @@ decryption_key = ${VID_DECRYPTION_KEY} element_map_file_path = /tmp
element_map_icon_path = app/vid/icons/
+role_management_activated = false
+
#aai related properties
aai.server.url.base=https://${VID_AAI_HOST}:${VID_AAI_PORT}/aai/
aai.server.url=https://${VID_AAI_HOST}:${VID_AAI_PORT}/aai/v13/
diff --git a/vid-app-common/src/main/java/org/onap/vid/roles/RoleValidator.java b/vid-app-common/src/main/java/org/onap/vid/roles/RoleValidator.java index f4f17fac..7ac5708e 100644 --- a/vid-app-common/src/main/java/org/onap/vid/roles/RoleValidator.java +++ b/vid-app-common/src/main/java/org/onap/vid/roles/RoleValidator.java @@ -1,5 +1,6 @@ package org.onap.vid.roles; +import org.onap.portalsdk.core.util.SystemProperties; import org.onap.vid.mso.rest.RequestDetails; import java.util.List; @@ -10,6 +11,7 @@ import java.util.Map; */ public class RoleValidator { + private boolean disableRoles = SystemProperties.getProperty("role_management_activated") == "false"; private List<Role> userRoles; public RoleValidator(List<Role> roles) { @@ -17,6 +19,8 @@ public class RoleValidator { } public boolean isSubscriberPermitted(String subscriberName) { + if(this.disableRoles) return true; + for (Role role : userRoles) { if (role.getSubscribeName().equals(subscriberName)) return true; @@ -25,6 +29,8 @@ public class RoleValidator { } public boolean isServicePermitted(String subscriberName, String serviceType) { + if(this.disableRoles) return true; + for (Role role : userRoles) { if (role.getSubscribeName().equals(subscriberName) && role.getServiceType().equals(serviceType)) return true; @@ -33,6 +39,8 @@ public class RoleValidator { } public boolean isMsoRequestValid(RequestDetails mso_request) { + if(this.disableRoles) return true; + try { String globalSubscriberIdRequested = (String) ((Map) ((Map) mso_request.getAdditionalProperties().get("requestDetails")).get("subscriberInfo")).get("globalSubscriberId"); String serviceType = (String) ((Map) ((Map) mso_request.getAdditionalProperties().get("requestDetails")).get("requestParameters")).get("subscriptionServiceType"); @@ -45,6 +53,8 @@ public class RoleValidator { } public boolean isTenantPermitted(String globalCustomerId, String serviceType, String tenantName) { + if(this.disableRoles) return true; + for (Role role : userRoles) { if (role.getSubscribeName().equals(globalCustomerId) && role.getServiceType().equals(serviceType) diff --git a/vid-app-common/src/test/resources/WEB-INF/conf/system.properties b/vid-app-common/src/test/resources/WEB-INF/conf/system.properties index 6a8a1a37..f9d510a7 100644 --- a/vid-app-common/src/test/resources/WEB-INF/conf/system.properties +++ b/vid-app-common/src/test/resources/WEB-INF/conf/system.properties @@ -71,6 +71,8 @@ application_name = Virtual Infrastructure Deployment element_map_file_path = app/fusionapp/files/ element_map_icon_path = app/fusionapp/icons/ +role_management_activated = false + #aai related properties #dev server #ist servers |