From 4fe55a9f53c156fd8f2103ea6ec81a4652d98d19 Mon Sep 17 00:00:00 2001 From: Eylon Malin Date: Wed, 5 Feb 2020 00:26:37 +0200 Subject: Respect permissions by owning-entity-id when searching instances by owning entity Issue-ID: VID-758 Signed-off-by: Eylon Malin Change-Id: I98d3e551231bb5aca3150da99f3431268f3373d8 --- .../java/org/onap/vid/services/AaiServiceImpl.java | 4 +-- .../aai/PresetAAIGetModelsByOwningEntity.java | 31 +++++++++++++++------- .../src/test/java/org/onap/vid/api/AaiApiTest.java | 26 +++++++++++++----- 3 files changed, 43 insertions(+), 18 deletions(-) diff --git a/vid-app-common/src/main/java/org/onap/vid/services/AaiServiceImpl.java b/vid-app-common/src/main/java/org/onap/vid/services/AaiServiceImpl.java index 36333b163..1e79ab4c8 100644 --- a/vid-app-common/src/main/java/org/onap/vid/services/AaiServiceImpl.java +++ b/vid-app-common/src/main/java/org/onap/vid/services/AaiServiceImpl.java @@ -208,6 +208,7 @@ public class AaiServiceImpl implements AaiService { extractRelationshipData(relationship, serviceInstanceSearchResult, roleValidator); extractRelatedToProperty(relationship, serviceInstanceSearchResult); serviceInstanceSearchResult.setOwningEntityId(owningEntityId); + serviceInstanceSearchResult.setIsPermitted(roleValidator.isServicePermitted(serviceInstanceSearchResult)); serviceInstanceSearchResultList.add(serviceInstanceSearchResult); } } @@ -228,9 +229,6 @@ public class AaiServiceImpl implements AaiService { serviceInstanceSearchResult.setSubscriberId(relationshipData.getRelationshipValue()); } } - - boolean isPermitted = roleValidator.isServicePermitted(serviceInstanceSearchResult); - serviceInstanceSearchResult.setIsPermitted(isPermitted); } } diff --git a/vid-automation/src/main/java/org/onap/simulator/presetGenerator/presets/aai/PresetAAIGetModelsByOwningEntity.java b/vid-automation/src/main/java/org/onap/simulator/presetGenerator/presets/aai/PresetAAIGetModelsByOwningEntity.java index ae921fd79..88ea09ae5 100644 --- a/vid-automation/src/main/java/org/onap/simulator/presetGenerator/presets/aai/PresetAAIGetModelsByOwningEntity.java +++ b/vid-automation/src/main/java/org/onap/simulator/presetGenerator/presets/aai/PresetAAIGetModelsByOwningEntity.java @@ -1,18 +1,31 @@ package org.onap.simulator.presetGenerator.presets.aai; import com.google.common.collect.ImmutableMap; -import org.onap.simulator.presetGenerator.presets.BasePresets.BaseAAIPreset; -import org.springframework.http.HttpMethod; - import java.util.Collections; import java.util.List; import java.util.Map; +import org.onap.simulator.presetGenerator.presets.BasePresets.BaseAAIPreset; +import org.springframework.http.HttpMethod; public class PresetAAIGetModelsByOwningEntity extends BaseAAIPreset { - String oeName; + + private static final String DEFAULT_OWNING_ENTITY_ID = "43b8a85a-0421-4265-9069-117dd6526b8a"; + private static final String DEFAULT_SUBSCRIBER_ID = "CAR_2020_ER"; + + private String oeName; + private String oeId; + private String subscriberId; public PresetAAIGetModelsByOwningEntity(String oeName) { this.oeName = oeName; + this.oeId = DEFAULT_OWNING_ENTITY_ID; + this.subscriberId = DEFAULT_SUBSCRIBER_ID; + } + + public PresetAAIGetModelsByOwningEntity(String oeName, String oeId, String subscriberId) { + this.oeName = oeName; + this.oeId = oeId; + this.subscriberId = subscriberId; } @Override @@ -37,7 +50,7 @@ public class PresetAAIGetModelsByOwningEntity extends BaseAAIPreset { return "{" + " \"owning-entity\": [" + " {" + - " \"owning-entity-id\": \"43b8a85a-0421-4265-9069-117dd6526b8a\"," + + " \"owning-entity-id\": \"" + oeId + "\"," + " \"owning-entity-name\": \"" + oeName + "\"," + " \"resource-version\": \"1527418700853\"," + " \"relationship-list\": {" + @@ -45,11 +58,11 @@ public class PresetAAIGetModelsByOwningEntity extends BaseAAIPreset { " {" + " \"related-to\": \"service-instance\"," + " \"relationship-label\": \"org.onap.relationships.inventory.BelongsTo\"," + - " \"related-link\": \"/aai/v12/business/customers/customer/CAR_2020_ER/service-subscriptions/service-subscription/MSO-dev-service-type/service-instances/service-instance/af9d52f9-13b2-4657-a198-463677f82dc0\"," + + " \"related-link\": \"/aai/v12/business/customers/customer/" + subscriberId + "/service-subscriptions/service-subscription/MSO-dev-service-type/service-instances/service-instance/af9d52f9-13b2-4657-a198-463677f82dc0\"," + " \"relationship-data\": [" + " {" + " \"relationship-key\": \"customer.global-customer-id\"," + - " \"relationship-value\": \"CAR_2020_ER\"" + + " \"relationship-value\": \"" + subscriberId + "\"" + " }," + " {" + " \"relationship-key\": \"service-subscription.service-type\"," + @@ -70,11 +83,11 @@ public class PresetAAIGetModelsByOwningEntity extends BaseAAIPreset { " {" + " \"related-to\": \"service-instance\"," + " \"relationship-label\": \"org.onap.relationships.inventory.BelongsTo\"," + - " \"related-link\": \"/aai/v12/business/customers/customer/CAR_2020_ER/service-subscriptions/service-subscription/MSO-dev-service-type/service-instances/service-instance/49769492-5def-4c89-8e73-b236f958fa40\"," + + " \"related-link\": \"/aai/v12/business/customers/customer/" + DEFAULT_SUBSCRIBER_ID + "/service-subscriptions/service-subscription/MSO-dev-service-type/service-instances/service-instance/49769492-5def-4c89-8e73-b236f958fa40\"," + " \"relationship-data\": [" + " {" + " \"relationship-key\": \"customer.global-customer-id\"," + - " \"relationship-value\": \"CAR_2020_ER\"" + + " \"relationship-value\": \"" + DEFAULT_SUBSCRIBER_ID + "\"" + " }," + " {" + " \"relationship-key\": \"service-subscription.service-type\"," + diff --git a/vid-automation/src/test/java/org/onap/vid/api/AaiApiTest.java b/vid-automation/src/test/java/org/onap/vid/api/AaiApiTest.java index ca09d796b..54300c22a 100644 --- a/vid-automation/src/test/java/org/onap/vid/api/AaiApiTest.java +++ b/vid-automation/src/test/java/org/onap/vid/api/AaiApiTest.java @@ -47,6 +47,7 @@ import org.onap.simulator.presetGenerator.presets.aai.PresetAAIGetInstanceGroups import org.onap.simulator.presetGenerator.presets.aai.PresetAAIGetInstanceGroupsByCloudRegionRequiredMissing; import org.onap.simulator.presetGenerator.presets.aai.PresetAAIGetL3NetworksByCloudRegion; import org.onap.simulator.presetGenerator.presets.aai.PresetAAIGetL3NetworksByCloudRegionSpecificState; +import org.onap.simulator.presetGenerator.presets.aai.PresetAAIGetModelsByOwningEntity; import org.onap.simulator.presetGenerator.presets.aai.PresetAAIGetNetworkCollectionDetails; import org.onap.simulator.presetGenerator.presets.aai.PresetAAIGetNetworkCollectionDetailsInvalidRequest; import org.onap.simulator.presetGenerator.presets.aai.PresetAAIGetNetworkCollectionDetailsRequiredMissing; @@ -903,20 +904,34 @@ public class AaiApiTest extends BaseApiAaiTest { } @Test - public void searchServiceInstances_serviceInstanceOfAnotherSubscriber_authIsFollowingFeatureToggle() { + public void searchServiceInstancesBySubscriber_serviceInstanceOfAnotherSubscriber_authIsFollowingFeatureToggle() { String craigRobertsSubscriberId = "31739f3e-526b-11e6-beb8-9e71128cae77"; - String aServiceInstanceId = "4ea864f2-b946-473a-b51c-51a7c10b8391"; String aServiceOwningEntityId = "f160c875-ddd1-4ef5-84d8-d098784daa3a"; String currentUserAuthorizedOwningEntityId = "SILVIA ROBBINS"; // this will need to change with translateOwningEntityNameToOwningEntityId - boolean expectedPermission = Features.FLAG_2006_USER_PERMISSIONS_BY_OWNING_ENTITY.isActive(); - SimulatorApi.registerExpectation(GET_SUBSCRIBERS_FOR_CUSTOMER_CRAIG_ROBERTS, ImmutableMap.of(aServiceOwningEntityId, currentUserAuthorizedOwningEntityId), CLEAR_THEN_SET); + + searchServicesAndAssertIsPermitted("subscriberId=" + craigRobertsSubscriberId, "4ea864f2-b946-473a-b51c-51a7c10b8391"); + } + + @Test + public void searchServiceInstancesByOwningEntity_serviceInstanceOfAnotherSubscriber_authIsFollowingFeatureToggle() { + String owningEntityName = "someOwning"; + String owningEntityId = "SILVIA ROBBINS"; // this will need to change with translateOwningEntityNameToOwningEntityId + + SimulatorApi.registerExpectationFromPreset(new PresetAAIGetModelsByOwningEntity(owningEntityName, owningEntityId, "fakeSubscriberId"), CLEAR_THEN_SET); + + searchServicesAndAssertIsPermitted("owningEntity=" + owningEntityName, "af9d52f9-13b2-4657-a198-463677f82dc0"); + } + + private void searchServicesAndAssertIsPermitted(String queryParams, String aServiceInstanceId) { + boolean expectedPermission = Features.FLAG_2006_USER_PERMISSIONS_BY_OWNING_ENTITY.isActive(); + SimulatorApi.registerExpectationFromPreset(new PresetAAIGetSubscribersGet(), APPEND); JsonNode serviceInstancesResult = restTemplate - .getForObject(uri + "/search_service_instances?subscriberId=" + craigRobertsSubscriberId, JsonNode.class); + .getForObject(uri + "/search_service_instances?" + queryParams, JsonNode.class); assertThat(serviceInstancesResult.path("service-instances").isArray(), is(true)); @@ -929,7 +944,6 @@ public class AaiApiTest extends BaseApiAaiTest { assertThat(aServiceResult.toString(), aServiceResult.path("isPermitted").booleanValue(), is(expectedPermission)); - } private void assertResponse(Object expected, String response) { -- cgit 1.2.3-korg