summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorvarun gudisena <vg411h@att.com>2018-04-30 19:14:26 +0000
committerGerrit Code Review <gerrit@onap.org>2018-04-30 19:14:26 +0000
commitc662d585d8f830eb214408c01749516d447c76c8 (patch)
treefe34f681d616cdb894e87966d6ebfb855fcbf9ed
parent90e44059bb81bb3f2c40263341924ebe67924464 (diff)
parent22441bf68398310bc3f451eb3331f3e4ee57d93a (diff)
Merge "add newly revealed ONAP IDs"
-rw-r--r--auth/auth-cass/src/main/cql/.gitignore5
-rw-r--r--auth/auth-cass/src/main/cql/osaaf.cql61
-rw-r--r--auth/sample/data/identities.dat9
-rw-r--r--cadi/aaf/src/main/java/org/onap/aaf/cadi/aaf/v2_0/AAFLurPerm.java4
-rw-r--r--cadi/core/src/main/java/org/onap/aaf/cadi/config/Config.java19
5 files changed, 87 insertions, 11 deletions
diff --git a/auth/auth-cass/src/main/cql/.gitignore b/auth/auth-cass/src/main/cql/.gitignore
index 5fd2ede3..ce22752c 100644
--- a/auth/auth-cass/src/main/cql/.gitignore
+++ b/auth/auth-cass/src/main/cql/.gitignore
@@ -1,4 +1 @@
-/.settings/
-/.project
-/target/
-/.classpath
+temp.cql
diff --git a/auth/auth-cass/src/main/cql/osaaf.cql b/auth/auth-cass/src/main/cql/osaaf.cql
index 83c7fdf0..e7385ab6 100644
--- a/auth/auth-cass/src/main/cql/osaaf.cql
+++ b/auth/auth-cass/src/main/cql/osaaf.cql
@@ -59,3 +59,64 @@ INSERT INTO role(ns, name, perms, description)
INSERT INTO user_role(user,role,expires,ns,rname)
VALUES ('initial@osaaf.org','org.osaaf.aaf.admin','2099-12-31','org.osaaf.aaf','admin') using TTL 14400;
+
+// ONAP Specific Entities
+// ONAP initial env Namespace
+INSERT INTO ns (name,description,parent,scope,type)
+ VALUES('org.onap','ONAP','org',2,2);
+
+INSERT INTO ns (name,description,parent,scope,type)
+ VALUES('org.onap.portal','ONAP Portal','org.onap.portal',3,3);
+
+INSERT INTO perm(ns, type, instance, action, roles, description)
+ VALUES ('org.onap.portal','access','*','read',{
+ 'org.onap.portal.owner','org.onap.portal.designer','org.onap.portal.tester','org.onap.portal.ops','org.onap.portal.governor'
+ },'Portal Read Access');
+
+INSERT INTO role(ns, name, perms, description)
+ VALUES('org.onap.portal','owner',{'org.onap.portal.access|*|read'},'Portal Owner');
+
+INSERT INTO perm(ns, type, instance, action, roles, description)
+ VALUES ('org.onap.portal','access','*','*',{'org.onap.portal.admin'},'Portal Write Access');
+
+INSERT INTO role(ns, name, perms, description)
+ VALUES('org.onap.portal','admin',{'org.onap.portal.access|*|*'},'Portal Admins');
+
+// DEMO ID (OPS)
+insert into cred (id,type,expires,cred,notes,ns,other) values('demo@people.osaaf.org',2,'2019-05-01',0xd993c5617486296f1b99d04de31633332b8ba1a550038e23860f9dbf0b2fcf95,'Initial ID','org.osaaf.people',53344);
+INSERT INTO user_role(user,role,expires,ns,rname)
+ VALUES ('demo@people.osaaf.org','org.onap.portal.admin','2018-10-31','org.onap.portal','admin');
+
+// ADMIN
+insert into cred (id,type,expires,cred,notes,ns,other) values('jh0003@people.osaaf.org',2,'2019-05-01',0xd993c5617486296f1b99d04de31633332b8ba1a550038e23860f9dbf0b2fcf95,'Initial ID','org.osaaf.people',53344);
+INSERT INTO user_role(user,role,expires,ns,rname)
+ VALUES ('jh0003@people.osaaf.org','org.onap.portal.admin','2018-10-31','org.onap.portal','admin');
+
+// DESIGNER
+INSERT INTO cred (id,type,expires,cred,notes,ns,other) values('cs0008@people.osaaf.org',2,'2019-05-01',0xd993c5617486296f1b99d04de31633332b8ba1a550038e23860f9dbf0b2fcf95,'Initial ID','org.osaaf.people',53344);
+INSERT INTO role(ns, name, perms, description)
+ VALUES('org.onap.portal','designer',{'org.onap.portal.access|*|read'},'Portal Designer');
+INSERT INTO user_role(user,role,expires,ns,rname)
+ VALUES ('cs0008@people.osaaf.org','org.onap.portal.designer','2018-10-31','org.onap.portal','designer');
+
+// TESTER
+INSERT INTO cred (id,type,expires,cred,notes,ns,other) values('jm0007@people.osaaf.org',2,'2019-05-01',0xd993c5617486296f1b99d04de31633332b8ba1a550038e23860f9dbf0b2fcf95,'Initial ID','org.osaaf.people',53344);
+INSERT INTO role(ns, name, perms, description)
+ VALUES('org.onap.portal','tester',{'org.onap.portal.access|*|read'},'Portal Tester');
+INSERT INTO user_role(user,role,expires,ns,rname)
+ VALUES ('jm0007@people.osaaf.org','org.onap.portal.tester','2018-10-31','org.onap.portal','tester');
+
+// OPS
+INSERT INTO cred (id,type,expires,cred,notes,ns,other) values('op0001@people.osaaf.org',2,'2019-05-01',0xd993c5617486296f1b99d04de31633332b8ba1a550038e23860f9dbf0b2fcf95,'Initial ID','org.osaaf.people',53344);
+INSERT INTO role(ns, name, perms, description)
+ VALUES('org.onap.portal','ops',{'org.onap.portal.access|*|read'},'Portal Operations');
+INSERT INTO user_role(user,role,expires,ns,rname)
+ VALUES ('op0001@people.osaaf.org','org.onap.portal.ops','2018-10-31','org.onap.portal','ops');
+
+// GOVERNOR
+INSERT INTO cred (id,type,expires,cred,notes,ns,other) values('gv0001@people.osaaf.org',2,'2019-05-01',0xd993c5617486296f1b99d04de31633332b8ba1a550038e23860f9dbf0b2fcf95,'Initial ID','org.osaaf.people',53344);
+INSERT INTO role(ns, name, perms, description)
+ VALUES('org.onap.portal','governor',{'org.onap.portal.access|*|read'},'Portal Governor');
+INSERT INTO user_role(user,role,expires,ns,rname)
+ VALUES ('gv0001@people.osaaf.org','org.onap.portal.governor','2018-10-31','org.onap.portal','governor');
+
diff --git a/auth/sample/data/identities.dat b/auth/sample/data/identities.dat
index dd4dbb1d..3c40e500 100644
--- a/auth/sample/data/identities.dat
+++ b/auth/sample/data/identities.dat
@@ -40,3 +40,12 @@ sunilu|Sunil Unnava|Sunil|Unnava|6094541858|sunil.unnava@att.com|e|ramkoya
dmaapmr|DMaap Message Router|DMaap MR|Message Router||su622b@att.com|a|sunilu
oof|OOF|OOF|OOF||sarat@research.att.com|a|saratp
saratp|Sarat Puthenpura|Sarat|Puthenpura|9089012067|sarat@research.att.com|e|clefevre
+# ONAP default Users
+demo|PORTAL DEMO|PORTAL|DEMO|||e|jonathan
+jh0003|PORTAL ADMIN|PORTAL|ADMIN|||e|jonathan
+cs0008|PORTAL DESIGNER|PORTAL|DESIGNER|||e|jonathan
+jm0007|PORTAL TESTER|PORTAL|TESTER|||e|jonathan
+op0001|PORTAL OPS|PORTAL|OPS|||e|jonathan
+gv0001|PORTAL GOVERNOR|PORTAL|GOVERNOR|||e|jonathan
+
+
diff --git a/cadi/aaf/src/main/java/org/onap/aaf/cadi/aaf/v2_0/AAFLurPerm.java b/cadi/aaf/src/main/java/org/onap/aaf/cadi/aaf/v2_0/AAFLurPerm.java
index 41f237d6..84d23655 100644
--- a/cadi/aaf/src/main/java/org/onap/aaf/cadi/aaf/v2_0/AAFLurPerm.java
+++ b/cadi/aaf/src/main/java/org/onap/aaf/cadi/aaf/v2_0/AAFLurPerm.java
@@ -59,6 +59,8 @@ import aaf.v2_0.Perms;
*
*/
public class AAFLurPerm extends AbsAAFLur<AAFPermission> {
+ private static final String ORG_OSAAF_CADI_OAUTH_O_AUTH2_LUR = "org.osaaf.cadi.oauth.OAuth2Lur";
+
/**
* Need to be able to transmutate a Principal into either ATTUID or MechID, which are the only ones accepted at this
* point by AAF. There is no "domain", aka, no "@att.com" in "ab1234@att.com".
@@ -90,7 +92,7 @@ public class AAFLurPerm extends AbsAAFLur<AAFPermission> {
Constructor<?> tmconst = tmcls.getConstructor(AAFCon.class,String.class);
Object tokMangr = tmconst.newInstance(con,oauth2_url);
@SuppressWarnings("unchecked")
- Class<Lur> oa2cls = (Class<Lur>)Config.loadClass(access,"org.osaaf.cadi.oauth.OAuth2Lur");
+ Class<Lur> oa2cls = (Class<Lur>)Config.loadClass(access,ORG_OSAAF_CADI_OAUTH_O_AUTH2_LUR);
Constructor<Lur> oa2const = oa2cls.getConstructor(tmcls);
Lur oa2 = oa2const.newInstance(tokMangr);
setPreemptiveLur(oa2);
diff --git a/cadi/core/src/main/java/org/onap/aaf/cadi/config/Config.java b/cadi/core/src/main/java/org/onap/aaf/cadi/config/Config.java
index c4634cf4..8525ac59 100644
--- a/cadi/core/src/main/java/org/onap/aaf/cadi/config/Config.java
+++ b/cadi/core/src/main/java/org/onap/aaf/cadi/config/Config.java
@@ -65,6 +65,7 @@ import org.onap.aaf.cadi.taf.dos.DenialOfServiceTaf;
*/
public class Config {
+
public static final String UTF_8 = "UTF-8";
// Property Names associated with configurations.
@@ -142,14 +143,20 @@ public class Config {
public static final String AAF_APPPASS = "aaf_password";
public static final String AAF_LUR_CLASS = "aaf_lur_class";
public static final String AAF_TAF_CLASS = "aaf_taf_class";
- public static final String AAF_TAF_CLASS_DEF = "org.onap.aaf.cadi.aaf.v2_0.AAFTaf";
public static final String AAF_CONNECTOR_CLASS = "aaf_connector_class";
public static final String AAF_LOCATOR_CLASS = "aaf_locator_class";
public static final String AAF_CONN_TIMEOUT = "aaf_conn_timeout";
public static final String AAF_CONN_TIMEOUT_DEF = "3000";
public static final String AAF_CONN_IDLE_TIMEOUT = "aaf_conn_idle_timeout"; // only for Direct Jetty Access.
public static final String AAF_CONN_IDLE_TIMEOUT_DEF = "10000"; // only for Direct Jetty Access.
-
+
+ // Default Classes: These are for Class loading to avoid direct compile links
+ public static final String AAF_TAF_CLASS_DEF = "org.onap.aaf.cadi.aaf.v2_0.AAFTaf";
+ public static final String AAF_LOCATOR_CLASS_DEF = "org.onap.aaf.cadi.aaf.v2_0.AAFLocator";
+ public static final String CADI_OLUR_CLASS_DEF = "org.onap.aaf.cadi.olur.OLur";
+ public static final String CADI_OBASIC_HTTP_TAF_DEF = "org.onap.aaf.cadi.obasic.OBasicHttpTaf";
+ public static final String CADI_AAF_CON_DEF = "org.onap.aaf.cadi.aaf.v2_0.AAFCon";
+
public static final String AAF_CALL_TIMEOUT = "aaf_timeout";
public static final String AAF_CALL_TIMEOUT_DEF = "5000";
public static final String AAF_USER_EXPIRES = "aaf_user_expires";
@@ -223,7 +230,7 @@ public class Config {
/////////////////////////////////////////////////////
// Setup AAFCon for any following
/////////////////////////////////////////////////////
- Class<?> aafConClass = loadClass(access,"org.onap.aaf.cadi.aaf.v2_0.AAFCon");
+ Class<?> aafConClass = loadClass(access,CADI_AAF_CON_DEF);
Object aafcon = null;
if(con!=null && aafConClass!=null && aafConClass.isAssignableFrom(con.getClass())) {
aafcon = con;
@@ -312,7 +319,7 @@ public class Config {
if(!hasOAuthDirectTAF) {
if(basic_realm!=null) {
@SuppressWarnings("unchecked")
- Class<HttpTaf> obasicCls = (Class<HttpTaf>)loadClass(access,"org.osaaf.cadi.obasic.OBasicHttpTaf");
+ Class<HttpTaf> obasicCls = (Class<HttpTaf>)loadClass(access,CADI_OBASIC_HTTP_TAF_DEF);
if(obasicCls!=null) {
try {
String tokenurl = logProp(access,Config.AAF_OAUTH2_TOKEN_URL, null);
@@ -516,7 +523,7 @@ public class Config {
String introspect_url = logProp(access,AAF_OAUTH2_INTROSPECT_URL, null);
if(token_url!=null && introspect_url !=null) {
try {
- Class<?> olurCls = loadClass(access, "org.osaaf.cadi.olur.OLur");
+ Class<?> olurCls = loadClass(access, CADI_OLUR_CLASS_DEF);
if(olurCls!=null) {
Constructor<?> olurCnst = olurCls.getConstructor(PropAccess.class,String.class,String.class);
Lur olur = (Lur)olurCnst.newInstance(access,token_url,introspect_url);
@@ -713,7 +720,7 @@ public class Config {
}
try {
- Class<?> lcls = loadClass(access,"org.onap.aaf.cadi.aaf.v2_0.AAFLocator");
+ Class<?> lcls = loadClass(access,AAF_LOCATOR_CLASS_DEF);
if(lcls==null) {
throw new CadiException("Need to include aaf-cadi-aaf jar for AAFLocator");
}