summaryrefslogtreecommitdiffstats
path: root/auth/auth-cass/src/main
diff options
context:
space:
mode:
authorGathman, Jonathan (jg1555) <jg1555@us.att.com>2019-07-08 17:57:32 -0500
committerInstrumental <jonathan.gathman@att.com>2019-07-08 18:10:56 -0500
commitd0d6604a0371457d84eceb56d9fff668e865253f (patch)
tree2cbf621ecb07e653006d50a1ffd1e5fe9d2310f9 /auth/auth-cass/src/main
parente1293ae0c53791a2189e372048e4dd4023a4b0f3 (diff)
Cred delete fixes
Issue-ID: AAF-857 Change-Id: I5e590eec0e18a17bb9f89d7f704c86fca3f377de Signed-off-by: Gathman, Jonathan (jg1555) <jg1555@us.att.com>
Diffstat (limited to 'auth/auth-cass/src/main')
-rw-r--r--auth/auth-cass/src/main/java/org/onap/aaf/auth/dao/cass/CredDAO.java3
-rw-r--r--auth/auth-cass/src/main/java/org/onap/aaf/auth/dao/hl/PermLookup.java26
-rw-r--r--auth/auth-cass/src/main/java/org/onap/aaf/auth/dao/hl/Question.java1
3 files changed, 26 insertions, 4 deletions
diff --git a/auth/auth-cass/src/main/java/org/onap/aaf/auth/dao/cass/CredDAO.java b/auth/auth-cass/src/main/java/org/onap/aaf/auth/dao/cass/CredDAO.java
index 868f9ac2..37501967 100644
--- a/auth/auth-cass/src/main/java/org/onap/aaf/auth/dao/cass/CredDAO.java
+++ b/auth/auth-cass/src/main/java/org/onap/aaf/auth/dao/cass/CredDAO.java
@@ -53,7 +53,8 @@ public class CredDAO extends CassDAOImpl<AuthzTrans,CredDAO.Data> {
public static final String TABLE = "cred";
public static final int CACHE_SEG = 0x40; // yields segment 0x0-0x3F
public static final int RAW = -1;
- public static final int FQI = 0;
+ public static final int NONE = 0;
+ public static final int FQI = 10;
public static final int BASIC_AUTH = 1;
public static final int BASIC_AUTH_SHA256 = 2;
public static final int CERT_SHA256_RSA =200;
diff --git a/auth/auth-cass/src/main/java/org/onap/aaf/auth/dao/hl/PermLookup.java b/auth/auth-cass/src/main/java/org/onap/aaf/auth/dao/hl/PermLookup.java
index 8d15c958..b0680621 100644
--- a/auth/auth-cass/src/main/java/org/onap/aaf/auth/dao/hl/PermLookup.java
+++ b/auth/auth-cass/src/main/java/org/onap/aaf/auth/dao/hl/PermLookup.java
@@ -27,6 +27,7 @@ import java.util.HashMap;
import java.util.List;
import java.util.Map;
import java.util.Set;
+import java.util.TreeMap;
import java.util.TreeSet;
import org.onap.aaf.auth.dao.cass.PermDAO;
@@ -44,7 +45,7 @@ import org.onap.aaf.auth.layer.Result;
*
*/
// Package on purpose
-class PermLookup {
+public class PermLookup {
private AuthzTrans trans;
private String user;
private Question q;
@@ -55,7 +56,7 @@ class PermLookup {
private PermLookup() {}
- static PermLookup get(AuthzTrans trans, Question q, String user) {
+ public static PermLookup get(AuthzTrans trans, Question q, String user) {
PermLookup lp=null;
Map<String, PermLookup> permMap = trans.get(Question.PERMS, null);
if (permMap == null) {
@@ -152,13 +153,32 @@ class PermLookup {
List<PermDAO.Data> lpdd = new ArrayList<>();
for (String perm : rss.value) {
if (lookup) {
+ Map<String,PermDAO.Data> mspdd = new TreeMap<>();
Result<String[]> ap = PermDAO.Data.decodeToArray(trans, q, perm);
if (ap.isOK()) {
Result<List<PermDAO.Data>> rlpd = q.permDAO().read(perm,trans,ap.value);
if (rlpd.isOKhasData()) {
for (PermDAO.Data pData : rlpd.value) {
- lpdd.add(pData);
+ // ONLY add perms/roles which are related to this lookup
+ for(String pdr : pData.roles(false)) {
+ for(RoleDAO.Data r : roles.value) {
+ if(pdr.equals(r.encode())) {
+ PermDAO.Data pdd = mspdd.get(pData.fullPerm());
+ if(pdd==null) {
+ pdd = new PermDAO.Data();
+ pdd.ns = pData.ns;
+ pdd.type = pData.type;
+ pdd.instance = pData.instance;
+ pdd.action = pData.action;
+ pdd.description = pData.description;
+ lpdd.add(pdd);
+ }
+ pdd.roles(true).add(pdr);
+ break;
+ }
+ }
+ }
}
}
} else {
diff --git a/auth/auth-cass/src/main/java/org/onap/aaf/auth/dao/hl/Question.java b/auth/auth-cass/src/main/java/org/onap/aaf/auth/dao/hl/Question.java
index ae6f371b..3abad1a5 100644
--- a/auth/auth-cass/src/main/java/org/onap/aaf/auth/dao/hl/Question.java
+++ b/auth/auth-cass/src/main/java/org/onap/aaf/auth/dao/hl/Question.java
@@ -974,6 +974,7 @@ public class Question {
return Result.ok(Hash.compareTo(orig.cred.array(),Hash.hashSHA256(bb.array()))==0);
case CredDAO.BASIC_AUTH:
return Result.ok( Hash.compareTo(orig.cred.array(), Hash.hashMD5(raw))==0);
+ case CredDAO.FQI:
default:
return Result.ok(false);
}