diff options
author | Instrumental <jonathan.gathman@att.com> | 2018-07-02 21:41:55 -0500 |
---|---|---|
committer | Instrumental <jonathan.gathman@att.com> | 2018-07-02 21:42:28 -0500 |
commit | ca76fbda94492f1b0c895ff0f4070381f17472f0 (patch) | |
tree | 8180941d2fdc474c282ac5272e014c2f45b7da48 /auth/auth-certman | |
parent | c060284812fbbc18fcf22eb628c47c251505fe50 (diff) |
Add ability for BAuth by domain
Issue-ID: AAF-361
Change-Id: I6f437ffcfef5555f44acfb32fd6020f86f8cf403
Signed-off-by: Instrumental <jonathan.gathman@att.com>
Diffstat (limited to 'auth/auth-certman')
-rw-r--r-- | auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/service/CMService.java | 29 |
1 files changed, 18 insertions, 11 deletions
diff --git a/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/service/CMService.java b/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/service/CMService.java index 8d39f540..ea65659a 100644 --- a/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/service/CMService.java +++ b/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/service/CMService.java @@ -426,17 +426,24 @@ public class CMService { } // Policy 2: MechID must have valid Organization Owner - Identity ouser = muser.responsibleTo(); - if(ouser == null) { - return Result.err(Result.ERR_Denied,"%s is not a valid Sponsor for %s at %s", - trans.user(),add.mechid,trans.org().getName()); + Identity emailUser; + if(muser.isPerson()) { + emailUser = muser; + } else { + Identity ouser = muser.responsibleTo(); + if(ouser == null) { + return Result.err(Result.ERR_Denied,"%s is not a valid Sponsor for %s at %s", + trans.user(),add.mechid,trans.org().getName()); + } + + // Policy 3: Calling ID must be MechID Owner + if(!trans.user().equals(ouser.fullID())) { + return Result.err(Result.ERR_Denied,"%s is not the Sponsor for %s at %s", + trans.user(),add.mechid,trans.org().getName()); + } + emailUser = ouser; } - // Policy 3: Calling ID must be MechID Owner - if(!trans.user().equals(ouser.fullID())) { - return Result.err(Result.ERR_Denied,"%s is not the Sponsor for %s at %s", - trans.user(),add.mechid,trans.org().getName()); - } // Policy 4: Renewal Days are between 10 and 60 (constants, may be parameterized) if(add.renewDays<MIN_RENEWAL) { @@ -447,7 +454,7 @@ public class CMService { // Policy 5: If Notify is blank, set to Owner's Email if(add.notify==null || add.notify.length()==0) { - add.notify = "mailto:"+ouser.email(); + add.notify = "mailto:"+emailUser.email(); } // Policy 6: Only do Domain by Exception @@ -462,7 +469,7 @@ public class CMService { } // Set Sponsor from Golden Source - add.sponsor = ouser.fullID(); + add.sponsor = emailUser.fullID(); } catch (OrganizationException e) { |