summaryrefslogtreecommitdiffstats
path: root/auth/auth-deforg
diff options
context:
space:
mode:
authorInstrumental <jonathan.gathman@att.com>2019-02-15 19:40:04 -0600
committerInstrumental <jonathan.gathman@att.com>2019-02-15 20:04:29 -0600
commit628b7105ce4d9818aac69a082e515f9275fd46fd (patch)
tree3f1e073e6973efd06f950a70a12499976027eae4 /auth/auth-deforg
parent4b6435c97dc1e05ee6a1e06190e3c431f9d1a8fe (diff)
Batch work and client
Issue-ID: AAF-740 Change-Id: I16da4f2a87ec5d19590f0af642b91f9e2e02b246 Signed-off-by: Instrumental <jonathan.gathman@att.com>
Diffstat (limited to 'auth/auth-deforg')
-rw-r--r--auth/auth-deforg/src/main/java/org/onap/aaf/org/DefaultOrg.java14
1 files changed, 13 insertions, 1 deletions
diff --git a/auth/auth-deforg/src/main/java/org/onap/aaf/org/DefaultOrg.java b/auth/auth-deforg/src/main/java/org/onap/aaf/org/DefaultOrg.java
index f1932a26..107141bc 100644
--- a/auth/auth-deforg/src/main/java/org/onap/aaf/org/DefaultOrg.java
+++ b/auth/auth-deforg/src/main/java/org/onap/aaf/org/DefaultOrg.java
@@ -37,6 +37,7 @@ import org.onap.aaf.auth.org.Executor;
import org.onap.aaf.auth.org.Mailer;
import org.onap.aaf.auth.org.Organization;
import org.onap.aaf.auth.org.OrganizationException;
+import org.onap.aaf.cadi.config.Config;
import org.onap.aaf.cadi.util.FQI;
import org.onap.aaf.misc.env.Env;
@@ -46,11 +47,14 @@ public class DefaultOrg implements Organization {
final String domain;
final String atDomain;
final String realm;
+
+ private final String root_ns;
private final String NAME;
private final Set<String> supportedRealms;
+
public DefaultOrg(Env env, String realm) throws OrganizationException {
this.realm = realm;
@@ -59,6 +63,7 @@ public class DefaultOrg implements Organization {
domain=FQI.reverseDomain(realm);
atDomain = '@'+domain;
NAME=env.getProperty(realm + ".name","Default Organization");
+ root_ns = env.getProperty(Config.AAF_ROOT_NS,Config.AAF_ROOT_NS_DEF);
try {
String defFile;
@@ -492,6 +497,7 @@ public class DefaultOrg implements Organization {
@Override
public String validate(AuthzTrans trans, Policy policy, Executor executor, String... vars) throws OrganizationException {
+ String user;
switch(policy) {
case OWNS_MECHID:
case CREATE_MECHID:
@@ -517,6 +523,12 @@ public class DefaultOrg implements Organization {
case CREATE_MECHID_BY_PERM_ONLY:
return getName() + " only allows sponsors to create MechIDs";
+ case MAY_EXTEND_CRED_EXPIRES:
+ // If parm, use it, otherwise, trans
+ user = vars.length>1?vars[1]:trans.user();
+ return executor.hasPermission(user, root_ns,"password", root_ns , "extend")
+ ?null:user + " does not have permission to extend passwords at " + getName();
+
default:
return policy.name() + " is unsupported at " + getName();
}
@@ -592,7 +604,7 @@ public class DefaultOrg implements Organization {
}
}
- return mailer.sendEmail(trans,dryRun,to,cc,subject,body,urgent)?0:1;
+ return mailer.sendEmail(trans,dryRun?"DefaultOrg":null,to,cc,subject,body,urgent)?0:1;
} else {
return 0;
}