Support Multiple Realms for DefaultOrg

Issue-ID: AAF-254 Change-Id: I89a9b1ceaa304861debd4c7dd21879e0b1fc902a Signed-off-by: Instrumental <jcgmisc@stl.gathman.org>
author: Instrumental <jcgmisc@stl.gathman.org> 2018-04-18 10:52:42 -0500
committer: Instrumental <jcgmisc@stl.gathman.org> 2018-04-18 10:52:52 -0500
commit: 087706284431e63ea77b934859a47beeb59e4592 (patch)
tree: f96525f12d0a243f35739d6b909ae892068945bf /auth
parent: 3c0e04b9064ff069f5e594a5023c2f18ba487e80 (diff)
7 files changed, 67 insertions, 16 deletions
diff --git a/auth/auth-cass/docker/backup/backup.sh b/auth/auth-cass/docker/backup/backup.sh
index db59d16e..1359d3de 100644
--- a/auth/auth-cass/docker/backup/backup.sh
+++ b/auth/auth-cass/docker/backup/backup.sh
@@ -1,28 +1,32 @@
 # BEGIN Store prev
-if [ -e "6day" ]; then
-   rm -Rf 6day
+BD=/opt/app/osaaf/backup
+if [ -e "$BD/6day" ]; then
+   rm -Rf $BD/6day
 fi
 
-PREV=6day
-for D in 5day 4day 3day 2day yesterday; do
+PREV=$BD/6day
+for D in $BD/5day $BD/4day $BD/3day $BD/2day $BD/yesterday; do
    if [ -e "$D" ]; then
       mv "$D" "$PREV"
    fi
    PREV="$D"
 done
 
-if [ -e "today" ]; then
-    mv today yesterday
-    gzip yesterday/*
+if [ -e "$BD/today" ]; then
+    if [ -e "$BD/backup.log" ]; then
+	mv $BD/backup.log $BD/today
+    fi
+    gzip $BD/today/*
+    mv $BD/today $BD/yesterday
 fi
 
+mkdir $BD/today
+
 # END Store prev
 date
 docker exec -t aaf_cass bash -c "mkdir -p /opt/app/cass_backup"
-docker container cp cbackup.sh aaf_cass:/opt/app/cass_backup/backup.sh
+docker container cp $BD/cbackup.sh aaf_cass:/opt/app/cass_backup/backup.sh
 # echo "login as Root, then run \nbash /opt/app/cass_backup/backup.sh"
 docker exec -t aaf_cass bash /opt/app/cass_backup/backup.sh
-mkdir today
-docker container cp aaf_cass:/opt/app/cass_backup/. today
-
+docker container cp aaf_cass:/opt/app/cass_backup/. $BD/today
 date
diff --git a/auth/auth-cass/src/main/java/org/onap/aaf/auth/dao/hl/Function.java b/auth/auth-cass/src/main/java/org/onap/aaf/auth/dao/hl/Function.java
index 1f679075..b7b17c90 100644
--- a/auth/auth-cass/src/main/java/org/onap/aaf/auth/dao/hl/Function.java
+++ b/auth/auth-cass/src/main/java/org/onap/aaf/auth/dao/hl/Function.java
@@ -40,23 +40,23 @@ import org.onap.aaf.auth.dao.cass.DelegateDAO;
 import org.onap.aaf.auth.dao.cass.FutureDAO;
 import org.onap.aaf.auth.dao.cass.Namespace;
 import org.onap.aaf.auth.dao.cass.NsDAO;
+import org.onap.aaf.auth.dao.cass.NsDAO.Data;
 import org.onap.aaf.auth.dao.cass.NsSplit;
 import org.onap.aaf.auth.dao.cass.NsType;
 import org.onap.aaf.auth.dao.cass.PermDAO;
 import org.onap.aaf.auth.dao.cass.RoleDAO;
 import org.onap.aaf.auth.dao.cass.Status;
 import org.onap.aaf.auth.dao.cass.UserRoleDAO;
-import org.onap.aaf.auth.dao.cass.NsDAO.Data;
 import org.onap.aaf.auth.dao.hl.Question.Access;
 import org.onap.aaf.auth.env.AuthzTrans;
 import org.onap.aaf.auth.env.AuthzTrans.REQD_TYPE;
 import org.onap.aaf.auth.layer.Result;
 import org.onap.aaf.auth.org.Executor;
 import org.onap.aaf.auth.org.Organization;
-import org.onap.aaf.auth.org.OrganizationException;
 import org.onap.aaf.auth.org.Organization.Expiration;
 import org.onap.aaf.auth.org.Organization.Identity;
 import org.onap.aaf.auth.org.Organization.Policy;
+import org.onap.aaf.auth.org.OrganizationException;
 
 public class Function {
 
@@ -735,7 +735,7 @@ public class Function {
 
 	private Result<Void> checkValidID(AuthzTrans trans, Date now, String user) {
 		Organization org = trans.org();
-		if (user.endsWith(org.getRealm())) {
+		if (org.supportsRealm(user)) {
 			try {
 				if (org.getIdentity(trans, user) == null) {
 					return Result.err(Status.ERR_Denied,
diff --git a/auth/auth-core/src/main/java/org/onap/aaf/auth/org/Organization.java b/auth/auth-core/src/main/java/org/onap/aaf/auth/org/Organization.java
index 6d7a3586..8476e06c 100644
--- a/auth/auth-core/src/main/java/org/onap/aaf/auth/org/Organization.java
+++ b/auth/auth-core/src/main/java/org/onap/aaf/auth/org/Organization.java
@@ -78,6 +78,12 @@ public interface Organization {
 	 * @return
 	 */
 	public String getRealm();
+	
+	public boolean supportsRealm(String user);
+
+	public void addSupportedRealm(String r);
+
+
 
 	String getDomain();
 
@@ -373,6 +379,15 @@ public interface Organization {
 		}
 	
 		@Override
+		public boolean supportsRealm(String r) {
+			return false;
+		}
+
+		@Override
+		public void addSupportedRealm(String r) {
+		}
+
+		@Override
 		public String getDomain() {
 			return N_A;
 		}
diff --git a/auth/auth-core/src/main/java/org/onap/aaf/auth/org/OrganizationFactory.java b/auth/auth-core/src/main/java/org/onap/aaf/auth/org/OrganizationFactory.java
index 843e2682..57d37d0b 100644
--- a/auth/auth-core/src/main/java/org/onap/aaf/auth/org/OrganizationFactory.java
+++ b/auth/auth-core/src/main/java/org/onap/aaf/auth/org/OrganizationFactory.java
@@ -29,6 +29,7 @@ import java.util.concurrent.ConcurrentHashMap;
 
 import org.onap.aaf.auth.env.AuthzTrans;
 import org.onap.aaf.cadi.util.FQI;
+import org.onap.aaf.cadi.util.Split;
 import org.onap.aaf.misc.env.Env;
 import org.onap.aaf.misc.env.impl.BasicEnv;
 
@@ -98,6 +99,13 @@ public class OrganizationFactory {
 						Class<Organization> cls = (Class<Organization>) Class.forName(orgClass);
 						Constructor<Organization> cnst = cls.getConstructor(Env.class,String.class);
 						org = cnst.newInstance(env,orgNS);
+						String other_realms = env.getProperty(orgNS+".also_supports");
+						if(other_realms!=null) {
+							for(String r : Split.splitTrim(',', other_realms)) {
+								org.addSupportedRealm(r);
+							}
+						}
+						
 					} catch (ClassNotFoundException | NoSuchMethodException | SecurityException | 
 							InstantiationException | IllegalAccessException | IllegalArgumentException | 
 							InvocationTargetException e) {
diff --git a/auth/auth-deforg/src/main/java/org/onap/aaf/org/DefaultOrg.java b/auth/auth-deforg/src/main/java/org/onap/aaf/org/DefaultOrg.java
index 5674e247..935f99bf 100644
--- a/auth/auth-deforg/src/main/java/org/onap/aaf/org/DefaultOrg.java
+++ b/auth/auth-deforg/src/main/java/org/onap/aaf/org/DefaultOrg.java
@@ -56,9 +56,12 @@ public class DefaultOrg implements Organization {
 	final String realm;
 	
 	private final String NAME,mailHost,mailFrom;
+	private final Set<String> supportedRealms;
 
 	public DefaultOrg(Env env, String realm) throws OrganizationException {
 		this.realm = realm;
+		supportedRealms=new HashSet<String>();
+		supportedRealms.add(realm);
 		domain=FQI.reverseDomain(realm);
 		atDomain = '@'+domain;
 		String s;
@@ -668,5 +671,21 @@ public class DefaultOrg implements Organization {
         return addressArray;
 	}
 
-			
+	private String extractRealm(final String r) {
+		int at;
+		if((at=r.indexOf('@'))>=0) {
+			return FQI.reverseDomain(r.substring(at+1));
+		}
+		return r;
+	}
+	@Override
+	public boolean supportsRealm(final String r) {
+		return supportedRealms.contains(extractRealm(r)) || r.endsWith(realm);
 	}
+
+	@Override
+	public synchronized void addSupportedRealm(final String r) {
+		supportedRealms.add(extractRealm(r));
+	}
+			
+}
diff --git a/auth/auth-deforg/src/test/java/org/onap/aaf/org/test/JU_DefaultOrg.java b/auth/auth-deforg/src/test/java/org/onap/aaf/org/test/JU_DefaultOrg.java
index e6f058a4..d4606284 100644
--- a/auth/auth-deforg/src/test/java/org/onap/aaf/org/test/JU_DefaultOrg.java
+++ b/auth/auth-deforg/src/test/java/org/onap/aaf/org/test/JU_DefaultOrg.java
@@ -109,6 +109,11 @@ public class JU_DefaultOrg {
 		assertTrue(realmTest == REALM);
 	}
 
+	public void supportsRealm() {
+		String otherRealm = "org.ossaf.something";
+		defaultOrg.addSupportedRealm(otherRealm);
+		assertTrue(defaultOrg.supportsRealm(otherRealm));
+	}
 	//@Test   
 	public void testGetName() throws OrganizationException{
 		String testName = defaultOrg.getName();
diff --git a/auth/auth-service/src/main/java/org/onap/aaf/auth/service/validation/ServiceValidator.java b/auth/auth-service/src/main/java/org/onap/aaf/auth/service/validation/ServiceValidator.java
index 446bf46d..a6bbbb0b 100644
--- a/auth/auth-service/src/main/java/org/onap/aaf/auth/service/validation/ServiceValidator.java
+++ b/auth/auth-service/src/main/java/org/onap/aaf/auth/service/validation/ServiceValidator.java
@@ -153,7 +153,7 @@ public class ServiceValidator extends Validator {
 				str = str.substring(0,idx);
 			}
 			
-			if(cd.id.endsWith(org.getRealm())) {
+			if(org.supportsRealm(cd.id)) {
 				if(isNew && (str=org.isValidID(trans, str)).length()>0) {
 					msg(cd.id,str);
 				}
author	Instrumental <jcgmisc@stl.gathman.org>	2018-04-18 10:52:42 -0500
committer	Instrumental <jcgmisc@stl.gathman.org>	2018-04-18 10:52:52 -0500
commit	087706284431e63ea77b934859a47beeb59e4592 (patch)
tree	f96525f12d0a243f35739d6b909ae892068945bf /auth
parent	3c0e04b9064ff069f5e594a5023c2f18ba487e80 (diff)