summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--auth/auth-cass/src/main/java/org/onap/aaf/auth/dao/cass/PermDAO.java9
-rw-r--r--auth/auth-cass/src/main/java/org/onap/aaf/auth/dao/hl/Function.java4
-rw-r--r--auth/auth-cass/src/main/java/org/onap/aaf/auth/dao/hl/Question.java2
-rw-r--r--auth/auth-cass/src/main/java/org/onap/aaf/auth/direct/DirectAAFUserPass.java2
-rw-r--r--auth/auth-cass/src/test/java/org/onap/aaf/auth/dao/aaf/test/AbsJUCass.java3
-rw-r--r--auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/AAF_CM.java7
-rw-r--r--auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/service/CMService.java3
-rw-r--r--auth/auth-certman/src/test/java/org/onap/aaf/auth/cm/api/JU_API_Artifact.java3
-rw-r--r--auth/auth-certman/src/test/java/org/onap/aaf/auth/cm/api/JU_API_Cert.java3
-rw-r--r--auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/Help.java2
-rw-r--r--auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/Version.java9
-rw-r--r--auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/ns/ListUsersContact.java2
-rw-r--r--auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/ns/ListUsersInRole.java2
-rw-r--r--auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/perm/Delete.java8
-rw-r--r--auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/perm/ListByUser.java4
-rw-r--r--auth/auth-core/src/main/java/org/onap/aaf/auth/env/AuthzTrans.java8
-rw-r--r--auth/auth-core/src/main/java/org/onap/aaf/auth/env/AuthzTransFilter.java9
-rw-r--r--auth/auth-core/src/main/java/org/onap/aaf/auth/env/AuthzTransImpl.java24
-rw-r--r--auth/auth-core/src/main/java/org/onap/aaf/auth/env/AuthzTransOnlyFilter.java11
-rw-r--r--auth/auth-core/src/main/java/org/onap/aaf/auth/env/NullTrans.java12
-rw-r--r--auth/auth-core/src/main/java/org/onap/aaf/auth/rserv/TransFilter.java8
-rw-r--r--auth/auth-core/src/main/java/org/onap/aaf/auth/rserv/TransOnlyFilter.java11
-rw-r--r--auth/auth-core/src/main/java/org/onap/aaf/auth/server/AbsServiceStarter.java18
-rw-r--r--auth/auth-core/src/main/java/org/onap/aaf/auth/server/JettyServiceStarter.java16
-rw-r--r--auth/auth-core/src/test/java/org/onap/aaf/auth/env/test/JU_AuthzTransImpl.java7
-rw-r--r--auth/auth-core/src/test/java/org/onap/aaf/auth/env/test/JU_AuthzTransOnlyFilter.java5
-rw-r--r--auth/auth-core/src/test/java/org/onap/aaf/auth/env/test/JU_NullTrans.java4
-rw-r--r--auth/auth-core/src/test/java/org/onap/aaf/auth/server/test/JU_AbsServiceStarter.java6
-rw-r--r--auth/auth-fs/src/main/java/org/onap/aaf/auth/fs/AAF_FS.java11
-rw-r--r--auth/auth-gui/src/main/java/org/onap/aaf/auth/cui/CUI.java12
-rw-r--r--auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/AAF_GUI.java41
-rw-r--r--auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/Page.java131
-rw-r--r--auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/pages/CMArtiChangeAction.java54
-rw-r--r--auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/pages/CredDetail.java5
-rw-r--r--auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/pages/CredHistory.java224
-rw-r--r--auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/pages/Home.java3
-rw-r--r--auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/pages/NsDetail.java2
-rw-r--r--auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/pages/NsHistory.java5
-rw-r--r--auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/pages/PendingRequestsShow.java3
-rw-r--r--auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/pages/PermDetail.java2
-rw-r--r--auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/pages/PermHistory.java9
-rw-r--r--auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/pages/RoleDetail.java2
-rw-r--r--auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/pages/RoleHistory.java10
-rw-r--r--auth/auth-gui/theme/onap/aaf5.css2
-rw-r--r--auth/auth-gui/theme/onap/console.js4
-rw-r--r--auth/auth-hello/src/main/java/org/onap/aaf/auth/hello/AAF_Hello.java10
-rw-r--r--auth/auth-locate/src/main/java/org/onap/aaf/auth/locate/AAF_Locate.java10
-rw-r--r--auth/auth-locate/src/main/java/org/onap/aaf/auth/locate/service/LocateServiceImpl.java60
-rw-r--r--auth/auth-oauth/src/main/java/org/onap/aaf/auth/oauth/AAF_OAuth.java10
-rw-r--r--auth/auth-service/src/main/java/org/onap/aaf/auth/service/AAF_Service.java10
-rw-r--r--auth/auth-service/src/main/java/org/onap/aaf/auth/service/AuthzCassServiceImpl.java28
-rw-r--r--auth/auth-service/src/main/java/org/onap/aaf/auth/service/AuthzService.java13
-rw-r--r--auth/auth-service/src/main/java/org/onap/aaf/auth/service/api/API_History.java27
-rw-r--r--auth/auth-service/src/main/java/org/onap/aaf/auth/service/facade/AuthzFacade.java10
-rw-r--r--auth/auth-service/src/main/java/org/onap/aaf/auth/service/facade/AuthzFacadeImpl.java45
-rw-r--r--auth/helm/aaf-hello/aaf.sh2
-rw-r--r--auth/helm/aaf-hello/values.yaml2
-rw-r--r--auth/sample/cass_data/config.dat21
-rw-r--r--cadi/aaf/src/main/java/org/onap/aaf/cadi/aaf/AAFPermission.java3
-rw-r--r--cadi/aaf/src/main/java/org/onap/aaf/cadi/register/RegistrationCreator.java49
60 files changed, 764 insertions, 258 deletions
diff --git a/auth/auth-cass/src/main/java/org/onap/aaf/auth/dao/cass/PermDAO.java b/auth/auth-cass/src/main/java/org/onap/aaf/auth/dao/cass/PermDAO.java
index 3b77a577..0033f8a1 100644
--- a/auth/auth-cass/src/main/java/org/onap/aaf/auth/dao/cass/PermDAO.java
+++ b/auth/auth-cass/src/main/java/org/onap/aaf/auth/dao/cass/PermDAO.java
@@ -105,8 +105,13 @@ public class PermDAO extends CassDAOImpl<AuthzTrans,PermDAO.Data> {
}
public String fullPerm() {
- StringBuilder sb = new StringBuilder(ns);
- sb.append(ns.indexOf('@')<0?'.':':');
+ StringBuilder sb = new StringBuilder();
+ if(ns==null) {
+ sb.append("null.");
+ } else {
+ sb.append(ns);
+ sb.append(ns.indexOf('@')<0?'.':':');
+ }
sb.append(type);
sb.append('|');
sb.append(instance);
diff --git a/auth/auth-cass/src/main/java/org/onap/aaf/auth/dao/hl/Function.java b/auth/auth-cass/src/main/java/org/onap/aaf/auth/dao/hl/Function.java
index 690ffa08..3fde5123 100644
--- a/auth/auth-cass/src/main/java/org/onap/aaf/auth/dao/hl/Function.java
+++ b/auth/auth-cass/src/main/java/org/onap/aaf/auth/dao/hl/Function.java
@@ -1055,8 +1055,8 @@ public class Function {
} else if (!fullperm.roles.isEmpty()) {
return Result
.err(Status.ERR_DependencyExists,
- "Permission [%s.%s|%s|%s] cannot be deleted as it is attached to 1 or more roles.",
- fullperm.ns, fullperm.type, fullperm.instance, fullperm.action);
+ "Permission [%s] cannot be deleted as it is attached to 1 or more roles.",
+ fullperm.fullPerm());
}
}
diff --git a/auth/auth-cass/src/main/java/org/onap/aaf/auth/dao/hl/Question.java b/auth/auth-cass/src/main/java/org/onap/aaf/auth/dao/hl/Question.java
index 7160edec..d40c2ea0 100644
--- a/auth/auth-cass/src/main/java/org/onap/aaf/auth/dao/hl/Question.java
+++ b/auth/auth-cass/src/main/java/org/onap/aaf/auth/dao/hl/Question.java
@@ -616,7 +616,7 @@ public class Question {
public Result<NsDAO.Data> mayUser(AuthzTrans trans, String user,PermDAO.Data pdd, Access access) {
if(pdd.ns.indexOf('@')>-1) {
- if(user.equals(pdd.ns)) {
+ if(user.equals(pdd.ns) || isGranted(trans,user,Define.ROOT_NS(),"access",pdd.instance,READ)) {
NsDAO.Data ndd = new NsDAO.Data();
ndd.name = user;
ndd.type = NsDAO.USER;
diff --git a/auth/auth-cass/src/main/java/org/onap/aaf/auth/direct/DirectAAFUserPass.java b/auth/auth-cass/src/main/java/org/onap/aaf/auth/direct/DirectAAFUserPass.java
index 62e1592f..3c7d873e 100644
--- a/auth/auth-cass/src/main/java/org/onap/aaf/auth/direct/DirectAAFUserPass.java
+++ b/auth/auth-cass/src/main/java/org/onap/aaf/auth/direct/DirectAAFUserPass.java
@@ -65,7 +65,7 @@ public class DirectAAFUserPass implements CredVal {
} else {
trans = env.newTransNoAvg();
if (state instanceof HttpServletRequest) {
- trans.set((HttpServletRequest)state);
+ trans.set((HttpServletRequest)state,null);
transfer=true;
}
}
diff --git a/auth/auth-cass/src/test/java/org/onap/aaf/auth/dao/aaf/test/AbsJUCass.java b/auth/auth-cass/src/test/java/org/onap/aaf/auth/dao/aaf/test/AbsJUCass.java
index dea2ccdd..bb0fcd43 100644
--- a/auth/auth-cass/src/test/java/org/onap/aaf/auth/dao/aaf/test/AbsJUCass.java
+++ b/auth/auth-cass/src/test/java/org/onap/aaf/auth/dao/aaf/test/AbsJUCass.java
@@ -104,9 +104,6 @@ public class AbsJUCass {
// Load special data here
- // WebPhone
- env.setProperty("java.naming.provider.url","ldap://ldap.webphone.att.com:389");
- env.setProperty("com.sun.jndi.ldap.connect.pool","true");
iterations = 0;
diff --git a/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/AAF_CM.java b/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/AAF_CM.java
index 3727e34d..7dea9f07 100644
--- a/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/AAF_CM.java
+++ b/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/AAF_CM.java
@@ -244,11 +244,10 @@ public class AAF_CM extends AbsService<AuthzEnv, AuthzTrans> {
try {
Log4JLogIt logIt = new Log4JLogIt(args, "cm");
PropAccess propAccess = new PropAccess(logIt,args);
-
try {
- AAF_CM service = new AAF_CM(new AuthzEnv(propAccess));
- JettyServiceStarter<AuthzEnv,AuthzTrans> jss = new JettyServiceStarter<AuthzEnv,AuthzTrans>(service);
- jss.start();
+ new JettyServiceStarter<AuthzEnv,AuthzTrans>(
+ new AAF_CM(new AuthzEnv(propAccess)),true)
+ .start();
} catch (Exception e) {
propAccess.log(e);
}
diff --git a/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/service/CMService.java b/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/service/CMService.java
index 18f062d5..1f2ee645 100644
--- a/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/service/CMService.java
+++ b/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/service/CMService.java
@@ -193,7 +193,8 @@ public class CMService {
} else if (primary == null) {
return Result.err(Result.ERR_Denied, "Request not made from matching IP (%s)", trans.ip());
} else {
- host = primary.getHostAddress();
+ String thost = primary.getHostName();
+ host = thost==null?primary.getHostAddress():thost;
}
ArtiDAO.Data add = null;
diff --git a/auth/auth-certman/src/test/java/org/onap/aaf/auth/cm/api/JU_API_Artifact.java b/auth/auth-certman/src/test/java/org/onap/aaf/auth/cm/api/JU_API_Artifact.java
index ab10e66b..4ef85aa2 100644
--- a/auth/auth-certman/src/test/java/org/onap/aaf/auth/cm/api/JU_API_Artifact.java
+++ b/auth/auth-certman/src/test/java/org/onap/aaf/auth/cm/api/JU_API_Artifact.java
@@ -59,8 +59,9 @@ public class JU_API_Artifact {
public static void setUp() {
AuthzTrans trans = mock(AuthzTrans.class);
req = mock(HttpServletRequest.class);
+ res = mock(HttpServletResponse.class);
trans.setProperty("testTag", "UserValue");
- trans.set(req);
+ trans.set(req,res);
}
@Rule
diff --git a/auth/auth-certman/src/test/java/org/onap/aaf/auth/cm/api/JU_API_Cert.java b/auth/auth-certman/src/test/java/org/onap/aaf/auth/cm/api/JU_API_Cert.java
index 49632975..674e4edf 100644
--- a/auth/auth-certman/src/test/java/org/onap/aaf/auth/cm/api/JU_API_Cert.java
+++ b/auth/auth-certman/src/test/java/org/onap/aaf/auth/cm/api/JU_API_Cert.java
@@ -59,8 +59,9 @@ public class JU_API_Cert {
public static void setUp() {
AuthzTrans trans = mock(AuthzTrans.class);
req = mock(HttpServletRequest.class);
+ res = mock(HttpServletResponse.class);
trans.setProperty("testTag", "UserValue");
- trans.set(req);
+ trans.set(req,res);
}
@Rule
diff --git a/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/Help.java b/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/Help.java
index 12cf0635..49ffb51b 100644
--- a/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/Help.java
+++ b/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/Help.java
@@ -31,7 +31,7 @@ public class Help extends Cmd {
private List<Cmd> cmds;
public Help(AAFcli aafcli, List<Cmd> cmds) {
- super(aafcli, "--help",
+ super(aafcli, "help",
new Param("-d (more details)", false),
new Param("command",false));
this.cmds = cmds;
diff --git a/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/Version.java b/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/Version.java
index 1b1b1831..d4a82d5d 100644
--- a/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/Version.java
+++ b/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/Version.java
@@ -27,17 +27,18 @@ import org.onap.aaf.cadi.config.Config;
import org.onap.aaf.misc.env.APIException;
public class Version extends Cmd {
+ private final String version;
-
- public Version(AAFcli aafcli) {
- super(aafcli, "--version");
+ public Version(AAFcli aafcli) {
+ super(aafcli, "version");
+ version = aafcli.access.getProperty(Config.AAF_DEPLOYED_VERSION, Config.AAF_DEFAULT_API_VERSION);
}
@Override
protected int _exec(int idx, String... args) throws CadiException, APIException, LocatorException {
pw().println("AAF Command Line Tool");
pw().print("Version: ");
- pw().println(Config.AAF_DEFAULT_API_VERSION);
+ pw().println(version);
return 200;
}
}
diff --git a/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/ns/ListUsersContact.java b/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/ns/ListUsersContact.java
index eadf1c97..d6eb9b30 100644
--- a/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/ns/ListUsersContact.java
+++ b/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/ns/ListUsersContact.java
@@ -117,7 +117,7 @@ public class ListUsersContact extends Cmd {
indent+=4;
detailLine(sb,indent,"Report Users associated with this Namespace's Roles");
sb.append('\n');
- detailLine(sb,indent,"If \"set details=true\" is specified, then all roles are printed ");
+ detailLine(sb,indent,"If \"details\" is specified, then all roles are printed ");
detailLine(sb,indent,"with the associated users and expiration dates");
indent-=4;
api(sb,indent,HttpMethods.GET,"authz/nss/<ns>",Nss.class,true);
diff --git a/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/ns/ListUsersInRole.java b/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/ns/ListUsersInRole.java
index c0838cb7..b33f506d 100644
--- a/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/ns/ListUsersInRole.java
+++ b/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/ns/ListUsersInRole.java
@@ -117,7 +117,7 @@ public class ListUsersInRole extends Cmd {
indent+=4;
detailLine(sb,indent,"Report Users associated with this Namespace's Roles");
sb.append('\n');
- detailLine(sb,indent,"If \"set details=true\" is specified, then all roles are printed ");
+ detailLine(sb,indent,"If \"details\" is specified, then all roles are printed ");
detailLine(sb,indent,"with the associated users and expiration dates");
indent-=4;
api(sb,indent,HttpMethods.GET,"authz/nss/<ns>",Nss.class,true);
diff --git a/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/perm/Delete.java b/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/perm/Delete.java
index 0f0c0011..3edc0e59 100644
--- a/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/perm/Delete.java
+++ b/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/perm/Delete.java
@@ -59,8 +59,12 @@ public class Delete extends Cmd {
pk.setInstance(args[idx++]);
pk.setAction(args[idx++]);
- // Set "Force" if set
- setQueryParamsOn(client);
+ if(pk.getType().contains("@")) { // User Perm deletion... Must remove from hidden role
+ client.setQueryParams("force");
+ } else {
+ // Set "Force" if set
+ setQueryParamsOn(client);
+ }
Future<PermRequest> fp = client.delete(
"/authz/perm",
getDF(PermRequest.class),
diff --git a/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/perm/ListByUser.java b/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/perm/ListByUser.java
index 325f45db..00972a18 100644
--- a/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/perm/ListByUser.java
+++ b/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/perm/ListByUser.java
@@ -57,9 +57,9 @@ public class ListByUser extends Cmd {
}
if (aafcli.isDetailed()) {
if (sb==null) {
- sb = new StringBuilder('?');
+ sb = new StringBuilder("?");
} else {
- sb.append('&');
+ sb.append("&");
}
sb.append("ns");
}
diff --git a/auth/auth-core/src/main/java/org/onap/aaf/auth/env/AuthzTrans.java b/auth/auth-core/src/main/java/org/onap/aaf/auth/env/AuthzTrans.java
index 920f330f..1a1e7f24 100644
--- a/auth/auth-core/src/main/java/org/onap/aaf/auth/env/AuthzTrans.java
+++ b/auth/auth-core/src/main/java/org/onap/aaf/auth/env/AuthzTrans.java
@@ -24,6 +24,7 @@ package org.onap.aaf.auth.env;
import java.util.Date;
import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
import org.onap.aaf.auth.org.Organization;
import org.onap.aaf.cadi.Lur;
@@ -41,9 +42,11 @@ public interface AuthzTrans extends TransStore {
}
}
- public abstract AuthzTrans set(HttpServletRequest req);
+ public abstract AuthzTrans set(HttpServletRequest req, HttpServletResponse resp);
public abstract HttpServletRequest hreq();
+
+ public abstract HttpServletResponse hresp();
public abstract String user();
@@ -81,4 +84,7 @@ public interface AuthzTrans extends TransStore {
public abstract String getTag();
+ public abstract void clearCache();
+
+
} \ No newline at end of file
diff --git a/auth/auth-core/src/main/java/org/onap/aaf/auth/env/AuthzTransFilter.java b/auth/auth-core/src/main/java/org/onap/aaf/auth/env/AuthzTransFilter.java
index ec5e70de..bda23e13 100644
--- a/auth/auth-core/src/main/java/org/onap/aaf/auth/env/AuthzTransFilter.java
+++ b/auth/auth-core/src/main/java/org/onap/aaf/auth/env/AuthzTransFilter.java
@@ -23,8 +23,8 @@ package org.onap.aaf.auth.env;
import java.security.Principal;
-import javax.servlet.ServletRequest;
import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
import org.onap.aaf.auth.rserv.TransFilter;
import org.onap.aaf.cadi.CadiException;
@@ -63,16 +63,15 @@ public class AuthzTransFilter extends TransFilter<AuthzTrans> {
}
@Override
- protected AuthzTrans newTrans(HttpServletRequest req) {
+ protected AuthzTrans newTrans(HttpServletRequest req, HttpServletResponse resp) {
AuthzTrans at = env.newTrans();
at.setLur(getLur());
- at.set(req);
+ at.set(req,resp);
return at;
}
@Override
- protected TimeTaken start(AuthzTrans trans, ServletRequest request) {
- trans.set((HttpServletRequest)request);
+ protected TimeTaken start(AuthzTrans trans) {
return trans.start("Trans " + //(context==null?"n/a":context.toString()) +
" IP: " + trans.ip() +
" Port: " + trans.port()
diff --git a/auth/auth-core/src/main/java/org/onap/aaf/auth/env/AuthzTransImpl.java b/auth/auth-core/src/main/java/org/onap/aaf/auth/env/AuthzTransImpl.java
index a7bb24a5..0af760b8 100644
--- a/auth/auth-core/src/main/java/org/onap/aaf/auth/env/AuthzTransImpl.java
+++ b/auth/auth-core/src/main/java/org/onap/aaf/auth/env/AuthzTransImpl.java
@@ -24,6 +24,7 @@ package org.onap.aaf.auth.env;
import java.util.Date;
import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
import org.onap.aaf.auth.org.Organization;
import org.onap.aaf.auth.org.OrganizationFactory;
@@ -37,6 +38,7 @@ public class AuthzTransImpl extends BasicTrans implements AuthzTrans {
private static final String N_A = "n/a";
private static final String BLANK = "";
private HttpServletRequest hreq;
+ private HttpServletResponse hresp;
private TaggedPrincipal user;
private Lur lur;
private Organization org;
@@ -54,8 +56,9 @@ public class AuthzTransImpl extends BasicTrans implements AuthzTrans {
* @see org.onap.aaf.auth.env.test.AuthTrans#set(javax.servlet.http.HttpServletRequest)
*/
@Override
- public AuthzTrans set(HttpServletRequest req) {
+ public AuthzTrans set(HttpServletRequest req, HttpServletResponse resp) {
hreq = req;
+ hresp = resp;
user = (TaggedPrincipal)req.getUserPrincipal();
for (REQD_TYPE rt : REQD_TYPE.values()) {
@@ -70,11 +73,17 @@ public class AuthzTransImpl extends BasicTrans implements AuthzTrans {
org=null;
return this;
}
+
@Override
public HttpServletRequest hreq() {
return hreq;
}
-
+
+ @Override
+ public HttpServletResponse hresp() {
+ return hresp;
+ }
+
@Override
public void setUser(TaggedPrincipal p) {
user = p;
@@ -174,7 +183,7 @@ public class AuthzTransImpl extends BasicTrans implements AuthzTrans {
}
return false;
}
-
+
/* (non-Javadoc)
* @see org.onap.aaf.auth.env.test.AuthzTrans#org()
*/
@@ -229,4 +238,13 @@ public class AuthzTransImpl extends BasicTrans implements AuthzTrans {
public String getTag() {
return tag;
}
+
+ @Override
+ public void clearCache() {
+ if (lur!=null) {
+ StringBuilder report = new StringBuilder();
+ lur.clear(user, report);
+ info().log(report);
+ }
+ }
}
diff --git a/auth/auth-core/src/main/java/org/onap/aaf/auth/env/AuthzTransOnlyFilter.java b/auth/auth-core/src/main/java/org/onap/aaf/auth/env/AuthzTransOnlyFilter.java
index b1111638..5545c7da 100644
--- a/auth/auth-core/src/main/java/org/onap/aaf/auth/env/AuthzTransOnlyFilter.java
+++ b/auth/auth-core/src/main/java/org/onap/aaf/auth/env/AuthzTransOnlyFilter.java
@@ -21,8 +21,8 @@
package org.onap.aaf.auth.env;
-import javax.servlet.ServletRequest;
import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
import org.onap.aaf.auth.rserv.TransOnlyFilter;
import org.onap.aaf.cadi.principal.TaggedPrincipal;
@@ -43,13 +43,14 @@ public class AuthzTransOnlyFilter extends TransOnlyFilter<AuthzTrans> {
}
@Override
- protected AuthzTrans newTrans() {
- return env.newTrans();
+ protected AuthzTrans newTrans(HttpServletRequest req, HttpServletResponse resp) {
+ AuthzTrans trans = env.newTrans();
+ trans.set(req, resp);
+ return trans;
}
@Override
- protected TimeTaken start(AuthzTrans trans, ServletRequest request) {
- trans.set((HttpServletRequest)request);
+ protected TimeTaken start(AuthzTrans trans) {
return trans.start("Trans " + //(context==null?"n/a":context.toString()) +
" IP: " + trans.ip() +
" Port: " + trans.port()
diff --git a/auth/auth-core/src/main/java/org/onap/aaf/auth/env/NullTrans.java b/auth/auth-core/src/main/java/org/onap/aaf/auth/env/NullTrans.java
index 54a8f484..f0052e5a 100644
--- a/auth/auth-core/src/main/java/org/onap/aaf/auth/env/NullTrans.java
+++ b/auth/auth-core/src/main/java/org/onap/aaf/auth/env/NullTrans.java
@@ -24,6 +24,7 @@ package org.onap.aaf.auth.env;
import java.util.Date;
import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
import org.onap.aaf.auth.org.Organization;
import org.onap.aaf.cadi.Lur;
@@ -130,7 +131,7 @@ public class NullTrans implements AuthzTrans {
return null;
}
@Override
- public AuthzTrans set(HttpServletRequest req) {
+ public AuthzTrans set(HttpServletRequest req, HttpServletResponse resp) {
return null;
}
@@ -138,7 +139,13 @@ public class NullTrans implements AuthzTrans {
public HttpServletRequest hreq() {
return null;
}
+
+ @Override
+ public HttpServletResponse hresp() {
+ return null;
+ }
+
@Override
public String user() {
return null;
@@ -243,5 +250,8 @@ public class NullTrans implements AuthzTrans {
public String getTag() {
return null;
}
+ @Override
+ public void clearCache() {
+ }
}
diff --git a/auth/auth-core/src/main/java/org/onap/aaf/auth/rserv/TransFilter.java b/auth/auth-core/src/main/java/org/onap/aaf/auth/rserv/TransFilter.java
index 92c0fc24..81e2e619 100644
--- a/auth/auth-core/src/main/java/org/onap/aaf/auth/rserv/TransFilter.java
+++ b/auth/auth-core/src/main/java/org/onap/aaf/auth/rserv/TransFilter.java
@@ -86,8 +86,8 @@ public abstract class TransFilter<TRANS extends TransStore> implements Filter {
return cadi.getLur();
}
- protected abstract TRANS newTrans(HttpServletRequest request);
- protected abstract TimeTaken start(TRANS trans, ServletRequest request);
+ protected abstract TRANS newTrans(HttpServletRequest request,HttpServletResponse response);
+ protected abstract TimeTaken start(TRANS trans);
protected abstract void authenticated(TRANS trans, Principal p);
protected abstract void tallyHo(TRANS trans, String target);
@@ -96,9 +96,9 @@ public abstract class TransFilter<TRANS extends TransStore> implements Filter {
HttpServletRequest req = (HttpServletRequest)request;
HttpServletResponse res = (HttpServletResponse)response;
- TRANS trans = newTrans(req);
+ TRANS trans = newTrans(req,res);
- TimeTaken overall = start(trans,request);
+ TimeTaken overall = start(trans);
String target = "n/a";
try {
request.setAttribute(TRANS_TAG, trans);
diff --git a/auth/auth-core/src/main/java/org/onap/aaf/auth/rserv/TransOnlyFilter.java b/auth/auth-core/src/main/java/org/onap/aaf/auth/rserv/TransOnlyFilter.java
index c3514b65..ef91e485 100644
--- a/auth/auth-core/src/main/java/org/onap/aaf/auth/rserv/TransOnlyFilter.java
+++ b/auth/auth-core/src/main/java/org/onap/aaf/auth/rserv/TransOnlyFilter.java
@@ -29,6 +29,8 @@ import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
import org.onap.aaf.cadi.principal.TaggedPrincipal;
import org.onap.aaf.misc.env.TimeTaken;
@@ -52,16 +54,15 @@ public abstract class TransOnlyFilter<TRANS extends TransStore> implements Filte
- protected abstract TRANS newTrans();
- protected abstract TimeTaken start(TRANS trans, ServletRequest request);
+ protected abstract TRANS newTrans(HttpServletRequest req, HttpServletResponse resp);
+ protected abstract TimeTaken start(TRANS trans);
protected abstract void authenticated(TRANS trans, TaggedPrincipal p);
protected abstract void tallyHo(TRANS trans);
@Override
public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException {
- TRANS trans = newTrans();
-
- TimeTaken overall = start(trans,request);
+ TRANS trans = newTrans((HttpServletRequest)request,(HttpServletResponse)response);
+ TimeTaken overall = start(trans);
try {
request.setAttribute(TransFilter.TRANS_TAG, trans);
chain.doFilter(request, response);
diff --git a/auth/auth-core/src/main/java/org/onap/aaf/auth/server/AbsServiceStarter.java b/auth/auth-core/src/main/java/org/onap/aaf/auth/server/AbsServiceStarter.java
index 23240cf1..f5831139 100644
--- a/auth/auth-core/src/main/java/org/onap/aaf/auth/server/AbsServiceStarter.java
+++ b/auth/auth-core/src/main/java/org/onap/aaf/auth/server/AbsServiceStarter.java
@@ -43,9 +43,11 @@ public abstract class AbsServiceStarter<ENV extends RosettaEnv, TRANS extends Tr
private boolean do_register;
protected AbsService<ENV,TRANS> service;
protected String hostname;
+ protected final boolean secure;
- public AbsServiceStarter(final AbsService<ENV,TRANS> service) {
+ public AbsServiceStarter(final AbsService<ENV,TRANS> service, boolean secure) {
+ this.secure = secure;
this.service = service;
try {
OrganizationFactory.init(service.env);
@@ -96,12 +98,14 @@ public abstract class AbsServiceStarter<ENV extends RosettaEnv, TRANS extends Tr
});
if(System.getProperty("ECLIPSE", null)!=null) {
Thread.sleep(2000);
- System.out.println("Service Started in Eclipse: ");
- System.out.print(" Hit <enter> to end\n:");
- try {
- System.in.read();
- System.exit(0);
- } catch (IOException e) {
+ if(!app.isCancelled()) {
+ System.out.println("Service Started in Eclipse: ");
+ System.out.print(" Hit <enter> to end:\n");
+ try {
+ System.in.read();
+ System.exit(0);
+ } catch (IOException e) {
+ }
}
}
}
diff --git a/auth/auth-core/src/main/java/org/onap/aaf/auth/server/JettyServiceStarter.java b/auth/auth-core/src/main/java/org/onap/aaf/auth/server/JettyServiceStarter.java
index bcc071a2..8d49720b 100644
--- a/auth/auth-core/src/main/java/org/onap/aaf/auth/server/JettyServiceStarter.java
+++ b/auth/auth-core/src/main/java/org/onap/aaf/auth/server/JettyServiceStarter.java
@@ -54,23 +54,11 @@ import org.onap.aaf.misc.rosetta.env.RosettaEnv;
public class JettyServiceStarter<ENV extends RosettaEnv, TRANS extends Trans> extends AbsServiceStarter<ENV,TRANS> {
- private boolean secure;
- public JettyServiceStarter(final AbsService<ENV,TRANS> service) throws OrganizationException {
- super(service);
- secure = true;
+ public JettyServiceStarter(final AbsService<ENV,TRANS> service, boolean secure) throws OrganizationException {
+ super(service, secure);
}
- /**
- * Specifically set this Service starter to Insecure (HTTP) Mode.
- * @return
- */
- public JettyServiceStarter<ENV,TRANS> insecure() {
- secure = false;
- return this;
- }
-
-
@Override
public void _propertyAdjustment() {
// System.setProperty("com.sun.management.jmxremote.port", "8081");
diff --git a/auth/auth-core/src/test/java/org/onap/aaf/auth/env/test/JU_AuthzTransImpl.java b/auth/auth-core/src/test/java/org/onap/aaf/auth/env/test/JU_AuthzTransImpl.java
index f4481ed4..af92e372 100644
--- a/auth/auth-core/src/test/java/org/onap/aaf/auth/env/test/JU_AuthzTransImpl.java
+++ b/auth/auth-core/src/test/java/org/onap/aaf/auth/env/test/JU_AuthzTransImpl.java
@@ -66,11 +66,12 @@ public class JU_AuthzTransImpl {
public void setUp(){
authzTransImpl = new AuthzTransImpl(authzEnvMock);
req = mock(HttpServletRequest.class);
- authzTransImpl.set(req);
+ res = mock(HttpServletResponse.class);
+ authzTransImpl.set(req,res);
when(req.getParameter("request")).thenReturn("NotNull");
- authzTransImpl.set(req);
+ authzTransImpl.set(req,res);
when(req.getParameter("request")).thenReturn("");
- authzTransImpl.set(req);
+ authzTransImpl.set(req,res);
}
@Test
diff --git a/auth/auth-core/src/test/java/org/onap/aaf/auth/env/test/JU_AuthzTransOnlyFilter.java b/auth/auth-core/src/test/java/org/onap/aaf/auth/env/test/JU_AuthzTransOnlyFilter.java
index 091a3aa6..346ca48f 100644
--- a/auth/auth-core/src/test/java/org/onap/aaf/auth/env/test/JU_AuthzTransOnlyFilter.java
+++ b/auth/auth-core/src/test/java/org/onap/aaf/auth/env/test/JU_AuthzTransOnlyFilter.java
@@ -76,10 +76,7 @@ public class JU_AuthzTransOnlyFilter {
public void testStart() throws NoSuchMethodException, SecurityException, IllegalAccessException, IllegalArgumentException, InvocationTargetException {
AuthzTransOnlyFilter aTF = new AuthzTransOnlyFilter(authzEnvMock);
Class c = aTF.getClass();
- Class[] cArg = new Class[2];
- cArg[0] = AuthzTrans.class;
- cArg[1] = ServletRequest.class; //Steps to test a protected method
- Method startMethod = c.getDeclaredMethod("start", cArg);
+ Method startMethod = c.getDeclaredMethod("start", new Class[] {AuthzTrans.class});
startMethod.setAccessible(true);
//startMethod.invoke(aTF, authzTransMock, servletRequestMock);
}
diff --git a/auth/auth-core/src/test/java/org/onap/aaf/auth/env/test/JU_NullTrans.java b/auth/auth-core/src/test/java/org/onap/aaf/auth/env/test/JU_NullTrans.java
index f67716fa..9c7212c2 100644
--- a/auth/auth-core/src/test/java/org/onap/aaf/auth/env/test/JU_NullTrans.java
+++ b/auth/auth-core/src/test/java/org/onap/aaf/auth/env/test/JU_NullTrans.java
@@ -27,6 +27,7 @@ import static org.mockito.Mockito.mock;
import java.security.Principal;
import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
import org.junit.Assert;
import org.junit.Before;
@@ -157,7 +158,8 @@ public class JU_NullTrans {
@Test
public void testSet() {
HttpServletRequest req = mock(HttpServletRequest.class);
- AuthzTrans set = nullTrans.set(req);
+ HttpServletResponse res = mock(HttpServletResponse.class);
+ AuthzTrans set = nullTrans.set(req,res);
Assert.assertNull(set);
}
diff --git a/auth/auth-core/src/test/java/org/onap/aaf/auth/server/test/JU_AbsServiceStarter.java b/auth/auth-core/src/test/java/org/onap/aaf/auth/server/test/JU_AbsServiceStarter.java
index 9b49216d..4972b572 100644
--- a/auth/auth-core/src/test/java/org/onap/aaf/auth/server/test/JU_AbsServiceStarter.java
+++ b/auth/auth-core/src/test/java/org/onap/aaf/auth/server/test/JU_AbsServiceStarter.java
@@ -49,8 +49,8 @@ public class JU_AbsServiceStarter {
private class AbsServiceStarterStub extends AbsServiceStarter {
- public AbsServiceStarterStub(AbsService service) {
- super(service);
+ public AbsServiceStarterStub(AbsService service, boolean secure) {
+ super(service,secure);
// TODO Auto-generated constructor stub
}
@@ -110,7 +110,7 @@ public class JU_AbsServiceStarter {
prop.setLogLevel(Level.DEBUG);
absServiceStub = new AbsServiceStub(prop, bEnv);
- absServiceStarterStub = new AbsServiceStarterStub(absServiceStub);
+ absServiceStarterStub = new AbsServiceStarterStub(absServiceStub,true);
}
// @Test
diff --git a/auth/auth-fs/src/main/java/org/onap/aaf/auth/fs/AAF_FS.java b/auth/auth-fs/src/main/java/org/onap/aaf/auth/fs/AAF_FS.java
index b56fc03e..67952001 100644
--- a/auth/auth-fs/src/main/java/org/onap/aaf/auth/fs/AAF_FS.java
+++ b/auth/auth-fs/src/main/java/org/onap/aaf/auth/fs/AAF_FS.java
@@ -106,10 +106,13 @@ public class AAF_FS extends AbsService<AuthzEnv, AuthzTrans> {
try {
Log4JLogIt logIt = new Log4JLogIt(args, "fs");
PropAccess propAccess = new PropAccess(logIt,args);
-
- AAF_FS service = new AAF_FS(new AuthzEnv(propAccess));
- JettyServiceStarter<AuthzEnv,AuthzTrans> jss = new JettyServiceStarter<AuthzEnv,AuthzTrans>(service);
- jss.insecure().start();
+ try {
+ new JettyServiceStarter<AuthzEnv,AuthzTrans>(
+ new AAF_FS(new AuthzEnv(propAccess)),false)
+ .start();
+ } catch (Exception e) {
+ propAccess.log(e);
+ }
} catch (Exception e) {
e.printStackTrace();
}
diff --git a/auth/auth-gui/src/main/java/org/onap/aaf/auth/cui/CUI.java b/auth/auth-gui/src/main/java/org/onap/aaf/auth/cui/CUI.java
index 7859b7cc..f2d7522e 100644
--- a/auth/auth-gui/src/main/java/org/onap/aaf/auth/cui/CUI.java
+++ b/auth/auth-gui/src/main/java/org/onap/aaf/auth/cui/CUI.java
@@ -24,15 +24,17 @@
package org.onap.aaf.auth.cui;
import java.io.PrintWriter;
+import java.util.regex.Pattern;
import javax.servlet.ServletInputStream;
+import javax.servlet.http.Cookie;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.onap.aaf.auth.cmd.AAFcli;
import org.onap.aaf.auth.env.AuthzTrans;
-import org.onap.aaf.auth.env.AuthzEnv;
import org.onap.aaf.auth.gui.AAF_GUI;
+import org.onap.aaf.auth.gui.Page;
import org.onap.aaf.auth.rserv.HttpCode;
import org.onap.aaf.cadi.aaf.v2_0.AAFConHttp;
import org.onap.aaf.cadi.http.HTransferSS;
@@ -43,6 +45,7 @@ import org.onap.aaf.misc.env.TimeTaken;
public class CUI extends HttpCode<AuthzTrans, Void> {
private final AAF_GUI gui;
+ private final static Pattern userPerm = Pattern.compile("perm (create|delete).*@.*:id.*aaf.gui.*");
public CUI(AAF_GUI gui) {
@@ -84,6 +87,13 @@ public class CUI extends HttpCode<AuthzTrans, Void> {
}
try {
aafcli.eval(cmdStr);
+ if(userPerm.matcher(cmdStr).matches()) {
+ trans.clearCache();
+ Cookie cookie = new Cookie(Page.AAF_THEME,trans.getProperty(Page.AAF_THEME));
+ cookie.setMaxAge(-1);
+ cookie.setComment("Remove AAF GUI Theme");
+ trans.hresp().addCookie(cookie);
+ }
pw.flush();
} catch (Exception e) {
pw.flush();
diff --git a/auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/AAF_GUI.java b/auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/AAF_GUI.java
index c33f3d69..17916c24 100644
--- a/auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/AAF_GUI.java
+++ b/auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/AAF_GUI.java
@@ -26,6 +26,9 @@ import static org.onap.aaf.auth.rserv.HttpMethods.POST;
import static org.onap.aaf.auth.rserv.HttpMethods.PUT;
import javax.servlet.Filter;
+import javax.servlet.http.Cookie;
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
import org.onap.aaf.auth.cmd.Cmd;
import org.onap.aaf.auth.cui.CUI;
@@ -40,6 +43,7 @@ import org.onap.aaf.auth.gui.pages.CMArtiChangeAction;
import org.onap.aaf.auth.gui.pages.CMArtiChangeForm;
import org.onap.aaf.auth.gui.pages.CMArtifactShow;
import org.onap.aaf.auth.gui.pages.CredDetail;
+import org.onap.aaf.auth.gui.pages.CredHistory;
import org.onap.aaf.auth.gui.pages.Home;
import org.onap.aaf.auth.gui.pages.LoginLanding;
import org.onap.aaf.auth.gui.pages.LoginLandingAction;
@@ -66,6 +70,7 @@ import org.onap.aaf.auth.gui.pages.UserRoleExtend;
import org.onap.aaf.auth.gui.pages.UserRoleRemove;
import org.onap.aaf.auth.gui.pages.WebCommand;
import org.onap.aaf.auth.rserv.CachingFileAccess;
+import org.onap.aaf.auth.rserv.HttpCode;
import org.onap.aaf.auth.server.AbsService;
import org.onap.aaf.auth.server.JettyServiceStarter;
import org.onap.aaf.auth.server.Log4JLogIt;
@@ -114,19 +119,19 @@ public class AAF_GUI extends AbsService<AuthzEnv, AuthzTrans> implements State<E
protected final String deployedVersion;
private StaticSlot sThemeWebPath;
private StaticSlot sDefaultTheme;
-// public final String theme;
public AAF_GUI(final AuthzEnv env) throws Exception {
super(env.access(), env);
sDefaultTheme = env.staticSlot(AAF_GUI_THEME);
- env.put(sDefaultTheme, env.getProperty(AAF_GUI_THEME,"onap"));
+ String defTheme = env.getProperty(AAF_GUI_THEME,"onap");
+ env.put(sDefaultTheme, defTheme);
sThemeWebPath = env.staticSlot(CachingFileAccess.CFA_WEB_PATH);
if(env.get(sThemeWebPath)==null) {
env.put(sThemeWebPath,"theme");
}
-
+
slot_httpServletRequest = env.slot(HTTP_SERVLET_REQUEST);
deployedVersion = app_version;
@@ -157,8 +162,9 @@ public class AAF_GUI extends AbsService<AuthzEnv, AuthzTrans> implements State<E
// MyNameSpace
final Page myNamespaces = new Display(this, GET, new NssShow(this, start)).page();
Page nsDetail = new Display(this, GET, new NsDetail(this, start, myNamespaces)).page();
- new Display(this, GET, new NsHistory(this, start,myNamespaces,nsDetail));
+ new Display(this, GET, new NsHistory(this, start,myNamespaces,nsDetail));
Page crdDetail = new Display(this, GET, new CredDetail(this, start, myNamespaces, nsDetail)).page();
+ new Display(this, GET, new CredHistory(this,start,myNamespaces,nsDetail,crdDetail));
Page artiShow = new Display(this, GET, new CMArtifactShow(this, start, myNamespaces, nsDetail, crdDetail)).page();
Page artiCForm = new Display(this, GET, new CMArtiChangeForm(this, start, myNamespaces, nsDetail, crdDetail,artiShow)).page();
new Display(this, POST, new CMArtiChangeAction(this, start,artiShow,artiCForm));
@@ -204,6 +210,23 @@ public class AAF_GUI extends AbsService<AuthzEnv, AuthzTrans> implements State<E
// Command line Mechanism
route(env, PUT, "/gui/cui", new CUI(this),"text/plain;charset=utf-8","*/*");
+ route(env, GET, "/gui/clear", new HttpCode<AuthzTrans, Void>(null, "Clear"){
+ @Override
+ public void handle(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp) throws Exception {
+ trans.clearCache();
+ Cookie cookies[] = req.getCookies();
+ if(cookies!=null) {
+ for(Cookie c : cookies) {
+ if(c.getName().startsWith("aaf.gui.")) {
+ c.setMaxAge(0);
+ resp.addCookie(c);
+ }
+ }
+ }
+ resp.sendRedirect("/gui/home");
+ }
+ }, "text/plain;charset=utf-8","*/*");
+
///////////////////////
// WebContent Handler
///////////////////////
@@ -262,9 +285,13 @@ public class AAF_GUI extends AbsService<AuthzEnv, AuthzTrans> implements State<E
Log4JLogIt logIt = new Log4JLogIt(args, "gui");
PropAccess propAccess = new PropAccess(logIt,args);
- AAF_GUI service = new AAF_GUI(new AuthzEnv(propAccess));
- JettyServiceStarter<AuthzEnv,AuthzTrans> jss = new JettyServiceStarter<AuthzEnv,AuthzTrans>(service);
- jss.start();
+ try {
+ new JettyServiceStarter<AuthzEnv,AuthzTrans>(
+ new AAF_GUI(new AuthzEnv(propAccess)),true)
+ .start();
+ } catch (Exception e) {
+ propAccess.log(e);
+ }
} catch (Exception e) {
e.printStackTrace();
}
diff --git a/auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/Page.java b/auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/Page.java
index 5b6eb016..18ec9f68 100644
--- a/auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/Page.java
+++ b/auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/Page.java
@@ -46,7 +46,6 @@ import org.onap.aaf.auth.env.AuthzTrans;
import org.onap.aaf.auth.gui.pages.Home;
import org.onap.aaf.cadi.Permission;
import org.onap.aaf.cadi.aaf.AAFPermission;
-import org.onap.aaf.cadi.client.Holder;
import org.onap.aaf.cadi.config.Config;
import org.onap.aaf.cadi.principal.TaggedPrincipal;
import org.onap.aaf.misc.env.APIException;
@@ -70,6 +69,7 @@ import org.onap.aaf.misc.xgen.html.Imports;
*
*/
public class Page extends HTMLCacheGen {
+ public static final String AAF_THEME = "aaf_theme";
public static final String AAFURL_TOOLS = "aaf_url.tools";
public static final String AAF_URL_TOOL_DOT = "aaf_url.tool.";
public static final String AAF_URL_CUIGUI = "aaf_url.cuigui"; // link to help
@@ -151,7 +151,8 @@ public class Page extends HTMLCacheGen {
private static class PageCode implements Code<HTMLGen> {
- private static final String AAF_GUI_TITLE = "aaf_gui_title";
+ private static final String AAF_GUI_THEME = "aaf.gui.theme";
+ private static final String AAF_GUI_TITLE = "aaf_gui_title";
private final ContentCode[] content;
private final Slot browserSlot;
@@ -167,6 +168,7 @@ public class Page extends HTMLCacheGen {
browserSlot = env.slot(BROWSER_TYPE);
sTheme = env.staticSlot(AAF_GUI.AAF_GUI_THEME);
this.env = env;
+ getThemeFiles(env,""); //
}
private static synchronized List<String> getThemeFiles(Env env, String theme) {
@@ -185,11 +187,11 @@ public class Page extends HTMLCacheGen {
themeProps = new TreeMap<>();
props = null;
} else {
- props = themeProps.get(theme);
+ props = themeProps.get(t.getName());
}
if(props==null) {
props = new Properties();
- themeProps.put(theme, props);
+ themeProps.put(t.getName(), props);
}
try {
@@ -215,13 +217,10 @@ public class Page extends HTMLCacheGen {
return themes.get(theme);
}
- protected Imports getImports(Env env, Holder<String> theme, String defaultTheme, int backdots, BROWSER browser) {
- List<String> ls = getThemeFiles(env,theme.get());
+ protected Imports getImports(Env env, String theme, int backdots, BROWSER browser) {
+ List<String> ls = getThemeFiles(env,theme);
Imports imp = new Imports(backdots);
- if(ls==null) {
- theme.set(defaultTheme);
- }
- String prefix = "theme/" + theme.get() + '/';
+ String prefix = "theme/" + theme + '/';
for(String f : ls) {
if(f.endsWith(".js")) {
imp.js(prefix + f);
@@ -262,7 +261,6 @@ public class Page extends HTMLCacheGen {
hgen.html();
final String title = env.getProperty(AAF_GUI_TITLE,"Authentication/Authorization Framework");
final String defaultTheme = env.get(sTheme,"onap");
- final Holder<String> hTheme = new Holder<>(defaultTheme);
Mark head = hgen.head();
hgen.leaf(TITLE).text(title).end();
@@ -270,15 +268,37 @@ public class Page extends HTMLCacheGen {
@Override
public void code(AAF_GUI state, AuthzTrans trans, final Cache<HTMLGen> cache, final HTMLGen hgen) throws APIException, IOException {
BROWSER browser = browser(trans,browserSlot);
+ String theme = null;
Cookie[] cookies = trans.hreq().getCookies();
if(cookies!=null) {
for(Cookie c : cookies) {
- if("aaf_theme".equals(c.getName())) {
- hTheme.set(c.getValue());
+ if(AAF_GUI_THEME.equals(c.getName())) {
+ theme=c.getValue();
+ if(!(themes.containsKey(theme))) {
+ theme = defaultTheme;
+ }
+ break;
}
}
}
- hgen.imports(getImports(env,hTheme,defaultTheme,backdots,browser));
+
+ if(theme==null) {
+ for(String t : themes.keySet()) {
+ if(!t.equals(defaultTheme) && trans.fish(new AAFPermission(null,trans.user()+":id", AAF_GUI_THEME, t))) {
+ theme=t;
+ break;
+ }
+ }
+ if(theme==null) {
+ theme = defaultTheme;
+ }
+ Cookie cookie = new Cookie(AAF_GUI_THEME,theme);
+ cookie.setMaxAge(604_800); // one week
+ trans.hresp().addCookie(cookie);
+ }
+ trans.setProperty(Page.AAF_THEME, theme);
+
+ hgen.imports(getImports(env,theme,backdots,browser));
switch(browser) {
case ie:
case ieOld:
@@ -350,7 +370,8 @@ public class Page extends HTMLCacheGen {
}
hgen.end(header);
-
+
+ hgen.divID("pageContent");
Mark inner = hgen.divID("inner");
// Content
for (int i=cIdx;i<content.length;++i) {
@@ -361,39 +382,65 @@ public class Page extends HTMLCacheGen {
}
hgen.end(inner);
+
+ cache.dynamic(hgen, new DynamicCode<HTMLGen,AAF_GUI,AuthzTrans>() {
+ @Override
+ public void code(AAF_GUI state, AuthzTrans trans,Cache<HTMLGen> cache, HTMLGen xgen) throws APIException, IOException {
+ String theme = trans.getProperty(Page.AAF_THEME);
+ Properties props;
+ if(theme==null) {
+ props = null;
+ } else {
+ props = themeProps==null?null:themeProps.get(theme);
+ }
+
+ if(props!=null && "TRUE".equalsIgnoreCase(props.getProperty("enable_nav_btn"))) {
+ xgen.leaf("button", "id=navBtn").end();
+ }
+ }
+ });
+ // Adding "nav Hamburger button"
// Navigation - Using older Nav to work with decrepit IE versions
-
Mark nav = hgen.divID("nav");
cache.dynamic(hgen, new DynamicCode<HTMLGen,AAF_GUI,AuthzTrans>() {
@Override
public void code(AAF_GUI state, AuthzTrans trans,Cache<HTMLGen> cache, HTMLGen xgen) throws APIException, IOException {
- Properties props = themeProps==null?null:themeProps.get(hTheme.get());
- if(props!=null && "TRUE".equalsIgnoreCase(props.getProperty("main_menu_in_nav"))) {
- xgen.incr("h2").text("Navigation").end();
- Mark mark = new Mark();
- boolean selected = isSelected(trans.path(),Home.HREF);
- //trans.path().endsWith("home");
- xgen.incr(mark,HTMLGen.UL)
- .incr(HTMLGen.LI,selected?"class=selected":"")
- .incr(HTMLGen.A, "href=home")
- .text("Home")
- .end(2);
- boolean noSelection = !selected;
- for(String[] mi : Home.MENU_ITEMS) {
- //selected = trans.path().endsWith(mi[0]);
- if(noSelection) {
- selected = isSelected(trans.path(),mi[2]);
- noSelection = !selected;
- } else {
- selected = false;
- }
- xgen.incr(HTMLGen.LI,selected?"class=selected":"")
- .incr(HTMLGen.A, "href="+mi[0])
- .text(mi[1])
- .end(2);
- }
- xgen.end(mark);
+ String theme = trans.getProperty(Page.AAF_THEME);
+ Properties props;
+ if(theme==null) {
+ props = null;
+ } else {
+ props = themeProps==null?null:themeProps.get(theme);
+ }
+
+ if(props!=null) {
+ if("TRUE".equalsIgnoreCase(props.getProperty("main_menu_in_nav"))) {
+ xgen.incr("h2").text("Navigation").end();
+ Mark mark = new Mark();
+ boolean selected = isSelected(trans.path(),Home.HREF);
+ //trans.path().endsWith("home");
+ xgen.incr(mark,HTMLGen.UL)
+ .incr(HTMLGen.LI,selected?"class=selected":"")
+ .incr(HTMLGen.A, "href=home")
+ .text("Home")
+ .end(2);
+ boolean noSelection = !selected;
+ for(String[] mi : Home.MENU_ITEMS) {
+ //selected = trans.path().endsWith(mi[0]);
+ if(noSelection) {
+ selected = isSelected(trans.path(),mi[2]);
+ noSelection = !selected;
+ } else {
+ selected = false;
+ }
+ xgen.incr(HTMLGen.LI,selected?"class=selected":"")
+ .incr(HTMLGen.A, "href="+mi[0])
+ .text(mi[1])
+ .end(2);
+ }
+ xgen.end(mark);
+ }
}
}
diff --git a/auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/pages/CMArtiChangeAction.java b/auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/pages/CMArtiChangeAction.java
index d32c7dc3..1e06b109 100644
--- a/auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/pages/CMArtiChangeAction.java
+++ b/auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/pages/CMArtiChangeAction.java
@@ -82,32 +82,36 @@ trans.info().log("Step 1");
arti.getSans().add(s);
}
}
- // Disallow IP entries, except by special Permission
- if (!trans.fish(getPerm(ca,"ip"))) {
- boolean ok=true;
- if (IPValidator.ip(machine)) {
- ok=false;
- }
- if (ok) {
- for (String s: arti.getSans()) {
- if (IPValidator.ip(s)) {
- ok=false;
- break;
- }
- }
- }
- if (!ok) {
- hgen.p("Policy Failure: IPs in certificates are only allowed by Exception.");
- return;
- }
- }
- // Disallow Domain based Definitions without exception
- if (machine.startsWith("*")) { // Domain set
- if (!trans.fish(getPerm(ca, "domain"))) {
- hgen.p("Policy Failure: Domain Artifact Declarations are only allowed by Exception.");
- return;
- }
+ // These checks to not apply to deletions
+ if(!CMArtiChangeForm.DELETE.equals(trans.get(sCmd, ""))) {
+ // Disallow IP entries, except by special Permission
+ if (!trans.fish(getPerm(ca,"ip"))) {
+ boolean ok=true;
+ if (IPValidator.ip(machine)) {
+ ok=false;
+ }
+ if (ok) {
+ for (String s: arti.getSans()) {
+ if (IPValidator.ip(s)) {
+ ok=false;
+ break;
+ }
+ }
+ }
+ if (!ok) {
+ hgen.p("Policy Failure: IPs in certificates are only allowed by Exception.");
+ return;
+ }
+ }
+
+ // Disallow Domain based Definitions without exception
+ if (machine.startsWith("*")) { // Domain set
+ if (!trans.fish(getPerm(ca, "domain"))) {
+ hgen.p("Policy Failure: Domain Artifact Declarations are only allowed by Exception.");
+ return;
+ }
+ }
}
arti.setMechid((String)trans.get(sID,null));
diff --git a/auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/pages/CredDetail.java b/auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/pages/CredDetail.java
index 00e58c87..70d86933 100644
--- a/auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/pages/CredDetail.java
+++ b/auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/pages/CredDetail.java
@@ -214,6 +214,7 @@ public class CredDetail extends Page {
StringWriter buttons = new StringWriter();
HTMLGen hgen = cd.clone(buttons);
hgen.leaf("button","onclick=divVisibility('"+key+"');","class=button").text("Expand").end();
+ hgen.leaf(HTMLGen.A,"class=button","class=greenbutton","href="+CredHistory.HREF+"?user="+ulm.getKey()).text("History").end();
StringWriter creds = new StringWriter();
hgen = cd.clone(creds);
@@ -302,8 +303,9 @@ public class CredDetail extends Page {
Chrono.niceDateStamp(oldest),
Chrono.niceDateStamp(newest)))
.end(uRow);
-
+
}
+
}
hgen.end(utable);
}
@@ -316,6 +318,7 @@ public class CredDetail extends Page {
new TextCell(creds.toString(),STYLE_WIDTH_70)
});
}
+
for (String missing : lns) {
StringWriter buttons = new StringWriter();
HTMLGen hgen = cd.clone(buttons);
diff --git a/auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/pages/CredHistory.java b/auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/pages/CredHistory.java
new file mode 100644
index 00000000..7e3962ec
--- /dev/null
+++ b/auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/pages/CredHistory.java
@@ -0,0 +1,224 @@
+/**
+ * ============LICENSE_START====================================================
+ * org.onap.aaf
+ * ===========================================================================
+ * Copyright (c) 2018 AT&T Intellectual Property. All rights reserved.
+ * ===========================================================================
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ * ============LICENSE_END====================================================
+ *
+ */
+
+package org.onap.aaf.auth.gui.pages;
+
+
+import java.io.IOException;
+import java.net.ConnectException;
+import java.util.ArrayList;
+import java.util.Calendar;
+import java.util.Comparator;
+import java.util.List;
+
+import org.onap.aaf.auth.env.AuthzEnv;
+import org.onap.aaf.auth.env.AuthzTrans;
+import org.onap.aaf.auth.gui.AAF_GUI;
+import org.onap.aaf.auth.gui.BreadCrumbs;
+import org.onap.aaf.auth.gui.NamedCode;
+import org.onap.aaf.auth.gui.Page;
+import org.onap.aaf.auth.gui.Table;
+import org.onap.aaf.auth.gui.Table.Cells;
+import org.onap.aaf.auth.gui.table.AbsCell;
+import org.onap.aaf.auth.gui.table.TableData;
+import org.onap.aaf.auth.gui.table.TextCell;
+import org.onap.aaf.cadi.CadiException;
+import org.onap.aaf.cadi.client.Future;
+import org.onap.aaf.cadi.client.Rcli;
+import org.onap.aaf.cadi.client.Retryable;
+import org.onap.aaf.misc.env.APIException;
+import org.onap.aaf.misc.env.Env;
+import org.onap.aaf.misc.env.Slot;
+import org.onap.aaf.misc.env.TimeTaken;
+import org.onap.aaf.misc.xgen.Cache;
+import org.onap.aaf.misc.xgen.DynamicCode;
+import org.onap.aaf.misc.xgen.html.HTMLGen;
+
+import aaf.v2_0.History;
+import aaf.v2_0.History.Item;
+
+
+public class CredHistory extends Page {
+ static final String NAME="CredHistory";
+ static final String HREF = "/gui/credHistory";
+ static final String FIELDS[] = {"user","dates"};
+
+
+ public CredHistory(final AAF_GUI gui, final Page ... breadcrumbs) throws APIException, IOException {
+ super(gui.env,NAME,HREF, FIELDS,
+ new BreadCrumbs(breadcrumbs),
+ new Table<AAF_GUI,AuthzTrans>("History", gui.env.newTransNoAvg(),new Model(gui.env),"class=std"),
+ new NamedCode(true, "content") {
+ @Override
+ public void code(final Cache<HTMLGen> cache, final HTMLGen hgen) throws APIException, IOException {
+ final Slot user = gui.env.slot(NAME+".user");
+ cache.dynamic(hgen, new DynamicCode<HTMLGen, AAF_GUI, AuthzTrans>() {
+ @Override
+ public void code(final AAF_GUI gui, final AuthzTrans trans, final Cache<HTMLGen> cache, final HTMLGen hgen) throws APIException, IOException {
+ String obUser = trans.get(user, null);
+
+ // Use Javascript to make the table title more descriptive
+ hgen.js()
+ .text("var caption = document.querySelector(\".title\");")
+ .text("caption.innerHTML='History for User [ " + obUser + " ]';")
+ .done();
+
+ // Use Javascript to change Link Target to our last visited Detail page
+ String lastPage = CredDetail.HREF + "?role=" + obUser;
+ hgen.js()
+ .text("alterLink('roledetail', '"+lastPage + "');")
+ .done();
+
+ hgen.br();
+ hgen.leaf("a", "href=#advanced_search","onclick=divVisibility('advanced_search');","class=greenbutton").text("Advanced Search").end()
+ .divID("advanced_search", "style=display:none");
+ hgen.incr("table");
+
+ addDateRow(hgen,"Start Date");
+ addDateRow(hgen,"End Date");
+ hgen.incr("tr").incr("td");
+ hgen.tagOnly("input", "type=button","value=Get History",
+ "onclick=datesURL('"+HREF+"?user=" + obUser+"');","class=greenbutton");
+ hgen.end().end();
+ hgen.end();
+ hgen.end();
+ }
+ });
+ }
+ }
+
+ );
+
+ }
+
+ private static void addDateRow(HTMLGen hgen, String s) {
+ hgen
+ .incr("tr")
+ .incr("td")
+ .incr("label", "for=month", "required").text(s+"*").end()
+ .end()
+ .incr("td")
+ .incr("select", "name=month"+s.substring(0, s.indexOf(' ')), "id=month"+s.substring(0, s.indexOf(' ')), "required")
+ .incr("option", "value=").text("Month").end();
+ for(NsHistory.Month m : NsHistory.Month.values()) {
+ if (Calendar.getInstance().get(Calendar.MONTH) == m.ordinal()) {
+ hgen.incr("option", "selected", "value="+(m.ordinal()+1)).text(m.name()).end();
+ } else {
+ hgen.incr("option", "value="+(m.ordinal()+1)).text(m.name()).end();
+ }
+ }
+ hgen.end()
+ .end()
+ .incr("td")
+ .tagOnly("input","type=number","id=year"+s.substring(0, s.indexOf(' ')),"required",
+ "value="+Calendar.getInstance().get(Calendar.YEAR), "min=1900",
+ "max="+Calendar.getInstance().get(Calendar.YEAR),
+ "placeholder=Year").end()
+ .end();
+ }
+
+
+ /**
+ * Implement the Table Content for History
+ *
+ * @author Jonathan
+ *
+ */
+ private static class Model extends TableData<AAF_GUI,AuthzTrans> {
+ private static final String[] headers = new String[] {"Date","User","Memo"};
+ private Slot user;
+ private Slot dates;
+
+ public Model(AuthzEnv env) {
+ user = env.slot(NAME+".user");
+ dates = env.slot(NAME+".dates");
+ }
+
+ @Override
+ public String[] headers() {
+ return headers;
+ }
+
+ @Override
+ public Cells get(final AuthzTrans trans, final AAF_GUI gui) {
+ final String oName = trans.get(user,null);
+ final String oDates = trans.get(dates,null);
+
+ Cells rv = Cells.EMPTY;
+ if (oName!=null) {
+
+ try {
+ rv = gui.clientAsUser(trans.getUserPrincipal(), new Retryable<Cells>() {
+ @Override
+ public Cells code(Rcli<?> client) throws CadiException, ConnectException, APIException {
+ ArrayList<AbsCell[]> rv = new ArrayList<>();
+ TimeTaken tt = trans.start("AAF Get History for credential ["+oName+"]",Env.REMOTE);
+ String msg = null;
+ try {
+ if (oDates != null) {
+ client.setQueryParams("yyyymm="+oDates);
+ }
+ Future<History> fh = client.read("/authz/hist/subject/"+oName + "/cred",gui.getDF(History.class));
+ if (fh.get(AAF_GUI.TIMEOUT)) {
+ tt.done();
+ tt = trans.start("Load History Data", Env.SUB);
+ List<Item> histItems = fh.value.getItem();
+
+ java.util.Collections.sort(histItems, new Comparator<Item>() {
+ @Override
+ public int compare(Item o1, Item o2) {
+ return o2.getTimestamp().compare(o1.getTimestamp());
+ }
+ });
+
+ for (Item i : histItems) {
+ String user = i.getUser();
+ AbsCell userCell = new TextCell(user);
+
+ String memo = i.getMemo().replace("<script>", "&lt;script&gt;").replace("</script>", "&lt;/script&gt;");
+ rv.add(new AbsCell[] {
+ new TextCell(i.getTimestamp().toGregorianCalendar().getTime().toString()),
+ userCell,
+ new TextCell(memo)
+ });
+ }
+ } else {
+ if (fh.code()==403) {
+ rv.add(new AbsCell[] {new TextCell("You may not view History of Credentiol[" + oName + "]", "colspan = 3", "class=center")});
+ } else {
+ rv.add(new AbsCell[] {new TextCell("*** Data Unavailable ***", "colspan = 3", "class=center")});
+ }
+ }
+ } finally {
+ tt.done();
+ }
+ return new Cells(rv,msg);
+ }
+ });
+ } catch (Exception e) {
+ trans.error().log(e);
+ }
+ }
+ return rv;
+ }
+ }
+
+}
diff --git a/auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/pages/Home.java b/auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/pages/Home.java
index 6fc4b5c1..463ee11a 100644
--- a/auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/pages/Home.java
+++ b/auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/pages/Home.java
@@ -50,7 +50,8 @@ public class Home extends Page {
// {"onboard","Onboarding"},
{"passwd","Password Management","/gui/passwd"},
{"cui","Command Prompt","/gui/cui"},
- {"api","AAF API","/gui/api"}
+ {"api","AAF API","/gui/api"},
+ {"clear","Clear Preferences","/gui/clear"}
};
public Home(final AAF_GUI gui) throws APIException, IOException {
diff --git a/auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/pages/NsDetail.java b/auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/pages/NsDetail.java
index 16a6c940..6b1c6120 100644
--- a/auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/pages/NsDetail.java
+++ b/auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/pages/NsDetail.java
@@ -168,7 +168,7 @@ public class NsDetail extends Page {
}
String historyLink = NsHistory.HREF
+ "?name=" + nsName;
- rv.add(new AbsCell[] {new RefCell("See History",historyLink,false)});
+ rv.add(new AbsCell[] {new RefCell("See History",historyLink,false,"class=greenbutton")});
} finally {
tt.done();
}
diff --git a/auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/pages/NsHistory.java b/auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/pages/NsHistory.java
index bca6c92c..dc9119bf 100644
--- a/auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/pages/NsHistory.java
+++ b/auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/pages/NsHistory.java
@@ -58,7 +58,6 @@ public class NsHistory extends Page {
static final String NAME="NsHistory";
static final String HREF = "/gui/nsHistory";
static final String FIELDS[] = {"name","dates"};
- static final String WEBPHONE = "http://webphone.att.com/cgi-bin/webphones.pl?id=";
static enum Month { JANUARY, FEBRUARY, MARCH, APRIL, MAY, JUNE, JULY,
AUGUST, SEPTEMBER, OCTOBER, NOVEMBER, DECEMBER };
@@ -88,7 +87,7 @@ public class NsHistory extends Page {
.done();
hgen.br();
- hgen.leaf("a","href=#advanced_search","onclick=divVisibility('advanced_search');").text("Advanced Search").end()
+ hgen.leaf("a","href=#advanced_search","onclick=divVisibility('advanced_search');","class=greenbutton").text("Advanced Search").end()
.divID("advanced_search", "style=display:none");
hgen.incr("table");
@@ -96,7 +95,7 @@ public class NsHistory extends Page {
addDateRow(hgen,"End Date");
hgen.incr("tr").incr("td");
hgen.tagOnly("input", "type=button","value=Get History",
- "onclick=datesURL('"+HREF+"?name=" + obName+"');");
+ "onclick=datesURL('"+HREF+"?name=" + obName+"');","class=greenbutton");
hgen.end().end();
hgen.end();
hgen.end();
diff --git a/auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/pages/PendingRequestsShow.java b/auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/pages/PendingRequestsShow.java
index 41711db2..ae5fe375 100644
--- a/auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/pages/PendingRequestsShow.java
+++ b/auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/pages/PendingRequestsShow.java
@@ -60,8 +60,7 @@ import aaf.v2_0.Approvals;
public class PendingRequestsShow extends Page {
public static final String HREF = "/gui/myrequests";
public static final String NAME = "MyRequests";
- static final String WEBPHONE = "http://webphone.att.com/cgi-bin/webphones.pl?id=";
- static final String[] FIELDS = new String[] {"as_user"}; // as_user Checked in Display
+ private static final String[] FIELDS = new String[] {"as_user"}; // as_user Checked in Display
private static final String AS_USER=NAME+".as_user";
public PendingRequestsShow(final AAF_GUI gui, final Page ... breadcrumbs) throws APIException, IOException {
diff --git a/auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/pages/PermDetail.java b/auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/pages/PermDetail.java
index 7d31d0e4..7bf6447d 100644
--- a/auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/pages/PermDetail.java
+++ b/auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/pages/PermDetail.java
@@ -135,7 +135,7 @@ public class PermDetail extends Page {
String historyLink = PermHistory.HREF
+ "?type=" + pType + "&instance=" + pInstance + "&action=" + pAction;
- rv.add(new AbsCell[] {new RefCell("See History",historyLink,false)});
+ rv.add(new AbsCell[] {new RefCell("See History",historyLink,false,"class=greenbutton")});
} else {
rv.add(new AbsCell[] {new TextCell(
fp.code()==HttpStatus.NOT_FOUND_404?
diff --git a/auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/pages/PermHistory.java b/auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/pages/PermHistory.java
index bbaf419f..4c3bd32e 100644
--- a/auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/pages/PermHistory.java
+++ b/auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/pages/PermHistory.java
@@ -60,9 +60,6 @@ public class PermHistory extends Page {
static final String NAME="PermHistory";
static final String HREF = "/gui/permHistory";
static final String FIELDS[] = {"type","instance","action","dates"};
- static final String WEBPHONE = "http://webphone.att.com/cgi-bin/webphones.pl?id=";
- static enum Month { JANUARY, FEBRUARY, MARCH, APRIL, MAY, JUNE, JULY,
- AUGUST, SEPTEMBER, OCTOBER, NOVEMBER, DECEMBER };
public PermHistory(final AAF_GUI gui, final Page ... breadcrumbs) throws APIException, IOException {
super(gui.env,NAME,HREF, FIELDS,
@@ -96,7 +93,7 @@ public class PermHistory extends Page {
.done();
hgen.br();
- hgen.leaf("a", "href=#advanced_search", "onclick=divVisibility('advanced_search');").text("Advanced Search").end()
+ hgen.leaf("a", "href=#advanced_search", "onclick=divVisibility('advanced_search');","class=greenbutton").text("Advanced Search").end()
.divID("advanced_search", "style=display:none");
hgen.incr("table");
@@ -106,7 +103,7 @@ public class PermHistory extends Page {
hgen.tagOnly("input", "type=button","value=Get History",
"onclick=datesURL('"+HREF+"?type=" + type
+ "&instance=" + instance
- + "&action=" + action+"');");
+ + "&action=" + action+"');","class=greenbutton");
hgen.end().end();
hgen.end();
hgen.end();
@@ -128,7 +125,7 @@ public class PermHistory extends Page {
.incr("td")
.incr("select", "name=month"+s.substring(0, s.indexOf(' ')), "id=month"+s.substring(0, s.indexOf(' ')), "required")
.incr("option", "value=").text("Month").end();
- for (Month m : Month.values()) {
+ for (NsHistory.Month m : NsHistory.Month.values()) {
if (Calendar.getInstance().get(Calendar.MONTH) == m.ordinal()) {
hgen.incr("option", "selected", "value="+(m.ordinal()+1)).text(m.name()).end();
} else {
diff --git a/auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/pages/RoleDetail.java b/auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/pages/RoleDetail.java
index bfc258bc..f69f4871 100644
--- a/auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/pages/RoleDetail.java
+++ b/auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/pages/RoleDetail.java
@@ -266,7 +266,7 @@ public class RoleDetail extends Page {
// History
rv.add(new AbsCell[] {
- new RefCell("See History",RoleHistory.HREF + "?role=" + pRole,false)
+ new RefCell("See History",RoleHistory.HREF + "?role=" + pRole,false,"class=greenbutton")
});
} else {
rv.add(new AbsCell[]{
diff --git a/auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/pages/RoleHistory.java b/auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/pages/RoleHistory.java
index fdf6f9e3..a9f0eeb0 100644
--- a/auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/pages/RoleHistory.java
+++ b/auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/pages/RoleHistory.java
@@ -60,9 +60,7 @@ public class RoleHistory extends Page {
static final String NAME="RoleHistory";
static final String HREF = "/gui/roleHistory";
static final String FIELDS[] = {"role","dates"};
- static final String WEBPHONE = "http://webphone.att.com/cgi-bin/webphones.pl?id=";
- static enum Month { JANUARY, FEBRUARY, MARCH, APRIL, MAY, JUNE, JULY,
- AUGUST, SEPTEMBER, OCTOBER, NOVEMBER, DECEMBER };
+
public RoleHistory(final AAF_GUI gui, final Page ... breadcrumbs) throws APIException, IOException {
super(gui.env,NAME,HREF, FIELDS,
@@ -90,7 +88,7 @@ public class RoleHistory extends Page {
.done();
hgen.br();
- hgen.leaf("a", "href=#advanced_search","onclick=divVisibility('advanced_search');").text("Advanced Search").end()
+ hgen.leaf("a", "href=#advanced_search","onclick=divVisibility('advanced_search');","class=greenbutton").text("Advanced Search").end()
.divID("advanced_search", "style=display:none");
hgen.incr("table");
@@ -98,7 +96,7 @@ public class RoleHistory extends Page {
addDateRow(hgen,"End Date");
hgen.incr("tr").incr("td");
hgen.tagOnly("input", "type=button","value=Get History",
- "onclick=datesURL('"+HREF+"?role=" + obRole+"');");
+ "onclick=datesURL('"+HREF+"?role=" + obRole+"');","class=greenbutton");
hgen.end().end();
hgen.end();
hgen.end();
@@ -120,7 +118,7 @@ public class RoleHistory extends Page {
.incr("td")
.incr("select", "name=month"+s.substring(0, s.indexOf(' ')), "id=month"+s.substring(0, s.indexOf(' ')), "required")
.incr("option", "value=").text("Month").end();
- for (Month m : Month.values()) {
+ for (NsHistory.Month m : NsHistory.Month.values()) {
if (Calendar.getInstance().get(Calendar.MONTH) == m.ordinal()) {
hgen.incr("option", "selected", "value="+(m.ordinal()+1)).text(m.name()).end();
} else {
diff --git a/auth/auth-gui/theme/onap/aaf5.css b/auth/auth-gui/theme/onap/aaf5.css
index 67f03b27..ca9b3a77 100644
--- a/auth/auth-gui/theme/onap/aaf5.css
+++ b/auth/auth-gui/theme/onap/aaf5.css
@@ -350,7 +350,7 @@ div.detail caption {
color: white;
font-family: "Lucida Console", Monaco, monospace;
overflow-y: scroll;
- height: 300px;
+ height: 600px;
min-width: 600px;
padding: 5px;
resize: vertical;
diff --git a/auth/auth-gui/theme/onap/console.js b/auth/auth-gui/theme/onap/console.js
index f65c17b4..fe4f6494 100644
--- a/auth/auth-gui/theme/onap/console.js
+++ b/auth/auth-gui/theme/onap/console.js
@@ -29,7 +29,7 @@ function getCommand() {
cmds = document.querySelector("#command_field").value.split(" ");
var cleanCmd = "";
if (document.querySelector("#details_img").getAttribute("class") == "selected")
- cleanCmd += "set details=true ";
+ cleanCmd += "details ";
for (var i = 0; i < cmds.length;i++) {
var trimmed = cmds[i].trim();
if (trimmed != "")
@@ -286,7 +286,7 @@ function maximizeConsole(img) {
content.removeAttribute("class");
footer.style.display="";
console_area.style.resize="vertical";
- console_area.style.height="300px";
+ console_area.style.height="600px";
}
selectOption(img,0);
}
diff --git a/auth/auth-hello/src/main/java/org/onap/aaf/auth/hello/AAF_Hello.java b/auth/auth-hello/src/main/java/org/onap/aaf/auth/hello/AAF_Hello.java
index 6aee85d3..d88ed097 100644
--- a/auth/auth-hello/src/main/java/org/onap/aaf/auth/hello/AAF_Hello.java
+++ b/auth/auth-hello/src/main/java/org/onap/aaf/auth/hello/AAF_Hello.java
@@ -122,9 +122,13 @@ public class AAF_Hello extends AbsService<AuthzEnv,AuthzTrans> {
Log4JLogIt logIt = new Log4JLogIt(args, "hello");
PropAccess propAccess = new PropAccess(logIt,args);
- AAF_Hello service = new AAF_Hello(new AuthzEnv(propAccess));
- JettyServiceStarter<AuthzEnv,AuthzTrans> jss = new JettyServiceStarter<AuthzEnv,AuthzTrans>(service);
- jss.start();
+ try {
+ new JettyServiceStarter<AuthzEnv,AuthzTrans>(
+ new AAF_Hello(new AuthzEnv(propAccess)),true)
+ .start();
+ } catch (Exception e) {
+ propAccess.log(e);
+ }
} catch (Exception e) {
e.printStackTrace();
}
diff --git a/auth/auth-locate/src/main/java/org/onap/aaf/auth/locate/AAF_Locate.java b/auth/auth-locate/src/main/java/org/onap/aaf/auth/locate/AAF_Locate.java
index 26bdb695..26d0cc37 100644
--- a/auth/auth-locate/src/main/java/org/onap/aaf/auth/locate/AAF_Locate.java
+++ b/auth/auth-locate/src/main/java/org/onap/aaf/auth/locate/AAF_Locate.java
@@ -241,9 +241,13 @@ public class AAF_Locate extends AbsService<AuthzEnv, AuthzTrans> {
Log4JLogIt logIt = new Log4JLogIt(args, "locate");
PropAccess propAccess = new PropAccess(logIt,args);
- AAF_Locate service = new AAF_Locate(new AuthzEnv(propAccess));
- JettyServiceStarter<AuthzEnv,AuthzTrans> jss = new JettyServiceStarter<AuthzEnv,AuthzTrans>(service);
- jss.start();
+ try {
+ new JettyServiceStarter<AuthzEnv,AuthzTrans>(
+ new AAF_Locate(new AuthzEnv(propAccess)),true)
+ .start();
+ } catch (Exception e) {
+ propAccess.log(e);
+ }
} catch (Exception e) {
e.printStackTrace();
}
diff --git a/auth/auth-locate/src/main/java/org/onap/aaf/auth/locate/service/LocateServiceImpl.java b/auth/auth-locate/src/main/java/org/onap/aaf/auth/locate/service/LocateServiceImpl.java
index b6e4dfa8..829335c0 100644
--- a/auth/auth-locate/src/main/java/org/onap/aaf/auth/locate/service/LocateServiceImpl.java
+++ b/auth/auth-locate/src/main/java/org/onap/aaf/auth/locate/service/LocateServiceImpl.java
@@ -22,7 +22,6 @@
package org.onap.aaf.auth.locate.service;
import java.util.List;
-import java.util.UUID;
import org.onap.aaf.auth.dao.cass.ConfigDAO;
import org.onap.aaf.auth.dao.cass.ConfigDAO.Data;
@@ -72,27 +71,31 @@ public class LocateServiceImpl<IN,OUT,ERROR>
return Result.err(Result.ERR_BadData,v.errs());
}
int count = 0;
+ StringBuilder denied = null;
for (MgmtEndpoint me : meps.getMgmtEndpoint()) {
if (permToRegister) {
int dot = me.getName().lastIndexOf('.'); // Note: Validator checks for NS for getName()
- AAFPermission p = new AAFPermission(me.getName().substring(0,dot),"locator",me.getName(),"write");
- if (trans.fish(p)) {
- LocateDAO.Data data = mapper.locateData(me);
- locateDAO.update(trans, data, true);
- ++count;
- } else {
- return Result.err(Result.ERR_Denied,"May not register service (needs " + p.getKey() + ')');
+ AAFPermission p = new AAFPermission(me.getName().substring(0,dot),"locator",me.getHostname(),"write");
+ if (!trans.fish(p)) {
+ if(denied==null) {
+ denied = new StringBuilder("May not register service(s):");
+ }
+
+ denied.append("\n\t");
+ denied.append(p.getKey());
+ denied.append(')');
+ continue;
}
- } else { //TODO if (MechID is part of Namespace) {
- LocateDAO.Data data = mapper.locateData(me);
- locateDAO.update(trans, data, true);
- ++count;
}
+ LocateDAO.Data data = mapper.locateData(me);
+ locateDAO.update(trans, data, true);
+ ++count;
}
if (count>0) {
return Result.ok();
} else {
- return Result.err(Result.ERR_NotFound, "No endpoints found");
+ return denied==null?Result.err(Result.ERR_NotFound, "No endpoints found")
+ :Result.err(Result.ERR_Security,denied.toString());
}
}
@@ -106,22 +109,31 @@ public class LocateServiceImpl<IN,OUT,ERROR>
return Result.err(Result.ERR_BadData,v.errs());
}
int count = 0;
+ StringBuilder denied = null;
for (MgmtEndpoint me : meps.getMgmtEndpoint()) {
- int dot = me.getName().lastIndexOf('.'); // Note: Validator checks for NS for getName()
- AAFPermission p = new AAFPermission(me.getName().substring(0,dot),"locator",me.getHostname(),"write");
- if (trans.fish(p)) {
- LocateDAO.Data data = mapper.locateData(me);
- data.port_key = UUID.randomUUID();
- locateDAO.delete(trans, data, false);
- ++count;
- } else {
- return Result.err(Result.ERR_Denied,"May not register service (needs " + p.getKey() + ')');
- }
+ if (permToRegister) {
+ int dot = me.getName().lastIndexOf('.'); // Note: Validator checks for NS for getName()
+ AAFPermission p = new AAFPermission(me.getName().substring(0,dot),"locator",me.getHostname(),"write");
+ if (!trans.fish(p)) {
+ if(denied==null) {
+ denied = new StringBuilder("May not deregister service(s):");
+ }
+
+ denied.append("\n\t");
+ denied.append(p.getKey());
+ denied.append(')');
+ continue;
+ }
+ }
+ LocateDAO.Data data = mapper.locateData(me);
+ locateDAO.delete(trans, data, true);
+ ++count;
}
if (count>0) {
return Result.ok();
} else {
- return Result.err(Result.ERR_NotFound, "No endpoints found");
+ return denied==null?Result.err(Result.ERR_NotFound, "No endpoints found")
+ :Result.err(Result.ERR_Security,denied.toString());
}
}
diff --git a/auth/auth-oauth/src/main/java/org/onap/aaf/auth/oauth/AAF_OAuth.java b/auth/auth-oauth/src/main/java/org/onap/aaf/auth/oauth/AAF_OAuth.java
index d5a6615f..7f38b65a 100644
--- a/auth/auth-oauth/src/main/java/org/onap/aaf/auth/oauth/AAF_OAuth.java
+++ b/auth/auth-oauth/src/main/java/org/onap/aaf/auth/oauth/AAF_OAuth.java
@@ -192,9 +192,13 @@ public class AAF_OAuth extends AbsService<AuthzEnv,AuthzTrans> {
Log4JLogIt logIt = new Log4JLogIt(args, "oauth");
PropAccess propAccess = new PropAccess(logIt,args);
- AAF_OAuth service = new AAF_OAuth(new AuthzEnv(propAccess));
- JettyServiceStarter<AuthzEnv,AuthzTrans> jss = new JettyServiceStarter<AuthzEnv,AuthzTrans>(service);
- jss.start();
+ try {
+ new JettyServiceStarter<AuthzEnv,AuthzTrans>(
+ new AAF_OAuth(new AuthzEnv(propAccess)),true)
+ .start();
+ } catch (Exception e) {
+ propAccess.log(e);
+ }
} catch (Exception e) {
e.printStackTrace();
}
diff --git a/auth/auth-service/src/main/java/org/onap/aaf/auth/service/AAF_Service.java b/auth/auth-service/src/main/java/org/onap/aaf/auth/service/AAF_Service.java
index 6a63907d..333c0fc1 100644
--- a/auth/auth-service/src/main/java/org/onap/aaf/auth/service/AAF_Service.java
+++ b/auth/auth-service/src/main/java/org/onap/aaf/auth/service/AAF_Service.java
@@ -239,9 +239,13 @@ public class AAF_Service extends AbsService<AuthzEnv,AuthzTrans> {
Log4JLogIt logIt = new Log4JLogIt(args, "authz");
PropAccess propAccess = new PropAccess(logIt,args);
- AbsService<AuthzEnv, AuthzTrans> service = new AAF_Service(new AuthzEnv(propAccess));
- JettyServiceStarter<AuthzEnv,AuthzTrans> jss = new JettyServiceStarter<AuthzEnv,AuthzTrans>(service);
- jss.start();
+ try {
+ new JettyServiceStarter<AuthzEnv,AuthzTrans>(
+ new AAF_Service(new AuthzEnv(propAccess)),true)
+ .start();
+ } catch (Exception e) {
+ propAccess.log(e);
+ }
} catch (Exception e) {
e.printStackTrace();
}
diff --git a/auth/auth-service/src/main/java/org/onap/aaf/auth/service/AuthzCassServiceImpl.java b/auth/auth-service/src/main/java/org/onap/aaf/auth/service/AuthzCassServiceImpl.java
index 41c433f4..1d201f9a 100644
--- a/auth/auth-service/src/main/java/org/onap/aaf/auth/service/AuthzCassServiceImpl.java
+++ b/auth/auth-service/src/main/java/org/onap/aaf/auth/service/AuthzCassServiceImpl.java
@@ -86,6 +86,7 @@ import org.onap.aaf.auth.service.mapper.Mapper.API;
import org.onap.aaf.auth.service.validation.ServiceValidator;
import org.onap.aaf.auth.validation.Validator;
import org.onap.aaf.cadi.principal.BasicPrincipal;
+import org.onap.aaf.cadi.util.FQI;
import org.onap.aaf.misc.env.Env;
import org.onap.aaf.misc.env.TimeTaken;
import org.onap.aaf.misc.env.util.Chrono;
@@ -2311,17 +2312,11 @@ public class AuthzCassServiceImpl <NSS,PERMS,PERMKEY,ROLES,USERS,USERROLES,DE
@Override
public Result<?> mayChange() {
// User can change himself (but not create)
- if (trans.user().equals(cred.id)) {
- return Result.ok();
- }
if (nsd==null) {
nsd = ques.validNSOfDomain(trans, cred.id);
}
// Get the Namespace
if (nsd.isOK()) {
- if (ques.mayUser(trans, trans.user(), nsd.value,Access.write).isOK()) {
- return Result.ok();
- }
String user[] = Split.split('.',trans.user());
if (user.length>2) {
String company = user[user.length-1] + '.' + user[user.length-2];
@@ -3589,7 +3584,7 @@ public class AuthzCassServiceImpl <NSS,PERMS,PERMKEY,ROLES,USERS,USERROLES,DE
return Result.ok(users);
}
- /***********************************
+/***********************************
* HISTORY
***********************************/
@Override
@@ -3682,8 +3677,7 @@ public class AuthzCassServiceImpl <NSS,PERMS,PERMKEY,ROLES,USERS,USERROLES,DE
@Override
public Result<HISTORY> getHistoryByNS(AuthzTrans trans, String ns, int[] yyyymm, final int sort) {
final Validator v = new ServiceValidator();
- if (v.nullOrBlank("NS",ns)
- .err()) {
+ if (v.nullOrBlank("NS",ns).err()) {
return Result.err(Status.ERR_BadData,v.errs());
}
@@ -3703,6 +3697,22 @@ public class AuthzCassServiceImpl <NSS,PERMS,PERMKEY,ROLES,USERS,USERROLES,DE
return mapper.history(trans, resp.value,sort);
}
+ @Override
+ public Result<HISTORY> getHistoryBySubject(AuthzTrans trans, String subject, String target, int[] yyyymm, final int sort) {
+ NsDAO.Data ndd = new NsDAO.Data();
+ ndd.name = FQI.reverseDomain(subject);
+ Result<Data> rnd = ques.mayUser(trans, trans.user(), ndd, Access.read);
+ if (rnd.notOK()) {
+ return Result.err(rnd);
+ }
+
+ Result<List<HistoryDAO.Data>> resp = ques.historyDAO().readBySubject(trans, subject, target, yyyymm);
+ if (resp.notOK()) {
+ return Result.err(resp);
+ }
+ return mapper.history(trans, resp.value,sort);
+ }
+
/***********************************
* DELEGATE
***********************************/
diff --git a/auth/auth-service/src/main/java/org/onap/aaf/auth/service/AuthzService.java b/auth/auth-service/src/main/java/org/onap/aaf/auth/service/AuthzService.java
index a89f64ed..61dbbd95 100644
--- a/auth/auth-service/src/main/java/org/onap/aaf/auth/service/AuthzService.java
+++ b/auth/auth-service/src/main/java/org/onap/aaf/auth/service/AuthzService.java
@@ -636,6 +636,16 @@ public interface AuthzService<NSS,PERMS,PERMKEY,ROLES,USERS,USERROLES,DELGS,CERT
*/
public Result<HISTORY> getHistoryByNS(AuthzTrans trans, String subj, int[] yyyymm, int sort);
+ /**
+ *
+ * @param trans
+ * @param target
+ * @param yyyymm
+ * @param sort
+ * @return
+ */
+ public Result<HISTORY> getHistoryBySubject(AuthzTrans trans, String subject, String target, int[] yyyymm, int sort);
+
/***********************************
* DELEGATE
***********************************/
@@ -753,7 +763,4 @@ public interface AuthzService<NSS,PERMS,PERMKEY,ROLES,USERS,USERROLES,DELGS,CERT
*/
public void dbReset(AuthzTrans trans);
-
-
-
}
diff --git a/auth/auth-service/src/main/java/org/onap/aaf/auth/service/api/API_History.java b/auth/auth-service/src/main/java/org/onap/aaf/auth/service/api/API_History.java
index 2c868d3d..ce730cec 100644
--- a/auth/auth-service/src/main/java/org/onap/aaf/auth/service/api/API_History.java
+++ b/auth/auth-service/src/main/java/org/onap/aaf/auth/service/api/API_History.java
@@ -170,6 +170,33 @@ public class API_History {
}
}
});
+
+ /**
+ * Get History by Subject
+ */
+ authzAPI.route(GET,"/authz/hist/subject/:type/:subject",API.HISTORY,new Code(facade,"Get History by Perm Type", true) {
+ @Override
+ public void handle(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp) throws Exception {
+ int[] years;
+ int descend;
+ try {
+ years = getYears(req);
+ descend = decending(req);
+ } catch (Exception e) {
+ context.error(trans, resp, Result.err(Status.ERR_BadData, e.getMessage()));
+ return;
+ }
+
+ Result<Void> r = context.getHistoryBySubject(trans, resp, pathParam(req,":type"), pathParam(req,":subject"),years,descend);
+ switch(r.status) {
+ case OK:
+ resp.setStatus(HttpStatus.OK_200);
+ break;
+ default:
+ context.error(trans,resp,r);
+ }
+ }
+ });
}
// Check if Ascending
diff --git a/auth/auth-service/src/main/java/org/onap/aaf/auth/service/facade/AuthzFacade.java b/auth/auth-service/src/main/java/org/onap/aaf/auth/service/facade/AuthzFacade.java
index 463de35f..80e02264 100644
--- a/auth/auth-service/src/main/java/org/onap/aaf/auth/service/facade/AuthzFacade.java
+++ b/auth/auth-service/src/main/java/org/onap/aaf/auth/service/facade/AuthzFacade.java
@@ -235,13 +235,15 @@ public interface AuthzFacade {
*/
public abstract Result<Void> getHistoryByUser(AuthzTrans trans, HttpServletResponse resp, String user, int[] yyyymm, final int sort);
- public abstract Result<Void> getHistoryByRole(AuthzTrans trans, HttpServletResponse resp, String subject, int[] yyyymm, final int sort);
+ public abstract Result<Void> getHistoryByRole(AuthzTrans trans, HttpServletResponse resp, String role, int[] yyyymm, final int sort);
- public abstract Result<Void> getHistoryByPerm(AuthzTrans trans, HttpServletResponse resp, String subject, int[] yyyymm, final int sort);
+ public abstract Result<Void> getHistoryByPerm(AuthzTrans trans, HttpServletResponse resp, String perm, int[] yyyymm, final int sort);
- public abstract Result<Void> getHistoryByNS(AuthzTrans trans, HttpServletResponse resp, String subject, int[] yyyymm, final int sort);
+ public abstract Result<Void> getHistoryByNS(AuthzTrans trans, HttpServletResponse resp, String ns, int[] yyyymm, final int sort);
- /*
+ public abstract Result<Void> getHistoryBySubject(AuthzTrans trans, HttpServletResponse resp, String type, String subject, int[] yyyymm, int sort);
+
+ /*
* Cache
*/
public abstract Result<Void> cacheClear(AuthzTrans trans, String pathParam);
diff --git a/auth/auth-service/src/main/java/org/onap/aaf/auth/service/facade/AuthzFacadeImpl.java b/auth/auth-service/src/main/java/org/onap/aaf/auth/service/facade/AuthzFacadeImpl.java
index 02fa842f..253f91da 100644
--- a/auth/auth-service/src/main/java/org/onap/aaf/auth/service/facade/AuthzFacadeImpl.java
+++ b/auth/auth-service/src/main/java/org/onap/aaf/auth/service/facade/AuthzFacadeImpl.java
@@ -2274,6 +2274,7 @@ public abstract class AuthzFacadeImpl<NSS,PERMS,PERMKEY,ROLES,USERS,USERROLES,DE
public static final String GET_HISTORY_ROLE = "getHistoryByRole";
public static final String GET_HISTORY_PERM = "getHistoryByPerm";
public static final String GET_HISTORY_NS = "getHistoryByNS";
+ public static final String GET_HISTORY_SUBJECT = "getHistoryBySubject";
/* (non-Javadoc)
* @see com.att.authz.facade.AuthzFacade#getHistoryByUser(org.onap.aaf.auth.env.test.AuthzTrans, javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse)
*/
@@ -2447,6 +2448,50 @@ public abstract class AuthzFacadeImpl<NSS,PERMS,PERMKEY,ROLES,USERS,USERROLES,DE
}
}
+ /* (non-Javadoc)
+ * @see com.att.authz.facade.AuthzFacade#getHistoryByUser(org.onap.aaf.auth.env.test.AuthzTrans, javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse)
+ */
+ @Override
+ public Result<Void> getHistoryBySubject(AuthzTrans trans, HttpServletResponse resp, String subject, String target, int[] yyyymm, final int sort) {
+ StringBuilder sb = new StringBuilder();
+ sb.append(GET_HISTORY_SUBJECT);
+ sb.append(' ');
+ sb.append(subject);
+ sb.append(" for ");
+ boolean first = true;
+ for (int i : yyyymm) {
+ if (first) {
+ first = false;
+ } else {
+ sb.append(',');
+ }
+ sb.append(i);
+ }
+ TimeTaken tt = trans.start(sb.toString(), Env.SUB|Env.ALWAYS);
+
+ try {
+ Result<HISTORY> rh = service.getHistoryBySubject(trans,subject,target,yyyymm,sort);
+ switch(rh.status) {
+ case OK:
+ RosettaData<HISTORY> data = historyDF.newData(trans).load(rh.value);
+ if (Question.willSpecialLog(trans, trans.user())) {
+ Question.logEncryptTrace(trans,data.asString());
+ }
+
+ data.to(resp.getOutputStream());
+ setContentType(resp,historyDF.getOutType());
+ return Result.ok();
+ default:
+ return Result.err(rh);
+ }
+ } catch (Exception e) {
+ trans.error().log(e,IN,GET_HISTORY_USER);
+ return Result.err(e);
+ } finally {
+ tt.done();
+ }
+ }
+
public final static String CACHE_CLEAR = "cacheClear ";
// public final static String CACHE_VALIDATE = "validateCache";
diff --git a/auth/helm/aaf-hello/aaf.sh b/auth/helm/aaf-hello/aaf.sh
index 5bb83515..b1c8e639 100644
--- a/auth/helm/aaf-hello/aaf.sh
+++ b/auth/helm/aaf-hello/aaf.sh
@@ -1,4 +1,4 @@
-. ../../docker/d.props
+. ../../docker/aaf.props
IMAGE=onap/aaf/aaf_agent:$VERSION
kubectl -n onap run -it --rm aaf-agent-$USER --image=$IMAGE --overrides='
diff --git a/auth/helm/aaf-hello/values.yaml b/auth/helm/aaf-hello/values.yaml
index 8d43070e..3a0a377c 100644
--- a/auth/helm/aaf-hello/values.yaml
+++ b/auth/helm/aaf-hello/values.yaml
@@ -54,7 +54,7 @@ image:
# When using Docker Repo, add, and include trailing "/"
# repository: nexus3.onap.org:10003/
# repository: localhost:5000/
- version: 2.1.12-SNAPSHOT
+ version: 2.1.14-SNAPSHOT
resources: {}
# We usually recommend not to specify default resources and to leave this as a conscious
diff --git a/auth/sample/cass_data/config.dat b/auth/sample/cass_data/config.dat
index 83976192..cf70164b 100644
--- a/auth/sample/cass_data/config.dat
+++ b/auth/sample/cass_data/config.dat
@@ -1,9 +1,12 @@
-aaf|aaf_env|DEV
-aaf|aaf_oauth2_introspect_url|https://AAF_LOCATE_URL/%CNS.%AAF_NS.introspect:2.1/introspect
-aaf|aaf_oauth2_token_url|https://AAF_LOCATE_URL/%CNS.%AAF_NS.token:2.1/token
-aaf|aaf_url|https://AAF_LOCATE_URL/%CNS.%AAF_NS.service:2.1
-aaf|cadi_protocols|TLSv1.1,TLSv1.2
-aaf|cadi_x509_issuers|CN=intermediateCA_1, OU=OSAAF, O=ONAP, C=US:CN=intermediateCA_7, OU=OSAAF, O=ONAP, C=US:CN=intermediateCA_9, OU=OSAAF, O=ONAP, C=US
-aaf|cm_url|https://AAF_LOCATE_URL/%CNS.%AAF_NS.cm:2.1
-aaf|fs_url|https://AAF_LOCATE_URL/%CNS.%AAF_NS.fs:2.1
-aaf|gui_url|https://AAF_LOCATE_URL/%CNS.%AAF_NS.gui:2.1
+aaf,aaf_cm_url,https://AAF_LOCATE_URL/%CNS.%AAF_NS.cm:2.1
+aaf,aaf_env,DEV
+aaf,aaf_fs_url,https://AAF_LOCATE_URL/%CNS.%AAF_NS.fs:2.1
+aaf,aaf_gui_url,https://AAF_LOCATE_URL/%CNS.%AAF_NS.gui:2.1
+aaf,aaf_locate_url,https://aaf.dev.att.com:8095
+aaf,aaf_oauth2_introspect_url,https://AAF_LOCATE_URL/%CNS.%AAF_NS.introspect:2.1/introspect
+aaf,aaf_oauth2_token_url,https://AAF_LOCATE_URL/%CNS.%AAF_NS.token:2.1/token
+aaf,aaf_oauth_url,https://AAF_LOCATE_URL/%CNS.%AAF_NS.oauth:2.1
+aaf,aaf_root_ns,com.att.aaf
+aaf,aaf_url,https://AAF_LOCATE_URL/%CNS.%AAF_NS.service:2.1
+aaf,cadi_protocols,"TLSv1.1,TLSv1.2"
+aaf,cadi_x509_issuers,"CN=intermediateCA_1, OU=OSAAF, O=ONAP, C=US:CN=intermediateCA_7, OU=OSAAF, O=ONAP, C=US:CN=intermediateCA_9, OU=OSAAF, O=ONAP, C=US"
diff --git a/cadi/aaf/src/main/java/org/onap/aaf/cadi/aaf/AAFPermission.java b/cadi/aaf/src/main/java/org/onap/aaf/cadi/aaf/AAFPermission.java
index be1d3922..037ee8be 100644
--- a/cadi/aaf/src/main/java/org/onap/aaf/cadi/aaf/AAFPermission.java
+++ b/cadi/aaf/src/main/java/org/onap/aaf/cadi/aaf/AAFPermission.java
@@ -83,6 +83,9 @@ public class AAFPermission implements Permission {
* If you want a simple field comparison, it is faster without REGEX
*/
public boolean match(Permission p) {
+ if(p==null) {
+ return false;
+ }
String aafNS;
String aafType;
String aafInstance;
diff --git a/cadi/aaf/src/main/java/org/onap/aaf/cadi/register/RegistrationCreator.java b/cadi/aaf/src/main/java/org/onap/aaf/cadi/register/RegistrationCreator.java
index cbf0339b..8b879e4f 100644
--- a/cadi/aaf/src/main/java/org/onap/aaf/cadi/register/RegistrationCreator.java
+++ b/cadi/aaf/src/main/java/org/onap/aaf/cadi/register/RegistrationCreator.java
@@ -90,10 +90,11 @@ public class RegistrationCreator {
}
if(specificVersion!=null) {
String split[] = Split.splitTrim('.', specificVersion);
- locate.setPkg(split.length>3?Integer.parseInt(split[3]):0);
- locate.setPatch(split.length>2?Integer.parseInt(split[2]):0);
- locate.setMinor(split.length>1?Integer.parseInt(split[1]):0);
- locate.setMajor(split.length>0?Integer.parseInt(split[0]):0);
+ String deply[]= Split.splitTrim('.', access.getProperty(Config.AAF_DEPLOYED_VERSION, ""));
+ locate.setMajor(best(split,deply,0));
+ locate.setMinor(best(split,deply,1));
+ locate.setPatch(best(split,deply,2));
+ locate.setPkg(best(split,deply,3));
}
String protocol = access.getProperty(Config.AAF_LOCATOR_PROTOCOL + dot_le, defProtocol);
@@ -131,7 +132,39 @@ public class RegistrationCreator {
return me;
}
- private StringBuilder print(StringBuilder sb, List<MgmtEndpoint> lme) {
+ /*
+ * Find the best version between Actual Interface and Deployed version
+ */
+ private int best(String[] split, String[] deploy, int i) {
+ StringBuilder sb = new StringBuilder();
+ char c;
+ String s;
+ if(split.length>i) {
+ s=split[i];
+ for(int j=0;j<s.length();++j) {
+ if(Character.isDigit(c=s.charAt(j))) {
+ sb.append(c);
+ } else {
+ break;
+ }
+ }
+ }
+
+ if(sb.length()==0 && deploy.length>i) {
+ s=deploy[i];
+ for(int j=0;j<s.length();++j) {
+ if(Character.isDigit(c=s.charAt(j))) {
+ sb.append(c);
+ } else {
+ break;
+ }
+ }
+ }
+
+ return sb.length()==0?0:Integer.parseInt(sb.toString());
+ }
+
+ private StringBuilder print(StringBuilder sb, List<MgmtEndpoint> lme) {
int cnt = 0;
for(MgmtEndpoint m : lme) {
print(sb,cnt++,m);
@@ -155,9 +188,9 @@ public class RegistrationCreator {
out.append('.');
out.append(mep.getMinor());
out.append('.');
- out.append(mep.getPkg());
- out.append('.');
out.append(mep.getPatch());
+ out.append('.');
+ out.append(mep.getPkg());
out.append("\n\tPort: ");
out.append(mep.getPort());
out.append("\n\tProtocol: ");
@@ -201,8 +234,8 @@ public class RegistrationCreator {
out.setLongitude(mep.getLongitude());
out.setMajor(mep.getMajor());
out.setMinor(mep.getMinor());
- out.setPkg(mep.getPkg());
out.setPatch(mep.getPatch());
+ out.setPkg(mep.getPkg());
out.setPort(mep.getPort());
out.setProtocol(mep.getProtocol());
out.getSpecialPorts().addAll(mep.getSpecialPorts());