diff options
Diffstat (limited to 'auth/auth-batch/src/main/java')
38 files changed, 3423 insertions, 3423 deletions
diff --git a/auth/auth-batch/src/main/java/org/onap/aaf/auth/batch/Batch.java b/auth/auth-batch/src/main/java/org/onap/aaf/auth/batch/Batch.java index 36a88b64..f361e750 100644 --- a/auth/auth-batch/src/main/java/org/onap/aaf/auth/batch/Batch.java +++ b/auth/auth-batch/src/main/java/org/onap/aaf/auth/batch/Batch.java @@ -81,7 +81,7 @@ public abstract class Batch { protected static boolean dryRun; protected static String batchEnv; - private static File logdir; + private static File logdir; public static final String CASS_ENV = "CASS_ENV"; public static final String LOG_DIR = "LOG_DIR"; @@ -90,10 +90,10 @@ public abstract class Batch { public static final String GUI_URL="GUI_URL"; protected final Organization org; - protected String version; - protected static final Date now = new Date(); - protected static final Date never = new Date(0); - + protected String version; + protected static final Date now = new Date(); + protected static final Date never = new Date(0); + protected Batch(AuthzEnv env) throws APIException, IOException, OrganizationException { if (batchEnv != null) { env.info().log("Redirecting to ",batchEnv,"environment"); @@ -116,7 +116,7 @@ public abstract class Batch { // Setup for Dry Run if(cluster==null) { - cluster = CassAccess.cluster(env,batchEnv); + cluster = CassAccess.cluster(env,batchEnv); } env.info().log("cluster name - ",cluster.getClusterName()); String dryRunStr = env.getProperty( "DRY_RUN" ); @@ -129,7 +129,7 @@ public abstract class Batch { org = OrganizationFactory.init(env); if(org==null) { - throw new OrganizationException("Organization MUST be defined for Batch"); + throw new OrganizationException("Organization MUST be defined for Batch"); } org.setTestMode(dryRun); @@ -143,9 +143,9 @@ public abstract class Batch { for (String s :names.split(",") ) { env.info().log("\tspecial: " + s ); if(s.indexOf('@')>0) { - specialNames.add( s.trim() ); + specialNames.add( s.trim() ); } else { - specialDomains.add(s.trim()); + specialDomains.add(s.trim()); } } } @@ -166,21 +166,21 @@ public abstract class Batch { } public boolean isSpecial(String user) { - if(user==null) { - return false; - } + if(user==null) { + return false; + } if (specialNames != null && specialNames.contains(user)) { env.info().log("specialName: " + user); return (true); } else { - if(specialDomains!=null) { - for(String sd : specialDomains) { - if(user.endsWith(sd)) { - env.info().log("specialDomain: " + user + " matches " + sd); - return (true); - } - } - } + if(specialDomains!=null) { + for(String sd : specialDomains) { + if(user.endsWith(sd)) { + env.info().log("specialDomain: " + user + " matches " + sd); + return (true); + } + } + } } return (false); } @@ -339,18 +339,18 @@ public abstract class Batch { protected static File logDir() { if(logdir == null) { - String ld = env.getProperty(LOG_DIR); - if (ld==null) { - if (batchEnv==null) { // Deployed Batch doesn't use different ENVs, and a common logdir - ld = "logs/"; - } else { - ld = "logs/"+batchEnv; - } - } - logdir = new File(ld); - if(!logdir.exists()) { - logdir.mkdirs(); - } + String ld = env.getProperty(LOG_DIR); + if (ld==null) { + if (batchEnv==null) { // Deployed Batch doesn't use different ENVs, and a common logdir + ld = "logs/"; + } else { + ld = "logs/"+batchEnv; + } + } + logdir = new File(ld); + if(!logdir.exists()) { + logdir.mkdirs(); + } } return logdir; } @@ -369,8 +369,8 @@ public abstract class Batch { public final void close(AuthzTrans trans) { _close(trans); if(session!=null) { - session.close(); - session = null; + session.close(); + session = null; } if(cluster!=null && !cluster.isClosed()) { cluster.close(); @@ -378,13 +378,13 @@ public abstract class Batch { } public static void main(String[] args) { - // Use a StringBuilder to save off logs until a File can be setup - StringBuilderOutputStream sbos = new StringBuilderOutputStream(); + // Use a StringBuilder to save off logs until a File can be setup + StringBuilderOutputStream sbos = new StringBuilderOutputStream(); PropAccess access = new PropAccess(new PrintStream(sbos),args); access.log(Level.INIT, "------- Starting Batch ------\n Args: "); for(String s: args) { - sbos.getBuffer().append(s); - sbos.getBuffer().append(' '); + sbos.getBuffer().append(s); + sbos.getBuffer().append(' '); } InputStream is = null; @@ -394,32 +394,32 @@ public abstract class Batch { Define.set(access); if(access.getProperty(Config.CADI_PROP_FILES)==null) { - File f = new File("authBatch.props"); - try { - if (f.exists()) { - filename = f.getAbsolutePath(); - is = new FileInputStream(f); - propLoc = f.getPath(); - } else { - URL rsrc = ClassLoader.getSystemResource("authBatch.props"); - filename = rsrc.toString(); - is = rsrc.openStream(); - propLoc = rsrc.getPath(); - } - access.load(is); - } finally { - if (is == null) { - System.err.println("authBatch.props must exist in current dir, or in Classpath"); - System.exit(1); - } - is.close(); - } - if (filename != null) { - access.log(Level.INFO,"Instantiated properties from", filename); - } - - // Log where Config found - access.log(Level.INFO,"Configuring from", propLoc); + File f = new File("authBatch.props"); + try { + if (f.exists()) { + filename = f.getAbsolutePath(); + is = new FileInputStream(f); + propLoc = f.getPath(); + } else { + URL rsrc = ClassLoader.getSystemResource("authBatch.props"); + filename = rsrc.toString(); + is = rsrc.openStream(); + propLoc = rsrc.getPath(); + } + access.load(is); + } finally { + if (is == null) { + System.err.println("authBatch.props must exist in current dir, or in Classpath"); + System.exit(1); + } + is.close(); + } + if (filename != null) { + access.log(Level.INFO,"Instantiated properties from", filename); + } + + // Log where Config found + access.log(Level.INFO,"Configuring from", propLoc); } @@ -432,119 +432,119 @@ public abstract class Batch { // PERF.cassandra.clusters=.... batchEnv = env.getProperty(CASS_ENV); if(batchEnv!=null) { - batchEnv = batchEnv.trim(); + batchEnv = batchEnv.trim(); } File logFile = new File(logDir() + "/batch" + Chrono.dateOnlyStamp(new Date()) + ".log" ); PrintStream batchLog = new PrintStream(new FileOutputStream(logFile,true)); try { - access.setStreamLogIt(batchLog); - sbos.flush(); - batchLog.print(sbos.getBuffer()); - sbos = null; - Logger.getRootLogger().addAppender(new Log4JAccessAppender(access)); - - Batch batch = null; - AuthzTrans trans = env.newTrans(); - - TimeTaken tt = trans.start("Total Run", Env.SUB); - try { - int len = args.length; - if (len > 0) { - String toolName = args[0]; - len -= 1; - if (len < 0) - len = 0; - String nargs[] = new String[len]; - if (len > 0) { - System.arraycopy(args, 1, nargs, 0, len); - } - - env.put(ssargs = env.staticSlot("ARGS"), nargs); - - /* - * Add New Batch Programs (inherit from Batch) here - */ - - // Might be a Report, Update or Temp Batch - Class<?> cls = null; - String classifier = ""; - - String[] pkgs = new String[] { - "org.onap.aaf.auth.batch.update", - "org.onap.aaf.auth.batch.reports", - "org.onap.aaf.auth.batch.temp" - }; - - String ebp = env.getProperty("EXTRA_BATCH_PKGS"); - if(ebp!=null) { - String[] ebps = Split.splitTrim(':', ebp); - String[] temp = new String[ebps.length + pkgs.length]; - System.arraycopy(pkgs,0, temp, 0, pkgs.length); - System.arraycopy(ebps,0,temp,pkgs.length,ebps.length); - pkgs = temp; - } - - for(String p : pkgs) { - try { - cls = ClassLoader.getSystemClassLoader().loadClass(p + '.' + toolName); - int lastDot = p.lastIndexOf('.'); - if(p.length()>0 || p.length()!=lastDot) { - StringBuilder sb = new StringBuilder(); - sb.append(Character.toUpperCase(p.charAt(++lastDot))); - while(++lastDot<p.length()) { - sb.append(p.charAt(lastDot)); - } - sb.append(':'); - classifier = sb.toString(); - break; - } - } catch (ClassNotFoundException e) { - cls = null; - } - } - if (cls != null) { - Constructor<?> cnst = cls.getConstructor(AuthzTrans.class); - batch = (Batch) cnst.newInstance(trans); - env.info().log("Begin", classifier, toolName); - } - - - if (batch == null) { - trans.error().log("No Batch named", toolName, "found"); - } - /* - * End New Batch Programs (inherit from Batch) here - */ - - } - if (batch != null) { - try { - batch.run(trans); - } catch (Exception e) { - if(cluster!=null && !cluster.isClosed()) { - cluster.close(); - } - trans.error().log(e); - } - } - } finally { - tt.done(); - if (batch != null) { - batch.close(trans); - } - StringBuilder sb = new StringBuilder("Task Times\n"); - trans.auditTrail(4, sb, AuthzTrans.SUB, AuthzTrans.REMOTE); - trans.info().log(sb); - } + access.setStreamLogIt(batchLog); + sbos.flush(); + batchLog.print(sbos.getBuffer()); + sbos = null; + Logger.getRootLogger().addAppender(new Log4JAccessAppender(access)); + + Batch batch = null; + AuthzTrans trans = env.newTrans(); + + TimeTaken tt = trans.start("Total Run", Env.SUB); + try { + int len = args.length; + if (len > 0) { + String toolName = args[0]; + len -= 1; + if (len < 0) + len = 0; + String nargs[] = new String[len]; + if (len > 0) { + System.arraycopy(args, 1, nargs, 0, len); + } + + env.put(ssargs = env.staticSlot("ARGS"), nargs); + + /* + * Add New Batch Programs (inherit from Batch) here + */ + + // Might be a Report, Update or Temp Batch + Class<?> cls = null; + String classifier = ""; + + String[] pkgs = new String[] { + "org.onap.aaf.auth.batch.update", + "org.onap.aaf.auth.batch.reports", + "org.onap.aaf.auth.batch.temp" + }; + + String ebp = env.getProperty("EXTRA_BATCH_PKGS"); + if(ebp!=null) { + String[] ebps = Split.splitTrim(':', ebp); + String[] temp = new String[ebps.length + pkgs.length]; + System.arraycopy(pkgs,0, temp, 0, pkgs.length); + System.arraycopy(ebps,0,temp,pkgs.length,ebps.length); + pkgs = temp; + } + + for(String p : pkgs) { + try { + cls = ClassLoader.getSystemClassLoader().loadClass(p + '.' + toolName); + int lastDot = p.lastIndexOf('.'); + if(p.length()>0 || p.length()!=lastDot) { + StringBuilder sb = new StringBuilder(); + sb.append(Character.toUpperCase(p.charAt(++lastDot))); + while(++lastDot<p.length()) { + sb.append(p.charAt(lastDot)); + } + sb.append(':'); + classifier = sb.toString(); + break; + } + } catch (ClassNotFoundException e) { + cls = null; + } + } + if (cls != null) { + Constructor<?> cnst = cls.getConstructor(AuthzTrans.class); + batch = (Batch) cnst.newInstance(trans); + env.info().log("Begin", classifier, toolName); + } + + + if (batch == null) { + trans.error().log("No Batch named", toolName, "found"); + } + /* + * End New Batch Programs (inherit from Batch) here + */ + + } + if (batch != null) { + try { + batch.run(trans); + } catch (Exception e) { + if(cluster!=null && !cluster.isClosed()) { + cluster.close(); + } + trans.error().log(e); + } + } + } finally { + tt.done(); + if (batch != null) { + batch.close(trans); + } + StringBuilder sb = new StringBuilder("Task Times\n"); + trans.auditTrail(4, sb, AuthzTrans.SUB, AuthzTrans.REMOTE); + trans.info().log(sb); + } } finally { - batchLog.close(); + batchLog.close(); } } catch (Exception e) { - if(cluster!=null && !cluster.isClosed()) { - cluster.close(); - } + if(cluster!=null && !cluster.isClosed()) { + cluster.close(); + } e.printStackTrace(System.err); } } diff --git a/auth/auth-batch/src/main/java/org/onap/aaf/auth/batch/approvalsets/ApprovalSet.java b/auth/auth-batch/src/main/java/org/onap/aaf/auth/batch/approvalsets/ApprovalSet.java index 661e40f7..163f1e2c 100644 --- a/auth/auth-batch/src/main/java/org/onap/aaf/auth/batch/approvalsets/ApprovalSet.java +++ b/auth/auth-batch/src/main/java/org/onap/aaf/auth/batch/approvalsets/ApprovalSet.java @@ -35,67 +35,67 @@ import org.onap.aaf.cadi.CadiException; import org.onap.aaf.misc.env.util.Chrono; public class ApprovalSet { - private DataView dataview; - protected FutureDAO.Data fdd; - protected List<ApprovalDAO.Data> ladd; - - public ApprovalSet(final GregorianCalendar start, final String target, final DataView dv) { - dataview = dv; - fdd = new FutureDAO.Data(); - fdd.id = Chrono.dateToUUID(System.currentTimeMillis()); - fdd.target = target; - fdd.start = start.getTime(); - ladd = new ArrayList<>(); - } - - protected void setConstruct(final ByteBuffer bytes) { - fdd.construct = bytes; - } + private DataView dataview; + protected FutureDAO.Data fdd; + protected List<ApprovalDAO.Data> ladd; + + public ApprovalSet(final GregorianCalendar start, final String target, final DataView dv) { + dataview = dv; + fdd = new FutureDAO.Data(); + fdd.id = Chrono.dateToUUID(System.currentTimeMillis()); + fdd.target = target; + fdd.start = start.getTime(); + ladd = new ArrayList<>(); + } + + protected void setConstruct(final ByteBuffer bytes) { + fdd.construct = bytes; + } - protected void setMemo(final String memo) { - fdd.memo = memo; - } - - protected void setExpires(final GregorianCalendar expires) { - fdd.expires = expires.getTime(); - } - - public Result<Void> write(AuthzTrans trans) { - StringBuilder errs = null; - if(ladd == null || ladd.isEmpty()) { - errs = new StringBuilder("No Approvers for "); - errs .append(fdd.memo); - } else { - Result<FutureDAO.Data> rf = dataview.insert(trans, fdd); - if(rf.notOK()) { - errs = new StringBuilder(); - errs.append(rf.errorString()); - } else { - for(ApprovalDAO.Data add : ladd) { - Result<ApprovalDAO.Data> af = dataview.insert(trans, add); - if(af.notOK()) { - if(errs==null) { - errs = new StringBuilder(); - } else { - errs.append('\n'); - } - errs.append(af.errorString()); - } - } - } - } - return errs==null?Result.ok():Result.err(Result.ERR_Backend,errs.toString()); - } + protected void setMemo(final String memo) { + fdd.memo = memo; + } + + protected void setExpires(final GregorianCalendar expires) { + fdd.expires = expires.getTime(); + } + + public Result<Void> write(AuthzTrans trans) { + StringBuilder errs = null; + if(ladd == null || ladd.isEmpty()) { + errs = new StringBuilder("No Approvers for "); + errs .append(fdd.memo); + } else { + Result<FutureDAO.Data> rf = dataview.insert(trans, fdd); + if(rf.notOK()) { + errs = new StringBuilder(); + errs.append(rf.errorString()); + } else { + for(ApprovalDAO.Data add : ladd) { + Result<ApprovalDAO.Data> af = dataview.insert(trans, add); + if(af.notOK()) { + if(errs==null) { + errs = new StringBuilder(); + } else { + errs.append('\n'); + } + errs.append(af.errorString()); + } + } + } + } + return errs==null?Result.ok():Result.err(Result.ERR_Backend,errs.toString()); + } - public boolean hasApprovals() { - return !ladd.isEmpty(); - } - - public Set<String> approvers() { - Set<String> rv = new HashSet<>(); - for(ApprovalDAO.Data app : ladd) { - rv.add(app.approver); - } - return rv; - } + public boolean hasApprovals() { + return !ladd.isEmpty(); + } + + public Set<String> approvers() { + Set<String> rv = new HashSet<>(); + for(ApprovalDAO.Data app : ladd) { + rv.add(app.approver); + } + return rv; + } }
\ No newline at end of file diff --git a/auth/auth-batch/src/main/java/org/onap/aaf/auth/batch/approvalsets/DataView.java b/auth/auth-batch/src/main/java/org/onap/aaf/auth/batch/approvalsets/DataView.java index 3b90f3a9..c197f7f2 100644 --- a/auth/auth-batch/src/main/java/org/onap/aaf/auth/batch/approvalsets/DataView.java +++ b/auth/auth-batch/src/main/java/org/onap/aaf/auth/batch/approvalsets/DataView.java @@ -37,7 +37,7 @@ import org.onap.aaf.auth.layer.Result; * 2) tested in Memory * 3) combined for REAL time by running Cached Memory * 4) Streamable in - * a) Binary + * a) Binary * b) CSV * c) JSON * d) XML @@ -46,7 +46,7 @@ import org.onap.aaf.auth.layer.Result; * But in the end, it looks like: * 1) Data Structures * 2) Find the Data Structures by various means, accounting for - * a) Multiple Responses + * a) Multiple Responses * b) Errors from the deepest level, made available through the call stack * 3) * @@ -54,20 +54,20 @@ import org.onap.aaf.auth.layer.Result; * */ public interface DataView { - // Reads - public Result<NsDAO.Data> ns(final AuthzTrans trans, final String id); - public Result<RoleDAO.Data> roleByName(final AuthzTrans trans, final String name); - public Result<List<UserRoleDAO.Data>> ursByRole(final AuthzTrans trans, final String role); - public Result<List<UserRoleDAO.Data>> ursByUser(final AuthzTrans trans, final String user); + // Reads + public Result<NsDAO.Data> ns(final AuthzTrans trans, final String id); + public Result<RoleDAO.Data> roleByName(final AuthzTrans trans, final String name); + public Result<List<UserRoleDAO.Data>> ursByRole(final AuthzTrans trans, final String role); + public Result<List<UserRoleDAO.Data>> ursByUser(final AuthzTrans trans, final String user); - // Inserts - public Result<ApprovalDAO.Data> insert(final AuthzTrans trans, final ApprovalDAO.Data add); - public Result<FutureDAO.Data> insert(final AuthzTrans trans, final FutureDAO.Data add); - - // Deletes - public Result<ApprovalDAO.Data> delete(final AuthzTrans trans, final ApprovalDAO.Data add); - public Result<FutureDAO.Data> delete(final AuthzTrans trans, final FutureDAO.Data add); - - // Clear any buffers - public void flush(); + // Inserts + public Result<ApprovalDAO.Data> insert(final AuthzTrans trans, final ApprovalDAO.Data add); + public Result<FutureDAO.Data> insert(final AuthzTrans trans, final FutureDAO.Data add); + + // Deletes + public Result<ApprovalDAO.Data> delete(final AuthzTrans trans, final ApprovalDAO.Data add); + public Result<FutureDAO.Data> delete(final AuthzTrans trans, final FutureDAO.Data add); + + // Clear any buffers + public void flush(); } diff --git a/auth/auth-batch/src/main/java/org/onap/aaf/auth/batch/approvalsets/Loader.java b/auth/auth-batch/src/main/java/org/onap/aaf/auth/batch/approvalsets/Loader.java index 806599e0..8bade4a4 100644 --- a/auth/auth-batch/src/main/java/org/onap/aaf/auth/batch/approvalsets/Loader.java +++ b/auth/auth-batch/src/main/java/org/onap/aaf/auth/batch/approvalsets/Loader.java @@ -23,5 +23,5 @@ package org.onap.aaf.auth.batch.approvalsets; import org.onap.aaf.cadi.CadiException; public interface Loader<T> { - public T load() throws CadiException; + public T load() throws CadiException; } diff --git a/auth/auth-batch/src/main/java/org/onap/aaf/auth/batch/approvalsets/Pending.java b/auth/auth-batch/src/main/java/org/onap/aaf/auth/batch/approvalsets/Pending.java index 5d720c2f..eed67338 100644 --- a/auth/auth-batch/src/main/java/org/onap/aaf/auth/batch/approvalsets/Pending.java +++ b/auth/auth-batch/src/main/java/org/onap/aaf/auth/batch/approvalsets/Pending.java @@ -28,82 +28,82 @@ import org.onap.aaf.cadi.util.CSV.Writer; import org.onap.aaf.misc.env.util.Chrono; public class Pending { - public static final String REMIND = "remind"; - - int qty; - boolean hasNew; - Date earliest; - - /** - * Use this constructor to indicate when last Notified - * @param last_notified - */ - public Pending(Date last_notified) { - qty = 1; - hasNew = last_notified==null; - earliest = last_notified; - } + public static final String REMIND = "remind"; + + int qty; + boolean hasNew; + Date earliest; + + /** + * Use this constructor to indicate when last Notified + * @param last_notified + */ + public Pending(Date last_notified) { + qty = 1; + hasNew = last_notified==null; + earliest = last_notified; + } - /** - * Create from CSV Row - * @param row - * @throws ParseException - */ - public Pending(List<String> row) throws ParseException { - hasNew = Boolean.parseBoolean(row.get(2)); - String d = row.get(3); - if(d==null || d.isEmpty()) { - earliest = null; - } else { - earliest = Chrono.dateOnlyFmt.parse(d); - } - qty = Integer.parseInt(row.get(4)); - } + /** + * Create from CSV Row + * @param row + * @throws ParseException + */ + public Pending(List<String> row) throws ParseException { + hasNew = Boolean.parseBoolean(row.get(2)); + String d = row.get(3); + if(d==null || d.isEmpty()) { + earliest = null; + } else { + earliest = Chrono.dateOnlyFmt.parse(d); + } + qty = Integer.parseInt(row.get(4)); + } - /** - * Write CSV Row - * @param approveCW - * @param key - */ - public void row(Writer approveCW, String key) { - approveCW.row(REMIND,key,hasNew,Chrono.dateOnlyStamp(earliest),qty); - } + /** + * Write CSV Row + * @param approveCW + * @param key + */ + public void row(Writer approveCW, String key) { + approveCW.row(REMIND,key,hasNew,Chrono.dateOnlyStamp(earliest),qty); + } - public void inc() { - ++qty; - } - - public void inc(Pending value) { - qty+=value.qty; - if(earliest==null) { - earliest = value.earliest; - } else if(value.earliest!=null && value.earliest.before(earliest)) { - earliest = value.earliest; - } - } + public void inc() { + ++qty; + } + + public void inc(Pending value) { + qty+=value.qty; + if(earliest==null) { + earliest = value.earliest; + } else if(value.earliest!=null && value.earliest.before(earliest)) { + earliest = value.earliest; + } + } - public void earliest(Date lastnotified) { - if(lastnotified==null) { - hasNew=true; - } else if (earliest==null || lastnotified.before(earliest)) { - earliest = lastnotified; - } - } - - public int qty() { - return qty; - } - - public Date earliest() { - return earliest; - } - - public boolean newApprovals() { - return hasNew; - } + public void earliest(Date lastnotified) { + if(lastnotified==null) { + hasNew=true; + } else if (earliest==null || lastnotified.before(earliest)) { + earliest = lastnotified; + } + } + + public int qty() { + return qty; + } + + public Date earliest() { + return earliest; + } + + public boolean newApprovals() { + return hasNew; + } - public static Pending create() { - return new Pending((Date)null); - } + public static Pending create() { + return new Pending((Date)null); + } }
\ No newline at end of file diff --git a/auth/auth-batch/src/main/java/org/onap/aaf/auth/batch/approvalsets/Ticket.java b/auth/auth-batch/src/main/java/org/onap/aaf/auth/batch/approvalsets/Ticket.java index 1259c87e..1884262f 100644 --- a/auth/auth-batch/src/main/java/org/onap/aaf/auth/batch/approvalsets/Ticket.java +++ b/auth/auth-batch/src/main/java/org/onap/aaf/auth/batch/approvalsets/Ticket.java @@ -27,11 +27,11 @@ import org.onap.aaf.auth.batch.helpers.Approval; import org.onap.aaf.auth.batch.helpers.Future; public class Ticket { - public final Future f; - public final Set<Approval> approvals; - - public Ticket(Future future) { - this.f = future; - approvals = new HashSet<>(); - } + public final Future f; + public final Set<Approval> approvals; + + public Ticket(Future future) { + this.f = future; + approvals = new HashSet<>(); + } }
\ No newline at end of file diff --git a/auth/auth-batch/src/main/java/org/onap/aaf/auth/batch/approvalsets/URApprovalSet.java b/auth/auth-batch/src/main/java/org/onap/aaf/auth/batch/approvalsets/URApprovalSet.java index 91006c41..da13e84c 100644 --- a/auth/auth-batch/src/main/java/org/onap/aaf/auth/batch/approvalsets/URApprovalSet.java +++ b/auth/auth-batch/src/main/java/org/onap/aaf/auth/batch/approvalsets/URApprovalSet.java @@ -41,111 +41,111 @@ import org.onap.aaf.cadi.CadiException; import org.onap.aaf.misc.env.util.Chrono; public class URApprovalSet extends ApprovalSet { - private static final String FMT_SUFFIX = "%s] - Expires %s"; - private static final String EXTEND_ACCESS_FMT = Approval.RE_APPROVAL_IN_ROLE + "%s] to Role [" + FMT_SUFFIX; - private static final String REVALIDATE_AS_ADMIN_FMT = Approval.RE_VALIDATE_ADMIN + FMT_SUFFIX; - private static final String REVALIDATE_AS_OWNER_FMT = Approval.RE_VALIDATE_OWNER + FMT_SUFFIX; + private static final String FMT_SUFFIX = "%s] - Expires %s"; + private static final String EXTEND_ACCESS_FMT = Approval.RE_APPROVAL_IN_ROLE + "%s] to Role [" + FMT_SUFFIX; + private static final String REVALIDATE_AS_ADMIN_FMT = Approval.RE_VALIDATE_ADMIN + FMT_SUFFIX; + private static final String REVALIDATE_AS_OWNER_FMT = Approval.RE_VALIDATE_OWNER + FMT_SUFFIX; - public URApprovalSet(final AuthzTrans trans, final GregorianCalendar start, final DataView dv, final Loader<UserRoleDAO.Data> lurdd) throws IOException, CadiException { - super(start, "user_role", dv); - Organization org = trans.org(); - UserRoleDAO.Data urdd = lurdd.load(); - setConstruct(urdd.bytify()); - setMemo(getMemo(urdd)); - GregorianCalendar expires = org.expiration(null, Organization.Expiration.UserInRole); - if(urdd.expires.before(expires.getTime())) { - expires.setTime(urdd.expires); - } - setExpires(expires); - setTargetKey(urdd.user+'|'+urdd.role); - setTargetDate(urdd.expires); - - Result<RoleDAO.Data> r = dv.roleByName(trans, urdd.role); - if(r.notOKorIsEmpty()) { - throw new CadiException(r.errorString()); - } - Result<NsDAO.Data> n = dv.ns(trans, urdd.ns); - if(n.notOKorIsEmpty()) { - throw new CadiException(n.errorString()); - } - UserRoleDAO.Data found = null; - Result<List<Data>> lur = dv.ursByRole(trans, urdd.role); - if(lur.isOK()) { - for(UserRoleDAO.Data ur : lur.value) { - if(urdd.user.equals(ur.user)) { - found = ur; - break; - } - } - } - if(found==null) { - throw new CadiException(String.format("User '%s' in Role '%s' does not exist", urdd.user,urdd.role)); - } - - // Primarily, Owners are responsible, unless it's owned by self - boolean isOwner = false; - Result<List<UserRoleDAO.Data>> owners = dv.ursByRole(trans, urdd.ns+".owner"); - if(owners.isOK()) { - for(UserRoleDAO.Data owner : owners.value) { - if(urdd.user.equals(owner.user)) { - isOwner = true; - } else { - ApprovalDAO.Data add = newApproval(urdd); - add.approver = owner.user; - add.type="owner"; - ladd.add(add); - } - } - } + public URApprovalSet(final AuthzTrans trans, final GregorianCalendar start, final DataView dv, final Loader<UserRoleDAO.Data> lurdd) throws IOException, CadiException { + super(start, "user_role", dv); + Organization org = trans.org(); + UserRoleDAO.Data urdd = lurdd.load(); + setConstruct(urdd.bytify()); + setMemo(getMemo(urdd)); + GregorianCalendar expires = org.expiration(null, Organization.Expiration.UserInRole); + if(urdd.expires.before(expires.getTime())) { + expires.setTime(urdd.expires); + } + setExpires(expires); + setTargetKey(urdd.user+'|'+urdd.role); + setTargetDate(urdd.expires); + + Result<RoleDAO.Data> r = dv.roleByName(trans, urdd.role); + if(r.notOKorIsEmpty()) { + throw new CadiException(r.errorString()); + } + Result<NsDAO.Data> n = dv.ns(trans, urdd.ns); + if(n.notOKorIsEmpty()) { + throw new CadiException(n.errorString()); + } + UserRoleDAO.Data found = null; + Result<List<Data>> lur = dv.ursByRole(trans, urdd.role); + if(lur.isOK()) { + for(UserRoleDAO.Data ur : lur.value) { + if(urdd.user.equals(ur.user)) { + found = ur; + break; + } + } + } + if(found==null) { + throw new CadiException(String.format("User '%s' in Role '%s' does not exist", urdd.user,urdd.role)); + } + + // Primarily, Owners are responsible, unless it's owned by self + boolean isOwner = false; + Result<List<UserRoleDAO.Data>> owners = dv.ursByRole(trans, urdd.ns+".owner"); + if(owners.isOK()) { + for(UserRoleDAO.Data owner : owners.value) { + if(urdd.user.equals(owner.user)) { + isOwner = true; + } else { + ApprovalDAO.Data add = newApproval(urdd); + add.approver = owner.user; + add.type="owner"; + ladd.add(add); + } + } + } - if(isOwner) { - try { - List<Identity> apprs = org.getApprovers(trans, urdd.user); - if(apprs!=null) { - for(Identity i : apprs) { - ApprovalDAO.Data add = newApproval(urdd); - add.approver = i.fullID(); - add.type = org.getApproverType(); - ladd.add(add); - } - } - } catch (OrganizationException e) { - throw new CadiException(e); - } - } - } - - private void setTargetDate(Date expires) { - fdd.target_date = expires; - } + if(isOwner) { + try { + List<Identity> apprs = org.getApprovers(trans, urdd.user); + if(apprs!=null) { + for(Identity i : apprs) { + ApprovalDAO.Data add = newApproval(urdd); + add.approver = i.fullID(); + add.type = org.getApproverType(); + ladd.add(add); + } + } + } catch (OrganizationException e) { + throw new CadiException(e); + } + } + } + + private void setTargetDate(Date expires) { + fdd.target_date = expires; + } - private void setTargetKey(String key) { - fdd.target_key = key; - } + private void setTargetKey(String key) { + fdd.target_key = key; + } - private ApprovalDAO.Data newApproval(UserRoleDAO.Data urdd) { - ApprovalDAO.Data add = new ApprovalDAO.Data(); - add.id = Chrono.dateToUUID(System.currentTimeMillis()); - add.ticket = fdd.id; - add.user = urdd.user; - add.operation = FUTURE_OP.A.name(); - add.status = ApprovalDAO.PENDING; - add.memo = getMemo(urdd); - return add; - } + private ApprovalDAO.Data newApproval(UserRoleDAO.Data urdd) { + ApprovalDAO.Data add = new ApprovalDAO.Data(); + add.id = Chrono.dateToUUID(System.currentTimeMillis()); + add.ticket = fdd.id; + add.user = urdd.user; + add.operation = FUTURE_OP.A.name(); + add.status = ApprovalDAO.PENDING; + add.memo = getMemo(urdd); + return add; + } - private String getMemo(Data urdd) { - switch(urdd.rname) { - case "owner": - return String.format(REVALIDATE_AS_OWNER_FMT,urdd.ns,Chrono.dateOnlyStamp(urdd.expires)); - case "admin": - return String.format(REVALIDATE_AS_ADMIN_FMT,urdd.ns,Chrono.dateOnlyStamp(urdd.expires)); - default: - return String.format(EXTEND_ACCESS_FMT, - urdd.user, - urdd.role, - Chrono.dateOnlyStamp(urdd.expires)); - } - } + private String getMemo(Data urdd) { + switch(urdd.rname) { + case "owner": + return String.format(REVALIDATE_AS_OWNER_FMT,urdd.ns,Chrono.dateOnlyStamp(urdd.expires)); + case "admin": + return String.format(REVALIDATE_AS_ADMIN_FMT,urdd.ns,Chrono.dateOnlyStamp(urdd.expires)); + default: + return String.format(EXTEND_ACCESS_FMT, + urdd.user, + urdd.role, + Chrono.dateOnlyStamp(urdd.expires)); + } + } } diff --git a/auth/auth-batch/src/main/java/org/onap/aaf/auth/batch/helpers/Approval.java b/auth/auth-batch/src/main/java/org/onap/aaf/auth/batch/helpers/Approval.java index c32db2e2..a9029626 100644 --- a/auth/auth-batch/src/main/java/org/onap/aaf/auth/batch/helpers/Approval.java +++ b/auth/auth-batch/src/main/java/org/onap/aaf/auth/batch/helpers/Approval.java @@ -45,7 +45,7 @@ import com.datastax.driver.core.SimpleStatement; import com.datastax.driver.core.Statement; public class Approval implements CacheChange.Data { - public static final String ADD_USER_TO_ROLE = "Add User ["; + public static final String ADD_USER_TO_ROLE = "Add User ["; public static final String RE_APPROVAL_IN_ROLE = "Extend access of User ["; public static final String RE_VALIDATE_ADMIN = "Revalidate as Admin of AAF Namespace ["; public static final String RE_VALIDATE_OWNER = "Revalidate as Owner of AAF Namespace ["; @@ -139,14 +139,14 @@ public class Approval implements CacheChange.Data { } else if (memo.startsWith(RE_VALIDATE_OWNER)) { return role + ".owner"; } else { - first = memo.indexOf('[',second); - if(first>=0) { - second = memo.indexOf(']', ++first); - if(second>=0 && (memo.startsWith(RE_APPROVAL_IN_ROLE) || + first = memo.indexOf('[',second); + if(first>=0) { + second = memo.indexOf(']', ++first); + if(second>=0 && (memo.startsWith(RE_APPROVAL_IN_ROLE) || memo.startsWith(ADD_USER_TO_ROLE))) { - return memo.substring(first, second); - } - } + return memo.substring(first, second); + } + } } } } @@ -154,47 +154,47 @@ public class Approval implements CacheChange.Data { } public static int load(Trans trans, Session session, Creator<Approval> creator, Visitor<Approval> visitor) { - int count = 0; - try { - count+=call(trans,session,creator.query(null), creator, visitor); + int count = 0; + try { + count+=call(trans,session,creator.query(null), creator, visitor); } finally { trans.info().log("Found",count,"Approval Records"); } - return count; + return count; } - public static int load(Trans trans, Session session, Creator<Approval> creator ) { - int count = 0; - try { - count+=call(trans,session,creator.query(null), creator, FullLoad); + public static int load(Trans trans, Session session, Creator<Approval> creator ) { + int count = 0; + try { + count+=call(trans,session,creator.query(null), creator, FullLoad); } finally { trans.info().log("Found",count,"Approval Records"); } - return count; + return count; } public static int loadUsers(Trans trans, Session session, Set<String> users, Visitor<Approval> visitor) { - int total = 0; - for(String user : users) { - total+=call(trans,session,String.format("%s WHERE user='%s';",v2_0_17.select(), user),v2_0_17,visitor); - } - return total; + int total = 0; + for(String user : users) { + total+=call(trans,session,String.format("%s WHERE user='%s';",v2_0_17.select(), user),v2_0_17,visitor); + } + return total; } public static void row(CSV.RowSetter crs, Approval app) { - crs.row("approval",app.add.id,app.add.ticket,app.add.user,app.role,app.add.memo); - } + crs.row("approval",app.add.id,app.add.ticket,app.add.user,app.role,app.add.memo); + } - private static int call(Trans trans, Session session, String query, Creator<Approval> creator, Visitor<Approval> visitor) { - TimeTaken tt = trans.start("DB Query", Trans.REMOTE); + private static int call(Trans trans, Session session, String query, Creator<Approval> creator, Visitor<Approval> visitor) { + TimeTaken tt = trans.start("DB Query", Trans.REMOTE); ResultSet results; try { Statement stmt = new SimpleStatement( query ); results = session.execute(stmt); int count = 0; for (Row row : results.all()) { - ++count; - visitor.visit(creator.create(row)); + ++count; + visitor.visit(creator.create(row)); } return count; } finally { @@ -223,11 +223,11 @@ public class Approval implements CacheChange.Data { } public static void clear() { - byApprover.clear(); - byUser.clear(); - byTicket.clear(); - list.clear(); - cache.resetLocalData(); + byApprover.clear(); + byUser.clear(); + byTicket.clear(); + list.clear(); + cache.resetLocalData(); } /** @@ -332,10 +332,10 @@ public class Approval implements CacheChange.Data { return cache.contains(a); } - public static void deleteByIDBatch(StringBuilder sb, String id) { - sb.append("DELETE from authz.approval where id="); - sb.append(id); - sb.append(";\n"); - } + public static void deleteByIDBatch(StringBuilder sb, String id) { + sb.append("DELETE from authz.approval where id="); + sb.append(id); + sb.append(";\n"); + } } diff --git a/auth/auth-batch/src/main/java/org/onap/aaf/auth/batch/helpers/BatchDataView.java b/auth/auth-batch/src/main/java/org/onap/aaf/auth/batch/helpers/BatchDataView.java index 9f269d0d..ab3a49fa 100644 --- a/auth/auth-batch/src/main/java/org/onap/aaf/auth/batch/helpers/BatchDataView.java +++ b/auth/auth-batch/src/main/java/org/onap/aaf/auth/batch/helpers/BatchDataView.java @@ -42,147 +42,147 @@ import org.onap.aaf.misc.env.util.Chrono; import com.datastax.driver.core.Session; public class BatchDataView implements DataView { - private static final String QUOTE_PAREN_SEMI = "');\n"; - private static final String QUOTE_COMMA = "',"; - private static final String QUOTE_COMMA_QUOTE = "','"; - private static final String COMMA_QUOTE = ",'"; - private final CQLBatchLoop cqlBatch; - private final Session session; + private static final String QUOTE_PAREN_SEMI = "');\n"; + private static final String QUOTE_COMMA = "',"; + private static final String QUOTE_COMMA_QUOTE = "','"; + private static final String COMMA_QUOTE = ",'"; + private final CQLBatchLoop cqlBatch; + private final Session session; - public BatchDataView(final AuthzTrans trans, final Session session, final boolean dryRun ) throws APIException, IOException { - this.session = session; - cqlBatch = new CQLBatchLoop(new CQLBatch(trans.info(),session),50,dryRun); - } + public BatchDataView(final AuthzTrans trans, final Session session, final boolean dryRun ) throws APIException, IOException { + this.session = session; + cqlBatch = new CQLBatchLoop(new CQLBatch(trans.info(),session),50,dryRun); + } - public Session getSession(AuthzTrans trans) throws APIException, IOException { - return session; - } - - public Result<NsDAO.Data> ns(AuthzTrans trans, String id) { - NS n; - TimeTaken tt = trans.start("Get NS by ID %s", Trans.SUB, id); - try { - n=NS.data.get(id); - } finally { - tt.done(); - } - - if(n==null || n.ndd==null) { - return Result.err(Result.ERR_Backend,"Namespace '%s' does not exist", id); - } - return Result.ok(n.ndd); - } + public Session getSession(AuthzTrans trans) throws APIException, IOException { + return session; + } + + public Result<NsDAO.Data> ns(AuthzTrans trans, String id) { + NS n; + TimeTaken tt = trans.start("Get NS by ID %s", Trans.SUB, id); + try { + n=NS.data.get(id); + } finally { + tt.done(); + } + + if(n==null || n.ndd==null) { + return Result.err(Result.ERR_Backend,"Namespace '%s' does not exist", id); + } + return Result.ok(n.ndd); + } - - @Override - public Result<RoleDAO.Data> roleByName(AuthzTrans trans, String name) { - Role r = Role.byName.get(name); - if(r==null || r.rdd==null) { - return Result.err(Result.ERR_Backend,"Role '%s' does not exist", name); - } - return Result.ok(r.rdd); - } + + @Override + public Result<RoleDAO.Data> roleByName(AuthzTrans trans, String name) { + Role r = Role.byName.get(name); + if(r==null || r.rdd==null) { + return Result.err(Result.ERR_Backend,"Role '%s' does not exist", name); + } + return Result.ok(r.rdd); + } - @Override - public Result<List<UserRoleDAO.Data>> ursByRole(AuthzTrans trans, String role) { - List<UserRole> urs = UserRole.getByRole().get(role); - if(urs==null) { - return Result.err(Result.ERR_Backend, "UserRoles for Role '%s' does not exist", role); - } - return toLURDD(urs); - } + @Override + public Result<List<UserRoleDAO.Data>> ursByRole(AuthzTrans trans, String role) { + List<UserRole> urs = UserRole.getByRole().get(role); + if(urs==null) { + return Result.err(Result.ERR_Backend, "UserRoles for Role '%s' does not exist", role); + } + return toLURDD(urs); + } - private Result<List<Data>> toLURDD(List<UserRole> urs) { - List<UserRoleDAO.Data> rv = new ArrayList<>(); - if(urs!=null) { - for(UserRole ur : urs) { - rv.add(ur.urdd()); - } - } - return Result.ok(rv); - } + private Result<List<Data>> toLURDD(List<UserRole> urs) { + List<UserRoleDAO.Data> rv = new ArrayList<>(); + if(urs!=null) { + for(UserRole ur : urs) { + rv.add(ur.urdd()); + } + } + return Result.ok(rv); + } - @Override - public Result<List<UserRoleDAO.Data>> ursByUser(AuthzTrans trans, String user) { - List<UserRole> urs = UserRole.getByUser().get(user); - if(urs==null) { - return Result.err(Result.ERR_Backend, "UserRoles for User '%s' does not exist", user); - } - return toLURDD(urs); - } + @Override + public Result<List<UserRoleDAO.Data>> ursByUser(AuthzTrans trans, String user) { + List<UserRole> urs = UserRole.getByUser().get(user); + if(urs==null) { + return Result.err(Result.ERR_Backend, "UserRoles for User '%s' does not exist", user); + } + return toLURDD(urs); + } - @Override - public Result<FutureDAO.Data> delete(AuthzTrans trans, FutureDAO.Data fdd) { - StringBuilder sb = cqlBatch.inc(); - sb.append("DELETE from authz.future WHERE id = "); - sb.append(fdd.id.toString()); - return Result.ok(fdd); - } - - @Override - public Result<ApprovalDAO.Data> delete(AuthzTrans trans, ApprovalDAO.Data add) { - StringBuilder sb = cqlBatch.inc(); - sb.append("DELETE from authz.approval WHERE id = "); - sb.append(add.id.toString()); - return Result.ok(add); - } + @Override + public Result<FutureDAO.Data> delete(AuthzTrans trans, FutureDAO.Data fdd) { + StringBuilder sb = cqlBatch.inc(); + sb.append("DELETE from authz.future WHERE id = "); + sb.append(fdd.id.toString()); + return Result.ok(fdd); + } + + @Override + public Result<ApprovalDAO.Data> delete(AuthzTrans trans, ApprovalDAO.Data add) { + StringBuilder sb = cqlBatch.inc(); + sb.append("DELETE from authz.approval WHERE id = "); + sb.append(add.id.toString()); + return Result.ok(add); + } - @Override - public Result<ApprovalDAO.Data> insert(AuthzTrans trans, ApprovalDAO.Data add) { - StringBuilder sb = cqlBatch.inc(); - sb.append("INSERT INTO authz.approval (id,approver,memo,operation,status,ticket,type,user) VALUES ("); - sb.append(add.id.toString()); - sb.append(COMMA_QUOTE); - sb.append(add.approver); -// sb.append(QUOTE_COMMA_QUOTE); -// sb.append(Chrono.utcStamp(add.last_notified)); - sb.append(QUOTE_COMMA_QUOTE); - sb.append(add.memo.replace("'", "''")); - sb.append(QUOTE_COMMA_QUOTE); - sb.append(add.operation); - sb.append(QUOTE_COMMA_QUOTE); - sb.append(add.status); - sb.append(QUOTE_COMMA); - sb.append(add.ticket.toString()); - sb.append(COMMA_QUOTE); - sb.append(add.type); - sb.append(QUOTE_COMMA_QUOTE); - sb.append(add.user); - sb.append(QUOTE_PAREN_SEMI); - return Result.ok(add); - } + @Override + public Result<ApprovalDAO.Data> insert(AuthzTrans trans, ApprovalDAO.Data add) { + StringBuilder sb = cqlBatch.inc(); + sb.append("INSERT INTO authz.approval (id,approver,memo,operation,status,ticket,type,user) VALUES ("); + sb.append(add.id.toString()); + sb.append(COMMA_QUOTE); + sb.append(add.approver); +// sb.append(QUOTE_COMMA_QUOTE); +// sb.append(Chrono.utcStamp(add.last_notified)); + sb.append(QUOTE_COMMA_QUOTE); + sb.append(add.memo.replace("'", "''")); + sb.append(QUOTE_COMMA_QUOTE); + sb.append(add.operation); + sb.append(QUOTE_COMMA_QUOTE); + sb.append(add.status); + sb.append(QUOTE_COMMA); + sb.append(add.ticket.toString()); + sb.append(COMMA_QUOTE); + sb.append(add.type); + sb.append(QUOTE_COMMA_QUOTE); + sb.append(add.user); + sb.append(QUOTE_PAREN_SEMI); + return Result.ok(add); + } - @Override - public Result<FutureDAO.Data> insert(AuthzTrans trans, FutureDAO.Data fdd) { - StringBuilder sb = cqlBatch.inc(); - sb.append("INSERT INTO authz.future (id,construct,expires,memo,start,target,target_key,target_date) VALUES ("); - sb.append(fdd.id.toString()); - sb.append(','); - fdd.construct.hasArray(); - sb.append(Hash.toHex(fdd.construct.array())); - sb.append(COMMA_QUOTE); - sb.append(Chrono.utcStamp(fdd.expires)); - sb.append(QUOTE_COMMA_QUOTE); - sb.append(fdd.memo.replace("'", "''")); - sb.append(QUOTE_COMMA_QUOTE); - sb.append(Chrono.utcStamp(fdd.expires)); - sb.append(QUOTE_COMMA_QUOTE); - sb.append(fdd.target); - if(fdd.target_key==null) { - sb.append("',,'"); - } else { - sb.append(QUOTE_COMMA_QUOTE); - sb.append(fdd.target_key==null?"":fdd.target_key); - sb.append(QUOTE_COMMA_QUOTE); - } - sb.append(Chrono.utcStamp(fdd.target_date)); - sb.append(QUOTE_PAREN_SEMI); - return Result.ok(fdd); - } - - @Override - public void flush() { - cqlBatch.flush(); - } + @Override + public Result<FutureDAO.Data> insert(AuthzTrans trans, FutureDAO.Data fdd) { + StringBuilder sb = cqlBatch.inc(); + sb.append("INSERT INTO authz.future (id,construct,expires,memo,start,target,target_key,target_date) VALUES ("); + sb.append(fdd.id.toString()); + sb.append(','); + fdd.construct.hasArray(); + sb.append(Hash.toHex(fdd.construct.array())); + sb.append(COMMA_QUOTE); + sb.append(Chrono.utcStamp(fdd.expires)); + sb.append(QUOTE_COMMA_QUOTE); + sb.append(fdd.memo.replace("'", "''")); + sb.append(QUOTE_COMMA_QUOTE); + sb.append(Chrono.utcStamp(fdd.expires)); + sb.append(QUOTE_COMMA_QUOTE); + sb.append(fdd.target); + if(fdd.target_key==null) { + sb.append("',,'"); + } else { + sb.append(QUOTE_COMMA_QUOTE); + sb.append(fdd.target_key==null?"":fdd.target_key); + sb.append(QUOTE_COMMA_QUOTE); + } + sb.append(Chrono.utcStamp(fdd.target_date)); + sb.append(QUOTE_PAREN_SEMI); + return Result.ok(fdd); + } + + @Override + public void flush() { + cqlBatch.flush(); + } } diff --git a/auth/auth-batch/src/main/java/org/onap/aaf/auth/batch/helpers/CQLBatch.java b/auth/auth-batch/src/main/java/org/onap/aaf/auth/batch/helpers/CQLBatch.java index 4547fb1b..b626bae7 100644 --- a/auth/auth-batch/src/main/java/org/onap/aaf/auth/batch/helpers/CQLBatch.java +++ b/auth/auth-batch/src/main/java/org/onap/aaf/auth/batch/helpers/CQLBatch.java @@ -26,74 +26,74 @@ import com.datastax.driver.core.ResultSet; import com.datastax.driver.core.Session; public class CQLBatch { - private Session session; - private StringBuilder sb; - private int hasAdded; - private LogTarget log; + private Session session; + private StringBuilder sb; + private int hasAdded; + private LogTarget log; - public CQLBatch(LogTarget log, Session session) { - this.log = log; - this.session = session; - sb = new StringBuilder(); - hasAdded = 0; - } - public StringBuilder begin() { - sb.setLength(0); - sb.append("BEGIN BATCH\n"); - hasAdded = sb.length(); - return sb; - } - - private boolean end() { - if(sb.length()==hasAdded) { - return false; - } else { - sb.append("APPLY BATCH;\n"); - log.log(sb); - return true; - } - } - - public ResultSet execute() { - if(end()) { - return session.execute(sb.toString()); - } else { - return null; - } - } - - public ResultSet execute(boolean dryRun) { - ResultSet rv = null; - if(dryRun) { - end(); - } else { - rv = execute(); - } - sb.setLength(0); - return rv; - } - - public ResultSet singleExec(StringBuilder query, boolean dryRun) { - if(dryRun) { - return null; - } else { - return session.execute(query.toString()); - } - } - - public void touch(String table, int begin, int end, boolean dryRun) { - StringBuilder sb = begin(); - for(int i=begin;i<end;++i) { - sb.append("UPDATE cache SET touched=dateof(now()) WHERE name='"); - sb.append(table); - sb.append("' AND seg="); - sb.append(i); - sb.append(";\n"); - } - execute(dryRun); - } - - public String toString() { - return sb.toString(); - } + public CQLBatch(LogTarget log, Session session) { + this.log = log; + this.session = session; + sb = new StringBuilder(); + hasAdded = 0; + } + public StringBuilder begin() { + sb.setLength(0); + sb.append("BEGIN BATCH\n"); + hasAdded = sb.length(); + return sb; + } + + private boolean end() { + if(sb.length()==hasAdded) { + return false; + } else { + sb.append("APPLY BATCH;\n"); + log.log(sb); + return true; + } + } + + public ResultSet execute() { + if(end()) { + return session.execute(sb.toString()); + } else { + return null; + } + } + + public ResultSet execute(boolean dryRun) { + ResultSet rv = null; + if(dryRun) { + end(); + } else { + rv = execute(); + } + sb.setLength(0); + return rv; + } + + public ResultSet singleExec(StringBuilder query, boolean dryRun) { + if(dryRun) { + return null; + } else { + return session.execute(query.toString()); + } + } + + public void touch(String table, int begin, int end, boolean dryRun) { + StringBuilder sb = begin(); + for(int i=begin;i<end;++i) { + sb.append("UPDATE cache SET touched=dateof(now()) WHERE name='"); + sb.append(table); + sb.append("' AND seg="); + sb.append(i); + sb.append(";\n"); + } + execute(dryRun); + } + + public String toString() { + return sb.toString(); + } } diff --git a/auth/auth-batch/src/main/java/org/onap/aaf/auth/batch/helpers/CQLBatchLoop.java b/auth/auth-batch/src/main/java/org/onap/aaf/auth/batch/helpers/CQLBatchLoop.java index 2836d041..2604364b 100644 --- a/auth/auth-batch/src/main/java/org/onap/aaf/auth/batch/helpers/CQLBatchLoop.java +++ b/auth/auth-batch/src/main/java/org/onap/aaf/auth/batch/helpers/CQLBatchLoop.java @@ -21,111 +21,111 @@ package org.onap.aaf.auth.batch.helpers; public class CQLBatchLoop { - private static final int MAX_CHARS = (50 * 1024)/2; - - private final CQLBatch cqlBatch; - private final int maxBatch; - private final StringBuilder sb; - private final boolean dryRun; - private int i; - private int total; - private int batches; - private final StringBuilder current; - private boolean showProgress; - - public CQLBatchLoop(CQLBatch cb, int max, boolean dryRun) { - cqlBatch = cb; - i=0; - total = 0; - maxBatch = max; - sb = cqlBatch.begin(); - current = new StringBuilder(); - this.dryRun = dryRun; - showProgress = false; - } + private static final int MAX_CHARS = (50 * 1024)/2; + + private final CQLBatch cqlBatch; + private final int maxBatch; + private final StringBuilder sb; + private final boolean dryRun; + private int i; + private int total; + private int batches; + private final StringBuilder current; + private boolean showProgress; + + public CQLBatchLoop(CQLBatch cb, int max, boolean dryRun) { + cqlBatch = cb; + i=0; + total = 0; + maxBatch = max; + sb = cqlBatch.begin(); + current = new StringBuilder(); + this.dryRun = dryRun; + showProgress = false; + } - public CQLBatchLoop showProgress() { - showProgress = true; - return this; - } - /** - * Assume this is another line in the Batch - * @return - */ - public StringBuilder inc() { - if(i>=maxBatch || current.length()+sb.length()>MAX_CHARS) { - if(i>0) { - cqlBatch.execute(dryRun); - i = -1; - incBatch(); - } - } - if(i<0) { - cqlBatch.begin(); - i=0; - } - if(current.length() > MAX_CHARS) { - cqlBatch.singleExec(current, dryRun); - } else { - sb.append(current); - } - current.setLength(0); - ++i; - ++total; - return current; - } - - /** - * Close up when finished. - */ - public void flush() { - if(current.length()+sb.length()>MAX_CHARS) { - if(i>0) { - cqlBatch.execute(dryRun); - incBatch(); - } - if(current.length()>0) { - cqlBatch.singleExec(current, dryRun); - current.setLength(0); - incBatch(); - } - } else { - if(i<0) { - cqlBatch.begin(); - } - sb.append(current); - current.setLength(0); - cqlBatch.execute(dryRun); - incBatch(); - } - i=-1; - } + public CQLBatchLoop showProgress() { + showProgress = true; + return this; + } + /** + * Assume this is another line in the Batch + * @return + */ + public StringBuilder inc() { + if(i>=maxBatch || current.length()+sb.length()>MAX_CHARS) { + if(i>0) { + cqlBatch.execute(dryRun); + i = -1; + incBatch(); + } + } + if(i<0) { + cqlBatch.begin(); + i=0; + } + if(current.length() > MAX_CHARS) { + cqlBatch.singleExec(current, dryRun); + } else { + sb.append(current); + } + current.setLength(0); + ++i; + ++total; + return current; + } + + /** + * Close up when finished. + */ + public void flush() { + if(current.length()+sb.length()>MAX_CHARS) { + if(i>0) { + cqlBatch.execute(dryRun); + incBatch(); + } + if(current.length()>0) { + cqlBatch.singleExec(current, dryRun); + current.setLength(0); + incBatch(); + } + } else { + if(i<0) { + cqlBatch.begin(); + } + sb.append(current); + current.setLength(0); + cqlBatch.execute(dryRun); + incBatch(); + } + i=-1; + } - private void incBatch() { - ++batches; - if(showProgress) { - System.out.print('.'); - if(batches%70==0) { - System.out.println(); - } - } - } + private void incBatch() { + ++batches; + if(showProgress) { + System.out.print('.'); + if(batches%70==0) { + System.out.println(); + } + } + } - public int total() { - return total; - } - - public int batches() { - return batches; - } + public int total() { + return total; + } + + public int batches() { + return batches; + } - public void reset() { - total = 0; - batches = 0; - i = -1; - } - - public String toString() { - return cqlBatch.toString(); - } + public void reset() { + total = 0; + batches = 0; + i = -1; + } + + public String toString() { + return cqlBatch.toString(); + } } diff --git a/auth/auth-batch/src/main/java/org/onap/aaf/auth/batch/helpers/Creator.java b/auth/auth-batch/src/main/java/org/onap/aaf/auth/batch/helpers/Creator.java index 9d0cfa7f..a4e4112f 100644 --- a/auth/auth-batch/src/main/java/org/onap/aaf/auth/batch/helpers/Creator.java +++ b/auth/auth-batch/src/main/java/org/onap/aaf/auth/batch/helpers/Creator.java @@ -28,22 +28,22 @@ public abstract class Creator<T> { public abstract String select(); public String suffix() { - return ""; + return ""; } public String query(String where) { StringBuilder sb = new StringBuilder(select()); if (where!=null) { sb.append(" WHERE "); - int index = where.indexOf(" ALLOW FILTERING"); - if(index< 0 ) { - sb.append(where); + int index = where.indexOf(" ALLOW FILTERING"); + if(index< 0 ) { + sb.append(where); sb.append(suffix()); - } else { - sb.append(where.substring(0, index)); + } else { + sb.append(where.substring(0, index)); sb.append(suffix()); sb.append(" ALLOW FILTERING"); - } + } } sb.append(';'); return sb.toString(); diff --git a/auth/auth-batch/src/main/java/org/onap/aaf/auth/batch/helpers/Cred.java b/auth/auth-batch/src/main/java/org/onap/aaf/auth/batch/helpers/Cred.java index f5669331..1f5a1f40 100644 --- a/auth/auth-batch/src/main/java/org/onap/aaf/auth/batch/helpers/Cred.java +++ b/auth/auth-batch/src/main/java/org/onap/aaf/auth/batch/helpers/Cred.java @@ -79,29 +79,29 @@ public class Cred { * @return */ public List<Note> notes() { - return notes; + return notes; } public void addNote(int level, String note) { - if(notes==null) { - notes=new ArrayList<>(); - } - notes.add(new Note(level,note)); + if(notes==null) { + notes=new ArrayList<>(); + } + notes.add(new Note(level,note)); } public String toString() { - return expires.toString() + ": " + type + ' ' + tag; + return expires.toString() + ": " + type + ' ' + tag; } } public static class Note { - public final int level; - public final String note; - - public Note(int level, String note) { - this.level = level; - this.note = note; - } + public final int level; + public final String note; + + public Note(int level, String note) { + this.level = level; + this.note = note; + } } public Date last(final int ... types) { Date last = null; @@ -168,7 +168,7 @@ public class Cred { boolean hastype = false; for (int t : types) { if (t==type) { - hastype=true; + hastype=true; break; } } @@ -177,7 +177,7 @@ public class Cred { } } add(row.getString(0), row.getInt(1),row.getTimestamp(2),row.getInt(3),row.getLong(4), - row.getString(5)); + row.getString(5)); } } finally { tt.done(); @@ -188,13 +188,13 @@ public class Cred { } public static void add( - final String id, - final int type, - final Date timestamp, - final int other, - final long written, - final String tag - ) { + final String id, + final int type, + final Date timestamp, + final int other, + final long written, + final String tag + ) { Cred cred = data.get(id); if (cred==null) { cred = new Cred(id); @@ -216,10 +216,10 @@ public class Cred { if (!found) { lscd.add(cred); } - } + } - /** + /** * Count entries in Cred data. * Note, as opposed to other methods, need to load the whole cred table for the Types. * @param numbuckets @@ -306,28 +306,28 @@ public class Cred { } public void row(final CSV.Writer csvw, final Instance inst) { - csvw.row("cred",id,ns,Integer.toString(inst.type),Chrono.dateOnlyStamp(inst.expires), - inst.expires.getTime(),inst.tag); + csvw.row("cred",id,ns,Integer.toString(inst.type),Chrono.dateOnlyStamp(inst.expires), + inst.expires.getTime(),inst.tag); } public void row(final CSV.Writer csvw, final Instance inst, final String reason) { - csvw.row("cred",id,ns,Integer.toString(inst.type),Chrono.dateOnlyStamp(inst.expires), - inst.expires.getTime(),inst.tag,reason); + csvw.row("cred",id,ns,Integer.toString(inst.type),Chrono.dateOnlyStamp(inst.expires), + inst.expires.getTime(),inst.tag,reason); } public static void batchDelete(StringBuilder sb, List<String> row) { - sb.append("DELETE from authz.cred WHERE id='"); - sb.append(row.get(1)); - sb.append("' AND type="); - sb.append(Integer.parseInt(row.get(3))); - // Note: We have to work with long, because Expires is part of Key... can't easily do date. - sb.append(" AND expires=dateof(maxtimeuuid("); - sb.append(row.get(5)); - sb.append("));\n"); - } + sb.append("DELETE from authz.cred WHERE id='"); + sb.append(row.get(1)); + sb.append("' AND type="); + sb.append(Integer.parseInt(row.get(3))); + // Note: We have to work with long, because Expires is part of Key... can't easily do date. + sb.append(" AND expires=dateof(maxtimeuuid("); + sb.append(row.get(5)); + sb.append("));\n"); + } - public String toString() { + public String toString() { StringBuilder sb = new StringBuilder(id); sb.append('['); for (Instance i : instances) { @@ -358,24 +358,24 @@ public class Cred { } - public static String histSubject(List<String> row) { - return row.get(1); - } + public static String histSubject(List<String> row) { + return row.get(1); + } - public static String histMemo(String fmt, String orgName, List<String> row) { - String reason; - if(row.size()>5) { // Reason included - reason = row.get(5); - } else { - reason = String.format(fmt, row.get(1),orgName,row.get(4)); - } - return reason; - } + public static String histMemo(String fmt, String orgName, List<String> row) { + String reason; + if(row.size()>5) { // Reason included + reason = row.get(5); + } else { + reason = String.format(fmt, row.get(1),orgName,row.get(4)); + } + return reason; + } - public static void clear() { - data.clear(); - byNS.clear(); - } + public static void clear() { + data.clear(); + byNS.clear(); + } }
\ No newline at end of file diff --git a/auth/auth-batch/src/main/java/org/onap/aaf/auth/batch/helpers/ExpireRange.java b/auth/auth-batch/src/main/java/org/onap/aaf/auth/batch/helpers/ExpireRange.java index f742a465..c7d4e7d4 100644 --- a/auth/auth-batch/src/main/java/org/onap/aaf/auth/batch/helpers/ExpireRange.java +++ b/auth/auth-batch/src/main/java/org/onap/aaf/auth/batch/helpers/ExpireRange.java @@ -35,197 +35,197 @@ import org.onap.aaf.auth.org.Organization.Identity; import org.onap.aaf.cadi.Access; public class ExpireRange { - private static final String DELETE = "Delete"; - public static final String ONE_MONTH = "OneMonth"; - public static final String TWO_MONTH = "TwoMonth"; - public static final String TWO_WEEK = "TwoWeek"; - public static final String ONE_WEEK = "OneWeek"; - private static final String AAF_BATCH_RANGE = "aaf_batch_range."; - public final Map<String,List<Range>> ranges; - private final Map<Integer,Date> intervalDates; - private static final Date now = new Date(); - public final Range approveDelete ; + private static final String DELETE = "Delete"; + public static final String ONE_MONTH = "OneMonth"; + public static final String TWO_MONTH = "TwoMonth"; + public static final String TWO_WEEK = "TwoWeek"; + public static final String ONE_WEEK = "OneWeek"; + private static final String AAF_BATCH_RANGE = "aaf_batch_range."; + public final Map<String,List<Range>> ranges; + private final Map<Integer,Date> intervalDates; + private static final Date now = new Date(); + public final Range approveDelete ; - private Range delRange; - - public ExpireRange(final Access access) { - ranges = new HashMap<>(); - intervalDates = new HashMap<>(); - int i=0; - approveDelete = new Range(DELETE,0,0,0,-1,0,GregorianCalendar.DAY_OF_YEAR,-100); - String prop = access.getProperty(AAF_BATCH_RANGE + i,null); - if(prop==null && i==0) { - List<Range> lcred = getRangeList("cred"); - List<Range> lur = getRangeList("ur"); - List<Range> lx509 = getRangeList("x509"); - - - /* - Range(Name, ReportingLevel, PeopleInterval, AppInterval, Start(Type,Qty) End(Type,Qty) ) - Interval of -1 Means "only once" - Interval of 0 means none - Interval > 0 means only X number of Days. - */ - delRange = new Range(DELETE,0,0,0,-1,0,GregorianCalendar.WEEK_OF_MONTH,-2); - lur.add(delRange); - lcred.add(delRange); - lx509.add(delRange); - - lcred.add(new Range(ONE_WEEK ,3,-1,1,0,0,GregorianCalendar.WEEK_OF_MONTH,1)); - lcred.add(new Range(TWO_WEEK ,2,-1,-1,GregorianCalendar.WEEK_OF_MONTH,1,GregorianCalendar.WEEK_OF_MONTH,2)); - lcred.add(new Range(ONE_MONTH,1,7,7,GregorianCalendar.WEEK_OF_MONTH,2,GregorianCalendar.MONTH,1)); - lcred.add(new Range(TWO_MONTH,1,-1,-1,GregorianCalendar.MONTH,1,GregorianCalendar.MONTH,2)); - - lur.add( new Range(ONE_MONTH,1,-1,-1,0,0,GregorianCalendar.MONTH,1)); - // Comment out until we can get some more clear actions in place for GUI - // lur.add( new Range(ONE_MONTH,1,-1,-1,GregorianCalendar.WEEK_OF_MONTH,2,GregorianCalendar.MONTH,1)); - // lur.add( new Range(ONE_WEEK,2,-1,1,0,0,GregorianCalendar.WEEK_OF_MONTH,1)); - - lx509.add(new Range(ONE_MONTH,1,-1,-1,GregorianCalendar.WEEK_OF_MONTH,2,GregorianCalendar.MONTH,1)); - } - } - - public Range newFutureRange() { - return new Range("Approval",7,7,1,0,0,GregorianCalendar.MONTH,1); - } - - public Set<String> names() { - Set<String> names = new HashSet<>(); + private Range delRange; + + public ExpireRange(final Access access) { + ranges = new HashMap<>(); + intervalDates = new HashMap<>(); + int i=0; + approveDelete = new Range(DELETE,0,0,0,-1,0,GregorianCalendar.DAY_OF_YEAR,-100); + String prop = access.getProperty(AAF_BATCH_RANGE + i,null); + if(prop==null && i==0) { + List<Range> lcred = getRangeList("cred"); + List<Range> lur = getRangeList("ur"); + List<Range> lx509 = getRangeList("x509"); + + + /* + Range(Name, ReportingLevel, PeopleInterval, AppInterval, Start(Type,Qty) End(Type,Qty) ) + Interval of -1 Means "only once" + Interval of 0 means none + Interval > 0 means only X number of Days. + */ + delRange = new Range(DELETE,0,0,0,-1,0,GregorianCalendar.WEEK_OF_MONTH,-2); + lur.add(delRange); + lcred.add(delRange); + lx509.add(delRange); + + lcred.add(new Range(ONE_WEEK ,3,-1,1,0,0,GregorianCalendar.WEEK_OF_MONTH,1)); + lcred.add(new Range(TWO_WEEK ,2,-1,-1,GregorianCalendar.WEEK_OF_MONTH,1,GregorianCalendar.WEEK_OF_MONTH,2)); + lcred.add(new Range(ONE_MONTH,1,7,7,GregorianCalendar.WEEK_OF_MONTH,2,GregorianCalendar.MONTH,1)); + lcred.add(new Range(TWO_MONTH,1,-1,-1,GregorianCalendar.MONTH,1,GregorianCalendar.MONTH,2)); + + lur.add( new Range(ONE_MONTH,1,-1,-1,0,0,GregorianCalendar.MONTH,1)); + // Comment out until we can get some more clear actions in place for GUI + // lur.add( new Range(ONE_MONTH,1,-1,-1,GregorianCalendar.WEEK_OF_MONTH,2,GregorianCalendar.MONTH,1)); + // lur.add( new Range(ONE_WEEK,2,-1,1,0,0,GregorianCalendar.WEEK_OF_MONTH,1)); + + lx509.add(new Range(ONE_MONTH,1,-1,-1,GregorianCalendar.WEEK_OF_MONTH,2,GregorianCalendar.MONTH,1)); + } + } + + public Range newFutureRange() { + return new Range("Approval",7,7,1,0,0,GregorianCalendar.MONTH,1); + } + + public Set<String> names() { + Set<String> names = new HashSet<>(); for(List<Range> lr : ranges.values()) { - for(Range r : lr) { - names.add(r.name); - } + for(Range r : lr) { + names.add(r.name); + } } - return names; - } - - private synchronized List<Range> getRangeList(final String key) { - List<Range> rv = ranges.get(key); - if(rv==null) { - rv = new ArrayList<>(); - ranges.put(key, rv); - } - return rv; - } - - public class Range { - private final String name; - private final int reportingLevel; - private final int peopleInterval; // in Days - private final int appInterval; // in Days - private final Date start; - private final Date end; - private final Date lowerValid; - - public Range( - final String name, final int reportingLevel, - final int peopleInterval, final int appInterval, - final int startGCType, final int startQty, - final int endGCType,final int endQty) { - this.name = name; - this.reportingLevel = reportingLevel; - this.peopleInterval = peopleInterval; - this.appInterval = appInterval; - GregorianCalendar gc = new GregorianCalendar(); - if(startGCType<0) { - gc.set(GregorianCalendar.YEAR, 1); - } else { - gc.setTime(now); - gc.add(startGCType, startQty); - } - start = gc.getTime(); - - if(endGCType<0) { - gc.set(GregorianCalendar.YEAR, 1); - } else { - gc.setTime(now); - gc.add(endGCType, endQty); - } - end = gc.getTime(); - + return names; + } + + private synchronized List<Range> getRangeList(final String key) { + List<Range> rv = ranges.get(key); + if(rv==null) { + rv = new ArrayList<>(); + ranges.put(key, rv); + } + return rv; + } + + public class Range { + private final String name; + private final int reportingLevel; + private final int peopleInterval; // in Days + private final int appInterval; // in Days + private final Date start; + private final Date end; + private final Date lowerValid; + + public Range( + final String name, final int reportingLevel, + final int peopleInterval, final int appInterval, + final int startGCType, final int startQty, + final int endGCType,final int endQty) { + this.name = name; + this.reportingLevel = reportingLevel; + this.peopleInterval = peopleInterval; + this.appInterval = appInterval; + GregorianCalendar gc = new GregorianCalendar(); + if(startGCType<0) { + gc.set(GregorianCalendar.YEAR, 1); + } else { + gc.setTime(now); + gc.add(startGCType, startQty); + } + start = gc.getTime(); + + if(endGCType<0) { + gc.set(GregorianCalendar.YEAR, 1); + } else { + gc.setTime(now); + gc.add(endGCType, endQty); + } + end = gc.getTime(); + - if(endGCType<0) { - gc.set(GregorianCalendar.YEAR, -1); - } else { - gc.setTime(now); - gc.add(endGCType, endQty * -1); - } - lowerValid = gc.getTime(); + if(endGCType<0) { + gc.set(GregorianCalendar.YEAR, -1); + } else { + gc.setTime(now); + gc.add(endGCType, endQty * -1); + } + lowerValid = gc.getTime(); - } - - public String name() { - return name; - } - - public int reportingLevel() { - return reportingLevel; - } + } + + public String name() { + return name; + } + + public int reportingLevel() { + return reportingLevel; + } - public boolean needsContact(Date lnd, Identity identity) { - final int interval; - if(identity==null || identity.isPerson()) { - interval = peopleInterval; - } else { - interval = appInterval; - } - if(interval == 0) { - return false; - } else if(interval < 0) { // "-1 = only once " - return (lnd==null || lnd.before(lowerValid)); - } else { - Date rv = intervalDates.get(interval); - if(rv==null) { - GregorianCalendar gc = new GregorianCalendar(); - gc.setTime(now); - gc.add(GregorianCalendar.DAY_OF_YEAR, -1*interval); - rv = gc.getTime(); - intervalDates.put(interval, rv); - } - return rv.after(lnd); - } - } + public boolean needsContact(Date lnd, Identity identity) { + final int interval; + if(identity==null || identity.isPerson()) { + interval = peopleInterval; + } else { + interval = appInterval; + } + if(interval == 0) { + return false; + } else if(interval < 0) { // "-1 = only once " + return (lnd==null || lnd.before(lowerValid)); + } else { + Date rv = intervalDates.get(interval); + if(rv==null) { + GregorianCalendar gc = new GregorianCalendar(); + gc.setTime(now); + gc.add(GregorianCalendar.DAY_OF_YEAR, -1*interval); + rv = gc.getTime(); + intervalDates.put(interval, rv); + } + return rv.after(lnd); + } + } - public Date getStart() { - return start; - } - - public Date getEnd() { - return end; - } - - public boolean inRange(final Date date) { - if(date==null) { - return false; - } else { - return date.getTime()>=start.getTime() && date.before(end); - } - } + public Date getStart() { + return start; + } + + public Date getEnd() { + return end; + } + + public boolean inRange(final Date date) { + if(date==null) { + return false; + } else { + return date.getTime()>=start.getTime() && date.before(end); + } + } - } + } - public Range getRange(final String key, final Date date) { - Range rv = null; - if(date!=null) { - List<Range> lr = ranges.get(key); - if(lr==null) { - return null; - } else { - for(Range r : lr) { - if(r.inRange(date)) { - rv = r; - break; - } - } - } - } - return rv; - } + public Range getRange(final String key, final Date date) { + Range rv = null; + if(date!=null) { + List<Range> lr = ranges.get(key); + if(lr==null) { + return null; + } else { + for(Range r : lr) { + if(r.inRange(date)) { + rv = r; + break; + } + } + } + } + return rv; + } - public Date now() { - return now; - } - + public Date now() { + return now; + } + } diff --git a/auth/auth-batch/src/main/java/org/onap/aaf/auth/batch/helpers/Future.java b/auth/auth-batch/src/main/java/org/onap/aaf/auth/batch/helpers/Future.java index 74c3411f..fd0de1fc 100644 --- a/auth/auth-batch/src/main/java/org/onap/aaf/auth/batch/helpers/Future.java +++ b/auth/auth-batch/src/main/java/org/onap/aaf/auth/batch/helpers/Future.java @@ -104,7 +104,7 @@ public class Future implements CacheChange.Data, Comparable<Future> { e.printStackTrace(System.err); } } - this.role = role; + this.role = role; } public final UUID id() { @@ -128,7 +128,7 @@ public class Future implements CacheChange.Data, Comparable<Future> { } public static void load(Trans trans, Session session, Creator<Future> creator) { - load(trans,session,creator, f -> { + load(trans,session,creator, f -> { data.put(f.fdd.id,f); if (f.role==null) { return; @@ -154,8 +154,8 @@ public class Future implements CacheChange.Data, Comparable<Future> { tt = trans.start("Process Futures", Env.SUB); try { for (Row row : results.all()) { - ++count; - visitor.visit(creator.create(row)); + ++count; + visitor.visit(creator.create(row)); } } finally { tt.done(); @@ -216,15 +216,15 @@ public class Future implements CacheChange.Data, Comparable<Future> { return cache.contains(f); } - public static void row(CSV.Writer cw, Future f) { - cw.row("future",f.fdd.id,f.fdd.target,f.fdd.expires,f.role,f.fdd.memo); - } + public static void row(CSV.Writer cw, Future f) { + cw.row("future",f.fdd.id,f.fdd.target,f.fdd.expires,f.role,f.fdd.memo); + } - public static void deleteByIDBatch(StringBuilder sb, String id) { - sb.append("DELETE from authz.future where id="); - sb.append(id); - sb.append(";\n"); - } + public static void deleteByIDBatch(StringBuilder sb, String id) { + sb.append("DELETE from authz.future where id="); + sb.append(id); + sb.append(";\n"); + } } diff --git a/auth/auth-batch/src/main/java/org/onap/aaf/auth/batch/helpers/LastNotified.java b/auth/auth-batch/src/main/java/org/onap/aaf/auth/batch/helpers/LastNotified.java index e6942f09..258f430e 100644 --- a/auth/auth-batch/src/main/java/org/onap/aaf/auth/batch/helpers/LastNotified.java +++ b/auth/auth-batch/src/main/java/org/onap/aaf/auth/batch/helpers/LastNotified.java @@ -45,101 +45,101 @@ import com.datastax.driver.core.SimpleStatement; import com.datastax.driver.core.Statement; public class LastNotified { - private Map<String,Date> lastNotified = new TreeMap<>(); - private Session session; - public static final Date NEVER = new Date(0); - private static final String SELECT = "SELECT user,target,key,last FROM authz.notified"; - - public LastNotified(Session session) { - this.session = session; - } - - public void add(Set<String> users) { - StringBuilder query = new StringBuilder(); - startQuery(query); - int cnt = 0; - for(String user : users) { - if(++cnt>1) { - query.append(','); - } - query.append('\''); - query.append(user); - query.append('\''); - if(cnt>=30) { - endQuery(query); - add(session.execute(query.toString()),lastNotified, (x,y) -> false); - query.setLength(0); - startQuery(query); - cnt=0; - } - } - if(cnt>0) { - endQuery(query); - add(session.execute(query.toString()),lastNotified, (x,y) -> false); - } - } + private Map<String,Date> lastNotified = new TreeMap<>(); + private Session session; + public static final Date NEVER = new Date(0); + private static final String SELECT = "SELECT user,target,key,last FROM authz.notified"; + + public LastNotified(Session session) { + this.session = session; + } + + public void add(Set<String> users) { + StringBuilder query = new StringBuilder(); + startQuery(query); + int cnt = 0; + for(String user : users) { + if(++cnt>1) { + query.append(','); + } + query.append('\''); + query.append(user); + query.append('\''); + if(cnt>=30) { + endQuery(query); + add(session.execute(query.toString()),lastNotified, (x,y) -> false); + query.setLength(0); + startQuery(query); + cnt=0; + } + } + if(cnt>0) { + endQuery(query); + add(session.execute(query.toString()),lastNotified, (x,y) -> false); + } + } - /** - * Note: target_key CAN also contain a Pipe. - * - * @param user - * @param target - * @param targetkey - * @return - */ - public Date lastNotified(String user, String target, String targetkey) { - String key = user + '|' + target + '|' + (targetkey==null?"":targetkey); - return lastNotified(key); - } - - public Date lastNotified(String key) { - Date d = lastNotified.get(key); - return d==null?NEVER:d; - } - - private Date add(ResultSet result, Map<String, Date> lastNotified, MarkDelete md) { - Date last = null; - Row r; - for(Iterator<Row> iter = result.iterator(); iter.hasNext();) { - r = iter.next(); - String ttKey = r.getString(1) + '|' + - r.getString(2); + /** + * Note: target_key CAN also contain a Pipe. + * + * @param user + * @param target + * @param targetkey + * @return + */ + public Date lastNotified(String user, String target, String targetkey) { + String key = user + '|' + target + '|' + (targetkey==null?"":targetkey); + return lastNotified(key); + } + + public Date lastNotified(String key) { + Date d = lastNotified.get(key); + return d==null?NEVER:d; + } + + private Date add(ResultSet result, Map<String, Date> lastNotified, MarkDelete md) { + Date last = null; + Row r; + for(Iterator<Row> iter = result.iterator(); iter.hasNext();) { + r = iter.next(); + String ttKey = r.getString(1) + '|' + + r.getString(2); - String fullKey = r.getString(0) + '|' + - ttKey; - last=r.getTimestamp(3); - if(!md.process(fullKey, last)) { - lastNotified.put(fullKey, last); - Date d = lastNotified.get(ttKey); - if(d==null || d.after(last)) { // put most recent, if different - lastNotified.put(ttKey, last); - } - } - } - return last; - } - - private interface MarkDelete { - boolean process(String fullKey, Date last); - } + String fullKey = r.getString(0) + '|' + + ttKey; + last=r.getTimestamp(3); + if(!md.process(fullKey, last)) { + lastNotified.put(fullKey, last); + Date d = lastNotified.get(ttKey); + if(d==null || d.after(last)) { // put most recent, if different + lastNotified.put(ttKey, last); + } + } + } + return last; + } + + private interface MarkDelete { + boolean process(String fullKey, Date last); + } - private void startQuery(StringBuilder query) { - query.append(SELECT + " WHERE user in ("); - } + private void startQuery(StringBuilder query) { + query.append(SELECT + " WHERE user in ("); + } - private void endQuery(StringBuilder query) { - query.append(");"); - } + private void endQuery(StringBuilder query) { + query.append(");"); + } - public void update(StringBuilder query,String user, String target, String key) { - query.append("UPDATE authz.notified SET last=dateof(now()) WHERE user='"); - query.append(user); - query.append("' AND target='"); - query.append(target); - query.append("' AND key='"); - query.append(key); - query.append("';\n"); - } + public void update(StringBuilder query,String user, String target, String key) { + query.append("UPDATE authz.notified SET last=dateof(now()) WHERE user='"); + query.append(user); + query.append("' AND target='"); + query.append(target); + query.append("' AND key='"); + query.append(key); + query.append("';\n"); + } public LastNotified loadAll(Trans trans, final Range delRange, final CSV.Writer cw) { trans.debug().log( "query: ",SELECT ); @@ -150,14 +150,14 @@ public class LastNotified { Statement stmt = new SimpleStatement( SELECT ); results = session.execute(stmt); add(results,lastNotified, (fullKey, last) -> { - if(delRange.inRange(last)) { - String[] params = Split.splitTrim('|', fullKey,3); - if(params.length==3) { - cw.row("notified",params[0],params[1],params[2]); - return true; - } - } - return false; + if(delRange.inRange(last)) { + String[] params = Split.splitTrim('|', fullKey,3); + if(params.length==3) { + cw.row("notified",params[0],params[1],params[2]); + return true; + } + } + return false; }); } finally { tt.done(); @@ -165,26 +165,26 @@ public class LastNotified { return this; } - public static String newKey(UserRole ur) { - return "ur|" + ur.user() + '|'+ur.role(); - } + public static String newKey(UserRole ur) { + return "ur|" + ur.user() + '|'+ur.role(); + } - public static String newKey(Cred cred, Instance inst) { - return "cred|" + cred.id + '|' + inst.type + '|' + inst.tag; - } + public static String newKey(Cred cred, Instance inst) { + return "cred|" + cred.id + '|' + inst.type + '|' + inst.tag; + } - public static String newKey(X509 x509, X509Certificate x509Cert) { - return "x509|" + x509.id + '|' + x509Cert.getSerialNumber().toString(); - } + public static String newKey(X509 x509, X509Certificate x509Cert) { + return "x509|" + x509.id + '|' + x509Cert.getSerialNumber().toString(); + } - public static void delete(StringBuilder query, List<String> row) { - query.append("DELETE FROM authz.notified WHERE user='"); - query.append(row.get(1)); - query.append("' AND target='"); - query.append(row.get(2)); - query.append("' AND key='"); - query.append(row.get(3)); - query.append("';\n"); - } + public static void delete(StringBuilder query, List<String> row) { + query.append("DELETE FROM authz.notified WHERE user='"); + query.append(row.get(1)); + query.append("' AND target='"); + query.append(row.get(2)); + query.append("' AND key='"); + query.append(row.get(3)); + query.append("';\n"); + } } diff --git a/auth/auth-batch/src/main/java/org/onap/aaf/auth/batch/helpers/NS.java b/auth/auth-batch/src/main/java/org/onap/aaf/auth/batch/helpers/NS.java index ad1ab373..e76f5235 100644 --- a/auth/auth-batch/src/main/java/org/onap/aaf/auth/batch/helpers/NS.java +++ b/auth/auth-batch/src/main/java/org/onap/aaf/auth/batch/helpers/NS.java @@ -57,7 +57,7 @@ public class NS implements Comparable<NS> { }; public NS(String name, String description, String parent, int type, int scope) { - ndd = new NsDAO.Data(); + ndd = new NsDAO.Data(); ndd.name = name; ndd.description = description; ndd.parent = parent; @@ -70,7 +70,7 @@ public class NS implements Comparable<NS> { "select name, description, parent, type, scope from authz.ns;" ,creator , v -> data.put(v.ndd.name,v) - ); + ); } public static void loadOne(Trans trans, Session session, Creator<NS> creator, String ns) { @@ -82,11 +82,11 @@ public class NS implements Comparable<NS> { } public static void load(Trans trans, Session session, Creator<NS> creator, Visitor<NS> visitor) { - load(trans,session,creator.query(null),creator, visitor); + load(trans,session,creator.query(null),creator, visitor); } public void row(final CSV.Writer csvw, String tag) { - csvw.row(tag,ndd.name,ndd.type,ndd.parent); + csvw.row(tag,ndd.name,ndd.type,ndd.parent); } diff --git a/auth/auth-batch/src/main/java/org/onap/aaf/auth/batch/helpers/Role.java b/auth/auth-batch/src/main/java/org/onap/aaf/auth/batch/helpers/Role.java index bb5e8c21..e69ef51d 100644 --- a/auth/auth-batch/src/main/java/org/onap/aaf/auth/batch/helpers/Role.java +++ b/auth/auth-batch/src/main/java/org/onap/aaf/auth/batch/helpers/Role.java @@ -52,7 +52,7 @@ public class Role implements Comparable<Role> { private String encode; public Role(String full) { - rdd = new RoleDAO.Data(); + rdd = new RoleDAO.Data(); rdd.ns = ""; rdd.name = ""; rdd.description = ""; @@ -61,7 +61,7 @@ public class Role implements Comparable<Role> { } public Role(String ns, String name, String description,Set<String> perms) { - rdd = new RoleDAO.Data(); + rdd = new RoleDAO.Data(); rdd.ns = ns; rdd.name = name; rdd.description = description; @@ -179,11 +179,11 @@ public class Role implements Comparable<Role> { deleteRoles.clear(); } - public static void clear() { - data.clear(); - keys.clear(); - byName.clear(); - deleteRoles.clear(); - } + public static void clear() { + data.clear(); + keys.clear(); + byName.clear(); + deleteRoles.clear(); + } }
\ No newline at end of file diff --git a/auth/auth-batch/src/main/java/org/onap/aaf/auth/batch/helpers/UserRole.java b/auth/auth-batch/src/main/java/org/onap/aaf/auth/batch/helpers/UserRole.java index 96169434..d5c0d771 100644 --- a/auth/auth-batch/src/main/java/org/onap/aaf/auth/batch/helpers/UserRole.java +++ b/auth/auth-batch/src/main/java/org/onap/aaf/auth/batch/helpers/UserRole.java @@ -51,7 +51,7 @@ public class UserRole implements Cloneable, CacheChange.Data { public static final String UR = "ur"; public static final String APPROVE_UR = "ur"; - private static final String SEPARATOR = "\",\""; + private static final String SEPARATOR = "\",\""; // CACHE Calling private static final String LOG_FMT = "%s UserRole - %s: %s-%s (%s, %s) expiring %s"; @@ -127,11 +127,11 @@ public class UserRole implements Cloneable, CacheChange.Data { } public static void load(Trans trans, CSV csv, Creator<UserRole> creator, Visitor<UserRole> visitor) throws IOException, CadiException { -// public UserRole(String user, String role, String ns, String rname, Date expires) { - csv.visit( row -> { - visitor.visit(new UserRole(row.get(1),row.get(2),row.get(3),row.get(4), - new Date(Long.parseLong(row.get(6))))); - }); +// public UserRole(String user, String role, String ns, String rname, Date expires) { + csv.visit( row -> { + visitor.visit(new UserRole(row.get(1),row.get(2),row.get(3),row.get(4), + new Date(Long.parseLong(row.get(6))))); + }); } private static void load(Trans trans, Session session, Creator<UserRole> creator, String where, Visitor<UserRole> visitor) { @@ -169,8 +169,8 @@ public class UserRole implements Cloneable, CacheChange.Data { } public static class DataLoadVisitor implements Visitor<UserRole> { - @Override - public void visit(UserRole ur) { + @Override + public void visit(UserRole ur) { data.add(ur); List<UserRole> lur = byUser.get(ur.urdd.user); @@ -186,7 +186,7 @@ public class UserRole implements Cloneable, CacheChange.Data { byRole.put(ur.urdd.role, lur); } lur.add(ur); - } + } } public int totalLoaded() { @@ -305,81 +305,81 @@ public class UserRole implements Cloneable, CacheChange.Data { } public void row(final CSV.Writer csvw, String tag) { - csvw.row(tag,user(),role(),ns(),rname(),Chrono.dateOnlyStamp(expires()),expires().getTime()); + csvw.row(tag,user(),role(),ns(),rname(),Chrono.dateOnlyStamp(expires()),expires().getTime()); } public void row(final CSV.Writer csvw, String tag, String reason) { - csvw.row(tag,user(),role(),ns(),rname(),Chrono.dateOnlyStamp(expires()),expires().getTime(),reason); + csvw.row(tag,user(),role(),ns(),rname(),Chrono.dateOnlyStamp(expires()),expires().getTime(),reason); } public static Data row(List<String> row) { - Data data = new Data(); - data.user = row.get(1); - data.role = row.get(2); - data.ns = row.get(3); - data.rname = row.get(4); - data.expires = new Date(Long.parseLong(row.get(6))); - return data; - } - - public static void batchDelete(StringBuilder sb, List<String> row) { - sb.append("DELETE from authz.user_role WHERE user='"); - sb.append(row.get(1)); - sb.append("' AND role='"); - sb.append(row.get(2)); - sb.append("';\n"); + Data data = new Data(); + data.user = row.get(1); + data.role = row.get(2); + data.ns = row.get(3); + data.rname = row.get(4); + data.expires = new Date(Long.parseLong(row.get(6))); + return data; + } + + public static void batchDelete(StringBuilder sb, List<String> row) { + sb.append("DELETE from authz.user_role WHERE user='"); + sb.append(row.get(1)); + sb.append("' AND role='"); + sb.append(row.get(2)); + sb.append("';\n"); } public static void batchExtend(StringBuilder sb, List<String> row, Date newDate ) { - sb.append("UPDATE authz.user_role SET expires='"); - sb.append(Chrono.dateTime(newDate)); - sb.append("' WHERE user='"); - sb.append(row.get(1)); - sb.append("' AND role='"); - sb.append(row.get(2)); - sb.append("';\n"); + sb.append("UPDATE authz.user_role SET expires='"); + sb.append(Chrono.dateTime(newDate)); + sb.append("' WHERE user='"); + sb.append(row.get(1)); + sb.append("' AND role='"); + sb.append(row.get(2)); + sb.append("';\n"); } public void batchExtend(StringBuilder sb, Date newDate) { - sb.append("UPDATE authz.user_role SET expires='"); - sb.append(Chrono.dateTime(newDate)); - sb.append("' WHERE user='"); - sb.append(user()); - sb.append("' AND role='"); - sb.append(role()); - sb.append("';\n"); + sb.append("UPDATE authz.user_role SET expires='"); + sb.append(Chrono.dateTime(newDate)); + sb.append("' WHERE user='"); + sb.append(user()); + sb.append("' AND role='"); + sb.append(role()); + sb.append("';\n"); } public void batchUpdateExpires(StringBuilder sb) { - sb.append("UPDATE authz.user_role SET expires='"); - sb.append(Chrono.dateTime(expires())); - sb.append("' WHERE user='"); - sb.append(user()); - sb.append("' AND role='"); - sb.append(role()); - sb.append("';\n"); - } - - public static String histMemo(String fmt, List<String> row) { - String reason; - if(row.size()>7) { // Reason included - reason = String.format("%s removed from %s because %s", - row.get(1),row.get(2),row.get(7)); - } else { - reason = String.format(fmt, row.get(1),row.get(2), row.get(5)); - } - return reason; - } - - public static String histSubject(List<String> row) { - return row.get(1) + '|' + row.get(2); - } - - public static void clear() { - data.clear(); - byUser.clear(); - byRole.clear(); - cache.resetLocalData(); - - } + sb.append("UPDATE authz.user_role SET expires='"); + sb.append(Chrono.dateTime(expires())); + sb.append("' WHERE user='"); + sb.append(user()); + sb.append("' AND role='"); + sb.append(role()); + sb.append("';\n"); + } + + public static String histMemo(String fmt, List<String> row) { + String reason; + if(row.size()>7) { // Reason included + reason = String.format("%s removed from %s because %s", + row.get(1),row.get(2),row.get(7)); + } else { + reason = String.format(fmt, row.get(1),row.get(2), row.get(5)); + } + return reason; + } + + public static String histSubject(List<String> row) { + return row.get(1) + '|' + row.get(2); + } + + public static void clear() { + data.clear(); + byUser.clear(); + byRole.clear(); + cache.resetLocalData(); + + } }
\ No newline at end of file diff --git a/auth/auth-batch/src/main/java/org/onap/aaf/auth/batch/helpers/Visitor.java b/auth/auth-batch/src/main/java/org/onap/aaf/auth/batch/helpers/Visitor.java index 17f289a1..38a76477 100644 --- a/auth/auth-batch/src/main/java/org/onap/aaf/auth/batch/helpers/Visitor.java +++ b/auth/auth-batch/src/main/java/org/onap/aaf/auth/batch/helpers/Visitor.java @@ -21,20 +21,20 @@ package org.onap.aaf.auth.batch.helpers; public interface Visitor<T> { - void visit(T t); - - public static class Multi<T> implements Visitor<T> { - private final Visitor<T>[] visitors; - @SafeVarargs - public Multi(Visitor<T> ... vs) { - visitors = vs; - } - - @Override - public void visit(T t) { - for(Visitor<T> v : visitors) { - v.visit(t); - } - } - }; + void visit(T t); + + public static class Multi<T> implements Visitor<T> { + private final Visitor<T>[] visitors; + @SafeVarargs + public Multi(Visitor<T> ... vs) { + visitors = vs; + } + + @Override + public void visit(T t) { + for(Visitor<T> v : visitors) { + v.visit(t); + } + } + }; } diff --git a/auth/auth-batch/src/main/java/org/onap/aaf/auth/batch/helpers/X509.java b/auth/auth-batch/src/main/java/org/onap/aaf/auth/batch/helpers/X509.java index 6a7ffc59..c68a9945 100644 --- a/auth/auth-batch/src/main/java/org/onap/aaf/auth/batch/helpers/X509.java +++ b/auth/auth-batch/src/main/java/org/onap/aaf/auth/batch/helpers/X509.java @@ -50,11 +50,11 @@ public class X509 { public ByteBuffer serial; public X509(String ca, String id, String x500, String x509, ByteBuffer serial) { - this.ca = ca; - this.id = id; - this.x500 = x500; - this.x509 = x509; - this.serial = serial; + this.ca = ca; + this.id = id; + this.x500 = x500; + this.x509 = x509; + this.serial = serial; } @@ -81,7 +81,7 @@ public class X509 { tt = trans.start("Load X509s", Env.SUB); try { while (iter.hasNext()) { - ++count; + ++count; row = iter.next(); visitor.visit(new X509(row.getString(0),row.getString(1), row.getString(2),row.getString(3),row.getBytes(4))); } @@ -108,48 +108,48 @@ public class X509 { } - public void row(CSV.Writer cw, X509Certificate x509Cert) { - cw.row("x509",ca,Hash.toHex(serial.array()),Chrono.dateOnlyStamp(x509Cert.getNotAfter()),x500); - } + public void row(CSV.Writer cw, X509Certificate x509Cert) { + cw.row("x509",ca,Hash.toHex(serial.array()),Chrono.dateOnlyStamp(x509Cert.getNotAfter()),x500); + } - public void row(CSV.Writer cw, X509Certificate x509Cert,String reason) { - cw.row("x509",ca,Hash.toHex(serial.array()),Chrono.dateOnlyStamp(x509Cert.getNotAfter()),x500,reason); - } + public void row(CSV.Writer cw, X509Certificate x509Cert,String reason) { + cw.row("x509",ca,Hash.toHex(serial.array()),Chrono.dateOnlyStamp(x509Cert.getNotAfter()),x500,reason); + } - public static void row(StringBuilder sb, List<String> row) { - sb.append("DELETE from authz.x509 WHERE ca='"); - sb.append(row.get(1)); - sb.append("' AND serial="); - sb.append(row.get(2)); - sb.append(";\n"); - } + public static void row(StringBuilder sb, List<String> row) { + sb.append("DELETE from authz.x509 WHERE ca='"); + sb.append(row.get(1)); + sb.append("' AND serial="); + sb.append(row.get(2)); + sb.append(";\n"); + } public static void batchDelete(StringBuilder sb, List<String> row) { - sb.append("DELETE from authz.x509 WHERE ca='"); - sb.append(row.get(1)); - sb.append("' AND serial="); - sb.append(row.get(2)); - sb.append(";\n"); - } - public static String histSubject(List<String> row) { - return row.get(4); - } - - - public static String histMemo(String fmt, List<String> row) { - String id="n/a"; - for(String s : Split.splitTrim(',', row.get(4))) { - if(s.startsWith("OU=") && s.indexOf('@')>=0) { - int colon = s.indexOf(':'); - if(colon<0) { - colon=s.length(); - } - id=s.substring(3,colon); - break; - } - } - return String.format(fmt, "Cert for " + id,"CA " + row.get(1),row.get(3)); - } + sb.append("DELETE from authz.x509 WHERE ca='"); + sb.append(row.get(1)); + sb.append("' AND serial="); + sb.append(row.get(2)); + sb.append(";\n"); + } + public static String histSubject(List<String> row) { + return row.get(4); + } + + + public static String histMemo(String fmt, List<String> row) { + String id="n/a"; + for(String s : Split.splitTrim(',', row.get(4))) { + if(s.startsWith("OU=") && s.indexOf('@')>=0) { + int colon = s.indexOf(':'); + if(colon<0) { + colon=s.length(); + } + id=s.substring(3,colon); + break; + } + } + return String.format(fmt, "Cert for " + id,"CA " + row.get(1),row.get(3)); + } }
\ No newline at end of file diff --git a/auth/auth-batch/src/main/java/org/onap/aaf/auth/batch/reports/Analyze.java b/auth/auth-batch/src/main/java/org/onap/aaf/auth/batch/reports/Analyze.java index eb998b04..5780c603 100644 --- a/auth/auth-batch/src/main/java/org/onap/aaf/auth/batch/reports/Analyze.java +++ b/auth/auth-batch/src/main/java/org/onap/aaf/auth/batch/reports/Analyze.java @@ -69,7 +69,7 @@ import org.onap.aaf.misc.env.util.Chrono; public class Analyze extends Batch { - private static final int unknown=0; + private static final int unknown=0; private static final int owner=1; private static final int supervisor=2; private static final int total=0; @@ -77,23 +77,23 @@ public class Analyze extends Batch { private static final int approved=2; - public static final String NEED_APPROVALS = "NeedApprovals"; - private static final String EXTEND = "Extend"; - private static final String EXPIRED_OWNERS = "ExpiredOwners"; - private static final String CSV = ".csv"; - private static final String INFO = "info"; - private int minOwners; - private Map<String, CSV.Writer> writerList; - private ExpireRange expireRange; - private Date deleteDate; - private CSV.Writer deleteCW; - private CSV.Writer needApproveCW; - private CSV.Writer extendCW; - private Range futureRange; - private final String sdate; - private LastNotified ln; - - public Analyze(AuthzTrans trans) throws APIException, IOException, OrganizationException { + public static final String NEED_APPROVALS = "NeedApprovals"; + private static final String EXTEND = "Extend"; + private static final String EXPIRED_OWNERS = "ExpiredOwners"; + private static final String CSV = ".csv"; + private static final String INFO = "info"; + private int minOwners; + private Map<String, CSV.Writer> writerList; + private ExpireRange expireRange; + private Date deleteDate; + private CSV.Writer deleteCW; + private CSV.Writer needApproveCW; + private CSV.Writer extendCW; + private Range futureRange; + private final String sdate; + private LastNotified ln; + + public Analyze(AuthzTrans trans) throws APIException, IOException, OrganizationException { super(trans.env()); trans.info().log("Starting Connection Process"); @@ -115,20 +115,20 @@ public class Analyze extends Batch { expireRange = new ExpireRange(trans.env().access()); sdate = Chrono.dateOnlyStamp(now); for( List<Range> lr : expireRange.ranges.values()) { - for(Range r : lr ) { - if(writerList.get(r.name())==null) { - File file = new File(logDir(),r.name() + sdate +CSV); - CSV csv = new CSV(env.access(),file); - CSV.Writer cw = csv.writer(false); - cw.row(INFO,r.name(),sdate,r.reportingLevel()); - writerList.put(r.name(),cw); - if("Delete".equals(r.name())) { - deleteDate = r.getEnd(); - deleteCW = cw; - } - trans.init().log("Creating File:",file.getAbsolutePath()); - } - } + for(Range r : lr ) { + if(writerList.get(r.name())==null) { + File file = new File(logDir(),r.name() + sdate +CSV); + CSV csv = new CSV(env.access(),file); + CSV.Writer cw = csv.writer(false); + cw.row(INFO,r.name(),sdate,r.reportingLevel()); + writerList.put(r.name(),cw); + if("Delete".equals(r.name())) { + deleteDate = r.getEnd(); + deleteCW = cw; + } + trans.init().log("Creating File:",file.getAbsolutePath()); + } + } } // Setup New Approvals file @@ -156,465 +156,465 @@ public class Analyze extends Batch { @Override protected void run(AuthzTrans trans) { - TimeTaken tt; - AuthzTrans noAvg = trans.env().newTransNoAvg(); - - //////////////////// - // Load all Notifieds, and either add to local Data, or mark for Deletion. - ln.loadAll(noAvg,expireRange.approveDelete,deleteCW); - - // Hold Good Tickets to keyed User/Role for UserRole Step - Map<String,Ticket> mur = new TreeMap<>(); + TimeTaken tt; + AuthzTrans noAvg = trans.env().newTransNoAvg(); + + //////////////////// + // Load all Notifieds, and either add to local Data, or mark for Deletion. + ln.loadAll(noAvg,expireRange.approveDelete,deleteCW); + + // Hold Good Tickets to keyed User/Role for UserRole Step + Map<String,Ticket> mur = new TreeMap<>(); - try { - Approval.load(trans, session, Approval.v2_0_17); - - //////////////////// - final Map<UUID,Ticket> goodTickets = new TreeMap<>(); - tt = trans.start("Analyze Expired Futures",Trans.SUB); - try { - Future.load(noAvg, session, Future.withConstruct, fut -> { - List<Approval> appls = Approval.byTicket.get(fut.id()); - if(!futureRange.inRange(fut.expires())) { - deleteCW.comment("Future %s expired", fut.id()); - Future.row(deleteCW,fut); - if(appls!=null) { - for(Approval a : appls) { - Approval.row(deleteCW, a); - } - } - } else if(appls==null) { // Orphaned Future (no Approvals) - deleteCW.comment("Future is Orphaned"); - Future.row(deleteCW,fut); - } else { - goodTickets.put(fut.fdd.id, new Ticket(fut)); - } - }); - } finally { - tt.done(); - } - - Set<String> approvers = new TreeSet<>(); - tt = trans.start("Connect Approvals with Futures",Trans.SUB); - try { - for(Approval appr : Approval.list) { - Ticket ticket=null; - UUID ticketID = appr.getTicket(); - if(ticketID!=null) { - ticket = goodTickets.get(appr.getTicket()); - } - if(ticket == null) { // Orphaned Approvals, no Futures - deleteCW.comment("Approval is Orphaned"); - Approval.row(deleteCW, appr); - } else { - // for users and approvers still valid - String user = appr.getUser(); - - if(org.isRevoked(noAvg, appr.getApprover())) { - deleteCW.comment("Approver ID is revoked"); - Approval.row(deleteCW, appr); - } else if(user!=null && !user.isEmpty() && org.isRevoked(noAvg, user)) { - deleteCW.comment("USER ID is revoked"); - Approval.row(deleteCW, appr); - } else { - ticket.approvals.add(appr); // add to found Ticket - approvers.add(appr.getApprover()); - } - } - } - } finally { - tt.done(); - } - - /* Run through all Futures, and see if - * 1) they have been executed (no longer valid) - * 2) The current Approvals indicate they can proceed - */ - Map<String,Pending> pendingApprs = new HashMap<>(); - Map<String,Pending> pendingTemp = new HashMap<>(); - - String approver; - - tt = trans.start("Analyze Good Tickets",Trans.SUB); - try { - for(Ticket ticket : goodTickets.values()) { - try { - pendingTemp.clear(); - switch(ticket.f.target()) { - case "user_role": - int state[][] = new int[3][3]; - int type; - - for(Approval appr : ticket.approvals) { - switch(appr.getType()) { - case "owner": - type=owner; - break; - case "supervisor": - type=supervisor; - break; - default: - type=0; - } - ++state[type][total]; // count per type - switch(appr.getStatus()) { - case "pending": - ++state[type][pending]; - approver = appr.getApprover(); - Pending n = pendingTemp.get(approver); - if(n==null) { - Date lastNotified = ln.lastNotified(approver,"pending",null); - pendingTemp.put(approver,new Pending(lastNotified)); - } else { - n.inc(); - } - break; - case "approved": - ++state[type][approved]; - break; - default: - ++state[type][unknown]; - } - } - - // To Approve: - // Always must have at least 1 owner - if((state[owner][total]>0 && state[owner][approved]>0) && - // If there are no Supervisors, that's ok - (state[supervisor][total]==0 || - // But if there is a Supervisor, they must have approved - (state[supervisor][approved]>0))) { - UserRoleDAO.Data urdd = new UserRoleDAO.Data(); - try { - urdd.reconstitute(ticket.f.fdd.construct); - if(urdd.expires.before(ticket.f.expires())) { - extendCW.row("extend_ur",urdd.user,urdd.role,ticket.f.expires()); - } - } catch (IOException e) { - trans.error().log("Could not reconstitute UserRole"); - } - } else { // Load all the Pending. - for(Entry<String, Pending> es : pendingTemp.entrySet()) { - Pending p = pendingApprs.get(es.getKey()); - if(p==null) { - pendingApprs.put(es.getKey(), es.getValue()); - } else { - p.inc(es.getValue()); - } - } - } - break; - } - } finally { - if("user_role".equals(ticket.f.fdd.target)) { - String key = ticket.f.fdd.target_key; - if(key!=null) { - mur.put(key, ticket); - } - } - } - } - } finally { - tt.done(); - } - // Good Tickets no longer needed - goodTickets.clear(); - - /** - * Decide to Notify about Approvals, based on activity/last Notified - */ - tt = trans.start("Analyze Approval Reminders", Trans.SUB); - try { - GregorianCalendar gc = new GregorianCalendar(); - gc.add(GregorianCalendar.DAY_OF_WEEK, 5); - Date remind = gc.getTime(); - - for(Entry<String, Pending> es : pendingApprs.entrySet()) { - Pending p = es.getValue(); - if(p.newApprovals() - || p.earliest() == LastNotified.NEVER // yes, equals. - || p.earliest().after(remind)) { - p.row(needApproveCW,es.getKey()); - } - } - } finally { - tt.done(); - } - - // clear out Approval Intermediates - pendingTemp = null; - pendingApprs = null; - } finally { - } - - /** - Run through User Roles. - Owners are treated specially in next section. - Regular roles are checked against Date Ranges. If match Date Range, write out to appropriate file. - */ - - try { - Role.load(trans, session); - - try { - tt = trans.start("Analyze UserRoles, storing Owners",Trans.SUB); - Set<String> specialCommented = new HashSet<>(); - Map<String, Set<UserRole>> owners = new TreeMap<>(); - try { - UserRole.load(noAvg, session, UserRole.v2_0_11, ur -> { - Identity identity; - try { - identity = trans.org().getIdentity(noAvg,ur.user()); - if(identity==null) { - // Candidate for Delete, but not Users if Special - String id = ur.user(); - for(String s : specialDomains) { - if(id.endsWith(s)) { - if(!specialCommented.contains(id)) { - deleteCW.comment("ID %s is part of special Domain %s (UR Org Check)", id,s); - specialCommented.add(id); - } - return; - } - } - if(specialNames.contains(id)) { - if(!specialCommented.contains(id)) { - deleteCW.comment("ID %s is a special ID (UR Org Check)", id); - specialCommented.add(id); - } - return; - } - ur.row(deleteCW, UserRole.UR,"Not in Organization"); - return; - } else if(Role.byName.get(ur.role())==null) { - ur.row(deleteCW, UserRole.UR,String.format("Role %s does not exist", ur.role())); - return; - } - // Just let expired UserRoles sit until deleted - if(futureRange.inRange(ur.expires())) { - if(!mur.containsKey(ur.user() + '|' + ur.role())) { - // Cannot just delete owners, unless there is at least one left. Process later - if ("owner".equals(ur.rname())) { - Set<UserRole> urs = owners.get(ur.role()); - if (urs == null) { - urs = new HashSet<UserRole>(); - owners.put(ur.role(), urs); - } - urs.add(ur); - } else { - Range r = writeAnalysis(noAvg,ur); - if(r!=null) { - Approval existing = findApproval(ur); - if(existing==null) { - ur.row(needApproveCW,UserRole.APPROVE_UR); - } - } - } - } - } - } catch (OrganizationException e) { - noAvg.error().log(e); - } - }); - } finally { - tt.done(); - } - mur.clear(); - - /** - Now Process Owners, one owner Role at a time, ensuring one is left, - preferably a good one. If so, process the others as normal. - - Otherwise, write to ExpiredOwners Report - */ - tt = trans.start("Analyze Owners Separately",Trans.SUB); - try { - if (!owners.values().isEmpty()) { - File file = new File(logDir(), EXPIRED_OWNERS + sdate + CSV); - final CSV ownerCSV = new CSV(env.access(),file); - CSV.Writer expOwner = ownerCSV.writer(); - expOwner.row(INFO,EXPIRED_OWNERS,sdate,2); - - try { - for (Set<UserRole> sur : owners.values()) { - int goodOwners = 0; - for (UserRole ur : sur) { - if (ur.expires().after(now)) { - ++goodOwners; - } - } - - for (UserRole ur : sur) { - if (goodOwners >= minOwners) { - Range r = writeAnalysis(noAvg, ur); - if(r!=null) { - Approval existing = findApproval(ur); - if(existing==null) { - ur.row(needApproveCW,UserRole.APPROVE_UR); - } - } - } else { - expOwner.row("owner",ur.role(), ur.user(), Chrono.dateOnlyStamp(ur.expires())); - Approval existing = findApproval(ur); - if(existing==null) { - ur.row(needApproveCW,UserRole.APPROVE_UR); - } - } - } - } - } finally { - if(expOwner!=null) { - expOwner.close(); - } - } - } - } finally { - tt.done(); - } - } finally { - Role.clear(); - UserRole.clear(); - } - - /** - * Check for Expired Credentials - */ - try { - // Load Cred. We don't follow Visitor, because we have to gather up everything into Identity Anyway - Cred.load(trans, session); - - tt = trans.start("Analyze Expired Credentials",Trans.SUB); - try { - for (Cred cred : Cred.data.values()) { - List<Instance> linst = cred.instances; - if(linst!=null) { - Instance lastBath = null; - for(Instance inst : linst) { - // All Creds go through Life Cycle - if(deleteDate!=null && inst.expires.before(deleteDate)) { - writeAnalysis(noAvg, cred, inst); // will go to Delete - // Basic Auth has Pre-EOL notifications IF there is no Newer Credential - } else if (inst.type == CredDAO.BASIC_AUTH || inst.type == CredDAO.BASIC_AUTH_SHA256) { - if(lastBath==null || lastBath.expires.before(inst.expires)) { - lastBath = inst; - } - } - } - if(lastBath!=null) { - writeAnalysis(noAvg, cred, lastBath); - } - } - } - } finally { - tt.done(); - } - } finally { - Cred.clear(); - } - - //////////////////// - tt = trans.start("Analyze Expired X509s",Trans.SUB); - try { - X509.load(noAvg, session, x509 -> { - try { - for(Certificate cert : Factory.toX509Certificate(x509.x509)) { - writeAnalysis(noAvg, x509, (X509Certificate)cert); - } - } catch (CertificateException | IOException e) { - noAvg.error().log(e, "Error Decrypting X509"); - } - }); - } finally { - tt.done(); - } - } catch (FileNotFoundException e) { - noAvg.info().log(e); - } - } + try { + Approval.load(trans, session, Approval.v2_0_17); + + //////////////////// + final Map<UUID,Ticket> goodTickets = new TreeMap<>(); + tt = trans.start("Analyze Expired Futures",Trans.SUB); + try { + Future.load(noAvg, session, Future.withConstruct, fut -> { + List<Approval> appls = Approval.byTicket.get(fut.id()); + if(!futureRange.inRange(fut.expires())) { + deleteCW.comment("Future %s expired", fut.id()); + Future.row(deleteCW,fut); + if(appls!=null) { + for(Approval a : appls) { + Approval.row(deleteCW, a); + } + } + } else if(appls==null) { // Orphaned Future (no Approvals) + deleteCW.comment("Future is Orphaned"); + Future.row(deleteCW,fut); + } else { + goodTickets.put(fut.fdd.id, new Ticket(fut)); + } + }); + } finally { + tt.done(); + } + + Set<String> approvers = new TreeSet<>(); + tt = trans.start("Connect Approvals with Futures",Trans.SUB); + try { + for(Approval appr : Approval.list) { + Ticket ticket=null; + UUID ticketID = appr.getTicket(); + if(ticketID!=null) { + ticket = goodTickets.get(appr.getTicket()); + } + if(ticket == null) { // Orphaned Approvals, no Futures + deleteCW.comment("Approval is Orphaned"); + Approval.row(deleteCW, appr); + } else { + // for users and approvers still valid + String user = appr.getUser(); + + if(org.isRevoked(noAvg, appr.getApprover())) { + deleteCW.comment("Approver ID is revoked"); + Approval.row(deleteCW, appr); + } else if(user!=null && !user.isEmpty() && org.isRevoked(noAvg, user)) { + deleteCW.comment("USER ID is revoked"); + Approval.row(deleteCW, appr); + } else { + ticket.approvals.add(appr); // add to found Ticket + approvers.add(appr.getApprover()); + } + } + } + } finally { + tt.done(); + } + + /* Run through all Futures, and see if + * 1) they have been executed (no longer valid) + * 2) The current Approvals indicate they can proceed + */ + Map<String,Pending> pendingApprs = new HashMap<>(); + Map<String,Pending> pendingTemp = new HashMap<>(); + + String approver; + + tt = trans.start("Analyze Good Tickets",Trans.SUB); + try { + for(Ticket ticket : goodTickets.values()) { + try { + pendingTemp.clear(); + switch(ticket.f.target()) { + case "user_role": + int state[][] = new int[3][3]; + int type; + + for(Approval appr : ticket.approvals) { + switch(appr.getType()) { + case "owner": + type=owner; + break; + case "supervisor": + type=supervisor; + break; + default: + type=0; + } + ++state[type][total]; // count per type + switch(appr.getStatus()) { + case "pending": + ++state[type][pending]; + approver = appr.getApprover(); + Pending n = pendingTemp.get(approver); + if(n==null) { + Date lastNotified = ln.lastNotified(approver,"pending",null); + pendingTemp.put(approver,new Pending(lastNotified)); + } else { + n.inc(); + } + break; + case "approved": + ++state[type][approved]; + break; + default: + ++state[type][unknown]; + } + } + + // To Approve: + // Always must have at least 1 owner + if((state[owner][total]>0 && state[owner][approved]>0) && + // If there are no Supervisors, that's ok + (state[supervisor][total]==0 || + // But if there is a Supervisor, they must have approved + (state[supervisor][approved]>0))) { + UserRoleDAO.Data urdd = new UserRoleDAO.Data(); + try { + urdd.reconstitute(ticket.f.fdd.construct); + if(urdd.expires.before(ticket.f.expires())) { + extendCW.row("extend_ur",urdd.user,urdd.role,ticket.f.expires()); + } + } catch (IOException e) { + trans.error().log("Could not reconstitute UserRole"); + } + } else { // Load all the Pending. + for(Entry<String, Pending> es : pendingTemp.entrySet()) { + Pending p = pendingApprs.get(es.getKey()); + if(p==null) { + pendingApprs.put(es.getKey(), es.getValue()); + } else { + p.inc(es.getValue()); + } + } + } + break; + } + } finally { + if("user_role".equals(ticket.f.fdd.target)) { + String key = ticket.f.fdd.target_key; + if(key!=null) { + mur.put(key, ticket); + } + } + } + } + } finally { + tt.done(); + } + // Good Tickets no longer needed + goodTickets.clear(); + + /** + * Decide to Notify about Approvals, based on activity/last Notified + */ + tt = trans.start("Analyze Approval Reminders", Trans.SUB); + try { + GregorianCalendar gc = new GregorianCalendar(); + gc.add(GregorianCalendar.DAY_OF_WEEK, 5); + Date remind = gc.getTime(); + + for(Entry<String, Pending> es : pendingApprs.entrySet()) { + Pending p = es.getValue(); + if(p.newApprovals() + || p.earliest() == LastNotified.NEVER // yes, equals. + || p.earliest().after(remind)) { + p.row(needApproveCW,es.getKey()); + } + } + } finally { + tt.done(); + } + + // clear out Approval Intermediates + pendingTemp = null; + pendingApprs = null; + } finally { + } + + /** + Run through User Roles. + Owners are treated specially in next section. + Regular roles are checked against Date Ranges. If match Date Range, write out to appropriate file. + */ + + try { + Role.load(trans, session); + + try { + tt = trans.start("Analyze UserRoles, storing Owners",Trans.SUB); + Set<String> specialCommented = new HashSet<>(); + Map<String, Set<UserRole>> owners = new TreeMap<>(); + try { + UserRole.load(noAvg, session, UserRole.v2_0_11, ur -> { + Identity identity; + try { + identity = trans.org().getIdentity(noAvg,ur.user()); + if(identity==null) { + // Candidate for Delete, but not Users if Special + String id = ur.user(); + for(String s : specialDomains) { + if(id.endsWith(s)) { + if(!specialCommented.contains(id)) { + deleteCW.comment("ID %s is part of special Domain %s (UR Org Check)", id,s); + specialCommented.add(id); + } + return; + } + } + if(specialNames.contains(id)) { + if(!specialCommented.contains(id)) { + deleteCW.comment("ID %s is a special ID (UR Org Check)", id); + specialCommented.add(id); + } + return; + } + ur.row(deleteCW, UserRole.UR,"Not in Organization"); + return; + } else if(Role.byName.get(ur.role())==null) { + ur.row(deleteCW, UserRole.UR,String.format("Role %s does not exist", ur.role())); + return; + } + // Just let expired UserRoles sit until deleted + if(futureRange.inRange(ur.expires())) { + if(!mur.containsKey(ur.user() + '|' + ur.role())) { + // Cannot just delete owners, unless there is at least one left. Process later + if ("owner".equals(ur.rname())) { + Set<UserRole> urs = owners.get(ur.role()); + if (urs == null) { + urs = new HashSet<UserRole>(); + owners.put(ur.role(), urs); + } + urs.add(ur); + } else { + Range r = writeAnalysis(noAvg,ur); + if(r!=null) { + Approval existing = findApproval(ur); + if(existing==null) { + ur.row(needApproveCW,UserRole.APPROVE_UR); + } + } + } + } + } + } catch (OrganizationException e) { + noAvg.error().log(e); + } + }); + } finally { + tt.done(); + } + mur.clear(); + + /** + Now Process Owners, one owner Role at a time, ensuring one is left, + preferably a good one. If so, process the others as normal. + + Otherwise, write to ExpiredOwners Report + */ + tt = trans.start("Analyze Owners Separately",Trans.SUB); + try { + if (!owners.values().isEmpty()) { + File file = new File(logDir(), EXPIRED_OWNERS + sdate + CSV); + final CSV ownerCSV = new CSV(env.access(),file); + CSV.Writer expOwner = ownerCSV.writer(); + expOwner.row(INFO,EXPIRED_OWNERS,sdate,2); + + try { + for (Set<UserRole> sur : owners.values()) { + int goodOwners = 0; + for (UserRole ur : sur) { + if (ur.expires().after(now)) { + ++goodOwners; + } + } + + for (UserRole ur : sur) { + if (goodOwners >= minOwners) { + Range r = writeAnalysis(noAvg, ur); + if(r!=null) { + Approval existing = findApproval(ur); + if(existing==null) { + ur.row(needApproveCW,UserRole.APPROVE_UR); + } + } + } else { + expOwner.row("owner",ur.role(), ur.user(), Chrono.dateOnlyStamp(ur.expires())); + Approval existing = findApproval(ur); + if(existing==null) { + ur.row(needApproveCW,UserRole.APPROVE_UR); + } + } + } + } + } finally { + if(expOwner!=null) { + expOwner.close(); + } + } + } + } finally { + tt.done(); + } + } finally { + Role.clear(); + UserRole.clear(); + } + + /** + * Check for Expired Credentials + */ + try { + // Load Cred. We don't follow Visitor, because we have to gather up everything into Identity Anyway + Cred.load(trans, session); + + tt = trans.start("Analyze Expired Credentials",Trans.SUB); + try { + for (Cred cred : Cred.data.values()) { + List<Instance> linst = cred.instances; + if(linst!=null) { + Instance lastBath = null; + for(Instance inst : linst) { + // All Creds go through Life Cycle + if(deleteDate!=null && inst.expires.before(deleteDate)) { + writeAnalysis(noAvg, cred, inst); // will go to Delete + // Basic Auth has Pre-EOL notifications IF there is no Newer Credential + } else if (inst.type == CredDAO.BASIC_AUTH || inst.type == CredDAO.BASIC_AUTH_SHA256) { + if(lastBath==null || lastBath.expires.before(inst.expires)) { + lastBath = inst; + } + } + } + if(lastBath!=null) { + writeAnalysis(noAvg, cred, lastBath); + } + } + } + } finally { + tt.done(); + } + } finally { + Cred.clear(); + } + + //////////////////// + tt = trans.start("Analyze Expired X509s",Trans.SUB); + try { + X509.load(noAvg, session, x509 -> { + try { + for(Certificate cert : Factory.toX509Certificate(x509.x509)) { + writeAnalysis(noAvg, x509, (X509Certificate)cert); + } + } catch (CertificateException | IOException e) { + noAvg.error().log(e, "Error Decrypting X509"); + } + }); + } finally { + tt.done(); + } + } catch (FileNotFoundException e) { + noAvg.info().log(e); + } + } - private Approval findApproval(UserRole ur) { - Approval existing = null; - List<Approval> apprs = Approval.byUser.get(ur.user()); - if(apprs!=null) { - for(Approval appr : apprs) { - if(ur.role().equals(appr.getRole()) && - appr.getMemo().contains(Chrono.dateOnlyStamp(ur.expires()))) { - existing = appr; - } - } - } - return existing; - } + private Approval findApproval(UserRole ur) { + Approval existing = null; + List<Approval> apprs = Approval.byUser.get(ur.user()); + if(apprs!=null) { + for(Approval appr : apprs) { + if(ur.role().equals(appr.getRole()) && + appr.getMemo().contains(Chrono.dateOnlyStamp(ur.expires()))) { + existing = appr; + } + } + } + return existing; + } - private Range writeAnalysis(AuthzTrans noAvg, UserRole ur) { - Range r = expireRange.getRange("ur", ur.expires()); - if(r!=null) { - Date lnd = ln.lastNotified(LastNotified.newKey(ur)); - // Note: lnd is NEVER null - Identity i; - try { - i = org.getIdentity(noAvg, ur.user()); - } catch (OrganizationException e) { - i=null; - } - if(r.needsContact(lnd,i)) { - CSV.Writer cw = writerList.get(r.name()); - if(cw!=null) { - ur.row(cw,UserRole.UR); - } - } - } - return r; - } + private Range writeAnalysis(AuthzTrans noAvg, UserRole ur) { + Range r = expireRange.getRange("ur", ur.expires()); + if(r!=null) { + Date lnd = ln.lastNotified(LastNotified.newKey(ur)); + // Note: lnd is NEVER null + Identity i; + try { + i = org.getIdentity(noAvg, ur.user()); + } catch (OrganizationException e) { + i=null; + } + if(r.needsContact(lnd,i)) { + CSV.Writer cw = writerList.get(r.name()); + if(cw!=null) { + ur.row(cw,UserRole.UR); + } + } + } + return r; + } private void writeAnalysis(AuthzTrans noAvg, Cred cred, Instance inst) { - if(cred!=null && inst!=null) { - Range r = expireRange.getRange("cred", inst.expires); - if(r!=null) { - Date lnd = ln.lastNotified(LastNotified.newKey(cred,inst)); - // Note: lnd is NEVER null - Identity i; - try { - i = org.getIdentity(noAvg, cred.id); - } catch (OrganizationException e) { - i=null; - } - if(r.needsContact(lnd,i)) { - CSV.Writer cw = writerList.get(r.name()); - if(cw!=null) { - cred.row(cw,inst); - } - } - } - } - } + if(cred!=null && inst!=null) { + Range r = expireRange.getRange("cred", inst.expires); + if(r!=null) { + Date lnd = ln.lastNotified(LastNotified.newKey(cred,inst)); + // Note: lnd is NEVER null + Identity i; + try { + i = org.getIdentity(noAvg, cred.id); + } catch (OrganizationException e) { + i=null; + } + if(r.needsContact(lnd,i)) { + CSV.Writer cw = writerList.get(r.name()); + if(cw!=null) { + cred.row(cw,inst); + } + } + } + } + } private void writeAnalysis(AuthzTrans noAvg, X509 x509, X509Certificate x509Cert) throws IOException { - Range r = expireRange.getRange("x509", x509Cert.getNotAfter()); - if(r!=null) { - Date lnd = ln.lastNotified(LastNotified.newKey(x509,x509Cert)); - // Note: lnd is NEVER null - Identity i; - try { - i = org.getIdentity(noAvg, x509.id); - } catch (OrganizationException e) { - i=null; - } - if(r.needsContact(lnd,i)) { - CSV.Writer cw = writerList.get(r.name()); - if(cw!=null) { - x509.row(cw,x509Cert); - } - } - } - } + Range r = expireRange.getRange("x509", x509Cert.getNotAfter()); + if(r!=null) { + Date lnd = ln.lastNotified(LastNotified.newKey(x509,x509Cert)); + // Note: lnd is NEVER null + Identity i; + try { + i = org.getIdentity(noAvg, x509.id); + } catch (OrganizationException e) { + i=null; + } + if(r.needsContact(lnd,i)) { + CSV.Writer cw = writerList.get(r.name()); + if(cw!=null) { + x509.row(cw,x509Cert); + } + } + } + } @Override protected void _close(AuthzTrans trans) { session.close(); - for(CSV.Writer cw : writerList.values()) { - cw.close(); - } + for(CSV.Writer cw : writerList.values()) { + cw.close(); + } } } diff --git a/auth/auth-batch/src/main/java/org/onap/aaf/auth/batch/reports/ApprovedRpt.java b/auth/auth-batch/src/main/java/org/onap/aaf/auth/batch/reports/ApprovedRpt.java index a943cbc2..c7f0c5a2 100644 --- a/auth/auth-batch/src/main/java/org/onap/aaf/auth/batch/reports/ApprovedRpt.java +++ b/auth/auth-batch/src/main/java/org/onap/aaf/auth/batch/reports/ApprovedRpt.java @@ -49,15 +49,15 @@ import com.datastax.driver.core.Statement; public class ApprovedRpt extends Batch { - private static final String APPR_RPT = "ApprovedRpt"; - private static final String CSV = ".csv"; - private static final String INFO = "info"; - private Date now; - private Writer approvedW; - private CSV historyR; - private static String yr_mon; - - public ApprovedRpt(AuthzTrans trans) throws APIException, IOException, OrganizationException { + private static final String APPR_RPT = "ApprovedRpt"; + private static final String CSV = ".csv"; + private static final String INFO = "info"; + private Date now; + private Writer approvedW; + private CSV historyR; + private static String yr_mon; + + public ApprovedRpt(AuthzTrans trans) throws APIException, IOException, OrganizationException { super(trans.env()); trans.info().log("Starting Connection Process"); @@ -72,7 +72,7 @@ public class ApprovedRpt extends Batch { now = new Date(); String sdate = Chrono.dateOnlyStamp(now); - File file = new File(logDir(),APPR_RPT + sdate +CSV); + File file = new File(logDir(),APPR_RPT + sdate +CSV); CSV csv = new CSV(env.access(),file); approvedW = csv.writer(false); @@ -86,33 +86,33 @@ public class ApprovedRpt extends Batch { @Override protected void run(AuthzTrans trans) { - try { - Map<String,Boolean> checked = new TreeMap<String, Boolean>(); - - final AuthzTrans transNoAvg = trans.env().newTransNoAvg(); -// ResultSet results; + try { + Map<String,Boolean> checked = new TreeMap<String, Boolean>(); + + final AuthzTrans transNoAvg = trans.env().newTransNoAvg(); +// ResultSet results; // Statement stmt = new SimpleStatement( "select dateof(id), approver, status, user, type, memo from authz.approved;" ); // results = session.execute(stmt); // Iterator<Row> iter = results.iterator(); // Row row; - /* - * while (iter.hasNext()) { + /* + * while (iter.hasNext()) { ++totalLoaded; row = iter.next(); d = row.getTimestamp(0); if(d.after(begin)) { - approvedW.row("aprvd", - Chrono.dateOnlyStamp(d), - row.getString(1), - row.getString(2), - row.getString(3), - row.getString(4), - row.getString(5) - ); + approvedW.row("aprvd", + Chrono.dateOnlyStamp(d), + row.getString(1), + row.getString(2), + row.getString(3), + row.getString(4), + row.getString(5) + ); } } - */ + */ int totalLoaded = 0; Date d; GregorianCalendar gc = new GregorianCalendar(); @@ -123,58 +123,58 @@ public class ApprovedRpt extends Batch { historyR.visit(row -> { String s = row.get(7); if(s.equals(yr_mon)) { - String target = row.get(5); - if("user_role".equals(target)) { - String action = row.get(1); - switch(action) { - case "create": - write("created",row); - break; - case "update": - write("approved",row); - break; - case "delete": - write("denied",row); - break; - } - } + String target = row.get(5); + if("user_role".equals(target)) { + String action = row.get(1); + switch(action) { + case "create": + write("created",row); + break; + case "update": + write("approved",row); + break; + case "delete": + write("denied",row); + break; + } + } } }); - } catch (Exception e) { - trans.info().log(e); - } - } + } catch (Exception e) { + trans.info().log(e); + } + } - private void write(String a_or_d, List<String> row) { - String[] target = Split.splitTrim('|', row.get(4)); - - if(target.length>1) { - UUID id = UUID.fromString(row.get(0)); - Date date = Chrono.uuidToDate(id); - String status; - String memo; - String approver = row.get(6); - if("batch:JobChange".equals(approver)) { - status = "reduced"; - memo = "existing role membership reduced to invoke reapproval"; - } else { - status = a_or_d; - memo = row.get(2); - } - if(!approver.equals(target[0])) { - approvedW.row( - Chrono.niceDateStamp(date), - approver, - status, - target[0], - target[1], - memo - ); - } - } + private void write(String a_or_d, List<String> row) { + String[] target = Split.splitTrim('|', row.get(4)); + + if(target.length>1) { + UUID id = UUID.fromString(row.get(0)); + Date date = Chrono.uuidToDate(id); + String status; + String memo; + String approver = row.get(6); + if("batch:JobChange".equals(approver)) { + status = "reduced"; + memo = "existing role membership reduced to invoke reapproval"; + } else { + status = a_or_d; + memo = row.get(2); + } + if(!approver.equals(target[0])) { + approvedW.row( + Chrono.niceDateStamp(date), + approver, + status, + target[0], + target[1], + memo + ); + } + } - - } + + } } diff --git a/auth/auth-batch/src/main/java/org/onap/aaf/auth/batch/reports/NotInOrg.java b/auth/auth-batch/src/main/java/org/onap/aaf/auth/batch/reports/NotInOrg.java index fb562b24..bd56fc2e 100644 --- a/auth/auth-batch/src/main/java/org/onap/aaf/auth/batch/reports/NotInOrg.java +++ b/auth/auth-batch/src/main/java/org/onap/aaf/auth/batch/reports/NotInOrg.java @@ -46,16 +46,16 @@ import org.onap.aaf.misc.env.util.Chrono; public class NotInOrg extends Batch { - private static final String NOT_IN_ORG = "NotInOrg"; - private static final String CSV = ".csv"; - private static final String INFO = "info"; - private Map<String, CSV.Writer> writerList; - private Map<String, CSV.Writer> whichWriter; - private Date now; - private Writer notInOrgW; - private Writer notInOrgDeleteW; - - public NotInOrg(AuthzTrans trans) throws APIException, IOException, OrganizationException { + private static final String NOT_IN_ORG = "NotInOrg"; + private static final String CSV = ".csv"; + private static final String INFO = "info"; + private Map<String, CSV.Writer> writerList; + private Map<String, CSV.Writer> whichWriter; + private Date now; + private Writer notInOrgW; + private Writer notInOrgDeleteW; + + public NotInOrg(AuthzTrans trans) throws APIException, IOException, OrganizationException { super(trans.env()); trans.info().log("Starting Connection Process"); @@ -77,7 +77,7 @@ public class NotInOrg extends Batch { now = new Date(); String sdate = Chrono.dateOnlyStamp(now); - File file = new File(logDir(),NOT_IN_ORG + sdate +CSV); + File file = new File(logDir(),NOT_IN_ORG + sdate +CSV); CSV csv = new CSV(env.access(),file); notInOrgW = csv.writer(false); notInOrgW.row(INFO,NOT_IN_ORG,Chrono.dateOnlyStamp(now),0); @@ -98,75 +98,75 @@ public class NotInOrg extends Batch { @Override protected void run(AuthzTrans trans) { - try { - Map<String,Boolean> checked = new TreeMap<String, Boolean>(); - trans.info().log("Process Organization Identities"); - trans.info().log("User Roles"); - - final AuthzTrans transNoAvg = trans.env().newTransNoAvg(); - UserRole.load(trans, session, UserRole.v2_0_11, ur -> { - try { - if(!check(transNoAvg, checked, ur.user())) { - ur.row(whichWriter(transNoAvg,ur.user()),UserRole.UR); - } - } catch (OrganizationException e) { - trans.error().log(e, "Error Decrypting X509"); - } - }); - - trans.info().log("Checking for Creds without IDs"); - - for (Cred cred : Cred.data.values()) { - if(!check(transNoAvg,checked, cred.id)) { - CSV.Writer cw = whichWriter(transNoAvg, cred.id); - for(Instance inst : cred.instances) { - cred.row(cw, inst); - } - } - } - - } catch (OrganizationException e) { - trans.info().log(e); - } - } + try { + Map<String,Boolean> checked = new TreeMap<String, Boolean>(); + trans.info().log("Process Organization Identities"); + trans.info().log("User Roles"); + + final AuthzTrans transNoAvg = trans.env().newTransNoAvg(); + UserRole.load(trans, session, UserRole.v2_0_11, ur -> { + try { + if(!check(transNoAvg, checked, ur.user())) { + ur.row(whichWriter(transNoAvg,ur.user()),UserRole.UR); + } + } catch (OrganizationException e) { + trans.error().log(e, "Error Decrypting X509"); + } + }); + + trans.info().log("Checking for Creds without IDs"); + + for (Cred cred : Cred.data.values()) { + if(!check(transNoAvg,checked, cred.id)) { + CSV.Writer cw = whichWriter(transNoAvg, cred.id); + for(Instance inst : cred.instances) { + cred.row(cw, inst); + } + } + } + + } catch (OrganizationException e) { + trans.info().log(e); + } + } - private Writer whichWriter(AuthzTrans transNoAvg, String id) { - Writer w = whichWriter.get(id); - if(w==null) { - w = org.isRevoked(transNoAvg, id)? - notInOrgDeleteW: - notInOrgW; - whichWriter.put(id,w); - } - return w; - } + private Writer whichWriter(AuthzTrans transNoAvg, String id) { + Writer w = whichWriter.get(id); + if(w==null) { + w = org.isRevoked(transNoAvg, id)? + notInOrgDeleteW: + notInOrgW; + whichWriter.put(id,w); + } + return w; + } - private boolean check(AuthzTrans trans, Map<String, Boolean> checked, String id) throws OrganizationException { - Boolean rv = checked.get(id); - if(rv==null) { - if(isSpecial(id)) { // do not check against org... too important to delete. - return true; - } - Organization org = trans.org(); - if(org != null) { - Identity identity = org.getIdentity(trans, id); - rv = identity!=null; - checked.put(id, rv); - } else { - throw new OrganizationException("No Organization Found for " + id + ": required for processing"); - } - } - return rv; - } + private boolean check(AuthzTrans trans, Map<String, Boolean> checked, String id) throws OrganizationException { + Boolean rv = checked.get(id); + if(rv==null) { + if(isSpecial(id)) { // do not check against org... too important to delete. + return true; + } + Organization org = trans.org(); + if(org != null) { + Identity identity = org.getIdentity(trans, id); + rv = identity!=null; + checked.put(id, rv); + } else { + throw new OrganizationException("No Organization Found for " + id + ": required for processing"); + } + } + return rv; + } - @Override + @Override protected void _close(AuthzTrans trans) { session.close(); - for(CSV.Writer cw : writerList.values()) { - cw.close(); - } + for(CSV.Writer cw : writerList.values()) { + cw.close(); + } } } diff --git a/auth/auth-batch/src/main/java/org/onap/aaf/auth/batch/reports/Notify.java b/auth/auth-batch/src/main/java/org/onap/aaf/auth/batch/reports/Notify.java index 7cb8c1bd..a040804d 100644 --- a/auth/auth-batch/src/main/java/org/onap/aaf/auth/batch/reports/Notify.java +++ b/auth/auth-batch/src/main/java/org/onap/aaf/auth/batch/reports/Notify.java @@ -58,340 +58,340 @@ import org.onap.aaf.misc.env.Trans; import org.onap.aaf.misc.env.util.Chrono; public class Notify extends Batch { - private static final String HTML_CSS = "HTML_CSS"; - private final Mailer mailer; - private final String header; - private final String footer; - private final int maxEmails; - private final int indent; - private final boolean urgent; - public final String guiURL; - private PropAccess access; - private AuthzTrans noAvg; - private CQLBatch cqlBatch; - private LastNotified lastN; - private CQLBatchLoop cbl; + private static final String HTML_CSS = "HTML_CSS"; + private final Mailer mailer; + private final String header; + private final String footer; + private final int maxEmails; + private final int indent; + private final boolean urgent; + public final String guiURL; + private PropAccess access; + private AuthzTrans noAvg; + private CQLBatch cqlBatch; + private LastNotified lastN; + private CQLBatchLoop cbl; - public Notify(AuthzTrans trans) throws APIException, IOException, OrganizationException { - super(trans.env()); - access = env.access(); - session = cluster.connect(); + public Notify(AuthzTrans trans) throws APIException, IOException, OrganizationException { + super(trans.env()); + access = env.access(); + session = cluster.connect(); - String mailerCls = env.getProperty("MAILER"); - String mailFrom = env.getProperty("MAIL_FROM"); - String header_html = env.getProperty("HEADER_HTML"); - String footer_html = env.getProperty("FOOTER_HTML"); - String str = env.getProperty("MAX_EMAIL"); - guiURL = env.getProperty("GUI_URL"); - maxEmails = str==null||str.isEmpty()?Integer.MAX_VALUE:Integer.parseInt(str); - if(mailerCls==null || mailFrom==null || guiURL==null || header_html==null || footer_html==null) { - throw new APIException("Notify requires MAILER, MAILER_FROM, GUI_URL, HEADER_HTML and FOOTER_HTML properties"); - } - try { - Class<?> mailc = Class.forName(mailerCls); - Constructor<?> mailcst = mailc.getConstructor(Access.class); - mailer = (Mailer)mailcst.newInstance(env.access()); - } catch (ClassNotFoundException | NoSuchMethodException | SecurityException | InstantiationException | IllegalAccessException | IllegalArgumentException | InvocationTargetException e) { - throw new APIException("Unable to construct " + mailerCls,e); - } + String mailerCls = env.getProperty("MAILER"); + String mailFrom = env.getProperty("MAIL_FROM"); + String header_html = env.getProperty("HEADER_HTML"); + String footer_html = env.getProperty("FOOTER_HTML"); + String str = env.getProperty("MAX_EMAIL"); + guiURL = env.getProperty("GUI_URL"); + maxEmails = str==null||str.isEmpty()?Integer.MAX_VALUE:Integer.parseInt(str); + if(mailerCls==null || mailFrom==null || guiURL==null || header_html==null || footer_html==null) { + throw new APIException("Notify requires MAILER, MAILER_FROM, GUI_URL, HEADER_HTML and FOOTER_HTML properties"); + } + try { + Class<?> mailc = Class.forName(mailerCls); + Constructor<?> mailcst = mailc.getConstructor(Access.class); + mailer = (Mailer)mailcst.newInstance(env.access()); + } catch (ClassNotFoundException | NoSuchMethodException | SecurityException | InstantiationException | IllegalAccessException | IllegalArgumentException | InvocationTargetException e) { + throw new APIException("Unable to construct " + mailerCls,e); + } - String line; - StringBuilder sb = new StringBuilder(); - File fhh = new File(header_html); - if(!fhh.exists()) { - throw new APIException(header_html + " does not exist"); - } - BufferedReader br = new BufferedReader(new FileReader(fhh)); - try { - while((line=br.readLine())!=null) { - sb.append(line); - sb.append('\n'); - } - String html_css = env.getProperty(HTML_CSS); - String temp; - int hc = sb.indexOf(HTML_CSS); - if(hc!=0 && html_css!=null) { - temp = sb.replace(hc,hc+HTML_CSS.length(), html_css).toString(); - } else { - temp = sb.toString(); - } - header = temp.replace("AAF:ENV", batchEnv); - } finally { - br.close(); - } + String line; + StringBuilder sb = new StringBuilder(); + File fhh = new File(header_html); + if(!fhh.exists()) { + throw new APIException(header_html + " does not exist"); + } + BufferedReader br = new BufferedReader(new FileReader(fhh)); + try { + while((line=br.readLine())!=null) { + sb.append(line); + sb.append('\n'); + } + String html_css = env.getProperty(HTML_CSS); + String temp; + int hc = sb.indexOf(HTML_CSS); + if(hc!=0 && html_css!=null) { + temp = sb.replace(hc,hc+HTML_CSS.length(), html_css).toString(); + } else { + temp = sb.toString(); + } + header = temp.replace("AAF:ENV", batchEnv); + } finally { + br.close(); + } - // Establish index from header - int lastTag = header.lastIndexOf('<'); - if(lastTag>0) { - int prevCR = header.lastIndexOf('\n',lastTag); - if(prevCR>0) { - indent = lastTag-prevCR; - } else { - indent = 6; //arbitrary - } - } else { - indent = 6; - } + // Establish index from header + int lastTag = header.lastIndexOf('<'); + if(lastTag>0) { + int prevCR = header.lastIndexOf('\n',lastTag); + if(prevCR>0) { + indent = lastTag-prevCR; + } else { + indent = 6; //arbitrary + } + } else { + indent = 6; + } - urgent = false; - - sb.setLength(0); - fhh = new File(footer_html); - if(!fhh.exists()) { - throw new APIException(footer_html + " does not exist"); - } + urgent = false; + + sb.setLength(0); + fhh = new File(footer_html); + if(!fhh.exists()) { + throw new APIException(footer_html + " does not exist"); + } - br = new BufferedReader(new FileReader(fhh)); - try { - while((line=br.readLine())!=null) { - sb.append(line); - sb.append('\n'); - } - footer = sb.toString(); - } finally { - br.close(); - } + br = new BufferedReader(new FileReader(fhh)); + try { + while((line=br.readLine())!=null) { + sb.append(line); + sb.append('\n'); + } + footer = sb.toString(); + } finally { + br.close(); + } - noAvg = trans.env().newTransNoAvg(); - cqlBatch = new CQLBatch(noAvg.debug(),session); - cbl = new CQLBatchLoop(cqlBatch,50,dryRun); - - lastN = new LastNotified(session); - } + noAvg = trans.env().newTransNoAvg(); + cqlBatch = new CQLBatch(noAvg.debug(),session); + cbl = new CQLBatchLoop(cqlBatch,50,dryRun); + + lastN = new LastNotified(session); + } - /* - * Note: We try to put things related to Notify as Main Class in Run, where we might have put in - * Constructor, so that we can have other Classes call just the "notify" method. - */ - @Override - protected void run(AuthzTrans trans) { + /* + * Note: We try to put things related to Notify as Main Class in Run, where we might have put in + * Constructor, so that we can have other Classes call just the "notify" method. + */ + @Override + protected void run(AuthzTrans trans) { - final Holder<List<String>> info = new Holder<>(null); - final Set<String> errorSet = new HashSet<>(); - String fmt = "%s"+Chrono.dateOnlyStamp()+".csv"; + final Holder<List<String>> info = new Holder<>(null); + final Set<String> errorSet = new HashSet<>(); + String fmt = "%s"+Chrono.dateOnlyStamp()+".csv"; - try { - // Class Load possible data - NotifyBody.load(env.access()); + try { + // Class Load possible data + NotifyBody.load(env.access()); - // Create Intermediate Output - File logDir = logDir(); - Set<File> notifyFile = new HashSet<>(); - if(args().length>0) { - for(int i=0;i<args().length;++i) { - notifyFile.add(new File(logDir, args()[i])); - } - } else { - File file; - for(NotifyBody nb : NotifyBody.getAll()) { - file = new File(logDir,String.format(fmt, nb.name())); - if(file.exists()) { - trans.info().printf("Processing '%s' in %s",nb.type(),file.getCanonicalPath()); - notifyFile.add(file); - } else { - trans.info().printf("No Files found for %s",nb.name()); - } - } - } + // Create Intermediate Output + File logDir = logDir(); + Set<File> notifyFile = new HashSet<>(); + if(args().length>0) { + for(int i=0;i<args().length;++i) { + notifyFile.add(new File(logDir, args()[i])); + } + } else { + File file; + for(NotifyBody nb : NotifyBody.getAll()) { + file = new File(logDir,String.format(fmt, nb.name())); + if(file.exists()) { + trans.info().printf("Processing '%s' in %s",nb.type(),file.getCanonicalPath()); + notifyFile.add(file); + } else { + trans.info().printf("No Files found for %s",nb.name()); + } + } + } - for(File f : notifyFile) { - CSV csv = new CSV(env.access(),f); - try { - csv.visit(new CSV.Visitor() { - @Override - public void visit(List<String> row) throws IOException, CadiException { - if("info".equals(row.get(0))) { - info.set(row); - } - if(info.get()==null) { - throw new CadiException("First line of Feed MUST contain 'info' record"); - } String key = row.get(0)+'|'+info.get().get(1); - NotifyBody body = NotifyBody.get(key); - if(body==null) { - errorSet.add("No NotifyBody defined for " + key); - } else { - body.store(row); - } - } - }); - } catch (IOException | CadiException e) { - e.printStackTrace(); - } + for(File f : notifyFile) { + CSV csv = new CSV(env.access(),f); + try { + csv.visit(new CSV.Visitor() { + @Override + public void visit(List<String> row) throws IOException, CadiException { + if("info".equals(row.get(0))) { + info.set(row); + } + if(info.get()==null) { + throw new CadiException("First line of Feed MUST contain 'info' record"); + } String key = row.get(0)+'|'+info.get().get(1); + NotifyBody body = NotifyBody.get(key); + if(body==null) { + errorSet.add("No NotifyBody defined for " + key); + } else { + body.store(row); + } + } + }); + } catch (IOException | CadiException e) { + e.printStackTrace(); + } - } + } - // now create Notification - for(NotifyBody nb : NotifyBody.getAll()) { - int count = notify(noAvg, nb); - trans.info().printf("Emailed %d for %s",count,nb.name()); - } - - // - // Do Pending Approval Notifies. We do this separately, because we are consolidating - // all the new entries, etc. - // - List<CSV> csvList = new ArrayList<>(); - for(String s : new String[] {"Approvals","ApprovalsNew"}) { - File f = new File(logDir(),String.format(fmt, s)); - if(f.exists()) { - csvList.add(new CSV(access,f)); - } - } - - Map<String,Pending> mpending = new TreeMap<>(); - Holder<Integer> count = new Holder<>(0); - for(CSV approveCSV : csvList) { - TimeTaken tt = trans.start("Load Analyzed Reminders",Trans.SUB,approveCSV.name()); - try { - approveCSV.visit(row -> { - switch(row.get(0)) { -// case "info": -// break; - case Pending.REMIND: - try { - String user = row.get(1); - Pending p = new Pending(row); - Pending mp = mpending.get(user); - if(mp==null) { - mpending.put(user, p); - } else { - mp.inc(p); // FYI, unlikely - } - count.set(count.get()+1); - } catch (ParseException e) { - trans.error().log(e); - } - break; - } - }); - } catch (IOException | CadiException e) { - trans.error().log(e); - } finally { - tt.done(); - } - } - trans.info().printf("Read %d Reminder Rows", count.get()); - - NotifyPendingApprBody npab = new NotifyPendingApprBody(access); + // now create Notification + for(NotifyBody nb : NotifyBody.getAll()) { + int count = notify(noAvg, nb); + trans.info().printf("Emailed %d for %s",count,nb.name()); + } + + // + // Do Pending Approval Notifies. We do this separately, because we are consolidating + // all the new entries, etc. + // + List<CSV> csvList = new ArrayList<>(); + for(String s : new String[] {"Approvals","ApprovalsNew"}) { + File f = new File(logDir(),String.format(fmt, s)); + if(f.exists()) { + csvList.add(new CSV(access,f)); + } + } + + Map<String,Pending> mpending = new TreeMap<>(); + Holder<Integer> count = new Holder<>(0); + for(CSV approveCSV : csvList) { + TimeTaken tt = trans.start("Load Analyzed Reminders",Trans.SUB,approveCSV.name()); + try { + approveCSV.visit(row -> { + switch(row.get(0)) { +// case "info": +// break; + case Pending.REMIND: + try { + String user = row.get(1); + Pending p = new Pending(row); + Pending mp = mpending.get(user); + if(mp==null) { + mpending.put(user, p); + } else { + mp.inc(p); // FYI, unlikely + } + count.set(count.get()+1); + } catch (ParseException e) { + trans.error().log(e); + } + break; + } + }); + } catch (IOException | CadiException e) { + trans.error().log(e); + } finally { + tt.done(); + } + } + trans.info().printf("Read %d Reminder Rows", count.get()); + + NotifyPendingApprBody npab = new NotifyPendingApprBody(access); - GregorianCalendar gc = new GregorianCalendar(); - gc.add(GregorianCalendar.DAY_OF_MONTH, 7); // Get from INFO? - Date oneWeek = gc.getTime(); - CSV.Saver rs = new CSV.Saver(); - - TimeTaken tt = trans.start("Obtain Last Notifications for Approvers", Trans.SUB); - try { - lastN.add(mpending.keySet()); - } finally { - tt.done(); - } - - Pending p; - - tt = trans.start("Notify for Pending", Trans.SUB); - List<String> idList = new ArrayList<String>(); - String id; - try { - for(Entry<String, Pending> es : mpending.entrySet()) { - id = es.getKey(); - idList.clear(); - idList.add(id); - p = es.getValue(); - boolean nap = p.newApprovals(); - if(!nap) { - Date dateLastNotified = lastN.lastNotified(id,"pending",""); - if(dateLastNotified==null || dateLastNotified.after(oneWeek) ) { - nap=true; - } - } - if(nap) { - rs.row("appr", id,p.qty(),batchEnv); - npab.store(rs.asList()); - if(notify(noAvg, npab)>0) { - // Update -// lastN.update(cbl.inc(),key,"pending",""); - npab.record(trans,cbl.inc(), id, idList, lastN); - npab.inc(); - } - } - } - } finally { - cbl.flush(); - tt.done(); + GregorianCalendar gc = new GregorianCalendar(); + gc.add(GregorianCalendar.DAY_OF_MONTH, 7); // Get from INFO? + Date oneWeek = gc.getTime(); + CSV.Saver rs = new CSV.Saver(); + + TimeTaken tt = trans.start("Obtain Last Notifications for Approvers", Trans.SUB); + try { + lastN.add(mpending.keySet()); + } finally { + tt.done(); + } + + Pending p; + + tt = trans.start("Notify for Pending", Trans.SUB); + List<String> idList = new ArrayList<String>(); + String id; + try { + for(Entry<String, Pending> es : mpending.entrySet()) { + id = es.getKey(); + idList.clear(); + idList.add(id); + p = es.getValue(); + boolean nap = p.newApprovals(); + if(!nap) { + Date dateLastNotified = lastN.lastNotified(id,"pending",""); + if(dateLastNotified==null || dateLastNotified.after(oneWeek) ) { + nap=true; + } + } + if(nap) { + rs.row("appr", id,p.qty(),batchEnv); + npab.store(rs.asList()); + if(notify(noAvg, npab)>0) { + // Update +// lastN.update(cbl.inc(),key,"pending",""); + npab.record(trans,cbl.inc(), id, idList, lastN); + npab.inc(); + } + } + } + } finally { + cbl.flush(); + tt.done(); trans.info().printf("Notified %d persons of Pending Approvals", npab.count()); - } + } - } catch (APIException | IOException e1) { - trans.error().log(e1); - } finally { - for(String s : errorSet) { - trans.audit().log(s); - } - } - } + } catch (APIException | IOException e1) { + trans.error().log(e1); + } finally { + for(String s : errorSet) { + trans.audit().log(s); + } + } + } - private int notify(AuthzTrans trans, NotifyBody nb) { - List<String> toList = new ArrayList<>(); - List<String> ccList = new ArrayList<>(); - List<String> idList = new ArrayList<>(); + private int notify(AuthzTrans trans, NotifyBody nb) { + List<String> toList = new ArrayList<>(); + List<String> ccList = new ArrayList<>(); + List<String> idList = new ArrayList<>(); - String run = nb.type()+nb.name(); - String test = dryRun?run:null; - - ONE_EMAIL: - for(String id : nb.users()) { - toList.clear(); - ccList.clear(); - idList.clear(); - try { - List<Identity> identities = trans.org().getIDs(trans, id, nb.escalation()); - if(identities.isEmpty()) { - trans.warn().printf("%s is invalid for this Organization. Skipping notification.",id); - } else { - Identity identity = null; - for(Identity ident : identities) { - if(identity==null) { - identity = ident; - toList.add(ident.email()); - } else { - ccList.add(ident.email()); - } - idList.add(ident.fullID()); - } - if(identity==null) { // Actually, identity can't be null here, because - break; // if(identities.isEmpty() {..} else {... <here> - } // So this is here to avoid Sonar false positive only - StringBuilder content = new StringBuilder(); - content.append(String.format(header,version,Identity.mixedCase(identity.firstName()))); + String run = nb.type()+nb.name(); + String test = dryRun?run:null; + + ONE_EMAIL: + for(String id : nb.users()) { + toList.clear(); + ccList.clear(); + idList.clear(); + try { + List<Identity> identities = trans.org().getIDs(trans, id, nb.escalation()); + if(identities.isEmpty()) { + trans.warn().printf("%s is invalid for this Organization. Skipping notification.",id); + } else { + Identity identity = null; + for(Identity ident : identities) { + if(identity==null) { + identity = ident; + toList.add(ident.email()); + } else { + ccList.add(ident.email()); + } + idList.add(ident.fullID()); + } + if(identity==null) { // Actually, identity can't be null here, because + break; // if(identities.isEmpty() {..} else {... <here> + } // So this is here to avoid Sonar false positive only + StringBuilder content = new StringBuilder(); + content.append(String.format(header,version,Identity.mixedCase(identity.firstName()))); - nb.body(trans, content, indent, this, id); - content.append(footer); + nb.body(trans, content, indent, this, id); + content.append(footer); - if(mailer.sendEmail(trans, test, toList, ccList, nb.subject(),content.toString(), urgent)) { - nb.record(trans,cbl.inc(), id, idList, lastN); - nb.inc(); - } else { - trans.error().log("Mailer failed to send Mail"); - } - if(maxEmails>0 && nb.count()>=maxEmails) { - break ONE_EMAIL; - } - } - } catch (OrganizationException e) { - trans.error().log(e); - } - } - cbl.flush(); - return nb.count(); - } + if(mailer.sendEmail(trans, test, toList, ccList, nb.subject(),content.toString(), urgent)) { + nb.record(trans,cbl.inc(), id, idList, lastN); + nb.inc(); + } else { + trans.error().log("Mailer failed to send Mail"); + } + if(maxEmails>0 && nb.count()>=maxEmails) { + break ONE_EMAIL; + } + } + } catch (OrganizationException e) { + trans.error().log(e); + } + } + cbl.flush(); + return nb.count(); + } - /* (non-Javadoc) - * @see org.onap.aaf.auth.batch.Batch#_close(org.onap.aaf.auth.env.AuthzTrans) - */ - @Override - protected void _close(AuthzTrans trans) { - cbl.flush(); - } + /* (non-Javadoc) + * @see org.onap.aaf.auth.batch.Batch#_close(org.onap.aaf.auth.env.AuthzTrans) + */ + @Override + protected void _close(AuthzTrans trans) { + cbl.flush(); + } } diff --git a/auth/auth-batch/src/main/java/org/onap/aaf/auth/batch/reports/PrepExtend.java b/auth/auth-batch/src/main/java/org/onap/aaf/auth/batch/reports/PrepExtend.java index 47a1b600..bcdd4401 100644 --- a/auth/auth-batch/src/main/java/org/onap/aaf/auth/batch/reports/PrepExtend.java +++ b/auth/auth-batch/src/main/java/org/onap/aaf/auth/batch/reports/PrepExtend.java @@ -44,141 +44,141 @@ import org.onap.aaf.misc.env.util.Chrono; public class PrepExtend extends Batch { - public static final String PREP_EXTEND = "PrepExtend"; - private static final String CSV = ".csv"; - private static final String INFO = "info"; + public static final String PREP_EXTEND = "PrepExtend"; + private static final String CSV = ".csv"; + private static final String INFO = "info"; - /** - * Create a list of Creds and UserRoles to extend - * Note: Certificates cannot be renewed in this way. - * - * Arguments From (0 = today, -2 = 2 weeks back) and To (weeks from today) - * - * @param trans - * @throws APIException - * @throws IOException - * @throws OrganizationException - */ - public PrepExtend(AuthzTrans trans) throws APIException, IOException, OrganizationException { - super(trans.env()); - trans.info().log("Starting Connection Process"); + /** + * Create a list of Creds and UserRoles to extend + * Note: Certificates cannot be renewed in this way. + * + * Arguments From (0 = today, -2 = 2 weeks back) and To (weeks from today) + * + * @param trans + * @throws APIException + * @throws IOException + * @throws OrganizationException + */ + public PrepExtend(AuthzTrans trans) throws APIException, IOException, OrganizationException { + super(trans.env()); + trans.info().log("Starting Connection Process"); - TimeTaken tt0 = trans.start("Cassandra Initialization", Env.SUB); - try { - TimeTaken tt = trans.start("Connect to Cluster", Env.REMOTE); - try { - session = cluster.connect(); - } finally { - tt.done(); - } - } finally { - tt0.done(); - } - } + TimeTaken tt0 = trans.start("Cassandra Initialization", Env.SUB); + try { + TimeTaken tt = trans.start("Connect to Cluster", Env.REMOTE); + try { + session = cluster.connect(); + } finally { + tt.done(); + } + } finally { + tt0.done(); + } + } - @Override - protected void run(AuthzTrans trans) { - GregorianCalendar gc = new GregorianCalendar(); - Date now = gc.getTime(); - - int ifrom = 0; - int ito = 4; - - for(int i=0; i< args().length;++i) { - switch(args()[i]) { - case "-from": - if(args().length>i+1) { - ifrom = Integer.parseInt(args()[i++ +1]); - } - break; - case "-to": - if(args().length>i+1) { - ito = Integer.parseInt(args()[i++ +1]); - } - break; - } - } - if(ifrom < -4) { - System.err.println("Invalid -from param"); - return; - } - - if(ito<=0 || ito>24 || ifrom>ito) { - System.err.println("Invalid -to param"); - return; - } - - // Make sure to is Zero based from today. - if(ifrom<0) { - ito+= ifrom*-1; - } - - gc.add(GregorianCalendar.WEEK_OF_MONTH, ifrom); - Date from = gc.getTime(); - - gc.add(GregorianCalendar.WEEK_OF_MONTH, ito /* with From calculated in */); - Date to = gc.getTime(); - - try { - File file = new File(logDir(), PREP_EXTEND + Chrono.dateOnlyStamp(now) + CSV); - final CSV puntCSV = new CSV(env.access(),file); - final Writer cw = puntCSV.writer(); - cw.row(INFO,PREP_EXTEND,Chrono.dateOnlyStamp(now),0); + @Override + protected void run(AuthzTrans trans) { + GregorianCalendar gc = new GregorianCalendar(); + Date now = gc.getTime(); + + int ifrom = 0; + int ito = 4; + + for(int i=0; i< args().length;++i) { + switch(args()[i]) { + case "-from": + if(args().length>i+1) { + ifrom = Integer.parseInt(args()[i++ +1]); + } + break; + case "-to": + if(args().length>i+1) { + ito = Integer.parseInt(args()[i++ +1]); + } + break; + } + } + if(ifrom < -4) { + System.err.println("Invalid -from param"); + return; + } + + if(ito<=0 || ito>24 || ifrom>ito) { + System.err.println("Invalid -to param"); + return; + } + + // Make sure to is Zero based from today. + if(ifrom<0) { + ito+= ifrom*-1; + } + + gc.add(GregorianCalendar.WEEK_OF_MONTH, ifrom); + Date from = gc.getTime(); + + gc.add(GregorianCalendar.WEEK_OF_MONTH, ito /* with From calculated in */); + Date to = gc.getTime(); + + try { + File file = new File(logDir(), PREP_EXTEND + Chrono.dateOnlyStamp(now) + CSV); + final CSV puntCSV = new CSV(env.access(),file); + final Writer cw = puntCSV.writer(); + cw.row(INFO,PREP_EXTEND,Chrono.dateOnlyStamp(now),0); - try { - trans.info().log("Process UserRoles for Extending"); - /** - Run through User Roles. - If match Date Range, write out to appropriate file. - */ - UserRole.load(trans, session, UserRole.v2_0_11, ur -> { - if(from.before(ur.expires()) && to.after(ur.expires())) { - ur.row(cw,UserRole.UR); - } - }); - - trans.info().log("Process BasicAuth for Extending"); - TimeTaken tt0 = trans.start("Load Credentials", Env.REMOTE); - try { - // Load only Valid Basic Auth - Cred.load(trans, session, CredDAO.BASIC_AUTH_SHA256); - } finally { - tt0.done(); - } + try { + trans.info().log("Process UserRoles for Extending"); + /** + Run through User Roles. + If match Date Range, write out to appropriate file. + */ + UserRole.load(trans, session, UserRole.v2_0_11, ur -> { + if(from.before(ur.expires()) && to.after(ur.expires())) { + ur.row(cw,UserRole.UR); + } + }); + + trans.info().log("Process BasicAuth for Extending"); + TimeTaken tt0 = trans.start("Load Credentials", Env.REMOTE); + try { + // Load only Valid Basic Auth + Cred.load(trans, session, CredDAO.BASIC_AUTH_SHA256); + } finally { + tt0.done(); + } - /** - Run through Creds. - If match Date Range, write out to appropriate file. - */ - Map<Integer,Instance> imap = new HashMap<>(); - Instance prev; - for(Cred cred : Cred.data.values()) { - imap.clear(); - for(Instance i : cred.instances) { - if(from.before(i.expires) && to.after(i.expires)) { - prev = imap.get(i.other); - // Only do LATEST instance of same cred (accounts for previously extended creds) - if(prev==null || prev.expires.before(i.expires)) { - imap.put(i.other,i); - } - } - }; - for(Instance i: imap.values()) { - cred.row(cw,i); - } - } - } finally { - cw.close(); - } - } catch (FileNotFoundException e) { - e.printStackTrace(); - } - } - @Override - protected void _close(AuthzTrans trans) { - session.close(); - } + /** + Run through Creds. + If match Date Range, write out to appropriate file. + */ + Map<Integer,Instance> imap = new HashMap<>(); + Instance prev; + for(Cred cred : Cred.data.values()) { + imap.clear(); + for(Instance i : cred.instances) { + if(from.before(i.expires) && to.after(i.expires)) { + prev = imap.get(i.other); + // Only do LATEST instance of same cred (accounts for previously extended creds) + if(prev==null || prev.expires.before(i.expires)) { + imap.put(i.other,i); + } + } + }; + for(Instance i: imap.values()) { + cred.row(cw,i); + } + } + } finally { + cw.close(); + } + } catch (FileNotFoundException e) { + e.printStackTrace(); + } + } + @Override + protected void _close(AuthzTrans trans) { + session.close(); + } } diff --git a/auth/auth-batch/src/main/java/org/onap/aaf/auth/batch/reports/bodies/NotifyBody.java b/auth/auth-batch/src/main/java/org/onap/aaf/auth/batch/reports/bodies/NotifyBody.java index ae7daa09..ec8d1451 100644 --- a/auth/auth-batch/src/main/java/org/onap/aaf/auth/batch/reports/bodies/NotifyBody.java +++ b/auth/auth-batch/src/main/java/org/onap/aaf/auth/batch/reports/bodies/NotifyBody.java @@ -46,217 +46,217 @@ import org.onap.aaf.cadi.Access; import org.onap.aaf.misc.env.APIException; public abstract class NotifyBody { - private static final String DUPL = "<td style=\"text-indent: 4em;\">''</td>"; - private static final Map<String,NotifyBody> bodyMap = new HashMap<>(); + private static final String DUPL = "<td style=\"text-indent: 4em;\">''</td>"; + private static final Map<String,NotifyBody> bodyMap = new HashMap<>(); - protected Map<String,List<List<String>>> rows; - protected final String env; - protected final String gui_url; - - private final String name; - private final String type; - private String date; - private int escalation; - private int count; - - public NotifyBody(Access access, final String type, final String name) { - rows = new TreeMap<>(); - this.name = name; - this.type = type; - date=""; - escalation = 1; - count = 0; - env = access.getProperty("CASS_ENV","DEVL"); - gui_url = access.getProperty("GUI_URL", ""); - } - - public void store(List<String> row) { - if(!row.isEmpty()) { - if("info".equals(row.get(0))) { - if(row.size()>2) { - date = row.get(2); - } - if(row.size()>3) { - escalation = Integer.parseInt(row.get(3)); - } - return; - } else if(type.equals(row.get(0))) { - String user = user(row); - if(user!=null) { - List<List<String>> lss = rows.get(user); - if(lss == null) { - lss = new ArrayList<>(); - rows.put(user,lss); - } - lss.add(row); - } - } - } - } + protected Map<String,List<List<String>>> rows; + protected final String env; + protected final String gui_url; + + private final String name; + private final String type; + private String date; + private int escalation; + private int count; + + public NotifyBody(Access access, final String type, final String name) { + rows = new TreeMap<>(); + this.name = name; + this.type = type; + date=""; + escalation = 1; + count = 0; + env = access.getProperty("CASS_ENV","DEVL"); + gui_url = access.getProperty("GUI_URL", ""); + } + + public void store(List<String> row) { + if(!row.isEmpty()) { + if("info".equals(row.get(0))) { + if(row.size()>2) { + date = row.get(2); + } + if(row.size()>3) { + escalation = Integer.parseInt(row.get(3)); + } + return; + } else if(type.equals(row.get(0))) { + String user = user(row); + if(user!=null) { + List<List<String>> lss = rows.get(user); + if(lss == null) { + lss = new ArrayList<>(); + rows.put(user,lss); + } + lss.add(row); + } + } + } + } - public String name() { - return name; - } - - public String type() { - return type; - } - - public String date() { - return date; - } - public int escalation() { - return escalation; - } - - public Set<String> users() { - return rows.keySet(); - } - - /** - * ID must be set from Row for Email lookup - * - * @param trans - * @param n - * @param id - * @param row - * @return - */ - public abstract boolean body(AuthzTrans trans, StringBuilder sb, int indent, Notify n, String id); - - /** - * Return "null" if user not found in row... Code will handle. - * @param row - * @return - */ - protected abstract String user(List<String> row); - - /** - * Provide a context-sensitive Subject, which includes ENV as well as details - * - * @return - */ - public abstract String subject(); + public String name() { + return name; + } + + public String type() { + return type; + } + + public String date() { + return date; + } + public int escalation() { + return escalation; + } + + public Set<String> users() { + return rows.keySet(); + } + + /** + * ID must be set from Row for Email lookup + * + * @param trans + * @param n + * @param id + * @param row + * @return + */ + public abstract boolean body(AuthzTrans trans, StringBuilder sb, int indent, Notify n, String id); + + /** + * Return "null" if user not found in row... Code will handle. + * @param row + * @return + */ + protected abstract String user(List<String> row); + + /** + * Provide a context-sensitive Subject, which includes ENV as well as details + * + * @return + */ + public abstract String subject(); - /** - * Record the fact that a particular Notification was marked as "sent" by Emailer. - * - * @param trans - * @param approver - * @param ln - */ - public abstract void record(AuthzTrans trans, StringBuilder query, String id, List<String> notified, LastNotified ln); - - /** - * Get Notify Body based on key of - * type|name - */ - public static NotifyBody get(String key) { - return bodyMap.get(key); - } - - /** - * Return set of loaded NotifyBodies - * - */ - public static Collection<NotifyBody> getAll() { - // Note: The same Notify Body is entered several times with different keys. - // Therefore, need a Set of Values, not all the Values. - Set<NotifyBody> set = new HashSet<>(); - set.addAll(bodyMap.values()); - return set; - } - - /** - * @param propAccess - * @throws URISyntaxException - * - */ - public static void load(Access access) throws APIException, IOException { - // class load available NotifyBodies - ClassLoader cl = Thread.currentThread().getContextClassLoader(); - Package pkg = NotifyBody.class.getPackage(); - String path = pkg.getName().replace('.', '/'); - URL url = cl.getResource(path); - List<String> classNames = new ArrayList<>(); - String urlString = url.toString(); - if(urlString.startsWith("jar:file:")) { - int exclam = urlString.lastIndexOf('!'); - JarFile jf = new JarFile(urlString.substring(9,exclam)); - try { - Enumeration<JarEntry> jfe = jf.entries(); - while(jfe.hasMoreElements()) { - String name = jfe.nextElement().getName(); - if(name.startsWith(path) && name.endsWith(".class")) { - classNames.add(name.substring(0,name.length()-6).replace('/', '.')); - } - } - } finally { - jf.close(); - } - } else { - File dir = new File(url.getFile()); - for( String f : dir.list()) { - if(f.endsWith(".class")) { - classNames.add(pkg.getName()+'.'+f.substring(0,f.length()-6)); - } - } - } - for(String cls : classNames) { - try { - Class<?> c = cl.loadClass(cls); - if(c!=null) { - if(!Modifier.isAbstract(c.getModifiers())) { - Constructor<?> cst = c.getConstructor(Access.class); - NotifyBody nb = (NotifyBody)cst.newInstance(access); - if(nb!=null) { - bodyMap.put("info|"+nb.name, nb); - bodyMap.put(nb.type+'|'+nb.name, nb); - } - } - } - } catch (ClassNotFoundException | NoSuchMethodException | SecurityException | InstantiationException | IllegalAccessException | IllegalArgumentException | InvocationTargetException e) { - e.printStackTrace(); - } - } - } + /** + * Record the fact that a particular Notification was marked as "sent" by Emailer. + * + * @param trans + * @param approver + * @param ln + */ + public abstract void record(AuthzTrans trans, StringBuilder query, String id, List<String> notified, LastNotified ln); + + /** + * Get Notify Body based on key of + * type|name + */ + public static NotifyBody get(String key) { + return bodyMap.get(key); + } + + /** + * Return set of loaded NotifyBodies + * + */ + public static Collection<NotifyBody> getAll() { + // Note: The same Notify Body is entered several times with different keys. + // Therefore, need a Set of Values, not all the Values. + Set<NotifyBody> set = new HashSet<>(); + set.addAll(bodyMap.values()); + return set; + } + + /** + * @param propAccess + * @throws URISyntaxException + * + */ + public static void load(Access access) throws APIException, IOException { + // class load available NotifyBodies + ClassLoader cl = Thread.currentThread().getContextClassLoader(); + Package pkg = NotifyBody.class.getPackage(); + String path = pkg.getName().replace('.', '/'); + URL url = cl.getResource(path); + List<String> classNames = new ArrayList<>(); + String urlString = url.toString(); + if(urlString.startsWith("jar:file:")) { + int exclam = urlString.lastIndexOf('!'); + JarFile jf = new JarFile(urlString.substring(9,exclam)); + try { + Enumeration<JarEntry> jfe = jf.entries(); + while(jfe.hasMoreElements()) { + String name = jfe.nextElement().getName(); + if(name.startsWith(path) && name.endsWith(".class")) { + classNames.add(name.substring(0,name.length()-6).replace('/', '.')); + } + } + } finally { + jf.close(); + } + } else { + File dir = new File(url.getFile()); + for( String f : dir.list()) { + if(f.endsWith(".class")) { + classNames.add(pkg.getName()+'.'+f.substring(0,f.length()-6)); + } + } + } + for(String cls : classNames) { + try { + Class<?> c = cl.loadClass(cls); + if(c!=null) { + if(!Modifier.isAbstract(c.getModifiers())) { + Constructor<?> cst = c.getConstructor(Access.class); + NotifyBody nb = (NotifyBody)cst.newInstance(access); + if(nb!=null) { + bodyMap.put("info|"+nb.name, nb); + bodyMap.put(nb.type+'|'+nb.name, nb); + } + } + } + } catch (ClassNotFoundException | NoSuchMethodException | SecurityException | InstantiationException | IllegalAccessException | IllegalArgumentException | InvocationTargetException e) { + e.printStackTrace(); + } + } + } - protected void print(StringBuilder sb, int indent, Object ... objs) { - for(int i=0;i<indent;++i) { - sb.append(' '); - } - for(Object o : objs) { - sb.append(o.toString()); - } - } - - protected void println(StringBuilder sb, int indent, Object ... objs) { - print(sb,indent,objs); - sb.append('\n'); - } + protected void print(StringBuilder sb, int indent, Object ... objs) { + for(int i=0;i<indent;++i) { + sb.append(' '); + } + for(Object o : objs) { + sb.append(o.toString()); + } + } + + protected void println(StringBuilder sb, int indent, Object ... objs) { + print(sb,indent,objs); + sb.append('\n'); + } - protected void printf(StringBuilder sb, int indent, String fmt, Object ... objs) { - print(sb,indent,String.format(fmt, objs)); - } + protected void printf(StringBuilder sb, int indent, String fmt, Object ... objs) { + print(sb,indent,String.format(fmt, objs)); + } - protected String printCell(StringBuilder sb, int indent, String current, String prev) { - if(current.equals(prev)) { - println(sb,indent,DUPL); - } else { - printCell(sb,indent,current); - } - return current; // use to set prev... - } - - protected void printCell(StringBuilder sb, int indent, String current) { - println(sb,indent,"<td>",current,"</td>"); - } - - public synchronized void inc() { - ++count; - } - - public int count() { - return count; - } + protected String printCell(StringBuilder sb, int indent, String current, String prev) { + if(current.equals(prev)) { + println(sb,indent,DUPL); + } else { + printCell(sb,indent,current); + } + return current; // use to set prev... + } + + protected void printCell(StringBuilder sb, int indent, String current) { + println(sb,indent,"<td>",current,"</td>"); + } + + public synchronized void inc() { + ++count; + } + + public int count() { + return count; + } } diff --git a/auth/auth-batch/src/main/java/org/onap/aaf/auth/batch/reports/bodies/NotifyCredBody.java b/auth/auth-batch/src/main/java/org/onap/aaf/auth/batch/reports/bodies/NotifyCredBody.java index 72fed8ab..7001c024 100644 --- a/auth/auth-batch/src/main/java/org/onap/aaf/auth/batch/reports/bodies/NotifyCredBody.java +++ b/auth/auth-batch/src/main/java/org/onap/aaf/auth/batch/reports/bodies/NotifyCredBody.java @@ -34,110 +34,110 @@ import org.onap.aaf.misc.env.util.Chrono; public abstract class NotifyCredBody extends NotifyBody { - private final String explanation; - private final String instruction; - - public NotifyCredBody(Access access, String name) { - super(access,"cred",name); - - // Default - explanation = "The following Credentials that you are responsible for " - + "are expiring on the dates shown. <br><br>" - ; - + private final String explanation; + private final String instruction; + + public NotifyCredBody(Access access, String name) { + super(access,"cred",name); + + // Default + explanation = "The following Credentials that you are responsible for " + + "are expiring on the dates shown. <br><br>" + ; + instruction = "<br><h3>Instructions for 'Password':</h3><ul>" - + "<li><b><i>Click</i></b> on the Fully Qualified ID to ADD a new Password</li>" - + "<li><b>REMEMBER!</b> You are not finished until you <ol>" - + "<li><b>CHANGE <i>ALL</i></b> the configurations on <b><i>ALL</i></b> your processes!!</li>" - + "<li><b>BOUNCE</b> them</li></ol>" - + "<li>IF there is a WARNING, click the link for more information</li>" - + "</ul>"; - } - - /** - * Default Dynamic Text. Override is expected - * @return - */ - protected String dynamic() { - return "Failure to act before the expiration date will cause your App's Authentications to fail."; - } + + "<li><b><i>Click</i></b> on the Fully Qualified ID to ADD a new Password</li>" + + "<li><b>REMEMBER!</b> You are not finished until you <ol>" + + "<li><b>CHANGE <i>ALL</i></b> the configurations on <b><i>ALL</i></b> your processes!!</li>" + + "<li><b>BOUNCE</b> them</li></ol>" + + "<li>IF there is a WARNING, click the link for more information</li>" + + "</ul>"; + } + + /** + * Default Dynamic Text. Override is expected + * @return + */ + protected String dynamic() { + return "Failure to act before the expiration date will cause your App's Authentications to fail."; + } - @Override - public boolean body(AuthzTrans trans, StringBuilder sb, int indent, Notify n, String id) { - print(sb,indent,explanation); - print(sb,indent,dynamic()); - println(sb,indent,instruction); - println(sb,indent,"<table>"); - indent+=2; - println(sb,indent,"<tr>"); - indent+=2; - println(sb,indent,"<th>Fully Qualified ID</th>"); - println(sb,indent,"<th>Unique ID</th>"); - println(sb,indent,"<th>Type</th>"); - println(sb,indent,"<th>Expires</th>"); - println(sb,indent,"<th>Warnings</th>"); - indent-=2; - println(sb,indent,"</tr>"); - String theid; - String type; - String info; - String expires; - String warnings; - GregorianCalendar gc = new GregorianCalendar(); - for(List<String> row : rows.get(id)) { - theid=row.get(1); - switch(row.get(3)) { - case "1": - case "2": - type = "Password"; - break; - case "200": - type = "x509 (Certificate)"; - break; - default: - type = "Unknown, see AAF GUI"; - break; - } - theid = "<a href=\""+n.guiURL+"/creddetail?ns="+row.get(2)+"\">"+theid+"</a>"; - gc.setTimeInMillis(Long.parseLong(row.get(5))); - expires = Chrono.niceUTCStamp(gc); - info = row.get(6); - //TODO get Warnings - warnings = ""; - - println(sb,indent,"<tr>"); - indent+=2; - printCell(sb,indent,theid); - printCell(sb,indent,info); - printCell(sb,indent,type); - printCell(sb,indent,expires); - printCell(sb,indent,warnings); - indent-=2; - println(sb,indent,"</tr>"); - } - indent-=2; - println(sb,indent,"</table>"); - - return true; - } - - @Override - public void record(AuthzTrans trans, StringBuilder query, String id, List<String> notified, LastNotified ln) { - for(List<String> row : rows.get(id)) { - for(String n : notified) { - // Need to match LastNotified Key ... cred.id + '|' + inst.type + '|' + inst.tag; - ln.update(query, n, row.get(0), row.get(1)+'|'+row.get(3)+'|'+row.get(6)); - } - } - } + @Override + public boolean body(AuthzTrans trans, StringBuilder sb, int indent, Notify n, String id) { + print(sb,indent,explanation); + print(sb,indent,dynamic()); + println(sb,indent,instruction); + println(sb,indent,"<table>"); + indent+=2; + println(sb,indent,"<tr>"); + indent+=2; + println(sb,indent,"<th>Fully Qualified ID</th>"); + println(sb,indent,"<th>Unique ID</th>"); + println(sb,indent,"<th>Type</th>"); + println(sb,indent,"<th>Expires</th>"); + println(sb,indent,"<th>Warnings</th>"); + indent-=2; + println(sb,indent,"</tr>"); + String theid; + String type; + String info; + String expires; + String warnings; + GregorianCalendar gc = new GregorianCalendar(); + for(List<String> row : rows.get(id)) { + theid=row.get(1); + switch(row.get(3)) { + case "1": + case "2": + type = "Password"; + break; + case "200": + type = "x509 (Certificate)"; + break; + default: + type = "Unknown, see AAF GUI"; + break; + } + theid = "<a href=\""+n.guiURL+"/creddetail?ns="+row.get(2)+"\">"+theid+"</a>"; + gc.setTimeInMillis(Long.parseLong(row.get(5))); + expires = Chrono.niceUTCStamp(gc); + info = row.get(6); + //TODO get Warnings + warnings = ""; + + println(sb,indent,"<tr>"); + indent+=2; + printCell(sb,indent,theid); + printCell(sb,indent,info); + printCell(sb,indent,type); + printCell(sb,indent,expires); + printCell(sb,indent,warnings); + indent-=2; + println(sb,indent,"</tr>"); + } + indent-=2; + println(sb,indent,"</table>"); + + return true; + } + + @Override + public void record(AuthzTrans trans, StringBuilder query, String id, List<String> notified, LastNotified ln) { + for(List<String> row : rows.get(id)) { + for(String n : notified) { + // Need to match LastNotified Key ... cred.id + '|' + inst.type + '|' + inst.tag; + ln.update(query, n, row.get(0), row.get(1)+'|'+row.get(3)+'|'+row.get(6)); + } + } + } - @Override - public String user(List<String> row) { - if( (row != null) && row.size()>1) { - return row.get(1); - } - return null; - } + @Override + public String user(List<String> row) { + if( (row != null) && row.size()>1) { + return row.get(1); + } + return null; + } } diff --git a/auth/auth-batch/src/main/java/org/onap/aaf/auth/batch/reports/bodies/NotifyPendingApprBody.java b/auth/auth-batch/src/main/java/org/onap/aaf/auth/batch/reports/bodies/NotifyPendingApprBody.java index 8019e446..76a44166 100644 --- a/auth/auth-batch/src/main/java/org/onap/aaf/auth/batch/reports/bodies/NotifyPendingApprBody.java +++ b/auth/auth-batch/src/main/java/org/onap/aaf/auth/batch/reports/bodies/NotifyPendingApprBody.java @@ -29,58 +29,58 @@ import org.onap.aaf.cadi.Access; public class NotifyPendingApprBody extends NotifyBody { - public NotifyPendingApprBody(Access access) { - super(access,"appr","PendingApproval"); - } + public NotifyPendingApprBody(Access access) { + super(access,"appr","PendingApproval"); + } - @Override - public boolean body(AuthzTrans trans, StringBuilder sb, int indent, Notify n, String id) { - boolean rv = false; - for(List<String> row : rows.get(id)) { - String qty = row.get(2); - if("1".equals(qty)) { - printf(sb,indent,"You have an Approval in the AAF %s Environment awaiting your decision.\n",row.get(3)); - } else { - printf(sb,indent,"You have %s Approvals in the AAF %s Environment awaiting your decision.\n",qty,row.get(3)); - } - printf(sb,indent,"<br><br><b>ACTION:</b> <i>Click on</i> <a href=\"%s/approve\">AAF Approval Page</a>",n.guiURL); - rv = true; - break; // only one - } - - return rv; - } + @Override + public boolean body(AuthzTrans trans, StringBuilder sb, int indent, Notify n, String id) { + boolean rv = false; + for(List<String> row : rows.get(id)) { + String qty = row.get(2); + if("1".equals(qty)) { + printf(sb,indent,"You have an Approval in the AAF %s Environment awaiting your decision.\n",row.get(3)); + } else { + printf(sb,indent,"You have %s Approvals in the AAF %s Environment awaiting your decision.\n",qty,row.get(3)); + } + printf(sb,indent,"<br><br><b>ACTION:</b> <i>Click on</i> <a href=\"%s/approve\">AAF Approval Page</a>",n.guiURL); + rv = true; + break; // only one + } + + return rv; + } - @Override - public String user(List<String> row) { - if( (row != null) && row.size()>1) { - return row.get(1); - } - return null; - } + @Override + public String user(List<String> row) { + if( (row != null) && row.size()>1) { + return row.get(1); + } + return null; + } - @Override - public String subject() { - return String.format("AAF Pending Approval Notification (ENV: %s)",env); - } + @Override + public String subject() { + return String.format("AAF Pending Approval Notification (ENV: %s)",env); + } - - @Override - public void record(AuthzTrans trans, StringBuilder query, String id, List<String> notified, LastNotified lastN) { - for(String n : notified) { - // No special key for Pending Requests. - lastN.update(query,n,"pending",""); - } - } - - /* (non-Javadoc) - * @see org.onap.aaf.auth.batch.reports.bodies.NotifyBody#store(java.util.List) - */ - @Override - public void store(List<String> row) { - // Notify Pending is setup for 1 Notification at a time - super.rows.clear(); - super.store(row); - } + + @Override + public void record(AuthzTrans trans, StringBuilder query, String id, List<String> notified, LastNotified lastN) { + for(String n : notified) { + // No special key for Pending Requests. + lastN.update(query,n,"pending",""); + } + } + + /* (non-Javadoc) + * @see org.onap.aaf.auth.batch.reports.bodies.NotifyBody#store(java.util.List) + */ + @Override + public void store(List<String> row) { + // Notify Pending is setup for 1 Notification at a time + super.rows.clear(); + super.store(row); + } } diff --git a/auth/auth-batch/src/main/java/org/onap/aaf/auth/batch/reports/bodies/OneMonthNotifyCredBody.java b/auth/auth-batch/src/main/java/org/onap/aaf/auth/batch/reports/bodies/OneMonthNotifyCredBody.java index 866dc23c..8747ebf8 100644 --- a/auth/auth-batch/src/main/java/org/onap/aaf/auth/batch/reports/bodies/OneMonthNotifyCredBody.java +++ b/auth/auth-batch/src/main/java/org/onap/aaf/auth/batch/reports/bodies/OneMonthNotifyCredBody.java @@ -26,20 +26,20 @@ import org.onap.aaf.auth.batch.helpers.ExpireRange; import org.onap.aaf.cadi.Access; public class OneMonthNotifyCredBody extends NotifyCredBody { - public OneMonthNotifyCredBody(Access access) throws IOException { - super(access, ExpireRange.ONE_MONTH); - } - - @Override - public String subject() { - return String.format("AAF One Month Credential Notification (ENV: %s)",env); - } - - /* (non-Javadoc) - * @see org.onap.aaf.auth.batch.reports.bodies.NotifyCredBody#dynamic() - */ - @Override - protected String dynamic() { - return "This is your <b>one month</b> notification. " + super.dynamic(); - } + public OneMonthNotifyCredBody(Access access) throws IOException { + super(access, ExpireRange.ONE_MONTH); + } + + @Override + public String subject() { + return String.format("AAF One Month Credential Notification (ENV: %s)",env); + } + + /* (non-Javadoc) + * @see org.onap.aaf.auth.batch.reports.bodies.NotifyCredBody#dynamic() + */ + @Override + protected String dynamic() { + return "This is your <b>one month</b> notification. " + super.dynamic(); + } } diff --git a/auth/auth-batch/src/main/java/org/onap/aaf/auth/batch/reports/bodies/OneWeekNotifyCredBody.java b/auth/auth-batch/src/main/java/org/onap/aaf/auth/batch/reports/bodies/OneWeekNotifyCredBody.java index e28388d5..a1277d55 100644 --- a/auth/auth-batch/src/main/java/org/onap/aaf/auth/batch/reports/bodies/OneWeekNotifyCredBody.java +++ b/auth/auth-batch/src/main/java/org/onap/aaf/auth/batch/reports/bodies/OneWeekNotifyCredBody.java @@ -26,20 +26,20 @@ import org.onap.aaf.auth.batch.helpers.ExpireRange; import org.onap.aaf.cadi.Access; public class OneWeekNotifyCredBody extends NotifyCredBody { - public OneWeekNotifyCredBody(Access access) throws IOException { - super(access, ExpireRange.ONE_WEEK); - } + public OneWeekNotifyCredBody(Access access) throws IOException { + super(access, ExpireRange.ONE_WEEK); + } - @Override - public String subject() { - return String.format("AAF Final Week Credential Notification (ENV: %s)",env); - } - - /* (non-Javadoc) - * @see org.onap.aaf.auth.batch.reports.bodies.NotifyCredBody#dynamic() - */ - @Override - protected String dynamic() { - return "Failure for your App is <b><i>IMMINENT</i></b>. This email is escalated to your superior and General Manager. " + super.dynamic(); - } + @Override + public String subject() { + return String.format("AAF Final Week Credential Notification (ENV: %s)",env); + } + + /* (non-Javadoc) + * @see org.onap.aaf.auth.batch.reports.bodies.NotifyCredBody#dynamic() + */ + @Override + protected String dynamic() { + return "Failure for your App is <b><i>IMMINENT</i></b>. This email is escalated to your superior and General Manager. " + super.dynamic(); + } } diff --git a/auth/auth-batch/src/main/java/org/onap/aaf/auth/batch/reports/bodies/TwoMonthNotifyCredBody.java b/auth/auth-batch/src/main/java/org/onap/aaf/auth/batch/reports/bodies/TwoMonthNotifyCredBody.java index 98ee47d9..9d699cc3 100644 --- a/auth/auth-batch/src/main/java/org/onap/aaf/auth/batch/reports/bodies/TwoMonthNotifyCredBody.java +++ b/auth/auth-batch/src/main/java/org/onap/aaf/auth/batch/reports/bodies/TwoMonthNotifyCredBody.java @@ -26,22 +26,22 @@ import org.onap.aaf.auth.batch.helpers.ExpireRange; import org.onap.aaf.cadi.Access; public class TwoMonthNotifyCredBody extends NotifyCredBody { - public TwoMonthNotifyCredBody(Access access) throws IOException { - super(access, ExpireRange.TWO_MONTH); - } - - @Override - public String subject() { - return String.format("AAF Two Month Credential Notification (ENV: %s)",env); - } + public TwoMonthNotifyCredBody(Access access) throws IOException { + super(access, ExpireRange.TWO_MONTH); + } + + @Override + public String subject() { + return String.format("AAF Two Month Credential Notification (ENV: %s)",env); + } - /* (non-Javadoc) - * @see org.onap.aaf.auth.batch.reports.bodies.NotifyCredBody#dynamic() - */ - @Override - protected String dynamic() { - return "This is a friendly, <b>2 month reminder</b> to schedule appropriate creation and deployment " - + "of your credentials, and modification of your configurations on a per instance basis. " - + " Use the following text to help create your Ticket."; - } + /* (non-Javadoc) + * @see org.onap.aaf.auth.batch.reports.bodies.NotifyCredBody#dynamic() + */ + @Override + protected String dynamic() { + return "This is a friendly, <b>2 month reminder</b> to schedule appropriate creation and deployment " + + "of your credentials, and modification of your configurations on a per instance basis. " + + " Use the following text to help create your Ticket."; + } } diff --git a/auth/auth-batch/src/main/java/org/onap/aaf/auth/batch/reports/bodies/TwoWeeksNotifyCredBody.java b/auth/auth-batch/src/main/java/org/onap/aaf/auth/batch/reports/bodies/TwoWeeksNotifyCredBody.java index 46188568..77062f38 100644 --- a/auth/auth-batch/src/main/java/org/onap/aaf/auth/batch/reports/bodies/TwoWeeksNotifyCredBody.java +++ b/auth/auth-batch/src/main/java/org/onap/aaf/auth/batch/reports/bodies/TwoWeeksNotifyCredBody.java @@ -26,20 +26,20 @@ import org.onap.aaf.auth.batch.helpers.ExpireRange; import org.onap.aaf.cadi.Access; public class TwoWeeksNotifyCredBody extends NotifyCredBody { - public TwoWeeksNotifyCredBody(Access access) throws IOException { - super(access, ExpireRange.TWO_WEEK); - } + public TwoWeeksNotifyCredBody(Access access) throws IOException { + super(access, ExpireRange.TWO_WEEK); + } - @Override - public String subject() { - return String.format("AAF Two Week Credential Notification (ENV: %s)",env); - } - - /* (non-Javadoc) - * @see org.onap.aaf.auth.batch.reports.bodies.NotifyCredBody#dynamic() - */ - @Override - protected String dynamic() { - return "You have now reached critical stage. This email is escalated to your superiors. " + super.dynamic(); - } + @Override + public String subject() { + return String.format("AAF Two Week Credential Notification (ENV: %s)",env); + } + + /* (non-Javadoc) + * @see org.onap.aaf.auth.batch.reports.bodies.NotifyCredBody#dynamic() + */ + @Override + protected String dynamic() { + return "You have now reached critical stage. This email is escalated to your superiors. " + super.dynamic(); + } } diff --git a/auth/auth-batch/src/main/java/org/onap/aaf/auth/batch/temp/DataMigrateDublin.java b/auth/auth-batch/src/main/java/org/onap/aaf/auth/batch/temp/DataMigrateDublin.java index 35970f50..e2d052ac 100644 --- a/auth/auth-batch/src/main/java/org/onap/aaf/auth/batch/temp/DataMigrateDublin.java +++ b/auth/auth-batch/src/main/java/org/onap/aaf/auth/batch/temp/DataMigrateDublin.java @@ -50,11 +50,11 @@ import com.datastax.driver.core.ResultSet; import com.datastax.driver.core.Row; public class DataMigrateDublin extends Batch { - private final SecureRandom sr; - private final AuthzTrans noAvg; - - public DataMigrateDublin(AuthzTrans trans) throws APIException, IOException, OrganizationException { - super(trans.env()); + private final SecureRandom sr; + private final AuthzTrans noAvg; + + public DataMigrateDublin(AuthzTrans trans) throws APIException, IOException, OrganizationException { + super(trans.env()); trans.info().log("Starting Connection Process"); noAvg = env.newTransNoAvg(); @@ -62,152 +62,152 @@ public class DataMigrateDublin extends Batch { TimeTaken tt0 = trans.start("Cassandra Initialization", Env.SUB); try { - TimeTaken tt = trans.start("Connect to Cluster", Env.REMOTE); - try { - session = cluster.connect(); - } finally { - tt.done(); - } + TimeTaken tt = trans.start("Connect to Cluster", Env.REMOTE); + try { + session = cluster.connect(); + } finally { + tt.done(); + } } finally { tt0.done(); } sr = new SecureRandom(); - } + } - @Override - protected void run(AuthzTrans trans) { + @Override + protected void run(AuthzTrans trans) { /////////////////////////// trans.info().log("Add UniqueTag to Passwords"); CQLBatchLoop cbl = new CQLBatchLoop(new CQLBatch(noAvg.info(),session), 50, dryRun); try { - ResultSet rs = session.execute("SELECT id,type,expires,cred,tag FROM authz.cred"); - Iterator<Row> iter = rs.iterator(); - Row row; - int count = 0; - byte[] babytes = new byte[6]; - Map<String, List<CredInfo>> mlci = new TreeMap<>(); - Map<String, String> ba_tag = new TreeMap<>(); - while(iter.hasNext()) { - ++count; - row = iter.next(); - String tag = row.getString(4); - int type = row.getInt(1); - switch(type) { - case CredDAO.BASIC_AUTH: - case CredDAO.BASIC_AUTH_SHA256: - String key = row.getString(0) + '|' + type + '|' + Hash.toHex(row.getBytesUnsafe(3).array()); - String btag = ba_tag.get(key); - if(btag == null) { - if(tag==null || tag.isEmpty()) { - sr.nextBytes(babytes); - btag = Hash.toHexNo0x(babytes); - } else { - btag = tag; - } - ba_tag.put(key, btag); - } - - if(!btag.equals(tag)) { - update(cbl,row,btag); - } - break; - case CredDAO.CERT_SHA256_RSA: - if(tag==null || tag.isEmpty()) { - String id = row.getString(0); - List<CredInfo> ld = mlci.get(id); - if(ld==null) { - ld = new ArrayList<>(); - mlci.put(id,ld); - } - ld.add(new CredInfo(id,row.getInt(1),row.getTimestamp(2))); - } - break; - } - } - cbl.flush(); - trans.info().printf("Processes %d cred records, updated %d records in %d batches.", count, cbl.total(), cbl.batches()); - count = 0; - - cbl.reset(); - + ResultSet rs = session.execute("SELECT id,type,expires,cred,tag FROM authz.cred"); + Iterator<Row> iter = rs.iterator(); + Row row; + int count = 0; + byte[] babytes = new byte[6]; + Map<String, List<CredInfo>> mlci = new TreeMap<>(); + Map<String, String> ba_tag = new TreeMap<>(); + while(iter.hasNext()) { + ++count; + row = iter.next(); + String tag = row.getString(4); + int type = row.getInt(1); + switch(type) { + case CredDAO.BASIC_AUTH: + case CredDAO.BASIC_AUTH_SHA256: + String key = row.getString(0) + '|' + type + '|' + Hash.toHex(row.getBytesUnsafe(3).array()); + String btag = ba_tag.get(key); + if(btag == null) { + if(tag==null || tag.isEmpty()) { + sr.nextBytes(babytes); + btag = Hash.toHexNo0x(babytes); + } else { + btag = tag; + } + ba_tag.put(key, btag); + } + + if(!btag.equals(tag)) { + update(cbl,row,btag); + } + break; + case CredDAO.CERT_SHA256_RSA: + if(tag==null || tag.isEmpty()) { + String id = row.getString(0); + List<CredInfo> ld = mlci.get(id); + if(ld==null) { + ld = new ArrayList<>(); + mlci.put(id,ld); + } + ld.add(new CredInfo(id,row.getInt(1),row.getTimestamp(2))); + } + break; + } + } + cbl.flush(); + trans.info().printf("Processes %d cred records, updated %d records in %d batches.", count, cbl.total(), cbl.batches()); + count = 0; + + cbl.reset(); + trans.info().log("Add Serial to X509 Creds"); rs = session.execute("SELECT ca, id, x509 FROM authz.x509"); iter = rs.iterator(); - while(iter.hasNext()) { - ++count; - row = iter.next(); - String ca = row.getString(0); - String id = row.getString(1); - List<CredInfo> list = mlci.get(id); - if(list!=null) { - ByteBuffer bb = row.getBytesUnsafe(2); - if(bb!=null) { - Collection<? extends Certificate> x509s = Factory.toX509Certificate(bb.array()); - for(Certificate c : x509s) { - X509Certificate xc = (X509Certificate)c; - for(CredInfo ci : list) { - if(xc.getNotAfter().equals(ci.expires)) { - ci.update(cbl, ca + '|' + xc.getSerialNumber()); - break; - } - } - } - } - } - } - cbl.flush(); - trans.info().printf("Processed %d x509 records, updated %d records in %d batches.", count, cbl.total(), cbl.batches()); - count = 0; + while(iter.hasNext()) { + ++count; + row = iter.next(); + String ca = row.getString(0); + String id = row.getString(1); + List<CredInfo> list = mlci.get(id); + if(list!=null) { + ByteBuffer bb = row.getBytesUnsafe(2); + if(bb!=null) { + Collection<? extends Certificate> x509s = Factory.toX509Certificate(bb.array()); + for(Certificate c : x509s) { + X509Certificate xc = (X509Certificate)c; + for(CredInfo ci : list) { + if(xc.getNotAfter().equals(ci.expires)) { + ci.update(cbl, ca + '|' + xc.getSerialNumber()); + break; + } + } + } + } + } + } + cbl.flush(); + trans.info().printf("Processed %d x509 records, updated %d records in %d batches.", count, cbl.total(), cbl.batches()); + count = 0; } catch (Exception e) { - trans.error().log(e); + trans.error().log(e); } - } - - private static class CredInfo { - public final String id; - public final int type; - public final Date expires; - - public CredInfo(String id, int type, Date expires) { - this.id = id; - this.type = type; - this.expires = expires; - } - - public void update(CQLBatchLoop cbl, String newtag) { - StringBuilder sb = cbl.inc(); - sb.append("UPDATE authz.cred SET tag='"); - sb.append(newtag); - sb.append("' WHERE id='"); - sb.append(id); - sb.append("' AND type="); - sb.append(type); - sb.append(" AND expires=dateof(maxtimeuuid("); - sb.append(expires.getTime()); - sb.append("));"); - } - } - - private void update(CQLBatchLoop cbl, Row row, String newtag) { - StringBuilder sb = cbl.inc(); - sb.append("UPDATE authz.cred SET tag='"); - sb.append(newtag); - sb.append("' WHERE id='"); - sb.append(row.getString(0)); - sb.append("' AND type="); - sb.append(row.getInt(1)); - sb.append(" AND expires=dateof(maxtimeuuid("); - Date lc = row.getTimestamp(2); - sb.append(lc.getTime()); - sb.append("));"); - } + } + + private static class CredInfo { + public final String id; + public final int type; + public final Date expires; + + public CredInfo(String id, int type, Date expires) { + this.id = id; + this.type = type; + this.expires = expires; + } + + public void update(CQLBatchLoop cbl, String newtag) { + StringBuilder sb = cbl.inc(); + sb.append("UPDATE authz.cred SET tag='"); + sb.append(newtag); + sb.append("' WHERE id='"); + sb.append(id); + sb.append("' AND type="); + sb.append(type); + sb.append(" AND expires=dateof(maxtimeuuid("); + sb.append(expires.getTime()); + sb.append("));"); + } + } + + private void update(CQLBatchLoop cbl, Row row, String newtag) { + StringBuilder sb = cbl.inc(); + sb.append("UPDATE authz.cred SET tag='"); + sb.append(newtag); + sb.append("' WHERE id='"); + sb.append(row.getString(0)); + sb.append("' AND type="); + sb.append(row.getInt(1)); + sb.append(" AND expires=dateof(maxtimeuuid("); + Date lc = row.getTimestamp(2); + sb.append(lc.getTime()); + sb.append("));"); + } - @Override - protected void _close(AuthzTrans trans) { + @Override + protected void _close(AuthzTrans trans) { trans.info().log("End " + this.getClass().getSimpleName() + " processing" ); session.close(); - } + } } diff --git a/auth/auth-batch/src/main/java/org/onap/aaf/auth/batch/update/Approvals.java b/auth/auth-batch/src/main/java/org/onap/aaf/auth/batch/update/Approvals.java index 57def168..43e234b2 100644 --- a/auth/auth-batch/src/main/java/org/onap/aaf/auth/batch/update/Approvals.java +++ b/auth/auth-batch/src/main/java/org/onap/aaf/auth/batch/update/Approvals.java @@ -55,19 +55,19 @@ import org.onap.aaf.misc.env.Trans; import org.onap.aaf.misc.env.util.Chrono; public class Approvals extends Batch { - private final AuthzTrans noAvg; - private BatchDataView dataview; - private List<CSV> csvList; - private Writer napproveCW; - private final GregorianCalendar now; - private final String sdate; - private static final String CSV = ".csv"; - private static final String APPROVALS_NEW = "ApprovalsNew"; - + private final AuthzTrans noAvg; + private BatchDataView dataview; + private List<CSV> csvList; + private Writer napproveCW; + private final GregorianCalendar now; + private final String sdate; + private static final String CSV = ".csv"; + private static final String APPROVALS_NEW = "ApprovalsNew"; + public Approvals(AuthzTrans trans) throws APIException, IOException, OrganizationException { super(trans.env()); - now = new GregorianCalendar(); - sdate = Chrono.dateOnlyStamp(now); + now = new GregorianCalendar(); + sdate = Chrono.dateOnlyStamp(now); noAvg = env.newTransNoAvg(); noAvg.setUser(new BatchPrincipal("batch:Approvals")); session = cluster.connect(); @@ -79,21 +79,21 @@ public class Approvals extends Batch { csvList = new ArrayList<>(); File f; if(args().length>0) { - for(int i=0;i<args().length;++i) { - f = new File(logDir(), args()[i]); - if(f.exists()) { - csvList.add(new CSV(env.access(),f).processAll()); - } else { - trans.error().printf("CSV File %s does not exist",f.getAbsolutePath()); - } - } + for(int i=0;i<args().length;++i) { + f = new File(logDir(), args()[i]); + if(f.exists()) { + csvList.add(new CSV(env.access(),f).processAll()); + } else { + trans.error().printf("CSV File %s does not exist",f.getAbsolutePath()); + } + } } else { - f = new File(logDir(), Analyze.NEED_APPROVALS+Chrono.dateOnlyStamp()+".csv"); - if(f.exists()) { - csvList.add(new CSV(env.access(),f).processAll()); - } else { - trans.error().printf("CSV File %s does not exist",f.getAbsolutePath()); - } + f = new File(logDir(), Analyze.NEED_APPROVALS+Chrono.dateOnlyStamp()+".csv"); + if(f.exists()) { + csvList.add(new CSV(env.access(),f).processAll()); + } else { + trans.error().printf("CSV File %s does not exist",f.getAbsolutePath()); + } } @@ -106,71 +106,71 @@ public class Approvals extends Batch { @Override protected void run(AuthzTrans trans) { - Map<String,Pending> mpending = new TreeMap<>(); - Pending p = Pending.create(); + Map<String,Pending> mpending = new TreeMap<>(); + Pending p = Pending.create(); - Holder<Integer> count = new Holder<>(0); + Holder<Integer> count = new Holder<>(0); for(CSV neeedApproveCSV : csvList) { - TimeTaken tt = trans.start("Processing %s's UserRoles",Trans.SUB,neeedApproveCSV.name()); - try { - neeedApproveCSV.visit(row -> { - switch(row.get(0)) { - case UserRole.APPROVE_UR: - UserRoleDAO.Data urdd = UserRole.row(row); - // Create an Approval - ApprovalSet uras = new URApprovalSet(noAvg, now, dataview, () -> { - return urdd; - }); - Result<Void> rw = uras.write(noAvg); - if(rw.isOK()) { - Set<String> approvers = uras.approvers(); - if(approvers.isEmpty()) { - trans.error().printf("No Approvers found for %s-%s (probably no owner)",urdd.user,urdd.role); - } else { - for(String approver : approvers) { - Pending mp = mpending.get(approver); - if(mp==null) { - mpending.put(approver, Pending.create()); - } else { - mp.inc(p); // FYI, unlikely - } - } - count.set(count.get()+1); - } - } else { - trans.error().log(rw.errorString()); - } - break; - } - }); - dataview.flush(); - } catch (IOException | CadiException e) { - e.printStackTrace(); - // .... but continue with next row - } finally { - tt.done(); - } + TimeTaken tt = trans.start("Processing %s's UserRoles",Trans.SUB,neeedApproveCSV.name()); + try { + neeedApproveCSV.visit(row -> { + switch(row.get(0)) { + case UserRole.APPROVE_UR: + UserRoleDAO.Data urdd = UserRole.row(row); + // Create an Approval + ApprovalSet uras = new URApprovalSet(noAvg, now, dataview, () -> { + return urdd; + }); + Result<Void> rw = uras.write(noAvg); + if(rw.isOK()) { + Set<String> approvers = uras.approvers(); + if(approvers.isEmpty()) { + trans.error().printf("No Approvers found for %s-%s (probably no owner)",urdd.user,urdd.role); + } else { + for(String approver : approvers) { + Pending mp = mpending.get(approver); + if(mp==null) { + mpending.put(approver, Pending.create()); + } else { + mp.inc(p); // FYI, unlikely + } + } + count.set(count.get()+1); + } + } else { + trans.error().log(rw.errorString()); + } + break; + } + }); + dataview.flush(); + } catch (IOException | CadiException e) { + e.printStackTrace(); + // .... but continue with next row + } finally { + tt.done(); + } trans.info().printf("Processed %d UserRoles", count.get()); - tt = trans.start("Writing Approvals to %s",Trans.SUB,neeedApproveCSV.name()); - int cnt = 0; - try { - for(Entry<String, Pending> es : mpending.entrySet()) { - p.row(napproveCW,es.getKey()); - ++cnt; - } + tt = trans.start("Writing Approvals to %s",Trans.SUB,neeedApproveCSV.name()); + int cnt = 0; + try { + for(Entry<String, Pending> es : mpending.entrySet()) { + p.row(napproveCW,es.getKey()); + ++cnt; + } } finally { - tt.done(); - trans.info().printf("Processed %d Reminders", cnt); + tt.done(); + trans.info().printf("Processed %d Reminders", cnt); } - } + } } - @Override + @Override protected void _close(AuthzTrans trans) { - if(napproveCW!=null) { - napproveCW.flush(); - napproveCW.close(); - } + if(napproveCW!=null) { + napproveCW.flush(); + napproveCW.close(); + } } } diff --git a/auth/auth-batch/src/main/java/org/onap/aaf/auth/batch/update/Extend.java b/auth/auth-batch/src/main/java/org/onap/aaf/auth/batch/update/Extend.java index 3a0f7b9e..98a01d76 100644 --- a/auth/auth-batch/src/main/java/org/onap/aaf/auth/batch/update/Extend.java +++ b/auth/auth-batch/src/main/java/org/onap/aaf/auth/batch/update/Extend.java @@ -49,15 +49,15 @@ import org.onap.aaf.misc.env.TimeTaken; import org.onap.aaf.misc.env.util.Chrono; public class Extend extends Batch { - private final CQLBatch cqlBatch; - private final CredDAO credDAO; - private final AuthzTrans noAvg; - private List<File> extFiles; - private final int extendBy; - private int gcType; - - public Extend(AuthzTrans trans) throws APIException, IOException, OrganizationException { - super(trans.env()); + private final CQLBatch cqlBatch; + private final CredDAO credDAO; + private final AuthzTrans noAvg; + private List<File> extFiles; + private final int extendBy; + private int gcType; + + public Extend(AuthzTrans trans) throws APIException, IOException, OrganizationException { + super(trans.env()); trans.info().log("Starting Connection Process"); noAvg = env.newTransNoAvg(); @@ -65,13 +65,13 @@ public class Extend extends Batch { TimeTaken tt0 = trans.start("Cassandra Initialization", Env.SUB); try { - TimeTaken tt = trans.start("Connect to Cluster", Env.REMOTE); - credDAO = new CredDAO(trans, cluster, CassAccess.KEYSPACE); - try { - session = credDAO.getSession(trans); - } finally { - tt.done(); - } + TimeTaken tt = trans.start("Connect to Cluster", Env.REMOTE); + credDAO = new CredDAO(trans, cluster, CassAccess.KEYSPACE); + try { + session = credDAO.getSession(trans); + } finally { + tt.done(); + } cqlBatch = new CQLBatch(noAvg.info(),session); } finally { tt0.done(); @@ -79,133 +79,133 @@ public class Extend extends Batch { gcType = GregorianCalendar.WEEK_OF_YEAR; int weeks = 4; - + Set<String> cmd = new HashSet<>(); - for(int i=0; i< args().length;++i) { - if("-weeks".equals(args()[i])) { - if(args().length>i+1) { - weeks = Integer.parseInt(args()[++i]); - } - } else { - cmd.add(args()[i]); - } - } - - if(weeks<1 || weeks > 24) { - throw new APIException("Invalid --weeks"); - } - extendBy = weeks; + for(int i=0; i< args().length;++i) { + if("-weeks".equals(args()[i])) { + if(args().length>i+1) { + weeks = Integer.parseInt(args()[++i]); + } + } else { + cmd.add(args()[i]); + } + } + + if(weeks<1 || weeks > 24) { + throw new APIException("Invalid --weeks"); + } + extendBy = weeks; // Create Intermediate Output File logDir = logDir(); extFiles = new ArrayList<>(); if(cmd.isEmpty()) { - extFiles.add(new File(logDir,PrepExtend.PREP_EXTEND+Chrono.dateOnlyStamp()+".csv")); + extFiles.add(new File(logDir,PrepExtend.PREP_EXTEND+Chrono.dateOnlyStamp()+".csv")); } else { - for(String fn : cmd) { - extFiles.add(new File(logDir, fn)); - } + for(String fn : cmd) { + extFiles.add(new File(logDir, fn)); + } } // Load Cred. We don't follow Visitor, because we have to gather up everything into Identity Anyway // to find the last one. - } + } - @Override - protected void run(AuthzTrans trans) { + @Override + protected void run(AuthzTrans trans) { final int maxBatch = 50; - // Setup Date boundaries + // Setup Date boundaries final Holder<GregorianCalendar> hgc = new Holder<>(new GregorianCalendar()); final GregorianCalendar now = new GregorianCalendar(); /////////////////////////// trans.info().log("Bulk Extend Expiring User-Roles and Creds"); - final Holder<List<String>> info = new Holder<>(null); - final Holder<StringBuilder> hsb = new Holder<>(null); + final Holder<List<String>> info = new Holder<>(null); + final Holder<StringBuilder> hsb = new Holder<>(null); - for(File f : extFiles) { - CSV csv = new CSV(env.access(),f); - try { - csv.visit(new CSV.Visitor() { - final Holder<Integer> hi = new Holder<>(0); + for(File f : extFiles) { + CSV csv = new CSV(env.access(),f); + try { + csv.visit(new CSV.Visitor() { + final Holder<Integer> hi = new Holder<>(0); - @Override - public void visit(List<String> row) throws IOException, CadiException { - GregorianCalendar gc; - int i = hi.get(); - StringBuilder sb = hsb.get(); - if(sb==null) { - hsb.set(sb=cqlBatch.begin()); - } - switch(row.get(0)) { - case "info": - info.set(row); - break; - case "ur": - hi.set(++i); - gc = hgc.get(); - gc.setTime(new Date(Long.parseLong(row.get(6)))); - if(gc.before(now)) { - gc.setTime(now.getTime()); - } - gc.add(gcType, extendBy); - UserRole.batchExtend(sb,row,gc.getTime()); - break; - case "cred": - int ctype = Integer.parseInt(row.get(3)); - if(ctype == CredDAO.BASIC_AUTH_SHA256 || ctype == CredDAO.BASIC_AUTH) { - Result<List<Data>> result = credDAO.readID(noAvg, row.get(1)); - if(result.isOKhasData()) { - for(CredDAO.Data cd : result.value) { - if(cd.type == CredDAO.BASIC_AUTH_SHA256 || cd.type == CredDAO.BASIC_AUTH) { - String prev; - if(row.get(4).equals(prev=Chrono.dateOnlyStamp(cd.expires))) { - gc = hgc.get(); - gc.setTime(new Date(Long.parseLong(row.get(5)))); - if(gc.before(now)) { - gc.setTime(now.getTime()); - } - gc.add(gcType, extendBy); - cd.expires = gc.getTime(); - if(dryRun) { - noAvg.info().printf("Would extend %s, %d - %s to %s",cd.id,cd.type,prev, Chrono.dateOnlyStamp(cd.expires)); - } else { - Result<Void> r = credDAO.update(noAvg, cd, true); - noAvg.info().printf("%s %s, %d - %s to %s", - r.isOK()?"Extended":"Failed to Extend", - cd.id,cd.type,prev, Chrono.dateOnlyStamp(cd.expires)); - } - } - } - } - } - } - break; - } - if(i%maxBatch==0 && sb!=null) { - cqlBatch.execute(dryRun); - hi.set(1); - hsb.set(sb=null); - } - } - }); - } catch (IOException | CadiException e) { - e.printStackTrace(); - } - } - - // Cleanup, if required. - cqlBatch.execute(dryRun); + @Override + public void visit(List<String> row) throws IOException, CadiException { + GregorianCalendar gc; + int i = hi.get(); + StringBuilder sb = hsb.get(); + if(sb==null) { + hsb.set(sb=cqlBatch.begin()); + } + switch(row.get(0)) { + case "info": + info.set(row); + break; + case "ur": + hi.set(++i); + gc = hgc.get(); + gc.setTime(new Date(Long.parseLong(row.get(6)))); + if(gc.before(now)) { + gc.setTime(now.getTime()); + } + gc.add(gcType, extendBy); + UserRole.batchExtend(sb,row,gc.getTime()); + break; + case "cred": + int ctype = Integer.parseInt(row.get(3)); + if(ctype == CredDAO.BASIC_AUTH_SHA256 || ctype == CredDAO.BASIC_AUTH) { + Result<List<Data>> result = credDAO.readID(noAvg, row.get(1)); + if(result.isOKhasData()) { + for(CredDAO.Data cd : result.value) { + if(cd.type == CredDAO.BASIC_AUTH_SHA256 || cd.type == CredDAO.BASIC_AUTH) { + String prev; + if(row.get(4).equals(prev=Chrono.dateOnlyStamp(cd.expires))) { + gc = hgc.get(); + gc.setTime(new Date(Long.parseLong(row.get(5)))); + if(gc.before(now)) { + gc.setTime(now.getTime()); + } + gc.add(gcType, extendBy); + cd.expires = gc.getTime(); + if(dryRun) { + noAvg.info().printf("Would extend %s, %d - %s to %s",cd.id,cd.type,prev, Chrono.dateOnlyStamp(cd.expires)); + } else { + Result<Void> r = credDAO.update(noAvg, cd, true); + noAvg.info().printf("%s %s, %d - %s to %s", + r.isOK()?"Extended":"Failed to Extend", + cd.id,cd.type,prev, Chrono.dateOnlyStamp(cd.expires)); + } + } + } + } + } + } + break; + } + if(i%maxBatch==0 && sb!=null) { + cqlBatch.execute(dryRun); + hi.set(1); + hsb.set(sb=null); + } + } + }); + } catch (IOException | CadiException e) { + e.printStackTrace(); + } + } + + // Cleanup, if required. + cqlBatch.execute(dryRun); - } - - @Override - protected void _close(AuthzTrans trans) { + } + + @Override + protected void _close(AuthzTrans trans) { trans.info().log("End " + this.getClass().getSimpleName() + " processing" ); credDAO.close(trans); session.close(); - } + } } diff --git a/auth/auth-batch/src/main/java/org/onap/aaf/auth/batch/update/Remove.java b/auth/auth-batch/src/main/java/org/onap/aaf/auth/batch/update/Remove.java index b6b16fe3..89fbfacc 100644 --- a/auth/auth-batch/src/main/java/org/onap/aaf/auth/batch/update/Remove.java +++ b/auth/auth-batch/src/main/java/org/onap/aaf/auth/batch/update/Remove.java @@ -56,159 +56,159 @@ import org.onap.aaf.misc.env.Trans; import org.onap.aaf.misc.env.util.Chrono; public class Remove extends Batch { - private final AuthzTrans noAvg; - private HistoryDAO historyDAO; - private CQLBatch cqlBatch; - - public Remove(AuthzTrans trans) throws APIException, IOException, OrganizationException { - super(trans.env()); - trans.info().log("Starting Connection Process"); - - noAvg = env.newTransNoAvg(); - noAvg.setUser(new BatchPrincipal("Remove")); - - TimeTaken tt0 = trans.start("Cassandra Initialization", Env.SUB); - try { - historyDAO = new HistoryDAO(trans, cluster, CassAccess.KEYSPACE); - TimeTaken tt2 = trans.start("Connect to Cluster", Env.REMOTE); - try { - session = historyDAO.getSession(trans); - } finally { - tt2.done(); - } - cqlBatch = new CQLBatch(noAvg.info(),session); - - - } finally { - tt0.done(); - } - } - - @Override - protected void run(AuthzTrans trans) { - - // Create Intermediate Output - File logDir = logDir(); - - List<File> remove = new ArrayList<>(); - if(args().length>0) { - for(int i=0;i<args().length;++i) { - remove.add(new File(logDir, args()[i])); - } - } else { - remove.add(new File(logDir,"Delete"+Chrono.dateOnlyStamp()+".csv")); - } - - for(File f : remove) { - trans.init().log("Processing File:",f.getAbsolutePath()); - } - - final Holder<Boolean> ur = new Holder<>(false); - final Holder<Boolean> cred = new Holder<>(false); - final Holder<Boolean> x509 = new Holder<>(false); - final Holder<String> memoFmt = new Holder<String>(""); - final HistoryDAO.Data hdd = new HistoryDAO.Data(); - final String orgName = trans.org().getName(); - - hdd.action="delete"; - hdd.reconstruct = ByteBuffer.allocate(0); - hdd.user = noAvg.user(); - SimpleDateFormat sdf = new SimpleDateFormat("yyyyMM"); - hdd.yr_mon = Integer.parseInt(sdf.format(new Date())); - - try { - final CQLBatchLoop cbl = new CQLBatchLoop(cqlBatch,50,dryRun); - for(File f : remove) { - trans.info().log("Processing ",f.getAbsolutePath(),"for Deletions"); - if(f.exists()) { - CSV removeCSV = new CSV(env.access(),f); - try { - removeCSV.visit( row -> { - switch(row.get(0)) { - case "info": - switch(row.get(1)) { - case "Delete": - memoFmt.set("%s expired from %s on %s"); - break; - case "NotInOrgDelete": - memoFmt.set("Identity %s was removed from %s on %s"); - break; - } - break; - case "ur": - if(!ur.get()) { - ur.set(true); - } - //TODO If deleted because Role is no longer there, double check... - - UserRole.batchDelete(cbl.inc(),row); - hdd.target=UserRoleDAO.TABLE; - hdd.subject=UserRole.histSubject(row); - hdd.memo=UserRole.histMemo(memoFmt.get(), row); - historyDAO.createBatch(cbl.inc(), hdd); - break; - case "cred": - if(!cred.get()) { - cred.set(true); - } - Cred.batchDelete(cbl.inc(),row); - hdd.target=CredDAO.TABLE; - hdd.subject=Cred.histSubject(row); - hdd.memo=Cred.histMemo(memoFmt.get(), orgName,row); - historyDAO.createBatch(cbl.inc(), hdd); - break; - case "x509": - if(!x509.get()) { - x509.set(true); - } - X509.batchDelete(cbl.inc(),row); - hdd.target="x509"; - hdd.subject=X509.histSubject(row); - hdd.memo=X509.histMemo(memoFmt.get(),row); - historyDAO.createBatch(cbl.inc(), hdd); - break; - case "future": - // Not cached - Future.deleteByIDBatch(cbl.inc(),row.get(1)); - break; - case "approval": - // Not cached - Approval.deleteByIDBatch(cbl.inc(),row.get(1)); - break; - case "notified": - LastNotified.delete(cbl.inc(),row); - break; - } - }); - cbl.flush(); - } catch (IOException | CadiException e) { - e.printStackTrace(); - } - } else { - trans.error().log("File",f.getAbsolutePath(),"does not exist."); - } - } - } finally { - TimeTaken tt = trans.start("Touch UR,Cred and Cert Caches",Trans.REMOTE); - try { - if(ur.get()) { - cqlBatch.touch(UserRoleDAO.TABLE, 0, UserRoleDAO.CACHE_SEG, dryRun); - } - if(cred.get()) { - cqlBatch.touch(CredDAO.TABLE, 0, CredDAO.CACHE_SEG, dryRun); - } - if(x509.get()) { - cqlBatch.touch(CertDAO.TABLE, 0, CertDAO.CACHE_SEG, dryRun); - } - } finally { - tt.done(); - } - } - } - - @Override - protected void _close(AuthzTrans trans) { - session.close(); - } + private final AuthzTrans noAvg; + private HistoryDAO historyDAO; + private CQLBatch cqlBatch; + + public Remove(AuthzTrans trans) throws APIException, IOException, OrganizationException { + super(trans.env()); + trans.info().log("Starting Connection Process"); + + noAvg = env.newTransNoAvg(); + noAvg.setUser(new BatchPrincipal("Remove")); + + TimeTaken tt0 = trans.start("Cassandra Initialization", Env.SUB); + try { + historyDAO = new HistoryDAO(trans, cluster, CassAccess.KEYSPACE); + TimeTaken tt2 = trans.start("Connect to Cluster", Env.REMOTE); + try { + session = historyDAO.getSession(trans); + } finally { + tt2.done(); + } + cqlBatch = new CQLBatch(noAvg.info(),session); + + + } finally { + tt0.done(); + } + } + + @Override + protected void run(AuthzTrans trans) { + + // Create Intermediate Output + File logDir = logDir(); + + List<File> remove = new ArrayList<>(); + if(args().length>0) { + for(int i=0;i<args().length;++i) { + remove.add(new File(logDir, args()[i])); + } + } else { + remove.add(new File(logDir,"Delete"+Chrono.dateOnlyStamp()+".csv")); + } + + for(File f : remove) { + trans.init().log("Processing File:",f.getAbsolutePath()); + } + + final Holder<Boolean> ur = new Holder<>(false); + final Holder<Boolean> cred = new Holder<>(false); + final Holder<Boolean> x509 = new Holder<>(false); + final Holder<String> memoFmt = new Holder<String>(""); + final HistoryDAO.Data hdd = new HistoryDAO.Data(); + final String orgName = trans.org().getName(); + + hdd.action="delete"; + hdd.reconstruct = ByteBuffer.allocate(0); + hdd.user = noAvg.user(); + SimpleDateFormat sdf = new SimpleDateFormat("yyyyMM"); + hdd.yr_mon = Integer.parseInt(sdf.format(new Date())); + + try { + final CQLBatchLoop cbl = new CQLBatchLoop(cqlBatch,50,dryRun); + for(File f : remove) { + trans.info().log("Processing ",f.getAbsolutePath(),"for Deletions"); + if(f.exists()) { + CSV removeCSV = new CSV(env.access(),f); + try { + removeCSV.visit( row -> { + switch(row.get(0)) { + case "info": + switch(row.get(1)) { + case "Delete": + memoFmt.set("%s expired from %s on %s"); + break; + case "NotInOrgDelete": + memoFmt.set("Identity %s was removed from %s on %s"); + break; + } + break; + case "ur": + if(!ur.get()) { + ur.set(true); + } + //TODO If deleted because Role is no longer there, double check... + + UserRole.batchDelete(cbl.inc(),row); + hdd.target=UserRoleDAO.TABLE; + hdd.subject=UserRole.histSubject(row); + hdd.memo=UserRole.histMemo(memoFmt.get(), row); + historyDAO.createBatch(cbl.inc(), hdd); + break; + case "cred": + if(!cred.get()) { + cred.set(true); + } + Cred.batchDelete(cbl.inc(),row); + hdd.target=CredDAO.TABLE; + hdd.subject=Cred.histSubject(row); + hdd.memo=Cred.histMemo(memoFmt.get(), orgName,row); + historyDAO.createBatch(cbl.inc(), hdd); + break; + case "x509": + if(!x509.get()) { + x509.set(true); + } + X509.batchDelete(cbl.inc(),row); + hdd.target="x509"; + hdd.subject=X509.histSubject(row); + hdd.memo=X509.histMemo(memoFmt.get(),row); + historyDAO.createBatch(cbl.inc(), hdd); + break; + case "future": + // Not cached + Future.deleteByIDBatch(cbl.inc(),row.get(1)); + break; + case "approval": + // Not cached + Approval.deleteByIDBatch(cbl.inc(),row.get(1)); + break; + case "notified": + LastNotified.delete(cbl.inc(),row); + break; + } + }); + cbl.flush(); + } catch (IOException | CadiException e) { + e.printStackTrace(); + } + } else { + trans.error().log("File",f.getAbsolutePath(),"does not exist."); + } + } + } finally { + TimeTaken tt = trans.start("Touch UR,Cred and Cert Caches",Trans.REMOTE); + try { + if(ur.get()) { + cqlBatch.touch(UserRoleDAO.TABLE, 0, UserRoleDAO.CACHE_SEG, dryRun); + } + if(cred.get()) { + cqlBatch.touch(CredDAO.TABLE, 0, CredDAO.CACHE_SEG, dryRun); + } + if(x509.get()) { + cqlBatch.touch(CertDAO.TABLE, 0, CertDAO.CACHE_SEG, dryRun); + } + } finally { + tt.done(); + } + } + } + + @Override + protected void _close(AuthzTrans trans) { + session.close(); + } } diff --git a/auth/auth-batch/src/main/java/org/onap/aaf/auth/batch/update/Upload.java b/auth/auth-batch/src/main/java/org/onap/aaf/auth/batch/update/Upload.java index 537cd932..e2580ae8 100644 --- a/auth/auth-batch/src/main/java/org/onap/aaf/auth/batch/update/Upload.java +++ b/auth/auth-batch/src/main/java/org/onap/aaf/auth/batch/update/Upload.java @@ -43,180 +43,180 @@ import org.onap.aaf.misc.env.util.Split; public class Upload extends Batch { - private static final String DAT = ".dat"; + private static final String DAT = ".dat"; - private CQLBatch cqlBatch; + private CQLBatch cqlBatch; - private Map<String,Feed> feeds; + private Map<String,Feed> feeds; - public Upload(AuthzTrans trans) throws APIException, IOException, OrganizationException { - super(trans.env()); - trans.info().log("Starting Connection Process"); - - TimeTaken tt0 = trans.start("Cassandra Initialization", Env.SUB); - try { - TimeTaken tt = trans.start("Connect to Cluster", Env.REMOTE); - try { - session = cluster.connect(); - } finally { - tt.done(); - } - - cqlBatch = new CQLBatch(LogTarget.NULL,session); - - feeds=new HashMap<>(); - new Feed(feeds,"ns",1,"name,description,parent,scope=int,type=int",300); - new Feed(feeds,"notified",3,"user,target,key,last",300); - new Feed(feeds,"approval",1,"id=UUID,approver,last_notified,memo,operation,status,ticket=UUID,type,user",200); - new Feed(feeds,"artifact",2,"mechid,machine,ca,dir,expires,notify,ns,os_user,renewdays=int,sans=set,sponsor,type=set",200); - new Feed(feeds,"cred",1,"id,type=int,expires,cred=blob,notes,ns,other=int,prev=blob,tag",200); - new Feed(feeds,"x509",2,"ca,serial=blob,id,x500,x509=C/R",200); - new Feed(feeds,"role",2,"ns,name,description,perms=set",200); - new Feed(feeds,"perm",4,"ns,type,instance,action,description,roles=set",200); - new Feed(feeds,"history",1,"id=UUID,action,memo,reconstruct=blob,subject,target,user,yr_mon=int",300); + public Upload(AuthzTrans trans) throws APIException, IOException, OrganizationException { + super(trans.env()); + trans.info().log("Starting Connection Process"); + + TimeTaken tt0 = trans.start("Cassandra Initialization", Env.SUB); + try { + TimeTaken tt = trans.start("Connect to Cluster", Env.REMOTE); + try { + session = cluster.connect(); + } finally { + tt.done(); + } + + cqlBatch = new CQLBatch(LogTarget.NULL,session); + + feeds=new HashMap<>(); + new Feed(feeds,"ns",1,"name,description,parent,scope=int,type=int",300); + new Feed(feeds,"notified",3,"user,target,key,last",300); + new Feed(feeds,"approval",1,"id=UUID,approver,last_notified,memo,operation,status,ticket=UUID,type,user",200); + new Feed(feeds,"artifact",2,"mechid,machine,ca,dir,expires,notify,ns,os_user,renewdays=int,sans=set,sponsor,type=set",200); + new Feed(feeds,"cred",1,"id,type=int,expires,cred=blob,notes,ns,other=int,prev=blob,tag",200); + new Feed(feeds,"x509",2,"ca,serial=blob,id,x500,x509=C/R",200); + new Feed(feeds,"role",2,"ns,name,description,perms=set",200); + new Feed(feeds,"perm",4,"ns,type,instance,action,description,roles=set",200); + new Feed(feeds,"history",1,"id=UUID,action,memo,reconstruct=blob,subject,target,user,yr_mon=int",300); - } finally { - tt0.done(); - } - } + } finally { + tt0.done(); + } + } - @Override - protected void run(AuthzTrans trans) { - List<File> files = new ArrayList<>(); - if(args().length>0) { - File dir = new File(args()[0]); - if(dir.isDirectory()) { - for(File f : dir.listFiles(pathname -> { - return pathname.getName().endsWith(DAT); - })) { - files.add(f); - } - } else { - File f; - for(String arg : args()) { - if(arg.endsWith(DAT)) { - f=new File(arg); - } else { - f=new File(arg+DAT); - } - files.add(f); - } - } - } - for(File file : files) { - String f = file.getName(); - final Feed feed = feeds.get(f.substring(0,f.length()-4)); - if(feed!=null) { - TimeTaken tt = trans.start(file.getAbsolutePath(), Env.SUB); - String msg = String.format("#### Running %s.dat Feed ####",feed.getName()); - trans.info().log(msg); - System.out.println(msg); - CQLBatchLoop cbl = new CQLBatchLoop(cqlBatch,feed.batchSize,dryRun).showProgress(); - - try { - if(file.exists()) { - CSV csv = new CSV(trans.env().access(),file).setDelimiter('|'); - csv.visit( row -> { - feed.insert(cbl.inc(),row); - }); - } - cbl.flush(); - } catch (Throwable e) { - e.printStackTrace(); - } finally { - tt.done(); - System.err.flush(); - msg = String.format("\n%d applied in %d batches\n",cbl.total(), cbl.batches()); - trans.info().log(msg); - System.out.println(msg); - } - } - } - } - - @Override - protected void _close(AuthzTrans trans) { + @Override + protected void run(AuthzTrans trans) { + List<File> files = new ArrayList<>(); + if(args().length>0) { + File dir = new File(args()[0]); + if(dir.isDirectory()) { + for(File f : dir.listFiles(pathname -> { + return pathname.getName().endsWith(DAT); + })) { + files.add(f); + } + } else { + File f; + for(String arg : args()) { + if(arg.endsWith(DAT)) { + f=new File(arg); + } else { + f=new File(arg+DAT); + } + files.add(f); + } + } + } + for(File file : files) { + String f = file.getName(); + final Feed feed = feeds.get(f.substring(0,f.length()-4)); + if(feed!=null) { + TimeTaken tt = trans.start(file.getAbsolutePath(), Env.SUB); + String msg = String.format("#### Running %s.dat Feed ####",feed.getName()); + trans.info().log(msg); + System.out.println(msg); + CQLBatchLoop cbl = new CQLBatchLoop(cqlBatch,feed.batchSize,dryRun).showProgress(); + + try { + if(file.exists()) { + CSV csv = new CSV(trans.env().access(),file).setDelimiter('|'); + csv.visit( row -> { + feed.insert(cbl.inc(),row); + }); + } + cbl.flush(); + } catch (Throwable e) { + e.printStackTrace(); + } finally { + tt.done(); + System.err.flush(); + msg = String.format("\n%d applied in %d batches\n",cbl.total(), cbl.batches()); + trans.info().log(msg); + System.out.println(msg); + } + } + } + } + + @Override + protected void _close(AuthzTrans trans) { session.close(); - } + } - private class Feed { - private final String name; - private final String[] flds; - private final String[] types; - private final int key; - private final int batchSize; - public Feed(Map<String, Feed> feeds, String feed, int keyLength, String fields,int batchSize) { - name=feed; - key = keyLength; - flds = Split.splitTrim(',', fields); - types = new String[flds.length]; - this.batchSize = batchSize; - int equals; - for(int i=0;i<flds.length;++i) { - if((equals = flds[i].indexOf('='))>0) { - types[i]=flds[i].substring(equals+1); - flds[i]=flds[i].substring(0, equals); - } - } - feeds.put(feed,this); - } - - public String getName() { - return name; - } + private class Feed { + private final String name; + private final String[] flds; + private final String[] types; + private final int key; + private final int batchSize; + public Feed(Map<String, Feed> feeds, String feed, int keyLength, String fields,int batchSize) { + name=feed; + key = keyLength; + flds = Split.splitTrim(',', fields); + types = new String[flds.length]; + this.batchSize = batchSize; + int equals; + for(int i=0;i<flds.length;++i) { + if((equals = flds[i].indexOf('='))>0) { + types[i]=flds[i].substring(equals+1); + flds[i]=flds[i].substring(0, equals); + } + } + feeds.put(feed,this); + } + + public String getName() { + return name; + } - public void insert(StringBuilder sb,List<String> row) { - sb.append("INSERT INTO authz."); - sb.append(name); - sb.append(" ("); - boolean first = true; - StringBuilder values = new StringBuilder(") VALUES ("); - String value; - String type; - for(int idx=0;idx<row.size();++idx) { - value = row.get(idx).trim(); - if(idx<key || !(value.isEmpty() || "null".equals(value))) { - if(first) { - first = false; - } else { - sb.append(','); - values.append(','); - } - sb.append(flds[idx]); - type=types[idx]; - if(type==null) { // String is default. - switch(value) { - case "": - if(idx<key) { - // Key value has to be something, but can't be actual null - values.append("''"); - } else { - values.append("null"); - } - break; - default: - values.append('\''); - values.append(value.replaceAll("'","''")); - values.append('\''); - } - } else switch(type) { - case "C/R": - values.append('\''); - values.append(value.replaceAll("\\\\n", "\n")); - values.append('\''); - break; - default: - values.append(value); - break; - - } - } - } - sb.append(values); - sb.append(");\n"); - } - } + public void insert(StringBuilder sb,List<String> row) { + sb.append("INSERT INTO authz."); + sb.append(name); + sb.append(" ("); + boolean first = true; + StringBuilder values = new StringBuilder(") VALUES ("); + String value; + String type; + for(int idx=0;idx<row.size();++idx) { + value = row.get(idx).trim(); + if(idx<key || !(value.isEmpty() || "null".equals(value))) { + if(first) { + first = false; + } else { + sb.append(','); + values.append(','); + } + sb.append(flds[idx]); + type=types[idx]; + if(type==null) { // String is default. + switch(value) { + case "": + if(idx<key) { + // Key value has to be something, but can't be actual null + values.append("''"); + } else { + values.append("null"); + } + break; + default: + values.append('\''); + values.append(value.replaceAll("'","''")); + values.append('\''); + } + } else switch(type) { + case "C/R": + values.append('\''); + values.append(value.replaceAll("\\\\n", "\n")); + values.append('\''); + break; + default: + values.append(value); + break; + + } + } + } + sb.append(values); + sb.append(");\n"); + } + } } |