diff options
Diffstat (limited to 'auth/auth-batch/src/main/java')
48 files changed, 297 insertions, 3099 deletions
diff --git a/auth/auth-batch/src/main/java/org/onap/aaf/auth/batch/actions/Action.java b/auth/auth-batch/src/main/java/org/onap/aaf/auth/batch/actions/Action.java deleted file mode 100644 index 544d049d..00000000 --- a/auth/auth-batch/src/main/java/org/onap/aaf/auth/batch/actions/Action.java +++ /dev/null @@ -1,29 +0,0 @@ -/** - * ============LICENSE_START==================================================== - * org.onap.aaf - * =========================================================================== - * Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. - * =========================================================================== - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * ============LICENSE_END==================================================== - * - */ - -package org.onap.aaf.auth.batch.actions; - -import org.onap.aaf.auth.env.AuthzTrans; -import org.onap.aaf.auth.layer.Result; - -public interface Action<D,RV,T> { - public Result<RV> exec(AuthzTrans trans, D data, T t); -}
\ No newline at end of file diff --git a/auth/auth-batch/src/main/java/org/onap/aaf/auth/batch/actions/ActionDAO.java b/auth/auth-batch/src/main/java/org/onap/aaf/auth/batch/actions/ActionDAO.java deleted file mode 100644 index 416a13ce..00000000 --- a/auth/auth-batch/src/main/java/org/onap/aaf/auth/batch/actions/ActionDAO.java +++ /dev/null @@ -1,73 +0,0 @@ -/** - * ============LICENSE_START==================================================== - * org.onap.aaf - * =========================================================================== - * Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. - * =========================================================================== - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * ============LICENSE_END==================================================== - * - */ - -package org.onap.aaf.auth.batch.actions; - -import java.io.IOException; - -import org.onap.aaf.auth.dao.CassAccess; -import org.onap.aaf.auth.dao.hl.Function; -import org.onap.aaf.auth.dao.hl.Question; -import org.onap.aaf.auth.env.AuthzTrans; -import org.onap.aaf.misc.env.APIException; - -import com.datastax.driver.core.Cluster; -import com.datastax.driver.core.Session; - -public abstract class ActionDAO<D,RV,T> implements Action<D,RV,T> { - protected final Question q; - protected final Function f; - private boolean clean; - protected final boolean dryRun; - - public ActionDAO(AuthzTrans trans, Cluster cluster, boolean dryRun) throws APIException, IOException { - q = new Question(trans, cluster, CassAccess.KEYSPACE, false); - f = new Function(trans,q); - clean = true; - this.dryRun = dryRun; - } - - public ActionDAO(AuthzTrans trans, ActionDAO<?,?,?> predecessor) { - q = predecessor.q; - f = new Function(trans,q); - clean = false; - dryRun = predecessor.dryRun; - } - - public Session getSession(AuthzTrans trans) throws APIException, IOException { - return q.historyDAO.getSession(trans); - } - - public Question question() { - return q; - } - - public Function function() { - return f; - } - - public void close(AuthzTrans trans) { - if (clean) { - q.close(trans); - } - } - -} diff --git a/auth/auth-batch/src/main/java/org/onap/aaf/auth/batch/actions/ActionPuntDAO.java b/auth/auth-batch/src/main/java/org/onap/aaf/auth/batch/actions/ActionPuntDAO.java deleted file mode 100644 index 5d060758..00000000 --- a/auth/auth-batch/src/main/java/org/onap/aaf/auth/batch/actions/ActionPuntDAO.java +++ /dev/null @@ -1,55 +0,0 @@ -/** - * ============LICENSE_START==================================================== - * org.onap.aaf - * =========================================================================== - * Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. - * =========================================================================== - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * ============LICENSE_END==================================================== - * - */ - -package org.onap.aaf.auth.batch.actions; - -import java.io.IOException; -import java.util.Date; -import java.util.GregorianCalendar; - -import org.onap.aaf.auth.env.AuthzTrans; -import org.onap.aaf.misc.env.APIException; - -import com.datastax.driver.core.Cluster; - -public abstract class ActionPuntDAO<D, RV, T> extends ActionDAO<D, RV, T> { - private int months; - protected static final Date now = new Date(); - - public ActionPuntDAO(AuthzTrans trans, Cluster cluster, int months, boolean dryRun) throws APIException, IOException { - super(trans, cluster,dryRun); - this.months = months; - } - - public ActionPuntDAO(AuthzTrans trans, ActionDAO<?, ?, ?> predecessor, int months) { - super(trans, predecessor); - this.months = months; - } - - - protected Date puntDate(Date current) { - GregorianCalendar temp = new GregorianCalendar(); - temp.setTime(current); - temp.add(GregorianCalendar.MONTH, months); - return temp.getTime(); - } - -} diff --git a/auth/auth-batch/src/main/java/org/onap/aaf/auth/batch/actions/ApprovalAdd.java b/auth/auth-batch/src/main/java/org/onap/aaf/auth/batch/actions/ApprovalAdd.java deleted file mode 100644 index f31de565..00000000 --- a/auth/auth-batch/src/main/java/org/onap/aaf/auth/batch/actions/ApprovalAdd.java +++ /dev/null @@ -1,59 +0,0 @@ -/** - * ============LICENSE_START==================================================== - * org.onap.aaf - * =========================================================================== - * Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. - * =========================================================================== - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * ============LICENSE_END==================================================== - * - */ - -package org.onap.aaf.auth.batch.actions; - -import java.io.IOException; - -import org.onap.aaf.auth.batch.helpers.Approval; -import org.onap.aaf.auth.dao.cass.ApprovalDAO; -import org.onap.aaf.auth.env.AuthzTrans; -import org.onap.aaf.auth.layer.Result; -import org.onap.aaf.misc.env.APIException; - -import com.datastax.driver.core.Cluster; - -public class ApprovalAdd extends ActionDAO<Approval,ApprovalDAO.Data,String> { - public ApprovalAdd(AuthzTrans trans, Cluster cluster, boolean dryRun) throws APIException, IOException { - super(trans, cluster,dryRun); - } - - public ApprovalAdd(AuthzTrans trans, ActionDAO<?,?,?> adao) { - super(trans, adao); - } - - @Override - public Result<ApprovalDAO.Data> exec(AuthzTrans trans, Approval app, String text) { - return exec(trans,app.add,text); - } - - public Result<ApprovalDAO.Data> exec(AuthzTrans trans, ApprovalDAO.Data add, String text) { - if (dryRun) { - trans.info().log("Would Add:",text,add.approver,add.memo); - return Result.ok(add); - } else { - Result<ApprovalDAO.Data> rv = q.approvalDAO.create(trans, add); - trans.info().log("Added:",text,add.approver,add.memo); - return rv; - } - } - -}
\ No newline at end of file diff --git a/auth/auth-batch/src/main/java/org/onap/aaf/auth/batch/actions/CacheTouch.java b/auth/auth-batch/src/main/java/org/onap/aaf/auth/batch/actions/CacheTouch.java deleted file mode 100644 index 94df581b..00000000 --- a/auth/auth-batch/src/main/java/org/onap/aaf/auth/batch/actions/CacheTouch.java +++ /dev/null @@ -1,54 +0,0 @@ -/** - * ============LICENSE_START==================================================== - * org.onap.aaf - * =========================================================================== - * Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. - * =========================================================================== - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * ============LICENSE_END==================================================== - * - */ - -package org.onap.aaf.auth.batch.actions; - -import java.io.IOException; - -import org.onap.aaf.auth.env.AuthzTrans; -import org.onap.aaf.auth.layer.Result; -import org.onap.aaf.misc.env.APIException; - -import com.datastax.driver.core.Cluster; - -public class CacheTouch extends ActionDAO<String,Void, String> { - - public CacheTouch(AuthzTrans trans, Cluster cluster, boolean dryRun) throws APIException, IOException { - super(trans, cluster, dryRun); - } - - public CacheTouch(AuthzTrans trans, ActionDAO<?,?,?> adao) { - super(trans, adao); - } - - @Override - public Result<Void> exec(AuthzTrans trans, String table, String text) { - if (dryRun) { - trans.info().printf("Would mark %s cache in DB for clearing: %s",table, text); - return Result.ok(); - } else { - - Result<Void> rv = q.clearCache(trans, table); - trans.info().printf("Set DB Cache %s for clearing: %s",table, text); - return rv; - } - } -}
\ No newline at end of file diff --git a/auth/auth-batch/src/main/java/org/onap/aaf/auth/batch/actions/CredDelete.java b/auth/auth-batch/src/main/java/org/onap/aaf/auth/batch/actions/CredDelete.java deleted file mode 100644 index 61da6094..00000000 --- a/auth/auth-batch/src/main/java/org/onap/aaf/auth/batch/actions/CredDelete.java +++ /dev/null @@ -1,55 +0,0 @@ -/** - * ============LICENSE_START==================================================== - * org.onap.aaf - * =========================================================================== - * Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. - * =========================================================================== - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * ============LICENSE_END==================================================== - * - */ - -package org.onap.aaf.auth.batch.actions; - -import java.io.IOException; - -import org.onap.aaf.auth.dao.cass.CredDAO; -import org.onap.aaf.auth.env.AuthzTrans; -import org.onap.aaf.auth.layer.Result; -import org.onap.aaf.misc.env.APIException; -import org.onap.aaf.misc.env.util.Chrono; - -import com.datastax.driver.core.Cluster; - -public class CredDelete extends ActionDAO<CredDAO.Data,Void, String> { - - public CredDelete(AuthzTrans trans, Cluster cluster, boolean dryRun) throws APIException, IOException { - super(trans, cluster, dryRun); - } - - public CredDelete(AuthzTrans trans, ActionDAO<?,?,?> adao) { - super(trans, adao); - } - - @Override - public Result<Void> exec(AuthzTrans trans, CredDAO.Data cred, String text) { - if (dryRun) { - trans.info().log("Would Delete:",text,cred.id,CredPrint.type(cred.type),Chrono.dateOnlyStamp(cred.expires)); - return Result.ok(); - } else { - Result<Void> rv = q.credDAO.delete(trans, cred, true); // need to read for undelete - trans.info().log("Deleted:",text,cred.id,CredPrint.type(cred.type),Chrono.dateOnlyStamp(cred.expires)); - return rv; - } - } -}
\ No newline at end of file diff --git a/auth/auth-batch/src/main/java/org/onap/aaf/auth/batch/actions/CredPrint.java b/auth/auth-batch/src/main/java/org/onap/aaf/auth/batch/actions/CredPrint.java deleted file mode 100644 index 9780f2ba..00000000 --- a/auth/auth-batch/src/main/java/org/onap/aaf/auth/batch/actions/CredPrint.java +++ /dev/null @@ -1,56 +0,0 @@ -/** - * ============LICENSE_START==================================================== - * org.onap.aaf - * =========================================================================== - * Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. - * =========================================================================== - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * ============LICENSE_END==================================================== - * - */ - -package org.onap.aaf.auth.batch.actions; - -import org.onap.aaf.auth.dao.cass.CredDAO; -import org.onap.aaf.auth.env.AuthzTrans; -import org.onap.aaf.auth.layer.Result; -import org.onap.aaf.misc.env.util.Chrono; - -public class CredPrint implements Action<CredDAO.Data,Void,String> { - private String info; - - public CredPrint(String text) { - this.info = text; - } - - @Override - public Result<Void> exec(AuthzTrans trans, CredDAO.Data cred, String text) { - trans.info().log(info,cred.id,text, type(cred.type),Chrono.dateOnlyStamp(cred.expires)); - return Result.ok(); - } - - - public static String type(int type) { - switch(type) { - case CredDAO.BASIC_AUTH: // 1 - return "OLD"; - case CredDAO.BASIC_AUTH_SHA256: // 2 - return "U/P"; - case CredDAO.CERT_SHA256_RSA: // 200 - return "Cert"; - default: - return "Unknown"; - } - } - -}
\ No newline at end of file diff --git a/auth/auth-batch/src/main/java/org/onap/aaf/auth/batch/actions/CredPunt.java b/auth/auth-batch/src/main/java/org/onap/aaf/auth/batch/actions/CredPunt.java deleted file mode 100644 index 8c3188d1..00000000 --- a/auth/auth-batch/src/main/java/org/onap/aaf/auth/batch/actions/CredPunt.java +++ /dev/null @@ -1,70 +0,0 @@ -/** - * ============LICENSE_START==================================================== - * org.onap.aaf - * =========================================================================== - * Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. - * =========================================================================== - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * ============LICENSE_END==================================================== - * - */ - -package org.onap.aaf.auth.batch.actions; - -import java.io.IOException; -import java.util.Date; -import java.util.List; - -import org.onap.aaf.auth.dao.cass.CredDAO; -import org.onap.aaf.auth.env.AuthzTrans; -import org.onap.aaf.auth.layer.Result; -import org.onap.aaf.misc.env.APIException; -import org.onap.aaf.misc.env.util.Chrono; - -import com.datastax.driver.core.Cluster; - -public class CredPunt extends ActionPuntDAO<CredDAO.Data,Void,String> { - - public CredPunt(AuthzTrans trans, Cluster cluster, int months, int range, boolean dryRun) throws IOException, APIException { - super(trans,cluster,months, dryRun); - } - - public CredPunt(AuthzTrans trans, ActionDAO<?,?,?> adao, int months, int range) throws IOException { - super(trans, adao, months); - } - - public Result<Void> exec(AuthzTrans trans, CredDAO.Data cdd,String text) { - Result<Void> rv = null; - Result<List<CredDAO.Data>> read = q.credDAO.read(trans, cdd); - if (read.isOKhasData()) { - for (CredDAO.Data data : read.value) { - Date from = data.expires; - data.expires = puntDate(from); - if (data.expires.compareTo(from)<=0) { - trans.debug().printf("Error: %s is before %s", Chrono.dateOnlyStamp(data.expires), Chrono.dateOnlyStamp(from)); - } else { - if (dryRun) { - trans.info().log("Would Update Cred",cdd.id, CredPrint.type(cdd.type), "from",Chrono.dateOnlyStamp(from),"to",Chrono.dateOnlyStamp(data.expires)); - } else { - trans.info().log("Updated Cred",cdd.id, CredPrint.type(cdd.type), "from",Chrono.dateOnlyStamp(from),"to",Chrono.dateOnlyStamp(data.expires)); - rv = q.credDAO.update(trans, data); - } - } - } - } - if (rv==null) { - rv=Result.err(read); - } - return rv; - } -}
\ No newline at end of file diff --git a/auth/auth-batch/src/main/java/org/onap/aaf/auth/batch/actions/Email.java b/auth/auth-batch/src/main/java/org/onap/aaf/auth/batch/actions/Email.java deleted file mode 100644 index 461d3fc7..00000000 --- a/auth/auth-batch/src/main/java/org/onap/aaf/auth/batch/actions/Email.java +++ /dev/null @@ -1,217 +0,0 @@ -/** - * ============LICENSE_START==================================================== - * org.onap.aaf - * =========================================================================== - * Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. - * =========================================================================== - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * ============LICENSE_END==================================================== - * - */ - -package org.onap.aaf.auth.batch.actions; - -import java.io.PrintStream; -import java.util.ArrayList; -import java.util.Collection; -import java.util.List; - -import org.onap.aaf.auth.env.AuthzTrans; -import org.onap.aaf.auth.layer.Result; -import org.onap.aaf.auth.org.Organization; -import org.onap.aaf.auth.org.OrganizationException; -import org.onap.aaf.auth.org.Organization.Identity; -import org.onap.aaf.misc.env.util.Chrono; - -public class Email implements Action<Organization,Void, String>{ - protected final List<String> toList; - protected final List<String> ccList; - private final String[] defaultCC; - protected String subject; - private String preamble; - private Message msg; - private String sig; - protected String lineIndent=" "; - private long lastSent=0L; - - - public Email(String ... defaultCC) { - toList = new ArrayList<>(); - this.defaultCC = defaultCC; - ccList = new ArrayList<>(); - clear(); - } - - public Email clear() { - toList.clear(); - ccList.clear(); - for (String s: defaultCC) { - ccList.add(s); - } - return this; - } - - - public void indent(String indent) { - lineIndent = indent; - } - - public void preamble(String format, Object ... args) { - preamble = String.format(format, args); - } - - public Email addTo(Identity id) { - if (id!=null && !toList.contains(id.email())) { - toList.add(id.email()); - } - return this; - } - - public Email addTo(Collection<String> users) { - for (String u : users) { - addTo(u); - } - return this; - } - - public Email addTo(String email) { - if (!toList.contains(email)) { - toList.add(email); - } - return this; - } - - public Email addCC(Identity id) { - if (id!=null && !ccList.contains(id.email())) { - ccList.add(id.email()); - } - return this; - } - - public Email addCC(String email) { - if (!ccList.contains(email)) { - ccList.add(email); - } - return this; - } - - - public Email add(Identity id, boolean toSuper) throws OrganizationException { - Identity responsible = id.responsibleTo(); - if (toSuper) { - addTo(responsible.email()); - addCC(id.email()); - } else { - addCC(responsible.email()); - addTo(id.email()); - } - return this; - } - - public Email subject(String format, Object ... args) { - if (format.contains("%s")) { - subject = String.format(format, args); - } else { - subject = format; - } - return this; - } - - - public Email signature(String format, Object ... args) { - sig = String.format(format, args); - return this; - } - - public void msg(Message msg) { - this.msg = msg; - } - - @Override - public Result<Void> exec(AuthzTrans trans, Organization org, String text) { - StringBuilder sb = new StringBuilder(); - if (preamble!=null) { - sb.append(lineIndent); - sb.append(preamble); - sb.append("\n\n"); - } - - if (msg!=null) { - msg.msg(sb,lineIndent); - sb.append("\n"); - } - - if (sig!=null) { - sb.append(sig); - sb.append("\n"); - } - - long ct = System.currentTimeMillis(); - long wait = ct-lastSent; - lastSent = ct; - if (wait < 100) { // 10 per second - try { - Thread.sleep(wait); - } catch (InterruptedException e) { - Thread.currentThread().interrupt(); - } - } - return exec(trans,org,sb); - } - - protected Result<Void> exec(AuthzTrans trans, Organization org, StringBuilder sb) { - try { - /* int status = */ - org.sendEmail(trans, - toList, - ccList, - subject, - sb.toString(), - false); - } catch (Exception e) { - return Result.err(Result.ERR_ActionNotCompleted,e.getMessage()); - } - return Result.ok(); - - } - - public void log(PrintStream ps, String text) { - ps.print(Chrono.dateTime()); - boolean first = true; - for (String s : toList) { - if (first) { - first = false; - ps.print(": "); - } else { - ps.print(", "); - } - ps.print(s); - } - if (!ccList.isEmpty()) { - first=true; - for (String s : ccList) { - if (first) { - first = false; - ps.print(" ["); - } else { - ps.print(", "); - } - ps.print(s); - } - ps.print(']'); - } - - ps.print(' '); - ps.println(text); - } -} diff --git a/auth/auth-batch/src/main/java/org/onap/aaf/auth/batch/actions/EmailPrint.java b/auth/auth-batch/src/main/java/org/onap/aaf/auth/batch/actions/EmailPrint.java deleted file mode 100644 index 2ae86994..00000000 --- a/auth/auth-batch/src/main/java/org/onap/aaf/auth/batch/actions/EmailPrint.java +++ /dev/null @@ -1,104 +0,0 @@ -/** - * ============LICENSE_START==================================================== - * org.onap.aaf - * =========================================================================== - * Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. - * - * Modifications Copyright © 2018 IBM. - * =========================================================================== - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * ============LICENSE_END==================================================== - * - */ - -package org.onap.aaf.auth.batch.actions; - -import java.io.PrintStream; - -import org.onap.aaf.auth.env.AuthzTrans; -import org.onap.aaf.auth.layer.Result; -import org.onap.aaf.auth.org.Organization; - -public class EmailPrint extends Email { - - private static final int LINE_LENGTH = 100; - - public EmailPrint(String... defaultCC) { - super(defaultCC); - } - - /* (non-Javadoc) - * @see org.onap.aaf.auth.actions.Email#exec(org.onap.aaf.auth.org.test.Organization, java.lang.StringBuilder) - */ - @Override - protected Result<Void> exec(AuthzTrans trans, Organization org, StringBuilder msg) { - PrintStream out = System.out; - boolean first = true; - out.print("To: "); - for (String s: toList) { - if (first) { - first = false; - } - else {out.print(',');} - out.print(s); - } - out.println(); - - first = true; - out.print("CC: "); - for (String s: ccList) { - if (first) { - first = false; - } - else {out.print(',');} - out.print(s); - } - out.println(); - - out.print("Subject: "); - out.println(subject); - out.println(); - boolean go = true; - - for (int start=0, end=LINE_LENGTH;go;start=end,end=Math.min(msg.length(), start+LINE_LENGTH)) { - int ret = msg.indexOf("\n",start+1); - switch(ret) { - case -1: - out.println(msg.substring(start,end)); - break; - case 0: - end=start+1; - out.println(); - break; - default: - if (ret<end) { - end = ret; - } - if (end==start+LINE_LENGTH) { - // Word-wrapping - ret = msg.lastIndexOf(" ", end); - if (ret>start && ret<end) { - end=ret+1; - } - out.println(msg.substring(start,end)); - } else { - out.print(msg.substring(start,end)); - } - } - go = end<msg.length(); - } - return Result.ok(); - - } - -} diff --git a/auth/auth-batch/src/main/java/org/onap/aaf/auth/batch/actions/FutureAdd.java b/auth/auth-batch/src/main/java/org/onap/aaf/auth/batch/actions/FutureAdd.java deleted file mode 100644 index 29a500c7..00000000 --- a/auth/auth-batch/src/main/java/org/onap/aaf/auth/batch/actions/FutureAdd.java +++ /dev/null @@ -1,59 +0,0 @@ -/** - * ============LICENSE_START==================================================== - * org.onap.aaf - * =========================================================================== - * Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. - * =========================================================================== - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * ============LICENSE_END==================================================== - * - */ - -package org.onap.aaf.auth.batch.actions; - -import java.io.IOException; - -import org.onap.aaf.auth.batch.helpers.Future; -import org.onap.aaf.auth.dao.cass.FutureDAO; -import org.onap.aaf.auth.env.AuthzTrans; -import org.onap.aaf.auth.layer.Result; -import org.onap.aaf.misc.env.APIException; - -import com.datastax.driver.core.Cluster; - -public class FutureAdd extends ActionDAO<Future,FutureDAO.Data,String> { - public FutureAdd(AuthzTrans trans, Cluster cluster, boolean dryRun) throws APIException, IOException { - super(trans, cluster,dryRun); - } - - public FutureAdd(AuthzTrans trans, ActionDAO<?,?,?> adao) { - super(trans, adao); - } - - @Override - public Result<FutureDAO.Data> exec(AuthzTrans trans, Future f, String text) { - return exec(trans,f.fdd,text); - } - - public Result<FutureDAO.Data> exec(AuthzTrans trans, FutureDAO.Data fdd, String text) { - if (dryRun) { - trans.info().log("Would Add:",text,fdd.id, fdd.memo); - return Result.ok(fdd); - } else { - Result<FutureDAO.Data> rv = q.futureDAO.create(trans, fdd); - trans.info().log("Added:",text,fdd.id, fdd.memo); - return rv; - } - } - -}
\ No newline at end of file diff --git a/auth/auth-batch/src/main/java/org/onap/aaf/auth/batch/actions/FuturePrint.java b/auth/auth-batch/src/main/java/org/onap/aaf/auth/batch/actions/FuturePrint.java deleted file mode 100644 index f95e9222..00000000 --- a/auth/auth-batch/src/main/java/org/onap/aaf/auth/batch/actions/FuturePrint.java +++ /dev/null @@ -1,41 +0,0 @@ -/** - * ============LICENSE_START==================================================== - * org.onap.aaf - * =========================================================================== - * Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. - * =========================================================================== - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * ============LICENSE_END==================================================== - * - */ - -package org.onap.aaf.auth.batch.actions; - -import org.onap.aaf.auth.batch.helpers.Future; -import org.onap.aaf.auth.env.AuthzTrans; -import org.onap.aaf.auth.layer.Result; -import org.onap.aaf.misc.env.util.Chrono; - -public class FuturePrint implements Action<Future,Void,String> { - private String info; - - public FuturePrint(String text) { - this.info = text; - } - - @Override - public Result<Void> exec(AuthzTrans trans, Future f, String text) { - trans.info().log(info,f.id(),f.memo(),"expiring on",Chrono.dateOnlyStamp(f.expires())); - return Result.ok(); - } -}
\ No newline at end of file diff --git a/auth/auth-batch/src/main/java/org/onap/aaf/auth/batch/actions/Key.java b/auth/auth-batch/src/main/java/org/onap/aaf/auth/batch/actions/Key.java deleted file mode 100644 index 1ee655f4..00000000 --- a/auth/auth-batch/src/main/java/org/onap/aaf/auth/batch/actions/Key.java +++ /dev/null @@ -1,29 +0,0 @@ -/** - * ============LICENSE_START==================================================== - * org.onap.aaf - * =========================================================================== - * Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. - * - * Modifications Copyright (C) 2019 IBM. - * =========================================================================== - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * ============LICENSE_END==================================================== - * - */ - -package org.onap.aaf.auth.batch.actions; - -@FunctionalInterface -public interface Key<HELPER> { - public String key(HELPER H); -} diff --git a/auth/auth-batch/src/main/java/org/onap/aaf/auth/batch/actions/Message.java b/auth/auth-batch/src/main/java/org/onap/aaf/auth/batch/actions/Message.java deleted file mode 100644 index 8bef131c..00000000 --- a/auth/auth-batch/src/main/java/org/onap/aaf/auth/batch/actions/Message.java +++ /dev/null @@ -1,53 +0,0 @@ -/** - * ============LICENSE_START==================================================== - * org.onap.aaf - * =========================================================================== - * Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. - * =========================================================================== - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * ============LICENSE_END==================================================== - * - */ - -package org.onap.aaf.auth.batch.actions; - -import java.util.ArrayList; -import java.util.List; - -public class Message { - public final List<String> lines; - - public Message() { - lines = new ArrayList<>(); - } - - public void clear() { - lines.clear(); - } - - public String line(String format, Object ... args) { - String rv=String.format(format, args); - lines.add(rv); - return rv; - } - - public void msg(StringBuilder sb, String lineIndent) { - if (!lines.isEmpty()) { - for (String line : lines) { - sb.append(lineIndent); - sb.append(line); - sb.append('\n'); - } - } - } -} diff --git a/auth/auth-batch/src/main/java/org/onap/aaf/auth/batch/actions/NSACreate.java b/auth/auth-batch/src/main/java/org/onap/aaf/auth/batch/actions/NSACreate.java deleted file mode 100644 index 567bccfc..00000000 --- a/auth/auth-batch/src/main/java/org/onap/aaf/auth/batch/actions/NSACreate.java +++ /dev/null @@ -1,58 +0,0 @@ -/** - * ============LICENSE_START==================================================== - * org.onap.aaf - * =========================================================================== - * Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. - * =========================================================================== - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * ============LICENSE_END==================================================== - * - */ - -package org.onap.aaf.auth.batch.actions; - -import java.io.IOException; - -import org.onap.aaf.auth.batch.helpers.NsAttrib; -import org.onap.aaf.auth.env.AuthzTrans; -import org.onap.aaf.auth.layer.Result; -import org.onap.aaf.misc.env.APIException; - -import com.datastax.driver.core.Cluster; - -public class NSACreate extends ActionDAO<NsAttrib,Void,String> { - public NSACreate(AuthzTrans trans, Cluster cluster, boolean dryRun) throws APIException, IOException { - super(trans, cluster,dryRun); - } - - public NSACreate(AuthzTrans trans, ActionDAO<?,?,?> adao) { - super(trans, adao); - } - - @Override - public Result<Void> exec(AuthzTrans trans, NsAttrib nsa, String text) { - if (dryRun) { - trans.info().printf("Would Create %s Attrib '%s=%s' in %s",text,nsa.key,nsa.value,nsa.ns); - return Result.ok(); - } else { - Result<Void> rv = q.nsDAO.dao().attribAdd(trans, nsa.ns, nsa.key, nsa.value); - if (rv.isOK()) { - trans.info().printf("%s - Created Attrib '%s=%s' in %s",text,nsa.key,nsa.value,nsa.ns); - } else { - trans.error().printf("Error Creating Attrib '%s=%s' in %s - %s",nsa.key,nsa.value,nsa.ns,rv.details); - } - return rv; - } - } - -}
\ No newline at end of file diff --git a/auth/auth-batch/src/main/java/org/onap/aaf/auth/batch/actions/NSADelete.java b/auth/auth-batch/src/main/java/org/onap/aaf/auth/batch/actions/NSADelete.java deleted file mode 100644 index 86eff7ea..00000000 --- a/auth/auth-batch/src/main/java/org/onap/aaf/auth/batch/actions/NSADelete.java +++ /dev/null @@ -1,58 +0,0 @@ -/** - * ============LICENSE_START==================================================== - * org.onap.aaf - * =========================================================================== - * Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. - * =========================================================================== - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * ============LICENSE_END==================================================== - * - */ - -package org.onap.aaf.auth.batch.actions; - -import java.io.IOException; - -import org.onap.aaf.auth.batch.helpers.NsAttrib; -import org.onap.aaf.auth.env.AuthzTrans; -import org.onap.aaf.auth.layer.Result; -import org.onap.aaf.misc.env.APIException; - -import com.datastax.driver.core.Cluster; - -public class NSADelete extends ActionDAO<NsAttrib,Void,String> { - public NSADelete(AuthzTrans trans, Cluster cluster, boolean dryRun) throws APIException, IOException { - super(trans, cluster,dryRun); - } - - public NSADelete(AuthzTrans trans, ActionDAO<?,?,?> adao) { - super(trans, adao); - } - - @Override - public Result<Void> exec(AuthzTrans trans, NsAttrib nsa, String text) { - if (dryRun) { - trans.info().printf("Would Delete %s Attrib '%s' in %s",text,nsa.key,nsa.ns); - return Result.ok(); - } else { - Result<Void> rv = q.nsDAO.dao().attribRemove(trans, nsa.ns, nsa.key); - if (rv.isOK()) { - trans.info().printf("%s - Deleted Attrib '%s' in %s",text,nsa.key,nsa.value,nsa.ns); - } else { - trans.error().printf("Error Deleting Attrib '%s' in %s - %s",nsa.key,nsa.value,nsa.ns,rv.details); - } - return rv; - } - } - -}
\ No newline at end of file diff --git a/auth/auth-batch/src/main/java/org/onap/aaf/auth/batch/actions/NSDescUpdate.java b/auth/auth-batch/src/main/java/org/onap/aaf/auth/batch/actions/NSDescUpdate.java deleted file mode 100644 index 78e835b3..00000000 --- a/auth/auth-batch/src/main/java/org/onap/aaf/auth/batch/actions/NSDescUpdate.java +++ /dev/null @@ -1,58 +0,0 @@ -/** - * ============LICENSE_START==================================================== - * org.onap.aaf - * =========================================================================== - * Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. - * =========================================================================== - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * ============LICENSE_END==================================================== - * - */ - -package org.onap.aaf.auth.batch.actions; - -import java.io.IOException; - -import org.onap.aaf.auth.batch.helpers.NS; -import org.onap.aaf.auth.env.AuthzTrans; -import org.onap.aaf.auth.layer.Result; -import org.onap.aaf.misc.env.APIException; - -import com.datastax.driver.core.Cluster; - -public class NSDescUpdate extends ActionDAO<NS,Void,String> { - public NSDescUpdate(AuthzTrans trans, Cluster cluster, boolean dryRun) throws APIException, IOException { - super(trans, cluster,dryRun); - } - - public NSDescUpdate(AuthzTrans trans, ActionDAO<?,?,?> adao) { - super(trans, adao); - } - - @Override - public Result<Void> exec(AuthzTrans trans, NS ns, String desc) { - if (dryRun) { - trans.info().printf("Would Update '%s' Description to '%s'",ns,desc); - return Result.ok(); - } else { - Result<Void> rv = q.nsDAO.dao().addDescription(trans, ns.ndd.name, desc); - if (rv.isOK()) { - trans.info().printf("Updated '%s' Description to '%s'",ns,desc); - } else { - trans.error().printf("Error Updating '%s' Description to '%s' - %s",ns,desc,rv.details); - } - return rv; - } - } - -}
\ No newline at end of file diff --git a/auth/auth-batch/src/main/java/org/onap/aaf/auth/batch/actions/PermCreate.java b/auth/auth-batch/src/main/java/org/onap/aaf/auth/batch/actions/PermCreate.java deleted file mode 100644 index 65555704..00000000 --- a/auth/auth-batch/src/main/java/org/onap/aaf/auth/batch/actions/PermCreate.java +++ /dev/null @@ -1,69 +0,0 @@ -/** - * ============LICENSE_START==================================================== - * org.onap.aaf - * =========================================================================== - * Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. - * =========================================================================== - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * ============LICENSE_END==================================================== - * - */ - -package org.onap.aaf.auth.batch.actions; - -import java.io.IOException; - -import org.onap.aaf.auth.batch.helpers.Perm; -import org.onap.aaf.auth.dao.cass.PermDAO; -import org.onap.aaf.auth.dao.cass.PermDAO.Data; -import org.onap.aaf.auth.env.AuthzTrans; -import org.onap.aaf.auth.layer.Result; -import org.onap.aaf.misc.env.APIException; - -import com.datastax.driver.core.Cluster; - - -public class PermCreate extends ActionDAO<Perm,Data,String> { - public PermCreate(AuthzTrans trans, Cluster cluster, boolean dryRun) throws APIException, IOException { - super(trans, cluster, dryRun); - } - - public PermCreate(AuthzTrans trans, ActionDAO<?,?,?> adao) { - super(trans, adao); - } - - @Override - public Result<Data> exec(AuthzTrans trans, Perm p,String text) { - PermDAO.Data pdd = new PermDAO.Data(); - pdd.ns = p.ns; - pdd.type = p.type; - pdd.instance = p.instance; - pdd.action = p.action; - pdd.description = p.description; - pdd.roles = p.roles; - - if (dryRun) { - trans.info().log("Would Create Perm:",text,p.fullType()); - return Result.ok(pdd); - } else { - Result<Data> rv = q.permDAO.create(trans, pdd); // need to read for undelete - if (rv.isOK()) { - trans.info().log("Created Perm:",text,p.fullType()); - } else { - trans.error().log("Error Creating Role -",rv.details,":",p.fullType()); - } - return rv; - } - } - -}
\ No newline at end of file diff --git a/auth/auth-batch/src/main/java/org/onap/aaf/auth/batch/actions/PermDelete.java b/auth/auth-batch/src/main/java/org/onap/aaf/auth/batch/actions/PermDelete.java deleted file mode 100644 index b9ae8d56..00000000 --- a/auth/auth-batch/src/main/java/org/onap/aaf/auth/batch/actions/PermDelete.java +++ /dev/null @@ -1,64 +0,0 @@ -/** - * ============LICENSE_START==================================================== - * org.onap.aaf - * =========================================================================== - * Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. - * =========================================================================== - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * ============LICENSE_END==================================================== - * - */ - -package org.onap.aaf.auth.batch.actions; - -import java.io.IOException; - -import org.onap.aaf.auth.batch.helpers.Perm; -import org.onap.aaf.auth.dao.cass.PermDAO; -import org.onap.aaf.auth.env.AuthzTrans; -import org.onap.aaf.auth.layer.Result; -import org.onap.aaf.misc.env.APIException; - -import com.datastax.driver.core.Cluster; - -public class PermDelete extends ActionDAO<Perm,Void,String> { - public PermDelete(AuthzTrans trans, Cluster cluster, boolean dryRun) throws APIException, IOException { - super(trans, cluster, dryRun); - } - - public PermDelete(AuthzTrans trans, ActionDAO<?,?,?> adao) { - super(trans, adao); - } - - @Override - public Result<Void> exec(AuthzTrans trans, Perm p,String text) { - PermDAO.Data pdd = new PermDAO.Data(); - pdd.ns = p.ns; - pdd.type = p.type; - pdd.instance = p.instance; - pdd.action = p.action; - if (dryRun) { - trans.info().log("Would Delete Perm:",text,p.fullType()); - return Result.ok(); - } else { - Result<Void> rv = q.permDAO.delete(trans, pdd, true); // need to read for undelete - if (rv.isOK()) { - trans.info().log("Deleted Perm:",text,p.fullType()); - } else { - trans.error().log("Error Deleting Perm -",rv.details,":",p.fullType()); - } - return rv; - } - } - -}
\ No newline at end of file diff --git a/auth/auth-batch/src/main/java/org/onap/aaf/auth/batch/actions/PermModify.java b/auth/auth-batch/src/main/java/org/onap/aaf/auth/batch/actions/PermModify.java deleted file mode 100644 index 58dd6fbf..00000000 --- a/auth/auth-batch/src/main/java/org/onap/aaf/auth/batch/actions/PermModify.java +++ /dev/null @@ -1,141 +0,0 @@ -/** - * ============LICENSE_START==================================================== - * org.onap.aaf - * =========================================================================== - * Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. - * =========================================================================== - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * ============LICENSE_END==================================================== - * - */ - -package org.onap.aaf.auth.batch.actions; - -import java.io.IOException; -import java.util.List; - -import org.onap.aaf.auth.batch.helpers.Perm; -import org.onap.aaf.auth.batch.helpers.Role; -import org.onap.aaf.auth.dao.cass.PermDAO; -import org.onap.aaf.auth.dao.cass.RoleDAO; -import org.onap.aaf.auth.dao.cass.Status; -import org.onap.aaf.auth.dao.cass.PermDAO.Data; -import org.onap.aaf.auth.env.AuthzTrans; -import org.onap.aaf.auth.layer.Result; -import org.onap.aaf.misc.env.APIException; - -import com.datastax.driver.core.Cluster; - -public class PermModify extends ActionDAO<Perm,PermDAO.Data,PermModify.Modify> { - public PermModify(AuthzTrans trans, Cluster cluster, boolean dryRun) throws APIException, IOException { - super(trans, cluster,dryRun); - } - - public PermModify(AuthzTrans trans, ActionDAO<?,?,?> adao) { - super(trans, adao); - } - - @Override - public Result<PermDAO.Data> exec(AuthzTrans trans, final Perm p, final Modify modify) { - Result<List<PermDAO.Data>> rr = q.permDAO.read(trans, p.ns,p.type,p.instance,p.action); - if (dryRun) { - if (rr.isOKhasData()) { - return Result.ok(rr.value.get(0)); - } else { - return Result.err(Result.ERR_NotFound, "Data not Found " + p.toString()); - } - } else { - Result<PermDAO.Data> rv = null; - if (rr.isOKhasData()) { - for (final Data d : rr.value) { - modify.change(d); - if (d.ns.equals(p.ns) && d.type.equals(p.type) && d.instance.equals(p.instance) && d.action.equals(p.action)) { - // update for fields - // In either case, adjust Permissions - for (String r : d.roles) { - if (!p.roles.contains(r)) { - q.permDAO.dao().addRole(trans, d, r); - } - } - for (String r : p.roles) { - if (!d.roles.contains(r)) { - q.permDAO.dao().delRole(trans, d, r); - } - } - rv = Result.ok(d); - } else { - for (String r : d.roles) { - Role role = Role.keys.get(r); - if (role.rdd.perms.contains(p.encode())) { - modify.roleModify().exec(trans, role, new RoleModify.Modify() { - @Override - public PermModify permModify() { - return PermModify.this; - } - - @Override - public void change(RoleDAO.Data rdd) { - rdd.perms.remove(p.encode()); - rdd.perms.add(d.encode()); - } - }); - } - } - - rv = q.permDAO.create(trans, d); - if (rv.isOK()) { - PermDAO.Data pdd = new PermDAO.Data(); - pdd.ns = p.ns; - pdd.type = p.type; - pdd.instance = p.instance; - pdd.action = p.action; - q.permDAO.delete(trans, pdd, false); - trans.info().printf("Updated %s|%s|%s|%s to %s|%s|%s|%s\n", - p.ns, p.type, p.instance, p.action, - d.ns, d.type, d.instance, d.action); - } else { - trans.info().log(rv.errorString()); - } - } - - } - } else { - rv = Result.err(rr); - } - if (rv==null) { - rv = Result.err(Status.ERR_General,"Never get to this code"); - } - - return rv; - } - } - - public static interface Modify { - void change(PermDAO.Data ur); - RoleModify roleModify(); - } - - public Result<Void> delete(AuthzTrans trans, Perm p) { - if (dryRun) { - return Result.ok(); - } else { - PermDAO.Data data = new PermDAO.Data(); - data.ns=p.ns; - data.type = p.type; - data.instance = p.instance; - data.action = p.action; - return q.permDAO.delete(trans,data,false); - } - } - -}
\ No newline at end of file diff --git a/auth/auth-batch/src/main/java/org/onap/aaf/auth/batch/actions/RoleCreate.java b/auth/auth-batch/src/main/java/org/onap/aaf/auth/batch/actions/RoleCreate.java deleted file mode 100644 index 729d5c10..00000000 --- a/auth/auth-batch/src/main/java/org/onap/aaf/auth/batch/actions/RoleCreate.java +++ /dev/null @@ -1,59 +0,0 @@ -/** - * ============LICENSE_START==================================================== - * org.onap.aaf - * =========================================================================== - * Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. - * =========================================================================== - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * ============LICENSE_END==================================================== - * - */ - -package org.onap.aaf.auth.batch.actions; - -import java.io.IOException; - -import org.onap.aaf.auth.batch.helpers.Role; -import org.onap.aaf.auth.dao.cass.RoleDAO.Data; -import org.onap.aaf.auth.env.AuthzTrans; -import org.onap.aaf.auth.layer.Result; -import org.onap.aaf.misc.env.APIException; - -import com.datastax.driver.core.Cluster; - -public class RoleCreate extends ActionDAO<Role,Data,String> { - public RoleCreate(AuthzTrans trans, Cluster cluster, boolean dryRun) throws APIException, IOException { - super(trans, cluster,dryRun); - } - - public RoleCreate(AuthzTrans trans, ActionDAO<?,?,?> adao) { - super(trans, adao); - } - - @Override - public Result<Data> exec(AuthzTrans trans, Role r,String text) { - if (dryRun) { - trans.info().log("Would Create Role:",text,r.fullName()); - return Result.ok(r.rdd); - } else { - Result<Data> rv = q.roleDAO.create(trans, r.rdd); // need to read for undelete - if (rv.isOK()) { - trans.info().log("Created Role:",text,r.fullName()); - } else { - trans.error().log("Error Creating Role -",rv.details,":",r.fullName()); - } - return rv; - } - } - -}
\ No newline at end of file diff --git a/auth/auth-batch/src/main/java/org/onap/aaf/auth/batch/actions/RoleDelete.java b/auth/auth-batch/src/main/java/org/onap/aaf/auth/batch/actions/RoleDelete.java deleted file mode 100644 index edaae0fe..00000000 --- a/auth/auth-batch/src/main/java/org/onap/aaf/auth/batch/actions/RoleDelete.java +++ /dev/null @@ -1,58 +0,0 @@ -/** - * ============LICENSE_START==================================================== - * org.onap.aaf - * =========================================================================== - * Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. - * =========================================================================== - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * ============LICENSE_END==================================================== - * - */ - -package org.onap.aaf.auth.batch.actions; - -import java.io.IOException; - -import org.onap.aaf.auth.batch.helpers.Role; -import org.onap.aaf.auth.env.AuthzTrans; -import org.onap.aaf.auth.layer.Result; -import org.onap.aaf.misc.env.APIException; - -import com.datastax.driver.core.Cluster; - -public class RoleDelete extends ActionDAO<Role,Void,String> { - public RoleDelete(AuthzTrans trans, Cluster cluster, boolean dryRun) throws APIException, IOException { - super(trans, cluster, dryRun); - } - - public RoleDelete(AuthzTrans trans, ActionDAO<?,?,?> adao) { - super(trans, adao); - } - - @Override - public Result<Void> exec(AuthzTrans trans, Role r,String text) { - if (dryRun) { - trans.info().log("Would Delete Role:",text,r.fullName()); - return Result.ok(); - } else { - Result<Void> rv = q.roleDAO.delete(trans, r.rdd, true); // need to read for undelete - if (rv.isOK()) { - trans.info().log("Deleted Role:",text,r.fullName()); - } else { - trans.error().log("Error Deleting Role -",rv.details,":",r.fullName()); - } - return rv; - } - } - -}
\ No newline at end of file diff --git a/auth/auth-batch/src/main/java/org/onap/aaf/auth/batch/actions/RoleModify.java b/auth/auth-batch/src/main/java/org/onap/aaf/auth/batch/actions/RoleModify.java deleted file mode 100644 index e00c08c3..00000000 --- a/auth/auth-batch/src/main/java/org/onap/aaf/auth/batch/actions/RoleModify.java +++ /dev/null @@ -1,146 +0,0 @@ -/** - * ============LICENSE_START==================================================== - * org.onap.aaf - * =========================================================================== - * Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. - * =========================================================================== - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * ============LICENSE_END==================================================== - * - */ - -package org.onap.aaf.auth.batch.actions; - -import java.io.IOException; -import java.util.List; - -import org.onap.aaf.auth.batch.helpers.Perm; -import org.onap.aaf.auth.batch.helpers.Role; -import org.onap.aaf.auth.dao.cass.PermDAO; -import org.onap.aaf.auth.dao.cass.RoleDAO; -import org.onap.aaf.auth.dao.cass.Status; -import org.onap.aaf.auth.dao.cass.RoleDAO.Data; -import org.onap.aaf.auth.env.AuthzTrans; -import org.onap.aaf.auth.layer.Result; -import org.onap.aaf.misc.env.APIException; - -import com.datastax.driver.core.Cluster; - -public class RoleModify extends ActionDAO<Role,RoleDAO.Data,RoleModify.Modify> { - public RoleModify(AuthzTrans trans, Cluster cluster, boolean dryRun) throws APIException, IOException { - super(trans, cluster, dryRun); - } - - public RoleModify(AuthzTrans trans, ActionDAO<?,?,?> adao) { - super(trans, adao); - } - - @Override - public Result<RoleDAO.Data> exec(final AuthzTrans trans, final Role r,final RoleModify.Modify modify) { - Result<List<Data>> rr = q.roleDAO.read(trans, r.rdd.ns,r.rdd.name); - if (dryRun) { - if (rr.isOKhasData()) { - return Result.ok(rr.value.get(0)); - } else { - return Result.err(Result.ERR_NotFound, "Data not Found " + r.toString()); - } - } else { - Result<Data> rv = null; - if (rr.isOKhasData()) { - for (final Data d : rr.value) { - modify.change(d); - if (d.ns.equals(r.rdd.ns) && d.name.equals(r.rdd.name)) { - // update for fields - // In either case, adjust Roles - for (String p : d.perms) { - if (!r.rdd.perms.contains(p)) { - Result<PermDAO.Data> rpdd = PermDAO.Data.decode(trans, q, p); - if (rpdd.isOKhasData()) { - q.roleDAO.dao().addPerm(trans, d, rpdd.value); - } - } - } - for (String p : r.rdd.perms) { - if (!d.perms.contains(p)) { - Result<PermDAO.Data> rpdd = PermDAO.Data.decode(trans, q, p); - if (rpdd.isOKhasData()) { - q.roleDAO.dao().delPerm(trans, d, rpdd.value); - } - } - } - rv = Result.ok(d); - } else { - for (String p : d.perms) { - Perm perm = Perm.keys.get(p); - if (perm!=null) { - if (perm.roles.contains(r.encode())) { - modify.permModify().exec(trans, perm, new PermModify.Modify() { - @Override - public RoleModify roleModify() { - return RoleModify.this; - } - - @Override - public void change(PermDAO.Data pdd) { - pdd.roles.remove(r.encode()); - pdd.roles.add(d.encode()); - } - }); - } - } - } - Result<List<Data>> preexist = q.roleDAO.read(trans, d); - if (preexist.isOKhasData()) { - Data rdd = preexist.value.get(0); - for (String p : d.perms) { - Result<PermDAO.Data> perm = PermDAO.Data.decode(trans, q, p); - if (perm.isOKhasData()) { - q.roleDAO.dao().addPerm(trans,rdd, perm.value); - } - } - rv = Result.ok(rdd); - } else { - rv = q.roleDAO.create(trans, d); - } - if (rv.isOK()) { - trans.info().printf("Updating %s|%s to %s|%s", r.rdd.ns, r.rdd.name, d.ns, d.name); - q.roleDAO.delete(trans, r.rdd, false); - - } else { - trans.info().log(rv.errorString()); - } - } - } - } else { - rv = Result.err(rr); - } - if (rv==null) { - rv = Result.err(Status.ERR_General,"Never get to this code"); - } - return rv; - } - } - - public static interface Modify { - void change(RoleDAO.Data ur); - PermModify permModify(); - } - - public Result<Void> delete(AuthzTrans trans, Role r) { - if (dryRun) { - return Result.ok(); - } else { - return q.roleDAO.delete(trans,r.rdd,false); - } - } -}
\ No newline at end of file diff --git a/auth/auth-batch/src/main/java/org/onap/aaf/auth/batch/actions/URAdd.java b/auth/auth-batch/src/main/java/org/onap/aaf/auth/batch/actions/URAdd.java deleted file mode 100644 index e0c1bb80..00000000 --- a/auth/auth-batch/src/main/java/org/onap/aaf/auth/batch/actions/URAdd.java +++ /dev/null @@ -1,57 +0,0 @@ -/** - * ============LICENSE_START==================================================== - * org.onap.aaf - * =========================================================================== - * Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. - * =========================================================================== - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * ============LICENSE_END==================================================== - * - */ - -package org.onap.aaf.auth.batch.actions; - -import java.io.IOException; - -import org.onap.aaf.auth.batch.helpers.UserRole; -import org.onap.aaf.auth.dao.cass.UserRoleDAO; -import org.onap.aaf.auth.dao.cass.UserRoleDAO.Data; -import org.onap.aaf.auth.env.AuthzTrans; -import org.onap.aaf.auth.layer.Result; -import org.onap.aaf.misc.env.APIException; -import org.onap.aaf.misc.env.util.Chrono; - -import com.datastax.driver.core.Cluster; - -public class URAdd extends ActionDAO<UserRole,UserRoleDAO.Data,String> { - public URAdd(AuthzTrans trans, Cluster cluster, boolean dryRun) throws APIException, IOException { - super(trans, cluster,dryRun); - } - - public URAdd(AuthzTrans trans, ActionDAO<?,?,?> adao) { - super(trans, adao); - } - - @Override - public Result<Data> exec(AuthzTrans trans, UserRole ur, String text) { - if (dryRun) { - trans.info().log("Would Add:",text,ur.role(),ur.user(),"on",Chrono.dateOnlyStamp(ur.expires())); - return Result.ok(ur.urdd()); - } else { - Result<Data> rv = q.userRoleDAO.create(trans, ur.urdd()); - trans.info().log("Added:",text,ur.role(),ur.user(),"on",Chrono.dateOnlyStamp(ur.expires())); - return rv; - } - } - -}
\ No newline at end of file diff --git a/auth/auth-batch/src/main/java/org/onap/aaf/auth/batch/actions/URDelete.java b/auth/auth-batch/src/main/java/org/onap/aaf/auth/batch/actions/URDelete.java deleted file mode 100644 index 00208ad9..00000000 --- a/auth/auth-batch/src/main/java/org/onap/aaf/auth/batch/actions/URDelete.java +++ /dev/null @@ -1,59 +0,0 @@ -/** - * ============LICENSE_START==================================================== - * org.onap.aaf - * =========================================================================== - * Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. - * =========================================================================== - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * ============LICENSE_END==================================================== - * - */ - -package org.onap.aaf.auth.batch.actions; - -import java.io.IOException; - -import org.onap.aaf.auth.batch.helpers.UserRole; -import org.onap.aaf.auth.env.AuthzTrans; -import org.onap.aaf.auth.layer.Result; -import org.onap.aaf.misc.env.APIException; -import org.onap.aaf.misc.env.util.Chrono; - -import com.datastax.driver.core.Cluster; - -public class URDelete extends ActionDAO<UserRole,Void,String> { - public URDelete(AuthzTrans trans, Cluster cluster, boolean dryRun) throws APIException, IOException { - super(trans, cluster,dryRun); - } - - public URDelete(AuthzTrans trans, ActionDAO<?,?,?> adao) { - super(trans, adao); - } - - @Override - public Result<Void> exec(AuthzTrans trans, UserRole ur,String text) { - if (dryRun) { - trans.info().log("Would Delete UserRole:",text,ur.user(),ur.role(),"on",Chrono.dateOnlyStamp(ur.expires())); - return Result.ok(); - } else { - Result<Void> rv = q.userRoleDAO.delete(trans,ur.urdd(), true); // need to read for undelete - if (rv.isOK()) { - trans.info().log("Deleted UserRole:",text,ur.user(),ur.role(),"on",Chrono.dateOnlyStamp(ur.expires())); - } else { - trans.error().log("Error Deleting User Role -",rv.details,":",ur.user(),ur.role(),"on",Chrono.dateOnlyStamp(ur.expires()) ); - } - return rv; - } - } - -}
\ No newline at end of file diff --git a/auth/auth-batch/src/main/java/org/onap/aaf/auth/batch/actions/URFutureApprove.java b/auth/auth-batch/src/main/java/org/onap/aaf/auth/batch/actions/URFutureApprove.java deleted file mode 100644 index a228a8ca..00000000 --- a/auth/auth-batch/src/main/java/org/onap/aaf/auth/batch/actions/URFutureApprove.java +++ /dev/null @@ -1,112 +0,0 @@ -/** - * ============LICENSE_START==================================================== - * org.onap.aaf - * =========================================================================== - * Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. - * =========================================================================== - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * ============LICENSE_END==================================================== - * - */ - -package org.onap.aaf.auth.batch.actions; - -import java.io.IOException; -import java.util.Date; -import java.util.GregorianCalendar; - -import org.onap.aaf.auth.batch.helpers.Approval; -import org.onap.aaf.auth.batch.helpers.UserRole; -import org.onap.aaf.auth.dao.cass.FutureDAO; -import org.onap.aaf.auth.dao.cass.NsDAO; -import org.onap.aaf.auth.dao.hl.Function; -import org.onap.aaf.auth.dao.hl.Question; -import org.onap.aaf.auth.dao.hl.Function.FUTURE_OP; -import org.onap.aaf.auth.env.AuthzTrans; -import org.onap.aaf.auth.layer.Result; -import org.onap.aaf.auth.org.Organization.Expiration; -import org.onap.aaf.misc.env.APIException; -import org.onap.aaf.misc.env.util.Chrono; - -import com.datastax.driver.core.Cluster; - -public class URFutureApprove extends ActionDAO<UserRole, String,String> implements Action<UserRole,String,String>, Key<UserRole> { - private final Date start; - private final Date expires; - - public URFutureApprove(AuthzTrans trans, Cluster cluster, boolean dryRun) throws APIException, IOException { - super(trans,cluster, dryRun); - GregorianCalendar gc = new GregorianCalendar(); - start = gc.getTime(); - expires = trans.org().expiration(gc, Expiration.Future).getTime(); - } - - public URFutureApprove(AuthzTrans trans, ActionDAO<?,?,?> adao) { - super(trans, adao); - GregorianCalendar gc = new GregorianCalendar(); - start = gc.getTime(); - expires = trans.org().expiration(gc, Expiration.Future).getTime(); - } - - @Override - public Result<String> exec(AuthzTrans trans, UserRole ur,String text) { - if (dryRun) { - return Result.ok(text); - } else { - Result<NsDAO.Data> rns = q.deriveNs(trans, ur.ns()); - if (rns.isOK()) { - - FutureDAO.Data data = new FutureDAO.Data(); - data.id=null; // let Create function assign UUID - data.target=Function.FOP_USER_ROLE; - - data.memo = key(ur); - data.start = start; - data.expires = ur.expires(); - try { - data.construct = ur.urdd().bytify(); - } catch (IOException e) { - return Result.err(e); - } - Result<String> rfuture = f.createFuture(trans, data, Function.FOP_USER_ROLE, ur.user(), rns.value, FUTURE_OP.A); - if (rfuture.isOK()) { - trans.info().log(rfuture.value, text, ur.user(), data.memo); - } else { - trans.error().log(rfuture.details, text); - } - return rfuture; - } else { - return Result.err(rns); - } - } - } - - @Override - public String key(UserRole ur) { - String expire; - if (expires.before(start)) { - expire = "' - EXPIRED "; - } else { - expire = "' - expiring "; - } - - if (Question.OWNER.equals(ur.rname())) { - return Approval.RE_VALIDATE_OWNER + ur.ns() + expire + Chrono.dateOnlyStamp(ur.expires()); - } else if (Question.ADMIN.equals(ur.rname())) { - return Approval.RE_VALIDATE_ADMIN + ur.ns() + expire + Chrono.dateOnlyStamp(ur.expires()); - } else { - return Approval.RE_APPROVAL_IN_ROLE + ur.role() + expire + Chrono.dateOnlyStamp(ur.expires()); - } - } - -}
\ No newline at end of file diff --git a/auth/auth-batch/src/main/java/org/onap/aaf/auth/batch/actions/URFutureApproveExec.java b/auth/auth-batch/src/main/java/org/onap/aaf/auth/batch/actions/URFutureApproveExec.java deleted file mode 100644 index 9c44a62a..00000000 --- a/auth/auth-batch/src/main/java/org/onap/aaf/auth/batch/actions/URFutureApproveExec.java +++ /dev/null @@ -1,98 +0,0 @@ -/** - * ============LICENSE_START==================================================== - * org.onap.aaf - * =========================================================================== - * Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. - * =========================================================================== - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * ============LICENSE_END==================================================== - * - */ - -package org.onap.aaf.auth.batch.actions; - -import java.io.IOException; -import java.util.ArrayList; -import java.util.List; - -import org.onap.aaf.auth.batch.helpers.Approval; -import org.onap.aaf.auth.batch.helpers.Future; -import org.onap.aaf.auth.batch.helpers.UserRole; -import org.onap.aaf.auth.dao.cass.ApprovalDAO; -import org.onap.aaf.auth.dao.cass.UserRoleDAO; -import org.onap.aaf.auth.dao.hl.Function.FUTURE_OP; -import org.onap.aaf.auth.dao.hl.Function.OP_STATUS; -import org.onap.aaf.auth.env.AuthzTrans; -import org.onap.aaf.auth.layer.Result; -import org.onap.aaf.misc.env.APIException; - -import com.datastax.driver.core.Cluster; - -public class URFutureApproveExec extends ActionDAO<List<Approval>, OP_STATUS, Future> { - - public URFutureApproveExec(AuthzTrans trans, Cluster cluster, boolean dryRun) throws APIException, IOException { - super(trans,cluster, dryRun); - } - - public URFutureApproveExec(AuthzTrans trans, ActionDAO<?,?,?> adao) { - super(trans, adao); - } - - @Override - public Result<OP_STATUS> exec(AuthzTrans trans, List<Approval> app, Future future) { - if (dryRun) { - return Result.err(Result.ERR_ActionNotCompleted,"Not Executed"); - } else { - // Save on Lookups - final List<ApprovalDAO.Data> apprs = new ArrayList<>(); - final List<UserRoleDAO.Data> urs = new ArrayList<>(); - for (Approval a : app) { - apprs.add(a.add); - UserRole ur = UserRole.get(a.add.user, future.role); - if (ur!=null) { - urs.add(ur.urdd()); - } - } - Result<OP_STATUS> rv = f.performFutureOp(trans, FUTURE_OP.A, future.fdd, - (trans1, noop) -> apprs, - (trans12, keys) -> { - List<UserRole> lur = UserRole.getByUser().get(keys[0]); - if (lur!=null) { - for (UserRole ur : lur) { - if (ur.role().equals(keys[1])) { - return ur.urdd(); - } - } - } - return null; - }); - if (rv.isOK()) { - switch(rv.value) { - case D: - trans.info().printf("Denied %s on %s", future.memo(),future.fdd.target); - break; - case E: - trans.info().printf("Completed %s on %s", future.memo(),future.fdd.target); - break; - case L: - trans.info().printf("Future %s on %s has lapsed", future.memo(),future.fdd.target); - break; - default: - } - } else { - trans.error().log("Error completing",future.memo(),rv.errorString()); - } - return rv; - } - } -}
\ No newline at end of file diff --git a/auth/auth-batch/src/main/java/org/onap/aaf/auth/batch/actions/URFuturePrint.java b/auth/auth-batch/src/main/java/org/onap/aaf/auth/batch/actions/URFuturePrint.java deleted file mode 100644 index bf6ead36..00000000 --- a/auth/auth-batch/src/main/java/org/onap/aaf/auth/batch/actions/URFuturePrint.java +++ /dev/null @@ -1,41 +0,0 @@ -/** - * ============LICENSE_START==================================================== - * org.onap.aaf - * =========================================================================== - * Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. - * =========================================================================== - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * ============LICENSE_END==================================================== - * - */ - -package org.onap.aaf.auth.batch.actions; - -import org.onap.aaf.auth.batch.helpers.UserRole; -import org.onap.aaf.auth.env.AuthzTrans; -import org.onap.aaf.auth.layer.Result; -import org.onap.aaf.misc.env.util.Chrono; - - -public class URFuturePrint implements Action<UserRole,String,String> { - private String info; - - public URFuturePrint(String text) { - this.info = text; - } - - @Override - public Result<String> exec(AuthzTrans trans, UserRole ur, String text) { - trans.info().log(info,text,ur.user(),"to",ur.role(),"on",Chrono.dateOnlyStamp(ur.expires())); - return Result.ok(info); - }}
\ No newline at end of file diff --git a/auth/auth-batch/src/main/java/org/onap/aaf/auth/batch/actions/URModify.java b/auth/auth-batch/src/main/java/org/onap/aaf/auth/batch/actions/URModify.java deleted file mode 100644 index a17c4fd2..00000000 --- a/auth/auth-batch/src/main/java/org/onap/aaf/auth/batch/actions/URModify.java +++ /dev/null @@ -1,80 +0,0 @@ -/** - * ============LICENSE_START==================================================== - * org.onap.aaf - * =========================================================================== - * Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. - * =========================================================================== - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * ============LICENSE_END==================================================== - * - */ - -package org.onap.aaf.auth.batch.actions; - -import java.io.IOException; -import java.util.List; - -import org.onap.aaf.auth.batch.helpers.UserRole; -import org.onap.aaf.auth.dao.cass.Status; -import org.onap.aaf.auth.dao.cass.UserRoleDAO; -import org.onap.aaf.auth.dao.cass.UserRoleDAO.Data; -import org.onap.aaf.auth.env.AuthzTrans; -import org.onap.aaf.auth.layer.Result; -import org.onap.aaf.misc.env.APIException; - -import com.datastax.driver.core.Cluster; - -public class URModify extends ActionDAO<UserRole,Void,URModify.Modify> { - public URModify(AuthzTrans trans, Cluster cluster, boolean dryRun) throws APIException, IOException { - super(trans, cluster,dryRun); - } - - public URModify(AuthzTrans trans, ActionDAO<?,?,?> adao) { - super(trans, adao); - } - - @Override - public Result<Void> exec(AuthzTrans trans, UserRole ur,Modify modify) { - if (dryRun) { - trans.info().printf("Would Update %s %s", ur.user(), ur.role()); - return Result.ok(); - } else { - Result<List<Data>> rr = q.userRoleDAO.read(trans, ur.user(),ur.role()); - if (rr.notOKorIsEmpty()) { - return Result.err(rr); - } - for (Data d : rr.value) { - modify.change(d); - if (!(ur.expires().equals(d.expires))) { - ur.expires(d.expires); - } - if (ur.user().equals(d.user) && ur.role().equals(d.role)){ - Result<Void> rv = q.userRoleDAO.update(trans, d); - if (rv.isOK()) { - trans.info().printf("Updated %s %s to %s", ur.user(), ur.role(), d.toString()); - } else { - trans.info().log(rv.errorString()); - } - } else { - return Result.err(Status.ERR_Denied, "You cannot change the key of this Data"); - } - } - return Result.err(Status.ERR_UserRoleNotFound,"No User Role with %s %s",ur.user(),ur.role()); - } - } - - public static interface Modify { - void change(UserRoleDAO.Data ur); - } - -}
\ No newline at end of file diff --git a/auth/auth-batch/src/main/java/org/onap/aaf/auth/batch/actions/URPrint.java b/auth/auth-batch/src/main/java/org/onap/aaf/auth/batch/actions/URPrint.java deleted file mode 100644 index 12eb115a..00000000 --- a/auth/auth-batch/src/main/java/org/onap/aaf/auth/batch/actions/URPrint.java +++ /dev/null @@ -1,42 +0,0 @@ -/** - * ============LICENSE_START==================================================== - * org.onap.aaf - * =========================================================================== - * Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. - * =========================================================================== - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * ============LICENSE_END==================================================== - * - */ - -package org.onap.aaf.auth.batch.actions; - -import org.onap.aaf.auth.batch.helpers.UserRole; -import org.onap.aaf.auth.env.AuthzTrans; -import org.onap.aaf.auth.layer.Result; -import org.onap.aaf.misc.env.util.Chrono; - -public class URPrint implements Action<UserRole,Void,String> { - private String info; - - public URPrint(String text) { - this.info = text; - } - - @Override - public Result<Void> exec(AuthzTrans trans, UserRole ur, String text) { - trans.info().log(info,text,ur.user(),"to",ur.role(),"expiring on",Chrono.dateOnlyStamp(ur.expires())); - return Result.ok(); - } - -}
\ No newline at end of file diff --git a/auth/auth-batch/src/main/java/org/onap/aaf/auth/batch/actions/URPunt.java b/auth/auth-batch/src/main/java/org/onap/aaf/auth/batch/actions/URPunt.java deleted file mode 100644 index 28c7a641..00000000 --- a/auth/auth-batch/src/main/java/org/onap/aaf/auth/batch/actions/URPunt.java +++ /dev/null @@ -1,70 +0,0 @@ -/** - * ============LICENSE_START==================================================== - * org.onap.aaf - * =========================================================================== - * Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. - * =========================================================================== - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * ============LICENSE_END==================================================== - * - */ - -package org.onap.aaf.auth.batch.actions; - -import java.io.IOException; -import java.util.Date; -import java.util.List; - -import org.onap.aaf.auth.batch.helpers.UserRole; -import org.onap.aaf.auth.dao.cass.UserRoleDAO; -import org.onap.aaf.auth.dao.cass.UserRoleDAO.Data; -import org.onap.aaf.auth.env.AuthzTrans; -import org.onap.aaf.auth.layer.Result; -import org.onap.aaf.misc.env.APIException; -import org.onap.aaf.misc.env.util.Chrono; - -import com.datastax.driver.core.Cluster; - -public class URPunt extends ActionPuntDAO<UserRole,Void,String> { - public URPunt(AuthzTrans trans, Cluster cluster, int months, int range, boolean dryRun) throws APIException, IOException { - super(trans,cluster, months, dryRun); - } - - public URPunt(AuthzTrans trans, ActionDAO<?,?,?> adao, int months, int range) { - super(trans, adao, months); - } - - public Result<Void> exec(AuthzTrans trans, UserRole ur, String text) { - if (dryRun) { - trans.info().log("Would Update User",ur.user(),"and Role", ur.role(), text); - return Result.ok(); - } else { - Result<List<Data>> read = q.userRoleDAO.read(trans, ur.user(), ur.role()); - if (read.isOK()) { - for (UserRoleDAO.Data data : read.value) { - Date from = data.expires; - data.expires = puntDate(from); - if (data.expires.compareTo(from)<=0) { - trans.debug().printf("Error: %s is same or before %s", Chrono.dateOnlyStamp(data.expires), Chrono.dateOnlyStamp(from)); - } else { - trans.info().log("Updating User",ur.user(),"and Role", ur.role(), "from",Chrono.dateOnlyStamp(from),"to",Chrono.dateOnlyStamp(data.expires), text); - q.userRoleDAO.update(trans, data); - } - } - return Result.ok(); - } else { - return Result.err(read); - } - } - } -}
\ No newline at end of file diff --git a/auth/auth-batch/src/main/java/org/onap/aaf/auth/batch/helpers/Approver.java b/auth/auth-batch/src/main/java/org/onap/aaf/auth/batch/helpers/Approver.java deleted file mode 100644 index 6e27495f..00000000 --- a/auth/auth-batch/src/main/java/org/onap/aaf/auth/batch/helpers/Approver.java +++ /dev/null @@ -1,62 +0,0 @@ -/** - * ============LICENSE_START==================================================== - * org.onap.aaf - * =========================================================================== - * Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. - * =========================================================================== - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * ============LICENSE_END==================================================== - * - */ - -package org.onap.aaf.auth.batch.helpers; - -import java.util.HashMap; -import java.util.Map; - -import org.onap.aaf.auth.batch.actions.Message; -import org.onap.aaf.auth.org.Organization; - -public class Approver { - public String name; - public Organization org; - public Map<String, Integer> userRequests; - - public Approver(String approver, Organization org) { - this.name = approver; - this.org = org; - userRequests = new HashMap<>(); - } - - public void addRequest(String user) { - if (userRequests.get(user) == null) { - userRequests.put(user, 1); - } else { - Integer curCount = userRequests.remove(user); - userRequests.put(user, curCount+1); - } - } - - /** - * @param sb - * @return - */ - public void build(Message msg) { - msg.clear(); - msg.line("You have %d total pending approvals from the following users:", userRequests.size()); - for (Map.Entry<String, Integer> entry : userRequests.entrySet()) { - msg.line(" %s (%d)",entry.getKey(),entry.getValue()); - } - } - -} diff --git a/auth/auth-batch/src/main/java/org/onap/aaf/auth/batch/helpers/ExpireRange.java b/auth/auth-batch/src/main/java/org/onap/aaf/auth/batch/helpers/ExpireRange.java index 24a65108..cbfad7b9 100644 --- a/auth/auth-batch/src/main/java/org/onap/aaf/auth/batch/helpers/ExpireRange.java +++ b/auth/auth-batch/src/main/java/org/onap/aaf/auth/batch/helpers/ExpireRange.java @@ -31,46 +31,60 @@ import java.util.List; import java.util.Map; import java.util.Set; +import org.onap.aaf.auth.org.Organization.Identity; import org.onap.aaf.cadi.Access; public class ExpireRange { + private static final String DELETE = "Delete"; public static final String ONE_MONTH = "OneMonth"; public static final String TWO_MONTH = "TwoMonth"; public static final String TWO_WEEK = "TwoWeek"; public static final String ONE_WEEK = "OneWeek"; private static final String AAF_BATCH_RANGE = "aaf_batch_range."; - public Map<String,List<Range>> ranges; + public final Map<String,List<Range>> ranges; + private final Map<Integer,Date> intervalDates; private static final Date now = new Date(); + public final Range approveDelete ; private Range delRange; public ExpireRange(final Access access) { ranges = new HashMap<>(); + intervalDates = new HashMap<>(); int i=0; + approveDelete = new Range(DELETE,0,0,0,-1,0,GregorianCalendar.DAY_OF_YEAR,-100); String prop = access.getProperty(AAF_BATCH_RANGE + i,null); if(prop==null && i==0) { List<Range> lcred = getRangeList("cred"); List<Range> lur = getRangeList("ur"); List<Range> lx509 = getRangeList("x509"); + - delRange = new Range("Delete",0,0,-1,0,GregorianCalendar.WEEK_OF_MONTH,-2); + /* + Range(Name, ReportingLevel, PeopleInterval, AppInterval, Start(Type,Qty) End(Type,Qty) ) + Interval of -1 Means "only once" + Interval of 0 means none + Interval > 0 means only X number of Days. + */ + delRange = new Range(DELETE,0,0,0,-1,0,GregorianCalendar.WEEK_OF_MONTH,-2); lur.add(delRange); lcred.add(delRange); lx509.add(delRange); - lcred.add(new Range(ONE_WEEK,3,1,0,0,GregorianCalendar.WEEK_OF_MONTH,1)); - lcred.add(new Range(TWO_WEEK,2,1,GregorianCalendar.WEEK_OF_MONTH,1,GregorianCalendar.WEEK_OF_MONTH,2)); - lcred.add(new Range(ONE_MONTH,1,7,GregorianCalendar.WEEK_OF_MONTH,2,GregorianCalendar.MONTH,1)); - lcred.add(new Range(TWO_MONTH,1,0,GregorianCalendar.MONTH,1,GregorianCalendar.MONTH,2)); - lur.add(new Range(ONE_MONTH,1,7,GregorianCalendar.WEEK_OF_MONTH,2,GregorianCalendar.MONTH,1)); + lcred.add(new Range(ONE_WEEK ,3,-1,1,0,0,GregorianCalendar.WEEK_OF_MONTH,1)); + lcred.add(new Range(TWO_WEEK ,2,-1,-1,GregorianCalendar.WEEK_OF_MONTH,1,GregorianCalendar.WEEK_OF_MONTH,2)); + lcred.add(new Range(ONE_MONTH,1,7,7,GregorianCalendar.WEEK_OF_MONTH,2,GregorianCalendar.MONTH,1)); + lcred.add(new Range(TWO_MONTH,1,-1,-1,GregorianCalendar.MONTH,1,GregorianCalendar.MONTH,2)); + + lur.add( new Range(ONE_MONTH,1,-1,-1,GregorianCalendar.WEEK_OF_MONTH,2,GregorianCalendar.MONTH,1)); - lx509.add(new Range(ONE_MONTH,1,7,GregorianCalendar.WEEK_OF_MONTH,2,GregorianCalendar.MONTH,1)); + lx509.add(new Range(ONE_MONTH,1,-1,-1,GregorianCalendar.WEEK_OF_MONTH,2,GregorianCalendar.MONTH,1)); } } - public static Range newFutureRange() { - return new Range("Approval",1,1,0,0,GregorianCalendar.MONTH,1); + public Range newFutureRange() { + return new Range("Approval",7,7,1,0,0,GregorianCalendar.MONTH,1); } public Set<String> names() { @@ -93,20 +107,24 @@ public class ExpireRange { return rv; } - public static class Range { + public class Range { private final String name; private final int reportingLevel; - private final int interval; // in Days + private final int peopleInterval; // in Days + private final int appInterval; // in Days private final Date start; private final Date end; + private final Date lowerValid; public Range( - final String name, final int reportingLevel, final int interval, + final String name, final int reportingLevel, + final int peopleInterval, final int appInterval, final int startGCType, final int startQty, final int endGCType,final int endQty) { this.name = name; this.reportingLevel = reportingLevel; - this.interval = interval; + this.peopleInterval = peopleInterval; + this.appInterval = appInterval; GregorianCalendar gc = new GregorianCalendar(); if(startGCType<0) { gc.set(GregorianCalendar.YEAR, 1); @@ -123,6 +141,16 @@ public class ExpireRange { gc.add(endGCType, endQty); } end = gc.getTime(); + + + if(endGCType<0) { + gc.set(GregorianCalendar.YEAR, -1); + } else { + gc.setTime(now); + gc.add(endGCType, endQty * -1); + } + lowerValid = gc.getTime(); + } public String name() { @@ -133,6 +161,30 @@ public class ExpireRange { return reportingLevel; } + public boolean needsContact(Date lnd, Identity identity) { + final int interval; + if(identity==null || identity.isPerson()) { + interval = peopleInterval; + } else { + interval = appInterval; + } + if(interval == 0) { + return false; + } else if(interval < 0) { // "-1 = only once " + return (lnd==null || lnd.before(lowerValid)); + } else { + Date rv = intervalDates.get(interval); + if(rv==null) { + GregorianCalendar gc = new GregorianCalendar(); + gc.setTime(now); + gc.add(GregorianCalendar.DAY_OF_YEAR, -1*interval); + rv = gc.getTime(); + intervalDates.put(interval, rv); + } + return rv.after(lnd); + } + } + public Date getStart() { return start; } @@ -149,20 +201,6 @@ public class ExpireRange { } } - public boolean shouldContact(final Date lastContact) { - if(reportingLevel<=0) { - return false; - } else if(lastContact==null) { - return true; - } else if(interval==0) { - return lastContact.before(start); - } else { - GregorianCalendar gc = new GregorianCalendar(); - gc.setTime(now); - gc.add(GregorianCalendar.DAY_OF_WEEK, interval); - return lastContact.before(gc.getTime()); - } - } } public Range getRange(final String key, final Date date) { diff --git a/auth/auth-batch/src/main/java/org/onap/aaf/auth/batch/helpers/History.java b/auth/auth-batch/src/main/java/org/onap/aaf/auth/batch/helpers/History.java deleted file mode 100644 index 0a50ae0b..00000000 --- a/auth/auth-batch/src/main/java/org/onap/aaf/auth/batch/helpers/History.java +++ /dev/null @@ -1,179 +0,0 @@ -/** - * ============LICENSE_START==================================================== - * org.onap.aaf - * =========================================================================== - * Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. - * - * Modifications Copyright (C) 2018 IBM. - * =========================================================================== - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * ============LICENSE_END==================================================== - * - */ - -package org.onap.aaf.auth.batch.helpers; - -import java.nio.ByteBuffer; -import java.util.Iterator; -import java.util.UUID; - -import org.onap.aaf.misc.env.Env; -import org.onap.aaf.misc.env.TimeTaken; -import org.onap.aaf.misc.env.Trans; - -import com.datastax.driver.core.ResultSet; -import com.datastax.driver.core.Row; -import com.datastax.driver.core.Session; -import com.datastax.driver.core.SimpleStatement; -import com.datastax.driver.core.Statement; - -public class History { - public final UUID id; - public final String action; - public final String memo; - public final String reconstruct; - public final String subject; - public final String target; - public final String user; - public final int yrMon; - - public static Creator<History> sansConstruct = new Creator<History> () { - @Override - public History create(Row row) { - return new History( - row.getUUID(0), - row.getString(1), - row.getString(2), - row.getString(3), - row.getString(4), - row.getString(5), - row.getInt(6)); - } - - @Override - public String select() { - return "SELECT id, action, memo, subject, target, user, yr_mon from authz.history LIMIT 10000000 "; - } - }; - - public static Creator<History> avecConstruct = new Creator<History> () { - private final StringBuilder sb = new StringBuilder(); - - @Override - public History create(Row row) { - ByteBuffer bb = row.getBytes(3); - sb.setLength(0); - - if (bb!=null && bb.hasRemaining()) { - sb.append("0x"); - while (bb.hasRemaining()) { - sb.append(String.format("%02x",bb.get())); - } - bb.flip(); - } - return new History( - row.getUUID(0), - row.getString(1), - row.getString(2), - sb.toString(), - row.getString(4), - row.getString(5), - row.getString(6), - row.getInt(7)); - } - - @Override - public String select() { - return "SELECT id, action, memo, reconstruct, subject, target, user, yr_mon from authz.history LIMIT 10000000 "; - } - }; - - public History(UUID id, String action, String memo, String subject, String target, String user, int yrMon) { - this.id = id; - this.action = action; - this.memo = memo; - this.reconstruct = null; - this.subject = subject; - this.target = target; - this.user = user; - this.yrMon = yrMon; - } - - public History(UUID id, String action, String memo, String reconstruct, String subject, String target, String user, int yrMon) { - this.id = id; - this.action = action; - this.memo = memo; - this.reconstruct = reconstruct; - this.subject = subject; - this.target = target; - this.user = user; - this.yrMon = yrMon; - } - - public static void load(Trans trans, Session session, Creator<History> creator, Loader<History> loader) { - trans.info().log( "query: " + creator.select() ); - TimeTaken tt = trans.start("Read History", Env.REMOTE); - - ResultSet results; - try { - Statement stmt = new SimpleStatement( creator.select() ).setReadTimeoutMillis(240000); - results = session.execute(stmt); - } finally { - tt.done(); - } - int count = 0; - try { - Iterator<Row> iter = results.iterator(); - Row row; - tt = trans.start("Load History", Env.SUB); - try { - while (iter.hasNext()) { - ++count; - row = iter.next(); - loader.exec(creator.create(row)); - } - } finally { - tt.done(); - } - } finally { - trans.info().log("Found",count,"histories"); - } - } - - public String toString() { - return String.format("%s %d %s, %s, %s, %s, %s", - id.toString(), - yrMon, - user, - target, - action, - subject, - memo); - } - - /* (non-Javadoc) - * @see java.lang.Object#hashCode() - */ - @Override - public int hashCode() { - return id.hashCode(); - } - - /* (non-Javadoc) - * @see java.lang.Object#equals(java.lang.Object) - */ - @Override - public boolean equals(Object obj) { - return id.equals(obj); - } -}
\ No newline at end of file diff --git a/auth/auth-batch/src/main/java/org/onap/aaf/auth/batch/helpers/InputIterator.java b/auth/auth-batch/src/main/java/org/onap/aaf/auth/batch/helpers/InputIterator.java deleted file mode 100644 index b8b96187..00000000 --- a/auth/auth-batch/src/main/java/org/onap/aaf/auth/batch/helpers/InputIterator.java +++ /dev/null @@ -1,80 +0,0 @@ -/** - * ============LICENSE_START==================================================== - * org.onap.aaf - * =========================================================================== - * Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. - * Modifications Copyright (C) 2018 IBM. - * =========================================================================== - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * ============LICENSE_END==================================================== - * - */ - -package org.onap.aaf.auth.batch.helpers; - -import java.io.BufferedReader; -import java.io.IOException; -import java.io.PrintStream; -import java.util.Iterator; -import java.util.NoSuchElementException; -import org.onap.aaf.auth.env.AuthzTrans; - - -public class InputIterator implements Iterable<String> { - private BufferedReader in; - private final PrintStream out; - private final String prompt; - private final String instructions; - private static AuthzTrans trans; - - public InputIterator(BufferedReader in, PrintStream out, String prompt, String instructions) { - this.in = in; - this.out = out; - this.prompt = prompt; - this.instructions = instructions; - } - - @Override - public Iterator<String> iterator() { - out.println(instructions); - return new Iterator<String>() { - String input; - @Override - public boolean hasNext() { - out.append(prompt); - try { - input = in.readLine(); - } catch (IOException e) { - trans.error().log("IO Exception",e.getMessage()); - input = null; - return false; - } - return input.length()>0; - } - - @Override - public String next() { - if (!hasNext()) { - throw new NoSuchElementException(); - } - return input; - } - - @Override - public void remove() { - // To Do - } - }; - } -} - diff --git a/auth/auth-batch/src/main/java/org/onap/aaf/auth/batch/helpers/LastNotified.java b/auth/auth-batch/src/main/java/org/onap/aaf/auth/batch/helpers/LastNotified.java index e108ec85..d05f38c5 100644 --- a/auth/auth-batch/src/main/java/org/onap/aaf/auth/batch/helpers/LastNotified.java +++ b/auth/auth-batch/src/main/java/org/onap/aaf/auth/batch/helpers/LastNotified.java @@ -22,22 +22,33 @@ */ package org.onap.aaf.auth.batch.helpers; +import java.security.cert.X509Certificate; import java.util.Date; import java.util.Iterator; +import java.util.List; import java.util.Map; import java.util.Set; import java.util.TreeMap; -import org.onap.aaf.auth.dao.cass.UserRoleDAO; +import org.onap.aaf.auth.batch.helpers.Cred.Instance; +import org.onap.aaf.auth.batch.helpers.ExpireRange.Range; +import org.onap.aaf.cadi.util.CSV; +import org.onap.aaf.misc.env.Env; +import org.onap.aaf.misc.env.TimeTaken; +import org.onap.aaf.misc.env.Trans; +import org.onap.aaf.misc.env.util.Split; import com.datastax.driver.core.ResultSet; import com.datastax.driver.core.Row; import com.datastax.driver.core.Session; +import com.datastax.driver.core.SimpleStatement; +import com.datastax.driver.core.Statement; public class LastNotified { private Map<String,Date> lastNotified = new TreeMap<>(); private Session session; private static final Date never = new Date(0); + private static final String SELECT = "SELECT user,target,key,last FROM authz.notified"; public LastNotified(Session session) { this.session = session; @@ -56,7 +67,7 @@ public class LastNotified { query.append('\''); if(cnt>=30) { endQuery(query); - add(session.execute(query.toString()),lastNotified); + add(session.execute(query.toString()),lastNotified, (x,y) -> false); query.setLength(0); startQuery(query); cnt=0; @@ -64,7 +75,7 @@ public class LastNotified { } if(cnt>0) { endQuery(query); - add(session.execute(query.toString()),lastNotified); + add(session.execute(query.toString()),lastNotified, (x,y) -> false); } } @@ -90,21 +101,34 @@ public class LastNotified { return rv; } - private Date add(ResultSet result, Map<String, Date> lastNotified) { + private Date add(ResultSet result, Map<String, Date> lastNotified, MarkDelete md) { Date last = null; + Row r; for(Iterator<Row> iter = result.iterator(); iter.hasNext();) { - Row r = iter.next(); - String key = r.getString(0) + '|' + - r.getString(1) + '|' + - r.getString(2); - - lastNotified.put(key, last=r.getTimestamp(3)); + r = iter.next(); + String ttKey = r.getString(1) + '|' + + r.getString(2); + + String fullKey = r.getString(0) + '|' + + ttKey; + last=r.getTimestamp(3); + if(!md.process(fullKey, last)) { + lastNotified.put(fullKey, last); + Date d = lastNotified.get(ttKey); + if(d==null || d.after(last)) { // put most recent, if different + lastNotified.put(ttKey, last); + } + } } return last; } + + private interface MarkDelete { + public boolean process(String fullKey, Date last); + }; private void startQuery(StringBuilder query) { - query.append("SELECT user,target,key,last FROM authz.notified WHERE user in ("); + query.append(SELECT + " WHERE user in ("); } private void endQuery(StringBuilder query) { @@ -121,8 +145,50 @@ public class LastNotified { query.append("';\n"); } - public static String newKey(UserRoleDAO.Data urdd) { - return urdd.user + "|ur|" + urdd.role; + public LastNotified loadAll(Trans trans, final Range delRange, final CSV.Writer cw) { + trans.debug().log( "query: ",SELECT ); + TimeTaken tt = trans.start("Read all LastNotified", Env.REMOTE); + + ResultSet results; + try { + Statement stmt = new SimpleStatement( SELECT ); + results = session.execute(stmt); + add(results,lastNotified, (fullKey, last) -> { + if(delRange.inRange(last)) { + String[] params = Split.splitTrim('|', fullKey,3); + if(params.length==3) { + cw.row("notified",params[0],params[1],params[2]); + return true; + } + } + return false; + }); + } finally { + tt.done(); + } + return this; + } + + public static String newKey(UserRole ur) { + return "ur|" + ur.user() + '|'+ur.role(); + } + + public static String newKey(Cred cred, Instance inst) { + return "cred|" + cred.id + '|' + inst.type + '|' + inst.tag; + } + + public static String newKey(X509 x509, X509Certificate x509Cert) { + return "x509|" + x509.id + '|' + x509Cert.getSerialNumber().toString(); + } + + public static void delete(StringBuilder query, List<String> row) { + query.append("DELETE FROM authz.notified WHERE user='"); + query.append(row.get(1)); + query.append("' AND target='"); + query.append(row.get(2)); + query.append("' AND key='"); + query.append(row.get(3)); + query.append("';\n"); } } diff --git a/auth/auth-batch/src/main/java/org/onap/aaf/auth/batch/helpers/Loader.java b/auth/auth-batch/src/main/java/org/onap/aaf/auth/batch/helpers/Loader.java deleted file mode 100644 index ea533b8b..00000000 --- a/auth/auth-batch/src/main/java/org/onap/aaf/auth/batch/helpers/Loader.java +++ /dev/null @@ -1,26 +0,0 @@ -/** - * ============LICENSE_START==================================================== - * org.onap.aaf - * =========================================================================== - * Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. - * =========================================================================== - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * ============LICENSE_END==================================================== - * - */ - -package org.onap.aaf.auth.batch.helpers; - -public interface Loader<T> { - public void exec(T t); -}
\ No newline at end of file diff --git a/auth/auth-batch/src/main/java/org/onap/aaf/auth/batch/helpers/MonthData.java b/auth/auth-batch/src/main/java/org/onap/aaf/auth/batch/helpers/MonthData.java deleted file mode 100644 index b0499a2d..00000000 --- a/auth/auth-batch/src/main/java/org/onap/aaf/auth/batch/helpers/MonthData.java +++ /dev/null @@ -1,121 +0,0 @@ -/** - * ============LICENSE_START==================================================== - * org.onap.aaf - * =========================================================================== - * Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. - * =========================================================================== - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * ============LICENSE_END==================================================== - * - */ - -package org.onap.aaf.auth.batch.helpers; - -import java.io.BufferedReader; -import java.io.File; -import java.io.FileReader; -import java.io.IOException; -import java.io.PrintStream; -import java.util.HashSet; -import java.util.Map; -import java.util.Map.Entry; - -import org.onap.aaf.misc.env.util.Split; - -import java.util.Set; -import java.util.TreeMap; - -public class MonthData { - public final Map<Integer,Set<Row>> data = new TreeMap<>(); - private File f; - - public MonthData(String env) throws IOException { - f = new File("Monthly"+env+".dat"); - - if (f.exists()) { - BufferedReader br = new BufferedReader(new FileReader(f)); - try { - String line; - String[] split; - while ((line=br.readLine())!=null) { - if (!line.startsWith("#")) { - split = Split.split(',', line); - if (split.length==5) { - add(Integer.parseInt(split[0]),split[1], - Integer.parseInt(split[2]), - Integer.parseInt(split[3]), - Integer.parseInt(split[4]) - ); - } - } - } - } finally { - br.close(); - } - } - } - - public void add(int yrMon, String target, long total, long adds, long drops) { - Set<Row> row = data.get(yrMon); - if (row==null) { - row=new HashSet<>(); - data.put(yrMon, row); - } - row.add(new Row(target,total,adds,drops)); - } - - public boolean notExists(int yrMon) { - return data.get(yrMon)==null; - } - - public static class Row implements Comparable<Row> { - public final String target; - public final long total; - public final long adds; - public final long drops; - - public Row(String t, long it, long a, long d) { - target = t; - total = it; - adds = a; - drops = d; - } - - @Override - public int compareTo(Row o) { - return target.compareTo(o.target); - } - - public String toString() { - return target + '|' + total + '|' + drops + '|' + adds; - } - } - - public void write() throws IOException { - if (f.exists()) { - File bu = new File(f.getName()+".bak"); - f.renameTo(bu); - } - PrintStream ps = new PrintStream(f); - try { - for ( Entry<Integer, Set<Row>> rows : data.entrySet()) { - for (Row row : rows.getValue()) { - ps.printf("%d,%s,%d,%d,%d\n",rows.getKey(),row.target,row.total,row.adds,row.drops); - } - } - } finally { - ps.close(); - } - } - -} diff --git a/auth/auth-batch/src/main/java/org/onap/aaf/auth/batch/helpers/NsAttrib.java b/auth/auth-batch/src/main/java/org/onap/aaf/auth/batch/helpers/NsAttrib.java deleted file mode 100644 index c8419d50..00000000 --- a/auth/auth-batch/src/main/java/org/onap/aaf/auth/batch/helpers/NsAttrib.java +++ /dev/null @@ -1,108 +0,0 @@ -/** - * ============LICENSE_START==================================================== - * org.onap.aaf - * =========================================================================== - * Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. - * =========================================================================== - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * ============LICENSE_END==================================================== - * - */ - -package org.onap.aaf.auth.batch.helpers; - -import java.util.ArrayList; -import java.util.List; -import java.util.SortedMap; -import java.util.TreeMap; - -import org.onap.aaf.misc.env.Env; -import org.onap.aaf.misc.env.TimeTaken; -import org.onap.aaf.misc.env.Trans; - -import com.datastax.driver.core.ResultSet; -import com.datastax.driver.core.Row; -import com.datastax.driver.core.Session; -import com.datastax.driver.core.SimpleStatement; -import com.datastax.driver.core.Statement; - -public class NsAttrib { - public static final List<NsAttrib> data = new ArrayList<>(); - public static final SortedMap<String,List<NsAttrib>> byKey = new TreeMap<>(); - public static final SortedMap<String,List<NsAttrib>> byNS = new TreeMap<>(); - - public final String ns; - public final String key; - public final String value; - public static Creator<NsAttrib> v2_0_11 = new Creator<NsAttrib>() { - @Override - public NsAttrib create(Row row) { - return new NsAttrib(row.getString(0), row.getString(1), row.getString(2)); - } - - @Override - public String select() { - return "select ns,key,value from authz.ns_attrib"; - } - }; - - public NsAttrib(String ns, String key, String value) { - this.ns = ns; - this.key = key; - this.value = value; - } - - public static void load(Trans trans, Session session, Creator<NsAttrib> creator ) { - trans.info().log( "query: " + creator.select() ); - ResultSet results; - TimeTaken tt = trans.start("Load NsAttributes", Env.REMOTE); - try { - Statement stmt = new SimpleStatement(creator.select()); - results = session.execute(stmt); - } finally { - tt.done(); - } - int count = 0; - tt = trans.start("Process NsAttributes", Env.SUB); - - try { - for (Row row : results.all()) { - ++count; - NsAttrib ur = creator.create(row); - data.add(ur); - - List<NsAttrib> lna = byKey.get(ur.key); - if (lna==null) { - lna = new ArrayList<>(); - byKey.put(ur.key, lna); - } - lna.add(ur); - - lna = byNS.get(ur.ns); - if (lna==null) { - lna = new ArrayList<>(); - byNS.put(ur.ns, lna); - } - lna.add(ur); - } - } finally { - tt.done(); - trans.info().log("Found",count,"NS Attributes"); - } - } - - public String toString() { - return '"' + ns + "\",\"" + key + "\",\"" + value +'"'; - } - -}
\ No newline at end of file diff --git a/auth/auth-batch/src/main/java/org/onap/aaf/auth/batch/helpers/Perm.java b/auth/auth-batch/src/main/java/org/onap/aaf/auth/batch/helpers/Perm.java deleted file mode 100644 index acf54274..00000000 --- a/auth/auth-batch/src/main/java/org/onap/aaf/auth/batch/helpers/Perm.java +++ /dev/null @@ -1,180 +0,0 @@ -/** - * ============LICENSE_START==================================================== - * org.onap.aaf - * =========================================================================== - * Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. - * - * Modifications Copyright © 2018 IBM. - * =========================================================================== - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * ============LICENSE_END==================================================== - * - */ - -package org.onap.aaf.auth.batch.helpers; - -import java.util.ArrayList; -import java.util.Iterator; -import java.util.List; -import java.util.Set; -import java.util.TreeMap; - -import org.onap.aaf.misc.env.Env; -import org.onap.aaf.misc.env.TimeTaken; -import org.onap.aaf.misc.env.Trans; - -import com.datastax.driver.core.ResultSet; -import com.datastax.driver.core.Row; -import com.datastax.driver.core.Session; -import com.datastax.driver.core.SimpleStatement; -import com.datastax.driver.core.Statement; - -public class Perm implements Comparable<Perm> { - public static final TreeMap<Perm,Set<String>> data = new TreeMap<>(); - public static final TreeMap<String,Perm> keys = new TreeMap<>(); - private static List<Perm> deletePerms = new ArrayList<>(); - - public final String ns; - public final String type; - public final String instance; - public final String action; - public final String description; - private String fullType = null; - private String fullPerm = null; - private String encode = null; - public final Set<String> roles; - - public Perm(String ns, String type, String instance, String action, String description, Set<String> roles) { - this.ns = ns; - this.type = type; - this.instance = instance; - this.action = action; - this.description = description; - this.roles = roles; - } - - public String encode() { - if (encode == null) { - encode = ns + '|' + type + '|' + instance + '|' + action; - } - return encode; - } - - public String fullType() { - if (fullType==null) { - fullType = ns + '.' + type; - } - return fullType; - } - - public String fullPerm() { - if (fullPerm==null) { - fullPerm = ns + '.' + type + '|' + instance + '|' + action; - } - return fullPerm; - } - - public static void load(Trans trans, Session session) { - load(trans, session, "select ns, type, instance, action, description, roles from authz.perm;"); - } - - public static void loadOneNS(Trans trans, Session session, String ns) { - load(trans, session, "select ns, type, instance, action, description, roles from authz.perm WHERE ns='" + ns + "';"); - - } - - private static void load(Trans trans, Session session, String query) { - // - trans.info().log( "query: " + query ); - TimeTaken tt = trans.start("Read Perms", Env.REMOTE); - ResultSet results; - try { - Statement stmt = new SimpleStatement( query ); - results = session.execute(stmt); - } finally { - tt.done(); - } - - try { - Iterator<Row> iter = results.iterator(); - Row row; - tt = trans.start("Load Perms", Env.SUB); - try { - while (iter.hasNext()) { - row = iter.next(); - Perm pk = new Perm( - row.getString(0),row.getString(1),row.getString(2), - row.getString(3), row.getString(4), row.getSet(5,String.class)); - keys.put(pk.encode(), pk); - data.put(pk,pk.roles); - } - } finally { - tt.done(); - } - } finally { - trans.info().log("Found",data.size(),"perms"); - } - } - - public static long count(Trans trans, Session session) { - String query = "select count(*) from authz.perm LIMIT 1000000;"; - trans.info().log( "query: " + query ); - TimeTaken tt = trans.start("Count Namespaces", Env.REMOTE); - ResultSet results; - try { - Statement stmt = new SimpleStatement(query).setReadTimeoutMillis(12000); - results = session.execute(stmt); - return results.one().getLong(0); - } finally { - tt.done(); - } - } - - public String toString() { - return encode(); - } - - /* (non-Javadoc) - * @see java.lang.Object#hashCode() - */ - @Override - public int hashCode() { - return encode().hashCode(); - } - - /* (non-Javadoc) - * @see java.lang.Object#equals(java.lang.Object) - */ - @Override - public boolean equals(Object obj) { - return encode().equals(obj); - } - - @Override - public int compareTo(Perm o) { - return encode().compareTo(o.encode()); - } - - public static void stageRemove(Perm p) { - deletePerms.add(p); - } - - public static void executeRemove() { - for (Perm p : deletePerms) { - keys.remove(p.encode); - data.remove(p); - } - deletePerms.clear(); - } - -}
\ No newline at end of file diff --git a/auth/auth-batch/src/main/java/org/onap/aaf/auth/batch/helpers/UserRole.java b/auth/auth-batch/src/main/java/org/onap/aaf/auth/batch/helpers/UserRole.java index 343a0e2b..a26da912 100644 --- a/auth/auth-batch/src/main/java/org/onap/aaf/auth/batch/helpers/UserRole.java +++ b/auth/auth-batch/src/main/java/org/onap/aaf/auth/batch/helpers/UserRole.java @@ -29,7 +29,6 @@ import java.util.List; import java.util.SortedMap; import java.util.TreeMap; -import org.onap.aaf.auth.batch.actions.URDelete; import org.onap.aaf.auth.dao.cass.UserRoleDAO; import org.onap.aaf.auth.dao.cass.UserRoleDAO.Data; import org.onap.aaf.auth.env.AuthzTrans; @@ -295,22 +294,6 @@ public class UserRole implements Cloneable, CacheChange.Data { cache.resetLocalData(); } - public static int sizeForDeletion() { - return cache.cacheSize(); - } - - public static boolean pendingDelete(UserRole ur) { - return cache.contains(ur); - } - - public static void actuateDeletionNow(AuthzTrans trans, URDelete directDel) { - for (UserRole ur : cache.getRemoved()) { - directDel.exec(trans, ur, "Actuating UserRole Deletion"); - } - cache.getRemoved().clear(); - cache.resetLocalData(); - } - public void row(final CSV.Writer csvw, String tag) { csvw.row(tag,user(),role(),ns(),rname(),Chrono.dateOnlyStamp(expires()),expires().getTime()); } diff --git a/auth/auth-batch/src/main/java/org/onap/aaf/auth/batch/reports/Analyze.java b/auth/auth-batch/src/main/java/org/onap/aaf/auth/batch/reports/Analyze.java index d0b30c7c..0d5ad47c 100644 --- a/auth/auth-batch/src/main/java/org/onap/aaf/auth/batch/reports/Analyze.java +++ b/auth/auth-batch/src/main/java/org/onap/aaf/auth/batch/reports/Analyze.java @@ -91,6 +91,7 @@ public class Analyze extends Batch { private CSV.Writer extendCW; private Range futureRange; private final String sdate; + private LastNotified ln; public Analyze(AuthzTrans trans) throws APIException, IOException, OrganizationException { super(trans.env()); @@ -133,7 +134,7 @@ public class Analyze extends Batch { } // Setup New Approvals file - futureRange = ExpireRange.newFutureRange(); + futureRange = expireRange.newFutureRange(); File file = new File(logDir(),NEED_APPROVALS + sdate +CSV); CSV approveCSV = new CSV(env.access(),file); needApproveCW = approveCSV.writer(); @@ -150,6 +151,8 @@ public class Analyze extends Batch { // Load full data of the following Approval.load(trans, session, Approval.v2_0_17); Role.load(trans, session); + ln = new LastNotified(session); + } finally { tt0.done(); } @@ -159,6 +162,10 @@ public class Analyze extends Batch { protected void run(AuthzTrans trans) { AuthzTrans noAvg = trans.env().newTransNoAvg(); + //////////////////// + // Load all Notifieds, and either add to local Data, or mark for Deletion. + ln.loadAll(noAvg,expireRange.approveDelete,deleteCW); + //////////////////// final Map<UUID,Ticket> goodTickets = new TreeMap<>(); TimeTaken tt = trans.start("Analyze Expired Futures",Trans.SUB); @@ -214,8 +221,6 @@ public class Analyze extends Batch { // Convert Good Tickets to keyed User/Role for UserRole Step Map<String,Ticket> mur = new TreeMap<>(); - LastNotified ln = new LastNotified(session); - ln.add(approvers); String approver; tt = trans.start("Analyze Good Tickets",Trans.SUB); @@ -521,9 +526,19 @@ public class Analyze extends Batch { private Range writeAnalysis(AuthzTrans trans, UserRole ur) { Range r = expireRange.getRange("ur", ur.expires()); if(r!=null) { - CSV.Writer cw = writerList.get(r.name()); - if(cw!=null) { - ur.row(cw,UserRole.UR); + Date lnd = ln.lastNotified(LastNotified.newKey(ur)); + // Note: lnd is NEVER null + Identity i; + try { + i = org.getIdentity(trans, ur.user()); + } catch (OrganizationException e) { + i=null; + } + if(r.needsContact(lnd,i)) { + CSV.Writer cw = writerList.get(r.name()); + if(cw!=null) { + ur.row(cw,UserRole.UR); + } } } return r; @@ -533,9 +548,19 @@ public class Analyze extends Batch { if(cred!=null && inst!=null) { Range r = expireRange.getRange("cred", inst.expires); if(r!=null) { - CSV.Writer cw = writerList.get(r.name()); - if(cw!=null) { - cred.row(cw,inst); + Date lnd = ln.lastNotified(LastNotified.newKey(cred,inst)); + // Note: lnd is NEVER null + Identity i; + try { + i = org.getIdentity(trans, cred.id); + } catch (OrganizationException e) { + i=null; + } + if(r.needsContact(lnd,i)) { + CSV.Writer cw = writerList.get(r.name()); + if(cw!=null) { + cred.row(cw,inst); + } } } } @@ -544,9 +569,19 @@ public class Analyze extends Batch { private void writeAnalysis(AuthzTrans trans, X509 x509, X509Certificate x509Cert) throws IOException { Range r = expireRange.getRange("x509", x509Cert.getNotAfter()); if(r!=null) { - CSV.Writer cw = writerList.get(r.name()); - if(cw!=null) { - x509.row(cw,x509Cert); + Date lnd = ln.lastNotified(LastNotified.newKey(x509,x509Cert)); + // Note: lnd is NEVER null + Identity i; + try { + i = org.getIdentity(trans, x509.id); + } catch (OrganizationException e) { + i=null; + } + if(r.needsContact(lnd,i)) { + CSV.Writer cw = writerList.get(r.name()); + if(cw!=null) { + x509.row(cw,x509Cert); + } } } } diff --git a/auth/auth-batch/src/main/java/org/onap/aaf/auth/batch/reports/Notify.java b/auth/auth-batch/src/main/java/org/onap/aaf/auth/batch/reports/Notify.java index 3c7634ff..e6ce0849 100644 --- a/auth/auth-batch/src/main/java/org/onap/aaf/auth/batch/reports/Notify.java +++ b/auth/auth-batch/src/main/java/org/onap/aaf/auth/batch/reports/Notify.java @@ -69,6 +69,8 @@ import org.onap.aaf.misc.env.util.Chrono; private PropAccess access; private AuthzTrans noAvg; private CQLBatch cqlBatch; + private LastNotified lastN; + private CQLBatchLoop cbl; public Notify(AuthzTrans trans) throws APIException, IOException, OrganizationException { super(trans.env()); @@ -152,6 +154,9 @@ import org.onap.aaf.misc.env.util.Chrono; noAvg = trans.env().newTransNoAvg(); cqlBatch = new CQLBatch(noAvg.debug(),session); + cbl = new CQLBatchLoop(cqlBatch,50,dryRun); + + lastN = new LastNotified(session); } /* @@ -276,34 +281,38 @@ import org.onap.aaf.misc.env.util.Chrono; CSV.Saver rs = new CSV.Saver(); TimeTaken tt = trans.start("Obtain Last Notifications for Approvers", Trans.SUB); - LastNotified lastN; try { - lastN = new LastNotified(session); lastN.add(mpending.keySet()); } finally { tt.done(); } Pending p; - final CQLBatchLoop cbl = new CQLBatchLoop(cqlBatch,50,dryRun); + tt = trans.start("Notify for Pending", Trans.SUB); + List<String> idList = new ArrayList<String>(); + String id; try { for(Entry<String, Pending> es : mpending.entrySet()) { + id = es.getKey(); + idList.clear(); + idList.add(id); p = es.getValue(); boolean nap = p.newApprovals(); if(!nap) { - Date dateLastNotified = lastN.lastNotified(es.getKey(),"pending",""); + Date dateLastNotified = lastN.lastNotified(id,"pending",""); if(dateLastNotified==null || dateLastNotified.after(oneWeek) ) { nap=true; } } if(nap) { - rs.row("appr", es.getKey(),p.qty(),batchEnv); + rs.row("appr", id,p.qty(),batchEnv); npab.store(rs.asList()); if(notify(noAvg, npab)>0) { // Update cbl.preLoop(); - lastN.update(cbl.inc(),es.getKey(),"pending",""); +// lastN.update(cbl.inc(),key,"pending",""); + npab.record(trans,cbl.inc(), id, idList, lastN); npab.inc(); } } @@ -326,6 +335,7 @@ import org.onap.aaf.misc.env.util.Chrono; private int notify(AuthzTrans trans, NotifyBody nb) { List<String> toList = new ArrayList<>(); List<String> ccList = new ArrayList<>(); + List<String> idList = new ArrayList<>(); String run = nb.type()+nb.name(); String test = dryRun?run:null; @@ -334,60 +344,53 @@ import org.onap.aaf.misc.env.util.Chrono; for(String id : nb.users()) { toList.clear(); ccList.clear(); + idList.clear(); try { - Identity identity = trans.org().getIdentity(trans, id); - if(identity==null) { + List<Identity> identities = trans.org().getIDs(trans, id, nb.escalation()); + if(identities.isEmpty()) { trans.warn().printf("%s is invalid for this Organization. Skipping notification.",id); } else { - if(!identity.isPerson()) { - identity = identity.responsibleTo(); - } - if(identity==null) { - trans.warn().printf("Responsible Identity %s is invalid for this Organization. Skipping notification.",id); - } else { - for(int i=1;i<=nb.escalation();++i) { - if(identity != null) { - if(i==1) { // self and Delegates - toList.add(identity.email()); - List<String> dels = identity.delegate(); - if(dels!=null) { - for(String d : dels) { - toList.add(d); - } - } - } else { - Identity s = identity.responsibleTo(); - if(s==null) { - trans.error().printf("Identity %s has no %s", identity.fullID(), - identity.isPerson()?"supervisor":"sponsor"); - } else { - ccList.add(s.email()); - } - } - } + Identity identity = null; + for(Identity ident : identities) { + if(identity==null) { + identity = ident; + toList.add(ident.email()); + } else { + ccList.add(ident.email()); } + idList.add(ident.fullID()); + } + StringBuilder content = new StringBuilder(); + content.append(String.format(header,version,Identity.mixedCase(identity.firstName()))); - StringBuilder content = new StringBuilder(); - content.append(String.format(header,version,Identity.mixedCase(identity.firstName()))); - - nb.body(trans, content, indent, this, id); - content.append(footer); + nb.body(trans, content, indent, this, id); + content.append(footer); - if(mailer.sendEmail(trans, test, toList, ccList, nb.subject(),content.toString(), urgent)) { - nb.inc(); - } else { - trans.error().log("Mailer failed to send Mail"); - } - if(maxEmails>0 && nb.count()>=maxEmails) { - break ONE_EMAIL; - } + if(mailer.sendEmail(trans, test, toList, ccList, nb.subject(),content.toString(), urgent)) { + cbl.preLoop(); + nb.record(trans,cbl.inc(), id, idList, lastN); + nb.inc(); + } else { + trans.error().log("Mailer failed to send Mail"); + } + if(maxEmails>0 && nb.count()>=maxEmails) { + break ONE_EMAIL; } } } catch (OrganizationException e) { trans.error().log(e); } } + cbl.flush(); return nb.count(); } + /* (non-Javadoc) + * @see org.onap.aaf.auth.batch.Batch#_close(org.onap.aaf.auth.env.AuthzTrans) + */ + @Override + protected void _close(AuthzTrans trans) { + cbl.flush(); + } + } diff --git a/auth/auth-batch/src/main/java/org/onap/aaf/auth/batch/reports/bodies/NotifyBody.java b/auth/auth-batch/src/main/java/org/onap/aaf/auth/batch/reports/bodies/NotifyBody.java index 947312f1..ae7daa09 100644 --- a/auth/auth-batch/src/main/java/org/onap/aaf/auth/batch/reports/bodies/NotifyBody.java +++ b/auth/auth-batch/src/main/java/org/onap/aaf/auth/batch/reports/bodies/NotifyBody.java @@ -39,6 +39,7 @@ import java.util.TreeMap; import java.util.jar.JarEntry; import java.util.jar.JarFile; +import org.onap.aaf.auth.batch.helpers.LastNotified; import org.onap.aaf.auth.batch.reports.Notify; import org.onap.aaf.auth.env.AuthzTrans; import org.onap.aaf.cadi.Access; @@ -130,9 +131,23 @@ public abstract class NotifyBody { */ protected abstract String user(List<String> row); + /** + * Provide a context-sensitive Subject, which includes ENV as well as details + * + * @return + */ public abstract String subject(); /** + * Record the fact that a particular Notification was marked as "sent" by Emailer. + * + * @param trans + * @param approver + * @param ln + */ + public abstract void record(AuthzTrans trans, StringBuilder query, String id, List<String> notified, LastNotified ln); + + /** * Get Notify Body based on key of * type|name */ diff --git a/auth/auth-batch/src/main/java/org/onap/aaf/auth/batch/reports/bodies/NotifyCredBody.java b/auth/auth-batch/src/main/java/org/onap/aaf/auth/batch/reports/bodies/NotifyCredBody.java index 15a104d1..1f8d9782 100644 --- a/auth/auth-batch/src/main/java/org/onap/aaf/auth/batch/reports/bodies/NotifyCredBody.java +++ b/auth/auth-batch/src/main/java/org/onap/aaf/auth/batch/reports/bodies/NotifyCredBody.java @@ -24,6 +24,7 @@ import java.io.IOException; import java.util.GregorianCalendar; import java.util.List; +import org.onap.aaf.auth.batch.helpers.LastNotified; import org.onap.aaf.auth.batch.reports.Notify; import org.onap.aaf.auth.env.AuthzTrans; import org.onap.aaf.cadi.Access; @@ -113,6 +114,16 @@ public abstract class NotifyCredBody extends NotifyBody { return true; } + + @Override + public void record(AuthzTrans trans, StringBuilder query, String id, List<String> notified, LastNotified ln) { + for(List<String> row : rows.get(id)) { + for(String n : notified) { + // Need to match LastNotified Key ... cred.id + '|' + inst.type + '|' + inst.tag; + ln.update(query, n, row.get(0), row.get(1)+'|'+row.get(3)+'|'+row.get(6)); + } + } + } @Override public String user(List<String> row) { diff --git a/auth/auth-batch/src/main/java/org/onap/aaf/auth/batch/reports/bodies/NotifyPendingApprBody.java b/auth/auth-batch/src/main/java/org/onap/aaf/auth/batch/reports/bodies/NotifyPendingApprBody.java index df28503c..8019e446 100644 --- a/auth/auth-batch/src/main/java/org/onap/aaf/auth/batch/reports/bodies/NotifyPendingApprBody.java +++ b/auth/auth-batch/src/main/java/org/onap/aaf/auth/batch/reports/bodies/NotifyPendingApprBody.java @@ -22,6 +22,7 @@ package org.onap.aaf.auth.batch.reports.bodies; import java.util.List; +import org.onap.aaf.auth.batch.helpers.LastNotified; import org.onap.aaf.auth.batch.reports.Notify; import org.onap.aaf.auth.env.AuthzTrans; import org.onap.aaf.cadi.Access; @@ -63,6 +64,15 @@ public class NotifyPendingApprBody extends NotifyBody { return String.format("AAF Pending Approval Notification (ENV: %s)",env); } + + @Override + public void record(AuthzTrans trans, StringBuilder query, String id, List<String> notified, LastNotified lastN) { + for(String n : notified) { + // No special key for Pending Requests. + lastN.update(query,n,"pending",""); + } + } + /* (non-Javadoc) * @see org.onap.aaf.auth.batch.reports.bodies.NotifyBody#store(java.util.List) */ diff --git a/auth/auth-batch/src/main/java/org/onap/aaf/auth/batch/reports/bodies/NotifyURBody.java b/auth/auth-batch/src/main/java/org/onap/aaf/auth/batch/reports/bodies/NotifyURBody.java index 6f85d1bf..20ba8166 100644 --- a/auth/auth-batch/src/main/java/org/onap/aaf/auth/batch/reports/bodies/NotifyURBody.java +++ b/auth/auth-batch/src/main/java/org/onap/aaf/auth/batch/reports/bodies/NotifyURBody.java @@ -24,6 +24,7 @@ import java.io.IOException; import java.util.Date; import java.util.List; +import org.onap.aaf.auth.batch.helpers.LastNotified; import org.onap.aaf.auth.batch.reports.Notify; import org.onap.aaf.auth.env.AuthzTrans; import org.onap.aaf.auth.org.Organization.Identity; @@ -38,8 +39,9 @@ public abstract class NotifyURBody extends NotifyBody { super(access,"ur",name); // Default - explanation = "The Roles for the IDs associated with you will expire on the dates shown. If " - + "allowed to expire, the ID will no longer authorized in that role on that date.<br><br>" + explanation = "The Roles for the IDs associated with you will expire on the dates shown. " + + "If the role membership is allowed to expire, " + + "the ID will no longer have the permissions associated with that role.<br><br>" + "It is the responsibility of the Designated Approvers to approve, but you can monitor " + "their progress by clicking the ID Link."; } @@ -98,6 +100,17 @@ public abstract class NotifyURBody extends NotifyBody { return true; } + + + @Override + public void record(AuthzTrans trans, StringBuilder query, String id, List<String> notified, LastNotified ln) { + for(List<String> row : rows.get(id)) { + for(String n : notified) { + // Need to match LastNotified Key ... ur.user() + '|'+ur.role(); + ln.update(query, n, row.get(0), row.get(1)+'|'+row.get(2)); + } + } + } @Override public String user(List<String> row) { diff --git a/auth/auth-batch/src/main/java/org/onap/aaf/auth/batch/update/Remove.java b/auth/auth-batch/src/main/java/org/onap/aaf/auth/batch/update/Remove.java index 4472a314..7b98a2f0 100644 --- a/auth/auth-batch/src/main/java/org/onap/aaf/auth/batch/update/Remove.java +++ b/auth/auth-batch/src/main/java/org/onap/aaf/auth/batch/update/Remove.java @@ -36,6 +36,7 @@ import org.onap.aaf.auth.batch.helpers.CQLBatch; import org.onap.aaf.auth.batch.helpers.CQLBatchLoop; import org.onap.aaf.auth.batch.helpers.Cred; import org.onap.aaf.auth.batch.helpers.Future; +import org.onap.aaf.auth.batch.helpers.LastNotified; import org.onap.aaf.auth.batch.helpers.UserRole; import org.onap.aaf.auth.batch.helpers.X509; import org.onap.aaf.auth.dao.CassAccess; @@ -175,6 +176,9 @@ public class Remove extends Batch { // Not cached Approval.deleteByIDBatch(cbl.inc(),row.get(1)); break; + case "notified": + LastNotified.delete(cbl.inc(),row); + break; } }); cbl.flush(); |