diff options
Diffstat (limited to 'auth/auth-cass/src/main/java')
3 files changed, 41 insertions, 23 deletions
diff --git a/auth/auth-cass/src/main/java/org/onap/aaf/auth/dao/hl/Function.java b/auth/auth-cass/src/main/java/org/onap/aaf/auth/dao/hl/Function.java index c59312c0..4ec70d4a 100644 --- a/auth/auth-cass/src/main/java/org/onap/aaf/auth/dao/hl/Function.java +++ b/auth/auth-cass/src/main/java/org/onap/aaf/auth/dao/hl/Function.java @@ -628,12 +628,7 @@ public class Function { return Result.err(Status.ERR_DependencyExists, sb.toString()); } - if (move && parent == null) { - return Result - .err(Status.ERR_DependencyExists, - "Cannot move users, roles or permissions - parent is missing.\nDelete dependencies and try again"); - } - else if (move && parent.type == NsType.COMPANY.type) { + if (move && (parent == null || parent.type == NsType.COMPANY.type)) { return Result .err(Status.ERR_DependencyExists, "Cannot move users, roles or permissions to [%s].\nDelete dependencies and try again", @@ -1040,7 +1035,7 @@ public class Function { // Attached to any Roles? if (fullperm.roles != null) { - if (force) { + if (force || fullperm.roles.contains(user+":user")) { for (String role : fullperm.roles) { Result<Void> rv = null; Result<RoleDAO.Data> rrdd = RoleDAO.Data.decode(trans, q, role); diff --git a/auth/auth-cass/src/main/java/org/onap/aaf/auth/dao/hl/Question.java b/auth/auth-cass/src/main/java/org/onap/aaf/auth/dao/hl/Question.java index 22b14cb4..3b61da31 100644 --- a/auth/auth-cass/src/main/java/org/onap/aaf/auth/dao/hl/Question.java +++ b/auth/auth-cass/src/main/java/org/onap/aaf/auth/dao/hl/Question.java @@ -246,15 +246,29 @@ public class Question { approvalDAO.close(trans); } - public Result<PermDAO.Data> permFrom(AuthzTrans trans, String type, - String instance, String action) { - Result<NsDAO.Data> rnd = deriveNs(trans, type); - if (rnd.isOK()) { - return Result.ok(new PermDAO.Data(new NsSplit(rnd.value, type), - instance, action)); - } else { - return Result.err(rnd); - } + public Result<PermDAO.Data> permFrom(AuthzTrans trans, String type, String instance, String action) { + if(type.indexOf('@') >= 0) { + int colon = type.indexOf(':'); + if(colon>=0) { + PermDAO.Data pdd = new PermDAO.Data(); + pdd.ns = type.substring(0, colon); + pdd.type = type.substring(colon+1); + pdd.instance = instance; + pdd.action = action; + + return Result.ok(pdd); + } else { + return Result.err(Result.ERR_BadData,"Could not extract ns and type from " + type); + } + } else { + Result<NsDAO.Data> rnd = deriveNs(trans, type); + if (rnd.isOK()) { + return Result.ok(new PermDAO.Data(new NsSplit(rnd.value, type), + instance, action)); + } else { + return Result.err(rnd); + } + } } /** @@ -317,12 +331,21 @@ public class Question { return Result.ok(rlpUser); } - public Result<List<PermDAO.Data>> getPermsByType(AuthzTrans trans, String perm) { - Result<NsSplit> nss = deriveNsSplit(trans, perm); - if (nss.notOK()) { - return Result.err(nss); - } - return permDAO.readByType(trans, nss.value.ns, nss.value.name); + public Result<List<PermDAO.Data>> getPermsByType(AuthzTrans trans, String type) { + if(type.indexOf('@') >= 0) { + int colon = type.indexOf(':'); + if(colon>=0) { + return permDAO.readByType(trans, type.substring(0, colon),type.substring(colon+1)); + } else { + return Result.err(Result.ERR_BadData, "%s is malformed",type); + } + } else { + Result<NsSplit> nss = deriveNsSplit(trans, type); + if (nss.notOK()) { + return Result.err(nss); + } + return permDAO.readByType(trans, nss.value.ns, nss.value.name); + } } public Result<List<PermDAO.Data>> getPermsByName(AuthzTrans trans, String type, String instance, String action) { diff --git a/auth/auth-cass/src/main/java/org/onap/aaf/auth/direct/DirectAAFLocator.java b/auth/auth-cass/src/main/java/org/onap/aaf/auth/direct/DirectAAFLocator.java index 2f1d150c..27d5df74 100644 --- a/auth/auth-cass/src/main/java/org/onap/aaf/auth/direct/DirectAAFLocator.java +++ b/auth/auth-cass/src/main/java/org/onap/aaf/auth/direct/DirectAAFLocator.java @@ -77,7 +77,7 @@ public class DirectAAFLocator extends AbsAAFLocator<AuthzTrans> { if(name.indexOf('.')>=0) { aaf_url = "https://"+Config.AAF_LOCATE_URL_TAG+'/'+name+':'+version; } else { - aaf_url = "https://"+Config.AAF_LOCATE_URL_TAG+"/%NS."+name+':'+version; + aaf_url = "https://"+Config.AAF_LOCATE_URL_TAG+"/%CNS.%NS."+name+':'+version; } RegistrationPropHolder rph = new RegistrationPropHolder(access,0); aaf_url = rph.replacements(getClass().getSimpleName(),aaf_url, null,null); |