diff options
Diffstat (limited to 'auth/auth-cass/src/main')
3 files changed, 26 insertions, 4 deletions
diff --git a/auth/auth-cass/src/main/java/org/onap/aaf/auth/dao/cass/CredDAO.java b/auth/auth-cass/src/main/java/org/onap/aaf/auth/dao/cass/CredDAO.java index 868f9ac2..37501967 100644 --- a/auth/auth-cass/src/main/java/org/onap/aaf/auth/dao/cass/CredDAO.java +++ b/auth/auth-cass/src/main/java/org/onap/aaf/auth/dao/cass/CredDAO.java @@ -53,7 +53,8 @@ public class CredDAO extends CassDAOImpl<AuthzTrans,CredDAO.Data> { public static final String TABLE = "cred"; public static final int CACHE_SEG = 0x40; // yields segment 0x0-0x3F public static final int RAW = -1; - public static final int FQI = 0; + public static final int NONE = 0; + public static final int FQI = 10; public static final int BASIC_AUTH = 1; public static final int BASIC_AUTH_SHA256 = 2; public static final int CERT_SHA256_RSA =200; diff --git a/auth/auth-cass/src/main/java/org/onap/aaf/auth/dao/hl/PermLookup.java b/auth/auth-cass/src/main/java/org/onap/aaf/auth/dao/hl/PermLookup.java index 8d15c958..b0680621 100644 --- a/auth/auth-cass/src/main/java/org/onap/aaf/auth/dao/hl/PermLookup.java +++ b/auth/auth-cass/src/main/java/org/onap/aaf/auth/dao/hl/PermLookup.java @@ -27,6 +27,7 @@ import java.util.HashMap; import java.util.List; import java.util.Map; import java.util.Set; +import java.util.TreeMap; import java.util.TreeSet; import org.onap.aaf.auth.dao.cass.PermDAO; @@ -44,7 +45,7 @@ import org.onap.aaf.auth.layer.Result; * */ // Package on purpose -class PermLookup { +public class PermLookup { private AuthzTrans trans; private String user; private Question q; @@ -55,7 +56,7 @@ class PermLookup { private PermLookup() {} - static PermLookup get(AuthzTrans trans, Question q, String user) { + public static PermLookup get(AuthzTrans trans, Question q, String user) { PermLookup lp=null; Map<String, PermLookup> permMap = trans.get(Question.PERMS, null); if (permMap == null) { @@ -152,13 +153,32 @@ class PermLookup { List<PermDAO.Data> lpdd = new ArrayList<>(); for (String perm : rss.value) { if (lookup) { + Map<String,PermDAO.Data> mspdd = new TreeMap<>(); Result<String[]> ap = PermDAO.Data.decodeToArray(trans, q, perm); if (ap.isOK()) { Result<List<PermDAO.Data>> rlpd = q.permDAO().read(perm,trans,ap.value); if (rlpd.isOKhasData()) { for (PermDAO.Data pData : rlpd.value) { - lpdd.add(pData); + // ONLY add perms/roles which are related to this lookup + for(String pdr : pData.roles(false)) { + for(RoleDAO.Data r : roles.value) { + if(pdr.equals(r.encode())) { + PermDAO.Data pdd = mspdd.get(pData.fullPerm()); + if(pdd==null) { + pdd = new PermDAO.Data(); + pdd.ns = pData.ns; + pdd.type = pData.type; + pdd.instance = pData.instance; + pdd.action = pData.action; + pdd.description = pData.description; + lpdd.add(pdd); + } + pdd.roles(true).add(pdr); + break; + } + } + } } } } else { diff --git a/auth/auth-cass/src/main/java/org/onap/aaf/auth/dao/hl/Question.java b/auth/auth-cass/src/main/java/org/onap/aaf/auth/dao/hl/Question.java index ae6f371b..3abad1a5 100644 --- a/auth/auth-cass/src/main/java/org/onap/aaf/auth/dao/hl/Question.java +++ b/auth/auth-cass/src/main/java/org/onap/aaf/auth/dao/hl/Question.java @@ -974,6 +974,7 @@ public class Question { return Result.ok(Hash.compareTo(orig.cred.array(),Hash.hashSHA256(bb.array()))==0); case CredDAO.BASIC_AUTH: return Result.ok( Hash.compareTo(orig.cred.array(), Hash.hashMD5(raw))==0); + case CredDAO.FQI: default: return Result.ok(false); } |