summaryrefslogtreecommitdiffstats
path: root/auth/auth-cass
diff options
context:
space:
mode:
Diffstat (limited to 'auth/auth-cass')
-rw-r--r--auth/auth-cass/pom.xml2
-rw-r--r--auth/auth-cass/src/main/java/org/onap/aaf/auth/dao/hl/Function.java9
-rw-r--r--auth/auth-cass/src/main/java/org/onap/aaf/auth/dao/hl/Question.java53
-rw-r--r--auth/auth-cass/src/main/java/org/onap/aaf/auth/direct/DirectAAFLocator.java2
-rw-r--r--auth/auth-cass/src/test/java/org/onap/aaf/auth/direct/test/JU_DirectAAFLocator.java12
-rw-r--r--auth/auth-cass/src/test/java/org/onap/aaf/auth/direct/test/JU_DirectLocatorCreator.java3
6 files changed, 52 insertions, 29 deletions
diff --git a/auth/auth-cass/pom.xml b/auth/auth-cass/pom.xml
index 646dcbbb..4b9f9fee 100644
--- a/auth/auth-cass/pom.xml
+++ b/auth/auth-cass/pom.xml
@@ -17,7 +17,7 @@
<parent>
<groupId>org.onap.aaf.authz</groupId>
<artifactId>authparent</artifactId>
- <version>2.1.14-SNAPSHOT</version>
+ <version>2.1.15-SNAPSHOT</version>
<relativePath>../pom.xml</relativePath>
</parent>
diff --git a/auth/auth-cass/src/main/java/org/onap/aaf/auth/dao/hl/Function.java b/auth/auth-cass/src/main/java/org/onap/aaf/auth/dao/hl/Function.java
index c59312c0..4ec70d4a 100644
--- a/auth/auth-cass/src/main/java/org/onap/aaf/auth/dao/hl/Function.java
+++ b/auth/auth-cass/src/main/java/org/onap/aaf/auth/dao/hl/Function.java
@@ -628,12 +628,7 @@ public class Function {
return Result.err(Status.ERR_DependencyExists, sb.toString());
}
- if (move && parent == null) {
- return Result
- .err(Status.ERR_DependencyExists,
- "Cannot move users, roles or permissions - parent is missing.\nDelete dependencies and try again");
- }
- else if (move && parent.type == NsType.COMPANY.type) {
+ if (move && (parent == null || parent.type == NsType.COMPANY.type)) {
return Result
.err(Status.ERR_DependencyExists,
"Cannot move users, roles or permissions to [%s].\nDelete dependencies and try again",
@@ -1040,7 +1035,7 @@ public class Function {
// Attached to any Roles?
if (fullperm.roles != null) {
- if (force) {
+ if (force || fullperm.roles.contains(user+":user")) {
for (String role : fullperm.roles) {
Result<Void> rv = null;
Result<RoleDAO.Data> rrdd = RoleDAO.Data.decode(trans, q, role);
diff --git a/auth/auth-cass/src/main/java/org/onap/aaf/auth/dao/hl/Question.java b/auth/auth-cass/src/main/java/org/onap/aaf/auth/dao/hl/Question.java
index 22b14cb4..3b61da31 100644
--- a/auth/auth-cass/src/main/java/org/onap/aaf/auth/dao/hl/Question.java
+++ b/auth/auth-cass/src/main/java/org/onap/aaf/auth/dao/hl/Question.java
@@ -246,15 +246,29 @@ public class Question {
approvalDAO.close(trans);
}
- public Result<PermDAO.Data> permFrom(AuthzTrans trans, String type,
- String instance, String action) {
- Result<NsDAO.Data> rnd = deriveNs(trans, type);
- if (rnd.isOK()) {
- return Result.ok(new PermDAO.Data(new NsSplit(rnd.value, type),
- instance, action));
- } else {
- return Result.err(rnd);
- }
+ public Result<PermDAO.Data> permFrom(AuthzTrans trans, String type, String instance, String action) {
+ if(type.indexOf('@') >= 0) {
+ int colon = type.indexOf(':');
+ if(colon>=0) {
+ PermDAO.Data pdd = new PermDAO.Data();
+ pdd.ns = type.substring(0, colon);
+ pdd.type = type.substring(colon+1);
+ pdd.instance = instance;
+ pdd.action = action;
+
+ return Result.ok(pdd);
+ } else {
+ return Result.err(Result.ERR_BadData,"Could not extract ns and type from " + type);
+ }
+ } else {
+ Result<NsDAO.Data> rnd = deriveNs(trans, type);
+ if (rnd.isOK()) {
+ return Result.ok(new PermDAO.Data(new NsSplit(rnd.value, type),
+ instance, action));
+ } else {
+ return Result.err(rnd);
+ }
+ }
}
/**
@@ -317,12 +331,21 @@ public class Question {
return Result.ok(rlpUser);
}
- public Result<List<PermDAO.Data>> getPermsByType(AuthzTrans trans, String perm) {
- Result<NsSplit> nss = deriveNsSplit(trans, perm);
- if (nss.notOK()) {
- return Result.err(nss);
- }
- return permDAO.readByType(trans, nss.value.ns, nss.value.name);
+ public Result<List<PermDAO.Data>> getPermsByType(AuthzTrans trans, String type) {
+ if(type.indexOf('@') >= 0) {
+ int colon = type.indexOf(':');
+ if(colon>=0) {
+ return permDAO.readByType(trans, type.substring(0, colon),type.substring(colon+1));
+ } else {
+ return Result.err(Result.ERR_BadData, "%s is malformed",type);
+ }
+ } else {
+ Result<NsSplit> nss = deriveNsSplit(trans, type);
+ if (nss.notOK()) {
+ return Result.err(nss);
+ }
+ return permDAO.readByType(trans, nss.value.ns, nss.value.name);
+ }
}
public Result<List<PermDAO.Data>> getPermsByName(AuthzTrans trans, String type, String instance, String action) {
diff --git a/auth/auth-cass/src/main/java/org/onap/aaf/auth/direct/DirectAAFLocator.java b/auth/auth-cass/src/main/java/org/onap/aaf/auth/direct/DirectAAFLocator.java
index 2f1d150c..27d5df74 100644
--- a/auth/auth-cass/src/main/java/org/onap/aaf/auth/direct/DirectAAFLocator.java
+++ b/auth/auth-cass/src/main/java/org/onap/aaf/auth/direct/DirectAAFLocator.java
@@ -77,7 +77,7 @@ public class DirectAAFLocator extends AbsAAFLocator<AuthzTrans> {
if(name.indexOf('.')>=0) {
aaf_url = "https://"+Config.AAF_LOCATE_URL_TAG+'/'+name+':'+version;
} else {
- aaf_url = "https://"+Config.AAF_LOCATE_URL_TAG+"/%NS."+name+':'+version;
+ aaf_url = "https://"+Config.AAF_LOCATE_URL_TAG+"/%CNS.%NS."+name+':'+version;
}
RegistrationPropHolder rph = new RegistrationPropHolder(access,0);
aaf_url = rph.replacements(getClass().getSimpleName(),aaf_url, null,null);
diff --git a/auth/auth-cass/src/test/java/org/onap/aaf/auth/direct/test/JU_DirectAAFLocator.java b/auth/auth-cass/src/test/java/org/onap/aaf/auth/direct/test/JU_DirectAAFLocator.java
index 01d4b9a2..f6d2a593 100644
--- a/auth/auth-cass/src/test/java/org/onap/aaf/auth/direct/test/JU_DirectAAFLocator.java
+++ b/auth/auth-cass/src/test/java/org/onap/aaf/auth/direct/test/JU_DirectAAFLocator.java
@@ -103,7 +103,8 @@ public class JU_DirectAAFLocator {
Mockito.doReturn(access).when(env).access();
Mockito.doReturn("20").when(access).getProperty(Config.CADI_LATITUDE,null);
Mockito.doReturn("20").when(access).getProperty(Config.CADI_LONGITUDE,null);
- Mockito.doReturn("20").when(access).getProperty(Config.AAF_LOCATOR_CONTAINER,"");
+ Mockito.doReturn("").when(access).getProperty(Config.AAF_LOCATOR_CONTAINER,"");
+ Mockito.doReturn("").when(access).getProperty(Config.AAF_LOCATOR_CONTAINER_NS,"");
Mockito.doReturn("20").when(access).getProperty(Config.AAF_LOCATOR_APP_NS,"AAF_NS");
try {
DirectAAFLocator aafLocatorObj=new DirectAAFLocator(env, ldao,"test",null);
@@ -118,7 +119,8 @@ public class JU_DirectAAFLocator {
Mockito.doReturn(access).when(env).access();
Mockito.doReturn("20").when(access).getProperty(Config.CADI_LATITUDE,null);
Mockito.doReturn("20").when(access).getProperty(Config.CADI_LONGITUDE,null);
- Mockito.doReturn("20").when(access).getProperty(Config.AAF_LOCATOR_CONTAINER,"");
+ Mockito.doReturn("").when(access).getProperty(Config.AAF_LOCATOR_CONTAINER,"");
+ Mockito.doReturn("").when(access).getProperty(Config.AAF_LOCATOR_CONTAINER_NS,"");
Mockito.doReturn("20 30").when(access).getProperty(Config.AAF_URL,null);
try {
DirectAAFLocator aafLocatorObj=new DirectAAFLocator(env, ldao,"test","192.0.0.1");
@@ -138,7 +140,8 @@ public class JU_DirectAAFLocator {
Mockito.doReturn(trans).when(env).newTransNoAvg();
Mockito.doReturn("20").when(access).getProperty(Config.CADI_LATITUDE,null);
Mockito.doReturn("20").when(access).getProperty(Config.CADI_LONGITUDE,null);
- Mockito.doReturn("20").when(access).getProperty(Config.AAF_LOCATOR_CONTAINER,"");
+ Mockito.doReturn("").when(access).getProperty(Config.AAF_LOCATOR_CONTAINER,"");
+ Mockito.doReturn("").when(access).getProperty(Config.AAF_LOCATOR_CONTAINER_NS,"");
Mockito.doReturn("http://aafurl.com").when(access).getProperty(Config.AAF_URL,null);
try {
aafLocatorObj = new DirectAAFLocator(env, ldao,"test","30.20.30.30");
@@ -171,7 +174,8 @@ public class JU_DirectAAFLocator {
Mockito.doReturn(trans).when(env).newTransNoAvg();
Mockito.doReturn("20").when(access).getProperty(Config.CADI_LATITUDE,null);
Mockito.doReturn("20").when(access).getProperty(Config.CADI_LONGITUDE,null);
- Mockito.doReturn("20").when(access).getProperty(Config.AAF_LOCATOR_CONTAINER,"");
+ Mockito.doReturn("").when(access).getProperty(Config.AAF_LOCATOR_CONTAINER,"");
+ Mockito.doReturn("").when(access).getProperty(Config.AAF_LOCATOR_CONTAINER_NS,"");
Mockito.doReturn("http://aafurl.com").when(access).getProperty(Config.AAF_URL,null);
try {
aafLocatorObj = new DirectAAFLocator(env, ldao,"test","30.20.30.30");
diff --git a/auth/auth-cass/src/test/java/org/onap/aaf/auth/direct/test/JU_DirectLocatorCreator.java b/auth/auth-cass/src/test/java/org/onap/aaf/auth/direct/test/JU_DirectLocatorCreator.java
index c2b8597b..0eb75fcb 100644
--- a/auth/auth-cass/src/test/java/org/onap/aaf/auth/direct/test/JU_DirectLocatorCreator.java
+++ b/auth/auth-cass/src/test/java/org/onap/aaf/auth/direct/test/JU_DirectLocatorCreator.java
@@ -57,7 +57,8 @@ public class JU_DirectLocatorCreator {
Mockito.doReturn(access).when(env).access();
Mockito.doReturn("20").when(access).getProperty(Config.CADI_LATITUDE,null);
Mockito.doReturn("20").when(access).getProperty(Config.CADI_LONGITUDE,null);
- Mockito.doReturn("20").when(access).getProperty(Config.AAF_LOCATOR_CONTAINER,"");
+ Mockito.doReturn("").when(access).getProperty(Config.AAF_LOCATOR_CONTAINER,"");
+ Mockito.doReturn("").when(access).getProperty(Config.AAF_LOCATOR_CONTAINER_NS,"");
Mockito.doReturn("http://aafurl.com").when(access).getProperty(Config.AAF_URL,null);
DirectLocatorCreator directLocObj = new DirectLocatorCreator(env, locateDAO);
try {