diff options
Diffstat (limited to 'auth/auth-cass')
11 files changed, 362 insertions, 291 deletions
diff --git a/auth/auth-cass/docker/Dockerfile.cass b/auth/auth-cass/docker/Dockerfile.cass index 0406411f..c25135ed 100644 --- a/auth/auth-cass/docker/Dockerfile.cass +++ b/auth/auth-cass/docker/Dockerfile.cass @@ -31,9 +31,9 @@ COPY cass_init/*.props /opt/app/aaf/cass_init/ COPY aaf-auth-batch-${AAF_VERSION}-full.jar /opt/app/aaf/cass_init/ COPY cass_data/*.dat /opt/app/aaf/cass_init/dats/ -RUN mkdir -p /opt/app/aaf/status && chmod 777 /opt/app/aaf/status -RUN addgroup ${USER} && adduser --no-create-home --ingroup ${USER} --disabled-password --gecos "" --shell /bin/bash ${USER} -RUN chown -R ${USER}:${USER} /opt/app/aaf/cass_init +RUN mkdir -p /opt/app/aaf/status && chmod 777 /opt/app/aaf/status && \ + addgroup ${USER} && adduser --no-create-home --ingroup ${USER} --disabled-password --gecos "" --shell /bin/bash ${USER} && \ + chown -R ${USER}:${USER} /opt/app/aaf/cass_init ENTRYPOINT ["/bin/bash","/opt/app/aaf/cass_init/cmd.sh"] diff --git a/auth/auth-cass/docker/dbuild.sh b/auth/auth-cass/docker/dbuild.sh index 17d359ce..641b42ba 100644 --- a/auth/auth-cass/docker/dbuild.sh +++ b/auth/auth-cass/docker/dbuild.sh @@ -45,6 +45,8 @@ sed -e 's/${AAF_VERSION}/'${VERSION}'/g' \ cd .. cp -Rf sample/cass_data auth-cass/cass_data cp sample/data/sample.identities.dat auth-cass +pwd +ls -ltr auth-batch/target cp auth-batch/target/aaf-auth-batch-$VERSION-full.jar auth-cass echo "$0: $DOCKER build -t ${ORG}/${PROJECT}/aaf_cass:${VERSION} auth-cass" diff --git a/auth/auth-cass/docker/dcqlsh.sh b/auth/auth-cass/docker/dcqlsh.sh index 92944f00..2518eb90 100644 --- a/auth/auth-cass/docker/dcqlsh.sh +++ b/auth/auth-cass/docker/dcqlsh.sh @@ -22,5 +22,5 @@ if [ -e ../../docker/d.props ]; then . ../../docker/d.props fi -${DOCKER:=docker} exec -it aaf_cass /usr/bin/cqlsh -k authz +${DOCKER:=docker} exec -it aaf-cass /usr/bin/cqlsh -k authz diff --git a/auth/auth-cass/pom.xml b/auth/auth-cass/pom.xml index 646dcbbb..d8e25cc3 100644 --- a/auth/auth-cass/pom.xml +++ b/auth/auth-cass/pom.xml @@ -1,235 +1,226 @@ <?xml version="1.0" encoding="UTF-8"?> <!-- * ============LICENSE_START==================================================== - * org.onap.aaf * =========================================================================== - * Copyright (c) 2017 AT&T Intellectual Property. All rights reserved. * =========================================================================== - * Licensed under the Apache License, Version 2.0 (the "License"); * you may - not use this file except in compliance with the License. * You may obtain - a copy of the License at * * http://www.apache.org/licenses/LICENSE-2.0 * - * Unless required by applicable law or agreed to in writing, software * distributed - under the License is distributed on an "AS IS" BASIS, * WITHOUT WARRANTIES - OR CONDITIONS OF ANY KIND, either express or implied. * See the License for - the specific language governing permissions and * limitations under the License. - * ============LICENSE_END==================================================== - * --> + * org.onap.aaf * =========================================================================== + * Copyright (c) 2017 AT&T Intellectual Property. All rights reserved. * =========================================================================== + * Licensed under the Apache License, Version 2.0 (the "License"); * you may + not use this file except in compliance with the License. * You may obtain + a copy of the License at * * http://www.apache.org/licenses/LICENSE-2.0 * + * Unless required by applicable law or agreed to in writing, software * distributed + under the License is distributed on an "AS IS" BASIS, * WITHOUT WARRANTIES + OR CONDITIONS OF ANY KIND, either express or implied. * See the License for + the specific language governing permissions and * limitations under the License. + * ============LICENSE_END==================================================== + * --> <project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" - xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd"> - <modelVersion>4.0.0</modelVersion> - <parent> - <groupId>org.onap.aaf.authz</groupId> - <artifactId>authparent</artifactId> - <version>2.1.14-SNAPSHOT</version> - <relativePath>../pom.xml</relativePath> - </parent> - - <artifactId>aaf-auth-cass</artifactId> - <name>AAF Auth Cass</name> - <description>Cassandra Data Libraries for AAF Auth</description> - <packaging>jar</packaging> - - <developers> - <developer> - <name>Jonathan Gathman</name> - <email>jonathan.gathman@att.com</email> - <organization>ATT</organization> - <roles> - <role>Architect</role> - <role>Lead Developer</role> - </roles> - </developer> - <developer> - <name>Gabe Maurer</name> - <email>gabe.maurer@att.com</email> - <organization>ATT</organization> - <roles> - <role>Developer</role> - </roles> - </developer> - <developer> - <name>Ian Howell</name> - <email>ian.howell@att.com</email> - <organization>ATT</organization> - <roles> - <role>Developer</role> - </roles> - </developer> - <developer> - <name>Sai Gandham</name> - <email>sai.gandham@att.com</email> - <organization>ATT</organization> - <roles> - <role>Developer</role> - </roles> - </developer> - </developers> - - <properties> - <!-- SONAR --> - <!-- <sonar.skip>true</sonar.skip> --> - <jacoco.version>0.7.7.201606060606</jacoco.version> - <sonar-jacoco-listeners.version>3.2</sonar-jacoco-listeners.version> - <sonar.core.codeCoveragePlugin>jacoco</sonar.core.codeCoveragePlugin> - <!-- Default Sonar configuration --> - <sonar.jacoco.reportPaths>target/code-coverage/jacoco-ut.exec</sonar.jacoco.reportPaths> - <sonar.jacoco.itReportPaths>target/code-coverage/jacoco-it.exec</sonar.jacoco.itReportPaths> - <!-- Note: This list should match jacoco-maven-plugin's exclusion list - below --> - <sonar.exclusions>**/gen/**,**/generated-sources/**,**/yang-gen**,**/pax/**</sonar.exclusions> - <nexusproxy>https://nexus.onap.org</nexusproxy> - <snapshotNexusPath>/content/repositories/snapshots/</snapshotNexusPath> - <releaseNexusPath>/content/repositories/releases/</releaseNexusPath> - <stagingNexusPath>/content/repositories/staging/</stagingNexusPath> - <sitePath>/content/sites/site/org/onap/aaf/authz/${project.artifactId}/${project.version}</sitePath> - </properties> - - <dependencies> - <dependency> - <groupId>org.onap.aaf.authz</groupId> - <artifactId>aaf-auth-core</artifactId> - </dependency> - - <dependency> - <groupId>org.onap.aaf.authz</groupId> - <artifactId>aaf-cadi-aaf</artifactId> - </dependency> - - <dependency> - <groupId>com.datastax.cassandra</groupId> - <artifactId>cassandra-driver-core</artifactId> - <!-- JNR Posix needs bumping up for licence for datastax 3.6.0, remove after this version--> - <exclusions> - <exclusion> - <groupId>com.github.jnr</groupId> - <artifactId>jnr-posix</artifactId> - </exclusion> - </exclusions> - </dependency> - <!-- JNR Posix needs bumping up for licence for datastax 3.6.0, remove after this version--> - <dependency> - <groupId>com.github.jnr</groupId> - <artifactId>jnr-posix</artifactId> - <version>3.0.45</version> - </dependency> - - <dependency> - <groupId>com.google.guava</groupId> - <artifactId>guava</artifactId> - </dependency> - - <!-- Cassandra prefers Snappy and LZ4 libs for performance --> - <dependency> - <groupId>org.xerial.snappy</groupId> - <artifactId>snappy-java</artifactId> - <version>1.1.1-M1</version> - </dependency> - - <dependency> - <groupId>net.jpountz.lz4</groupId> - <artifactId>lz4</artifactId> - <version>1.2.0</version> - </dependency> - - <dependency> - <groupId>com.googlecode.jcsv</groupId> - <artifactId>jcsv</artifactId> - <version>1.4.0</version> - </dependency> - - <dependency> - <groupId>org.slf4j</groupId> - <artifactId>slf4j-log4j12</artifactId> - <scope>test</scope> - </dependency> - - - </dependencies> - <build> - <plugins> - <plugin> - <groupId>org.apache.maven.plugins</groupId> - <artifactId>maven-deploy-plugin</artifactId> - <configuration> - <skip>false</skip> - </configuration> - </plugin> - <plugin> - <groupId>org.jacoco</groupId> - <artifactId>jacoco-maven-plugin</artifactId> - <configuration> - <excludes> - <exclude>**/gen/**</exclude> - <exclude>**/generated-sources/**</exclude> - <exclude>**/yang-gen/**</exclude> - <exclude>**/pax/**</exclude> - </excludes> - </configuration> - <executions> - - <execution> - <id>pre-unit-test</id> - <goals> - <goal>prepare-agent</goal> - </goals> - <configuration> - <destFile>${project.build.directory}/code-coverage/jacoco-ut.exec</destFile> - <propertyName>surefireArgLine</propertyName> - </configuration> - </execution> - - - <execution> - <id>post-unit-test</id> - <phase>test</phase> - <goals> - <goal>report</goal> - </goals> - <configuration> - <dataFile>${project.build.directory}/code-coverage/jacoco-ut.exec</dataFile> - <outputDirectory>${project.reporting.outputDirectory}/jacoco-ut</outputDirectory> - </configuration> - </execution> - <execution> - <id>pre-integration-test</id> - <phase>pre-integration-test</phase> - <goals> - <goal>prepare-agent</goal> - </goals> - <configuration> - <destFile>${project.build.directory}/code-coverage/jacoco-it.exec</destFile> - <propertyName>failsafeArgLine</propertyName> - </configuration> - </execution> - - <execution> - <id>post-integration-test</id> - <phase>post-integration-test</phase> - <goals> - <goal>report</goal> - </goals> - <configuration> - <dataFile>${project.build.directory}/code-coverage/jacoco-it.exec</dataFile> - <outputDirectory>${project.reporting.outputDirectory}/jacoco-it</outputDirectory> - </configuration> - </execution> - </executions> - </plugin> - </plugins> - </build> - - <distributionManagement> - <repository> - <id>ecomp-releases</id> - <name>AAF Release Repository</name> - <url>${nexusproxy}${releaseNexusPath}</url> - </repository> - <snapshotRepository> - <id>ecomp-snapshots</id> - <name>AAF Snapshot Repository</name> - <url>${nexusproxy}${snapshotNexusPath}</url> - </snapshotRepository> - <site> - <id>ecomp-site</id> - <url>dav:${nexusproxy}${sitePath}</url> - </site> - </distributionManagement> + xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd"> + <modelVersion>4.0.0</modelVersion> + <parent> + <groupId>org.onap.aaf.authz</groupId> + <artifactId>authparent</artifactId> + <version>2.1.16-SNAPSHOT</version> + <relativePath>../pom.xml</relativePath> + </parent> + + <artifactId>aaf-auth-cass</artifactId> + <name>AAF Auth Cass</name> + <description>Cassandra Data Libraries for AAF Auth</description> + <packaging>jar</packaging> + + <developers> + <developer> + <name>Jonathan Gathman</name> + <email>jonathan.gathman@att.com</email> + <organization>ATT</organization> + <roles> + <role>Architect</role> + <role>Lead Developer</role> + </roles> + </developer> + <developer> + <name>Gabe Maurer</name> + <email>gabe.maurer@att.com</email> + <organization>ATT</organization> + <roles> + <role>Developer</role> + </roles> + </developer> + <developer> + <name>Ian Howell</name> + <email>ian.howell@att.com</email> + <organization>ATT</organization> + <roles> + <role>Developer</role> + </roles> + </developer> + <developer> + <name>Sai Gandham</name> + <email>sai.gandham@att.com</email> + <organization>ATT</organization> + <roles> + <role>Developer</role> + </roles> + </developer> + </developers> + + <properties> + <!-- SONAR --> + <!-- <sonar.skip>true</sonar.skip> --> + <jacoco.version>0.7.7.201606060606</jacoco.version> + <sonar-jacoco-listeners.version>3.2</sonar-jacoco-listeners.version> + <sonar.core.codeCoveragePlugin>jacoco</sonar.core.codeCoveragePlugin> + <!-- Default Sonar configuration --> + <sonar.jacoco.reportPaths>target/code-coverage/jacoco-ut.exec</sonar.jacoco.reportPaths> + <sonar.jacoco.itReportPaths>target/code-coverage/jacoco-it.exec</sonar.jacoco.itReportPaths> + <!-- Note: This list should match jacoco-maven-plugin's exclusion list + below --> + <sonar.exclusions>**/gen/**,**/generated-sources/**,**/yang-gen**,**/pax/**</sonar.exclusions> + <nexusproxy>https://nexus.onap.org</nexusproxy> + <snapshotNexusPath>/content/repositories/snapshots/</snapshotNexusPath> + <releaseNexusPath>/content/repositories/releases/</releaseNexusPath> + <stagingNexusPath>/content/repositories/staging/</stagingNexusPath> + <sitePath>/content/sites/site/org/onap/aaf/authz/${project.artifactId}/${project.version}</sitePath> + </properties> + + <dependencies> + <dependency> + <groupId>org.onap.aaf.authz</groupId> + <artifactId>aaf-auth-core</artifactId> + </dependency> + + <dependency> + <groupId>org.onap.aaf.authz</groupId> + <artifactId>aaf-cadi-aaf</artifactId> + </dependency> + + <dependency> + <groupId>com.datastax.cassandra</groupId> + <artifactId>cassandra-driver-core</artifactId> + <!-- JNR Posix needs bumping up for licence for datastax 3.6.0, remove after this version--> + <exclusions> + <exclusion> + <groupId>com.github.jnr</groupId> + <artifactId>jnr-posix</artifactId> + </exclusion> + </exclusions> + </dependency> + <!-- JNR Posix needs bumping up for licence for datastax 3.6.0, remove after this version--> + <dependency> + <groupId>com.github.jnr</groupId> + <artifactId>jnr-posix</artifactId> + <version>3.0.45</version> + </dependency> + + <dependency> + <groupId>com.google.guava</groupId> + <artifactId>guava</artifactId> + </dependency> + + <!-- Cassandra prefers Snappy and LZ4 libs for performance --> + <dependency> + <groupId>org.xerial.snappy</groupId> + <artifactId>snappy-java</artifactId> + <version>1.1.1-M1</version> + </dependency> + + <dependency> + <groupId>net.jpountz.lz4</groupId> + <artifactId>lz4</artifactId> + <version>1.2.0</version> + </dependency> + + <dependency> + <groupId>com.googlecode.jcsv</groupId> + <artifactId>jcsv</artifactId> + <version>1.4.0</version> + </dependency> + + <dependency> + <groupId>org.slf4j</groupId> + <artifactId>slf4j-log4j12</artifactId> + <scope>test</scope> + </dependency> + </dependencies> + <build> + <plugins> + <plugin> + <groupId>org.jacoco</groupId> + <artifactId>jacoco-maven-plugin</artifactId> + <configuration> + <excludes> + <exclude>**/gen/**</exclude> + <exclude>**/generated-sources/**</exclude> + <exclude>**/yang-gen/**</exclude> + <exclude>**/pax/**</exclude> + </excludes> + </configuration> + <executions> + + <execution> + <id>pre-unit-test</id> + <goals> + <goal>prepare-agent</goal> + </goals> + <configuration> + <destFile>${project.build.directory}/code-coverage/jacoco-ut.exec</destFile> + <propertyName>surefireArgLine</propertyName> + </configuration> + </execution> + + + <execution> + <id>post-unit-test</id> + <phase>test</phase> + <goals> + <goal>report</goal> + </goals> + <configuration> + <dataFile>${project.build.directory}/code-coverage/jacoco-ut.exec</dataFile> + <outputDirectory>${project.reporting.outputDirectory}/jacoco-ut</outputDirectory> + </configuration> + </execution> + <execution> + <id>pre-integration-test</id> + <phase>pre-integration-test</phase> + <goals> + <goal>prepare-agent</goal> + </goals> + <configuration> + <destFile>${project.build.directory}/code-coverage/jacoco-it.exec</destFile> + <propertyName>failsafeArgLine</propertyName> + </configuration> + </execution> + + <execution> + <id>post-integration-test</id> + <phase>post-integration-test</phase> + <goals> + <goal>report</goal> + </goals> + <configuration> + <dataFile>${project.build.directory}/code-coverage/jacoco-it.exec</dataFile> + <outputDirectory>${project.reporting.outputDirectory}/jacoco-it</outputDirectory> + </configuration> + </execution> + </executions> + </plugin> + </plugins> + </build> + + <distributionManagement> + <repository> + <id>ecomp-releases</id> + <name>AAF Release Repository</name> + <url>${nexusproxy}${releaseNexusPath}</url> + </repository> + <snapshotRepository> + <id>ecomp-snapshots</id> + <name>AAF Snapshot Repository</name> + <url>${nexusproxy}${snapshotNexusPath}</url> + </snapshotRepository> + <site> + <id>ecomp-site</id> + <url>dav:${nexusproxy}${sitePath}</url> + </site> + </distributionManagement> </project> diff --git a/auth/auth-cass/src/main/java/org/onap/aaf/auth/dao/cass/CacheInfoDAO.java b/auth/auth-cass/src/main/java/org/onap/aaf/auth/dao/cass/CacheInfoDAO.java index 8cb25ac7..0ad15277 100644 --- a/auth/auth-cass/src/main/java/org/onap/aaf/auth/dao/cass/CacheInfoDAO.java +++ b/auth/auth-cass/src/main/java/org/onap/aaf/auth/dao/cass/CacheInfoDAO.java @@ -47,6 +47,7 @@ import org.onap.aaf.cadi.SecuritySetter; import org.onap.aaf.cadi.client.Future; import org.onap.aaf.cadi.client.Rcli; import org.onap.aaf.cadi.client.Retryable; +import org.onap.aaf.cadi.config.Config; import org.onap.aaf.cadi.http.HMangr; import org.onap.aaf.misc.env.APIException; import org.onap.aaf.misc.env.Env; @@ -69,20 +70,32 @@ public class CacheInfoDAO extends CassDAOImpl<AuthzTrans,CacheInfoDAO.Data> impl // Hold current time stamps from Tables private final Date startTime; + private final boolean cacheNotify; private PreparedStatement psCheck; public CacheInfoDAO(AuthzTrans trans, Cluster cluster, String keyspace) throws APIException, IOException { super(trans, CacheInfoDAO.class.getSimpleName(),cluster,keyspace,Data.class,TABLE,readConsistency(trans,TABLE), writeConsistency(trans,TABLE)); startTime = new Date(); + cacheNotify = noK8s(trans); init(trans); } - public CacheInfoDAO(AuthzTrans trans, AbsCassDAO<AuthzTrans,?> aDao) throws APIException, IOException { + public CacheInfoDAO(AuthzTrans trans, AbsCassDAO<AuthzTrans,?> aDao) throws APIException, IOException { super(trans, CacheInfoDAO.class.getSimpleName(),aDao,Data.class,TABLE,readConsistency(trans,TABLE), writeConsistency(trans,TABLE)); startTime = new Date(); init(trans); + cacheNotify = noK8s(trans); } + /** + * Need a different point to point cache clear strategy for K8s... + * @param trans + * @return + */ + private boolean noK8s(AuthzTrans trans) { + String container = trans.getProperty(Config.AAF_LOCATOR_CONTAINER); + return ! ("helm".equals(container) || "oom".equals(container)); + } ////////////////////////////////////////// // Data Definition, matches Cassandra DM @@ -328,7 +341,6 @@ public class CacheInfoDAO extends CassDAOImpl<AuthzTrans,CacheInfoDAO.Data> impl } private void init(AuthzTrans trans) throws APIException, IOException { - String[] helpers = setCRUD(trans, TABLE, Data.class, InfoLoader.dflt); psCheck = getSession(trans).prepare(SELECT_SP + helpers[FIELD_COMMAS] + " FROM " + TABLE); @@ -347,7 +359,7 @@ public class CacheInfoDAO extends CassDAOImpl<AuthzTrans,CacheInfoDAO.Data> impl ///////////// // ConcurrentQueues are open-ended. We don't want any Memory leaks // Note: we keep a separate counter, because "size()" on a Linked Queue is expensive - if (cacheUpdate!=null) { + if (cacheNotify && cacheUpdate!=null) { try { if (!CacheUpdate.notifyDQ.offer(new CacheUpdate.Transfer(name, seg),2,TimeUnit.SECONDS)) { trans.error().log("Cache Notify Queue is not accepting messages, bouncing may be appropriate" ); diff --git a/auth/auth-cass/src/main/java/org/onap/aaf/auth/dao/hl/Function.java b/auth/auth-cass/src/main/java/org/onap/aaf/auth/dao/hl/Function.java index c59312c0..4ec70d4a 100644 --- a/auth/auth-cass/src/main/java/org/onap/aaf/auth/dao/hl/Function.java +++ b/auth/auth-cass/src/main/java/org/onap/aaf/auth/dao/hl/Function.java @@ -628,12 +628,7 @@ public class Function { return Result.err(Status.ERR_DependencyExists, sb.toString()); } - if (move && parent == null) { - return Result - .err(Status.ERR_DependencyExists, - "Cannot move users, roles or permissions - parent is missing.\nDelete dependencies and try again"); - } - else if (move && parent.type == NsType.COMPANY.type) { + if (move && (parent == null || parent.type == NsType.COMPANY.type)) { return Result .err(Status.ERR_DependencyExists, "Cannot move users, roles or permissions to [%s].\nDelete dependencies and try again", @@ -1040,7 +1035,7 @@ public class Function { // Attached to any Roles? if (fullperm.roles != null) { - if (force) { + if (force || fullperm.roles.contains(user+":user")) { for (String role : fullperm.roles) { Result<Void> rv = null; Result<RoleDAO.Data> rrdd = RoleDAO.Data.decode(trans, q, role); diff --git a/auth/auth-cass/src/main/java/org/onap/aaf/auth/dao/hl/Question.java b/auth/auth-cass/src/main/java/org/onap/aaf/auth/dao/hl/Question.java index 22b14cb4..6b6c23bf 100644 --- a/auth/auth-cass/src/main/java/org/onap/aaf/auth/dao/hl/Question.java +++ b/auth/auth-cass/src/main/java/org/onap/aaf/auth/dao/hl/Question.java @@ -224,6 +224,31 @@ public class Question { alwaysSpecial = Boolean.parseBoolean(trans.getProperty("aaf_always_special", Boolean.FALSE.toString())); } + + /** + * Note: This Constructor created for JUNIT Purposes. Do not use otherwise. + */ + public Question(AuthzTrans trans, HistoryDAO historyDAO, CacheInfoDAO cacheInfoDAO, + CachedNSDAO nsDAO, CachedPermDAO permDAO, CachedRoleDAO roleDAO, + CachedUserRoleDAO userRoleDAO, CachedCredDAO credDAO, CachedCertDAO certDAO, + LocateDAO locateDAO,FutureDAO futureDAO, DelegateDAO delegateDAO, + ApprovalDAO approvalDAO ) { + this.historyDAO = historyDAO; + this.cacheInfoDAO = cacheInfoDAO; + this.nsDAO = nsDAO; + this.permDAO = permDAO; + this.roleDAO = roleDAO; + this.userRoleDAO = userRoleDAO; + this.credDAO = credDAO; + this.certDAO = certDAO; + this.locateDAO = locateDAO; + this.futureDAO = futureDAO; + this.delegateDAO = delegateDAO; + this.approvalDAO = approvalDAO; + + cldays = Integer.parseInt(trans.getProperty(Config.AAF_CRED_WARN_DAYS, Config.AAF_CRED_WARN_DAYS_DFT)); + alwaysSpecial = Boolean.parseBoolean(trans.getProperty("aaf_always_special", Boolean.FALSE.toString())); + } public void startTimers(AuthzEnv env) { // Only want to aggressively cleanse User related Caches... The others, @@ -246,15 +271,29 @@ public class Question { approvalDAO.close(trans); } - public Result<PermDAO.Data> permFrom(AuthzTrans trans, String type, - String instance, String action) { - Result<NsDAO.Data> rnd = deriveNs(trans, type); - if (rnd.isOK()) { - return Result.ok(new PermDAO.Data(new NsSplit(rnd.value, type), - instance, action)); - } else { - return Result.err(rnd); - } + public Result<PermDAO.Data> permFrom(AuthzTrans trans, String type, String instance, String action) { + if(type.indexOf('@') >= 0) { + int colon = type.indexOf(':'); + if(colon>=0) { + PermDAO.Data pdd = new PermDAO.Data(); + pdd.ns = type.substring(0, colon); + pdd.type = type.substring(colon+1); + pdd.instance = instance; + pdd.action = action; + + return Result.ok(pdd); + } else { + return Result.err(Result.ERR_BadData,"Could not extract ns and type from " + type); + } + } else { + Result<NsDAO.Data> rnd = deriveNs(trans, type); + if (rnd.isOK()) { + return Result.ok(new PermDAO.Data(new NsSplit(rnd.value, type), + instance, action)); + } else { + return Result.err(rnd); + } + } } /** @@ -317,12 +356,21 @@ public class Question { return Result.ok(rlpUser); } - public Result<List<PermDAO.Data>> getPermsByType(AuthzTrans trans, String perm) { - Result<NsSplit> nss = deriveNsSplit(trans, perm); - if (nss.notOK()) { - return Result.err(nss); - } - return permDAO.readByType(trans, nss.value.ns, nss.value.name); + public Result<List<PermDAO.Data>> getPermsByType(AuthzTrans trans, String type) { + if(type.indexOf('@') >= 0) { + int colon = type.indexOf(':'); + if(colon>=0) { + return permDAO.readByType(trans, type.substring(0, colon),type.substring(colon+1)); + } else { + return Result.err(Result.ERR_BadData, "%s is malformed",type); + } + } else { + Result<NsSplit> nss = deriveNsSplit(trans, type); + if (nss.notOK()) { + return Result.err(nss); + } + return permDAO.readByType(trans, nss.value.ns, nss.value.name); + } } public Result<List<PermDAO.Data>> getPermsByName(AuthzTrans trans, String type, String instance, String action) { @@ -964,25 +1012,27 @@ public class Question { } public Result<Boolean> userCredCheck(AuthzTrans trans, CredDAO.Data orig, final byte[] raw) { - TimeTaken tt = trans.start("CheckCred Cred", Env.SUB); - try { - switch(orig.type) { - case CredDAO.BASIC_AUTH_SHA256: - ByteBuffer bb = ByteBuffer.allocate(Integer.SIZE + raw.length); - bb.putInt(orig.other); - bb.put(raw); - return Result.ok(Hash.compareTo(orig.cred.array(),Hash.hashSHA256(bb.array()))==0); - case CredDAO.BASIC_AUTH: - return Result.ok( Hash.compareTo(orig.cred.array(), Hash.hashMD5(raw))==0); - case CredDAO.FQI: - default: - return Result.ok(false); - } - } catch (NoSuchAlgorithmException e) { - return Result.err(Status.ERR_General,e.getLocalizedMessage()); - } finally { - tt.done(); + Result<Boolean> rv; + TimeTaken tt = trans.start("CheckCred Cred", Env.SUB); + try { + switch(orig.type) { + case CredDAO.BASIC_AUTH_SHA256: + ByteBuffer bb = ByteBuffer.allocate(Integer.SIZE + raw.length); + bb.putInt(orig.other); + bb.put(raw); + rv = Result.ok(Hash.compareTo(orig.cred.array(),Hash.hashSHA256(bb.array()))==0); + case CredDAO.BASIC_AUTH: + rv= Result.ok( Hash.compareTo(orig.cred.array(), Hash.hashMD5(raw))==0); + case CredDAO.FQI: + default: + rv = Result.ok(false); } + } catch (NoSuchAlgorithmException e) { + rv = Result.err(Status.ERR_General,e.getLocalizedMessage()); + } finally { + tt.done(); + } + return rv; } public static final String APPROVED = "APPROVE"; @@ -1191,7 +1241,7 @@ public class Question { } public boolean isOwner(AuthzTrans trans, String user, String ns) { - Result<List<UserRoleDAO.Data>> rur = userRoleDAO.read(trans, user,ns+DOT_OWNER); + Result<List<UserRoleDAO.Data>> rur = userRoleDAO().read(trans, user,ns+DOT_OWNER); if (rur.isOKhasData()) {for (UserRoleDAO.Data urdd : rur.value){ Date now = new Date(); if (urdd.expires.after(now)) { @@ -1202,7 +1252,7 @@ public class Question { } public int countOwner(AuthzTrans trans, String ns) { - Result<List<UserRoleDAO.Data>> rur = userRoleDAO.readByRole(trans,ns+DOT_OWNER); + Result<List<UserRoleDAO.Data>> rur = userRoleDAO().readByRole(trans,ns+DOT_OWNER); Date now = new Date(); int count = 0; if (rur.isOKhasData()) {for (UserRoleDAO.Data urdd : rur.value){ diff --git a/auth/auth-cass/src/main/java/org/onap/aaf/auth/direct/DirectAAFLocator.java b/auth/auth-cass/src/main/java/org/onap/aaf/auth/direct/DirectAAFLocator.java index 2f1d150c..27d5df74 100644 --- a/auth/auth-cass/src/main/java/org/onap/aaf/auth/direct/DirectAAFLocator.java +++ b/auth/auth-cass/src/main/java/org/onap/aaf/auth/direct/DirectAAFLocator.java @@ -77,7 +77,7 @@ public class DirectAAFLocator extends AbsAAFLocator<AuthzTrans> { if(name.indexOf('.')>=0) { aaf_url = "https://"+Config.AAF_LOCATE_URL_TAG+'/'+name+':'+version; } else { - aaf_url = "https://"+Config.AAF_LOCATE_URL_TAG+"/%NS."+name+':'+version; + aaf_url = "https://"+Config.AAF_LOCATE_URL_TAG+"/%CNS.%NS."+name+':'+version; } RegistrationPropHolder rph = new RegistrationPropHolder(access,0); aaf_url = rph.replacements(getClass().getSimpleName(),aaf_url, null,null); diff --git a/auth/auth-cass/src/test/java/org/onap/aaf/auth/dao/JU_DAOException.java b/auth/auth-cass/src/test/java/org/onap/aaf/auth/dao/JU_DAOException.java index 0e9d199d..0ee0ce8f 100644 --- a/auth/auth-cass/src/test/java/org/onap/aaf/auth/dao/JU_DAOException.java +++ b/auth/auth-cass/src/test/java/org/onap/aaf/auth/dao/JU_DAOException.java @@ -31,20 +31,36 @@ import org.onap.aaf.auth.dao.DAOException; import org.powermock.api.mockito.PowerMockito; import org.powermock.modules.junit4.PowerMockRunner; -@RunWith(PowerMockRunner.class) public class JU_DAOException { -DAOException daoException; + DAOException daoException; - //DAOException daoException = new DAOException(); String message = "message"; Throwable cause; @Before public void setUp(){ - daoException = new DAOException(); + daoException = new DAOException(); } @Test - public void test(){ - assertTrue(true); + public void testNoArgConstructor(){ + assertNull(daoException.getMessage()); + } + + @Test + public void testOneArgConstructorMsg(){ + daoException = new DAOException("test message"); + assertTrue("test message".equalsIgnoreCase(daoException.getMessage())); + } + + @Test + public void testOneArgConstructorThrowable(){ + daoException = new DAOException(new Throwable()); + assertTrue("java.lang.Throwable".equalsIgnoreCase(daoException.getMessage())); + } + + @Test + public void testTwoArgConstructor(){ + daoException = new DAOException("test message", new Throwable()); + assertTrue("test message".equalsIgnoreCase(daoException.getMessage())); } } diff --git a/auth/auth-cass/src/test/java/org/onap/aaf/auth/direct/test/JU_DirectAAFLocator.java b/auth/auth-cass/src/test/java/org/onap/aaf/auth/direct/test/JU_DirectAAFLocator.java index 01d4b9a2..f6d2a593 100644 --- a/auth/auth-cass/src/test/java/org/onap/aaf/auth/direct/test/JU_DirectAAFLocator.java +++ b/auth/auth-cass/src/test/java/org/onap/aaf/auth/direct/test/JU_DirectAAFLocator.java @@ -103,7 +103,8 @@ public class JU_DirectAAFLocator { Mockito.doReturn(access).when(env).access(); Mockito.doReturn("20").when(access).getProperty(Config.CADI_LATITUDE,null); Mockito.doReturn("20").when(access).getProperty(Config.CADI_LONGITUDE,null); - Mockito.doReturn("20").when(access).getProperty(Config.AAF_LOCATOR_CONTAINER,""); + Mockito.doReturn("").when(access).getProperty(Config.AAF_LOCATOR_CONTAINER,""); + Mockito.doReturn("").when(access).getProperty(Config.AAF_LOCATOR_CONTAINER_NS,""); Mockito.doReturn("20").when(access).getProperty(Config.AAF_LOCATOR_APP_NS,"AAF_NS"); try { DirectAAFLocator aafLocatorObj=new DirectAAFLocator(env, ldao,"test",null); @@ -118,7 +119,8 @@ public class JU_DirectAAFLocator { Mockito.doReturn(access).when(env).access(); Mockito.doReturn("20").when(access).getProperty(Config.CADI_LATITUDE,null); Mockito.doReturn("20").when(access).getProperty(Config.CADI_LONGITUDE,null); - Mockito.doReturn("20").when(access).getProperty(Config.AAF_LOCATOR_CONTAINER,""); + Mockito.doReturn("").when(access).getProperty(Config.AAF_LOCATOR_CONTAINER,""); + Mockito.doReturn("").when(access).getProperty(Config.AAF_LOCATOR_CONTAINER_NS,""); Mockito.doReturn("20 30").when(access).getProperty(Config.AAF_URL,null); try { DirectAAFLocator aafLocatorObj=new DirectAAFLocator(env, ldao,"test","192.0.0.1"); @@ -138,7 +140,8 @@ public class JU_DirectAAFLocator { Mockito.doReturn(trans).when(env).newTransNoAvg(); Mockito.doReturn("20").when(access).getProperty(Config.CADI_LATITUDE,null); Mockito.doReturn("20").when(access).getProperty(Config.CADI_LONGITUDE,null); - Mockito.doReturn("20").when(access).getProperty(Config.AAF_LOCATOR_CONTAINER,""); + Mockito.doReturn("").when(access).getProperty(Config.AAF_LOCATOR_CONTAINER,""); + Mockito.doReturn("").when(access).getProperty(Config.AAF_LOCATOR_CONTAINER_NS,""); Mockito.doReturn("http://aafurl.com").when(access).getProperty(Config.AAF_URL,null); try { aafLocatorObj = new DirectAAFLocator(env, ldao,"test","30.20.30.30"); @@ -171,7 +174,8 @@ public class JU_DirectAAFLocator { Mockito.doReturn(trans).when(env).newTransNoAvg(); Mockito.doReturn("20").when(access).getProperty(Config.CADI_LATITUDE,null); Mockito.doReturn("20").when(access).getProperty(Config.CADI_LONGITUDE,null); - Mockito.doReturn("20").when(access).getProperty(Config.AAF_LOCATOR_CONTAINER,""); + Mockito.doReturn("").when(access).getProperty(Config.AAF_LOCATOR_CONTAINER,""); + Mockito.doReturn("").when(access).getProperty(Config.AAF_LOCATOR_CONTAINER_NS,""); Mockito.doReturn("http://aafurl.com").when(access).getProperty(Config.AAF_URL,null); try { aafLocatorObj = new DirectAAFLocator(env, ldao,"test","30.20.30.30"); diff --git a/auth/auth-cass/src/test/java/org/onap/aaf/auth/direct/test/JU_DirectLocatorCreator.java b/auth/auth-cass/src/test/java/org/onap/aaf/auth/direct/test/JU_DirectLocatorCreator.java index c2b8597b..0eb75fcb 100644 --- a/auth/auth-cass/src/test/java/org/onap/aaf/auth/direct/test/JU_DirectLocatorCreator.java +++ b/auth/auth-cass/src/test/java/org/onap/aaf/auth/direct/test/JU_DirectLocatorCreator.java @@ -57,7 +57,8 @@ public class JU_DirectLocatorCreator { Mockito.doReturn(access).when(env).access(); Mockito.doReturn("20").when(access).getProperty(Config.CADI_LATITUDE,null); Mockito.doReturn("20").when(access).getProperty(Config.CADI_LONGITUDE,null); - Mockito.doReturn("20").when(access).getProperty(Config.AAF_LOCATOR_CONTAINER,""); + Mockito.doReturn("").when(access).getProperty(Config.AAF_LOCATOR_CONTAINER,""); + Mockito.doReturn("").when(access).getProperty(Config.AAF_LOCATOR_CONTAINER_NS,""); Mockito.doReturn("http://aafurl.com").when(access).getProperty(Config.AAF_URL,null); DirectLocatorCreator directLocObj = new DirectLocatorCreator(env, locateDAO); try { |