diff options
Diffstat (limited to 'auth/auth-cmd/src/main')
66 files changed, 7177 insertions, 0 deletions
diff --git a/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/AAFcli.java b/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/AAFcli.java new file mode 100644 index 00000000..e8069b8e --- /dev/null +++ b/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/AAFcli.java @@ -0,0 +1,647 @@ +/** + * ============LICENSE_START==================================================== + * org.onap.aaf + * =========================================================================== + * Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. + * =========================================================================== + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * ============LICENSE_END==================================================== + * + */ + +package org.onap.aaf.auth.cmd; + +import java.io.BufferedReader; +import java.io.File; +import java.io.FileReader; +import java.io.InputStreamReader; +import java.io.OutputStreamWriter; +import java.io.PrintWriter; +import java.io.Reader; +import java.io.Writer; +import java.net.HttpURLConnection; +import java.net.URI; +import java.util.ArrayList; +import java.util.List; + +import org.onap.aaf.auth.cmd.mgmt.Mgmt; +import org.onap.aaf.auth.cmd.ns.NS; +import org.onap.aaf.auth.cmd.perm.Perm; +import org.onap.aaf.auth.cmd.role.Role; +import org.onap.aaf.auth.cmd.user.User; +import org.onap.aaf.auth.common.Define; +import org.onap.aaf.auth.env.AuthzEnv; +import org.onap.aaf.cadi.Access; +import org.onap.aaf.cadi.CadiException; +import org.onap.aaf.cadi.Locator; +import org.onap.aaf.cadi.PropAccess; +import org.onap.aaf.cadi.SecuritySetter; +import org.onap.aaf.cadi.Access.Level; +import org.onap.aaf.cadi.aaf.v2_0.AAFLocator; +import org.onap.aaf.cadi.client.Retryable; +import org.onap.aaf.cadi.config.Config; +import org.onap.aaf.cadi.config.SecurityInfoC; +import org.onap.aaf.cadi.http.HBasicAuthSS; +import org.onap.aaf.cadi.http.HMangr; +import org.onap.aaf.cadi.sso.AAFSSO; +import org.onap.aaf.misc.env.APIException; + +import jline.console.ConsoleReader; + +public class AAFcli { + private static final String HTTPS = "https://"; + protected static PrintWriter pw; + protected HMangr hman; + // Storage for last reused client. We can do this + // because we're technically "single" threaded calls. + public Retryable<?> prevCall; + + protected SecuritySetter<HttpURLConnection> ss; +// protected AuthzEnv env; + private boolean close; + private List<Cmd> cmds; + + // Lex State + private ArrayList<Integer> expect = new ArrayList<Integer>(); + private boolean verbose = true; + private int delay; + private SecurityInfoC<HttpURLConnection> si; + private boolean request = false; + private String force = null; + private boolean gui = false; + // Package on purpose + Access access; + AuthzEnv env; + + private static int TIMEOUT = Integer.parseInt(Config.AAF_CONN_TIMEOUT_DEF); + private static boolean isConsole = false; + private static boolean isTest = false; + private static boolean showDetails = false; + private static boolean ignoreDelay = false; + private static int globalDelay=0; + + public static int timeout() { + return TIMEOUT; + } + + // Create when only have Access + public AAFcli(Access access, Writer wtr, HMangr hman, SecurityInfoC<HttpURLConnection> si, SecuritySetter<HttpURLConnection> ss) throws APIException { + this(access,new AuthzEnv(access.getProperties()),wtr,hman, si,ss); + } + + public AAFcli(Access access, AuthzEnv env, Writer wtr, HMangr hman, SecurityInfoC<HttpURLConnection> si, SecuritySetter<HttpURLConnection> ss) throws APIException { + this.env = env; + this.access = access; + this.ss = ss; + this.hman = hman; + this.si = si; + if (wtr instanceof PrintWriter) { + pw = (PrintWriter) wtr; + close = false; + } else { + pw = new PrintWriter(wtr); + close = true; + } + + + /* + * Create Cmd Tree + */ + cmds = new ArrayList<Cmd>(); + + Role role = new Role(this); + cmds.add(new Help(this, cmds)); + cmds.add(new Version(this)); + cmds.add(new Perm(role)); + cmds.add(role); + cmds.add(new User(this)); + cmds.add(new NS(this)); + cmds.add(new Mgmt(this)); + } + + public void verbose(boolean v) { + verbose = v; + } + + public void close() { + if (hman != null) { + hman.close(); + hman = null; + } + if (close) { + pw.close(); + } + } + + public boolean eval(String line) throws Exception { + if (line.length() == 0) { + return true; + } else if (line.startsWith("#")) { + pw.println(line); + return true; + } + + String[] largs = argEval(line); + int idx = 0; + + // Variable replacement + StringBuilder sb = null; + while (idx < largs.length) { + int e = 0; + for (int v = largs[idx].indexOf("@["); v >= 0; v = largs[idx].indexOf("@[", v + 1)) { + if (sb == null) { + sb = new StringBuilder(); + } + sb.append(largs[idx], e, v); + if ((e = largs[idx].indexOf(']', v)) >= 0) { + String p = access.getProperty(largs[idx].substring(v + 2, e),null); + if(p==null) { + p = System.getProperty(largs[idx].substring(v+2,e)); + } + ++e; + if (p != null) { + sb.append(p); + } + } + } + if (sb != null && sb.length() > 0) { + sb.append(largs[idx], e, largs[idx].length()); + largs[idx] = sb.toString(); + sb.setLength(0); + } + ++idx; + } + + idx = 0; + boolean rv = true; + while (rv && idx < largs.length) { + // Allow Script to change Credential + if (!gui) { + if("as".equalsIgnoreCase(largs[idx])) { + if (largs.length > ++idx) { + // get Password from Props with ID as Key + String user = largs[idx++]; + int colon = user.indexOf(':'); + String pass; + if (colon > 0) { + pass = user.substring(colon + 1); + user = user.substring(0, colon); + } else { + pass = access.getProperty(user, null); + } + if (pass != null) { + pass = access.decrypt(pass, false); + access.getProperties().put(user, pass); + ss = new HBasicAuthSS(si, user, pass); + pw.println("as " + user); + } else { // get Pass from System Properties, under name of + // Tag + pw.println("ERROR: No password set for " + user); + rv = false; + } + continue; + } + } else if ("expect".equalsIgnoreCase(largs[idx])) { + expect.clear(); + if (largs.length > idx++) { + if (!"nothing".equals(largs[idx])) { + for (String str : largs[idx].split(",")) { + try { + if ("Exception".equalsIgnoreCase(str)) { + expect.add(-1); + } else { + expect.add(Integer.parseInt(str)); + } + } catch (NumberFormatException e) { + throw new CadiException("\"expect\" should be followed by Number"); + } + } + ++idx; + } + } + continue; + // Sleep, typically for reports, to allow DB to update + // Milliseconds + + } else if ("sleep".equalsIgnoreCase(largs[idx])) { + Integer t = Integer.parseInt(largs[++idx]); + pw.println("sleep " + t); + Thread.sleep(t); + ++idx; + continue; + } else if ("delay".equalsIgnoreCase(largs[idx])) { + delay = Integer.parseInt(largs[++idx]); + pw.println("delay " + delay); + ++idx; + continue; + } else if ("pause".equalsIgnoreCase(largs[idx])) { + pw.println("Press <Return> to continue..."); + ++idx; + new BufferedReader(new InputStreamReader(System.in)).readLine(); + continue; + } else if ("exit".equalsIgnoreCase(largs[idx])) { + pw.println("Exiting..."); + return false; + } + + } + + if("REQUEST".equalsIgnoreCase(largs[idx])) { + request=true; + ++idx; + } else if("FORCE".equalsIgnoreCase(largs[idx])) { + force="true"; + ++idx; + } else if("DETAILS".equalsIgnoreCase(largs[idx])) { + showDetails=true; + ++idx; + } else if ("set".equalsIgnoreCase(largs[idx])) { + while (largs.length > ++idx) { + int equals = largs[idx].indexOf('='); + String tag, value; + if (equals < 0) { + tag = largs[idx]; + value = access.getProperty(Config.AAF_APPPASS,null); + if(value==null) { + break; + } else { + value = access.decrypt(value, false); + if(value==null) { + break; + } + access.getProperties().put(tag, value); + pw.println("set " + tag + " <encrypted>"); + } + } else { + tag = largs[idx].substring(0, equals); + value = largs[idx].substring(++equals); + pw.println("set " + tag + ' ' + value); + } + boolean isTrue = "TRUE".equalsIgnoreCase(value); + if("FORCE".equalsIgnoreCase(tag)) { + force = value; + } else if("REQUEST".equalsIgnoreCase(tag)) { + request = isTrue; + } else if("DETAILS".equalsIgnoreCase(tag)) { + showDetails = isTrue; + } else { + access.getProperties().put(tag, value); + } + } + continue; + // Allow Script to indicate if Failure is what is expected + } + + int ret = 0; + for (Cmd c : cmds) { + if (largs[idx].equalsIgnoreCase(c.getName())) { + if (verbose) { + pw.println(line); + if (expect.size() > 0) { + pw.print("** Expect "); + boolean first = true; + for (Integer i : expect) { + if (first) { + first = false; + } else { + pw.print(','); + } + pw.print(i); + } + pw.println(" **"); + } + } + try { + ret = c.exec(++idx, largs); + if (delay+globalDelay > 0) { + Thread.sleep(delay+globalDelay); + } + } catch (Exception e) { + if (expect.contains(-1)) { + pw.println(e.getMessage()); + ret = -1; + } else { + throw e; + } + } finally { + clearSingleLineProperties(); + } + rv = expect.isEmpty() ? true : expect.contains(ret); + if (verbose) { + if (rv) { + pw.println(); + } else { + pw.print("!!! Unexpected Return Code: "); + pw.print(ret); + pw.println(", VALIDATE OUTPUT!!!"); + } + } + return rv; + } + } + pw.write("Unknown Instruction \""); + pw.write(largs[idx]); + pw.write("\"\n"); + idx = largs.length;// always end after one command + } + return rv; + } + + private String[] argEval(String line) { + StringBuilder sb = new StringBuilder(); + ArrayList<String> arr = new ArrayList<String>(); + boolean start = true; + char quote = 0; + char last = 0; + for (int i = 0; i < line.length(); ++i) { + char ch; + if (Character.isWhitespace(ch = line.charAt(i))) { + if (start || last==',') { + continue; // trim + } else if (quote != 0) { + sb.append(ch); + } else { + arr.add(sb.toString()); + sb.setLength(0); + start = true; + } + } else if (ch == '\'' || ch == '"') { // toggle + if (quote == ch) { + quote = 0; + } else { + quote = ch; + } + } else if(ch=='|' && quote==0) { + arr.add(sb.toString()); + sb.setLength(0); + start = true; + } else { + start = false; + sb.append(ch); + last = ch; + } + } + if (sb.length() > 0) { + arr.add(sb.toString()); + } + + String[] rv = new String[arr.size()]; + arr.toArray(rv); + return rv; + } + + public static void keyboardHelp() { + System.out.println("'C-' means hold the ctrl key down while pressing the next key."); + System.out.println("'M-' means hold the alt key down while pressing the next key."); + System.out.println("For instance, C-b means hold ctrl key and press b, M-b means hold alt and press b\n"); + + System.out.println("Basic Keybindings:"); + System.out.println("\tC-l - clear screen"); + System.out.println("\tC-a - beginning of line"); + System.out.println("\tC-e - end of line"); + System.out.println("\tC-b - backward character (left arrow also works)"); + System.out.println("\tM-b - backward word"); + System.out.println("\tC-f - forward character (right arrow also works)"); + System.out.println("\tM-f - forward word"); + System.out.println("\tC-d - delete character under cursor"); + System.out.println("\tM-d - delete word forward"); + System.out.println("\tM-backspace - delete word backward"); + System.out.println("\tC-k - delete from cursor to end of line"); + System.out.println("\tC-u - delete entire line, regardless of cursor position\n"); + + System.out.println("Command History:"); + System.out.println("\tC-r - search backward in history (repeating C-r continues the search)"); + System.out.println("\tC-p - move backwards through history (up arrow also works)"); + System.out.println("\tC-n - move forwards through history (down arrow also works)\n"); + + } + + /** + * @param args + */ + public static void main(String[] args) { + int rv = 0; + + try { + AAFSSO aafsso = new AAFSSO(args); + try { + PropAccess access = aafsso.access(); + Define.set(access); + AuthzEnv env = new AuthzEnv(access); + + StringBuilder err = aafsso.err(); + String noexit = access.getProperty("no_exit"); + if (err != null) { + err.append("to continue..."); + System.err.println(err); + if(noexit!=null) { + System.exit(1); + } + } + + Reader rdr = null; + boolean exitOnFailure = true; + /* + * Check for "-" options anywhere in command line + */ + StringBuilder sb = new StringBuilder(); + for (int i = 0; i < args.length; ++i) { + if ("-i".equalsIgnoreCase(args[i])) { + rdr = new InputStreamReader(System.in); + // } else if("-o".equalsIgnoreCase(args[i])) { + // // shall we do something different? Output stream is + // already done... + } else if ("-f".equalsIgnoreCase(args[i])) { + if (args.length > i + 1) { + rdr = new FileReader(args[++i]); + } + } else if ("-a".equalsIgnoreCase(args[i])) { + exitOnFailure = false; + } else if ("-c".equalsIgnoreCase(args[i])) { + isConsole = true; + } else if ("-s".equalsIgnoreCase(args[i]) && args.length > i + 1) { + access.setProperty(Cmd.STARTDATE, args[++i]); + } else if ("-e".equalsIgnoreCase(args[i]) && args.length > i + 1) { + access.setProperty(Cmd.ENDDATE, args[++i]); + } else if ("-t".equalsIgnoreCase(args[i])) { + isTest = true; + } else if ("-d".equalsIgnoreCase(args[i])) { + showDetails = true; + } else if ("-n".equalsIgnoreCase(args[i])) { + ignoreDelay = true; + } else { + if (sb.length() > 0) { + sb.append(' '); + } + sb.append(args[i]); + } + } + + SecurityInfoC<HttpURLConnection> si = SecurityInfoC.instance(access, HttpURLConnection.class); + Locator<URI> loc; + String aafUrl = access.getProperty(Config.AAF_URL); + if(aafUrl==null) { + aafsso.setLogDefault(); + aafsso.setStdErrDefault(); + aafUrl=AAFSSO.cons.readLine("aaf_url=%s", HTTPS); + if(aafUrl.length()==0) { + System.exit(0); + } else if(!aafUrl.startsWith(HTTPS)) { + aafUrl=HTTPS+aafUrl; + } + aafsso.addProp(Config.AAF_URL, aafUrl); + } + // Note, with AAF Locator, this may not longer be necessary 3/2018 Jonathan + if(!aafsso.loginOnly()) { + try { + loc = new AAFLocator(si,new URI(aafUrl)); + } catch (Throwable t) { + aafsso.setStdErrDefault(); + throw t; + } finally { + // Other Access is done writing to StdOut and StdErr, reset Std out + aafsso.setLogDefault(); + } + + TIMEOUT = Integer.parseInt(access.getProperty(Config.AAF_CONN_TIMEOUT, Config.AAF_CONN_TIMEOUT_DEF)); + HMangr hman = new HMangr(access, loc).readTimeout(TIMEOUT).apiVersion("2.0"); + + if(access.getProperty(Config.AAF_DEFAULT_REALM)==null) { + access.log(Level.ERROR, Config.AAF_DEFAULT_REALM,"is required"); + } + + + AAFcli aafcli = new AAFcli(access,env, new OutputStreamWriter(System.out), hman, si, + new HBasicAuthSS(si,aafsso.user(), access.decrypt(aafsso.enc_pass(),false))); + if(!ignoreDelay) { + File delay = new File("aafcli.delay"); + if(delay.exists()) { + BufferedReader br = new BufferedReader(new FileReader(delay)); + try { + globalDelay = Integer.parseInt(br.readLine()); + } catch(Exception e) { + access.log(Level.DEBUG,e); + } finally { + br.close(); + } + } + } + try { + if (isConsole) { + System.out.println("Type 'help' for short help or 'help -d' for detailed help with aafcli commands"); + System.out.println("Type '?' for help with command line editing"); + System.out.println("Type 'q', 'quit', or 'exit' to quit aafcli\n"); + + ConsoleReader reader = new ConsoleReader(); + try { + reader.setPrompt("aafcli > "); + + String line; + while ((line = reader.readLine()) != null) { + showDetails = (line.contains("-d"))?true:false; + + if (line.equalsIgnoreCase("quit") || line.equalsIgnoreCase("q") || line.equalsIgnoreCase("exit")) { + break; + } else if (line.equalsIgnoreCase("--help -d") || line.equalsIgnoreCase("help -d") + || line.equalsIgnoreCase("help")) { + line = "--help"; + } else if (line.equalsIgnoreCase("cls")) { + reader.clearScreen(); + continue; + } else if (line.equalsIgnoreCase("?")) { + keyboardHelp(); + continue; + } + try { + aafcli.eval(line); + pw.flush(); + } catch (Exception e) { + pw.println(e.getMessage()); + pw.flush(); + } + } + } finally { + reader.close(); + } + } else if (rdr != null) { + BufferedReader br = new BufferedReader(rdr); + String line; + while ((line = br.readLine()) != null) { + if (!aafcli.eval(line) && exitOnFailure) { + rv = 1; + break; + } + } + } else { // just run the command line + aafcli.verbose(false); + if (sb.length() == 0) { + sb.append("--help"); + } + rv = aafcli.eval(sb.toString()) ? 0 : 1; + } + + } finally { + aafcli.close(); + + // Don't close if No Reader, or it's a Reader of Standard In + if (rdr != null && !(rdr instanceof InputStreamReader)) { + rdr.close(); + } + } + } + aafsso.writeFiles(); + } finally { + aafsso.close(); + } + + } catch (MessageException e) { + System.out.println("MessageException caught"); + + System.err.println(e.getMessage()); + } catch (Throwable e) { + e.printStackTrace(System.err); + } + System.exit(rv); + } + + public boolean isTest() { + return AAFcli.isTest; + } + + public boolean isDetailed() { + return AAFcli.showDetails; + } + + public String typeString(Class<?> cls, boolean json) { + return "application/" + cls.getSimpleName() + "+" + (json ? "json" : "xml") + ";version=" + hman.apiVersion(); + } + + public String forceString() { + return force; + } + + public boolean addRequest() { + return request; + } + + public void clearSingleLineProperties() { + force = null; + request = false; + showDetails = false; + } + + public void gui(boolean b) { + gui = b; + } + +} diff --git a/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/BaseCmd.java b/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/BaseCmd.java new file mode 100644 index 00000000..0bfefd21 --- /dev/null +++ b/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/BaseCmd.java @@ -0,0 +1,68 @@ +/** + * ============LICENSE_START==================================================== + * org.onap.aaf + * =========================================================================== + * Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. + * =========================================================================== + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * ============LICENSE_END==================================================== + * + */ + +package org.onap.aaf.auth.cmd; + +import java.util.ArrayList; +import java.util.List; + +import org.onap.aaf.cadi.CadiException; +import org.onap.aaf.cadi.LocatorException; +import org.onap.aaf.misc.env.APIException; + + +public class BaseCmd<CMD extends Cmd> extends Cmd { + protected List<Cmd> cmds; + + public BaseCmd(AAFcli aafcli, String name, Param ... params) { + super(aafcli, null, name, params); + cmds = new ArrayList<Cmd>(); + } + + public BaseCmd(CMD parent, String name, Param ... params) { + super(parent.aafcli, parent, name, params); + cmds = new ArrayList<Cmd>(); + } + + + @Override + public int _exec( int idx, final String ... args) throws CadiException, APIException, LocatorException { + if(args.length-idx<1) { + pw().println(build(new StringBuilder(),null).toString()); + } else { + String s = args[idx]; + String name; + Cmd empty = null; + for(Cmd c: cmds) { + name = c.getName(); + if(name==null && empty==null) { // Mark with Command is null, and take the first one. + empty = c; + } else if(s.equalsIgnoreCase(c.getName())) + return c.exec(idx+1, args); + } + if(empty!=null) { + return empty.exec(idx, args); // If name is null, don't account for it on command line. Jonathan 4-29 + } + pw().println("Instructions not understood."); + } + return 0; + } +} diff --git a/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/Cmd.java b/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/Cmd.java new file mode 100644 index 00000000..9ee321e7 --- /dev/null +++ b/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/Cmd.java @@ -0,0 +1,541 @@ +/** + * ============LICENSE_START==================================================== + * org.onap.aaf + * =========================================================================== + * Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. + * =========================================================================== + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * ============LICENSE_END==================================================== + * + */ + +package org.onap.aaf.auth.cmd; + +import java.io.PrintWriter; +import java.io.StringReader; +import java.sql.Date; +import java.text.DateFormat; +import java.text.SimpleDateFormat; +import java.util.ArrayList; +import java.util.Comparator; +import java.util.GregorianCalendar; +import java.util.List; +import java.util.Stack; +import java.util.concurrent.ConcurrentHashMap; + +import org.onap.aaf.auth.env.AuthzEnv; +import org.onap.aaf.auth.org.OrganizationException; +import org.onap.aaf.auth.rserv.HttpMethods; +import org.onap.aaf.cadi.Access; +import org.onap.aaf.cadi.CadiException; +import org.onap.aaf.cadi.LocatorException; +import org.onap.aaf.cadi.client.Future; +import org.onap.aaf.cadi.client.Rcli; +import org.onap.aaf.cadi.client.Retryable; +import org.onap.aaf.cadi.config.Config; +import org.onap.aaf.cadi.http.HMangr; +import org.onap.aaf.misc.env.APIException; +import org.onap.aaf.misc.env.Data.TYPE; +import org.onap.aaf.misc.env.util.Chrono; +import org.onap.aaf.misc.rosetta.env.RosettaDF; + +import aaf.v2_0.Error; +import aaf.v2_0.History; +import aaf.v2_0.History.Item; +import aaf.v2_0.Request; + + +public abstract class Cmd { + private static final DateFormat dateFmt = new SimpleDateFormat("yyyy-MM-dd HH:mm:ss:SSS"); + protected static final String BLANK = ""; + protected static final String COMMA = ","; // for use in splits + + protected static final int lineLength = 80; + + private final static String hformat = "%-23s %-5s %-20s %-35s\n"; + + public static final String STARTDATE = "startdate"; + public static final String ENDDATE = "enddate"; + + private String name; + private final Param[] params; + private int required; + protected final Cmd parent; + protected final List<Cmd> children; + private final static ConcurrentHashMap<Class<?>,RosettaDF<?>> dfs = new ConcurrentHashMap<Class<?>,RosettaDF<?>>(); + public final AAFcli aafcli; + protected Access access; + private AuthzEnv env; + private final String defaultRealm; + + public Cmd(AAFcli aafcli, String name, Param ... params) { + this(aafcli,null, name,params); + } + + public Cmd(Cmd parent, String name, Param ... params) { + this(parent.aafcli,parent, name,params); + } + + Cmd(AAFcli aafcli, Cmd parent, String name, Param ... params) { + this.parent = parent; + this.aafcli = aafcli; + this.env = aafcli.env; + this.access = aafcli.access; + if(parent!=null) { + parent.children.add(this); + } + children = new ArrayList<Cmd>(); + this.params = params; + this.name = name; + required=0; + for(Param p : params) { + if(p.required) { + ++required; + } + } + + String temp = access.getProperty(Config.AAF_DEFAULT_REALM,null); + if(temp!=null && !temp.startsWith("@")) { + defaultRealm = '@' + temp; + } else { + defaultRealm="<Set Default Realm>"; + } + } + + public final int exec(int idx, String ... args) throws CadiException, APIException, LocatorException { + if(args.length-idx<required) { + throw new CadiException(build(new StringBuilder("Too few args: "),null).toString()); + } + return _exec(idx,args); + } + + protected abstract int _exec(int idx, final String ... args) throws CadiException, APIException, LocatorException; + + public void detailedHelp(int indent,StringBuilder sb) { + } + + protected void detailLine(StringBuilder sb, int length, String s) { + multiChar(sb,length,' ',0); + sb.append(s); + } + + public void apis(int indent,StringBuilder sb) { + } + + protected void api(StringBuilder sb, int indent, HttpMethods meth, String pathInfo, Class<?> cls,boolean head) { + final String smeth = meth.name(); + if(head) { + sb.append('\n'); + detailLine(sb,indent,"APIs:"); + } + indent+=2; + multiChar(sb,indent,' ',0); + sb.append(smeth); + sb.append(' '); + sb.append(pathInfo); + String cliString = aafcli.typeString(cls,true); + if(indent+smeth.length()+pathInfo.length()+cliString.length()+2>80) { + sb.append(" ..."); + multiChar(sb,indent+3+smeth.length(),' ',0); + } else { // same line + sb.append(' '); + } + sb.append(cliString); + } + + protected void multiChar(StringBuilder sb, int length, char c, int indent) { + sb.append('\n'); + for(int i=0;i<indent;++i)sb.append(' '); + for(int i=indent;i<length;++i)sb.append(c); + } + + public StringBuilder build(StringBuilder sb, StringBuilder detail) { + if(name!=null) { + sb.append(name); + sb.append(' '); + } + int line = sb.lastIndexOf("\n")+1; + if(line<0) { + line=0; + } + int indent = sb.length()-line; + for(Param p : params) { + sb.append(p.required?'<':'['); + sb.append(p.tag); + sb.append(p.required?"> ": "] "); + } + + boolean first = true; + for(Cmd child : children) { + if(!(child instanceof DeprecatedCMD)) { + if(first) { + first = false; + } else if(detail==null) { + multiChar(sb,indent,' ',0); + } else { + // Write parents for Detailed Report + Stack<String> stack = new Stack<String>(); + for(Cmd c = child.parent;c!=null;c=c.parent) { + if(c.name!=null) { + stack.push(c.name); + } + } + if(!stack.isEmpty()) { + sb.append(" "); + while(!stack.isEmpty()) { + sb.append(stack.pop()); + sb.append(' '); + } + } + } + child.build(sb,detail); + if(detail!=null) { + child.detailedHelp(4, detail); + // If Child wrote something, then add, bracketing by lines + if(detail.length()>0) { + multiChar(sb,80,'-',2); + sb.append(detail); + sb.append('\n'); + multiChar(sb,80,'-',2); + sb.append('\n'); + detail.setLength(0); // reuse + } else { + sb.append('\n'); + } + } + } + } + return sb; + } + + protected void error(Future<?> future) { + StringBuilder sb = new StringBuilder("Failed"); + String desc = future.body(); + int code = future.code(); + if(desc==null || desc.length()==0) { + withCode(sb,code); + } else if(desc.startsWith("{")) { + StringReader sr = new StringReader(desc); + try { + // Note: 11-18-2013, JG1555. This rather convoluted Message Structure required by TSS Restful Specs, reflecting "Northbound" practices. + Error err = getDF(Error.class).newData().in(TYPE.JSON).load(sr).asObject(); + sb.append(" ["); + sb.append(err.getMessageId()); + sb.append("]: "); + String messageBody = err.getText(); + List<String> vars = err.getVariables(); + int pipe; + for (int varCounter=0;varCounter<vars.size();) { + String var = vars.get(varCounter); + ++varCounter; + if (messageBody.indexOf("%" + varCounter) >= 0) { + if((pipe = var.indexOf('|'))>=0) { // In AAF, we use a PIPE for Choice + if (aafcli.isTest()) { + String expiresStr = var.substring(pipe); + var = var.replace(expiresStr, "[Placeholder]"); + } else { + StringBuilder varsb = new StringBuilder(var); + varsb.deleteCharAt(pipe); + var = varsb.toString(); + } + messageBody = messageBody.replace("%" + varCounter, varCounter-1 + ") " + var); + } else { + messageBody = messageBody.replace("%" + varCounter, var); + } + } + } + sb.append(messageBody); + } catch (Exception e) { + withCode(sb,code); + sb.append(" (Note: Details cannot be obtained from Error Structure)"); + } + } else if(desc.startsWith("<html>")){ // Core Jetty, etc sends HTML for Browsers + withCode(sb,code); + } else { + sb.append(" with code "); + sb.append(code); + sb.append(", "); + sb.append(desc); + } + pw().println(sb); + } + + + private void withCode(StringBuilder sb, Integer code) { + sb.append(" with code "); + sb.append(code); + switch(code) { + case 401: + sb.append(" (HTTP Not Authenticated)"); + break; + case 403: + sb.append(" (HTTP Forbidden)"); + break; + case 404: + sb.append(" (HTTP Not Found)"); + break; + default: + } + } + + /** + * Consistently set start and end dates from Requests (all derived from Request) + * @param req + */ + protected void setStartEnd(Request req) { + // Set Start/End Dates, if exist + String str; + if((str = access.getProperty(Cmd.STARTDATE,null))!=null) { + req.setStart(Chrono.timeStamp(Date.valueOf(str))); + } + + if((str = access.getProperty(Cmd.ENDDATE,null))!=null) { + req.setEnd(Chrono.timeStamp(Date.valueOf(str))); + } + } + + /** + * For Derived classes, who have ENV in this parent + * + * @param cls + * @return + * @throws APIException + */ + protected <T> RosettaDF<T> getDF(Class<T> cls) throws APIException { + return getDF(env,cls); + } + + /** + * This works well, making available for GUI, etc. + * @param env + * @param cls + * @return + * @throws APIException + */ + @SuppressWarnings("unchecked") + public static <T> RosettaDF<T> getDF(AuthzEnv env, Class<T> cls) throws APIException { + RosettaDF<T> rdf = (RosettaDF<T>)dfs.get(cls); + if(rdf == null) { + rdf = env.newDataFactory(cls); + dfs.put(cls, rdf); + } + return rdf; + } + + public void activity(History history, String header) { + if (history.getItem().isEmpty()) { + int start = header.indexOf('['); + if (start >= 0) { + pw().println("No Activity Found for " + header.substring(start)); + } + } else { + pw().println(header); + for(int i=0;i<lineLength;++i)pw().print('-'); + pw().println(); + + pw().format(hformat,"Date","Table","User","Memo"); + for(int i=0;i<lineLength;++i)pw().print('-'); + pw().println(); + + // Save Server time by Sorting locally + List<Item> items = history.getItem(); + java.util.Collections.sort(items, new Comparator<Item>() { + @Override + public int compare(Item o1, Item o2) { + return o2.getTimestamp().compare(o1.getTimestamp()); + } + }); + + for(History.Item item : items) { + GregorianCalendar gc = item.getTimestamp().toGregorianCalendar(); + pw().format(hformat, + dateFmt.format(gc.getTime()), + item.getTarget(), + item.getUser(), + item.getMemo()); + } + } + } + + /** + * Turn String Array into a | delimited String + * @param options + * @return + */ + public static String optionsToString(String[] options) { + StringBuilder sb = new StringBuilder(); + boolean first = true; + for(String s : options) { + if(first) { + first = false; + } else { + sb.append('|'); + } + sb.append(s); + } + return sb.toString(); + } + + /** + * return which index number the Option matches. + * + * throws an Exception if not part of this Option Set + * + * @param options + * @param test + * @return + * @throws Exception + */ + public int whichOption(String[] options, String test) throws CadiException { + for(int i=0;i<options.length;++i) { + if(options[i].equals(test)) { + return i; + } + } + throw new CadiException(build(new StringBuilder("Invalid Option: "),null).toString()); + } + +// protected RosettaEnv env() { +// return aafcli.env; +// } + + protected HMangr hman() { + return aafcli.hman; + } + + public<RET> RET same(Retryable<RET> retryable) throws APIException, CadiException, LocatorException { + // We're storing in AAFCli, because we know it's always the same, and single threaded + if(aafcli.prevCall!=null) { + retryable.item(aafcli.prevCall.item()); + retryable.lastClient=aafcli.prevCall.lastClient; + } + + RET ret = aafcli.hman.same(aafcli.ss,retryable); + + // Store last call in AAFcli, because Cmds are all different instances. + aafcli.prevCall = retryable; + return ret; + } + + public<RET> RET all(Retryable<RET> retryable) throws APIException, CadiException, LocatorException { + this.setQueryParamsOn(retryable.lastClient); + return aafcli.hman.all(aafcli.ss,retryable); + } + + public<RET> RET oneOf(Retryable<RET> retryable,String host) throws APIException, CadiException, LocatorException { + this.setQueryParamsOn(retryable.lastClient); + return aafcli.hman.oneOf(aafcli.ss,retryable,true,host); + } + + protected PrintWriter pw() { + return AAFcli.pw; + } + + public String getName() { + return name; + } + + public void reportHead(String ... str) { + pw().println(); + boolean first = true; + int i=0; + for(String s : str) { + if(first) { + if(++i>1) { + first = false; + pw().print("["); + } + } else { + pw().print("] ["); + } + pw().print(s); + } + if(!first) { + pw().print(']'); + } + pw().println(); + reportLine(); + } + + public String reportColHead(String format, String ... args) { + pw().format(format,(Object[])args); + reportLine(); + return format; + } + + public void reportLine() { + for(int i=0;i<lineLength;++i)pw().print('-'); + pw().println(); + } + + protected void setQueryParamsOn(Rcli<?> rcli) { + StringBuilder sb=null; + String force; + if((force=aafcli.forceString())!=null) { + sb = new StringBuilder("force="); + sb.append(force); + } + if(aafcli.addRequest()) { + if(sb==null) { + sb = new StringBuilder("future=true"); + } else { + sb.append("&future=true"); + } + } + if(sb!=null && rcli!=null) { + rcli.setQueryParams(sb.toString()); + } + } +// +// /** +// * If Force is set, will return True once only, then revert to "FALSE". +// * +// * @return +// */ +// protected String checkForce() { +// if(TRUE.equalsIgnoreCase(env.getProperty(FORCE, FALSE))) { +// env.setProperty(FORCE, FALSE); +// return "true"; +// } +// return FALSE; +// } + + public String toString() { + StringBuilder sb = new StringBuilder(); + if(parent==null) { // ultimate parent + build(sb,null); + return sb.toString(); + } else { + return parent.toString(); + } + } + +// private String getOrgRealm() { +// return ; +// } +// + /** + * Appends shortID with Realm, but only when allowed by Organization + * @throws OrganizationException + */ + public String fullID(String id) { + if(id != null) { + if (id.indexOf('@') < 0) { + id+=defaultRealm; + } else { + return id; // is already a full ID + } + } + return id; + } +} diff --git a/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/DeprecatedCMD.java b/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/DeprecatedCMD.java new file mode 100644 index 00000000..b13c7333 --- /dev/null +++ b/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/DeprecatedCMD.java @@ -0,0 +1,53 @@ +/** + * ============LICENSE_START==================================================== + * org.onap.aaf + * =========================================================================== + * Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. + * =========================================================================== + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * ============LICENSE_END==================================================== + * + */ + +package org.onap.aaf.auth.cmd; + +import org.onap.aaf.cadi.CadiException; +import org.onap.aaf.cadi.LocatorException; +import org.onap.aaf.misc.env.APIException; + + +/** + * Use this class to deprecate methods and features, by pointing to the new + * usages. + * + * These commands will not show up in Help + * @author Jonathan + * + * @param <X> + */ +public class DeprecatedCMD<X extends Cmd> extends BaseCmd<X> { + private String text; + + @SuppressWarnings("unchecked") + public DeprecatedCMD(Cmd cmd, String name, String text) { + super((X)cmd,name); + this.text = text; + } + + @Override + public int _exec(int _idx, final String ... args) throws CadiException, APIException, LocatorException { + pw().println(text); + return _idx; + } + +} diff --git a/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/Help.java b/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/Help.java new file mode 100644 index 00000000..ca10915d --- /dev/null +++ b/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/Help.java @@ -0,0 +1,118 @@ +/** + * ============LICENSE_START==================================================== + * org.onap.aaf + * =========================================================================== + * Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. + * =========================================================================== + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * ============LICENSE_END==================================================== + * + */ + +package org.onap.aaf.auth.cmd; + +import java.util.List; + +import org.onap.aaf.cadi.CadiException; +import org.onap.aaf.cadi.LocatorException; +import org.onap.aaf.misc.env.APIException; + +public class Help extends Cmd { + private List<Cmd> cmds; + + public Help(AAFcli aafcli, List<Cmd> cmds) { + super(aafcli, "--help", + new Param("-d (more details)", false), + new Param("command",false)); + this.cmds = cmds; + } + + @Override + public int _exec( int _idx, final String ... args) throws CadiException, APIException, LocatorException { + int idx = _idx; + boolean first = true; + StringBuilder sb = new StringBuilder("AAF Command Line Tool"); + StringBuilder details; + multiChar(sb, 21, '-',0); + sb.append("\n SingleLine Commands"); + multiChar(sb, 21, '-',2); + sb.append("\n force - add to regular commands to override depency checks"); + sb.append("\n details - add to role list or perm list commands for rich format"); + multiChar(sb, 48, '-',2); + // if details !=null, then extra details are written to it. + details = aafcli.isDetailed()?new StringBuilder():null; + + String comp = args.length>idx?args[idx++]:null; + if("help".equalsIgnoreCase(comp)) { + build(sb,null); + detailedHelp(4, sb); + sb.append('\n'); + } else { + for(Cmd c : cmds) { + if(!(c instanceof DeprecatedCMD)) { + if(comp!=null) { + if(comp.equals(c.getName())) { + multiChar(sb,2,' ',0); + c.build(sb,details); + } + } else { + if(first) { + first=false; + } else { + multiChar(sb,80,'-',2); + } + multiChar(sb,2,' ',0); + c.build(sb,details); + if(details!=null) { + c.detailedHelp(4, sb); + // multiChar(sb,80,'-',2); + } + } + } + } + } + pw().println(sb.toString()); + return 200 /*HttpStatus.OK_200*/; + } + + @Override + public void detailedHelp(int _indent, StringBuilder sb) { + int indent = _indent; + detailLine(sb,indent,"To print main help, enter \"aafcli\" or \"aafcli --help \""); + detailLine(sb,indent,"To print narrow the help content, enter sub-entries after aafcli,"); + detailLine(sb,indent+2,"i.e. \"aafcli perm\""); + detailLine(sb,indent,"To see version of AAF CLI, enter \"aafcli --version \""); + sb.append('\n'); + detailLine(sb,indent,"State Commands: change variables or credentials between calls."); + indent+=4; + detailLine(sb,indent,"set <tag>=<value> - Set any System Property to a new value"); + detailLine(sb,indent,"as <id:password> - Change Credentials. Password may be encrypted"); + detailLine(sb,indent,"expect <int> [int]* - In test mode, check for proper HTTP Status Codes"); + detailLine(sb,indent,"sleep <int> - Wait for <int> seconds"); + detailLine(sb,indent,"force - force deletions that have relationships"); + detailLine(sb,indent,"details - cause list commands (role, perm) to print rich format"); + detailLine(sb,indent," - In GUI CmdLine, use HourGlass option (top right)"); + sb.append('\n'); + detailLine(sb,indent-4,"CmdLine Arguments: change behavior of the aafcli program"); + detailLine(sb,indent,"-i - Read commands from Shell Standard Input"); + detailLine(sb,indent,"-f - Read commands from a file"); + detailLine(sb,indent,"-r - Clear Command Line SSO credential"); + detailLine(sb,indent,"-a - In test mode, do not stop execution on unexpected error"); + detailLine(sb,indent,"-t - Test Mode will not print variable fields that could break tc runs"); + detailLine(sb,indent+6,"such as expiration dates of a credential"); + detailLine(sb,indent,"-s - Request specific Start Date (not immediately)"); + detailLine(sb,indent+6,"Format YYYY-MM-DD. Can also be set with \"set " + Cmd.STARTDATE + "=<value>\""); + detailLine(sb,indent,"-e - Set Expiration/End Date, where commands support"); + detailLine(sb,indent+6,"Format YYYY-MM-DD. Can also be set with \"set " + Cmd.ENDDATE + "=<value>\""); + } +} diff --git a/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/MessageException.java b/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/MessageException.java new file mode 100644 index 00000000..3ed81222 --- /dev/null +++ b/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/MessageException.java @@ -0,0 +1,46 @@ +/** + * ============LICENSE_START==================================================== + * org.onap.aaf + * =========================================================================== + * Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. + * =========================================================================== + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * ============LICENSE_END==================================================== + * + */ + +/** + * + */ +package org.onap.aaf.auth.cmd; + +/** + * An Exception designed simply to give End User message, no stack trace + * + * @author Jonathan + * + */ +public class MessageException extends Exception { + /** + * + */ + private static final long serialVersionUID = 8143933588878259048L; + + /** + * @param Message + */ + public MessageException(String msg) { + super(msg); + } + +} diff --git a/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/Param.java b/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/Param.java new file mode 100644 index 00000000..0d79df0a --- /dev/null +++ b/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/Param.java @@ -0,0 +1,37 @@ +/** + * ============LICENSE_START==================================================== + * org.onap.aaf + * =========================================================================== + * Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. + * =========================================================================== + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * ============LICENSE_END==================================================== + * + */ + +package org.onap.aaf.auth.cmd; + +public class Param { + public final String tag; + public final boolean required; + + /** + * + * @param t + * @param b + */ + public Param(String t, boolean required) { + tag = t; + this.required=required; + } +} diff --git a/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/Version.java b/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/Version.java new file mode 100644 index 00000000..316c5334 --- /dev/null +++ b/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/Version.java @@ -0,0 +1,43 @@ +/** + * ============LICENSE_START==================================================== + * org.onap.aaf + * =========================================================================== + * Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. + * =========================================================================== + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * ============LICENSE_END==================================================== + * + */ + +package org.onap.aaf.auth.cmd; + +import org.onap.aaf.cadi.CadiException; +import org.onap.aaf.cadi.LocatorException; +import org.onap.aaf.cadi.config.Config; +import org.onap.aaf.misc.env.APIException; + +public class Version extends Cmd { + + + public Version(AAFcli aafcli) { + super(aafcli, "--version"); + } + + @Override + protected int _exec(int idx, String... args) throws CadiException, APIException, LocatorException { + pw().println("AAF Command Line Tool"); + String version = access.getProperty(Config.AAF_DEFAULT_VERSION, "2.0"); + pw().println("Version: " + version); + return 200 /*HttpStatus.OK_200;*/; + } +} diff --git a/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/mgmt/Cache.java b/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/mgmt/Cache.java new file mode 100644 index 00000000..cd153537 --- /dev/null +++ b/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/mgmt/Cache.java @@ -0,0 +1,32 @@ +/** + * ============LICENSE_START==================================================== + * org.onap.aaf + * =========================================================================== + * Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. + * =========================================================================== + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * ============LICENSE_END==================================================== + * + */ + +package org.onap.aaf.auth.cmd.mgmt; + +import org.onap.aaf.auth.cmd.BaseCmd; +import org.onap.aaf.misc.env.APIException; + +public class Cache extends BaseCmd<Mgmt> { + public Cache(Mgmt mgmt) throws APIException { + super(mgmt, "cache"); + cmds.add(new Clear(this)); + } +} diff --git a/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/mgmt/Clear.java b/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/mgmt/Clear.java new file mode 100644 index 00000000..a18c1c48 --- /dev/null +++ b/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/mgmt/Clear.java @@ -0,0 +1,85 @@ +/** + * ============LICENSE_START==================================================== + * org.onap.aaf + * =========================================================================== + * Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. + * =========================================================================== + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * ============LICENSE_END==================================================== + * + */ + +package org.onap.aaf.auth.cmd.mgmt; + +import org.onap.aaf.auth.cmd.AAFcli; +import org.onap.aaf.auth.cmd.Cmd; +import org.onap.aaf.auth.cmd.Param; +import org.onap.aaf.auth.common.Define; +import org.onap.aaf.auth.rserv.HttpMethods; +import org.onap.aaf.cadi.CadiException; +import org.onap.aaf.cadi.LocatorException; +import org.onap.aaf.cadi.client.Future; +import org.onap.aaf.cadi.client.Rcli; +import org.onap.aaf.cadi.client.Retryable; +import org.onap.aaf.misc.env.APIException; + +/** + * + * @author Jonathan + * + */ +public class Clear extends Cmd { + public Clear(Cache parent) { + super(parent,"clear", + new Param("name[,name]*",true)); + } + + @Override + public int _exec(int _idx, String ... args) throws CadiException, APIException, LocatorException { + int idx = _idx; + int rv=409; + for(final String name : args[idx++].split(COMMA)) { + rv = all(new Retryable<Integer>() { + @Override + public Integer code(Rcli<?> client) throws APIException, CadiException { + int rv = 409; + Future<Void> fp = client.delete( + "/mgmt/cache/"+name, + Void.class + ); + if(fp.get(AAFcli.timeout())) { + pw().println("Cleared Cache for " + name + " on " + client); + rv=200; + } else { + if(rv==409)rv = fp.code(); + error(fp); + } + return rv; + } + }); + } + return rv; + } + + @Override + public void detailedHelp(int _indent, StringBuilder sb) { + int indent = _indent; + detailLine(sb,indent,"Clear the cache for certain tables"); + indent+=2; + detailLine(sb,indent,"name - name of table or 'all'"); + detailLine(sb,indent+14,"Must have admin rights to '" + Define.ROOT_NS() + '\''); + indent-=2; + api(sb,indent,HttpMethods.DELETE,"mgmt/cache/:name",Void.class,true); + } + +} diff --git a/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/mgmt/Deny.java b/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/mgmt/Deny.java new file mode 100644 index 00000000..b8fc4a23 --- /dev/null +++ b/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/mgmt/Deny.java @@ -0,0 +1,101 @@ +/** + * ============LICENSE_START==================================================== + * org.onap.aaf + * =========================================================================== + * Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. + * =========================================================================== + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * ============LICENSE_END==================================================== + * + */ + +package org.onap.aaf.auth.cmd.mgmt; + +import org.onap.aaf.auth.cmd.AAFcli; +import org.onap.aaf.auth.cmd.BaseCmd; +import org.onap.aaf.auth.cmd.Cmd; +import org.onap.aaf.auth.cmd.Param; +import org.onap.aaf.cadi.CadiException; +import org.onap.aaf.cadi.LocatorException; +import org.onap.aaf.cadi.client.Future; +import org.onap.aaf.cadi.client.Rcli; +import org.onap.aaf.cadi.client.Retryable; +import org.onap.aaf.cadi.config.Config; +import org.onap.aaf.misc.env.APIException; + +public class Deny extends BaseCmd<Mgmt> { + private final static String[] options = {"add","del"}; + + public Deny(Mgmt mgmt) throws APIException { + super(mgmt, "deny"); + cmds.add(new DenySomething(this,"ip","ipv4or6[,ipv4or6]*")); + cmds.add(new DenySomething(this,"id","identity[,identity]*")); + } + + public class DenySomething extends Cmd { + + private boolean isID; + + public DenySomething(Deny deny, String type, String repeatable) { + super(deny, type, + new Param(optionsToString(options),true), + new Param(repeatable,true)); + isID = "id".equals(type); + } + + @Override + protected int _exec(int _idx, String... args) throws CadiException, APIException, LocatorException { + int idx = _idx; + String action = args[idx++]; + final int option = whichOption(options, action); + int rv=409; + for(final String name : args[idx++].split(COMMA)) { + final String append; + if(isID && name.indexOf("@")<0) { + append='@'+ access.getProperty(Config.AAF_DEFAULT_REALM,null); + } else { + append = ""; + } + final String path = "/mgmt/deny/"+getName() + '/'+ name + append; + rv = all(new Retryable<Integer>() { + @Override + public Integer code(Rcli<?> client) throws APIException, CadiException { + int rv = 409; + Future<Void> fp; + String resp; + switch(option) { + case 0: + fp = client.create(path, Void.class); + resp = " added"; + break; + default: + fp = client.delete(path, Void.class); + resp = " deleted"; + } + if(fp.get(AAFcli.timeout())) { + pw().println(name + append + resp + " on " + client); + rv=fp.code(); + } else { + if(rv==409)rv = fp.code(); + error(fp); + } + return rv; + } + }); + } + return rv; + } + + } + +} diff --git a/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/mgmt/Log.java b/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/mgmt/Log.java new file mode 100644 index 00000000..80ad8a46 --- /dev/null +++ b/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/mgmt/Log.java @@ -0,0 +1,108 @@ +/** + * ============LICENSE_START==================================================== + * org.onap.aaf + * =========================================================================== + * Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. + * =========================================================================== + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * ============LICENSE_END==================================================== + * + */ + +package org.onap.aaf.auth.cmd.mgmt; + +import org.onap.aaf.auth.cmd.AAFcli; +import org.onap.aaf.auth.cmd.BaseCmd; +import org.onap.aaf.auth.cmd.Param; +import org.onap.aaf.auth.common.Define; +import org.onap.aaf.auth.rserv.HttpMethods; +import org.onap.aaf.cadi.CadiException; +import org.onap.aaf.cadi.LocatorException; +import org.onap.aaf.cadi.client.Future; +import org.onap.aaf.cadi.client.Rcli; +import org.onap.aaf.cadi.client.Retryable; +import org.onap.aaf.cadi.config.Config; +import org.onap.aaf.misc.env.APIException; + +public class Log extends BaseCmd<Mgmt> { + private final static String[] options = {"add","del"}; + + public Log(Mgmt mgmt) throws APIException { + super(mgmt, "log", + new Param(optionsToString(options),true), + new Param("id[,id]*",true)); + } + + @Override + public int _exec(int _idx, String ... args) throws CadiException, APIException, LocatorException { + int rv=409; + int idx = _idx; + final int option = whichOption(options, args[idx++]); + + for(String name : args[idx++].split(COMMA)) { + final String fname; + if(name.indexOf("@")<0) { + fname=name+'@'+ access.getProperty(Config.AAF_DEFAULT_REALM,null); + } else { + fname = name; + } + + rv = all(new Retryable<Integer>() { + @Override + public Integer code(Rcli<?> client) throws APIException, CadiException { + int rv = 409; + Future<Void> fp; + String str = "/mgmt/log/id/"+fname; + String msg; + switch(option) { + case 0: + fp = client.create(str,Void.class); + msg = "Added"; + break; + case 1: + fp = client.delete(str,Void.class); + msg = "Deleted"; + break; + default: + fp = null; + msg = "Ignored"; + } + + if(fp!=null) { + if(fp.get(AAFcli.timeout())) { + pw().println(msg + " Special Log for " + fname + " on " + client); + rv=200; + } else { + if(rv==409)rv = fp.code(); + error(fp); + } + return rv; + } + return rv; + } + }); + } + return rv; + } + + @Override + public void detailedHelp(int _indent, StringBuilder sb) { + int indent = _indent; + detailLine(sb,indent,"Clear the cache for certain tables"); + indent+=2; + detailLine(sb,indent,"name - name of table or 'all'"); + detailLine(sb,indent+14,"Must have admin rights to '" + Define.ROOT_NS() + '\''); + indent-=2; + api(sb,indent,HttpMethods.DELETE,"mgmt/cache/:name",Void.class,true); + } +} diff --git a/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/mgmt/Mgmt.java b/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/mgmt/Mgmt.java new file mode 100644 index 00000000..6b5e2d66 --- /dev/null +++ b/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/mgmt/Mgmt.java @@ -0,0 +1,36 @@ +/** + * ============LICENSE_START==================================================== + * org.onap.aaf + * =========================================================================== + * Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. + * =========================================================================== + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * ============LICENSE_END==================================================== + * + */ + +package org.onap.aaf.auth.cmd.mgmt; + +import org.onap.aaf.auth.cmd.AAFcli; +import org.onap.aaf.auth.cmd.BaseCmd; +import org.onap.aaf.misc.env.APIException; + +public class Mgmt extends BaseCmd<Mgmt> { + public Mgmt(AAFcli aafcli) throws APIException { + super(aafcli, "mgmt"); + cmds.add(new Cache(this)); + cmds.add(new Deny(this)); + cmds.add(new Log(this)); + cmds.add(new Session(this)); + } +} diff --git a/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/mgmt/SessClear.java b/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/mgmt/SessClear.java new file mode 100644 index 00000000..cfd2fa8d --- /dev/null +++ b/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/mgmt/SessClear.java @@ -0,0 +1,83 @@ +/** + * ============LICENSE_START==================================================== + * org.onap.aaf + * =========================================================================== + * Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. + * =========================================================================== + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * ============LICENSE_END==================================================== + * + */ + +package org.onap.aaf.auth.cmd.mgmt; + +import org.onap.aaf.auth.cmd.AAFcli; +import org.onap.aaf.auth.cmd.Cmd; +import org.onap.aaf.auth.cmd.Param; +import org.onap.aaf.auth.common.Define; +import org.onap.aaf.auth.rserv.HttpMethods; +import org.onap.aaf.cadi.CadiException; +import org.onap.aaf.cadi.LocatorException; +import org.onap.aaf.cadi.client.Future; +import org.onap.aaf.cadi.client.Rcli; +import org.onap.aaf.cadi.client.Retryable; +import org.onap.aaf.misc.env.APIException; + +/** + * p + * @author Jonathan + * + */ +public class SessClear extends Cmd { + public SessClear(Session parent) { + super(parent,"clear", + new Param("machine",true)); + } + + @Override + public int _exec(int idx, String ... args) throws CadiException, APIException, LocatorException { + int rv=409; + String machine = args[idx++]; + rv = oneOf(new Retryable<Integer>() { + @Override + public Integer code(Rcli<?> client) throws APIException, CadiException { + int rv = 409; + Future<Void> fp = client.delete( + "/mgmt/dbsession", + Void.class + ); + if(fp.get(AAFcli.timeout())) { + pw().println("Cleared DBSession on " + client); + rv=200; + } else { + if(rv==409)rv = fp.code(); + error(fp); + } + return rv; + } + },machine); + return rv; + } + + @Override + public void detailedHelp(int _indent, StringBuilder sb) { + int indent = _indent; + detailLine(sb,indent,"Clear the cache for certain tables"); + indent+=2; + detailLine(sb,indent,"name - name of table or 'all'"); + detailLine(sb,indent+14,"Must have admin rights to " + Define.ROOT_NS() + '\''); + indent-=2; + api(sb,indent,HttpMethods.DELETE,"mgmt/cache/:name",Void.class,true); + } + +} diff --git a/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/mgmt/Session.java b/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/mgmt/Session.java new file mode 100644 index 00000000..5929caea --- /dev/null +++ b/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/mgmt/Session.java @@ -0,0 +1,32 @@ +/** + * ============LICENSE_START==================================================== + * org.onap.aaf + * =========================================================================== + * Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. + * =========================================================================== + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * ============LICENSE_END==================================================== + * + */ + +package org.onap.aaf.auth.cmd.mgmt; + +import org.onap.aaf.auth.cmd.BaseCmd; +import org.onap.aaf.misc.env.APIException; + +public class Session extends BaseCmd<Mgmt> { + public Session(Mgmt mgmt) throws APIException { + super(mgmt, "dbsession"); + cmds.add(new SessClear(this)); + } +} diff --git a/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/ns/Admin.java b/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/ns/Admin.java new file mode 100644 index 00000000..363c7482 --- /dev/null +++ b/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/ns/Admin.java @@ -0,0 +1,103 @@ +/** + * ============LICENSE_START==================================================== + * org.onap.aaf + * =========================================================================== + * Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. + * =========================================================================== + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * ============LICENSE_END==================================================== + * + */ + +package org.onap.aaf.auth.cmd.ns; + +import org.onap.aaf.auth.cmd.AAFcli; +import org.onap.aaf.auth.cmd.BaseCmd; +import org.onap.aaf.auth.cmd.Param; +import org.onap.aaf.auth.rserv.HttpMethods; +import org.onap.aaf.cadi.CadiException; +import org.onap.aaf.cadi.LocatorException; +import org.onap.aaf.cadi.client.Future; +import org.onap.aaf.cadi.client.Rcli; +import org.onap.aaf.cadi.client.Retryable; +import org.onap.aaf.misc.env.APIException; + +public class Admin extends BaseCmd<NS> { + private final static String[] options = {"add","del"}; + + public Admin(NS ns) throws APIException { + super(ns,"admin", + new Param(optionsToString(options),true), + new Param("ns-name",true), + new Param("id[,id]*",true) + ); + } + + @Override + public int _exec(int _idx, final String ... args) throws CadiException, APIException, LocatorException { + int idx = _idx; + final int option = whichOption(options, args[idx++]); + final String ns = args[idx++]; + final String ids[] = args[idx++].split(","); + + return same(new Retryable<Integer>() { + @Override + public Integer code(Rcli<?> client) throws CadiException, APIException { + Future<Void> fp = null; + for(String id : ids) { + id = fullID(id); + String verb; + switch(option) { + case 0: + fp = client.create("/authz/ns/"+ns+"/admin/"+id,Void.class); + verb = " added to "; + break; + case 1: + fp = client.delete("/authz/ns/"+ns+"/admin/"+id,Void.class); + verb = " deleted from "; + break; + default: + throw new CadiException("Bad Argument"); + }; + + if(fp.get(AAFcli.timeout())) { + pw().append("Admin "); + pw().append(id); + pw().append(verb); + pw().println(ns); + } else { + error(fp); + return fp.code(); + } + + } + return fp==null?500:fp.code(); + } + }); + } + + @Override + public void detailedHelp(int _indent, StringBuilder sb) { + int indent = _indent; + detailLine(sb,indent,"Add or Delete Administrator to/from Namespace"); + indent+=4; + detailLine(sb,indent,"name - Name of Namespace"); + detailLine(sb,indent,"id - Credential of Person(s) to be Administrator"); + sb.append('\n'); + detailLine(sb,indent,"aafcli will call API on each ID presented."); + indent-=4; + api(sb,indent,HttpMethods.POST,"authz/ns/<ns>/admin/<id>",Void.class,true); + api(sb,indent,HttpMethods.DELETE,"authz/ns/<ns>/admin/<id>",Void.class,false); + } + +} diff --git a/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/ns/Attrib.java b/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/ns/Attrib.java new file mode 100644 index 00000000..cc0d2586 --- /dev/null +++ b/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/ns/Attrib.java @@ -0,0 +1,113 @@ +/** + * ============LICENSE_START==================================================== + * org.onap.aaf + * =========================================================================== + * Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. + * =========================================================================== + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * ============LICENSE_END==================================================== + * + */ + +package org.onap.aaf.auth.cmd.ns; + +import org.onap.aaf.auth.cmd.AAFcli; +import org.onap.aaf.auth.cmd.BaseCmd; +import org.onap.aaf.auth.cmd.Param; +import org.onap.aaf.auth.rserv.HttpMethods; +import org.onap.aaf.cadi.CadiException; +import org.onap.aaf.cadi.LocatorException; +import org.onap.aaf.cadi.client.Future; +import org.onap.aaf.cadi.client.Rcli; +import org.onap.aaf.cadi.client.Retryable; +import org.onap.aaf.misc.env.APIException; + +public class Attrib extends BaseCmd<NS> { + private final static String[] options = {"add","upd","del"}; + + public Attrib(NS ns) throws APIException { + super(ns,"attrib", + new Param(optionsToString(options),true), + new Param("ns-name",true), + new Param("key",true), + new Param("value",false) + ); + } + + @Override + public int _exec(final int idx, final String ... args) throws CadiException, APIException, LocatorException { + final int option = whichOption(options, args[idx]); + final String ns = args[idx+1]; + final String key = args[idx+2]; + final String value; + if(option!=2) { + if(args.length<=idx+3) { + throw new CadiException("Not added: Need more Data"); + } + value = args[idx+3]; + } else { + value = ""; + } + + return same(new Retryable<Integer>() { + @Override + public Integer code(Rcli<?> client) throws CadiException, APIException { + Future<Void> fp = null; + String message; + switch(option) { + case 0: + fp = client.create("/authz/ns/"+ns+"/attrib/"+key+'/'+value,Void.class); + message = String.format("Add Attrib %s=%s to %s", + key,value,ns); + break; + case 1: + fp = client.update("/authz/ns/"+ns+"/attrib/"+key+'/'+value); + message = String.format("Update Attrib %s=%s for %s", + key,value,ns); + break; + case 2: + fp = client.delete("/authz/ns/"+ns+"/attrib/"+key,Void.class); + message = String.format("Attrib %s deleted from %s", + key,ns); + break; + default: + throw new CadiException("Bad Argument"); + }; + + if(fp.get(AAFcli.timeout())) { + pw().println(message); + } else { + error(fp); + return fp.code(); + } + + return fp==null?500:fp.code(); + } + }); + } + + @Override + public void detailedHelp(int _indent, StringBuilder sb) { + int indent = _indent; + detailLine(sb,indent,"Add or Delete Administrator to/from Namespace"); + indent+=4; + detailLine(sb,indent,"name - Name of Namespace"); + detailLine(sb,indent,"id - Credential of Person(s) to be Administrator"); + sb.append('\n'); + detailLine(sb,indent,"aafcli will call API on each ID presented."); + indent-=4; + api(sb,indent,HttpMethods.POST,"authz/ns/<ns>/admin/<id>",Void.class,true); + api(sb,indent,HttpMethods.DELETE,"authz/ns/<ns>/admin/<id>",Void.class,false); + } + +} diff --git a/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/ns/Create.java b/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/ns/Create.java new file mode 100644 index 00000000..a62d5531 --- /dev/null +++ b/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/ns/Create.java @@ -0,0 +1,123 @@ +/** + * ============LICENSE_START==================================================== + * org.onap.aaf + * =========================================================================== + * Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. + * =========================================================================== + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * ============LICENSE_END==================================================== + * + */ + +package org.onap.aaf.auth.cmd.ns; + +import org.onap.aaf.auth.cmd.AAFcli; +import org.onap.aaf.auth.cmd.Cmd; +import org.onap.aaf.auth.cmd.Param; +import org.onap.aaf.auth.rserv.HttpMethods; +import org.onap.aaf.cadi.CadiException; +import org.onap.aaf.cadi.LocatorException; +import org.onap.aaf.cadi.client.Future; +import org.onap.aaf.cadi.client.Rcli; +import org.onap.aaf.cadi.client.Retryable; +import org.onap.aaf.misc.env.APIException; + +import aaf.v2_0.NsRequest; + +/** + * @author Jonathan + * + */ +public class Create extends Cmd { + private static final String COMMA = ","; + + public Create(NS parent) { + super(parent,"create", + new Param("ns-name",true), + new Param("owner (id[,id]*)",true), + new Param("admin (id[,id]*)",false)); + } + + @Override + public int _exec(int _idx, final String ... args) throws CadiException, APIException, LocatorException { + int idx = _idx; + + final NsRequest nr = new NsRequest(); + + nr.setName(args[idx++]); + String[] responsible = args[idx++].split(COMMA); + for(String s : responsible) { + nr.getResponsible().add(fullID(s)); + } + String[] admin; + if(args.length>idx) { + admin = args[idx++].split(COMMA); + } else { + admin = responsible; + } + for(String s : admin) { + nr.getAdmin().add(fullID(s)); + } + + // Set Start/End commands + setStartEnd(nr); + + return same(new Retryable<Integer>() { + @Override + public Integer code(Rcli<?> client) throws CadiException, APIException { + // Requestable + setQueryParamsOn(client); + Future<NsRequest> fp = client.create( + "/authz/ns", + getDF(NsRequest.class), + nr + ); + if(fp.get(AAFcli.timeout())) { + pw().println("Created Namespace"); + } else { + if(fp.code()==202) { + pw().println("Namespace Creation Accepted, but requires Approvals before actualizing"); + } else { + error(fp); + } + } + return fp.code(); + } + }); + } + + @Override + public void detailedHelp(int _indent, StringBuilder sb) { + int indent = _indent; + detailLine(sb,indent,"Create a Namespace"); + indent+=2; + detailLine(sb,indent,"name - Namespaces are dot-delimited, ex com.att.myapp"); + detailLine(sb,indent+14,"and must be created with parent credentials."); + detailLine(sb,indent+14,"Ex: to create com.att.myapp, you must be admin for com.att"); + detailLine(sb,indent+14,"or com"); + detailLine(sb,indent,"owner - This is the person(s) who is responsible for the "); + detailLine(sb,indent+14,"app. These person or persons receive Notifications and"); + detailLine(sb,indent+14,"approves Requests regarding this Namespace. Companies have"); + detailLine(sb,indent+14,"Policies as to who may take on this responsibility"); + detailLine(sb,indent,"admin - These are the people who are allowed to make changes on"); + detailLine(sb,indent+14,"the Namespace, including creating Roles, Permissions"); + detailLine(sb,indent+14,"and Credentials"); + sb.append('\n'); + detailLine(sb,indent,"Namespaces can be created even though there are Roles/Permissions which"); + detailLine(sb,indent,"start with the requested sub-namespace. They are reassigned to the"); + detailLine(sb,indent,"Child Namespace"); + indent-=2; + api(sb,indent,HttpMethods.POST,"authz/ns",NsRequest.class,true); + } + +} diff --git a/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/ns/Delete.java b/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/ns/Delete.java new file mode 100644 index 00000000..19915f4e --- /dev/null +++ b/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/ns/Delete.java @@ -0,0 +1,89 @@ +/** + * ============LICENSE_START==================================================== + * org.onap.aaf + * =========================================================================== + * Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. + * =========================================================================== + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * ============LICENSE_END==================================================== + * + */ + +package org.onap.aaf.auth.cmd.ns; + +import org.onap.aaf.auth.cmd.AAFcli; +import org.onap.aaf.auth.cmd.Cmd; +import org.onap.aaf.auth.cmd.Param; +import org.onap.aaf.auth.rserv.HttpMethods; +import org.onap.aaf.cadi.CadiException; +import org.onap.aaf.cadi.LocatorException; +import org.onap.aaf.cadi.client.Future; +import org.onap.aaf.cadi.client.Rcli; +import org.onap.aaf.cadi.client.Retryable; +import org.onap.aaf.misc.env.APIException; + +/** + * p + * @author Jonathan + * + */ +public class Delete extends Cmd { + public Delete(NS parent) { + super(parent,"delete", + new Param("ns-name",true)); + } + + @Override + public int _exec(final int idx, final String ... args) throws CadiException, APIException, LocatorException { + return same(new Retryable<Integer>() { + @Override + public Integer code(Rcli<?> client) throws CadiException, APIException { + int index = idx; + StringBuilder path = new StringBuilder("/authz/ns/"); + path.append(args[index++]); + + // Send "Force" if set + setQueryParamsOn(client); + Future<Void> fp = client.delete(path.toString(),Void.class); + + if(fp.get(AAFcli.timeout())) { + pw().println("Deleted Namespace"); + } else { + error(fp); + } + return fp.code(); + } + }); + } + + @Override + public void detailedHelp(int _indent, StringBuilder sb) { + int indent = _indent; + detailLine(sb,indent,"Delete a Namespace"); + indent+=4; + detailLine(sb,indent,"Namespaces cannot normally be deleted when there are still credentials,"); + detailLine(sb,indent,"permissions or roles associated with them. These can be deleted"); + detailLine(sb,indent,"automatically by setting \"force\" property."); + detailLine(sb,indent,"i.e. set force=true or just starting with \"force\""); + detailLine(sb,indent," (note force is unset after first use)"); + sb.append('\n'); + detailLine(sb,indent,"If \"set force=move\" is set, credentials are deleted, but "); + detailLine(sb,indent,"Permissions and Roles are assigned to the Parent Namespace instead of"); + detailLine(sb,indent,"being deleted. Similarly, Namespaces can be created even though there"); + detailLine(sb,indent,"are Roles/Perms whose type starts with the requested sub-namespace."); + detailLine(sb,indent,"They are simply reassigned to the Child Namespace"); + indent-=4; + api(sb,indent,HttpMethods.DELETE,"authz/ns/<ns>[?force=true]",Void.class,true); + } + +} diff --git a/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/ns/Describe.java b/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/ns/Describe.java new file mode 100644 index 00000000..af40ff99 --- /dev/null +++ b/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/ns/Describe.java @@ -0,0 +1,94 @@ +/** + * ============LICENSE_START==================================================== + * org.onap.aaf + * =========================================================================== + * Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. + * =========================================================================== + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * ============LICENSE_END==================================================== + * + */ + +package org.onap.aaf.auth.cmd.ns; + +import org.onap.aaf.auth.cmd.AAFcli; +import org.onap.aaf.auth.cmd.Cmd; +import org.onap.aaf.auth.cmd.Param; +import org.onap.aaf.auth.rserv.HttpMethods; +import org.onap.aaf.cadi.CadiException; +import org.onap.aaf.cadi.LocatorException; +import org.onap.aaf.cadi.client.Future; +import org.onap.aaf.cadi.client.Rcli; +import org.onap.aaf.cadi.client.Retryable; +import org.onap.aaf.misc.env.APIException; + +import aaf.v2_0.NsRequest; + +public class Describe extends Cmd { + private static final String NS_PATH = "/authz/ns"; + public Describe(NS parent) { + super(parent,"describe", + new Param("ns-name",true), + new Param("description",true)); + } + + @Override + public int _exec(final int index, final String ... args) throws CadiException, APIException, LocatorException { + return same(new Retryable<Integer>() { + @Override + public Integer code(Rcli<?> client) throws CadiException, APIException { + int idx = index; + String name = args[idx++]; + StringBuilder desc = new StringBuilder(); + while (idx < args.length) { + desc.append(args[idx++] + ' '); + } + + NsRequest nsr = new NsRequest(); + nsr.setName(name); + nsr.setDescription(desc.toString()); + + // Set Start/End commands + setStartEnd(nsr); + + Future<NsRequest> fn = null; + int rv; + + fn = client.update( + NS_PATH, + getDF(NsRequest.class), + nsr + ); + + if(fn.get(AAFcli.timeout())) { + rv=fn.code(); + pw().println("Description added to Namespace"); + } else { + if((rv=fn.code())==202) { + pw().print("Adding description"); + pw().println(" Accepted, but requires Approvals before actualizing"); + } else { + error(fn); + } + } + return rv; + } + }); + } + + @Override + public void detailedHelp(int indent, StringBuilder sb) { + detailLine(sb,indent,"Add a description to a namespace"); + api(sb,indent,HttpMethods.PUT,"authz/ns",NsRequest.class,true); + } +}
\ No newline at end of file diff --git a/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/ns/List.java b/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/ns/List.java new file mode 100644 index 00000000..387bae00 --- /dev/null +++ b/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/ns/List.java @@ -0,0 +1,176 @@ +/** + * ============LICENSE_START==================================================== + * org.onap.aaf + * =========================================================================== + * Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. + * =========================================================================== + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * ============LICENSE_END==================================================== + * + */ + +package org.onap.aaf.auth.cmd.ns; + +import java.util.Collections; +import java.util.Comparator; + +import org.onap.aaf.auth.cmd.BaseCmd; +import org.onap.aaf.auth.cmd.DeprecatedCMD; +import org.onap.aaf.cadi.client.Future; +import org.onap.aaf.misc.env.util.Chrono; + +import aaf.v2_0.Nss; +import aaf.v2_0.Nss.Ns; +import aaf.v2_0.Perms; +import aaf.v2_0.Roles; +import aaf.v2_0.Users; +import aaf.v2_0.Users.User; + +public class List extends BaseCmd<NS> { + + public List(NS parent) { + super(parent,"list"); + cmds.add(new ListByName(this)); + +// TODO: uncomment when on cassandra 2.1.2 if we like cli command to get all ns's +// a user is admin or responsible for + cmds.add(new ListAdminResponsible(this)); + cmds.add(new DeprecatedCMD<List>(this,"responsible","'responsible' is deprecated. use 'owner'")); // deprecated + cmds.add(new ListActivity(this)); + cmds.add(new ListUsers(this)); + cmds.add(new ListChildren(this)); + cmds.add(new ListNsKeysByAttrib(this)); + } + + private static final String sformat = " %-72s\n"; + protected static final String kformat = " %-72s\n"; + + + public void report(Future<Nss> fp, String ... str) { + reportHead(str); + if(fp==null) { + pw().println(" *** Namespace Not Found ***"); + } + + if(fp!=null && fp.value!=null) { + for(Ns ns : fp.value.getNs()) { + pw().println(ns.getName()); + if (this.aafcli.isDetailed()) { + pw().println(" Description"); + pw().format(sformat,ns.getDescription()==null?"":ns.getDescription()); + } + if(ns.getAdmin().size()>0) { + pw().println(" Administrators"); + for(String admin : ns.getAdmin()) { + pw().format(sformat,admin); + } + } + if(ns.getResponsible().size()>0) { + pw().println(" Owners (Responsible for Namespace)"); + for(String responsible : ns.getResponsible()) { + pw().format(sformat,responsible); + } + } + if(ns.getAttrib().size()>0) { + pw().println(" Namespace Attributes"); + for( Ns.Attrib attr : ns.getAttrib()) { + StringBuilder sb = new StringBuilder(attr.getKey()); + if(attr.getValue()==null || attr.getValue().length()>0) { + sb.append('='); + sb.append(attr.getValue()); + } + pw().format(sformat,sb.toString()); + } + + } + } + } + } + + public void reportName(Future<Nss> fp, String ... str) { + reportHead(str); + if(fp!=null && fp.value!=null) { + java.util.List<Ns> nss = fp.value.getNs(); + Collections.sort(nss, new Comparator<Ns>() { + @Override + public int compare(Ns ns1, Ns ns2) { + return ns1.getName().compareTo(ns2.getName()); + } + }); + + for(Ns ns : nss) { + pw().println(ns.getName()); + if (this.aafcli.isDetailed() && ns.getDescription() != null) { + pw().println(" " + ns.getDescription()); + } + } + } + } + + public void reportRole(Future<Roles> fr) { + if(fr!=null && fr.value!=null && fr.value.getRole().size()>0) { + pw().println(" Roles"); + for(aaf.v2_0.Role r : fr.value.getRole()) { + pw().format(sformat,r.getName()); + } + } + } + + private static final String pformat = " %-30s %-24s %-15s\n"; + public void reportPerm(Future<Perms> fp) { + if(fp!=null && fp.value!=null && fp.value.getPerm().size()>0) { + pw().println(" Permissions"); + for(aaf.v2_0.Perm p : fp.value.getPerm()) { + pw().format(pformat,p.getType(),p.getInstance(),p.getAction()); + } + } + } + + + private static final String cformat = " %-30s %-6s %-24s\n"; + public void reportCred(Future<Users> fc) { + if(fc!=null && fc.value!=null && fc.value.getUser().size()>0) { + pw().println(" Credentials"); + java.util.List<User> users = fc.value.getUser(); + Collections.sort(users, new Comparator<User>() { + @Override + public int compare(User u1, User u2) { + return u1.getId().compareTo(u2.getId()); + } + }); + for(aaf.v2_0.Users.User u : users) { + if (this.aafcli.isTest()) { + pw().format(sformat,u.getId()); + } else { + pw().format(cformat,u.getId(),getType(u),Chrono.niceDateStamp(u.getExpires())); + } + } + } + } + + public static String getType(User u) { + Integer type; + if((type=u.getType())==null) { + type = 9999; + } + switch(type) { + case 1: return "U/P"; + case 2: return "U/P2"; + case 10: return "Cert"; + case 200: return "x509"; + default: + return "n/a"; + } + } + +} diff --git a/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/ns/ListActivity.java b/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/ns/ListActivity.java new file mode 100644 index 00000000..4cc4236e --- /dev/null +++ b/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/ns/ListActivity.java @@ -0,0 +1,80 @@ +/** + * ============LICENSE_START==================================================== + * org.onap.aaf + * =========================================================================== + * Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. + * =========================================================================== + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * ============LICENSE_END==================================================== + * + */ + +package org.onap.aaf.auth.cmd.ns; + +import org.onap.aaf.auth.cmd.AAFcli; +import org.onap.aaf.auth.cmd.Cmd; +import org.onap.aaf.auth.cmd.Param; +import org.onap.aaf.auth.rserv.HttpMethods; +import org.onap.aaf.cadi.CadiException; +import org.onap.aaf.cadi.LocatorException; +import org.onap.aaf.cadi.client.Future; +import org.onap.aaf.cadi.client.Rcli; +import org.onap.aaf.cadi.client.Retryable; +import org.onap.aaf.misc.env.APIException; + +import aaf.v2_0.History; + +/** + * * @author Jonathan + * + */ +public class ListActivity extends Cmd { + private static final String HEADER = "List Activity of Namespace"; + + public ListActivity(List parent) { + super(parent,"activity", + new Param("ns-name",true)); + } + + @Override + public int _exec(int _idx, final String ... args) throws CadiException, APIException, LocatorException { + int idx = _idx; + final String ns = args[idx++]; + + return same(new Retryable<Integer>() { + @Override + public Integer code(Rcli<?> client) throws CadiException, APIException { + Future<History> fp = client.read( + "/authz/hist/ns/"+ns, + getDF(History.class) + ); + + if(fp.get(AAFcli.timeout())) { + activity(fp.value, HEADER + " [ " + ns + " ]"); + } else { + error(fp); + } + return fp.code(); + } + }); + } + + @Override + public void detailedHelp(int indent, StringBuilder sb) { + detailLine(sb,indent,HEADER); + api(sb,indent,HttpMethods.GET,"authz/hist/ns/<ns>",History.class,true); + } + + + +} diff --git a/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/ns/ListAdminResponsible.java b/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/ns/ListAdminResponsible.java new file mode 100644 index 00000000..e17436a2 --- /dev/null +++ b/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/ns/ListAdminResponsible.java @@ -0,0 +1,77 @@ +/** + * ============LICENSE_START==================================================== + * org.onap.aaf + * =========================================================================== + * Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. + * =========================================================================== + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * ============LICENSE_END==================================================== + * + */ + +package org.onap.aaf.auth.cmd.ns; + +import org.onap.aaf.auth.cmd.AAFcli; +import org.onap.aaf.auth.cmd.Cmd; +import org.onap.aaf.auth.cmd.Param; +import org.onap.aaf.auth.rserv.HttpMethods; +import org.onap.aaf.cadi.CadiException; +import org.onap.aaf.cadi.LocatorException; +import org.onap.aaf.cadi.client.Future; +import org.onap.aaf.cadi.client.Rcli; +import org.onap.aaf.cadi.client.Retryable; +import org.onap.aaf.misc.env.APIException; + +import aaf.v2_0.Nss; + +public class ListAdminResponsible extends Cmd { + private static final String HEADER="List Namespaces with "; + private final static String[] options = {"admin","owner"}; + + public ListAdminResponsible(List parent) { + super(parent,null, + new Param(optionsToString(options),true), + new Param("user",true)); + } + + @Override + protected int _exec(final int index, final String... args) throws CadiException, APIException, LocatorException { + + return same(new Retryable<Integer>() { + @Override + public Integer code(Rcli<?> client) throws CadiException, APIException { + int idx = index; + String title = args[idx++]; + String user = fullID(args[idx++]); + String apipart = "owner".equals(title)?"responsible":title; + + Future<Nss> fn = client.read("/authz/nss/"+apipart+"/"+user,getDF(Nss.class)); + if(fn.get(AAFcli.timeout())) { + ((List)parent).reportName(fn,HEADER + title + " privileges for ",user); + } else if(fn.code()==404) { + ((List)parent).report(null,HEADER + title + " privileges for ",user); + return 200; + } else { + error(fn); + } + return fn.code(); + } + }); + } + + @Override + public void detailedHelp(int indent, StringBuilder sb) { + detailLine(sb,indent,HEADER + "admin or owner privileges for user"); + api(sb,indent,HttpMethods.GET,"authz/nss/<admin|owner>/<user>",Nss.class,true); + } +} diff --git a/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/ns/ListByName.java b/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/ns/ListByName.java new file mode 100644 index 00000000..ffc1af89 --- /dev/null +++ b/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/ns/ListByName.java @@ -0,0 +1,105 @@ +/** + * ============LICENSE_START==================================================== + * org.onap.aaf + * =========================================================================== + * Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. + * =========================================================================== + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * ============LICENSE_END==================================================== + * + */ + +package org.onap.aaf.auth.cmd.ns; + +import org.onap.aaf.auth.cmd.AAFcli; +import org.onap.aaf.auth.cmd.Cmd; +import org.onap.aaf.auth.cmd.Param; +import org.onap.aaf.auth.rserv.HttpMethods; +import org.onap.aaf.cadi.CadiException; +import org.onap.aaf.cadi.LocatorException; +import org.onap.aaf.cadi.client.Future; +import org.onap.aaf.cadi.client.Rcli; +import org.onap.aaf.cadi.client.Retryable; +import org.onap.aaf.misc.env.APIException; + +import aaf.v2_0.Nss; +import aaf.v2_0.Nss.Ns; +import aaf.v2_0.Perms; +import aaf.v2_0.Roles; +import aaf.v2_0.Users; + +/** + * p + * @author Jonathan + * + */ +public class ListByName extends Cmd { + private static final String HEADER="List Namespaces by Name"; + + public ListByName(List parent) { + super(parent,"name", + new Param("ns-name",true)); + } + + @Override + public int _exec(int _idx, final String ... args) throws CadiException, APIException, LocatorException { + int idx = _idx; + final String ns=args[idx++]; + return same(new Retryable<Integer>() { + @Override + public Integer code(Rcli<?> client) throws CadiException, APIException { + Future<Nss> fn = client.read("/authz/nss/"+ns,getDF(Nss.class)); + if(fn.get(AAFcli.timeout())) { + ((List)parent).report(fn,HEADER,ns); + if(fn.value!=null) { + for(Ns n : fn.value.getNs()) { + Future<Roles> fr = client.read("/authz/roles/ns/"+n.getName(), getDF(Roles.class)); + if(fr.get(AAFcli.timeout())) { + ((List)parent).reportRole(fr); + } + } + for(Ns n : fn.value.getNs()) { + Future<Perms> fp = client.read("/authz/perms/ns/"+n.getName()+(aafcli.isDetailed()?"?ns":""), getDF(Perms.class)); + if(fp.get(AAFcli.timeout())) { + ((List)parent).reportPerm(fp); + } + } + for(Ns n : fn.value.getNs()) { + Future<Users> fu = client.read("/authn/creds/ns/"+n.getName()+(aafcli.isDetailed()?"?ns":""), getDF(Users.class)); + if(fu.get(AAFcli.timeout())) { + ((List)parent).reportCred(fu); + } + } + } + } else if(fn.code()==404) { + ((List)parent).report(null,HEADER,ns); + return 200; + } else { + error(fn); + } + return fn.code(); + } + }); + } + + @Override + public void detailedHelp(int indent, StringBuilder sb) { + detailLine(sb,indent,HEADER); + api(sb,indent,HttpMethods.GET,"authz/nss/<ns>",Nss.class,true); + detailLine(sb,indent,"Indirectly uses:"); + api(sb,indent,HttpMethods.GET,"authz/roles/ns/<ns>",Roles.class,false); + api(sb,indent,HttpMethods.GET,"authz/perms/ns/<ns>",Perms.class,false); + api(sb,indent,HttpMethods.GET,"authn/creds/ns/<ns>",Users.class,false); + } + +} diff --git a/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/ns/ListChildren.java b/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/ns/ListChildren.java new file mode 100644 index 00000000..07dcf701 --- /dev/null +++ b/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/ns/ListChildren.java @@ -0,0 +1,81 @@ +/** + * ============LICENSE_START==================================================== + * org.onap.aaf + * =========================================================================== + * Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. + * =========================================================================== + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * ============LICENSE_END==================================================== + * + */ + +package org.onap.aaf.auth.cmd.ns; + +import org.onap.aaf.auth.cmd.AAFcli; +import org.onap.aaf.auth.cmd.Cmd; +import org.onap.aaf.auth.cmd.Param; +import org.onap.aaf.auth.rserv.HttpMethods; +import org.onap.aaf.cadi.CadiException; +import org.onap.aaf.cadi.LocatorException; +import org.onap.aaf.cadi.client.Future; +import org.onap.aaf.cadi.client.Rcli; +import org.onap.aaf.cadi.client.Retryable; +import org.onap.aaf.misc.env.APIException; + +import aaf.v2_0.Nss; +import aaf.v2_0.Nss.Ns; + +/** + * p + * @author Jonathan + * + */ +public class ListChildren extends Cmd { + private static final String HEADER="List Child Namespaces"; + + public ListChildren(List parent) { + super(parent,"children", + new Param("ns-name",true)); + } + + @Override + public int _exec(int _idx, final String ... args) throws CadiException, APIException, LocatorException { + int idx = _idx; + final String ns=args[idx++]; + return same(new Retryable<Integer>() { + @Override + public Integer code(Rcli<?> client) throws CadiException, APIException { + Future<Nss> fn = client.read("/authz/nss/children/"+ns,getDF(Nss.class)); + if(fn.get(AAFcli.timeout())) { + parent.reportHead(HEADER); + for(Ns ns : fn.value.getNs()) { + pw().format(List.kformat, ns.getName()); + } + } else if(fn.code()==404) { + ((List)parent).report(null,HEADER,ns); + return 200; + } else { + error(fn); + } + return fn.code(); + } + }); + } + + @Override + public void detailedHelp(int indent, StringBuilder sb) { + detailLine(sb,indent,HEADER); + api(sb,indent,HttpMethods.GET,"authz/nss/children/<ns>",Nss.class,true); + } + +} diff --git a/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/ns/ListNsKeysByAttrib.java b/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/ns/ListNsKeysByAttrib.java new file mode 100644 index 00000000..7c449565 --- /dev/null +++ b/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/ns/ListNsKeysByAttrib.java @@ -0,0 +1,88 @@ +/** + * ============LICENSE_START==================================================== + * org.onap.aaf + * =========================================================================== + * Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. + * =========================================================================== + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * ============LICENSE_END==================================================== + * + */ + +package org.onap.aaf.auth.cmd.ns; + +import org.onap.aaf.auth.cmd.AAFcli; +import org.onap.aaf.auth.cmd.Cmd; +import org.onap.aaf.auth.cmd.Param; +import org.onap.aaf.auth.rserv.HttpMethods; +import org.onap.aaf.cadi.CadiException; +import org.onap.aaf.cadi.LocatorException; +import org.onap.aaf.cadi.client.Future; +import org.onap.aaf.cadi.client.Rcli; +import org.onap.aaf.cadi.client.Retryable; +import org.onap.aaf.misc.env.APIException; + +import aaf.v2_0.Keys; +import aaf.v2_0.Nss; +import aaf.v2_0.Perms; +import aaf.v2_0.Roles; +import aaf.v2_0.Users; + +/** + * p + * @author Jonathan + * + */ +public class ListNsKeysByAttrib extends Cmd { + private static final String HEADER="List Namespace Names by Attribute"; + + public ListNsKeysByAttrib(List parent) { + super(parent,"keys", + new Param("attrib",true)); + } + + @Override + public int _exec(final int idx, final String ... args) throws CadiException, APIException, LocatorException { + final String attrib=args[idx]; + return same(new Retryable<Integer>() { + @Override + public Integer code(Rcli<?> client) throws CadiException, APIException { + Future<Keys> fn = client.read("/authz/ns/attrib/"+attrib,getDF(Keys.class)); + if(fn.get(AAFcli.timeout())) { + parent.reportHead(HEADER); + for(String key : fn.value.getKey()) { + pw().printf(List.kformat, key); + } + } else if(fn.code()==404) { + parent.reportHead(HEADER); + pw().println(" *** No Namespaces Found ***"); + return 200; + } else { + error(fn); + } + return fn.code(); + } + }); + } + + @Override + public void detailedHelp(int indent, StringBuilder sb) { + detailLine(sb,indent,HEADER); + api(sb,indent,HttpMethods.GET,"authz/nss/<ns>",Nss.class,true); + detailLine(sb,indent,"Indirectly uses:"); + api(sb,indent,HttpMethods.GET,"authz/roles/ns/<ns>",Roles.class,false); + api(sb,indent,HttpMethods.GET,"authz/perms/ns/<ns>",Perms.class,false); + api(sb,indent,HttpMethods.GET,"authn/creds/ns/<ns>",Users.class,false); + } + +} diff --git a/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/ns/ListUsers.java b/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/ns/ListUsers.java new file mode 100644 index 00000000..7106ba6d --- /dev/null +++ b/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/ns/ListUsers.java @@ -0,0 +1,76 @@ +/** + * ============LICENSE_START==================================================== + * org.onap.aaf + * =========================================================================== + * Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. + * =========================================================================== + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * ============LICENSE_END==================================================== + * + */ + +package org.onap.aaf.auth.cmd.ns; + +import javax.xml.datatype.XMLGregorianCalendar; + +import org.onap.aaf.auth.cmd.BaseCmd; +import org.onap.aaf.cadi.CadiException; +import org.onap.aaf.cadi.client.Future; + +import aaf.v2_0.Nss; +import aaf.v2_0.Users.User; + +public class ListUsers extends BaseCmd<List> { + + public ListUsers(List parent) { + super(parent,"user"); + cmds.add(new ListUsersWithPerm(this)); + cmds.add(new ListUsersInRole(this)); + } + private static final Future<Nss> dummy = new Future<Nss>(){ + + @Override + public boolean get(int timeout) throws CadiException { + return false; + } + + @Override + public int code() { + return 0; + } + + @Override + public String body() { + return null; + } + + @Override + public String header(String tag) { + return null; + } + }; + public void report(String header, String ns) { + ((List)parent).report(dummy, header,ns); + } + + public void report(String subHead) { + pw().println(subHead); + } + + private static final String uformat = "%s%-50s expires:%02d/%02d/%04d\n"; + public void report(String prefix, User u) { + XMLGregorianCalendar xgc = u.getExpires(); + pw().format(uformat,prefix,u.getId(),xgc.getMonth()+1,xgc.getDay(),xgc.getYear()); + } + +} diff --git a/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/ns/ListUsersContact.java b/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/ns/ListUsersContact.java new file mode 100644 index 00000000..1c988e30 --- /dev/null +++ b/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/ns/ListUsersContact.java @@ -0,0 +1,128 @@ +/** + * ============LICENSE_START==================================================== + * org.onap.aaf + * =========================================================================== + * Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. + * =========================================================================== + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * ============LICENSE_END==================================================== + * + */ + +package org.onap.aaf.auth.cmd.ns; + +import java.util.HashSet; +import java.util.Set; + +import org.onap.aaf.auth.cmd.AAFcli; +import org.onap.aaf.auth.cmd.Cmd; +import org.onap.aaf.auth.cmd.Param; +import org.onap.aaf.auth.rserv.HttpMethods; +import org.onap.aaf.cadi.CadiException; +import org.onap.aaf.cadi.LocatorException; +import org.onap.aaf.cadi.client.Future; +import org.onap.aaf.cadi.client.Rcli; +import org.onap.aaf.cadi.client.Retryable; +import org.onap.aaf.misc.env.APIException; + +import aaf.v2_0.Nss; +import aaf.v2_0.Nss.Ns; +import aaf.v2_0.Role; +import aaf.v2_0.Roles; +import aaf.v2_0.Users; +import aaf.v2_0.Users.User; + +/** + * p + * @author Jonathan + * + */ +public class ListUsersContact extends Cmd { + private static final String HEADER="List Contacts of Namespace "; + + public ListUsersContact(ListUsers parent) { + super(parent,"contact", + new Param("ns-name",true)); + } + + @Override + public int _exec(int _idx, final String ... args) throws CadiException, APIException, LocatorException { + int idx = _idx; + final String ns=args[idx++]; + final boolean detail = aafcli.isDetailed(); + return same(new Retryable<Integer>() { + @Override + public Integer code(Rcli<?> client) throws CadiException, APIException { + ((ListUsers)parent).report(HEADER,ns); + Future<Nss> fn = client.read("/authz/nss/"+ns,getDF(Nss.class)); + if(fn.get(AAFcli.timeout())) { + if(fn.value!=null) { + Set<String> uset = detail?null:new HashSet<String>(); + for(Ns n : fn.value.getNs()) { + Future<Roles> fr = client.read("/authz/roles/ns/"+n.getName(), getDF(Roles.class)); + if(fr.get(AAFcli.timeout())) { + for(Role r : fr.value.getRole()) { + if(detail) { + ((ListUsers)parent).report(r.getName()); + } + Future<Users> fus = client.read( + "/authz/users/role/"+r.getName(), + getDF(Users.class) + ); + if(fus.get(AAFcli.timeout())) { + for(User u : fus.value.getUser()) { + if(detail) { + ((ListUsers)parent).report(" ",u); + } else { + uset.add(u.getId()); + } + } + } else if(fn.code()==404) { + return 200; + } + } + } + } + if(uset!=null) { + for(String u : uset) { + pw().print(" "); + pw().println(u); + } + } + } + } else if(fn.code()==404) { + return 200; + } else { + error(fn); + } + return fn.code(); + } + }); + } + + @Override + public void detailedHelp(int _indent, StringBuilder sb) { + int indent = _indent; + detailLine(sb,indent,HEADER); + indent+=4; + detailLine(sb,indent,"Report Users associated with this Namespace's Roles"); + sb.append('\n'); + detailLine(sb,indent,"If \"set details=true\" is specified, then all roles are printed "); + detailLine(sb,indent,"with the associated users and expiration dates"); + indent-=4; + api(sb,indent,HttpMethods.GET,"authz/nss/<ns>",Nss.class,true); + api(sb,indent,HttpMethods.GET,"authz/roles/ns/<ns>",Roles.class,false); + api(sb,indent,HttpMethods.GET,"authz/users/role/<ns>",Users.class,false); + } + +} diff --git a/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/ns/ListUsersInRole.java b/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/ns/ListUsersInRole.java new file mode 100644 index 00000000..2ee8bd2c --- /dev/null +++ b/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/ns/ListUsersInRole.java @@ -0,0 +1,128 @@ +/** + * ============LICENSE_START==================================================== + * org.onap.aaf + * =========================================================================== + * Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. + * =========================================================================== + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * ============LICENSE_END==================================================== + * + */ + +package org.onap.aaf.auth.cmd.ns; + +import java.util.HashSet; +import java.util.Set; + +import org.onap.aaf.auth.cmd.AAFcli; +import org.onap.aaf.auth.cmd.Cmd; +import org.onap.aaf.auth.cmd.Param; +import org.onap.aaf.auth.rserv.HttpMethods; +import org.onap.aaf.cadi.CadiException; +import org.onap.aaf.cadi.LocatorException; +import org.onap.aaf.cadi.client.Future; +import org.onap.aaf.cadi.client.Rcli; +import org.onap.aaf.cadi.client.Retryable; +import org.onap.aaf.misc.env.APIException; + +import aaf.v2_0.Nss; +import aaf.v2_0.Nss.Ns; +import aaf.v2_0.Role; +import aaf.v2_0.Roles; +import aaf.v2_0.Users; +import aaf.v2_0.Users.User; + +/** + * p + * @author Jonathan + * + */ +public class ListUsersInRole extends Cmd { + private static final String HEADER="List Users in Roles of Namespace "; + + public ListUsersInRole(ListUsers parent) { + super(parent,"role", + new Param("ns-name",true)); + } + + @Override + public int _exec(int _idx, final String ... args) throws CadiException, APIException, LocatorException { + int idx = _idx; + final String ns=args[idx++]; + final boolean detail = aafcli.isDetailed(); + return same(new Retryable<Integer>() { + @Override + public Integer code(Rcli<?> client) throws CadiException, APIException { + ((ListUsers)parent).report(HEADER,ns); + Future<Nss> fn = client.read("/authz/nss/"+ns,getDF(Nss.class)); + if(fn.get(AAFcli.timeout())) { + if(fn.value!=null) { + Set<String> uset = detail?null:new HashSet<String>(); + for(Ns n : fn.value.getNs()) { + Future<Roles> fr = client.read("/authz/roles/ns/"+n.getName(), getDF(Roles.class)); + if(fr.get(AAFcli.timeout())) { + for(Role r : fr.value.getRole()) { + if(detail) { + ((ListUsers)parent).report(r.getName()); + } + Future<Users> fus = client.read( + "/authz/users/role/"+r.getName(), + getDF(Users.class) + ); + if(fus.get(AAFcli.timeout())) { + for(User u : fus.value.getUser()) { + if(detail) { + ((ListUsers)parent).report(" ",u); + } else { + uset.add(u.getId()); + } + } + } else if(fn.code()==404) { + return 200; + } + } + } + } + if(uset!=null) { + for(String u : uset) { + pw().print(" "); + pw().println(u); + } + } + } + } else if(fn.code()==404) { + return 200; + } else { + error(fn); + } + return fn.code(); + } + }); + } + + @Override + public void detailedHelp(int _indent, StringBuilder sb) { + int indent = _indent; + detailLine(sb,indent,HEADER); + indent+=4; + detailLine(sb,indent,"Report Users associated with this Namespace's Roles"); + sb.append('\n'); + detailLine(sb,indent,"If \"set details=true\" is specified, then all roles are printed "); + detailLine(sb,indent,"with the associated users and expiration dates"); + indent-=4; + api(sb,indent,HttpMethods.GET,"authz/nss/<ns>",Nss.class,true); + api(sb,indent,HttpMethods.GET,"authz/roles/ns/<ns>",Roles.class,false); + api(sb,indent,HttpMethods.GET,"authz/users/role/<ns>",Users.class,false); + } + +} diff --git a/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/ns/ListUsersWithPerm.java b/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/ns/ListUsersWithPerm.java new file mode 100644 index 00000000..97ccf569 --- /dev/null +++ b/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/ns/ListUsersWithPerm.java @@ -0,0 +1,128 @@ +/** + * ============LICENSE_START==================================================== + * org.onap.aaf + * =========================================================================== + * Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. + * =========================================================================== + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * ============LICENSE_END==================================================== + * + */ + +package org.onap.aaf.auth.cmd.ns; + +import java.util.HashSet; +import java.util.Set; + +import org.onap.aaf.auth.cmd.AAFcli; +import org.onap.aaf.auth.cmd.Cmd; +import org.onap.aaf.auth.cmd.Param; +import org.onap.aaf.auth.rserv.HttpMethods; +import org.onap.aaf.cadi.CadiException; +import org.onap.aaf.cadi.LocatorException; +import org.onap.aaf.cadi.client.Future; +import org.onap.aaf.cadi.client.Rcli; +import org.onap.aaf.cadi.client.Retryable; +import org.onap.aaf.misc.env.APIException; + +import aaf.v2_0.Nss; +import aaf.v2_0.Nss.Ns; +import aaf.v2_0.Perm; +import aaf.v2_0.Perms; +import aaf.v2_0.Users; +import aaf.v2_0.Users.User; + +/** + * p + * @author Jonathan + * + */ +public class ListUsersWithPerm extends Cmd { + private static final String HEADER="List Users of Permissions of Namespace "; + + public ListUsersWithPerm(ListUsers parent) { + super(parent,"perm", + new Param("ns-name",true)); + } + + @Override + public int _exec(int _idx, final String ... args) throws CadiException, APIException, LocatorException { + int idx = _idx; + final String ns=args[idx++]; + final boolean detail = aafcli.isDetailed(); + return same(new Retryable<Integer>() { + @Override + public Integer code(Rcli<?> client) throws CadiException, APIException { + ((ListUsers)parent).report(HEADER,ns); + Future<Nss> fn = client.read("/authz/nss/"+ns,getDF(Nss.class)); + if(fn.get(AAFcli.timeout())) { + if(fn.value!=null) { + Set<String> uset = detail?null:new HashSet<String>(); + + for(Ns n : fn.value.getNs()) { + Future<Perms> fp = client.read("/authz/perms/ns/"+n.getName()+(aafcli.isDetailed()?"?ns":"") + , getDF(Perms.class)); + if(fp.get(AAFcli.timeout())) { + for(Perm p : fp.value.getPerm()) { + String perm = p.getType()+'/'+p.getInstance()+'/'+p.getAction(); + if(detail)((ListUsers)parent).report(perm); + Future<Users> fus = client.read( + "/authz/users/perm/"+perm, + getDF(Users.class) + ); + if(fus.get(AAFcli.timeout())) { + for(User u : fus.value.getUser()) { + if(detail) + ((ListUsers)parent).report(" ",u); + else + uset.add(u.getId()); + } + } else if(fn.code()==404) { + return 200; + } + } + } + } + if(uset!=null) { + for(String u : uset) { + pw().print(" "); + pw().println(u); + } + } + } + } else if(fn.code()==404) { + return 200; + } else { + error(fn); + } + return fn.code(); + } + }); + } + + @Override + public void detailedHelp(int _indent, StringBuilder sb) { + int indent = _indent; + detailLine(sb,indent,HEADER); + indent+=4; + detailLine(sb,indent,"Report Users associated with this Namespace's Permissions"); + sb.append('\n'); + detailLine(sb,indent,"If \"set detail=true\" is specified, then Permissions are printed with the associated"); + detailLine(sb,indent,"users and expiration dates"); + indent-=4; + api(sb,indent,HttpMethods.GET,"authz/nss/<ns>",Nss.class,true); + api(sb,indent,HttpMethods.GET,"authz/perms/ns/<ns>",Perms.class,false); + api(sb,indent,HttpMethods.GET,"authz/users/perm/<type>/<instance>/<action>",Users.class,false); + } + +} diff --git a/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/ns/NS.java b/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/ns/NS.java new file mode 100644 index 00000000..8ceffde7 --- /dev/null +++ b/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/ns/NS.java @@ -0,0 +1,45 @@ +/** + * ============LICENSE_START==================================================== + * org.onap.aaf + * =========================================================================== + * Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. + * =========================================================================== + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * ============LICENSE_END==================================================== + * + */ + +package org.onap.aaf.auth.cmd.ns; + +import org.onap.aaf.auth.cmd.AAFcli; +import org.onap.aaf.auth.cmd.BaseCmd; +import org.onap.aaf.auth.cmd.DeprecatedCMD; +import org.onap.aaf.misc.env.APIException; + +public class NS extends BaseCmd<NS> { +// final Role role; + + public NS(AAFcli aafcli) throws APIException { + super(aafcli, "ns"); +// this.role = role; + + cmds.add(new Create(this)); + cmds.add(new Delete(this)); + cmds.add(new Admin(this)); + cmds.add(new Owner(this)); + cmds.add(new DeprecatedCMD<NS>(this,"responsible","'responsible' is deprecated. use 'owner'")); // deprecated + cmds.add(new Describe(this)); + cmds.add(new Attrib(this)); + cmds.add(new List(this)); + } +} diff --git a/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/ns/Owner.java b/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/ns/Owner.java new file mode 100644 index 00000000..5d1df496 --- /dev/null +++ b/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/ns/Owner.java @@ -0,0 +1,109 @@ +/** + * ============LICENSE_START==================================================== + * org.onap.aaf + * =========================================================================== + * Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. + * =========================================================================== + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * ============LICENSE_END==================================================== + * + */ + +package org.onap.aaf.auth.cmd.ns; + +import org.onap.aaf.auth.cmd.AAFcli; +import org.onap.aaf.auth.cmd.BaseCmd; +import org.onap.aaf.auth.cmd.Param; +import org.onap.aaf.auth.rserv.HttpMethods; +import org.onap.aaf.cadi.CadiException; +import org.onap.aaf.cadi.LocatorException; +import org.onap.aaf.cadi.client.Future; +import org.onap.aaf.cadi.client.Rcli; +import org.onap.aaf.cadi.client.Retryable; +import org.onap.aaf.misc.env.APIException; + +public class Owner extends BaseCmd<NS> { + private final static String[] options = {"add","del"}; + + public Owner(NS ns) throws APIException { + super(ns,"owner", + new Param(optionsToString(options),true), + new Param("ns-name",true), + new Param("id[,id]*",true) + ); + } + + @Override + public int _exec(int _idx, final String ... args) throws CadiException, APIException, LocatorException { + int idx = _idx; + + final int option = whichOption(options, args[idx++]); + final String ns = args[idx++]; + final String ids[] = args[idx++].split(","); + + return same(new Retryable<Integer>() { + @Override + public Integer code(Rcli<?> client) throws CadiException, APIException { + Future<Void> fp=null; + for(String id : ids) { + id=fullID(id); + String verb; + switch(option) { + case 0: + fp = client.create("/authz/ns/"+ns+"/responsible/"+id,Void.class); + verb = " is now "; + break; + case 1: + fp = client.delete("/authz/ns/"+ns+"/responsible/"+id,Void.class); + verb = " is no longer "; + break; + default: + throw new CadiException("Bad Argument"); + }; + + if(fp.get(AAFcli.timeout())) { + pw().append(id); + pw().append(verb); + pw().append("responsible for "); + pw().println(ns); + } else { + error(fp); + return fp.code(); + } + } + return fp==null?500:fp.code(); + } + }); + } + + @Override + public void detailedHelp(int _indent, StringBuilder sb) { + int indent = _indent; + detailLine(sb,indent,"Add or Delete Responsible person to/from Namespace"); + indent+=2; + detailLine(sb,indent,"Namespace Owners are responsible to receive Notifications and "); + detailLine(sb,indent,"approve Requests regarding this Namespace. Companies have "); + detailLine(sb,indent,"Policies as to who may take on this responsibility"); + + indent+=2; + detailLine(sb,indent,"name - Name of Namespace"); + detailLine(sb,indent,"id - Credential of Person(s) to be made responsible"); + sb.append('\n'); + detailLine(sb,indent,"aafcli will call API on each ID presented."); + indent-=4; + api(sb,indent,HttpMethods.POST,"authz/ns/<ns>/responsible/<id>",Void.class,true); + api(sb,indent,HttpMethods.DELETE,"authz/ns/<ns>/responsible/<id>",Void.class,false); + } + + +} diff --git a/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/perm/Create.java b/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/perm/Create.java new file mode 100644 index 00000000..cc674568 --- /dev/null +++ b/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/perm/Create.java @@ -0,0 +1,163 @@ +/** + * ============LICENSE_START==================================================== + * org.onap.aaf + * =========================================================================== + * Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. + * =========================================================================== + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * ============LICENSE_END==================================================== + * + */ + +package org.onap.aaf.auth.cmd.perm; + +import org.onap.aaf.auth.cmd.AAFcli; +import org.onap.aaf.auth.cmd.Cmd; +import org.onap.aaf.auth.cmd.Param; +import org.onap.aaf.auth.rserv.HttpMethods; +import org.onap.aaf.cadi.CadiException; +import org.onap.aaf.cadi.LocatorException; +import org.onap.aaf.cadi.client.Future; +import org.onap.aaf.cadi.client.Rcli; +import org.onap.aaf.cadi.client.Retryable; +import org.onap.aaf.misc.env.APIException; + +import aaf.v2_0.PermRequest; +import aaf.v2_0.RoleRequest; + +/** + * + * @author Jonathan + * + */ +public class Create extends Cmd { + public Create(Perm parent) { + super(parent,"create", + new Param("type",true), + new Param("instance",true), + new Param("action", true), + new Param("role[,role]* (to Grant to)", false) + ); + } + + @Override + public int _exec(final int index, final String ... args) throws CadiException, APIException, LocatorException { + return same(new Retryable<Integer>() { + @Override + public Integer code(Rcli<?> client) throws CadiException, APIException { + int idx = index; + final PermRequest pr = new PermRequest(); + pr.setType(args[idx++]); + pr.setInstance(args[idx++]); + pr.setAction(args[idx++]); + String roleCommas = (args.length>idx)?args[idx++]:null; + String[] roles = roleCommas==null?null:roleCommas.split("\\s*,\\s*"); + boolean force = aafcli.forceString()!=null; + int rv; + + if(roles!=null && force) { // Make sure Roles are Created + RoleRequest rr = new RoleRequest(); + for(String role : roles) { + rr.setName(role);; + Future<RoleRequest> fr = client.create( + "/authz/role", + getDF(RoleRequest.class), + rr + ); + fr.get(AAFcli.timeout()); + switch(fr.code()){ + case 201: + pw().println("Created Role [" + role + ']'); + break; + case 409: + break; + default: + pw().println("Role [" + role + "] does not exist, and cannot be created."); + return 206 /*HttpStatus.PARTIAL_CONTENT_206*/; + } + } + } + + // Set Start/End commands + setStartEnd(pr); + setQueryParamsOn(client); + Future<PermRequest> fp = client.create( + "/authz/perm", + getDF(PermRequest.class), + pr + ); + if(fp.get(AAFcli.timeout())) { + rv = fp.code(); + pw().println("Created Permission"); + if(roles!=null) { + if(aafcli.forceString()!=null) { // Make sure Roles are Created + RoleRequest rr = new RoleRequest(); + for(String role : roles) { + rr.setName(role);; + Future<RoleRequest> fr = client.create( + "/authz/role", + getDF(RoleRequest.class), + rr + ); + fr.get(AAFcli.timeout()); + switch(fr.code()){ + case 201: + case 409:break; + default: + + } + } + } + + try { + if(201!=(rv=((Perm)parent)._exec(0, + new String[] {"grant",pr.getType(),pr.getInstance(),pr.getAction(),roleCommas}))) { + rv = 206 /*HttpStatus.PARTIAL_CONTENT_206*/; + } + } catch (LocatorException e) { + throw new CadiException(e); + } + } + } else { + rv = fp.code(); + if(rv==409 && force) { + rv = 201; + } else if(rv==202) { + pw().println("Permission Creation Accepted, but requires Approvals before actualizing"); + if (roles!=null) + pw().println("You need to grant the roles after approval."); + } else { + error(fp); + } + } + return rv; + } + }); + } + + @Override + public void detailedHelp(int _indent, StringBuilder sb) { + int indent = _indent; + detailLine(sb,indent,"Create a Permission with:"); + detailLine(sb,indent+=2,"type - A Namespace qualified identifier identifying the kind of"); + detailLine(sb,indent+11,"resource to be protected"); + detailLine(sb,indent,"instance - A name that distinguishes a particular instance of resource"); + detailLine(sb,indent,"action - What kind of action is allowed"); + detailLine(sb,indent,"role(s) - Perms granted to these Comma separated Role(s)"); + detailLine(sb,indent+11,"Nonexistent role(s) will be created, if in same namespace"); + sb.append('\n'); + detailLine(sb,indent+2,"Note: Instance and Action can be a an '*' (enter \\\\* on Unix Shell)"); + api(sb,indent,HttpMethods.POST,"authz/perm",PermRequest.class,true); + } + +} diff --git a/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/perm/Delete.java b/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/perm/Delete.java new file mode 100644 index 00000000..ba123d58 --- /dev/null +++ b/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/perm/Delete.java @@ -0,0 +1,89 @@ +/** + * ============LICENSE_START==================================================== + * org.onap.aaf + * =========================================================================== + * Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. + * =========================================================================== + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * ============LICENSE_END==================================================== + * + */ + +package org.onap.aaf.auth.cmd.perm; + +import org.onap.aaf.auth.cmd.AAFcli; +import org.onap.aaf.auth.cmd.Cmd; +import org.onap.aaf.auth.cmd.Param; +import org.onap.aaf.auth.rserv.HttpMethods; +import org.onap.aaf.cadi.CadiException; +import org.onap.aaf.cadi.LocatorException; +import org.onap.aaf.cadi.client.Future; +import org.onap.aaf.cadi.client.Rcli; +import org.onap.aaf.cadi.client.Retryable; +import org.onap.aaf.misc.env.APIException; + +import aaf.v2_0.PermRequest; + +/** + * p + * @author Jonathan + * + */ +public class Delete extends Cmd { + public Delete(Perm parent) { + super(parent,"delete", + new Param("type",true), + new Param("instance",true), + new Param("action", true)); + } + + @Override + public int _exec(final int index, final String ... args) throws CadiException, APIException, LocatorException { + return same(new Retryable<Integer>() { + @Override + public Integer code(Rcli<?> client) throws CadiException, APIException { + int idx = index; + // Object Style Delete + PermRequest pk = new PermRequest(); + pk.setType(args[idx++]); + pk.setInstance(args[idx++]); + pk.setAction(args[idx++]); + + // Set "Force" if set + setQueryParamsOn(client); + Future<PermRequest> fp = client.delete( + "/authz/perm", + getDF(PermRequest.class), + pk); + if(fp.get(AAFcli.timeout())) { + pw().println("Deleted Permission"); + } else { + if(fp.code()==202) { + pw().println("Permission Deletion Accepted, but requires Approvals before actualizing"); + } else { + error(fp); + } + } + return fp.code(); + } + }); + } + + @Override + public void detailedHelp(int indent, StringBuilder sb) { + detailLine(sb,indent,"Delete a Permission with type,instance and action"); + detailLine(sb,indent+4,"see Create for definitions"); + api(sb,indent,HttpMethods.DELETE,"authz/perm",PermRequest.class,true); + } + +} diff --git a/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/perm/Describe.java b/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/perm/Describe.java new file mode 100644 index 00000000..5a3fad3e --- /dev/null +++ b/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/perm/Describe.java @@ -0,0 +1,100 @@ +/** + * ============LICENSE_START==================================================== + * org.onap.aaf + * =========================================================================== + * Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. + * =========================================================================== + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * ============LICENSE_END==================================================== + * + */ + +package org.onap.aaf.auth.cmd.perm; + +import org.onap.aaf.auth.cmd.AAFcli; +import org.onap.aaf.auth.cmd.Cmd; +import org.onap.aaf.auth.cmd.Param; +import org.onap.aaf.auth.rserv.HttpMethods; +import org.onap.aaf.cadi.CadiException; +import org.onap.aaf.cadi.LocatorException; +import org.onap.aaf.cadi.client.Future; +import org.onap.aaf.cadi.client.Rcli; +import org.onap.aaf.cadi.client.Retryable; +import org.onap.aaf.misc.env.APIException; + +import aaf.v2_0.PermRequest; + +public class Describe extends Cmd { + private static final String PERM_PATH = "/authz/perm"; + public Describe(Perm parent) { + super(parent,"describe", + new Param("type",true), + new Param("instance", true), + new Param("action", true), + new Param("description",true)); + } + + @Override + public int _exec(final int index, final String ... args) throws CadiException, APIException, LocatorException { + return same(new Retryable<Integer>() { + @Override + public Integer code(Rcli<?> client) throws CadiException, APIException { + int idx = index; + String type = args[idx++]; + String instance = args[idx++]; + String action = args[idx++]; + StringBuilder desc = new StringBuilder(); + while (idx < args.length) { + desc.append(args[idx++] + ' '); + } + + PermRequest pr = new PermRequest(); + pr.setType(type); + pr.setInstance(instance); + pr.setAction(action); + pr.setDescription(desc.toString()); + + // Set Start/End commands + setStartEnd(pr); + + Future<PermRequest> fp = null; + int rv; + + fp = client.update( + PERM_PATH, + getDF(PermRequest.class), + pr + ); + + if(fp.get(AAFcli.timeout())) { + rv=fp.code(); + pw().println("Description added to Permission"); + } else { + if((rv=fp.code())==202) { + pw().print("Adding description"); + pw().println(" Accepted, but requires Approvals before actualizing"); + } else { + error(fp); + } + } + return rv; + } + }); + } + + @Override + public void detailedHelp(int indent, StringBuilder sb) { + detailLine(sb,indent,"Add a description to a permission"); + api(sb,indent,HttpMethods.PUT,"authz/perm",PermRequest.class,true); + } +} diff --git a/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/perm/Grant.java b/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/perm/Grant.java new file mode 100644 index 00000000..d4b26a84 --- /dev/null +++ b/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/perm/Grant.java @@ -0,0 +1,150 @@ +/** + * ============LICENSE_START==================================================== + * org.onap.aaf + * =========================================================================== + * Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. + * =========================================================================== + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * ============LICENSE_END==================================================== + * + */ + +package org.onap.aaf.auth.cmd.perm; + +import org.onap.aaf.auth.cmd.AAFcli; +import org.onap.aaf.auth.cmd.Cmd; +import org.onap.aaf.auth.cmd.Param; +import org.onap.aaf.auth.rserv.HttpMethods; +import org.onap.aaf.cadi.CadiException; +import org.onap.aaf.cadi.LocatorException; +import org.onap.aaf.cadi.client.Future; +import org.onap.aaf.cadi.client.Rcli; +import org.onap.aaf.cadi.client.Retryable; +import org.onap.aaf.misc.env.APIException; + +import aaf.v2_0.Pkey; +import aaf.v2_0.RolePermRequest; + +/** + * + * @author Jonathan + * + */ +public class Grant extends Cmd { + private final static String[] options = {"grant","ungrant","setTo"}; + + public Grant(Perm parent) { + super(parent,null, + new Param(optionsToString(options),true), + new Param("type",true), + new Param("instance",true), + new Param("action",true), + new Param("role[,role]* (!REQ S)",false) + ); + } + + @Override + public int _exec(final int index, final String ... args) throws CadiException, APIException, LocatorException { + return same(new Retryable<Integer>() { + @Override + public Integer code(Rcli<?> client) throws CadiException, APIException { + int idx = index; + String action = args[idx++]; + int option = whichOption(options, action); + + RolePermRequest rpr = new RolePermRequest(); + Pkey pk = new Pkey(); + pk.setType(args[idx++]); + pk.setInstance(args[idx++]); + pk.setAction(args[idx++]); + rpr.setPerm(pk); + setStartEnd(rpr); + + Future<RolePermRequest> frpr = null; + + if (option != 2) { + String[] roles = args[idx++].split(","); + String strA,strB; + for(String role : roles) { + rpr.setRole(role); + if(option==0) { + // You can request to Grant Permission to a Role + setQueryParamsOn(client); + frpr = client.create( + "/authz/role/perm", + getDF(RolePermRequest.class), + rpr + ); + strA = "Granted Permission ["; + strB = "] to Role ["; + } else { + // You can request to UnGrant Permission to a Role + setQueryParamsOn(client); + frpr = client.delete( + "/authz/role/" + role + "/perm", + getDF(RolePermRequest.class), + rpr + ); + strA = "UnGranted Permission ["; + strB = "] from Role ["; + } + if(frpr.get(AAFcli.timeout())) { + pw().println(strA + pk.getType() + '|' + pk.getInstance() + '|' + pk.getAction() + + strB + role +']'); + } else { + if (frpr.code()==202) { + pw().print("Permission Role "); + pw().print(option==0?"Granted":"Ungranted"); + pw().println(" Accepted, but requires Approvals before actualizing"); + } else { + error(frpr); + idx=Integer.MAX_VALUE; + } + } + } + } else { + String allRoles = ""; + if (idx < args.length) + allRoles = args[idx++]; + + rpr.setRole(allRoles); + frpr = client.update( + "/authz/role/perm", + getDF(RolePermRequest.class), + rpr); + if(frpr.get(AAFcli.timeout())) { + pw().println("Set Permission's Roles to [" + allRoles + "]"); + } else { + error(frpr); + } + } + return frpr==null?0:frpr.code(); + } + }); + } + + @Override + public void detailedHelp(int indent, StringBuilder sb) { + detailLine(sb,indent,"Grant a Permission to a Role or Roles OR"); + detailLine(sb,indent,"Ungrant a Permission from a Role or Roles OR"); + detailLine(sb,indent,"Set a Permission's roles to roles supplied."); + detailLine(sb,indent+4,"WARNING: Roles supplied with setTo will be the ONLY roles attached to this permission"); + detailLine(sb,indent+8,"If no roles are supplied, permission's roles are reset."); + detailLine(sb,indent,"see Create for definitions of type,instance and action"); + api(sb,indent,HttpMethods.POST,"authz/role/perm",RolePermRequest.class,true); + api(sb,indent,HttpMethods.DELETE,"authz/role/<role>/perm",RolePermRequest.class,false); + api(sb,indent,HttpMethods.PUT,"authz/role/perm",RolePermRequest.class,false); + + } + +} diff --git a/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/perm/List.java b/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/perm/List.java new file mode 100644 index 00000000..2eadd38c --- /dev/null +++ b/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/perm/List.java @@ -0,0 +1,116 @@ +/** + * ============LICENSE_START==================================================== + * org.onap.aaf + * =========================================================================== + * Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. + * =========================================================================== + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * ============LICENSE_END==================================================== + * + */ + +package org.onap.aaf.auth.cmd.perm; + +import java.util.Collections; +import java.util.Comparator; + +import org.onap.aaf.auth.cmd.AAFcli; +import org.onap.aaf.auth.cmd.BaseCmd; +import org.onap.aaf.cadi.CadiException; +import org.onap.aaf.cadi.client.Future; +import org.onap.aaf.cadi.client.Retryable; +import org.onap.aaf.misc.env.APIException; + +import aaf.v2_0.Perms; + +public class List extends BaseCmd<Perm> { +// private static final String LIST_PERM_DETAILS = "list permission details"; + + public List(Perm parent) { + super(parent,"list"); + + cmds.add(new ListByUser(this)); + cmds.add(new ListByName(this)); + cmds.add(new ListByNS(this)); + cmds.add(new ListByRole(this)); + cmds.add(new ListActivity(this)); + } + // Package Level on purpose + abstract class ListPerms extends Retryable<Integer> { + protected int list(Future<Perms> fp,String header, String parentPerm) throws CadiException, APIException { + if(fp.get(AAFcli.timeout())) { + report(fp,header, parentPerm); + } else { + error(fp); + } + return fp.code(); + } + } + + private static final Comparator<aaf.v2_0.Perm> permCompare = new Comparator<aaf.v2_0.Perm>() { + @Override + public int compare(aaf.v2_0.Perm a, aaf.v2_0.Perm b) { + int rc; + if((rc=a.getType().compareTo(b.getType()))!=0) { + return rc; + } + if((rc=a.getInstance().compareTo(b.getInstance()))!=0) { + return rc; + } + return a.getAction().compareTo(b.getAction()); + } + }; + + private static final String permFormat = "%-30s %-30s %-10s\n"; + + void report(Future<Perms> fp, String ... str) { + reportHead(str); + if (this.aafcli.isDetailed()) { + String format = "%-36s %-30s %-15s\n"; + String descFmt = " %-75s\n"; + reportColHead(format + descFmt,"[PERM NS].Type","Instance","Action", "Description"); + Collections.sort(fp.value.getPerm(),permCompare); + for(aaf.v2_0.Perm p : fp.value.getPerm()) { + String pns = p.getNs(); + if(pns==null) { + pw().format(format, + p.getType(), + p.getInstance(), + p.getAction()); + } else { + pw().format(format, + '['+pns + "]." + p.getType().substring(pns.length()+1), + p.getInstance(), + p.getAction()); + } + String desc = p.getDescription(); + if(desc!=null && desc.length()>0) { + pw().format(descFmt,p.getDescription()); + } + } + pw().println(); + } else { + String format = reportColHead(permFormat,"PERM Type","Instance","Action"); + + Collections.sort(fp.value.getPerm(),permCompare); + for(aaf.v2_0.Perm p : fp.value.getPerm()) { + pw().format(format, + p.getType(), + p.getInstance(), + p.getAction()); + } + pw().println(); + } + } + +} diff --git a/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/perm/ListActivity.java b/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/perm/ListActivity.java new file mode 100644 index 00000000..4b5f569b --- /dev/null +++ b/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/perm/ListActivity.java @@ -0,0 +1,76 @@ +/** + * ============LICENSE_START==================================================== + * org.onap.aaf + * =========================================================================== + * Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. + * =========================================================================== + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * ============LICENSE_END==================================================== + * + */ + +package org.onap.aaf.auth.cmd.perm; + +import org.onap.aaf.auth.cmd.AAFcli; +import org.onap.aaf.auth.cmd.Cmd; +import org.onap.aaf.auth.cmd.Param; +import org.onap.aaf.auth.rserv.HttpMethods; +import org.onap.aaf.cadi.CadiException; +import org.onap.aaf.cadi.LocatorException; +import org.onap.aaf.cadi.client.Future; +import org.onap.aaf.cadi.client.Rcli; +import org.onap.aaf.cadi.client.Retryable; +import org.onap.aaf.misc.env.APIException; + +import aaf.v2_0.History; + +/** + * * @author Jonathan + * + */ +public class ListActivity extends Cmd { + private static final String HEADER = "List Activity of Permission"; + + public ListActivity(List parent) { + super(parent,"activity", + new Param("type",true)); + } + + @Override + public int _exec(final int index, final String ... args) throws CadiException, APIException, LocatorException { + return same(new Retryable<Integer>() { + @Override + public Integer code(Rcli<?> client) throws CadiException, APIException { + int idx = index; + String type = args[idx++]; + Future<History> fp = client.read( + "/authz/hist/perm/"+type, + getDF(History.class) + ); + if(fp.get(AAFcli.timeout())) { + activity(fp.value, HEADER + " [ " + type + " ]"); + } else { + error(fp); + } + return fp.code(); + } + }); + } + + @Override + public void detailedHelp(int indent, StringBuilder sb) { + detailLine(sb,indent,HEADER); + api(sb,indent,HttpMethods.GET,"authz/hist/perm/<type>",History.class,true); + } + +} diff --git a/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/perm/ListByNS.java b/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/perm/ListByNS.java new file mode 100644 index 00000000..304055bf --- /dev/null +++ b/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/perm/ListByNS.java @@ -0,0 +1,71 @@ +/** + * ============LICENSE_START==================================================== + * org.onap.aaf + * =========================================================================== + * Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. + * =========================================================================== + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * ============LICENSE_END==================================================== + * + */ + +package org.onap.aaf.auth.cmd.perm; + +import org.onap.aaf.auth.cmd.Cmd; +import org.onap.aaf.auth.cmd.Param; +import org.onap.aaf.auth.rserv.HttpMethods; +import org.onap.aaf.cadi.CadiException; +import org.onap.aaf.cadi.LocatorException; +import org.onap.aaf.cadi.client.Future; +import org.onap.aaf.cadi.client.Rcli; +import org.onap.aaf.misc.env.APIException; + +import aaf.v2_0.Perms; + +/** + * Return Perms by NS + * + * @author Jeremiah + * + */ +public class ListByNS extends Cmd { + private static final String HEADER = "List Perms by NS "; + + public ListByNS(List parent) { + super(parent,"ns", + new Param("name",true)); + } + + public int _exec( int idx, final String ... args) throws CadiException, APIException, LocatorException { + final String ns=args[idx]; + + return same(((List)parent).new ListPerms() { + @Override + public Integer code(Rcli<?> client) throws CadiException, APIException { + Future<Perms> fp = client.read( + "/authz/perms/ns/"+ns+(aafcli.isDetailed()?"?ns":""), + getDF(Perms.class) + ); + return list(fp, HEADER, ns); + } + }); + } + + @Override + public void detailedHelp(int indent, StringBuilder sb) { + detailLine(sb,indent,HEADER); + api(sb,indent,HttpMethods.GET,"authz/perms/ns/<ns>",Perms.class,true); + } + + +} diff --git a/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/perm/ListByName.java b/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/perm/ListByName.java new file mode 100644 index 00000000..6310e24b --- /dev/null +++ b/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/perm/ListByName.java @@ -0,0 +1,69 @@ +/** + * ============LICENSE_START==================================================== + * org.onap.aaf + * =========================================================================== + * Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. + * =========================================================================== + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * ============LICENSE_END==================================================== + * + */ + +package org.onap.aaf.auth.cmd.perm; + +import org.onap.aaf.auth.cmd.Cmd; +import org.onap.aaf.auth.cmd.Param; +import org.onap.aaf.auth.rserv.HttpMethods; +import org.onap.aaf.cadi.CadiException; +import org.onap.aaf.cadi.LocatorException; +import org.onap.aaf.cadi.client.Future; +import org.onap.aaf.cadi.client.Rcli; +import org.onap.aaf.misc.env.APIException; + +import aaf.v2_0.Perms; + +/** + * + * @author Jonathan + * + */ +public class ListByName extends Cmd { + private static final String HEADER = "List Child Permissions"; + + public ListByName(List parent) { + super(parent,"name", + new Param("root perm name",true)); + } + + public int _exec(final int index, final String ... args) throws CadiException, APIException, LocatorException { + return same(((List)parent).new ListPerms() { + @Override + public Integer code(Rcli<?> client) throws CadiException, APIException { + String parentPerm=args[index]; + + Future<Perms> fp = client.read( + "/authz/perms/"+parentPerm+(aafcli.isDetailed()?"?ns":""), + getDF(Perms.class) + ); + return list(fp,HEADER,parentPerm); + } + }); + } + + @Override + public void detailedHelp(int indent, StringBuilder sb) { + detailLine(sb,indent,HEADER); + api(sb,indent,HttpMethods.GET,"authz/perms/<parent type>",Perms.class,true); + } + +} diff --git a/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/perm/ListByRole.java b/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/perm/ListByRole.java new file mode 100644 index 00000000..75b88538 --- /dev/null +++ b/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/perm/ListByRole.java @@ -0,0 +1,72 @@ +/** + * ============LICENSE_START==================================================== + * org.onap.aaf + * =========================================================================== + * Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. + * =========================================================================== + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * ============LICENSE_END==================================================== + * + */ + +package org.onap.aaf.auth.cmd.perm; + +import org.onap.aaf.auth.cmd.Cmd; +import org.onap.aaf.auth.cmd.Param; +import org.onap.aaf.auth.rserv.HttpMethods; +import org.onap.aaf.cadi.CadiException; +import org.onap.aaf.cadi.LocatorException; +import org.onap.aaf.cadi.client.Future; +import org.onap.aaf.cadi.client.Rcli; +import org.onap.aaf.misc.env.APIException; + +import aaf.v2_0.Perms; + +/** + * Return Perms by Role + * + * @author Jeremiah + * + */ +public class ListByRole extends Cmd { + private static final String HEADER = "List Perms by Role "; + + public ListByRole(List parent) { + super(parent,"role", + new Param("name",true)); + } + + public int _exec(final int idx, final String ... args) throws CadiException, APIException, LocatorException { + final String role=args[idx]; + + return same(((List)parent).new ListPerms() { + @Override + public Integer code(Rcli<?> client) throws CadiException, APIException { + + Future<Perms> fp = client.read( + "/authz/perms/role/"+role+(aafcli.isDetailed()?"?ns":""), + getDF(Perms.class) + ); + return list(fp, HEADER, role); + } + }); + } + + @Override + public void detailedHelp(int indent, StringBuilder sb) { + detailLine(sb,indent,HEADER); + api(sb,indent,HttpMethods.GET,"authz/perms/role/<role>",Perms.class,true); + } + + +} diff --git a/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/perm/ListByUser.java b/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/perm/ListByUser.java new file mode 100644 index 00000000..ba708273 --- /dev/null +++ b/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/perm/ListByUser.java @@ -0,0 +1,82 @@ +/** + * ============LICENSE_START==================================================== + * org.onap.aaf + * =========================================================================== + * Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. + * =========================================================================== + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * ============LICENSE_END==================================================== + * + */ + +package org.onap.aaf.auth.cmd.perm; + +import org.onap.aaf.auth.cmd.Cmd; +import org.onap.aaf.auth.cmd.Param; +import org.onap.aaf.auth.rserv.HttpMethods; +import org.onap.aaf.cadi.CadiException; +import org.onap.aaf.cadi.LocatorException; +import org.onap.aaf.cadi.client.Future; +import org.onap.aaf.cadi.client.Rcli; +import org.onap.aaf.misc.env.APIException; + +import aaf.v2_0.Perms; + +/** + * + * @author Jonathan + * + */ +public class ListByUser extends Cmd { + private static final String HEADER = "List Permissions by User"; + public ListByUser(List parent) { + super(parent,"user", + new Param("id",true)); + } + + public int _exec( int idx, final String ... args) throws CadiException, APIException, LocatorException { + final String user=fullID(args[idx]); + + return same(((List)parent).new ListPerms() { + @Override + public Integer code(Rcli<?> client) throws CadiException, APIException { + StringBuilder sb = null; + if("true".equalsIgnoreCase(aafcli.forceString())) { + sb = new StringBuilder(); + sb.append("?force"); + } + if(aafcli.isDetailed()) { + if(sb==null) { + sb = new StringBuilder('?'); + } else { + sb.append('&'); + } + sb.append("ns"); + } + Future<Perms> fp = client.read( + "/authz/perms/user/"+user+(sb==null?"":sb), + getDF(Perms.class) + ); + return list(fp,HEADER, user); + } + }); + } + + @Override + public void detailedHelp(int indent, StringBuilder sb) { + detailLine(sb,indent,HEADER); + api(sb,indent,HttpMethods.GET,"authz/perms/user/<user id>",Perms.class,true); + } + + +} diff --git a/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/perm/Perm.java b/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/perm/Perm.java new file mode 100644 index 00000000..805b6e62 --- /dev/null +++ b/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/perm/Perm.java @@ -0,0 +1,42 @@ +/** + * ============LICENSE_START==================================================== + * org.onap.aaf + * =========================================================================== + * Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. + * =========================================================================== + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * ============LICENSE_END==================================================== + * + */ + +package org.onap.aaf.auth.cmd.perm; + +import org.onap.aaf.auth.cmd.BaseCmd; +import org.onap.aaf.auth.cmd.role.Role; +import org.onap.aaf.misc.env.APIException; + +public class Perm extends BaseCmd<Perm> { + Role role; + + public Perm(Role role) throws APIException { + super(role.aafcli, "perm"); + this.role = role; + + cmds.add(new Create(this)); + cmds.add(new Delete(this)); + cmds.add(new Grant(this)); + cmds.add(new Rename(this)); + cmds.add(new Describe(this)); + cmds.add(new List(this)); + } +} diff --git a/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/perm/Rename.java b/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/perm/Rename.java new file mode 100644 index 00000000..fa65f61a --- /dev/null +++ b/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/perm/Rename.java @@ -0,0 +1,102 @@ +/** + * ============LICENSE_START==================================================== + * org.onap.aaf + * =========================================================================== + * Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. + * =========================================================================== + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * ============LICENSE_END==================================================== + * + */ + +package org.onap.aaf.auth.cmd.perm; + + +import org.onap.aaf.auth.cmd.AAFcli; +import org.onap.aaf.auth.cmd.Cmd; +import org.onap.aaf.auth.cmd.Param; +import org.onap.aaf.auth.rserv.HttpMethods; +import org.onap.aaf.cadi.CadiException; +import org.onap.aaf.cadi.LocatorException; +import org.onap.aaf.cadi.client.Future; +import org.onap.aaf.cadi.client.Rcli; +import org.onap.aaf.cadi.client.Retryable; +import org.onap.aaf.misc.env.APIException; + +import aaf.v2_0.PermRequest; + +public class Rename extends Cmd { + public Rename(Perm parent) { + super(parent,"rename", + new Param("type",true), + new Param("instance",true), + new Param("action", true), + new Param("new type",true), + new Param("new instance",true), + new Param("new action", true) + ); + } + + @Override + public int _exec(final int index, final String ... args) throws CadiException, APIException, LocatorException { + return same(new Retryable<Integer>() { + @Override + public Integer code(Rcli<?> client) throws CadiException, APIException { + int idx = index; + String origType = args[idx++]; + String origInstance = args[idx++]; + String origAction = args[idx++]; + + //Create new permission + PermRequest pr = new PermRequest(); + pr.setType(args[idx++]); + pr.setInstance(args[idx++]); + pr.setAction(args[idx++]); + + // Set Start/End commands + setStartEnd(pr); + Future<PermRequest> fp = client.update( + "/authz/perm/"+origType+"/"+origInstance+"/"+origAction, + getDF(PermRequest.class), + pr + ); + int rv; + if(fp.get(AAFcli.timeout())) { + rv = fp.code(); + pw().println("Updated Permission"); + } else { + rv = fp.code(); + if(rv==202) { + pw().println("Permission Update Accepted, but requires Approvals before actualizing"); + } else { + error(fp); + } + } + return rv; + } + }); + + } + + @Override + public void detailedHelp(int indent, StringBuilder sb) { + detailLine(sb,indent,"Rename a Permission from:"); + detailLine(sb,indent+2,"<type> <instance> <action>"); + detailLine(sb,indent,"to:"); + detailLine(sb,indent+2,"<new type> <new instance> <new action>"); + sb.append('\n'); + detailLine(sb,indent,"Namespace must be the same in <type> and <new type>"); + detailLine(sb,indent+4,"see Create for definitions of type,instance and action"); + api(sb,indent,HttpMethods.PUT,"authz/perm/<type>/<instance>/<action>",PermRequest.class,true); + } +} diff --git a/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/role/CreateDelete.java b/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/role/CreateDelete.java new file mode 100644 index 00000000..99d55839 --- /dev/null +++ b/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/role/CreateDelete.java @@ -0,0 +1,130 @@ +/** + * ============LICENSE_START==================================================== + * org.onap.aaf + * =========================================================================== + * Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. + * =========================================================================== + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * ============LICENSE_END==================================================== + * + */ + +package org.onap.aaf.auth.cmd.role; + +import org.onap.aaf.auth.cmd.AAFcli; +import org.onap.aaf.auth.cmd.Cmd; +import org.onap.aaf.auth.cmd.Param; +import org.onap.aaf.auth.rserv.HttpMethods; +import org.onap.aaf.cadi.CadiException; +import org.onap.aaf.cadi.LocatorException; +import org.onap.aaf.cadi.client.Future; +import org.onap.aaf.cadi.client.Rcli; +import org.onap.aaf.cadi.client.Retryable; +import org.onap.aaf.misc.env.APIException; + +import aaf.v2_0.RoleRequest; + +/** + * + * @author Jonathan + * + */ +public class CreateDelete extends Cmd { + private static final String ROLE_PATH = "/authz/role"; + private final static String[] options = {"create","delete"}; + public CreateDelete(Role parent) { + super(parent,null, + new Param(optionsToString(options),true), + new Param("name",true)); + } + + @Override + public int _exec(final int index, final String ... args) throws CadiException, APIException, LocatorException { + return same(new Retryable<Integer>() { + @Override + public Integer code(Rcli<?> client) throws CadiException, APIException { + int idx = index; + String action = args[idx++]; + int option = whichOption(options, action); + + RoleRequest rr = new RoleRequest(); + rr.setName(args[idx++]); + + // Set Start/End commands + setStartEnd(rr); + + Future<RoleRequest> fp = null; + String verb = null; + int rv; + switch(option) { + case 0: + fp = client.create( + ROLE_PATH, + getDF(RoleRequest.class), + rr + ); + verb = "Create"; + break; + case 1: + // Send "Force" if set + setQueryParamsOn(client); + fp = client.delete( + ROLE_PATH, // +args[idx++], + getDF(RoleRequest.class), + rr + ); + verb = "Delete"; + break; + default: // note, if not an option, whichOption throws Exception + break; + + } + boolean rolesSupplied = (args.length>idx); + if(fp.get(AAFcli.timeout())) { + rv=fp.code(); + pw().print(verb); + pw().println("d Role"); + if(rolesSupplied) { + for(;args.length>idx;++idx ) { + try { + if(201!=(rv=((Role)parent)._exec(0,new String[] {"user","add",rr.getName(),args[idx]}))) { + rv = 206 /*HttpStatus.PARTIAL_CONTENT_206*/; + } + } catch (LocatorException e) { + throw new CadiException(e); + } + } + } + } else { + if((rv=fp.code())==202) { + pw().print("Role "); + pw().print(verb); + pw().println(" Accepted, but requires Approvals before actualizing"); + } else { + error(fp); + } + } + return rv; + } + }); + } + + @Override + public void detailedHelp(int indent, StringBuilder sb) { + detailLine(sb,indent,"Create OR Delete a Role"); + detailLine(sb,indent+2,"name - Name of Role to create"); + api(sb,indent,HttpMethods.POST,"authz/role",RoleRequest.class,true); + api(sb,indent,HttpMethods.DELETE,"authz/role",RoleRequest.class,false); + } + +} diff --git a/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/role/Describe.java b/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/role/Describe.java new file mode 100644 index 00000000..5498f29a --- /dev/null +++ b/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/role/Describe.java @@ -0,0 +1,94 @@ +/** + * ============LICENSE_START==================================================== + * org.onap.aaf + * =========================================================================== + * Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. + * =========================================================================== + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * ============LICENSE_END==================================================== + * + */ + +package org.onap.aaf.auth.cmd.role; + +import org.onap.aaf.auth.cmd.AAFcli; +import org.onap.aaf.auth.cmd.Cmd; +import org.onap.aaf.auth.cmd.Param; +import org.onap.aaf.auth.rserv.HttpMethods; +import org.onap.aaf.cadi.CadiException; +import org.onap.aaf.cadi.LocatorException; +import org.onap.aaf.cadi.client.Future; +import org.onap.aaf.cadi.client.Rcli; +import org.onap.aaf.cadi.client.Retryable; +import org.onap.aaf.misc.env.APIException; + +import aaf.v2_0.RoleRequest; + +public class Describe extends Cmd { + private static final String ROLE_PATH = "/authz/role"; + public Describe(Role parent) { + super(parent,"describe", + new Param("name",true), + new Param("description",true)); + } + + @Override + public int _exec(final int index, final String ... args) throws CadiException, APIException, LocatorException { + return same(new Retryable<Integer>() { + @Override + public Integer code(Rcli<?> client) throws CadiException, APIException { + int idx = index; + String role = args[idx++]; + StringBuilder desc = new StringBuilder(); + while (idx < args.length) { + desc.append(args[idx++] + ' '); + } + + RoleRequest rr = new RoleRequest(); + rr.setName(role); + rr.setDescription(desc.toString()); + + // Set Start/End commands + setStartEnd(rr); + + Future<RoleRequest> fp = null; + int rv; + + fp = client.update( + ROLE_PATH, + getDF(RoleRequest.class), + rr + ); + + if(fp.get(AAFcli.timeout())) { + rv=fp.code(); + pw().println("Description added to role"); + } else { + if((rv=fp.code())==202) { + pw().print("Adding description"); + pw().println(" Accepted, but requires Approvals before actualizing"); + } else { + error(fp); + } + } + return rv; + } + }); + } + + @Override + public void detailedHelp(int indent, StringBuilder sb) { + detailLine(sb,indent,"Add a description to a role"); + api(sb,indent,HttpMethods.PUT,"authz/role",RoleRequest.class,true); + } +} diff --git a/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/role/List.java b/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/role/List.java new file mode 100644 index 00000000..2e09b03b --- /dev/null +++ b/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/role/List.java @@ -0,0 +1,211 @@ +/** + * ============LICENSE_START==================================================== + * org.onap.aaf + * =========================================================================== + * Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. + * =========================================================================== + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * ============LICENSE_END==================================================== + * + */ + +package org.onap.aaf.auth.cmd.role; + +import java.util.Collections; +import java.util.Comparator; + +import javax.xml.datatype.XMLGregorianCalendar; + +import org.onap.aaf.auth.cmd.AAFcli; +import org.onap.aaf.auth.cmd.BaseCmd; +import org.onap.aaf.cadi.CadiException; +import org.onap.aaf.cadi.client.Future; +import org.onap.aaf.cadi.client.Rcli; +import org.onap.aaf.cadi.client.Retryable; +import org.onap.aaf.misc.env.APIException; +import org.onap.aaf.misc.env.util.Chrono; + +import aaf.v2_0.Perm; +import aaf.v2_0.Perms; +import aaf.v2_0.Pkey; +import aaf.v2_0.Roles; +import aaf.v2_0.UserRole; +import aaf.v2_0.UserRoles; + + + +public class List extends BaseCmd<Role> { + private static final String XXXX_XX_XX = "XXXX-XX-XX"; + private static final String LIST_ROLES_BY_NAME = "list roles for role"; + + public List(Role parent) { + super(parent,"list"); + cmds.add(new ListByUser(this)); + cmds.add(new ListByRole(this)); + cmds.add(new ListByNS(this)); + cmds.add(new ListByNameOnly(this)); + cmds.add(new ListByPerm(this)); + cmds.add(new ListActivity(this)); + } + + // Package Level on purpose + abstract class ListRoles extends Retryable<Integer> { + protected int list(Future<Roles> fr,Rcli<?> client, String header) throws APIException, CadiException { + if(fr.get(AAFcli.timeout())) { + Perms perms=null; + if (aafcli.isDetailed()) { + for(aaf.v2_0.Role r : fr.value.getRole()) { + Future<Perms> fp = client.read( + "/authz/perms/role/"+r.getName()+(aafcli.isDetailed()?"?ns":""), + getDF(Perms.class) + ); + if(fp.get(AAFcli.timeout())) { + if(perms==null) { + perms = fp.value; + } else { + perms.getPerm().addAll(fp.value.getPerm()); + } + } + } + } + report(fr.value,perms,null,header); + } else { + error(fr); + } + return fr.code(); + } + } + + private final static String roleFormat = "%-56s Expires %s\n"; + private final static String roleFormatNoDate = "%-61s\n"; + private final static String roleExpiredFormat = "%-53s !!! EXPIRED !!! %s\n"; + private final static String permFormat = " %-30s %-30s %-15s\n"; + + + private static final Comparator<aaf.v2_0.Role> roleCompare = new Comparator<aaf.v2_0.Role>() { + @Override + public int compare(aaf.v2_0.Role a, aaf.v2_0.Role b) { + return a.getName().compareTo(b.getName()); + } + }; + public void report(Roles roles, Perms perms, UserRoles urs, String ... str) { + reportHead(str); + XMLGregorianCalendar now = Chrono.timeStamp().normalize(); + if(roles==null || roles.getRole().isEmpty()) { + pw().println("<No Roles Found>"); + } else if (aafcli.isDetailed()){ + if (aafcli.isDetailed() && str[0].toLowerCase().contains(LIST_ROLES_BY_NAME)) { + String description = roles.getRole().get(0).getDescription(); + if (description == null) description = ""; + reportColHead("%-80s\n","Description: " + description); + } + + String fullFormat = roleFormat+permFormat; + reportColHead(fullFormat,"[ROLE NS].Name","","[PERM NS].Type","Instance","Action"); + Collections.sort(roles.getRole(),roleCompare); + for(aaf.v2_0.Role r : roles.getRole()) { + String roleName = r.getName(); + String ns = r.getNs(); + if(aafcli.isTest()) { + if(ns==null) { + pw().format(roleFormat, roleName,XXXX_XX_XX); + } else { + pw().format(roleFormat, "["+ns+"]"+roleName.substring(ns.length()),XXXX_XX_XX); + } + } else { + UserRole ur = get(roleName,urs); + if(ur!=null && now.compare(ur.getExpires().normalize())>0) { + if(ns==null) { + pw().format(roleExpiredFormat, roleName,Chrono.dateOnlyStamp(ur.getExpires())); + } else { + pw().format(roleExpiredFormat, "["+ns+"]"+roleName.substring(ns.length()),Chrono.dateOnlyStamp(ur.getExpires())); + } + } else { + if(ns==null) { + pw().format(roleFormat, roleName,ur!=null?Chrono.dateOnlyStamp(ur.getExpires()):""); + } else { + pw().format(roleFormat, "["+ns+"]"+roleName.substring(ns.length()),ur!=null?Chrono.dateOnlyStamp(ur.getExpires()):""); + } + } + } + + for(Pkey pkey : r.getPerms()) { + Perm perm = get(pkey,perms); + if(perm==null || perm.getNs()==null) { + pw().format(permFormat, + pkey.getType(), + pkey.getInstance(), + pkey.getAction()); + } else { + String ns1 = perm.getNs(); + pw().format(permFormat, + '['+ns1+"]"+perm.getType().substring(ns1.length()), + perm.getInstance(), + perm.getAction()); + } + } + } + } else { + String fullFormat = roleFormat; + reportColHead(fullFormat,"ROLE Name","","PERM Type","Instance","Action"); + Collections.sort(roles.getRole(),roleCompare); + for(aaf.v2_0.Role r : roles.getRole()) { + if (urs != null) { + String roleName = r.getName(); + if(!aafcli.isTest()) { + UserRole ur = get(roleName,urs); + if(ur!=null && now.compare(ur.getExpires().normalize())>0) { + pw().format(roleExpiredFormat, roleName+"*",Chrono.dateOnlyStamp(ur.getExpires())); + } else { + pw().format(roleFormat, roleName,ur!=null?Chrono.dateOnlyStamp(ur.getExpires()):""); + } + } else { + pw().format(roleFormat, roleName,XXXX_XX_XX); + } + } else { + pw().format(roleFormatNoDate, r.getName()); + for(Pkey perm : r.getPerms()) { + pw().format(permFormat, + perm.getType(), + perm.getInstance(), + perm.getAction()); + } + } + } + } + } + private Perm get(Pkey pkey, Perms perms) { + if(perms!=null) { + for(Perm p : perms.getPerm()) { + if(pkey.getAction().equals(p.getAction()) && + pkey.getInstance().equals(p.getInstance()) && + pkey.getType().equals(p.getType())) { + return p; + } + } + } + return null; + } + // The assumption is that these UserRoles are already pulled in by User... no need to check + private UserRole get(String roleName, UserRoles urs) { + if(urs!=null) { + for(UserRole ur : urs.getUserRole()) { + if(roleName.equals(ur.getRole())) { + return ur; + } + } + } + return null; + } + +} diff --git a/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/role/ListActivity.java b/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/role/ListActivity.java new file mode 100644 index 00000000..0331ae09 --- /dev/null +++ b/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/role/ListActivity.java @@ -0,0 +1,75 @@ +/** + * ============LICENSE_START==================================================== + * org.onap.aaf + * =========================================================================== + * Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. + * =========================================================================== + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * ============LICENSE_END==================================================== + * + */ + +package org.onap.aaf.auth.cmd.role; + +import org.onap.aaf.auth.cmd.AAFcli; +import org.onap.aaf.auth.cmd.Cmd; +import org.onap.aaf.auth.cmd.Param; +import org.onap.aaf.auth.rserv.HttpMethods; +import org.onap.aaf.cadi.CadiException; +import org.onap.aaf.cadi.LocatorException; +import org.onap.aaf.cadi.client.Future; +import org.onap.aaf.cadi.client.Rcli; +import org.onap.aaf.cadi.client.Retryable; +import org.onap.aaf.misc.env.APIException; + +import aaf.v2_0.History; + +/** + * * @author Jonathan + * + */ +public class ListActivity extends Cmd { + private static final String HEADER = "List Activity of Role"; + + public ListActivity(List parent) { + super(parent,"activity", + new Param("name",true)); + } + + @Override + public int _exec(int _idx, final String ... args) throws CadiException, APIException, LocatorException { + int idx = _idx; + final String role = args[idx++]; + return same(new Retryable<Integer>() { + @Override + public Integer code(Rcli<?> client) throws CadiException, APIException { + Future<History> fp = client.read( + "/authz/hist/role/"+role, + getDF(History.class) + ); + if(fp.get(AAFcli.timeout())) { + activity(fp.value,HEADER + " [ " + role + " ]"); + } else { + error(fp); + } + return fp.code(); + } + }); + } + + @Override + public void detailedHelp(int indent, StringBuilder sb) { + detailLine(sb,indent,HEADER); + api(sb,indent,HttpMethods.GET,"authz/hist/role/<role>",History.class,true); + } +} diff --git a/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/role/ListByNS.java b/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/role/ListByNS.java new file mode 100644 index 00000000..11476f10 --- /dev/null +++ b/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/role/ListByNS.java @@ -0,0 +1,72 @@ +/** + * ============LICENSE_START==================================================== + * org.onap.aaf + * =========================================================================== + * Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. + * =========================================================================== + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * ============LICENSE_END==================================================== + * + */ + +package org.onap.aaf.auth.cmd.role; + +import org.onap.aaf.auth.cmd.Cmd; +import org.onap.aaf.auth.cmd.Param; +import org.onap.aaf.auth.rserv.HttpMethods; +import org.onap.aaf.cadi.CadiException; +import org.onap.aaf.cadi.LocatorException; +import org.onap.aaf.cadi.client.Future; +import org.onap.aaf.cadi.client.Rcli; +import org.onap.aaf.misc.env.APIException; + +import aaf.v2_0.Roles; + +/** + * Return Roles by NS + * + * @author Jonathan + * + */ +public class ListByNS extends Cmd { + private static final String HEADER = "List Roles by NS "; + + public ListByNS(List parent) { + super(parent,"ns", + new Param("name",true)); + } + + @Override + public int _exec( int idx, final String ... args) throws CadiException, APIException, LocatorException { + final String ns=args[idx]; + + return same(((List)parent).new ListRoles() { + @Override + public Integer code(Rcli<?> client) throws CadiException, APIException { + Future<Roles> fp = client.read( + "/authz/roles/ns/"+ns+(aafcli.isDetailed()?"?ns":""), + getDF(Roles.class) + ); + return list(fp,client, HEADER+"["+ns+"]"); + } + }); + } + + @Override + public void detailedHelp(int indent, StringBuilder sb) { + detailLine(sb,indent,HEADER); + api(sb,indent,HttpMethods.GET,"authz/roles/name/<ns>",Roles.class,true); + } + + +} diff --git a/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/role/ListByNameOnly.java b/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/role/ListByNameOnly.java new file mode 100644 index 00000000..81b86718 --- /dev/null +++ b/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/role/ListByNameOnly.java @@ -0,0 +1,72 @@ +/** + * ============LICENSE_START==================================================== + * org.onap.aaf + * =========================================================================== + * Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. + * =========================================================================== + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * ============LICENSE_END==================================================== + * + */ + +package org.onap.aaf.auth.cmd.role; + +import org.onap.aaf.auth.cmd.Cmd; +import org.onap.aaf.auth.cmd.Param; +import org.onap.aaf.auth.rserv.HttpMethods; +import org.onap.aaf.cadi.CadiException; +import org.onap.aaf.cadi.LocatorException; +import org.onap.aaf.cadi.client.Future; +import org.onap.aaf.cadi.client.Rcli; +import org.onap.aaf.misc.env.APIException; + +import aaf.v2_0.Roles; + +/** + * Return Roles by NS + * + * @author Jonathan + * + */ +public class ListByNameOnly extends Cmd { + private static final String HEADER = "List Roles by Name "; + + public ListByNameOnly(List parent) { + super(parent,"name", + new Param("name",true)); + } + + @Override + public int _exec( int idx, final String ... args) throws CadiException, APIException, LocatorException { + final String name=args[idx]; + + return same(((List)parent).new ListRoles() { + @Override + public Integer code(Rcli<?> client) throws CadiException, APIException { + Future<Roles> fp = client.read( + "/authz/roles/name/"+name+(aafcli.isDetailed()?"?ns":""), + getDF(Roles.class) + ); + return list(fp,client, HEADER+"["+name+"]"); + } + }); + } + + @Override + public void detailedHelp(int indent, StringBuilder sb) { + detailLine(sb,indent,HEADER); + api(sb,indent,HttpMethods.GET,"authz/roles/name/<name>",Roles.class,true); + } + + +} diff --git a/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/role/ListByPerm.java b/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/role/ListByPerm.java new file mode 100644 index 00000000..cb18eb34 --- /dev/null +++ b/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/role/ListByPerm.java @@ -0,0 +1,78 @@ +/** + * ============LICENSE_START==================================================== + * org.onap.aaf + * =========================================================================== + * Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. + * =========================================================================== + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * ============LICENSE_END==================================================== + * + */ + +package org.onap.aaf.auth.cmd.role; + +import org.onap.aaf.auth.cmd.Cmd; +import org.onap.aaf.auth.cmd.Param; +import org.onap.aaf.auth.rserv.HttpMethods; +import org.onap.aaf.cadi.CadiException; +import org.onap.aaf.cadi.LocatorException; +import org.onap.aaf.cadi.client.Future; +import org.onap.aaf.cadi.client.Rcli; +import org.onap.aaf.misc.env.APIException; + +import aaf.v2_0.Roles; + +/** + * Return Roles by NS + * + * @author Jonathan + * + */ +public class ListByPerm extends Cmd { + private static final String HEADER = "List Roles by Perm "; + + public ListByPerm(List parent) { + super(parent,"perm", + new Param("type",true), + new Param("instance", true), + new Param("action", true)); + } + + @Override + public int _exec(int _idx, final String ... args) throws CadiException, APIException, LocatorException { + int idx = _idx; + final String type=args[idx]; + final String instance=args[++idx]; + final String action=args[++idx]; + + return same(((List)parent).new ListRoles() { + @Override + public Integer code(Rcli<?> client) throws CadiException, APIException { + + Future<Roles> fp = client.read( + "/authz/roles/perm/"+type+'/'+instance+'/'+action, + getDF(Roles.class) + ); + return list(fp,client, HEADER+type+'|'+instance+'|'+action); + } + }); + } + + @Override + public void detailedHelp(int indent, StringBuilder sb) { + detailLine(sb,indent,HEADER); + api(sb,indent,HttpMethods.GET,"authz/roles/user/<user>",Roles.class,true); + } + + +} diff --git a/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/role/ListByRole.java b/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/role/ListByRole.java new file mode 100644 index 00000000..0fafbd92 --- /dev/null +++ b/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/role/ListByRole.java @@ -0,0 +1,69 @@ +/** + * ============LICENSE_START==================================================== + * org.onap.aaf + * =========================================================================== + * Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. + * =========================================================================== + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * ============LICENSE_END==================================================== + * + */ + +package org.onap.aaf.auth.cmd.role; + +import org.onap.aaf.auth.cmd.Cmd; +import org.onap.aaf.auth.cmd.Param; +import org.onap.aaf.auth.rserv.HttpMethods; +import org.onap.aaf.cadi.CadiException; +import org.onap.aaf.cadi.LocatorException; +import org.onap.aaf.cadi.client.Future; +import org.onap.aaf.cadi.client.Rcli; +import org.onap.aaf.misc.env.APIException; + +import aaf.v2_0.Roles; + +/** + * + * @author Jonathan + * + */ +public class ListByRole extends Cmd { + private static final String HEADER="List Roles for Role"; + + public ListByRole(List parent) { + super(parent,"role", + new Param("role",true)); + } + + @Override + public int _exec(final int idx, final String ... args) throws CadiException, APIException, LocatorException { + return same(((List)parent).new ListRoles() { + @Override + public Integer code(Rcli<?> client) throws CadiException, APIException { + String role=args[idx]; + Future<Roles> fp = client.read( + "/authz/roles/"+role+(aafcli.isDetailed()?"?ns":""), + getDF(Roles.class) + ); + return list(fp,client,HEADER+"["+role+"]"); + } + }); + } + + @Override + public void detailedHelp(int indent, StringBuilder sb) { + detailLine(sb,indent,HEADER); + api(sb,indent,HttpMethods.GET,"authz/roles/<role>",Roles.class,true); + } + +} diff --git a/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/role/ListByUser.java b/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/role/ListByUser.java new file mode 100644 index 00000000..7165de67 --- /dev/null +++ b/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/role/ListByUser.java @@ -0,0 +1,99 @@ +/** + * ============LICENSE_START==================================================== + * org.onap.aaf + * =========================================================================== + * Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. + * =========================================================================== + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * ============LICENSE_END==================================================== + * + */ + +package org.onap.aaf.auth.cmd.role; + +import org.onap.aaf.auth.cmd.AAFcli; +import org.onap.aaf.auth.cmd.Cmd; +import org.onap.aaf.auth.cmd.Param; +import org.onap.aaf.auth.rserv.HttpMethods; +import org.onap.aaf.cadi.CadiException; +import org.onap.aaf.cadi.LocatorException; +import org.onap.aaf.cadi.client.Future; +import org.onap.aaf.cadi.client.Rcli; +import org.onap.aaf.cadi.client.Retryable; +import org.onap.aaf.misc.env.APIException; + +import aaf.v2_0.Perms; +import aaf.v2_0.Roles; +import aaf.v2_0.UserRoles; + +/** + * p + * @author Jonathan + * + */ +public class ListByUser extends Cmd { + private static final String HEADER = "List Roles for User "; + + public ListByUser(List parent) { + super(parent,"user", + new Param("id",true), + new Param("detail", false)); + } + + @Override + public int _exec( int idx, final String ... args) throws CadiException, APIException, LocatorException { + final String user=fullID(args[idx]); + + + return same(new Retryable<Integer>() { + @Override + public Integer code(Rcli<?> client) throws CadiException, APIException { + Perms perms=null; + UserRoles urs=null; + Future<Roles> fr = client.read( + "/authz/roles/user/"+user+(aafcli.isDetailed()?"?ns":""), + getDF(Roles.class) + ); + Future<UserRoles> fur = client.read( + "/authz/userRoles/user/"+user, + getDF(UserRoles.class) + ); + if(fr.get(AAFcli.timeout())) { + if (aafcli.isDetailed()) { + Future<Perms> fp = client.read( + "/authz/perms/user/"+user+(aafcli.isDetailed()?"?ns":""), + getDF(Perms.class) + ); + if(fp.get(AAFcli.timeout())) { + perms = fp.value; + } + } + if (fur.get(AAFcli.timeout())) { + urs = fur.value; + } + + ((List)parent).report(fr.value,perms,urs,HEADER,user); + } else { + error(fr); + } + return fr.code(); + } + }); + } + + @Override + public void detailedHelp(int indent, StringBuilder sb) { + detailLine(sb,indent,HEADER); + api(sb,indent,HttpMethods.GET,"authz/roles/user/<user>",Roles.class,true); + } +} diff --git a/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/role/Role.java b/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/role/Role.java new file mode 100644 index 00000000..f28654ee --- /dev/null +++ b/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/role/Role.java @@ -0,0 +1,39 @@ +/** + * ============LICENSE_START==================================================== + * org.onap.aaf + * =========================================================================== + * Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. + * =========================================================================== + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * ============LICENSE_END==================================================== + * + */ + +package org.onap.aaf.auth.cmd.role; + +import org.onap.aaf.auth.cmd.AAFcli; +import org.onap.aaf.auth.cmd.BaseCmd; +import org.onap.aaf.misc.env.APIException; + +public class Role extends BaseCmd<Role> { + public List list; + + public Role(AAFcli aafcli) throws APIException { + super(aafcli, "role"); + cmds.add(new CreateDelete(this)); +// cmds.add(new Delete(this)); + cmds.add(new User(this)); + cmds.add(new Describe(this)); + cmds.add(list = new List(this)); + } +} diff --git a/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/role/User.java b/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/role/User.java new file mode 100644 index 00000000..181804b9 --- /dev/null +++ b/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/role/User.java @@ -0,0 +1,169 @@ +/** + * ============LICENSE_START==================================================== + * org.onap.aaf + * =========================================================================== + * Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. + * =========================================================================== + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * ============LICENSE_END==================================================== + * + */ + +package org.onap.aaf.auth.cmd.role; + +import org.onap.aaf.auth.cmd.AAFcli; +import org.onap.aaf.auth.cmd.Cmd; +import org.onap.aaf.auth.cmd.Param; +import org.onap.aaf.auth.rserv.HttpMethods; +import org.onap.aaf.cadi.CadiException; +import org.onap.aaf.cadi.LocatorException; +import org.onap.aaf.cadi.client.Future; +import org.onap.aaf.cadi.client.Rcli; +import org.onap.aaf.cadi.client.Retryable; +import org.onap.aaf.misc.env.APIException; + +import aaf.v2_0.UserRoleRequest; + +/** + * p + * @author Jonathan + * + */ +public class User extends Cmd { + private final static String[] options = {"add","del","setTo","extend"}; + public User(Role parent) { + super(parent,"user", + new Param(optionsToString(options),true), + new Param("role",true), + new Param("id[,id]* (not required for setTo)",false)); + } + + @Override + public int _exec(final int index, final String ... args) throws CadiException, APIException, LocatorException { + return same(new Retryable<Integer>() { + @Override + public Integer code(Rcli<?> client) throws CadiException, APIException { + int idx = index; + String action = args[idx++]; + int option = whichOption(options, action); + UserRoleRequest urr = new UserRoleRequest(); + urr.setRole(args[idx++]); + // Set Start/End commands + setStartEnd(urr); + + Future<?> fp = null; + + if (option != 2) { + String[] ids = args[idx++].split(","); + String verb=null,participle=null; + // You can request to be added or removed from role. + setQueryParamsOn(client); + + for(String id: ids) { + id=fullID(id); + urr.setUser(id); + switch(option) { + case 0: + fp = client.create( + "/authz/userRole", + getDF(UserRoleRequest.class), + urr); + verb = "Added"; + participle = "] to Role [" ; + break; + case 1: + fp = client.delete( + "/authz/userRole/"+urr.getUser()+'/'+urr.getRole(), + Void.class); + verb = "Removed"; + participle = "] from Role [" ; + break; + case 3: + fp = client.update("/authz/userRole/extend/" + urr.getUser() + '/' + urr.getRole()); + verb = "Extended"; + participle = "] in Role [" ; + break; + + default: // actually, should never get here... + throw new CadiException("Invalid action [" + action + ']'); + } + if(fp.get(AAFcli.timeout())) { + pw().print(verb); + pw().print(" User ["); + pw().print(urr.getUser()); + pw().print(participle); + pw().print(urr.getRole()); + pw().println(']'); + } else { + switch(fp.code()) { + case 202: + pw().print("User Role "); + pw().print(action); + pw().println(" is Accepted, but requires Approvals before actualizing"); + break; + case 404: + if(option==3) { + pw().println("Failed with code 404: UserRole is not found, or you do not have permission to view"); + break; + } + default: + error(fp); + } + } + } + } else { + String allUsers = ""; + if (idx < args.length) + allUsers = args[idx++]; + StringBuilder finalUsers = new StringBuilder(); + for (String u : allUsers.split(",")) { + if (u != "") { + u=fullID(u); + if (finalUsers.length() > 0) finalUsers.append(","); + finalUsers.append(u); + } + } + + urr.setUser(finalUsers.toString()); + fp = client.update( + "/authz/userRole/role", + getDF(UserRoleRequest.class), + urr); + if(fp.get(AAFcli.timeout())) { + pw().println("Set the Role to Users [" + allUsers + "]"); + } else { + error(fp); + } + } + return fp==null?0:fp.code(); + } + }); + } + + @Override + public void detailedHelp(int indent, StringBuilder sb) { + detailLine(sb,indent,"Add OR Delete a User to/from a Role OR"); + detailLine(sb,indent,"Set a User's Roles to the roles supplied"); + detailLine(sb,indent+2,"role - Name of Role to create"); + detailLine(sb,indent+2,"id(s) - ID or IDs to add to the Role"); + sb.append('\n'); + detailLine(sb,indent+2,"Note: this is the same as \"user role add...\" except allows"); + detailLine(sb,indent+2,"assignment of role to multiple userss"); + detailLine(sb,indent+2,"WARNING: Users supplied with setTo will be the ONLY users attached to this role"); + detailLine(sb,indent+2,"If no users are supplied, the users attached to this role are reset."); + api(sb,indent,HttpMethods.POST,"authz/userRole",UserRoleRequest.class,true); + api(sb,indent,HttpMethods.DELETE,"authz/userRole/<user>/<role>",Void.class,false); + api(sb,indent,HttpMethods.PUT,"authz/userRole/<role>",UserRoleRequest.class,false); + } + +} diff --git a/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/user/Cred.java b/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/user/Cred.java new file mode 100644 index 00000000..4bb2ae30 --- /dev/null +++ b/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/user/Cred.java @@ -0,0 +1,154 @@ +/** + * ============LICENSE_START==================================================== + * org.onap.aaf + * =========================================================================== + * Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. + * =========================================================================== + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * ============LICENSE_END==================================================== + * + */ + +package org.onap.aaf.auth.cmd.user; + +import org.onap.aaf.auth.cmd.AAFcli; +import org.onap.aaf.auth.cmd.Cmd; +import org.onap.aaf.auth.cmd.Param; +import org.onap.aaf.auth.rserv.HttpMethods; +import org.onap.aaf.cadi.CadiException; +import org.onap.aaf.cadi.LocatorException; +import org.onap.aaf.cadi.client.Future; +import org.onap.aaf.cadi.client.Rcli; +import org.onap.aaf.cadi.client.Retryable; +import org.onap.aaf.misc.env.APIException; + +import aaf.v2_0.CredRequest; + +public class Cred extends Cmd { + public static final String ATTEMPT_FAILED_SPECIFICS_WITHELD = "Attempt Failed. Specifics witheld."; + private static final String CRED_PATH = "/authn/cred"; + private static final String[] options = {"add","del","reset","extend"/*,"clean"*/}; +// private Clean clean; + public Cred(User parent) { + super(parent,"cred", + new Param(optionsToString(options),true), + new Param("id",true), + new Param("password (! D|E)",false), + new Param("entry# (if multi)",false) + ); +// clean = new Clean(this); + } + + @Override + public int _exec(int _idx, final String ... args) throws CadiException, APIException, LocatorException { + int idx = _idx; + String key = args[idx++]; + final int option = whichOption(options,key); + + final CredRequest cr = new CredRequest(); + cr.setId(args[idx++]); + if(option!=1 && option!=3) { + if(idx>=args.length) throw new CadiException("Password Required"); + cr.setPassword(args[idx++]); + } + if(args.length>idx) + cr.setEntry(args[idx++]); + + // Set Start/End commands + setStartEnd(cr); +// final int cleanIDX = _idx+1; + Integer ret = same(new Retryable<Integer>() { + @Override + public Integer code(Rcli<?> client) throws CadiException, APIException { + Future<CredRequest> fp=null; + String verb =null; + switch(option) { + case 0: + fp = client.create( + CRED_PATH, + getDF(CredRequest.class), + cr + ); + verb = "Added Credential ["; + break; + case 1: +// if(aafcli.addForce())cr.setForce("TRUE"); + setQueryParamsOn(client); + fp = client.delete(CRED_PATH, + getDF(CredRequest.class), + cr + ); + verb = "Deleted Credential ["; + break; + case 2: + fp = client.update( + CRED_PATH, + getDF(CredRequest.class), + cr + ); + verb = "Reset Credential ["; + break; + case 3: + fp = client.update( + CRED_PATH+"/5", + getDF(CredRequest.class), + cr + ); + verb = "Extended Credential ["; + break; +// case 4: +// return clean.exec(cleanIDX, args); + } + if(fp.get(AAFcli.timeout())) { + pw().print(verb); + pw().print(cr.getId()); + pw().println(']'); + } else if(fp.code()==202) { + pw().println("Credential Action Accepted, but requires Approvals before actualizing"); + } else if(fp.code()==406 && option==1) { + pw().println("You cannot delete this Credential"); + } else { + pw().println(ATTEMPT_FAILED_SPECIFICS_WITHELD); + } + return fp.code(); + } + }); + if(ret==null)ret = -1; + return ret; + } + + @Override + public void detailedHelp(int _indent, StringBuilder sb) { + int indent = _indent; + detailLine(sb,indent,"Add, Delete or Reset Credential"); + indent+=2; + detailLine(sb,indent,"id - the ID to create/delete/reset within AAF"); + detailLine(sb,indent,"password - Company Policy compliant Password (not required for Delete)"); + detailLine(sb,indent,"entry - selected option when deleting/resetting a cred with multiple entries"); + sb.append('\n'); + detailLine(sb,indent,"The Domain can be related to any Namespace you have access to *"); + detailLine(sb,indent,"The Domain is in reverse order of Namespace, i.e. "); + detailLine(sb,indent+2,"NS of com.att.myapp can create user of XY1234@myapp.att.com"); + sb.append('\n'); + detailLine(sb,indent,"NOTE: AAF does support multiple creds with the same ID. Check with your org if you"); + detailLine(sb,indent+2,"have this implemented. (For example, this is implemented for MechIDs at AT&T)"); + sb.append('\n'); + detailLine(sb,indent,"*NOTE: com.att.csp is a reserved Domain for Global Sign On"); + + detailLine(sb,indent,"Delegates can be listed by the User or by the Delegate"); + indent-=2; + api(sb,indent,HttpMethods.POST,"authn/cred",CredRequest.class,true); + api(sb,indent,HttpMethods.DELETE,"authn/cred",CredRequest.class,false); + api(sb,indent,HttpMethods.PUT,"authn/cred",CredRequest.class,false); + } +} diff --git a/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/user/Delg.java b/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/user/Delg.java new file mode 100644 index 00000000..ec1aa5a0 --- /dev/null +++ b/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/user/Delg.java @@ -0,0 +1,131 @@ +/** + * ============LICENSE_START==================================================== + * org.onap.aaf + * =========================================================================== + * Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. + * =========================================================================== + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * ============LICENSE_END==================================================== + * + */ + +package org.onap.aaf.auth.cmd.user; + +import java.text.ParseException; +import java.util.Date; + +import org.onap.aaf.auth.cmd.AAFcli; +import org.onap.aaf.auth.cmd.BaseCmd; +import org.onap.aaf.auth.cmd.Param; +import org.onap.aaf.auth.rserv.HttpMethods; +import org.onap.aaf.cadi.CadiException; +import org.onap.aaf.cadi.LocatorException; +import org.onap.aaf.cadi.client.Future; +import org.onap.aaf.cadi.client.Rcli; +import org.onap.aaf.cadi.client.Retryable; +import org.onap.aaf.misc.env.APIException; +import org.onap.aaf.misc.env.util.Chrono; +import org.onap.aaf.misc.rosetta.env.RosettaDF; + +import aaf.v2_0.DelgRequest; + +public class Delg extends BaseCmd<User> { + static final String AUTHZ_DELG = "/authz/delegate"; + private final static String[] options = {"add","upd","del"}; + + public Delg(User user) throws APIException { + super(user,"delegate", + new Param(optionsToString(options),true), + new Param("from",true), + new Param("to REQ A&U",false), + new Param("until (YYYY-MM-DD) REQ A", false) + ); + } + + @Override + public int _exec(final int index, final String ... args) throws CadiException, APIException, LocatorException { + return same(new Retryable<Integer>() { + @Override + public Integer code(Rcli<?> client) throws CadiException, APIException { + int idx = index; + DelgRequest dr = new DelgRequest(); + setStartEnd(dr); + + int option= whichOption(options, args[idx++]); + String user = fullID(args[idx++]); + dr.setUser(user); + if(option<2) { + String delegate = fullID(args[idx++]); + dr.setDelegate(delegate); + if(option<2 && args.length>idx) { + Date date; + try { + date = Chrono.dateOnlyFmt.parse(args[idx++]); + } catch (ParseException e) { + throw new CadiException(e); + } + dr.setEnd(Chrono.timeStamp(date)); + } + } + + Future<DelgRequest> fp; + RosettaDF<DelgRequest> df = getDF(DelgRequest.class); + String verb; + setQueryParamsOn(client); + + switch(option) { + case 0: + fp = client.create(AUTHZ_DELG, df, dr); + verb = "Added"; + break; + case 1: + fp = client.update(AUTHZ_DELG, df, dr); + verb = "Updated"; + break; + case 2: + fp = client.delete(AUTHZ_DELG, df, dr); + verb = "Deleted"; + break; + default: + throw new CadiException("Bad Argument"); + }; + + if(fp.get(AAFcli.timeout())) { + pw().append("Delegate "); + pw().println(verb); + } else { + error(fp); + } + return fp.code(); + } + }); + } + + @Override + public void detailedHelp(int _indent, StringBuilder sb) { + int indent = _indent; + detailLine(sb,indent,"Add, Update or Delete Delegate"); + indent+=2; + detailLine(sb,indent,"A Delegate is a person who will temporarily cover the Approval and"); + detailLine(sb,indent,"Ownership questions on behalf of the person Responsible."); + sb.append('\n'); + detailLine(sb,indent,"fromID - the person who is the Responsible person of record"); + detailLine(sb,indent,"toID - the person who will be delegated (required for Add/Update)"); + detailLine(sb,indent,"until - the end date for this delegation"); + indent-=2; + api(sb,indent,HttpMethods.POST,AUTHZ_DELG,DelgRequest.class,true); + api(sb,indent,HttpMethods.DELETE,AUTHZ_DELG,DelgRequest.class,false); + api(sb,indent,HttpMethods.PUT,AUTHZ_DELG,DelgRequest.class,false); + } + +} diff --git a/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/user/List.java b/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/user/List.java new file mode 100644 index 00000000..5c87f906 --- /dev/null +++ b/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/user/List.java @@ -0,0 +1,121 @@ +/** + * ============LICENSE_START==================================================== + * org.onap.aaf + * =========================================================================== + * Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. + * =========================================================================== + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * ============LICENSE_END==================================================== + * + */ + +package org.onap.aaf.auth.cmd.user; + +import java.util.Collections; +import java.util.Comparator; + +import org.onap.aaf.auth.cmd.BaseCmd; +import org.onap.aaf.misc.env.util.Chrono; + +import aaf.v2_0.Approval; +import aaf.v2_0.Approvals; +import aaf.v2_0.Delg; +import aaf.v2_0.Delgs; +import aaf.v2_0.Users; + +public class List extends BaseCmd<User> { + + public List(User parent) { + super(parent,"list"); + cmds.add(new ListForRoles(this)); + cmds.add(new ListForPermission(this)); + cmds.add(new ListForCreds(this)); + cmds.add(new ListDelegates(this)); + cmds.add(new ListApprovals(this)); + cmds.add(new ListActivity(this)); + } + + + void report(Users users, boolean count, String ... str) { + reportHead(str); + int idx = 0; + java.util.List<aaf.v2_0.Users.User> sorted = users.getUser(); + Collections.sort(sorted, new Comparator<aaf.v2_0.Users.User>() { + @Override + public int compare(aaf.v2_0.Users.User u1, aaf.v2_0.Users.User u2) { + if(u2==null || u2 == null) { + return -1; + } + return u1.getId().compareTo(u2.getId()); + } + }); + String format = reportColHead("%-40s %-10s %-30s\n","User","Type","Expires"); + String date = "XXXX-XX-XX"; + for(aaf.v2_0.Users.User user : sorted) { + if(!aafcli.isTest()) { + date = Chrono.dateOnlyStamp(user.getExpires()); + } + pw().format(format, + count? (Integer.valueOf(++idx) + ") " + user.getId()): user.getId(), + org.onap.aaf.auth.cmd.ns.List.getType(user), + date); + } + pw().println(); + } + + public void report(Approvals approvals, String title, String id) { + reportHead(title,id); + String format = reportColHead(" %-20s %-20s %-11s %-6s %12s\n","User","Approver","Type","Status","Updated"); + java.util.List<Approval> lapp = approvals.getApprovals(); + Collections.sort(lapp, new Comparator<Approval>() { + @Override + public int compare(Approval a1, Approval a2) { + return a1.getTicket().compareTo(a2.getTicket()); + } + } ); + String ticket = null, prev = null; + for(Approval app : lapp ) { + ticket = app.getTicket(); + if(!ticket.equals(prev)) { + pw().print("Ticket: "); + pw().println(ticket); + } + prev = ticket; + + pw().format(format, + app.getUser(), + app.getApprover(), + app.getType(), + app.getStatus(), + Chrono.niceDateStamp(app.getUpdated()) + ); + } + } + + public void report(Delgs delgs, String title, String id) { + reportHead(title,id); + String format = reportColHead(" %-25s %-25s %-10s\n","User","Delegate","Expires"); + String date = "XXXX-XX-XX"; + for(Delg delg : delgs.getDelgs()) { + if(!this.aafcli.isTest()) + date = Chrono.dateOnlyStamp(delg.getExpires()); + pw().printf(format, + delg.getUser(), + delg.getDelegate(), + date + ); + } + } + + +} diff --git a/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/user/ListActivity.java b/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/user/ListActivity.java new file mode 100644 index 00000000..8ffcb0b6 --- /dev/null +++ b/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/user/ListActivity.java @@ -0,0 +1,78 @@ +/** + * ============LICENSE_START==================================================== + * org.onap.aaf + * =========================================================================== + * Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. + * =========================================================================== + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * ============LICENSE_END==================================================== + * + */ + +package org.onap.aaf.auth.cmd.user; + +import org.onap.aaf.auth.cmd.AAFcli; +import org.onap.aaf.auth.cmd.Cmd; +import org.onap.aaf.auth.cmd.Param; +import org.onap.aaf.auth.rserv.HttpMethods; +import org.onap.aaf.cadi.CadiException; +import org.onap.aaf.cadi.LocatorException; +import org.onap.aaf.cadi.client.Future; +import org.onap.aaf.cadi.client.Rcli; +import org.onap.aaf.cadi.client.Retryable; +import org.onap.aaf.misc.env.APIException; + +import aaf.v2_0.History; + +/** + * * @author Jonathan + * + */ +public class ListActivity extends Cmd { + private static final String HEADER = "List Activity of User"; + + public ListActivity(List parent) { + super(parent,"activity", + new Param("user",true)); + } + + @Override + public int _exec(int _idx, final String ... args) throws CadiException, APIException, LocatorException { + int idx = _idx; + final String user = fullID(args[idx++]); + return same(new Retryable<Integer>() { + @Override + public Integer code(Rcli<?> client) throws CadiException, APIException { + + Future<History> fp = client.read( + "/authz/hist/user/"+user, + getDF(History.class) + ); + if(fp.get(AAFcli.timeout())) { + activity(fp.value,HEADER + " [ " + user + " ]"); + } else { + error(fp); + } + return fp.code(); + } + }); + } + + + @Override + public void detailedHelp(int indent, StringBuilder sb) { + detailLine(sb,indent,HEADER); + api(sb,indent,HttpMethods.GET,"authz/hist/user/<user>",History.class,true); + } + +} diff --git a/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/user/ListApprovals.java b/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/user/ListApprovals.java new file mode 100644 index 00000000..0a461c49 --- /dev/null +++ b/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/user/ListApprovals.java @@ -0,0 +1,102 @@ +/** + * ============LICENSE_START==================================================== + * org.onap.aaf + * =========================================================================== + * Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. + * =========================================================================== + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * ============LICENSE_END==================================================== + * + */ + +package org.onap.aaf.auth.cmd.user; + +import org.onap.aaf.auth.cmd.AAFcli; +import org.onap.aaf.auth.cmd.Cmd; +import org.onap.aaf.auth.cmd.Param; +import org.onap.aaf.auth.rserv.HttpMethods; +import org.onap.aaf.cadi.CadiException; +import org.onap.aaf.cadi.LocatorException; +import org.onap.aaf.cadi.client.Future; +import org.onap.aaf.cadi.client.Rcli; +import org.onap.aaf.cadi.client.Retryable; +import org.onap.aaf.misc.env.APIException; + +import aaf.v2_0.Approvals; + +/** + * + * @author Jonathan + * + */ +public class ListApprovals extends Cmd { + private static final String HEADER = "List Approvals"; + private final static String[] options = {"user","approver","ticket"}; + public ListApprovals(List parent) { + super(parent,"approvals", + new Param(optionsToString(options),true), + new Param("value",true)); + } + + @Override + public int _exec(int _idx, final String ... args) throws CadiException, APIException, LocatorException { + int idx = _idx; + final String type = args[idx++]; + int option = whichOption(options,type); + String value = args[idx++]; + final String fullValue; + if (option != 2) { + fullValue = fullID(value); + } else { + fullValue = value; + } + return same(new Retryable<Integer>() { + @Override + public Integer code(Rcli<?> client) throws CadiException, APIException { + Future<Approvals> fp = client.read( + "/authz/approval/"+type+'/'+fullValue, + getDF(Approvals.class) + ); + if(fp.get(AAFcli.timeout())) { + ((List)parent).report(fp.value,HEADER + " by " + type,fullValue); + if(fp.code()==404) { + return 200; + } + } else { + error(fp); + } + return fp.code(); + } + }); + } + + @Override + public void detailedHelp(int _indent, StringBuilder sb) { + int indent = _indent; + detailLine(sb,indent,HEADER); + indent+=2; + detailLine(sb,indent,"Approvals are used when the Requestor does not have the rights"); + detailLine(sb,indent,"to perform the action required. Approvers are those listed as"); + detailLine(sb,indent,"responsible for Namespace associated with the request, and those"); + detailLine(sb,indent,"required by the Company by Policy. This may be, for instance"); + detailLine(sb,indent,"the supervisor of the requestor"); + sb.append('\n'); + detailLine(sb,indent,"Delegates can be listed by User, Approver or Ticket."); + indent-=2; + api(sb,indent,HttpMethods.GET,"authz/approval/user/<value>",Approvals.class,true); + api(sb,indent,HttpMethods.GET,"authz/approval/approver/<value>",Approvals.class,false); + api(sb,indent,HttpMethods.GET,"authz/approval/ticket/<value>",Approvals.class,false); + } + + +} diff --git a/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/user/ListDelegates.java b/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/user/ListDelegates.java new file mode 100644 index 00000000..4397b426 --- /dev/null +++ b/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/user/ListDelegates.java @@ -0,0 +1,92 @@ +/** + * ============LICENSE_START==================================================== + * org.onap.aaf + * =========================================================================== + * Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. + * =========================================================================== + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * ============LICENSE_END==================================================== + * + */ + +package org.onap.aaf.auth.cmd.user; + +import org.onap.aaf.auth.cmd.AAFcli; +import org.onap.aaf.auth.cmd.Cmd; +import org.onap.aaf.auth.cmd.Param; +import org.onap.aaf.auth.rserv.HttpMethods; +import org.onap.aaf.cadi.CadiException; +import org.onap.aaf.cadi.LocatorException; +import org.onap.aaf.cadi.client.Future; +import org.onap.aaf.cadi.client.Rcli; +import org.onap.aaf.cadi.client.Retryable; +import org.onap.aaf.misc.env.APIException; + +import aaf.v2_0.Delgs; + +/** + * * @author Jonathan + * + */ +public class ListDelegates extends Cmd { + private static final String HEADER = "List Delegates"; + private static final String[] options = {"user","delegate"}; + public ListDelegates(List parent) { + super(parent,"delegates", + new Param(optionsToString(options),true), + new Param("id",true)); + } + + @Override + public int _exec(int _idx, final String ... args) throws CadiException, APIException, LocatorException { + int idx = _idx; + final String key = args[idx++]; + //int option = whichOption(options,key); + final String id = fullID(args[idx++]); + return same(new Retryable<Integer>() { + @Override + public Integer code(Rcli<?> client) throws CadiException, APIException { + + Future<Delgs> fp = client.read( + "/authz/delegates/" + key + '/' + id, + getDF(Delgs.class) + ); + if(fp.get(AAFcli.timeout())) { + ((List)parent).report(fp.value,HEADER + " by " + key, id); + if(fp.code()==404)return 200; + } else { + error(fp); + } + return fp.code(); + } + }); + } + + @Override + public void detailedHelp(int _indent, StringBuilder sb) { + int indent = _indent; + detailLine(sb,indent,HEADER); + indent+=2; + detailLine(sb,indent,"Delegates are those people temporarily assigned to cover the"); + detailLine(sb,indent,"responsibility of Approving, etc, while the actual Responsible"); + detailLine(sb,indent,"Party is absent. Typically, this is for Vacation, or Business"); + detailLine(sb,indent,"Travel."); + sb.append('\n'); + detailLine(sb,indent,"Delegates can be listed by the User or by the Delegate"); + indent-=2; + api(sb,indent,HttpMethods.GET,"authz/delegates/user/<id>",Delgs.class,true); + api(sb,indent,HttpMethods.GET,"authz/delegates/delegate/<id>",Delgs.class,false); + } + + +} diff --git a/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/user/ListForCreds.java b/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/user/ListForCreds.java new file mode 100644 index 00000000..4aa42f9f --- /dev/null +++ b/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/user/ListForCreds.java @@ -0,0 +1,100 @@ +/** + * ============LICENSE_START==================================================== + * org.onap.aaf + * =========================================================================== + * Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. + * =========================================================================== + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * ============LICENSE_END==================================================== + * + */ + +package org.onap.aaf.auth.cmd.user; + +import java.util.Collections; +import java.util.Comparator; + +import org.onap.aaf.auth.cmd.AAFcli; +import org.onap.aaf.auth.cmd.Cmd; +import org.onap.aaf.auth.cmd.Param; +import org.onap.aaf.auth.rserv.HttpMethods; +import org.onap.aaf.cadi.CadiException; +import org.onap.aaf.cadi.LocatorException; +import org.onap.aaf.cadi.client.Future; +import org.onap.aaf.cadi.client.Rcli; +import org.onap.aaf.cadi.client.Retryable; +import org.onap.aaf.misc.env.APIException; + +import aaf.v2_0.Users; +import aaf.v2_0.Users.User; + +/** + * List for Creds + * @author Jonathan + * + */ +public class ListForCreds extends Cmd { + private final static String[] options = {"ns","id"}; + + private static final String HEADER = "List creds by Namespace or ID "; + public ListForCreds(List parent) { + super(parent,"cred", + new Param(optionsToString(options),true), + new Param("value",true)); + } + + @Override + public int _exec(int _idx, final String ... args) throws CadiException, APIException, LocatorException { + int idx = _idx; + final int option = whichOption(options, args[idx++]); + final String which = options[option]; + final String value = args[idx++]; + return same(new Retryable<Integer>() { + @Override + public Integer code(Rcli<?> client) throws CadiException, APIException { + Future<Users> fp = client.read( + "/authn/creds/"+which+'/'+value, + getDF(Users.class) + ); + if(fp.get(AAFcli.timeout())) { + if (aafcli.isTest()) + Collections.sort(fp.value.getUser(), new Comparator<User>() { + @Override + public int compare(User u1, User u2) { + return u1.getId().compareTo(u2.getId()); + } + }); + ((org.onap.aaf.auth.cmd.user.List)parent).report(fp.value,option==1,HEADER+which,value); + if(fp.code()==404)return 200; + } else { + error(fp); + } + return fp.code(); + } + }); + } + + @Override + public void detailedHelp(int _indent, StringBuilder sb) { + int indent = _indent; + detailLine(sb,indent,HEADER); + indent+=2; + detailLine(sb,indent,"This report lists the users associated to either Namespaces or IDs."); + detailLine(sb,indent,"ns (literal) - which Namespace"); + detailLine(sb,indent,"id (literal) - identity"); + indent-=2; + api(sb,indent,HttpMethods.GET,"authn/creds/ns/<ns>",Users.class,true); + api(sb,indent,HttpMethods.GET,"authn/creds/id/<identity>",Users.class,true); + } + +} diff --git a/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/user/ListForPermission.java b/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/user/ListForPermission.java new file mode 100644 index 00000000..32938101 --- /dev/null +++ b/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/user/ListForPermission.java @@ -0,0 +1,103 @@ +/** + * ============LICENSE_START==================================================== + * org.onap.aaf + * =========================================================================== + * Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. + * =========================================================================== + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * ============LICENSE_END==================================================== + * + */ + +package org.onap.aaf.auth.cmd.user; + +import java.util.Collections; +import java.util.Comparator; + +import org.onap.aaf.auth.cmd.AAFcli; +import org.onap.aaf.auth.cmd.Cmd; +import org.onap.aaf.auth.cmd.Param; +import org.onap.aaf.auth.rserv.HttpMethods; +import org.onap.aaf.cadi.CadiException; +import org.onap.aaf.cadi.LocatorException; +import org.onap.aaf.cadi.client.Future; +import org.onap.aaf.cadi.client.Rcli; +import org.onap.aaf.cadi.client.Retryable; +import org.onap.aaf.misc.env.APIException; + +import aaf.v2_0.Users; +import aaf.v2_0.Users.User; + +/** + * p + * @author Jonathan + * + */ +public class ListForPermission extends Cmd { + private static final String HEADER = "List Users for Permission"; + public ListForPermission(List parent) { + super(parent,"perm", + new Param("type",true), + new Param("instance",true), + new Param("action",true)); + } + + @Override + public int _exec(final int index, final String ... args) throws CadiException, APIException, LocatorException { + return same(new Retryable<Integer>() { + @Override + public Integer code(Rcli<?> client) throws CadiException, APIException { + int idx = index; + String type = args[idx++]; + String instance = args[idx++]; + if("\\*".equals(instance))instance="*"; + String action = args[idx++]; + if("\\*".equals(action))action="*"; + Future<Users> fp = client.read( + "/authz/users/perm/"+type+'/'+instance+'/'+action, + getDF(Users.class) + ); + if(fp.get(AAFcli.timeout())) { + if (aafcli.isTest()) + Collections.sort(fp.value.getUser(), new Comparator<User>() { + @Override + public int compare(User u1, User u2) { + return u1.getId().compareTo(u2.getId()); + } + }); + ((org.onap.aaf.auth.cmd.user.List)parent).report(fp.value,false,HEADER,type+"|"+instance+"|"+action); + if(fp.code()==404)return 200; + } else { + error(fp); + } + return fp.code(); + } + }); + } + + @Override + public void detailedHelp(int _indent, StringBuilder sb) { + int indent = _indent; + detailLine(sb,indent,HEADER); + indent+=2; + detailLine(sb,indent,"This report lists the users associated to Permissions. Since Users"); + detailLine(sb,indent,"are associated to Roles, and Roles have Permissions, this report"); + detailLine(sb,indent,"accomodates all these linkages."); + sb.append('\n'); + detailLine(sb,indent,"The URL must contain the Permission's type,instance and action, and "); + detailLine(sb,indent,"may include \"*\"s (type in as \\\\*)."); + detailLine(sb,indent,"See Perm Create Documentation for definitions."); + indent-=2; + api(sb,indent,HttpMethods.GET,"authz/users/perm/<type>/<instance>/<action>",Users.class,true); + } +} diff --git a/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/user/ListForRoles.java b/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/user/ListForRoles.java new file mode 100644 index 00000000..28d7f57a --- /dev/null +++ b/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/user/ListForRoles.java @@ -0,0 +1,92 @@ +/** + * ============LICENSE_START==================================================== + * org.onap.aaf + * =========================================================================== + * Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. + * =========================================================================== + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * ============LICENSE_END==================================================== + * + */ + +package org.onap.aaf.auth.cmd.user; + +import java.util.Collections; +import java.util.Comparator; + +import org.onap.aaf.auth.cmd.AAFcli; +import org.onap.aaf.auth.cmd.Cmd; +import org.onap.aaf.auth.cmd.Param; +import org.onap.aaf.auth.rserv.HttpMethods; +import org.onap.aaf.cadi.CadiException; +import org.onap.aaf.cadi.LocatorException; +import org.onap.aaf.cadi.client.Future; +import org.onap.aaf.cadi.client.Rcli; +import org.onap.aaf.cadi.client.Retryable; +import org.onap.aaf.misc.env.APIException; + +import aaf.v2_0.Users; +import aaf.v2_0.Users.User; + +/** + * p + * @author Jonathan + * + */ +public class ListForRoles extends Cmd { + private static final String HEADER = "List Users for Role"; + public ListForRoles(List parent) { + super(parent,"role", new Param("role",true)); + } + + @Override + public int _exec(int _idx, final String ... args) throws CadiException, APIException, LocatorException { + int idx = _idx; + final String role = args[idx++]; + return same(new Retryable<Integer>() { + @Override + public Integer code(Rcli<?> client) throws CadiException, APIException { + Future<Users> fp = client.read( + "/authz/users/role/"+role, + getDF(Users.class) + ); + if(fp.get(AAFcli.timeout())) { + if (aafcli.isTest()) + Collections.sort(fp.value.getUser(), new Comparator<User>() { + @Override + public int compare(User u1, User u2) { + return u1.getId().compareTo(u2.getId()); + } + }); + ((org.onap.aaf.auth.cmd.user.List)parent).report(fp.value,false, HEADER,role); + if(fp.code()==404)return 200; + } else { + error(fp); + } + return fp.code(); + } + }); + } + + @Override + public void detailedHelp(int _indent, StringBuilder sb) { + int indent = _indent; + detailLine(sb,indent,HEADER); + indent+=2; + detailLine(sb,indent,"This report lists the users associated to Roles."); + detailLine(sb,indent,"role - the Role name"); + indent-=2; + api(sb,indent,HttpMethods.GET,"authz/users/role/<role>",Users.class,true); + } + +} diff --git a/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/user/Role.java b/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/user/Role.java new file mode 100644 index 00000000..70bc16a3 --- /dev/null +++ b/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/user/Role.java @@ -0,0 +1,155 @@ +/** + * ============LICENSE_START==================================================== + * org.onap.aaf + * =========================================================================== + * Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. + * =========================================================================== + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * ============LICENSE_END==================================================== + * + */ + +package org.onap.aaf.auth.cmd.user; + +import org.onap.aaf.auth.cmd.AAFcli; +import org.onap.aaf.auth.cmd.Cmd; +import org.onap.aaf.auth.cmd.Param; +import org.onap.aaf.auth.rserv.HttpMethods; +import org.onap.aaf.cadi.CadiException; +import org.onap.aaf.cadi.LocatorException; +import org.onap.aaf.cadi.client.Future; +import org.onap.aaf.cadi.client.Rcli; +import org.onap.aaf.cadi.client.Retryable; +import org.onap.aaf.misc.env.APIException; + +import aaf.v2_0.UserRoleRequest; + +/** + * p + * + * @author Jonathan + * + */ +public class Role extends Cmd { + private static final String[] options = {"add", "del", "setTo","extend"}; + public Role(User parent) { + super(parent, "role", new Param(optionsToString(options), true), new Param("user", true), new Param( + "role[,role]* (!REQ S)", false)); + } + + @Override + public int _exec(final int index, final String ... args) throws CadiException, APIException, LocatorException { + return same(new Retryable<Integer>() { + @Override + public Integer code(Rcli<?> client) throws CadiException, APIException { + int idx = index; + String key = args[idx++]; + int option = whichOption(options, key); + final String user = fullID(args[idx++]); + + UserRoleRequest urr = new UserRoleRequest(); + urr.setUser(user); + // Set Start/End commands + setStartEnd(urr); + + Future<?> fp = null; + + if (option != 2) { + if (args.length < 5) { + throw new CadiException(build(new StringBuilder("Too few args: "), null).toString()); + } + String[] roles = args[idx++].split(","); + for (String role : roles) { + String verb = null,participle=null; + urr.setRole(role); + // You can request to be added or removed from role. + setQueryParamsOn(client); + switch(option) { + case 0: + fp = client.create("/authz/userRole", getDF(UserRoleRequest.class), urr); + verb = "Added"; + participle = "] to User [" ; + break; + case 1: + fp = client.delete("/authz/userRole/" + urr.getUser() + '/' + urr.getRole(), Void.class); + verb = "Removed"; + participle = "] from User [" ; + break; + case 3: + fp = client.update("/authz/userRole/extend/" + urr.getUser() + '/' + urr.getRole()); + verb = "Extended"; + participle = "] to User [" ; + break; + default: + throw new CadiException("Invalid action [" + key + ']'); + } + if (fp.get(AAFcli.timeout())) { + pw().print(verb); + pw().print(" Role ["); + pw().print(urr.getRole()); + pw().print(participle); + pw().print(urr.getUser()); + pw().println(']'); + } else { + switch(fp.code()) { + case 202: + pw().print("UserRole "); + pw().print(option == 0 ? "Creation" : option==1?"Deletion":"Extension"); + pw().println(" Accepted, but requires Approvals before actualizing"); + break; + case 404: + if(option==3) { + pw().println("Failed with code 404: UserRole is not found, or you do not have permission to view"); + break; + } + default: + error(fp); + } + } + } + } else { + // option 2 is setTo command (an update call) + String allRoles = ""; + if (idx < args.length) + allRoles = args[idx++]; + + urr.setRole(allRoles); + fp = client.update("/authz/userRole/user", getDF(UserRoleRequest.class), urr); + if (fp.get(AAFcli.timeout())) { + pw().println("Set User's Roles to [" + allRoles + "]"); + } else { + error(fp); + } + } + return fp == null ? 0 : fp.code(); + } + }); + } + + @Override + public void detailedHelp(int indent, StringBuilder sb) { + detailLine(sb, indent, "Add OR Delete a User to/from a Role OR"); + detailLine(sb, indent, "Set a User's Roles to the roles supplied"); + detailLine(sb, indent + 2, "user - ID of User"); + detailLine(sb, indent + 2, "role(s) - Role or Roles to which to add the User"); + sb.append('\n'); + detailLine(sb, indent + 2, "Note: this is the same as \"role user add...\" except allows"); + detailLine(sb, indent + 2, "assignment of user to multiple roles"); + detailLine(sb, indent + 2, "WARNING: Roles supplied with setTo will be the ONLY roles attached to this user"); + detailLine(sb, indent + 2, "If no roles are supplied, user's roles are reset."); + api(sb, indent, HttpMethods.POST, "authz/userRole", UserRoleRequest.class, true); + api(sb, indent, HttpMethods.DELETE, "authz/userRole/<user>/<role>", Void.class, false); + api(sb, indent, HttpMethods.PUT, "authz/userRole/<user>", UserRoleRequest.class, false); + } + +} diff --git a/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/user/User.java b/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/user/User.java new file mode 100644 index 00000000..458fc33a --- /dev/null +++ b/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/user/User.java @@ -0,0 +1,36 @@ +/** + * ============LICENSE_START==================================================== + * org.onap.aaf + * =========================================================================== + * Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. + * =========================================================================== + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * ============LICENSE_END==================================================== + * + */ + +package org.onap.aaf.auth.cmd.user; + +import org.onap.aaf.auth.cmd.AAFcli; +import org.onap.aaf.auth.cmd.BaseCmd; +import org.onap.aaf.misc.env.APIException; + +public class User extends BaseCmd<User> { + public User(AAFcli aafcli) throws APIException { + super(aafcli,"user"); + cmds.add(new Role(this)); + cmds.add(new Cred(this)); + cmds.add(new Delg(this)); + cmds.add(new List(this)); + } +} |