diff options
Diffstat (limited to 'auth/auth-cmd')
6 files changed, 164 insertions, 240 deletions
diff --git a/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/Cmd.java b/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/Cmd.java index 49fd4869..6ca09213 100644 --- a/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/Cmd.java +++ b/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/Cmd.java @@ -406,6 +406,7 @@ public abstract class Cmd { return i; } } + pw().printf("%s is not a valid cmd\n",test); throw new CadiException(build(new StringBuilder("Invalid Option: "),null).toString()); } diff --git a/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/perm/Grant.java b/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/perm/Grant.java index ca958c20..f27a2609 100644 --- a/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/perm/Grant.java +++ b/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/perm/Grant.java @@ -43,7 +43,7 @@ import aaf.v2_0.RolePermRequest; * */ public class Grant extends Cmd { - private static final String[] options = {"grant","ungrant","setTo"}; + private static final String[] options = {"grant","ungrant"}; public Grant(Perm parent) { super(parent,null, @@ -51,7 +51,7 @@ public class Grant extends Cmd { new Param("type",true), new Param("instance",true), new Param("action",true), - new Param("role[,role]* (!REQ S)",false) + new Param("role[,role]*",false) ); } @@ -74,63 +74,46 @@ public class Grant extends Cmd { Future<RolePermRequest> frpr = null; - if (option != 2) { - String[] roles = args[idx++].split(","); - String strA; - String strB; - for (String role : roles) { - rpr.setRole(role); - if (option==0) { - // You can request to Grant Permission to a Role - setQueryParamsOn(client); - frpr = client.create( - "/authz/role/perm", - getDF(RolePermRequest.class), - rpr - ); - strA = "Granted Permission ["; - strB = "] to Role ["; - } else { - // You can request to UnGrant Permission to a Role - setQueryParamsOn(client); - frpr = client.delete( - "/authz/role/" + role + "/perm", - getDF(RolePermRequest.class), - rpr - ); - strA = "UnGranted Permission ["; - strB = "] from Role ["; - } - if (frpr.get(AAFcli.timeout())) { - pw().println(strA + pk.getType() + '|' + pk.getInstance() + '|' + pk.getAction() - + strB + role +']'); - } else { - if (frpr.code()==202) { - pw().print("Permission Role "); - pw().print(option==0?"Granted":"Ungranted"); - pw().println(" Accepted, but requires Approvals before actualizing"); - } else { - error(frpr); - idx=Integer.MAX_VALUE; - } - } + String[] roles = args[idx++].split(","); + String strA; + String strB; + for (String role : roles) { + rpr.setRole(role); + if (option==0) { + // You can request to Grant Permission to a Role + setQueryParamsOn(client); + frpr = client.create( + "/authz/role/perm", + getDF(RolePermRequest.class), + rpr + ); + strA = "Granted Permission ["; + strB = "] to Role ["; + } else { + // You can request to UnGrant Permission to a Role + setQueryParamsOn(client); + frpr = client.delete( + "/authz/role/" + role + "/perm", + getDF(RolePermRequest.class), + rpr + ); + strA = "UnGranted Permission ["; + strB = "] from Role ["; } - } else { - String allRoles = ""; - if (idx < args.length) - allRoles = args[idx++]; - - rpr.setRole(allRoles); - frpr = client.update( - "/authz/role/perm", - getDF(RolePermRequest.class), - rpr); if (frpr.get(AAFcli.timeout())) { - pw().println("Set Permission's Roles to [" + allRoles + "]"); + pw().println(strA + pk.getType() + '|' + pk.getInstance() + '|' + pk.getAction() + + strB + role +']'); } else { - error(frpr); - } - } + if (frpr.code()==202) { + pw().print("Permission Role "); + pw().print(option==0?"Granted":"Ungranted"); + pw().println(" Accepted, but requires Approvals before actualizing"); + } else { + error(frpr); + idx=Integer.MAX_VALUE; + } + } + } return frpr==null?0:frpr.code(); } }); @@ -138,16 +121,11 @@ public class Grant extends Cmd { @Override public void detailedHelp(int indent, StringBuilder sb) { - detailLine(sb,indent,"Grant a Permission to a Role or Roles OR"); - detailLine(sb,indent,"Ungrant a Permission from a Role or Roles OR"); - detailLine(sb,indent,"Set a Permission's roles to roles supplied."); - detailLine(sb,indent+4,"WARNING: Roles supplied with setTo will be the ONLY roles attached to this permission"); - detailLine(sb,indent+8,"If no roles are supplied, permission's roles are reset."); + detailLine(sb,indent,"Grant a Permission to a Role or Roles OR"); + detailLine(sb,indent,"Ungrant a Permission from a Role or Roles"); detailLine(sb,indent,"see Create for definitions of type,instance and action"); api(sb,indent,HttpMethods.POST,"authz/role/perm",RolePermRequest.class,true); api(sb,indent,HttpMethods.DELETE,"authz/role/<role>/perm",RolePermRequest.class,false); - api(sb,indent,HttpMethods.PUT,"authz/role/perm",RolePermRequest.class,false); - } } diff --git a/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/role/User.java b/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/role/User.java index 364b3980..45361a3f 100644 --- a/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/role/User.java +++ b/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/role/User.java @@ -40,12 +40,12 @@ import aaf.v2_0.UserRoleRequest; * */ public class User extends Cmd { - private final static String[] options = {"add","del","setTo","extend"}; + private final static String[] options = {"add","del","extend"}; public User(Role parent) { super(parent,"user", new Param(optionsToString(options),true), new Param("role",true), - new Param("id[,id]* (not required for setTo)",false)); + new Param("id[,id]*",false)); } @Override @@ -63,87 +63,62 @@ public class User extends Cmd { Future<?> fp = null; - if (option != 2) { - String[] ids = args[idx++].split(","); - String verb=null,participle=null; - // You can request to be added or removed from role. - setQueryParamsOn(client); + String[] ids = args[idx++].split(","); + String verb=null,participle=null; + // You can request to be added or removed from role. + setQueryParamsOn(client); - for (String id: ids) { - id=fullID(id); - urr.setUser(id); - switch(option) { - case 0: - fp = client.create( - "/authz/userRole", - getDF(UserRoleRequest.class), - urr); - verb = "Added"; - participle = "] to Role [" ; - break; - case 1: - fp = client.delete( - "/authz/userRole/"+urr.getUser()+'/'+urr.getRole(), - Void.class); - verb = "Removed"; - participle = "] from Role [" ; - break; - case 3: - fp = client.update("/authz/userRole/extend/" + urr.getUser() + '/' + urr.getRole()); - verb = "Extended"; - participle = "] in Role [" ; - break; + for (String id: ids) { + id=fullID(id); + urr.setUser(id); + switch(option) { + case 0: + fp = client.create( + "/authz/userRole", + getDF(UserRoleRequest.class), + urr); + verb = "Added"; + participle = "] to Role [" ; + break; + case 1: + fp = client.delete( + "/authz/userRole/"+urr.getUser()+'/'+urr.getRole(), + Void.class); + verb = "Removed"; + participle = "] from Role [" ; + break; + case 2: + fp = client.update("/authz/userRole/extend/" + urr.getUser() + '/' + urr.getRole()); + verb = "Extended"; + participle = "] in Role [" ; + break; - default: // actually, should never get here... - throw new CadiException("Invalid action [" + action + ']'); - } - if (fp.get(AAFcli.timeout())) { - pw().print(verb); - pw().print(" User ["); - pw().print(urr.getUser()); - pw().print(participle); - pw().print(urr.getRole()); - pw().println(']'); - } else { - switch(fp.code()) { - case 202: - pw().print("User Role "); - pw().print(action); - pw().println(" is Accepted, but requires Approvals before actualizing"); - break; - case 404: - if (option==3) { - pw().println("Failed with code 404: UserRole is not found, or you do not have permission to view"); - break; - } - default: - error(fp); - } - } + default: // actually, should never get here... + throw new CadiException("Invalid action [" + action + ']'); } - } else { - String allUsers = ""; - if (idx < args.length) - allUsers = args[idx++]; - StringBuilder finalUsers = new StringBuilder(); - for (String u : allUsers.split(",")) { - if (u != "") { - u=fullID(u); - if (finalUsers.length() > 0) finalUsers.append(","); - finalUsers.append(u); - } - } - - urr.setUser(finalUsers.toString()); - fp = client.update( - "/authz/userRole/role", - getDF(UserRoleRequest.class), - urr); if (fp.get(AAFcli.timeout())) { - pw().println("Set the Role to Users [" + allUsers + "]"); + pw().print(verb); + pw().print(" User ["); + pw().print(urr.getUser()); + pw().print(participle); + pw().print(urr.getRole()); + pw().println(']'); } else { - error(fp); - } + switch(fp.code()) { + case 202: + pw().print("User Role "); + pw().print(action); + pw().println(" is Accepted, but requires Approvals before actualizing"); + break; + case 404: + if (option==3) { + pw().println("Failed with code 404: UserRole is not found, or you do not have permission to view"); + break; + } + default: + error(fp); + } + } } return fp==null?0:fp.code(); } @@ -152,18 +127,13 @@ public class User extends Cmd { @Override public void detailedHelp(int indent, StringBuilder sb) { - detailLine(sb,indent,"Add OR Delete a User to/from a Role OR"); - detailLine(sb,indent,"Set a User's Roles to the roles supplied"); + detailLine(sb,indent,"Add OR Delete a User to/from a Role OR extend Expiration"); detailLine(sb,indent+2,"role - Name of Role to create"); detailLine(sb,indent+2,"id(s) - ID or IDs to add to the Role"); sb.append('\n'); - detailLine(sb,indent+2,"Note: this is the same as \"user role add...\" except allows"); - detailLine(sb,indent+2,"assignment of role to multiple userss"); - detailLine(sb,indent+2,"WARNING: Users supplied with setTo will be the ONLY users attached to this role"); - detailLine(sb,indent+2,"If no users are supplied, the users attached to this role are reset."); api(sb,indent,HttpMethods.POST,"authz/userRole",UserRoleRequest.class,true); api(sb,indent,HttpMethods.DELETE,"authz/userRole/<user>/<role>",Void.class,false); - api(sb,indent,HttpMethods.PUT,"authz/userRole/<role>",UserRoleRequest.class,false); + api(sb,indent,HttpMethods.PUT,"authz/userRole/extend/<user>/<role>",Void.class,false); } } diff --git a/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/user/List.java b/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/user/List.java index 6733989e..6d993284 100644 --- a/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/user/List.java +++ b/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/user/List.java @@ -56,16 +56,26 @@ public class List extends BaseCmd<User> { } return u1.getId().compareTo(u2.getId()); }); - String format = reportColHead("%-40s %-10s %-30s\n","User","Type","Expires"); + String format = reportColHead("%-48s %-5s %-11s %-16s\n","User","Type","Expires","Tag"); String date = "XXXX-XX-XX"; for (aaf.v2_0.Users.User user : sorted) { if (!aafcli.isTest()) { date = Chrono.dateOnlyStamp(user.getExpires()); } + String tag=null; + if(user.getType()<200) { + tag = user.getTag(); + } else { + tag = "\n\tfingerprint: " + user.getTag(); + } + if(tag==null) { + tag=""; + } pw().format(format, count? (Integer.valueOf(++idx) + ") " + user.getId()): user.getId(), org.onap.aaf.auth.cmd.ns.List.getType(user), - date); + date, + tag); } pw().println(); } diff --git a/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/user/Role.java b/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/user/Role.java index 4bc99366..4787cabc 100644 --- a/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/user/Role.java +++ b/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/user/Role.java @@ -41,10 +41,10 @@ import aaf.v2_0.UserRoleRequest; * */ public class Role extends Cmd { - private static final String[] options = {"add", "del", "setTo","extend"}; + private static final String[] options = {"add", "del", "extend"}; public Role(User parent) { - super(parent, "role", new Param(optionsToString(options), true), new Param("user", true), new Param( - "role[,role]* (!REQ S)", false)); + super(parent, "role", new Param(optionsToString(options), true), new Param("user", true), + new Param("role[,role]*", false)); } @Override @@ -64,72 +64,57 @@ public class Role extends Cmd { Future<?> fp = null; - if (option != 2) { - if (args.length < 5) { - throw new CadiException(build(new StringBuilder("Too few args: "), null).toString()); + if (args.length < 5) { + throw new CadiException(build(new StringBuilder("Too few args: "), null).toString()); + } + String[] roles = args[idx++].split(","); + for (String role : roles) { + String verb = null,participle=null; + urr.setRole(role); + // You can request to be added or removed from role. + setQueryParamsOn(client); + switch(option) { + case 0: + fp = client.create("/authz/userRole", getDF(UserRoleRequest.class), urr); + verb = "Added"; + participle = "] to User [" ; + break; + case 1: + fp = client.delete("/authz/userRole/" + urr.getUser() + '/' + urr.getRole(), Void.class); + verb = "Removed"; + participle = "] from User [" ; + break; + case 2: + fp = client.update("/authz/userRole/extend/" + urr.getUser() + '/' + urr.getRole()); + verb = "Extended"; + participle = "] to User [" ; + break; + default: + throw new CadiException("Invalid action [" + key + ']'); } - String[] roles = args[idx++].split(","); - for (String role : roles) { - String verb = null,participle=null; - urr.setRole(role); - // You can request to be added or removed from role. - setQueryParamsOn(client); - switch(option) { - case 0: - fp = client.create("/authz/userRole", getDF(UserRoleRequest.class), urr); - verb = "Added"; - participle = "] to User [" ; - break; - case 1: - fp = client.delete("/authz/userRole/" + urr.getUser() + '/' + urr.getRole(), Void.class); - verb = "Removed"; - participle = "] from User [" ; - break; - case 3: - fp = client.update("/authz/userRole/extend/" + urr.getUser() + '/' + urr.getRole()); - verb = "Extended"; - participle = "] to User [" ; + if (fp.get(AAFcli.timeout())) { + pw().print(verb); + pw().print(" Role ["); + pw().print(urr.getRole()); + pw().print(participle); + pw().print(urr.getUser()); + pw().println(']'); + } else { + switch(fp.code()) { + case 202: + pw().print("UserRole "); + pw().print(option == 0 ? "Creation" : option==1?"Deletion":"Extension"); + pw().println(" Accepted, but requires Approvals before actualizing"); break; - default: - throw new CadiException("Invalid action [" + key + ']'); - } - if (fp.get(AAFcli.timeout())) { - pw().print(verb); - pw().print(" Role ["); - pw().print(urr.getRole()); - pw().print(participle); - pw().print(urr.getUser()); - pw().println(']'); - } else { - switch(fp.code()) { - case 202: - pw().print("UserRole "); - pw().print(option == 0 ? "Creation" : option==1?"Deletion":"Extension"); - pw().println(" Accepted, but requires Approvals before actualizing"); + case 404: + if (option==3) { + pw().println("Failed with code 404: UserRole is not found, or you do not have permission to view"); break; - case 404: - if (option==3) { - pw().println("Failed with code 404: UserRole is not found, or you do not have permission to view"); - break; - } - default: - error(fp); } + default: + error(fp); } } - } else { - // option 2 is setTo command (an update call) - String allRoles = ""; - if (idx < args.length) - allRoles = args[idx++]; - - urr.setRole(allRoles); - fp = client.update("/authz/userRole/user", getDF(UserRoleRequest.class), urr); - if (fp.get(AAFcli.timeout())) { - pw().println("Set User's Roles to [" + allRoles + "]"); - } else { - error(fp); - } } return fp == null ? 0 : fp.code(); } @@ -138,18 +123,14 @@ public class Role extends Cmd { @Override public void detailedHelp(int indent, StringBuilder sb) { - detailLine(sb, indent, "Add OR Delete a User to/from a Role OR"); - detailLine(sb, indent, "Set a User's Roles to the roles supplied"); + detailLine(sb, indent, "Add or Delete a User to/from a Role OR extend Expiration"); detailLine(sb, indent + 2, "user - ID of User"); detailLine(sb, indent + 2, "role(s) - Role or Roles to which to add the User"); sb.append('\n'); - detailLine(sb, indent + 2, "Note: this is the same as \"role user add...\" except allows"); - detailLine(sb, indent + 2, "assignment of user to multiple roles"); - detailLine(sb, indent + 2, "WARNING: Roles supplied with setTo will be the ONLY roles attached to this user"); - detailLine(sb, indent + 2, "If no roles are supplied, user's roles are reset."); api(sb, indent, HttpMethods.POST, "authz/userRole", UserRoleRequest.class, true); api(sb, indent, HttpMethods.DELETE, "authz/userRole/<user>/<role>", Void.class, false); - api(sb, indent, HttpMethods.PUT, "authz/userRole/<user>", UserRoleRequest.class, false); + api(sb,indent,HttpMethods.PUT,"authz/userRole/extend/<user>/<role>",Void.class,false); + } } diff --git a/auth/auth-cmd/src/test/java/org/onap/aaf/auth/cmd/test/perm/JU_Grant.java b/auth/auth-cmd/src/test/java/org/onap/aaf/auth/cmd/test/perm/JU_Grant.java index 8e252c9e..ebd5f5f9 100644 --- a/auth/auth-cmd/src/test/java/org/onap/aaf/auth/cmd/test/perm/JU_Grant.java +++ b/auth/auth-cmd/src/test/java/org/onap/aaf/auth/cmd/test/perm/JU_Grant.java @@ -92,36 +92,20 @@ public class JU_Grant { @Test public void testExecError() throws APIException, LocatorException, CadiException, URISyntaxException { - grant._exec(0, new String[] {"grant","ungrant","setTo","grant","ungrant","setTo"}); + grant._exec(0, new String[] {"grant","type","instance","action","role"}); } @Test public void testExecSuccess1() throws APIException, LocatorException, CadiException, URISyntaxException { when(futureMock.code()).thenReturn(202); - grant._exec(0, new String[] {"grant","ungrant","setTo","grant","ungrant","setTo"}); - grant._exec(1, new String[] {"grant","ungrant","setTo","grant","ungrant","setTo"}); + grant._exec(0, new String[] {"grant","type","instance","action","role"}); + } @Test public void testExecSuccess2() throws APIException, LocatorException, CadiException, URISyntaxException { when(futureMock.get(any(Integer.class))).thenReturn(true); - grant._exec(0, new String[] {"grant","ungrant","setTo","grant","ungrant","setTo"}); - } - - @Test - public void testExecSetToError() throws APIException, LocatorException, CadiException, URISyntaxException { - grant._exec(2, new String[] {"grant","ungrant","setTo","grant","ungrant","setTo"}); - } - - @Test - public void testExecSetToSuccess1() throws APIException, LocatorException, CadiException, URISyntaxException { - when(futureMock.get(any(Integer.class))).thenReturn(true); - grant._exec(2, new String[] {"grant","ungrant","setTo","grant","ungrant","setTo"}); - } - - @Test - public void testExecSetToSuccess2() throws APIException, LocatorException, CadiException, URISyntaxException { - grant._exec(2, new String[] {"grant","ungrant","setTo","grant","ungrant","setTo","another"}); + grant._exec(0, new String[] {"grant","type","instance","action","role"}); } @Test |