summaryrefslogtreecommitdiffstats
path: root/auth/auth-deforg
diff options
context:
space:
mode:
Diffstat (limited to 'auth/auth-deforg')
-rw-r--r--auth/auth-deforg/src/main/java/org/onap/aaf/org/DefaultOrg.java1158
-rw-r--r--auth/auth-deforg/src/main/java/org/onap/aaf/org/DefaultOrgIdentity.java268
-rw-r--r--auth/auth-deforg/src/main/java/org/onap/aaf/org/DefaultOrgWarnings.java68
-rw-r--r--auth/auth-deforg/src/main/java/org/onap/aaf/org/Identities.java170
-rw-r--r--auth/auth-deforg/src/test/java/org/onap/aaf/org/test/JU_DefaultOrg.java328
-rw-r--r--auth/auth-deforg/src/test/java/org/onap/aaf/org/test/JU_DefaultOrgIdentity.java146
-rw-r--r--auth/auth-deforg/src/test/java/org/onap/aaf/org/test/JU_DefaultOrgWarnings.java64
-rw-r--r--auth/auth-deforg/src/test/java/org/onap/aaf/org/test/JU_Identities.java110
-rw-r--r--auth/auth-deforg/src/test/java/org/onap/aaf/org/test/JU_Passwords.java112
9 files changed, 1212 insertions, 1212 deletions
diff --git a/auth/auth-deforg/src/main/java/org/onap/aaf/org/DefaultOrg.java b/auth/auth-deforg/src/main/java/org/onap/aaf/org/DefaultOrg.java
index 0bfe7e2d..d9336d4e 100644
--- a/auth/auth-deforg/src/main/java/org/onap/aaf/org/DefaultOrg.java
+++ b/auth/auth-deforg/src/main/java/org/onap/aaf/org/DefaultOrg.java
@@ -41,583 +41,583 @@ import org.onap.aaf.cadi.util.FQI;
import org.onap.aaf.misc.env.Env;
public class DefaultOrg implements Organization {
- private static final String AAF_DATA_DIR = "aaf_data_dir";
- private static final String PROPERTY_IS_REQUIRED = " property is Required";
- // Package on Purpose
- final String domain;
- final String atDomain;
- final String realm;
-
- private final String NAME,mailHost,mailFrom;
- private final Set<String> supportedRealms;
-
-
- public DefaultOrg(Env env, String realm) throws OrganizationException {
-
- this.realm = realm;
- supportedRealms=new HashSet<>();
- supportedRealms.add(realm);
- domain=FQI.reverseDomain(realm);
- atDomain = '@'+domain;
- String s;
- NAME=env.getProperty(realm + ".name","Default Organization");
- mailHost = env.getProperty(s=(realm + ".mailHost"), null);
- if(mailHost==null) {
- throw new OrganizationException(s + PROPERTY_IS_REQUIRED);
- }
- mailFrom = env.getProperty(s=(realm + ".mailFrom"), null);
- if(mailFrom==null) {
- throw new OrganizationException(s + PROPERTY_IS_REQUIRED);
- }
-
- // Note: This code is to avoid including javax.mail into ONAP, because there are security/licence
- // exceptions
- try {
- Class.forName("javax.mail.Session"); // ensure package is loaded
- @SuppressWarnings("unchecked")
- Class<Mailer> minst = (Class<Mailer>)Class.forName("org.onap.aaf.org.JavaxMailer");
- mailer = minst.newInstance();
- } catch (ClassNotFoundException | InstantiationException | IllegalAccessException e1) {
- env.warn().log("JavaxMailer not loaded. Mailing disabled");
- }
-
- System.getProperties().setProperty("mail.smtp.host",mailHost);
- System.getProperties().setProperty("mail.user", mailFrom);
-
- try {
- String defFile;
- String temp=env.getProperty(defFile = (getClass().getName()+".file"));
- File fIdentities=null;
- if(temp==null) {
- temp = env.getProperty(AAF_DATA_DIR);
- if(temp!=null) {
- env.warn().log(defFile, " is not defined. Using default: ",temp+"/identities.dat");
- File dir = new File(temp);
- fIdentities=new File(dir,"identities.dat");
-
- if(!fIdentities.exists()) {
- env.warn().log("No",fIdentities.getCanonicalPath(),"exists. Creating.");
- if(!dir.exists()) {
- dir.mkdirs();
- }
- fIdentities.createNewFile();
- }
- }
- } else {
- fIdentities = new File(temp);
- if(!fIdentities.exists()) {
- String dataDir = env.getProperty(AAF_DATA_DIR);
- if(dataDir!=null) {
- fIdentities = new File(dataDir,temp);
- }
- }
- }
-
- if(fIdentities!=null && fIdentities.exists()) {
- identities = new Identities(fIdentities);
- } else {
- if(fIdentities==null) {
- throw new OrganizationException("No Identities");
- } else {
- throw new OrganizationException(fIdentities.getCanonicalPath() + " does not exist.");
- }
- }
- } catch (IOException e) {
- throw new OrganizationException(e);
- }
- }
-
- // Implement your own Delegation System
- static final List<String> NULL_DELEGATES = new ArrayList<>();
-
- public Identities identities;
- private boolean dryRun;
- private Mailer mailer;
- public enum Types {Employee, Contractor, Application, NotActive};
- private final static Set<String> typeSet;
-
- static {
- typeSet = new HashSet<>();
- for(Types t : Types.values()) {
- typeSet.add(t.name());
- }
- }
-
- private static final EmailWarnings emailWarnings = new DefaultOrgWarnings();
-
- @Override
- public String getName() {
- return NAME;
- }
-
- @Override
- public String getRealm() {
- return realm;
- }
-
- @Override
- public String getDomain() {
- return domain;
- }
-
- @Override
- public DefaultOrgIdentity getIdentity(AuthzTrans trans, String id) throws OrganizationException {
- int at = id.indexOf('@');
- return new DefaultOrgIdentity(trans,at<0?id:id.substring(0, at),this);
- }
-
- // Note: Return a null if found; return a String Message explaining why not found.
- @Override
- public String isValidID(final AuthzTrans trans, final String id) {
- try {
- DefaultOrgIdentity u = getIdentity(trans,id);
- return (u==null||!u.isFound())?id + "is not an Identity in " + getName():null;
- } catch (OrganizationException e) {
- return getName() + " could not lookup " + id + ": " + e.getLocalizedMessage();
- }
- }
- // Possible ID Pattern
- // private static final Pattern ID_PATTERN=Pattern.compile("([\\w.-]+@[\\w.-]+).{4-13}");
- // Another one: ID_PATTERN = "(a-z[a-z0-9]{5-8}@.*).{4-13}";
-
- @Override
- public boolean isValidCred(final AuthzTrans trans, final String id) {
- // have domain?
- int at = id.indexOf('@');
- String sid;
- if(at > 0) {
- // Use this to prevent passwords to any but THIS domain.
-// if(!id.regionMatches(at+1, domain, 0, id.length()-at-1)) {
-// return false;
-// }
- sid = id.substring(0,at);
- } else {
- sid = id;
- }
- // We'll validate that it exists, rather than check patterns.
-
- return isValidID(trans, sid)==null;
- // Check Pattern (if checking existing is too long)
- // if(id.endsWith(SUFFIX) && ID_PATTERN.matcher(id).matches()) {
- // return true;
- // }
- // return false;
- }
-
- private static final String SPEC_CHARS = "!@#$%^*-+?/,:;.";
- private static final Pattern PASS_PATTERN=Pattern.compile("(((?=.*[a-z,A-Z])(((?=.*\\d))|(?=.*[" + SPEC_CHARS +"]))).{6,20})");
- /**
- * ( # Start of group
- * (?=.*[a-z,A-Z]) # must contain one character
- *
- * (?=.*\d) # must contain one digit from 0-9
- * OR
- * (?=.*[@#$%]) # must contain one special symbols in the list SPEC_CHARS
- *
- * . # match anything with previous condition checking
- * {6,20} # length at least 6 characters and maximum of 20
- * ) # End of group
- *
- * Another example, more stringent pattern
- private static final Pattern PASS_PATTERN=Pattern.compile("((?=.*\\d)(?=.*[a-z])(?=.*[A-Z])(?=.*[" + SPEC_CHARS +"]).{6,20})");
- * Attribution: from mkyong.com
- * ( # Start of group
- * (?=.*\d) # must contain one digit from 0-9
- * (?=.*[a-z]) # must contain one lowercase characters
- * (?=.*[A-Z]) # must contain one uppercase characters
- * (?=.*[@#$%]) # must contain one special symbols in the list SPEC_CHARS
- * . # match anything with previous condition checking
- * {6,20} # length at least 6 characters and maximum of 20
- * ) # End of group
- */
- @Override
- public String isValidPassword(final AuthzTrans trans, final String user, final String password, final String... prev) {
- for(String p : prev) {
- if(password.contains(p)) { // A more sophisticated algorithm might be better.
- return "Password too similar to previous passwords";
- }
- }
- // If you have an Organization user/Password scheme, replace the following
- if(PASS_PATTERN.matcher(password).matches()) {
- return "";
- }
- return "Password does not match " + NAME + " Password Standards";
- }
-
- private static final String[] rules = new String[] {
- "Passwords must contain letters",
- "Passwords must contain one of the following:",
- " Number",
- " One special symbols in the list \""+ SPEC_CHARS + '"',
- "Passwords must be between 6 and 20 chars in length",
- };
-
- @Override
- public String[] getPasswordRules() {
- return rules;
- }
-
- @Override
- public Set<String> getIdentityTypes() {
- return typeSet;
- }
-
- @Override
- public Response notify(AuthzTrans trans, Notify type, String url, String[] identities, String[] ccs, String summary, Boolean urgent) {
- String system = trans.getProperty("CASS_ENV", "");
-
- ArrayList<String> toList = new ArrayList<>();
- Identity identity;
- if (identities != null) {
- for (String user : identities) {
- try {
- identity = getIdentity(trans, user);
- if (identity == null) {
- trans.error().log(
- "Failure to obtain User " + user + " for "
- + getName());
- } else {
- toList.add(identity.email());
- }
- } catch (Exception e) {
- trans.error().log(
- e,
- "Failure to obtain User " + user + " for "
- + getName());
- }
- }
- }
-
- if (toList.isEmpty()) {
- trans.error().log("No Users listed to email");
- return Response.ERR_NotificationFailure;
- }
-
- ArrayList<String> ccList = new ArrayList<>();
-
- // If we're sending an urgent email, CC the user's supervisor
- //
- if (urgent) {
- trans.info().log("urgent msg for: " + identities[0]);
- try {
- List<Identity> supervisors = getApprovers(trans, identities[0]);
- for (Identity us : supervisors) {
- trans.info().log("supervisor: " + us.email());
- ccList.add(us.email());
- }
- } catch (Exception e) {
- trans.error().log(e,
- "Failed to find supervisor for " + identities[0]);
- }
- }
-
- if (ccs != null) {
- for (String user : ccs) {
- try {
- identity = getIdentity(trans, user);
- ccList.add(identity.email());
- } catch (Exception e) {
- trans.error().log(
- e,
- "Failure to obtain User " + user + " for "
- + getName());
- }
- }
- }
-
- if (summary == null) {
- summary = "";
- }
-
- switch (type) {
- case Approval:
- try {
- sendEmail(trans, toList, ccList,
- "AAF Approval Notification "
- + (system.length() == 0 ? "" : "(ENV: "
- + system + ")"),
- "AAF is the "
- + NAME
- + "System for Fine-Grained Authorizations. You are being asked to Approve"
- + (system.length() == 0 ? "" : " in the "
- + system + " environment")
- + " before AAF Actions can be taken.\n\n"
- + "Please follow this link: \n\n\t" + url
- + "\n\n" + summary, urgent);
- } catch (Exception e) {
-
- trans.error().log(e, "Failure to send Email");
- return Response.ERR_NotificationFailure;
- }
- break;
- case PasswordExpiration:
- try {
- sendEmail(trans,
- toList,
- ccList,
- "AAF Password Expiration Warning "
- + (system.length() == 0 ? "" : "(ENV: "
- + system + ")"),
- "AAF is the "
- + NAME
- + " System for Authorizations.\n\nOne or more passwords will expire soon or have expired"
- + (system.length() == 0 ? "" : " in the "
- + system + " environment")
- + ".\n\nPasswords expired for more than 30 days without action are subject to deletion.\n\n"
- + "Please follow each link to add a New Password with Expiration Date. Either are valid until expiration. "
- + "Use this time to change the passwords on your system. If issues, reply to this email.\n\n"
- + summary, urgent);
- } catch (Exception e) {
- trans.error().log(e, "Failure to send Email");
- return Response.ERR_NotificationFailure;
- }
- break;
-
- case RoleExpiration:
- try {
- sendEmail(
- trans,
- toList,
- ccList,
- "AAF Role Expiration Warning "
- + (system.length() == 0 ? "" : "(ENV: "
- + system + ")"),
- "AAF is the "
- + NAME
- + " System for Authorizations. One or more roles will expire soon"
- + (system.length() == 0 ? "" : " in the "
- + system + " environment")
- + ".\n\nRoles expired for more than 30 days are subject to deletion."
- + "Please follow this link the GUI Command line, and either 'extend' or 'del' the user in the role.\n"
- + "If issues, reply to this email.\n\n\t" + url
- + "\n\n" + summary, urgent);
- } catch (Exception e) {
- trans.error().log(e, "Failure to send Email");
- return Response.ERR_NotificationFailure;
- }
- break;
- default:
- return Response.ERR_NotImplemented;
- }
- return Response.OK;
- }
-
-
- /**
- * Default Policy is to set to 6 Months for Notification Types.
- * add others/change as required
- */
- @Override
- public Date whenToValidate(Notify type, Date lastValidated) {
- switch(type) {
- case Approval:
- case PasswordExpiration:
- return null;
- default:
- GregorianCalendar gc = new GregorianCalendar();
- gc.setTime(lastValidated);
- gc.add(GregorianCalendar.MONTH, 6); // 6 month policy
- return gc.getTime();
- }
- }
-
- @Override
- public GregorianCalendar expiration(GregorianCalendar gc, Expiration exp, String... extra) {
- GregorianCalendar now = new GregorianCalendar();
- GregorianCalendar rv = gc==null?now:(GregorianCalendar)gc.clone();
- switch (exp) {
- case ExtendPassword:
- // Extending Password give 5 extra days, max 8 days from now
- rv.add(GregorianCalendar.DATE, 5);
- now.add(GregorianCalendar.DATE, 8);
- if(rv.after(now)) {
- rv = now;
- }
- break;
- case Future:
- // Future requests last 15 days.
- now.add(GregorianCalendar.DATE, 15);
- rv = now;
- break;
- case Password:
- // Passwords expire in 90 days
- now.add(GregorianCalendar.DATE, 90);
- rv = now;
- break;
- case TempPassword:
- // Temporary Passwords last for 12 hours.
- now.add(GregorianCalendar.DATE, 90);
- rv = now;
- break;
- case UserDelegate:
- // Delegations expire max in 2 months, renewable to 3
- rv.add(GregorianCalendar.MONTH, 2);
- now.add(GregorianCalendar.MONTH, 3);
- if(rv.after(now)) {
- rv = now;
- }
- break;
- case UserInRole:
- // Roles expire in 6 months
- now.add(GregorianCalendar.MONTH, 6);
- rv = now;
- break;
- default:
- // Unless other wise set, 6 months is default
- now.add(GregorianCalendar.MONTH, 6);
- rv = now;
- break;
- }
- return rv;
- }
-
- @Override
- public EmailWarnings emailWarningPolicy() {
- return emailWarnings;
- }
-
- /**
- * Assume the Supervisor is the Approver.
- */
- @Override
- public List<Identity> getApprovers(AuthzTrans trans, String user) throws OrganizationException {
- Identity orgIdentity = getIdentity(trans, user);
- List<Identity> orgIdentitys = new ArrayList<>();
- if(orgIdentity!=null) {
- Identity supervisor = orgIdentity.responsibleTo();
- if(supervisor!=null) {
- orgIdentitys.add(supervisor);
- }
- }
- return orgIdentitys;
- }
-
- @Override
- public String getApproverType() {
- return "supervisor";
- }
-
- @Override
- public int startOfDay() {
- // TODO Auto-generated method stub
- return 0;
- }
-
- @Override
- public boolean canHaveMultipleCreds(String id) {
- // External entities are likely mono-password... if you change it, it is a global change.
- // This is great for people, but horrible for Applications.
- //
- // AAF's Password can have multiple Passwords, each with their own Expiration Date.
- // For Default Org, we'll assume true for all, but when you add your external
- // Identity stores, you need to return "false" if they cannot support multiple Passwords like AAF
- return true;
- }
-
- @Override
- public String validate(AuthzTrans trans, Policy policy, Executor executor, String... vars) throws OrganizationException {
- switch(policy) {
- case OWNS_MECHID:
- case CREATE_MECHID:
- if(vars.length>0) {
- DefaultOrgIdentity thisID = getIdentity(trans,vars[0]);
- if("a".equals(thisID.identity.status)) { // MechID
- DefaultOrgIdentity requestor = getIdentity(trans, trans.user());
- if(requestor!=null) {
- Identity mechid = getIdentity(trans, vars[0]);
- if(mechid!=null) {
- Identity sponsor = mechid.responsibleTo();
- if(sponsor!=null && requestor.fullID().equals(sponsor.fullID())) {
- return null;
- } else {
- return trans.user() + " is not the Sponsor of MechID " + vars[0];
- }
- }
- }
- }
- }
- return null;
-
- case CREATE_MECHID_BY_PERM_ONLY:
- return getName() + " only allows sponsors to create MechIDs";
-
- default:
- return policy.name() + " is unsupported at " + getName();
- }
- }
-
- @Override
- public boolean isTestEnv() {
- return false;
- }
-
- @Override
- public void setTestMode(boolean dryRun) {
- this.dryRun = dryRun;
- }
-
- private String extractRealm(final String r) {
- int at;
- if((at=r.indexOf('@'))>=0) {
- return FQI.reverseDomain(r.substring(at+1));
- }
- return r;
- }
- @Override
- public boolean supportsRealm(final String r) {
- if(r.endsWith(realm)) {
- return true;
- } else {
- String erealm = extractRealm(r);
- for(String sr : supportedRealms) {
- if(erealm.startsWith(sr)) {
- return true;
- }
- }
- }
- return false;
- }
-
- @Override
- public synchronized void addSupportedRealm(final String r) {
- supportedRealms.add(extractRealm(r));
- }
-
- @Override
- public int sendEmail(AuthzTrans trans, List<String> toList, List<String> ccList, String subject, String body,
- Boolean urgent) throws OrganizationException {
- if (mailer!=null) {
- List<String> to = new ArrayList<>();
- for(String em : toList) {
- if(em.indexOf('@')<0) {
- to.add(new DefaultOrgIdentity(trans, em, this).email());
- } else {
- to.add(em);
- }
- }
-
- List<String> cc = new ArrayList<>();
- if(ccList!=null) {
- if(!ccList.isEmpty()) {
-
- for(String em : ccList) {
- if(em.indexOf('@')<0) {
- cc.add(new DefaultOrgIdentity(trans, em, this).email());
- } else {
- cc.add(em);
- }
- }
- }
-
- // for now, I want all emails so we can see what goes out. Remove later
- if (!ccList.contains(mailFrom)) {
- ccList.add(mailFrom);
- }
- }
-
- return mailer.sendEmail(trans,dryRun,mailFrom,to,cc,subject,body,urgent);
- } else {
- return 0;
- }
- }
+ private static final String AAF_DATA_DIR = "aaf_data_dir";
+ private static final String PROPERTY_IS_REQUIRED = " property is Required";
+ // Package on Purpose
+ final String domain;
+ final String atDomain;
+ final String realm;
+
+ private final String NAME,mailHost,mailFrom;
+ private final Set<String> supportedRealms;
+
+
+ public DefaultOrg(Env env, String realm) throws OrganizationException {
+
+ this.realm = realm;
+ supportedRealms=new HashSet<>();
+ supportedRealms.add(realm);
+ domain=FQI.reverseDomain(realm);
+ atDomain = '@'+domain;
+ String s;
+ NAME=env.getProperty(realm + ".name","Default Organization");
+ mailHost = env.getProperty(s=(realm + ".mailHost"), null);
+ if(mailHost==null) {
+ throw new OrganizationException(s + PROPERTY_IS_REQUIRED);
+ }
+ mailFrom = env.getProperty(s=(realm + ".mailFrom"), null);
+ if(mailFrom==null) {
+ throw new OrganizationException(s + PROPERTY_IS_REQUIRED);
+ }
+
+ // Note: This code is to avoid including javax.mail into ONAP, because there are security/licence
+ // exceptions
+ try {
+ Class.forName("javax.mail.Session"); // ensure package is loaded
+ @SuppressWarnings("unchecked")
+ Class<Mailer> minst = (Class<Mailer>)Class.forName("org.onap.aaf.org.JavaxMailer");
+ mailer = minst.newInstance();
+ } catch (ClassNotFoundException | InstantiationException | IllegalAccessException e1) {
+ env.warn().log("JavaxMailer not loaded. Mailing disabled");
+ }
+
+ System.getProperties().setProperty("mail.smtp.host",mailHost);
+ System.getProperties().setProperty("mail.user", mailFrom);
+
+ try {
+ String defFile;
+ String temp=env.getProperty(defFile = (getClass().getName()+".file"));
+ File fIdentities=null;
+ if(temp==null) {
+ temp = env.getProperty(AAF_DATA_DIR);
+ if(temp!=null) {
+ env.warn().log(defFile, " is not defined. Using default: ",temp+"/identities.dat");
+ File dir = new File(temp);
+ fIdentities=new File(dir,"identities.dat");
+
+ if(!fIdentities.exists()) {
+ env.warn().log("No",fIdentities.getCanonicalPath(),"exists. Creating.");
+ if(!dir.exists()) {
+ dir.mkdirs();
+ }
+ fIdentities.createNewFile();
+ }
+ }
+ } else {
+ fIdentities = new File(temp);
+ if(!fIdentities.exists()) {
+ String dataDir = env.getProperty(AAF_DATA_DIR);
+ if(dataDir!=null) {
+ fIdentities = new File(dataDir,temp);
+ }
+ }
+ }
+
+ if(fIdentities!=null && fIdentities.exists()) {
+ identities = new Identities(fIdentities);
+ } else {
+ if(fIdentities==null) {
+ throw new OrganizationException("No Identities");
+ } else {
+ throw new OrganizationException(fIdentities.getCanonicalPath() + " does not exist.");
+ }
+ }
+ } catch (IOException e) {
+ throw new OrganizationException(e);
+ }
+ }
+
+ // Implement your own Delegation System
+ static final List<String> NULL_DELEGATES = new ArrayList<>();
+
+ public Identities identities;
+ private boolean dryRun;
+ private Mailer mailer;
+ public enum Types {Employee, Contractor, Application, NotActive};
+ private final static Set<String> typeSet;
+
+ static {
+ typeSet = new HashSet<>();
+ for(Types t : Types.values()) {
+ typeSet.add(t.name());
+ }
+ }
+
+ private static final EmailWarnings emailWarnings = new DefaultOrgWarnings();
+
+ @Override
+ public String getName() {
+ return NAME;
+ }
+
+ @Override
+ public String getRealm() {
+ return realm;
+ }
+
+ @Override
+ public String getDomain() {
+ return domain;
+ }
+
+ @Override
+ public DefaultOrgIdentity getIdentity(AuthzTrans trans, String id) throws OrganizationException {
+ int at = id.indexOf('@');
+ return new DefaultOrgIdentity(trans,at<0?id:id.substring(0, at),this);
+ }
+
+ // Note: Return a null if found; return a String Message explaining why not found.
+ @Override
+ public String isValidID(final AuthzTrans trans, final String id) {
+ try {
+ DefaultOrgIdentity u = getIdentity(trans,id);
+ return (u==null||!u.isFound())?id + "is not an Identity in " + getName():null;
+ } catch (OrganizationException e) {
+ return getName() + " could not lookup " + id + ": " + e.getLocalizedMessage();
+ }
+ }
+ // Possible ID Pattern
+ // private static final Pattern ID_PATTERN=Pattern.compile("([\\w.-]+@[\\w.-]+).{4-13}");
+ // Another one: ID_PATTERN = "(a-z[a-z0-9]{5-8}@.*).{4-13}";
+
+ @Override
+ public boolean isValidCred(final AuthzTrans trans, final String id) {
+ // have domain?
+ int at = id.indexOf('@');
+ String sid;
+ if(at > 0) {
+ // Use this to prevent passwords to any but THIS domain.
+// if(!id.regionMatches(at+1, domain, 0, id.length()-at-1)) {
+// return false;
+// }
+ sid = id.substring(0,at);
+ } else {
+ sid = id;
+ }
+ // We'll validate that it exists, rather than check patterns.
+
+ return isValidID(trans, sid)==null;
+ // Check Pattern (if checking existing is too long)
+ // if(id.endsWith(SUFFIX) && ID_PATTERN.matcher(id).matches()) {
+ // return true;
+ // }
+ // return false;
+ }
+
+ private static final String SPEC_CHARS = "!@#$%^*-+?/,:;.";
+ private static final Pattern PASS_PATTERN=Pattern.compile("(((?=.*[a-z,A-Z])(((?=.*\\d))|(?=.*[" + SPEC_CHARS +"]))).{6,20})");
+ /**
+ * ( # Start of group
+ * (?=.*[a-z,A-Z]) # must contain one character
+ *
+ * (?=.*\d) # must contain one digit from 0-9
+ * OR
+ * (?=.*[@#$%]) # must contain one special symbols in the list SPEC_CHARS
+ *
+ * . # match anything with previous condition checking
+ * {6,20} # length at least 6 characters and maximum of 20
+ * ) # End of group
+ *
+ * Another example, more stringent pattern
+ private static final Pattern PASS_PATTERN=Pattern.compile("((?=.*\\d)(?=.*[a-z])(?=.*[A-Z])(?=.*[" + SPEC_CHARS +"]).{6,20})");
+ * Attribution: from mkyong.com
+ * ( # Start of group
+ * (?=.*\d) # must contain one digit from 0-9
+ * (?=.*[a-z]) # must contain one lowercase characters
+ * (?=.*[A-Z]) # must contain one uppercase characters
+ * (?=.*[@#$%]) # must contain one special symbols in the list SPEC_CHARS
+ * . # match anything with previous condition checking
+ * {6,20} # length at least 6 characters and maximum of 20
+ * ) # End of group
+ */
+ @Override
+ public String isValidPassword(final AuthzTrans trans, final String user, final String password, final String... prev) {
+ for(String p : prev) {
+ if(password.contains(p)) { // A more sophisticated algorithm might be better.
+ return "Password too similar to previous passwords";
+ }
+ }
+ // If you have an Organization user/Password scheme, replace the following
+ if(PASS_PATTERN.matcher(password).matches()) {
+ return "";
+ }
+ return "Password does not match " + NAME + " Password Standards";
+ }
+
+ private static final String[] rules = new String[] {
+ "Passwords must contain letters",
+ "Passwords must contain one of the following:",
+ " Number",
+ " One special symbols in the list \""+ SPEC_CHARS + '"',
+ "Passwords must be between 6 and 20 chars in length",
+ };
+
+ @Override
+ public String[] getPasswordRules() {
+ return rules;
+ }
+
+ @Override
+ public Set<String> getIdentityTypes() {
+ return typeSet;
+ }
+
+ @Override
+ public Response notify(AuthzTrans trans, Notify type, String url, String[] identities, String[] ccs, String summary, Boolean urgent) {
+ String system = trans.getProperty("CASS_ENV", "");
+
+ ArrayList<String> toList = new ArrayList<>();
+ Identity identity;
+ if (identities != null) {
+ for (String user : identities) {
+ try {
+ identity = getIdentity(trans, user);
+ if (identity == null) {
+ trans.error().log(
+ "Failure to obtain User " + user + " for "
+ + getName());
+ } else {
+ toList.add(identity.email());
+ }
+ } catch (Exception e) {
+ trans.error().log(
+ e,
+ "Failure to obtain User " + user + " for "
+ + getName());
+ }
+ }
+ }
+
+ if (toList.isEmpty()) {
+ trans.error().log("No Users listed to email");
+ return Response.ERR_NotificationFailure;
+ }
+
+ ArrayList<String> ccList = new ArrayList<>();
+
+ // If we're sending an urgent email, CC the user's supervisor
+ //
+ if (urgent) {
+ trans.info().log("urgent msg for: " + identities[0]);
+ try {
+ List<Identity> supervisors = getApprovers(trans, identities[0]);
+ for (Identity us : supervisors) {
+ trans.info().log("supervisor: " + us.email());
+ ccList.add(us.email());
+ }
+ } catch (Exception e) {
+ trans.error().log(e,
+ "Failed to find supervisor for " + identities[0]);
+ }
+ }
+
+ if (ccs != null) {
+ for (String user : ccs) {
+ try {
+ identity = getIdentity(trans, user);
+ ccList.add(identity.email());
+ } catch (Exception e) {
+ trans.error().log(
+ e,
+ "Failure to obtain User " + user + " for "
+ + getName());
+ }
+ }
+ }
+
+ if (summary == null) {
+ summary = "";
+ }
+
+ switch (type) {
+ case Approval:
+ try {
+ sendEmail(trans, toList, ccList,
+ "AAF Approval Notification "
+ + (system.length() == 0 ? "" : "(ENV: "
+ + system + ")"),
+ "AAF is the "
+ + NAME
+ + "System for Fine-Grained Authorizations. You are being asked to Approve"
+ + (system.length() == 0 ? "" : " in the "
+ + system + " environment")
+ + " before AAF Actions can be taken.\n\n"
+ + "Please follow this link: \n\n\t" + url
+ + "\n\n" + summary, urgent);
+ } catch (Exception e) {
+
+ trans.error().log(e, "Failure to send Email");
+ return Response.ERR_NotificationFailure;
+ }
+ break;
+ case PasswordExpiration:
+ try {
+ sendEmail(trans,
+ toList,
+ ccList,
+ "AAF Password Expiration Warning "
+ + (system.length() == 0 ? "" : "(ENV: "
+ + system + ")"),
+ "AAF is the "
+ + NAME
+ + " System for Authorizations.\n\nOne or more passwords will expire soon or have expired"
+ + (system.length() == 0 ? "" : " in the "
+ + system + " environment")
+ + ".\n\nPasswords expired for more than 30 days without action are subject to deletion.\n\n"
+ + "Please follow each link to add a New Password with Expiration Date. Either are valid until expiration. "
+ + "Use this time to change the passwords on your system. If issues, reply to this email.\n\n"
+ + summary, urgent);
+ } catch (Exception e) {
+ trans.error().log(e, "Failure to send Email");
+ return Response.ERR_NotificationFailure;
+ }
+ break;
+
+ case RoleExpiration:
+ try {
+ sendEmail(
+ trans,
+ toList,
+ ccList,
+ "AAF Role Expiration Warning "
+ + (system.length() == 0 ? "" : "(ENV: "
+ + system + ")"),
+ "AAF is the "
+ + NAME
+ + " System for Authorizations. One or more roles will expire soon"
+ + (system.length() == 0 ? "" : " in the "
+ + system + " environment")
+ + ".\n\nRoles expired for more than 30 days are subject to deletion."
+ + "Please follow this link the GUI Command line, and either 'extend' or 'del' the user in the role.\n"
+ + "If issues, reply to this email.\n\n\t" + url
+ + "\n\n" + summary, urgent);
+ } catch (Exception e) {
+ trans.error().log(e, "Failure to send Email");
+ return Response.ERR_NotificationFailure;
+ }
+ break;
+ default:
+ return Response.ERR_NotImplemented;
+ }
+ return Response.OK;
+ }
+
+
+ /**
+ * Default Policy is to set to 6 Months for Notification Types.
+ * add others/change as required
+ */
+ @Override
+ public Date whenToValidate(Notify type, Date lastValidated) {
+ switch(type) {
+ case Approval:
+ case PasswordExpiration:
+ return null;
+ default:
+ GregorianCalendar gc = new GregorianCalendar();
+ gc.setTime(lastValidated);
+ gc.add(GregorianCalendar.MONTH, 6); // 6 month policy
+ return gc.getTime();
+ }
+ }
+
+ @Override
+ public GregorianCalendar expiration(GregorianCalendar gc, Expiration exp, String... extra) {
+ GregorianCalendar now = new GregorianCalendar();
+ GregorianCalendar rv = gc==null?now:(GregorianCalendar)gc.clone();
+ switch (exp) {
+ case ExtendPassword:
+ // Extending Password give 5 extra days, max 8 days from now
+ rv.add(GregorianCalendar.DATE, 5);
+ now.add(GregorianCalendar.DATE, 8);
+ if(rv.after(now)) {
+ rv = now;
+ }
+ break;
+ case Future:
+ // Future requests last 15 days.
+ now.add(GregorianCalendar.DATE, 15);
+ rv = now;
+ break;
+ case Password:
+ // Passwords expire in 90 days
+ now.add(GregorianCalendar.DATE, 90);
+ rv = now;
+ break;
+ case TempPassword:
+ // Temporary Passwords last for 12 hours.
+ now.add(GregorianCalendar.DATE, 90);
+ rv = now;
+ break;
+ case UserDelegate:
+ // Delegations expire max in 2 months, renewable to 3
+ rv.add(GregorianCalendar.MONTH, 2);
+ now.add(GregorianCalendar.MONTH, 3);
+ if(rv.after(now)) {
+ rv = now;
+ }
+ break;
+ case UserInRole:
+ // Roles expire in 6 months
+ now.add(GregorianCalendar.MONTH, 6);
+ rv = now;
+ break;
+ default:
+ // Unless other wise set, 6 months is default
+ now.add(GregorianCalendar.MONTH, 6);
+ rv = now;
+ break;
+ }
+ return rv;
+ }
+
+ @Override
+ public EmailWarnings emailWarningPolicy() {
+ return emailWarnings;
+ }
+
+ /**
+ * Assume the Supervisor is the Approver.
+ */
+ @Override
+ public List<Identity> getApprovers(AuthzTrans trans, String user) throws OrganizationException {
+ Identity orgIdentity = getIdentity(trans, user);
+ List<Identity> orgIdentitys = new ArrayList<>();
+ if(orgIdentity!=null) {
+ Identity supervisor = orgIdentity.responsibleTo();
+ if(supervisor!=null) {
+ orgIdentitys.add(supervisor);
+ }
+ }
+ return orgIdentitys;
+ }
+
+ @Override
+ public String getApproverType() {
+ return "supervisor";
+ }
+
+ @Override
+ public int startOfDay() {
+ // TODO Auto-generated method stub
+ return 0;
+ }
+
+ @Override
+ public boolean canHaveMultipleCreds(String id) {
+ // External entities are likely mono-password... if you change it, it is a global change.
+ // This is great for people, but horrible for Applications.
+ //
+ // AAF's Password can have multiple Passwords, each with their own Expiration Date.
+ // For Default Org, we'll assume true for all, but when you add your external
+ // Identity stores, you need to return "false" if they cannot support multiple Passwords like AAF
+ return true;
+ }
+
+ @Override
+ public String validate(AuthzTrans trans, Policy policy, Executor executor, String... vars) throws OrganizationException {
+ switch(policy) {
+ case OWNS_MECHID:
+ case CREATE_MECHID:
+ if(vars.length>0) {
+ DefaultOrgIdentity thisID = getIdentity(trans,vars[0]);
+ if("a".equals(thisID.identity.status)) { // MechID
+ DefaultOrgIdentity requestor = getIdentity(trans, trans.user());
+ if(requestor!=null) {
+ Identity mechid = getIdentity(trans, vars[0]);
+ if(mechid!=null) {
+ Identity sponsor = mechid.responsibleTo();
+ if(sponsor!=null && requestor.fullID().equals(sponsor.fullID())) {
+ return null;
+ } else {
+ return trans.user() + " is not the Sponsor of MechID " + vars[0];
+ }
+ }
+ }
+ }
+ }
+ return null;
+
+ case CREATE_MECHID_BY_PERM_ONLY:
+ return getName() + " only allows sponsors to create MechIDs";
+
+ default:
+ return policy.name() + " is unsupported at " + getName();
+ }
+ }
+
+ @Override
+ public boolean isTestEnv() {
+ return false;
+ }
+
+ @Override
+ public void setTestMode(boolean dryRun) {
+ this.dryRun = dryRun;
+ }
+
+ private String extractRealm(final String r) {
+ int at;
+ if((at=r.indexOf('@'))>=0) {
+ return FQI.reverseDomain(r.substring(at+1));
+ }
+ return r;
+ }
+ @Override
+ public boolean supportsRealm(final String r) {
+ if(r.endsWith(realm)) {
+ return true;
+ } else {
+ String erealm = extractRealm(r);
+ for(String sr : supportedRealms) {
+ if(erealm.startsWith(sr)) {
+ return true;
+ }
+ }
+ }
+ return false;
+ }
+
+ @Override
+ public synchronized void addSupportedRealm(final String r) {
+ supportedRealms.add(extractRealm(r));
+ }
+
+ @Override
+ public int sendEmail(AuthzTrans trans, List<String> toList, List<String> ccList, String subject, String body,
+ Boolean urgent) throws OrganizationException {
+ if (mailer!=null) {
+ List<String> to = new ArrayList<>();
+ for(String em : toList) {
+ if(em.indexOf('@')<0) {
+ to.add(new DefaultOrgIdentity(trans, em, this).email());
+ } else {
+ to.add(em);
+ }
+ }
+
+ List<String> cc = new ArrayList<>();
+ if(ccList!=null) {
+ if(!ccList.isEmpty()) {
+
+ for(String em : ccList) {
+ if(em.indexOf('@')<0) {
+ cc.add(new DefaultOrgIdentity(trans, em, this).email());
+ } else {
+ cc.add(em);
+ }
+ }
+ }
+
+ // for now, I want all emails so we can see what goes out. Remove later
+ if (!ccList.contains(mailFrom)) {
+ ccList.add(mailFrom);
+ }
+ }
+
+ return mailer.sendEmail(trans,dryRun,mailFrom,to,cc,subject,body,urgent);
+ } else {
+ return 0;
+ }
+ }
}
diff --git a/auth/auth-deforg/src/main/java/org/onap/aaf/org/DefaultOrgIdentity.java b/auth/auth-deforg/src/main/java/org/onap/aaf/org/DefaultOrgIdentity.java
index 7aa57fd7..25832620 100644
--- a/auth/auth-deforg/src/main/java/org/onap/aaf/org/DefaultOrgIdentity.java
+++ b/auth/auth-deforg/src/main/java/org/onap/aaf/org/DefaultOrgIdentity.java
@@ -40,140 +40,140 @@ import org.onap.aaf.org.Identities.Data;
*
*/
public class DefaultOrgIdentity implements Identity {
- private static final String CONTRACTOR = "c";
- private static final String EMPLOYEE = "e";
- private static final String APPLICATION = "a";
- private static final String NON_ACTIVE = "n";
-
- private final static int TIMEOUT = Integer.parseInt(Config.AAF_CONN_TIMEOUT_DEF);
-
- private DefaultOrg org;
- //package on purpose
- Data identity;
- private AuthzTrans trans;
-
- public DefaultOrgIdentity(AuthzTrans trans, String key, DefaultOrg dorg) throws OrganizationException {
- this.trans = trans;
- org = dorg;
- identity=null;
- try {
- org.identities.open(trans, TIMEOUT);
- try {
- Reuse r = org.identities.reuse();
- int at = key.indexOf(dorg.getDomain());
- String search;
- if(at>=0) {
- search = key.substring(0,at);
- } else {
- search = key;
- }
- identity = org.identities.find(search, r);
-
-
-
- if(identity==null) {
- identity = Identities.NO_DATA;
- }
- } finally {
- org.identities.close(trans);
- }
- } catch (IOException e) {
- throw new OrganizationException(e);
- }
- }
-
- @Override
- public boolean equals(Object b) {
- if(b instanceof DefaultOrgIdentity) {
- return identity.id.equals(((DefaultOrgIdentity)b).identity.id);
- }
- return false;
- }
-
-
- @Override
- public int hashCode() {
- return identity.hashCode();
- }
-
- @Override
- public String id() {
- return identity.id;
- }
-
- @Override
- public String fullID() {
- return identity.id+'@'+org.getDomain();
- }
-
- @Override
- public String type() {
- switch(identity.status) {
- case EMPLOYEE: return DefaultOrg.Types.Employee.name();
- case CONTRACTOR: return DefaultOrg.Types.Contractor.name();
- case APPLICATION: return DefaultOrg.Types.Application.name();
- case NON_ACTIVE: return DefaultOrg.Types.NotActive.name();
- default:
- return "Unknown";
- }
- }
-
- @Override
- public Identity responsibleTo() throws OrganizationException {
- if("".equals(identity.responsibleTo) && isFound()) { // cover the situation of Top Dog... reports to no-one.
- return this;
- } else {
- return org.getIdentity(trans, identity.responsibleTo);
- }
- }
-
- @Override
- public List<String> delegate() {
- //NOTE: implement Delegate system, if desired
- return DefaultOrg.NULL_DELEGATES;
- }
-
- @Override
- public String email() {
- return identity.email;
- }
-
- @Override
- public String fullName() {
- return identity.name;
- }
-
- @Override
- public String firstName() {
- return identity.fname;
- }
-
- @Override
- public String mayOwn() {
- // Assume only Employees are responsible for Resources.
- if(identity.status==null|| identity.status.length()==0) {
- return "Identity must have valid status";
- } else if(EMPLOYEE.equals(identity.status)) {
- return null; // This is "Yes, is Responsible"
- } else {
- return "Reponsible Party must be an Employee";
- }
- }
-
- @Override
- public boolean isFound() {
- return identity!=Identities.NO_DATA; // yes, object comparison intended
- }
-
- @Override
- public boolean isPerson() {
- return !identity.status.equals(APPLICATION);
- }
-
- @Override
- public Organization org() {
- return org;
- }
+ private static final String CONTRACTOR = "c";
+ private static final String EMPLOYEE = "e";
+ private static final String APPLICATION = "a";
+ private static final String NON_ACTIVE = "n";
+
+ private final static int TIMEOUT = Integer.parseInt(Config.AAF_CONN_TIMEOUT_DEF);
+
+ private DefaultOrg org;
+ //package on purpose
+ Data identity;
+ private AuthzTrans trans;
+
+ public DefaultOrgIdentity(AuthzTrans trans, String key, DefaultOrg dorg) throws OrganizationException {
+ this.trans = trans;
+ org = dorg;
+ identity=null;
+ try {
+ org.identities.open(trans, TIMEOUT);
+ try {
+ Reuse r = org.identities.reuse();
+ int at = key.indexOf(dorg.getDomain());
+ String search;
+ if(at>=0) {
+ search = key.substring(0,at);
+ } else {
+ search = key;
+ }
+ identity = org.identities.find(search, r);
+
+
+
+ if(identity==null) {
+ identity = Identities.NO_DATA;
+ }
+ } finally {
+ org.identities.close(trans);
+ }
+ } catch (IOException e) {
+ throw new OrganizationException(e);
+ }
+ }
+
+ @Override
+ public boolean equals(Object b) {
+ if(b instanceof DefaultOrgIdentity) {
+ return identity.id.equals(((DefaultOrgIdentity)b).identity.id);
+ }
+ return false;
+ }
+
+
+ @Override
+ public int hashCode() {
+ return identity.hashCode();
+ }
+
+ @Override
+ public String id() {
+ return identity.id;
+ }
+
+ @Override
+ public String fullID() {
+ return identity.id+'@'+org.getDomain();
+ }
+
+ @Override
+ public String type() {
+ switch(identity.status) {
+ case EMPLOYEE: return DefaultOrg.Types.Employee.name();
+ case CONTRACTOR: return DefaultOrg.Types.Contractor.name();
+ case APPLICATION: return DefaultOrg.Types.Application.name();
+ case NON_ACTIVE: return DefaultOrg.Types.NotActive.name();
+ default:
+ return "Unknown";
+ }
+ }
+
+ @Override
+ public Identity responsibleTo() throws OrganizationException {
+ if("".equals(identity.responsibleTo) && isFound()) { // cover the situation of Top Dog... reports to no-one.
+ return this;
+ } else {
+ return org.getIdentity(trans, identity.responsibleTo);
+ }
+ }
+
+ @Override
+ public List<String> delegate() {
+ //NOTE: implement Delegate system, if desired
+ return DefaultOrg.NULL_DELEGATES;
+ }
+
+ @Override
+ public String email() {
+ return identity.email;
+ }
+
+ @Override
+ public String fullName() {
+ return identity.name;
+ }
+
+ @Override
+ public String firstName() {
+ return identity.fname;
+ }
+
+ @Override
+ public String mayOwn() {
+ // Assume only Employees are responsible for Resources.
+ if(identity.status==null|| identity.status.length()==0) {
+ return "Identity must have valid status";
+ } else if(EMPLOYEE.equals(identity.status)) {
+ return null; // This is "Yes, is Responsible"
+ } else {
+ return "Reponsible Party must be an Employee";
+ }
+ }
+
+ @Override
+ public boolean isFound() {
+ return identity!=Identities.NO_DATA; // yes, object comparison intended
+ }
+
+ @Override
+ public boolean isPerson() {
+ return !identity.status.equals(APPLICATION);
+ }
+
+ @Override
+ public Organization org() {
+ return org;
+ }
}
diff --git a/auth/auth-deforg/src/main/java/org/onap/aaf/org/DefaultOrgWarnings.java b/auth/auth-deforg/src/main/java/org/onap/aaf/org/DefaultOrgWarnings.java
index 97d0cef2..d544b709 100644
--- a/auth/auth-deforg/src/main/java/org/onap/aaf/org/DefaultOrgWarnings.java
+++ b/auth/auth-deforg/src/main/java/org/onap/aaf/org/DefaultOrgWarnings.java
@@ -25,39 +25,39 @@ import org.onap.aaf.auth.org.EmailWarnings;
public class DefaultOrgWarnings implements EmailWarnings {
- @Override
- public long credEmailInterval()
- {
- return 604800000L; // 7 days in millis 1000 * 86400 * 7
- }
-
- @Override
- public long roleEmailInterval()
- {
- return 604800000L; // 7 days in millis 1000 * 86400 * 7
- }
-
- @Override
- public long apprEmailInterval() {
- return 259200000L; // 3 days in millis 1000 * 86400 * 3
- }
-
- @Override
- public long credExpirationWarning()
- {
- return( 2592000000L ); // One month, in milliseconds 1000 * 86400 * 30 in milliseconds
- }
-
- @Override
- public long roleExpirationWarning()
- {
- return( 2592000000L ); // One month, in milliseconds 1000 * 86400 * 30 in milliseconds
- }
-
- @Override
- public long emailUrgentWarning()
- {
- return( 1209600000L ); // Two weeks, in milliseconds 1000 * 86400 * 14 in milliseconds
- }
+ @Override
+ public long credEmailInterval()
+ {
+ return 604800000L; // 7 days in millis 1000 * 86400 * 7
+ }
+
+ @Override
+ public long roleEmailInterval()
+ {
+ return 604800000L; // 7 days in millis 1000 * 86400 * 7
+ }
+
+ @Override
+ public long apprEmailInterval() {
+ return 259200000L; // 3 days in millis 1000 * 86400 * 3
+ }
+
+ @Override
+ public long credExpirationWarning()
+ {
+ return( 2592000000L ); // One month, in milliseconds 1000 * 86400 * 30 in milliseconds
+ }
+
+ @Override
+ public long roleExpirationWarning()
+ {
+ return( 2592000000L ); // One month, in milliseconds 1000 * 86400 * 30 in milliseconds
+ }
+
+ @Override
+ public long emailUrgentWarning()
+ {
+ return( 1209600000L ); // Two weeks, in milliseconds 1000 * 86400 * 14 in milliseconds
+ }
}
diff --git a/auth/auth-deforg/src/main/java/org/onap/aaf/org/Identities.java b/auth/auth-deforg/src/main/java/org/onap/aaf/org/Identities.java
index 344d0552..345e6e82 100644
--- a/auth/auth-deforg/src/main/java/org/onap/aaf/org/Identities.java
+++ b/auth/auth-deforg/src/main/java/org/onap/aaf/org/Identities.java
@@ -31,113 +31,113 @@ import org.onap.aaf.auth.local.DataFile.Token.Field;
* Example User Data file, which can be modified for many different kinds of Data Feeds.
*
* Note: This has shown to be extremely effective in AT&T, an acknowledged very large organizations,
- * because there is no need to synchronize records. AAF simply receives a Data Feed in Organization
- * defined intervals. (You might want to check for validity, such as size, etc), then is copied into
- * Data Directory. You will want to do so first creating a "lock" file. Assuming the File name is "users.dat",
- * the Lock File is "users.lock".
+ * because there is no need to synchronize records. AAF simply receives a Data Feed in Organization
+ * defined intervals. (You might want to check for validity, such as size, etc), then is copied into
+ * Data Directory. You will want to do so first creating a "lock" file. Assuming the File name is "users.dat",
+ * the Lock File is "users.lock".
*
- * After the movement of the Datafile into place, it is best to remove the Index File, then remove the lock file.
+ * After the movement of the Datafile into place, it is best to remove the Index File, then remove the lock file.
*
- * Note, Any AAF Programs needing this data WILL wait on the Lock file, so you should get fresh Data files
+ * Note, Any AAF Programs needing this data WILL wait on the Lock file, so you should get fresh Data files
* in a "stage" directory, from WEB, or wherever, and then, after it is correct, do the following as fast as feasible.
*
- * a) lock
+ * a) lock
* b) copy from stage
* c) remove idx
* d) unlock
*
- * If the Index File is either non-existent or out of date from the Data File, it will be reindexed, which
- * has proven to be a very quick function, even with large numbers of entries.
+ * If the Index File is either non-existent or out of date from the Data File, it will be reindexed, which
+ * has proven to be a very quick function, even with large numbers of entries.
*
* This Sample Feed is set for a file with delimiter of "|". 512 is maximum expected line length. The "0" is the
* field offset for the "key" to the record, which, for user, should be the unique Organization Identity.
*
*/
public class Identities extends AbsData {
- public final static Data NO_DATA = new Data();
+ public final static Data NO_DATA = new Data();
- public Identities(File users) throws IOException {
- super(users,'|',512,0);
- }
+ public Identities(File users) throws IOException {
+ super(users,'|',512,0);
+ }
- /*
- * Example Field Layout. note, in this example, Application IDs and People IDs are mixed. You may want to split
- * out AppIDs, choose your own status indicators, or whatever you use.
- * 0 - unique ID
- * 1 - full name
- * 2 - first name
- * 3 - last name
- * 4 - phone
- * 5 - official email
- * 6 - employment status e=employee, c=contractor, a=application, n=no longer with company
- * 7 - responsible to (i.e Supervisor for People, or AppOwner, if it's an App ID)
- */
- public static class Data {
- public final String id;
- public final String name;
- public final String fname;
- public final String lname;
- public final String phone;
- public final String email;
- public final String status;
- public final String responsibleTo;
+ /*
+ * Example Field Layout. note, in this example, Application IDs and People IDs are mixed. You may want to split
+ * out AppIDs, choose your own status indicators, or whatever you use.
+ * 0 - unique ID
+ * 1 - full name
+ * 2 - first name
+ * 3 - last name
+ * 4 - phone
+ * 5 - official email
+ * 6 - employment status e=employee, c=contractor, a=application, n=no longer with company
+ * 7 - responsible to (i.e Supervisor for People, or AppOwner, if it's an App ID)
+ */
+ public static class Data {
+ public final String id;
+ public final String name;
+ public final String fname;
+ public final String lname;
+ public final String phone;
+ public final String email;
+ public final String status;
+ public final String responsibleTo;
- private Data(Field f) {
- f.reset();
- id=f.next();
- name=f.next();
- fname=f.next();
- lname=f.next();
- phone=f.next();
- email=f.next();
- status=f.next();
- responsibleTo =f.next();
- }
+ private Data(Field f) {
+ f.reset();
+ id=f.next();
+ name=f.next();
+ fname=f.next();
+ lname=f.next();
+ phone=f.next();
+ email=f.next();
+ status=f.next();
+ responsibleTo =f.next();
+ }
- private Data() {
- id = name = fname = lname =
- phone = email = status = responsibleTo
- = "";
- }
+ private Data() {
+ id = name = fname = lname =
+ phone = email = status = responsibleTo
+ = "";
+ }
- public String toString() {
- return id + '|' +
- name + '|' +
- lname + '|' +
- fname + '|' +
- phone + '|' +
- email + '|' +
- status + '|' +
- responsibleTo;
- }
+ public String toString() {
+ return id + '|' +
+ name + '|' +
+ lname + '|' +
+ fname + '|' +
+ phone + '|' +
+ email + '|' +
+ status + '|' +
+ responsibleTo;
+ }
- // Here, make up your own Methods which help you easily determine your Organization's structure
- // in your Organization Object
- public boolean hasStatus(String possible) {
- return possible.contains(status);
- }
+ // Here, make up your own Methods which help you easily determine your Organization's structure
+ // in your Organization Object
+ public boolean hasStatus(String possible) {
+ return possible.contains(status);
+ }
- public boolean isEmployee() {
- return "e".equals(status);
- }
+ public boolean isEmployee() {
+ return "e".equals(status);
+ }
- public boolean isContractor() {
- return "c".equals(status);
- }
+ public boolean isContractor() {
+ return "c".equals(status);
+ }
- public boolean isApplication() {
- return "a".equals(status);
- }
- }
+ public boolean isApplication() {
+ return "a".equals(status);
+ }
+ }
- public Data find(Object key,Reuse r) throws IOException {
- r.reset();
- // These are new, to allow for Thread Safety
- int rec = ti.find(key,r,0);
- if(rec<0) {
- return null;
- }
- r.pos(rec);
- return new Data(r.getFieldData());
- }
+ public Data find(Object key,Reuse r) throws IOException {
+ r.reset();
+ // These are new, to allow for Thread Safety
+ int rec = ti.find(key,r,0);
+ if(rec<0) {
+ return null;
+ }
+ r.pos(rec);
+ return new Data(r.getFieldData());
+ }
}
diff --git a/auth/auth-deforg/src/test/java/org/onap/aaf/org/test/JU_DefaultOrg.java b/auth/auth-deforg/src/test/java/org/onap/aaf/org/test/JU_DefaultOrg.java
index b0ade8c0..e52f3cca 100644
--- a/auth/auth-deforg/src/test/java/org/onap/aaf/org/test/JU_DefaultOrg.java
+++ b/auth/auth-deforg/src/test/java/org/onap/aaf/org/test/JU_DefaultOrg.java
@@ -53,219 +53,219 @@ import org.powermock.modules.junit4.PowerMockRunner;
public class JU_DefaultOrg {
- private DefaultOrg defaultOrg;
+ private DefaultOrg defaultOrg;
- Identities.Data data;
+ Identities.Data data;
- @Mock
- Env envMock;
+ @Mock
+ Env envMock;
- @Mock
- AuthzTrans authzTransMock;
+ @Mock
+ AuthzTrans authzTransMock;
- @Mock
- TimeTaken ttMock;
+ @Mock
+ TimeTaken ttMock;
- @Mock
- LogTarget logTargetMock;
+ @Mock
+ LogTarget logTargetMock;
- private static final String PROPERTY_IS_REQUIRED = " property is Required";
- private static final String DOMAIN = "osaaf.com";
- private static final String REALM = "com.osaaf";
- private static final String NAME = "Default Organization";
- private static final String NO_PASS = NAME + " does not support Passwords. Use AAF";
+ private static final String PROPERTY_IS_REQUIRED = " property is Required";
+ private static final String DOMAIN = "osaaf.com";
+ private static final String REALM = "com.osaaf";
+ private static final String NAME = "Default Organization";
+ private static final String NO_PASS = NAME + " does not support Passwords. Use AAF";
- private static final String URL = "www.deforg.com";
- private static final String IDENT = "ccontra|iowna";
- private static final String CCS = "mmanager|bdevl";
- String mailHost,mailFromUserId,summary,supportAddress;
+ private static final String URL = "www.deforg.com";
+ private static final String IDENT = "ccontra|iowna";
+ private static final String CCS = "mmanager|bdevl";
+ String mailHost,mailFromUserId,summary,supportAddress;
- private final static int TIMEOUT = Integer.parseInt(Config.AAF_CONN_TIMEOUT_DEF);
+ private final static int TIMEOUT = Integer.parseInt(Config.AAF_CONN_TIMEOUT_DEF);
- @Before
- public void setUp() throws OrganizationException{
+ @Before
+ public void setUp() throws OrganizationException{
- mailFromUserId = "frommail";
- mailHost = "hostmail";
- File file = new File("src/test/resources/");
- when(envMock.getProperty(REALM + ".name","Default Organization")).thenReturn(NAME);
- when(envMock.getProperty(REALM + ".mailHost",null)).thenReturn(mailHost);
- when(envMock.getProperty(REALM + ".mailFrom",null)).thenReturn(mailFromUserId);
- when(envMock.getProperty("aaf_data_dir")).thenReturn(file.getAbsolutePath());
- when(envMock.warn()).thenReturn(logTargetMock);
- when(authzTransMock.warn()).thenReturn(logTargetMock);
- when(authzTransMock.start(any(String.class),any(Integer.class))).thenReturn(ttMock);
- when(authzTransMock.error()).thenReturn(logTargetMock);
- when(authzTransMock.getProperty("CASS_ENV", "")).thenReturn("Cassandra env");
+ mailFromUserId = "frommail";
+ mailHost = "hostmail";
+ File file = new File("src/test/resources/");
+ when(envMock.getProperty(REALM + ".name","Default Organization")).thenReturn(NAME);
+ when(envMock.getProperty(REALM + ".mailHost",null)).thenReturn(mailHost);
+ when(envMock.getProperty(REALM + ".mailFrom",null)).thenReturn(mailFromUserId);
+ when(envMock.getProperty("aaf_data_dir")).thenReturn(file.getAbsolutePath());
+ when(envMock.warn()).thenReturn(logTargetMock);
+ when(authzTransMock.warn()).thenReturn(logTargetMock);
+ when(authzTransMock.start(any(String.class),any(Integer.class))).thenReturn(ttMock);
+ when(authzTransMock.error()).thenReturn(logTargetMock);
+ when(authzTransMock.getProperty("CASS_ENV", "")).thenReturn("Cassandra env");
- defaultOrg = new DefaultOrg(envMock, REALM);
+ defaultOrg = new DefaultOrg(envMock, REALM);
- }
+ }
- @Test
- public void testDefOrg_returnDataIdentityNotNull() throws OrganizationException {
+ @Test
+ public void testDefOrg_returnDataIdentityNotNull() throws OrganizationException {
- try {
- defaultOrg.identities.open(authzTransMock, TIMEOUT);
- try {
- Reuse r = defaultOrg.identities.reuse();
- data = defaultOrg.identities.find("iowna", defaultOrg.identities.reuse());
- System.out.println("here is identities data: "+ data.toString());
+ try {
+ defaultOrg.identities.open(authzTransMock, TIMEOUT);
+ try {
+ Reuse r = defaultOrg.identities.reuse();
+ data = defaultOrg.identities.find("iowna", defaultOrg.identities.reuse());
+ System.out.println("here is identities data: "+ data.toString());
- } finally {
- defaultOrg.identities.close(authzTransMock);
- }
- } catch (IOException e) {
- throw new OrganizationException(e);
- }
+ } finally {
+ defaultOrg.identities.close(authzTransMock);
+ }
+ } catch (IOException e) {
+ throw new OrganizationException(e);
+ }
- assertTrue(data.toString() != null);
+ assertTrue(data.toString() != null);
- }
+ }
- @Test
- public void testDefOrg_returnDefOrgEntity() {
+ @Test
+ public void testDefOrg_returnDefOrgEntity() {
- assertTrue(defaultOrg != null);
+ assertTrue(defaultOrg != null);
- }
+ }
- @Test
- public void testDefOrgNotifyApproval_returnResponseOK() {
+ @Test
+ public void testDefOrgNotifyApproval_returnResponseOK() {
- summary = "Approval";
- Boolean urgent = false;
- DefaultOrg.Response response = defaultOrg.notify(authzTransMock, DefaultOrg.Notify.Approval, URL, IDENT.split("\\|"), CCS.split("\\|"), summary, urgent);
- assertEquals(response.name(), "OK");
+ summary = "Approval";
+ Boolean urgent = false;
+ DefaultOrg.Response response = defaultOrg.notify(authzTransMock, DefaultOrg.Notify.Approval, URL, IDENT.split("\\|"), CCS.split("\\|"), summary, urgent);
+ assertEquals(response.name(), "OK");
- }
-
- @Test
- public void testDefOrgPasswords() {
- assertEquals(defaultOrg.isValidPassword(authzTransMock, null, "new2You!", "Pilgrim"),"");
- assertEquals(defaultOrg.isValidPassword(authzTransMock, null, "new2you!", "Pilgrim"),"");
- assertNotSame(defaultOrg.isValidPassword(authzTransMock, null, "newtoyou", "Pilgrim"),"");
- }
+ }
+
+ @Test
+ public void testDefOrgPasswords() {
+ assertEquals(defaultOrg.isValidPassword(authzTransMock, null, "new2You!", "Pilgrim"),"");
+ assertEquals(defaultOrg.isValidPassword(authzTransMock, null, "new2you!", "Pilgrim"),"");
+ assertNotSame(defaultOrg.isValidPassword(authzTransMock, null, "newtoyou", "Pilgrim"),"");
+ }
- @Test
- public void testDefOrgNotifyPasswordExpiration_returnResponseOK() {
+ @Test
+ public void testDefOrgNotifyPasswordExpiration_returnResponseOK() {
- summary = "PasswordExpiration";
- Boolean urgent = false;
- DefaultOrg.Response response = defaultOrg.notify(authzTransMock, DefaultOrg.Notify.PasswordExpiration, URL, IDENT.split("\\|"), CCS.split("\\|"), summary, urgent);
- assertEquals(response.name(), "OK");
+ summary = "PasswordExpiration";
+ Boolean urgent = false;
+ DefaultOrg.Response response = defaultOrg.notify(authzTransMock, DefaultOrg.Notify.PasswordExpiration, URL, IDENT.split("\\|"), CCS.split("\\|"), summary, urgent);
+ assertEquals(response.name(), "OK");
- }
+ }
- @Test
- public void testDefOrgNotifyRoleExpiration_returnResponseOK() {
+ @Test
+ public void testDefOrgNotifyRoleExpiration_returnResponseOK() {
- summary = "RoleExpiration";
- Boolean urgent = false;
- DefaultOrg.Response response = defaultOrg.notify(authzTransMock, DefaultOrg.Notify.RoleExpiration, URL, IDENT.split("\\|"), CCS.split("\\|"), summary, urgent);
- assertEquals(response.name(), "OK");
- }
+ summary = "RoleExpiration";
+ Boolean urgent = false;
+ DefaultOrg.Response response = defaultOrg.notify(authzTransMock, DefaultOrg.Notify.RoleExpiration, URL, IDENT.split("\\|"), CCS.split("\\|"), summary, urgent);
+ assertEquals(response.name(), "OK");
+ }
- @Test
- public void testDefOrgNotifyRoleExpirationUrgent_returnResponseOK() {
+ @Test
+ public void testDefOrgNotifyRoleExpirationUrgent_returnResponseOK() {
- summary = "RoleExpirationUrgent";
- Boolean urgent = true;
- when(authzTransMock.info()).thenReturn(logTargetMock);
- DefaultOrg.Response response = defaultOrg.notify(authzTransMock, DefaultOrg.Notify.RoleExpiration, URL, IDENT.split("\\|"), CCS.split("\\|"), summary, urgent);
- assertEquals(response.name(), "OK");
+ summary = "RoleExpirationUrgent";
+ Boolean urgent = true;
+ when(authzTransMock.info()).thenReturn(logTargetMock);
+ DefaultOrg.Response response = defaultOrg.notify(authzTransMock, DefaultOrg.Notify.RoleExpiration, URL, IDENT.split("\\|"), CCS.split("\\|"), summary, urgent);
+ assertEquals(response.name(), "OK");
- }
-
- @Test
- public void testDefOrgNotifyModeTest_returnResponseOK() {
-
- summary = "ModeTest";
- Boolean urgent = false;
- when(authzTransMock.info()).thenReturn(logTargetMock);
- defaultOrg.setTestMode(true);
- DefaultOrg.Response response = defaultOrg.notify(authzTransMock, DefaultOrg.Notify.RoleExpiration, URL, IDENT.split("\\|"), CCS.split("\\|"), summary, urgent);
- assertEquals(response.name(), "OK");
+ }
+
+ @Test
+ public void testDefOrgNotifyModeTest_returnResponseOK() {
+
+ summary = "ModeTest";
+ Boolean urgent = false;
+ when(authzTransMock.info()).thenReturn(logTargetMock);
+ defaultOrg.setTestMode(true);
+ DefaultOrg.Response response = defaultOrg.notify(authzTransMock, DefaultOrg.Notify.RoleExpiration, URL, IDENT.split("\\|"), CCS.split("\\|"), summary, urgent);
+ assertEquals(response.name(), "OK");
- }
+ }
- //@Test //(expected=OrganizationException.class)
- public void testMultipleCreds() throws OrganizationException{
- String id = "test";
- boolean canHaveMultipleCreds;
- canHaveMultipleCreds = defaultOrg.canHaveMultipleCreds(id );
- System.out.println("value of canHaveMultipleCreds: " + canHaveMultipleCreds);
- assertTrue(canHaveMultipleCreds);
- }
-
+ //@Test //(expected=OrganizationException.class)
+ public void testMultipleCreds() throws OrganizationException{
+ String id = "test";
+ boolean canHaveMultipleCreds;
+ canHaveMultipleCreds = defaultOrg.canHaveMultipleCreds(id );
+ System.out.println("value of canHaveMultipleCreds: " + canHaveMultipleCreds);
+ assertTrue(canHaveMultipleCreds);
+ }
+
- //@Test
- public void testGetIdentityTypes() throws OrganizationException{
- Set<String> identityTypes = defaultOrg.getIdentityTypes();
- System.out.println("value of IdentityTypes: " + identityTypes);
- assertTrue(identityTypes.size() == 4);
- }
+ //@Test
+ public void testGetIdentityTypes() throws OrganizationException{
+ Set<String> identityTypes = defaultOrg.getIdentityTypes();
+ System.out.println("value of IdentityTypes: " + identityTypes);
+ assertTrue(identityTypes.size() == 4);
+ }
- //@Test
- public void testGetRealm() throws OrganizationException{
- String realmTest = defaultOrg.getRealm();
- System.out.println("value of realm: " + realmTest);
- assertTrue(realmTest == REALM);
- }
-
- public void supportsRealm() {
- String otherRealm = "org.ossaf.something";
- defaultOrg.addSupportedRealm(otherRealm);
- assertTrue(defaultOrg.supportsRealm(otherRealm));
- }
- //@Test
- public void testGetName() throws OrganizationException{
- String testName = defaultOrg.getName();
- System.out.println("value of name: " + testName);
- assertTrue(testName == NAME);
- }
-
-
- //@Test
- public void testGetDomain() throws OrganizationException{
- String testDomain = defaultOrg.getDomain();
- System.out.println("value of domain: " + testDomain);
- assertTrue(testDomain == DOMAIN);
- }
-
- // @Test
- // public void testIsValidID(){
- // String Result = defaultOrg.isValidID(Matchers.anyString());
- // System.out.println("value of res " +Result);
- // assertNotNull(Result);
- // }
-
- @Test
- public void testResponsible() throws OrganizationException {
- Identity id = defaultOrg.getIdentity(authzTransMock, "osaaf");
- Identity rt = id.responsibleTo();
- assertTrue(rt.id().equals("bdevl"));
-
- }
-
- //@Test
- public void notYetImplemented() {
- fail("Tests in this file should not be trusted");
- }
+ //@Test
+ public void testGetRealm() throws OrganizationException{
+ String realmTest = defaultOrg.getRealm();
+ System.out.println("value of realm: " + realmTest);
+ assertTrue(realmTest == REALM);
+ }
+
+ public void supportsRealm() {
+ String otherRealm = "org.ossaf.something";
+ defaultOrg.addSupportedRealm(otherRealm);
+ assertTrue(defaultOrg.supportsRealm(otherRealm));
+ }
+ //@Test
+ public void testGetName() throws OrganizationException{
+ String testName = defaultOrg.getName();
+ System.out.println("value of name: " + testName);
+ assertTrue(testName == NAME);
+ }
+
+
+ //@Test
+ public void testGetDomain() throws OrganizationException{
+ String testDomain = defaultOrg.getDomain();
+ System.out.println("value of domain: " + testDomain);
+ assertTrue(testDomain == DOMAIN);
+ }
+
+ // @Test
+ // public void testIsValidID(){
+ // String Result = defaultOrg.isValidID(Matchers.anyString());
+ // System.out.println("value of res " +Result);
+ // assertNotNull(Result);
+ // }
+
+ @Test
+ public void testResponsible() throws OrganizationException {
+ Identity id = defaultOrg.getIdentity(authzTransMock, "osaaf");
+ Identity rt = id.responsibleTo();
+ assertTrue(rt.id().equals("bdevl"));
+
+ }
+
+ //@Test
+ public void notYetImplemented() {
+ fail("Tests in this file should not be trusted");
+ }
}
diff --git a/auth/auth-deforg/src/test/java/org/onap/aaf/org/test/JU_DefaultOrgIdentity.java b/auth/auth-deforg/src/test/java/org/onap/aaf/org/test/JU_DefaultOrgIdentity.java
index 3e5c74b5..d0d08075 100644
--- a/auth/auth-deforg/src/test/java/org/onap/aaf/org/test/JU_DefaultOrgIdentity.java
+++ b/auth/auth-deforg/src/test/java/org/onap/aaf/org/test/JU_DefaultOrgIdentity.java
@@ -44,120 +44,120 @@ import java.io.IOException;
@RunWith(PowerMockRunner.class)
public class JU_DefaultOrgIdentity {
- private DefaultOrg defaultOrgMock;
+ private DefaultOrg defaultOrgMock;
- @Mock
- private Reuse rMock;
+ @Mock
+ private Reuse rMock;
- @Mock
- AuthzTrans authzTransMock;
+ @Mock
+ AuthzTrans authzTransMock;
- @Mock
- private Data dataMock;
+ @Mock
+ private Data dataMock;
- @Mock
- private DefaultOrgIdentity defaultOrgIdentity;
+ @Mock
+ private DefaultOrgIdentity defaultOrgIdentity;
- static String key = "iowna@deforg";
- static String orgDomain = "@deforg";
+ static String key = "iowna@deforg";
+ static String orgDomain = "@deforg";
- @Before
- public void setUp() throws IOException, OrganizationException {
- MockitoAnnotations.initMocks(this);
- defaultOrgMock = PowerMockito.mock(DefaultOrg.class);
- defaultOrgMock.identities = mock(Identities.class);
+ @Before
+ public void setUp() throws IOException, OrganizationException {
+ MockitoAnnotations.initMocks(this);
+ defaultOrgMock = PowerMockito.mock(DefaultOrg.class);
+ defaultOrgMock.identities = mock(Identities.class);
- authzTransMock = PowerMockito.mock(AuthzTrans.class);
+ authzTransMock = PowerMockito.mock(AuthzTrans.class);
- when(defaultOrgMock.getDomain()).thenReturn(orgDomain);
- when(defaultOrgMock.identities.reuse()).thenReturn(rMock);
- when(defaultOrgMock.identities.find(eq(key),any(Reuse.class))).thenReturn(dataMock);
+ when(defaultOrgMock.getDomain()).thenReturn(orgDomain);
+ when(defaultOrgMock.identities.reuse()).thenReturn(rMock);
+ when(defaultOrgMock.identities.find(eq(key),any(Reuse.class))).thenReturn(dataMock);
- defaultOrgIdentity = new DefaultOrgIdentity(authzTransMock, key, defaultOrgMock);
+ defaultOrgIdentity = new DefaultOrgIdentity(authzTransMock, key, defaultOrgMock);
- }
+ }
- @Test
- public void testIdentify_returnIdentifiedEntity() {
+ @Test
+ public void testIdentify_returnIdentifiedEntity() {
- assertTrue(defaultOrgIdentity.id() != null);
+ assertTrue(defaultOrgIdentity.id() != null);
- }
+ }
- @Test
- public void testIdentify_returnIdentifiedEntityWithDataNull() throws IOException, OrganizationException {
+ @Test
+ public void testIdentify_returnIdentifiedEntityWithDataNull() throws IOException, OrganizationException {
- when(defaultOrgMock.identities.find(eq(key),any(Reuse.class))).thenReturn(null);
+ when(defaultOrgMock.identities.find(eq(key),any(Reuse.class))).thenReturn(null);
- DefaultOrgIdentity defaultOrgIdentityDataNull = new DefaultOrgIdentity(authzTransMock, key, defaultOrgMock);
- assertTrue(defaultOrgIdentityDataNull.id() != null);
+ DefaultOrgIdentity defaultOrgIdentityDataNull = new DefaultOrgIdentity(authzTransMock, key, defaultOrgMock);
+ assertTrue(defaultOrgIdentityDataNull.id() != null);
- }
+ }
- @Test(expected = OrganizationException.class)
- public void testIdentify_returnThrowIOException() throws OrganizationException {
+ @Test(expected = OrganizationException.class)
+ public void testIdentify_returnThrowIOException() throws OrganizationException {
- when(defaultOrgMock.getDomain()).thenReturn(orgDomain);
- when(defaultOrgMock.identities.reuse()).thenThrow(IOException.class);
- DefaultOrgIdentity defaultOrgIdentityException = new DefaultOrgIdentity(authzTransMock, key, defaultOrgMock);
+ when(defaultOrgMock.getDomain()).thenReturn(orgDomain);
+ when(defaultOrgMock.identities.reuse()).thenThrow(IOException.class);
+ DefaultOrgIdentity defaultOrgIdentityException = new DefaultOrgIdentity(authzTransMock, key, defaultOrgMock);
- }
+ }
- @Test
- public void testEquals_returnTrue() {
+ @Test
+ public void testEquals_returnTrue() {
- Object b = defaultOrgIdentity;
- assertTrue(defaultOrgIdentity.equals(b) == true );
- }
+ Object b = defaultOrgIdentity;
+ assertTrue(defaultOrgIdentity.equals(b) == true );
+ }
- @Test
- public void testStatus_returnUnknown() {
+ @Test
+ public void testStatus_returnUnknown() {
- assertEquals(defaultOrgIdentity.type(), "Unknown");
+ assertEquals(defaultOrgIdentity.type(), "Unknown");
- }
+ }
- @Test
- public void testHash_returnHashCode() {
+ @Test
+ public void testHash_returnHashCode() {
- assertTrue(defaultOrgIdentity.hashCode() != 0 );
+ assertTrue(defaultOrgIdentity.hashCode() != 0 );
- }
+ }
- @Test
- public void testFullId_returnFullId() throws IOException, OrganizationException{
- String key="toto@deforg";
- String orgDomain="@deforg";
- when(defaultOrgMock.getDomain()).thenReturn(orgDomain);
- when(defaultOrgMock.identities.reuse()).thenReturn(rMock);
- when(defaultOrgMock.identities.find(eq(key),any(Reuse.class))).thenReturn(dataMock);
- defaultOrgIdentity = new DefaultOrgIdentity(authzTransMock, key, defaultOrgMock);
+ @Test
+ public void testFullId_returnFullId() throws IOException, OrganizationException{
+ String key="toto@deforg";
+ String orgDomain="@deforg";
+ when(defaultOrgMock.getDomain()).thenReturn(orgDomain);
+ when(defaultOrgMock.identities.reuse()).thenReturn(rMock);
+ when(defaultOrgMock.identities.find(eq(key),any(Reuse.class))).thenReturn(dataMock);
+ defaultOrgIdentity = new DefaultOrgIdentity(authzTransMock, key, defaultOrgMock);
- assertTrue(defaultOrgIdentity.fullID().contains("@") );
- }
+ assertTrue(defaultOrgIdentity.fullID().contains("@") );
+ }
- @Test
- public void testEmail_returnEmail() {
+ @Test
+ public void testEmail_returnEmail() {
- assertTrue(defaultOrgIdentity.email() != null );
- }
+ assertTrue(defaultOrgIdentity.email() != null );
+ }
- @Test
- public void testFullName_returnFullName() {
+ @Test
+ public void testFullName_returnFullName() {
- assertTrue(defaultOrgIdentity.fullName() != null );
- }
+ assertTrue(defaultOrgIdentity.fullName() != null );
+ }
- @Test
- public void testFirstName_returnFirstName() {
+ @Test
+ public void testFirstName_returnFirstName() {
- assertTrue(defaultOrgIdentity.firstName() != null );
- }
+ assertTrue(defaultOrgIdentity.firstName() != null );
+ }
diff --git a/auth/auth-deforg/src/test/java/org/onap/aaf/org/test/JU_DefaultOrgWarnings.java b/auth/auth-deforg/src/test/java/org/onap/aaf/org/test/JU_DefaultOrgWarnings.java
index 2692d608..ad92c3e1 100644
--- a/auth/auth-deforg/src/test/java/org/onap/aaf/org/test/JU_DefaultOrgWarnings.java
+++ b/auth/auth-deforg/src/test/java/org/onap/aaf/org/test/JU_DefaultOrgWarnings.java
@@ -34,50 +34,50 @@ import org.powermock.modules.junit4.PowerMockRunner;
@RunWith(PowerMockRunner.class)
public class JU_DefaultOrgWarnings {
- private DefaultOrgWarnings defaultOrgWarningsMock;
- private DefaultOrgWarnings defaultOrgWarnings;
+ private DefaultOrgWarnings defaultOrgWarningsMock;
+ private DefaultOrgWarnings defaultOrgWarnings;
- @Before
- public void setUp(){
- MockitoAnnotations.initMocks(this);
+ @Before
+ public void setUp(){
+ MockitoAnnotations.initMocks(this);
- defaultOrgWarningsMock = PowerMockito.mock(DefaultOrgWarnings.class);
+ defaultOrgWarningsMock = PowerMockito.mock(DefaultOrgWarnings.class);
- defaultOrgWarnings = new DefaultOrgWarnings();
- }
+ defaultOrgWarnings = new DefaultOrgWarnings();
+ }
- @Test
- public void testApprEmailInterval() {
+ @Test
+ public void testApprEmailInterval() {
- assertEquals(259200000, defaultOrgWarnings.apprEmailInterval() );
- }
+ assertEquals(259200000, defaultOrgWarnings.apprEmailInterval() );
+ }
- @Test
- public void testCredEmailInterval() {
- assertEquals(604800000, defaultOrgWarnings.credEmailInterval());
+ @Test
+ public void testCredEmailInterval() {
+ assertEquals(604800000, defaultOrgWarnings.credEmailInterval());
- }
+ }
- @Test
- public void testCredExpirationWarning() {
- assertEquals(2592000000L, defaultOrgWarnings.credExpirationWarning());
- }
+ @Test
+ public void testCredExpirationWarning() {
+ assertEquals(2592000000L, defaultOrgWarnings.credExpirationWarning());
+ }
- @Test
- public void testEmailUrgentWarning() {
- assertEquals(1209600000L, defaultOrgWarnings.emailUrgentWarning());
- }
+ @Test
+ public void testEmailUrgentWarning() {
+ assertEquals(1209600000L, defaultOrgWarnings.emailUrgentWarning());
+ }
- @Test
- public void testRoleEmailInterval() {
- assertEquals(604800000L, defaultOrgWarnings.roleEmailInterval());
- }
+ @Test
+ public void testRoleEmailInterval() {
+ assertEquals(604800000L, defaultOrgWarnings.roleEmailInterval());
+ }
- @Test
- public void testRoleExpirationWarning() {
- assertEquals(2592000000L, defaultOrgWarnings.roleExpirationWarning());
- }
+ @Test
+ public void testRoleExpirationWarning() {
+ assertEquals(2592000000L, defaultOrgWarnings.roleExpirationWarning());
+ }
}
diff --git a/auth/auth-deforg/src/test/java/org/onap/aaf/org/test/JU_Identities.java b/auth/auth-deforg/src/test/java/org/onap/aaf/org/test/JU_Identities.java
index 458d3b25..6fa7a347 100644
--- a/auth/auth-deforg/src/test/java/org/onap/aaf/org/test/JU_Identities.java
+++ b/auth/auth-deforg/src/test/java/org/onap/aaf/org/test/JU_Identities.java
@@ -44,67 +44,67 @@ import org.onap.aaf.org.Identities.Data;
*/
public class JU_Identities {
//
-// private static final String DATA_IDENTITIES = "/opt/app/onap/data/identities.dat";
-// private static File fids;
-// private static Identities ids;
-// private static AuthzEnv env;
+// private static final String DATA_IDENTITIES = "/opt/app/onap/data/identities.dat";
+// private static File fids;
+// private static Identities ids;
+// private static AuthzEnv env;
//
-// /**
-// * @throws java.lang.Exception
-// */
-// @BeforeClass
-// public static void setUpBeforeClass() throws Exception {
-// env = new AuthzEnv();
-// AuthzTrans trans = env.newTransNoAvg();
-// // Note: utilize TimeTaken, from trans.start if you want to time.
-// fids = new File(DATA_IDENTITIES);
-// if(fids.exists()) {
-// ids = new Identities(fids);
-// ids.open(trans, 5000);
-// } else {
-//
-// throw new Exception("Data File for Tests, \"" + DATA_IDENTITIES
-// + "\" must exist before test can run. (Current dir is " + System.getProperty("user.dir") + ")");
-// }
-// }
+// /**
+// * @throws java.lang.Exception
+// */
+// @BeforeClass
+// public static void setUpBeforeClass() throws Exception {
+// env = new AuthzEnv();
+// AuthzTrans trans = env.newTransNoAvg();
+// // Note: utilize TimeTaken, from trans.start if you want to time.
+// fids = new File(DATA_IDENTITIES);
+// if(fids.exists()) {
+// ids = new Identities(fids);
+// ids.open(trans, 5000);
+// } else {
+//
+// throw new Exception("Data File for Tests, \"" + DATA_IDENTITIES
+// + "\" must exist before test can run. (Current dir is " + System.getProperty("user.dir") + ")");
+// }
+// }
//
-// /**
-// * @throws java.lang.Exception
-// */
-// @AfterClass
-// public static void tearDownAfterClass() throws Exception {
-// AuthzTrans trans = env.newTransNoAvg();
-// if(ids!=null) {
-// ids.close(trans);
-// }
-// }
+// /**
+// * @throws java.lang.Exception
+// */
+// @AfterClass
+// public static void tearDownAfterClass() throws Exception {
+// AuthzTrans trans = env.newTransNoAvg();
+// if(ids!=null) {
+// ids.close(trans);
+// }
+// }
//
-// /**
-// * @throws java.lang.Exception
-// */
-// @Before
-// public void setUp() throws Exception {
-// }
+// /**
+// * @throws java.lang.Exception
+// */
+// @Before
+// public void setUp() throws Exception {
+// }
//
-// /**
-// * @throws java.lang.Exception
-// */
-// @After
-// public void tearDown() throws Exception {
-// }
+// /**
+// * @throws java.lang.Exception
+// */
+// @After
+// public void tearDown() throws Exception {
+// }
//
-// @Test
-// public void test() throws IOException {
-// Reuse reuse = ids.reuse(); // this object can be reused within the same thread.
-// Data id = ids.find("osaaf",reuse);
-// Assert.assertNotNull(id);
-// System.out.println(id);
+// @Test
+// public void test() throws IOException {
+// Reuse reuse = ids.reuse(); // this object can be reused within the same thread.
+// Data id = ids.find("osaaf",reuse);
+// Assert.assertNotNull(id);
+// System.out.println(id);
//
-// id = ids.find("mmanager",reuse);
-// Assert.assertNotNull(id);
-// System.out.println(id);
+// id = ids.find("mmanager",reuse);
+// Assert.assertNotNull(id);
+// System.out.println(id);
//
-// //TODO Fill out JUnit with Tests of all Methods in "Data id"
-// }
+// //TODO Fill out JUnit with Tests of all Methods in "Data id"
+// }
}
diff --git a/auth/auth-deforg/src/test/java/org/onap/aaf/org/test/JU_Passwords.java b/auth/auth-deforg/src/test/java/org/onap/aaf/org/test/JU_Passwords.java
index 72e4ff87..847e59f1 100644
--- a/auth/auth-deforg/src/test/java/org/onap/aaf/org/test/JU_Passwords.java
+++ b/auth/auth-deforg/src/test/java/org/onap/aaf/org/test/JU_Passwords.java
@@ -46,80 +46,80 @@ import org.powermock.modules.junit4.PowerMockRunner;
public class JU_Passwords {
- private DefaultOrg defaultOrg;
+ private DefaultOrg defaultOrg;
- Identities.Data data;
+ Identities.Data data;
- @Mock
- Env envMock;
+ @Mock
+ Env envMock;
- @Mock
- AuthzTrans authzTransMock;
+ @Mock
+ AuthzTrans authzTransMock;
- @Mock
- TimeTaken ttMock;
+ @Mock
+ TimeTaken ttMock;
- @Mock
- LogTarget logTargetMock;
+ @Mock
+ LogTarget logTargetMock;
- private static final String REALM = "org.osaaf";
- private static final String NAME = "Default Organization";
+ private static final String REALM = "org.osaaf";
+ private static final String NAME = "Default Organization";
- String mailHost,mailFromUserId,summary,supportAddress;
+ String mailHost,mailFromUserId,summary,supportAddress;
- @Before
- public void setUp() throws OrganizationException{
+ @Before
+ public void setUp() throws OrganizationException{
- mailFromUserId = "frommail";
- mailHost = "hostmail";
- File file = new File("src/test/resources/");
- when(envMock.getProperty(REALM + ".name","Default Organization")).thenReturn(NAME);
- when(envMock.getProperty(REALM + ".mailHost",null)).thenReturn(mailHost);
- when(envMock.getProperty(REALM + ".mailFrom",null)).thenReturn(mailFromUserId);
- when(envMock.getProperty("aaf_data_dir")).thenReturn(file.getAbsolutePath());
- when(envMock.warn()).thenReturn(logTargetMock);
- when(authzTransMock.warn()).thenReturn(logTargetMock);
- when(authzTransMock.start(any(String.class),any(Integer.class))).thenReturn(ttMock);
- when(authzTransMock.error()).thenReturn(logTargetMock);
- when(authzTransMock.getProperty("CASS_ENV", "")).thenReturn("Cassandra env");
+ mailFromUserId = "frommail";
+ mailHost = "hostmail";
+ File file = new File("src/test/resources/");
+ when(envMock.getProperty(REALM + ".name","Default Organization")).thenReturn(NAME);
+ when(envMock.getProperty(REALM + ".mailHost",null)).thenReturn(mailHost);
+ when(envMock.getProperty(REALM + ".mailFrom",null)).thenReturn(mailFromUserId);
+ when(envMock.getProperty("aaf_data_dir")).thenReturn(file.getAbsolutePath());
+ when(envMock.warn()).thenReturn(logTargetMock);
+ when(authzTransMock.warn()).thenReturn(logTargetMock);
+ when(authzTransMock.start(any(String.class),any(Integer.class))).thenReturn(ttMock);
+ when(authzTransMock.error()).thenReturn(logTargetMock);
+ when(authzTransMock.getProperty("CASS_ENV", "")).thenReturn("Cassandra env");
- defaultOrg = new DefaultOrg(envMock, REALM);
+ defaultOrg = new DefaultOrg(envMock, REALM);
- }
+ }
- @Test
- public void testDefOrgPasswords() {
- // Accepts letters and one of (number, Special Char, Upper)
- assertEquals(defaultOrg.isValidPassword(authzTransMock, null, "newyou2", "Pilgrim"),"");
- assertEquals(defaultOrg.isValidPassword(authzTransMock, null, "newyou!", "Pilgrim"),"");
- assertEquals(defaultOrg.isValidPassword(authzTransMock, null, "newyou!", "Pilgrim"),"");
-
- // Don't accept just letters, Numbers or Special Chars, or without ANY letters
- assertNotSame(defaultOrg.isValidPassword(authzTransMock, null, "newyouA", "Pilgrim"),"");
- assertNotSame(defaultOrg.isValidPassword(authzTransMock, null, "NEWYOU", "Pilgrim"),"");
- assertNotSame(defaultOrg.isValidPassword(authzTransMock, null, "newyou", "Pilgrim"),"");
- assertNotSame(defaultOrg.isValidPassword(authzTransMock, null, "125343", "Pilgrim"),"");
- assertNotSame(defaultOrg.isValidPassword(authzTransMock, null, "#$@*^#", "Pilgrim"),"");
- assertNotSame(defaultOrg.isValidPassword(authzTransMock, null, "#$3333", "Pilgrim"),"");
+ @Test
+ public void testDefOrgPasswords() {
+ // Accepts letters and one of (number, Special Char, Upper)
+ assertEquals(defaultOrg.isValidPassword(authzTransMock, null, "newyou2", "Pilgrim"),"");
+ assertEquals(defaultOrg.isValidPassword(authzTransMock, null, "newyou!", "Pilgrim"),"");
+ assertEquals(defaultOrg.isValidPassword(authzTransMock, null, "newyou!", "Pilgrim"),"");
+
+ // Don't accept just letters, Numbers or Special Chars, or without ANY letters
+ assertNotSame(defaultOrg.isValidPassword(authzTransMock, null, "newyouA", "Pilgrim"),"");
+ assertNotSame(defaultOrg.isValidPassword(authzTransMock, null, "NEWYOU", "Pilgrim"),"");
+ assertNotSame(defaultOrg.isValidPassword(authzTransMock, null, "newyou", "Pilgrim"),"");
+ assertNotSame(defaultOrg.isValidPassword(authzTransMock, null, "125343", "Pilgrim"),"");
+ assertNotSame(defaultOrg.isValidPassword(authzTransMock, null, "#$@*^#", "Pilgrim"),"");
+ assertNotSame(defaultOrg.isValidPassword(authzTransMock, null, "#$3333", "Pilgrim"),"");
- // Length
- assertNotSame(defaultOrg.isValidPassword(authzTransMock, null, "w2Yu!", "Pilgrim"),"");
- assertNotSame(defaultOrg.isValidPassword(authzTransMock, null, "", "Pilgrim"),"");
- assertNotSame(defaultOrg.isValidPassword(authzTransMock, null, "moreThan20somethingCharacters, even though good", "Pilgrim"),"");
+ // Length
+ assertNotSame(defaultOrg.isValidPassword(authzTransMock, null, "w2Yu!", "Pilgrim"),"");
+ assertNotSame(defaultOrg.isValidPassword(authzTransMock, null, "", "Pilgrim"),"");
+ assertNotSame(defaultOrg.isValidPassword(authzTransMock, null, "moreThan20somethingCharacters, even though good", "Pilgrim"),"");
- // May not contain ID
- assertNotSame(defaultOrg.isValidPassword(authzTransMock, null, "Pilgrim", "Pilgrim"),"");
- assertNotSame(defaultOrg.isValidPassword(authzTransMock, null, "Pilgrim1", "Pilgrim"),"");
- assertNotSame(defaultOrg.isValidPassword(authzTransMock, null, "Pilgrim#", "Pilgrim"),"");
- assertNotSame(defaultOrg.isValidPassword(authzTransMock, null, "aPilgrim1", "Pilgrim"),"");
+ // May not contain ID
+ assertNotSame(defaultOrg.isValidPassword(authzTransMock, null, "Pilgrim", "Pilgrim"),"");
+ assertNotSame(defaultOrg.isValidPassword(authzTransMock, null, "Pilgrim1", "Pilgrim"),"");
+ assertNotSame(defaultOrg.isValidPassword(authzTransMock, null, "Pilgrim#", "Pilgrim"),"");
+ assertNotSame(defaultOrg.isValidPassword(authzTransMock, null, "aPilgrim1", "Pilgrim"),"");
- // Solid
- assertEquals(defaultOrg.isValidPassword(authzTransMock, null, "new2You!", "Pilgrim"),"");
+ // Solid
+ assertEquals(defaultOrg.isValidPassword(authzTransMock, null, "new2You!", "Pilgrim"),"");
-
- }
+
+ }
}