diff options
Diffstat (limited to 'auth/auth-gui/src/main/java')
4 files changed, 109 insertions, 47 deletions
diff --git a/auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/Display.java b/auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/Display.java index c25d6641..de1a8461 100644 --- a/auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/Display.java +++ b/auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/Display.java @@ -26,10 +26,12 @@ import java.util.Enumeration; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; +import org.onap.aaf.auth.common.Define; import org.onap.aaf.auth.env.AuthzTrans; import org.onap.aaf.auth.rserv.HttpCode; import org.onap.aaf.auth.rserv.HttpMethods; import org.onap.aaf.misc.env.Slot; +import org.onap.aaf.misc.xgen.html.HTMLGen; public class Display { private final Page get; @@ -98,7 +100,9 @@ public class Display { for (int i=0; i<slots.length;++i) { int idx = fields[i].indexOf("[]"); if (idx<0) { // single value - trans.put(slots[i], req.getParameter(fields[i])); + if(asUser(trans, req,fields[i])) { + trans.put(slots[i], req.getParameter(fields[i])); + } } else { // multi value String[] array = new String[30]; String field=fields[i].substring(0, idx); @@ -125,7 +129,17 @@ public class Display { page.replay(context,trans,resp.getOutputStream(),"general"); } - @Override + /** + * When the field is "as_user", make sure permission is granted + */ + private boolean asUser(AuthzTrans trans, HttpServletRequest req, String field) { + if("as_user".equals(field)) { + return req.isUserInRole(Define.ROOT_NS()+"|access|*|*"); + } + return true; + } + + @Override public boolean no_cache() { return no_cache; } diff --git a/auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/pages/ApprovalForm.java b/auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/pages/ApprovalForm.java index 0c984e4d..e047a22a 100644 --- a/auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/pages/ApprovalForm.java +++ b/auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/pages/ApprovalForm.java @@ -66,7 +66,7 @@ public class ApprovalForm extends Page { // Package on purpose static final String NAME="Approvals"; static final String HREF = "/gui/approve"; - static final String[] FIELDS = new String[] {"line[]","user","delegate_of"}; + static final String[] FIELDS = new String[] {"line[]","user","delegate_of","as_user"}; public ApprovalForm(final AAF_GUI gui, final Page ... breadcrumbs) throws APIException, IOException { @@ -121,10 +121,12 @@ public class ApprovalForm extends Page { private static final String[] headers = new String[] {"Identity","Request","Approve","Deny"}; private Slot sUser; private Slot sAsDelegate; + private Slot sAsUser; public Model(AuthzEnv env) { sUser = env.slot(NAME+".user"); sAsDelegate = env.slot(NAME+".delegate_of"); + sAsUser = env.slot(NAME + ".as_user"); } @Override @@ -135,7 +137,15 @@ public class ApprovalForm extends Page { @Override public Cells get(final AuthzTrans trans, final AAF_GUI gui) { final String userParam = trans.get(sUser, null); - final String asDelegate = trans.get(sAsDelegate, trans.user()); + + final String asDelegate = trans.get(sAsDelegate, null); + final String approver; + if(asDelegate==null) { + approver = trans.get(sAsUser,trans.user()); + } else { + approver = asDelegate; + } + ArrayList<AbsCell[]> rv = new ArrayList<>(); String msg = null; TimeTaken tt = trans.start("AAF Get Approvals for Approver",Env.REMOTE); @@ -145,7 +155,7 @@ public class ApprovalForm extends Page { int numLeft = gui.clientAsUser(trans.getUserPrincipal(), new Retryable<Integer>() { @Override public Integer code(Rcli<?> client) throws CadiException, ConnectException, APIException { - Future<Approvals> fa = client.read("/authz/approval/approver/"+asDelegate,gui.getDF(Approvals.class)); + Future<Approvals> fa = client.read("/authz/approval/approver/"+approver,gui.getDF(Approvals.class)); int numLeft = 0; if (fa.get(AAF_GUI.TIMEOUT)) { @@ -266,7 +276,6 @@ public class ApprovalForm extends Page { userCell = new TextToolTipCell(user,title); } } - prevUser=user; // userCell = new RefCell(prevUser, // TODO_ILM_INFO+user.substring(0, user.length()-domainOfApprover.length()), // true, @@ -275,6 +284,7 @@ public class ApprovalForm extends Page { } else { userCell = new TextCell(prevUser==null?user:prevUser); } + prevUser=user; AbsCell[] sa = new AbsCell[] { userCell, new TextCell(appr.getMemo()), diff --git a/auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/pages/PendingRequestsShow.java b/auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/pages/PendingRequestsShow.java index 22c3fd4d..41711db2 100644 --- a/auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/pages/PendingRequestsShow.java +++ b/auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/pages/PendingRequestsShow.java @@ -30,6 +30,7 @@ import java.util.Comparator; import java.util.List; import java.util.UUID; +import org.onap.aaf.auth.env.AuthzEnv; import org.onap.aaf.auth.env.AuthzTrans; import org.onap.aaf.auth.gui.AAF_GUI; import org.onap.aaf.auth.gui.BreadCrumbs; @@ -47,6 +48,7 @@ import org.onap.aaf.cadi.client.Rcli; import org.onap.aaf.cadi.client.Retryable; import org.onap.aaf.misc.env.APIException; import org.onap.aaf.misc.env.Env; +import org.onap.aaf.misc.env.Slot; import org.onap.aaf.misc.env.TimeTaken; import org.onap.aaf.misc.xgen.Cache; import org.onap.aaf.misc.xgen.DynamicCode; @@ -59,48 +61,65 @@ public class PendingRequestsShow extends Page { public static final String HREF = "/gui/myrequests"; public static final String NAME = "MyRequests"; static final String WEBPHONE = "http://webphone.att.com/cgi-bin/webphones.pl?id="; + static final String[] FIELDS = new String[] {"as_user"}; // as_user Checked in Display + private static final String AS_USER=NAME+".as_user"; public PendingRequestsShow(final AAF_GUI gui, final Page ... breadcrumbs) throws APIException, IOException { - super(gui.env, NAME,HREF, NO_FIELDS, + super(gui.env, NAME,HREF, FIELDS, new BreadCrumbs(breadcrumbs), - new NamedCode(true,"expedite") { - @Override - public void code(final Cache<HTMLGen> cache, final HTMLGen hgen) throws APIException, IOException { - cache.dynamic(hgen, new DynamicCode<HTMLGen, AAF_GUI, AuthzTrans>() { - @Override - public void code(final AAF_GUI gui, final AuthzTrans trans, final Cache<HTMLGen> cache, final HTMLGen hgen) throws APIException, IOException { - hgen - .leaf("p", "class=expedite_request").text("These are your submitted Requests that are awaiting Approval. ") - .br() - .text("To Expedite a Request: ") - .leaf("a","href=#expedite_directions","onclick=divVisibility('expedite_directions');") - .text("Click Here").end() - .divID("expedite_directions", "style=display:none"); - hgen - .incr(HTMLGen.OL) - .incr(HTMLGen.LI) - .leaf("a","href="+ApprovalForm.HREF+"?user="+trans.user(), "id=userApprove") - .text("Copy This Link") - .end() - .end() - .incr(HTMLGen.LI) - .text("Send it to the Approver Listed") - .end() - .end() - .text("NOTE: Using this link, the Approver will only see your requests. You only need to send this link once!") - .end() - .end(); - } - }); - } - }, - new Table<AAF_GUI,AuthzTrans>("Pending Requests",gui.env.newTransNoAvg(),new Model(), "class=std") + new TopOfPage(gui.env,true, "expedite"), + new Table<AAF_GUI,AuthzTrans>("Pending Requests",gui.env.newTransNoAvg(),new Model(gui.env), "class=std") ); - - } - /** + private static final class TopOfPage extends NamedCode { + private Slot sAsUser; + + private TopOfPage(AuthzEnv env, boolean no_cache, String name) { + super(no_cache, name); + sAsUser = env.slot(AS_USER); + } + + @Override + public void code(final Cache<HTMLGen> cache, final HTMLGen hgen) throws APIException, IOException { + cache.dynamic(hgen, new DynamicCode<HTMLGen, AAF_GUI, AuthzTrans>() { + @Override + public void code(final AAF_GUI gui, final AuthzTrans trans, final Cache<HTMLGen> cache, final HTMLGen hgen) throws APIException, IOException { + String user = trans.get(sAsUser,null); + if(user==null) { + user=trans.user(); + } else { + hgen.incr(HTMLGen.H3,"class=center").text("Displaying for " + user).end(); + } + + hgen + .leaf(HTMLGen.P, "class=expedite_request").text("These are your submitted Requests that are awaiting Approval. ") + .br() + .text("To Expedite a Request: ") + .leaf("a","href=#expedite_directions","onclick=divVisibility('expedite_directions');") + .text("Click Here").end() + .divID("expedite_directions", "style=display:none"); + + hgen + .incr(HTMLGen.OL) + .incr(HTMLGen.LI) + .leaf("a","href="+ApprovalForm.HREF+"?user="+user, "id=userApprove") + .text("Copy This Link") + .end() + .end() + .incr(HTMLGen.LI) + .text("Send it to the Approver Listed") + .end() + .end() + .text("NOTE: Using this link, the Approver will only see your requests. You only need to send this link once!") + .end() + .end(); + } + }); + } + } + + /** * Implement the Table Content for Requests by User * * @author Jeremiah @@ -108,8 +127,13 @@ public class PendingRequestsShow extends Page { */ private static class Model extends TableData<AAF_GUI,AuthzTrans> { final long NUM_100NS_INTERVALS_SINCE_UUID_EPOCH = 0x01b21dd213814000L; + private final Slot sAsUser; private static final String[] headers = new String[] {"Request Date","Status","Memo","Approver"}; + public Model(AuthzEnv env) { + sAsUser = env.slot(AS_USER); + } + @Override public String[] headers() { return headers; @@ -122,9 +146,11 @@ public class PendingRequestsShow extends Page { gui.clientAsUser(trans.getUserPrincipal(), new Retryable<Void>() { @Override public Void code(Rcli<?> client)throws CadiException, ConnectException, APIException { + final String user = trans.get(sAsUser,trans.user()); + TimeTaken tt = trans.start("AAF Get Approvals by User",Env.REMOTE); try { - Future<Approvals> fa = client.read("/authz/approval/user/"+trans.user(),gui.getDF(Approvals.class)); + Future<Approvals> fa = client.read("/authz/approval/user/"+user,gui.getDF(Approvals.class)); if (fa.get(5000)) { tt.done(); tt = trans.start("Load Data", Env.SUB); @@ -142,7 +168,7 @@ public class PendingRequestsShow extends Page { String prevTicket = null; for (Approval a : approvals) { String approver = a.getApprover(); - String approverShort = approver.substring(0,approver.indexOf('@')); +// String approverShort = approver.substring(0,approver.indexOf('@')); AbsCell tsCell = null; String ticket = a.getTicket(); diff --git a/auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/pages/RequestDetail.java b/auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/pages/RequestDetail.java index 090b6e3c..8628d4be 100644 --- a/auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/pages/RequestDetail.java +++ b/auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/pages/RequestDetail.java @@ -28,6 +28,9 @@ import java.text.SimpleDateFormat; import java.util.ArrayList; import java.util.UUID; +import javax.servlet.http.HttpServletRequest; + +import org.onap.aaf.auth.common.Define; import org.onap.aaf.auth.env.AuthzEnv; import org.onap.aaf.auth.env.AuthzTrans; import org.onap.aaf.auth.gui.AAF_GUI; @@ -94,9 +97,18 @@ public class RequestDetail extends Page { ); if (fa.get(AAF_GUI.TIMEOUT)) { - if (!trans.user().equals(fa.value.getApprovals().get(0).getUser())) { - return Cells.EMPTY; - } + Approval app = fa.value.getApprovals().get(0); + if(app==null) { + return Cells.EMPTY; + } else { + if (!(trans.user().equals(app.getUser()) || + trans.user().equals(app.getApprover()))) { + HttpServletRequest req = trans.get(gui.slot_httpServletRequest,null); + if(req==null || !req.isUserInRole(Define.ROOT_NS()+"|access|*|*")) { + return Cells.EMPTY; + } + } + } tt.done(); tt = trans.start("Load Data", Env.SUB); boolean first = true; |