summaryrefslogtreecommitdiffstats
path: root/auth/auth-gui/src/main
diff options
context:
space:
mode:
Diffstat (limited to 'auth/auth-gui/src/main')
-rw-r--r--auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/Display.java18
-rw-r--r--auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/pages/ApprovalForm.java18
-rw-r--r--auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/pages/PendingRequestsShow.java102
-rw-r--r--auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/pages/RequestDetail.java18
4 files changed, 109 insertions, 47 deletions
diff --git a/auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/Display.java b/auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/Display.java
index c25d6641..de1a8461 100644
--- a/auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/Display.java
+++ b/auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/Display.java
@@ -26,10 +26,12 @@ import java.util.Enumeration;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
+import org.onap.aaf.auth.common.Define;
import org.onap.aaf.auth.env.AuthzTrans;
import org.onap.aaf.auth.rserv.HttpCode;
import org.onap.aaf.auth.rserv.HttpMethods;
import org.onap.aaf.misc.env.Slot;
+import org.onap.aaf.misc.xgen.html.HTMLGen;
public class Display {
private final Page get;
@@ -98,7 +100,9 @@ public class Display {
for (int i=0; i<slots.length;++i) {
int idx = fields[i].indexOf("[]");
if (idx<0) { // single value
- trans.put(slots[i], req.getParameter(fields[i]));
+ if(asUser(trans, req,fields[i])) {
+ trans.put(slots[i], req.getParameter(fields[i]));
+ }
} else { // multi value
String[] array = new String[30];
String field=fields[i].substring(0, idx);
@@ -125,7 +129,17 @@ public class Display {
page.replay(context,trans,resp.getOutputStream(),"general");
}
- @Override
+ /**
+ * When the field is "as_user", make sure permission is granted
+ */
+ private boolean asUser(AuthzTrans trans, HttpServletRequest req, String field) {
+ if("as_user".equals(field)) {
+ return req.isUserInRole(Define.ROOT_NS()+"|access|*|*");
+ }
+ return true;
+ }
+
+ @Override
public boolean no_cache() {
return no_cache;
}
diff --git a/auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/pages/ApprovalForm.java b/auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/pages/ApprovalForm.java
index 0c984e4d..e047a22a 100644
--- a/auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/pages/ApprovalForm.java
+++ b/auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/pages/ApprovalForm.java
@@ -66,7 +66,7 @@ public class ApprovalForm extends Page {
// Package on purpose
static final String NAME="Approvals";
static final String HREF = "/gui/approve";
- static final String[] FIELDS = new String[] {"line[]","user","delegate_of"};
+ static final String[] FIELDS = new String[] {"line[]","user","delegate_of","as_user"};
public ApprovalForm(final AAF_GUI gui, final Page ... breadcrumbs) throws APIException, IOException {
@@ -121,10 +121,12 @@ public class ApprovalForm extends Page {
private static final String[] headers = new String[] {"Identity","Request","Approve","Deny"};
private Slot sUser;
private Slot sAsDelegate;
+ private Slot sAsUser;
public Model(AuthzEnv env) {
sUser = env.slot(NAME+".user");
sAsDelegate = env.slot(NAME+".delegate_of");
+ sAsUser = env.slot(NAME + ".as_user");
}
@Override
@@ -135,7 +137,15 @@ public class ApprovalForm extends Page {
@Override
public Cells get(final AuthzTrans trans, final AAF_GUI gui) {
final String userParam = trans.get(sUser, null);
- final String asDelegate = trans.get(sAsDelegate, trans.user());
+
+ final String asDelegate = trans.get(sAsDelegate, null);
+ final String approver;
+ if(asDelegate==null) {
+ approver = trans.get(sAsUser,trans.user());
+ } else {
+ approver = asDelegate;
+ }
+
ArrayList<AbsCell[]> rv = new ArrayList<>();
String msg = null;
TimeTaken tt = trans.start("AAF Get Approvals for Approver",Env.REMOTE);
@@ -145,7 +155,7 @@ public class ApprovalForm extends Page {
int numLeft = gui.clientAsUser(trans.getUserPrincipal(), new Retryable<Integer>() {
@Override
public Integer code(Rcli<?> client) throws CadiException, ConnectException, APIException {
- Future<Approvals> fa = client.read("/authz/approval/approver/"+asDelegate,gui.getDF(Approvals.class));
+ Future<Approvals> fa = client.read("/authz/approval/approver/"+approver,gui.getDF(Approvals.class));
int numLeft = 0;
if (fa.get(AAF_GUI.TIMEOUT)) {
@@ -266,7 +276,6 @@ public class ApprovalForm extends Page {
userCell = new TextToolTipCell(user,title);
}
}
- prevUser=user;
// userCell = new RefCell(prevUser,
// TODO_ILM_INFO+user.substring(0, user.length()-domainOfApprover.length()),
// true,
@@ -275,6 +284,7 @@ public class ApprovalForm extends Page {
} else {
userCell = new TextCell(prevUser==null?user:prevUser);
}
+ prevUser=user;
AbsCell[] sa = new AbsCell[] {
userCell,
new TextCell(appr.getMemo()),
diff --git a/auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/pages/PendingRequestsShow.java b/auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/pages/PendingRequestsShow.java
index 22c3fd4d..41711db2 100644
--- a/auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/pages/PendingRequestsShow.java
+++ b/auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/pages/PendingRequestsShow.java
@@ -30,6 +30,7 @@ import java.util.Comparator;
import java.util.List;
import java.util.UUID;
+import org.onap.aaf.auth.env.AuthzEnv;
import org.onap.aaf.auth.env.AuthzTrans;
import org.onap.aaf.auth.gui.AAF_GUI;
import org.onap.aaf.auth.gui.BreadCrumbs;
@@ -47,6 +48,7 @@ import org.onap.aaf.cadi.client.Rcli;
import org.onap.aaf.cadi.client.Retryable;
import org.onap.aaf.misc.env.APIException;
import org.onap.aaf.misc.env.Env;
+import org.onap.aaf.misc.env.Slot;
import org.onap.aaf.misc.env.TimeTaken;
import org.onap.aaf.misc.xgen.Cache;
import org.onap.aaf.misc.xgen.DynamicCode;
@@ -59,48 +61,65 @@ public class PendingRequestsShow extends Page {
public static final String HREF = "/gui/myrequests";
public static final String NAME = "MyRequests";
static final String WEBPHONE = "http://webphone.att.com/cgi-bin/webphones.pl?id=";
+ static final String[] FIELDS = new String[] {"as_user"}; // as_user Checked in Display
+ private static final String AS_USER=NAME+".as_user";
public PendingRequestsShow(final AAF_GUI gui, final Page ... breadcrumbs) throws APIException, IOException {
- super(gui.env, NAME,HREF, NO_FIELDS,
+ super(gui.env, NAME,HREF, FIELDS,
new BreadCrumbs(breadcrumbs),
- new NamedCode(true,"expedite") {
- @Override
- public void code(final Cache<HTMLGen> cache, final HTMLGen hgen) throws APIException, IOException {
- cache.dynamic(hgen, new DynamicCode<HTMLGen, AAF_GUI, AuthzTrans>() {
- @Override
- public void code(final AAF_GUI gui, final AuthzTrans trans, final Cache<HTMLGen> cache, final HTMLGen hgen) throws APIException, IOException {
- hgen
- .leaf("p", "class=expedite_request").text("These are your submitted Requests that are awaiting Approval. ")
- .br()
- .text("To Expedite a Request: ")
- .leaf("a","href=#expedite_directions","onclick=divVisibility('expedite_directions');")
- .text("Click Here").end()
- .divID("expedite_directions", "style=display:none");
- hgen
- .incr(HTMLGen.OL)
- .incr(HTMLGen.LI)
- .leaf("a","href="+ApprovalForm.HREF+"?user="+trans.user(), "id=userApprove")
- .text("Copy This Link")
- .end()
- .end()
- .incr(HTMLGen.LI)
- .text("Send it to the Approver Listed")
- .end()
- .end()
- .text("NOTE: Using this link, the Approver will only see your requests. You only need to send this link once!")
- .end()
- .end();
- }
- });
- }
- },
- new Table<AAF_GUI,AuthzTrans>("Pending Requests",gui.env.newTransNoAvg(),new Model(), "class=std")
+ new TopOfPage(gui.env,true, "expedite"),
+ new Table<AAF_GUI,AuthzTrans>("Pending Requests",gui.env.newTransNoAvg(),new Model(gui.env), "class=std")
);
-
-
}
- /**
+ private static final class TopOfPage extends NamedCode {
+ private Slot sAsUser;
+
+ private TopOfPage(AuthzEnv env, boolean no_cache, String name) {
+ super(no_cache, name);
+ sAsUser = env.slot(AS_USER);
+ }
+
+ @Override
+ public void code(final Cache<HTMLGen> cache, final HTMLGen hgen) throws APIException, IOException {
+ cache.dynamic(hgen, new DynamicCode<HTMLGen, AAF_GUI, AuthzTrans>() {
+ @Override
+ public void code(final AAF_GUI gui, final AuthzTrans trans, final Cache<HTMLGen> cache, final HTMLGen hgen) throws APIException, IOException {
+ String user = trans.get(sAsUser,null);
+ if(user==null) {
+ user=trans.user();
+ } else {
+ hgen.incr(HTMLGen.H3,"class=center").text("Displaying for " + user).end();
+ }
+
+ hgen
+ .leaf(HTMLGen.P, "class=expedite_request").text("These are your submitted Requests that are awaiting Approval. ")
+ .br()
+ .text("To Expedite a Request: ")
+ .leaf("a","href=#expedite_directions","onclick=divVisibility('expedite_directions');")
+ .text("Click Here").end()
+ .divID("expedite_directions", "style=display:none");
+
+ hgen
+ .incr(HTMLGen.OL)
+ .incr(HTMLGen.LI)
+ .leaf("a","href="+ApprovalForm.HREF+"?user="+user, "id=userApprove")
+ .text("Copy This Link")
+ .end()
+ .end()
+ .incr(HTMLGen.LI)
+ .text("Send it to the Approver Listed")
+ .end()
+ .end()
+ .text("NOTE: Using this link, the Approver will only see your requests. You only need to send this link once!")
+ .end()
+ .end();
+ }
+ });
+ }
+ }
+
+ /**
* Implement the Table Content for Requests by User
*
* @author Jeremiah
@@ -108,8 +127,13 @@ public class PendingRequestsShow extends Page {
*/
private static class Model extends TableData<AAF_GUI,AuthzTrans> {
final long NUM_100NS_INTERVALS_SINCE_UUID_EPOCH = 0x01b21dd213814000L;
+ private final Slot sAsUser;
private static final String[] headers = new String[] {"Request Date","Status","Memo","Approver"};
+ public Model(AuthzEnv env) {
+ sAsUser = env.slot(AS_USER);
+ }
+
@Override
public String[] headers() {
return headers;
@@ -122,9 +146,11 @@ public class PendingRequestsShow extends Page {
gui.clientAsUser(trans.getUserPrincipal(), new Retryable<Void>() {
@Override
public Void code(Rcli<?> client)throws CadiException, ConnectException, APIException {
+ final String user = trans.get(sAsUser,trans.user());
+
TimeTaken tt = trans.start("AAF Get Approvals by User",Env.REMOTE);
try {
- Future<Approvals> fa = client.read("/authz/approval/user/"+trans.user(),gui.getDF(Approvals.class));
+ Future<Approvals> fa = client.read("/authz/approval/user/"+user,gui.getDF(Approvals.class));
if (fa.get(5000)) {
tt.done();
tt = trans.start("Load Data", Env.SUB);
@@ -142,7 +168,7 @@ public class PendingRequestsShow extends Page {
String prevTicket = null;
for (Approval a : approvals) {
String approver = a.getApprover();
- String approverShort = approver.substring(0,approver.indexOf('@'));
+// String approverShort = approver.substring(0,approver.indexOf('@'));
AbsCell tsCell = null;
String ticket = a.getTicket();
diff --git a/auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/pages/RequestDetail.java b/auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/pages/RequestDetail.java
index 090b6e3c..8628d4be 100644
--- a/auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/pages/RequestDetail.java
+++ b/auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/pages/RequestDetail.java
@@ -28,6 +28,9 @@ import java.text.SimpleDateFormat;
import java.util.ArrayList;
import java.util.UUID;
+import javax.servlet.http.HttpServletRequest;
+
+import org.onap.aaf.auth.common.Define;
import org.onap.aaf.auth.env.AuthzEnv;
import org.onap.aaf.auth.env.AuthzTrans;
import org.onap.aaf.auth.gui.AAF_GUI;
@@ -94,9 +97,18 @@ public class RequestDetail extends Page {
);
if (fa.get(AAF_GUI.TIMEOUT)) {
- if (!trans.user().equals(fa.value.getApprovals().get(0).getUser())) {
- return Cells.EMPTY;
- }
+ Approval app = fa.value.getApprovals().get(0);
+ if(app==null) {
+ return Cells.EMPTY;
+ } else {
+ if (!(trans.user().equals(app.getUser()) ||
+ trans.user().equals(app.getApprover()))) {
+ HttpServletRequest req = trans.get(gui.slot_httpServletRequest,null);
+ if(req==null || !req.isUserInRole(Define.ROOT_NS()+"|access|*|*")) {
+ return Cells.EMPTY;
+ }
+ }
+ }
tt.done();
tt = trans.start("Load Data", Env.SUB);
boolean first = true;