diff options
Diffstat (limited to 'auth/auth-service/src/main')
11 files changed, 638 insertions, 638 deletions
diff --git a/auth/auth-service/src/main/java/org/onap/aaf/auth/service/AAF_Service.java b/auth/auth-service/src/main/java/org/onap/aaf/auth/service/AAF_Service.java index 69cde411..4a592651 100644 --- a/auth/auth-service/src/main/java/org/onap/aaf/auth/service/AAF_Service.java +++ b/auth/auth-service/src/main/java/org/onap/aaf/auth/service/AAF_Service.java @@ -104,8 +104,8 @@ public class AAF_Service extends AbsService<AuthzEnv,AuthzTrans> { // Initialize Organizations... otherwise, first pass may miss int org_size = ORGANIZATION.length(); - for(String n : env.existingStaticSlotNames()) { - if(n.startsWith(ORGANIZATION)) { + for (String n : env.existingStaticSlotNames()) { + if (n.startsWith(ORGANIZATION)) { OrganizationFactory.obtain(env, n.substring(org_size)); } } @@ -122,7 +122,7 @@ public class AAF_Service extends AbsService<AuthzEnv,AuthzTrans> { // Print results and cleanup StringBuilder sb = new StringBuilder(); trans.auditTrail(0, sb); - if(sb.length()>0)env.init().log(sb); + if (sb.length()>0)env.init().log(sb); trans = null; sb = null; @@ -167,7 +167,7 @@ public class AAF_Service extends AbsService<AuthzEnv,AuthzTrans> { domain,Long.parseLong(env.getProperty(Config.AAF_CLEAN_INTERVAL, Config.AAF_CLEAN_INTERVAL_DEF)), false); - if(additionalTafLurs.length>0) { + if (additionalTafLurs.length>0) { System.arraycopy(additionalTafLurs, 0, atl, 2, additionalTafLurs.length); } @@ -194,7 +194,7 @@ public class AAF_Service extends AbsService<AuthzEnv,AuthzTrans> { @Override public void destroy() { Cache.stopTimer(); - if(cluster!=null) { + if (cluster!=null) { cluster.close(); } super.destroy(); @@ -211,7 +211,7 @@ public class AAF_Service extends AbsService<AuthzEnv,AuthzTrans> { public void route(HttpMethods meth, String path, API api, Code code) throws Exception { String version = "2.0"; Class<?> respCls = facade.mapper().getClass(api); - if(respCls==null) throw new Exception("Unknown class associated with " + api.getClass().getName() + ' ' + api.name()); + if (respCls==null) throw new Exception("Unknown class associated with " + api.getClass().getName() + ' ' + api.name()); String application = applicationJSON(respCls, version); route(env,meth,path,code,application,"application/json;version=2.0","*/*"); diff --git a/auth/auth-service/src/main/java/org/onap/aaf/auth/service/AuthzCassServiceImpl.java b/auth/auth-service/src/main/java/org/onap/aaf/auth/service/AuthzCassServiceImpl.java index c3e92df4..789a2e65 100644 --- a/auth/auth-service/src/main/java/org/onap/aaf/auth/service/AuthzCassServiceImpl.java +++ b/auth/auth-service/src/main/java/org/onap/aaf/auth/service/AuthzCassServiceImpl.java @@ -160,16 +160,16 @@ public class AuthzCassServiceImpl <NSS,PERMS,PERMKEY,ROLES,USERS,USERROLES,DE public Result<Void> createNS(final AuthzTrans trans, REQUEST from, NsType type) { final Result<Namespace> rnamespace = mapper.ns(trans, from); final ServiceValidator v = new ServiceValidator(); - if(v.ns(rnamespace).err()) { + if (v.ns(rnamespace).err()) { return Result.err(Status.ERR_BadData,v.errs()); } final Namespace namespace = rnamespace.value; final Result<NsDAO.Data> parentNs = ques.deriveNs(trans,namespace.name); - if(parentNs.notOK()) { + if (parentNs.notOK()) { return Result.err(parentNs); } - if(namespace.name.lastIndexOf('.')<0) { // Root Namespace... Function will check if allowed + if (namespace.name.lastIndexOf('.')<0) { // Root Namespace... Function will check if allowed return func.createNS(trans, namespace, false); } @@ -184,7 +184,7 @@ public class AuthzCassServiceImpl <NSS,PERMS,PERMKEY,ROLES,USERS,USERROLES,DE private Result<NsDAO.Data> rnd; @Override public Result<?> mayChange() { - if(rnd==null) { + if (rnd==null) { rnd = ques.mayUser(trans, trans.user(), parentNs.value,Access.write); } return rnd; @@ -193,7 +193,7 @@ public class AuthzCassServiceImpl <NSS,PERMS,PERMKEY,ROLES,USERS,USERROLES,DE switch(fd.status) { case OK: Result<String> rfc = func.createFuture(trans, fd.value, namespace.name, trans.user(),parentNs.value, FUTURE_OP.C); - if(rfc.isOK()) { + if (rfc.isOK()) { return Result.err(Status.ACC_Future, "NS [%s] is saved for future processing",namespace.name); } else { return Result.err(rfc); @@ -293,7 +293,7 @@ public class AuthzCassServiceImpl <NSS,PERMS,PERMKEY,ROLES,USERS,USERROLES,DE try { // Check inputs final Validator v = new ServiceValidator(); - if(v.ns(ns).err() || + if (v.ns(ns).err() || v.key(key).err() || v.value(value).err()) { return Result.err(Status.ERR_BadData,v.errs()); @@ -301,18 +301,18 @@ public class AuthzCassServiceImpl <NSS,PERMS,PERMKEY,ROLES,USERS,USERROLES,DE // Check if exists already Result<List<Data>> rlnsd = ques.nsDAO.read(trans, ns); - if(rlnsd.notOKorIsEmpty()) { + if (rlnsd.notOKorIsEmpty()) { return Result.err(rlnsd); } NsDAO.Data nsd = rlnsd.value.get(0); // Check for Existence - if(nsd.attrib.get(key)!=null) { + if (nsd.attrib.get(key)!=null) { return Result.err(Status.ERR_ConflictAlreadyExists, "NS Property %s:%s exists", ns, key); } // Check if User may put - if(!ques.isGranted(trans, trans.user(), ROOT_NS, Question.ATTRIB, + if (!ques.isGranted(trans, trans.user(), ROOT_NS, Question.ATTRIB, ":"+trans.org().getDomain()+".*:"+key, Access.write.name())) { return Result.err(Status.ERR_Denied, "%s may not create NS Attrib [%s:%s]", trans.user(),ns, key); } @@ -340,18 +340,18 @@ public class AuthzCassServiceImpl <NSS,PERMS,PERMKEY,ROLES,USERS,USERROLES,DE public Result<KEYS> readNsByAttrib(AuthzTrans trans, String key) { // Check inputs final Validator v = new ServiceValidator(); - if(v.nullOrBlank("Key",key).err()) { + if (v.nullOrBlank("Key",key).err()) { return Result.err(Status.ERR_BadData,v.errs()); } // May Read - if(!ques.isGranted(trans, trans.user(), ROOT_NS, Question.ATTRIB, + if (!ques.isGranted(trans, trans.user(), ROOT_NS, Question.ATTRIB, ":"+trans.org().getDomain()+".*:"+key, Question.READ)) { return Result.err(Status.ERR_Denied,"%s may not read NS by Attrib '%s'",trans.user(),key); } Result<Set<String>> rsd = ques.nsDAO.dao().readNsByAttrib(trans, key); - if(rsd.notOK()) { + if (rsd.notOK()) { return Result.err(rsd); } return mapper().keys(rsd.value); @@ -376,7 +376,7 @@ public class AuthzCassServiceImpl <NSS,PERMS,PERMKEY,ROLES,USERS,USERROLES,DE try { // Check inputs final Validator v = new ServiceValidator(); - if(v.ns(ns).err() || + if (v.ns(ns).err() || v.key(key).err() || v.value(value).err()) { return Result.err(Status.ERR_BadData,v.errs()); @@ -384,18 +384,18 @@ public class AuthzCassServiceImpl <NSS,PERMS,PERMKEY,ROLES,USERS,USERROLES,DE // Check if exists already (NS must exist) Result<List<Data>> rlnsd = ques.nsDAO.read(trans, ns); - if(rlnsd.notOKorIsEmpty()) { + if (rlnsd.notOKorIsEmpty()) { return Result.err(rlnsd); } NsDAO.Data nsd = rlnsd.value.get(0); // Check for Existence - if(nsd.attrib.get(key)==null) { + if (nsd.attrib.get(key)==null) { return Result.err(Status.ERR_NotFound, "NS Property %s:%s exists", ns, key); } // Check if User may put - if(!ques.isGranted(trans, trans.user(), ROOT_NS, Question.ATTRIB, + if (!ques.isGranted(trans, trans.user(), ROOT_NS, Question.ATTRIB, ":"+trans.org().getDomain()+".*:"+key, Access.write.name())) { return Result.err(Status.ERR_Denied, "%s may not create NS Attrib [%s:%s]", trans.user(),ns, key); } @@ -428,25 +428,25 @@ public class AuthzCassServiceImpl <NSS,PERMS,PERMKEY,ROLES,USERS,USERROLES,DE try { // Check inputs final Validator v = new ServiceValidator(); - if(v.nullOrBlank("NS",ns).err() || + if (v.nullOrBlank("NS",ns).err() || v.nullOrBlank("Key",key).err()) { return Result.err(Status.ERR_BadData,v.errs()); } // Check if exists already Result<List<Data>> rlnsd = ques.nsDAO.read(trans, ns); - if(rlnsd.notOKorIsEmpty()) { + if (rlnsd.notOKorIsEmpty()) { return Result.err(rlnsd); } NsDAO.Data nsd = rlnsd.value.get(0); // Check for Existence - if(nsd.attrib.get(key)==null) { + if (nsd.attrib.get(key)==null) { return Result.err(Status.ERR_NotFound, "NS Property [%s:%s] does not exist", ns, key); } // Check if User may del - if(!ques.isGranted(trans, trans.user(), ROOT_NS, "attrib", ":" + ROOT_COMPANY + ".*:"+key, Access.write.name())) { + if (!ques.isGranted(trans, trans.user(), ROOT_NS, "attrib", ":" + ROOT_COMPANY + ".*:"+key, Access.write.name())) { return Result.err(Status.ERR_Denied, "%s may not delete NS Attrib [%s:%s]", trans.user(),ns, key); } @@ -473,28 +473,28 @@ public class AuthzCassServiceImpl <NSS,PERMS,PERMKEY,ROLES,USERS,USERROLES,DE @Override public Result<NSS> getNSbyName(AuthzTrans trans, String ns) { final Validator v = new ServiceValidator(); - if(v.nullOrBlank("NS", ns).err()) { + if (v.nullOrBlank("NS", ns).err()) { return Result.err(Status.ERR_BadData,v.errs()); } Result<List<NsDAO.Data>> rlnd = ques.nsDAO.read(trans, ns); - if(rlnd.isOK()) { - if(rlnd.isEmpty()) { + if (rlnd.isOK()) { + if (rlnd.isEmpty()) { return Result.err(Status.ERR_NotFound, "No data found for %s",ns); } Result<NsDAO.Data> rnd = ques.mayUser(trans, trans.user(), rlnd.value.get(0), Access.read); - if(rnd.notOK()) { + if (rnd.notOK()) { return Result.err(rnd); } Namespace namespace = new Namespace(rnd.value); Result<List<String>> rd = func.getOwners(trans, namespace.name, false); - if(rd.isOK()) { + if (rd.isOK()) { namespace.owner = rd.value; } rd = func.getAdmins(trans, namespace.name, false); - if(rd.isOK()) { + if (rd.isOK()) { namespace.admin = rd.value; } @@ -523,7 +523,7 @@ public class AuthzCassServiceImpl <NSS,PERMS,PERMKEY,ROLES,USERS,USERROLES,DE } Result<Collection<Namespace>> rn = loadNamepace(trans, user, ".admin", full); - if(rn.notOK()) { + if (rn.notOK()) { return Result.err(rn); } if (rn.isEmpty()) { @@ -552,7 +552,7 @@ public class AuthzCassServiceImpl <NSS,PERMS,PERMKEY,ROLES,USERS,USERROLES,DE } Result<Collection<Namespace>> rn = loadNamepace(trans, user, null, full); - if(rn.notOK()) { + if (rn.notOK()) { return Result.err(rn); } if (rn.isEmpty()) { @@ -565,55 +565,55 @@ public class AuthzCassServiceImpl <NSS,PERMS,PERMKEY,ROLES,USERS,USERROLES,DE private Result<Collection<Namespace>> loadNamepace(AuthzTrans trans, String user, String endsWith, boolean full) { Result<List<UserRoleDAO.Data>> urd = ques.userRoleDAO.readByUser(trans, user); - if(urd.notOKorIsEmpty()) { + if (urd.notOKorIsEmpty()) { return Result.err(urd); } Map<String, Namespace> lm = new HashMap<>(); Map<String, Namespace> other = full || endsWith==null?null:new TreeMap<>(); - for(UserRoleDAO.Data urdd : urd.value) { - if(full) { - if(endsWith==null || urdd.role.endsWith(endsWith)) { + for (UserRoleDAO.Data urdd : urd.value) { + if (full) { + if (endsWith==null || urdd.role.endsWith(endsWith)) { RoleDAO.Data rd = RoleDAO.Data.decode(urdd); Result<NsDAO.Data> nsd = ques.mayUser(trans, user, rd, Access.read); - if(nsd.isOK()) { + if (nsd.isOK()) { Namespace namespace = lm.get(nsd.value.name); - if(namespace==null) { + if (namespace==null) { namespace = new Namespace(nsd.value); lm.put(namespace.name,namespace); } Result<List<String>> rls = func.getAdmins(trans, namespace.name, false); - if(rls.isOK()) { + if (rls.isOK()) { namespace.admin=rls.value; } rls = func.getOwners(trans, namespace.name, false); - if(rls.isOK()) { + if (rls.isOK()) { namespace.owner=rls.value; } } } } else { // Shortened version. Only Namespace Info available from Role. - if(Question.ADMIN.equals(urdd.rname) || Question.OWNER.equals(urdd.rname)) { + if (Question.ADMIN.equals(urdd.rname) || Question.OWNER.equals(urdd.rname)) { RoleDAO.Data rd = RoleDAO.Data.decode(urdd); Result<NsDAO.Data> nsd = ques.mayUser(trans, user, rd, Access.read); - if(nsd.isOK()) { + if (nsd.isOK()) { Namespace namespace = lm.get(nsd.value.name); - if(namespace==null) { - if(other!=null) { + if (namespace==null) { + if (other!=null) { namespace = other.remove(nsd.value.name); } - if(namespace==null) { + if (namespace==null) { namespace = new Namespace(nsd.value); namespace.admin=new ArrayList<>(); namespace.owner=new ArrayList<>(); } - if(endsWith==null || urdd.role.endsWith(endsWith)) { + if (endsWith==null || urdd.role.endsWith(endsWith)) { lm.put(namespace.name,namespace); } else { other.put(namespace.name,namespace); } } - if(Question.OWNER.equals(urdd.rname)) { + if (Question.OWNER.equals(urdd.rname)) { namespace.owner.add(urdd.user); } else { namespace.admin.add(urdd.user); @@ -642,7 +642,7 @@ public class AuthzCassServiceImpl <NSS,PERMS,PERMKEY,ROLES,USERS,USERROLES,DE return Result.err(Status.ERR_BadData, v.errs()); } Result<Collection<Namespace>> rn = loadNamepace(trans, user, ".owner",full); - if(rn.notOK()) { + if (rn.notOK()) { return Result.err(rn); } if (rn.isEmpty()) { @@ -666,34 +666,34 @@ public class AuthzCassServiceImpl <NSS,PERMS,PERMKEY,ROLES,USERS,USERROLES,DE @Override public Result<NSS> getNSsChildren(AuthzTrans trans, String parent) { final Validator v = new ServiceValidator(); - if(v.nullOrBlank("NS", parent).err()) { + if (v.nullOrBlank("NS", parent).err()) { return Result.err(Status.ERR_BadData,v.errs()); } Result<NsDAO.Data> rnd = ques.deriveNs(trans, parent); - if(rnd.notOK()) { + if (rnd.notOK()) { return Result.err(rnd); } rnd = ques.mayUser(trans, trans.user(), rnd.value, Access.read); - if(rnd.notOK()) { + if (rnd.notOK()) { return Result.err(rnd); } Set<Namespace> lm = new HashSet<>(); Result<List<NsDAO.Data>> rlnd = ques.nsDAO.dao().getChildren(trans, parent); - if(rlnd.isOK()) { - if(rlnd.isEmpty()) { + if (rlnd.isOK()) { + if (rlnd.isEmpty()) { return Result.err(Status.ERR_NotFound, "No data found for %s",parent); } - for(NsDAO.Data ndd : rlnd.value) { + for (NsDAO.Data ndd : rlnd.value) { Namespace namespace = new Namespace(ndd); Result<List<String>> rls = func.getAdmins(trans, namespace.name, false); - if(rls.isOK()) { + if (rls.isOK()) { namespace.admin=rls.value; } rls = func.getOwners(trans, namespace.name, false); - if(rls.isOK()) { + if (rls.isOK()) { namespace.owner=rls.value; } @@ -720,17 +720,17 @@ public class AuthzCassServiceImpl <NSS,PERMS,PERMKEY,ROLES,USERS,USERROLES,DE public Result<Void> updateNsDescription(AuthzTrans trans, REQUEST from) { final Result<Namespace> nsd = mapper.ns(trans, from); final ServiceValidator v = new ServiceValidator(); - if(v.ns(nsd).err()) { + if (v.ns(nsd).err()) { return Result.err(Status.ERR_BadData,v.errs()); } - if(v.nullOrBlank("description", nsd.value.description).err()) { + if (v.nullOrBlank("description", nsd.value.description).err()) { return Result.err(Status.ERR_BadData,v.errs()); } Namespace namespace = nsd.value; Result<List<NsDAO.Data>> rlnd = ques.nsDAO.read(trans, namespace.name); - if(rlnd.notOKorIsEmpty()) { + if (rlnd.notOKorIsEmpty()) { return Result.err(Status.ERR_NotFound, "Namespace [%s] does not exist",namespace.name); } @@ -739,7 +739,7 @@ public class AuthzCassServiceImpl <NSS,PERMS,PERMKEY,ROLES,USERS,USERROLES,DE } Result<Void> rdr = ques.nsDAO.dao().addDescription(trans, namespace.name, namespace.description); - if(rdr.isOK()) { + if (rdr.isOK()) { return Result.ok(); } else { return Result.err(rdr); @@ -799,7 +799,7 @@ public class AuthzCassServiceImpl <NSS,PERMS,PERMKEY,ROLES,USERS,USERROLES,DE public Result<Void> createPerm(final AuthzTrans trans,REQUEST rreq) { final Result<PermDAO.Data> newPd = mapper.perm(trans, rreq); final ServiceValidator v = new ServiceValidator(); - if(v.perm(newPd).err()) { + if (v.perm(newPd).err()) { return Result.err(Status.ERR_BadData,v.errs()); } @@ -817,14 +817,14 @@ public class AuthzCassServiceImpl <NSS,PERMS,PERMKEY,ROLES,USERS,USERROLES,DE private Result<NsDAO.Data> nsd; @Override public Result<?> mayChange() { - if(nsd==null) { + if (nsd==null) { nsd = ques.mayUser(trans, trans.user(), newPd.value, Access.write); } return nsd; } }); Result<List<NsDAO.Data>> nsr = ques.nsDAO.read(trans, newPd.value.ns); - if(nsr.notOKorIsEmpty()) { + if (nsr.notOKorIsEmpty()) { return Result.err(nsr); } switch(fd.status) { @@ -834,7 +834,7 @@ public class AuthzCassServiceImpl <NSS,PERMS,PERMKEY,ROLES,USERS,USERROLES,DE trans.user(), nsr.value.get(0), FUTURE_OP.C); - if(rfc.isOK()) { + if (rfc.isOK()) { return Result.err(Status.ACC_Future, "Perm [%s.%s|%s|%s] is saved for future processing", newPd.value.ns, newPd.value.type, @@ -861,21 +861,21 @@ public class AuthzCassServiceImpl <NSS,PERMS,PERMKEY,ROLES,USERS,USERROLES,DE @Override public Result<PERMS> getPermsByType(AuthzTrans trans, final String permType) { final Validator v = new ServiceValidator(); - if(v.nullOrBlank("PermType", permType).err()) { + if (v.nullOrBlank("PermType", permType).err()) { return Result.err(Status.ERR_BadData,v.errs()); } Result<List<PermDAO.Data>> rlpd = ques.getPermsByType(trans, permType); - if(rlpd.notOK()) { + if (rlpd.notOK()) { return Result.err(rlpd); } // We don't have instance & action for mayUserView... do we want to loop through all returned here as well as in mapper? // Result<NsDAO.Data> r; -// if((r = ques.mayUserViewPerm(trans, trans.user(), permType)).notOK())return Result.err(r); +// if ((r = ques.mayUserViewPerm(trans, trans.user(), permType)).notOK())return Result.err(r); PERMS perms = mapper.newInstance(API.PERMS); - if(!rlpd.isEmpty()) { + if (!rlpd.isEmpty()) { // Note: Mapper will restrict what can be viewed return mapper.perms(trans, rlpd.value, perms, true); } @@ -895,19 +895,19 @@ public class AuthzCassServiceImpl <NSS,PERMS,PERMKEY,ROLES,USERS,USERROLES,DE @Override public Result<PERMS> getPermsByName(AuthzTrans trans, String type, String instance, String action) { final Validator v = new ServiceValidator(); - if(v.nullOrBlank("PermType", type).err() + if (v.nullOrBlank("PermType", type).err() || v.nullOrBlank("PermInstance", instance).err() || v.nullOrBlank("PermAction", action).err()) { return Result.err(Status.ERR_BadData,v.errs()); } Result<List<PermDAO.Data>> rlpd = ques.getPermsByName(trans, type, instance, action); - if(rlpd.notOK()) { + if (rlpd.notOK()) { return Result.err(rlpd); } PERMS perms = mapper.newInstance(API.PERMS); - if(!rlpd.isEmpty()) { + if (!rlpd.isEmpty()) { // Note: Mapper will restrict what can be viewed return mapper.perms(trans, rlpd.value, perms, true); } @@ -926,19 +926,19 @@ public class AuthzCassServiceImpl <NSS,PERMS,PERMKEY,ROLES,USERS,USERROLES,DE @Override public Result<PERMS> getPermsByUser(AuthzTrans trans, String user) { final Validator v = new ServiceValidator(); - if(v.nullOrBlank("User", user).err()) { + if (v.nullOrBlank("User", user).err()) { return Result.err(Status.ERR_BadData,v.errs()); } Result<List<PermDAO.Data>> rlpd = ques.getPermsByUser(trans, user, trans.requested(force)); - if(rlpd.notOK()) { + if (rlpd.notOK()) { return Result.err(rlpd); } PERMS perms = mapper.newInstance(API.PERMS); - if(rlpd.isEmpty()) { + if (rlpd.isEmpty()) { return Result.ok(perms); } // Note: Mapper will restrict what can be viewed @@ -962,18 +962,18 @@ public class AuthzCassServiceImpl <NSS,PERMS,PERMKEY,ROLES,USERS,USERROLES,DE @Override public Result<PERMS> getPermsByUserScope(AuthzTrans trans, String user, String[] scopes) { final Validator v = new ServiceValidator(); - if(v.nullOrBlank("User", user).err()) { + if (v.nullOrBlank("User", user).err()) { return Result.err(Status.ERR_BadData,v.errs()); } Result<List<PermDAO.Data>> rlpd = ques.getPermsByUser(trans, user, trans.requested(force)); - if(rlpd.notOK()) { + if (rlpd.notOK()) { return Result.err(rlpd); } PERMS perms = mapper.newInstance(API.PERMS); - if(rlpd.isEmpty()) { + if (rlpd.isEmpty()) { return Result.ok(perms); } // Note: Mapper will restrict what can be viewed @@ -1014,13 +1014,13 @@ public class AuthzCassServiceImpl <NSS,PERMS,PERMKEY,ROLES,USERS,USERROLES,DE public Result<PERMS> getPermsByUser(AuthzTrans trans, PERMS _perms, String user) { PERMS perms = _perms; final Validator v = new ServiceValidator(); - if(v.nullOrBlank("User", user).err()) { + if (v.nullOrBlank("User", user).err()) { return Result.err(Status.ERR_BadData,v.errs()); } ////////////// Result<List<PermDAO.Data>> rlpd = ques.getPermsByUser(trans, user,trans.requested(force)); - if(rlpd.notOK()) { + if (rlpd.notOK()) { return Result.err(rlpd); } @@ -1029,25 +1029,25 @@ public class AuthzCassServiceImpl <NSS,PERMS,PERMKEY,ROLES,USERS,USERROLES,DE 2) See if User is allowed */ Result<List<PermDAO.Data>> in = mapper.perms(trans, perms); - if(in.isOKhasData()) { + if (in.isOKhasData()) { List<PermDAO.Data> out = rlpd.value; boolean ok; - for(PermDAO.Data pdd : in.value) { + for (PermDAO.Data pdd : in.value) { ok = false; - if("access".equals(pdd.type)) { + if ("access".equals(pdd.type)) { Access access = Access.valueOf(pdd.action); String[] mdkey = Split.splitTrim(':',pdd.instance); - if(mdkey.length>1) { + if (mdkey.length>1) { String type = mdkey[1]; - if("role".equals(type)) { - if(mdkey.length>2) { + if ("role".equals(type)) { + if (mdkey.length>2) { RoleDAO.Data rdd = new RoleDAO.Data(); rdd.ns=pdd.ns; rdd.name=mdkey[2]; ok = ques.mayUser(trans, trans.user(), rdd, Access.read).isOK() && ques.mayUser(trans, user, rdd , access).isOK(); } - } else if("perm".equals(type)) { - if(mdkey.length>4) { // also need instance/action + } else if ("perm".equals(type)) { + if (mdkey.length>4) { // also need instance/action PermDAO.Data p = new PermDAO.Data(); p.ns=pdd.ns; p.type=mdkey[2]; @@ -1055,21 +1055,21 @@ public class AuthzCassServiceImpl <NSS,PERMS,PERMKEY,ROLES,USERS,USERROLES,DE p.action=mdkey[4]; ok = ques.mayUser(trans, trans.user(), p, Access.read).isOK() && ques.mayUser(trans, user, p , access).isOK(); } - } else if("ns".equals(type)) { + } else if ("ns".equals(type)) { NsDAO.Data ndd = new NsDAO.Data(); ndd.name=pdd.ns; ok = ques.mayUser(trans, trans.user(), ndd, Access.read).isOK() && ques.mayUser(trans, user, ndd , access).isOK(); } } } - if(ok) { + if (ok) { out.add(pdd); } } } perms = mapper.newInstance(API.PERMS); - if(rlpd.isEmpty()) { + if (rlpd.isEmpty()) { return Result.ok(perms); } // Note: Mapper will restrict what can be viewed @@ -1090,24 +1090,24 @@ public class AuthzCassServiceImpl <NSS,PERMS,PERMKEY,ROLES,USERS,USERROLES,DE @Override public Result<PERMS> getPermsByRole(AuthzTrans trans,String role) { final Validator v = new ServiceValidator(); - if(v.nullOrBlank("Role", role).err()) { + if (v.nullOrBlank("Role", role).err()) { return Result.err(Status.ERR_BadData,v.errs()); } Result<RoleDAO.Data> rrdd = RoleDAO.Data.decode(trans, ques,role); - if(rrdd.notOK()) { + if (rrdd.notOK()) { return Result.err(rrdd); } Result<NsDAO.Data> r = ques.mayUser(trans, trans.user(), rrdd.value, Access.read); - if(r.notOK()) { + if (r.notOK()) { return Result.err(r); } PERMS perms = mapper.newInstance(API.PERMS); Result<List<PermDAO.Data>> rlpd = ques.getPermsByRole(trans, role, trans.requested(force)); - if(rlpd.isOKhasData()) { + if (rlpd.isOKhasData()) { // Note: Mapper will restrict what can be viewed return mapper.perms(trans, rlpd.value, perms, true); } @@ -1125,27 +1125,27 @@ public class AuthzCassServiceImpl <NSS,PERMS,PERMKEY,ROLES,USERS,USERROLES,DE @Override public Result<PERMS> getPermsByNS(AuthzTrans trans,String ns) { final Validator v = new ServiceValidator(); - if(v.nullOrBlank("NS", ns).err()) { + if (v.nullOrBlank("NS", ns).err()) { return Result.err(Status.ERR_BadData,v.errs()); } Result<NsDAO.Data> rnd = ques.deriveNs(trans, ns); - if(rnd.notOK()) { + if (rnd.notOK()) { return Result.err(rnd); } rnd = ques.mayUser(trans, trans.user(), rnd.value, Access.read); - if(rnd.notOK()) { + if (rnd.notOK()) { return Result.err(rnd); } Result<List<PermDAO.Data>> rlpd = ques.permDAO.readNS(trans, ns); - if(rlpd.notOK()) { + if (rlpd.notOK()) { return Result.err(rlpd); } PERMS perms = mapper.newInstance(API.PERMS); - if(!rlpd.isEmpty()) { + if (!rlpd.isEmpty()) { // Note: Mapper will restrict what can be viewed return mapper.perms(trans, rlpd.value,perms, true); } @@ -1167,7 +1167,7 @@ public class AuthzCassServiceImpl <NSS,PERMS,PERMKEY,ROLES,USERS,USERROLES,DE public Result<Void> renamePerm(final AuthzTrans trans,REQUEST rreq, String origType, String origInstance, String origAction) { final Result<PermDAO.Data> newPd = mapper.perm(trans, rreq); final ServiceValidator v = new ServiceValidator(); - if(v.perm(newPd).err()) { + if (v.perm(newPd).err()) { return Result.err(Status.ERR_BadData,v.errs()); } @@ -1179,7 +1179,7 @@ public class AuthzCassServiceImpl <NSS,PERMS,PERMKEY,ROLES,USERS,USERROLES,DE Result<NsSplit> nss = ques.deriveNsSplit(trans, origType); Result<List<PermDAO.Data>> origRlpd = ques.permDAO.read(trans, nss.value.ns, nss.value.name, origInstance, origAction); - if(origRlpd.notOKorIsEmpty()) { + if (origRlpd.notOKorIsEmpty()) { return Result.err(Status.ERR_PermissionNotFound, "Permission [%s|%s|%s] does not exist", origType,origInstance,origAction); @@ -1229,14 +1229,14 @@ public class AuthzCassServiceImpl <NSS,PERMS,PERMKEY,ROLES,USERS,USERROLES,DE public Result<Void> updatePermDescription(AuthzTrans trans, REQUEST from) { final Result<PermDAO.Data> pd = mapper.perm(trans, from); final ServiceValidator v = new ServiceValidator(); - if(v.perm(pd).err()) { + if (v.perm(pd).err()) { return Result.err(Status.ERR_BadData,v.errs()); } - if(v.nullOrBlank("description", pd.value.description).err()) { + if (v.nullOrBlank("description", pd.value.description).err()) { return Result.err(Status.ERR_BadData,v.errs()); } final PermDAO.Data perm = pd.value; - if(ques.permDAO.read(trans, perm.ns, perm.type, perm.instance,perm.action).notOKorIsEmpty()) { + if (ques.permDAO.read(trans, perm.ns, perm.type, perm.instance,perm.action).notOKorIsEmpty()) { return Result.err(Status.ERR_NotFound, "Permission [%s.%s|%s|%s] does not exist", perm.ns,perm.type,perm.instance,perm.action); } @@ -1247,13 +1247,13 @@ public class AuthzCassServiceImpl <NSS,PERMS,PERMKEY,ROLES,USERS,USERROLES,DE } Result<List<NsDAO.Data>> nsr = ques.nsDAO.read(trans, pd.value.ns); - if(nsr.notOKorIsEmpty()) { + if (nsr.notOKorIsEmpty()) { return Result.err(nsr); } Result<Void> rdr = ques.permDAO.addDescription(trans, perm.ns, perm.type, perm.instance, perm.action, perm.description); - if(rdr.isOK()) { + if (rdr.isOK()) { return Result.ok(); } else { return Result.err(rdr); @@ -1273,12 +1273,12 @@ public class AuthzCassServiceImpl <NSS,PERMS,PERMKEY,ROLES,USERS,USERROLES,DE @Override public Result<Void> resetPermRoles(final AuthzTrans trans, REQUEST rreq) { final Result<PermDAO.Data> updt = mapper.permFromRPRequest(trans, rreq); - if(updt.notOKorIsEmpty()) { + if (updt.notOKorIsEmpty()) { return Result.err(updt); } final ServiceValidator v = new ServiceValidator(); - if(v.perm(updt).err()) { + if (v.perm(updt).err()) { return Result.err(Status.ERR_BadData,v.errs()); } @@ -1294,7 +1294,7 @@ public class AuthzCassServiceImpl <NSS,PERMS,PERMKEY,ROLES,USERS,USERROLES,DE updt.value.instance, updt.value.action); - if(rcurr.notOKorIsEmpty()) { + if (rcurr.notOKorIsEmpty()) { return Result.err(Status.ERR_PermissionNotFound, "Permission [%s.%s|%s|%s] does not exist", updt.value.ns,updt.value.type,updt.value.instance,updt.value.action); @@ -1303,9 +1303,9 @@ public class AuthzCassServiceImpl <NSS,PERMS,PERMKEY,ROLES,USERS,USERROLES,DE // Create a set of Update Roles, which are in Internal Format Set<String> updtRoles = new HashSet<>(); Result<NsSplit> nss; - for(String role : updt.value.roles(false)) { + for (String role : updt.value.roles(false)) { nss = ques.deriveNsSplit(trans, role); - if(nss.isOK()) { + if (nss.isOK()) { updtRoles.add(nss.value.ns + '|' + nss.value.name); } else { trans.error().log(nss.errorString()); @@ -1314,17 +1314,17 @@ public class AuthzCassServiceImpl <NSS,PERMS,PERMKEY,ROLES,USERS,USERROLES,DE Result<Void> rv = null; - for(PermDAO.Data curr : rcurr.value) { + for (PermDAO.Data curr : rcurr.value) { Set<String> currRoles = curr.roles(false); // must add roles to this perm, and add this perm to each role // in the update, but not in the current for (String role : updtRoles) { if (!currRoles.contains(role)) { Result<RoleDAO.Data> key = RoleDAO.Data.decode(trans, ques, role); - if(key.isOKhasData()) { + if (key.isOKhasData()) { Result<List<RoleDAO.Data>> rrd = ques.roleDAO.read(trans, key.value); - if(rrd.isOKhasData()) { - for(RoleDAO.Data r : rrd.value) { + if (rrd.isOKhasData()) { + for (RoleDAO.Data r : rrd.value) { rv = func.addPermToRole(trans, r, curr, false); if (rv.notOK() && rv.status!=Result.ERR_ConflictAlreadyExists) { return Result.err(rv); @@ -1341,10 +1341,10 @@ public class AuthzCassServiceImpl <NSS,PERMS,PERMKEY,ROLES,USERS,USERROLES,DE for (String role : currRoles) { if (!updtRoles.contains(role)) { Result<RoleDAO.Data> key = RoleDAO.Data.decode(trans, ques, role); - if(key.isOKhasData()) { + if (key.isOKhasData()) { Result<List<RoleDAO.Data>> rdd = ques.roleDAO.read(trans, key.value); - if(rdd.isOKhasData()) { - for(RoleDAO.Data r : rdd.value) { + if (rdd.isOKhasData()) { + for (RoleDAO.Data r : rdd.value) { rv = func.delPermFromRole(trans, r, curr, true); if (rv.notOK() && rv.status!=Status.ERR_PermissionNotFound) { return Result.err(rv); @@ -1373,11 +1373,11 @@ public class AuthzCassServiceImpl <NSS,PERMS,PERMKEY,ROLES,USERS,USERROLES,DE @Override public Result<Void> deletePerm(final AuthzTrans trans, REQUEST from) { Result<PermDAO.Data> pd = mapper.perm(trans, from); - if(pd.notOK()) { + if (pd.notOK()) { return Result.err(pd); } final ServiceValidator v = new ServiceValidator(); - if(v.nullOrBlank(pd.value).err()) { + if (v.nullOrBlank(pd.value).err()) { return Result.err(Status.ERR_BadData,v.errs()); } final PermDAO.Data perm = pd.value; @@ -1397,7 +1397,7 @@ public class AuthzCassServiceImpl <NSS,PERMS,PERMKEY,ROLES,USERS,USERROLES,DE private Result<NsDAO.Data> nsd; @Override public Result<?> mayChange() { - if(nsd==null) { + if (nsd==null) { nsd = ques.mayUser(trans, trans.user(), perm, Access.write); } return nsd; @@ -1407,13 +1407,13 @@ public class AuthzCassServiceImpl <NSS,PERMS,PERMKEY,ROLES,USERS,USERROLES,DE switch(fd.status) { case OK: Result<List<NsDAO.Data>> nsr = ques.nsDAO.read(trans, perm.ns); - if(nsr.notOKorIsEmpty()) { + if (nsr.notOKorIsEmpty()) { return Result.err(nsr); } Result<String> rfc = func.createFuture(trans, fd.value, perm.encode(), trans.user(),nsr.value.get(0),FUTURE_OP.D); - if(rfc.isOK()) { + if (rfc.isOK()) { return Result.err(Status.ACC_Future, "Perm Deletion [%s] is saved for future processing",perm.encode()); } else { return Result.err(rfc); @@ -1442,7 +1442,7 @@ public class AuthzCassServiceImpl <NSS,PERMS,PERMKEY,ROLES,USERS,USERROLES,DE @Override public Result<Void> deletePerm(AuthzTrans trans, String type, String instance, String action) { final Validator v = new ServiceValidator(); - if(v.nullOrBlank("Type",type) + if (v.nullOrBlank("Type",type) .nullOrBlank("Instance",instance) .nullOrBlank("Action",action) .err()) { @@ -1450,7 +1450,7 @@ public class AuthzCassServiceImpl <NSS,PERMS,PERMKEY,ROLES,USERS,USERROLES,DE } Result<PermDAO.Data> pd = ques.permFrom(trans, type, instance, action); - if(pd.isOK()) { + if (pd.isOK()) { return func.deletePerm(trans, pd.value, trans.requested(force), false); } else { return Result.err(pd); @@ -1485,11 +1485,11 @@ public class AuthzCassServiceImpl <NSS,PERMS,PERMKEY,ROLES,USERS,USERROLES,DE public Result<Void> createRole(final AuthzTrans trans, REQUEST from) { final Result<RoleDAO.Data> rd = mapper.role(trans, from); final ServiceValidator v = new ServiceValidator(); - if(v.role(rd).err()) { + if (v.role(rd).err()) { return Result.err(Status.ERR_BadData,v.errs()); } final RoleDAO.Data role = rd.value; - if(ques.roleDAO.read(trans, role.ns, role.name).isOKhasData()) { + if (ques.roleDAO.read(trans, role.ns, role.name).isOKhasData()) { return Result.err(Status.ERR_ConflictAlreadyExists, "Role [" + role.fullName() + "] already exists"); } @@ -1506,7 +1506,7 @@ public class AuthzCassServiceImpl <NSS,PERMS,PERMKEY,ROLES,USERS,USERROLES,DE private Result<NsDAO.Data> nsd; @Override public Result<?> mayChange() { - if(nsd==null) { + if (nsd==null) { nsd = ques.mayUser(trans, trans.user(), role, Access.write); } return nsd; @@ -1514,7 +1514,7 @@ public class AuthzCassServiceImpl <NSS,PERMS,PERMKEY,ROLES,USERS,USERROLES,DE }); Result<List<NsDAO.Data>> nsr = ques.nsDAO.read(trans, rd.value.ns); - if(nsr.notOKorIsEmpty()) { + if (nsr.notOKorIsEmpty()) { return Result.err(nsr); } @@ -1522,7 +1522,7 @@ public class AuthzCassServiceImpl <NSS,PERMS,PERMKEY,ROLES,USERS,USERROLES,DE case OK: Result<String> rfc = func.createFuture(trans, fd.value, role.encode(), trans.user(),nsr.value.get(0),FUTURE_OP.C); - if(rfc.isOK()) { + if (rfc.isOK()) { return Result.err(Status.ACC_Future, "Role [%s.%s] is saved for future processing", rd.value.ns, rd.value.name); @@ -1531,7 +1531,7 @@ public class AuthzCassServiceImpl <NSS,PERMS,PERMKEY,ROLES,USERS,USERROLES,DE } case Status.ACC_Now: Result<RoleDAO.Data> rdr = ques.roleDAO.create(trans, role); - if(rdr.isOK()) { + if (rdr.isOK()) { return Result.ok(); } else { return Result.err(rdr); @@ -1557,15 +1557,15 @@ public class AuthzCassServiceImpl <NSS,PERMS,PERMKEY,ROLES,USERS,USERROLES,DE @Override public Result<ROLES> getRolesByName(AuthzTrans trans, String role) { final Validator v = new ServiceValidator(); - if(v.nullOrBlank("Role", role).err()) { + if (v.nullOrBlank("Role", role).err()) { return Result.err(Status.ERR_BadData,v.errs()); } // Determine if User can ask this question Result<RoleDAO.Data> rrdd = RoleDAO.Data.decode(trans, ques, role); - if(rrdd.isOKhasData()) { + if (rrdd.isOKhasData()) { Result<NsDAO.Data> r; - if((r = ques.mayUser(trans, trans.user(), rrdd.value, Access.read)).notOK()) { + if ((r = ques.mayUser(trans, trans.user(), rrdd.value, Access.read)).notOK()) { return Result.err(r); } } else { @@ -1575,7 +1575,7 @@ public class AuthzCassServiceImpl <NSS,PERMS,PERMKEY,ROLES,USERS,USERROLES,DE // Look up data int query = role.indexOf('?'); Result<List<RoleDAO.Data>> rlrd = ques.getRolesByName(trans, query<0?role:role.substring(0, query)); - if(rlrd.isOK()) { + if (rlrd.isOK()) { // Note: Mapper will restrict what can be viewed ROLES roles = mapper.newInstance(API.ROLES); return mapper.roles(trans, rlrd.value, roles, true); @@ -1602,7 +1602,7 @@ public class AuthzCassServiceImpl <NSS,PERMS,PERMKEY,ROLES,USERS,USERROLES,DE @Override public Result<ROLES> getRolesByUser(AuthzTrans trans, String user) { final Validator v = new ServiceValidator(); - if(v.nullOrBlank("User", user).err()) { + if (v.nullOrBlank("User", user).err()) { return Result.err(Status.ERR_BadData,v.errs()); } @@ -1610,12 +1610,12 @@ public class AuthzCassServiceImpl <NSS,PERMS,PERMKEY,ROLES,USERS,USERROLES,DE // Get list of roles per user, then add to Roles as we go Result<List<RoleDAO.Data>> rlrd; Result<List<UserRoleDAO.Data>> rlurd = ques.userRoleDAO.readByUser(trans, user); - if(rlurd.isOKhasData()) { - for(UserRoleDAO.Data urd : rlurd.value ) { + if (rlurd.isOKhasData()) { + for (UserRoleDAO.Data urd : rlurd.value ) { rlrd = ques.roleDAO.read(trans, urd.ns,urd.rname); // Note: Mapper will restrict what can be viewed // if user is the same as that which is looked up, no filtering is required - if(rlrd.isOKhasData()) { + if (rlrd.isOKhasData()) { mapper.roles(trans, rlrd.value,roles, !user.equals(trans.user())); } } @@ -1641,17 +1641,17 @@ public class AuthzCassServiceImpl <NSS,PERMS,PERMKEY,ROLES,USERS,USERROLES,DE @Override public Result<ROLES> getRolesByNS(AuthzTrans trans, String ns) { final Validator v = new ServiceValidator(); - if(v.nullOrBlank("NS", ns).err()) { + if (v.nullOrBlank("NS", ns).err()) { return Result.err(Status.ERR_BadData,v.errs()); } // check if user is allowed to view NS Result<NsDAO.Data> rnsd = ques.deriveNs(trans, ns); - if(rnsd.notOK()) { + if (rnsd.notOK()) { return Result.err(rnsd); } rnsd = ques.mayUser(trans, trans.user(), rnsd.value, Access.read); - if(rnsd.notOK()) { + if (rnsd.notOK()) { return Result.err(rnsd); } @@ -1660,8 +1660,8 @@ public class AuthzCassServiceImpl <NSS,PERMS,PERMKEY,ROLES,USERS,USERROLES,DE ROLES roles = mapper.newInstance(API.ROLES); // Get list of roles per user, then add to Roles as we go Result<List<RoleDAO.Data>> rlrd = ques.roleDAO.readNS(trans, ns); - if(rlrd.isOK()) { - if(!rlrd.isEmpty()) { + if (rlrd.isOK()) { + if (!rlrd.isEmpty()) { // Note: Mapper doesn't need to restrict what can be viewed, because we did it already. mapper.roles(trans,rlrd.value,roles,false); } @@ -1691,7 +1691,7 @@ public class AuthzCassServiceImpl <NSS,PERMS,PERMKEY,ROLES,USERS,USERROLES,DE @Override public Result<ROLES> getRolesByNameOnly(AuthzTrans trans, String name) { final Validator v = new ServiceValidator(); - if(v.nullOrBlank("Name", name).err()) { + if (v.nullOrBlank("Name", name).err()) { return Result.err(Status.ERR_BadData,v.errs()); } @@ -1702,8 +1702,8 @@ public class AuthzCassServiceImpl <NSS,PERMS,PERMKEY,ROLES,USERS,USERROLES,DE ROLES roles = mapper.newInstance(API.ROLES); // Get list of roles per user, then add to Roles as we go Result<List<RoleDAO.Data>> rlrd = ques.roleDAO.readName(trans, name); - if(rlrd.isOK()) { - if(!rlrd.isEmpty()) { + if (rlrd.isOK()) { + if (!rlrd.isEmpty()) { // Note: Mapper will restrict what can be viewed mapper.roles(trans,rlrd.value,roles,true); } @@ -1739,7 +1739,7 @@ public class AuthzCassServiceImpl <NSS,PERMS,PERMKEY,ROLES,USERS,USERROLES,DE @Override public Result<ROLES> getRolesByPerm(AuthzTrans trans, String type, String instance, String action) { final Validator v = new ServiceValidator(); - if(v.permType(type) + if (v.permType(type) .permInstance(instance) .permAction(action) .err()) { @@ -1751,22 +1751,22 @@ public class AuthzCassServiceImpl <NSS,PERMS,PERMKEY,ROLES,USERS,USERROLES,DE ROLES roles = mapper.newInstance(API.ROLES); // Get list of roles per user, then add to Roles as we go Result<NsSplit> nsSplit = ques.deriveNsSplit(trans, type); - if(nsSplit.isOK()) { + if (nsSplit.isOK()) { PermDAO.Data pdd = new PermDAO.Data(nsSplit.value, instance, action); Result<?> res; - if((res=ques.mayUser(trans, trans.user(), pdd, Question.Access.read)).notOK()) { + if ((res=ques.mayUser(trans, trans.user(), pdd, Question.Access.read)).notOK()) { return Result.err(res); } Result<List<PermDAO.Data>> pdlr = ques.permDAO.read(trans, pdd); - if(pdlr.isOK())for(PermDAO.Data pd : pdlr.value) { + if (pdlr.isOK())for (PermDAO.Data pd : pdlr.value) { Result<List<RoleDAO.Data>> rlrd; - for(String r : pd.roles) { + for (String r : pd.roles) { Result<String[]> rs = RoleDAO.Data.decodeToArray(trans, ques, r); - if(rs.isOK()) { + if (rs.isOK()) { rlrd = ques.roleDAO.read(trans, rs.value[0],rs.value[1]); // Note: Mapper will restrict what can be viewed - if(rlrd.isOKhasData()) { + if (rlrd.isOKhasData()) { mapper.roles(trans,rlrd.value,roles,true); } } @@ -1792,15 +1792,15 @@ public class AuthzCassServiceImpl <NSS,PERMS,PERMKEY,ROLES,USERS,USERROLES,DE public Result<Void> updateRoleDescription(AuthzTrans trans, REQUEST from) { final Result<RoleDAO.Data> rd = mapper.role(trans, from); final ServiceValidator v = new ServiceValidator(); - if(v.role(rd).err()) { + if (v.role(rd).err()) { return Result.err(Status.ERR_BadData,v.errs()); } { - if(v.nullOrBlank("description", rd.value.description).err()) { + if (v.nullOrBlank("description", rd.value.description).err()) { return Result.err(Status.ERR_BadData,v.errs()); } } final RoleDAO.Data role = rd.value; - if(ques.roleDAO.read(trans, role.ns, role.name).notOKorIsEmpty()) { + if (ques.roleDAO.read(trans, role.ns, role.name).notOKorIsEmpty()) { return Result.err(Status.ERR_NotFound, "Role [" + role.fullName() + "] does not exist"); } @@ -1809,12 +1809,12 @@ public class AuthzCassServiceImpl <NSS,PERMS,PERMKEY,ROLES,USERS,USERROLES,DE } Result<List<NsDAO.Data>> nsr = ques.nsDAO.read(trans, rd.value.ns); - if(nsr.notOKorIsEmpty()) { + if (nsr.notOKorIsEmpty()) { return Result.err(nsr); } Result<Void> rdr = ques.roleDAO.addDescription(trans, role.ns, role.name, role.description); - if(rdr.isOK()) { + if (rdr.isOK()) { return Result.ok(); } else { return Result.err(rdr); @@ -1846,24 +1846,24 @@ public class AuthzCassServiceImpl <NSS,PERMS,PERMKEY,ROLES,USERS,USERROLES,DE public Result<Void> addPermToRole(final AuthzTrans trans, REQUEST rreq) { // Translate Request into Perm and Role Objects final Result<PermDAO.Data> rpd = mapper.permFromRPRequest(trans, rreq); - if(rpd.notOKorIsEmpty()) { + if (rpd.notOKorIsEmpty()) { return Result.err(rpd); } final Result<RoleDAO.Data> rrd = mapper.roleFromRPRequest(trans, rreq); - if(rrd.notOKorIsEmpty()) { + if (rrd.notOKorIsEmpty()) { return Result.err(rrd); } // Validate Role and Perm values final ServiceValidator v = new ServiceValidator(); - if(v.perm(rpd.value) + if (v.perm(rpd.value) .role(rrd.value) .err()) { return Result.err(Status.ERR_BadData,v.errs()); } Result<List<RoleDAO.Data>> rlrd = ques.roleDAO.read(trans, rrd.value.ns, rrd.value.name); - if(rlrd.notOKorIsEmpty()) { + if (rlrd.notOKorIsEmpty()) { return Result.err(Status.ERR_RoleNotFound, "Role [%s] does not exist", rrd.value.fullName()); } @@ -1871,8 +1871,8 @@ public class AuthzCassServiceImpl <NSS,PERMS,PERMKEY,ROLES,USERS,USERROLES,DE Result<List<PermDAO.Data>> rlpd = ques.permDAO.read(trans, rpd.value.ns, rpd.value.type, rpd.value.instance, rpd.value.action); PermDAO.Data createPerm = null; // if not null, create first - if(rlpd.notOKorIsEmpty()) { // Permission doesn't exist - if(trans.requested(force)) { + if (rlpd.notOKorIsEmpty()) { // Permission doesn't exist + if (trans.requested(force)) { // Remove roles from perm data object so we just create the perm here createPerm = rpd.value; createPerm.roles.clear(); @@ -1903,14 +1903,14 @@ public class AuthzCassServiceImpl <NSS,PERMS,PERMKEY,ROLES,USERS,USERROLES,DE private Result<NsDAO.Data> nsd; @Override public Result<?> mayChange() { - if(nsd==null) { + if (nsd==null) { nsd = ques.mayUser(trans, trans.user(), rpd.value, Access.write); } return nsd; } }); Result<List<NsDAO.Data>> nsr = ques.nsDAO.read(trans, rpd.value.ns); - if(nsr.notOKorIsEmpty()) { + if (nsr.notOKorIsEmpty()) { return Result.err(nsr); } switch(fd.status) { @@ -1920,7 +1920,7 @@ public class AuthzCassServiceImpl <NSS,PERMS,PERMKEY,ROLES,USERS,USERROLES,DE trans.user(), nsr.value.get(0), FUTURE_OP.G); - if(rfc.isOK()) { + if (rfc.isOK()) { return Result.err(Status.ACC_Future, "Perm [%s.%s|%s|%s] is saved for future processing", rpd.value.ns, rpd.value.type, @@ -1931,10 +1931,10 @@ public class AuthzCassServiceImpl <NSS,PERMS,PERMKEY,ROLES,USERS,USERROLES,DE } case Status.ACC_Now: Result<Void> rv = null; - if(createPerm!=null) {// has been validated for creating + if (createPerm!=null) {// has been validated for creating rv = func.createPerm(trans, createPerm, false); } - if(rv==null || rv.isOK()) { + if (rv==null || rv.isOK()) { rv = func.addPermToRole(trans, rrd.value, rpd.value, false); } return rv; @@ -1962,16 +1962,16 @@ public class AuthzCassServiceImpl <NSS,PERMS,PERMKEY,ROLES,USERS,USERROLES,DE @Override public Result<Void> delPermFromRole(final AuthzTrans trans, REQUEST rreq) { final Result<PermDAO.Data> updt = mapper.permFromRPRequest(trans, rreq); - if(updt.notOKorIsEmpty()) { + if (updt.notOKorIsEmpty()) { return Result.err(updt); } final Result<RoleDAO.Data> rrd = mapper.roleFromRPRequest(trans, rreq); - if(rrd.notOKorIsEmpty()) { + if (rrd.notOKorIsEmpty()) { return Result.err(rrd); } final ServiceValidator v = new ServiceValidator(); - if(v.nullOrBlank(updt.value) + if (v.nullOrBlank(updt.value) .nullOrBlank(rrd.value) .err()) { return Result.err(Status.ERR_BadData,v.errs()); @@ -1984,7 +1984,7 @@ public class AuthzCassServiceImpl <NSS,PERMS,PERMKEY,ROLES,USERS,USERROLES,DE Result<List<PermDAO.Data>> rlpd = ques.permDAO.read(trans, pdd.ns, pdd.type, pdd.instance, pdd.action); - if(rlpd.notOKorIsEmpty()) { + if (rlpd.notOKorIsEmpty()) { return Result.err(Status.ERR_PermissionNotFound, "Permission [%s.%s|%s|%s] does not exist", pdd.ns,pdd.type,pdd.instance,pdd.action); @@ -2002,14 +2002,14 @@ public class AuthzCassServiceImpl <NSS,PERMS,PERMKEY,ROLES,USERS,USERROLES,DE private Result<NsDAO.Data> nsd; @Override public Result<?> mayChange() { - if(nsd==null) { + if (nsd==null) { nsd = ques.mayUser(trans, trans.user(), pdd, Access.write); } return nsd; } }); Result<List<NsDAO.Data>> nsr = ques.nsDAO.read(trans, pdd.ns); - if(nsr.notOKorIsEmpty()) { + if (nsr.notOKorIsEmpty()) { return Result.err(nsr); } switch(fd.status) { @@ -2020,7 +2020,7 @@ public class AuthzCassServiceImpl <NSS,PERMS,PERMKEY,ROLES,USERS,USERROLES,DE nsr.value.get(0), FUTURE_OP.UG ); - if(rfc.isOK()) { + if (rfc.isOK()) { return Result.err(Status.ACC_Future, "Perm [%s.%s|%s|%s] is saved for future processing", pdd.ns, pdd.type, @@ -2053,12 +2053,12 @@ public class AuthzCassServiceImpl <NSS,PERMS,PERMKEY,ROLES,USERS,USERROLES,DE @Override public Result<Void> delPermFromRole(AuthzTrans trans, String role, String type, String instance, String action) { Result<Data> rpns = ques.deriveNs(trans, type); - if(rpns.notOKorIsEmpty()) { + if (rpns.notOKorIsEmpty()) { return Result.err(rpns); } final Validator v = new ServiceValidator(); - if(v.role(role) + if (v.role(role) .permType(rpns.value.name,rpns.value.parent) .permInstance(instance) .permAction(action) @@ -2067,17 +2067,17 @@ public class AuthzCassServiceImpl <NSS,PERMS,PERMKEY,ROLES,USERS,USERROLES,DE } Result<Data> rrns = ques.deriveNs(trans, role); - if(rrns.notOKorIsEmpty()) { + if (rrns.notOKorIsEmpty()) { return Result.err(rrns); } final Result<List<RoleDAO.Data>> rrd = ques.roleDAO.read(trans, rrns.value.parent, rrns.value.name); - if(rrd.notOKorIsEmpty()) { + if (rrd.notOKorIsEmpty()) { return Result.err(rrd); } final Result<List<PermDAO.Data>> rpd = ques.permDAO.read(trans, rpns.value.parent, rpns.value.name, instance, action); - if(rpd.notOKorIsEmpty()) { + if (rpd.notOKorIsEmpty()) { return Result.err(rpd); } @@ -2097,9 +2097,9 @@ public class AuthzCassServiceImpl <NSS,PERMS,PERMKEY,ROLES,USERS,USERROLES,DE @Override public Result<Void> deleteRole(AuthzTrans trans, String role) { Result<RoleDAO.Data> rrdd = RoleDAO.Data.decode(trans,ques,role); - if(rrdd.isOKhasData()) { + if (rrdd.isOKhasData()) { final ServiceValidator v = new ServiceValidator(); - if(v.nullOrBlank(rrdd.value).err()) { + if (v.nullOrBlank(rrdd.value).err()) { return Result.err(Status.ERR_BadData,v.errs()); } return func.deleteRole(trans, rrdd.value, false, false); @@ -2125,14 +2125,14 @@ public class AuthzCassServiceImpl <NSS,PERMS,PERMKEY,ROLES,USERS,USERROLES,DE public Result<Void> deleteRole(final AuthzTrans trans, REQUEST from) { final Result<RoleDAO.Data> rd = mapper.role(trans, from); final ServiceValidator v = new ServiceValidator(); - if(rd==null) { + if (rd==null) { return Result.err(Status.ERR_BadData,"Request does not contain Role"); } - if(v.nullOrBlank(rd.value).err()) { + if (v.nullOrBlank(rd.value).err()) { return Result.err(Status.ERR_BadData,v.errs()); } final RoleDAO.Data role = rd.value; - if(ques.roleDAO.read(trans, role).notOKorIsEmpty() && !trans.requested(force)) { + if (ques.roleDAO.read(trans, role).notOKorIsEmpty() && !trans.requested(force)) { return Result.err(Status.ERR_RoleNotFound, "Role [" + role.fullName() + "] does not exist"); } @@ -2148,7 +2148,7 @@ public class AuthzCassServiceImpl <NSS,PERMS,PERMKEY,ROLES,USERS,USERROLES,DE private Result<NsDAO.Data> nsd; @Override public Result<?> mayChange() { - if(nsd==null) { + if (nsd==null) { nsd = ques.mayUser(trans, trans.user(), role, Access.write); } return nsd; @@ -2158,13 +2158,13 @@ public class AuthzCassServiceImpl <NSS,PERMS,PERMKEY,ROLES,USERS,USERROLES,DE switch(fd.status) { case OK: Result<List<NsDAO.Data>> nsr = ques.nsDAO.read(trans, rd.value.ns); - if(nsr.notOKorIsEmpty()) { + if (nsr.notOKorIsEmpty()) { return Result.err(nsr); } Result<String> rfc = func.createFuture(trans, fd.value, role.encode(), trans.user(),nsr.value.get(0),FUTURE_OP.D); - if(rfc.isOK()) { + if (rfc.isOK()) { return Result.err(Status.ACC_Future, "Role Deletion [%s.%s] is saved for future processing", rd.value.ns, rd.value.name); @@ -2196,18 +2196,18 @@ public class AuthzCassServiceImpl <NSS,PERMS,PERMKEY,ROLES,USERS,USERROLES,DE @Override public Result<?> mayChange() { - if(nsd==null) { + if (nsd==null) { nsd = ques.validNSOfDomain(trans, cred.id); } // is Ns of CredID valid? - if(nsd.isOK()) { + if (nsd.isOK()) { try { // Check Org Policy - if(trans.org().validate(trans,Policy.CREATE_MECHID, exec, cred.id)==null) { + if (trans.org().validate(trans,Policy.CREATE_MECHID, exec, cred.id)==null) { return Result.ok(); } else { Result<?> rmc = ques.mayUser(trans, trans.user(), nsd.value, Access.write); - if(rmc.isOKhasData()) { + if (rmc.isOKhasData()) { return rmc; } } @@ -2234,21 +2234,21 @@ public class AuthzCassServiceImpl <NSS,PERMS,PERMKEY,ROLES,USERS,USERROLES,DE @Override public Result<?> mayChange() { // User can change himself (but not create) - if(trans.user().equals(cred.id)) { + if (trans.user().equals(cred.id)) { return Result.ok(); } - if(nsd==null) { + if (nsd==null) { nsd = ques.validNSOfDomain(trans, cred.id); } // Get the Namespace - if(nsd.isOK()) { - if(ques.mayUser(trans, trans.user(), nsd.value,Access.write).isOK()) { + if (nsd.isOK()) { + if (ques.mayUser(trans, trans.user(), nsd.value,Access.write).isOK()) { return Result.ok(); } String user[] = Split.split('.',trans.user()); - if(user.length>2) { + if (user.length>2) { String company = user[user.length-1] + '.' + user[user.length-2]; - if(ques.isGranted(trans, trans.user(), ROOT_NS,"password",company,"reset")) { + if (ques.isGranted(trans, trans.user(), ROOT_NS,"password",company,"reset")) { return Result.ok(); } } @@ -2282,13 +2282,13 @@ public class AuthzCassServiceImpl <NSS,PERMS,PERMKEY,ROLES,USERS,USERROLES,DE try { Result<CredDAO.Data> rcred = mapper.cred(trans, from, true); - if(rcred.isOKhasData()) { + if (rcred.isOKhasData()) { byte[] rawCred = rcred.value.cred.array(); rcred = ques.userCredSetup(trans, rcred.value); final ServiceValidator v = new ServiceValidator(); - if(v.cred(trans, trans.org(),rcred,true).err()) { // Note: Creates have stricter Validations + if (v.cred(trans, trans.org(),rcred,true).err()) { // Note: Creates have stricter Validations return Result.err(Status.ERR_BadData,v.errs()); } @@ -2301,12 +2301,12 @@ public class AuthzCassServiceImpl <NSS,PERMS,PERMKEY,ROLES,USERS,USERROLES,DE } catch (Exception e1) { trans.error().log(e1,rcred.value.id,"cannot be validated at this time"); } - if(mechID==null || !mechID.isFound()) { + if (mechID==null || !mechID.isFound()) { return Result.err(Status.ERR_Policy,"MechIDs must be registered with %s before provisioning in AAF",org.getName()); } Result<List<NsDAO.Data>> nsr = ques.nsDAO.read(trans, rcred.value.ns); - if(nsr.notOKorIsEmpty()) { + if (nsr.notOKorIsEmpty()) { return Result.err(Status.ERR_NsNotFound,"Cannot provision %s on non-existent Namespace %s",mechID.id(),rcred.value.ns); } @@ -2327,9 +2327,9 @@ public class AuthzCassServiceImpl <NSS,PERMS,PERMKEY,ROLES,USERS,USERROLES,DE // password to validate char differences. rb = ques.userCredCheck(trans, curr, rawCred); - if(rb.notOK()) { + if (rb.notOK()) { return Result.err(rb); - } else if(rb.value){ + } else if (rb.value){ return Result.err(Status.ERR_Policy, "Credential content cannot be reused."); } else if (Chrono.dateOnlyStamp(curr.expires).equals(Chrono.dateOnlyStamp(rcred.value.expires)) && curr.type==rcred.value.type) { return Result.err(Status.ERR_ConflictAlreadyExists, "Credential with same Expiration Date exists, use 'reset'"); @@ -2341,15 +2341,15 @@ public class AuthzCassServiceImpl <NSS,PERMS,PERMKEY,ROLES,USERS,USERROLES,DE String theMechID = rcred.value.id; Boolean otherMechIDs = false; // find out if this is the only mechID. other MechIDs mean special handling (not automated) - for(CredDAO.Data cd : ques.credDAO.readNS(trans,nsr.value.get(0).name).value) { - if(!cd.id.equals(theMechID)) { + for (CredDAO.Data cd : ques.credDAO.readNS(trans,nsr.value.get(0).name).value) { + if (!cd.id.equals(theMechID)) { otherMechIDs = true; break; } } String reason; // We can say "ID does not exist" here - if((reason=org.validate(trans, Policy.CREATE_MECHID, exec, theMechID,trans.user(),otherMechIDs.toString()))!=null) { + if ((reason=org.validate(trans, Policy.CREATE_MECHID, exec, theMechID,trans.user(),otherMechIDs.toString()))!=null) { return Result.err(Status.ERR_Denied, reason); } firstID=true; @@ -2378,7 +2378,7 @@ public class AuthzCassServiceImpl <NSS,PERMS,PERMKEY,ROLES,USERS,USERROLES,DE Result<String> rfc = func.createFuture(trans, fd.value, rcred.value.id + '|' + rcred.value.type.toString() + '|' + rcred.value.expires, trans.user(), nsr.value.get(0), FUTURE_OP.C); - if(rfc.isOK()) { + if (rfc.isOK()) { return Result.err(Status.ACC_Future, "Credential Request [%s|%s|%s] is saved for future processing", rcred.value.id, Integer.toString(rcred.value.type), @@ -2388,13 +2388,13 @@ public class AuthzCassServiceImpl <NSS,PERMS,PERMKEY,ROLES,USERS,USERROLES,DE } case Status.ACC_Now: try { - if(firstID) { + if (firstID) { // && !nsr.value.get(0).isAdmin(trans.getUserPrincipal().getName())) { Result<List<String>> admins = func.getAdmins(trans, nsr.value.get(0).name, false); // OK, it's a first ID, and not by NS Admin, so let's set TempPassword length // Note, we only do this on First time, because of possibility of // prematurely expiring a production id - if(admins.isOKhasData() && !admins.value.contains(trans.user())) { + if (admins.isOKhasData() && !admins.value.contains(trans.user())) { rcred.value.expires = org.expiration(null, Expiration.TempPassword).getTime(); } } @@ -2402,7 +2402,7 @@ public class AuthzCassServiceImpl <NSS,PERMS,PERMKEY,ROLES,USERS,USERROLES,DE trans.error().log(e, "While setting expiration to TempPassword"); } Result<?>udr = ques.credDAO.create(trans, rcred.value); - if(udr.isOK()) { + if (udr.isOK()) { return Result.ok(); } return Result.err(udr); @@ -2430,17 +2430,17 @@ public class AuthzCassServiceImpl <NSS,PERMS,PERMKEY,ROLES,USERS,USERROLES,DE @Override public Result<USERS> getCredsByNS(AuthzTrans trans, String ns) { final Validator v = new ServiceValidator(); - if(v.ns(ns).err()) { + if (v.ns(ns).err()) { return Result.err(Status.ERR_BadData,v.errs()); } // check if user is allowed to view NS Result<NsDAO.Data> rnd = ques.deriveNs(trans,ns); - if(rnd.notOK()) { + if (rnd.notOK()) { return Result.err(rnd); } rnd = ques.mayUser(trans, trans.user(), rnd.value, Access.read); - if(rnd.notOK()) { + if (rnd.notOK()) { return Result.err(rnd); } @@ -2449,8 +2449,8 @@ public class AuthzCassServiceImpl <NSS,PERMS,PERMKEY,ROLES,USERS,USERROLES,DE USERS users = mapper.newInstance(API.USERS); Result<List<CredDAO.Data>> rlcd = ques.credDAO.readNS(trans, ns); - if(rlcd.isOK()) { - if(!rlcd.isEmpty()) { + if (rlcd.isOK()) { + if (!rlcd.isEmpty()) { return mapper.cred(rlcd.value, users); } return Result.ok(users); @@ -2476,18 +2476,18 @@ public class AuthzCassServiceImpl <NSS,PERMS,PERMKEY,ROLES,USERS,USERROLES,DE @Override public Result<USERS> getCredsByID(AuthzTrans trans, String id) { final Validator v = new ServiceValidator(); - if(v.nullOrBlank("ID",id).err()) { + if (v.nullOrBlank("ID",id).err()) { return Result.err(Status.ERR_BadData,v.errs()); } String ns = Question.domain2ns(id); // check if user is allowed to view NS Result<NsDAO.Data> rnd = ques.deriveNs(trans,ns); - if(rnd.notOK()) { + if (rnd.notOK()) { return Result.err(rnd); } rnd = ques.mayUser(trans, trans.user(), rnd.value, Access.read); - if(rnd.notOK()) { + if (rnd.notOK()) { return Result.err(rnd); } @@ -2496,8 +2496,8 @@ public class AuthzCassServiceImpl <NSS,PERMS,PERMKEY,ROLES,USERS,USERROLES,DE USERS users = mapper.newInstance(API.USERS); Result<List<CredDAO.Data>> rlcd = ques.credDAO.readID(trans, id); - if(rlcd.isOK()) { - if(!rlcd.isEmpty()) { + if (rlcd.isOK()) { + if (!rlcd.isEmpty()) { return mapper.cred(rlcd.value, users); } return Result.ok(users); @@ -2526,8 +2526,8 @@ public class AuthzCassServiceImpl <NSS,PERMS,PERMKEY,ROLES,USERS,USERROLES,DE CERTS certs = mapper.newInstance(API.CERTS); Result<List<CertDAO.Data>> rlcd = ques.certDAO.readID(trans, id); - if(rlcd.isOK()) { - if(!rlcd.isEmpty()) { + if (rlcd.isOK()) { + if (!rlcd.isEmpty()) { return mapper.cert(rlcd.value, certs); } return Result.ok(certs); @@ -2557,16 +2557,16 @@ public class AuthzCassServiceImpl <NSS,PERMS,PERMKEY,ROLES,USERS,USERROLES,DE TimeTaken tt = trans.start(cmdDescription, Env.SUB); try { Result<CredDAO.Data> rcred = mapper.cred(trans, from, true); - if(rcred.isOKhasData()) { + if (rcred.isOKhasData()) { rcred = ques.userCredSetup(trans, rcred.value); final ServiceValidator v = new ServiceValidator(); - if(v.cred(trans, trans.org(),rcred,false).err()) {// Note: Creates have stricter Validations + if (v.cred(trans, trans.org(),rcred,false).err()) {// Note: Creates have stricter Validations return Result.err(Status.ERR_BadData,v.errs()); } Result<List<CredDAO.Data>> rlcd = ques.credDAO.readID(trans, rcred.value.id); - if(rlcd.notOKorIsEmpty()) { + if (rlcd.notOKorIsEmpty()) { return Result.err(Status.ERR_UserNotFound, "Credential does not exist"); } @@ -2577,7 +2577,7 @@ public class AuthzCassServiceImpl <NSS,PERMS,PERMKEY,ROLES,USERS,USERROLES,DE } Result<Integer> ri = selectEntryIfMultiple((CredRequest)from, rlcd.value); - if(ri.notOK()) { + if (ri.notOK()) { return Result.err(ri); } int entry = ri.value; @@ -2598,7 +2598,7 @@ public class AuthzCassServiceImpl <NSS,PERMS,PERMKEY,ROLES,USERS,USERROLES,DE mc); Result<List<NsDAO.Data>> nsr = ques.nsDAO.read(trans, rcred.value.ns); - if(nsr.notOKorIsEmpty()) { + if (nsr.notOKorIsEmpty()) { return Result.err(nsr); } @@ -2607,7 +2607,7 @@ public class AuthzCassServiceImpl <NSS,PERMS,PERMKEY,ROLES,USERS,USERROLES,DE Result<String> rfc = func.createFuture(trans, fd.value, rcred.value.id + '|' + rcred.value.type.toString() + '|' + rcred.value.expires, trans.user(), nsr.value.get(0), FUTURE_OP.U); - if(rfc.isOK()) { + if (rfc.isOK()) { return Result.err(Status.ACC_Future, "Credential Request [%s|%s|%s]", rcred.value.id, Integer.toString(rcred.value.type), @@ -2620,7 +2620,7 @@ public class AuthzCassServiceImpl <NSS,PERMS,PERMKEY,ROLES,USERS,USERROLES,DE // If we are Resetting Password on behalf of someone else (am not the Admin) // use TempPassword Expiration time. Expiration exp; - if(ques.isAdmin(trans, trans.user(), nsr.value.get(0).name)) { + if (ques.isAdmin(trans, trans.user(), nsr.value.get(0).name)) { exp = Expiration.Password; } else { exp = Expiration.TempPassword; @@ -2642,7 +2642,7 @@ public class AuthzCassServiceImpl <NSS,PERMS,PERMKEY,ROLES,USERS,USERROLES,DE rcred.value.notes=current.notes; udr = ques.credDAO.create(trans, rcred.value); - if(udr.isOK()) { + if (udr.isOK()) { udr = ques.credDAO.delete(trans, rlcd.value.get(entry),false); } if (udr.isOK()) { @@ -2701,7 +2701,7 @@ public class AuthzCassServiceImpl <NSS,PERMS,PERMKEY,ROLES,USERS,USERROLES,DE Result<CredDAO.Data> cred = mapper.cred(trans, from, false); Organization org = trans.org(); final ServiceValidator v = new ServiceValidator(); - if(v.notOK(cred).err() || + if (v.notOK(cred).err() || v.nullOrBlank(cred.value.id, "Invalid ID").err() || v.user(org,cred.value.id).err()) { return Result.err(Status.ERR_BadData,v.errs()); @@ -2720,13 +2720,13 @@ public class AuthzCassServiceImpl <NSS,PERMS,PERMKEY,ROLES,USERS,USERROLES,DE // Get the list of Cred Entries Result<List<CredDAO.Data>> rlcd = ques.credDAO.readID(trans, cred.value.id); - if(rlcd.notOKorIsEmpty()) { + if (rlcd.notOKorIsEmpty()) { return Result.err(Status.ERR_UserNotFound, "Credential does not exist"); } //Need to do the "Pick Entry" mechanism Result<Integer> ri = selectEntryIfMultiple((CredRequest)from, rlcd.value); - if(ri.notOK()) { + if (ri.notOK()) { return Result.err(ri); } @@ -2742,7 +2742,7 @@ public class AuthzCassServiceImpl <NSS,PERMS,PERMKEY,ROLES,USERS,USERROLES,DE cd.expires = org.expiration(null, Expiration.ExtendPassword,days).getTime(); cred = ques.credDAO.create(trans, cd); - if(cred.isOK()) { + if (cred.isOK()) { return Result.ok(); } return Result.err(cred); @@ -2779,7 +2779,7 @@ public class AuthzCassServiceImpl <NSS,PERMS,PERMKEY,ROLES,USERS,USERROLES,DE errMessage.append(' '); } errMessage.append(" Type Expires" + '\n'); - for(int i=0;i<value.size();++i) { + for (int i=0;i<value.size();++i) { errMessage.append(" %s\n"); } errMessage.append("Run same command again with chosen entry as last parameter"); @@ -2803,16 +2803,16 @@ public class AuthzCassServiceImpl <NSS,PERMS,PERMKEY,ROLES,USERS,USERROLES,DE public Result<Void> deleteUserCred(AuthzTrans trans, REQUEST from) { final Result<CredDAO.Data> cred = mapper.cred(trans, from, false); final Validator v = new ServiceValidator(); - if(v.nullOrBlank("cred", cred.value.id).err()) { + if (v.nullOrBlank("cred", cred.value.id).err()) { return Result.err(Status.ERR_BadData,v.errs()); } Result<List<CredDAO.Data>> rlcd = ques.credDAO.readID(trans, cred.value.id); - if(rlcd.notOKorIsEmpty()) { + if (rlcd.notOKorIsEmpty()) { // Empty Creds should have no user_roles. Result<List<UserRoleDAO.Data>> rlurd = ques.userRoleDAO.readByUser(trans, cred.value.id); - if(rlurd.isOK()) { - for(UserRoleDAO.Data data : rlurd.value) { + if (rlurd.isOK()) { + for (UserRoleDAO.Data data : rlurd.value) { ques.userRoleDAO.delete(trans, data, false); } } @@ -2827,7 +2827,7 @@ public class AuthzCassServiceImpl <NSS,PERMS,PERMKEY,ROLES,USERS,USERROLES,DE } int entry = 0; - if(!trans.requested(force)) { + if (!trans.requested(force)) { if (rlcd.value.size() > 1) { CredRequest cr = (CredRequest)from; String inputOption = cr.getEntry(); @@ -2837,11 +2837,11 @@ public class AuthzCassServiceImpl <NSS,PERMS,PERMKEY,ROLES,USERS,USERROLES,DE return Result.err(Status.ERR_ChoiceNeeded, message, variables); } else { try { - if(inputOption.length()>5) { // should be a date + if (inputOption.length()>5) { // should be a date Date d = Chrono.xmlDatatypeFactory.newXMLGregorianCalendar(inputOption).toGregorianCalendar().getTime(); entry = 0; - for(CredDAO.Data cd : rlcd.value) { - if(cd.type.equals(cr.getType()) && cd.expires.equals(d)) { + for (CredDAO.Data cd : rlcd.value) { + if (cd.type.equals(cr.getType()) && cd.expires.equals(d)) { break; } ++entry; @@ -2849,9 +2849,9 @@ public class AuthzCassServiceImpl <NSS,PERMS,PERMKEY,ROLES,USERS,USERROLES,DE } else { entry = Integer.parseInt(inputOption) - 1; } - } catch(NullPointerException e) { + } catch (NullPointerException e) { return Result.err(Status.ERR_BadData, "Invalid Date Format for Entry"); - } catch(NumberFormatException e) { + } catch (NumberFormatException e) { return Result.err(Status.ERR_BadData, "User chose invalid credential selection"); } } @@ -2876,7 +2876,7 @@ public class AuthzCassServiceImpl <NSS,PERMS,PERMKEY,ROLES,USERS,USERROLES,DE mc); Result<List<NsDAO.Data>> nsr = ques.nsDAO.read(trans, cred.value.ns); - if(nsr.notOKorIsEmpty()) { + if (nsr.notOKorIsEmpty()) { return Result.err(nsr); } @@ -2885,7 +2885,7 @@ public class AuthzCassServiceImpl <NSS,PERMS,PERMKEY,ROLES,USERS,USERROLES,DE Result<String> rfc = func.createFuture(trans, fd.value, cred.value.id, trans.user(), nsr.value.get(0), FUTURE_OP.D); - if(rfc.isOK()) { + if (rfc.isOK()) { return Result.err(Status.ACC_Future, "Credential Delete [%s] is saved for future processing",cred.value.id); } else { return Result.err(rfc); @@ -2893,7 +2893,7 @@ public class AuthzCassServiceImpl <NSS,PERMS,PERMKEY,ROLES,USERS,USERROLES,DE case Status.ACC_Now: Result<?>udr = null; if (!trans.requested(force)) { - if(entry<0 || entry >= rlcd.value.size()) { + if (entry<0 || entry >= rlcd.value.size()) { return Result.err(Status.ERR_BadData,"Invalid Choice [" + entry + "] chosen for Delete [%s] is saved for future processing",cred.value.id); } udr = ques.credDAO.delete(trans, rlcd.value.get(entry),false); @@ -2905,15 +2905,15 @@ public class AuthzCassServiceImpl <NSS,PERMS,PERMKEY,ROLES,USERS,USERROLES,DE } } } - if(isLastCred) { + if (isLastCred) { Result<List<UserRoleDAO.Data>> rlurd = ques.userRoleDAO.readByUser(trans, cred.value.id); - if(rlurd.isOK()) { - for(UserRoleDAO.Data data : rlurd.value) { + if (rlurd.isOK()) { + for (UserRoleDAO.Data data : rlurd.value) { ques.userRoleDAO.delete(trans, data, false); } } } - if(udr==null) { + if (udr==null) { return Result.err(Result.ERR_NotFound,"No User Data found"); } if (udr.isOK()) { @@ -2933,11 +2933,11 @@ public class AuthzCassServiceImpl <NSS,PERMS,PERMKEY,ROLES,USERS,USERROLES,DE try { // Note: Mapper assigns RAW type Result<CredDAO.Data> data = mapper.cred(trans, credReq,false); - if(data.notOKorIsEmpty()) { + if (data.notOKorIsEmpty()) { return Result.err(data); } CredDAO.Data cred = data.value; // of the Mapped Cred - if(cred.cred==null) { + if (cred.cred==null) { return Result.err(Result.ERR_BadData,"No Password"); } else { return ques.doesUserCredMatch(trans, cred.id, cred.cred.array()); @@ -2984,7 +2984,7 @@ public class AuthzCassServiceImpl <NSS,PERMS,PERMKEY,ROLES,USERS,USERROLES,DE BasicPrincipal bp = new BasicPrincipal(basicAuth,trans.org().getRealm()); Result<Date> rq = ques.doesUserCredMatch(trans, bp.getName(), bp.getCred()); // Note: Only want to log problem, don't want to send back to end user - if(rq.isOK()) { + if (rq.isOK()) { return rq; } else { trans.audit().log(rq.errorString()); @@ -3018,13 +3018,13 @@ public class AuthzCassServiceImpl <NSS,PERMS,PERMKEY,ROLES,USERS,USERROLES,DE TimeTaken tt = trans.start("Create UserRole", Env.SUB); try { Result<UserRoleDAO.Data> urr = mapper.userRole(trans, from); - if(urr.notOKorIsEmpty()) { + if (urr.notOKorIsEmpty()) { return Result.err(urr); } final UserRoleDAO.Data userRole = urr.value; final ServiceValidator v = new ServiceValidator(); - if(v.user_role(userRole).err() || + if (v.user_role(userRole).err() || v.user(trans.org(), userRole.user).err()) { return Result.err(Status.ERR_BadData,v.errs()); } @@ -3045,7 +3045,7 @@ public class AuthzCassServiceImpl <NSS,PERMS,PERMKEY,ROLES,USERS,USERROLES,DE private Result<NsDAO.Data> nsd; @Override public Result<?> mayChange() { - if(nsd==null) { + if (nsd==null) { RoleDAO.Data r = RoleDAO.Data.decode(userRole); nsd = ques.mayUser(trans, trans.user(), r, Access.write); } @@ -3053,7 +3053,7 @@ public class AuthzCassServiceImpl <NSS,PERMS,PERMKEY,ROLES,USERS,USERROLES,DE } }); Result<NsDAO.Data> nsr = ques.deriveNs(trans, userRole.role); - if(nsr.notOKorIsEmpty()) { + if (nsr.notOKorIsEmpty()) { return Result.err(nsr); } @@ -3061,7 +3061,7 @@ public class AuthzCassServiceImpl <NSS,PERMS,PERMKEY,ROLES,USERS,USERROLES,DE case OK: Result<String> rfc = func.createFuture(trans, fd.value, userRole.user+'|'+userRole.ns + '.' + userRole.rname, userRole.user, nsr.value, FUTURE_OP.C); - if(rfc.isOK()) { + if (rfc.isOK()) { return Result.err(Status.ACC_Future, "UserRole [%s - %s.%s] is saved for future processing", userRole.user, userRole.ns, @@ -3094,13 +3094,13 @@ public class AuthzCassServiceImpl <NSS,PERMS,PERMKEY,ROLES,USERS,USERROLES,DE @Override public Result<USERROLES> getUserRolesByRole(AuthzTrans trans, String role) { final Validator v = new ServiceValidator(); - if(v.nullOrBlank("Role",role).err()) { + if (v.nullOrBlank("Role",role).err()) { return Result.err(Status.ERR_BadData,v.errs()); } Result<RoleDAO.Data> rrdd; rrdd = RoleDAO.Data.decode(trans,ques,role); - if(rrdd.notOK()) { + if (rrdd.notOK()) { return Result.err(rrdd); } // May Requester see result? @@ -3116,8 +3116,8 @@ public class AuthzCassServiceImpl <NSS,PERMS,PERMKEY,ROLES,USERS,USERROLES,DE // Get list of roles per user, then add to Roles as we go HashSet<UserRoleDAO.Data> userSet = new HashSet<>(); Result<List<UserRoleDAO.Data>> rlurd = ques.userRoleDAO.readByRole(trans, role); - if(rlurd.isOK()) { - for(UserRoleDAO.Data data : rlurd.value) { + if (rlurd.isOK()) { + for (UserRoleDAO.Data data : rlurd.value) { userSet.add(data); } } @@ -3143,13 +3143,13 @@ public class AuthzCassServiceImpl <NSS,PERMS,PERMKEY,ROLES,USERS,USERROLES,DE @Override public Result<USERROLES> getUserRolesByUser(AuthzTrans trans, String user) { final Validator v = new ServiceValidator(); - if(v.nullOrBlank("User",user).err()) { + if (v.nullOrBlank("User",user).err()) { return Result.err(Status.ERR_BadData,v.errs()); } // Get list of roles per user, then add to Roles as we go Result<List<UserRoleDAO.Data>> rlurd = ques.userRoleDAO.readByUser(trans, user); - if(rlurd.notOK()) { + if (rlurd.notOK()) { return Result.err(rlurd); } @@ -3164,16 +3164,16 @@ public class AuthzCassServiceImpl <NSS,PERMS,PERMKEY,ROLES,USERS,USERROLES,DE String callingUser = trans.getUserPrincipal().getName(); NsDAO.Data ndd = new NsDAO.Data(); - if(user.equals(callingUser)) { + if (user.equals(callingUser)) { mustFilter = false; } else { Organization org = trans.org(); try { Identity orgID = org.getIdentity(trans, user); Identity manager = orgID==null?null:orgID.responsibleTo(); - if(orgID!=null && (manager!=null && callingUser.equals(manager.fullID()))) { + if (orgID!=null && (manager!=null && callingUser.equals(manager.fullID()))) { mustFilter = false; - } else if(ques.isGranted(trans, callingUser, ROOT_NS, Question.ACCESS, "*", Access.read.name())) { + } else if (ques.isGranted(trans, callingUser, ROOT_NS, Question.ACCESS, "*", Access.read.name())) { mustFilter=false; } else { mustFilter = true; @@ -3185,13 +3185,13 @@ public class AuthzCassServiceImpl <NSS,PERMS,PERMKEY,ROLES,USERS,USERROLES,DE } List<UserRoleDAO.Data> content; - if(mustFilter) { + if (mustFilter) { content = new ArrayList<>(rlurd.value.size()); // avoid multi-memory redos - for(UserRoleDAO.Data data : rlurd.value) { + for (UserRoleDAO.Data data : rlurd.value) { ndd.name=data.ns; Result<Data> mur = ques.mayUser(trans, callingUser, ndd, Access.read); - if(mur.isOK()){ + if (mur.isOK()){ content.add(data); } } @@ -3224,7 +3224,7 @@ public class AuthzCassServiceImpl <NSS,PERMS,PERMKEY,ROLES,USERS,USERROLES,DE public Result<Void> resetRolesForUser(AuthzTrans trans, REQUEST rreq) { Result<UserRoleDAO.Data> rurdd = mapper.userRole(trans, rreq); final ServiceValidator v = new ServiceValidator(); - if(rurdd.notOKorIsEmpty()) { + if (rurdd.notOKorIsEmpty()) { return Result.err(rurdd); } if (v.user(trans.org(), rurdd.value.user).err()) { @@ -3233,15 +3233,15 @@ public class AuthzCassServiceImpl <NSS,PERMS,PERMKEY,ROLES,USERS,USERROLES,DE Set<String> currRoles = new HashSet<>(); Result<List<UserRoleDAO.Data>> rlurd = ques.userRoleDAO.readByUser(trans, rurdd.value.user); - if(rlurd.isOK()) { - for(UserRoleDAO.Data data : rlurd.value) { + if (rlurd.isOK()) { + for (UserRoleDAO.Data data : rlurd.value) { currRoles.add(data.role); } } Result<Void> rv = null; String[] roles; - if(rurdd.value.role==null) { + if (rurdd.value.role==null) { roles = new String[0]; } else { roles = rurdd.value.role.split(","); @@ -3252,7 +3252,7 @@ public class AuthzCassServiceImpl <NSS,PERMS,PERMKEY,ROLES,USERS,USERROLES,DE return Result.err(Status.ERR_BadData,v.errs()); } Result<RoleDAO.Data> rrdd = RoleDAO.Data.decode(trans, ques, role); - if(rrdd.notOK()) { + if (rrdd.notOK()) { return Result.err(rrdd); } @@ -3263,11 +3263,11 @@ public class AuthzCassServiceImpl <NSS,PERMS,PERMKEY,ROLES,USERS,USERROLES,DE return Result.err(nsd); } Result<NsDAO.Data> nsr = ques.deriveNs(trans, role); - if(nsr.notOKorIsEmpty()) { + if (nsr.notOKorIsEmpty()) { return Result.err(nsr); } - if(currRoles.contains(role)) { + if (currRoles.contains(role)) { currRoles.remove(role); } else { rv = func.addUserRole(trans, rurdd.value); @@ -3280,7 +3280,7 @@ public class AuthzCassServiceImpl <NSS,PERMS,PERMKEY,ROLES,USERS,USERROLES,DE for (String role : currRoles) { rurdd.value.role(trans,ques,role); rv = ques.userRoleDAO.delete(trans, rurdd.value, false); - if(rv.notOK()) { + if (rv.notOK()) { trans.info().log(rurdd.value.user,"/",rurdd.value.role, "expected to be deleted, but does not exist"); // return rv; // if it doesn't exist, don't error out } @@ -3305,7 +3305,7 @@ public class AuthzCassServiceImpl <NSS,PERMS,PERMKEY,ROLES,USERS,USERROLES,DE @Override public Result<Void> resetUsersForRole(AuthzTrans trans, REQUEST rreq) { Result<UserRoleDAO.Data> rurdd = mapper.userRole(trans, rreq); - if(rurdd.notOKorIsEmpty()) { + if (rurdd.notOKorIsEmpty()) { return Result.err(rurdd); } final ServiceValidator v = new ServiceValidator(); @@ -3321,14 +3321,14 @@ public class AuthzCassServiceImpl <NSS,PERMS,PERMKEY,ROLES,USERS,USERROLES,DE } Result<NsDAO.Data> nsr = ques.deriveNs(trans, rurdd.value.role); - if(nsr.notOKorIsEmpty()) { + if (nsr.notOKorIsEmpty()) { return Result.err(nsr); } Set<String> currUsers = new HashSet<>(); Result<List<UserRoleDAO.Data>> rlurd = ques.userRoleDAO.readByRole(trans, rurdd.value.role); - if(rlurd.isOK()) { - for(UserRoleDAO.Data data : rlurd.value) { + if (rlurd.isOK()) { + for (UserRoleDAO.Data data : rlurd.value) { currUsers.add(data.user); } } @@ -3352,7 +3352,7 @@ public class AuthzCassServiceImpl <NSS,PERMS,PERMKEY,ROLES,USERS,USERROLES,DE } rurdd.value.user = user; - if(currUsers.contains(user)) { + if (currUsers.contains(user)) { currUsers.remove(user); } else { rv = func.addUserRole(trans, rurdd.value); @@ -3365,7 +3365,7 @@ public class AuthzCassServiceImpl <NSS,PERMS,PERMKEY,ROLES,USERS,USERROLES,DE for (String user : currUsers) { rurdd.value.user = user; rv = ques.userRoleDAO.delete(trans, rurdd.value, false); - if(rv.notOK()) { + if (rv.notOK()) { trans.info().log(rurdd.value, "expected to be deleted, but not exists"); return rv; } @@ -3390,29 +3390,29 @@ public class AuthzCassServiceImpl <NSS,PERMS,PERMKEY,ROLES,USERS,USERROLES,DE public Result<Void> extendUserRole(AuthzTrans trans, String user, String role) { Organization org = trans.org(); final ServiceValidator v = new ServiceValidator(); - if(v.user(org, user) + if (v.user(org, user) .role(role) .err()) { return Result.err(Status.ERR_BadData,v.errs()); } Result<RoleDAO.Data> rrdd = RoleDAO.Data.decode(trans,ques,role); - if(rrdd.notOK()) { + if (rrdd.notOK()) { return Result.err(rrdd); } Result<NsDAO.Data> rcr = ques.mayUser(trans, trans.user(), rrdd.value, Access.write); boolean mayNotChange; - if((mayNotChange = rcr.notOK()) && !trans.requested(future)) { + if ((mayNotChange = rcr.notOK()) && !trans.requested(future)) { return Result.err(rcr); } Result<List<UserRoleDAO.Data>> rr = ques.userRoleDAO.read(trans, user,role); - if(rr.notOK()) { + if (rr.notOK()) { return Result.err(rr); } - for(UserRoleDAO.Data userRole : rr.value) { - if(mayNotChange) { // Function exited earlier if !trans.futureRequested + for (UserRoleDAO.Data userRole : rr.value) { + if (mayNotChange) { // Function exited earlier if !trans.futureRequested FutureDAO.Data fto = new FutureDAO.Data(); fto.target=UserRoleDAO.TABLE; fto.memo = "Extend User ["+userRole.user+"] in Role ["+userRole.role+"]"; @@ -3428,7 +3428,7 @@ public class AuthzCassServiceImpl <NSS,PERMS,PERMKEY,ROLES,USERS,USERROLES,DE Result<String> rfc = func.createFuture(trans, fto, userRole.user+'|'+userRole.role, userRole.user, rcr.value, FUTURE_OP.U); - if(rfc.isOK()) { + if (rfc.isOK()) { return Result.err(Status.ACC_Future, "UserRole [%s - %s] is saved for future processing", userRole.user, userRole.role); @@ -3456,14 +3456,14 @@ public class AuthzCassServiceImpl <NSS,PERMS,PERMKEY,ROLES,USERS,USERROLES,DE @Override public Result<Void> deleteUserRole(AuthzTrans trans, String usr, String role) { Validator val = new ServiceValidator(); - if(val.nullOrBlank("User", usr) + if (val.nullOrBlank("User", usr) .nullOrBlank("Role", role).err()) { return Result.err(Status.ERR_BadData, val.errs()); } boolean mayNotChange; Result<RoleDAO.Data> rrdd = RoleDAO.Data.decode(trans,ques,role); - if(rrdd.notOK()) { + if (rrdd.notOK()) { return Result.err(rrdd); } @@ -3471,24 +3471,24 @@ public class AuthzCassServiceImpl <NSS,PERMS,PERMKEY,ROLES,USERS,USERROLES,DE Result<NsDAO.Data> rns = ques.mayUser(trans, trans.user(), rdd, Access.write); // Make sure we don't delete the last owner of valid NS - if(rns.isOKhasData() && Question.OWNER.equals(rdd.name) && ques.countOwner(trans,rdd.ns)<=1) { + if (rns.isOKhasData() && Question.OWNER.equals(rdd.name) && ques.countOwner(trans,rdd.ns)<=1) { return Result.err(Status.ERR_Denied,"You may not delete the last Owner of " + rdd.ns ); } - if(mayNotChange=rns.notOK()) { - if(!trans.requested(future)) { + if (mayNotChange=rns.notOK()) { + if (!trans.requested(future)) { return Result.err(rns); } } Result<List<UserRoleDAO.Data>> rulr; - if((rulr=ques.userRoleDAO.read(trans, usr, role)).notOKorIsEmpty()) { + if ((rulr=ques.userRoleDAO.read(trans, usr, role)).notOKorIsEmpty()) { return Result.err(Status.ERR_UserRoleNotFound, "User [ "+usr+" ] is not " + "Assigned to the Role [ " + role + " ]"); } UserRoleDAO.Data userRole = rulr.value.get(0); - if(mayNotChange) { // Function exited earlier if !trans.futureRequested + if (mayNotChange) { // Function exited earlier if !trans.futureRequested FutureDAO.Data fto = new FutureDAO.Data(); fto.target=UserRoleDAO.TABLE; fto.memo = "Remove User ["+userRole.user+"] from Role ["+userRole.role+"]"; @@ -3498,7 +3498,7 @@ public class AuthzCassServiceImpl <NSS,PERMS,PERMKEY,ROLES,USERS,USERROLES,DE Result<String> rfc = func.createFuture(trans, fto, userRole.user+'|'+userRole.role, userRole.user, rns.value, FUTURE_OP.D); - if(rfc.isOK()) { + if (rfc.isOK()) { return Result.err(Status.ACC_Future, "UserRole [%s - %s] is saved for future processing", userRole.user, userRole.role); @@ -3523,7 +3523,7 @@ public class AuthzCassServiceImpl <NSS,PERMS,PERMKEY,ROLES,USERS,USERROLES,DE @Override public Result<USERS> getUserInRole(AuthzTrans trans, String user, String role) { final Validator v = new ServiceValidator(); - if(v.role(role).nullOrBlank("User", user).err()) { + if (v.role(role).nullOrBlank("User", user).err()) { return Result.err(Status.ERR_BadData,v.errs()); } @@ -3533,18 +3533,18 @@ public class AuthzCassServiceImpl <NSS,PERMS,PERMKEY,ROLES,USERS,USERROLES,DE // Result<NsDAO.Data> rnd = ques.mayUser(trans, trans.user(), ns.value, Access.write); // May calling user see by virtue of the Role Result<RoleDAO.Data> rrdd = RoleDAO.Data.decode(trans, ques, role); - if(rrdd.notOK()) { + if (rrdd.notOK()) { return Result.err(rrdd); } Result<NsDAO.Data> rnd = ques.mayUser(trans, trans.user(), rrdd.value,Access.read); - if(rnd.notOK()) { + if (rnd.notOK()) { return Result.err(rnd); } HashSet<UserRoleDAO.Data> userSet = new HashSet<>(); Result<List<UserRoleDAO.Data>> rlurd = ques.userRoleDAO.readUserInRole(trans, user, role); - if(rlurd.isOK()) { - for(UserRoleDAO.Data data : rlurd.value) { + if (rlurd.isOK()) { + for (UserRoleDAO.Data data : rlurd.value) { userSet.add(data); } } @@ -3568,7 +3568,7 @@ public class AuthzCassServiceImpl <NSS,PERMS,PERMKEY,ROLES,USERS,USERROLES,DE @Override public Result<USERS> getUsersByRole(AuthzTrans trans, String role) { final Validator v = new ServiceValidator(); - if(v.nullOrBlank("Role",role).err()) { + if (v.nullOrBlank("Role",role).err()) { return Result.err(Status.ERR_BadData,v.errs()); } @@ -3578,15 +3578,15 @@ public class AuthzCassServiceImpl <NSS,PERMS,PERMKEY,ROLES,USERS,USERROLES,DE // Result<NsDAO.Data> rnd = ques.mayUser(trans, trans.user(), ns.value, Access.write); // May calling user see by virtue of the Role Result<RoleDAO.Data> rrdd = RoleDAO.Data.decode(trans, ques, role); - if(rrdd.notOK()) { + if (rrdd.notOK()) { return Result.err(rrdd); } boolean contactOnly = false; // Allow the request of any valid user to find the contact of the NS (Owner) Result<NsDAO.Data> rnd = ques.mayUser(trans, trans.user(), rrdd.value,Access.read); - if(rnd.notOK()) { - if(Question.OWNER.equals(rrdd.value.name)) { + if (rnd.notOK()) { + if (Question.OWNER.equals(rrdd.value.name)) { contactOnly = true; } else { return Result.err(rnd); @@ -3595,9 +3595,9 @@ public class AuthzCassServiceImpl <NSS,PERMS,PERMKEY,ROLES,USERS,USERROLES,DE HashSet<UserRoleDAO.Data> userSet = new HashSet<>(); Result<List<UserRoleDAO.Data>> rlurd = ques.userRoleDAO.readByRole(trans, role); - if(rlurd.isOK()) { - for(UserRoleDAO.Data data : rlurd.value) { - if(contactOnly) { //scrub data + if (rlurd.isOK()) { + for (UserRoleDAO.Data data : rlurd.value) { + if (contactOnly) { //scrub data // Can't change actual object, or will mess up the cache. UserRoleDAO.Data scrub = new UserRoleDAO.Data(); scrub.ns = data.ns; @@ -3635,7 +3635,7 @@ public class AuthzCassServiceImpl <NSS,PERMS,PERMKEY,ROLES,USERS,USERROLES,DE @Override public Result<USERS> getUsersByPermission(AuthzTrans trans, String type, String instance, String action) { final Validator v = new ServiceValidator(); - if(v.nullOrBlank("Type",type) + if (v.nullOrBlank("Type",type) .nullOrBlank("Instance",instance) .nullOrBlank("Action",action) .err()) { @@ -3643,7 +3643,7 @@ public class AuthzCassServiceImpl <NSS,PERMS,PERMKEY,ROLES,USERS,USERROLES,DE } Result<NsSplit> nss = ques.deriveNsSplit(trans, type); - if(nss.notOK()) { + if (nss.notOK()) { return Result.err(nss); } @@ -3660,19 +3660,19 @@ public class AuthzCassServiceImpl <NSS,PERMS,PERMKEY,ROLES,USERS,USERROLES,DE Set<String> roleUsed = new HashSet<>(); Set<UserRoleDAO.Data> userSet = new HashSet<>(); - if(!nss.isEmpty()) { + if (!nss.isEmpty()) { Result<List<PermDAO.Data>> rlp = ques.permDAO.readByType(trans, nss.value.ns, nss.value.name); - if(rlp.isOKhasData()) { - for(PermDAO.Data pd : rlp.value) { - if((allInstance || pd.instance.equals(instance)) && + if (rlp.isOKhasData()) { + for (PermDAO.Data pd : rlp.value) { + if ((allInstance || pd.instance.equals(instance)) && (allAction || pd.action.equals(action))) { - if(ques.mayUser(trans, trans.user(),pd,Access.read).isOK()) { - for(String role : pd.roles) { - if(!roleUsed.contains(role)) { // avoid evaluating Role many times + if (ques.mayUser(trans, trans.user(),pd,Access.read).isOK()) { + for (String role : pd.roles) { + if (!roleUsed.contains(role)) { // avoid evaluating Role many times roleUsed.add(role); Result<List<UserRoleDAO.Data>> rlurd = ques.userRoleDAO.readByRole(trans, role.replace('|', '.')); - if(rlurd.isOKhasData()) { - for(UserRoleDAO.Data urd : rlurd.value) { + if (rlurd.isOKhasData()) { + for (UserRoleDAO.Data urd : rlurd.value) { userSet.add(urd); } } @@ -3695,37 +3695,37 @@ public class AuthzCassServiceImpl <NSS,PERMS,PERMKEY,ROLES,USERS,USERROLES,DE @Override public Result<HISTORY> getHistoryByUser(final AuthzTrans trans, String user, final int[] yyyymm, final int sort) { final Validator v = new ServiceValidator(); - if(v.nullOrBlank("User",user).err()) { + if (v.nullOrBlank("User",user).err()) { return Result.err(Status.ERR_BadData,v.errs()); } Result<NsDAO.Data> rnd; // Users may look at their own data - if(trans.user().equals(user)) { + if (trans.user().equals(user)) { // Users may look at their own data } else { int at = user.indexOf('@'); - if(at>=0 && trans.org().getRealm().equals(user.substring(at+1))) { + if (at>=0 && trans.org().getRealm().equals(user.substring(at+1))) { NsDAO.Data nsd = new NsDAO.Data(); nsd.name = Question.domain2ns(user); rnd = ques.mayUser(trans, trans.user(), nsd, Access.read); - if(rnd.notOK()) { + if (rnd.notOK()) { return Result.err(rnd); } } else { rnd = ques.validNSOfDomain(trans, user); - if(rnd.notOK()) { + if (rnd.notOK()) { return Result.err(rnd); } rnd = ques.mayUser(trans, trans.user(), rnd.value, Access.read); - if(rnd.notOK()) { + if (rnd.notOK()) { return Result.err(rnd); } } } Result<List<HistoryDAO.Data>> resp = ques.historyDAO.readByUser(trans, user, yyyymm); - if(resp.notOK()) { + if (resp.notOK()) { return Result.err(resp); } return mapper.history(trans, resp.value,sort); @@ -3734,21 +3734,21 @@ public class AuthzCassServiceImpl <NSS,PERMS,PERMKEY,ROLES,USERS,USERROLES,DE @Override public Result<HISTORY> getHistoryByRole(AuthzTrans trans, String role, int[] yyyymm, final int sort) { final Validator v = new ServiceValidator(); - if(v.nullOrBlank("Role",role).err()) { + if (v.nullOrBlank("Role",role).err()) { return Result.err(Status.ERR_BadData,v.errs()); } Result<RoleDAO.Data> rrdd = RoleDAO.Data.decode(trans, ques, role); - if(rrdd.notOK()) { + if (rrdd.notOK()) { return Result.err(rrdd); } Result<NsDAO.Data> rnd = ques.mayUser(trans, trans.user(), rrdd.value, Access.read); - if(rnd.notOK()) { + if (rnd.notOK()) { return Result.err(rnd); } Result<List<HistoryDAO.Data>> resp = ques.historyDAO.readBySubject(trans, role, "role", yyyymm); - if(resp.notOK()) { + if (resp.notOK()) { return Result.err(resp); } return mapper.history(trans, resp.value,sort); @@ -3757,23 +3757,23 @@ public class AuthzCassServiceImpl <NSS,PERMS,PERMKEY,ROLES,USERS,USERROLES,DE @Override public Result<HISTORY> getHistoryByPerm(AuthzTrans trans, String type, int[] yyyymm, final int sort) { final Validator v = new ServiceValidator(); - if(v.nullOrBlank("Type",type) + if (v.nullOrBlank("Type",type) .err()) { return Result.err(Status.ERR_BadData,v.errs()); } // May user see Namespace of Permission (since it's only one piece... we can't check for "is permission part of") Result<NsDAO.Data> rnd = ques.deriveNs(trans,type); - if(rnd.notOK()) { + if (rnd.notOK()) { return Result.err(rnd); } rnd = ques.mayUser(trans, trans.user(), rnd.value, Access.read); - if(rnd.notOK()) { + if (rnd.notOK()) { return Result.err(rnd); } Result<List<HistoryDAO.Data>> resp = ques.historyDAO.readBySubject(trans, type, "perm", yyyymm); - if(resp.notOK()) { + if (resp.notOK()) { return Result.err(resp); } return mapper.history(trans, resp.value,sort); @@ -3782,22 +3782,22 @@ public class AuthzCassServiceImpl <NSS,PERMS,PERMKEY,ROLES,USERS,USERROLES,DE @Override public Result<HISTORY> getHistoryByNS(AuthzTrans trans, String ns, int[] yyyymm, final int sort) { final Validator v = new ServiceValidator(); - if(v.nullOrBlank("NS",ns) + if (v.nullOrBlank("NS",ns) .err()) { return Result.err(Status.ERR_BadData,v.errs()); } Result<NsDAO.Data> rnd = ques.deriveNs(trans,ns); - if(rnd.notOK()) { + if (rnd.notOK()) { return Result.err(rnd); } rnd = ques.mayUser(trans, trans.user(), rnd.value, Access.read); - if(rnd.notOK()) { + if (rnd.notOK()) { return Result.err(rnd); } Result<List<HistoryDAO.Data>> resp = ques.historyDAO.readBySubject(trans, ns, "ns", yyyymm); - if(resp.notOK()) { + if (resp.notOK()) { return Result.err(resp); } return mapper.history(trans, resp.value,sort); @@ -3820,20 +3820,20 @@ public class AuthzCassServiceImpl <NSS,PERMS,PERMKEY,ROLES,USERS,USERROLES,DE private Result<Void> createOrUpdateDelegate(final AuthzTrans trans, REQUEST base, final Access access) { final Result<DelegateDAO.Data> rd = mapper.delegate(trans, base); final ServiceValidator v = new ServiceValidator(); - if(v.delegate(trans.org(),rd).err()) { + if (v.delegate(trans.org(),rd).err()) { return Result.err(Status.ERR_BadData,v.errs()); } final DelegateDAO.Data dd = rd.value; Result<List<DelegateDAO.Data>> ddr = ques.delegateDAO.read(trans, dd); - if(access==Access.create && ddr.isOKhasData()) { + if (access==Access.create && ddr.isOKhasData()) { return Result.err(Status.ERR_ConflictAlreadyExists, "[%s] already delegates to [%s]", dd.user, ddr.value.get(0).delegate); - } else if(access!=Access.create && ddr.notOKorIsEmpty()) { + } else if (access!=Access.create && ddr.notOKorIsEmpty()) { return Result.err(Status.ERR_NotFound, "[%s] does not have a Delegate Record to [%s].",dd.user,access.name()); } Result<Void> rv = ques.mayUser(trans, dd, access); - if(rv.notOK()) { + if (rv.notOK()) { return rv; } @@ -3864,16 +3864,16 @@ public class AuthzCassServiceImpl <NSS,PERMS,PERMKEY,ROLES,USERS,USERROLES,DE case OK: Result<String> rfc = func.createFuture(trans, fd.value, dd.user, trans.user(),null, access==Access.create?FUTURE_OP.C:FUTURE_OP.U); - if(rfc.isOK()) { + if (rfc.isOK()) { return Result.err(Status.ACC_Future, "Delegate for [%s]", dd.user); } else { return Result.err(rfc); } case Status.ACC_Now: - if(access==Access.create) { + if (access==Access.create) { Result<DelegateDAO.Data> rdr = ques.delegateDAO.create(trans, dd); - if(rdr.isOK()) { + if (rdr.isOK()) { return Result.ok(); } else { return Result.err(rdr); @@ -3890,17 +3890,17 @@ public class AuthzCassServiceImpl <NSS,PERMS,PERMKEY,ROLES,USERS,USERROLES,DE public Result<Void> deleteDelegate(AuthzTrans trans, REQUEST base) { final Result<DelegateDAO.Data> rd = mapper.delegate(trans, base); final Validator v = new ServiceValidator(); - if(v.notOK(rd).nullOrBlank("User", rd.value.user).err()) { + if (v.notOK(rd).nullOrBlank("User", rd.value.user).err()) { return Result.err(Status.ERR_BadData,v.errs()); } Result<List<DelegateDAO.Data>> ddl; - if((ddl=ques.delegateDAO.read(trans, rd.value)).notOKorIsEmpty()) { + if ((ddl=ques.delegateDAO.read(trans, rd.value)).notOKorIsEmpty()) { return Result.err(Status.ERR_DelegateNotFound,"Cannot delete non-existent Delegate"); } final DelegateDAO.Data dd = ddl.value.get(0); Result<Void> rv = ques.mayUser(trans, dd, Access.write); - if(rv.notOK()) { + if (rv.notOK()) { return rv; } @@ -3911,17 +3911,17 @@ public class AuthzCassServiceImpl <NSS,PERMS,PERMKEY,ROLES,USERS,USERROLES,DE public Result<Void> deleteDelegate(AuthzTrans trans, String userName) { DelegateDAO.Data dd = new DelegateDAO.Data(); final Validator v = new ServiceValidator(); - if(v.nullOrBlank("User", userName).err()) { + if (v.nullOrBlank("User", userName).err()) { return Result.err(Status.ERR_BadData,v.errs()); } dd.user = userName; Result<List<DelegateDAO.Data>> ddl; - if((ddl=ques.delegateDAO.read(trans, dd)).notOKorIsEmpty()) { + if ((ddl=ques.delegateDAO.read(trans, dd)).notOKorIsEmpty()) { return Result.err(Status.ERR_DelegateNotFound,"Cannot delete non-existent Delegate"); } dd = ddl.value.get(0); Result<Void> rv = ques.mayUser(trans, dd, Access.write); - if(rv.notOK()) { + if (rv.notOK()) { return rv; } @@ -3931,7 +3931,7 @@ public class AuthzCassServiceImpl <NSS,PERMS,PERMKEY,ROLES,USERS,USERROLES,DE @Override public Result<DELGS> getDelegatesByUser(AuthzTrans trans, String user) { final Validator v = new ServiceValidator(); - if(v.nullOrBlank("User", user).err()) { + if (v.nullOrBlank("User", user).err()) { return Result.err(Status.ERR_BadData,v.errs()); } @@ -3939,7 +3939,7 @@ public class AuthzCassServiceImpl <NSS,PERMS,PERMKEY,ROLES,USERS,USERROLES,DE ddd.user = user; ddd.delegate = null; Result<Void> rv = ques.mayUser(trans, ddd, Access.read); - if(rv.notOK()) { + if (rv.notOK()) { return Result.err(rv); } @@ -3960,14 +3960,14 @@ public class AuthzCassServiceImpl <NSS,PERMS,PERMKEY,ROLES,USERS,USERROLES,DE @Override public Result<DELGS> getDelegatesByDelegate(AuthzTrans trans, String delegate) { final Validator v = new ServiceValidator(); - if(v.nullOrBlank("Delegate", delegate).err()) { + if (v.nullOrBlank("Delegate", delegate).err()) { return Result.err(Status.ERR_BadData,v.errs()); } DelegateDAO.Data ddd = new DelegateDAO.Data(); ddd.user = delegate; Result<Void> rv = ques.mayUser(trans, ddd, Access.read); - if(rv.notOK()) { + if (rv.notOK()) { return Result.err(rv); } @@ -3992,11 +3992,11 @@ public class AuthzCassServiceImpl <NSS,PERMS,PERMKEY,ROLES,USERS,USERROLES,DE @Override public Result<Void> updateApproval(AuthzTrans trans, APPROVALS approvals) { Result<List<ApprovalDAO.Data>> rlad = mapper.approvals(approvals); - if(rlad.notOK()) { + if (rlad.notOK()) { return Result.err(rlad); } int numApprs = rlad.value.size(); - if(numApprs<1) { + if (numApprs<1) { return Result.err(Status.ERR_NoApprovals,"No Approvals sent for Updating"); } int numProcessed = 0; @@ -4004,10 +4004,10 @@ public class AuthzCassServiceImpl <NSS,PERMS,PERMKEY,ROLES,USERS,USERROLES,DE Result<List<ApprovalDAO.Data>> curr; Lookup<List<ApprovalDAO.Data>> apprByTicket=null; - for(ApprovalDAO.Data updt : rlad.value) { - if(updt.ticket!=null) { + for (ApprovalDAO.Data updt : rlad.value) { + if (updt.ticket!=null) { curr = ques.approvalDAO.readByTicket(trans, updt.ticket); - if(curr.isOKhasData()) { + if (curr.isOKhasData()) { final List<ApprovalDAO.Data> add = curr.value; apprByTicket = new Lookup<List<ApprovalDAO.Data>>() { // Store a Pre-Lookup @Override @@ -4016,29 +4016,29 @@ public class AuthzCassServiceImpl <NSS,PERMS,PERMKEY,ROLES,USERS,USERROLES,DE } }; } - } else if(updt.id!=null) { + } else if (updt.id!=null) { curr = ques.approvalDAO.read(trans, updt); - } else if(updt.approver!=null) { + } else if (updt.approver!=null) { curr = ques.approvalDAO.readByApprover(trans, updt.approver); } else { return Result.err(Status.ERR_BadData,"Approvals need ID, Ticket or Approval data to update"); } - if(curr.isOKhasData()) { + if (curr.isOKhasData()) { Map<String, Result<List<DelegateDAO.Data>>> delegateCache = new HashMap<>(); Map<UUID, FutureDAO.Data> futureCache = new HashMap<>(); FutureDAO.Data hasDeleted = new FutureDAO.Data(); - for(ApprovalDAO.Data cd : curr.value) { - if("pending".equals(cd.status)) { + for (ApprovalDAO.Data cd : curr.value) { + if ("pending".equals(cd.status)) { // Check for right record. Need ID, or (Ticket&Trans.User==Appr) // If Default ID boolean delegatedAction = ques.isDelegated(trans, user, cd.approver, delegateCache); String delegator = cd.approver; - if(updt.id!=null || + if (updt.id!=null || (updt.ticket!=null && user.equals(cd.approver)) || (updt.ticket!=null && delegatedAction)) { - if(updt.ticket.equals(cd.ticket)) { + if (updt.ticket.equals(cd.ticket)) { Changed ch = new Changed(); cd.id = ch.changed(cd.id,updt.id); // cd.ticket = changed(cd.ticket,updt.ticket); @@ -4049,29 +4049,29 @@ public class AuthzCassServiceImpl <NSS,PERMS,PERMKEY,ROLES,USERS,USERROLES,DE cd.memo = ch.changed(cd.memo,updt.memo); cd.operation = ch.changed(cd.operation,updt.operation); cd.updated = ch.changed(cd.updated,updt.updated==null?new Date():updt.updated); - if(updt.status.equals("denied")) { + if (updt.status.equals("denied")) { cd.last_notified = null; } - if(cd.ticket!=null) { + if (cd.ticket!=null) { FutureDAO.Data fdd = futureCache.get(cd.ticket); - if(fdd==null) { // haven't processed ticket yet + if (fdd==null) { // haven't processed ticket yet Result<FutureDAO.Data> rfdd = ques.futureDAO.readPrimKey(trans, cd.ticket); - if(rfdd.isOK()) { + if (rfdd.isOK()) { fdd = rfdd.value; // null is ok } else { fdd = hasDeleted; } futureCache.put(cd.ticket, fdd); // processed this Ticket... don't do others on this ticket } - if(fdd==hasDeleted) { // YES, by Object + if (fdd==hasDeleted) { // YES, by Object cd.ticket = null; cd.status = "ticketDeleted"; ch.hasChanged(true); } else { FUTURE_OP fop = FUTURE_OP.toFO(cd.operation); - if(fop==null) { + if (fop==null) { trans.info().printf("Approval Status %s is not actionable",cd.status); - } else if(apprByTicket!=null) { + } else if (apprByTicket!=null) { Result<OP_STATUS> rv = func.performFutureOp(trans, fop, fdd, apprByTicket,func.urDBLookup); if (rv.isOK()) { switch(rv.value) { @@ -4097,7 +4097,7 @@ public class AuthzCassServiceImpl <NSS,PERMS,PERMKEY,ROLES,USERS,USERROLES,DE } ++numProcessed; } - if(ch.hasChanged()) { + if (ch.hasChanged()) { ques.approvalDAO.update(trans, cd, true); } } @@ -4107,7 +4107,7 @@ public class AuthzCassServiceImpl <NSS,PERMS,PERMKEY,ROLES,USERS,USERROLES,DE } } - if(numApprs==numProcessed) { + if (numApprs==numProcessed) { return Result.ok(); } return Result.err(Status.ERR_ActionNotCompleted,numProcessed + " out of " + numApprs + " completed"); @@ -4118,7 +4118,7 @@ public class AuthzCassServiceImpl <NSS,PERMS,PERMKEY,ROLES,USERS,USERROLES,DE private boolean hasChanged = false; public<T> T changed(T src, T proposed) { - if(proposed==null || (src!=null && src.equals(proposed))) { + if (proposed==null || (src!=null && src.equals(proposed))) { return src; } hasChanged=true; @@ -4137,12 +4137,12 @@ public class AuthzCassServiceImpl <NSS,PERMS,PERMKEY,ROLES,USERS,USERROLES,DE @Override public Result<APPROVALS> getApprovalsByUser(AuthzTrans trans, String user) { final Validator v = new ServiceValidator(); - if(v.nullOrBlank("User", user).err()) { + if (v.nullOrBlank("User", user).err()) { return Result.err(Status.ERR_BadData,v.errs()); } Result<List<ApprovalDAO.Data>> rapd = ques.approvalDAO.readByUser(trans, user); - if(rapd.isOK()) { + if (rapd.isOK()) { return mapper.approvals(rapd.value); } else { return Result.err(rapd); @@ -4152,7 +4152,7 @@ public class AuthzCassServiceImpl <NSS,PERMS,PERMKEY,ROLES,USERS,USERROLES,DE @Override public Result<APPROVALS> getApprovalsByTicket(AuthzTrans trans, String ticket) { final Validator v = new ServiceValidator(); - if(v.nullOrBlank("Ticket", ticket).err()) { + if (v.nullOrBlank("Ticket", ticket).err()) { return Result.err(Status.ERR_BadData,v.errs()); } UUID uuid; @@ -4163,7 +4163,7 @@ public class AuthzCassServiceImpl <NSS,PERMS,PERMKEY,ROLES,USERS,USERROLES,DE } Result<List<ApprovalDAO.Data>> rapd = ques.approvalDAO.readByTicket(trans, uuid); - if(rapd.isOK()) { + if (rapd.isOK()) { return mapper.approvals(rapd.value); } else { return Result.err(rapd); @@ -4173,14 +4173,14 @@ public class AuthzCassServiceImpl <NSS,PERMS,PERMKEY,ROLES,USERS,USERROLES,DE @Override public Result<APPROVALS> getApprovalsByApprover(AuthzTrans trans, String approver) { final Validator v = new ServiceValidator(); - if(v.nullOrBlank("Approver", approver).err()) { + if (v.nullOrBlank("Approver", approver).err()) { return Result.err(Status.ERR_BadData,v.errs()); } List<ApprovalDAO.Data> listRapds = new ArrayList<>(); Result<List<ApprovalDAO.Data>> myRapd = ques.approvalDAO.readByApprover(trans, approver); - if(myRapd.notOK()) { + if (myRapd.notOK()) { return Result.err(myRapd); } @@ -4211,7 +4211,7 @@ public class AuthzCassServiceImpl <NSS,PERMS,PERMKEY,ROLES,USERS,USERROLES,DE */ @Override public Result<Void> cacheClear(AuthzTrans trans, String cname) { - if(ques.isGranted(trans,trans.user(),ROOT_NS,CACHE,cname,"clear")) { + if (ques.isGranted(trans,trans.user(),ROOT_NS,CACHE,cname,"clear")) { return ques.clearCache(trans,cname); } return Result.err(Status.ERR_Denied, "%s does not have AAF Permission '%s.%s|%s|clear", @@ -4223,12 +4223,12 @@ public class AuthzCassServiceImpl <NSS,PERMS,PERMKEY,ROLES,USERS,USERROLES,DE */ @Override public Result<Void> cacheClear(AuthzTrans trans, String cname, int[] segment) { - if(ques.isGranted(trans,trans.user(),ROOT_NS,CACHE,cname,"clear")) { + if (ques.isGranted(trans,trans.user(),ROOT_NS,CACHE,cname,"clear")) { Result<Void> v=null; - for(int i: segment) { + for (int i: segment) { v=ques.cacheClear(trans,cname,i); } - if(v!=null) { + if (v!=null) { return v; } } diff --git a/auth/auth-service/src/main/java/org/onap/aaf/auth/service/api/API_Api.java b/auth/auth-service/src/main/java/org/onap/aaf/auth/service/api/API_Api.java index 5213a6e9..70d131a5 100644 --- a/auth/auth-service/src/main/java/org/onap/aaf/auth/service/api/API_Api.java +++ b/auth/auth-service/src/main/java/org/onap/aaf/auth/service/api/API_Api.java @@ -58,7 +58,7 @@ public class API_Api { @Override public void handle(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp) throws Exception { Result<Void> r = context.getAPI(trans,resp,authzAPI); - if(r.isOK()) { + if (r.isOK()) { resp.setStatus(HttpStatus.OK_200); } else { context.error(trans,resp,r); @@ -80,7 +80,7 @@ public class API_Api { Result<Void> r = context.getAPIExample(trans,resp,nameOrContextType, question>=0 && "optional=true".equalsIgnoreCase(req.getPathInfo().substring(question+1)) ); - if(r.isOK()) { + if (r.isOK()) { resp.setStatus(HttpStatus.OK_200); } else { context.error(trans,resp,r); diff --git a/auth/auth-service/src/main/java/org/onap/aaf/auth/service/api/API_Approval.java b/auth/auth-service/src/main/java/org/onap/aaf/auth/service/api/API_Approval.java index c0836038..7c74be1b 100644 --- a/auth/auth-service/src/main/java/org/onap/aaf/auth/service/api/API_Approval.java +++ b/auth/auth-service/src/main/java/org/onap/aaf/auth/service/api/API_Approval.java @@ -49,7 +49,7 @@ public class API_Approval { @Override public void handle(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp) throws Exception { Result<Void> r = context.getApprovalsByUser(trans, resp, pathParam(req,"user")); - if(r.isOK()) { + if (r.isOK()) { resp.setStatus(HttpStatus.OK_200); } else { context.error(trans,resp,r); @@ -64,7 +64,7 @@ public class API_Approval { @Override public void handle(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp) throws Exception { Result<Void> r = context.getApprovalsByTicket(trans, resp, pathParam(req,"ticket")); - if(r.isOK()) { + if (r.isOK()) { resp.setStatus(HttpStatus.OK_200); } else { context.error(trans,resp,r); @@ -79,7 +79,7 @@ public class API_Approval { @Override public void handle(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp) throws Exception { Result<Void> r = context.getApprovalsByApprover(trans, resp, pathParam(req,"approver")); - if(r.isOK()) { + if (r.isOK()) { resp.setStatus(HttpStatus.OK_200); } else { context.error(trans,resp,r); @@ -95,7 +95,7 @@ public class API_Approval { @Override public void handle(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp) throws Exception { Result<Void> r = context.updateApproval(trans, req, resp); - if(r.isOK()) { + if (r.isOK()) { resp.setStatus(HttpStatus.OK_200); } else { context.error(trans,resp,r); diff --git a/auth/auth-service/src/main/java/org/onap/aaf/auth/service/api/API_Creds.java b/auth/auth-service/src/main/java/org/onap/aaf/auth/service/api/API_Creds.java index 68e0f145..a8830c93 100644 --- a/auth/auth-service/src/main/java/org/onap/aaf/auth/service/api/API_Creds.java +++ b/auth/auth-service/src/main/java/org/onap/aaf/auth/service/api/API_Creds.java @@ -91,13 +91,13 @@ public class API_Creds { } else if (p instanceof X509Principal) { // have to check Basic Auth here, because it might be CSP. String authz = req.getHeader("Authorization"); - if(authz.startsWith("Basic ")) { + if (authz.startsWith("Basic ")) { BasicHttpTaf bht = ((X509Principal)p).getBasicHttpTaf(); - if(bht!=null) { + if (bht!=null) { BasicPrincipal bp = new BasicPrincipal(authz,""); CredVal cv = bht.getCredVal(bp.getDomain()); - if(cv!=null) { - if(cv.validate(bp.getName(), Type.PASSWORD, bp.getCred(), null) ) { + if (cv!=null) { + if (cv.validate(bp.getName(), Type.PASSWORD, bp.getCred(), null) ) { resp.setStatus(HttpStatus.OK_200); } else { resp.setStatus(HttpStatus.FORBIDDEN_403); @@ -108,7 +108,7 @@ public class API_Creds { int colon = decoded.indexOf(':'); TimeTaken tt = trans.start("Direct Validation", Env.REMOTE); try { - if(directAAFUserPass.validate( + if (directAAFUserPass.validate( decoded.substring(0,colon), CredVal.Type.PASSWORD , decoded.substring(colon+1).getBytes(),trans)) { @@ -124,7 +124,7 @@ public class API_Creds { } } } - } else if(p == null) { + } else if (p == null) { trans.error().log("Transaction not Authenticated... no Principal"); resp.setStatus(HttpStatus.FORBIDDEN_403); } else { @@ -146,7 +146,7 @@ public class API_Creds { HttpServletResponse resp) throws Exception { Result<Date> r = context.doesCredentialMatch(trans, req, resp); - if(r.isOK()) { + if (r.isOK()) { resp.setStatus(HttpStatus.OK_200); } else { // For Security, we don't give any info out on why failed, other than forbidden @@ -167,7 +167,7 @@ public class API_Creds { HttpServletResponse resp) throws Exception { Result<Void> r = context.getCertInfoByID(trans, req, resp, pathParam(req,":id") ); - if(r.isOK()) { + if (r.isOK()) { resp.setStatus(HttpStatus.OK_200); } else { // For Security, we don't give any info out on why failed, other than forbidden @@ -195,7 +195,7 @@ public class API_Creds { authzAPI.route(POST,"/authn/cred",API.CRED_REQ,new Code(facade,"Add a New ID/Credential", true) { @Override public void handle(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp) throws Exception { Result<Void> r = context.createUserCred(trans, req); - if(r.isOK()) { + if (r.isOK()) { resp.setStatus(HttpStatus.CREATED_201); } else { context.error(trans,resp,r); @@ -214,7 +214,7 @@ public class API_Creds { HttpServletResponse resp) throws Exception { Result<Void> r = context.getCredsByNS(trans, resp, pathParam(req, "ns")); - if(r.isOK()) { + if (r.isOK()) { resp.setStatus(HttpStatus.OK_200); } else { context.error(trans,resp,r); @@ -234,7 +234,7 @@ public class API_Creds { HttpServletResponse resp) throws Exception { Result<Void> r = context.getCredsByID(trans, resp, pathParam(req, "id")); - if(r.isOK()) { + if (r.isOK()) { resp.setStatus(HttpStatus.OK_200); } else { context.error(trans,resp,r); @@ -252,7 +252,7 @@ public class API_Creds { public void handle(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp) throws Exception { Result<Void> r = context.changeUserCred(trans, req); - if(r.isOK()) { + if (r.isOK()) { resp.setStatus(HttpStatus.OK_200); } else { context.error(trans,resp,r); @@ -273,7 +273,7 @@ public class API_Creds { @Override public void handle(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp) throws Exception { Result<Void> r = context.extendUserCred(trans, req, pathParam(req, "days")); - if(r.isOK()) { + if (r.isOK()) { resp.setStatus(HttpStatus.OK_200); } else { context.error(trans,resp,r); @@ -288,7 +288,7 @@ public class API_Creds { @Override public void handle(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp) throws Exception { Result<Void> r = context.deleteUserCred(trans, req); - if(r.isOK()) { + if (r.isOK()) { resp.setStatus(HttpStatus.OK_200); } else { context.error(trans,resp,r); diff --git a/auth/auth-service/src/main/java/org/onap/aaf/auth/service/api/API_History.java b/auth/auth-service/src/main/java/org/onap/aaf/auth/service/api/API_History.java index e0911937..2c868d3d 100644 --- a/auth/auth-service/src/main/java/org/onap/aaf/auth/service/api/API_History.java +++ b/auth/auth-service/src/main/java/org/onap/aaf/auth/service/api/API_History.java @@ -74,7 +74,7 @@ public class API_History { try { years = getYears(req); descend = decending(req); - } catch(Exception e) { + } catch (Exception e) { context.error(trans, resp, Result.err(Status.ERR_BadData, e.getMessage())); return; } @@ -101,7 +101,7 @@ public class API_History { try { years = getYears(req); descend = decending(req); - } catch(Exception e) { + } catch (Exception e) { context.error(trans, resp, Result.err(Status.ERR_BadData, e.getMessage())); return; } @@ -128,7 +128,7 @@ public class API_History { try { years = getYears(req); descend = decending(req); - } catch(Exception e) { + } catch (Exception e) { context.error(trans, resp, Result.err(Status.ERR_BadData, e.getMessage())); return; } @@ -155,7 +155,7 @@ public class API_History { try { years = getYears(req); descend = decending(req); - } catch(Exception e) { + } catch (Exception e) { context.error(trans, resp, Result.err(Status.ERR_BadData, e.getMessage())); return; } @@ -174,8 +174,8 @@ public class API_History { // Check if Ascending private static int decending(HttpServletRequest req) { - if("true".equalsIgnoreCase(req.getParameter("desc")))return -1; - if("true".equalsIgnoreCase(req.getParameter("asc")))return 1; + if ("true".equalsIgnoreCase(req.getParameter("desc")))return -1; + if ("true".equalsIgnoreCase(req.getParameter("asc")))return 1; return 0; } @@ -186,21 +186,21 @@ public class API_History { SimpleDateFormat FMT = new SimpleDateFormat("yyyyMM"); String yyyymm = req.getParameter("yyyymm"); ArrayList<Integer> ai= new ArrayList<>(); - if(yyyymm==null) { + if (yyyymm==null) { GregorianCalendar gc = new GregorianCalendar(); // three months is the default - for(int i=0;i<3;++i) { + for (int i=0;i<3;++i) { ai.add(Integer.parseInt(FMT.format(gc.getTime()))); gc.add(GregorianCalendar.MONTH, -1); } } else { - for(String ym : yyyymm.split(",")) { + for (String ym : yyyymm.split(",")) { String range[] = ym.split("\\s*-\\s*"); switch(range.length) { case 0: break; case 1: - if(!ym.endsWith("-")) { + if (!ym.endsWith("-")) { ai.add(getNum(ym)); break; } else { @@ -214,26 +214,26 @@ public class API_History { gc.set(GregorianCalendar.MONTH, Integer.parseInt(range[0].substring(4,6))-1); gc.set(GregorianCalendar.YEAR, Integer.parseInt(range[0].substring(0,4))); - for(int i=getNum(FMT.format(gc.getTime()));i<=end;gc.add(GregorianCalendar.MONTH, 1),i=getNum(FMT.format(gc.getTime()))) { + for (int i=getNum(FMT.format(gc.getTime()));i<=end;gc.add(GregorianCalendar.MONTH, 1),i=getNum(FMT.format(gc.getTime()))) { ai.add(i); } } } } - if(ai.size()==0) { + if (ai.size()==0) { throw new NumberFormatException(yyyymm + " is an invalid number or range"); } Collections.sort(ai); int ym[] = new int[ai.size()]; - for(int i=0;i<ym.length;++i) { + for (int i=0;i<ym.length;++i) { ym[i]=ai.get(i); } return ym; } private static int getNum(String n) { - if(n==null || n.length()!=6) throw new NumberFormatException(n + " is not in YYYYMM format"); + if (n==null || n.length()!=6) throw new NumberFormatException(n + " is not in YYYYMM format"); return Integer.parseInt(n); } } diff --git a/auth/auth-service/src/main/java/org/onap/aaf/auth/service/api/API_Mgmt.java b/auth/auth-service/src/main/java/org/onap/aaf/auth/service/api/API_Mgmt.java index be608df5..d99e1ada 100644 --- a/auth/auth-service/src/main/java/org/onap/aaf/auth/service/api/API_Mgmt.java +++ b/auth/auth-service/src/main/java/org/onap/aaf/auth/service/api/API_Mgmt.java @@ -109,7 +109,7 @@ public class API_Mgmt { @Override public void handle(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp) throws Exception { try { - if(req.isUserInRole(PERM_DB_POOL_CLEAR)) { + if (req.isUserInRole(PERM_DB_POOL_CLEAR)) { context.dbReset(trans); trans.audit().log("DB Sessions have been cleared by "+trans.user()); @@ -119,7 +119,7 @@ public class API_Mgmt { return; } context.error(trans,resp,Result.err(Result.ERR_Denied,"%s is not allowed to clear dbsessions",trans.user())); - } catch(Exception e) { + } catch (Exception e) { trans.error().log(e, "clearing dbsession"); context.error(trans,resp,Result.err(e)); } @@ -133,8 +133,8 @@ public class API_Mgmt { @Override public void handle(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp) throws Exception { String ip = pathParam(req,":ip"); - if(req.isUserInRole(PERM_DENY_IP)) { - if(DenialOfServiceTaf.denyIP(ip)) { + if (req.isUserInRole(PERM_DENY_IP)) { + if (DenialOfServiceTaf.denyIP(ip)) { trans.audit().log(ip+" has been set to deny by "+trans.user()); trans.checkpoint(SUCCESS,Trans.ALWAYS); @@ -158,8 +158,8 @@ public class API_Mgmt { @Override public void handle(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp) throws Exception { String ip = pathParam(req,":ip"); - if(req.isUserInRole(PERM_DENY_IP)) { - if(DenialOfServiceTaf.removeDenyIP(ip)) { + if (req.isUserInRole(PERM_DENY_IP)) { + if (DenialOfServiceTaf.removeDenyIP(ip)) { trans.audit().log(ip+" has been removed from denial by "+trans.user()); trans.checkpoint(SUCCESS,Trans.ALWAYS); resp.setStatus(HttpStatus.OK_200); @@ -182,8 +182,8 @@ public class API_Mgmt { @Override public void handle(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp) throws Exception { String id = pathParam(req,":id"); - if(req.isUserInRole(PERM_DENY_ID)) { - if(DenialOfServiceTaf.denyID(id)) { + if (req.isUserInRole(PERM_DENY_ID)) { + if (DenialOfServiceTaf.denyID(id)) { trans.audit().log(id+" has been set to deny by "+trans.user()); trans.checkpoint(SUCCESS,Trans.ALWAYS); resp.setStatus(HttpStatus.CREATED_201); @@ -206,8 +206,8 @@ public class API_Mgmt { @Override public void handle(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp) throws Exception { String id = pathParam(req,":id"); - if(req.isUserInRole(PERM_DENY_ID)) { - if(DenialOfServiceTaf.removeDenyID(id)) { + if (req.isUserInRole(PERM_DENY_ID)) { + if (DenialOfServiceTaf.removeDenyID(id)) { trans.audit().log(id+" has been removed from denial by " + trans.user()); trans.checkpoint(SUCCESS,Trans.ALWAYS); resp.setStatus(HttpStatus.OK_200); @@ -230,8 +230,8 @@ public class API_Mgmt { @Override public void handle(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp) throws Exception { String id = pathParam(req,":id"); - if(req.isUserInRole(PERM_LOG_ID)) { - if(Question.specialLogOn(trans,id)) { + if (req.isUserInRole(PERM_LOG_ID)) { + if (Question.specialLogOn(trans,id)) { trans.audit().log(id+" has been set to special Log by "+trans.user()); trans.checkpoint(SUCCESS,Trans.ALWAYS); resp.setStatus(HttpStatus.CREATED_201); @@ -254,8 +254,8 @@ public class API_Mgmt { @Override public void handle(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp) throws Exception { String id = pathParam(req,":id"); - if(req.isUserInRole(PERM_LOG_ID)) { - if(Question.specialLogOff(trans,id)) { + if (req.isUserInRole(PERM_LOG_ID)) { + if (Question.specialLogOff(trans,id)) { trans.audit().log(id+" has been removed from special Logging by " + trans.user()); trans.checkpoint(SUCCESS,Trans.ALWAYS); resp.setStatus(HttpStatus.OK_200); diff --git a/auth/auth-service/src/main/java/org/onap/aaf/auth/service/api/API_Perms.java b/auth/auth-service/src/main/java/org/onap/aaf/auth/service/api/API_Perms.java index 5f2a823e..ae94553c 100644 --- a/auth/auth-service/src/main/java/org/onap/aaf/auth/service/api/API_Perms.java +++ b/auth/auth-service/src/main/java/org/onap/aaf/auth/service/api/API_Perms.java @@ -55,7 +55,7 @@ public class API_Perms { String scopes = req.getParameter("scopes"); Result<Void> r; - if(scopes==null) { + if (scopes==null) { r = context.getPermsByUser(trans, resp, pathParam(req, "user")); } else { r = context.getPermsByUserScope(trans, resp, pathParam(req, "user"),Split.split(':', scopes)); diff --git a/auth/auth-service/src/main/java/org/onap/aaf/auth/service/facade/AuthzFacadeImpl.java b/auth/auth-service/src/main/java/org/onap/aaf/auth/service/facade/AuthzFacadeImpl.java index 0e1479c4..1a016be6 100644 --- a/auth/auth-service/src/main/java/org/onap/aaf/auth/service/facade/AuthzFacadeImpl.java +++ b/auth/auth-service/src/main/java/org/onap/aaf/auth/service/facade/AuthzFacadeImpl.java @@ -169,7 +169,7 @@ public abstract class AuthzFacadeImpl<NSS,PERMS,PERMKEY,ROLES,USERS,USERROLES,DE String msgId; String[] detail; boolean hidemsg = false; - if(result.variables==null) { + if (result.variables==null) { detail = new String[1]; } else { int l = result.variables.length; @@ -307,7 +307,7 @@ public abstract class AuthzFacadeImpl<NSS,PERMS,PERMKEY,ROLES,USERS,USERROLES,DE "] " + holder.toString(), Env.ALWAYS); - if(hidemsg) { + if (hidemsg) { holder.setLength(0); em = mapper().errorFromMessage(holder, msgId, "Server had an issue processing this request"); } @@ -344,11 +344,11 @@ public abstract class AuthzFacadeImpl<NSS,PERMS,PERMKEY,ROLES,USERS,USERROLES,DE REQUEST request; try { Data<REQUEST> rd = nsRequestDF.newData().load(req.getInputStream()); - if(Question.willSpecialLog(trans, trans.user())) { + if (Question.willSpecialLog(trans, trans.user())) { Question.logEncryptTrace(trans,rd.asString()); } request = rd.asObject(); - } catch(APIException e) { + } catch (APIException e) { trans.error().log("Invalid Input",IN,CREATE_NS); return Result.err(Status.ERR_BadData,"Invalid Input"); } @@ -476,7 +476,7 @@ public abstract class AuthzFacadeImpl<NSS,PERMS,PERMKEY,ROLES,USERS,USERROLES,DE switch(rp.status) { case OK: RosettaData<NSS> data = nssDF.newData(trans).load(rp.value); - if(Question.willSpecialLog(trans, trans.user())) { + if (Question.willSpecialLog(trans, trans.user())) { Question.logEncryptTrace(trans,data.asString()); } data.to(resp.getOutputStream()); @@ -505,7 +505,7 @@ public abstract class AuthzFacadeImpl<NSS,PERMS,PERMKEY,ROLES,USERS,USERROLES,DE switch(rp.status) { case OK: RosettaData<NSS> data = nssDF.newData(trans).load(rp.value); - if(Question.willSpecialLog(trans, trans.user())) { + if (Question.willSpecialLog(trans, trans.user())) { Question.logEncryptTrace(trans,data.asString()); } data.to(resp.getOutputStream()); @@ -534,7 +534,7 @@ public abstract class AuthzFacadeImpl<NSS,PERMS,PERMKEY,ROLES,USERS,USERROLES,DE switch(rp.status) { case OK: RosettaData<NSS> data = nssDF.newData(trans).load(rp.value); - if(Question.willSpecialLog(trans, trans.user())) { + if (Question.willSpecialLog(trans, trans.user())) { Question.logEncryptTrace(trans,data.asString()); } data.to(resp.getOutputStream()); @@ -564,7 +564,7 @@ public abstract class AuthzFacadeImpl<NSS,PERMS,PERMKEY,ROLES,USERS,USERROLES,DE switch(rp.status) { case OK: RosettaData<NSS> data = nssDF.newData(trans).load(rp.value); - if(Question.willSpecialLog(trans, trans.user())) { + if (Question.willSpecialLog(trans, trans.user())) { Question.logEncryptTrace(trans,data.asString()); } data.to(resp.getOutputStream()); @@ -593,7 +593,7 @@ public abstract class AuthzFacadeImpl<NSS,PERMS,PERMKEY,ROLES,USERS,USERROLES,DE switch(rp.status) { case OK: RosettaData<NSS> data = nssDF.newData(trans).load(rp.value); - if(Question.willSpecialLog(trans, trans.user())) { + if (Question.willSpecialLog(trans, trans.user())) { Question.logEncryptTrace(trans,data.asString()); } data.to(resp.getOutputStream()); @@ -617,11 +617,11 @@ public abstract class AuthzFacadeImpl<NSS,PERMS,PERMKEY,ROLES,USERS,USERROLES,DE REQUEST rreq; try { RosettaData<REQUEST> data = nsRequestDF.newData().load(req.getInputStream()); - if(Question.willSpecialLog(trans, trans.user())) { + if (Question.willSpecialLog(trans, trans.user())) { Question.logEncryptTrace(trans,data.asString()); } rreq = data.asObject(); - } catch(APIException e) { + } catch (APIException e) { trans.error().log("Invalid Input",IN,UPDATE_NS_DESC); return Result.err(Status.ERR_BadData,"Invalid Input"); @@ -706,7 +706,7 @@ public abstract class AuthzFacadeImpl<NSS,PERMS,PERMKEY,ROLES,USERS,USERROLES,DE switch(rp.status) { case OK: RosettaData<KEYS> data = keysDF.newData(trans).load(rp.value); - if(Question.willSpecialLog(trans, trans.user())) { + if (Question.willSpecialLog(trans, trans.user())) { Question.logEncryptTrace(trans,data.asString()); } data.to(resp.getOutputStream()); @@ -799,11 +799,11 @@ public abstract class AuthzFacadeImpl<NSS,PERMS,PERMKEY,ROLES,USERS,USERROLES,DE REQUEST rreq; try { RosettaData<REQUEST> data = permRequestDF.newData().load(req.getInputStream()); - if(Question.willSpecialLog(trans, trans.user())) { + if (Question.willSpecialLog(trans, trans.user())) { Question.logEncryptTrace(trans,data.asString()); } rreq = data.asObject(); - } catch(APIException e) { + } catch (APIException e) { trans.error().log("Invalid Input",IN,CREATE_PERMISSION); return Result.err(Status.ERR_BadData,"Invalid Input"); } @@ -836,7 +836,7 @@ public abstract class AuthzFacadeImpl<NSS,PERMS,PERMKEY,ROLES,USERS,USERROLES,DE switch(rp.status) { case OK: RosettaData<PERMS> data = permsDF.newData(trans).load(rp.value); - if(Question.willSpecialLog(trans, trans.user())) { + if (Question.willSpecialLog(trans, trans.user())) { Question.logEncryptTrace(trans,data.asString()); } data.to(resp.getOutputStream()); @@ -866,7 +866,7 @@ public abstract class AuthzFacadeImpl<NSS,PERMS,PERMKEY,ROLES,USERS,USERROLES,DE switch(rp.status) { case OK: RosettaData<PERMS> data = permsDF.newData(trans).load(rp.value); - if(Question.willSpecialLog(trans, trans.user())) { + if (Question.willSpecialLog(trans, trans.user())) { Question.logEncryptTrace(trans,data.asString()); } data.to(resp.getOutputStream()); @@ -895,7 +895,7 @@ public abstract class AuthzFacadeImpl<NSS,PERMS,PERMKEY,ROLES,USERS,USERROLES,DE switch(rp.status) { case OK: RosettaData<PERMS> data = permsDF.newData(trans).load(rp.value); - if(Question.willSpecialLog(trans, trans.user())) { + if (Question.willSpecialLog(trans, trans.user())) { Question.logEncryptTrace(trans,data.asString()); } data.to(resp.getOutputStream()); @@ -924,7 +924,7 @@ public abstract class AuthzFacadeImpl<NSS,PERMS,PERMKEY,ROLES,USERS,USERROLES,DE switch(rp.status) { case OK: RosettaData<PERMS> data = permsDF.newData(trans).load(rp.value); - if(Question.willSpecialLog(trans, trans.user())) { + if (Question.willSpecialLog(trans, trans.user())) { Question.logEncryptTrace(trans,data.asString()); } data.to(resp.getOutputStream()); @@ -954,11 +954,11 @@ public abstract class AuthzFacadeImpl<NSS,PERMS,PERMKEY,ROLES,USERS,USERROLES,DE PERMS perms; try { RosettaData<PERMS> data = permsDF.newData().load(req.getInputStream()); - if(Question.willSpecialLog(trans, trans.user())) { + if (Question.willSpecialLog(trans, trans.user())) { Question.logEncryptTrace(trans,data.asString()); } perms = data.asObject(); - } catch(APIException e) { + } catch (APIException e) { trans.error().log("Invalid Input",IN,GET_PERMISSIONS_BY_USER_WITH_QUERY); return Result.err(Status.ERR_BadData,"Invalid Input"); } @@ -967,7 +967,7 @@ public abstract class AuthzFacadeImpl<NSS,PERMS,PERMKEY,ROLES,USERS,USERROLES,DE switch(rp.status) { case OK: RosettaData<PERMS> data = permsDF.newData(trans).load(rp.value); - if(Question.willSpecialLog(trans, trans.user())) { + if (Question.willSpecialLog(trans, trans.user())) { Question.logEncryptTrace(trans,data.asString()); } data.to(resp.getOutputStream()); @@ -997,7 +997,7 @@ public abstract class AuthzFacadeImpl<NSS,PERMS,PERMKEY,ROLES,USERS,USERROLES,DE switch(rp.status) { case OK: RosettaData<PERMS> data = permsDF.newData(trans).load(rp.value); - if(Question.willSpecialLog(trans, trans.user())) { + if (Question.willSpecialLog(trans, trans.user())) { Question.logEncryptTrace(trans,data.asString()); } data.to(resp.getOutputStream()); @@ -1023,7 +1023,7 @@ public abstract class AuthzFacadeImpl<NSS,PERMS,PERMKEY,ROLES,USERS,USERROLES,DE switch(rp.status) { case OK: RosettaData<PERMS> data = permsDF.newData(trans).load(rp.value); - if(Question.willSpecialLog(trans, trans.user())) { + if (Question.willSpecialLog(trans, trans.user())) { Question.logEncryptTrace(trans,data.asString()); } data.to(resp.getOutputStream()); @@ -1054,11 +1054,11 @@ public abstract class AuthzFacadeImpl<NSS,PERMS,PERMKEY,ROLES,USERS,USERROLES,DE REQUEST rreq; try { RosettaData<REQUEST> data = permRequestDF.newData().load(req.getInputStream()); - if(Question.willSpecialLog(trans, trans.user())) { + if (Question.willSpecialLog(trans, trans.user())) { Question.logEncryptTrace(trans,data.asString()); } rreq = data.asObject(); - } catch(APIException e) { + } catch (APIException e) { trans.error().log("Invalid Input",IN,cmdDescription); return Result.err(Status.ERR_BadData,"Invalid Input"); } @@ -1086,11 +1086,11 @@ public abstract class AuthzFacadeImpl<NSS,PERMS,PERMKEY,ROLES,USERS,USERROLES,DE REQUEST rreq; try { RosettaData<REQUEST> data = permRequestDF.newData().load(req.getInputStream()); - if(Question.willSpecialLog(trans, trans.user())) { + if (Question.willSpecialLog(trans, trans.user())) { Question.logEncryptTrace(trans,data.asString()); } rreq = data.asObject(); - } catch(APIException e) { + } catch (APIException e) { trans.error().log("Invalid Input",IN,UPDATE_PERM_DESC); return Result.err(Status.ERR_BadData,"Invalid Input"); @@ -1119,11 +1119,11 @@ public abstract class AuthzFacadeImpl<NSS,PERMS,PERMKEY,ROLES,USERS,USERROLES,DE REQUEST rreq; try { RosettaData<REQUEST> data = rolePermRequestDF.newData().load(req.getInputStream()); - if(Question.willSpecialLog(trans, trans.user())) { + if (Question.willSpecialLog(trans, trans.user())) { Question.logEncryptTrace(trans,data.asString()); } rreq = data.asObject(); - } catch(APIException e) { + } catch (APIException e) { trans.error().log("Invalid Input",IN, SET_PERMISSION_ROLES_TO); return Result.err(Status.ERR_BadData,"Invalid Input"); } @@ -1152,11 +1152,11 @@ public abstract class AuthzFacadeImpl<NSS,PERMS,PERMKEY,ROLES,USERS,USERROLES,DE REQUEST rreq; try { RosettaData<REQUEST> data = permRequestDF.newData().load(req.getInputStream()); - if(Question.willSpecialLog(trans, trans.user())) { + if (Question.willSpecialLog(trans, trans.user())) { Question.logEncryptTrace(trans,data.asString()); } rreq = data.asObject(); - } catch(APIException e) { + } catch (APIException e) { trans.error().log("Invalid Input",IN,DELETE_PERMISSION); return Result.err(Status.ERR_BadData,"Invalid Input"); @@ -1218,11 +1218,11 @@ public abstract class AuthzFacadeImpl<NSS,PERMS,PERMKEY,ROLES,USERS,USERROLES,DE REQUEST rreq; try { RosettaData<REQUEST> data = roleRequestDF.newData().load(req.getInputStream()); - if(Question.willSpecialLog(trans, trans.user())) { + if (Question.willSpecialLog(trans, trans.user())) { Question.logEncryptTrace(trans,data.asString()); } rreq = data.asObject(); - } catch(APIException e) { + } catch (APIException e) { trans.error().log("Invalid Input",IN,CREATE_ROLE); return Result.err(Status.ERR_BadData,"Invalid Input"); @@ -1254,7 +1254,7 @@ public abstract class AuthzFacadeImpl<NSS,PERMS,PERMKEY,ROLES,USERS,USERROLES,DE switch(rp.status) { case OK: RosettaData<ROLES> data = roleDF.newData(trans).load(rp.value); - if(Question.willSpecialLog(trans, trans.user())) { + if (Question.willSpecialLog(trans, trans.user())) { Question.logEncryptTrace(trans,data.asString()); } data.to(resp.getOutputStream()); @@ -1283,7 +1283,7 @@ public abstract class AuthzFacadeImpl<NSS,PERMS,PERMKEY,ROLES,USERS,USERROLES,DE switch(rp.status) { case OK: RosettaData<ROLES> data = roleDF.newData(trans).load(rp.value); - if(Question.willSpecialLog(trans, trans.user())) { + if (Question.willSpecialLog(trans, trans.user())) { Question.logEncryptTrace(trans,data.asString()); } data.to(resp.getOutputStream()); @@ -1311,9 +1311,9 @@ public abstract class AuthzFacadeImpl<NSS,PERMS,PERMKEY,ROLES,USERS,USERROLES,DE Result<ROLES> rp = service.getRolesByNS(trans, ns); switch(rp.status) { case OK: - if(!rp.isEmpty()) { + if (!rp.isEmpty()) { RosettaData<ROLES> data = roleDF.newData(trans).load(rp.value); - if(Question.willSpecialLog(trans, trans.user())) { + if (Question.willSpecialLog(trans, trans.user())) { Question.logEncryptTrace(trans,data.asString()); } data.to(resp.getOutputStream()); @@ -1345,9 +1345,9 @@ public abstract class AuthzFacadeImpl<NSS,PERMS,PERMKEY,ROLES,USERS,USERROLES,DE Result<ROLES> rp = service.getRolesByNameOnly(trans, nameOnly); switch(rp.status) { case OK: - if(!rp.isEmpty()) { + if (!rp.isEmpty()) { RosettaData<ROLES> data = roleDF.newData(trans).load(rp.value); - if(Question.willSpecialLog(trans, trans.user())) { + if (Question.willSpecialLog(trans, trans.user())) { Question.logEncryptTrace(trans,data.asString()); } data.to(resp.getOutputStream()); @@ -1379,7 +1379,7 @@ public abstract class AuthzFacadeImpl<NSS,PERMS,PERMKEY,ROLES,USERS,USERROLES,DE switch(rp.status) { case OK: RosettaData<ROLES> data = roleDF.newData(trans).load(rp.value); - if(Question.willSpecialLog(trans, trans.user())) { + if (Question.willSpecialLog(trans, trans.user())) { Question.logEncryptTrace(trans,data.asString()); } data.to(resp.getOutputStream()); @@ -1408,11 +1408,11 @@ public abstract class AuthzFacadeImpl<NSS,PERMS,PERMKEY,ROLES,USERS,USERROLES,DE REQUEST rreq; try { RosettaData<REQUEST> data = roleRequestDF.newData().load(req.getInputStream()); - if(Question.willSpecialLog(trans, trans.user())) { + if (Question.willSpecialLog(trans, trans.user())) { Question.logEncryptTrace(trans,data.asString()); } rreq = data.asObject(); - } catch(APIException e) { + } catch (APIException e) { trans.error().log("Invalid Input",IN,UPDATE_ROLE_DESC); return Result.err(Status.ERR_BadData,"Invalid Input"); @@ -1440,11 +1440,11 @@ public abstract class AuthzFacadeImpl<NSS,PERMS,PERMKEY,ROLES,USERS,USERROLES,DE REQUEST rreq; try { RosettaData<REQUEST> data = rolePermRequestDF.newData().load(req.getInputStream()); - if(Question.willSpecialLog(trans, trans.user())) { + if (Question.willSpecialLog(trans, trans.user())) { Question.logEncryptTrace(trans,data.asString()); } rreq = data.asObject(); - } catch(APIException e) { + } catch (APIException e) { trans.error().log("Invalid Input",IN,ADD_PERM_TO_ROLE); return Result.err(Status.ERR_BadData,"Invalid Input"); @@ -1473,11 +1473,11 @@ public abstract class AuthzFacadeImpl<NSS,PERMS,PERMKEY,ROLES,USERS,USERROLES,DE REQUEST rreq; try { RosettaData<REQUEST> data = rolePermRequestDF.newData().load(req.getInputStream()); - if(Question.willSpecialLog(trans, trans.user())) { + if (Question.willSpecialLog(trans, trans.user())) { Question.logEncryptTrace(trans,data.asString()); } rreq = data.asObject(); - } catch(APIException e) { + } catch (APIException e) { trans.error().log("Invalid Input",IN,DELETE_PERM_FROM_ROLE); return Result.err(Status.ERR_BadData,"Invalid Input"); @@ -1551,11 +1551,11 @@ public abstract class AuthzFacadeImpl<NSS,PERMS,PERMKEY,ROLES,USERS,USERROLES,DE REQUEST rreq; try { RosettaData<REQUEST> data = roleRequestDF.newData().load(req.getInputStream()); - if(Question.willSpecialLog(trans, trans.user())) { + if (Question.willSpecialLog(trans, trans.user())) { Question.logEncryptTrace(trans,data.asString()); } rreq = data.asObject(); - } catch(APIException e) { + } catch (APIException e) { trans.error().log("Invalid Input",IN,CREATE_ROLE); return Result.err(Status.ERR_BadData,"Invalid Input"); } @@ -1596,11 +1596,11 @@ public abstract class AuthzFacadeImpl<NSS,PERMS,PERMKEY,ROLES,USERS,USERROLES,DE TimeTaken tt = trans.start(CREATE_CRED, Env.SUB|Env.ALWAYS); try { RosettaData<REQUEST> data = credRequestDF.newData().load(req.getInputStream()); - if(Question.willSpecialLog(trans, trans.user())) { + if (Question.willSpecialLog(trans, trans.user())) { Question.logEncryptTrace(trans,data.asString()); } return service.createUserCred(trans, data.asObject()); - } catch(APIException e) { + } catch (APIException e) { trans.error().log(e,"Bad Input data"); return Result.err(Status.ERR_BadData, e.getLocalizedMessage()); } catch (Exception e) { @@ -1616,12 +1616,12 @@ public abstract class AuthzFacadeImpl<NSS,PERMS,PERMKEY,ROLES,USERS,USERROLES,DE TimeTaken tt = trans.start(UPDATE_CRED, Env.SUB|Env.ALWAYS); try { RosettaData<REQUEST> data = credRequestDF.newData().load(req.getInputStream()); - if(Question.willSpecialLog(trans, trans.user())) { + if (Question.willSpecialLog(trans, trans.user())) { Question.logEncryptTrace(trans,data.asString()); } return service.changeUserCred(trans, data.asObject()); - } catch(APIException e) { + } catch (APIException e) { trans.error().log(e,"Bad Input data"); return Result.err(Status.ERR_BadData, e.getLocalizedMessage()); } catch (Exception e) { @@ -1640,12 +1640,12 @@ public abstract class AuthzFacadeImpl<NSS,PERMS,PERMKEY,ROLES,USERS,USERROLES,DE TimeTaken tt = trans.start(EXTEND_CRED, Env.SUB|Env.ALWAYS); try { RosettaData<REQUEST> data = credRequestDF.newData().load(req.getInputStream()); - if(Question.willSpecialLog(trans, trans.user())) { + if (Question.willSpecialLog(trans, trans.user())) { Question.logEncryptTrace(trans,data.asString()); } return service.extendUserCred(trans, data.asObject(), days); - } catch(APIException e) { + } catch (APIException e) { trans.error().log(e,"Bad Input data"); return Result.err(Status.ERR_BadData, e.getLocalizedMessage()); } catch (Exception e) { @@ -1665,7 +1665,7 @@ public abstract class AuthzFacadeImpl<NSS,PERMS,PERMKEY,ROLES,USERS,USERROLES,DE switch(ru.status) { case OK: RosettaData<USERS> data = usersDF.newData(trans).load(ru.value); - if(Question.willSpecialLog(trans,trans.user())) { + if (Question.willSpecialLog(trans,trans.user())) { Question.logEncryptTrace(trans,data.asString()); } data.to(resp.getOutputStream()); @@ -1696,7 +1696,7 @@ public abstract class AuthzFacadeImpl<NSS,PERMS,PERMKEY,ROLES,USERS,USERROLES,DE switch(ru.status) { case OK: RosettaData<USERS> data = usersDF.newData(trans).load(ru.value); - if(Question.willSpecialLog(trans, trans.user())) { + if (Question.willSpecialLog(trans, trans.user())) { Question.logEncryptTrace(trans,data.asString()); } data.to(resp.getOutputStream()); @@ -1719,12 +1719,12 @@ public abstract class AuthzFacadeImpl<NSS,PERMS,PERMKEY,ROLES,USERS,USERROLES,DE TimeTaken tt = trans.start(DELETE_CRED, Env.SUB|Env.ALWAYS); try { RosettaData<REQUEST> data = credRequestDF.newData().load(req.getInputStream()); - if(Question.willSpecialLog(trans, trans.user())) { + if (Question.willSpecialLog(trans, trans.user())) { Question.logEncryptTrace(trans,data.asString()); } return service.deleteUserCred(trans, data.asObject()); - } catch(APIException e) { + } catch (APIException e) { trans.error().log(e,"Bad Input data"); return Result.err(Status.ERR_BadData, e.getLocalizedMessage()); } catch (Exception e) { @@ -1741,12 +1741,12 @@ public abstract class AuthzFacadeImpl<NSS,PERMS,PERMKEY,ROLES,USERS,USERROLES,DE TimeTaken tt = trans.start(DOES_CRED_MATCH, Env.SUB|Env.ALWAYS); try { RosettaData<REQUEST> data = credRequestDF.newData().load(req.getInputStream()); - if(Question.willSpecialLog(trans, trans.user())) { + if (Question.willSpecialLog(trans, trans.user())) { Question.logEncryptTrace(trans,data.asString()); } return service.doesCredentialMatch(trans, data.asObject()); - } catch(APIException e) { + } catch (APIException e) { trans.error().log(e,"Bad Input data"); return Result.err(Status.ERR_BadData, e.getLocalizedMessage()); } catch (IOException e) { @@ -1788,7 +1788,7 @@ public abstract class AuthzFacadeImpl<NSS,PERMS,PERMKEY,ROLES,USERS,USERROLES,DE switch(rci.status) { case OK: - if(Question.willSpecialLog(trans, trans.user())) { + if (Question.willSpecialLog(trans, trans.user())) { RosettaData<CERTS> data = certsDF.newData(trans).load(rci.value); Question.logEncryptTrace(trans,data.asString()); data.to(resp.getOutputStream()); @@ -1819,7 +1819,7 @@ public abstract class AuthzFacadeImpl<NSS,PERMS,PERMKEY,ROLES,USERS,USERROLES,DE TimeTaken tt = trans.start(CREATE_DELEGATE, Env.SUB|Env.ALWAYS); try { Data<REQUEST> data = delgRequestDF.newData().load(req.getInputStream()); - if(Question.willSpecialLog(trans, trans.user())) { + if (Question.willSpecialLog(trans, trans.user())) { Question.logEncryptTrace(trans,data.asString()); } @@ -1837,7 +1837,7 @@ public abstract class AuthzFacadeImpl<NSS,PERMS,PERMKEY,ROLES,USERS,USERROLES,DE TimeTaken tt = trans.start(UPDATE_DELEGATE, Env.SUB|Env.ALWAYS); try { Data<REQUEST> data = delgRequestDF.newData().load(req.getInputStream()); - if(Question.willSpecialLog(trans, trans.user())) { + if (Question.willSpecialLog(trans, trans.user())) { Question.logEncryptTrace(trans,data.asString()); } @@ -1855,7 +1855,7 @@ public abstract class AuthzFacadeImpl<NSS,PERMS,PERMKEY,ROLES,USERS,USERROLES,DE TimeTaken tt = trans.start(DELETE_DELEGATE, Env.SUB|Env.ALWAYS); try { Data<REQUEST> data = delgRequestDF.newData().load(req.getInputStream()); - if(Question.willSpecialLog(trans, trans.user())) { + if (Question.willSpecialLog(trans, trans.user())) { Question.logEncryptTrace(trans,data.asString()); } @@ -1890,7 +1890,7 @@ public abstract class AuthzFacadeImpl<NSS,PERMS,PERMKEY,ROLES,USERS,USERROLES,DE switch(rd.status) { case OK: RosettaData<DELGS> data = delgDF.newData(trans).load(rd.value); - if(Question.willSpecialLog(trans, trans.user())) { + if (Question.willSpecialLog(trans, trans.user())) { Question.logEncryptTrace(trans,data.asString()); } data.to(resp.getOutputStream()); @@ -1915,7 +1915,7 @@ public abstract class AuthzFacadeImpl<NSS,PERMS,PERMKEY,ROLES,USERS,USERROLES,DE switch(rd.status) { case OK: RosettaData<DELGS> data = delgDF.newData(trans).load(rd.value); - if(Question.willSpecialLog(trans, trans.user())) { + if (Question.willSpecialLog(trans, trans.user())) { Question.logEncryptTrace(trans,data.asString()); } data.to(resp.getOutputStream()); @@ -1947,12 +1947,12 @@ public abstract class AuthzFacadeImpl<NSS,PERMS,PERMKEY,ROLES,USERS,USERROLES,DE REQUEST request; try { Data<REQUEST> data = userRoleRequestDF.newData().load(req.getInputStream()); - if(Question.willSpecialLog(trans, trans.user())) { + if (Question.willSpecialLog(trans, trans.user())) { Question.logEncryptTrace(trans,data.asString()); } request = data.asObject(); - } catch(APIException e) { + } catch (APIException e) { return Result.err(Status.ERR_BadData,"Invalid Input"); } @@ -1980,7 +1980,7 @@ public abstract class AuthzFacadeImpl<NSS,PERMS,PERMKEY,ROLES,USERS,USERROLES,DE switch(ru.status) { case OK: RosettaData<USERS> data = usersDF.newData(trans).load(ru.value); - if(Question.willSpecialLog(trans, trans.user())) { + if (Question.willSpecialLog(trans, trans.user())) { Question.logEncryptTrace(trans,data.asString()); } @@ -2008,7 +2008,7 @@ public abstract class AuthzFacadeImpl<NSS,PERMS,PERMKEY,ROLES,USERS,USERROLES,DE switch(ru.status) { case OK: RosettaData<USERROLES> data = userrolesDF.newData(trans).load(ru.value); - if(Question.willSpecialLog(trans, trans.user())) { + if (Question.willSpecialLog(trans, trans.user())) { Question.logEncryptTrace(trans,data.asString()); } @@ -2036,7 +2036,7 @@ public abstract class AuthzFacadeImpl<NSS,PERMS,PERMKEY,ROLES,USERS,USERROLES,DE switch(ru.status) { case OK: RosettaData<USERROLES> data = userrolesDF.newData(trans).load(ru.value); - if(Question.willSpecialLog(trans, trans.user())) { + if (Question.willSpecialLog(trans, trans.user())) { Question.logEncryptTrace(trans,data.asString()); } @@ -2064,11 +2064,11 @@ public abstract class AuthzFacadeImpl<NSS,PERMS,PERMKEY,ROLES,USERS,USERROLES,DE REQUEST rreq; try { RosettaData<REQUEST> data = userRoleRequestDF.newData().load(req.getInputStream()); - if(Question.willSpecialLog(trans, trans.user())) { + if (Question.willSpecialLog(trans, trans.user())) { Question.logEncryptTrace(trans,data.asString()); } rreq = data.asObject(); - } catch(APIException e) { + } catch (APIException e) { trans.error().log("Invalid Input",IN, SET_USERS_FOR_ROLE); return Result.err(Status.ERR_BadData,"Invalid Input"); } @@ -2098,12 +2098,12 @@ public abstract class AuthzFacadeImpl<NSS,PERMS,PERMKEY,ROLES,USERS,USERROLES,DE REQUEST rreq; try { RosettaData<REQUEST> data = userRoleRequestDF.newData().load(req.getInputStream()); - if(Question.willSpecialLog(trans, trans.user())) { + if (Question.willSpecialLog(trans, trans.user())) { Question.logEncryptTrace(trans,data.asString()); } rreq = data.asObject(); - } catch(APIException e) { + } catch (APIException e) { trans.error().log("Invalid Input",IN, SET_ROLES_FOR_USER); return Result.err(Status.ERR_BadData,"Invalid Input"); } @@ -2172,7 +2172,7 @@ public abstract class AuthzFacadeImpl<NSS,PERMS,PERMKEY,ROLES,USERS,USERROLES,DE TimeTaken tt = trans.start(UPDATE_APPROVAL, Env.SUB|Env.ALWAYS); try { Data<APPROVALS> data = approvalDF.newData().load(req.getInputStream()); - if(Question.willSpecialLog(trans, trans.user())) { + if (Question.willSpecialLog(trans, trans.user())) { Question.logEncryptTrace(trans,data.asString()); } @@ -2201,7 +2201,7 @@ public abstract class AuthzFacadeImpl<NSS,PERMS,PERMKEY,ROLES,USERS,USERROLES,DE switch(rp.status) { case OK: RosettaData<APPROVALS> data = approvalDF.newData(trans).load(rp.value); - if(Question.willSpecialLog(trans, trans.user())) { + if (Question.willSpecialLog(trans, trans.user())) { Question.logEncryptTrace(trans,data.asString()); } data.to(resp.getOutputStream()); @@ -2227,7 +2227,7 @@ public abstract class AuthzFacadeImpl<NSS,PERMS,PERMKEY,ROLES,USERS,USERROLES,DE switch(rp.status) { case OK: RosettaData<APPROVALS> data = approvalDF.newData(trans).load(rp.value); - if(Question.willSpecialLog(trans, trans.user())) { + if (Question.willSpecialLog(trans, trans.user())) { Question.logEncryptTrace(trans,data.asString()); } @@ -2253,7 +2253,7 @@ public abstract class AuthzFacadeImpl<NSS,PERMS,PERMKEY,ROLES,USERS,USERROLES,DE switch(rp.status) { case OK: RosettaData<APPROVALS> data = approvalDF.newData(trans).load(rp.value); - if(Question.willSpecialLog(trans, trans.user())) { + if (Question.willSpecialLog(trans, trans.user())) { Question.logEncryptTrace(trans,data.asString()); } @@ -2287,7 +2287,7 @@ public abstract class AuthzFacadeImpl<NSS,PERMS,PERMKEY,ROLES,USERS,USERROLES,DE switch(ru.status) { case OK: RosettaData<USERS> data = usersDF.newData(trans).load(ru.value); - if(Question.willSpecialLog(trans, trans.user())) { + if (Question.willSpecialLog(trans, trans.user())) { Question.logEncryptTrace(trans,data.asString()); } @@ -2317,7 +2317,7 @@ public abstract class AuthzFacadeImpl<NSS,PERMS,PERMKEY,ROLES,USERS,USERROLES,DE switch(ru.status) { case OK: RosettaData<USERS> data = usersDF.newData(trans).load(ru.value); - if(Question.willSpecialLog(trans, trans.user())) { + if (Question.willSpecialLog(trans, trans.user())) { Question.logEncryptTrace(trans,data.asString()); } @@ -2351,8 +2351,8 @@ public abstract class AuthzFacadeImpl<NSS,PERMS,PERMKEY,ROLES,USERS,USERROLES,DE sb.append(user); sb.append(" for "); boolean first = true; - for(int i : yyyymm) { - if(first) { + for (int i : yyyymm) { + if (first) { first = false; } else { sb.append(','); @@ -2366,7 +2366,7 @@ public abstract class AuthzFacadeImpl<NSS,PERMS,PERMKEY,ROLES,USERS,USERROLES,DE switch(rh.status) { case OK: RosettaData<HISTORY> data = historyDF.newData(trans).load(rh.value); - if(Question.willSpecialLog(trans, trans.user())) { + if (Question.willSpecialLog(trans, trans.user())) { Question.logEncryptTrace(trans,data.asString()); } @@ -2395,8 +2395,8 @@ public abstract class AuthzFacadeImpl<NSS,PERMS,PERMKEY,ROLES,USERS,USERROLES,DE sb.append(role); sb.append(" for "); boolean first = true; - for(int i : yyyymm) { - if(first) { + for (int i : yyyymm) { + if (first) { first = false; } else { sb.append(','); @@ -2409,7 +2409,7 @@ public abstract class AuthzFacadeImpl<NSS,PERMS,PERMKEY,ROLES,USERS,USERROLES,DE switch(rh.status) { case OK: RosettaData<HISTORY> data = historyDF.newData(trans).load(rh.value); - if(Question.willSpecialLog(trans, trans.user())) { + if (Question.willSpecialLog(trans, trans.user())) { Question.logEncryptTrace(trans,data.asString()); } @@ -2438,8 +2438,8 @@ public abstract class AuthzFacadeImpl<NSS,PERMS,PERMKEY,ROLES,USERS,USERROLES,DE sb.append(ns); sb.append(" for "); boolean first = true; - for(int i : yyyymm) { - if(first) { + for (int i : yyyymm) { + if (first) { first = false; } else { sb.append(','); @@ -2452,7 +2452,7 @@ public abstract class AuthzFacadeImpl<NSS,PERMS,PERMKEY,ROLES,USERS,USERROLES,DE switch(rh.status) { case OK: RosettaData<HISTORY> data = historyDF.newData(trans).load(rh.value); - if(Question.willSpecialLog(trans, trans.user())) { + if (Question.willSpecialLog(trans, trans.user())) { Question.logEncryptTrace(trans,data.asString()); } @@ -2481,8 +2481,8 @@ public abstract class AuthzFacadeImpl<NSS,PERMS,PERMKEY,ROLES,USERS,USERROLES,DE sb.append(perm); sb.append(" for "); boolean first = true; - for(int i : yyyymm) { - if(first) { + for (int i : yyyymm) { + if (first) { first = false; } else { sb.append(','); @@ -2495,7 +2495,7 @@ public abstract class AuthzFacadeImpl<NSS,PERMS,PERMKEY,ROLES,USERS,USERROLES,DE switch(rh.status) { case OK: RosettaData<HISTORY> data = historyDF.newData(trans).load(rh.value); - if(Question.willSpecialLog(trans, trans.user())) { + if (Question.willSpecialLog(trans, trans.user())) { Question.logEncryptTrace(trans,data.asString()); } @@ -2541,10 +2541,10 @@ public abstract class AuthzFacadeImpl<NSS,PERMS,PERMKEY,ROLES,USERS,USERROLES,DE try { String[] segs = segments.split("\\s*,\\s*"); int isegs[] = new int[segs.length]; - for(int i=0;i<segs.length;++i) { + for (int i=0;i<segs.length;++i) { try { isegs[i] = Integer.parseInt(segs[i]); - } catch(NumberFormatException nfe) { + } catch (NumberFormatException nfe) { isegs[i] = -1; } } @@ -2576,32 +2576,32 @@ public abstract class AuthzFacadeImpl<NSS,PERMS,PERMKEY,ROLES,USERS,USERROLES,DE Api api = new Api(); Api.Route ar; Method[] meths = AuthzCassServiceImpl.class.getDeclaredMethods(); - for(RouteReport rr : rservlet.routeReport()) { + for (RouteReport rr : rservlet.routeReport()) { api.getRoute().add(ar = new Api.Route()); ar.setMeth(rr.meth.name()); ar.setPath(rr.path); ar.setDesc(rr.desc); ar.getContentType().addAll(rr.contextTypes); - for(Method m : meths) { + for (Method m : meths) { ApiDoc ad; - if((ad = m.getAnnotation(ApiDoc.class))!=null && + if ((ad = m.getAnnotation(ApiDoc.class))!=null && rr.meth.equals(ad.method()) && rr.path.equals(ad.path())) { - for(String param : ad.params()) { + for (String param : ad.params()) { ar.getParam().add(param); } - for(String text : ad.text()) { + for (String text : ad.text()) { ar.getComments().add(text); } ar.setExpected(ad.expectedCode()); - for(int ec : ad.errorCodes()) { + for (int ec : ad.errorCodes()) { ar.getExplicitErr().add(ec); } } } } RosettaData<Api> data = apiDF.newData(trans).load(api); - if(Question.willSpecialLog(trans, trans.user())) { + if (Question.willSpecialLog(trans, trans.user())) { Question.logEncryptTrace(trans,data.asString()); } diff --git a/auth/auth-service/src/main/java/org/onap/aaf/auth/service/mapper/Mapper_2_0.java b/auth/auth-service/src/main/java/org/onap/aaf/auth/service/mapper/Mapper_2_0.java index 5f6f30e4..55c3bc86 100644 --- a/auth/auth-service/src/main/java/org/onap/aaf/auth/service/mapper/Mapper_2_0.java +++ b/auth/auth-service/src/main/java/org/onap/aaf/auth/service/mapper/Mapper_2_0.java @@ -117,10 +117,10 @@ public class Mapper_2_0 implements Mapper<Nss, Perms, Pkey, Roles, Users, UserRo trans.checkpoint(namespace.name, Env.ALWAYS); NsType nt = NsType.fromString(from.getType()); - if(nt.equals(NsType.UNKNOWN)) { + if (nt.equals(NsType.UNKNOWN)) { String ns = namespace.name; int count = 0; - for(int i=ns.indexOf('.'); + for (int i=ns.indexOf('.'); i>=0; i=ns.indexOf('.',i+1)) { ++count; @@ -141,10 +141,10 @@ public class Mapper_2_0 implements Mapper<Nss, Perms, Pkey, Roles, Users, UserRo List<Ns> nss = to.getNs(); Ns ns = new Ns(); ns.setName(from.name); - if(from.admin!=null)ns.getAdmin().addAll(from.admin); - if(from.owner!=null)ns.getResponsible().addAll(from.owner); - if(from.attrib!=null) { - for(Pair<String,String> attrib : from.attrib) { + if (from.admin!=null)ns.getAdmin().addAll(from.admin); + if (from.owner!=null)ns.getResponsible().addAll(from.owner); + if (from.attrib!=null) { + for (Pair<String,String> attrib : from.attrib) { Ns.Attrib toAttrib = new Ns.Attrib(); toAttrib.setKey(attrib.x); toAttrib.setValue(attrib.y); @@ -163,18 +163,18 @@ public class Mapper_2_0 implements Mapper<Nss, Perms, Pkey, Roles, Users, UserRo @Override public Result<Nss> nss(AuthzTrans trans, Collection<Namespace> from, Nss to) { List<Ns> nss = to.getNs(); - for(Namespace nd : from) { + for (Namespace nd : from) { Ns ns = new Ns(); ns.setName(nd.name); - if(nd.admin!=null) { + if (nd.admin!=null) { ns.getAdmin().addAll(nd.admin); } - if(nd.owner!=null) { + if (nd.owner!=null) { ns.getResponsible().addAll(nd.owner); } ns.setDescription(nd.description); - if(nd.attrib!=null) { - for(Pair<String,String> attrib : nd.attrib) { + if (nd.attrib!=null) { + for (Pair<String,String> attrib : nd.attrib) { Ns.Attrib toAttrib = new Ns.Attrib(); toAttrib.setKey(attrib.x); toAttrib.setValue(attrib.y); @@ -193,18 +193,18 @@ public class Mapper_2_0 implements Mapper<Nss, Perms, Pkey, Roles, Users, UserRo final boolean addNS = trans.requested(REQD_TYPE.ns); TimeTaken tt = trans.start("Filter Perms before return", Env.SUB); try { - if(from!=null) { + if (from!=null) { for (PermDAO.Data data : from) { - if(!filter || q.mayUser(trans, trans.user(), data, Access.read).isOK()) { + if (!filter || q.mayUser(trans, trans.user(), data, Access.read).isOK()) { Perm perm = new Perm(); perm.setType(data.fullType()); perm.setInstance(data.instance); perm.setAction(data.action); perm.setDescription(data.description); - if(addNS) { + if (addNS) { perm.setNs(data.ns); } - for(String role : data.roles(false)) { + for (String role : data.roles(false)) { perm.getRoles().add(role); } perms.add(perm); @@ -242,21 +242,21 @@ public class Mapper_2_0 implements Mapper<Nss, Perms, Pkey, Roles, Users, UserRo List<Perm> perms = to.getPerm(); TimeTaken tt = trans.start("Filter Perms before return", Env.SUB); try { - if(from!=null) { + if (from!=null) { boolean inNSS; for (PermDAO.Data data : from) { inNSS=false; - for(int i=0;!inNSS && i<nss.length;++i) { - if(nss[i].equals(data.ns)) { + for (int i=0;!inNSS && i<nss.length;++i) { + if (nss[i].equals(data.ns)) { inNSS=true; } } - if(inNSS && (!filter || q.mayUser(trans, trans.user(), data, Access.read).isOK())) { + if (inNSS && (!filter || q.mayUser(trans, trans.user(), data, Access.read).isOK())) { Perm perm = new Perm(); perm.setType(data.fullType()); perm.setInstance(data.instance); perm.setAction(data.action); - for(String role : data.roles(false)) { + for (String role : data.roles(false)) { perm.getRoles().add(role); } perm.setDescription(data.description); @@ -296,7 +296,7 @@ public class Mapper_2_0 implements Mapper<Nss, Perms, Pkey, Roles, Users, UserRo for (Perm p : perms.getPerm()) { Result<NsSplit> nss = q.deriveNsSplit(trans, p.getType()); PermDAO.Data pd = new PermDAO.Data(); - if(nss.isOK()) { + if (nss.isOK()) { pd.ns=nss.value.ns; pd.type = nss.value.name; pd.instance = p.getInstance(); @@ -322,10 +322,10 @@ public class Mapper_2_0 implements Mapper<Nss, Perms, Pkey, Roles, Users, UserRo public Result<PermDAO.Data> permFromRPRequest(AuthzTrans trans, Request req) { RolePermRequest from = (RolePermRequest)req; Pkey perm = from.getPerm(); - if(perm==null)return Result.err(Status.ERR_NotFound, "Permission not found"); + if (perm==null)return Result.err(Status.ERR_NotFound, "Permission not found"); Result<NsSplit> nss = q.deriveNsSplit(trans, perm.getType()); PermDAO.Data pd = new PermDAO.Data(); - if(nss.isOK()) { + if (nss.isOK()) { pd.ns=nss.value.ns; pd.type = nss.value.name; pd.instance = from.getPerm().getInstance(); @@ -351,7 +351,7 @@ public class Mapper_2_0 implements Mapper<Nss, Perms, Pkey, Roles, Users, UserRo RolePermRequest from = (RolePermRequest)req; Result<NsSplit> nss = q.deriveNsSplit(trans, from.getRole()); RoleDAO.Data rd = new RoleDAO.Data(); - if(nss.isOK()) { + if (nss.isOK()) { rd.ns = nss.value.ns; rd.name = nss.value.name; trans.checkpoint(rd.fullName(), Env.ALWAYS); @@ -366,7 +366,7 @@ public class Mapper_2_0 implements Mapper<Nss, Perms, Pkey, Roles, Users, UserRo PermRequest from = (PermRequest)req; Result<NsSplit> nss = q.deriveNsSplit(trans, from.getType()); PermDAO.Data pd = new PermDAO.Data(); - if(nss.isOK()) { + if (nss.isOK()) { pd.ns=nss.value.ns; pd.type = nss.value.name; pd.instance = from.getInstance(); @@ -396,7 +396,7 @@ public class Mapper_2_0 implements Mapper<Nss, Perms, Pkey, Roles, Users, UserRo public Result<RoleDAO.Data> role(AuthzTrans trans, Request base) { RoleRequest from = (RoleRequest)base; Result<NsSplit> nss = q.deriveNsSplit(trans, from.getName()); - if(nss.isOK()) { + if (nss.isOK()) { RoleDAO.Data to = new RoleDAO.Data(); to.ns = nss.value.ns; to.name = nss.value.name; @@ -415,18 +415,18 @@ public class Mapper_2_0 implements Mapper<Nss, Perms, Pkey, Roles, Users, UserRo @Override public Result<Roles> roles(AuthzTrans trans, List<RoleDAO.Data> from, Roles to, boolean filter) { final boolean needNS = trans.requested(REQD_TYPE.ns); - for(RoleDAO.Data frole : from) { + for (RoleDAO.Data frole : from) { // Only Add Data to view if User is allowed to see this Role - if(!filter || q.mayUser(trans, trans.user(), frole,Access.read).isOK()) { + if (!filter || q.mayUser(trans, trans.user(), frole,Access.read).isOK()) { Role role = new Role(); role.setName(frole.ns + '.' + frole.name); role.setDescription(frole.description); - if(needNS) { + if (needNS) { role.setNs(frole.ns); } - for(String p : frole.perms(false)) { // can see any Perms in the Role he has permission for + for (String p : frole.perms(false)) { // can see any Perms in the Role he has permission for Result<String[]> rpa = PermDAO.Data.decodeToArray(trans,q,p); - if(rpa.notOK()) + if (rpa.notOK()) return Result.err(rpa); String[] pa = rpa.value; @@ -451,10 +451,10 @@ public class Mapper_2_0 implements Mapper<Nss, Perms, Pkey, Roles, Users, UserRo @Override public Result<Users> users(AuthzTrans trans, Collection<UserRoleDAO.Data> from, Users to) { List<User> cu = to.getUser(); - for(UserRoleDAO.Data urd : from) { + for (UserRoleDAO.Data urd : from) { User user = new User(); user.setId(urd.user); - if(urd.expires!=null) { + if (urd.expires!=null) { user.setExpires(Chrono.timeStamp(urd.expires)); } cu.add(user); @@ -471,7 +471,7 @@ public class Mapper_2_0 implements Mapper<Nss, Perms, Pkey, Roles, Users, UserRo @Override public Result<UserRoles> userRoles(AuthzTrans trans, Collection<UserRoleDAO.Data> from, UserRoles to) { List<UserRole> cu = to.getUserRole(); - for(UserRoleDAO.Data urd : from) { + for (UserRoleDAO.Data urd : from) { UserRole ur = new UserRole(); ur.setUser(urd.user); ur.setRole(urd.role); @@ -510,15 +510,15 @@ public class Mapper_2_0 implements Mapper<Nss, Perms, Pkey, Roles, Users, UserRo to.id=from.getId(); to.ns = Question.domain2ns(to.id); String passwd = from.getPassword(); - if(requiresPass) { + if (requiresPass) { String ok = trans.org().isValidPassword(trans, to.id,passwd); - if(ok.length()>0) { + if (ok.length()>0) { return Result.err(Status.ERR_BadData,ok); } } else { to.type=0; } - if(passwd != null) { + if (passwd != null) { to.cred = ByteBuffer.wrap(passwd.getBytes()); to.type = CredDAO.RAW; } else { @@ -536,7 +536,7 @@ public class Mapper_2_0 implements Mapper<Nss, Perms, Pkey, Roles, Users, UserRo @Override public Result<Users> cred(List<CredDAO.Data> from, Users to) { List<User> cu = to.getUser(); - for(CredDAO.Data cred : from) { + for (CredDAO.Data cred : from) { User user = new User(); user.setId(cred.id); user.setExpires(Chrono.timeStamp(cred.expires)); @@ -549,7 +549,7 @@ public class Mapper_2_0 implements Mapper<Nss, Perms, Pkey, Roles, Users, UserRo @Override public Result<Certs> cert(List<CertDAO.Data> from, Certs to) { List<Cert> lc = to.getCert(); - for(CertDAO.Data fcred : from) { + for (CertDAO.Data fcred : from) { Cert cert = new Cert(); cert.setId(fcred.id); cert.setX500(fcred.x500); @@ -573,9 +573,9 @@ public class Mapper_2_0 implements Mapper<Nss, Perms, Pkey, Roles, Users, UserRo Bytification content, boolean enableApproval, Memo memo, MayChange mc) { Result<?> rMayChange; boolean needsAppr = enableApproval?trans.requested(REQD_TYPE.future):false; - if(!needsAppr && (needsAppr = (rMayChange=mc.mayChange()).notOK())) { - if(enableApproval) { - if(!trans.requested(AuthzTrans.REQD_TYPE.future)) { + if (!needsAppr && (needsAppr = (rMayChange=mc.mayChange()).notOK())) { + if (enableApproval) { + if (!trans.requested(AuthzTrans.REQD_TYPE.future)) { return Result.err(rMayChange); } } else { @@ -587,31 +587,31 @@ public class Mapper_2_0 implements Mapper<Nss, Perms, Pkey, Roles, Users, UserRo GregorianCalendar expires = trans.org().expiration(start, Expiration.Future); XMLGregorianCalendar xgc; - if((xgc=from.getEnd())!=null) { + if ((xgc=from.getEnd())!=null) { GregorianCalendar fgc = xgc.toGregorianCalendar(); expires = expires.before(fgc)?expires:fgc; // Min of desired expiration, and Org expiration } //TODO needs two answers from this. What's the NSS, and may Change. FutureDAO.Data fto; - if(start.after(now) || needsAppr ) { + if (start.after(now) || needsAppr ) { //String user = trans.user(); fto = new FutureDAO.Data(); fto.target=table; fto.memo = memo.get(); fto.start = start.getTime(); fto.expires = expires.getTime(); - if(needsAppr) { // Need to add Approvers... + if (needsAppr) { // Need to add Approvers... /* Result<Data> rslt = mc.getNsd(); - if(rslt.notOKorIsEmpty())return Result.err(rslt); + if (rslt.notOKorIsEmpty())return Result.err(rslt); appr.addAll(mc.getNsd().value.responsible); try { //Note from 2013 Is this getting Approvers for user only? What about Delegates? // 3/25/2014. Approvers are set by Corporate policy. We don't have to worry here about what that means. // It is important to get Delegates, if necessary, at notification time // If we add delegates now, it will get all confused as to who is actually responsible. - for(Organization.User ou : org.getApprovers(trans, user)) { + for (Organization.User ou : org.getApprovers(trans, user)) { appr.add(ou.email); } } catch (Exception e) { @@ -638,7 +638,7 @@ public class Mapper_2_0 implements Mapper<Nss, Perms, Pkey, Roles, Users, UserRo public Result<History> history(AuthzTrans trans, List<HistoryDAO.Data> history, final int sort) { History hist = new History(); List<Item> items = hist.getItem(); - for(HistoryDAO.Data data : history) { + for (HistoryDAO.Data data : history) { History.Item item = new History.Item(); item.setYYYYMM(Integer.toString(data.yr_mon)); Date date = Chrono.uuidToDate(data.id); @@ -651,7 +651,7 @@ public class Mapper_2_0 implements Mapper<Nss, Perms, Pkey, Roles, Users, UserRo items.add(item); } - if(sort != 0) { + if (sort != 0) { TimeTaken tt = trans.start("Sort ", Env.SUB); try { java.util.Collections.sort(items, new Comparator<Item>() { @@ -673,7 +673,7 @@ public class Mapper_2_0 implements Mapper<Nss, Perms, Pkey, Roles, Users, UserRo err.setMessageId(msgID); // AT&T Restful Error Format requires numbers "%" placements err.setText(Vars.convert(holder, text, var)); - for(String s : var) { + for (String s : var) { err.getVariables().add(s); } return err; @@ -761,10 +761,10 @@ public class Mapper_2_0 implements Mapper<Nss, Perms, Pkey, Roles, Users, UserRo Approvals apprs = new Approvals(); List<Approval> lappr = apprs.getApprovals(); Approval a; - for(ApprovalDAO.Data appr : lAppr) { + for (ApprovalDAO.Data appr : lAppr) { a = new Approval(); a.setId(appr.id.toString()); - if(appr.ticket==null) { + if (appr.ticket==null) { a.setTicket(null); } else { a.setTicket(appr.ticket.toString()); @@ -784,12 +784,12 @@ public class Mapper_2_0 implements Mapper<Nss, Perms, Pkey, Roles, Users, UserRo @Override public Result<List<ApprovalDAO.Data>> approvals(Approvals apprs) { List<ApprovalDAO.Data> lappr = new ArrayList<>(); - for(Approval a : apprs.getApprovals()) { + for (Approval a : apprs.getApprovals()) { ApprovalDAO.Data ad = new ApprovalDAO.Data(); String str = a.getId(); - if(str!=null)ad.id=UUID.fromString(str); + if (str!=null)ad.id=UUID.fromString(str); str = a.getTicket(); - if(str!=null)ad.ticket=UUID.fromString(str); + if (str!=null)ad.ticket=UUID.fromString(str); ad.user=a.getUser(); ad.approver=a.getApprover(); ad.type=a.getType(); @@ -798,7 +798,7 @@ public class Mapper_2_0 implements Mapper<Nss, Perms, Pkey, Roles, Users, UserRo ad.memo=a.getMemo(); XMLGregorianCalendar xgc = a.getUpdated(); - if(xgc!=null)ad.updated=xgc.toGregorianCalendar().getTime(); + if (xgc!=null)ad.updated=xgc.toGregorianCalendar().getTime(); lappr.add(ad); } return Result.ok(lappr); @@ -809,11 +809,11 @@ public class Mapper_2_0 implements Mapper<Nss, Perms, Pkey, Roles, Users, UserRo Delgs delgs = new Delgs(); List<Delg> ldelg = delgs.getDelgs(); Delg d; - for(DelegateDAO.Data del: lDelg) { + for (DelegateDAO.Data del: lDelg) { d = new Delg(); d.setUser(del.user); d.setDelegate(del.delegate); - if(del.expires!=null)d.setExpires(Chrono.timeStamp(del.expires)); + if (del.expires!=null)d.setExpires(Chrono.timeStamp(del.expires)); ldelg.add(d); } return Result.ok(delgs); diff --git a/auth/auth-service/src/main/java/org/onap/aaf/auth/service/validation/ServiceValidator.java b/auth/auth-service/src/main/java/org/onap/aaf/auth/service/validation/ServiceValidator.java index 4a088abc..128fdcd1 100644 --- a/auth/auth-service/src/main/java/org/onap/aaf/auth/service/validation/ServiceValidator.java +++ b/auth/auth-service/src/main/java/org/onap/aaf/auth/service/validation/ServiceValidator.java @@ -44,7 +44,7 @@ import org.onap.aaf.auth.validation.Validator; */ public class ServiceValidator extends Validator { public ServiceValidator perm(Result<PermDAO.Data> rpd) { - if(rpd.notOK()) { + if (rpd.notOK()) { msg(rpd.details); } else { perm(rpd.value); @@ -54,20 +54,20 @@ public class ServiceValidator extends Validator { public ServiceValidator perm(PermDAO.Data pd) { - if(pd==null) { + if (pd==null) { msg("Perm Data is null."); } else { ns(pd.ns); permType(pd.type,pd.ns); permInstance(pd.instance); permAction(pd.action); - if(pd.roles!=null) { - for(String role : pd.roles) { + if (pd.roles!=null) { + for (String role : pd.roles) { role(role); } } - if(pd.roles!=null) { - for(String r : pd.roles) { + if (pd.roles!=null) { + for (String r : pd.roles) { role(r); } } @@ -77,7 +77,7 @@ public class ServiceValidator extends Validator { } public ServiceValidator role(Result<RoleDAO.Data> rrd) { - if(rrd.notOK()) { + if (rrd.notOK()) { msg(rrd.details); } else { role(rrd.value); @@ -86,15 +86,15 @@ public class ServiceValidator extends Validator { } public ServiceValidator role(RoleDAO.Data pd) { - if(pd==null) { + if (pd==null) { msg("Role Data is null."); } else { ns(pd.ns); role(pd.name); - if(pd.perms!=null) { - for(String perm : pd.perms) { + if (pd.perms!=null) { + for (String perm : pd.perms) { String[] ps = perm.split("\\|"); - if(ps.length!=3) { + if (ps.length!=3) { msg("Perm [" + perm + "] in Role [" + pd.fullName() + "] is not correctly separated with '|'"); } else { permType(ps[0],null); @@ -109,7 +109,7 @@ public class ServiceValidator extends Validator { } public ServiceValidator delegate(Organization org, Result<DelegateDAO.Data> rdd) { - if(rdd.notOK()) { + if (rdd.notOK()) { msg(rdd.details); } else { delegate(org, rdd.value); @@ -118,7 +118,7 @@ public class ServiceValidator extends Validator { } public ServiceValidator delegate(Organization org, DelegateDAO.Data dd) { - if(dd==null) { + if (dd==null) { msg("Delegate Data is null."); } else { user(org,dd.user); @@ -129,7 +129,7 @@ public class ServiceValidator extends Validator { public ServiceValidator cred(AuthzTrans trans, Organization org, Result<CredDAO.Data> rcd, boolean isNew) { - if(rcd.notOK()) { + if (rcd.notOK()) { msg(rcd.details); } else { cred(trans, org,rcd.value,isNew); @@ -138,26 +138,26 @@ public class ServiceValidator extends Validator { } public ServiceValidator cred(AuthzTrans trans, Organization org, CredDAO.Data cd, boolean isNew) { - if(cd==null) { + if (cd==null) { msg("Cred Data is null."); } else { - if(!org.isValidCred(trans, cd.id)) { + if (!org.isValidCred(trans, cd.id)) { msg("ID [" + cd.id + "] is invalid in " + org.getName()); } String str = cd.id; int idx = str.indexOf('@'); - if(idx>0) { + if (idx>0) { str = str.substring(0,idx); } - if(org.supportsRealm(cd.id)) { + if (org.supportsRealm(cd.id)) { String resp = org.isValidID(trans, str); - if(isNew && (resp!=null && resp.length()>0)) { + if (isNew && (resp!=null && resp.length()>0)) { msg(cd.id,str); } } - if(cd.type==null) { + if (cd.type==null) { msg("Credential Type must be set"); } else { switch(cd.type) { @@ -174,7 +174,7 @@ public class ServiceValidator extends Validator { public ServiceValidator user(Organization org, String user) { - if(nob(user,ID_CHARS)) { + if (nob(user,ID_CHARS)) { msg("User [",user,"] is invalid."); } return this; @@ -188,25 +188,25 @@ public class ServiceValidator extends Validator { public ServiceValidator ns(Namespace ns) { ns(ns.name); - for(String s : ns.admin) { - if(nob(s,ID_CHARS)) { + for (String s : ns.admin) { + if (nob(s,ID_CHARS)) { msg("Admin [" + s + "] is invalid."); } } - for(String s : ns.owner) { - if(nob(s,ID_CHARS)) { + for (String s : ns.owner) { + if (nob(s,ID_CHARS)) { msg("Responsible [" + s + "] is invalid."); } } - if(ns.attrib!=null) { - for(Pair<String, String> at : ns.attrib) { - if(nob(at.x,NAME_CHARS)) { + if (ns.attrib!=null) { + for (Pair<String, String> at : ns.attrib) { + if (nob(at.x,NAME_CHARS)) { msg("Attribute tag [" + at.x + "] is invalid."); } - if(nob(at.x,NAME_CHARS)) { + if (nob(at.x,NAME_CHARS)) { msg("Attribute value [" + at.y + "] is invalid."); } } @@ -217,7 +217,7 @@ public class ServiceValidator extends Validator { } public ServiceValidator user_role(UserRoleDAO.Data urdd) { - if(urdd==null) { + if (urdd==null) { msg("UserRole is null"); } else { role(urdd.role); @@ -228,7 +228,7 @@ public class ServiceValidator extends Validator { } public ServiceValidator nullOrBlank(PermDAO.Data pd) { - if(pd==null) { + if (pd==null) { msg("Permission is null"); } else { nullOrBlank("NS",pd.ns). @@ -240,7 +240,7 @@ public class ServiceValidator extends Validator { } public ServiceValidator nullOrBlank(RoleDAO.Data rd) { - if(rd==null) { + if (rd==null) { msg("Role is null"); } else { nullOrBlank("NS",rd.ns). |