summaryrefslogtreecommitdiffstats
path: root/auth
diff options
context:
space:
mode:
Diffstat (limited to 'auth')
-rw-r--r--auth/auth-batch/src/main/java/org/onap/aaf/auth/Batch.java770
-rw-r--r--auth/auth-batch/src/main/java/org/onap/aaf/auth/BatchException.java48
-rw-r--r--auth/auth-batch/src/main/java/org/onap/aaf/auth/BatchPrincipal.java26
-rw-r--r--auth/auth-batch/src/main/java/org/onap/aaf/auth/CassBatch.java72
-rw-r--r--auth/auth-batch/src/main/java/org/onap/aaf/auth/actions/Action.java2
-rw-r--r--auth/auth-batch/src/main/java/org/onap/aaf/auth/actions/ActionDAO.java68
-rw-r--r--auth/auth-batch/src/main/java/org/onap/aaf/auth/actions/ActionPuntDAO.java66
-rw-r--r--auth/auth-batch/src/main/java/org/onap/aaf/auth/actions/CacheTouch.java36
-rw-r--r--auth/auth-batch/src/main/java/org/onap/aaf/auth/actions/CredDelete.java36
-rw-r--r--auth/auth-batch/src/main/java/org/onap/aaf/auth/actions/CredPrint.java46
-rw-r--r--auth/auth-batch/src/main/java/org/onap/aaf/auth/actions/CredPunt.java62
-rw-r--r--auth/auth-batch/src/main/java/org/onap/aaf/auth/actions/Email.java360
-rw-r--r--auth/auth-batch/src/main/java/org/onap/aaf/auth/actions/EmailPrint.java122
-rw-r--r--auth/auth-batch/src/main/java/org/onap/aaf/auth/actions/FuturePrint.java18
-rw-r--r--auth/auth-batch/src/main/java/org/onap/aaf/auth/actions/Key.java2
-rw-r--r--auth/auth-batch/src/main/java/org/onap/aaf/auth/actions/Message.java46
-rw-r--r--auth/auth-batch/src/main/java/org/onap/aaf/auth/actions/NSACreate.java46
-rw-r--r--auth/auth-batch/src/main/java/org/onap/aaf/auth/actions/NSADelete.java46
-rw-r--r--auth/auth-batch/src/main/java/org/onap/aaf/auth/actions/NSDescUpdate.java46
-rw-r--r--auth/auth-batch/src/main/java/org/onap/aaf/auth/actions/PermCreate.java62
-rw-r--r--auth/auth-batch/src/main/java/org/onap/aaf/auth/actions/PermDelete.java56
-rw-r--r--auth/auth-batch/src/main/java/org/onap/aaf/auth/actions/PermModify.java198
-rw-r--r--auth/auth-batch/src/main/java/org/onap/aaf/auth/actions/RoleCreate.java58
-rw-r--r--auth/auth-batch/src/main/java/org/onap/aaf/auth/actions/RoleDelete.java52
-rw-r--r--auth/auth-batch/src/main/java/org/onap/aaf/auth/actions/RoleModify.java222
-rw-r--r--auth/auth-batch/src/main/java/org/onap/aaf/auth/actions/URAdd.java38
-rw-r--r--auth/auth-batch/src/main/java/org/onap/aaf/auth/actions/URDelete.java46
-rw-r--r--auth/auth-batch/src/main/java/org/onap/aaf/auth/actions/URFutureApprove.java128
-rw-r--r--auth/auth-batch/src/main/java/org/onap/aaf/auth/actions/URFutureApproveExec.java124
-rw-r--r--auth/auth-batch/src/main/java/org/onap/aaf/auth/actions/URFuturePrint.java18
-rw-r--r--auth/auth-batch/src/main/java/org/onap/aaf/auth/actions/URModify.java82
-rw-r--r--auth/auth-batch/src/main/java/org/onap/aaf/auth/actions/URPrint.java18
-rw-r--r--auth/auth-batch/src/main/java/org/onap/aaf/auth/actions/URPunt.java58
-rw-r--r--auth/auth-batch/src/main/java/org/onap/aaf/auth/helpers/Approval.java488
-rw-r--r--auth/auth-batch/src/main/java/org/onap/aaf/auth/helpers/Approver.java60
-rw-r--r--auth/auth-batch/src/main/java/org/onap/aaf/auth/helpers/CacheChange.java66
-rw-r--r--auth/auth-batch/src/main/java/org/onap/aaf/auth/helpers/Creator.java24
-rw-r--r--auth/auth-batch/src/main/java/org/onap/aaf/auth/helpers/Cred.java462
-rw-r--r--auth/auth-batch/src/main/java/org/onap/aaf/auth/helpers/Future.java308
-rw-r--r--auth/auth-batch/src/main/java/org/onap/aaf/auth/helpers/History.java246
-rw-r--r--auth/auth-batch/src/main/java/org/onap/aaf/auth/helpers/InputIterator.java78
-rw-r--r--auth/auth-batch/src/main/java/org/onap/aaf/auth/helpers/Loader.java2
-rw-r--r--auth/auth-batch/src/main/java/org/onap/aaf/auth/helpers/MiscID.java280
-rw-r--r--auth/auth-batch/src/main/java/org/onap/aaf/auth/helpers/MonthData.java130
-rw-r--r--auth/auth-batch/src/main/java/org/onap/aaf/auth/helpers/NS.java214
-rw-r--r--auth/auth-batch/src/main/java/org/onap/aaf/auth/helpers/Notification.java286
-rw-r--r--auth/auth-batch/src/main/java/org/onap/aaf/auth/helpers/NsAttrib.java106
-rw-r--r--auth/auth-batch/src/main/java/org/onap/aaf/auth/helpers/Perm.java218
-rw-r--r--auth/auth-batch/src/main/java/org/onap/aaf/auth/helpers/Role.java226
-rw-r--r--auth/auth-batch/src/main/java/org/onap/aaf/auth/helpers/UserRole.java476
-rw-r--r--auth/auth-batch/src/main/java/org/onap/aaf/auth/javax/JavaxMailer.java240
-rw-r--r--auth/auth-batch/src/main/java/org/onap/aaf/auth/reports/ExpiringNext.java160
-rw-r--r--auth/auth-batch/src/main/java/org/onap/aaf/auth/update/Expiring.java756
-rw-r--r--auth/auth-batch/src/main/java/org/onap/aaf/auth/update/ExpiringP2.java200
-rw-r--r--auth/auth-batch/src/main/java/org/onap/aaf/auth/update/NotifyApprovals.java346
-rw-r--r--auth/auth-batch/src/main/java/org/onap/aaf/auth/update/NotifyCredExpiring.java502
-rw-r--r--auth/auth-batch/src/test/java/org/onap/aaf/auth/actions/test/JU_ActionDAO.java78
-rw-r--r--auth/auth-batch/src/test/java/org/onap/aaf/auth/actions/test/JU_Email.java198
-rw-r--r--auth/auth-batch/src/test/java/org/onap/aaf/auth/actions/test/JU_EmailPrint.java88
-rw-r--r--auth/auth-batch/src/test/java/org/onap/aaf/auth/actions/test/JU_Message.java48
-rw-r--r--auth/auth-batch/src/test/java/org/onap/aaf/auth/helpers/test/JU_Approval.java220
-rw-r--r--auth/auth-batch/src/test/java/org/onap/aaf/auth/helpers/test/JU_Approver.java50
-rw-r--r--auth/auth-batch/src/test/java/org/onap/aaf/auth/helpers/test/JU_CacheChange.java72
-rw-r--r--auth/auth-batch/src/test/java/org/onap/aaf/auth/helpers/test/JU_Creator.java54
-rw-r--r--auth/auth-batch/src/test/java/org/onap/aaf/auth/helpers/test/JU_Cred.java174
-rw-r--r--auth/auth-batch/src/test/java/org/onap/aaf/auth/helpers/test/JU_Future.java128
-rw-r--r--auth/auth-batch/src/test/java/org/onap/aaf/auth/helpers/test/JU_History.java52
-rw-r--r--auth/auth-batch/src/test/java/org/onap/aaf/auth/helpers/test/JU_InputIterator.java56
-rw-r--r--auth/auth-batch/src/test/java/org/onap/aaf/auth/helpers/test/JU_MiscID.java106
-rw-r--r--auth/auth-batch/src/test/java/org/onap/aaf/auth/helpers/test/JU_MonthData.java116
-rw-r--r--auth/auth-batch/src/test/java/org/onap/aaf/auth/helpers/test/JU_NS.java76
-rw-r--r--auth/auth-batch/src/test/java/org/onap/aaf/auth/helpers/test/JU_NsAttrib.java24
-rw-r--r--auth/auth-batch/src/test/java/org/onap/aaf/auth/helpers/test/JU_Perm.java108
-rw-r--r--auth/auth-batch/src/test/java/org/onap/aaf/auth/helpers/test/JU_Role.java98
-rw-r--r--auth/auth-batch/src/test/java/org/onap/aaf/auth/helpers/test/JU_UserRole.java198
-rw-r--r--auth/auth-batch/src/test/java/org/onap/aaf/auth/test/JU_Batch.java76
-rw-r--r--auth/auth-batch/src/test/java/org/onap/aaf/auth/test/JU_BatchException.java40
-rw-r--r--auth/auth-batch/src/test/java/org/onap/aaf/auth/test/JU_BatchPrincipal.java16
-rw-r--r--auth/auth-batch/src/test/java/org/onap/aaf/auth/test/JU_CassBatch.java44
-rw-r--r--auth/auth-cass/src/main/java/org/onap/aaf/auth/dao/AbsCassDAO.java854
-rw-r--r--auth/auth-cass/src/main/java/org/onap/aaf/auth/dao/Bytification.java4
-rw-r--r--auth/auth-cass/src/main/java/org/onap/aaf/auth/dao/CIDAO.java36
-rw-r--r--auth/auth-cass/src/main/java/org/onap/aaf/auth/dao/Cacheable.java2
-rw-r--r--auth/auth-cass/src/main/java/org/onap/aaf/auth/dao/Cached.java320
-rw-r--r--auth/auth-cass/src/main/java/org/onap/aaf/auth/dao/CachedDAO.java348
-rw-r--r--auth/auth-cass/src/main/java/org/onap/aaf/auth/dao/CassAccess.java360
-rw-r--r--auth/auth-cass/src/main/java/org/onap/aaf/auth/dao/CassDAOImpl.java560
-rw-r--r--auth/auth-cass/src/main/java/org/onap/aaf/auth/dao/DAO.java12
-rw-r--r--auth/auth-cass/src/main/java/org/onap/aaf/auth/dao/DAOException.java28
-rw-r--r--auth/auth-cass/src/main/java/org/onap/aaf/auth/dao/DAO_RO.java48
-rw-r--r--auth/auth-cass/src/main/java/org/onap/aaf/auth/dao/Loader.java334
-rw-r--r--auth/auth-cass/src/main/java/org/onap/aaf/auth/dao/Streamer.java4
-rw-r--r--auth/auth-cass/src/main/java/org/onap/aaf/auth/dao/Touchable.java2
-rw-r--r--auth/auth-cass/src/main/java/org/onap/aaf/auth/dao/cached/CachedCertDAO.java38
-rw-r--r--auth/auth-cass/src/main/java/org/onap/aaf/auth/dao/cached/CachedCredDAO.java62
-rw-r--r--auth/auth-cass/src/main/java/org/onap/aaf/auth/dao/cached/CachedNSDAO.java6
-rw-r--r--auth/auth-cass/src/main/java/org/onap/aaf/auth/dao/cached/CachedPermDAO.java162
-rw-r--r--auth/auth-cass/src/main/java/org/onap/aaf/auth/dao/cached/CachedRoleDAO.java126
-rw-r--r--auth/auth-cass/src/main/java/org/onap/aaf/auth/dao/cached/CachedUserRoleDAO.java148
-rw-r--r--auth/auth-cass/src/main/java/org/onap/aaf/auth/dao/cass/ApprovalDAO.java374
-rw-r--r--auth/auth-cass/src/main/java/org/onap/aaf/auth/dao/cass/ArtiDAO.java292
-rw-r--r--auth/auth-cass/src/main/java/org/onap/aaf/auth/dao/cass/CacheInfoDAO.java738
-rw-r--r--auth/auth-cass/src/main/java/org/onap/aaf/auth/dao/cass/CacheableData.java12
-rw-r--r--auth/auth-cass/src/main/java/org/onap/aaf/auth/dao/cass/CertDAO.java196
-rw-r--r--auth/auth-cass/src/main/java/org/onap/aaf/auth/dao/cass/ConfigDAO.java72
-rw-r--r--auth/auth-cass/src/main/java/org/onap/aaf/auth/dao/cass/CredDAO.java224
-rw-r--r--auth/auth-cass/src/main/java/org/onap/aaf/auth/dao/cass/DelegateDAO.java186
-rw-r--r--auth/auth-cass/src/main/java/org/onap/aaf/auth/dao/cass/FutureDAO.java150
-rw-r--r--auth/auth-cass/src/main/java/org/onap/aaf/auth/dao/cass/HistoryDAO.java342
-rw-r--r--auth/auth-cass/src/main/java/org/onap/aaf/auth/dao/cass/LocateDAO.java230
-rw-r--r--auth/auth-cass/src/main/java/org/onap/aaf/auth/dao/cass/Namespace.java200
-rw-r--r--auth/auth-cass/src/main/java/org/onap/aaf/auth/dao/cass/NsDAO.java876
-rw-r--r--auth/auth-cass/src/main/java/org/onap/aaf/auth/dao/cass/NsSplit.java70
-rw-r--r--auth/auth-cass/src/main/java/org/onap/aaf/auth/dao/cass/NsType.java86
-rw-r--r--auth/auth-cass/src/main/java/org/onap/aaf/auth/dao/cass/OAuthTokenDAO.java184
-rw-r--r--auth/auth-cass/src/main/java/org/onap/aaf/auth/dao/cass/PermDAO.java854
-rw-r--r--auth/auth-cass/src/main/java/org/onap/aaf/auth/dao/cass/RoleDAO.java628
-rw-r--r--auth/auth-cass/src/main/java/org/onap/aaf/auth/dao/cass/Status.java78
-rw-r--r--auth/auth-cass/src/main/java/org/onap/aaf/auth/dao/cass/UserRoleDAO.java470
-rw-r--r--auth/auth-cass/src/main/java/org/onap/aaf/auth/dao/hl/CassExecutor.java68
-rw-r--r--auth/auth-cass/src/main/java/org/onap/aaf/auth/dao/hl/Function.java3456
-rw-r--r--auth/auth-cass/src/main/java/org/onap/aaf/auth/dao/hl/PermLookup.java266
-rw-r--r--auth/auth-cass/src/main/java/org/onap/aaf/auth/dao/hl/Question.java2120
-rw-r--r--auth/auth-cass/src/main/java/org/onap/aaf/auth/direct/DirectAAFLocator.java170
-rw-r--r--auth/auth-cass/src/main/java/org/onap/aaf/auth/direct/DirectAAFLur.java290
-rw-r--r--auth/auth-cass/src/main/java/org/onap/aaf/auth/direct/DirectAAFUserPass.java74
-rw-r--r--auth/auth-cass/src/main/java/org/onap/aaf/auth/direct/DirectCertIdentity.java46
-rw-r--r--auth/auth-cass/src/main/java/org/onap/aaf/auth/direct/DirectLocatorCreator.java56
-rw-r--r--auth/auth-cass/src/main/java/org/onap/aaf/auth/direct/DirectRegistrar.java140
-rw-r--r--auth/auth-cass/src/test/java/org/onap/aaf/auth/dao/JU_Cached.java164
-rw-r--r--auth/auth-cass/src/test/java/org/onap/aaf/auth/dao/JU_CachedDAO.java44
-rw-r--r--auth/auth-cass/src/test/java/org/onap/aaf/auth/dao/JU_CassAccess.java52
-rw-r--r--auth/auth-cass/src/test/java/org/onap/aaf/auth/dao/JU_CassDAOImpl.java56
-rw-r--r--auth/auth-cass/src/test/java/org/onap/aaf/auth/dao/JU_DAOException.java22
-rw-r--r--auth/auth-cass/src/test/java/org/onap/aaf/auth/dao/aaf/test/AbsJUCass.java278
-rw-r--r--auth/auth-cass/src/test/java/org/onap/aaf/auth/dao/aaf/test/JU_Bytification.java412
-rw-r--r--auth/auth-cass/src/test/java/org/onap/aaf/auth/dao/aaf/test/JU_NsType.java48
-rw-r--r--auth/auth-cass/src/test/java/org/onap/aaf/auth/direct/test/JU_DirectCertIdentity.java52
-rw-r--r--auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/AAF_CM.java338
-rw-r--r--auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/api/API_Artifact.java168
-rw-r--r--auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/api/API_Cert.java186
-rw-r--r--auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/ca/CA.java364
-rw-r--r--auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/ca/JscepCA.java374
-rw-r--r--auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/ca/LocalCA.java362
-rw-r--r--auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/ca/X509ChainWithIssuer.java108
-rw-r--r--auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/ca/X509andChain.java76
-rw-r--r--auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/cert/BCFactory.java178
-rw-r--r--auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/cert/CSRMeta.java372
-rw-r--r--auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/cert/RDN.java142
-rw-r--r--auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/data/CertReq.java30
-rw-r--r--auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/data/CertResp.java106
-rw-r--r--auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/facade/Facade.java270
-rw-r--r--auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/facade/Facade1_0.java12
-rw-r--r--auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/facade/FacadeFactory.java14
-rw-r--r--auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/facade/FacadeImpl.java1108
-rw-r--r--auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/mapper/Mapper.java28
-rw-r--r--auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/mapper/Mapper1_0.java432
-rw-r--r--auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/mapper/Mapper2_0.java414
-rw-r--r--auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/service/CMService.java1256
-rw-r--r--auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/service/Code.java24
-rw-r--r--auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/validation/CertmanValidator.java150
-rw-r--r--auth/auth-certman/src/test/java/org/onap/aaf/auth/cm/api/JU_API_Artifact.java124
-rw-r--r--auth/auth-certman/src/test/java/org/onap/aaf/auth/cm/api/JU_API_Cert.java124
-rw-r--r--auth/auth-certman/src/test/java/org/onap/aaf/auth/cm/ca/JU_AppCA.java434
-rw-r--r--auth/auth-certman/src/test/java/org/onap/aaf/auth/cm/cert/JU_BCFactory.java144
-rw-r--r--auth/auth-certman/src/test/java/org/onap/aaf/auth/cm/facade/JU_FacadeImpl.java260
-rw-r--r--auth/auth-certman/src/test/java/org/onap/aaf/auth/cm/test/CertmanTest.java192
-rw-r--r--auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/AAFcli.java1166
-rw-r--r--auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/BaseCmd.java66
-rw-r--r--auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/Cmd.java914
-rw-r--r--auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/DeprecatedCMD.java22
-rw-r--r--auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/Help.java168
-rw-r--r--auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/MessageException.java20
-rw-r--r--auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/Param.java24
-rw-r--r--auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/Version.java20
-rw-r--r--auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/mgmt/Cache.java8
-rw-r--r--auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/mgmt/Clear.java80
-rw-r--r--auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/mgmt/Deny.java116
-rw-r--r--auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/mgmt/Log.java134
-rw-r--r--auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/mgmt/Mgmt.java14
-rw-r--r--auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/mgmt/SessClear.java76
-rw-r--r--auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/mgmt/Session.java8
-rw-r--r--auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/ns/Admin.java124
-rw-r--r--auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/ns/Attrib.java150
-rw-r--r--auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/ns/Create.java152
-rw-r--r--auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/ns/Delete.java90
-rw-r--r--auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/ns/Describe.java104
-rw-r--r--auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/ns/List.java258
-rw-r--r--auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/ns/ListActivity.java68
-rw-r--r--auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/ns/ListAdminResponsible.java74
-rw-r--r--auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/ns/ListByName.java110
-rw-r--r--auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/ns/ListChildren.java68
-rw-r--r--auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/ns/ListNsKeysByAttrib.java76
-rw-r--r--auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/ns/ListUsers.java70
-rw-r--r--auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/ns/ListUsersContact.java148
-rw-r--r--auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/ns/ListUsersInRole.java148
-rw-r--r--auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/ns/ListUsersWithPerm.java148
-rw-r--r--auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/ns/NS.java28
-rw-r--r--auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/ns/Owner.java130
-rw-r--r--auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/perm/Create.java232
-rw-r--r--auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/perm/Delete.java86
-rw-r--r--auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/perm/Describe.java116
-rw-r--r--auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/perm/Grant.java202
-rw-r--r--auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/perm/List.java150
-rw-r--r--auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/perm/ListActivity.java62
-rw-r--r--auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/perm/ListByNS.java50
-rw-r--r--auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/perm/ListByName.java50
-rw-r--r--auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/perm/ListByRole.java50
-rw-r--r--auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/perm/ListByUser.java76
-rw-r--r--auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/perm/Perm.java22
-rw-r--r--auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/perm/Rename.java126
-rw-r--r--auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/role/CreateDelete.java174
-rw-r--r--auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/role/Describe.java104
-rw-r--r--auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/role/List.java314
-rw-r--r--auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/role/ListActivity.java60
-rw-r--r--auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/role/ListByNS.java52
-rw-r--r--auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/role/ListByNameOnly.java52
-rw-r--r--auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/role/ListByPerm.java62
-rw-r--r--auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/role/ListByRole.java52
-rw-r--r--auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/role/ListByUser.java104
-rw-r--r--auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/role/Role.java18
-rw-r--r--auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/role/User.java242
-rw-r--r--auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/user/Cred.java232
-rw-r--r--auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/user/Delg.java166
-rw-r--r--auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/user/List.java154
-rw-r--r--auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/user/ListActivity.java64
-rw-r--r--auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/user/ListApprovals.java110
-rw-r--r--auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/user/ListDelegates.java92
-rw-r--r--auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/user/ListForCreds.java100
-rw-r--r--auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/user/ListForPermission.java110
-rw-r--r--auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/user/ListForRoles.java86
-rw-r--r--auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/user/Role.java208
-rw-r--r--auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/user/User.java14
-rw-r--r--auth/auth-cmd/src/test/java/org/onap/aaf/auth/cmd/test/HMangrStub.java40
-rw-r--r--auth/auth-cmd/src/test/java/org/onap/aaf/auth/cmd/test/JU_AAFCli.java372
-rw-r--r--auth/auth-cmd/src/test/java/org/onap/aaf/auth/cmd/test/JU_BaseCmd.java132
-rw-r--r--auth/auth-cmd/src/test/java/org/onap/aaf/auth/cmd/test/JU_BasicAuth.java36
-rw-r--r--auth/auth-cmd/src/test/java/org/onap/aaf/auth/cmd/test/JU_Cmd.java242
-rw-r--r--auth/auth-cmd/src/test/java/org/onap/aaf/auth/cmd/test/JU_DeprecatedCMD.java50
-rw-r--r--auth/auth-cmd/src/test/java/org/onap/aaf/auth/cmd/test/JU_Help.java142
-rw-r--r--auth/auth-cmd/src/test/java/org/onap/aaf/auth/cmd/test/JU_Version.java38
-rw-r--r--auth/auth-cmd/src/test/java/org/onap/aaf/auth/cmd/test/mgmt/JU_Clear.java92
-rw-r--r--auth/auth-cmd/src/test/java/org/onap/aaf/auth/cmd/test/mgmt/JU_Deny.java82
-rw-r--r--auth/auth-cmd/src/test/java/org/onap/aaf/auth/cmd/test/mgmt/JU_Log.java94
-rw-r--r--auth/auth-cmd/src/test/java/org/onap/aaf/auth/cmd/test/mgmt/JU_SessClear.java90
-rw-r--r--auth/auth-cmd/src/test/java/org/onap/aaf/auth/cmd/test/ns/JU_Admin.java100
-rw-r--r--auth/auth-cmd/src/test/java/org/onap/aaf/auth/cmd/test/ns/JU_Attrib.java98
-rw-r--r--auth/auth-cmd/src/test/java/org/onap/aaf/auth/cmd/test/ns/JU_Create.java92
-rw-r--r--auth/auth-cmd/src/test/java/org/onap/aaf/auth/cmd/test/ns/JU_Delete.java88
-rw-r--r--auth/auth-cmd/src/test/java/org/onap/aaf/auth/cmd/test/ns/JU_Describe.java84
-rw-r--r--auth/auth-cmd/src/test/java/org/onap/aaf/auth/cmd/test/ns/JU_List.java172
-rw-r--r--auth/auth-cmd/src/test/java/org/onap/aaf/auth/cmd/test/ns/JU_ListActivity.java86
-rw-r--r--auth/auth-cmd/src/test/java/org/onap/aaf/auth/cmd/test/ns/JU_ListAdminResponsible.java86
-rw-r--r--auth/auth-cmd/src/test/java/org/onap/aaf/auth/cmd/test/ns/JU_ListByName.java86
-rw-r--r--auth/auth-cmd/src/test/java/org/onap/aaf/auth/cmd/test/ns/JU_ListChildren.java64
-rw-r--r--auth/auth-cmd/src/test/java/org/onap/aaf/auth/cmd/test/ns/JU_ListNsKeysByAttrib.java64
-rw-r--r--auth/auth-cmd/src/test/java/org/onap/aaf/auth/cmd/test/ns/JU_ListUsers.java48
-rw-r--r--auth/auth-cmd/src/test/java/org/onap/aaf/auth/cmd/test/ns/JU_ListUsersContact.java92
-rw-r--r--auth/auth-cmd/src/test/java/org/onap/aaf/auth/cmd/test/ns/JU_ListUsersInRole.java54
-rw-r--r--auth/auth-cmd/src/test/java/org/onap/aaf/auth/cmd/test/ns/JU_ListUsersWithPerm.java64
-rw-r--r--auth/auth-cmd/src/test/java/org/onap/aaf/auth/cmd/test/ns/JU_Owner.java48
-rw-r--r--auth/auth-cmd/src/test/java/org/onap/aaf/auth/cmd/test/ns/JU_Responsible.java60
-rw-r--r--auth/auth-cmd/src/test/java/org/onap/aaf/auth/cmd/test/perm/JU_Create.java104
-rw-r--r--auth/auth-cmd/src/test/java/org/onap/aaf/auth/cmd/test/perm/JU_Delete.java100
-rw-r--r--auth/auth-cmd/src/test/java/org/onap/aaf/auth/cmd/test/perm/JU_Describe.java98
-rw-r--r--auth/auth-cmd/src/test/java/org/onap/aaf/auth/cmd/test/perm/JU_Grant.java130
-rw-r--r--auth/auth-cmd/src/test/java/org/onap/aaf/auth/cmd/test/perm/JU_ListActivity.java86
-rw-r--r--auth/auth-cmd/src/test/java/org/onap/aaf/auth/cmd/test/perm/JU_ListByNS.java66
-rw-r--r--auth/auth-cmd/src/test/java/org/onap/aaf/auth/cmd/test/perm/JU_ListByName.java86
-rw-r--r--auth/auth-cmd/src/test/java/org/onap/aaf/auth/cmd/test/perm/JU_ListByRole.java66
-rw-r--r--auth/auth-cmd/src/test/java/org/onap/aaf/auth/cmd/test/perm/JU_ListByUser.java66
-rw-r--r--auth/auth-cmd/src/test/java/org/onap/aaf/auth/cmd/test/perm/JU_Rename.java86
-rw-r--r--auth/auth-cmd/src/test/java/org/onap/aaf/auth/cmd/test/role/JU_CreateDelete.java100
-rw-r--r--auth/auth-cmd/src/test/java/org/onap/aaf/auth/cmd/test/role/JU_Describe.java94
-rw-r--r--auth/auth-cmd/src/test/java/org/onap/aaf/auth/cmd/test/role/JU_List.java178
-rw-r--r--auth/auth-cmd/src/test/java/org/onap/aaf/auth/cmd/test/role/JU_ListActivity.java96
-rw-r--r--auth/auth-cmd/src/test/java/org/onap/aaf/auth/cmd/test/role/JU_ListByNS.java74
-rw-r--r--auth/auth-cmd/src/test/java/org/onap/aaf/auth/cmd/test/role/JU_ListByNameOnly.java96
-rw-r--r--auth/auth-cmd/src/test/java/org/onap/aaf/auth/cmd/test/role/JU_ListByPerm.java74
-rw-r--r--auth/auth-cmd/src/test/java/org/onap/aaf/auth/cmd/test/role/JU_ListByRole.java76
-rw-r--r--auth/auth-cmd/src/test/java/org/onap/aaf/auth/cmd/test/role/JU_ListByUser.java98
-rw-r--r--auth/auth-cmd/src/test/java/org/onap/aaf/auth/cmd/test/role/JU_User.java112
-rw-r--r--auth/auth-cmd/src/test/java/org/onap/aaf/auth/cmd/test/user/JU_Cred.java98
-rw-r--r--auth/auth-cmd/src/test/java/org/onap/aaf/auth/cmd/test/user/JU_Delg.java98
-rw-r--r--auth/auth-cmd/src/test/java/org/onap/aaf/auth/cmd/test/user/JU_ListActivity.java66
-rw-r--r--auth/auth-cmd/src/test/java/org/onap/aaf/auth/cmd/test/user/JU_ListApprovals.java88
-rw-r--r--auth/auth-cmd/src/test/java/org/onap/aaf/auth/cmd/test/user/JU_ListDelegates.java66
-rw-r--r--auth/auth-cmd/src/test/java/org/onap/aaf/auth/cmd/test/user/JU_ListForCreds.java88
-rw-r--r--auth/auth-cmd/src/test/java/org/onap/aaf/auth/cmd/test/user/JU_ListForPermission.java66
-rw-r--r--auth/auth-cmd/src/test/java/org/onap/aaf/auth/cmd/test/user/JU_ListForRoles.java66
-rw-r--r--auth/auth-cmd/src/test/java/org/onap/aaf/auth/cmd/test/user/JU_Role.java104
-rw-r--r--auth/auth-core/src/main/java/org/onap/aaf/auth/cache/Cache.java302
-rw-r--r--auth/auth-core/src/main/java/org/onap/aaf/auth/common/Define.java102
-rw-r--r--auth/auth-core/src/main/java/org/onap/aaf/auth/env/AuthzEnv.java438
-rw-r--r--auth/auth-core/src/main/java/org/onap/aaf/auth/env/AuthzTrans.java60
-rw-r--r--auth/auth-core/src/main/java/org/onap/aaf/auth/env/AuthzTransFilter.java264
-rw-r--r--auth/auth-core/src/main/java/org/onap/aaf/auth/env/AuthzTransImpl.java358
-rw-r--r--auth/auth-core/src/main/java/org/onap/aaf/auth/env/AuthzTransOnlyFilter.java92
-rw-r--r--auth/auth-core/src/main/java/org/onap/aaf/auth/env/NullTrans.java380
-rw-r--r--auth/auth-core/src/main/java/org/onap/aaf/auth/layer/FacadeImpl.java18
-rw-r--r--auth/auth-core/src/main/java/org/onap/aaf/auth/layer/Result.java194
-rw-r--r--auth/auth-core/src/main/java/org/onap/aaf/auth/local/AbsData.java336
-rw-r--r--auth/auth-core/src/main/java/org/onap/aaf/auth/local/DataFile.java294
-rw-r--r--auth/auth-core/src/main/java/org/onap/aaf/auth/local/TextIndex.java422
-rw-r--r--auth/auth-core/src/main/java/org/onap/aaf/auth/org/Executor.java18
-rw-r--r--auth/auth-core/src/main/java/org/onap/aaf/auth/org/Mailer.java18
-rw-r--r--auth/auth-core/src/main/java/org/onap/aaf/auth/org/Organization.java926
-rw-r--r--auth/auth-core/src/main/java/org/onap/aaf/auth/org/OrganizationException.java50
-rw-r--r--auth/auth-core/src/main/java/org/onap/aaf/auth/org/OrganizationFactory.java180
-rw-r--r--auth/auth-core/src/main/java/org/onap/aaf/auth/rserv/Acceptor.java256
-rw-r--r--auth/auth-core/src/main/java/org/onap/aaf/auth/rserv/CachingFileAccess.java940
-rw-r--r--auth/auth-core/src/main/java/org/onap/aaf/auth/rserv/CodeSetter.java36
-rw-r--r--auth/auth-core/src/main/java/org/onap/aaf/auth/rserv/Content.java136
-rw-r--r--auth/auth-core/src/main/java/org/onap/aaf/auth/rserv/HttpCode.java152
-rw-r--r--auth/auth-core/src/main/java/org/onap/aaf/auth/rserv/HttpMethods.java8
-rw-r--r--auth/auth-core/src/main/java/org/onap/aaf/auth/rserv/Match.java342
-rw-r--r--auth/auth-core/src/main/java/org/onap/aaf/auth/rserv/Pair.java22
-rw-r--r--auth/auth-core/src/main/java/org/onap/aaf/auth/rserv/RServlet.java212
-rw-r--r--auth/auth-core/src/main/java/org/onap/aaf/auth/rserv/Route.java196
-rw-r--r--auth/auth-core/src/main/java/org/onap/aaf/auth/rserv/RouteReport.java8
-rw-r--r--auth/auth-core/src/main/java/org/onap/aaf/auth/rserv/Routes.java106
-rw-r--r--auth/auth-core/src/main/java/org/onap/aaf/auth/rserv/TransFilter.java176
-rw-r--r--auth/auth-core/src/main/java/org/onap/aaf/auth/rserv/TransOnlyFilter.java50
-rw-r--r--auth/auth-core/src/main/java/org/onap/aaf/auth/rserv/TypedCode.java416
-rw-r--r--auth/auth-core/src/main/java/org/onap/aaf/auth/rserv/Version.java116
-rw-r--r--auth/auth-core/src/main/java/org/onap/aaf/auth/rserv/doc/ApiDoc.java16
-rw-r--r--auth/auth-core/src/main/java/org/onap/aaf/auth/server/AbsService.java222
-rw-r--r--auth/auth-core/src/main/java/org/onap/aaf/auth/server/AbsServiceStarter.java112
-rw-r--r--auth/auth-core/src/main/java/org/onap/aaf/auth/server/JettyServiceStarter.java406
-rw-r--r--auth/auth-core/src/main/java/org/onap/aaf/auth/server/Log4JLogIt.java184
-rw-r--r--auth/auth-core/src/main/java/org/onap/aaf/auth/server/ServiceStarter.java4
-rw-r--r--auth/auth-core/src/main/java/org/onap/aaf/auth/validation/Validator.java352
-rw-r--r--auth/auth-core/src/test/java/org/onap/aaf/auth/common/test/JU_Define.java78
-rw-r--r--auth/auth-core/src/test/java/org/onap/aaf/auth/env/test/JU_AuthzEnv.java264
-rw-r--r--auth/auth-core/src/test/java/org/onap/aaf/auth/env/test/JU_AuthzTransFilter.java104
-rw-r--r--auth/auth-core/src/test/java/org/onap/aaf/auth/env/test/JU_AuthzTransImpl.java232
-rw-r--r--auth/auth-core/src/test/java/org/onap/aaf/auth/env/test/JU_AuthzTransOnlyFilter.java120
-rw-r--r--auth/auth-core/src/test/java/org/onap/aaf/auth/env/test/JU_NullTrans.java438
-rw-r--r--auth/auth-core/src/test/java/org/onap/aaf/auth/layer/test/JU_Result.java288
-rw-r--r--auth/auth-core/src/test/java/org/onap/aaf/auth/local/test/JU_AbsData.java112
-rw-r--r--auth/auth-core/src/test/java/org/onap/aaf/auth/local/test/JU_DataFile.java64
-rw-r--r--auth/auth-core/src/test/java/org/onap/aaf/auth/local/test/JU_TextIndex.java144
-rw-r--r--auth/auth-core/src/test/java/org/onap/aaf/auth/org/test/JU_Organization.java82
-rw-r--r--auth/auth-core/src/test/java/org/onap/aaf/auth/org/test/JU_OrganizationException.java28
-rw-r--r--auth/auth-core/src/test/java/org/onap/aaf/auth/org/test/JU_OrganizationFactory.java56
-rw-r--r--auth/auth-core/src/test/java/org/onap/aaf/auth/request/test/CredCompare.java58
-rw-r--r--auth/auth-core/src/test/java/org/onap/aaf/auth/request/test/JU_RequestCheck.java26
-rw-r--r--auth/auth-core/src/test/java/org/onap/aaf/auth/request/test/MultiCompare.java72
-rw-r--r--auth/auth-core/src/test/java/org/onap/aaf/auth/request/test/NSAttribCompare.java112
-rw-r--r--auth/auth-core/src/test/java/org/onap/aaf/auth/request/test/NSCompare.java78
-rw-r--r--auth/auth-core/src/test/java/org/onap/aaf/auth/request/test/PermCompare.java62
-rw-r--r--auth/auth-core/src/test/java/org/onap/aaf/auth/request/test/RoleCompare.java58
-rw-r--r--auth/auth-core/src/test/java/org/onap/aaf/auth/request/test/RolePermCompare.java66
-rw-r--r--auth/auth-core/src/test/java/org/onap/aaf/auth/request/test/RosettaCompare.java68
-rw-r--r--auth/auth-core/src/test/java/org/onap/aaf/auth/request/test/UserRoleCompare.java58
-rw-r--r--auth/auth-core/src/test/java/org/onap/aaf/auth/rserv/test/JU_BetterMatch.java252
-rw-r--r--auth/auth-core/src/test/java/org/onap/aaf/auth/rserv/test/JU_BetterMatch1.java240
-rw-r--r--auth/auth-core/src/test/java/org/onap/aaf/auth/rserv/test/JU_BetterRoute.java8
-rw-r--r--auth/auth-core/src/test/java/org/onap/aaf/auth/rserv/test/JU_CachingFileAccess.java234
-rw-r--r--auth/auth-core/src/test/java/org/onap/aaf/auth/rserv/test/JU_Content.java1204
-rw-r--r--auth/auth-core/src/test/java/org/onap/aaf/auth/rserv/test/JU_Content1.java170
-rw-r--r--auth/auth-core/src/test/java/org/onap/aaf/auth/rserv/test/JU_Pair.java26
-rw-r--r--auth/auth-core/src/test/java/org/onap/aaf/auth/rserv/test/JU_Route.java46
-rw-r--r--auth/auth-core/src/test/java/org/onap/aaf/auth/rserv/test/JU_RouteReport.java12
-rw-r--r--auth/auth-core/src/test/java/org/onap/aaf/auth/rserv/test/JU_Routes.java52
-rw-r--r--auth/auth-core/src/test/java/org/onap/aaf/auth/rserv/test/JU_TypedCode.java112
-rw-r--r--auth/auth-core/src/test/java/org/onap/aaf/auth/rserv/test/JU_Version.java62
-rw-r--r--auth/auth-core/src/test/java/org/onap/aaf/auth/server/test/JU_AbsService.java84
-rw-r--r--auth/auth-core/src/test/java/org/onap/aaf/auth/server/test/JU_AbsServiceStarter.java152
-rw-r--r--auth/auth-core/src/test/java/org/onap/aaf/auth/server/test/JU_JettyServiceStarter.java76
-rw-r--r--auth/auth-core/src/test/java/org/onap/aaf/auth/util/test/JU_Mask.java66
-rw-r--r--auth/auth-core/src/test/java/org/onap/aaf/auth/validation/test/JU_Validator.java550
-rw-r--r--auth/auth-deforg/src/main/java/org/onap/aaf/org/DefaultOrg.java1158
-rw-r--r--auth/auth-deforg/src/main/java/org/onap/aaf/org/DefaultOrgIdentity.java268
-rw-r--r--auth/auth-deforg/src/main/java/org/onap/aaf/org/DefaultOrgWarnings.java68
-rw-r--r--auth/auth-deforg/src/main/java/org/onap/aaf/org/Identities.java170
-rw-r--r--auth/auth-deforg/src/test/java/org/onap/aaf/org/test/JU_DefaultOrg.java328
-rw-r--r--auth/auth-deforg/src/test/java/org/onap/aaf/org/test/JU_DefaultOrgIdentity.java146
-rw-r--r--auth/auth-deforg/src/test/java/org/onap/aaf/org/test/JU_DefaultOrgWarnings.java64
-rw-r--r--auth/auth-deforg/src/test/java/org/onap/aaf/org/test/JU_Identities.java110
-rw-r--r--auth/auth-deforg/src/test/java/org/onap/aaf/org/test/JU_Passwords.java112
-rw-r--r--auth/auth-fs/src/main/java/org/onap/aaf/auth/fs/AAF_FS.java122
-rw-r--r--auth/auth-fs/src/test/java/org/onap/aaf/auth/fs/test/JU_AAF_FS.java152
-rw-r--r--auth/auth-gui/src/main/java/org/onap/aaf/auth/cui/CUI.java96
-rw-r--r--auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/AAF_GUI.java314
-rw-r--r--auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/BreadCrumbs.java98
-rw-r--r--auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/ContentCode.java6
-rw-r--r--auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/Controls.java26
-rw-r--r--auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/Display.java204
-rw-r--r--auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/Form.java68
-rw-r--r--auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/NamedCode.java80
-rw-r--r--auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/OrgLookupFilter.java66
-rw-r--r--auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/Page.java646
-rw-r--r--auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/SlotCode.java36
-rw-r--r--auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/Table.java352
-rw-r--r--auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/XFrameFilter.java70
-rw-r--r--auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/pages/ApiDocs.java536
-rw-r--r--auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/pages/ApiExample.java162
-rw-r--r--auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/pages/ApprovalAction.java146
-rw-r--r--auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/pages/ApprovalForm.java458
-rw-r--r--auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/pages/CMArtiChangeAction.java326
-rw-r--r--auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/pages/CMArtiChangeForm.java372
-rw-r--r--auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/pages/CMArtifactShow.java352
-rw-r--r--auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/pages/CredDetail.java536
-rw-r--r--auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/pages/Home.java74
-rw-r--r--auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/pages/LoginLanding.java146
-rw-r--r--auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/pages/LoginLandingAction.java52
-rw-r--r--auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/pages/NsDetail.java366
-rw-r--r--auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/pages/NsHistory.java332
-rw-r--r--auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/pages/NsInfoAction.java216
-rw-r--r--auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/pages/NsInfoForm.java208
-rw-r--r--auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/pages/NssShow.java166
-rw-r--r--auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/pages/PassChangeAction.java302
-rw-r--r--auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/pages/PassChangeForm.java286
-rw-r--r--auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/pages/PassDeleteAction.java84
-rw-r--r--auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/pages/PendingRequestsShow.java244
-rw-r--r--auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/pages/PermDetail.java192
-rw-r--r--auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/pages/PermGrantAction.java168
-rw-r--r--auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/pages/PermGrantForm.java204
-rw-r--r--auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/pages/PermHistory.java354
-rw-r--r--auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/pages/PermsShow.java126
-rw-r--r--auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/pages/RequestDetail.java232
-rw-r--r--auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/pages/RoleDetail.java434
-rw-r--r--auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/pages/RoleDetailAction.java258
-rw-r--r--auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/pages/RoleHistory.java326
-rw-r--r--auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/pages/RolesShow.java156
-rw-r--r--auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/pages/UserRoleExtend.java102
-rw-r--r--auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/pages/UserRoleRemove.java100
-rw-r--r--auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/pages/WebCommand.java152
-rw-r--r--auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/table/AbsCell.java40
-rw-r--r--auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/table/ButtonCell.java34
-rw-r--r--auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/table/CheckBoxCell.java72
-rw-r--r--auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/table/RadioCell.java38
-rw-r--r--auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/table/RefCell.java38
-rw-r--r--auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/table/TableData.java40
-rw-r--r--auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/table/TextAndRefCell.java22
-rw-r--r--auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/table/TextCell.java34
-rw-r--r--auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/table/TextInputCell.java44
-rw-r--r--auth/auth-hello/src/main/java/org/onap/aaf/auth/hello/AAF_Hello.java152
-rw-r--r--auth/auth-hello/src/main/java/org/onap/aaf/auth/hello/API_Hello.java262
-rw-r--r--auth/auth-hello/src/test/java/org/onap/aaf/auth/hello/test/HelloTester.java76
-rw-r--r--auth/auth-locate/src/main/java/org/onap/aaf/auth/locate/AAF_Locate.java358
-rw-r--r--auth/auth-locate/src/main/java/org/onap/aaf/auth/locate/BasicAuthCode.java74
-rw-r--r--auth/auth-locate/src/main/java/org/onap/aaf/auth/locate/LocateCode.java28
-rw-r--r--auth/auth-locate/src/main/java/org/onap/aaf/auth/locate/api/API_AAFAccess.java444
-rw-r--r--auth/auth-locate/src/main/java/org/onap/aaf/auth/locate/api/API_Api.java98
-rw-r--r--auth/auth-locate/src/main/java/org/onap/aaf/auth/locate/api/API_Find.java158
-rw-r--r--auth/auth-locate/src/main/java/org/onap/aaf/auth/locate/api/API_Proxy.java216
-rw-r--r--auth/auth-locate/src/main/java/org/onap/aaf/auth/locate/facade/LocateFacade.java132
-rw-r--r--auth/auth-locate/src/main/java/org/onap/aaf/auth/locate/facade/LocateFacadeFactory.java18
-rw-r--r--auth/auth-locate/src/main/java/org/onap/aaf/auth/locate/facade/LocateFacadeImpl.java638
-rw-r--r--auth/auth-locate/src/main/java/org/onap/aaf/auth/locate/facade/LocateFacade_1_1.java6
-rw-r--r--auth/auth-locate/src/main/java/org/onap/aaf/auth/locate/mapper/Mapper.java12
-rw-r--r--auth/auth-locate/src/main/java/org/onap/aaf/auth/locate/mapper/Mapper_1_1.java214
-rw-r--r--auth/auth-locate/src/main/java/org/onap/aaf/auth/locate/service/LocateService.java10
-rw-r--r--auth/auth-locate/src/main/java/org/onap/aaf/auth/locate/service/LocateServiceImpl.java202
-rw-r--r--auth/auth-locate/src/main/java/org/onap/aaf/auth/locate/validation/LocateValidator.java184
-rw-r--r--auth/auth-locate/src/test/java/org/onap/aaf/auth/locate/JU_BasicAuthCodeTest.java96
-rw-r--r--auth/auth-locate/src/test/java/org/onap/aaf/auth/locate/mapper/JU_Mapper_1_0Test.java46
-rw-r--r--auth/auth-locate/src/test/java/org/onap/aaf/auth/locate/service/JU_LocateServiceImplTest.java132
-rw-r--r--auth/auth-oauth/src/main/java/org/onap/aaf/auth/oauth/AAF_OAuth.java272
-rw-r--r--auth/auth-oauth/src/main/java/org/onap/aaf/auth/oauth/DirectOAuthTAF.java316
-rw-r--r--auth/auth-oauth/src/main/java/org/onap/aaf/auth/oauth/OACode.java28
-rw-r--r--auth/auth-oauth/src/main/java/org/onap/aaf/auth/oauth/OAuth2Filter.java42
-rw-r--r--auth/auth-oauth/src/main/java/org/onap/aaf/auth/oauth/OAuth2FormHttpTafResp.java54
-rw-r--r--auth/auth-oauth/src/main/java/org/onap/aaf/auth/oauth/api/API_Token.java76
-rw-r--r--auth/auth-oauth/src/main/java/org/onap/aaf/auth/oauth/facade/DirectIntrospect.java2
-rw-r--r--auth/auth-oauth/src/main/java/org/onap/aaf/auth/oauth/facade/DirectIntrospectImpl.java44
-rw-r--r--auth/auth-oauth/src/main/java/org/onap/aaf/auth/oauth/facade/OAFacade.java34
-rw-r--r--auth/auth-oauth/src/main/java/org/onap/aaf/auth/oauth/facade/OAFacade1_0.java12
-rw-r--r--auth/auth-oauth/src/main/java/org/onap/aaf/auth/oauth/facade/OAFacadeFactory.java20
-rw-r--r--auth/auth-oauth/src/main/java/org/onap/aaf/auth/oauth/facade/OAFacadeImpl.java482
-rw-r--r--auth/auth-oauth/src/main/java/org/onap/aaf/auth/oauth/mapper/Mapper.java24
-rw-r--r--auth/auth-oauth/src/main/java/org/onap/aaf/auth/oauth/mapper/Mapper1_0.java348
-rw-r--r--auth/auth-oauth/src/main/java/org/onap/aaf/auth/oauth/mapper/MapperIntrospect.java2
-rw-r--r--auth/auth-oauth/src/main/java/org/onap/aaf/auth/oauth/mapper/MapperIntrospect1_0.java78
-rw-r--r--auth/auth-oauth/src/main/java/org/onap/aaf/auth/oauth/service/JSONPermLoader.java2
-rw-r--r--auth/auth-oauth/src/main/java/org/onap/aaf/auth/oauth/service/JSONPermLoaderFactory.java154
-rw-r--r--auth/auth-oauth/src/main/java/org/onap/aaf/auth/oauth/service/OAuthService.java466
-rw-r--r--auth/auth-oauth/src/main/java/org/onap/aaf/auth/oauth/service/OCreds.java16
-rw-r--r--auth/auth-oauth/src/test/java/org/onap/aaf/auth/oauth/JU_DirectOAuthTAF.java146
-rw-r--r--auth/auth-oauth/src/test/java/org/onap/aaf/auth/oauth/JU_OACodeTest.java42
-rw-r--r--auth/auth-oauth/src/test/java/org/onap/aaf/auth/oauth/JU_OAuth2FilterTest.java94
-rw-r--r--auth/auth-oauth/src/test/java/org/onap/aaf/auth/oauth/JU_OAuth2FormHttpTafRespTest.java36
-rw-r--r--auth/auth-oauth/src/test/java/org/onap/aaf/auth/oauth/facade/JU_DirectOAFacadeImplTest.java10
-rw-r--r--auth/auth-oauth/src/test/java/org/onap/aaf/auth/oauth/facade/JU_OAFacadeFactory.java70
-rw-r--r--auth/auth-oauth/src/test/java/org/onap/aaf/auth/oauth/mapper/JU_Mapper1_0Test.java266
-rw-r--r--auth/auth-oauth/src/test/java/org/onap/aaf/auth/oauth/mapper/JU_MapperIntrospect1_0Test.java70
-rw-r--r--auth/auth-oauth/src/test/java/org/onap/aaf/auth/oauth/service/JU_JSONPermLoaderFactoryTest.java208
-rw-r--r--auth/auth-oauth/src/test/java/org/onap/aaf/auth/oauth/service/JU_OCredsTest.java38
-rw-r--r--auth/auth-service/src/main/java/org/onap/aaf/auth/service/AAF_Service.java328
-rw-r--r--auth/auth-service/src/main/java/org/onap/aaf/auth/service/AuthzCassServiceImpl.java7872
-rw-r--r--auth/auth-service/src/main/java/org/onap/aaf/auth/service/AuthzService.java1394
-rw-r--r--auth/auth-service/src/main/java/org/onap/aaf/auth/service/Code.java28
-rw-r--r--auth/auth-service/src/main/java/org/onap/aaf/auth/service/MayChange.java2
-rw-r--r--auth/auth-service/src/main/java/org/onap/aaf/auth/service/api/API_Api.java94
-rw-r--r--auth/auth-service/src/main/java/org/onap/aaf/auth/service/api/API_Approval.java124
-rw-r--r--auth/auth-service/src/main/java/org/onap/aaf/auth/service/api/API_Creds.java456
-rw-r--r--auth/auth-service/src/main/java/org/onap/aaf/auth/service/api/API_Delegate.java204
-rw-r--r--auth/auth-service/src/main/java/org/onap/aaf/auth/service/api/API_History.java350
-rw-r--r--auth/auth-service/src/main/java/org/onap/aaf/auth/service/api/API_Mgmt.java428
-rw-r--r--auth/auth-service/src/main/java/org/onap/aaf/auth/service/api/API_Multi.java46
-rw-r--r--auth/auth-service/src/main/java/org/onap/aaf/auth/service/api/API_NS.java678
-rw-r--r--auth/auth-service/src/main/java/org/onap/aaf/auth/service/api/API_Perms.java470
-rw-r--r--auth/auth-service/src/main/java/org/onap/aaf/auth/service/api/API_Roles.java566
-rw-r--r--auth/auth-service/src/main/java/org/onap/aaf/auth/service/api/API_User.java166
-rw-r--r--auth/auth-service/src/main/java/org/onap/aaf/auth/service/api/API_UserRole.java264
-rw-r--r--auth/auth-service/src/main/java/org/onap/aaf/auth/service/facade/AuthzFacade.java320
-rw-r--r--auth/auth-service/src/main/java/org/onap/aaf/auth/service/facade/AuthzFacadeFactory.java40
-rw-r--r--auth/auth-service/src/main/java/org/onap/aaf/auth/service/facade/AuthzFacadeImpl.java5072
-rw-r--r--auth/auth-service/src/main/java/org/onap/aaf/auth/service/facade/AuthzFacade_2_0.java36
-rw-r--r--auth/auth-service/src/main/java/org/onap/aaf/auth/service/mapper/Mapper.java142
-rw-r--r--auth/auth-service/src/main/java/org/onap/aaf/auth/service/mapper/Mapper_2_0.java1532
-rw-r--r--auth/auth-service/src/main/java/org/onap/aaf/auth/service/validation/ServiceValidator.java410
-rw-r--r--auth/auth-service/src/test/java/org/onap/aaf/auth/service/api/test/JU_API_Approval.java46
-rw-r--r--auth/auth-service/src/test/java/org/onap/aaf/auth/service/api/test/JU_API_Creds.java66
-rw-r--r--auth/auth-service/src/test/java/org/onap/aaf/auth/service/api/test/JU_API_Delegate.java42
-rw-r--r--auth/auth-service/src/test/java/org/onap/aaf/auth/service/api/test/JU_API_History.java44
-rw-r--r--auth/auth-service/src/test/java/org/onap/aaf/auth/service/api/test/JU_API_NS.java42
-rw-r--r--auth/auth-service/src/test/java/org/onap/aaf/auth/service/api/test/JU_API_Perms.java62
-rw-r--r--auth/auth-service/src/test/java/org/onap/aaf/auth/service/api/test/JU_API_Roles.java44
-rw-r--r--auth/auth-service/src/test/java/org/onap/aaf/auth/service/api/test/JU_API_User.java44
-rw-r--r--auth/auth-service/src/test/java/org/onap/aaf/auth/service/api/test/JU_API_UserRole.java42
-rw-r--r--auth/auth-service/src/test/java/org/onap/aaf/auth/service/validation/test/JU_ServiceValidator.java110
-rw-r--r--auth/auth-service/src/test/java/org/onap/aaf/authz/service/mapper/JU_Mapper_2_0.java990
525 files changed, 54087 insertions, 54087 deletions
diff --git a/auth/auth-batch/src/main/java/org/onap/aaf/auth/Batch.java b/auth/auth-batch/src/main/java/org/onap/aaf/auth/Batch.java
index 7826eb68..559e3c51 100644
--- a/auth/auth-batch/src/main/java/org/onap/aaf/auth/Batch.java
+++ b/auth/auth-batch/src/main/java/org/onap/aaf/auth/Batch.java
@@ -68,11 +68,11 @@ import com.datastax.driver.core.Statement;
public abstract class Batch {
- private static String rootNs;
+ private static String rootNs;
- private static StaticSlot ssargs;
+ private static StaticSlot ssargs;
- protected static final String STARS = "*****";
+ protected static final String STARS = "*****";
protected final Cluster cluster;
protected static AuthzEnv env;
@@ -80,58 +80,58 @@ public abstract class Batch {
protected static Logger aspr;
protected static Set<String> specialNames;
protected static boolean dryRun;
- protected static String batchEnv;
+ protected static String batchEnv;
- public static final String CASS_ENV = "CASS_ENV";
- public static final String LOG_DIR = "LOG_DIR";
+ public static final String CASS_ENV = "CASS_ENV";
+ public static final String LOG_DIR = "LOG_DIR";
protected static final String PUNT="punt";
protected static final String MAX_EMAILS="MAX_EMAILS";
protected static final String VERSION="VERSION";
public static final String GUI_URL="GUI_URL";
- protected final Organization org;
+ protected final Organization org;
protected Batch(AuthzEnv env) throws APIException, IOException, OrganizationException {
- // Be able to change Environments
- // load extra properties, i.e.
- // PERF.cassandra.clusters=....
- batchEnv = env.getProperty(CASS_ENV);
- if(batchEnv != null) {
- batchEnv = batchEnv.trim();
- env.info().log("Redirecting to ",batchEnv,"environment");
- String str;
- for(String key : new String[]{
- CassAccess.CASSANDRA_CLUSTERS,
- CassAccess.CASSANDRA_CLUSTERS_PORT,
- CassAccess.CASSANDRA_CLUSTERS_USER_NAME,
- CassAccess.CASSANDRA_CLUSTERS_PASSWORD,
- VERSION,GUI_URL,PUNT,MAX_EMAILS,
- LOG_DIR,
- "SPECIAL_NAMES"
- }) {
- if((str = env.getProperty(batchEnv+'.'+key))!=null) {
- env.setProperty(key, str);
- }
- }
- }
-
- // Setup for Dry Run
+ // Be able to change Environments
+ // load extra properties, i.e.
+ // PERF.cassandra.clusters=....
+ batchEnv = env.getProperty(CASS_ENV);
+ if(batchEnv != null) {
+ batchEnv = batchEnv.trim();
+ env.info().log("Redirecting to ",batchEnv,"environment");
+ String str;
+ for(String key : new String[]{
+ CassAccess.CASSANDRA_CLUSTERS,
+ CassAccess.CASSANDRA_CLUSTERS_PORT,
+ CassAccess.CASSANDRA_CLUSTERS_USER_NAME,
+ CassAccess.CASSANDRA_CLUSTERS_PASSWORD,
+ VERSION,GUI_URL,PUNT,MAX_EMAILS,
+ LOG_DIR,
+ "SPECIAL_NAMES"
+ }) {
+ if((str = env.getProperty(batchEnv+'.'+key))!=null) {
+ env.setProperty(key, str);
+ }
+ }
+ }
+
+ // Setup for Dry Run
cluster = CassAccess.cluster(env,batchEnv);
env.info().log("cluster name - ",cluster.getClusterName());
String dryRunStr = env.getProperty( "DRY_RUN" );
if ( dryRunStr == null || "false".equals(dryRunStr.trim()) ) {
- dryRun = false;
- } else {
+ dryRun = false;
+ } else {
dryRun = true;
env.info().log("dryRun set to TRUE");
}
- org = OrganizationFactory.init(env);
- org.setTestMode(dryRun);
+ org = OrganizationFactory.init(env);
+ org.setTestMode(dryRun);
- // Special names to allow behaviors beyond normal rules
+ // Special names to allow behaviors beyond normal rules
specialNames = new HashSet<>();
String names = env.getProperty( "SPECIAL_NAMES" );
if ( names != null )
@@ -145,171 +145,171 @@ public abstract class Batch {
}
}
- protected abstract void run(AuthzTrans trans);
+ protected abstract void run(AuthzTrans trans);
protected abstract void _close(AuthzTrans trans);
public String[] args() {
- return env.get(ssargs);
+ return env.get(ssargs);
}
-
+
public boolean isDryRun()
{
return dryRun;
}
- public boolean isSpecial(String user) {
- if (specialNames != null && specialNames.contains(user)) {
- env.info().log("specialName: " + user);
-
- return (true);
- } else {
- return (false);
- }
- }
-
- public boolean isMechID(String user) {
- if (user.matches("m[0-9][0-9][0-9][0-9][0-9]")) {
- return (true);
- } else {
- return (false);
- }
- }
-
- protected PrintStream fallout(PrintStream inFallout, String logType)
- throws IOException {
- PrintStream fallout = inFallout;
- if (fallout == null) {
- File dir = new File("logs");
- if (!dir.exists()) {
- dir.mkdirs();
- }
-
- File f = null;
- long uniq = System.currentTimeMillis();
-
- f = new File(dir, getClass().getSimpleName() + "_" + logType + "_"
- + uniq + ".log");
-
- fallout = new PrintStream(new FileOutputStream(f, true));
- }
- return fallout;
- }
-
- public Organization getOrgFromID(AuthzTrans trans, String user) {
- Organization organization;
- try {
- organization = OrganizationFactory.obtain(trans.env(),user.toLowerCase());
- } catch (OrganizationException e1) {
- trans.error().log(e1);
- organization=null;
- }
-
- if (organization == null) {
- PrintStream fallout = null;
-
- try {
- fallout = fallout(fallout, "Fallout");
- fallout.print("INVALID_ID,");
- fallout.println(user);
- } catch (Exception e) {
- env.error().log("Could not write to Fallout File", e);
- }
- return (null);
- }
-
- return (organization);
- }
-
- public static Row executeDeleteQuery(Statement stmt) {
- Row row = null;
- if (!dryRun) {
- row = session.execute(stmt).one();
- }
-
- return (row);
-
- }
+ public boolean isSpecial(String user) {
+ if (specialNames != null && specialNames.contains(user)) {
+ env.info().log("specialName: " + user);
+
+ return (true);
+ } else {
+ return (false);
+ }
+ }
+
+ public boolean isMechID(String user) {
+ if (user.matches("m[0-9][0-9][0-9][0-9][0-9]")) {
+ return (true);
+ } else {
+ return (false);
+ }
+ }
+
+ protected PrintStream fallout(PrintStream inFallout, String logType)
+ throws IOException {
+ PrintStream fallout = inFallout;
+ if (fallout == null) {
+ File dir = new File("logs");
+ if (!dir.exists()) {
+ dir.mkdirs();
+ }
+
+ File f = null;
+ long uniq = System.currentTimeMillis();
+
+ f = new File(dir, getClass().getSimpleName() + "_" + logType + "_"
+ + uniq + ".log");
+
+ fallout = new PrintStream(new FileOutputStream(f, true));
+ }
+ return fallout;
+ }
+
+ public Organization getOrgFromID(AuthzTrans trans, String user) {
+ Organization organization;
+ try {
+ organization = OrganizationFactory.obtain(trans.env(),user.toLowerCase());
+ } catch (OrganizationException e1) {
+ trans.error().log(e1);
+ organization=null;
+ }
+
+ if (organization == null) {
+ PrintStream fallout = null;
+
+ try {
+ fallout = fallout(fallout, "Fallout");
+ fallout.print("INVALID_ID,");
+ fallout.println(user);
+ } catch (Exception e) {
+ env.error().log("Could not write to Fallout File", e);
+ }
+ return (null);
+ }
+
+ return (organization);
+ }
+
+ public static Row executeDeleteQuery(Statement stmt) {
+ Row row = null;
+ if (!dryRun) {
+ row = session.execute(stmt).one();
+ }
+
+ return (row);
+
+ }
- public static int acquireRunLock(String className) {
- Boolean testEnv = true;
- String envStr = env.getProperty("AFT_ENVIRONMENT");
-
- if (envStr != null) {
- if ("AFTPRD".equals(envStr)) {
- testEnv = false;
- }
- } else {
- env.fatal()
- .log("AFT_ENVIRONMENT property is required and was not found. Exiting.");
- System.exit(1);
- }
-
- if (testEnv) {
- env.info().log("TESTMODE: skipping RunLock");
- return (1);
- }
-
- String hostname = null;
- try {
- hostname = InetAddress.getLocalHost().getHostName();
- } catch (UnknownHostException e) {
- e.printStackTrace();
- env.warn().log("Unable to get hostname");
- return (0);
- }
-
- ResultSet existing = session.execute(String.format(
- "select * from authz.run_lock where class = '%s'", className));
-
- for (Row row : existing) {
- long curr = System.currentTimeMillis();
- ByteBuffer lastRun = row.getBytesUnsafe(2); // Can I get this field
- // by name?
-
- long interval = (1 * 60 * 1000); // @@ Create a value in props file
- // for this
- long prev = lastRun.getLong();
-
- if ((curr - prev) <= interval) {
- env.warn().log(
- String.format("Too soon! Last run was %d minutes ago.",
- ((curr - prev) / 1000) / 60));
- env.warn().log(
- String.format("Min time between runs is %d minutes ",
- (interval / 1000) / 60));
- env.warn().log(
- String.format("Last ran on machine: %s at %s",
- row.getString("host"), row.getDate("start")));
- return (0);
- } else {
- env.info().log("Delete old lock");
- deleteLock(className);
- }
- }
-
- GregorianCalendar current = new GregorianCalendar();
-
- // We want our time in UTC, hence "+0000"
- SimpleDateFormat fmt = new SimpleDateFormat("yyyy-MM-dd HH:mm:ss+0000");
- fmt.setTimeZone(TimeZone.getTimeZone("UTC"));
-
- String cql = String
- .format("INSERT INTO authz.run_lock (class,host,start) VALUES ('%s','%s','%s') IF NOT EXISTS",
- className, hostname, fmt.format(current.getTime()));
-
- env.info().log(cql);
-
- Row row = session.execute(cql).one();
- if (!row.getBool("[applied]")) {
- env.warn().log("Lightweight Transaction failed to write lock.");
- env.warn().log(
- String.format("host with lock: %s, running at %s",
- row.getString("host"), row.getDate("start")));
- return (0);
- }
- return (1);
- }
-
+ public static int acquireRunLock(String className) {
+ Boolean testEnv = true;
+ String envStr = env.getProperty("AFT_ENVIRONMENT");
+
+ if (envStr != null) {
+ if ("AFTPRD".equals(envStr)) {
+ testEnv = false;
+ }
+ } else {
+ env.fatal()
+ .log("AFT_ENVIRONMENT property is required and was not found. Exiting.");
+ System.exit(1);
+ }
+
+ if (testEnv) {
+ env.info().log("TESTMODE: skipping RunLock");
+ return (1);
+ }
+
+ String hostname = null;
+ try {
+ hostname = InetAddress.getLocalHost().getHostName();
+ } catch (UnknownHostException e) {
+ e.printStackTrace();
+ env.warn().log("Unable to get hostname");
+ return (0);
+ }
+
+ ResultSet existing = session.execute(String.format(
+ "select * from authz.run_lock where class = '%s'", className));
+
+ for (Row row : existing) {
+ long curr = System.currentTimeMillis();
+ ByteBuffer lastRun = row.getBytesUnsafe(2); // Can I get this field
+ // by name?
+
+ long interval = (1 * 60 * 1000); // @@ Create a value in props file
+ // for this
+ long prev = lastRun.getLong();
+
+ if ((curr - prev) <= interval) {
+ env.warn().log(
+ String.format("Too soon! Last run was %d minutes ago.",
+ ((curr - prev) / 1000) / 60));
+ env.warn().log(
+ String.format("Min time between runs is %d minutes ",
+ (interval / 1000) / 60));
+ env.warn().log(
+ String.format("Last ran on machine: %s at %s",
+ row.getString("host"), row.getDate("start")));
+ return (0);
+ } else {
+ env.info().log("Delete old lock");
+ deleteLock(className);
+ }
+ }
+
+ GregorianCalendar current = new GregorianCalendar();
+
+ // We want our time in UTC, hence "+0000"
+ SimpleDateFormat fmt = new SimpleDateFormat("yyyy-MM-dd HH:mm:ss+0000");
+ fmt.setTimeZone(TimeZone.getTimeZone("UTC"));
+
+ String cql = String
+ .format("INSERT INTO authz.run_lock (class,host,start) VALUES ('%s','%s','%s') IF NOT EXISTS",
+ className, hostname, fmt.format(current.getTime()));
+
+ env.info().log(cql);
+
+ Row row = session.execute(cql).one();
+ if (!row.getBool("[applied]")) {
+ env.warn().log("Lightweight Transaction failed to write lock.");
+ env.warn().log(
+ String.format("host with lock: %s, running at %s",
+ row.getString("host"), row.getDate("start")));
+ return (0);
+ }
+ return (1);
+ }
+
private static void deleteLock( String className) {
Row row = session.execute( String.format( "DELETE FROM authz.run_lock WHERE class = '%s' IF EXISTS", className ) ).one();
if (! row.getBool("[applied]")) {
@@ -318,204 +318,204 @@ public abstract class Batch {
}
private static void transferVMProps(AuthzEnv env, String ... props) {
- String value;
- for(String key : props) {
- if((value = System.getProperty(key))!=null) {
- env.setProperty(key, value);
- }
- }
- }
-
- // IMPORTANT! VALIDATE Organization isUser method
+ String value;
+ for(String key : props) {
+ if((value = System.getProperty(key))!=null) {
+ env.setProperty(key, value);
+ }
+ }
+ }
+
+ // IMPORTANT! VALIDATE Organization isUser method
protected void checkOrganizationAcccess(AuthzTrans trans, Question q) throws APIException, OrganizationException {
- Set<String> testUsers = new HashSet<>();
- Result<List<RoleDAO.Data>> rrd = q.roleDAO.readNS(trans, rootNs);
- if (rrd.isOK()) {
- for (RoleDAO.Data r : rrd.value) {
- Result<List<UserRoleDAO.Data>> rur = q.userRoleDAO.readByRole(trans, r.fullName());
- if (!rur.isOK()) {
- continue;
- }
- for (UserRoleDAO.Data udd : rur.value) {
- testUsers.add(udd.user);
- }
- }
- if (testUsers.size() < 2) {
- throw new APIException("Not enough Users in Roles for " + rootNs + " to Validate");
- }
-
- Identity iden;
- for (String user : testUsers) {
- if ((iden = org.getIdentity(trans, user)) == null) {
- throw new APIException("Failed Organization Entity Validation Check: " + user);
- } else {
- trans.info().log("Organization Validation Check: " + iden.id());
- }
- }
- }
- }
+ Set<String> testUsers = new HashSet<>();
+ Result<List<RoleDAO.Data>> rrd = q.roleDAO.readNS(trans, rootNs);
+ if (rrd.isOK()) {
+ for (RoleDAO.Data r : rrd.value) {
+ Result<List<UserRoleDAO.Data>> rur = q.userRoleDAO.readByRole(trans, r.fullName());
+ if (!rur.isOK()) {
+ continue;
+ }
+ for (UserRoleDAO.Data udd : rur.value) {
+ testUsers.add(udd.user);
+ }
+ }
+ if (testUsers.size() < 2) {
+ throw new APIException("Not enough Users in Roles for " + rootNs + " to Validate");
+ }
+
+ Identity iden;
+ for (String user : testUsers) {
+ if ((iden = org.getIdentity(trans, user)) == null) {
+ throw new APIException("Failed Organization Entity Validation Check: " + user);
+ } else {
+ trans.info().log("Organization Validation Check: " + iden.id());
+ }
+ }
+ }
+ }
protected static String logDir() {
- String ld = env.getProperty(LOG_DIR);
- if(ld==null) {
- if(batchEnv==null) { // Deployed Batch doesn't use different ENVs, and a common logdir
- ld = "logs/";
- } else {
- ld = "logs/"+batchEnv;
- }
- }
- return ld;
+ String ld = env.getProperty(LOG_DIR);
+ if(ld==null) {
+ if(batchEnv==null) { // Deployed Batch doesn't use different ENVs, and a common logdir
+ ld = "logs/";
+ } else {
+ ld = "logs/"+batchEnv;
+ }
+ }
+ return ld;
+ }
+ protected int count(String str, char c) {
+ if(str==null || str.isEmpty()) {
+ return 0;
+ } else {
+ int count=1;
+ for(int i=str.indexOf(c);i>=0;i=str.indexOf(c,i+1)) {
+ ++count;
+ }
+ return count;
+ }
+ }
+
+ public final void close(AuthzTrans trans) {
+ _close(trans);
+ cluster.close();
+ }
+
+ public static void main(String[] args) {
+ PropAccess access = new PropAccess(args);
+ InputStream is = null;
+ String filename;
+ String propLoc;
+ try {
+ Define.set(access);
+ rootNs =Define.ROOT_NS();
+
+ File f = new File("etc/authzBatch.props");
+ try {
+ if (f.exists()) {
+ filename = f.getAbsolutePath();
+ is = new FileInputStream(f);
+ propLoc = f.getPath();
+ } else {
+ URL rsrc = ClassLoader.getSystemResource("authBatch.props");
+ filename = rsrc.toString();
+ is = rsrc.openStream();
+ propLoc = rsrc.getPath();
+ }
+ access.load(is);
+ } finally {
+ if (is == null) {
+ System.err.println("authBatch.props must exist in etc dir, or in Classpath");
+ System.exit(1);
+ }
+ is.close();
+ }
+
+ env = new AuthzEnv(access);
+
+ transferVMProps(env, CASS_ENV, "DRY_RUN", "NS", "Organization");
+
+ // Flow all Env Logs to Log4j, with ENV
+
+ LogFileNamer lfn;
+ lfn = new LogFileNamer(logDir(),"").noPID();
+ lfn.setAppender("authz-batch");
+ lfn.setAppender("aspr|ASPR");
+ lfn.setAppender("sync");
+ lfn.setAppender("jobchange");
+ lfn.setAppender("validateuser");
+ aspr = Logger.getLogger("aspr");
+ Log4JLogTarget.setLog4JEnv("authz-batch", env);
+ if (filename != null) {
+ env.init().log("Instantiated properties from", filename);
+ }
+
+ // Log where Config found
+ env.info().log("Configuring from", propLoc);
+ propLoc = null;
+
+ Batch batch = null;
+ // setup ATTUser and Organization Slots before starting this:
+ // TODO redo this
+ // env.slot(ATT.ATT_USERSLOT);
+ //
+ // OrganizationFactory.setDefaultOrg(env, ATT.class.getName());
+ AuthzTrans trans = env.newTrans();
+
+ TimeTaken tt = trans.start("Total Run", Env.SUB);
+ try {
+ int len = args.length;
+ if (len > 0) {
+ String toolName = args[0];
+ len -= 1;
+ if (len < 0)
+ len = 0;
+ String nargs[] = new String[len];
+ if (len > 0) {
+ System.arraycopy(args, 1, nargs, 0, len);
+ }
+
+ env.put(ssargs = env.staticSlot("ARGS"), nargs);
+
+ /*
+ * Add New Batch Programs (inherit from Batch) here
+ */
+
+ // Might be a Report, Update or Temp Batch
+ Class<?> cls;
+ String classifier = "";
+ try {
+ cls = ClassLoader.getSystemClassLoader().loadClass("org.onap.aaf.auth.update." + toolName);
+ classifier = "Update:";
+ } catch (ClassNotFoundException e) {
+ try {
+ cls = ClassLoader.getSystemClassLoader().loadClass("org.onap.aaf.auth.reports." + toolName);
+ classifier = "Report:";
+ } catch (ClassNotFoundException e2) {
+ try {
+ cls = ClassLoader.getSystemClassLoader()
+ .loadClass("org.onap.aaf.auth.temp." + toolName);
+ classifier = "Temp Utility:";
+ } catch (ClassNotFoundException e3) {
+ cls = null;
+ }
+ }
+ }
+ if (cls != null) {
+ Constructor<?> cnst = cls.getConstructor(new Class[] { AuthzTrans.class });
+ batch = (Batch) cnst.newInstance(trans);
+ env.info().log("Begin", classifier, toolName);
+ }
+
+
+ if (batch == null) {
+ trans.error().log("No Batch named", toolName, "found");
+ }
+ /*
+ * End New Batch Programs (inherit from Batch) here
+ */
+
+ }
+ if (batch != null) {
+ batch.run(trans);
+ }
+ } finally {
+ tt.done();
+ if (batch != null) {
+ batch.close(trans);
+ }
+ StringBuilder sb = new StringBuilder("Task Times\n");
+ trans.auditTrail(4, sb, AuthzTrans.SUB, AuthzTrans.REMOTE);
+ trans.info().log(sb);
+ }
+ } catch (Exception e) {
+ e.printStackTrace(System.err);
+ // Exceptions thrown by DB aren't stopping the whole process.
+ System.exit(1);
+ }
}
- protected int count(String str, char c) {
- if(str==null || str.isEmpty()) {
- return 0;
- } else {
- int count=1;
- for(int i=str.indexOf(c);i>=0;i=str.indexOf(c,i+1)) {
- ++count;
- }
- return count;
- }
- }
-
- public final void close(AuthzTrans trans) {
- _close(trans);
- cluster.close();
- }
-
- public static void main(String[] args) {
- PropAccess access = new PropAccess(args);
- InputStream is = null;
- String filename;
- String propLoc;
- try {
- Define.set(access);
- rootNs =Define.ROOT_NS();
-
- File f = new File("etc/authzBatch.props");
- try {
- if (f.exists()) {
- filename = f.getAbsolutePath();
- is = new FileInputStream(f);
- propLoc = f.getPath();
- } else {
- URL rsrc = ClassLoader.getSystemResource("authBatch.props");
- filename = rsrc.toString();
- is = rsrc.openStream();
- propLoc = rsrc.getPath();
- }
- access.load(is);
- } finally {
- if (is == null) {
- System.err.println("authBatch.props must exist in etc dir, or in Classpath");
- System.exit(1);
- }
- is.close();
- }
-
- env = new AuthzEnv(access);
-
- transferVMProps(env, CASS_ENV, "DRY_RUN", "NS", "Organization");
-
- // Flow all Env Logs to Log4j, with ENV
-
- LogFileNamer lfn;
- lfn = new LogFileNamer(logDir(),"").noPID();
- lfn.setAppender("authz-batch");
- lfn.setAppender("aspr|ASPR");
- lfn.setAppender("sync");
- lfn.setAppender("jobchange");
- lfn.setAppender("validateuser");
- aspr = Logger.getLogger("aspr");
- Log4JLogTarget.setLog4JEnv("authz-batch", env);
- if (filename != null) {
- env.init().log("Instantiated properties from", filename);
- }
-
- // Log where Config found
- env.info().log("Configuring from", propLoc);
- propLoc = null;
-
- Batch batch = null;
- // setup ATTUser and Organization Slots before starting this:
- // TODO redo this
- // env.slot(ATT.ATT_USERSLOT);
- //
- // OrganizationFactory.setDefaultOrg(env, ATT.class.getName());
- AuthzTrans trans = env.newTrans();
-
- TimeTaken tt = trans.start("Total Run", Env.SUB);
- try {
- int len = args.length;
- if (len > 0) {
- String toolName = args[0];
- len -= 1;
- if (len < 0)
- len = 0;
- String nargs[] = new String[len];
- if (len > 0) {
- System.arraycopy(args, 1, nargs, 0, len);
- }
-
- env.put(ssargs = env.staticSlot("ARGS"), nargs);
-
- /*
- * Add New Batch Programs (inherit from Batch) here
- */
-
- // Might be a Report, Update or Temp Batch
- Class<?> cls;
- String classifier = "";
- try {
- cls = ClassLoader.getSystemClassLoader().loadClass("org.onap.aaf.auth.update." + toolName);
- classifier = "Update:";
- } catch (ClassNotFoundException e) {
- try {
- cls = ClassLoader.getSystemClassLoader().loadClass("org.onap.aaf.auth.reports." + toolName);
- classifier = "Report:";
- } catch (ClassNotFoundException e2) {
- try {
- cls = ClassLoader.getSystemClassLoader()
- .loadClass("org.onap.aaf.auth.temp." + toolName);
- classifier = "Temp Utility:";
- } catch (ClassNotFoundException e3) {
- cls = null;
- }
- }
- }
- if (cls != null) {
- Constructor<?> cnst = cls.getConstructor(new Class[] { AuthzTrans.class });
- batch = (Batch) cnst.newInstance(trans);
- env.info().log("Begin", classifier, toolName);
- }
-
-
- if (batch == null) {
- trans.error().log("No Batch named", toolName, "found");
- }
- /*
- * End New Batch Programs (inherit from Batch) here
- */
-
- }
- if (batch != null) {
- batch.run(trans);
- }
- } finally {
- tt.done();
- if (batch != null) {
- batch.close(trans);
- }
- StringBuilder sb = new StringBuilder("Task Times\n");
- trans.auditTrail(4, sb, AuthzTrans.SUB, AuthzTrans.REMOTE);
- trans.info().log(sb);
- }
- } catch (Exception e) {
- e.printStackTrace(System.err);
- // Exceptions thrown by DB aren't stopping the whole process.
- System.exit(1);
- }
- }
}
diff --git a/auth/auth-batch/src/main/java/org/onap/aaf/auth/BatchException.java b/auth/auth-batch/src/main/java/org/onap/aaf/auth/BatchException.java
index 4ed0940a..15bec4e4 100644
--- a/auth/auth-batch/src/main/java/org/onap/aaf/auth/BatchException.java
+++ b/auth/auth-batch/src/main/java/org/onap/aaf/auth/BatchException.java
@@ -23,29 +23,29 @@ package org.onap.aaf.auth;
public class BatchException extends Exception {
- /**
- *
- */
- private static final long serialVersionUID = -3877245367723491192L;
-
- public BatchException() {
- }
-
- public BatchException(String message) {
- super(message);
- }
-
- public BatchException(Throwable cause) {
- super(cause);
- }
-
- public BatchException(String message, Throwable cause) {
- super(message, cause);
- }
-
- public BatchException(String message, Throwable cause,
- boolean enableSuppression, boolean writableStackTrace) {
- super(message, cause, enableSuppression, writableStackTrace);
- }
+ /**
+ *
+ */
+ private static final long serialVersionUID = -3877245367723491192L;
+
+ public BatchException() {
+ }
+
+ public BatchException(String message) {
+ super(message);
+ }
+
+ public BatchException(Throwable cause) {
+ super(cause);
+ }
+
+ public BatchException(String message, Throwable cause) {
+ super(message, cause);
+ }
+
+ public BatchException(String message, Throwable cause,
+ boolean enableSuppression, boolean writableStackTrace) {
+ super(message, cause, enableSuppression, writableStackTrace);
+ }
}
diff --git a/auth/auth-batch/src/main/java/org/onap/aaf/auth/BatchPrincipal.java b/auth/auth-batch/src/main/java/org/onap/aaf/auth/BatchPrincipal.java
index 5403e3a5..66431c8a 100644
--- a/auth/auth-batch/src/main/java/org/onap/aaf/auth/BatchPrincipal.java
+++ b/auth/auth-batch/src/main/java/org/onap/aaf/auth/BatchPrincipal.java
@@ -23,19 +23,19 @@ package org.onap.aaf.auth;
import org.onap.aaf.cadi.principal.TaggedPrincipal;
public class BatchPrincipal extends TaggedPrincipal {
- private final String name;
-
- public BatchPrincipal(final String name) {
- this.name = "batch:"+name;
- }
+ private final String name;
+
+ public BatchPrincipal(final String name) {
+ this.name = "batch:"+name;
+ }
- @Override
- public String getName() {
- return name;
- }
+ @Override
+ public String getName() {
+ return name;
+ }
- @Override
- public String tag() {
- return "Btch";
- }
+ @Override
+ public String tag() {
+ return "Btch";
+ }
}
diff --git a/auth/auth-batch/src/main/java/org/onap/aaf/auth/CassBatch.java b/auth/auth-batch/src/main/java/org/onap/aaf/auth/CassBatch.java
index 32e8f85d..cb2b158f 100644
--- a/auth/auth-batch/src/main/java/org/onap/aaf/auth/CassBatch.java
+++ b/auth/auth-batch/src/main/java/org/onap/aaf/auth/CassBatch.java
@@ -35,44 +35,44 @@ import com.datastax.driver.core.exceptions.InvalidQueryException;
public abstract class CassBatch extends Batch {
- protected CassBatch(AuthzTrans trans, String log4JName) throws APIException, IOException, OrganizationException {
- super(trans.env());
- // Flow all Env Logs to Log4j
- Log4JLogTarget.setLog4JEnv(log4JName, env);
-
- TimeTaken tt = trans.start("Connect to Cluster", Env.REMOTE);
- try {
- session = cluster.connect();
- } finally {
- tt.done();
- }
- }
+ protected CassBatch(AuthzTrans trans, String log4JName) throws APIException, IOException, OrganizationException {
+ super(trans.env());
+ // Flow all Env Logs to Log4j
+ Log4JLogTarget.setLog4JEnv(log4JName, env);
+
+ TimeTaken tt = trans.start("Connect to Cluster", Env.REMOTE);
+ try {
+ session = cluster.connect();
+ } finally {
+ tt.done();
+ }
+ }
- @Override
- protected void _close(AuthzTrans trans) {
- session.close();
- trans.info().log("Closed Session");
- }
+ @Override
+ protected void _close(AuthzTrans trans) {
+ session.close();
+ trans.info().log("Closed Session");
+ }
- public ResultSet executeQuery(String cql) {
- return executeQuery(cql,"");
- }
+ public ResultSet executeQuery(String cql) {
+ return executeQuery(cql,"");
+ }
- public ResultSet executeQuery(String cql, String extra) {
- if(isDryRun() && !cql.startsWith("SELECT")) {
- if(extra!=null)env.info().log("Would query" + extra + ": " + cql);
- } else {
- if(extra!=null)env.info().log("query" + extra + ": " + cql);
- try {
- return session.execute(cql);
- } catch (InvalidQueryException e) {
- if(extra==null) {
- env.info().log("query: " + cql);
- }
- throw e;
- }
- }
- return null;
- }
+ public ResultSet executeQuery(String cql, String extra) {
+ if(isDryRun() && !cql.startsWith("SELECT")) {
+ if(extra!=null)env.info().log("Would query" + extra + ": " + cql);
+ } else {
+ if(extra!=null)env.info().log("query" + extra + ": " + cql);
+ try {
+ return session.execute(cql);
+ } catch (InvalidQueryException e) {
+ if(extra==null) {
+ env.info().log("query: " + cql);
+ }
+ throw e;
+ }
+ }
+ return null;
+ }
} \ No newline at end of file
diff --git a/auth/auth-batch/src/main/java/org/onap/aaf/auth/actions/Action.java b/auth/auth-batch/src/main/java/org/onap/aaf/auth/actions/Action.java
index ad3a447d..54e2ee2d 100644
--- a/auth/auth-batch/src/main/java/org/onap/aaf/auth/actions/Action.java
+++ b/auth/auth-batch/src/main/java/org/onap/aaf/auth/actions/Action.java
@@ -25,5 +25,5 @@ import org.onap.aaf.auth.env.AuthzTrans;
import org.onap.aaf.auth.layer.Result;
public interface Action<D,RV,T> {
- public Result<RV> exec(AuthzTrans trans, D data, T t);
+ public Result<RV> exec(AuthzTrans trans, D data, T t);
} \ No newline at end of file
diff --git a/auth/auth-batch/src/main/java/org/onap/aaf/auth/actions/ActionDAO.java b/auth/auth-batch/src/main/java/org/onap/aaf/auth/actions/ActionDAO.java
index 90400015..af636d65 100644
--- a/auth/auth-batch/src/main/java/org/onap/aaf/auth/actions/ActionDAO.java
+++ b/auth/auth-batch/src/main/java/org/onap/aaf/auth/actions/ActionDAO.java
@@ -33,41 +33,41 @@ import com.datastax.driver.core.Cluster;
import com.datastax.driver.core.Session;
public abstract class ActionDAO<D,RV,T> implements Action<D,RV,T> {
- protected final Question q;
- protected final Function f;
- private boolean clean;
- protected final boolean dryRun;
+ protected final Question q;
+ protected final Function f;
+ private boolean clean;
+ protected final boolean dryRun;
- public ActionDAO(AuthzTrans trans, Cluster cluster, boolean dryRun) throws APIException, IOException {
- q = new Question(trans, cluster, CassAccess.KEYSPACE, false);
- f = new Function(trans,q);
- clean = true;
- this.dryRun = dryRun;
- }
-
- public ActionDAO(AuthzTrans trans, ActionDAO<?,?,?> predecessor) {
- q = predecessor.q;
- f = new Function(trans,q);
- clean = false;
- dryRun = predecessor.dryRun;
- }
-
- public Session getSession(AuthzTrans trans) throws APIException, IOException {
- return q.historyDAO.getSession(trans);
- }
-
- public Question question() {
- return q;
- }
-
- public Function function() {
- return f;
- }
+ public ActionDAO(AuthzTrans trans, Cluster cluster, boolean dryRun) throws APIException, IOException {
+ q = new Question(trans, cluster, CassAccess.KEYSPACE, false);
+ f = new Function(trans,q);
+ clean = true;
+ this.dryRun = dryRun;
+ }
+
+ public ActionDAO(AuthzTrans trans, ActionDAO<?,?,?> predecessor) {
+ q = predecessor.q;
+ f = new Function(trans,q);
+ clean = false;
+ dryRun = predecessor.dryRun;
+ }
+
+ public Session getSession(AuthzTrans trans) throws APIException, IOException {
+ return q.historyDAO.getSession(trans);
+ }
+
+ public Question question() {
+ return q;
+ }
+
+ public Function function() {
+ return f;
+ }
- public void close(AuthzTrans trans) {
- if(clean) {
- q.close(trans);
- }
- }
+ public void close(AuthzTrans trans) {
+ if(clean) {
+ q.close(trans);
+ }
+ }
}
diff --git a/auth/auth-batch/src/main/java/org/onap/aaf/auth/actions/ActionPuntDAO.java b/auth/auth-batch/src/main/java/org/onap/aaf/auth/actions/ActionPuntDAO.java
index 332d2509..95b35fdb 100644
--- a/auth/auth-batch/src/main/java/org/onap/aaf/auth/actions/ActionPuntDAO.java
+++ b/auth/auth-batch/src/main/java/org/onap/aaf/auth/actions/ActionPuntDAO.java
@@ -31,42 +31,42 @@ import org.onap.aaf.misc.env.APIException;
import com.datastax.driver.core.Cluster;
public abstract class ActionPuntDAO<D, RV, T> extends ActionDAO<D, RV, T> {
-// private static final SecureRandom random = new SecureRandom();
- private int months;
-// private int range;
- protected static final Date now = new Date();
+// private static final SecureRandom random = new SecureRandom();
+ private int months;
+// private int range;
+ protected static final Date now = new Date();
- public ActionPuntDAO(AuthzTrans trans, Cluster cluster, int months, int range, boolean dryRun) throws APIException, IOException {
- super(trans, cluster,dryRun);
- this.months = months;
-// this.range = range;
- }
+ public ActionPuntDAO(AuthzTrans trans, Cluster cluster, int months, int range, boolean dryRun) throws APIException, IOException {
+ super(trans, cluster,dryRun);
+ this.months = months;
+// this.range = range;
+ }
- public ActionPuntDAO(AuthzTrans trans, ActionDAO<?, ?,?> predecessor, int months, int range) {
- super(trans, predecessor);
- this.months = months;
-// this.range = range;
- }
-
+ public ActionPuntDAO(AuthzTrans trans, ActionDAO<?, ?,?> predecessor, int months, int range) {
+ super(trans, predecessor);
+ this.months = months;
+// this.range = range;
+ }
+
- protected Date puntDate(Date current) {
- GregorianCalendar temp = new GregorianCalendar();
- temp.setTime(current);
- temp.add(GregorianCalendar.MONTH, months);
+ protected Date puntDate(Date current) {
+ GregorianCalendar temp = new GregorianCalendar();
+ temp.setTime(current);
+ temp.add(GregorianCalendar.MONTH, months);
- /*
- * This method Randomized date. This is no longer needed. Just add the Punt Months.
- temp.setTime(now);
- temp.add(GregorianCalendar.MONTH, months);
- if(range>0) {
- int forward = Math.abs(random.nextInt()%range);
- if(forward>1) {
- temp.add(GregorianCalendar.MONTH, forward);
- temp.add(GregorianCalendar.DAY_OF_MONTH, (random.nextInt()%30)-15);
- }
- }
- */
- return temp.getTime();
- }
+ /*
+ * This method Randomized date. This is no longer needed. Just add the Punt Months.
+ temp.setTime(now);
+ temp.add(GregorianCalendar.MONTH, months);
+ if(range>0) {
+ int forward = Math.abs(random.nextInt()%range);
+ if(forward>1) {
+ temp.add(GregorianCalendar.MONTH, forward);
+ temp.add(GregorianCalendar.DAY_OF_MONTH, (random.nextInt()%30)-15);
+ }
+ }
+ */
+ return temp.getTime();
+ }
}
diff --git a/auth/auth-batch/src/main/java/org/onap/aaf/auth/actions/CacheTouch.java b/auth/auth-batch/src/main/java/org/onap/aaf/auth/actions/CacheTouch.java
index 8261c477..e0fa4be5 100644
--- a/auth/auth-batch/src/main/java/org/onap/aaf/auth/actions/CacheTouch.java
+++ b/auth/auth-batch/src/main/java/org/onap/aaf/auth/actions/CacheTouch.java
@@ -30,24 +30,24 @@ import org.onap.aaf.misc.env.APIException;
import com.datastax.driver.core.Cluster;
public class CacheTouch extends ActionDAO<String,Void, String> {
-
- public CacheTouch(AuthzTrans trans, Cluster cluster, boolean dryRun) throws APIException, IOException {
- super(trans, cluster, dryRun);
- }
+
+ public CacheTouch(AuthzTrans trans, Cluster cluster, boolean dryRun) throws APIException, IOException {
+ super(trans, cluster, dryRun);
+ }
- public CacheTouch(AuthzTrans trans, ActionDAO<?,?,?> adao) {
- super(trans, adao);
- }
+ public CacheTouch(AuthzTrans trans, ActionDAO<?,?,?> adao) {
+ super(trans, adao);
+ }
- @Override
- public Result<Void> exec(AuthzTrans trans, String table, String text) {
- if(dryRun) {
- trans.info().printf("Would mark %s cache in DB for clearing: %s",table, text);
- return Result.ok();
- } else {
- Result<Void> rv = q.clearCache(trans, table);
- trans.info().printf("Set DB Cache %s for clearing: %s",table, text);
- return rv;
- }
- }
+ @Override
+ public Result<Void> exec(AuthzTrans trans, String table, String text) {
+ if(dryRun) {
+ trans.info().printf("Would mark %s cache in DB for clearing: %s",table, text);
+ return Result.ok();
+ } else {
+ Result<Void> rv = q.clearCache(trans, table);
+ trans.info().printf("Set DB Cache %s for clearing: %s",table, text);
+ return rv;
+ }
+ }
} \ No newline at end of file
diff --git a/auth/auth-batch/src/main/java/org/onap/aaf/auth/actions/CredDelete.java b/auth/auth-batch/src/main/java/org/onap/aaf/auth/actions/CredDelete.java
index 700aaaea..b4b7d0b3 100644
--- a/auth/auth-batch/src/main/java/org/onap/aaf/auth/actions/CredDelete.java
+++ b/auth/auth-batch/src/main/java/org/onap/aaf/auth/actions/CredDelete.java
@@ -32,24 +32,24 @@ import org.onap.aaf.misc.env.util.Chrono;
import com.datastax.driver.core.Cluster;
public class CredDelete extends ActionDAO<CredDAO.Data,Void, String> {
-
- public CredDelete(AuthzTrans trans, Cluster cluster, boolean dryRun) throws APIException, IOException {
- super(trans, cluster, dryRun);
- }
+
+ public CredDelete(AuthzTrans trans, Cluster cluster, boolean dryRun) throws APIException, IOException {
+ super(trans, cluster, dryRun);
+ }
- public CredDelete(AuthzTrans trans, ActionDAO<?,?,?> adao) {
- super(trans, adao);
- }
+ public CredDelete(AuthzTrans trans, ActionDAO<?,?,?> adao) {
+ super(trans, adao);
+ }
- @Override
- public Result<Void> exec(AuthzTrans trans, CredDAO.Data cred, String text) {
- if(dryRun) {
- trans.info().log("Would Delete:",text,cred.id,CredPrint.type(cred.type),Chrono.dateOnlyStamp(cred.expires));
- return Result.ok();
- } else {
- Result<Void> rv = q.credDAO.delete(trans, cred, true); // need to read for undelete
- trans.info().log("Deleted:",text,cred.id,CredPrint.type(cred.type),Chrono.dateOnlyStamp(cred.expires));
- return rv;
- }
- }
+ @Override
+ public Result<Void> exec(AuthzTrans trans, CredDAO.Data cred, String text) {
+ if(dryRun) {
+ trans.info().log("Would Delete:",text,cred.id,CredPrint.type(cred.type),Chrono.dateOnlyStamp(cred.expires));
+ return Result.ok();
+ } else {
+ Result<Void> rv = q.credDAO.delete(trans, cred, true); // need to read for undelete
+ trans.info().log("Deleted:",text,cred.id,CredPrint.type(cred.type),Chrono.dateOnlyStamp(cred.expires));
+ return rv;
+ }
+ }
} \ No newline at end of file
diff --git a/auth/auth-batch/src/main/java/org/onap/aaf/auth/actions/CredPrint.java b/auth/auth-batch/src/main/java/org/onap/aaf/auth/actions/CredPrint.java
index 10407ce4..658ef8b5 100644
--- a/auth/auth-batch/src/main/java/org/onap/aaf/auth/actions/CredPrint.java
+++ b/auth/auth-batch/src/main/java/org/onap/aaf/auth/actions/CredPrint.java
@@ -27,30 +27,30 @@ import org.onap.aaf.auth.layer.Result;
import org.onap.aaf.misc.env.util.Chrono;
public class CredPrint implements Action<CredDAO.Data,Void,String> {
- private String info;
+ private String info;
- public CredPrint(String text) {
- this.info = text;
- }
+ public CredPrint(String text) {
+ this.info = text;
+ }
- @Override
- public Result<Void> exec(AuthzTrans trans, CredDAO.Data cred, String text) {
- trans.info().log(info,cred.id,text, type(cred.type),Chrono.dateOnlyStamp(cred.expires));
- return Result.ok();
- }
-
-
- public static String type(int type) {
- switch(type) {
- case CredDAO.BASIC_AUTH: // 1
- return "OLD";
- case CredDAO.BASIC_AUTH_SHA256: // 2
- return "U/P";
- case CredDAO.CERT_SHA256_RSA: // 200
- return "Cert";
- default:
- return "Unknown";
- }
- }
+ @Override
+ public Result<Void> exec(AuthzTrans trans, CredDAO.Data cred, String text) {
+ trans.info().log(info,cred.id,text, type(cred.type),Chrono.dateOnlyStamp(cred.expires));
+ return Result.ok();
+ }
+
+
+ public static String type(int type) {
+ switch(type) {
+ case CredDAO.BASIC_AUTH: // 1
+ return "OLD";
+ case CredDAO.BASIC_AUTH_SHA256: // 2
+ return "U/P";
+ case CredDAO.CERT_SHA256_RSA: // 200
+ return "Cert";
+ default:
+ return "Unknown";
+ }
+ }
} \ No newline at end of file
diff --git a/auth/auth-batch/src/main/java/org/onap/aaf/auth/actions/CredPunt.java b/auth/auth-batch/src/main/java/org/onap/aaf/auth/actions/CredPunt.java
index 78c1f892..a2c9ecf6 100644
--- a/auth/auth-batch/src/main/java/org/onap/aaf/auth/actions/CredPunt.java
+++ b/auth/auth-batch/src/main/java/org/onap/aaf/auth/actions/CredPunt.java
@@ -34,37 +34,37 @@ import org.onap.aaf.misc.env.util.Chrono;
import com.datastax.driver.core.Cluster;
public class CredPunt extends ActionPuntDAO<CredDAO.Data,Void,String> {
-
- public CredPunt(AuthzTrans trans, Cluster cluster, int months, int range, boolean dryRun) throws IOException, APIException {
- super(trans,cluster,months,range,dryRun);
- }
+
+ public CredPunt(AuthzTrans trans, Cluster cluster, int months, int range, boolean dryRun) throws IOException, APIException {
+ super(trans,cluster,months,range,dryRun);
+ }
- public CredPunt(AuthzTrans trans, ActionDAO<?,?,?> adao, int months, int range) throws IOException {
- super(trans, adao, months,range);
- }
+ public CredPunt(AuthzTrans trans, ActionDAO<?,?,?> adao, int months, int range) throws IOException {
+ super(trans, adao, months,range);
+ }
- public Result<Void> exec(AuthzTrans trans, CredDAO.Data cdd,String text) {
- Result<Void> rv = null;
- Result<List<CredDAO.Data>> read = q.credDAO.read(trans, cdd);
- if(read.isOKhasData()) {
- for(CredDAO.Data data : read.value) {
- Date from = data.expires;
- data.expires = puntDate(from);
- if(data.expires.compareTo(from)<=0) {
- trans.debug().printf("Error: %s is before %s", Chrono.dateOnlyStamp(data.expires), Chrono.dateOnlyStamp(from));
- } else {
- if(dryRun) {
- trans.info().log("Would Update Cred",cdd.id, CredPrint.type(cdd.type), "from",Chrono.dateOnlyStamp(from),"to",Chrono.dateOnlyStamp(data.expires));
- } else {
- trans.info().log("Updated Cred",cdd.id, CredPrint.type(cdd.type), "from",Chrono.dateOnlyStamp(from),"to",Chrono.dateOnlyStamp(data.expires));
- rv = q.credDAO.update(trans, data);
- }
- }
- }
- }
- if(rv==null) {
- rv=Result.err(read);
- }
- return rv;
- }
+ public Result<Void> exec(AuthzTrans trans, CredDAO.Data cdd,String text) {
+ Result<Void> rv = null;
+ Result<List<CredDAO.Data>> read = q.credDAO.read(trans, cdd);
+ if(read.isOKhasData()) {
+ for(CredDAO.Data data : read.value) {
+ Date from = data.expires;
+ data.expires = puntDate(from);
+ if(data.expires.compareTo(from)<=0) {
+ trans.debug().printf("Error: %s is before %s", Chrono.dateOnlyStamp(data.expires), Chrono.dateOnlyStamp(from));
+ } else {
+ if(dryRun) {
+ trans.info().log("Would Update Cred",cdd.id, CredPrint.type(cdd.type), "from",Chrono.dateOnlyStamp(from),"to",Chrono.dateOnlyStamp(data.expires));
+ } else {
+ trans.info().log("Updated Cred",cdd.id, CredPrint.type(cdd.type), "from",Chrono.dateOnlyStamp(from),"to",Chrono.dateOnlyStamp(data.expires));
+ rv = q.credDAO.update(trans, data);
+ }
+ }
+ }
+ }
+ if(rv==null) {
+ rv=Result.err(read);
+ }
+ return rv;
+ }
} \ No newline at end of file
diff --git a/auth/auth-batch/src/main/java/org/onap/aaf/auth/actions/Email.java b/auth/auth-batch/src/main/java/org/onap/aaf/auth/actions/Email.java
index 15dfed38..0ac8f61d 100644
--- a/auth/auth-batch/src/main/java/org/onap/aaf/auth/actions/Email.java
+++ b/auth/auth-batch/src/main/java/org/onap/aaf/auth/actions/Email.java
@@ -34,184 +34,184 @@ import org.onap.aaf.auth.org.Organization.Identity;
import org.onap.aaf.misc.env.util.Chrono;
public class Email implements Action<Organization,Void, String>{
- protected final List<String> toList;
- protected final List<String> ccList;
- private final String[] defaultCC;
- protected String subject;
- private String preamble;
- private Message msg;
- private String sig;
- protected String lineIndent=" ";
- private long lastSent=0L;
-
-
- public Email(String ... defaultCC) {
- toList = new ArrayList<>();
- this.defaultCC = defaultCC;
- ccList = new ArrayList<>();
- clear();
- }
-
- public Email clear() {
- toList.clear();
- ccList.clear();
- for(String s: defaultCC) {
- ccList.add(s);
- }
- return this;
- }
-
-
- public void indent(String indent) {
- lineIndent = indent;
- }
-
- public void preamble(String format, Object ... args) {
- preamble = String.format(format, args);
- }
-
- public Email addTo(Identity id) {
- if(id!=null && !toList.contains(id.email())) {
- toList.add(id.email());
- }
- return this;
- }
-
- public Email addTo(Collection<String> users) {
- for(String u : users) {
- addTo(u);
- }
- return this;
- }
-
- public Email addTo(String email) {
- if(!toList.contains(email)) {
- toList.add(email);
- }
- return this;
- }
-
- public Email addCC(Identity id) {
- if(id!=null && !ccList.contains(id.email())) {
- ccList.add(id.email());
- }
- return this;
- }
-
- public Email addCC(String email) {
- if(!ccList.contains(email)) {
- ccList.add(email);
- }
- return this;
- }
-
-
- public Email add(Identity id, boolean toSuper) throws OrganizationException {
- Identity responsible = id.responsibleTo();
- if(toSuper) {
- addTo(responsible.email());
- addCC(id.email());
- } else {
- addCC(responsible.email());
- addTo(id.email());
- }
- return this;
- }
-
- public Email subject(String format, Object ... args) {
- if(format.contains("%s")) {
- subject = String.format(format, args);
- } else {
- subject = format;
- }
- return this;
- }
-
-
- public Email signature(String format, Object ... args) {
- sig = String.format(format, args);
- return this;
- }
-
- public void msg(Message msg) {
- this.msg = msg;
- }
-
- @Override
- public Result<Void> exec(AuthzTrans trans, Organization org, String text) {
- StringBuilder sb = new StringBuilder();
- if(preamble!=null) {
- sb.append(lineIndent);
- sb.append(preamble);
- sb.append("\n\n");
- }
-
- if(msg!=null) {
- msg.msg(sb,lineIndent);
- sb.append("\n");
- }
-
- if(sig!=null) {
- sb.append(sig);
- sb.append("\n");
- }
-
- long ct = System.currentTimeMillis();
- long wait = ct-lastSent;
- lastSent = ct;
- if(wait < 100) { // 10 per second
- try {
- Thread.sleep(wait);
- } catch (InterruptedException e) {
- Thread.currentThread().interrupt();
- }
- }
- return exec(trans,org,sb);
- }
-
- protected Result<Void> exec(AuthzTrans trans, Organization org, StringBuilder sb) {
- try {
- /* int status = */
- org.sendEmail(trans,
- toList,
- ccList,
- subject,
- sb.toString(),
- false);
- } catch (Exception e) {
- return Result.err(Result.ERR_ActionNotCompleted,e.getMessage());
- }
- return Result.ok();
-
- }
-
- public void log(PrintStream ps, String text) {
- ps.print(Chrono.dateTime());
- boolean first = true;
- for(String s : toList) {
- if(first) {
- first = false;
- ps.print(": ");
- } else {
- ps.print(", ");
- }
- ps.print(s);
- }
- if(!ccList.isEmpty()) {
- first=true;
- for(String s : ccList) {
- if(first) {
- first = false;
- ps.print(" [");
- } else {
- ps.print(", ");
- }
- ps.print(s);
- }
- ps.print(']');
- }
-
- ps.print(' ');
- ps.println(text);
- }
+ protected final List<String> toList;
+ protected final List<String> ccList;
+ private final String[] defaultCC;
+ protected String subject;
+ private String preamble;
+ private Message msg;
+ private String sig;
+ protected String lineIndent=" ";
+ private long lastSent=0L;
+
+
+ public Email(String ... defaultCC) {
+ toList = new ArrayList<>();
+ this.defaultCC = defaultCC;
+ ccList = new ArrayList<>();
+ clear();
+ }
+
+ public Email clear() {
+ toList.clear();
+ ccList.clear();
+ for(String s: defaultCC) {
+ ccList.add(s);
+ }
+ return this;
+ }
+
+
+ public void indent(String indent) {
+ lineIndent = indent;
+ }
+
+ public void preamble(String format, Object ... args) {
+ preamble = String.format(format, args);
+ }
+
+ public Email addTo(Identity id) {
+ if(id!=null && !toList.contains(id.email())) {
+ toList.add(id.email());
+ }
+ return this;
+ }
+
+ public Email addTo(Collection<String> users) {
+ for(String u : users) {
+ addTo(u);
+ }
+ return this;
+ }
+
+ public Email addTo(String email) {
+ if(!toList.contains(email)) {
+ toList.add(email);
+ }
+ return this;
+ }
+
+ public Email addCC(Identity id) {
+ if(id!=null && !ccList.contains(id.email())) {
+ ccList.add(id.email());
+ }
+ return this;
+ }
+
+ public Email addCC(String email) {
+ if(!ccList.contains(email)) {
+ ccList.add(email);
+ }
+ return this;
+ }
+
+
+ public Email add(Identity id, boolean toSuper) throws OrganizationException {
+ Identity responsible = id.responsibleTo();
+ if(toSuper) {
+ addTo(responsible.email());
+ addCC(id.email());
+ } else {
+ addCC(responsible.email());
+ addTo(id.email());
+ }
+ return this;
+ }
+
+ public Email subject(String format, Object ... args) {
+ if(format.contains("%s")) {
+ subject = String.format(format, args);
+ } else {
+ subject = format;
+ }
+ return this;
+ }
+
+
+ public Email signature(String format, Object ... args) {
+ sig = String.format(format, args);
+ return this;
+ }
+
+ public void msg(Message msg) {
+ this.msg = msg;
+ }
+
+ @Override
+ public Result<Void> exec(AuthzTrans trans, Organization org, String text) {
+ StringBuilder sb = new StringBuilder();
+ if(preamble!=null) {
+ sb.append(lineIndent);
+ sb.append(preamble);
+ sb.append("\n\n");
+ }
+
+ if(msg!=null) {
+ msg.msg(sb,lineIndent);
+ sb.append("\n");
+ }
+
+ if(sig!=null) {
+ sb.append(sig);
+ sb.append("\n");
+ }
+
+ long ct = System.currentTimeMillis();
+ long wait = ct-lastSent;
+ lastSent = ct;
+ if(wait < 100) { // 10 per second
+ try {
+ Thread.sleep(wait);
+ } catch (InterruptedException e) {
+ Thread.currentThread().interrupt();
+ }
+ }
+ return exec(trans,org,sb);
+ }
+
+ protected Result<Void> exec(AuthzTrans trans, Organization org, StringBuilder sb) {
+ try {
+ /* int status = */
+ org.sendEmail(trans,
+ toList,
+ ccList,
+ subject,
+ sb.toString(),
+ false);
+ } catch (Exception e) {
+ return Result.err(Result.ERR_ActionNotCompleted,e.getMessage());
+ }
+ return Result.ok();
+
+ }
+
+ public void log(PrintStream ps, String text) {
+ ps.print(Chrono.dateTime());
+ boolean first = true;
+ for(String s : toList) {
+ if(first) {
+ first = false;
+ ps.print(": ");
+ } else {
+ ps.print(", ");
+ }
+ ps.print(s);
+ }
+ if(!ccList.isEmpty()) {
+ first=true;
+ for(String s : ccList) {
+ if(first) {
+ first = false;
+ ps.print(" [");
+ } else {
+ ps.print(", ");
+ }
+ ps.print(s);
+ }
+ ps.print(']');
+ }
+
+ ps.print(' ');
+ ps.println(text);
+ }
}
diff --git a/auth/auth-batch/src/main/java/org/onap/aaf/auth/actions/EmailPrint.java b/auth/auth-batch/src/main/java/org/onap/aaf/auth/actions/EmailPrint.java
index dba02426..5fdc15b1 100644
--- a/auth/auth-batch/src/main/java/org/onap/aaf/auth/actions/EmailPrint.java
+++ b/auth/auth-batch/src/main/java/org/onap/aaf/auth/actions/EmailPrint.java
@@ -29,70 +29,70 @@ import org.onap.aaf.auth.org.Organization;
public class EmailPrint extends Email {
- private static final int LINE_LENGTH = 100;
+ private static final int LINE_LENGTH = 100;
- public EmailPrint(String... defaultCC) {
- super(defaultCC);
- }
+ public EmailPrint(String... defaultCC) {
+ super(defaultCC);
+ }
- /* (non-Javadoc)
- * @see org.onap.aaf.auth.actions.Email#exec(org.onap.aaf.auth.org.test.Organization, java.lang.StringBuilder)
- */
- @Override
- protected Result<Void> exec(AuthzTrans trans, Organization org, StringBuilder msg) {
- PrintStream out = System.out;
- boolean first = true;
- out.print("To: ");
- for(String s: toList) {
- if(first) {first = false;}
- else {out.print(',');}
- out.print(s);
- }
- out.println();
-
- first = true;
- out.print("CC: ");
- for(String s: ccList) {
- if(first) {first = false;}
- else {out.print(',');}
- out.print(s);
- }
- out.println();
+ /* (non-Javadoc)
+ * @see org.onap.aaf.auth.actions.Email#exec(org.onap.aaf.auth.org.test.Organization, java.lang.StringBuilder)
+ */
+ @Override
+ protected Result<Void> exec(AuthzTrans trans, Organization org, StringBuilder msg) {
+ PrintStream out = System.out;
+ boolean first = true;
+ out.print("To: ");
+ for(String s: toList) {
+ if(first) {first = false;}
+ else {out.print(',');}
+ out.print(s);
+ }
+ out.println();
+
+ first = true;
+ out.print("CC: ");
+ for(String s: ccList) {
+ if(first) {first = false;}
+ else {out.print(',');}
+ out.print(s);
+ }
+ out.println();
- out.print("Subject: ");
- out.println(subject);
- out.println();
- boolean go = true;
-
- for(int start=0, end=LINE_LENGTH;go;start=end,end=Math.min(msg.length(), start+LINE_LENGTH)) {
- int ret = msg.indexOf("\n",start+1);
- switch(ret) {
- case -1:
- out.println(msg.substring(start,end));
- break;
- case 0:
- end=start+1;
- out.println();
- break;
- default:
- if(ret<end) {
- end = ret;
- }
- if(end==start+LINE_LENGTH) {
- // Word-wrapping
- ret = msg.lastIndexOf(" ", end);
- if(ret>start && ret<end) {
- end=ret+1;
- }
- out.println(msg.substring(start,end));
- } else {
- out.print(msg.substring(start,end));
- }
- }
- go = end<msg.length();
- }
- return Result.ok();
+ out.print("Subject: ");
+ out.println(subject);
+ out.println();
+ boolean go = true;
+
+ for(int start=0, end=LINE_LENGTH;go;start=end,end=Math.min(msg.length(), start+LINE_LENGTH)) {
+ int ret = msg.indexOf("\n",start+1);
+ switch(ret) {
+ case -1:
+ out.println(msg.substring(start,end));
+ break;
+ case 0:
+ end=start+1;
+ out.println();
+ break;
+ default:
+ if(ret<end) {
+ end = ret;
+ }
+ if(end==start+LINE_LENGTH) {
+ // Word-wrapping
+ ret = msg.lastIndexOf(" ", end);
+ if(ret>start && ret<end) {
+ end=ret+1;
+ }
+ out.println(msg.substring(start,end));
+ } else {
+ out.print(msg.substring(start,end));
+ }
+ }
+ go = end<msg.length();
+ }
+ return Result.ok();
- }
+ }
}
diff --git a/auth/auth-batch/src/main/java/org/onap/aaf/auth/actions/FuturePrint.java b/auth/auth-batch/src/main/java/org/onap/aaf/auth/actions/FuturePrint.java
index 34a16d2a..eda96629 100644
--- a/auth/auth-batch/src/main/java/org/onap/aaf/auth/actions/FuturePrint.java
+++ b/auth/auth-batch/src/main/java/org/onap/aaf/auth/actions/FuturePrint.java
@@ -27,15 +27,15 @@ import org.onap.aaf.auth.layer.Result;
import org.onap.aaf.misc.env.util.Chrono;
public class FuturePrint implements Action<Future,Void,String> {
- private String info;
+ private String info;
- public FuturePrint(String text) {
- this.info = text;
- }
+ public FuturePrint(String text) {
+ this.info = text;
+ }
- @Override
- public Result<Void> exec(AuthzTrans trans, Future f, String text) {
- trans.info().log(info,f.id(),f.memo(),"expiring on",Chrono.dateOnlyStamp(f.expires()));
- return Result.ok();
- }
+ @Override
+ public Result<Void> exec(AuthzTrans trans, Future f, String text) {
+ trans.info().log(info,f.id(),f.memo(),"expiring on",Chrono.dateOnlyStamp(f.expires()));
+ return Result.ok();
+ }
} \ No newline at end of file
diff --git a/auth/auth-batch/src/main/java/org/onap/aaf/auth/actions/Key.java b/auth/auth-batch/src/main/java/org/onap/aaf/auth/actions/Key.java
index 8c39e47d..ee2e8c3b 100644
--- a/auth/auth-batch/src/main/java/org/onap/aaf/auth/actions/Key.java
+++ b/auth/auth-batch/src/main/java/org/onap/aaf/auth/actions/Key.java
@@ -22,5 +22,5 @@
package org.onap.aaf.auth.actions;
public interface Key<HELPER> {
- public String key(HELPER H);
+ public String key(HELPER H);
}
diff --git a/auth/auth-batch/src/main/java/org/onap/aaf/auth/actions/Message.java b/auth/auth-batch/src/main/java/org/onap/aaf/auth/actions/Message.java
index a4122d61..ac594a47 100644
--- a/auth/auth-batch/src/main/java/org/onap/aaf/auth/actions/Message.java
+++ b/auth/auth-batch/src/main/java/org/onap/aaf/auth/actions/Message.java
@@ -25,29 +25,29 @@ import java.util.ArrayList;
import java.util.List;
public class Message {
- public final List<String> lines;
-
- public Message() {
- lines = new ArrayList<>();
- }
+ public final List<String> lines;
+
+ public Message() {
+ lines = new ArrayList<>();
+ }
- public void clear() {
- lines.clear();
- }
-
- public String line(String format, Object ... args) {
- String rv=String.format(format, args);
- lines.add(rv);
- return rv;
- }
+ public void clear() {
+ lines.clear();
+ }
+
+ public String line(String format, Object ... args) {
+ String rv=String.format(format, args);
+ lines.add(rv);
+ return rv;
+ }
- public void msg(StringBuilder sb, String lineIndent) {
- if(!lines.isEmpty()) {
- for(String line : lines) {
- sb.append(lineIndent);
- sb.append(line);
- sb.append('\n');
- }
- }
- }
+ public void msg(StringBuilder sb, String lineIndent) {
+ if(!lines.isEmpty()) {
+ for(String line : lines) {
+ sb.append(lineIndent);
+ sb.append(line);
+ sb.append('\n');
+ }
+ }
+ }
}
diff --git a/auth/auth-batch/src/main/java/org/onap/aaf/auth/actions/NSACreate.java b/auth/auth-batch/src/main/java/org/onap/aaf/auth/actions/NSACreate.java
index 3d215871..5e531269 100644
--- a/auth/auth-batch/src/main/java/org/onap/aaf/auth/actions/NSACreate.java
+++ b/auth/auth-batch/src/main/java/org/onap/aaf/auth/actions/NSACreate.java
@@ -31,28 +31,28 @@ import org.onap.aaf.misc.env.APIException;
import com.datastax.driver.core.Cluster;
public class NSACreate extends ActionDAO<NsAttrib,Void,String> {
- public NSACreate(AuthzTrans trans, Cluster cluster, boolean dryRun) throws APIException, IOException {
- super(trans, cluster,dryRun);
- }
-
- public NSACreate(AuthzTrans trans, ActionDAO<?,?,?> adao) {
- super(trans, adao);
- }
+ public NSACreate(AuthzTrans trans, Cluster cluster, boolean dryRun) throws APIException, IOException {
+ super(trans, cluster,dryRun);
+ }
+
+ public NSACreate(AuthzTrans trans, ActionDAO<?,?,?> adao) {
+ super(trans, adao);
+ }
- @Override
- public Result<Void> exec(AuthzTrans trans, NsAttrib nsa, String text) {
- if(dryRun) {
- trans.info().printf("Would Create %s Attrib '%s=%s' in %s",text,nsa.key,nsa.value,nsa.ns);
- return Result.ok();
- } else {
- Result<Void> rv = q.nsDAO.dao().attribAdd(trans, nsa.ns, nsa.key, nsa.value);
- if(rv.isOK()) {
- trans.info().printf("%s - Created Attrib '%s=%s' in %s",text,nsa.key,nsa.value,nsa.ns);
- } else {
- trans.error().printf("Error Creating Attrib '%s=%s' in %s - %s",nsa.key,nsa.value,nsa.ns,rv.details);
- }
- return rv;
- }
- }
-
+ @Override
+ public Result<Void> exec(AuthzTrans trans, NsAttrib nsa, String text) {
+ if(dryRun) {
+ trans.info().printf("Would Create %s Attrib '%s=%s' in %s",text,nsa.key,nsa.value,nsa.ns);
+ return Result.ok();
+ } else {
+ Result<Void> rv = q.nsDAO.dao().attribAdd(trans, nsa.ns, nsa.key, nsa.value);
+ if(rv.isOK()) {
+ trans.info().printf("%s - Created Attrib '%s=%s' in %s",text,nsa.key,nsa.value,nsa.ns);
+ } else {
+ trans.error().printf("Error Creating Attrib '%s=%s' in %s - %s",nsa.key,nsa.value,nsa.ns,rv.details);
+ }
+ return rv;
+ }
+ }
+
} \ No newline at end of file
diff --git a/auth/auth-batch/src/main/java/org/onap/aaf/auth/actions/NSADelete.java b/auth/auth-batch/src/main/java/org/onap/aaf/auth/actions/NSADelete.java
index 4b976822..4bed8687 100644
--- a/auth/auth-batch/src/main/java/org/onap/aaf/auth/actions/NSADelete.java
+++ b/auth/auth-batch/src/main/java/org/onap/aaf/auth/actions/NSADelete.java
@@ -31,28 +31,28 @@ import org.onap.aaf.misc.env.APIException;
import com.datastax.driver.core.Cluster;
public class NSADelete extends ActionDAO<NsAttrib,Void,String> {
- public NSADelete(AuthzTrans trans, Cluster cluster, boolean dryRun) throws APIException, IOException {
- super(trans, cluster,dryRun);
- }
-
- public NSADelete(AuthzTrans trans, ActionDAO<?,?,?> adao) {
- super(trans, adao);
- }
+ public NSADelete(AuthzTrans trans, Cluster cluster, boolean dryRun) throws APIException, IOException {
+ super(trans, cluster,dryRun);
+ }
+
+ public NSADelete(AuthzTrans trans, ActionDAO<?,?,?> adao) {
+ super(trans, adao);
+ }
- @Override
- public Result<Void> exec(AuthzTrans trans, NsAttrib nsa, String text) {
- if(dryRun) {
- trans.info().printf("Would Delete %s Attrib '%s' in %s",text,nsa.key,nsa.ns);
- return Result.ok();
- } else {
- Result<Void> rv = q.nsDAO.dao().attribRemove(trans, nsa.ns, nsa.key);
- if(rv.isOK()) {
- trans.info().printf("%s - Deleted Attrib '%s' in %s",text,nsa.key,nsa.value,nsa.ns);
- } else {
- trans.error().printf("Error Deleting Attrib '%s' in %s - %s",nsa.key,nsa.value,nsa.ns,rv.details);
- }
- return rv;
- }
- }
-
+ @Override
+ public Result<Void> exec(AuthzTrans trans, NsAttrib nsa, String text) {
+ if(dryRun) {
+ trans.info().printf("Would Delete %s Attrib '%s' in %s",text,nsa.key,nsa.ns);
+ return Result.ok();
+ } else {
+ Result<Void> rv = q.nsDAO.dao().attribRemove(trans, nsa.ns, nsa.key);
+ if(rv.isOK()) {
+ trans.info().printf("%s - Deleted Attrib '%s' in %s",text,nsa.key,nsa.value,nsa.ns);
+ } else {
+ trans.error().printf("Error Deleting Attrib '%s' in %s - %s",nsa.key,nsa.value,nsa.ns,rv.details);
+ }
+ return rv;
+ }
+ }
+
} \ No newline at end of file
diff --git a/auth/auth-batch/src/main/java/org/onap/aaf/auth/actions/NSDescUpdate.java b/auth/auth-batch/src/main/java/org/onap/aaf/auth/actions/NSDescUpdate.java
index 368c8452..98fad0ab 100644
--- a/auth/auth-batch/src/main/java/org/onap/aaf/auth/actions/NSDescUpdate.java
+++ b/auth/auth-batch/src/main/java/org/onap/aaf/auth/actions/NSDescUpdate.java
@@ -31,28 +31,28 @@ import org.onap.aaf.misc.env.APIException;
import com.datastax.driver.core.Cluster;
public class NSDescUpdate extends ActionDAO<NS,Void,String> {
- public NSDescUpdate(AuthzTrans trans, Cluster cluster, boolean dryRun) throws APIException, IOException {
- super(trans, cluster,dryRun);
- }
-
- public NSDescUpdate(AuthzTrans trans, ActionDAO<?,?,?> adao) {
- super(trans, adao);
- }
+ public NSDescUpdate(AuthzTrans trans, Cluster cluster, boolean dryRun) throws APIException, IOException {
+ super(trans, cluster,dryRun);
+ }
+
+ public NSDescUpdate(AuthzTrans trans, ActionDAO<?,?,?> adao) {
+ super(trans, adao);
+ }
- @Override
- public Result<Void> exec(AuthzTrans trans, NS ns, String desc) {
- if(dryRun) {
- trans.info().printf("Would Update '%s' Description to '%s'",ns,desc);
- return Result.ok();
- } else {
- Result<Void> rv = q.nsDAO.dao().addDescription(trans, ns.name, desc);
- if(rv.isOK()) {
- trans.info().printf("Updated '%s' Description to '%s'",ns,desc);
- } else {
- trans.error().printf("Error Updating '%s' Description to '%s' - %s",ns,desc,rv.details);
- }
- return rv;
- }
- }
-
+ @Override
+ public Result<Void> exec(AuthzTrans trans, NS ns, String desc) {
+ if(dryRun) {
+ trans.info().printf("Would Update '%s' Description to '%s'",ns,desc);
+ return Result.ok();
+ } else {
+ Result<Void> rv = q.nsDAO.dao().addDescription(trans, ns.name, desc);
+ if(rv.isOK()) {
+ trans.info().printf("Updated '%s' Description to '%s'",ns,desc);
+ } else {
+ trans.error().printf("Error Updating '%s' Description to '%s' - %s",ns,desc,rv.details);
+ }
+ return rv;
+ }
+ }
+
} \ No newline at end of file
diff --git a/auth/auth-batch/src/main/java/org/onap/aaf/auth/actions/PermCreate.java b/auth/auth-batch/src/main/java/org/onap/aaf/auth/actions/PermCreate.java
index 5f3ab202..c32234d7 100644
--- a/auth/auth-batch/src/main/java/org/onap/aaf/auth/actions/PermCreate.java
+++ b/auth/auth-batch/src/main/java/org/onap/aaf/auth/actions/PermCreate.java
@@ -34,36 +34,36 @@ import com.datastax.driver.core.Cluster;
public class PermCreate extends ActionDAO<Perm,Data,String> {
- public PermCreate(AuthzTrans trans, Cluster cluster, boolean dryRun) throws APIException, IOException {
- super(trans, cluster, dryRun);
- }
-
- public PermCreate(AuthzTrans trans, ActionDAO<?,?,?> adao) {
- super(trans, adao);
- }
+ public PermCreate(AuthzTrans trans, Cluster cluster, boolean dryRun) throws APIException, IOException {
+ super(trans, cluster, dryRun);
+ }
+
+ public PermCreate(AuthzTrans trans, ActionDAO<?,?,?> adao) {
+ super(trans, adao);
+ }
- @Override
- public Result<Data> exec(AuthzTrans trans, Perm p,String text) {
- PermDAO.Data pdd = new PermDAO.Data();
- pdd.ns = p.ns;
- pdd.type = p.type;
- pdd.instance = p.instance;
- pdd.action = p.action;
- pdd.description = p.description;
- pdd.roles = p.roles;
-
- if(dryRun) {
- trans.info().log("Would Create Perm:",text,p.fullType());
- return Result.ok(pdd);
- } else {
- Result<Data> rv = q.permDAO.create(trans, pdd); // need to read for undelete
- if(rv.isOK()) {
- trans.info().log("Created Perm:",text,p.fullType());
- } else {
- trans.error().log("Error Creating Role -",rv.details,":",p.fullType());
- }
- return rv;
- }
- }
-
+ @Override
+ public Result<Data> exec(AuthzTrans trans, Perm p,String text) {
+ PermDAO.Data pdd = new PermDAO.Data();
+ pdd.ns = p.ns;
+ pdd.type = p.type;
+ pdd.instance = p.instance;
+ pdd.action = p.action;
+ pdd.description = p.description;
+ pdd.roles = p.roles;
+
+ if(dryRun) {
+ trans.info().log("Would Create Perm:",text,p.fullType());
+ return Result.ok(pdd);
+ } else {
+ Result<Data> rv = q.permDAO.create(trans, pdd); // need to read for undelete
+ if(rv.isOK()) {
+ trans.info().log("Created Perm:",text,p.fullType());
+ } else {
+ trans.error().log("Error Creating Role -",rv.details,":",p.fullType());
+ }
+ return rv;
+ }
+ }
+
} \ No newline at end of file
diff --git a/auth/auth-batch/src/main/java/org/onap/aaf/auth/actions/PermDelete.java b/auth/auth-batch/src/main/java/org/onap/aaf/auth/actions/PermDelete.java
index 02fd3c6c..c5b79185 100644
--- a/auth/auth-batch/src/main/java/org/onap/aaf/auth/actions/PermDelete.java
+++ b/auth/auth-batch/src/main/java/org/onap/aaf/auth/actions/PermDelete.java
@@ -32,33 +32,33 @@ import org.onap.aaf.misc.env.APIException;
import com.datastax.driver.core.Cluster;
public class PermDelete extends ActionDAO<Perm,Void,String> {
- public PermDelete(AuthzTrans trans, Cluster cluster, boolean dryRun) throws APIException, IOException {
- super(trans, cluster, dryRun);
- }
-
- public PermDelete(AuthzTrans trans, ActionDAO<?,?,?> adao) {
- super(trans, adao);
- }
+ public PermDelete(AuthzTrans trans, Cluster cluster, boolean dryRun) throws APIException, IOException {
+ super(trans, cluster, dryRun);
+ }
+
+ public PermDelete(AuthzTrans trans, ActionDAO<?,?,?> adao) {
+ super(trans, adao);
+ }
- @Override
- public Result<Void> exec(AuthzTrans trans, Perm p,String text) {
- PermDAO.Data pdd = new PermDAO.Data();
- pdd.ns = p.ns;
- pdd.type = p.type;
- pdd.instance = p.instance;
- pdd.action = p.action;
- if(dryRun) {
- trans.info().log("Would Delete Perm:",text,p.fullType());
- return Result.ok();
- } else {
- Result<Void> rv = q.permDAO.delete(trans, pdd, true); // need to read for undelete
- if(rv.isOK()) {
- trans.info().log("Deleted Perm:",text,p.fullType());
- } else {
- trans.error().log("Error Deleting Perm -",rv.details,":",p.fullType());
- }
- return rv;
- }
- }
-
+ @Override
+ public Result<Void> exec(AuthzTrans trans, Perm p,String text) {
+ PermDAO.Data pdd = new PermDAO.Data();
+ pdd.ns = p.ns;
+ pdd.type = p.type;
+ pdd.instance = p.instance;
+ pdd.action = p.action;
+ if(dryRun) {
+ trans.info().log("Would Delete Perm:",text,p.fullType());
+ return Result.ok();
+ } else {
+ Result<Void> rv = q.permDAO.delete(trans, pdd, true); // need to read for undelete
+ if(rv.isOK()) {
+ trans.info().log("Deleted Perm:",text,p.fullType());
+ } else {
+ trans.error().log("Error Deleting Perm -",rv.details,":",p.fullType());
+ }
+ return rv;
+ }
+ }
+
} \ No newline at end of file
diff --git a/auth/auth-batch/src/main/java/org/onap/aaf/auth/actions/PermModify.java b/auth/auth-batch/src/main/java/org/onap/aaf/auth/actions/PermModify.java
index 9b60cee1..bc6f70ca 100644
--- a/auth/auth-batch/src/main/java/org/onap/aaf/auth/actions/PermModify.java
+++ b/auth/auth-batch/src/main/java/org/onap/aaf/auth/actions/PermModify.java
@@ -37,105 +37,105 @@ import org.onap.aaf.misc.env.APIException;
import com.datastax.driver.core.Cluster;
public class PermModify extends ActionDAO<Perm,PermDAO.Data,PermModify.Modify> {
- public PermModify(AuthzTrans trans, Cluster cluster, boolean dryRun) throws APIException, IOException {
- super(trans, cluster,dryRun);
- }
-
- public PermModify(AuthzTrans trans, ActionDAO<?,?,?> adao) {
- super(trans, adao);
- }
+ public PermModify(AuthzTrans trans, Cluster cluster, boolean dryRun) throws APIException, IOException {
+ super(trans, cluster,dryRun);
+ }
+
+ public PermModify(AuthzTrans trans, ActionDAO<?,?,?> adao) {
+ super(trans, adao);
+ }
- @Override
- public Result<PermDAO.Data> exec(AuthzTrans trans, final Perm p, final Modify modify) {
- Result<List<PermDAO.Data>> rr = q.permDAO.read(trans, p.ns,p.type,p.instance,p.action);
- if(dryRun) {
- if(rr.isOKhasData()) {
- return Result.ok(rr.value.get(0));
- } else {
- return Result.err(Result.ERR_NotFound, "Data not Found " + p.toString());
- }
- } else {
- Result<PermDAO.Data> rv = null;
- if(rr.isOKhasData()) {
- for(final Data d : rr.value) {
- modify.change(d);
- if(d.ns.equals(p.ns) && d.type.equals(p.type) && d.instance.equals(p.instance) && d.action.equals(p.action)) {
- // update for fields
- // In either case, adjust Permissions
- for(String r : d.roles) {
- if(!p.roles.contains(r)) {
- q.permDAO.dao().addRole(trans, d, r);
- }
- }
- for(String r : p.roles) {
- if(!d.roles.contains(r)) {
- q.permDAO.dao().delRole(trans, d, r);
- }
- }
- rv = Result.ok(d);
- } else {
- for(String r : d.roles) {
- Role role = Role.keys.get(r);
- if(role.perms.contains(p.encode())) {
- modify.roleModify().exec(trans, role, new RoleModify.Modify() {
- @Override
- public PermModify permModify() {
- return PermModify.this;
- }
-
- @Override
- public void change(RoleDAO.Data rdd) {
- rdd.perms.remove(p.encode());
- rdd.perms.add(d.encode());
- }
- });
- }
- }
-
- rv = q.permDAO.create(trans, d);
- if(rv.isOK()) {
- PermDAO.Data pdd = new PermDAO.Data();
- pdd.ns = p.ns;
- pdd.type = p.type;
- pdd.instance = p.instance;
- pdd.action = p.action;
- q.permDAO.delete(trans, pdd, false);
- trans.info().printf("Updated %s|%s|%s|%s to %s|%s|%s|%s\n",
- p.ns, p.type, p.instance, p.action,
- d.ns, d.type, d.instance, d.action);
- } else {
- trans.info().log(rv.errorString());
- }
- }
-
- }
- } else {
- rv = Result.err(rr);
- }
- if(rv==null) {
- rv = Result.err(Status.ERR_General,"Never get to this code");
- }
-
- return rv;
- }
- }
-
- public static interface Modify {
- void change(PermDAO.Data ur);
- RoleModify roleModify();
- }
+ @Override
+ public Result<PermDAO.Data> exec(AuthzTrans trans, final Perm p, final Modify modify) {
+ Result<List<PermDAO.Data>> rr = q.permDAO.read(trans, p.ns,p.type,p.instance,p.action);
+ if(dryRun) {
+ if(rr.isOKhasData()) {
+ return Result.ok(rr.value.get(0));
+ } else {
+ return Result.err(Result.ERR_NotFound, "Data not Found " + p.toString());
+ }
+ } else {
+ Result<PermDAO.Data> rv = null;
+ if(rr.isOKhasData()) {
+ for(final Data d : rr.value) {
+ modify.change(d);
+ if(d.ns.equals(p.ns) && d.type.equals(p.type) && d.instance.equals(p.instance) && d.action.equals(p.action)) {
+ // update for fields
+ // In either case, adjust Permissions
+ for(String r : d.roles) {
+ if(!p.roles.contains(r)) {
+ q.permDAO.dao().addRole(trans, d, r);
+ }
+ }
+ for(String r : p.roles) {
+ if(!d.roles.contains(r)) {
+ q.permDAO.dao().delRole(trans, d, r);
+ }
+ }
+ rv = Result.ok(d);
+ } else {
+ for(String r : d.roles) {
+ Role role = Role.keys.get(r);
+ if(role.perms.contains(p.encode())) {
+ modify.roleModify().exec(trans, role, new RoleModify.Modify() {
+ @Override
+ public PermModify permModify() {
+ return PermModify.this;
+ }
+
+ @Override
+ public void change(RoleDAO.Data rdd) {
+ rdd.perms.remove(p.encode());
+ rdd.perms.add(d.encode());
+ }
+ });
+ }
+ }
+
+ rv = q.permDAO.create(trans, d);
+ if(rv.isOK()) {
+ PermDAO.Data pdd = new PermDAO.Data();
+ pdd.ns = p.ns;
+ pdd.type = p.type;
+ pdd.instance = p.instance;
+ pdd.action = p.action;
+ q.permDAO.delete(trans, pdd, false);
+ trans.info().printf("Updated %s|%s|%s|%s to %s|%s|%s|%s\n",
+ p.ns, p.type, p.instance, p.action,
+ d.ns, d.type, d.instance, d.action);
+ } else {
+ trans.info().log(rv.errorString());
+ }
+ }
+
+ }
+ } else {
+ rv = Result.err(rr);
+ }
+ if(rv==null) {
+ rv = Result.err(Status.ERR_General,"Never get to this code");
+ }
+
+ return rv;
+ }
+ }
+
+ public static interface Modify {
+ void change(PermDAO.Data ur);
+ RoleModify roleModify();
+ }
- public Result<Void> delete(AuthzTrans trans, Perm p) {
- if(dryRun) {
- return Result.ok();
- } else {
- PermDAO.Data data = new PermDAO.Data();
- data.ns=p.ns;
- data.type = p.type;
- data.instance = p.instance;
- data.action = p.action;
- return q.permDAO.delete(trans,data,false);
- }
- }
-
+ public Result<Void> delete(AuthzTrans trans, Perm p) {
+ if(dryRun) {
+ return Result.ok();
+ } else {
+ PermDAO.Data data = new PermDAO.Data();
+ data.ns=p.ns;
+ data.type = p.type;
+ data.instance = p.instance;
+ data.action = p.action;
+ return q.permDAO.delete(trans,data,false);
+ }
+ }
+
} \ No newline at end of file
diff --git a/auth/auth-batch/src/main/java/org/onap/aaf/auth/actions/RoleCreate.java b/auth/auth-batch/src/main/java/org/onap/aaf/auth/actions/RoleCreate.java
index 50d163ab..5353166c 100644
--- a/auth/auth-batch/src/main/java/org/onap/aaf/auth/actions/RoleCreate.java
+++ b/auth/auth-batch/src/main/java/org/onap/aaf/auth/actions/RoleCreate.java
@@ -33,34 +33,34 @@ import org.onap.aaf.misc.env.APIException;
import com.datastax.driver.core.Cluster;
public class RoleCreate extends ActionDAO<Role,Data,String> {
- public RoleCreate(AuthzTrans trans, Cluster cluster, boolean dryRun) throws APIException, IOException {
- super(trans, cluster,dryRun);
- }
-
- public RoleCreate(AuthzTrans trans, ActionDAO<?,?,?> adao) {
- super(trans, adao);
- }
+ public RoleCreate(AuthzTrans trans, Cluster cluster, boolean dryRun) throws APIException, IOException {
+ super(trans, cluster,dryRun);
+ }
+
+ public RoleCreate(AuthzTrans trans, ActionDAO<?,?,?> adao) {
+ super(trans, adao);
+ }
- @Override
- public Result<Data> exec(AuthzTrans trans, Role r,String text) {
- RoleDAO.Data rdd = new RoleDAO.Data();
- rdd.ns = r.ns;
- rdd.name = r.name;
- rdd.description = r.description;
- rdd.perms = r.perms;
-
- if(dryRun) {
- trans.info().log("Would Create Role:",text,r.fullName());
- return Result.ok(rdd);
- } else {
- Result<Data> rv = q.roleDAO.create(trans, rdd); // need to read for undelete
- if(rv.isOK()) {
- trans.info().log("Created Role:",text,r.fullName());
- } else {
- trans.error().log("Error Creating Role -",rv.details,":",r.fullName());
- }
- return rv;
- }
- }
-
+ @Override
+ public Result<Data> exec(AuthzTrans trans, Role r,String text) {
+ RoleDAO.Data rdd = new RoleDAO.Data();
+ rdd.ns = r.ns;
+ rdd.name = r.name;
+ rdd.description = r.description;
+ rdd.perms = r.perms;
+
+ if(dryRun) {
+ trans.info().log("Would Create Role:",text,r.fullName());
+ return Result.ok(rdd);
+ } else {
+ Result<Data> rv = q.roleDAO.create(trans, rdd); // need to read for undelete
+ if(rv.isOK()) {
+ trans.info().log("Created Role:",text,r.fullName());
+ } else {
+ trans.error().log("Error Creating Role -",rv.details,":",r.fullName());
+ }
+ return rv;
+ }
+ }
+
} \ No newline at end of file
diff --git a/auth/auth-batch/src/main/java/org/onap/aaf/auth/actions/RoleDelete.java b/auth/auth-batch/src/main/java/org/onap/aaf/auth/actions/RoleDelete.java
index cbe3c1c5..1a663c99 100644
--- a/auth/auth-batch/src/main/java/org/onap/aaf/auth/actions/RoleDelete.java
+++ b/auth/auth-batch/src/main/java/org/onap/aaf/auth/actions/RoleDelete.java
@@ -32,31 +32,31 @@ import org.onap.aaf.misc.env.APIException;
import com.datastax.driver.core.Cluster;
public class RoleDelete extends ActionDAO<Role,Void,String> {
- public RoleDelete(AuthzTrans trans, Cluster cluster, boolean dryRun) throws APIException, IOException {
- super(trans, cluster, dryRun);
- }
-
- public RoleDelete(AuthzTrans trans, ActionDAO<?,?,?> adao) {
- super(trans, adao);
- }
+ public RoleDelete(AuthzTrans trans, Cluster cluster, boolean dryRun) throws APIException, IOException {
+ super(trans, cluster, dryRun);
+ }
+
+ public RoleDelete(AuthzTrans trans, ActionDAO<?,?,?> adao) {
+ super(trans, adao);
+ }
- @Override
- public Result<Void> exec(AuthzTrans trans, Role r,String text) {
- if(dryRun) {
- trans.info().log("Would Delete Role:",text,r.fullName());
- return Result.ok();
- } else {
- RoleDAO.Data rdd = new RoleDAO.Data();
- rdd.ns = r.ns;
- rdd.name = r.name;
- Result<Void> rv = q.roleDAO.delete(trans, rdd, true); // need to read for undelete
- if(rv.isOK()) {
- trans.info().log("Deleted Role:",text,r.fullName());
- } else {
- trans.error().log("Error Deleting Role -",rv.details,":",r.fullName());
- }
- return rv;
- }
- }
-
+ @Override
+ public Result<Void> exec(AuthzTrans trans, Role r,String text) {
+ if(dryRun) {
+ trans.info().log("Would Delete Role:",text,r.fullName());
+ return Result.ok();
+ } else {
+ RoleDAO.Data rdd = new RoleDAO.Data();
+ rdd.ns = r.ns;
+ rdd.name = r.name;
+ Result<Void> rv = q.roleDAO.delete(trans, rdd, true); // need to read for undelete
+ if(rv.isOK()) {
+ trans.info().log("Deleted Role:",text,r.fullName());
+ } else {
+ trans.error().log("Error Deleting Role -",rv.details,":",r.fullName());
+ }
+ return rv;
+ }
+ }
+
} \ No newline at end of file
diff --git a/auth/auth-batch/src/main/java/org/onap/aaf/auth/actions/RoleModify.java b/auth/auth-batch/src/main/java/org/onap/aaf/auth/actions/RoleModify.java
index c72a9d8f..87e2e027 100644
--- a/auth/auth-batch/src/main/java/org/onap/aaf/auth/actions/RoleModify.java
+++ b/auth/auth-batch/src/main/java/org/onap/aaf/auth/actions/RoleModify.java
@@ -37,116 +37,116 @@ import org.onap.aaf.misc.env.APIException;
import com.datastax.driver.core.Cluster;
public class RoleModify extends ActionDAO<Role,RoleDAO.Data,RoleModify.Modify> {
- public RoleModify(AuthzTrans trans, Cluster cluster, boolean dryRun) throws APIException, IOException {
- super(trans, cluster, dryRun);
- }
-
- public RoleModify(AuthzTrans trans, ActionDAO<?,?,?> adao) {
- super(trans, adao);
- }
+ public RoleModify(AuthzTrans trans, Cluster cluster, boolean dryRun) throws APIException, IOException {
+ super(trans, cluster, dryRun);
+ }
+
+ public RoleModify(AuthzTrans trans, ActionDAO<?,?,?> adao) {
+ super(trans, adao);
+ }
- @Override
- public Result<RoleDAO.Data> exec(final AuthzTrans trans, final Role r,final RoleModify.Modify modify) {
- Result<List<Data>> rr = q.roleDAO.read(trans, r.ns,r.name);
- if(dryRun) {
- if(rr.isOKhasData()) {
- return Result.ok(rr.value.get(0));
- } else {
- return Result.err(Result.ERR_NotFound, "Data not Found " + r.toString());
- }
- } else {
- Result<Data> rv = null;
- if(rr.isOKhasData()) {
- for(final Data d : rr.value) {
- modify.change(d);
- if(d.ns.equals(r.ns) && d.name.equals(r.name)) {
- // update for fields
- // In either case, adjust Roles
- for(String p : d.perms) {
- if(!r.perms.contains(p)) {
- Result<PermDAO.Data> rpdd = PermDAO.Data.decode(trans, q, p);
- if(rpdd.isOKhasData()) {
- q.roleDAO.dao().addPerm(trans, d, rpdd.value);
- }
- }
- }
- for(String p : r.perms) {
- if(!d.perms.contains(p)) {
- Result<PermDAO.Data> rpdd = PermDAO.Data.decode(trans, q, p);
- if(rpdd.isOKhasData()) {
- q.roleDAO.dao().delPerm(trans, d, rpdd.value);
- }
- }
- }
- rv = Result.ok(d);
- } else {
- for(String p : d.perms) {
- Perm perm = Perm.keys.get(p);
- if(perm!=null) {
- if(perm.roles.contains(r.encode())) {
- modify.permModify().exec(trans, perm, new PermModify.Modify() {
- @Override
- public RoleModify roleModify() {
- return RoleModify.this;
- }
-
- @Override
- public void change(PermDAO.Data pdd) {
- pdd.roles.remove(r.encode());
- pdd.roles.add(d.encode());
- }
- });
- }
- }
- }
- Result<List<Data>> preexist = q.roleDAO.read(trans, d);
- if(preexist.isOKhasData()) {
- Data rdd = preexist.value.get(0);
- for(String p : d.perms) {
- Result<PermDAO.Data> perm = PermDAO.Data.decode(trans, q, p);
- if(perm.isOKhasData()) {
- q.roleDAO.dao().addPerm(trans,rdd, perm.value);
- }
- }
- rv = Result.ok(rdd);
- } else {
- rv = q.roleDAO.create(trans, d);
- }
- if(rv.isOK()) {
- trans.info().printf("Updating %s|%s to %s|%s", r.ns, r.name, d.ns, d.name);
- RoleDAO.Data rmme = new RoleDAO.Data();
- rmme.ns=r.ns;
- rmme.name=r.name;
- q.roleDAO.delete(trans, rmme, false);
-
- } else {
- trans.info().log(rv.errorString());
- }
- }
- }
- } else {
- rv = Result.err(rr);
- }
- if(rv==null) {
- rv = Result.err(Status.ERR_General,"Never get to this code");
- }
- return rv;
- }
- }
-
- public static interface Modify {
- void change(RoleDAO.Data ur);
- PermModify permModify();
- }
-
- public Result<Void> delete(AuthzTrans trans, Role r) {
- if(dryRun) {
- return Result.ok();
- } else {
- RoleDAO.Data data = new RoleDAO.Data();
- data.ns=r.ns;
- data.name = r.name;
- return q.roleDAO.delete(trans,data,false);
- }
- }
+ @Override
+ public Result<RoleDAO.Data> exec(final AuthzTrans trans, final Role r,final RoleModify.Modify modify) {
+ Result<List<Data>> rr = q.roleDAO.read(trans, r.ns,r.name);
+ if(dryRun) {
+ if(rr.isOKhasData()) {
+ return Result.ok(rr.value.get(0));
+ } else {
+ return Result.err(Result.ERR_NotFound, "Data not Found " + r.toString());
+ }
+ } else {
+ Result<Data> rv = null;
+ if(rr.isOKhasData()) {
+ for(final Data d : rr.value) {
+ modify.change(d);
+ if(d.ns.equals(r.ns) && d.name.equals(r.name)) {
+ // update for fields
+ // In either case, adjust Roles
+ for(String p : d.perms) {
+ if(!r.perms.contains(p)) {
+ Result<PermDAO.Data> rpdd = PermDAO.Data.decode(trans, q, p);
+ if(rpdd.isOKhasData()) {
+ q.roleDAO.dao().addPerm(trans, d, rpdd.value);
+ }
+ }
+ }
+ for(String p : r.perms) {
+ if(!d.perms.contains(p)) {
+ Result<PermDAO.Data> rpdd = PermDAO.Data.decode(trans, q, p);
+ if(rpdd.isOKhasData()) {
+ q.roleDAO.dao().delPerm(trans, d, rpdd.value);
+ }
+ }
+ }
+ rv = Result.ok(d);
+ } else {
+ for(String p : d.perms) {
+ Perm perm = Perm.keys.get(p);
+ if(perm!=null) {
+ if(perm.roles.contains(r.encode())) {
+ modify.permModify().exec(trans, perm, new PermModify.Modify() {
+ @Override
+ public RoleModify roleModify() {
+ return RoleModify.this;
+ }
+
+ @Override
+ public void change(PermDAO.Data pdd) {
+ pdd.roles.remove(r.encode());
+ pdd.roles.add(d.encode());
+ }
+ });
+ }
+ }
+ }
+ Result<List<Data>> preexist = q.roleDAO.read(trans, d);
+ if(preexist.isOKhasData()) {
+ Data rdd = preexist.value.get(0);
+ for(String p : d.perms) {
+ Result<PermDAO.Data> perm = PermDAO.Data.decode(trans, q, p);
+ if(perm.isOKhasData()) {
+ q.roleDAO.dao().addPerm(trans,rdd, perm.value);
+ }
+ }
+ rv = Result.ok(rdd);
+ } else {
+ rv = q.roleDAO.create(trans, d);
+ }
+ if(rv.isOK()) {
+ trans.info().printf("Updating %s|%s to %s|%s", r.ns, r.name, d.ns, d.name);
+ RoleDAO.Data rmme = new RoleDAO.Data();
+ rmme.ns=r.ns;
+ rmme.name=r.name;
+ q.roleDAO.delete(trans, rmme, false);
+
+ } else {
+ trans.info().log(rv.errorString());
+ }
+ }
+ }
+ } else {
+ rv = Result.err(rr);
+ }
+ if(rv==null) {
+ rv = Result.err(Status.ERR_General,"Never get to this code");
+ }
+ return rv;
+ }
+ }
+
+ public static interface Modify {
+ void change(RoleDAO.Data ur);
+ PermModify permModify();
+ }
+
+ public Result<Void> delete(AuthzTrans trans, Role r) {
+ if(dryRun) {
+ return Result.ok();
+ } else {
+ RoleDAO.Data data = new RoleDAO.Data();
+ data.ns=r.ns;
+ data.name = r.name;
+ return q.roleDAO.delete(trans,data,false);
+ }
+ }
} \ No newline at end of file
diff --git a/auth/auth-batch/src/main/java/org/onap/aaf/auth/actions/URAdd.java b/auth/auth-batch/src/main/java/org/onap/aaf/auth/actions/URAdd.java
index 50a5a8f0..b6baea6c 100644
--- a/auth/auth-batch/src/main/java/org/onap/aaf/auth/actions/URAdd.java
+++ b/auth/auth-batch/src/main/java/org/onap/aaf/auth/actions/URAdd.java
@@ -34,24 +34,24 @@ import org.onap.aaf.misc.env.util.Chrono;
import com.datastax.driver.core.Cluster;
public class URAdd extends ActionDAO<UserRole,UserRoleDAO.Data,String> {
- public URAdd(AuthzTrans trans, Cluster cluster, boolean dryRun) throws APIException, IOException {
- super(trans, cluster,dryRun);
- }
-
- public URAdd(AuthzTrans trans, ActionDAO<?,?,?> adao) {
- super(trans, adao);
- }
+ public URAdd(AuthzTrans trans, Cluster cluster, boolean dryRun) throws APIException, IOException {
+ super(trans, cluster,dryRun);
+ }
+
+ public URAdd(AuthzTrans trans, ActionDAO<?,?,?> adao) {
+ super(trans, adao);
+ }
- @Override
- public Result<Data> exec(AuthzTrans trans, UserRole ur, String text) {
- if(dryRun) {
- trans.info().log("Would Add:",text,ur.role(),ur.user(),"on",Chrono.dateOnlyStamp(ur.expires()));
- return Result.ok(ur.urdd());
- } else {
- Result<Data> rv = q.userRoleDAO.create(trans, ur.urdd());
- trans.info().log("Added:",text,ur.role(),ur.user(),"on",Chrono.dateOnlyStamp(ur.expires()));
- return rv;
- }
- }
-
+ @Override
+ public Result<Data> exec(AuthzTrans trans, UserRole ur, String text) {
+ if(dryRun) {
+ trans.info().log("Would Add:",text,ur.role(),ur.user(),"on",Chrono.dateOnlyStamp(ur.expires()));
+ return Result.ok(ur.urdd());
+ } else {
+ Result<Data> rv = q.userRoleDAO.create(trans, ur.urdd());
+ trans.info().log("Added:",text,ur.role(),ur.user(),"on",Chrono.dateOnlyStamp(ur.expires()));
+ return rv;
+ }
+ }
+
} \ No newline at end of file
diff --git a/auth/auth-batch/src/main/java/org/onap/aaf/auth/actions/URDelete.java b/auth/auth-batch/src/main/java/org/onap/aaf/auth/actions/URDelete.java
index 9bc7da49..d54b7805 100644
--- a/auth/auth-batch/src/main/java/org/onap/aaf/auth/actions/URDelete.java
+++ b/auth/auth-batch/src/main/java/org/onap/aaf/auth/actions/URDelete.java
@@ -32,28 +32,28 @@ import org.onap.aaf.misc.env.util.Chrono;
import com.datastax.driver.core.Cluster;
public class URDelete extends ActionDAO<UserRole,Void,String> {
- public URDelete(AuthzTrans trans, Cluster cluster, boolean dryRun) throws APIException, IOException {
- super(trans, cluster,dryRun);
- }
-
- public URDelete(AuthzTrans trans, ActionDAO<?,?,?> adao) {
- super(trans, adao);
- }
+ public URDelete(AuthzTrans trans, Cluster cluster, boolean dryRun) throws APIException, IOException {
+ super(trans, cluster,dryRun);
+ }
+
+ public URDelete(AuthzTrans trans, ActionDAO<?,?,?> adao) {
+ super(trans, adao);
+ }
- @Override
- public Result<Void> exec(AuthzTrans trans, UserRole ur,String text) {
- if(dryRun) {
- trans.info().log("Would Delete UserRole:",text,ur.user(),ur.role(),"on",Chrono.dateOnlyStamp(ur.expires()));
- return Result.ok();
- } else {
- Result<Void> rv = q.userRoleDAO.delete(trans,ur.urdd(), true); // need to read for undelete
- if(rv.isOK()) {
- trans.info().log("Deleted UserRole:",text,ur.user(),ur.role(),"on",Chrono.dateOnlyStamp(ur.expires()));
- } else {
- trans.error().log("Error Deleting User Role -",rv.details,":",ur.user(),ur.role(),"on",Chrono.dateOnlyStamp(ur.expires()) );
- }
- return rv;
- }
- }
-
+ @Override
+ public Result<Void> exec(AuthzTrans trans, UserRole ur,String text) {
+ if(dryRun) {
+ trans.info().log("Would Delete UserRole:",text,ur.user(),ur.role(),"on",Chrono.dateOnlyStamp(ur.expires()));
+ return Result.ok();
+ } else {
+ Result<Void> rv = q.userRoleDAO.delete(trans,ur.urdd(), true); // need to read for undelete
+ if(rv.isOK()) {
+ trans.info().log("Deleted UserRole:",text,ur.user(),ur.role(),"on",Chrono.dateOnlyStamp(ur.expires()));
+ } else {
+ trans.error().log("Error Deleting User Role -",rv.details,":",ur.user(),ur.role(),"on",Chrono.dateOnlyStamp(ur.expires()) );
+ }
+ return rv;
+ }
+ }
+
} \ No newline at end of file
diff --git a/auth/auth-batch/src/main/java/org/onap/aaf/auth/actions/URFutureApprove.java b/auth/auth-batch/src/main/java/org/onap/aaf/auth/actions/URFutureApprove.java
index 17d9cc01..8590714f 100644
--- a/auth/auth-batch/src/main/java/org/onap/aaf/auth/actions/URFutureApprove.java
+++ b/auth/auth-batch/src/main/java/org/onap/aaf/auth/actions/URFutureApprove.java
@@ -41,71 +41,71 @@ import org.onap.aaf.misc.env.util.Chrono;
import com.datastax.driver.core.Cluster;
public class URFutureApprove extends ActionDAO<UserRole, String,String> implements Action<UserRole,String,String>, Key<UserRole> {
- private final Date start, expires;
+ private final Date start, expires;
- public URFutureApprove(AuthzTrans trans, Cluster cluster, boolean dryRun) throws APIException, IOException {
- super(trans,cluster, dryRun);
- GregorianCalendar gc = new GregorianCalendar();
- start = gc.getTime();
- expires = trans.org().expiration(gc, Expiration.Future).getTime();
- }
-
- public URFutureApprove(AuthzTrans trans, ActionDAO<?,?,?> adao) {
- super(trans, adao);
- GregorianCalendar gc = new GregorianCalendar();
- start = gc.getTime();
- expires = trans.org().expiration(gc, Expiration.Future).getTime();
- }
+ public URFutureApprove(AuthzTrans trans, Cluster cluster, boolean dryRun) throws APIException, IOException {
+ super(trans,cluster, dryRun);
+ GregorianCalendar gc = new GregorianCalendar();
+ start = gc.getTime();
+ expires = trans.org().expiration(gc, Expiration.Future).getTime();
+ }
+
+ public URFutureApprove(AuthzTrans trans, ActionDAO<?,?,?> adao) {
+ super(trans, adao);
+ GregorianCalendar gc = new GregorianCalendar();
+ start = gc.getTime();
+ expires = trans.org().expiration(gc, Expiration.Future).getTime();
+ }
- @Override
- public Result<String> exec(AuthzTrans trans, UserRole ur,String text) {
- if(dryRun) {
- return Result.ok(text);
- } else {
- Result<NsDAO.Data> rns = q.deriveNs(trans, ur.ns());
- if(rns.isOK()) {
-
- FutureDAO.Data data = new FutureDAO.Data();
- data.id=null; // let Create function assign UUID
- data.target=Function.FOP_USER_ROLE;
-
- data.memo = key(ur);
- data.start = start;
- data.expires = ur.expires();
- try {
- data.construct = ur.urdd().bytify();
- } catch (IOException e) {
- return Result.err(e);
- }
- Result<String> rfuture = f.createFuture(trans, data, Function.FOP_USER_ROLE, ur.user(), rns.value, FUTURE_OP.A);
- if(rfuture.isOK()) {
- trans.info().log(rfuture.value, text, ur.user(), data.memo);
- } else {
- trans.error().log(rfuture.details, text);
- }
- return rfuture;
- } else {
- return Result.err(rns);
- }
- }
- }
-
- @Override
- public String key(UserRole ur) {
- String expire;
- if(expires.before(start)) {
- expire = "' - EXPIRED ";
- } else {
- expire = "' - expiring ";
- }
-
- if(Question.OWNER.equals(ur.rname())) {
- return Approval.RE_VALIDATE_OWNER + ur.ns() + expire + Chrono.dateOnlyStamp(ur.expires());
- } else if(Question.ADMIN.equals(ur.rname())) {
- return Approval.RE_VALIDATE_ADMIN + ur.ns() + expire + Chrono.dateOnlyStamp(ur.expires());
- } else {
- return Approval.RE_APPROVAL_IN_ROLE + ur.role() + expire + Chrono.dateOnlyStamp(ur.expires());
- }
- }
+ @Override
+ public Result<String> exec(AuthzTrans trans, UserRole ur,String text) {
+ if(dryRun) {
+ return Result.ok(text);
+ } else {
+ Result<NsDAO.Data> rns = q.deriveNs(trans, ur.ns());
+ if(rns.isOK()) {
+
+ FutureDAO.Data data = new FutureDAO.Data();
+ data.id=null; // let Create function assign UUID
+ data.target=Function.FOP_USER_ROLE;
+
+ data.memo = key(ur);
+ data.start = start;
+ data.expires = ur.expires();
+ try {
+ data.construct = ur.urdd().bytify();
+ } catch (IOException e) {
+ return Result.err(e);
+ }
+ Result<String> rfuture = f.createFuture(trans, data, Function.FOP_USER_ROLE, ur.user(), rns.value, FUTURE_OP.A);
+ if(rfuture.isOK()) {
+ trans.info().log(rfuture.value, text, ur.user(), data.memo);
+ } else {
+ trans.error().log(rfuture.details, text);
+ }
+ return rfuture;
+ } else {
+ return Result.err(rns);
+ }
+ }
+ }
+
+ @Override
+ public String key(UserRole ur) {
+ String expire;
+ if(expires.before(start)) {
+ expire = "' - EXPIRED ";
+ } else {
+ expire = "' - expiring ";
+ }
+
+ if(Question.OWNER.equals(ur.rname())) {
+ return Approval.RE_VALIDATE_OWNER + ur.ns() + expire + Chrono.dateOnlyStamp(ur.expires());
+ } else if(Question.ADMIN.equals(ur.rname())) {
+ return Approval.RE_VALIDATE_ADMIN + ur.ns() + expire + Chrono.dateOnlyStamp(ur.expires());
+ } else {
+ return Approval.RE_APPROVAL_IN_ROLE + ur.role() + expire + Chrono.dateOnlyStamp(ur.expires());
+ }
+ }
} \ No newline at end of file
diff --git a/auth/auth-batch/src/main/java/org/onap/aaf/auth/actions/URFutureApproveExec.java b/auth/auth-batch/src/main/java/org/onap/aaf/auth/actions/URFutureApproveExec.java
index acbadca7..fcba2364 100644
--- a/auth/auth-batch/src/main/java/org/onap/aaf/auth/actions/URFutureApproveExec.java
+++ b/auth/auth-batch/src/main/java/org/onap/aaf/auth/actions/URFutureApproveExec.java
@@ -42,67 +42,67 @@ import com.datastax.driver.core.Cluster;
public class URFutureApproveExec extends ActionDAO<List<Approval>, OP_STATUS, Future> {
- public URFutureApproveExec(AuthzTrans trans, Cluster cluster, boolean dryRun) throws APIException, IOException {
- super(trans,cluster, dryRun);
- }
-
- public URFutureApproveExec(AuthzTrans trans, ActionDAO<?,?,?> adao) {
- super(trans, adao);
- }
+ public URFutureApproveExec(AuthzTrans trans, Cluster cluster, boolean dryRun) throws APIException, IOException {
+ super(trans,cluster, dryRun);
+ }
+
+ public URFutureApproveExec(AuthzTrans trans, ActionDAO<?,?,?> adao) {
+ super(trans, adao);
+ }
- @Override
- public Result<OP_STATUS> exec(AuthzTrans trans, List<Approval> app, Future future) {
- if(dryRun) {
- return Result.err(Result.ERR_ActionNotCompleted,"Not Executed");
- } else {
- // Save on Lookups
- final List<ApprovalDAO.Data> apprs = new ArrayList<>();
- final List<UserRoleDAO.Data> urs = new ArrayList<>();
- for(Approval a : app) {
- apprs.add(a.add);
- UserRole ur = UserRole.get(a.add.user, future.role);
- if(ur!=null) {
- urs.add(ur.urdd());
- }
- }
- Result<OP_STATUS> rv = f.performFutureOp(trans, FUTURE_OP.A, future.fdd,
- new Lookup<List<ApprovalDAO.Data>>() {
- @Override
- public List<Data> get(AuthzTrans trans, Object ... noop) {
- return apprs;
- }
- },
- new Lookup<UserRoleDAO.Data>() {
- @Override
- public UserRoleDAO.Data get(AuthzTrans trans, Object ... keys) {
- List<UserRole> lur = UserRole.getByUser().get(keys[0]);
- if(lur!=null) {
- for(UserRole ur : lur) {
- if(ur.role().equals(keys[1])) {
- return ur.urdd();
- }
- }
- }
- return null;
- }
- });
- if(rv.isOK()) {
- switch(rv.value) {
- case D:
- trans.info().printf("Denied %s on %s", future.memo(),future.fdd.target);
- break;
- case E:
- trans.info().printf("Completed %s on %s", future.memo(),future.fdd.target);
- break;
- case L:
- trans.info().printf("Future %s on %s has lapsed", future.memo(),future.fdd.target);
- break;
- default:
- }
- } else {
- trans.error().log("Error completing",future.memo(),rv.errorString());
- }
- return rv;
- }
- }
+ @Override
+ public Result<OP_STATUS> exec(AuthzTrans trans, List<Approval> app, Future future) {
+ if(dryRun) {
+ return Result.err(Result.ERR_ActionNotCompleted,"Not Executed");
+ } else {
+ // Save on Lookups
+ final List<ApprovalDAO.Data> apprs = new ArrayList<>();
+ final List<UserRoleDAO.Data> urs = new ArrayList<>();
+ for(Approval a : app) {
+ apprs.add(a.add);
+ UserRole ur = UserRole.get(a.add.user, future.role);
+ if(ur!=null) {
+ urs.add(ur.urdd());
+ }
+ }
+ Result<OP_STATUS> rv = f.performFutureOp(trans, FUTURE_OP.A, future.fdd,
+ new Lookup<List<ApprovalDAO.Data>>() {
+ @Override
+ public List<Data> get(AuthzTrans trans, Object ... noop) {
+ return apprs;
+ }
+ },
+ new Lookup<UserRoleDAO.Data>() {
+ @Override
+ public UserRoleDAO.Data get(AuthzTrans trans, Object ... keys) {
+ List<UserRole> lur = UserRole.getByUser().get(keys[0]);
+ if(lur!=null) {
+ for(UserRole ur : lur) {
+ if(ur.role().equals(keys[1])) {
+ return ur.urdd();
+ }
+ }
+ }
+ return null;
+ }
+ });
+ if(rv.isOK()) {
+ switch(rv.value) {
+ case D:
+ trans.info().printf("Denied %s on %s", future.memo(),future.fdd.target);
+ break;
+ case E:
+ trans.info().printf("Completed %s on %s", future.memo(),future.fdd.target);
+ break;
+ case L:
+ trans.info().printf("Future %s on %s has lapsed", future.memo(),future.fdd.target);
+ break;
+ default:
+ }
+ } else {
+ trans.error().log("Error completing",future.memo(),rv.errorString());
+ }
+ return rv;
+ }
+ }
} \ No newline at end of file
diff --git a/auth/auth-batch/src/main/java/org/onap/aaf/auth/actions/URFuturePrint.java b/auth/auth-batch/src/main/java/org/onap/aaf/auth/actions/URFuturePrint.java
index 83a24c21..b749c648 100644
--- a/auth/auth-batch/src/main/java/org/onap/aaf/auth/actions/URFuturePrint.java
+++ b/auth/auth-batch/src/main/java/org/onap/aaf/auth/actions/URFuturePrint.java
@@ -28,14 +28,14 @@ import org.onap.aaf.misc.env.util.Chrono;
public class URFuturePrint implements Action<UserRole,String,String> {
- private String info;
+ private String info;
- public URFuturePrint(String text) {
- this.info = text;
- }
+ public URFuturePrint(String text) {
+ this.info = text;
+ }
- @Override
- public Result<String> exec(AuthzTrans trans, UserRole ur, String text) {
- trans.info().log(info,text,ur.user(),"to",ur.role(),"on",Chrono.dateOnlyStamp(ur.expires()));
- return Result.ok(info);
- }} \ No newline at end of file
+ @Override
+ public Result<String> exec(AuthzTrans trans, UserRole ur, String text) {
+ trans.info().log(info,text,ur.user(),"to",ur.role(),"on",Chrono.dateOnlyStamp(ur.expires()));
+ return Result.ok(info);
+ }} \ No newline at end of file
diff --git a/auth/auth-batch/src/main/java/org/onap/aaf/auth/actions/URModify.java b/auth/auth-batch/src/main/java/org/onap/aaf/auth/actions/URModify.java
index 3f65a6a4..a7d420e3 100644
--- a/auth/auth-batch/src/main/java/org/onap/aaf/auth/actions/URModify.java
+++ b/auth/auth-batch/src/main/java/org/onap/aaf/auth/actions/URModify.java
@@ -35,46 +35,46 @@ import org.onap.aaf.misc.env.APIException;
import com.datastax.driver.core.Cluster;
public class URModify extends ActionDAO<UserRole,Void,URModify.Modify> {
- public URModify(AuthzTrans trans, Cluster cluster, boolean dryRun) throws APIException, IOException {
- super(trans, cluster,dryRun);
- }
-
- public URModify(AuthzTrans trans, ActionDAO<?,?,?> adao) {
- super(trans, adao);
- }
+ public URModify(AuthzTrans trans, Cluster cluster, boolean dryRun) throws APIException, IOException {
+ super(trans, cluster,dryRun);
+ }
+
+ public URModify(AuthzTrans trans, ActionDAO<?,?,?> adao) {
+ super(trans, adao);
+ }
- @Override
- public Result<Void> exec(AuthzTrans trans, UserRole ur,Modify modify) {
- if(dryRun) {
- trans.info().printf("Would Update %s %s", ur.user(), ur.role());
- return Result.ok();
- } else {
- Result<List<Data>> rr = q.userRoleDAO.read(trans, ur.user(),ur.role());
- if(rr.notOKorIsEmpty()) {
- return Result.err(rr);
- }
- for(Data d : rr.value) {
- modify.change(d);
- if(!(ur.expires().equals(d.expires))) {
- ur.expires(d.expires);
- }
- if(ur.user().equals(d.user) && ur.role().equals(d.role)){
- Result<Void> rv = q.userRoleDAO.update(trans, d);
- if(rv.isOK()) {
- trans.info().printf("Updated %s %s to %s", ur.user(), ur.role(), d.toString());
- } else {
- trans.info().log(rv.errorString());
- }
- } else {
- return Result.err(Status.ERR_Denied, "You cannot change the key of this Data");
- }
- }
- return Result.err(Status.ERR_UserRoleNotFound,"No User Role with %s %s",ur.user(),ur.role());
- }
- }
-
- public static interface Modify {
- void change(UserRoleDAO.Data ur);
- }
-
+ @Override
+ public Result<Void> exec(AuthzTrans trans, UserRole ur,Modify modify) {
+ if(dryRun) {
+ trans.info().printf("Would Update %s %s", ur.user(), ur.role());
+ return Result.ok();
+ } else {
+ Result<List<Data>> rr = q.userRoleDAO.read(trans, ur.user(),ur.role());
+ if(rr.notOKorIsEmpty()) {
+ return Result.err(rr);
+ }
+ for(Data d : rr.value) {
+ modify.change(d);
+ if(!(ur.expires().equals(d.expires))) {
+ ur.expires(d.expires);
+ }
+ if(ur.user().equals(d.user) && ur.role().equals(d.role)){
+ Result<Void> rv = q.userRoleDAO.update(trans, d);
+ if(rv.isOK()) {
+ trans.info().printf("Updated %s %s to %s", ur.user(), ur.role(), d.toString());
+ } else {
+ trans.info().log(rv.errorString());
+ }
+ } else {
+ return Result.err(Status.ERR_Denied, "You cannot change the key of this Data");
+ }
+ }
+ return Result.err(Status.ERR_UserRoleNotFound,"No User Role with %s %s",ur.user(),ur.role());
+ }
+ }
+
+ public static interface Modify {
+ void change(UserRoleDAO.Data ur);
+ }
+
} \ No newline at end of file
diff --git a/auth/auth-batch/src/main/java/org/onap/aaf/auth/actions/URPrint.java b/auth/auth-batch/src/main/java/org/onap/aaf/auth/actions/URPrint.java
index a9bdf9ca..be464d42 100644
--- a/auth/auth-batch/src/main/java/org/onap/aaf/auth/actions/URPrint.java
+++ b/auth/auth-batch/src/main/java/org/onap/aaf/auth/actions/URPrint.java
@@ -27,16 +27,16 @@ import org.onap.aaf.auth.layer.Result;
import org.onap.aaf.misc.env.util.Chrono;
public class URPrint implements Action<UserRole,Void,String> {
- private String info;
+ private String info;
- public URPrint(String text) {
- this.info = text;
- }
+ public URPrint(String text) {
+ this.info = text;
+ }
- @Override
- public Result<Void> exec(AuthzTrans trans, UserRole ur, String text) {
- trans.info().log(info,text,ur.user(),"to",ur.role(),"expiring on",Chrono.dateOnlyStamp(ur.expires()));
- return Result.ok();
- }
+ @Override
+ public Result<Void> exec(AuthzTrans trans, UserRole ur, String text) {
+ trans.info().log(info,text,ur.user(),"to",ur.role(),"expiring on",Chrono.dateOnlyStamp(ur.expires()));
+ return Result.ok();
+ }
} \ No newline at end of file
diff --git a/auth/auth-batch/src/main/java/org/onap/aaf/auth/actions/URPunt.java b/auth/auth-batch/src/main/java/org/onap/aaf/auth/actions/URPunt.java
index 8676ef33..856c89dc 100644
--- a/auth/auth-batch/src/main/java/org/onap/aaf/auth/actions/URPunt.java
+++ b/auth/auth-batch/src/main/java/org/onap/aaf/auth/actions/URPunt.java
@@ -36,35 +36,35 @@ import org.onap.aaf.misc.env.util.Chrono;
import com.datastax.driver.core.Cluster;
public class URPunt extends ActionPuntDAO<UserRole,Void,String> {
- public URPunt(AuthzTrans trans, Cluster cluster, int months, int range, boolean dryRun) throws APIException, IOException {
- super(trans,cluster, months, range,dryRun);
- }
+ public URPunt(AuthzTrans trans, Cluster cluster, int months, int range, boolean dryRun) throws APIException, IOException {
+ super(trans,cluster, months, range,dryRun);
+ }
- public URPunt(AuthzTrans trans, ActionDAO<?,?,?> adao, int months, int range) {
- super(trans, adao, months, range);
- }
+ public URPunt(AuthzTrans trans, ActionDAO<?,?,?> adao, int months, int range) {
+ super(trans, adao, months, range);
+ }
- public Result<Void> exec(AuthzTrans trans, UserRole ur, String text) {
- if(dryRun) {
- trans.info().log("Would Update User",ur.user(),"and Role", ur.role(), text);
- return Result.ok();
- } else {
- Result<List<Data>> read = q.userRoleDAO.read(trans, ur.user(), ur.role());
- if(read.isOK()) {
- for(UserRoleDAO.Data data : read.value) {
- Date from = data.expires;
- data.expires = puntDate(from);
- if(data.expires.compareTo(from)<=0) {
- trans.debug().printf("Error: %s is same or before %s", Chrono.dateOnlyStamp(data.expires), Chrono.dateOnlyStamp(from));
- } else {
- trans.info().log("Updating User",ur.user(),"and Role", ur.role(), "from",Chrono.dateOnlyStamp(from),"to",Chrono.dateOnlyStamp(data.expires), text);
- q.userRoleDAO.update(trans, data);
- }
- }
- return Result.ok();
- } else {
- return Result.err(read);
- }
- }
- }
+ public Result<Void> exec(AuthzTrans trans, UserRole ur, String text) {
+ if(dryRun) {
+ trans.info().log("Would Update User",ur.user(),"and Role", ur.role(), text);
+ return Result.ok();
+ } else {
+ Result<List<Data>> read = q.userRoleDAO.read(trans, ur.user(), ur.role());
+ if(read.isOK()) {
+ for(UserRoleDAO.Data data : read.value) {
+ Date from = data.expires;
+ data.expires = puntDate(from);
+ if(data.expires.compareTo(from)<=0) {
+ trans.debug().printf("Error: %s is same or before %s", Chrono.dateOnlyStamp(data.expires), Chrono.dateOnlyStamp(from));
+ } else {
+ trans.info().log("Updating User",ur.user(),"and Role", ur.role(), "from",Chrono.dateOnlyStamp(from),"to",Chrono.dateOnlyStamp(data.expires), text);
+ q.userRoleDAO.update(trans, data);
+ }
+ }
+ return Result.ok();
+ } else {
+ return Result.err(read);
+ }
+ }
+ }
} \ No newline at end of file
diff --git a/auth/auth-batch/src/main/java/org/onap/aaf/auth/helpers/Approval.java b/auth/auth-batch/src/main/java/org/onap/aaf/auth/helpers/Approval.java
index 58aa206e..94c709b3 100644
--- a/auth/auth-batch/src/main/java/org/onap/aaf/auth/helpers/Approval.java
+++ b/auth/auth-batch/src/main/java/org/onap/aaf/auth/helpers/Approval.java
@@ -41,269 +41,269 @@ import com.datastax.driver.core.SimpleStatement;
import com.datastax.driver.core.Statement;
public class Approval implements CacheChange.Data {
- public static final String RE_APPROVAL_IN_ROLE = "Re-Approval in Role '";
- public static final String RE_VALIDATE_ADMIN = "Re-Validate as Administrator for AAF Namespace '";
- public static final String RE_VALIDATE_OWNER = "Re-Validate Ownership for AAF Namespace '";
+ public static final String RE_APPROVAL_IN_ROLE = "Re-Approval in Role '";
+ public static final String RE_VALIDATE_ADMIN = "Re-Validate as Administrator for AAF Namespace '";
+ public static final String RE_VALIDATE_OWNER = "Re-Validate Ownership for AAF Namespace '";
- public static TreeMap<String,List<Approval>> byApprover = new TreeMap<>();
- public static TreeMap<String,List<Approval>> byUser = new TreeMap<>();
- public static TreeMap<UUID,List<Approval>> byTicket = new TreeMap<>();
- private final static CacheChange<Approval> cache = new CacheChange<>();
-
- public final ApprovalDAO.Data add;
- private String role;
-
- public Approval(UUID id, UUID ticket, String approver, Date last_notified,
- String user, String memo, String operation, String status, String type, long updated) {
- add = new ApprovalDAO.Data();
- add.id = id;
- add.ticket = ticket;
- add.approver = approver;
- add.last_notified = last_notified;
- add.user = user;
- add.memo = memo;
- add.operation = operation;
- add.status = status;
- add.type = type;
- add.updated = new Date(updated);
- role = roleFromMemo(memo);
- }
-
- public static String roleFromMemo(String memo) {
- if(memo==null) {
- return null;
- }
- int first = memo.indexOf('\'');
- if(first>=0) {
- int second = memo.indexOf('\'', ++first);
- if(second>=0) {
- String role = memo.substring(first, second);
- if(memo.startsWith(RE_VALIDATE_ADMIN)) {
- return role + ".admin";
- } else if(memo.startsWith(RE_VALIDATE_OWNER)) {
- return role + ".owner";
- } else if(memo.startsWith(RE_APPROVAL_IN_ROLE)) {
- return role;
- }
- }
- }
- return null;
- }
+ public static TreeMap<String,List<Approval>> byApprover = new TreeMap<>();
+ public static TreeMap<String,List<Approval>> byUser = new TreeMap<>();
+ public static TreeMap<UUID,List<Approval>> byTicket = new TreeMap<>();
+ private final static CacheChange<Approval> cache = new CacheChange<>();
+
+ public final ApprovalDAO.Data add;
+ private String role;
+
+ public Approval(UUID id, UUID ticket, String approver, Date last_notified,
+ String user, String memo, String operation, String status, String type, long updated) {
+ add = new ApprovalDAO.Data();
+ add.id = id;
+ add.ticket = ticket;
+ add.approver = approver;
+ add.last_notified = last_notified;
+ add.user = user;
+ add.memo = memo;
+ add.operation = operation;
+ add.status = status;
+ add.type = type;
+ add.updated = new Date(updated);
+ role = roleFromMemo(memo);
+ }
+
+ public static String roleFromMemo(String memo) {
+ if(memo==null) {
+ return null;
+ }
+ int first = memo.indexOf('\'');
+ if(first>=0) {
+ int second = memo.indexOf('\'', ++first);
+ if(second>=0) {
+ String role = memo.substring(first, second);
+ if(memo.startsWith(RE_VALIDATE_ADMIN)) {
+ return role + ".admin";
+ } else if(memo.startsWith(RE_VALIDATE_OWNER)) {
+ return role + ".owner";
+ } else if(memo.startsWith(RE_APPROVAL_IN_ROLE)) {
+ return role;
+ }
+ }
+ }
+ return null;
+ }
- public static void load(Trans trans, Session session, Creator<Approval> creator ) {
- trans.info().log( "query: " + creator.select() );
+ public static void load(Trans trans, Session session, Creator<Approval> creator ) {
+ trans.info().log( "query: " + creator.select() );
TimeTaken tt = trans.start("Load Notify", Env.REMOTE);
ResultSet results;
- try {
- Statement stmt = new SimpleStatement(creator.select());
- results = session.execute(stmt);
+ try {
+ Statement stmt = new SimpleStatement(creator.select());
+ results = session.execute(stmt);
} finally {
- tt.done();
+ tt.done();
}
- int count = 0;
+ int count = 0;
tt = trans.start("Process Notify", Env.SUB);
try {
- List<Approval> ln;
- for(Row row : results.all()) {
- ++count;
- try {
- Approval app = creator.create(row);
- String person = app.getApprover();
- if(person!=null) {
- ln = byApprover.get(person);
- if(ln==null) {
- ln = new ArrayList<>();
- byApprover.put(app.getApprover(), ln);
- }
- ln.add(app);
- }
-
-
- person = app.getUser();
- if(person!=null) {
- ln = byUser.get(person);
- if(ln==null) {
- ln = new ArrayList<>();
- byUser.put(app.getUser(), ln);
- }
- ln.add(app);
- }
- UUID ticket = app.getTicket();
- if(ticket!=null) {
- ln = byTicket.get(ticket);
- if(ln==null) {
- ln = new ArrayList<>();
- byTicket.put(app.getTicket(), ln);
- }
- ln.add(app);
- }
- } finally {
- tt.done();
- }
- }
+ List<Approval> ln;
+ for(Row row : results.all()) {
+ ++count;
+ try {
+ Approval app = creator.create(row);
+ String person = app.getApprover();
+ if(person!=null) {
+ ln = byApprover.get(person);
+ if(ln==null) {
+ ln = new ArrayList<>();
+ byApprover.put(app.getApprover(), ln);
+ }
+ ln.add(app);
+ }
+
+
+ person = app.getUser();
+ if(person!=null) {
+ ln = byUser.get(person);
+ if(ln==null) {
+ ln = new ArrayList<>();
+ byUser.put(app.getUser(), ln);
+ }
+ ln.add(app);
+ }
+ UUID ticket = app.getTicket();
+ if(ticket!=null) {
+ ln = byTicket.get(ticket);
+ if(ln==null) {
+ ln = new ArrayList<>();
+ byTicket.put(app.getTicket(), ln);
+ }
+ ln.add(app);
+ }
+ } finally {
+ tt.done();
+ }
+ }
} finally {
- tt.done();
- trans.info().log("Found",count,"Approval Records");
+ tt.done();
+ trans.info().log("Found",count,"Approval Records");
+ }
+ }
+
+ @Override
+ public void expunge() {
+ List<Approval> la = byApprover.get(getApprover());
+ if(la!=null) {
+ la.remove(this);
+ }
+
+ la = byUser.get(getUser());
+ if(la!=null) {
+ la.remove(this);
+ }
+ UUID ticket = this.add==null?null:this.add.ticket;
+ if(ticket!=null) {
+ la = byTicket.get(this.add.ticket);
+ if(la!=null) {
+ la.remove(this);
+ }
}
- }
-
- @Override
- public void expunge() {
- List<Approval> la = byApprover.get(getApprover());
- if(la!=null) {
- la.remove(this);
- }
-
- la = byUser.get(getUser());
- if(la!=null) {
- la.remove(this);
- }
- UUID ticket = this.add==null?null:this.add.ticket;
- if(ticket!=null) {
- la = byTicket.get(this.add.ticket);
- if(la!=null) {
- la.remove(this);
- }
- }
- }
+ }
- public void update(AuthzTrans trans, ApprovalDAO apprDAO, boolean dryRun) {
- if(dryRun) {
- trans.info().printf("Would update Approval %s, %s, last_notified %s",add.id,add.status,add.last_notified);
- } else {
- trans.info().printf("Update Approval %s, %s, last_notified %s",add.id,add.status,add.last_notified);
- apprDAO.update(trans, add);
- }
- }
+ public void update(AuthzTrans trans, ApprovalDAO apprDAO, boolean dryRun) {
+ if(dryRun) {
+ trans.info().printf("Would update Approval %s, %s, last_notified %s",add.id,add.status,add.last_notified);
+ } else {
+ trans.info().printf("Update Approval %s, %s, last_notified %s",add.id,add.status,add.last_notified);
+ apprDAO.update(trans, add);
+ }
+ }
- public static Creator<Approval> v2_0_17 = new Creator<Approval>() {
- @Override
- public Approval create(Row row) {
- return new Approval(row.getUUID(0), row.getUUID(1), row.getString(2), row.getTimestamp(3),
- row.getString(4),row.getString(5),row.getString(6),row.getString(7),row.getString(8)
- ,row.getLong(9)/1000);
- }
+ public static Creator<Approval> v2_0_17 = new Creator<Approval>() {
+ @Override
+ public Approval create(Row row) {
+ return new Approval(row.getUUID(0), row.getUUID(1), row.getString(2), row.getTimestamp(3),
+ row.getString(4),row.getString(5),row.getString(6),row.getString(7),row.getString(8)
+ ,row.getLong(9)/1000);
+ }
- @Override
- public String select() {
- return "select id,ticket,approver,last_notified,user,memo,operation,status,type,WRITETIME(status) from authz.approval";
- }
- };
+ @Override
+ public String select() {
+ return "select id,ticket,approver,last_notified,user,memo,operation,status,type,WRITETIME(status) from authz.approval";
+ }
+ };
- /**
- * @return the lastNotified
- */
- public Date getLast_notified() {
- return add.last_notified;
- }
- /**
- * @param lastNotified the lastNotified to set
- */
- public void setLastNotified(Date last_notified) {
- add.last_notified = last_notified;
- }
- /**
- * @return the status
- */
- public String getStatus() {
- return add.status;
- }
- /**
- * @param status the status to set
- */
- public void setStatus(String status) {
- add.status = status;
- }
- /**
- * @return the id
- */
- public UUID getId() {
- return add.id;
- }
- /**
- * @return the ticket
- */
- public UUID getTicket() {
- return add.ticket;
- }
- /**
- * @return the approver
- */
- public String getApprover() {
- return add.approver;
- }
- /**
- * @return the user
- */
- public String getUser() {
- return add.user;
- }
- /**
- * @return the memo
- */
- public String getMemo() {
- return add.memo;
- }
- /**
- * @return the operation
- */
- public String getOperation() {
- return add.operation;
- }
- /**
- * @return the type
- */
- public String getType() {
- return add.type;
- }
- public void lapsed() {
- add.ticket=null;
- add.status="lapsed";
- }
-
- public String getRole() {
- return role;
- }
-
- public String toString() {
- return getUser() + ' ' + getMemo();
- }
+ /**
+ * @return the lastNotified
+ */
+ public Date getLast_notified() {
+ return add.last_notified;
+ }
+ /**
+ * @param lastNotified the lastNotified to set
+ */
+ public void setLastNotified(Date last_notified) {
+ add.last_notified = last_notified;
+ }
+ /**
+ * @return the status
+ */
+ public String getStatus() {
+ return add.status;
+ }
+ /**
+ * @param status the status to set
+ */
+ public void setStatus(String status) {
+ add.status = status;
+ }
+ /**
+ * @return the id
+ */
+ public UUID getId() {
+ return add.id;
+ }
+ /**
+ * @return the ticket
+ */
+ public UUID getTicket() {
+ return add.ticket;
+ }
+ /**
+ * @return the approver
+ */
+ public String getApprover() {
+ return add.approver;
+ }
+ /**
+ * @return the user
+ */
+ public String getUser() {
+ return add.user;
+ }
+ /**
+ * @return the memo
+ */
+ public String getMemo() {
+ return add.memo;
+ }
+ /**
+ * @return the operation
+ */
+ public String getOperation() {
+ return add.operation;
+ }
+ /**
+ * @return the type
+ */
+ public String getType() {
+ return add.type;
+ }
+ public void lapsed() {
+ add.ticket=null;
+ add.status="lapsed";
+ }
+
+ public String getRole() {
+ return role;
+ }
+
+ public String toString() {
+ return getUser() + ' ' + getMemo();
+ }
- public void delayDelete(AuthzTrans trans, ApprovalDAO ad, boolean dryRun, String text) {
- if(dryRun) {
- trans.info().log(text,"- Would Delete: Approval",getId(),"on ticket",getTicket(),"for",getApprover());
- } else {
- Result<Void> rv = ad.delete(trans, add, false);
- if(rv.isOK()) {
- trans.info().log(text,"- Deleted: Approval",getId(),"on ticket",getTicket(),"for",getApprover());
- cache.delayedDelete(this);
- } else {
- trans.info().log(text,"- Failed to Delete Approval",getId());
- }
- }
- }
-
+ public void delayDelete(AuthzTrans trans, ApprovalDAO ad, boolean dryRun, String text) {
+ if(dryRun) {
+ trans.info().log(text,"- Would Delete: Approval",getId(),"on ticket",getTicket(),"for",getApprover());
+ } else {
+ Result<Void> rv = ad.delete(trans, add, false);
+ if(rv.isOK()) {
+ trans.info().log(text,"- Deleted: Approval",getId(),"on ticket",getTicket(),"for",getApprover());
+ cache.delayedDelete(this);
+ } else {
+ trans.info().log(text,"- Failed to Delete Approval",getId());
+ }
+ }
+ }
+
- public static void resetLocalData() {
- cache.resetLocalData();
- }
-
- public static int sizeForDeletion() {
- return cache.cacheSize();
- }
+ public static void resetLocalData() {
+ cache.resetLocalData();
+ }
+
+ public static int sizeForDeletion() {
+ return cache.cacheSize();
+ }
- public static void delayDelete(AuthzTrans noAvg, ApprovalDAO apprDAO, boolean dryRun, List<Approval> list, String text) {
- if(list!=null) {
- for(Approval a : list) {
- a.delayDelete(noAvg, apprDAO, dryRun,text);
- }
- }
- }
+ public static void delayDelete(AuthzTrans noAvg, ApprovalDAO apprDAO, boolean dryRun, List<Approval> list, String text) {
+ if(list!=null) {
+ for(Approval a : list) {
+ a.delayDelete(noAvg, apprDAO, dryRun,text);
+ }
+ }
+ }
- public static boolean pendingDelete(Approval a) {
- return cache.contains(a);
- }
+ public static boolean pendingDelete(Approval a) {
+ return cache.contains(a);
+ }
}
diff --git a/auth/auth-batch/src/main/java/org/onap/aaf/auth/helpers/Approver.java b/auth/auth-batch/src/main/java/org/onap/aaf/auth/helpers/Approver.java
index 127daac5..977964f1 100644
--- a/auth/auth-batch/src/main/java/org/onap/aaf/auth/helpers/Approver.java
+++ b/auth/auth-batch/src/main/java/org/onap/aaf/auth/helpers/Approver.java
@@ -28,35 +28,35 @@ import org.onap.aaf.auth.actions.Message;
import org.onap.aaf.auth.org.Organization;
public class Approver {
- public String name;
- public Organization org;
- public Map<String, Integer> userRequests;
-
- public Approver(String approver, Organization org) {
- this.name = approver;
- this.org = org;
- userRequests = new HashMap<>();
- }
-
- public void addRequest(String user) {
- if (userRequests.get(user) == null) {
- userRequests.put(user, 1);
- } else {
- Integer curCount = userRequests.remove(user);
- userRequests.put(user, curCount+1);
- }
- }
-
- /**
- * @param sb
- * @return
- */
- public void build(Message msg) {
- msg.clear();
- msg.line("You have %d total pending approvals from the following users:", userRequests.size());
- for (Map.Entry<String, Integer> entry : userRequests.entrySet()) {
- msg.line(" %s (%d)",entry.getKey(),entry.getValue());
- }
- }
+ public String name;
+ public Organization org;
+ public Map<String, Integer> userRequests;
+
+ public Approver(String approver, Organization org) {
+ this.name = approver;
+ this.org = org;
+ userRequests = new HashMap<>();
+ }
+
+ public void addRequest(String user) {
+ if (userRequests.get(user) == null) {
+ userRequests.put(user, 1);
+ } else {
+ Integer curCount = userRequests.remove(user);
+ userRequests.put(user, curCount+1);
+ }
+ }
+
+ /**
+ * @param sb
+ * @return
+ */
+ public void build(Message msg) {
+ msg.clear();
+ msg.line("You have %d total pending approvals from the following users:", userRequests.size());
+ for (Map.Entry<String, Integer> entry : userRequests.entrySet()) {
+ msg.line(" %s (%d)",entry.getKey(),entry.getValue());
+ }
+ }
}
diff --git a/auth/auth-batch/src/main/java/org/onap/aaf/auth/helpers/CacheChange.java b/auth/auth-batch/src/main/java/org/onap/aaf/auth/helpers/CacheChange.java
index 0c82184b..1adc3d08 100644
--- a/auth/auth-batch/src/main/java/org/onap/aaf/auth/helpers/CacheChange.java
+++ b/auth/auth-batch/src/main/java/org/onap/aaf/auth/helpers/CacheChange.java
@@ -25,39 +25,39 @@ import java.util.ArrayList;
import java.util.List;
public class CacheChange<T extends CacheChange.Data> {
- private List<T> removed;
-
- public CacheChange() {
- removed = new ArrayList<>();
- }
-
- interface Data {
- public abstract void expunge();
- }
-
- public final void delayedDelete(T t) {
- removed.add(t);
- }
-
- public final List<T> getRemoved() {
- return removed;
- }
-
- public final void resetLocalData() {
- if(removed==null || removed.isEmpty()) {
- return;
- }
- for(T t : removed) {
- t.expunge();
- }
- removed.clear();
- }
+ private List<T> removed;
+
+ public CacheChange() {
+ removed = new ArrayList<>();
+ }
+
+ interface Data {
+ public abstract void expunge();
+ }
+
+ public final void delayedDelete(T t) {
+ removed.add(t);
+ }
+
+ public final List<T> getRemoved() {
+ return removed;
+ }
+
+ public final void resetLocalData() {
+ if(removed==null || removed.isEmpty()) {
+ return;
+ }
+ for(T t : removed) {
+ t.expunge();
+ }
+ removed.clear();
+ }
- public int cacheSize() {
- return removed.size();
- }
+ public int cacheSize() {
+ return removed.size();
+ }
- public boolean contains(T t) {
- return removed.contains(t);
- }
+ public boolean contains(T t) {
+ return removed.contains(t);
+ }
}
diff --git a/auth/auth-batch/src/main/java/org/onap/aaf/auth/helpers/Creator.java b/auth/auth-batch/src/main/java/org/onap/aaf/auth/helpers/Creator.java
index da6d558c..11580b80 100644
--- a/auth/auth-batch/src/main/java/org/onap/aaf/auth/helpers/Creator.java
+++ b/auth/auth-batch/src/main/java/org/onap/aaf/auth/helpers/Creator.java
@@ -24,18 +24,18 @@ package org.onap.aaf.auth.helpers;
import com.datastax.driver.core.Row;
public abstract class Creator<T> {
- public abstract T create(Row row);
- public abstract String select();
-
- public String query(String where) {
- StringBuilder sb = new StringBuilder(select());
- if(where!=null) {
- sb.append(" WHERE ");
- sb.append(where);
- }
- sb.append(';');
- return sb.toString();
- }
+ public abstract T create(Row row);
+ public abstract String select();
+
+ public String query(String where) {
+ StringBuilder sb = new StringBuilder(select());
+ if(where!=null) {
+ sb.append(" WHERE ");
+ sb.append(where);
+ }
+ sb.append(';');
+ return sb.toString();
+ }
} \ No newline at end of file
diff --git a/auth/auth-batch/src/main/java/org/onap/aaf/auth/helpers/Cred.java b/auth/auth-batch/src/main/java/org/onap/aaf/auth/helpers/Cred.java
index 56fbbbae..4013f193 100644
--- a/auth/auth-batch/src/main/java/org/onap/aaf/auth/helpers/Cred.java
+++ b/auth/auth-batch/src/main/java/org/onap/aaf/auth/helpers/Cred.java
@@ -46,261 +46,261 @@ public class Cred {
public static final TreeMap<String,Cred> data = new TreeMap<>();
public static final TreeMap<String,List<Cred>> byNS = new TreeMap<>();
- public final String id;
- public final List<Instance> instances;
- public final String ns;
-
- public Cred(String id) {
- this.id = id;
- instances = new ArrayList<>();
- ns=Question.domain2ns(id);
- }
-
- public static class Instance {
- public final int type;
- public final Date expires,written;
- public final Integer other;
-
- public Instance(int type, Date expires, Integer other, long written) {
- this.type = type;
- this.expires = expires;
- this.other = other;
- this.written = new Date(written);
- }
- }
-
- public Date last(final int ... types) {
- Date last = null;
- for(Instance i : instances) {
- if(types.length>0) { // filter by types, if requested
- boolean quit = true;
- for(int t : types) {
- if(t==i.type) {
- quit=false;
- break;
- }
- }
- if(quit) {
- continue;
- }
- }
- if(last==null || i.expires.after(last)) {
- last = i.expires;
- }
- }
- return last;
- }
+ public final String id;
+ public final List<Instance> instances;
+ public final String ns;
+
+ public Cred(String id) {
+ this.id = id;
+ instances = new ArrayList<>();
+ ns=Question.domain2ns(id);
+ }
+
+ public static class Instance {
+ public final int type;
+ public final Date expires,written;
+ public final Integer other;
+
+ public Instance(int type, Date expires, Integer other, long written) {
+ this.type = type;
+ this.expires = expires;
+ this.other = other;
+ this.written = new Date(written);
+ }
+ }
+
+ public Date last(final int ... types) {
+ Date last = null;
+ for(Instance i : instances) {
+ if(types.length>0) { // filter by types, if requested
+ boolean quit = true;
+ for(int t : types) {
+ if(t==i.type) {
+ quit=false;
+ break;
+ }
+ }
+ if(quit) {
+ continue;
+ }
+ }
+ if(last==null || i.expires.after(last)) {
+ last = i.expires;
+ }
+ }
+ return last;
+ }
-
- public Set<Integer> types() {
- Set<Integer> types = new HashSet<>();
- for(Instance i : instances) {
- types.add(i.type);
- }
- return types;
- }
+
+ public Set<Integer> types() {
+ Set<Integer> types = new HashSet<>();
+ for(Instance i : instances) {
+ types.add(i.type);
+ }
+ return types;
+ }
- public static void load(Trans trans, Session session, int ... types ) {
- load(trans, session,"select id, type, expires, other, writetime(cred) from authz.cred;",types);
-
- }
+ public static void load(Trans trans, Session session, int ... types ) {
+ load(trans, session,"select id, type, expires, other, writetime(cred) from authz.cred;",types);
+
+ }
- public static void loadOneNS(Trans trans, Session session, String ns,int ... types ) {
- load(trans, session,"select id, type, expires, other, writetime(cred) from authz.cred WHERE ns='" + ns + "';");
- }
+ public static void loadOneNS(Trans trans, Session session, String ns,int ... types ) {
+ load(trans, session,"select id, type, expires, other, writetime(cred) from authz.cred WHERE ns='" + ns + "';");
+ }
- private static void load(Trans trans, Session session, String query, int ...types) {
+ private static void load(Trans trans, Session session, String query, int ...types) {
trans.info().log( "query: " + query );
TimeTaken tt = trans.start("Read Creds", Env.REMOTE);
ResultSet results;
- try {
- Statement stmt = new SimpleStatement( query );
- results = session.execute(stmt);
+ try {
+ Statement stmt = new SimpleStatement( query );
+ results = session.execute(stmt);
} finally {
- tt.done();
+ tt.done();
}
- int count = 0;
+ int count = 0;
try {
- Iterator<Row> iter = results.iterator();
- Row row;
- int type; // for filtering
- String id;
- tt = trans.start("Load Credentials", Env.SUB);
- try {
- while(iter.hasNext()) {
- ++count;
- row = iter.next();
- id = row.getString(0);
- type = row.getInt(1);
- if(types.length>0) { // filter by types, if requested
- boolean quit = true;
- for(int t : types) {
- if(t==type) {
- quit=false;
- break;
- }
- }
- if(quit) {
- continue;
- }
- }
- Cred cred = data.get(id);
- if(cred==null) {
- cred = new Cred(id);
- data.put(id, cred);
- }
- cred.instances.add(new Instance(type, row.getTimestamp(2), row.getInt(3), row.getLong(4)/1000));
-
- List<Cred> lscd = byNS.get(cred.ns);
- if(lscd==null) {
- byNS.put(cred.ns, (lscd=new ArrayList<>()));
- }
- boolean found = false;
- for(Cred c : lscd) {
- if(c.id.equals(cred.id)) {
- found=true;
- break;
- }
- }
- if(!found) {
- lscd.add(cred);
- }
- }
- } finally {
- tt.done();
- }
+ Iterator<Row> iter = results.iterator();
+ Row row;
+ int type; // for filtering
+ String id;
+ tt = trans.start("Load Credentials", Env.SUB);
+ try {
+ while(iter.hasNext()) {
+ ++count;
+ row = iter.next();
+ id = row.getString(0);
+ type = row.getInt(1);
+ if(types.length>0) { // filter by types, if requested
+ boolean quit = true;
+ for(int t : types) {
+ if(t==type) {
+ quit=false;
+ break;
+ }
+ }
+ if(quit) {
+ continue;
+ }
+ }
+ Cred cred = data.get(id);
+ if(cred==null) {
+ cred = new Cred(id);
+ data.put(id, cred);
+ }
+ cred.instances.add(new Instance(type, row.getTimestamp(2), row.getInt(3), row.getLong(4)/1000));
+
+ List<Cred> lscd = byNS.get(cred.ns);
+ if(lscd==null) {
+ byNS.put(cred.ns, (lscd=new ArrayList<>()));
+ }
+ boolean found = false;
+ for(Cred c : lscd) {
+ if(c.id.equals(cred.id)) {
+ found=true;
+ break;
+ }
+ }
+ if(!found) {
+ lscd.add(cred);
+ }
+ }
+ } finally {
+ tt.done();
+ }
} finally {
- trans.info().log("Found",count,"creds");
+ trans.info().log("Found",count,"creds");
+ }
+ }
+
+ /**
+ * Count entries in Cred data.
+ * Note, as opposed to other methods, need to load the whole cred table for the Types.
+ * @param numbuckets
+ * @return
+ */
+ public static CredCount count(int numbuckets) {
+ CredCount cc = new CredCount(numbuckets);
+ for(Cred c : data.values()) {
+ for (Instance ci : c.instances) {
+ cc.inc(ci.type,ci.written, ci.expires);
+ }
}
- }
-
- /**
- * Count entries in Cred data.
- * Note, as opposed to other methods, need to load the whole cred table for the Types.
- * @param numbuckets
- * @return
- */
- public static CredCount count(int numbuckets) {
- CredCount cc = new CredCount(numbuckets);
- for(Cred c : data.values()) {
- for (Instance ci : c.instances) {
- cc.inc(ci.type,ci.written, ci.expires);
- }
- }
- return cc;
-// String query = "select count(*) from authz.cred LIMIT 1000000;";
+ return cc;
+// String query = "select count(*) from authz.cred LIMIT 1000000;";
// trans.info().log( "query: " + query );
// TimeTaken tt = trans.start("Count Credentials", Env.REMOTE);
// ResultSet results;
// try {
-// Statement stmt = new SimpleStatement(query).setReadTimeoutMillis(12000);
-// results = session.execute(stmt);
-// return results.one().getLong(0);
+// Statement stmt = new SimpleStatement(query).setReadTimeoutMillis(12000);
+// results = session.execute(stmt);
+// return results.one().getLong(0);
// } finally {
-// tt.done();
+// tt.done();
// }
- }
+ }
- public static class CredCount {
- public int raw[];
- public int basic_auth[];
- public int basic_auth_256[];
- public int cert[];
- public int x509Added[];
- public int x509Expired[];
- public Date dates[];
-
- public CredCount(int numbuckets) {
- raw = new int[numbuckets];
- basic_auth = new int[numbuckets];
- basic_auth_256 = new int[numbuckets];
- cert = new int[numbuckets];
- x509Added = new int[numbuckets];
- x509Expired = new int[numbuckets];
- dates = new Date[numbuckets];
- GregorianCalendar gc = new GregorianCalendar();
- dates[0]=gc.getTime(); // now
- gc.set(GregorianCalendar.DAY_OF_MONTH, 1);
- gc.set(GregorianCalendar.HOUR, 0);
- gc.set(GregorianCalendar.MINUTE, 0);
- gc.set(GregorianCalendar.SECOND,0);
- gc.set(GregorianCalendar.MILLISECOND,0);
- gc.add(GregorianCalendar.MILLISECOND, -1); // last milli of month
- for(int i=1;i<numbuckets;++i) {
- dates[i] = gc.getTime();
- gc.add(GregorianCalendar.MONTH, -1);
- }
-
- }
-
- public void inc(int type, Date start, Date expires) {
- for(int i=0;i<dates.length-1;++i) {
- if(start.before(dates[i])) {
- if(type==CredDAO.CERT_SHA256_RSA) {
- if(start.after(dates[i+1])) {
- ++x509Added[i];
- }
- }
- if(expires.after(dates[i])) {
- switch(type) {
- case CredDAO.RAW:
- ++raw[i];
- break;
- case CredDAO.BASIC_AUTH:
- ++basic_auth[i];
- break;
- case CredDAO.BASIC_AUTH_SHA256:
- ++basic_auth_256[i];
- break;
- case CredDAO.CERT_SHA256_RSA:
- ++cert[i];
- break;
- }
- }
- }
- }
- }
+ public static class CredCount {
+ public int raw[];
+ public int basic_auth[];
+ public int basic_auth_256[];
+ public int cert[];
+ public int x509Added[];
+ public int x509Expired[];
+ public Date dates[];
+
+ public CredCount(int numbuckets) {
+ raw = new int[numbuckets];
+ basic_auth = new int[numbuckets];
+ basic_auth_256 = new int[numbuckets];
+ cert = new int[numbuckets];
+ x509Added = new int[numbuckets];
+ x509Expired = new int[numbuckets];
+ dates = new Date[numbuckets];
+ GregorianCalendar gc = new GregorianCalendar();
+ dates[0]=gc.getTime(); // now
+ gc.set(GregorianCalendar.DAY_OF_MONTH, 1);
+ gc.set(GregorianCalendar.HOUR, 0);
+ gc.set(GregorianCalendar.MINUTE, 0);
+ gc.set(GregorianCalendar.SECOND,0);
+ gc.set(GregorianCalendar.MILLISECOND,0);
+ gc.add(GregorianCalendar.MILLISECOND, -1); // last milli of month
+ for(int i=1;i<numbuckets;++i) {
+ dates[i] = gc.getTime();
+ gc.add(GregorianCalendar.MONTH, -1);
+ }
+
+ }
+
+ public void inc(int type, Date start, Date expires) {
+ for(int i=0;i<dates.length-1;++i) {
+ if(start.before(dates[i])) {
+ if(type==CredDAO.CERT_SHA256_RSA) {
+ if(start.after(dates[i+1])) {
+ ++x509Added[i];
+ }
+ }
+ if(expires.after(dates[i])) {
+ switch(type) {
+ case CredDAO.RAW:
+ ++raw[i];
+ break;
+ case CredDAO.BASIC_AUTH:
+ ++basic_auth[i];
+ break;
+ case CredDAO.BASIC_AUTH_SHA256:
+ ++basic_auth_256[i];
+ break;
+ case CredDAO.CERT_SHA256_RSA:
+ ++cert[i];
+ break;
+ }
+ }
+ }
+ }
+ }
- public long authCount(int idx) {
- return (long)basic_auth[idx]+basic_auth_256[idx];
- }
-
- public long x509Count(int idx) {
- return cert[idx];
- }
+ public long authCount(int idx) {
+ return (long)basic_auth[idx]+basic_auth_256[idx];
+ }
+
+ public long x509Count(int idx) {
+ return cert[idx];
+ }
- }
-
- public String toString() {
- StringBuilder sb = new StringBuilder(id);
- sb.append('[');
- for(Instance i : instances) {
- sb.append('{');
- sb.append(i.type);
- sb.append(",\"");
- sb.append(i.expires);
- sb.append("\"}");
- }
- sb.append(']');
- return sb.toString();
- }
+ }
+
+ public String toString() {
+ StringBuilder sb = new StringBuilder(id);
+ sb.append('[');
+ for(Instance i : instances) {
+ sb.append('{');
+ sb.append(i.type);
+ sb.append(",\"");
+ sb.append(i.expires);
+ sb.append("\"}");
+ }
+ sb.append(']');
+ return sb.toString();
+ }
- /* (non-Javadoc)
- * @see java.lang.Object#hashCode()
- */
- @Override
- public int hashCode() {
- return id.hashCode();
- }
+ /* (non-Javadoc)
+ * @see java.lang.Object#hashCode()
+ */
+ @Override
+ public int hashCode() {
+ return id.hashCode();
+ }
- /* (non-Javadoc)
- * @see java.lang.Object#equals(java.lang.Object)
- */
- @Override
- public boolean equals(Object obj) {
- return id.equals(obj);
- }
+ /* (non-Javadoc)
+ * @see java.lang.Object#equals(java.lang.Object)
+ */
+ @Override
+ public boolean equals(Object obj) {
+ return id.equals(obj);
+ }
} \ No newline at end of file
diff --git a/auth/auth-batch/src/main/java/org/onap/aaf/auth/helpers/Future.java b/auth/auth-batch/src/main/java/org/onap/aaf/auth/helpers/Future.java
index 948e65be..0c618eeb 100644
--- a/auth/auth-batch/src/main/java/org/onap/aaf/auth/helpers/Future.java
+++ b/auth/auth-batch/src/main/java/org/onap/aaf/auth/helpers/Future.java
@@ -44,160 +44,160 @@ import com.datastax.driver.core.SimpleStatement;
import com.datastax.driver.core.Statement;
public class Future implements CacheChange.Data, Comparable<Future> {
- public static final Map<UUID,Future> data = new TreeMap<>();
- public static final Map<String,List<Future>> byRole = new TreeMap<>();
-
- public final FutureDAO.Data fdd;
- public final String role; // derived
- private static final CacheChange<Future> cache = new CacheChange<>();
-
-
- public final UUID id() {
- return fdd.id;
- }
-
- public final String memo() {
- return fdd.memo;
- }
-
- public final String target() {
- return fdd.target;
- }
-
- public final Date start() {
- return fdd.start;
- }
-
- public final Date expires() {
- return fdd.expires;
- }
-
-
- public Future(UUID id, String memo, String target, Date start, Date expires, ByteBuffer construct) {
- fdd = new FutureDAO.Data();
- fdd.id = id;
- fdd.memo = memo;
- fdd.target = target;
- fdd.start = start;
- fdd.expires = expires;
- fdd.construct = construct;
- role = Approval.roleFromMemo(memo);
- }
-
- public static void load(Trans trans, Session session, Creator<Future> creator) {
- trans.info().log( "query: " + creator.select() );
- ResultSet results;
- TimeTaken tt = trans.start("Load Futures", Env.REMOTE);
- try {
- Statement stmt = new SimpleStatement(creator.select());
- results = session.execute(stmt);
- } finally {
- tt.done();
- }
-
- int count = 0;
- tt = trans.start("Process Futures", Env.SUB);
- try {
- for(Row row : results.all()) {
- ++count;
- Future f = creator.create(row);
- data.put(f.fdd.id,f);
- if(f.role==null) {
- continue;
- }
- List<Future> lf = byRole.get(f.role);
- if(lf==null) {
- lf = new ArrayList<>();
- byRole.put(f.role,lf);
- }
- lf.add(f);
-
- }
- } finally {
- tt.done();
- trans.info().log("Found",count,"Futures");
- }
- }
-
- public static Creator<Future> v2_0_17 = new Creator<Future>() {
- @Override
- public Future create(Row row) {
- return new Future(row.getUUID(0),row.getString(1),row.getString(2),
- row.getTimestamp(3),row.getTimestamp(4), null);
- }
-
- @Override
- public String select() {
- return "select id,memo,target,start,expires from authz.future";
- }
- };
-
- public static Creator<Future> withConstruct = new Creator<Future>() {
- @Override
- public String select() {
- return "select id,memo,target,start,expires,construct from authz.future";
- }
-
- @Override
- public Future create(Row row) {
- return new Future(row.getUUID(0),row.getString(1),row.getString(2),
- row.getTimestamp(3),row.getTimestamp(4), row.getBytes(5));
- }
-
- };
-
- public Result<Void> delayedDelete(AuthzTrans trans, FutureDAO fd, boolean dryRun, String text) {
- Result<Void> rv;
- if(dryRun) {
- trans.info().log(text,"- Would Delete: ",fdd.id,fdd.memo,"expiring on",Chrono.dateOnlyStamp(fdd.expires));
- rv = Result.ok();
- } else {
- rv = fd.delete(trans, fdd, true); // need to read for undelete
- if(rv.isOK()) {
- trans.info().log(text, "- Deleted:",fdd.id,fdd.memo,"expiring on",Chrono.dateOnlyStamp(fdd.expires));
- cache.delayedDelete(this);
- } else {
- if(rv.status!=6) {
- trans.info().log(text,"- Failed to Delete Future", fdd.id);
- }
- }
- }
- return rv;
- }
-
- /* (non-Javadoc)
- * @see org.onap.aaf.auth.helpers.CacheChange.Data#resetLocalData()
- */
- @Override
- public void expunge() {
- data.remove(fdd.id);
- if(role!=null) {
- List<Future> lf = byRole.get(role);
- if(lf!=null) {
- lf.remove(this);
- }
- }
- }
-
- @Override
- public int compareTo(Future o) {
- if(o==null) {
- return -1;
- }
- return fdd.id.compareTo(o.fdd.id);
- }
-
- public static void resetLocalData() {
- cache.resetLocalData();
- }
-
- public static int sizeForDeletion() {
- return cache.cacheSize();
- }
-
- public static boolean pendingDelete(Future f) {
- return cache.contains(f);
- }
+ public static final Map<UUID,Future> data = new TreeMap<>();
+ public static final Map<String,List<Future>> byRole = new TreeMap<>();
+
+ public final FutureDAO.Data fdd;
+ public final String role; // derived
+ private static final CacheChange<Future> cache = new CacheChange<>();
+
+
+ public final UUID id() {
+ return fdd.id;
+ }
+
+ public final String memo() {
+ return fdd.memo;
+ }
+
+ public final String target() {
+ return fdd.target;
+ }
+
+ public final Date start() {
+ return fdd.start;
+ }
+
+ public final Date expires() {
+ return fdd.expires;
+ }
+
+
+ public Future(UUID id, String memo, String target, Date start, Date expires, ByteBuffer construct) {
+ fdd = new FutureDAO.Data();
+ fdd.id = id;
+ fdd.memo = memo;
+ fdd.target = target;
+ fdd.start = start;
+ fdd.expires = expires;
+ fdd.construct = construct;
+ role = Approval.roleFromMemo(memo);
+ }
+
+ public static void load(Trans trans, Session session, Creator<Future> creator) {
+ trans.info().log( "query: " + creator.select() );
+ ResultSet results;
+ TimeTaken tt = trans.start("Load Futures", Env.REMOTE);
+ try {
+ Statement stmt = new SimpleStatement(creator.select());
+ results = session.execute(stmt);
+ } finally {
+ tt.done();
+ }
+
+ int count = 0;
+ tt = trans.start("Process Futures", Env.SUB);
+ try {
+ for(Row row : results.all()) {
+ ++count;
+ Future f = creator.create(row);
+ data.put(f.fdd.id,f);
+ if(f.role==null) {
+ continue;
+ }
+ List<Future> lf = byRole.get(f.role);
+ if(lf==null) {
+ lf = new ArrayList<>();
+ byRole.put(f.role,lf);
+ }
+ lf.add(f);
+
+ }
+ } finally {
+ tt.done();
+ trans.info().log("Found",count,"Futures");
+ }
+ }
+
+ public static Creator<Future> v2_0_17 = new Creator<Future>() {
+ @Override
+ public Future create(Row row) {
+ return new Future(row.getUUID(0),row.getString(1),row.getString(2),
+ row.getTimestamp(3),row.getTimestamp(4), null);
+ }
+
+ @Override
+ public String select() {
+ return "select id,memo,target,start,expires from authz.future";
+ }
+ };
+
+ public static Creator<Future> withConstruct = new Creator<Future>() {
+ @Override
+ public String select() {
+ return "select id,memo,target,start,expires,construct from authz.future";
+ }
+
+ @Override
+ public Future create(Row row) {
+ return new Future(row.getUUID(0),row.getString(1),row.getString(2),
+ row.getTimestamp(3),row.getTimestamp(4), row.getBytes(5));
+ }
+
+ };
+
+ public Result<Void> delayedDelete(AuthzTrans trans, FutureDAO fd, boolean dryRun, String text) {
+ Result<Void> rv;
+ if(dryRun) {
+ trans.info().log(text,"- Would Delete: ",fdd.id,fdd.memo,"expiring on",Chrono.dateOnlyStamp(fdd.expires));
+ rv = Result.ok();
+ } else {
+ rv = fd.delete(trans, fdd, true); // need to read for undelete
+ if(rv.isOK()) {
+ trans.info().log(text, "- Deleted:",fdd.id,fdd.memo,"expiring on",Chrono.dateOnlyStamp(fdd.expires));
+ cache.delayedDelete(this);
+ } else {
+ if(rv.status!=6) {
+ trans.info().log(text,"- Failed to Delete Future", fdd.id);
+ }
+ }
+ }
+ return rv;
+ }
+
+ /* (non-Javadoc)
+ * @see org.onap.aaf.auth.helpers.CacheChange.Data#resetLocalData()
+ */
+ @Override
+ public void expunge() {
+ data.remove(fdd.id);
+ if(role!=null) {
+ List<Future> lf = byRole.get(role);
+ if(lf!=null) {
+ lf.remove(this);
+ }
+ }
+ }
+
+ @Override
+ public int compareTo(Future o) {
+ if(o==null) {
+ return -1;
+ }
+ return fdd.id.compareTo(o.fdd.id);
+ }
+
+ public static void resetLocalData() {
+ cache.resetLocalData();
+ }
+
+ public static int sizeForDeletion() {
+ return cache.cacheSize();
+ }
+
+ public static boolean pendingDelete(Future f) {
+ return cache.contains(f);
+ }
}
diff --git a/auth/auth-batch/src/main/java/org/onap/aaf/auth/helpers/History.java b/auth/auth-batch/src/main/java/org/onap/aaf/auth/helpers/History.java
index f153c06b..c0841590 100644
--- a/auth/auth-batch/src/main/java/org/onap/aaf/auth/helpers/History.java
+++ b/auth/auth-batch/src/main/java/org/onap/aaf/auth/helpers/History.java
@@ -36,143 +36,143 @@ import com.datastax.driver.core.SimpleStatement;
import com.datastax.driver.core.Statement;
public class History {
- public final UUID id;
- public final String action;
- public final String memo;
- public final String reconstruct;
- public final String subject;
- public final String target;
- public final String user;
- public final int yr_mon;
-
- public History(UUID id, String action, String memo, String subject, String target, String user, int yr_mon) {
- this.id = id;
- this.action = action;
- this.memo = memo;
- this.reconstruct = null;
- this.subject = subject;
- this.target = target;
- this.user = user;
- this.yr_mon = yr_mon;
- }
-
- public History(UUID id, String action, String memo, String reconstruct, String subject, String target, String user, int yr_mon) {
- this.id = id;
- this.action = action;
- this.memo = memo;
- this.reconstruct = reconstruct;
- this.subject = subject;
- this.target = target;
- this.user = user;
- this.yr_mon = yr_mon;
- }
+ public final UUID id;
+ public final String action;
+ public final String memo;
+ public final String reconstruct;
+ public final String subject;
+ public final String target;
+ public final String user;
+ public final int yr_mon;
+
+ public History(UUID id, String action, String memo, String subject, String target, String user, int yr_mon) {
+ this.id = id;
+ this.action = action;
+ this.memo = memo;
+ this.reconstruct = null;
+ this.subject = subject;
+ this.target = target;
+ this.user = user;
+ this.yr_mon = yr_mon;
+ }
+
+ public History(UUID id, String action, String memo, String reconstruct, String subject, String target, String user, int yr_mon) {
+ this.id = id;
+ this.action = action;
+ this.memo = memo;
+ this.reconstruct = reconstruct;
+ this.subject = subject;
+ this.target = target;
+ this.user = user;
+ this.yr_mon = yr_mon;
+ }
- public static void load(Trans trans, Session session, Creator<History> creator, Loader<History> loader) {
+ public static void load(Trans trans, Session session, Creator<History> creator, Loader<History> loader) {
trans.info().log( "query: " + creator.select() );
TimeTaken tt = trans.start("Read History", Env.REMOTE);
ResultSet results;
- try {
- Statement stmt = new SimpleStatement( creator.select() ).setReadTimeoutMillis(240000);
- results = session.execute(stmt);
+ try {
+ Statement stmt = new SimpleStatement( creator.select() ).setReadTimeoutMillis(240000);
+ results = session.execute(stmt);
} finally {
- tt.done();
+ tt.done();
}
- int count = 0;
+ int count = 0;
try {
- Iterator<Row> iter = results.iterator();
- Row row;
- tt = trans.start("Load History", Env.SUB);
- try {
- while(iter.hasNext()) {
- ++count;
- row = iter.next();
- loader.exec(creator.create(row));
- }
- } finally {
- tt.done();
- }
+ Iterator<Row> iter = results.iterator();
+ Row row;
+ tt = trans.start("Load History", Env.SUB);
+ try {
+ while(iter.hasNext()) {
+ ++count;
+ row = iter.next();
+ loader.exec(creator.create(row));
+ }
+ } finally {
+ tt.done();
+ }
} finally {
- trans.info().log("Found",count,"histories");
+ trans.info().log("Found",count,"histories");
}
- }
-
- public String toString() {
- return String.format("%s %d %s, %s, %s, %s, %s",
- id.toString(),
- yr_mon,
- user,
- target,
- action,
- subject,
- memo);
- }
+ }
+
+ public String toString() {
+ return String.format("%s %d %s, %s, %s, %s, %s",
+ id.toString(),
+ yr_mon,
+ user,
+ target,
+ action,
+ subject,
+ memo);
+ }
- /* (non-Javadoc)
- * @see java.lang.Object#hashCode()
- */
- @Override
- public int hashCode() {
- return id.hashCode();
- }
+ /* (non-Javadoc)
+ * @see java.lang.Object#hashCode()
+ */
+ @Override
+ public int hashCode() {
+ return id.hashCode();
+ }
- /* (non-Javadoc)
- * @see java.lang.Object#equals(java.lang.Object)
- */
- @Override
- public boolean equals(Object obj) {
- return id.equals(obj);
- }
-
- public static Creator<History> sansConstruct = new Creator<History> () {
- @Override
- public History create(Row row) {
- return new History(
- row.getUUID(0),
- row.getString(1),
- row.getString(2),
- row.getString(3),
- row.getString(4),
- row.getString(5),
- row.getInt(6));
- }
+ /* (non-Javadoc)
+ * @see java.lang.Object#equals(java.lang.Object)
+ */
+ @Override
+ public boolean equals(Object obj) {
+ return id.equals(obj);
+ }
+
+ public static Creator<History> sansConstruct = new Creator<History> () {
+ @Override
+ public History create(Row row) {
+ return new History(
+ row.getUUID(0),
+ row.getString(1),
+ row.getString(2),
+ row.getString(3),
+ row.getString(4),
+ row.getString(5),
+ row.getInt(6));
+ }
- @Override
- public String select() {
- return "SELECT id, action, memo, subject, target, user, yr_mon from authz.history LIMIT 10000000 ";
- }
- };
+ @Override
+ public String select() {
+ return "SELECT id, action, memo, subject, target, user, yr_mon from authz.history LIMIT 10000000 ";
+ }
+ };
- public static Creator<History> avecConstruct = new Creator<History> () {
- private final StringBuilder sb = new StringBuilder();
-
- @Override
- public History create(Row row) {
- ByteBuffer bb = row.getBytes(3);
- sb.setLength(0);
-
- if(bb!=null && bb.hasRemaining()) {
- sb.append("0x");
- while(bb.hasRemaining()) {
- sb.append(String.format("%02x",bb.get()));
- }
- bb.flip();
- }
- return new History(
- row.getUUID(0),
- row.getString(1),
- row.getString(2),
- sb.toString(),
- row.getString(4),
- row.getString(5),
- row.getString(6),
- row.getInt(7));
- }
+ public static Creator<History> avecConstruct = new Creator<History> () {
+ private final StringBuilder sb = new StringBuilder();
+
+ @Override
+ public History create(Row row) {
+ ByteBuffer bb = row.getBytes(3);
+ sb.setLength(0);
+
+ if(bb!=null && bb.hasRemaining()) {
+ sb.append("0x");
+ while(bb.hasRemaining()) {
+ sb.append(String.format("%02x",bb.get()));
+ }
+ bb.flip();
+ }
+ return new History(
+ row.getUUID(0),
+ row.getString(1),
+ row.getString(2),
+ sb.toString(),
+ row.getString(4),
+ row.getString(5),
+ row.getString(6),
+ row.getInt(7));
+ }
- @Override
- public String select() {
- return "SELECT id, action, memo, reconstruct, subject, target, user, yr_mon from authz.history LIMIT 10000000 ";
- }
- };
+ @Override
+ public String select() {
+ return "SELECT id, action, memo, reconstruct, subject, target, user, yr_mon from authz.history LIMIT 10000000 ";
+ }
+ };
} \ No newline at end of file
diff --git a/auth/auth-batch/src/main/java/org/onap/aaf/auth/helpers/InputIterator.java b/auth/auth-batch/src/main/java/org/onap/aaf/auth/helpers/InputIterator.java
index 0afcac27..60b34af9 100644
--- a/auth/auth-batch/src/main/java/org/onap/aaf/auth/helpers/InputIterator.java
+++ b/auth/auth-batch/src/main/java/org/onap/aaf/auth/helpers/InputIterator.java
@@ -28,46 +28,46 @@ import java.util.Iterator;
import java.util.NoSuchElementException;
public class InputIterator implements Iterable<String> {
- private BufferedReader in;
- private final PrintStream out;
- private final String prompt, instructions;
-
- public InputIterator(BufferedReader in, PrintStream out, String prompt, String instructions) {
- this.in = in;
- this.out = out;
- this.prompt = prompt;
- this.instructions = instructions;
- }
-
- @Override
- public Iterator<String> iterator() {
- out.println(instructions);
- return new Iterator<String>() {
- String input;
- @Override
- public boolean hasNext() {
- out.append(prompt);
- try {
- input = in.readLine();
- } catch (IOException e) {
- input = null;
- return false;
- }
- return input.length()>0;
- }
+ private BufferedReader in;
+ private final PrintStream out;
+ private final String prompt, instructions;
+
+ public InputIterator(BufferedReader in, PrintStream out, String prompt, String instructions) {
+ this.in = in;
+ this.out = out;
+ this.prompt = prompt;
+ this.instructions = instructions;
+ }
+
+ @Override
+ public Iterator<String> iterator() {
+ out.println(instructions);
+ return new Iterator<String>() {
+ String input;
+ @Override
+ public boolean hasNext() {
+ out.append(prompt);
+ try {
+ input = in.readLine();
+ } catch (IOException e) {
+ input = null;
+ return false;
+ }
+ return input.length()>0;
+ }
- @Override
- public String next() {
- if(!hasNext()) {
- throw new NoSuchElementException();
- }
- return input;
- }
+ @Override
+ public String next() {
+ if(!hasNext()) {
+ throw new NoSuchElementException();
+ }
+ return input;
+ }
- @Override
- public void remove() {
- }
- };
- }
+ @Override
+ public void remove() {
+ }
+ };
+ }
}
diff --git a/auth/auth-batch/src/main/java/org/onap/aaf/auth/helpers/Loader.java b/auth/auth-batch/src/main/java/org/onap/aaf/auth/helpers/Loader.java
index 6d27f648..1ec64b7b 100644
--- a/auth/auth-batch/src/main/java/org/onap/aaf/auth/helpers/Loader.java
+++ b/auth/auth-batch/src/main/java/org/onap/aaf/auth/helpers/Loader.java
@@ -22,5 +22,5 @@
package org.onap.aaf.auth.helpers;
public interface Loader<T> {
- public void exec(T t);
+ public void exec(T t);
} \ No newline at end of file
diff --git a/auth/auth-batch/src/main/java/org/onap/aaf/auth/helpers/MiscID.java b/auth/auth-batch/src/main/java/org/onap/aaf/auth/helpers/MiscID.java
index d92a448a..afa68c08 100644
--- a/auth/auth-batch/src/main/java/org/onap/aaf/auth/helpers/MiscID.java
+++ b/auth/auth-batch/src/main/java/org/onap/aaf/auth/helpers/MiscID.java
@@ -36,153 +36,153 @@ import com.datastax.driver.core.SimpleStatement;
import com.datastax.driver.core.Statement;
public class MiscID {
- public static final TreeMap<String,MiscID> data = new TreeMap<>();
- /*
- Sample Record
- aad890|mj9030|20040902|20120207
-
- **** Field Definitions ****
- MISCID - AT&T Miscellaneous ID - Non-User ID (Types: Internal Mechanized ID, External Mechanized ID, Datagate ID, Customer ID, Vendor ID, Exchange Mail ID, CLEC ID, Specialized ID, Training ID)
- SPONSOR_ATTUID - ATTUID of MiscID Sponsor (Owner)
- CREATE_DATE - Date when MiscID was created
- LAST_RENEWAL_DATE - Date when MiscID Sponsorship was last renewed
- */
- public String id,sponsor,created,renewal;
-
- private static final String fieldString = "id,created,sponsor,renewal";
-
- /**
- * Load a Row of Strings (from CSV file).
- *
- * Be CAREFUL that the Row lists match the Fields above!!! If this changes, change
- * 1) This Object
- * 2) DB "suits.cql"
- * 3) Alter existing Tables
- * @param row
- * @throws BatchException
- * @throws IllegalAccessException
- * @throws IllegalArgumentException
- */
- public void set(String row []) throws BatchException {
- if(row.length<4) {throw new BatchException("Row of MiscID_XRef is too short");}
- id = row[0];
- sponsor = row[1];
- created = row[2];
- renewal = row[3];
- }
-
- public void set(Row row) {
- id = row.getString(0);
- sponsor = row.getString(1);
- created = row.getString(2);
- renewal = row.getString(3);
- }
-
-
- public static void load(Trans trans, Session session ) {
- load(trans, session,"SELECT " + fieldString + " FROM authz.miscid;",data);
- }
-
- public static void load(Trans trans, Session session, Map<String,MiscID> map ) {
- load(trans, session,"SELECT " + fieldString + " FROM authz.miscid;",map);
- }
-
- public static void loadOne(Trans trans, Session session, String id ) {
- load(trans, session,"SELECT " + fieldString + " FROM authz.miscid WHERE id ='" + id + "';", data);
- }
-
- public static void load(Trans trans, Session session, String query, Map<String,MiscID> map) {
+ public static final TreeMap<String,MiscID> data = new TreeMap<>();
+ /*
+ Sample Record
+ aad890|mj9030|20040902|20120207
+
+ **** Field Definitions ****
+ MISCID - AT&T Miscellaneous ID - Non-User ID (Types: Internal Mechanized ID, External Mechanized ID, Datagate ID, Customer ID, Vendor ID, Exchange Mail ID, CLEC ID, Specialized ID, Training ID)
+ SPONSOR_ATTUID - ATTUID of MiscID Sponsor (Owner)
+ CREATE_DATE - Date when MiscID was created
+ LAST_RENEWAL_DATE - Date when MiscID Sponsorship was last renewed
+ */
+ public String id,sponsor,created,renewal;
+
+ private static final String fieldString = "id,created,sponsor,renewal";
+
+ /**
+ * Load a Row of Strings (from CSV file).
+ *
+ * Be CAREFUL that the Row lists match the Fields above!!! If this changes, change
+ * 1) This Object
+ * 2) DB "suits.cql"
+ * 3) Alter existing Tables
+ * @param row
+ * @throws BatchException
+ * @throws IllegalAccessException
+ * @throws IllegalArgumentException
+ */
+ public void set(String row []) throws BatchException {
+ if(row.length<4) {throw new BatchException("Row of MiscID_XRef is too short");}
+ id = row[0];
+ sponsor = row[1];
+ created = row[2];
+ renewal = row[3];
+ }
+
+ public void set(Row row) {
+ id = row.getString(0);
+ sponsor = row.getString(1);
+ created = row.getString(2);
+ renewal = row.getString(3);
+ }
+
+
+ public static void load(Trans trans, Session session ) {
+ load(trans, session,"SELECT " + fieldString + " FROM authz.miscid;",data);
+ }
+
+ public static void load(Trans trans, Session session, Map<String,MiscID> map ) {
+ load(trans, session,"SELECT " + fieldString + " FROM authz.miscid;",map);
+ }
+
+ public static void loadOne(Trans trans, Session session, String id ) {
+ load(trans, session,"SELECT " + fieldString + " FROM authz.miscid WHERE id ='" + id + "';", data);
+ }
+
+ public static void load(Trans trans, Session session, String query, Map<String,MiscID> map) {
trans.info().log( "query: " + query );
TimeTaken tt = trans.start("Read MiscID", Env.REMOTE);
ResultSet results;
- try {
- Statement stmt = new SimpleStatement( query );
- results = session.execute(stmt);
+ try {
+ Statement stmt = new SimpleStatement( query );
+ results = session.execute(stmt);
} finally {
- tt.done();
+ tt.done();
}
- int count = 0;
+ int count = 0;
try {
- tt = trans.start("Load Map", Env.SUB);
- try {
- for( Row row : results.all()) {
- MiscID miscID = new MiscID();
- miscID.set(row);
- data.put(miscID.id,miscID);
- ++count;
- }
- } finally {
- tt.done();
- }
+ tt = trans.start("Load Map", Env.SUB);
+ try {
+ for( Row row : results.all()) {
+ MiscID miscID = new MiscID();
+ miscID.set(row);
+ data.put(miscID.id,miscID);
+ ++count;
+ }
+ } finally {
+ tt.done();
+ }
} finally {
- trans.info().log("Found",count,"miscID records");
+ trans.info().log("Found",count,"miscID records");
+ }
+ }
+
+ /* (non-Javadoc)
+ * @see java.lang.Object#hashCode()
+ */
+ @Override
+ public int hashCode() {
+ return id.hashCode();
+ }
+
+ /* (non-Javadoc)
+ * @see java.lang.Object#equals(java.lang.Object)
+ */
+ @Override
+ public boolean equals(Object obj) {
+ if(obj!=null && obj instanceof MiscID) {
+ return id.equals(((MiscID)obj).id);
+ }
+ return false;
+ }
+
+ public StringBuilder insertStmt() throws IllegalArgumentException, IllegalAccessException {
+ StringBuilder sb = new StringBuilder("INSERT INTO authz.miscid (");
+ sb.append(fieldString);
+ sb.append(") VALUES ('");
+ sb.append(id);
+ sb.append("','");
+ sb.append(sponsor);
+ sb.append("','");
+ sb.append(created);
+ sb.append("','");
+ sb.append(renewal);
+ sb.append("')");
+ return sb;
+ }
+
+ public StringBuilder updateStmt(MiscID source) {
+ StringBuilder sb = null;
+ if(id.equals(source.id)) {
+ sb = addField(sb,"sponser",sponsor,source.sponsor);
+ sb = addField(sb,"created",created,source.created);
+ sb = addField(sb,"renewal",renewal,source.renewal);
}
- }
-
- /* (non-Javadoc)
- * @see java.lang.Object#hashCode()
- */
- @Override
- public int hashCode() {
- return id.hashCode();
- }
-
- /* (non-Javadoc)
- * @see java.lang.Object#equals(java.lang.Object)
- */
- @Override
- public boolean equals(Object obj) {
- if(obj!=null && obj instanceof MiscID) {
- return id.equals(((MiscID)obj).id);
- }
- return false;
- }
-
- public StringBuilder insertStmt() throws IllegalArgumentException, IllegalAccessException {
- StringBuilder sb = new StringBuilder("INSERT INTO authz.miscid (");
- sb.append(fieldString);
- sb.append(") VALUES ('");
- sb.append(id);
- sb.append("','");
- sb.append(sponsor);
- sb.append("','");
- sb.append(created);
- sb.append("','");
- sb.append(renewal);
- sb.append("')");
- return sb;
- }
-
- public StringBuilder updateStmt(MiscID source) {
- StringBuilder sb = null;
- if(id.equals(source.id)) {
- sb = addField(sb,"sponser",sponsor,source.sponsor);
- sb = addField(sb,"created",created,source.created);
- sb = addField(sb,"renewal",renewal,source.renewal);
- }
- if(sb!=null) {
- sb.append(" WHERE id='");
- sb.append(id);
- sb.append('\'');
- }
- return sb;
- }
-
- private StringBuilder addField(StringBuilder sb, String name, String a, String b) {
- if(!a.equals(b)) {
- if(sb==null) {
- sb = new StringBuilder("UPDATE authz.miscid SET ");
- } else {
- sb.append(',');
- }
- sb.append(name);
- sb.append("='");
- sb.append(b);
- sb.append('\'');
- }
- return sb;
- }
-
-
+ if(sb!=null) {
+ sb.append(" WHERE id='");
+ sb.append(id);
+ sb.append('\'');
+ }
+ return sb;
+ }
+
+ private StringBuilder addField(StringBuilder sb, String name, String a, String b) {
+ if(!a.equals(b)) {
+ if(sb==null) {
+ sb = new StringBuilder("UPDATE authz.miscid SET ");
+ } else {
+ sb.append(',');
+ }
+ sb.append(name);
+ sb.append("='");
+ sb.append(b);
+ sb.append('\'');
+ }
+ return sb;
+ }
+
+
} \ No newline at end of file
diff --git a/auth/auth-batch/src/main/java/org/onap/aaf/auth/helpers/MonthData.java b/auth/auth-batch/src/main/java/org/onap/aaf/auth/helpers/MonthData.java
index d633770e..e9321f5f 100644
--- a/auth/auth-batch/src/main/java/org/onap/aaf/auth/helpers/MonthData.java
+++ b/auth/auth-batch/src/main/java/org/onap/aaf/auth/helpers/MonthData.java
@@ -37,84 +37,84 @@ import java.util.TreeMap;
public class MonthData {
public final Map<Integer,Set<Row>> data = new TreeMap<>();
- private File f;
+ private File f;
public MonthData(String env) throws IOException {
- f = new File("Monthly"+env+".dat");
-
- if(f.exists()) {
- BufferedReader br = new BufferedReader(new FileReader(f));
- try {
- String line;
- String[] split;
- while((line=br.readLine())!=null) {
- if(!line.startsWith("#")) {
- split = Split.split(',', line);
- if(split.length==5) {
- add(Integer.parseInt(split[0]),split[1],
- Integer.parseInt(split[2]),
- Integer.parseInt(split[3]),
- Integer.parseInt(split[4])
- );
- }
- }
- }
- } finally {
- br.close();
- }
- }
+ f = new File("Monthly"+env+".dat");
+
+ if(f.exists()) {
+ BufferedReader br = new BufferedReader(new FileReader(f));
+ try {
+ String line;
+ String[] split;
+ while((line=br.readLine())!=null) {
+ if(!line.startsWith("#")) {
+ split = Split.split(',', line);
+ if(split.length==5) {
+ add(Integer.parseInt(split[0]),split[1],
+ Integer.parseInt(split[2]),
+ Integer.parseInt(split[3]),
+ Integer.parseInt(split[4])
+ );
+ }
+ }
+ }
+ } finally {
+ br.close();
+ }
+ }
}
public void add(int yr_mon, String target, long total, long adds, long drops) {
- Set<Row> row = data.get(yr_mon);
- if(row==null) {
- data.put(yr_mon, (row=new HashSet<>()));
- }
- row.add(new Row(target,total,adds,drops));
- }
+ Set<Row> row = data.get(yr_mon);
+ if(row==null) {
+ data.put(yr_mon, (row=new HashSet<>()));
+ }
+ row.add(new Row(target,total,adds,drops));
+ }
public boolean notExists(int yr_mon) {
- return data.get(yr_mon)==null;
+ return data.get(yr_mon)==null;
}
- public static class Row implements Comparable<Row> {
- public final String target;
- public final long total;
- public final long adds;
- public final long drops;
-
- public Row(String t, long it, long a, long d) {
- target = t;
- total = it;
- adds = a;
- drops = d;
- }
+ public static class Row implements Comparable<Row> {
+ public final String target;
+ public final long total;
+ public final long adds;
+ public final long drops;
+
+ public Row(String t, long it, long a, long d) {
+ target = t;
+ total = it;
+ adds = a;
+ drops = d;
+ }
- @Override
- public int compareTo(Row o) {
- return target.compareTo(o.target);
- }
-
- public String toString() {
- return target + '|' + total + '|' + drops + '|' + adds;
- }
+ @Override
+ public int compareTo(Row o) {
+ return target.compareTo(o.target);
+ }
+
+ public String toString() {
+ return target + '|' + total + '|' + drops + '|' + adds;
+ }
}
public void write() throws IOException {
- if(f.exists()) {
- File bu = new File(f.getName()+".bak");
- f.renameTo(bu);
- }
- PrintStream ps = new PrintStream(f);
- try {
- for( Entry<Integer, Set<Row>> rows : data.entrySet()) {
- for(Row row : rows.getValue()) {
- ps.printf("%d,%s,%d,%d,%d\n",rows.getKey(),row.target,row.total,row.adds,row.drops);
- }
- }
- } finally {
- ps.close();
- }
+ if(f.exists()) {
+ File bu = new File(f.getName()+".bak");
+ f.renameTo(bu);
+ }
+ PrintStream ps = new PrintStream(f);
+ try {
+ for( Entry<Integer, Set<Row>> rows : data.entrySet()) {
+ for(Row row : rows.getValue()) {
+ ps.printf("%d,%s,%d,%d,%d\n",rows.getKey(),row.target,row.total,row.adds,row.drops);
+ }
+ }
+ } finally {
+ ps.close();
+ }
}
}
diff --git a/auth/auth-batch/src/main/java/org/onap/aaf/auth/helpers/NS.java b/auth/auth-batch/src/main/java/org/onap/aaf/auth/helpers/NS.java
index 172768cb..a2833e55 100644
--- a/auth/auth-batch/src/main/java/org/onap/aaf/auth/helpers/NS.java
+++ b/auth/auth-batch/src/main/java/org/onap/aaf/auth/helpers/NS.java
@@ -36,133 +36,133 @@ import com.datastax.driver.core.SimpleStatement;
import com.datastax.driver.core.Statement;
public class NS implements Comparable<NS> {
- public final static Map<String,NS> data = new TreeMap<>();
-
- public final String name, description, parent;
- public final int scope,type;
-
- public NS(String name, String description, String parent, int type, int scope) {
- this.name = name;
- this.description = description;
- this.parent = parent;
- this.scope = scope;
- this.type = type;
- }
-
- public static void load(Trans trans, Session session, Creator<NS> creator) {
- load(trans,session,
- "select name, description, parent, type, scope from authz.ns;"
- ,creator);
- }
-
- public static void loadOne(Trans trans, Session session, Creator<NS> creator, String ns) {
- load(trans,session,
- ("select name, description, parent, type, scope from authz.ns WHERE name='"+ns+"';")
- ,creator
- );
- }
-
- private static void load(Trans trans, Session session, String query, Creator<NS> creator) {
+ public final static Map<String,NS> data = new TreeMap<>();
+
+ public final String name, description, parent;
+ public final int scope,type;
+
+ public NS(String name, String description, String parent, int type, int scope) {
+ this.name = name;
+ this.description = description;
+ this.parent = parent;
+ this.scope = scope;
+ this.type = type;
+ }
+
+ public static void load(Trans trans, Session session, Creator<NS> creator) {
+ load(trans,session,
+ "select name, description, parent, type, scope from authz.ns;"
+ ,creator);
+ }
+
+ public static void loadOne(Trans trans, Session session, Creator<NS> creator, String ns) {
+ load(trans,session,
+ ("select name, description, parent, type, scope from authz.ns WHERE name='"+ns+"';")
+ ,creator
+ );
+ }
+
+ private static void load(Trans trans, Session session, String query, Creator<NS> creator) {
trans.info().log( "query: " + query );
ResultSet results;
TimeTaken tt;
tt = trans.start("Read Namespaces", Env.REMOTE);
try {
- Statement stmt = new SimpleStatement( query );
- results = session.execute(stmt);
+ Statement stmt = new SimpleStatement( query );
+ results = session.execute(stmt);
} finally {
- tt.done();
+ tt.done();
}
try {
- Iterator<Row> iter = results.iterator();
- Row row;
- tt = trans.start("Load Namespaces", Env.SUB);
- try {
- while(iter.hasNext()) {
- row = iter.next();
- NS ns = creator.create(row);
- data.put(ns.name,ns);
- }
- } finally {
- tt.done();
- }
+ Iterator<Row> iter = results.iterator();
+ Row row;
+ tt = trans.start("Load Namespaces", Env.SUB);
+ try {
+ while(iter.hasNext()) {
+ row = iter.next();
+ NS ns = creator.create(row);
+ data.put(ns.name,ns);
+ }
+ } finally {
+ tt.done();
+ }
} finally {
- trans.info().log("Found",data.size(),"Namespaces");
+ trans.info().log("Found",data.size(),"Namespaces");
}
- }
+ }
- public static long count(Trans trans, Session session) {
- String query = "select count(*) from authz.ns LIMIT 1000000;";
+ public static long count(Trans trans, Session session) {
+ String query = "select count(*) from authz.ns LIMIT 1000000;";
trans.info().log( "query: " + query );
TimeTaken tt = trans.start("Count Namespaces", Env.REMOTE);
ResultSet results;
try {
- Statement stmt = new SimpleStatement(query).setReadTimeoutMillis(12000);
- results = session.execute(stmt);
- return results.one().getLong(0);
+ Statement stmt = new SimpleStatement(query).setReadTimeoutMillis(12000);
+ results = session.execute(stmt);
+ return results.one().getLong(0);
} finally {
- tt.done();
+ tt.done();
}
- }
+ }
+
+ public String toString() {
+ return name;
+ }
+
+ /* (non-Javadoc)
+ * @see java.lang.Object#hashCode()
+ */
+ @Override
+ public int hashCode() {
+ return name.hashCode();
+ }
+
+ /* (non-Javadoc)
+ * @see java.lang.Object#equals(java.lang.Object)
+ */
+ @Override
+ public boolean equals(Object obj) {
+ return name.equals(obj);
+ }
+
+ @Override
+ public int compareTo(NS o) {
+ return name.compareTo(o.name);
+ }
+
+ public static class NSSplit {
+ public String ns;
+ public String other;
+ public NSSplit(String s, int dot) {
+ ns = s.substring(0,dot);
+ other = s.substring(dot+1);
+ }
+ }
+ public static NSSplit deriveParent(String dotted) {
+ if(dotted==null)return null;
+ for(int idx = dotted.lastIndexOf('.');idx>=0; idx=dotted.lastIndexOf('.',idx-1)) {
+ if(data.get(dotted.substring(0, idx))!=null) {
+ return new NSSplit(dotted,idx);
+ }
+ }
+ return null;
+ }
+
+ public static Creator<NS> v2_0_11 = new Creator<NS> () {
+ @Override
+ public NS create(Row row) {
+ return new NS(row.getString(0),row.getString(1), row.getString(2),row.getInt(3),row.getInt(4));
+ }
+
+ @Override
+ public String select() {
+ return "SELECT name, description, parent, type, scope FROM authz.ns ";
+ }
+ };
+
- public String toString() {
- return name;
- }
-
- /* (non-Javadoc)
- * @see java.lang.Object#hashCode()
- */
- @Override
- public int hashCode() {
- return name.hashCode();
- }
-
- /* (non-Javadoc)
- * @see java.lang.Object#equals(java.lang.Object)
- */
- @Override
- public boolean equals(Object obj) {
- return name.equals(obj);
- }
-
- @Override
- public int compareTo(NS o) {
- return name.compareTo(o.name);
- }
-
- public static class NSSplit {
- public String ns;
- public String other;
- public NSSplit(String s, int dot) {
- ns = s.substring(0,dot);
- other = s.substring(dot+1);
- }
- }
- public static NSSplit deriveParent(String dotted) {
- if(dotted==null)return null;
- for(int idx = dotted.lastIndexOf('.');idx>=0; idx=dotted.lastIndexOf('.',idx-1)) {
- if(data.get(dotted.substring(0, idx))!=null) {
- return new NSSplit(dotted,idx);
- }
- }
- return null;
- }
-
- public static Creator<NS> v2_0_11 = new Creator<NS> () {
- @Override
- public NS create(Row row) {
- return new NS(row.getString(0),row.getString(1), row.getString(2),row.getInt(3),row.getInt(4));
- }
-
- @Override
- public String select() {
- return "SELECT name, description, parent, type, scope FROM authz.ns ";
- }
- };
-
-
} \ No newline at end of file
diff --git a/auth/auth-batch/src/main/java/org/onap/aaf/auth/helpers/Notification.java b/auth/auth-batch/src/main/java/org/onap/aaf/auth/helpers/Notification.java
index 57ff5c61..abfd1ca4 100644
--- a/auth/auth-batch/src/main/java/org/onap/aaf/auth/helpers/Notification.java
+++ b/auth/auth-batch/src/main/java/org/onap/aaf/auth/helpers/Notification.java
@@ -41,169 +41,169 @@ import com.datastax.driver.core.SimpleStatement;
import com.datastax.driver.core.Statement;
public class Notification {
- public enum TYPE {
- OA("Owner Approval",1),SA("Supervisor Approval",2),CN("Credential Expiration",20);
-
- private String desc;
- private int type;
-
- private TYPE(String desc,int type) {
- this.desc = desc;
- this.type = type;
- }
-
- public String desc() {
- return desc;
- }
-
- public int idx() {
- return type;
- }
+ public enum TYPE {
+ OA("Owner Approval",1),SA("Supervisor Approval",2),CN("Credential Expiration",20);
+
+ private String desc;
+ private int type;
+
+ private TYPE(String desc,int type) {
+ this.desc = desc;
+ this.type = type;
+ }
+
+ public String desc() {
+ return desc;
+ }
+
+ public int idx() {
+ return type;
+ }
- public static TYPE get(int idx) {
- for(TYPE nt : TYPE.values()) {
- if(idx==nt.type) {
- return nt;
- }
- }
- return null;
- }
- }
+ public static TYPE get(int idx) {
+ for(TYPE nt : TYPE.values()) {
+ if(idx==nt.type) {
+ return nt;
+ }
+ }
+ return null;
+ }
+ }
public static final TreeMap<String,List<Notification>> data = new TreeMap<>();
public static final Date now = new Date();
public final String user;
- public final TYPE type;
- public Date last;
- public int checksum;
- public Message msg;
- private int current;
- public Organization org;
- public int count;
-
- private Notification(String user, TYPE nt, Date last, int checksum) {
- this.user = user;
- this.type = nt;
- this.last = last;
- this.checksum = checksum;
- current = 0;
- count = 0;
- }
-
- public static void load(Trans trans, Session session, Creator<Notification> creator ) {
- trans.info().log( "query: " + creator.select() );
+ public final TYPE type;
+ public Date last;
+ public int checksum;
+ public Message msg;
+ private int current;
+ public Organization org;
+ public int count;
+
+ private Notification(String user, TYPE nt, Date last, int checksum) {
+ this.user = user;
+ this.type = nt;
+ this.last = last;
+ this.checksum = checksum;
+ current = 0;
+ count = 0;
+ }
+
+ public static void load(Trans trans, Session session, Creator<Notification> creator ) {
+ trans.info().log( "query: " + creator.select() );
TimeTaken tt = trans.start("Load Notify", Env.REMOTE);
ResultSet results;
- try {
- Statement stmt = new SimpleStatement(creator.select());
- results = session.execute(stmt);
+ try {
+ Statement stmt = new SimpleStatement(creator.select());
+ results = session.execute(stmt);
} finally {
- tt.done();
+ tt.done();
}
- int count = 0;
+ int count = 0;
tt = trans.start("Process Notify", Env.SUB);
try {
- for(Row row : results.all()) {
- ++count;
- try {
- Notification not = creator.create(row);
- List<Notification> ln = data.get(not.user);
- if(ln==null) {
- ln = new ArrayList<>();
- data.put(not.user, ln);
- }
- ln.add(not);
- } finally {
- tt.done();
- }
- }
+ for(Row row : results.all()) {
+ ++count;
+ try {
+ Notification not = creator.create(row);
+ List<Notification> ln = data.get(not.user);
+ if(ln==null) {
+ ln = new ArrayList<>();
+ data.put(not.user, ln);
+ }
+ ln.add(not);
+ } finally {
+ tt.done();
+ }
+ }
} finally {
- tt.done();
- trans.info().log("Found",count,"Notify Records");
+ tt.done();
+ trans.info().log("Found",count,"Notify Records");
}
- }
-
- public static Notification get(String user, TYPE type) {
- List<Notification> ln = data.get(user);
- if(ln!=null) {
- for(Notification n : ln) {
- if(type.equals(n.type)) {
- return n;
- }
- }
- }
- return null;
- }
+ }
+
+ public static Notification get(String user, TYPE type) {
+ List<Notification> ln = data.get(user);
+ if(ln!=null) {
+ for(Notification n : ln) {
+ if(type.equals(n.type)) {
+ return n;
+ }
+ }
+ }
+ return null;
+ }
- public static Notification create(String user, TYPE type) {
- return new Notification(user,type,null,0);
- }
-
- public static Creator<Notification> v2_0_18 = new Creator<Notification>() {
- @Override
- public Notification create(Row row) {
- int idx =row.getInt(1);
- TYPE type = TYPE.get(idx);
- if(type==null) {
- return null;
- }
- return new Notification(row.getString(0), type, row.getTimestamp(2), row.getInt(3));
- }
+ public static Notification create(String user, TYPE type) {
+ return new Notification(user,type,null,0);
+ }
+
+ public static Creator<Notification> v2_0_18 = new Creator<Notification>() {
+ @Override
+ public Notification create(Row row) {
+ int idx =row.getInt(1);
+ TYPE type = TYPE.get(idx);
+ if(type==null) {
+ return null;
+ }
+ return new Notification(row.getString(0), type, row.getTimestamp(2), row.getInt(3));
+ }
- @Override
- public String select() {
- return "SELECT user,type,last,checksum FROM authz.notify LIMIT 100000";
- }
- };
+ @Override
+ public String select() {
+ return "SELECT user,type,last,checksum FROM authz.notify LIMIT 100000";
+ }
+ };
-
- public void set(Message msg) {
- this.msg = msg;
- }
+
+ public void set(Message msg) {
+ this.msg = msg;
+ }
- public int checksum() {
- if(msg==null) {
- current=0;
- } else if(current==0) {
- for(String l : msg.lines) {
- for(byte b : l.getBytes()) {
- current+=b;
- }
- }
- }
- return current;
- }
-
- public boolean update(AuthzTrans trans, Session session, boolean dryRun) {
- checksum();
- if(last==null || current==0 || current!=checksum) {
- last = now;
- current = checksum();
- String update = "UPDATE authz.notify SET " +
- "last = '" + Chrono.utcStamp(last) +
- "', checksum=" +
- current +
- " WHERE user='" +
- user +
- "' AND type=" +
- type.idx() +
- ";";
- if(dryRun) {
- trans.info().log("Would",update);
- } else {
- session.execute(update);
- }
- return true;
- }
- return false;
- }
+ public int checksum() {
+ if(msg==null) {
+ current=0;
+ } else if(current==0) {
+ for(String l : msg.lines) {
+ for(byte b : l.getBytes()) {
+ current+=b;
+ }
+ }
+ }
+ return current;
+ }
+
+ public boolean update(AuthzTrans trans, Session session, boolean dryRun) {
+ checksum();
+ if(last==null || current==0 || current!=checksum) {
+ last = now;
+ current = checksum();
+ String update = "UPDATE authz.notify SET " +
+ "last = '" + Chrono.utcStamp(last) +
+ "', checksum=" +
+ current +
+ " WHERE user='" +
+ user +
+ "' AND type=" +
+ type.idx() +
+ ";";
+ if(dryRun) {
+ trans.info().log("Would",update);
+ } else {
+ session.execute(update);
+ }
+ return true;
+ }
+ return false;
+ }
- public String toString() {
- return "\"" + user + "\",\"" + type.name() + "\",\""
- + Chrono.dateTime(last)+ "\", " + checksum;
- }
+ public String toString() {
+ return "\"" + user + "\",\"" + type.name() + "\",\""
+ + Chrono.dateTime(last)+ "\", " + checksum;
+ }
} \ No newline at end of file
diff --git a/auth/auth-batch/src/main/java/org/onap/aaf/auth/helpers/NsAttrib.java b/auth/auth-batch/src/main/java/org/onap/aaf/auth/helpers/NsAttrib.java
index eafbe909..d980bcc2 100644
--- a/auth/auth-batch/src/main/java/org/onap/aaf/auth/helpers/NsAttrib.java
+++ b/auth/auth-batch/src/main/java/org/onap/aaf/auth/helpers/NsAttrib.java
@@ -37,72 +37,72 @@ import com.datastax.driver.core.SimpleStatement;
import com.datastax.driver.core.Statement;
public class NsAttrib {
- public static final List<NsAttrib> data = new ArrayList<>();
+ public static final List<NsAttrib> data = new ArrayList<>();
public static final SortedMap<String,List<NsAttrib>> byKey = new TreeMap<>();
public static final SortedMap<String,List<NsAttrib>> byNS = new TreeMap<>();
- public final String ns;
- public final String key;
- public final String value;
- public static Creator<NsAttrib> v2_0_11 = new Creator<NsAttrib>() {
- @Override
- public NsAttrib create(Row row) {
- return new NsAttrib(row.getString(0), row.getString(1), row.getString(2));
- }
+ public final String ns;
+ public final String key;
+ public final String value;
+ public static Creator<NsAttrib> v2_0_11 = new Creator<NsAttrib>() {
+ @Override
+ public NsAttrib create(Row row) {
+ return new NsAttrib(row.getString(0), row.getString(1), row.getString(2));
+ }
- @Override
- public String select() {
- return "select ns,key,value from authz.ns_attrib";
- }
- };
-
- public NsAttrib(String ns, String key, String value) {
- this.ns = ns;
- this.key = key;
- this.value = value;
- }
-
- public static void load(Trans trans, Session session, Creator<NsAttrib> creator ) {
- trans.info().log( "query: " + creator.select() );
+ @Override
+ public String select() {
+ return "select ns,key,value from authz.ns_attrib";
+ }
+ };
+
+ public NsAttrib(String ns, String key, String value) {
+ this.ns = ns;
+ this.key = key;
+ this.value = value;
+ }
+
+ public static void load(Trans trans, Session session, Creator<NsAttrib> creator ) {
+ trans.info().log( "query: " + creator.select() );
ResultSet results;
TimeTaken tt = trans.start("Load NsAttributes", Env.REMOTE);
- try {
- Statement stmt = new SimpleStatement(creator.select());
- results = session.execute(stmt);
+ try {
+ Statement stmt = new SimpleStatement(creator.select());
+ results = session.execute(stmt);
} finally {
- tt.done();
+ tt.done();
}
- int count = 0;
+ int count = 0;
tt = trans.start("Process NsAttributes", Env.SUB);
try {
- for(Row row : results.all()) {
- ++count;
- NsAttrib ur = creator.create(row);
- data.add(ur);
-
- List<NsAttrib> lna = byKey.get(ur.key);
- if(lna==null) {
- lna = new ArrayList<>();
- byKey.put(ur.key, lna);
- }
- lna.add(ur);
-
- lna = byNS.get(ur.ns);
- if(lna==null) {
- lna = new ArrayList<>();
- byNS.put(ur.ns, lna);
- }
- lna.add(ur);
- }
+ for(Row row : results.all()) {
+ ++count;
+ NsAttrib ur = creator.create(row);
+ data.add(ur);
+
+ List<NsAttrib> lna = byKey.get(ur.key);
+ if(lna==null) {
+ lna = new ArrayList<>();
+ byKey.put(ur.key, lna);
+ }
+ lna.add(ur);
+
+ lna = byNS.get(ur.ns);
+ if(lna==null) {
+ lna = new ArrayList<>();
+ byNS.put(ur.ns, lna);
+ }
+ lna.add(ur);
+ }
} finally {
- tt.done();
- trans.info().log("Found",count,"NS Attributes");
+ tt.done();
+ trans.info().log("Found",count,"NS Attributes");
}
- }
+ }
- public String toString() {
- return '"' + ns + "\",\"" + key + "\",\"" + value +'"';
- }
+ public String toString() {
+ return '"' + ns + "\",\"" + key + "\",\"" + value +'"';
+ }
} \ No newline at end of file
diff --git a/auth/auth-batch/src/main/java/org/onap/aaf/auth/helpers/Perm.java b/auth/auth-batch/src/main/java/org/onap/aaf/auth/helpers/Perm.java
index acfb3390..799ce4df 100644
--- a/auth/auth-batch/src/main/java/org/onap/aaf/auth/helpers/Perm.java
+++ b/auth/auth-batch/src/main/java/org/onap/aaf/auth/helpers/Perm.java
@@ -40,135 +40,135 @@ import com.datastax.driver.core.Statement;
public class Perm implements Comparable<Perm> {
public static final TreeMap<Perm,Set<String>> data = new TreeMap<>();
public static final TreeMap<String,Perm> keys = new TreeMap<>();
- private static List<Perm> deletePerms = new ArrayList<>();
-
- public final String ns, type, instance, action,description;
- private String fullType = null, fullPerm = null, encode = null;
- public final Set<String> roles;
-
- public String encode() {
- if(encode == null) {
- encode = ns + '|' + type + '|' + instance + '|' + action;
- }
- return encode;
- }
-
- public String fullType() {
- if(fullType==null) {
- fullType = ns + '.' + type;
- }
- return fullType;
- }
-
- public String fullPerm() {
- if(fullPerm==null) {
- fullPerm = ns + '.' + type + '|' + instance + '|' + action;
- }
- return fullPerm;
- }
-
- public Perm(String ns, String type, String instance, String action, String description, Set<String> roles) {
- this.ns = ns;
- this.type = type;
- this.instance = instance;
- this.action = action;
- this.description = description;
- // 2.0.11
-// this.full = encode();//ns+'.'+type+'|'+instance+'|'+action;
- this.roles = roles;
- }
-
- public static void load(Trans trans, Session session) {
+ private static List<Perm> deletePerms = new ArrayList<>();
+
+ public final String ns, type, instance, action,description;
+ private String fullType = null, fullPerm = null, encode = null;
+ public final Set<String> roles;
+
+ public String encode() {
+ if(encode == null) {
+ encode = ns + '|' + type + '|' + instance + '|' + action;
+ }
+ return encode;
+ }
+
+ public String fullType() {
+ if(fullType==null) {
+ fullType = ns + '.' + type;
+ }
+ return fullType;
+ }
+
+ public String fullPerm() {
+ if(fullPerm==null) {
+ fullPerm = ns + '.' + type + '|' + instance + '|' + action;
+ }
+ return fullPerm;
+ }
+
+ public Perm(String ns, String type, String instance, String action, String description, Set<String> roles) {
+ this.ns = ns;
+ this.type = type;
+ this.instance = instance;
+ this.action = action;
+ this.description = description;
+ // 2.0.11
+// this.full = encode();//ns+'.'+type+'|'+instance+'|'+action;
+ this.roles = roles;
+ }
+
+ public static void load(Trans trans, Session session) {
load(trans, session, "select ns, type, instance, action, description, roles from authz.perm;");
- }
-
- public static void loadOneNS(Trans trans, Session session, String ns) {
+ }
+
+ public static void loadOneNS(Trans trans, Session session, String ns) {
load(trans, session, "select ns, type, instance, action, description, roles from authz.perm WHERE ns='" + ns + "';");
- }
+ }
- private static void load(Trans trans, Session session, String query) {
+ private static void load(Trans trans, Session session, String query) {
//
trans.info().log( "query: " + query );
TimeTaken tt = trans.start("Read Perms", Env.REMOTE);
ResultSet results;
- try {
- Statement stmt = new SimpleStatement( query );
- results = session.execute(stmt);
+ try {
+ Statement stmt = new SimpleStatement( query );
+ results = session.execute(stmt);
} finally {
- tt.done();
+ tt.done();
}
try {
- Iterator<Row> iter = results.iterator();
- Row row;
- tt = trans.start("Load Perms", Env.SUB);
- try {
- while(iter.hasNext()) {
- row = iter.next();
- Perm pk = new Perm(
- row.getString(0),row.getString(1),row.getString(2),
- row.getString(3), row.getString(4), row.getSet(5,String.class));
- keys.put(pk.encode(), pk);
- data.put(pk,pk.roles);
- }
- } finally {
- tt.done();
- }
+ Iterator<Row> iter = results.iterator();
+ Row row;
+ tt = trans.start("Load Perms", Env.SUB);
+ try {
+ while(iter.hasNext()) {
+ row = iter.next();
+ Perm pk = new Perm(
+ row.getString(0),row.getString(1),row.getString(2),
+ row.getString(3), row.getString(4), row.getSet(5,String.class));
+ keys.put(pk.encode(), pk);
+ data.put(pk,pk.roles);
+ }
+ } finally {
+ tt.done();
+ }
} finally {
- trans.info().log("Found",data.size(),"perms");
+ trans.info().log("Found",data.size(),"perms");
}
- }
+ }
- public static long count(Trans trans, Session session) {
- String query = "select count(*) from authz.perm LIMIT 1000000;";
+ public static long count(Trans trans, Session session) {
+ String query = "select count(*) from authz.perm LIMIT 1000000;";
trans.info().log( "query: " + query );
TimeTaken tt = trans.start("Count Namespaces", Env.REMOTE);
ResultSet results;
try {
- Statement stmt = new SimpleStatement(query).setReadTimeoutMillis(12000);
- results = session.execute(stmt);
- return results.one().getLong(0);
+ Statement stmt = new SimpleStatement(query).setReadTimeoutMillis(12000);
+ results = session.execute(stmt);
+ return results.one().getLong(0);
} finally {
- tt.done();
+ tt.done();
+ }
+ }
+
+ public String toString() {
+ return encode();
+ }
+
+ /* (non-Javadoc)
+ * @see java.lang.Object#hashCode()
+ */
+ @Override
+ public int hashCode() {
+ return encode().hashCode();
+ }
+
+ /* (non-Javadoc)
+ * @see java.lang.Object#equals(java.lang.Object)
+ */
+ @Override
+ public boolean equals(Object obj) {
+ return encode().equals(obj);
+ }
+
+ @Override
+ public int compareTo(Perm o) {
+ return encode().compareTo(o.encode());
+ }
+
+ public static void stageRemove(Perm p) {
+ deletePerms.add(p);
+ }
+
+ public static void executeRemove() {
+ for(Perm p : deletePerms) {
+ keys.remove(p.encode);
+ data.remove(p);
}
- }
-
- public String toString() {
- return encode();
- }
-
- /* (non-Javadoc)
- * @see java.lang.Object#hashCode()
- */
- @Override
- public int hashCode() {
- return encode().hashCode();
- }
-
- /* (non-Javadoc)
- * @see java.lang.Object#equals(java.lang.Object)
- */
- @Override
- public boolean equals(Object obj) {
- return encode().equals(obj);
- }
-
- @Override
- public int compareTo(Perm o) {
- return encode().compareTo(o.encode());
- }
-
- public static void stageRemove(Perm p) {
- deletePerms.add(p);
- }
-
- public static void executeRemove() {
- for(Perm p : deletePerms) {
- keys.remove(p.encode);
- data.remove(p);
- }
- deletePerms.clear();
- }
+ deletePerms.clear();
+ }
} \ No newline at end of file
diff --git a/auth/auth-batch/src/main/java/org/onap/aaf/auth/helpers/Role.java b/auth/auth-batch/src/main/java/org/onap/aaf/auth/helpers/Role.java
index a173c4fa..46d3cced 100644
--- a/auth/auth-batch/src/main/java/org/onap/aaf/auth/helpers/Role.java
+++ b/auth/auth-batch/src/main/java/org/onap/aaf/auth/helpers/Role.java
@@ -42,134 +42,134 @@ public class Role implements Comparable<Role> {
public static final TreeMap<Role,Set<String>> data = new TreeMap<>();
public static final TreeMap<String,Role> keys = new TreeMap<>();
public static final TreeMap<String,Role> byName = new TreeMap<>();
- private static List<Role> deleteRoles = new ArrayList<>();
-
- public final String ns, name, description;
- private String full, encode;
- public final Set<String> perms;
-
- public Role(String full) {
- ns = name = description = "";
- this.full = full;
- perms = new HashSet<>();
- }
-
- public Role(String ns, String name, String description,Set<String> perms) {
- this.ns = ns;
- this.name = name;
- this.description = description;
- this.full = null;
- this.encode = null;
- this.perms = perms;
- }
-
- public String encode() {
- if(encode==null) {
- encode = ns + '|' + name;
- }
- return encode;
- }
-
- public String fullName() {
- if(full==null) {
- full = ns + '.' + name;
- }
- return full;
- }
-
- public static void load(Trans trans, Session session ) {
- load(trans,session,"select ns, name, description, perms from authz.role;");
- }
-
- public static void loadOneNS(Trans trans, Session session, String ns ) {
- load(trans,session,"select ns, name, description, perms from authz.role WHERE ns='" + ns + "';");
- }
-
- private static void load(Trans trans, Session session, String query) {
+ private static List<Role> deleteRoles = new ArrayList<>();
+
+ public final String ns, name, description;
+ private String full, encode;
+ public final Set<String> perms;
+
+ public Role(String full) {
+ ns = name = description = "";
+ this.full = full;
+ perms = new HashSet<>();
+ }
+
+ public Role(String ns, String name, String description,Set<String> perms) {
+ this.ns = ns;
+ this.name = name;
+ this.description = description;
+ this.full = null;
+ this.encode = null;
+ this.perms = perms;
+ }
+
+ public String encode() {
+ if(encode==null) {
+ encode = ns + '|' + name;
+ }
+ return encode;
+ }
+
+ public String fullName() {
+ if(full==null) {
+ full = ns + '.' + name;
+ }
+ return full;
+ }
+
+ public static void load(Trans trans, Session session ) {
+ load(trans,session,"select ns, name, description, perms from authz.role;");
+ }
+
+ public static void loadOneNS(Trans trans, Session session, String ns ) {
+ load(trans,session,"select ns, name, description, perms from authz.role WHERE ns='" + ns + "';");
+ }
+
+ private static void load(Trans trans, Session session, String query) {
trans.info().log( "query: " + query );
TimeTaken tt = trans.start("Read Roles", Env.REMOTE);
ResultSet results;
- try {
- Statement stmt = new SimpleStatement( query );
- results = session.execute(stmt);
+ try {
+ Statement stmt = new SimpleStatement( query );
+ results = session.execute(stmt);
} finally {
- tt.done();
+ tt.done();
}
try {
- Iterator<Row> iter = results.iterator();
- Row row;
- tt = trans.start("Load Roles", Env.SUB);
- try {
- while(iter.hasNext()) {
- row = iter.next();
- Role rk =new Role(row.getString(0),row.getString(1), row.getString(2),row.getSet(3,String.class));
- keys.put(rk.encode(), rk);
- data.put(rk,rk.perms);
- byName.put(rk.fullName(), rk);
- }
- } finally {
- tt.done();
- }
+ Iterator<Row> iter = results.iterator();
+ Row row;
+ tt = trans.start("Load Roles", Env.SUB);
+ try {
+ while(iter.hasNext()) {
+ row = iter.next();
+ Role rk =new Role(row.getString(0),row.getString(1), row.getString(2),row.getSet(3,String.class));
+ keys.put(rk.encode(), rk);
+ data.put(rk,rk.perms);
+ byName.put(rk.fullName(), rk);
+ }
+ } finally {
+ tt.done();
+ }
} finally {
- trans.info().log("Found",data.size(),"roles");
+ trans.info().log("Found",data.size(),"roles");
}
- }
-
- public static long count(Trans trans, Session session) {
- String query = "select count(*) from authz.role LIMIT 1000000;";
+ }
+
+ public static long count(Trans trans, Session session) {
+ String query = "select count(*) from authz.role LIMIT 1000000;";
trans.info().log( "query: " + query );
TimeTaken tt = trans.start("Count Namespaces", Env.REMOTE);
ResultSet results;
try {
- Statement stmt = new SimpleStatement(query).setReadTimeoutMillis(12000);
- results = session.execute(stmt);
- return results.one().getLong(0);
+ Statement stmt = new SimpleStatement(query).setReadTimeoutMillis(12000);
+ results = session.execute(stmt);
+ return results.one().getLong(0);
} finally {
- tt.done();
+ tt.done();
+ }
+ }
+
+ public String toString() {
+ return encode();
+ }
+
+ /* (non-Javadoc)
+ * @see java.lang.Object#hashCode()
+ */
+ @Override
+ public int hashCode() {
+ return encode().hashCode();
+ }
+
+ /* (non-Javadoc)
+ * @see java.lang.Object#equals(java.lang.Object)
+ */
+ @Override
+ public boolean equals(Object obj) {
+ return encode().equals(obj);
+ }
+
+ @Override
+ public int compareTo(Role o) {
+ return encode().compareTo(o.encode());
+ }
+
+ public static String fullName(String role) {
+ return role.replace('|', '.');
+ }
+
+ public static void stageRemove(Role r) {
+ deleteRoles.add(r);
+ }
+
+ public static void executeRemove() {
+ for(Role p : deleteRoles) {
+ keys.remove(p.encode);
+ data.remove(p);
}
- }
-
- public String toString() {
- return encode();
- }
-
- /* (non-Javadoc)
- * @see java.lang.Object#hashCode()
- */
- @Override
- public int hashCode() {
- return encode().hashCode();
- }
-
- /* (non-Javadoc)
- * @see java.lang.Object#equals(java.lang.Object)
- */
- @Override
- public boolean equals(Object obj) {
- return encode().equals(obj);
- }
-
- @Override
- public int compareTo(Role o) {
- return encode().compareTo(o.encode());
- }
-
- public static String fullName(String role) {
- return role.replace('|', '.');
- }
-
- public static void stageRemove(Role r) {
- deleteRoles.add(r);
- }
-
- public static void executeRemove() {
- for(Role p : deleteRoles) {
- keys.remove(p.encode);
- data.remove(p);
- }
- deleteRoles.clear();
- }
+ deleteRoles.clear();
+ }
} \ No newline at end of file
diff --git a/auth/auth-batch/src/main/java/org/onap/aaf/auth/helpers/UserRole.java b/auth/auth-batch/src/main/java/org/onap/aaf/auth/helpers/UserRole.java
index 288211e6..fab9233d 100644
--- a/auth/auth-batch/src/main/java/org/onap/aaf/auth/helpers/UserRole.java
+++ b/auth/auth-batch/src/main/java/org/onap/aaf/auth/helpers/UserRole.java
@@ -46,254 +46,254 @@ import com.datastax.driver.core.Statement;
public class UserRole implements Cloneable, CacheChange.Data {
- private static final String SEPARATOR = "\",\"";
-
- // CACHE Calling
- private static final String LOG_FMT = "%s UserRole - %s: %s-%s (%s, %s) expiring %s";
- private static final String REPLAY_FMT = "%s|%s|%s|%s|%s\n";
- private static final String DELETE_FMT = "# %s\n"+ REPLAY_FMT;
-
- private static final List<UserRole> data = new ArrayList<>();
- private static final SortedMap<String,List<UserRole>> byUser = new TreeMap<>();
- private static final SortedMap<String,List<UserRole>> byRole = new TreeMap<>();
- private static final CacheChange<UserRole> cache = new CacheChange<>();
- private static PrintStream urDelete = System.out;
- private static PrintStream urRecover = System.err;
- private static int totalLoaded;
- private int deleted;
- private Data urdd;
-
- public static final Creator<UserRole> v2_0_11 = new Creator<UserRole>() {
- @Override
- public UserRole create(Row row) {
- return new UserRole(row.getString(0), row.getString(1), row.getString(2),row.getString(3),row.getTimestamp(4));
- }
-
- @Override
- public String select() {
- return "select user,role,ns,rname,expires from authz.user_role";
- }
- };
-
- public UserRole(String user, String ns, String rname, Date expires) {
- urdd = new UserRoleDAO.Data();
- urdd.user = user;
- urdd.role = ns + '.' + rname;
- urdd.ns = ns;
- urdd.rname = rname;
- urdd.expires = expires;
- }
-
- public UserRole(String user, String role, String ns, String rname, Date expires) {
- urdd = new UserRoleDAO.Data();
- urdd.user = user;
- urdd.role = role;
- urdd.ns = ns;
- urdd.rname = rname;
- urdd.expires = expires;
- }
-
- public static List<UserRole> getData() {
- return data;
- }
-
- public static SortedMap<String, List<UserRole>> getByUser() {
- return byUser;
- }
-
- public static SortedMap<String, List<UserRole>> getByRole() {
- return byRole;
- }
-
- public static void load(Trans trans, Session session, Creator<UserRole> creator ) {
- load(trans,session,creator,null);
- }
-
- public static void loadOneRole(Trans trans, Session session, Creator<UserRole> creator, String role) {
- load(trans,session,creator,"role='" + role +"' ALLOW FILTERING;");
- }
-
- public static void loadOneUser(Trans trans, Session session, Creator<UserRole> creator, String user ) {
- load(trans,session,creator,"role='"+ user +"';");
- }
-
- private static void load(Trans trans, Session session, Creator<UserRole> creator, String where) {
- String query = creator.query(where);
- trans.info().log( "query: " + query );
- TimeTaken tt = trans.start("Read UserRoles", Env.REMOTE);
-
- ResultSet results;
- try {
- Statement stmt = new SimpleStatement( query );
- results = session.execute(stmt);
+ private static final String SEPARATOR = "\",\"";
+
+ // CACHE Calling
+ private static final String LOG_FMT = "%s UserRole - %s: %s-%s (%s, %s) expiring %s";
+ private static final String REPLAY_FMT = "%s|%s|%s|%s|%s\n";
+ private static final String DELETE_FMT = "# %s\n"+ REPLAY_FMT;
+
+ private static final List<UserRole> data = new ArrayList<>();
+ private static final SortedMap<String,List<UserRole>> byUser = new TreeMap<>();
+ private static final SortedMap<String,List<UserRole>> byRole = new TreeMap<>();
+ private static final CacheChange<UserRole> cache = new CacheChange<>();
+ private static PrintStream urDelete = System.out;
+ private static PrintStream urRecover = System.err;
+ private static int totalLoaded;
+ private int deleted;
+ private Data urdd;
+
+ public static final Creator<UserRole> v2_0_11 = new Creator<UserRole>() {
+ @Override
+ public UserRole create(Row row) {
+ return new UserRole(row.getString(0), row.getString(1), row.getString(2),row.getString(3),row.getTimestamp(4));
+ }
+
+ @Override
+ public String select() {
+ return "select user,role,ns,rname,expires from authz.user_role";
+ }
+ };
+
+ public UserRole(String user, String ns, String rname, Date expires) {
+ urdd = new UserRoleDAO.Data();
+ urdd.user = user;
+ urdd.role = ns + '.' + rname;
+ urdd.ns = ns;
+ urdd.rname = rname;
+ urdd.expires = expires;
+ }
+
+ public UserRole(String user, String role, String ns, String rname, Date expires) {
+ urdd = new UserRoleDAO.Data();
+ urdd.user = user;
+ urdd.role = role;
+ urdd.ns = ns;
+ urdd.rname = rname;
+ urdd.expires = expires;
+ }
+
+ public static List<UserRole> getData() {
+ return data;
+ }
+
+ public static SortedMap<String, List<UserRole>> getByUser() {
+ return byUser;
+ }
+
+ public static SortedMap<String, List<UserRole>> getByRole() {
+ return byRole;
+ }
+
+ public static void load(Trans trans, Session session, Creator<UserRole> creator ) {
+ load(trans,session,creator,null);
+ }
+
+ public static void loadOneRole(Trans trans, Session session, Creator<UserRole> creator, String role) {
+ load(trans,session,creator,"role='" + role +"' ALLOW FILTERING;");
+ }
+
+ public static void loadOneUser(Trans trans, Session session, Creator<UserRole> creator, String user ) {
+ load(trans,session,creator,"role='"+ user +"';");
+ }
+
+ private static void load(Trans trans, Session session, Creator<UserRole> creator, String where) {
+ String query = creator.query(where);
+ trans.info().log( "query: " + query );
+ TimeTaken tt = trans.start("Read UserRoles", Env.REMOTE);
+
+ ResultSet results;
+ try {
+ Statement stmt = new SimpleStatement( query );
+ results = session.execute(stmt);
} finally {
- tt.done();
+ tt.done();
}
try {
- tt = trans.start("Load UserRole", Env.SUB);
- try {
- iterateResults(creator, results.iterator());
- } finally {
- tt.done();
- }
+ tt = trans.start("Load UserRole", Env.SUB);
+ try {
+ iterateResults(creator, results.iterator());
+ } finally {
+ tt.done();
+ }
} finally {
- trans.info().log("Loaded",totalLoaded,"UserRoles");
+ trans.info().log("Loaded",totalLoaded,"UserRoles");
}
- }
-
- private static void iterateResults(Creator<UserRole> creator, Iterator<Row> iter ) {
- Row row;
- while(iter.hasNext()) {
- ++totalLoaded;
- row = iter.next();
- UserRole ur = creator.create(row);
- data.add(ur);
-
- List<UserRole> lur = byUser.get(ur.urdd.user);
- if(lur==null) {
- lur = new ArrayList<>();
- byUser.put(ur.urdd.user, lur);
- }
- lur.add(ur);
-
- lur = byRole.get(ur.urdd.role);
- if(lur==null) {
- lur = new ArrayList<>();
- byRole.put(ur.urdd.role, lur);
- }
- lur.add(ur);
- }
- }
-
- public int totalLoaded() {
- return totalLoaded;
- }
-
- public int deleted() {
- return deleted;
- }
-
- @Override
- public void expunge() {
- data.remove(this);
-
- List<UserRole> lur = byUser.get(urdd.user);
- if(lur!=null) {
- lur.remove(this);
- }
-
- lur = byRole.get(urdd.role);
- if(lur!=null) {
- lur.remove(this);
- }
- }
-
- public static void setDeleteStream(PrintStream ds) {
- urDelete = ds;
- }
-
- public static void setRecoverStream(PrintStream ds) {
- urRecover = ds;
- }
-
- public static long count(Trans trans, Session session) {
- String query = "select count(*) from authz.user_role LIMIT 1000000;";
+ }
+
+ private static void iterateResults(Creator<UserRole> creator, Iterator<Row> iter ) {
+ Row row;
+ while(iter.hasNext()) {
+ ++totalLoaded;
+ row = iter.next();
+ UserRole ur = creator.create(row);
+ data.add(ur);
+
+ List<UserRole> lur = byUser.get(ur.urdd.user);
+ if(lur==null) {
+ lur = new ArrayList<>();
+ byUser.put(ur.urdd.user, lur);
+ }
+ lur.add(ur);
+
+ lur = byRole.get(ur.urdd.role);
+ if(lur==null) {
+ lur = new ArrayList<>();
+ byRole.put(ur.urdd.role, lur);
+ }
+ lur.add(ur);
+ }
+ }
+
+ public int totalLoaded() {
+ return totalLoaded;
+ }
+
+ public int deleted() {
+ return deleted;
+ }
+
+ @Override
+ public void expunge() {
+ data.remove(this);
+
+ List<UserRole> lur = byUser.get(urdd.user);
+ if(lur!=null) {
+ lur.remove(this);
+ }
+
+ lur = byRole.get(urdd.role);
+ if(lur!=null) {
+ lur.remove(this);
+ }
+ }
+
+ public static void setDeleteStream(PrintStream ds) {
+ urDelete = ds;
+ }
+
+ public static void setRecoverStream(PrintStream ds) {
+ urRecover = ds;
+ }
+
+ public static long count(Trans trans, Session session) {
+ String query = "select count(*) from authz.user_role LIMIT 1000000;";
trans.info().log( "query: " + query );
TimeTaken tt = trans.start("Count Namespaces", Env.REMOTE);
ResultSet results;
try {
- Statement stmt = new SimpleStatement(query).setReadTimeoutMillis(12000);
- results = session.execute(stmt);
- return results.one().getLong(0);
+ Statement stmt = new SimpleStatement(query).setReadTimeoutMillis(12000);
+ results = session.execute(stmt);
+ return results.one().getLong(0);
} finally {
- tt.done();
+ tt.done();
+ }
+ }
+
+ public UserRoleDAO.Data urdd() {
+ return urdd;
+ }
+
+ public String user() {
+ return urdd.user;
+ }
+
+ public String role() {
+ return urdd.role;
+ }
+
+ public String ns() {
+ return urdd.ns;
+ }
+
+ public String rname() {
+ return urdd.rname;
+ }
+
+ public Date expires() {
+ return urdd.expires;
+ }
+
+ public void expires(Date time) {
+ urdd.expires = time;
+ }
+
+ public String toString() {
+ return "\"" + urdd.user + SEPARATOR + urdd.role + SEPARATOR + urdd.ns + SEPARATOR + urdd.rname + SEPARATOR
+ + Chrono.dateOnlyStamp(urdd.expires);
+ }
+
+ public static UserRole get(String u, String r) {
+ List<UserRole> lur = byUser.get(u);
+ if(lur!=null) {
+ for(UserRole ur : lur) {
+
+ if(ur.urdd.role.equals(r)) {
+ return ur;
+ }
+ }
+ }
+ return null;
+ }
+
+ // SAFETY - DO NOT DELETE USER ROLES DIRECTLY FROM BATCH FILES!!!
+ // We write to a file, and validate. If the size is iffy, we email Support
+ public void delayDelete(AuthzTrans trans, String text, boolean dryRun) {
+ String dt = Chrono.dateTime(urdd.expires);
+ if(dryRun) {
+ trans.info().printf(LOG_FMT,text,"Would Delete",urdd.user,urdd.role,urdd.ns,urdd.rname,dt);
+ } else {
+ trans.info().printf(LOG_FMT,text,"Staged Deletion",urdd.user,urdd.role,urdd.ns,urdd.rname,dt);
+ }
+ urDelete.printf(DELETE_FMT,text,urdd.user,urdd.role,dt,urdd.ns,urdd.rname);
+ urRecover.printf(REPLAY_FMT,urdd.user,urdd.role,dt,urdd.ns,urdd.rname);
+
+ cache.delayedDelete(this);
+ ++deleted;
+ }
+
+
+ /**
+ * Calls expunge() for all deleteCached entries
+ */
+ public static void resetLocalData() {
+ cache.resetLocalData();
+ }
+
+ public static int sizeForDeletion() {
+ return cache.cacheSize();
+ }
+
+ public static boolean pendingDelete(UserRole ur) {
+ return cache.contains(ur);
+ }
+
+ public static void actuateDeletionNow(AuthzTrans trans, URDelete directDel) {
+ for(UserRole ur : cache.getRemoved()) {
+ directDel.exec(trans, ur, "Actuating UserRole Deletion");
}
- }
-
- public UserRoleDAO.Data urdd() {
- return urdd;
- }
-
- public String user() {
- return urdd.user;
- }
-
- public String role() {
- return urdd.role;
- }
-
- public String ns() {
- return urdd.ns;
- }
-
- public String rname() {
- return urdd.rname;
- }
-
- public Date expires() {
- return urdd.expires;
- }
-
- public void expires(Date time) {
- urdd.expires = time;
- }
-
- public String toString() {
- return "\"" + urdd.user + SEPARATOR + urdd.role + SEPARATOR + urdd.ns + SEPARATOR + urdd.rname + SEPARATOR
- + Chrono.dateOnlyStamp(urdd.expires);
- }
-
- public static UserRole get(String u, String r) {
- List<UserRole> lur = byUser.get(u);
- if(lur!=null) {
- for(UserRole ur : lur) {
-
- if(ur.urdd.role.equals(r)) {
- return ur;
- }
- }
- }
- return null;
- }
-
- // SAFETY - DO NOT DELETE USER ROLES DIRECTLY FROM BATCH FILES!!!
- // We write to a file, and validate. If the size is iffy, we email Support
- public void delayDelete(AuthzTrans trans, String text, boolean dryRun) {
- String dt = Chrono.dateTime(urdd.expires);
- if(dryRun) {
- trans.info().printf(LOG_FMT,text,"Would Delete",urdd.user,urdd.role,urdd.ns,urdd.rname,dt);
- } else {
- trans.info().printf(LOG_FMT,text,"Staged Deletion",urdd.user,urdd.role,urdd.ns,urdd.rname,dt);
- }
- urDelete.printf(DELETE_FMT,text,urdd.user,urdd.role,dt,urdd.ns,urdd.rname);
- urRecover.printf(REPLAY_FMT,urdd.user,urdd.role,dt,urdd.ns,urdd.rname);
-
- cache.delayedDelete(this);
- ++deleted;
- }
-
-
- /**
- * Calls expunge() for all deleteCached entries
- */
- public static void resetLocalData() {
- cache.resetLocalData();
- }
-
- public static int sizeForDeletion() {
- return cache.cacheSize();
- }
-
- public static boolean pendingDelete(UserRole ur) {
- return cache.contains(ur);
- }
-
- public static void actuateDeletionNow(AuthzTrans trans, URDelete directDel) {
- for(UserRole ur : cache.getRemoved()) {
- directDel.exec(trans, ur, "Actuating UserRole Deletion");
- }
- cache.getRemoved().clear();
- cache.resetLocalData();
- }
+ cache.getRemoved().clear();
+ cache.resetLocalData();
+ }
} \ No newline at end of file
diff --git a/auth/auth-batch/src/main/java/org/onap/aaf/auth/javax/JavaxMailer.java b/auth/auth-batch/src/main/java/org/onap/aaf/auth/javax/JavaxMailer.java
index 17921c8a..4555857a 100644
--- a/auth/auth-batch/src/main/java/org/onap/aaf/auth/javax/JavaxMailer.java
+++ b/auth/auth-batch/src/main/java/org/onap/aaf/auth/javax/JavaxMailer.java
@@ -36,125 +36,125 @@ import org.onap.aaf.auth.org.Mailer;
import org.onap.aaf.auth.org.OrganizationException;
public class JavaxMailer implements Mailer {
- private Session session;
-
- public JavaxMailer() {
-
- // Get the default Session object.
- session = Session.getDefaultInstance(System.getProperties());
-
- }
-
- @Override
- public int sendEmail(AuthzTrans trans, boolean testMode, String mailFrom, List<String> to, List<String> cc, String subject, String body,
- Boolean urgent) throws OrganizationException {
-
- int status = 1;
-
-
- try {
- // Create a default MimeMessage object.
- MimeMessage message = new MimeMessage(session);
-
- // Set From: header field of the header.
- message.setFrom(new InternetAddress(mailFrom));
-
- if (!testMode) {
- // Set To: header field of the header. This is a required field
- // and calling module should make sure that it is not null or
- // blank
- message.addRecipients(Message.RecipientType.TO,getAddresses(to));
-
- // Set CC: header field of the header.
- if ((cc != null) && (cc.size() > 0)) {
- message.addRecipients(Message.RecipientType.CC,getAddresses(cc));
- }
-
- // Set Subject: header field
- message.setSubject(subject);
-
- if (urgent) {
- message.addHeader("X-Priority", "1");
- }
-
- // Now set the actual message
- message.setText(body);
- } else {
-
- // override recipients
- message.addRecipients(Message.RecipientType.TO,
- InternetAddress.parse(mailFrom));
-
- // Set Subject: header field
- message.setSubject("[TESTMODE] " + subject);
-
- if (urgent) {
- message.addHeader("X-Priority", "1");
- }
-
- ArrayList<String> newBody = new ArrayList<>();
-
- Address temp[] = getAddresses(to);
- String headerString = "TO:\t" + InternetAddress.toString(temp) + "\n";
-
- temp = getAddresses(cc);
- headerString += "CC:\t" + InternetAddress.toString(temp) + "\n";
-
- newBody.add(headerString);
-
- newBody.add("Text: \n");
-
- newBody.add(body);
- String outString = "";
- for (String s : newBody) {
- outString += s + "\n";
- }
-
- message.setText(outString);
- }
- // Send message
- Transport.send(message);
- status = 0;
-
- } catch (MessagingException mex) {
- System.out.println("Error messaging: "+ mex.getMessage());
- System.out.println("Error messaging: "+ mex.toString());
- throw new OrganizationException("Exception send email message "
- + mex.getMessage());
- }
-
- return status;
- }
-
- /**
- * Convert the delimiter String into Internet addresses with the default
- * delimiter of ";"
- * @param strAddress
- * @return
- */
- private Address[] getAddresses(List<String> strAddress) throws OrganizationException {
- return this.getAddresses(strAddress,";");
- }
- /**
- * Convert the delimiter String into Internet addresses with the
- * delimiter of provided
- * @param strAddresses
- * @param delimiter
- * @return
- */
- private Address[] getAddresses(List<String> strAddresses, String delimiter) throws OrganizationException {
- Address[] addressArray = new Address[strAddresses.size()];
- int count = 0;
- for (String addr : strAddresses)
- {
- try{
- addressArray[count] = new InternetAddress(addr);
- count++;
- }catch(Exception e){
- throw new OrganizationException("Failed to parse the email address "+ addr +": "+e.getMessage());
- }
- }
- return addressArray;
- }
+ private Session session;
+
+ public JavaxMailer() {
+
+ // Get the default Session object.
+ session = Session.getDefaultInstance(System.getProperties());
+
+ }
+
+ @Override
+ public int sendEmail(AuthzTrans trans, boolean testMode, String mailFrom, List<String> to, List<String> cc, String subject, String body,
+ Boolean urgent) throws OrganizationException {
+
+ int status = 1;
+
+
+ try {
+ // Create a default MimeMessage object.
+ MimeMessage message = new MimeMessage(session);
+
+ // Set From: header field of the header.
+ message.setFrom(new InternetAddress(mailFrom));
+
+ if (!testMode) {
+ // Set To: header field of the header. This is a required field
+ // and calling module should make sure that it is not null or
+ // blank
+ message.addRecipients(Message.RecipientType.TO,getAddresses(to));
+
+ // Set CC: header field of the header.
+ if ((cc != null) && (cc.size() > 0)) {
+ message.addRecipients(Message.RecipientType.CC,getAddresses(cc));
+ }
+
+ // Set Subject: header field
+ message.setSubject(subject);
+
+ if (urgent) {
+ message.addHeader("X-Priority", "1");
+ }
+
+ // Now set the actual message
+ message.setText(body);
+ } else {
+
+ // override recipients
+ message.addRecipients(Message.RecipientType.TO,
+ InternetAddress.parse(mailFrom));
+
+ // Set Subject: header field
+ message.setSubject("[TESTMODE] " + subject);
+
+ if (urgent) {
+ message.addHeader("X-Priority", "1");
+ }
+
+ ArrayList<String> newBody = new ArrayList<>();
+
+ Address temp[] = getAddresses(to);
+ String headerString = "TO:\t" + InternetAddress.toString(temp) + "\n";
+
+ temp = getAddresses(cc);
+ headerString += "CC:\t" + InternetAddress.toString(temp) + "\n";
+
+ newBody.add(headerString);
+
+ newBody.add("Text: \n");
+
+ newBody.add(body);
+ String outString = "";
+ for (String s : newBody) {
+ outString += s + "\n";
+ }
+
+ message.setText(outString);
+ }
+ // Send message
+ Transport.send(message);
+ status = 0;
+
+ } catch (MessagingException mex) {
+ System.out.println("Error messaging: "+ mex.getMessage());
+ System.out.println("Error messaging: "+ mex.toString());
+ throw new OrganizationException("Exception send email message "
+ + mex.getMessage());
+ }
+
+ return status;
+ }
+
+ /**
+ * Convert the delimiter String into Internet addresses with the default
+ * delimiter of ";"
+ * @param strAddress
+ * @return
+ */
+ private Address[] getAddresses(List<String> strAddress) throws OrganizationException {
+ return this.getAddresses(strAddress,";");
+ }
+ /**
+ * Convert the delimiter String into Internet addresses with the
+ * delimiter of provided
+ * @param strAddresses
+ * @param delimiter
+ * @return
+ */
+ private Address[] getAddresses(List<String> strAddresses, String delimiter) throws OrganizationException {
+ Address[] addressArray = new Address[strAddresses.size()];
+ int count = 0;
+ for (String addr : strAddresses)
+ {
+ try{
+ addressArray[count] = new InternetAddress(addr);
+ count++;
+ }catch(Exception e){
+ throw new OrganizationException("Failed to parse the email address "+ addr +": "+e.getMessage());
+ }
+ }
+ return addressArray;
+ }
}
diff --git a/auth/auth-batch/src/main/java/org/onap/aaf/auth/reports/ExpiringNext.java b/auth/auth-batch/src/main/java/org/onap/aaf/auth/reports/ExpiringNext.java
index 67282915..886bd56a 100644
--- a/auth/auth-batch/src/main/java/org/onap/aaf/auth/reports/ExpiringNext.java
+++ b/auth/auth-batch/src/main/java/org/onap/aaf/auth/reports/ExpiringNext.java
@@ -41,29 +41,29 @@ import org.onap.aaf.misc.env.TimeTaken;
import org.onap.aaf.misc.env.util.Chrono;
public class ExpiringNext extends Batch {
-
- public ExpiringNext(AuthzTrans trans) throws APIException, IOException, OrganizationException {
- super(trans.env());
- trans.info().log("Starting Connection Process");
-
- TimeTaken tt0 = trans.start("Cassandra Initialization", Env.SUB);
- try {
- TimeTaken tt = trans.start("Connect to Cluster", Env.REMOTE);
- try {
- session = cluster.connect();
- } finally {
- tt.done();
- }
+
+ public ExpiringNext(AuthzTrans trans) throws APIException, IOException, OrganizationException {
+ super(trans.env());
+ trans.info().log("Starting Connection Process");
+
+ TimeTaken tt0 = trans.start("Cassandra Initialization", Env.SUB);
+ try {
+ TimeTaken tt = trans.start("Connect to Cluster", Env.REMOTE);
+ try {
+ session = cluster.connect();
+ } finally {
+ tt.done();
+ }
- UserRole.load(trans, session, UserRole.v2_0_11);
- Cred.load(trans, session);
- } finally {
- tt0.done();
- }
- }
+ UserRole.load(trans, session, UserRole.v2_0_11);
+ Cred.load(trans, session);
+ } finally {
+ tt0.done();
+ }
+ }
- @Override
- protected void run(AuthzTrans trans) {
+ @Override
+ protected void run(AuthzTrans trans) {
GregorianCalendar gc = new GregorianCalendar();
Date now = gc.getTime();
gc.add(GregorianCalendar.WEEK_OF_MONTH, 2);
@@ -76,68 +76,68 @@ public class ExpiringNext extends Batch {
List<String> expiring = new ArrayList<>();
trans.info().log("Checking for Expired UserRoles");
- for(UserRole ur : UserRole.getData()) {
- if(ur.expires().after(now)) {
- if(ur.expires().before(twoWeeks)) {
- expiring.add(Chrono.dateOnlyStamp(ur.expires()) + ":\t" + ur.user() + '\t' + ur.role());
- }
- if(ur.expires().before(earliestUR)) {
- earliestUR = ur.expires();
- }
- }
- }
+ for(UserRole ur : UserRole.getData()) {
+ if(ur.expires().after(now)) {
+ if(ur.expires().before(twoWeeks)) {
+ expiring.add(Chrono.dateOnlyStamp(ur.expires()) + ":\t" + ur.user() + '\t' + ur.role());
+ }
+ if(ur.expires().before(earliestUR)) {
+ earliestUR = ur.expires();
+ }
+ }
+ }
- if(expiring.size()>0) {
- Collections.sort(expiring,Collections.reverseOrder());
- for(String s : expiring) {
- System.err.print('\t');
- System.err.println(s);
- }
- trans.info().printf("Earliest Expiring UR is %s\n\n", Chrono.dateOnlyStamp(earliestUR));
- } else {
- trans.info().printf("No Expiring UserRoles within 2 weeks");
- }
-
- expiring.clear();
-
+ if(expiring.size()>0) {
+ Collections.sort(expiring,Collections.reverseOrder());
+ for(String s : expiring) {
+ System.err.print('\t');
+ System.err.println(s);
+ }
+ trans.info().printf("Earliest Expiring UR is %s\n\n", Chrono.dateOnlyStamp(earliestUR));
+ } else {
+ trans.info().printf("No Expiring UserRoles within 2 weeks");
+ }
+
+ expiring.clear();
+
trans.info().log("Checking for Expired Credentials");
- for( Cred creds : Cred.data.values()) {
- Instance lastInstance=null;
- for(Instance inst : creds.instances) {
- if(inst.type==CredDAO.BASIC_AUTH || inst.type==CredDAO.BASIC_AUTH_SHA256) {
- if(lastInstance == null || inst.expires.after(lastInstance.expires)) {
- lastInstance = inst;
- }
- }
- }
- if(lastInstance!=null) {
- if(lastInstance.expires.after(now)) {
- if(lastInstance.expires.before(twoWeeks)) {
- expiring.add(Chrono.dateOnlyStamp(lastInstance.expires) + ": \t" + creds.id);
- }
- }
- if(lastInstance.expires.before(earliestCred)) {
- earliestCred = lastInstance.expires;
- }
- }
- }
-
- if(expiring.size()>0) {
- Collections.sort(expiring,Collections.reverseOrder());
- for(String s : expiring) {
- System.err.print('\t');
- System.err.println(s);
- }
- trans.info().printf("Earliest Expiring Cred is %s\n\n", Chrono.dateOnlyStamp(earliestCred));
- } else {
- trans.info().printf("No Expiring Creds within 2 weeks");
- }
+ for( Cred creds : Cred.data.values()) {
+ Instance lastInstance=null;
+ for(Instance inst : creds.instances) {
+ if(inst.type==CredDAO.BASIC_AUTH || inst.type==CredDAO.BASIC_AUTH_SHA256) {
+ if(lastInstance == null || inst.expires.after(lastInstance.expires)) {
+ lastInstance = inst;
+ }
+ }
+ }
+ if(lastInstance!=null) {
+ if(lastInstance.expires.after(now)) {
+ if(lastInstance.expires.before(twoWeeks)) {
+ expiring.add(Chrono.dateOnlyStamp(lastInstance.expires) + ": \t" + creds.id);
+ }
+ }
+ if(lastInstance.expires.before(earliestCred)) {
+ earliestCred = lastInstance.expires;
+ }
+ }
+ }
+
+ if(expiring.size()>0) {
+ Collections.sort(expiring,Collections.reverseOrder());
+ for(String s : expiring) {
+ System.err.print('\t');
+ System.err.println(s);
+ }
+ trans.info().printf("Earliest Expiring Cred is %s\n\n", Chrono.dateOnlyStamp(earliestCred));
+ } else {
+ trans.info().printf("No Expiring Creds within 2 weeks");
+ }
- }
-
- @Override
- protected void _close(AuthzTrans trans) {
+ }
+
+ @Override
+ protected void _close(AuthzTrans trans) {
session.close();
- }
+ }
}
diff --git a/auth/auth-batch/src/main/java/org/onap/aaf/auth/update/Expiring.java b/auth/auth-batch/src/main/java/org/onap/aaf/auth/update/Expiring.java
index e12a452a..868811a3 100644
--- a/auth/auth-batch/src/main/java/org/onap/aaf/auth/update/Expiring.java
+++ b/auth/auth-batch/src/main/java/org/onap/aaf/auth/update/Expiring.java
@@ -67,98 +67,98 @@ import org.onap.aaf.misc.env.TimeTaken;
import org.onap.aaf.misc.env.util.Chrono;
public class Expiring extends Batch {
- private CredPrint crPrint;
- private URFutureApprove urFutureApprove;
- private URFutureApproveExec urFutureApproveExec;
- private CredDelete crDelete;
- private URDelete urDelete;
- private final CacheTouch cacheTouch;
- private final AuthzTrans noAvg;
- private final ApprovalDAO apprDAO;
- private final FutureDAO futureDAO;
- private final PrintStream urDeleteF,urRecoverF;
- private final URPrint urPrint;
- private Email email;
- private File deletesFile;
+ private CredPrint crPrint;
+ private URFutureApprove urFutureApprove;
+ private URFutureApproveExec urFutureApproveExec;
+ private CredDelete crDelete;
+ private URDelete urDelete;
+ private final CacheTouch cacheTouch;
+ private final AuthzTrans noAvg;
+ private final ApprovalDAO apprDAO;
+ private final FutureDAO futureDAO;
+ private final PrintStream urDeleteF,urRecoverF;
+ private final URPrint urPrint;
+ private Email email;
+ private File deletesFile;
- public Expiring(AuthzTrans trans) throws APIException, IOException, OrganizationException {
- super(trans.env());
- trans.info().log("Starting Connection Process");
-
- noAvg = env.newTransNoAvg();
- noAvg.setUser(new BatchPrincipal("batch:Expiring"));
-
- TimeTaken tt0 = trans.start("Cassandra Initialization", Env.SUB);
- try {
- crPrint = new CredPrint("Expired:");
+ public Expiring(AuthzTrans trans) throws APIException, IOException, OrganizationException {
+ super(trans.env());
+ trans.info().log("Starting Connection Process");
+
+ noAvg = env.newTransNoAvg();
+ noAvg.setUser(new BatchPrincipal("batch:Expiring"));
+
+ TimeTaken tt0 = trans.start("Cassandra Initialization", Env.SUB);
+ try {
+ crPrint = new CredPrint("Expired:");
- TimeTaken tt = trans.start("Connect to Cluster with DAOs", Env.REMOTE);
- try {
- urFutureApprove = new URFutureApprove(trans, cluster,isDryRun());
- checkOrganizationAcccess(trans, urFutureApprove.question());
- urFutureApproveExec = new URFutureApproveExec(trans, urFutureApprove);
- urPrint = new URPrint("User Roles:");
- crDelete = new CredDelete(trans, urFutureApprove);
- urDelete = new URDelete(trans,urFutureApprove);
- cacheTouch = new CacheTouch(trans, urFutureApprove);
-
- // Reusing... don't destroy
- apprDAO = urFutureApprove.question().approvalDAO;
- futureDAO = urFutureApprove.question().futureDAO;
+ TimeTaken tt = trans.start("Connect to Cluster with DAOs", Env.REMOTE);
+ try {
+ urFutureApprove = new URFutureApprove(trans, cluster,isDryRun());
+ checkOrganizationAcccess(trans, urFutureApprove.question());
+ urFutureApproveExec = new URFutureApproveExec(trans, urFutureApprove);
+ urPrint = new URPrint("User Roles:");
+ crDelete = new CredDelete(trans, urFutureApprove);
+ urDelete = new URDelete(trans,urFutureApprove);
+ cacheTouch = new CacheTouch(trans, urFutureApprove);
+
+ // Reusing... don't destroy
+ apprDAO = urFutureApprove.question().approvalDAO;
+ futureDAO = urFutureApprove.question().futureDAO;
- TimeTaken tt2 = trans.start("Connect to Cluster", Env.REMOTE);
- try {
- session = urFutureApprove.getSession(trans);
- } finally {
- tt2.done();
- }
- } finally {
- tt.done();
- }
-
- File data_dir = new File(env.getProperty("aaf_data_dir"));
- if(!data_dir.exists() || !data_dir.canWrite() || !data_dir.canRead()) {
- throw new IOException("Cannot read/write to Data Directory "+ data_dir.getCanonicalPath() + ": EXITING!!!");
- }
- UserRole.setDeleteStream(
- urDeleteF = new PrintStream(new FileOutputStream(deletesFile = new File(data_dir,"UserRoleDeletes.dat"),false)));
- UserRole.setRecoverStream(
- urRecoverF = new PrintStream(new FileOutputStream(new File(data_dir,"UserRoleRecover.dat"),false)));
- UserRole.load(trans, session, UserRole.v2_0_11);
-
- Cred.load(trans, session);
- NS.load(trans, session,NS.v2_0_11);
- Future.load(trans,session,Future.withConstruct);
- Approval.load(trans,session,Approval.v2_0_17);
- Role.load(trans, session);
-
- email = new Email();
- email.subject("AAF Expiring Process Alert (ENV: %s)",batchEnv);
- email.preamble("Expiring Process Alert for %s",batchEnv);
- email.signature("Sincerely,\nAAF Expiring Batch Process\n");
- String address = env.getProperty("ALERT_TO_ADDRESS");
- if(address==null) {
- throw new APIException("ALERT_TO_ADDRESS property is required");
- }
- email.addTo(address);
-
- } catch (OrganizationException e) {
- throw new APIException("Error getting valid Organization",e);
- } finally {
- tt0.done();
- }
- }
+ TimeTaken tt2 = trans.start("Connect to Cluster", Env.REMOTE);
+ try {
+ session = urFutureApprove.getSession(trans);
+ } finally {
+ tt2.done();
+ }
+ } finally {
+ tt.done();
+ }
+
+ File data_dir = new File(env.getProperty("aaf_data_dir"));
+ if(!data_dir.exists() || !data_dir.canWrite() || !data_dir.canRead()) {
+ throw new IOException("Cannot read/write to Data Directory "+ data_dir.getCanonicalPath() + ": EXITING!!!");
+ }
+ UserRole.setDeleteStream(
+ urDeleteF = new PrintStream(new FileOutputStream(deletesFile = new File(data_dir,"UserRoleDeletes.dat"),false)));
+ UserRole.setRecoverStream(
+ urRecoverF = new PrintStream(new FileOutputStream(new File(data_dir,"UserRoleRecover.dat"),false)));
+ UserRole.load(trans, session, UserRole.v2_0_11);
+
+ Cred.load(trans, session);
+ NS.load(trans, session,NS.v2_0_11);
+ Future.load(trans,session,Future.withConstruct);
+ Approval.load(trans,session,Approval.v2_0_17);
+ Role.load(trans, session);
+
+ email = new Email();
+ email.subject("AAF Expiring Process Alert (ENV: %s)",batchEnv);
+ email.preamble("Expiring Process Alert for %s",batchEnv);
+ email.signature("Sincerely,\nAAF Expiring Batch Process\n");
+ String address = env.getProperty("ALERT_TO_ADDRESS");
+ if(address==null) {
+ throw new APIException("ALERT_TO_ADDRESS property is required");
+ }
+ email.addTo(address);
+
+ } catch (OrganizationException e) {
+ throw new APIException("Error getting valid Organization",e);
+ } finally {
+ tt0.done();
+ }
+ }
- @Override
- protected void run(AuthzTrans trans) {
- // Setup Date boundaries
-
+ @Override
+ protected void run(AuthzTrans trans) {
+ // Setup Date boundaries
+
final GregorianCalendar gc = new GregorianCalendar();
final Date now = gc.getTime();
gc.add(GregorianCalendar.MONTH, 1);
Date future = gc.getTime();
-// Date earliest = null;
+// Date earliest = null;
// reset
gc.setTime(now);
@@ -167,290 +167,290 @@ public class Expiring extends Batch {
TimeTaken tt;
- // Clean out Approvals UserRoles are fixed up.
- String memo;
- for(List<Approval> la : Approval.byUser.values()) {
- for(Approval a : la ) {
- memo = a.getMemo();
- if(memo!=null && (memo.contains("Re-Approval") || memo.contains("Re-Validate"))) {
- String role = a.getRole();
- if(role!=null) {
- UserRole ur = UserRole.get(a.getUser(), a.getRole());
- Future f=null;
- if(ur!=null) {
- if(ur.expires().after(future)) { // no need for Approval anymore
- a.delayDelete(noAvg, apprDAO, dryRun, "User Role already Extended");
- UUID tkt = a.getTicket();
- if(tkt!=null && Future.data.containsKey(tkt)) {
- f = Future.data.get(a.getTicket());
- }
- }
- } else {
- a.delayDelete(noAvg, apprDAO, dryRun, "User Role does not exist");
- UUID tkt = a.getTicket();
- if(tkt !=null && Future.data.containsKey(tkt)) {
- f = Future.data.get(a.getTicket());
- }
- }
- if(f!=null) {
- f.delayedDelete(noAvg, futureDAO, dryRun, "Approvals removed");
- }
- }
- }
- }
- }
- try {
- trans.info().log("### Removed",Future.sizeForDeletion(),"Future and",Approval.sizeForDeletion(),"Approvals");
- Future.resetLocalData();
- Approval.resetLocalData();
- } catch (Exception t) {
- t.printStackTrace();
- }
-
+ // Clean out Approvals UserRoles are fixed up.
+ String memo;
+ for(List<Approval> la : Approval.byUser.values()) {
+ for(Approval a : la ) {
+ memo = a.getMemo();
+ if(memo!=null && (memo.contains("Re-Approval") || memo.contains("Re-Validate"))) {
+ String role = a.getRole();
+ if(role!=null) {
+ UserRole ur = UserRole.get(a.getUser(), a.getRole());
+ Future f=null;
+ if(ur!=null) {
+ if(ur.expires().after(future)) { // no need for Approval anymore
+ a.delayDelete(noAvg, apprDAO, dryRun, "User Role already Extended");
+ UUID tkt = a.getTicket();
+ if(tkt!=null && Future.data.containsKey(tkt)) {
+ f = Future.data.get(a.getTicket());
+ }
+ }
+ } else {
+ a.delayDelete(noAvg, apprDAO, dryRun, "User Role does not exist");
+ UUID tkt = a.getTicket();
+ if(tkt !=null && Future.data.containsKey(tkt)) {
+ f = Future.data.get(a.getTicket());
+ }
+ }
+ if(f!=null) {
+ f.delayedDelete(noAvg, futureDAO, dryRun, "Approvals removed");
+ }
+ }
+ }
+ }
+ }
+ try {
+ trans.info().log("### Removed",Future.sizeForDeletion(),"Future and",Approval.sizeForDeletion(),"Approvals");
+ Future.resetLocalData();
+ Approval.resetLocalData();
+ } catch (Exception t) {
+ t.printStackTrace();
+ }
+
// Run for Expired Futures
trans.info().log("Checking for Expired Approval/Futures");
tt = trans.start("Delete old Futures", Env.REMOTE);
- trans.info().log("### Running Future Execution on ",Future.data.size(), "Items");
- // Execute any Futures waiting
- for(Future f : Future.data.values()) {
- if(f.memo().contains("Re-Approval") || f.memo().contains("Re-Validate")) {
- List<Approval> la = Approval.byTicket.get(f.id());
- if(la!=null) {
- Result<OP_STATUS> ruf = urFutureApproveExec.exec(noAvg,la,f);
- if(ruf.isOK()) {
- switch(ruf.value) {
- case P:
- break;
- case E:
- case D:
- case L:
- f.delayedDelete(noAvg, futureDAO, dryRun,OP_STATUS.L.desc());
- Approval.delayDelete(noAvg, apprDAO, dryRun, la,OP_STATUS.L.desc());
- break;
- }
- }
- }
- }
- }
- try {
- trans.info().log("### Removed",Future.sizeForDeletion(),"Future and",Approval.sizeForDeletion(),"Approvals");
- Future.resetLocalData();
- Approval.resetLocalData();
- } catch (Exception t) {
- t.printStackTrace();
- }
+ trans.info().log("### Running Future Execution on ",Future.data.size(), "Items");
+ // Execute any Futures waiting
+ for(Future f : Future.data.values()) {
+ if(f.memo().contains("Re-Approval") || f.memo().contains("Re-Validate")) {
+ List<Approval> la = Approval.byTicket.get(f.id());
+ if(la!=null) {
+ Result<OP_STATUS> ruf = urFutureApproveExec.exec(noAvg,la,f);
+ if(ruf.isOK()) {
+ switch(ruf.value) {
+ case P:
+ break;
+ case E:
+ case D:
+ case L:
+ f.delayedDelete(noAvg, futureDAO, dryRun,OP_STATUS.L.desc());
+ Approval.delayDelete(noAvg, apprDAO, dryRun, la,OP_STATUS.L.desc());
+ break;
+ }
+ }
+ }
+ }
+ }
+ try {
+ trans.info().log("### Removed",Future.sizeForDeletion(),"Future and",Approval.sizeForDeletion(),"Approvals");
+ Future.resetLocalData();
+ Approval.resetLocalData();
+ } catch (Exception t) {
+ t.printStackTrace();
+ }
-
- trans.info().log("### Remove Expired on ",Future.data.size(), "Items, or premature ones");
- // Remove Expired
- String expiredBeforeNow = "Expired before " + tooLate;
- String expiredAfterFuture = "Expired after " + future;
+
+ trans.info().log("### Remove Expired on ",Future.data.size(), "Items, or premature ones");
+ // Remove Expired
+ String expiredBeforeNow = "Expired before " + tooLate;
+ String expiredAfterFuture = "Expired after " + future;
try {
- for(Future f : Future.data.values()) {
- if(f.expires().before(tooLate)) {
- f.delayedDelete(noAvg,futureDAO,dryRun, expiredBeforeNow);
- Approval.delayDelete(noAvg, apprDAO, dryRun, Approval.byTicket.get(f.id()), expiredBeforeNow);
- } else if(f.expires().after(future)) {
- f.delayedDelete(noAvg,futureDAO,dryRun, expiredAfterFuture);
- Approval.delayDelete(noAvg,apprDAO,dryRun, Approval.byTicket.get(f.id()), expiredAfterFuture);
- }
- }
- try {
- trans.info().log("### Removed",Future.sizeForDeletion(),"Future and",Approval.sizeForDeletion(),"Approvals");
- Future.resetLocalData();
- Approval.resetLocalData();
- } catch (Exception t) {
- t.printStackTrace();
- }
+ for(Future f : Future.data.values()) {
+ if(f.expires().before(tooLate)) {
+ f.delayedDelete(noAvg,futureDAO,dryRun, expiredBeforeNow);
+ Approval.delayDelete(noAvg, apprDAO, dryRun, Approval.byTicket.get(f.id()), expiredBeforeNow);
+ } else if(f.expires().after(future)) {
+ f.delayedDelete(noAvg,futureDAO,dryRun, expiredAfterFuture);
+ Approval.delayDelete(noAvg,apprDAO,dryRun, Approval.byTicket.get(f.id()), expiredAfterFuture);
+ }
+ }
+ try {
+ trans.info().log("### Removed",Future.sizeForDeletion(),"Future and",Approval.sizeForDeletion(),"Approvals");
+ Future.resetLocalData();
+ Approval.resetLocalData();
+ } catch (Exception t) {
+ t.printStackTrace();
+ }
} finally {
- tt.done();
+ tt.done();
}
- trans.info().log("### Checking Approvals valid (",Approval.byApprover.size(),"Items)");
+ trans.info().log("### Checking Approvals valid (",Approval.byApprover.size(),"Items)");
// Make sure users of Approvals are still valid
for(List<Approval> lapp : Approval.byTicket.values()) {
- for(Approval app : lapp) {
- Future f;
- if(app.getTicket()==null) {
- f = null;
- } else {
- f = Future.data.get(app.getTicket());
- if(Future.pendingDelete(f)) {
- f=null;
- }
- }
- String msg;
- if(f!=null && app.getRole()!=null && Role.byName.get(app.getRole())==null) {
- f.delayedDelete(noAvg,futureDAO,dryRun,msg="Role '" + app.getRole() + "' no longer exists");
- Approval.delayDelete(noAvg,apprDAO,dryRun, Approval.byTicket.get(f.id()), msg);
- continue;
- }
-
- switch(app.getStatus()) {
- case "pending":
- if(f==null) {
- app.delayDelete(noAvg,apprDAO, isDryRun(), "ticketDeleted");
- continue;
- }
- switch(app.getType()) {
- case "owner":
- boolean anOwner=false;
- String approle = app.getRole();
- if(approle!=null) {
- Role role = Role.byName.get(approle);
- if(role==null) {
- app.delayDelete(noAvg, apprDAO, dryRun, "Role No Longer Exists");
- continue;
- } else {
- // Make sure Owner Role exists
- String owner = role.ns + ".owner";
- if(Role.byName.containsKey(owner)) {
- List<UserRole> lur = UserRole.getByRole().get(owner);
- if(lur != null) {
- for(UserRole ur : lur) {
- if(ur.user().equals(app.getApprover())) {
- anOwner = true;
- break;
- }
- }
- }
- }
- }
- if(!anOwner) {
- app.delayDelete(noAvg, apprDAO, dryRun, "No longer Owner");
- }
-
- }
- break;
- case "supervisor":
- try {
- Identity identity = org.getIdentity(noAvg, app.getUser());
- if(identity==null) {
- if(f!=null) {
- f.delayedDelete(noAvg,futureDAO,dryRun,msg = app.getUser() + " is no longer associated with " + org.getName());
- Approval.delayDelete(noAvg,apprDAO,dryRun, Approval.byTicket.get(f.id()), msg);
- }
- } else {
- if(!app.getApprover().equals(identity.responsibleTo().fullID())) {
- if(f!=null) {
- f.delayedDelete(noAvg,futureDAO,dryRun,msg = app.getApprover() + " is no longer a Supervisor of " + app.getUser());
- Approval.delayDelete(noAvg,apprDAO,dryRun, Approval.byTicket.get(f.id()), msg);
- }
- }
- }
- } catch (OrganizationException e) {
- e.printStackTrace();
- }
- break;
- }
- break;
- }
- }
+ for(Approval app : lapp) {
+ Future f;
+ if(app.getTicket()==null) {
+ f = null;
+ } else {
+ f = Future.data.get(app.getTicket());
+ if(Future.pendingDelete(f)) {
+ f=null;
+ }
+ }
+ String msg;
+ if(f!=null && app.getRole()!=null && Role.byName.get(app.getRole())==null) {
+ f.delayedDelete(noAvg,futureDAO,dryRun,msg="Role '" + app.getRole() + "' no longer exists");
+ Approval.delayDelete(noAvg,apprDAO,dryRun, Approval.byTicket.get(f.id()), msg);
+ continue;
+ }
+
+ switch(app.getStatus()) {
+ case "pending":
+ if(f==null) {
+ app.delayDelete(noAvg,apprDAO, isDryRun(), "ticketDeleted");
+ continue;
+ }
+ switch(app.getType()) {
+ case "owner":
+ boolean anOwner=false;
+ String approle = app.getRole();
+ if(approle!=null) {
+ Role role = Role.byName.get(approle);
+ if(role==null) {
+ app.delayDelete(noAvg, apprDAO, dryRun, "Role No Longer Exists");
+ continue;
+ } else {
+ // Make sure Owner Role exists
+ String owner = role.ns + ".owner";
+ if(Role.byName.containsKey(owner)) {
+ List<UserRole> lur = UserRole.getByRole().get(owner);
+ if(lur != null) {
+ for(UserRole ur : lur) {
+ if(ur.user().equals(app.getApprover())) {
+ anOwner = true;
+ break;
+ }
+ }
+ }
+ }
+ }
+ if(!anOwner) {
+ app.delayDelete(noAvg, apprDAO, dryRun, "No longer Owner");
+ }
+
+ }
+ break;
+ case "supervisor":
+ try {
+ Identity identity = org.getIdentity(noAvg, app.getUser());
+ if(identity==null) {
+ if(f!=null) {
+ f.delayedDelete(noAvg,futureDAO,dryRun,msg = app.getUser() + " is no longer associated with " + org.getName());
+ Approval.delayDelete(noAvg,apprDAO,dryRun, Approval.byTicket.get(f.id()), msg);
+ }
+ } else {
+ if(!app.getApprover().equals(identity.responsibleTo().fullID())) {
+ if(f!=null) {
+ f.delayedDelete(noAvg,futureDAO,dryRun,msg = app.getApprover() + " is no longer a Supervisor of " + app.getUser());
+ Approval.delayDelete(noAvg,apprDAO,dryRun, Approval.byTicket.get(f.id()), msg);
+ }
+ }
+ }
+ } catch (OrganizationException e) {
+ e.printStackTrace();
+ }
+ break;
+ }
+ break;
+ }
+ }
}
- try {
- trans.info().log("### Removed",Future.sizeForDeletion(),"Future and",Approval.sizeForDeletion(),"Approvals");
- Future.resetLocalData();
- Approval.resetLocalData();
- } catch (Exception t) {
- t.printStackTrace();
- }
+ try {
+ trans.info().log("### Removed",Future.sizeForDeletion(),"Future and",Approval.sizeForDeletion(),"Approvals");
+ Future.resetLocalData();
+ Approval.resetLocalData();
+ } catch (Exception t) {
+ t.printStackTrace();
+ }
int count = 0, deleted=0, delayedURDeletes = 0;
// Run for User Roles
trans.info().log("Checking for Expired User Roles");
try {
- for(UserRole ur : UserRole.getData()) {
- if(org.getIdentity(noAvg, ur.user())==null) { // if not part of Organization;
- if(isSpecial(ur.user())) {
- trans.info().log(ur.user(),"is not part of organization, but may not be deleted");
- } else {
- ur.delayDelete(noAvg, "Not Part of Organization", dryRun);
- ++deleted;
- ++delayedURDeletes;
- }
- } else {
- if(NS.data.get(ur.ns())==null) {
- ur.delayDelete(noAvg,"Namespace " + ur.ns() + " does not exist.",dryRun);
- ++delayedURDeletes;
- ++deleted;
- } else if(!Role.byName.containsKey(ur.role())) {
- ur.delayDelete(noAvg,"Role " + ur.role() + " does not exist.",dryRun);
- ++deleted;
- ++delayedURDeletes;
- } else if(ur.expires().before(tooLate)) {
- if("owner".equals(ur.rname())) { // don't delete Owners, even if Expired
- urPrint.exec(noAvg,ur,"Owner Expired (but not deleted)");
- } else {
- // In this case, when UR is expired, not dependent on other lookups, we delete straight out.
- urDelete.exec(noAvg, ur,"Expired before " + tooLate);
- ++deleted;
- }
- //trans.logAuditTrail(trans.info());
- } else if(ur.expires().before(future) && ur.expires().after(now)) {
- ++count;
- // Is there an Approval set already
- boolean needNew = true;
- if(ur.role()!=null && ur.user()!=null) {
- List<Approval> abm = Approval.byUser.get(ur.user());
- if(abm!=null) {
- for(Approval a : abm) {
- if(a.getOperation().equals(FUTURE_OP.A.name()) && ur.role().equals(a.getRole())) {
- if(Future.data.get(a.getTicket())!=null) {
- needNew = false;
- break;
- }
- }
- }
- }
- }
- if(needNew) {
- urFutureApprove.exec(noAvg, ur,"");
- }
- }
- }
- }
- } catch (OrganizationException e) {
- env.info().log(e,"Exiting ...");
- } finally {
- env.info().log("Found",count,"user roles expiring before",future);
- env.info().log("deleting",deleted,"user roles expiring before",tooLate);
+ for(UserRole ur : UserRole.getData()) {
+ if(org.getIdentity(noAvg, ur.user())==null) { // if not part of Organization;
+ if(isSpecial(ur.user())) {
+ trans.info().log(ur.user(),"is not part of organization, but may not be deleted");
+ } else {
+ ur.delayDelete(noAvg, "Not Part of Organization", dryRun);
+ ++deleted;
+ ++delayedURDeletes;
+ }
+ } else {
+ if(NS.data.get(ur.ns())==null) {
+ ur.delayDelete(noAvg,"Namespace " + ur.ns() + " does not exist.",dryRun);
+ ++delayedURDeletes;
+ ++deleted;
+ } else if(!Role.byName.containsKey(ur.role())) {
+ ur.delayDelete(noAvg,"Role " + ur.role() + " does not exist.",dryRun);
+ ++deleted;
+ ++delayedURDeletes;
+ } else if(ur.expires().before(tooLate)) {
+ if("owner".equals(ur.rname())) { // don't delete Owners, even if Expired
+ urPrint.exec(noAvg,ur,"Owner Expired (but not deleted)");
+ } else {
+ // In this case, when UR is expired, not dependent on other lookups, we delete straight out.
+ urDelete.exec(noAvg, ur,"Expired before " + tooLate);
+ ++deleted;
+ }
+ //trans.logAuditTrail(trans.info());
+ } else if(ur.expires().before(future) && ur.expires().after(now)) {
+ ++count;
+ // Is there an Approval set already
+ boolean needNew = true;
+ if(ur.role()!=null && ur.user()!=null) {
+ List<Approval> abm = Approval.byUser.get(ur.user());
+ if(abm!=null) {
+ for(Approval a : abm) {
+ if(a.getOperation().equals(FUTURE_OP.A.name()) && ur.role().equals(a.getRole())) {
+ if(Future.data.get(a.getTicket())!=null) {
+ needNew = false;
+ break;
+ }
+ }
+ }
+ }
+ }
+ if(needNew) {
+ urFutureApprove.exec(noAvg, ur,"");
+ }
+ }
+ }
+ }
+ } catch (OrganizationException e) {
+ env.info().log(e,"Exiting ...");
+ } finally {
+ env.info().log("Found",count,"user roles expiring before",future);
+ env.info().log("deleting",deleted,"user roles expiring before",tooLate);
}
// Actualize UR Deletes, or send Email
if(UserRole.sizeForDeletion()>0) {
- count+=UserRole.sizeForDeletion();
+ count+=UserRole.sizeForDeletion();
double onePercent = 0.01;
- if(((double)UserRole.sizeForDeletion())/UserRole.getData().size() > onePercent) {
- Message msg = new Message();
- try {
- msg.line("Found %d of %d UserRoles marked for Deletion in file %s",
- delayedURDeletes,UserRole.getData().size(),deletesFile.getCanonicalPath());
- } catch (IOException e) {
- msg.line("Found %d of %d UserRoles marked for Deletion.\n",
- delayedURDeletes);
- }
- msg.line("Review the File. If data is ok, Use ExpiringP2 BatchProcess to complete the deletions");
-
- email.msg(msg);
- email.exec(trans, org, "Email Support");
- } else {
- urDeleteF.flush();
- try {
- BufferedReader br = new BufferedReader(new FileReader(deletesFile));
- try {
- ExpiringP2.deleteURs(noAvg, br, urDelete, null /* don't touch Cache here*/);
- } finally {
- br.close();
- }
- } catch (IOException io) {
- noAvg.error().log(io);
- }
- }
+ if(((double)UserRole.sizeForDeletion())/UserRole.getData().size() > onePercent) {
+ Message msg = new Message();
+ try {
+ msg.line("Found %d of %d UserRoles marked for Deletion in file %s",
+ delayedURDeletes,UserRole.getData().size(),deletesFile.getCanonicalPath());
+ } catch (IOException e) {
+ msg.line("Found %d of %d UserRoles marked for Deletion.\n",
+ delayedURDeletes);
+ }
+ msg.line("Review the File. If data is ok, Use ExpiringP2 BatchProcess to complete the deletions");
+
+ email.msg(msg);
+ email.exec(trans, org, "Email Support");
+ } else {
+ urDeleteF.flush();
+ try {
+ BufferedReader br = new BufferedReader(new FileReader(deletesFile));
+ try {
+ ExpiringP2.deleteURs(noAvg, br, urDelete, null /* don't touch Cache here*/);
+ } finally {
+ br.close();
+ }
+ } catch (IOException io) {
+ noAvg.error().log(io);
+ }
+ }
}
if(count>0) {
- String str = String.format("%d UserRoles modified or deleted", count);
- cacheTouch.exec(trans, "user_role", str);
+ String str = String.format("%d UserRoles modified or deleted", count);
+ cacheTouch.exec(trans, "user_role", str);
}
// Run for Creds
@@ -458,49 +458,49 @@ public class Expiring extends Batch {
System.out.flush();
count = 0;
try {
- CredDAO.Data crd = new CredDAO.Data();
- Date last = null;
- for( Cred creds : Cred.data.values()) {
- crd.id = creds.id;
- for(int type : creds.types()) {
- crd.type = type;
- for( Instance inst : creds.instances) {
- if(inst.expires.before(tooLate)) {
- crd.expires = inst.expires;
- crDelete.exec(noAvg, crd,"Expired before " + tooLate);
- } else if(last==null || inst.expires.after(last)) {
- last = inst.expires;
- }
- }
- if(last!=null) {
- if(last.before(future)) {
- crd.expires = last;
- crPrint.exec(noAvg, crd,"");
- ++count;
- }
- }
- }
- }
+ CredDAO.Data crd = new CredDAO.Data();
+ Date last = null;
+ for( Cred creds : Cred.data.values()) {
+ crd.id = creds.id;
+ for(int type : creds.types()) {
+ crd.type = type;
+ for( Instance inst : creds.instances) {
+ if(inst.expires.before(tooLate)) {
+ crd.expires = inst.expires;
+ crDelete.exec(noAvg, crd,"Expired before " + tooLate);
+ } else if(last==null || inst.expires.after(last)) {
+ last = inst.expires;
+ }
+ }
+ if(last!=null) {
+ if(last.before(future)) {
+ crd.expires = last;
+ crPrint.exec(noAvg, crd,"");
+ ++count;
+ }
+ }
+ }
+ }
} finally {
- String str = String.format("Found %d current creds expiring before %s", count, Chrono.dateOnlyStamp(future));
- if(count>0) {
- cacheTouch.exec(trans, "cred", str);
- }
+ String str = String.format("Found %d current creds expiring before %s", count, Chrono.dateOnlyStamp(future));
+ if(count>0) {
+ cacheTouch.exec(trans, "cred", str);
+ }
}
- }
-
- @Override
- protected void _close(AuthzTrans trans) {
+ }
+
+ @Override
+ protected void _close(AuthzTrans trans) {
aspr.info("End " + this.getClass().getSimpleName() + " processing" );
for(Action<?,?,?> action : new Action<?,?,?>[] {crDelete}) {
- if(action instanceof ActionDAO) {
- ((ActionDAO<?,?,?>)action).close(trans);
- }
+ if(action instanceof ActionDAO) {
+ ((ActionDAO<?,?,?>)action).close(trans);
+ }
}
session.close();
urDeleteF.close();
urRecoverF.close();
- }
+ }
}
diff --git a/auth/auth-batch/src/main/java/org/onap/aaf/auth/update/ExpiringP2.java b/auth/auth-batch/src/main/java/org/onap/aaf/auth/update/ExpiringP2.java
index 79e127da..f9797c86 100644
--- a/auth/auth-batch/src/main/java/org/onap/aaf/auth/update/ExpiringP2.java
+++ b/auth/auth-batch/src/main/java/org/onap/aaf/auth/update/ExpiringP2.java
@@ -46,113 +46,113 @@ import org.onap.aaf.misc.env.TimeTaken;
import org.onap.aaf.misc.env.util.Chrono;
public class ExpiringP2 extends Batch {
- private final URDelete urDelete;
- private final CacheTouch cacheTouch;
- private final AuthzTrans noAvg;
- private final BufferedReader urDeleteF;
+ private final URDelete urDelete;
+ private final CacheTouch cacheTouch;
+ private final AuthzTrans noAvg;
+ private final BufferedReader urDeleteF;
- public ExpiringP2(AuthzTrans trans) throws APIException, IOException, OrganizationException {
- super(trans.env());
- trans.info().log("Starting Connection Process");
-
- noAvg = env.newTransNoAvg();
- noAvg.setUser(new BatchPrincipal("batch:ExpiringP2"));
+ public ExpiringP2(AuthzTrans trans) throws APIException, IOException, OrganizationException {
+ super(trans.env());
+ trans.info().log("Starting Connection Process");
+
+ noAvg = env.newTransNoAvg();
+ noAvg.setUser(new BatchPrincipal("batch:ExpiringP2"));
- TimeTaken tt0 = trans.start("Cassandra Initialization", Env.SUB);
- try {
- urDelete = new URDelete(trans, cluster,isDryRun());
- TimeTaken tt2 = trans.start("Connect to Cluster", Env.REMOTE);
- try {
- session = urDelete.getSession(trans);
- } finally {
- tt2.done();
- }
- cacheTouch = new CacheTouch(trans,urDelete);
-
- File data_dir = new File(env.getProperty("aaf_data_dir"));
- if(!data_dir.exists() || !data_dir.canWrite() || !data_dir.canRead()) {
- throw new IOException("Cannot read/write to Data Directory "+ data_dir.getCanonicalPath() + ": EXITING!!!");
- }
- urDeleteF = new BufferedReader(new FileReader(new File(data_dir,"UserRoleDeletes.dat")));
-
- } finally {
- tt0.done();
- }
- }
+ TimeTaken tt0 = trans.start("Cassandra Initialization", Env.SUB);
+ try {
+ urDelete = new URDelete(trans, cluster,isDryRun());
+ TimeTaken tt2 = trans.start("Connect to Cluster", Env.REMOTE);
+ try {
+ session = urDelete.getSession(trans);
+ } finally {
+ tt2.done();
+ }
+ cacheTouch = new CacheTouch(trans,urDelete);
+
+ File data_dir = new File(env.getProperty("aaf_data_dir"));
+ if(!data_dir.exists() || !data_dir.canWrite() || !data_dir.canRead()) {
+ throw new IOException("Cannot read/write to Data Directory "+ data_dir.getCanonicalPath() + ": EXITING!!!");
+ }
+ urDeleteF = new BufferedReader(new FileReader(new File(data_dir,"UserRoleDeletes.dat")));
+
+ } finally {
+ tt0.done();
+ }
+ }
- @Override
- protected void run(AuthzTrans trans) {
- deleteURs(noAvg, urDeleteF, urDelete, cacheTouch);
- }
-
- public static void deleteURs(AuthzTrans trans, BufferedReader urDeleteF, URDelete urDelete, CacheTouch cacheTouch) {
- String line,prev="";
- try {
- UserRole ur;
- Map<String,Count> tally = new HashMap<>();
- int count=0;
- try {
- while((line=urDeleteF.readLine())!=null) {
- if(line.startsWith("#")) {
- Count cnt = tally.get(line);
- if(cnt==null) {
- tally.put(line, cnt=new Count());
- }
- cnt.inc();
- prev = line;
- } else {
- String[] l = Split.splitTrim('|', line);
- try {
- // Note: following default order from "COPY TO"
- ur = new UserRole(l[0],l[1],l[3],l[4],Chrono.iso8601Fmt.parse(l[2]));
- urDelete.exec(trans, ur, prev);
- ++count;
- } catch (ParseException e) {
- trans.error().log(e);
- }
- }
- }
-
- System.out.println("Tallies of UserRole Deletions");
- for(Entry<String, Count> es : tally.entrySet()) {
- System.out.printf(" %6d\t%20s\n", es.getValue().cnt,es.getKey());
- }
- } finally {
- if(cacheTouch!=null && count>0) {
- cacheTouch.exec(trans, "user_roles", "Removing UserRoles");
- }
- }
- } catch (IOException e) {
- trans.error().log(e);
- }
-
- }
- private static class Count {
- private int cnt=0;
-
- public /*synchonized*/ void inc() {
- ++cnt;
- }
-
- public String toString() {
- return Integer.toString(cnt);
- }
- }
-
- @Override
- protected void _close(AuthzTrans trans) {
+ @Override
+ protected void run(AuthzTrans trans) {
+ deleteURs(noAvg, urDeleteF, urDelete, cacheTouch);
+ }
+
+ public static void deleteURs(AuthzTrans trans, BufferedReader urDeleteF, URDelete urDelete, CacheTouch cacheTouch) {
+ String line,prev="";
+ try {
+ UserRole ur;
+ Map<String,Count> tally = new HashMap<>();
+ int count=0;
+ try {
+ while((line=urDeleteF.readLine())!=null) {
+ if(line.startsWith("#")) {
+ Count cnt = tally.get(line);
+ if(cnt==null) {
+ tally.put(line, cnt=new Count());
+ }
+ cnt.inc();
+ prev = line;
+ } else {
+ String[] l = Split.splitTrim('|', line);
+ try {
+ // Note: following default order from "COPY TO"
+ ur = new UserRole(l[0],l[1],l[3],l[4],Chrono.iso8601Fmt.parse(l[2]));
+ urDelete.exec(trans, ur, prev);
+ ++count;
+ } catch (ParseException e) {
+ trans.error().log(e);
+ }
+ }
+ }
+
+ System.out.println("Tallies of UserRole Deletions");
+ for(Entry<String, Count> es : tally.entrySet()) {
+ System.out.printf(" %6d\t%20s\n", es.getValue().cnt,es.getKey());
+ }
+ } finally {
+ if(cacheTouch!=null && count>0) {
+ cacheTouch.exec(trans, "user_roles", "Removing UserRoles");
+ }
+ }
+ } catch (IOException e) {
+ trans.error().log(e);
+ }
+
+ }
+ private static class Count {
+ private int cnt=0;
+
+ public /*synchonized*/ void inc() {
+ ++cnt;
+ }
+
+ public String toString() {
+ return Integer.toString(cnt);
+ }
+ }
+
+ @Override
+ protected void _close(AuthzTrans trans) {
aspr.info("End " + this.getClass().getSimpleName() + " processing" );
for(Action<?,?,?> action : new Action<?,?,?>[] {urDelete,cacheTouch}) {
- if(action instanceof ActionDAO) {
- ((ActionDAO<?,?,?>)action).close(trans);
- }
+ if(action instanceof ActionDAO) {
+ ((ActionDAO<?,?,?>)action).close(trans);
+ }
}
session.close();
try {
- urDeleteF.close();
- } catch (IOException e) {
- trans.error().log(e);
- }
- }
+ urDeleteF.close();
+ } catch (IOException e) {
+ trans.error().log(e);
+ }
+ }
}
diff --git a/auth/auth-batch/src/main/java/org/onap/aaf/auth/update/NotifyApprovals.java b/auth/auth-batch/src/main/java/org/onap/aaf/auth/update/NotifyApprovals.java
index 9653662c..8b12399d 100644
--- a/auth/auth-batch/src/main/java/org/onap/aaf/auth/update/NotifyApprovals.java
+++ b/auth/auth-batch/src/main/java/org/onap/aaf/auth/update/NotifyApprovals.java
@@ -50,187 +50,187 @@ import org.onap.aaf.misc.env.APIException;
import org.onap.aaf.misc.env.util.Chrono;
public class NotifyApprovals extends Batch {
- private static final String LINE = "----------------------------------------------------------------";
- private final HistoryDAO historyDAO;
- private final ApprovalDAO apprDAO;
- private final FutureDAO futureDAO;
- private Email email;
- private int maxEmails;
- private final PrintStream ps;
- private final AuthzTrans noAvg;
+ private static final String LINE = "----------------------------------------------------------------";
+ private final HistoryDAO historyDAO;
+ private final ApprovalDAO apprDAO;
+ private final FutureDAO futureDAO;
+ private Email email;
+ private int maxEmails;
+ private final PrintStream ps;
+ private final AuthzTrans noAvg;
- public NotifyApprovals(AuthzTrans trans) throws APIException, IOException, OrganizationException {
- super(trans.env());
-
- noAvg = env.newTransNoAvg();
- noAvg.setUser(new BatchPrincipal("batch:NotifyApprovals"));
+ public NotifyApprovals(AuthzTrans trans) throws APIException, IOException, OrganizationException {
+ super(trans.env());
+
+ noAvg = env.newTransNoAvg();
+ noAvg.setUser(new BatchPrincipal("batch:NotifyApprovals"));
- historyDAO = new HistoryDAO(trans, cluster, CassAccess.KEYSPACE);
- session = historyDAO.getSession(trans);
- apprDAO = new ApprovalDAO(trans, historyDAO);
- futureDAO = new FutureDAO(trans, historyDAO);
- if(isDryRun()) {
- email = new EmailPrint();
- maxEmails=3;
- } else {
- email = new Email();
- maxEmails = Integer.parseInt(trans.getProperty("MAX_EMAILS","3"));
- }
- email.subject("AAF Approval Notification (ENV: %s)",batchEnv);
- email.preamble("AAF (MOTS 22830) is the AT&T Authorization System used by many AT&T Tools and Applications." +
- "\n Your approval is required, which you may enter on the following page:"
- + "\n\n\t%s/approve\n\n"
- ,env.getProperty(GUI_URL));
- email.signature("Sincerely,\nAAF Team (Our MOTS# 22830)\n"
- + "https://wiki.web.att.com/display/aaf/Contact+Us\n"
- + "(Use 'Other Misc Requests (TOPS)')");
+ historyDAO = new HistoryDAO(trans, cluster, CassAccess.KEYSPACE);
+ session = historyDAO.getSession(trans);
+ apprDAO = new ApprovalDAO(trans, historyDAO);
+ futureDAO = new FutureDAO(trans, historyDAO);
+ if(isDryRun()) {
+ email = new EmailPrint();
+ maxEmails=3;
+ } else {
+ email = new Email();
+ maxEmails = Integer.parseInt(trans.getProperty("MAX_EMAILS","3"));
+ }
+ email.subject("AAF Approval Notification (ENV: %s)",batchEnv);
+ email.preamble("AAF (MOTS 22830) is the AT&T Authorization System used by many AT&T Tools and Applications." +
+ "\n Your approval is required, which you may enter on the following page:"
+ + "\n\n\t%s/approve\n\n"
+ ,env.getProperty(GUI_URL));
+ email.signature("Sincerely,\nAAF Team (Our MOTS# 22830)\n"
+ + "https://wiki.web.att.com/display/aaf/Contact+Us\n"
+ + "(Use 'Other Misc Requests (TOPS)')");
- Approval.load(trans, session, Approval.v2_0_17);
- Future.load(trans, session, Future.v2_0_17); // Skip the Construct Data
-
- ps = new PrintStream(new FileOutputStream(logDir() + "/email"+Chrono.dateOnlyStamp()+".log",true));
- ps.printf("### Approval Notify %s for %s%s\n",Chrono.dateTime(),batchEnv,dryRun?", DryRun":"");
- }
+ Approval.load(trans, session, Approval.v2_0_17);
+ Future.load(trans, session, Future.v2_0_17); // Skip the Construct Data
+
+ ps = new PrintStream(new FileOutputStream(logDir() + "/email"+Chrono.dateOnlyStamp()+".log",true));
+ ps.printf("### Approval Notify %s for %s%s\n",Chrono.dateTime(),batchEnv,dryRun?", DryRun":"");
+ }
- @Override
- protected void run(AuthzTrans trans) {
- GregorianCalendar gc = new GregorianCalendar();
- Date now = gc.getTime();
- String today = Chrono.dateOnlyStamp(now);
- gc.add(GregorianCalendar.MONTH, -1);
- gc=null;
+ @Override
+ protected void run(AuthzTrans trans) {
+ GregorianCalendar gc = new GregorianCalendar();
+ Date now = gc.getTime();
+ String today = Chrono.dateOnlyStamp(now);
+ gc.add(GregorianCalendar.MONTH, -1);
+ gc=null;
- Message msg = new Message();
- int emailCount = 0;
- List<Approval> pending = new ArrayList<>();
- boolean isOwner,isSupervisor;
- for(Entry<String, List<Approval>> es : Approval.byApprover.entrySet()) {
- isOwner = isSupervisor = false;
- String approver = es.getKey();
- if(approver.indexOf('@')<0) {
- approver += org.getRealm();
- }
- Date latestNotify=null, soonestExpire=null;
- GregorianCalendar latest=new GregorianCalendar();
- GregorianCalendar soonest=new GregorianCalendar();
- pending.clear();
-
- for(Approval app : es.getValue()) {
- Future f = app.getTicket()==null?null:Future.data.get(app.getTicket());
- if(f==null) { // only Ticketed Approvals are valid.. the others are records.
- // Approvals without Tickets are no longer valid.
- if("pending".equals(app.getStatus())) {
- app.setStatus("lapsed");
- app.update(noAvg,apprDAO,dryRun); // obeys dryRun
- }
- } else {
- if((soonestExpire==null && f.expires()!=null) || (soonestExpire!=null && f.expires()!=null && soonestExpire.before(f.expires()))) {
- soonestExpire=f.expires();
- }
+ Message msg = new Message();
+ int emailCount = 0;
+ List<Approval> pending = new ArrayList<>();
+ boolean isOwner,isSupervisor;
+ for(Entry<String, List<Approval>> es : Approval.byApprover.entrySet()) {
+ isOwner = isSupervisor = false;
+ String approver = es.getKey();
+ if(approver.indexOf('@')<0) {
+ approver += org.getRealm();
+ }
+ Date latestNotify=null, soonestExpire=null;
+ GregorianCalendar latest=new GregorianCalendar();
+ GregorianCalendar soonest=new GregorianCalendar();
+ pending.clear();
+
+ for(Approval app : es.getValue()) {
+ Future f = app.getTicket()==null?null:Future.data.get(app.getTicket());
+ if(f==null) { // only Ticketed Approvals are valid.. the others are records.
+ // Approvals without Tickets are no longer valid.
+ if("pending".equals(app.getStatus())) {
+ app.setStatus("lapsed");
+ app.update(noAvg,apprDAO,dryRun); // obeys dryRun
+ }
+ } else {
+ if((soonestExpire==null && f.expires()!=null) || (soonestExpire!=null && f.expires()!=null && soonestExpire.before(f.expires()))) {
+ soonestExpire=f.expires();
+ }
- if("pending".equals(app.getStatus())) {
- if(!isOwner) {
- isOwner = "owner".equals(app.getType());
- }
- if(!isSupervisor) {
- isSupervisor = "supervisor".equals(app.getType());
- }
+ if("pending".equals(app.getStatus())) {
+ if(!isOwner) {
+ isOwner = "owner".equals(app.getType());
+ }
+ if(!isSupervisor) {
+ isSupervisor = "supervisor".equals(app.getType());
+ }
- if((latestNotify==null && app.getLast_notified()!=null) ||(latestNotify!=null && app.getLast_notified()!=null && latestNotify.before(app.getLast_notified()))) {
- latestNotify=app.getLast_notified();
- }
- pending.add(app);
- }
- }
- }
+ if((latestNotify==null && app.getLast_notified()!=null) ||(latestNotify!=null && app.getLast_notified()!=null && latestNotify.before(app.getLast_notified()))) {
+ latestNotify=app.getLast_notified();
+ }
+ pending.add(app);
+ }
+ }
+ }
- if(!pending.isEmpty()) {
- boolean go = false;
- if(latestNotify==null) { // never notified... make it so
- go=true;
- } else {
- if(!today.equals(Chrono.dateOnlyStamp(latest))) { // already notified today
- latest.setTime(latestNotify);
- soonest.setTime(soonestExpire);
- int year;
- int days = soonest.get(GregorianCalendar.DAY_OF_YEAR)-latest.get(GregorianCalendar.DAY_OF_YEAR);
- days+=((year=soonest.get(GregorianCalendar.YEAR))-latest.get(GregorianCalendar.YEAR))*365 +
- (soonest.isLeapYear(year)?1:0);
- if(days<7) { // If Expirations get within a Week (or expired), notify everytime.
- go = true;
- }
- }
- }
- if(go) {
- if(maxEmails>emailCount++) {
- try {
- Organization org = OrganizationFactory.obtain(env, approver);
- Identity user = org.getIdentity(noAvg, approver);
- if(user==null) {
- ps.printf("Invalid Identity: %s\n", approver);
- } else {
- email.clear();
- msg.clear();
- email.addTo(user.email());
- msg.line(LINE);
- msg.line("Why are you receiving this Notification?\n");
- if(isSupervisor) {
- msg.line("%sYou are the supervisor of one or more employees who need access to tools which are protected by AAF. " +
- "Your employees may ask for access to various tools and applications to do their jobs. ASPR requires "
- + "that you are notified and approve their requests. The details of each need is provided when you click "
- + "on webpage above.\n",isOwner?"1) ":"");
- msg.line("Your participation in this process fulfills the ASPR requirement to re-authorize users in roles on a regular basis.\n\n");
- }
-
- if(isOwner) {
- msg.line("%sYou are the listed owner of one or more AAF Namespaces. ASPR requires that those responsible for "
- + "applications and their access review them regularly for accuracy. The AAF WIKI page for AT&T is https://wiki.web.att.com/display/aaf. "
- + "More info regarding questions of being a Namespace Owner is available at https://wiki.web.att.com/pages/viewpage.action?pageId=594741363\n",isSupervisor?"2) ":"");
- msg.line("Additionally, Credentials attached to the Namespace must be renewed regularly. While you may delegate certain functions to " +
- "Administrators within your Namespace, you are ultimately responsible to make sure credentials do not expire.\n");
- msg.line("You may view the Namespaces you listed as Owner for in this AAF Env by viewing the following webpage:\n");
- msg.line(" %s/ns\n\n",env.getProperty(GUI_URL));
-
- }
- msg.line(" If you are unfamiliar with AAF, you might like to peruse the following links:"
- + "\n\thttps://wiki.web.att.com/display/aaf/AAF+in+a+Nutshell"
- + "\n\thttps://wiki.web.att.com/display/aaf/The+New+Person%%27s+Guide+to+AAF");
- msg.line("\n SPECIAL NOTE about SWM Management Groups: Understand that SWM management Groups correlate one-to-one to AAF Namespaces. "
- + "(SWM uses AAF for the Authorization piece of Management Groups). You may be assigned the SWM Management Group by asking "
- + "directly, or through any of the above stated automated processes. Auto-generated Namespaces typically look like 'com.att.44444.PROD' "
- + "where '44444' is a MOTS ID, and 'PROD' is PROD|DEV|TEST, etc. For your convenience, the MOTS link is http://ebiz.sbc.com/mots.\n");
- msg.line(" Finally, realize that there are automated processes which create Machines and Resources via SWM, Kubernetes or other "
- + "such tooling. If you or your predecessor requested them, you were set as the owner of the AAF Namespace created during "
- + "that process.\n");
- msg.line(" For ALL QUESTIONS of why and how of SWM, and whether you or your reports can be removed, please contact SWM at "
- + "https://wiki.web.att.com/display/swm/Support\n");
+ if(!pending.isEmpty()) {
+ boolean go = false;
+ if(latestNotify==null) { // never notified... make it so
+ go=true;
+ } else {
+ if(!today.equals(Chrono.dateOnlyStamp(latest))) { // already notified today
+ latest.setTime(latestNotify);
+ soonest.setTime(soonestExpire);
+ int year;
+ int days = soonest.get(GregorianCalendar.DAY_OF_YEAR)-latest.get(GregorianCalendar.DAY_OF_YEAR);
+ days+=((year=soonest.get(GregorianCalendar.YEAR))-latest.get(GregorianCalendar.YEAR))*365 +
+ (soonest.isLeapYear(year)?1:0);
+ if(days<7) { // If Expirations get within a Week (or expired), notify everytime.
+ go = true;
+ }
+ }
+ }
+ if(go) {
+ if(maxEmails>emailCount++) {
+ try {
+ Organization org = OrganizationFactory.obtain(env, approver);
+ Identity user = org.getIdentity(noAvg, approver);
+ if(user==null) {
+ ps.printf("Invalid Identity: %s\n", approver);
+ } else {
+ email.clear();
+ msg.clear();
+ email.addTo(user.email());
+ msg.line(LINE);
+ msg.line("Why are you receiving this Notification?\n");
+ if(isSupervisor) {
+ msg.line("%sYou are the supervisor of one or more employees who need access to tools which are protected by AAF. " +
+ "Your employees may ask for access to various tools and applications to do their jobs. ASPR requires "
+ + "that you are notified and approve their requests. The details of each need is provided when you click "
+ + "on webpage above.\n",isOwner?"1) ":"");
+ msg.line("Your participation in this process fulfills the ASPR requirement to re-authorize users in roles on a regular basis.\n\n");
+ }
+
+ if(isOwner) {
+ msg.line("%sYou are the listed owner of one or more AAF Namespaces. ASPR requires that those responsible for "
+ + "applications and their access review them regularly for accuracy. The AAF WIKI page for AT&T is https://wiki.web.att.com/display/aaf. "
+ + "More info regarding questions of being a Namespace Owner is available at https://wiki.web.att.com/pages/viewpage.action?pageId=594741363\n",isSupervisor?"2) ":"");
+ msg.line("Additionally, Credentials attached to the Namespace must be renewed regularly. While you may delegate certain functions to " +
+ "Administrators within your Namespace, you are ultimately responsible to make sure credentials do not expire.\n");
+ msg.line("You may view the Namespaces you listed as Owner for in this AAF Env by viewing the following webpage:\n");
+ msg.line(" %s/ns\n\n",env.getProperty(GUI_URL));
+
+ }
+ msg.line(" If you are unfamiliar with AAF, you might like to peruse the following links:"
+ + "\n\thttps://wiki.web.att.com/display/aaf/AAF+in+a+Nutshell"
+ + "\n\thttps://wiki.web.att.com/display/aaf/The+New+Person%%27s+Guide+to+AAF");
+ msg.line("\n SPECIAL NOTE about SWM Management Groups: Understand that SWM management Groups correlate one-to-one to AAF Namespaces. "
+ + "(SWM uses AAF for the Authorization piece of Management Groups). You may be assigned the SWM Management Group by asking "
+ + "directly, or through any of the above stated automated processes. Auto-generated Namespaces typically look like 'com.att.44444.PROD' "
+ + "where '44444' is a MOTS ID, and 'PROD' is PROD|DEV|TEST, etc. For your convenience, the MOTS link is http://ebiz.sbc.com/mots.\n");
+ msg.line(" Finally, realize that there are automated processes which create Machines and Resources via SWM, Kubernetes or other "
+ + "such tooling. If you or your predecessor requested them, you were set as the owner of the AAF Namespace created during "
+ + "that process.\n");
+ msg.line(" For ALL QUESTIONS of why and how of SWM, and whether you or your reports can be removed, please contact SWM at "
+ + "https://wiki.web.att.com/display/swm/Support\n");
- email.msg(msg);
- email.exec(noAvg, org,"");
- if(!isDryRun()) {
- email.log(ps,"NotifyApprovals");
- for(Approval app : pending) {
- app.setLastNotified(now);
- app.update(noAvg, apprDAO, dryRun);
- }
- }
- }
- } catch (OrganizationException e) {
- trans.info().log(e);
- }
- }
- }
- }
- }
- trans.info().printf("%d emails sent for %s", emailCount,batchEnv);
- }
-
- @Override
- protected void _close(AuthzTrans trans) {
- futureDAO.close(trans);
- apprDAO.close(trans);
- historyDAO.close(trans);
- ps.close();
- }
+ email.msg(msg);
+ email.exec(noAvg, org,"");
+ if(!isDryRun()) {
+ email.log(ps,"NotifyApprovals");
+ for(Approval app : pending) {
+ app.setLastNotified(now);
+ app.update(noAvg, apprDAO, dryRun);
+ }
+ }
+ }
+ } catch (OrganizationException e) {
+ trans.info().log(e);
+ }
+ }
+ }
+ }
+ }
+ trans.info().printf("%d emails sent for %s", emailCount,batchEnv);
+ }
+
+ @Override
+ protected void _close(AuthzTrans trans) {
+ futureDAO.close(trans);
+ apprDAO.close(trans);
+ historyDAO.close(trans);
+ ps.close();
+ }
}
diff --git a/auth/auth-batch/src/main/java/org/onap/aaf/auth/update/NotifyCredExpiring.java b/auth/auth-batch/src/main/java/org/onap/aaf/auth/update/NotifyCredExpiring.java
index fe8f16d9..ab386c56 100644
--- a/auth/auth-batch/src/main/java/org/onap/aaf/auth/update/NotifyCredExpiring.java
+++ b/auth/auth-batch/src/main/java/org/onap/aaf/auth/update/NotifyCredExpiring.java
@@ -61,261 +61,261 @@ import java.util.TreeMap;
public class NotifyCredExpiring extends Batch {
- private static final String UNKNOWN_ID = "unknown@deprecated.id";
- private static final String AAF_INSTANTIATED_MECHID = "AAF INSTANTIATED MECHID";
- private static final String EXPIRATION_DATE = "EXPIRATION DATE";
- private static final String QUICK_LINK = "QUICK LINK TO UPDATE PAGE";
- private static final String DASH_1 = "-----------------------";
- private static final String DASH_2 = "---------------";
- private static final String DASH_3 = "----------------------------------------------------";
- private static final String LINE = "\n----------------------------------------------------------------";
- private Email email;
- private int maxEmails;
- private final PrintStream ps;
- private final AuthzTrans noAvg;
- private String supportEmailAddr;
+ private static final String UNKNOWN_ID = "unknown@deprecated.id";
+ private static final String AAF_INSTANTIATED_MECHID = "AAF INSTANTIATED MECHID";
+ private static final String EXPIRATION_DATE = "EXPIRATION DATE";
+ private static final String QUICK_LINK = "QUICK LINK TO UPDATE PAGE";
+ private static final String DASH_1 = "-----------------------";
+ private static final String DASH_2 = "---------------";
+ private static final String DASH_3 = "----------------------------------------------------";
+ private static final String LINE = "\n----------------------------------------------------------------";
+ private Email email;
+ private int maxEmails;
+ private final PrintStream ps;
+ private final AuthzTrans noAvg;
+ private String supportEmailAddr;
- public NotifyCredExpiring(AuthzTrans trans) throws APIException, IOException, OrganizationException {
- super(trans.env());
- TimeTaken tt = trans.start("Connect to Cluster", Env.REMOTE);
- try {
- session = cluster.connect();
- } finally {
- tt.done();
- }
-
- noAvg = env.newTransNoAvg();
- noAvg.setUser(new BatchPrincipal("batch:NotifyCredExpiring"));
-
- if((supportEmailAddr = env.getProperty("mailFromUserId"))==null) {
- throw new APIException("mailFromUserId property must be set");
- }
- if(isDryRun()) {
- email = new EmailPrint();
- maxEmails=3;
- maxEmails = Integer.parseInt(trans.getProperty("MAX_EMAILS","3"));
- } else {
- email = new Email();
- maxEmails = Integer.parseInt(trans.getProperty("MAX_EMAILS","3"));
- }
-
- email.subject("AAF Password Expiration Notification (ENV: %s)",batchEnv);
- email.preamble("AAF (MOTS 22830) is the AT&T Authorization System used by many AT&T Tools and Applications.\n\n" +
- " The following Credentials are expiring on the dates shown. Failure to act before the expiration date "
- + "will cause your App's Authentications to fail.\n");
- email.signature("Sincerely,\nAAF Team (Our MOTS# 22830)\n"
- + "https://wiki.web.att.com/display/aaf/Contact+Us\n"
- + "(Use 'Other Misc Requests (TOPS)')");
+ public NotifyCredExpiring(AuthzTrans trans) throws APIException, IOException, OrganizationException {
+ super(trans.env());
+ TimeTaken tt = trans.start("Connect to Cluster", Env.REMOTE);
+ try {
+ session = cluster.connect();
+ } finally {
+ tt.done();
+ }
+
+ noAvg = env.newTransNoAvg();
+ noAvg.setUser(new BatchPrincipal("batch:NotifyCredExpiring"));
+
+ if((supportEmailAddr = env.getProperty("mailFromUserId"))==null) {
+ throw new APIException("mailFromUserId property must be set");
+ }
+ if(isDryRun()) {
+ email = new EmailPrint();
+ maxEmails=3;
+ maxEmails = Integer.parseInt(trans.getProperty("MAX_EMAILS","3"));
+ } else {
+ email = new Email();
+ maxEmails = Integer.parseInt(trans.getProperty("MAX_EMAILS","3"));
+ }
+
+ email.subject("AAF Password Expiration Notification (ENV: %s)",batchEnv);
+ email.preamble("AAF (MOTS 22830) is the AT&T Authorization System used by many AT&T Tools and Applications.\n\n" +
+ " The following Credentials are expiring on the dates shown. Failure to act before the expiration date "
+ + "will cause your App's Authentications to fail.\n");
+ email.signature("Sincerely,\nAAF Team (Our MOTS# 22830)\n"
+ + "https://wiki.web.att.com/display/aaf/Contact+Us\n"
+ + "(Use 'Other Misc Requests (TOPS)')");
- Cred.load(trans, session,CredDAO.BASIC_AUTH, CredDAO.BASIC_AUTH_SHA256);
- Notification.load(trans, session, Notification.v2_0_18);
- UserRole.load(trans, session, UserRole.v2_0_11);
-
- ps = new PrintStream(new FileOutputStream(logDir() + "/email"+Chrono.dateOnlyStamp()+".log",true));
- ps.printf("### Approval Notify %s for %s%s\n",Chrono.dateTime(),batchEnv,dryRun?", DryRun":"");
- }
-
- @Override
- protected void run(AuthzTrans trans) {
-
- EmailWarnings ewp = org.emailWarningPolicy();
- long now = System.currentTimeMillis();
- Date early = new Date(now+(ewp.credExpirationWarning()*2)); // 2 months back
- Date must = new Date(now+ewp.credExpirationWarning()); // 1 months back
- Date critical = new Date(now+ewp.emailUrgentWarning()); // 1 week
- Date within2Weeks = new Date(now+604800000 * 2);
- Date withinLastWeek = new Date(now-604800000);
- Date tooLate = new Date(now);
-
- // Temp structures
- Map<String,Cred> lastCred = new HashMap<>();
- Map<String,List<LastCred>> ownerCreds = new TreeMap<>();
- Date last;
-
+ Cred.load(trans, session,CredDAO.BASIC_AUTH, CredDAO.BASIC_AUTH_SHA256);
+ Notification.load(trans, session, Notification.v2_0_18);
+ UserRole.load(trans, session, UserRole.v2_0_11);
+
+ ps = new PrintStream(new FileOutputStream(logDir() + "/email"+Chrono.dateOnlyStamp()+".log",true));
+ ps.printf("### Approval Notify %s for %s%s\n",Chrono.dateTime(),batchEnv,dryRun?", DryRun":"");
+ }
+
+ @Override
+ protected void run(AuthzTrans trans) {
+
+ EmailWarnings ewp = org.emailWarningPolicy();
+ long now = System.currentTimeMillis();
+ Date early = new Date(now+(ewp.credExpirationWarning()*2)); // 2 months back
+ Date must = new Date(now+ewp.credExpirationWarning()); // 1 months back
+ Date critical = new Date(now+ewp.emailUrgentWarning()); // 1 week
+ Date within2Weeks = new Date(now+604800000 * 2);
+ Date withinLastWeek = new Date(now-604800000);
+ Date tooLate = new Date(now);
+
+ // Temp structures
+ Map<String,Cred> lastCred = new HashMap<>();
+ Map<String,List<LastCred>> ownerCreds = new TreeMap<>();
+ Date last;
+
- List<LastCred> noOwner = new ArrayList<>();
- ownerCreds.put(UNKNOWN_ID,noOwner);
+ List<LastCred> noOwner = new ArrayList<>();
+ ownerCreds.put(UNKNOWN_ID,noOwner);
- // Get a list of ONLY the ones needing email by Owner
- for(Entry<String, List<Cred>> es : Cred.byNS.entrySet()) {
- lastCred.clear();
- for(Cred c : es.getValue()) {
- last = c.last(CredDAO.BASIC_AUTH,CredDAO.BASIC_AUTH_SHA256);
- if(last!=null && last.after(tooLate) && last.before(early)) {
- List<UserRole> ownerURList = UserRole.getByRole().get(es.getKey()+".owner");
- if(ownerURList!=null) {
- for(UserRole ur:ownerURList) {
- String owner = ur.user();
- List<LastCred> llc = ownerCreds.get(owner);
- if(llc==null) {
- ownerCreds.put(owner, (llc=new ArrayList<>()));
- }
- llc.add(new LastCred(c,last));
- }
- } else {
- noOwner.add(new LastCred(c,last));
- }
- }
- }
- }
-
- boolean bCritical,bNormal,bEarly;
- int emailCount=0;
- Message msg = new Message();
- Notification ownNotf;
- StringBuilder logMessage = new StringBuilder();
- for(Entry<String,List<LastCred>> es : ownerCreds.entrySet()) {
- String owner = es.getKey();
- boolean header = true;
- try {
- Organization org = OrganizationFactory.obtain(env, owner);
- Identity user = org.getIdentity(noAvg, owner);
- if(!UNKNOWN_ID.equals(owner) && user==null) {
- ps.printf("Invalid Identity: %s\n", owner);
- } else {
- logMessage.setLength(0);
- if(maxEmails>emailCount) {
- bCritical=bNormal=bEarly = false;
- email.clear();
- msg.clear();
- email.addTo(user==null?supportEmailAddr:user.email());
+ // Get a list of ONLY the ones needing email by Owner
+ for(Entry<String, List<Cred>> es : Cred.byNS.entrySet()) {
+ lastCred.clear();
+ for(Cred c : es.getValue()) {
+ last = c.last(CredDAO.BASIC_AUTH,CredDAO.BASIC_AUTH_SHA256);
+ if(last!=null && last.after(tooLate) && last.before(early)) {
+ List<UserRole> ownerURList = UserRole.getByRole().get(es.getKey()+".owner");
+ if(ownerURList!=null) {
+ for(UserRole ur:ownerURList) {
+ String owner = ur.user();
+ List<LastCred> llc = ownerCreds.get(owner);
+ if(llc==null) {
+ ownerCreds.put(owner, (llc=new ArrayList<>()));
+ }
+ llc.add(new LastCred(c,last));
+ }
+ } else {
+ noOwner.add(new LastCred(c,last));
+ }
+ }
+ }
+ }
+
+ boolean bCritical,bNormal,bEarly;
+ int emailCount=0;
+ Message msg = new Message();
+ Notification ownNotf;
+ StringBuilder logMessage = new StringBuilder();
+ for(Entry<String,List<LastCred>> es : ownerCreds.entrySet()) {
+ String owner = es.getKey();
+ boolean header = true;
+ try {
+ Organization org = OrganizationFactory.obtain(env, owner);
+ Identity user = org.getIdentity(noAvg, owner);
+ if(!UNKNOWN_ID.equals(owner) && user==null) {
+ ps.printf("Invalid Identity: %s\n", owner);
+ } else {
+ logMessage.setLength(0);
+ if(maxEmails>emailCount) {
+ bCritical=bNormal=bEarly = false;
+ email.clear();
+ msg.clear();
+ email.addTo(user==null?supportEmailAddr:user.email());
- ownNotf = Notification.get(es.getKey(),TYPE.CN);
- if(ownNotf==null) {
- ownNotf = Notification.create(user==null?UNKNOWN_ID:user.fullID(), TYPE.CN);
- }
- last = ownNotf.last;
- // Get Max ID size for formatting purposes
- int length = AAF_INSTANTIATED_MECHID.length();
- for(LastCred lc : es.getValue()) {
- length = Math.max(length, lc.cred.id.length());
- }
- String id_exp_fmt = "\t%-"+length+"s %15s %s";
+ ownNotf = Notification.get(es.getKey(),TYPE.CN);
+ if(ownNotf==null) {
+ ownNotf = Notification.create(user==null?UNKNOWN_ID:user.fullID(), TYPE.CN);
+ }
+ last = ownNotf.last;
+ // Get Max ID size for formatting purposes
+ int length = AAF_INSTANTIATED_MECHID.length();
+ for(LastCred lc : es.getValue()) {
+ length = Math.max(length, lc.cred.id.length());
+ }
+ String id_exp_fmt = "\t%-"+length+"s %15s %s";
- Collections.sort(es.getValue(),LastCred.COMPARE);
- for(LastCred lc : es.getValue()) {
- if(lc.last.after(must) && lc.last.before(early) &&
- (ownNotf.last==null || ownNotf.last.before(withinLastWeek))) {
- if(!bEarly && header) {
- msg.line("\tThe following are friendly 2 month reminders, just in case you need to schedule your updates early. "
- + "You will be reminded next month\n");
- msg.line(id_exp_fmt, AAF_INSTANTIATED_MECHID,EXPIRATION_DATE, QUICK_LINK);
- msg.line(id_exp_fmt, DASH_1, DASH_2, DASH_3);
- header = false;
- }
- bEarly = true;
- } else if(lc.last.after(critical) && lc.last.before(must) &&
- (ownNotf.last==null || ownNotf.last.before(withinLastWeek))) {
- if(!bNormal) {
- boolean last2wks = lc.last.before(within2Weeks);
- if(last2wks) {
- try {
- Identity supvsr = user.responsibleTo();
- email.addCC(supvsr.email());
- } catch(OrganizationException e) {
- trans.error().log(e, "Supervisor cannot be looked up");
- }
- }
- if(header) {
- msg.line("\tIt is now important for you to update Passwords all all configurations using them for the following.\n" +
- (last2wks?"\tNote: Your Supervisor is CCd\n":"\tNote: Your Supervisor will be notified if this is not being done before the last 2 weeks\n"));
- msg.line(id_exp_fmt, AAF_INSTANTIATED_MECHID,EXPIRATION_DATE, QUICK_LINK);
- msg.line(id_exp_fmt, DASH_1, DASH_2, DASH_3);
- }
- header = false;
- }
- bNormal=true;
- } else if(lc.last.after(tooLate) && lc.last.before(critical)) { // Email Every Day, with Supervisor
- if(!bCritical && header) {
- msg.line("\t!!! WARNING: These Credentials will expire in LESS THAN ONE WEEK !!!!\n" +
- "\tYour supervisor is added to this Email\n");
- msg.line(id_exp_fmt, AAF_INSTANTIATED_MECHID,EXPIRATION_DATE, QUICK_LINK);
- msg.line(id_exp_fmt, DASH_1, DASH_2, DASH_3);
- header = false;
- }
- bCritical = true;
- try {
- if(user!=null) {
- Identity supvsr = user.responsibleTo();
- if(supvsr!=null) {
- email.addCC(supvsr.email());
- supvsr = supvsr.responsibleTo();
- if(supvsr!=null) {
- email.addCC(supvsr.email());
- }
- }
- }
- } catch(OrganizationException e) {
- trans.error().log(e, "Supervisor cannot be looked up");
- }
- }
- if(bEarly || bNormal || bCritical) {
- if(logMessage.length()==0) {
- logMessage.append("NotifyCredExpiring");
- }
- logMessage.append("\n\t");
- logMessage.append(lc.cred.id);
- logMessage.append('\t');
- logMessage.append(Chrono.dateOnlyStamp(lc.last));
- msg.line(id_exp_fmt, lc.cred.id, Chrono.dateOnlyStamp(lc.last)+" ",env.getProperty(GUI_URL)+"/creddetail?ns="+Question.domain2ns(lc.cred.id));
- }
- }
-
- if(bEarly || bNormal || bCritical) {
- msg.line(LINE);
- msg.line("Why are you receiving this Notification?\n");
- msg.line("You are the listed owner of one or more AAF Namespaces. ASPR requires that those responsible for "
- + "applications and their access review them regularly for accuracy. The AAF WIKI page for AT&T is https://wiki.web.att.com/display/aaf. "
- + "You might like https://wiki.web.att.com/display/aaf/AAF+in+a+Nutshell. More detailed info regarding questions of being a Namespace Owner is available at https://wiki.web.att.com/pages/viewpage.action?pageId=594741363\n");
- msg.line("You may view the Namespaces you listed as Owner for in this AAF Env by viewing the following webpage:\n");
- msg.line(" %s/ns\n\n",env.getProperty(GUI_URL));
- email.msg(msg);
- Result<Void> rv = email.exec(trans, org,"");
- if(rv.isOK()) {
- ++emailCount;
- if(!isDryRun()) {
- ownNotf.update(noAvg, session, false);
- // SET LastNotification
- }
- email.log(ps,logMessage.toString());
- } else {
- trans.error().log(rv.errorString());
- }
- }
- }
- }
- } catch (OrganizationException e) {
- trans.info().log(e);
- }
- }
- trans.info().printf("%d emails sent for %s", emailCount,batchEnv);
- }
-
- private static class LastCred {
- public Cred cred;
- public Date last;
-
- public LastCred(Cred cred, Date last) {
- this.cred = cred;
- this.last = last;
- }
-
- // Reverse Sort (Oldest on top)
- public static Comparator<LastCred> COMPARE = new Comparator<LastCred>() {
- @Override
- public int compare(LastCred o1, LastCred o2) {
- return o2.last.compareTo(o1.last);
- }
- };
-
- public String toString() {
- return Chrono.dateTime(last) + cred.toString();
- }
- }
-
- @Override
- protected void _close(AuthzTrans trans) {
- session.close();
- ps.close();
- }
+ Collections.sort(es.getValue(),LastCred.COMPARE);
+ for(LastCred lc : es.getValue()) {
+ if(lc.last.after(must) && lc.last.before(early) &&
+ (ownNotf.last==null || ownNotf.last.before(withinLastWeek))) {
+ if(!bEarly && header) {
+ msg.line("\tThe following are friendly 2 month reminders, just in case you need to schedule your updates early. "
+ + "You will be reminded next month\n");
+ msg.line(id_exp_fmt, AAF_INSTANTIATED_MECHID,EXPIRATION_DATE, QUICK_LINK);
+ msg.line(id_exp_fmt, DASH_1, DASH_2, DASH_3);
+ header = false;
+ }
+ bEarly = true;
+ } else if(lc.last.after(critical) && lc.last.before(must) &&
+ (ownNotf.last==null || ownNotf.last.before(withinLastWeek))) {
+ if(!bNormal) {
+ boolean last2wks = lc.last.before(within2Weeks);
+ if(last2wks) {
+ try {
+ Identity supvsr = user.responsibleTo();
+ email.addCC(supvsr.email());
+ } catch(OrganizationException e) {
+ trans.error().log(e, "Supervisor cannot be looked up");
+ }
+ }
+ if(header) {
+ msg.line("\tIt is now important for you to update Passwords all all configurations using them for the following.\n" +
+ (last2wks?"\tNote: Your Supervisor is CCd\n":"\tNote: Your Supervisor will be notified if this is not being done before the last 2 weeks\n"));
+ msg.line(id_exp_fmt, AAF_INSTANTIATED_MECHID,EXPIRATION_DATE, QUICK_LINK);
+ msg.line(id_exp_fmt, DASH_1, DASH_2, DASH_3);
+ }
+ header = false;
+ }
+ bNormal=true;
+ } else if(lc.last.after(tooLate) && lc.last.before(critical)) { // Email Every Day, with Supervisor
+ if(!bCritical && header) {
+ msg.line("\t!!! WARNING: These Credentials will expire in LESS THAN ONE WEEK !!!!\n" +
+ "\tYour supervisor is added to this Email\n");
+ msg.line(id_exp_fmt, AAF_INSTANTIATED_MECHID,EXPIRATION_DATE, QUICK_LINK);
+ msg.line(id_exp_fmt, DASH_1, DASH_2, DASH_3);
+ header = false;
+ }
+ bCritical = true;
+ try {
+ if(user!=null) {
+ Identity supvsr = user.responsibleTo();
+ if(supvsr!=null) {
+ email.addCC(supvsr.email());
+ supvsr = supvsr.responsibleTo();
+ if(supvsr!=null) {
+ email.addCC(supvsr.email());
+ }
+ }
+ }
+ } catch(OrganizationException e) {
+ trans.error().log(e, "Supervisor cannot be looked up");
+ }
+ }
+ if(bEarly || bNormal || bCritical) {
+ if(logMessage.length()==0) {
+ logMessage.append("NotifyCredExpiring");
+ }
+ logMessage.append("\n\t");
+ logMessage.append(lc.cred.id);
+ logMessage.append('\t');
+ logMessage.append(Chrono.dateOnlyStamp(lc.last));
+ msg.line(id_exp_fmt, lc.cred.id, Chrono.dateOnlyStamp(lc.last)+" ",env.getProperty(GUI_URL)+"/creddetail?ns="+Question.domain2ns(lc.cred.id));
+ }
+ }
+
+ if(bEarly || bNormal || bCritical) {
+ msg.line(LINE);
+ msg.line("Why are you receiving this Notification?\n");
+ msg.line("You are the listed owner of one or more AAF Namespaces. ASPR requires that those responsible for "
+ + "applications and their access review them regularly for accuracy. The AAF WIKI page for AT&T is https://wiki.web.att.com/display/aaf. "
+ + "You might like https://wiki.web.att.com/display/aaf/AAF+in+a+Nutshell. More detailed info regarding questions of being a Namespace Owner is available at https://wiki.web.att.com/pages/viewpage.action?pageId=594741363\n");
+ msg.line("You may view the Namespaces you listed as Owner for in this AAF Env by viewing the following webpage:\n");
+ msg.line(" %s/ns\n\n",env.getProperty(GUI_URL));
+ email.msg(msg);
+ Result<Void> rv = email.exec(trans, org,"");
+ if(rv.isOK()) {
+ ++emailCount;
+ if(!isDryRun()) {
+ ownNotf.update(noAvg, session, false);
+ // SET LastNotification
+ }
+ email.log(ps,logMessage.toString());
+ } else {
+ trans.error().log(rv.errorString());
+ }
+ }
+ }
+ }
+ } catch (OrganizationException e) {
+ trans.info().log(e);
+ }
+ }
+ trans.info().printf("%d emails sent for %s", emailCount,batchEnv);
+ }
+
+ private static class LastCred {
+ public Cred cred;
+ public Date last;
+
+ public LastCred(Cred cred, Date last) {
+ this.cred = cred;
+ this.last = last;
+ }
+
+ // Reverse Sort (Oldest on top)
+ public static Comparator<LastCred> COMPARE = new Comparator<LastCred>() {
+ @Override
+ public int compare(LastCred o1, LastCred o2) {
+ return o2.last.compareTo(o1.last);
+ }
+ };
+
+ public String toString() {
+ return Chrono.dateTime(last) + cred.toString();
+ }
+ }
+
+ @Override
+ protected void _close(AuthzTrans trans) {
+ session.close();
+ ps.close();
+ }
}
diff --git a/auth/auth-batch/src/test/java/org/onap/aaf/auth/actions/test/JU_ActionDAO.java b/auth/auth-batch/src/test/java/org/onap/aaf/auth/actions/test/JU_ActionDAO.java
index 80ce0ca4..254a6adf 100644
--- a/auth/auth-batch/src/test/java/org/onap/aaf/auth/actions/test/JU_ActionDAO.java
+++ b/auth/auth-batch/src/test/java/org/onap/aaf/auth/actions/test/JU_ActionDAO.java
@@ -47,49 +47,49 @@ import java.util.List;
import org.junit.Test;
public class JU_ActionDAO {
-
- AuthzTrans aTrans;
- Cluster cluster;
- ActionDAOStub actionDAOStub;
- ActionDAOStub actionDAOStub1;
+
+ AuthzTrans aTrans;
+ Cluster cluster;
+ ActionDAOStub actionDAOStub;
+ ActionDAOStub actionDAOStub1;
- private class ActionDAOStub extends ActionDAO {
+ private class ActionDAOStub extends ActionDAO {
- public ActionDAOStub(AuthzTrans trans, ActionDAO predecessor) {
- super(trans, predecessor);
- // TODO Auto-generated constructor stub
- }
+ public ActionDAOStub(AuthzTrans trans, ActionDAO predecessor) {
+ super(trans, predecessor);
+ // TODO Auto-generated constructor stub
+ }
- public ActionDAOStub(AuthzTrans trans, Cluster cluster, boolean dryRun) throws APIException, IOException {
- super(trans, cluster, dryRun);
- // TODO Auto-generated constructor stub
- }
+ public ActionDAOStub(AuthzTrans trans, Cluster cluster, boolean dryRun) throws APIException, IOException {
+ super(trans, cluster, dryRun);
+ // TODO Auto-generated constructor stub
+ }
- @Override
- public Result exec(AuthzTrans trans, Object data, Object t) {
- // TODO Auto-generated method stub
- return null;
- }
-
- }
-
- @Before
- public void setUp() throws APIException, IOException {
-// Cluster.Initializer cInit = mock(Cluster.Initializer.class);
-// Cluster.Builder cBuild = new Cluster.Builder();
-// cBuild.addContactPoint("test");
-// cBuild.build();
-// cluster.buildFrom(cBuild);
-// cluster.builder();
-// cluster.init();
-// cluster.builder().getContactPoints();
-
+ @Override
+ public Result exec(AuthzTrans trans, Object data, Object t) {
+ // TODO Auto-generated method stub
+ return null;
+ }
+
+ }
+
+ @Before
+ public void setUp() throws APIException, IOException {
+// Cluster.Initializer cInit = mock(Cluster.Initializer.class);
+// Cluster.Builder cBuild = new Cluster.Builder();
+// cBuild.addContactPoint("test");
+// cBuild.build();
+// cluster.buildFrom(cBuild);
+// cluster.builder();
+// cluster.init();
+// cluster.builder().getContactPoints();
+
-
-// aTrans = mock(AuthzTrans.class);
-// cluster = mock(Cluster.class);
-// actionDAOStub = new ActionDAOStub(aTrans,cluster,true);
-// actionDAOStub1 = new ActionDAOStub(aTrans, actionDAOStub);
- }
+
+// aTrans = mock(AuthzTrans.class);
+// cluster = mock(Cluster.class);
+// actionDAOStub = new ActionDAOStub(aTrans,cluster,true);
+// actionDAOStub1 = new ActionDAOStub(aTrans, actionDAOStub);
+ }
}
diff --git a/auth/auth-batch/src/test/java/org/onap/aaf/auth/actions/test/JU_Email.java b/auth/auth-batch/src/test/java/org/onap/aaf/auth/actions/test/JU_Email.java
index 70cd08a8..d3d4719e 100644
--- a/auth/auth-batch/src/test/java/org/onap/aaf/auth/actions/test/JU_Email.java
+++ b/auth/auth-batch/src/test/java/org/onap/aaf/auth/actions/test/JU_Email.java
@@ -47,105 +47,105 @@ import java.util.Set;
import org.junit.Test;
public class JU_Email {
-
- private ByteArrayOutputStream outStream;
- private ByteArrayOutputStream errStream;
- Email email;
- Identity usersI;
- Message msg;
- PrintStream ps;
-
- @Before
- public void setUp() throws FileNotFoundException {
- outStream = new ByteArrayOutputStream();
- errStream = new ByteArrayOutputStream();
- ps = new PrintStream(errStream);
- System.setOut(new PrintStream(outStream));
- System.setErr(ps);
-
- usersI = mock(Identity.class);
- msg = new Message();
- email = new Email();
- }
+
+ private ByteArrayOutputStream outStream;
+ private ByteArrayOutputStream errStream;
+ Email email;
+ Identity usersI;
+ Message msg;
+ PrintStream ps;
+
+ @Before
+ public void setUp() throws FileNotFoundException {
+ outStream = new ByteArrayOutputStream();
+ errStream = new ByteArrayOutputStream();
+ ps = new PrintStream(errStream);
+ System.setOut(new PrintStream(outStream));
+ System.setErr(ps);
+
+ usersI = mock(Identity.class);
+ msg = new Message();
+ email = new Email();
+ }
- @Test
- public void testClear() {
- Assert.assertNotNull(email.clear());
- }
-
- @Test
- public void testIndent() {
- email.indent("indent");
- }
-
- @Test
- public void testPreamble() {
- email.preamble("format");
- }
-
- @Test
- public void testAddTo() {
- email.addTo(usersI);
-
-// Collection col = mock(Collection.class);
-// col.add("test");
-// email.addTo(col);
-
- email.addTo("email");
- }
-
- @Test
- public void testAddCC() {
- email.addCC(usersI);
- email.addCC("email");
- }
-
-// @Test
-// public void testAdd() throws OrganizationException {
-// email.add(usersI, true);
-// }
-
- @Test
- public void testSubject() {
- email.subject("format");
- email.subject("for%smat","format");
- }
-
- @Test
- public void testSignature() {
- email.signature("format","arg");
- }
-
- @Test
- public void testMsg() {
- email.msg(msg);
- }
-
- @Test
- public void testExec() {
- AuthzTrans trans = mock(AuthzTrans.class);
- Organization org = mock(Organization.class);
- email.preamble("format");
- email.msg(msg);
- email.signature("format","arg");
-
- email.exec(trans, org, "text");
- }
-
- @Test
- public void testLog() throws FileNotFoundException {
- email.addTo("email");
- email.addCC("email");
- email.log(ps, "email");
- email.addTo("emails");
- email.addCC("emails");
- email.log(ps, "emails");
- }
-
- @After
- public void cleanUp() {
- System.setErr(System.err);
- System.setOut(System.out);
- }
+ @Test
+ public void testClear() {
+ Assert.assertNotNull(email.clear());
+ }
+
+ @Test
+ public void testIndent() {
+ email.indent("indent");
+ }
+
+ @Test
+ public void testPreamble() {
+ email.preamble("format");
+ }
+
+ @Test
+ public void testAddTo() {
+ email.addTo(usersI);
+
+// Collection col = mock(Collection.class);
+// col.add("test");
+// email.addTo(col);
+
+ email.addTo("email");
+ }
+
+ @Test
+ public void testAddCC() {
+ email.addCC(usersI);
+ email.addCC("email");
+ }
+
+// @Test
+// public void testAdd() throws OrganizationException {
+// email.add(usersI, true);
+// }
+
+ @Test
+ public void testSubject() {
+ email.subject("format");
+ email.subject("for%smat","format");
+ }
+
+ @Test
+ public void testSignature() {
+ email.signature("format","arg");
+ }
+
+ @Test
+ public void testMsg() {
+ email.msg(msg);
+ }
+
+ @Test
+ public void testExec() {
+ AuthzTrans trans = mock(AuthzTrans.class);
+ Organization org = mock(Organization.class);
+ email.preamble("format");
+ email.msg(msg);
+ email.signature("format","arg");
+
+ email.exec(trans, org, "text");
+ }
+
+ @Test
+ public void testLog() throws FileNotFoundException {
+ email.addTo("email");
+ email.addCC("email");
+ email.log(ps, "email");
+ email.addTo("emails");
+ email.addCC("emails");
+ email.log(ps, "emails");
+ }
+
+ @After
+ public void cleanUp() {
+ System.setErr(System.err);
+ System.setOut(System.out);
+ }
}
diff --git a/auth/auth-batch/src/test/java/org/onap/aaf/auth/actions/test/JU_EmailPrint.java b/auth/auth-batch/src/test/java/org/onap/aaf/auth/actions/test/JU_EmailPrint.java
index fb5d2bd5..fe87219b 100644
--- a/auth/auth-batch/src/test/java/org/onap/aaf/auth/actions/test/JU_EmailPrint.java
+++ b/auth/auth-batch/src/test/java/org/onap/aaf/auth/actions/test/JU_EmailPrint.java
@@ -43,50 +43,50 @@ import java.lang.reflect.Method;
import org.junit.Test;
public class JU_EmailPrint {
-
- private ByteArrayOutputStream outStream;
- private ByteArrayOutputStream errStream;
- EmailPrint ePrint;
- AuthzTrans trans;
- Organization org;
- StringBuilder strBuilder;
-
- @Before
- public void setUp() {
- outStream = new ByteArrayOutputStream();
- errStream = new ByteArrayOutputStream();
- System.setOut(new PrintStream(outStream));
- System.setErr(new PrintStream(errStream));
- ePrint = new EmailPrint();
- trans = mock(AuthzTrans.class);
- org = mock(Organization.class);
- strBuilder = new StringBuilder();
- strBuilder.append("test\nte\nst");
- ePrint.addTo("test");
- ePrint.addTo("test1");
- ePrint.addTo("test2");
- ePrint.addCC("test");
- ePrint.addCC("test1");
- ePrint.addCC("test2");
-
- }
+
+ private ByteArrayOutputStream outStream;
+ private ByteArrayOutputStream errStream;
+ EmailPrint ePrint;
+ AuthzTrans trans;
+ Organization org;
+ StringBuilder strBuilder;
+
+ @Before
+ public void setUp() {
+ outStream = new ByteArrayOutputStream();
+ errStream = new ByteArrayOutputStream();
+ System.setOut(new PrintStream(outStream));
+ System.setErr(new PrintStream(errStream));
+ ePrint = new EmailPrint();
+ trans = mock(AuthzTrans.class);
+ org = mock(Organization.class);
+ strBuilder = new StringBuilder();
+ strBuilder.append("test\nte\nst");
+ ePrint.addTo("test");
+ ePrint.addTo("test1");
+ ePrint.addTo("test2");
+ ePrint.addCC("test");
+ ePrint.addCC("test1");
+ ePrint.addCC("test2");
+
+ }
- @Test
- public void testExec() throws NoSuchMethodException, SecurityException, IllegalAccessException, IllegalArgumentException, InvocationTargetException {
- Class c = ePrint.getClass();
- Class[] cArg = new Class[3];
- cArg[0] = AuthzTrans.class;
- cArg[1] = Organization.class;
- cArg[2] = StringBuilder.class;//Steps to test a protected method
- Method execMethod = c.getDeclaredMethod("exec", cArg);
- execMethod.setAccessible(true);
- execMethod.invoke(ePrint, trans, org, strBuilder);
- }
-
- @After
- public void cleanUp() {
- System.setErr(System.err);
- System.setOut(System.out);
- }
+ @Test
+ public void testExec() throws NoSuchMethodException, SecurityException, IllegalAccessException, IllegalArgumentException, InvocationTargetException {
+ Class c = ePrint.getClass();
+ Class[] cArg = new Class[3];
+ cArg[0] = AuthzTrans.class;
+ cArg[1] = Organization.class;
+ cArg[2] = StringBuilder.class;//Steps to test a protected method
+ Method execMethod = c.getDeclaredMethod("exec", cArg);
+ execMethod.setAccessible(true);
+ execMethod.invoke(ePrint, trans, org, strBuilder);
+ }
+
+ @After
+ public void cleanUp() {
+ System.setErr(System.err);
+ System.setOut(System.out);
+ }
}
diff --git a/auth/auth-batch/src/test/java/org/onap/aaf/auth/actions/test/JU_Message.java b/auth/auth-batch/src/test/java/org/onap/aaf/auth/actions/test/JU_Message.java
index fa7409ea..ada1dbae 100644
--- a/auth/auth-batch/src/test/java/org/onap/aaf/auth/actions/test/JU_Message.java
+++ b/auth/auth-batch/src/test/java/org/onap/aaf/auth/actions/test/JU_Message.java
@@ -33,30 +33,30 @@ import static org.mockito.Mockito.*;
import org.junit.Test;
public class JU_Message {
-
- Message msg;
-
- @Before
- public void setUp() {
- msg = new Message();
- }
+
+ Message msg;
+
+ @Before
+ public void setUp() {
+ msg = new Message();
+ }
- @Test
- public void testLine() {
- msg.line("test");
- }
-
- @Test
- public void testClear() {
- msg.clear();
- }
-
- @Test
- public void testMsg() {
- StringBuilder sb = new StringBuilder();
- msg.line("test");
- msg.line("test1");
- msg.msg(sb, "indent");
- }
+ @Test
+ public void testLine() {
+ msg.line("test");
+ }
+
+ @Test
+ public void testClear() {
+ msg.clear();
+ }
+
+ @Test
+ public void testMsg() {
+ StringBuilder sb = new StringBuilder();
+ msg.line("test");
+ msg.line("test1");
+ msg.msg(sb, "indent");
+ }
}
diff --git a/auth/auth-batch/src/test/java/org/onap/aaf/auth/helpers/test/JU_Approval.java b/auth/auth-batch/src/test/java/org/onap/aaf/auth/helpers/test/JU_Approval.java
index a0ade9ea..288e929b 100644
--- a/auth/auth-batch/src/test/java/org/onap/aaf/auth/helpers/test/JU_Approval.java
+++ b/auth/auth-batch/src/test/java/org/onap/aaf/auth/helpers/test/JU_Approval.java
@@ -42,116 +42,116 @@ import java.util.UUID;
import org.junit.Test;
public class JU_Approval {
-
- Approval approval;
- UUID id;
- UUID ticket;
- Date date;
-
- @Before
- public void setUp() {
- id = new UUID(0, 0);
- ticket = new UUID(0, 0);
- date = new Date();
-
- approval = new Approval(id, ticket, "approver", date,
- "user", "memo", "operation", "status", "type", 100l);
- }
+
+ Approval approval;
+ UUID id;
+ UUID ticket;
+ Date date;
+
+ @Before
+ public void setUp() {
+ id = new UUID(0, 0);
+ ticket = new UUID(0, 0);
+ date = new Date();
+
+ approval = new Approval(id, ticket, "approver", date,
+ "user", "memo", "operation", "status", "type", 100l);
+ }
- @Test
- public void testRoleFromMemo() {
- Assert.assertNull(approval.roleFromMemo(null));
- Assert.assertEquals(".admin", approval.roleFromMemo("Re-Validate as Administrator for AAF Namespace '\'test\'test"));
- Assert.assertEquals(".owner", approval.roleFromMemo("Re-Validate Ownership for AAF Namespace '\'test\'test"));
- Assert.assertEquals("", approval.roleFromMemo("Re-Approval in Role '\'test\'test"));
- }
-
- @Test
- public void testExpunge() {
- approval.expunge();
- }
-
- @Test
- public void testGetLast_notified() {
- Assert.assertTrue(approval.getLast_notified()instanceof Date);
- }
-
- @Test
- public void testSetLastNotified() {
- approval.setLastNotified(date);
- }
-
- @Test
- public void testGetStatus() {
- Assert.assertEquals("status", approval.getStatus());
- }
-
- @Test
- public void testSetStatus() {
- approval.setStatus("status");
- }
-
- @Test
- public void testGetId() {
- Assert.assertTrue(approval.getId() instanceof UUID);
- }
-
- @Test
- public void testGetTicket() {
- Assert.assertTrue(approval.getTicket() instanceof UUID);
- }
-
- @Test
- public void testGetMemo() {
- Assert.assertEquals("memo", approval.getMemo());
- }
-
- @Test
- public void testGetOperation() {
- Assert.assertEquals("operation", approval.getOperation());
- }
-
- @Test
- public void testGetType() {
- Assert.assertEquals("type", approval.getType());
- }
-
- @Test
- public void testLapsed() {
- approval.lapsed();
- }
-
- @Test
- public void testGetRole() {
- Assert.assertNull(approval.getRole());
- }
-
- @Test
- public void testToString() {
- Assert.assertEquals("user memo", approval.toString());
- }
-
- @Test
- public void testResetLocalData() {
- approval.resetLocalData();
- }
-
- @Test
- public void testSizeForDeletion() {
- Assert.assertEquals(0, approval.sizeForDeletion());
- }
-
- @Test
- public void testPendingDelete() {
- Assert.assertFalse(approval.pendingDelete(approval));
- }
-
- @Test
- public void testDelayDelete() {
- AuthzTrans trans = mock(AuthzTrans.class);
- ApprovalDAO dao = mock(ApprovalDAO.class);
- List<Approval> list = null;
- approval.delayDelete(trans, dao, true, list, "text");
- }
+ @Test
+ public void testRoleFromMemo() {
+ Assert.assertNull(approval.roleFromMemo(null));
+ Assert.assertEquals(".admin", approval.roleFromMemo("Re-Validate as Administrator for AAF Namespace '\'test\'test"));
+ Assert.assertEquals(".owner", approval.roleFromMemo("Re-Validate Ownership for AAF Namespace '\'test\'test"));
+ Assert.assertEquals("", approval.roleFromMemo("Re-Approval in Role '\'test\'test"));
+ }
+
+ @Test
+ public void testExpunge() {
+ approval.expunge();
+ }
+
+ @Test
+ public void testGetLast_notified() {
+ Assert.assertTrue(approval.getLast_notified()instanceof Date);
+ }
+
+ @Test
+ public void testSetLastNotified() {
+ approval.setLastNotified(date);
+ }
+
+ @Test
+ public void testGetStatus() {
+ Assert.assertEquals("status", approval.getStatus());
+ }
+
+ @Test
+ public void testSetStatus() {
+ approval.setStatus("status");
+ }
+
+ @Test
+ public void testGetId() {
+ Assert.assertTrue(approval.getId() instanceof UUID);
+ }
+
+ @Test
+ public void testGetTicket() {
+ Assert.assertTrue(approval.getTicket() instanceof UUID);
+ }
+
+ @Test
+ public void testGetMemo() {
+ Assert.assertEquals("memo", approval.getMemo());
+ }
+
+ @Test
+ public void testGetOperation() {
+ Assert.assertEquals("operation", approval.getOperation());
+ }
+
+ @Test
+ public void testGetType() {
+ Assert.assertEquals("type", approval.getType());
+ }
+
+ @Test
+ public void testLapsed() {
+ approval.lapsed();
+ }
+
+ @Test
+ public void testGetRole() {
+ Assert.assertNull(approval.getRole());
+ }
+
+ @Test
+ public void testToString() {
+ Assert.assertEquals("user memo", approval.toString());
+ }
+
+ @Test
+ public void testResetLocalData() {
+ approval.resetLocalData();
+ }
+
+ @Test
+ public void testSizeForDeletion() {
+ Assert.assertEquals(0, approval.sizeForDeletion());
+ }
+
+ @Test
+ public void testPendingDelete() {
+ Assert.assertFalse(approval.pendingDelete(approval));
+ }
+
+ @Test
+ public void testDelayDelete() {
+ AuthzTrans trans = mock(AuthzTrans.class);
+ ApprovalDAO dao = mock(ApprovalDAO.class);
+ List<Approval> list = null;
+ approval.delayDelete(trans, dao, true, list, "text");
+ }
}
diff --git a/auth/auth-batch/src/test/java/org/onap/aaf/auth/helpers/test/JU_Approver.java b/auth/auth-batch/src/test/java/org/onap/aaf/auth/helpers/test/JU_Approver.java
index 37882527..b4ae1213 100644
--- a/auth/auth-batch/src/test/java/org/onap/aaf/auth/helpers/test/JU_Approver.java
+++ b/auth/auth-batch/src/test/java/org/onap/aaf/auth/helpers/test/JU_Approver.java
@@ -36,30 +36,30 @@ import org.junit.Test;
public class JU_Approver {
- Approver approver;
- Organization org;
- Message msg;
-
- @Before
- public void setUp() {
- org = mock(Organization.class);
- approver = new Approver("approver", org);
- msg = new Message();
- }
-
- @Test
- public void testAddRequest() {
- approver.addRequest("user");
- approver.addRequest("user");
- }
-
- @Test
- public void testBuild() {
- approver.addRequest("user");
- approver.addRequest("user1");
- approver.addRequest("user2");
- approver.addRequest("user3");
- approver.build(msg);
- }
+ Approver approver;
+ Organization org;
+ Message msg;
+
+ @Before
+ public void setUp() {
+ org = mock(Organization.class);
+ approver = new Approver("approver", org);
+ msg = new Message();
+ }
+
+ @Test
+ public void testAddRequest() {
+ approver.addRequest("user");
+ approver.addRequest("user");
+ }
+
+ @Test
+ public void testBuild() {
+ approver.addRequest("user");
+ approver.addRequest("user1");
+ approver.addRequest("user2");
+ approver.addRequest("user3");
+ approver.build(msg);
+ }
}
diff --git a/auth/auth-batch/src/test/java/org/onap/aaf/auth/helpers/test/JU_CacheChange.java b/auth/auth-batch/src/test/java/org/onap/aaf/auth/helpers/test/JU_CacheChange.java
index c029be13..fc934e6c 100644
--- a/auth/auth-batch/src/test/java/org/onap/aaf/auth/helpers/test/JU_CacheChange.java
+++ b/auth/auth-batch/src/test/java/org/onap/aaf/auth/helpers/test/JU_CacheChange.java
@@ -39,42 +39,42 @@ import org.junit.Test;
public class JU_CacheChange {
- CacheChange cc;
-
-
- @Before
- public void setUp() {
- cc = new CacheChange();
- }
-
- @Test
- public void testDelayedDelete() {
- cc.delayedDelete(null);
- }
+ CacheChange cc;
+
+
+ @Before
+ public void setUp() {
+ cc = new CacheChange();
+ }
+
+ @Test
+ public void testDelayedDelete() {
+ cc.delayedDelete(null);
+ }
- @Test
- public void testGetRemoved() {
- List list = cc.getRemoved();
- Assert.assertNotNull(list);
- }
-
- @Test
- public void testResetLocalData() {
- cc.resetLocalData();
- }
-
- @Test
- public void testCacheSize() {
- int size;
- size = cc.cacheSize();
- Assert.assertEquals(0, size);
- }
-
- @Test
- public void testContains() {
- boolean containsBools;
- containsBools = cc.contains(null);
- Assert.assertEquals(false, containsBools);
- }
+ @Test
+ public void testGetRemoved() {
+ List list = cc.getRemoved();
+ Assert.assertNotNull(list);
+ }
+
+ @Test
+ public void testResetLocalData() {
+ cc.resetLocalData();
+ }
+
+ @Test
+ public void testCacheSize() {
+ int size;
+ size = cc.cacheSize();
+ Assert.assertEquals(0, size);
+ }
+
+ @Test
+ public void testContains() {
+ boolean containsBools;
+ containsBools = cc.contains(null);
+ Assert.assertEquals(false, containsBools);
+ }
}
diff --git a/auth/auth-batch/src/test/java/org/onap/aaf/auth/helpers/test/JU_Creator.java b/auth/auth-batch/src/test/java/org/onap/aaf/auth/helpers/test/JU_Creator.java
index f07aa820..ad4d2022 100644
--- a/auth/auth-batch/src/test/java/org/onap/aaf/auth/helpers/test/JU_Creator.java
+++ b/auth/auth-batch/src/test/java/org/onap/aaf/auth/helpers/test/JU_Creator.java
@@ -38,35 +38,35 @@ import static org.mockito.Mockito.*;
import org.junit.Test;
public class JU_Creator {
-
- CreatorStub creatorStub;
+
+ CreatorStub creatorStub;
- private class CreatorStub extends Creator{
+ private class CreatorStub extends Creator{
- @Override
- public Object create(Row row) {
- // TODO Auto-generated method stub
- return null;
- }
+ @Override
+ public Object create(Row row) {
+ // TODO Auto-generated method stub
+ return null;
+ }
- @Override
- public String select() {
- // TODO Auto-generated method stub
- return "Select"; //Changed from null to Select
- }
-
- }
-
- @Before
- public void setUp() {
- creatorStub = new CreatorStub();
- }
-
- @Test
- public void testQuery() {
- creatorStub.select();
- Assert.assertEquals("Select WHERE test;", creatorStub.query("test"));
- Assert.assertEquals("Select;", creatorStub.query(null));
- }
+ @Override
+ public String select() {
+ // TODO Auto-generated method stub
+ return "Select"; //Changed from null to Select
+ }
+
+ }
+
+ @Before
+ public void setUp() {
+ creatorStub = new CreatorStub();
+ }
+
+ @Test
+ public void testQuery() {
+ creatorStub.select();
+ Assert.assertEquals("Select WHERE test;", creatorStub.query("test"));
+ Assert.assertEquals("Select;", creatorStub.query(null));
+ }
}
diff --git a/auth/auth-batch/src/test/java/org/onap/aaf/auth/helpers/test/JU_Cred.java b/auth/auth-batch/src/test/java/org/onap/aaf/auth/helpers/test/JU_Cred.java
index ad7fbe0c..35a63059 100644
--- a/auth/auth-batch/src/test/java/org/onap/aaf/auth/helpers/test/JU_Cred.java
+++ b/auth/auth-batch/src/test/java/org/onap/aaf/auth/helpers/test/JU_Cred.java
@@ -50,93 +50,93 @@ import java.util.Date;
import org.junit.Test;
public class JU_Cred {
-
- private ByteArrayOutputStream outStream;
- private ByteArrayOutputStream errStream;
- Cred cred;
- Instance instance;
- Date date;
- Integer integer;
- PropAccess prop;
- Define define = new Define();
- Trans trans;
- Session session;
- CredCount cc;
+
+ private ByteArrayOutputStream outStream;
+ private ByteArrayOutputStream errStream;
+ Cred cred;
+ Instance instance;
+ Date date;
+ Integer integer;
+ PropAccess prop;
+ Define define = new Define();
+ Trans trans;
+ Session session;
+ CredCount cc;
- @Before
- public void setUp() throws CadiException {
- outStream = new ByteArrayOutputStream();
- errStream = new ByteArrayOutputStream();
- System.setOut(new PrintStream(outStream));
- System.setErr(new PrintStream(errStream));
- date = new Date();
- integer = new Integer(20);
- trans = mock(Trans.class);
- session = mock(Session.class);
- cc = new CredCount(3);
- prop = new PropAccess();
- prop.setProperty(Config.AAF_ROOT_NS, "org.onap.aaf");
- prop.setProperty(Config.AAF_ROOT_COMPANY,"test");
- define.set(prop);
-
- instance = new Instance(12, date, integer, 125642678910L);
- cred = new Cred("myid1234@aaf.att.com");
- }
-
- @Test
- public void testLast() { //TODO: set instances
- Assert.assertNull(cred.last(null));
- }
-
- @Test
- public void testTypes() { //TODO: set instances
- Assert.assertNotNull(cred.types());
- }
-
- @Test
- public void testCount() { //TODO: set instances
- Assert.assertNotNull(cred.count(3));
- }
-
- @Test
- public void testToString() { //TODO: set instances
- Assert.assertEquals("myid1234@aaf.att.com[]", cred.toString());
- }
-
- @Test
- public void testHashCode() { //TODO: set instances
- Assert.assertEquals(-1619358251, cred.hashCode());
- }
-
- @Test
- public void testEquals() { //TODO: set instances
- Assert.assertEquals(true, cred.equals("myid1234@aaf.att.com"));
- }
-
- @Test
- public void testInc() {
- Date begin = new Date(date.getTime() - 10);
- Date after = new Date(date.getTime() + 10);
- cc.inc(-1, begin, after);
- cc.inc(1, begin, after);
- cc.inc(2, begin, after);
- cc.inc(200, begin, after);
- }
-
- @Test
- public void testAuthCount() { //TODO: set instances
- Assert.assertEquals(0, cc.authCount(1));
- }
-
- @Test
- public void testX509Count() { //TODO: set instances
- Assert.assertEquals(0, cc.x509Count(0));
- }
-
- @After
- public void cleanUp() {
- System.setErr(System.err);
- System.setOut(System.out);
- }
+ @Before
+ public void setUp() throws CadiException {
+ outStream = new ByteArrayOutputStream();
+ errStream = new ByteArrayOutputStream();
+ System.setOut(new PrintStream(outStream));
+ System.setErr(new PrintStream(errStream));
+ date = new Date();
+ integer = new Integer(20);
+ trans = mock(Trans.class);
+ session = mock(Session.class);
+ cc = new CredCount(3);
+ prop = new PropAccess();
+ prop.setProperty(Config.AAF_ROOT_NS, "org.onap.aaf");
+ prop.setProperty(Config.AAF_ROOT_COMPANY,"test");
+ define.set(prop);
+
+ instance = new Instance(12, date, integer, 125642678910L);
+ cred = new Cred("myid1234@aaf.att.com");
+ }
+
+ @Test
+ public void testLast() { //TODO: set instances
+ Assert.assertNull(cred.last(null));
+ }
+
+ @Test
+ public void testTypes() { //TODO: set instances
+ Assert.assertNotNull(cred.types());
+ }
+
+ @Test
+ public void testCount() { //TODO: set instances
+ Assert.assertNotNull(cred.count(3));
+ }
+
+ @Test
+ public void testToString() { //TODO: set instances
+ Assert.assertEquals("myid1234@aaf.att.com[]", cred.toString());
+ }
+
+ @Test
+ public void testHashCode() { //TODO: set instances
+ Assert.assertEquals(-1619358251, cred.hashCode());
+ }
+
+ @Test
+ public void testEquals() { //TODO: set instances
+ Assert.assertEquals(true, cred.equals("myid1234@aaf.att.com"));
+ }
+
+ @Test
+ public void testInc() {
+ Date begin = new Date(date.getTime() - 10);
+ Date after = new Date(date.getTime() + 10);
+ cc.inc(-1, begin, after);
+ cc.inc(1, begin, after);
+ cc.inc(2, begin, after);
+ cc.inc(200, begin, after);
+ }
+
+ @Test
+ public void testAuthCount() { //TODO: set instances
+ Assert.assertEquals(0, cc.authCount(1));
+ }
+
+ @Test
+ public void testX509Count() { //TODO: set instances
+ Assert.assertEquals(0, cc.x509Count(0));
+ }
+
+ @After
+ public void cleanUp() {
+ System.setErr(System.err);
+ System.setOut(System.out);
+ }
}
diff --git a/auth/auth-batch/src/test/java/org/onap/aaf/auth/helpers/test/JU_Future.java b/auth/auth-batch/src/test/java/org/onap/aaf/auth/helpers/test/JU_Future.java
index 9d47c138..a3aef1c9 100644
--- a/auth/auth-batch/src/test/java/org/onap/aaf/auth/helpers/test/JU_Future.java
+++ b/auth/auth-batch/src/test/java/org/onap/aaf/auth/helpers/test/JU_Future.java
@@ -39,70 +39,70 @@ import java.util.UUID;
import org.junit.Test;
public class JU_Future {
-
- Future future;
- Date start;
- Date expires;
- ByteBuffer bBuff;
-
- @Before
- public void setUp() {
- UUID id = new UUID(0, 0);
- start = new Date();
- expires = new Date();
- future = new Future(id, "Re-Validate Ownership for AAF Namespace '\'test\'test","target",start, expires, bBuff);
- }
+
+ Future future;
+ Date start;
+ Date expires;
+ ByteBuffer bBuff;
+
+ @Before
+ public void setUp() {
+ UUID id = new UUID(0, 0);
+ start = new Date();
+ expires = new Date();
+ future = new Future(id, "Re-Validate Ownership for AAF Namespace '\'test\'test","target",start, expires, bBuff);
+ }
- @Test
- public void testId() {
- Assert.assertTrue(future.id() instanceof UUID);
- }
-
- @Test
- public void testMemo() {
- Assert.assertEquals("Re-Validate Ownership for AAF Namespace '\'test\'test", future.memo());
- }
-
- @Test
- public void testStart() {
- Assert.assertTrue(future.start() instanceof Date);
- }
-
- @Test
- public void testExpires() {
- Assert.assertTrue(future.expires() instanceof Date);
- }
-
- @Test
- public void testTarget() {
- Assert.assertEquals("target",future.target());
- }
-
- @Test
- public void testExpunge() {
- future.expunge();
- }
-
- @Test
- public void testCompareTo() {
- future.compareTo(null);
- future.compareTo(future);
- }
-
- @Test
- public void testResetLocalData() {
- future.resetLocalData();
- }
-
- @Test
- public void testSizeForDeletion() {
- Assert.assertEquals(0, future.sizeForDeletion());
- }
-
- @Test
- public void testPendingDelete() {
- Assert.assertEquals(false, future.pendingDelete(future));
- }
-
+ @Test
+ public void testId() {
+ Assert.assertTrue(future.id() instanceof UUID);
+ }
+
+ @Test
+ public void testMemo() {
+ Assert.assertEquals("Re-Validate Ownership for AAF Namespace '\'test\'test", future.memo());
+ }
+
+ @Test
+ public void testStart() {
+ Assert.assertTrue(future.start() instanceof Date);
+ }
+
+ @Test
+ public void testExpires() {
+ Assert.assertTrue(future.expires() instanceof Date);
+ }
+
+ @Test
+ public void testTarget() {
+ Assert.assertEquals("target",future.target());
+ }
+
+ @Test
+ public void testExpunge() {
+ future.expunge();
+ }
+
+ @Test
+ public void testCompareTo() {
+ future.compareTo(null);
+ future.compareTo(future);
+ }
+
+ @Test
+ public void testResetLocalData() {
+ future.resetLocalData();
+ }
+
+ @Test
+ public void testSizeForDeletion() {
+ Assert.assertEquals(0, future.sizeForDeletion());
+ }
+
+ @Test
+ public void testPendingDelete() {
+ Assert.assertEquals(false, future.pendingDelete(future));
+ }
+
}
diff --git a/auth/auth-batch/src/test/java/org/onap/aaf/auth/helpers/test/JU_History.java b/auth/auth-batch/src/test/java/org/onap/aaf/auth/helpers/test/JU_History.java
index f617af9a..3346f229 100644
--- a/auth/auth-batch/src/test/java/org/onap/aaf/auth/helpers/test/JU_History.java
+++ b/auth/auth-batch/src/test/java/org/onap/aaf/auth/helpers/test/JU_History.java
@@ -38,31 +38,31 @@ import java.util.UUID;
import org.junit.Test;
public class JU_History {
-
- History history;
- History history1;
-
- @Before
- public void setUp() {
- UUID id = new UUID(0, 0);
- history = new History(id, "action", "memo", "subject", "target", "user", 5);
- history1 = new History(id, "action", "memo", "reconstruct", "subject", "target", "user", 5);
- }
+
+ History history;
+ History history1;
+
+ @Before
+ public void setUp() {
+ UUID id = new UUID(0, 0);
+ history = new History(id, "action", "memo", "subject", "target", "user", 5);
+ history1 = new History(id, "action", "memo", "reconstruct", "subject", "target", "user", 5);
+ }
- @Test
- public void testToString() {
- String result = "00000000-0000-0000-0000-000000000000 5 user, target, action, subject, memo";
- Assert.assertEquals(result, history.toString());
- }
-
- @Test
- public void testHashCode() {
- Assert.assertEquals(0, history.hashCode());
- }
-
- @Test
- public void testEquals() {
- Assert.assertFalse(history.equals(history1));
- }
-
+ @Test
+ public void testToString() {
+ String result = "00000000-0000-0000-0000-000000000000 5 user, target, action, subject, memo";
+ Assert.assertEquals(result, history.toString());
+ }
+
+ @Test
+ public void testHashCode() {
+ Assert.assertEquals(0, history.hashCode());
+ }
+
+ @Test
+ public void testEquals() {
+ Assert.assertFalse(history.equals(history1));
+ }
+
}
diff --git a/auth/auth-batch/src/test/java/org/onap/aaf/auth/helpers/test/JU_InputIterator.java b/auth/auth-batch/src/test/java/org/onap/aaf/auth/helpers/test/JU_InputIterator.java
index fbb0d23a..c0a9a3cd 100644
--- a/auth/auth-batch/src/test/java/org/onap/aaf/auth/helpers/test/JU_InputIterator.java
+++ b/auth/auth-batch/src/test/java/org/onap/aaf/auth/helpers/test/JU_InputIterator.java
@@ -44,33 +44,33 @@ import java.io.Reader;
import org.junit.Test;
public class JU_InputIterator {
-
- InputIterator inputIterator;
- File f;
- BufferedReader bReader;
- PrintStream pStream;
-
- @Before
- public void setUp() throws IOException {
- f = new File("file");
- f.createNewFile();
- bReader = new BufferedReader(new FileReader(f));
- pStream = new PrintStream(f);
- inputIterator = new InputIterator(bReader, pStream, "prompt", "instructions");
- }
+
+ InputIterator inputIterator;
+ File f;
+ BufferedReader bReader;
+ PrintStream pStream;
+
+ @Before
+ public void setUp() throws IOException {
+ f = new File("file");
+ f.createNewFile();
+ bReader = new BufferedReader(new FileReader(f));
+ pStream = new PrintStream(f);
+ inputIterator = new InputIterator(bReader, pStream, "prompt", "instructions");
+ }
- @Test
- public void test() {
- inputIterator.iterator();
- inputIterator.iterator().hasNext();
- inputIterator.iterator().next();
- inputIterator.iterator().remove();
- }
-
- @After
- public void cleanUp() {
- if(f.exists()) {
- f.delete();
- }
- }
+ @Test
+ public void test() {
+ inputIterator.iterator();
+ inputIterator.iterator().hasNext();
+ inputIterator.iterator().next();
+ inputIterator.iterator().remove();
+ }
+
+ @After
+ public void cleanUp() {
+ if(f.exists()) {
+ f.delete();
+ }
+ }
}
diff --git a/auth/auth-batch/src/test/java/org/onap/aaf/auth/helpers/test/JU_MiscID.java b/auth/auth-batch/src/test/java/org/onap/aaf/auth/helpers/test/JU_MiscID.java
index 816cda80..6f44b391 100644
--- a/auth/auth-batch/src/test/java/org/onap/aaf/auth/helpers/test/JU_MiscID.java
+++ b/auth/auth-batch/src/test/java/org/onap/aaf/auth/helpers/test/JU_MiscID.java
@@ -38,60 +38,60 @@ import static org.mockito.Mockito.*;
import org.junit.Test;
public class JU_MiscID {
-
- MiscID miscId;
-
- @Before
- public void setUp() {
- miscId = new MiscID();
- }
-
- @Test
- public void testRowSet() {
- Row row = mock(Row.class);
- miscId.set(row);
- }
-
- @Test
- public void testStringSet() throws BatchException {
- String[] strArr = {"id", "sponsor", "created", "renewal"};
- miscId.set(strArr);
- }
-
- @Test
- public void testHashcode() throws BatchException {
- String[] strArr = {"id", "sponsor", "created", "renewal"};
- miscId.set(strArr);
- Assert.assertEquals(3355, miscId.hashCode());
- }
-
- @Test
- public void testEquals() throws BatchException {
- String[] strArr = {"id", "sponsor", "created", "renewal"};
- miscId.set(strArr);
- Assert.assertFalse(miscId.equals("id"));
- Assert.assertTrue(miscId.equals(miscId));
- }
-
- @Test
- public void testInsertStmt() throws IllegalArgumentException, IllegalAccessException {
- String expected = "INSERT INTO authz.miscid (id,created,sponsor,renewal) VALUES ('null','null','null','null')";
- String result = miscId.insertStmt().toString();
- Assert.assertEquals(expected, result);
- }
-
- @Test
- public void testUpdateStmt() throws IllegalArgumentException, IllegalAccessException, BatchException {
- String expected = "UPDATE authz.miscid SET sponser='sponsor1',created='created1',renewal='renewal1' WHERE id='id'";
- String[] strArr = {"id", "sponsor", "created", "renewal"};
- miscId.set(strArr);
- MiscID miscId1 = new MiscID();
- String[] strArr1 = {"id", "sponsor1", "created1", "renewal1"};
- miscId1.set(strArr1);
- StringBuilder result = miscId.updateStmt(miscId1);
+
+ MiscID miscId;
+
+ @Before
+ public void setUp() {
+ miscId = new MiscID();
+ }
+
+ @Test
+ public void testRowSet() {
+ Row row = mock(Row.class);
+ miscId.set(row);
+ }
+
+ @Test
+ public void testStringSet() throws BatchException {
+ String[] strArr = {"id", "sponsor", "created", "renewal"};
+ miscId.set(strArr);
+ }
+
+ @Test
+ public void testHashcode() throws BatchException {
+ String[] strArr = {"id", "sponsor", "created", "renewal"};
+ miscId.set(strArr);
+ Assert.assertEquals(3355, miscId.hashCode());
+ }
+
+ @Test
+ public void testEquals() throws BatchException {
+ String[] strArr = {"id", "sponsor", "created", "renewal"};
+ miscId.set(strArr);
+ Assert.assertFalse(miscId.equals("id"));
+ Assert.assertTrue(miscId.equals(miscId));
+ }
+
+ @Test
+ public void testInsertStmt() throws IllegalArgumentException, IllegalAccessException {
+ String expected = "INSERT INTO authz.miscid (id,created,sponsor,renewal) VALUES ('null','null','null','null')";
+ String result = miscId.insertStmt().toString();
+ Assert.assertEquals(expected, result);
+ }
+
+ @Test
+ public void testUpdateStmt() throws IllegalArgumentException, IllegalAccessException, BatchException {
+ String expected = "UPDATE authz.miscid SET sponser='sponsor1',created='created1',renewal='renewal1' WHERE id='id'";
+ String[] strArr = {"id", "sponsor", "created", "renewal"};
+ miscId.set(strArr);
+ MiscID miscId1 = new MiscID();
+ String[] strArr1 = {"id", "sponsor1", "created1", "renewal1"};
+ miscId1.set(strArr1);
+ StringBuilder result = miscId.updateStmt(miscId1);
- Assert.assertEquals(expected, result.toString());
- }
+ Assert.assertEquals(expected, result.toString());
+ }
}
diff --git a/auth/auth-batch/src/test/java/org/onap/aaf/auth/helpers/test/JU_MonthData.java b/auth/auth-batch/src/test/java/org/onap/aaf/auth/helpers/test/JU_MonthData.java
index 1fb9b248..cef81ded 100644
--- a/auth/auth-batch/src/test/java/org/onap/aaf/auth/helpers/test/JU_MonthData.java
+++ b/auth/auth-batch/src/test/java/org/onap/aaf/auth/helpers/test/JU_MonthData.java
@@ -42,64 +42,64 @@ import java.io.IOException;
import org.junit.Test;
public class JU_MonthData {
-
- File f;
- MonthData mData;
- Row row;
- BufferedWriter bw = null;
- FileWriter fw = null;
-
- @Before
- public void setUp() throws IOException {
- mData = new MonthData("env");
- row = new Row("target", 10,2,1);
- f = new File("Monthlyenv.dat");
- f.createNewFile();
- bw = new BufferedWriter(new FileWriter(f));
- bw.write("#test"+ "\n");
- bw.write("long,tester"+ "\n");
- bw.write("1,2,3,4,5"+ "\n");
- bw.close();
-
- mData = new MonthData("env");
- }
+
+ File f;
+ MonthData mData;
+ Row row;
+ BufferedWriter bw = null;
+ FileWriter fw = null;
+
+ @Before
+ public void setUp() throws IOException {
+ mData = new MonthData("env");
+ row = new Row("target", 10,2,1);
+ f = new File("Monthlyenv.dat");
+ f.createNewFile();
+ bw = new BufferedWriter(new FileWriter(f));
+ bw.write("#test"+ "\n");
+ bw.write("long,tester"+ "\n");
+ bw.write("1,2,3,4,5"+ "\n");
+ bw.close();
+
+ mData = new MonthData("env");
+ }
- @Test
- public void testAdd() {
- mData.add(2, "target", 10, 1, 1);
- }
-
- @Test
- public void testNotExists() {
- mData.notExists(2);
- }
-
- @Test
- public void testWrite() throws IOException {
- mData.write();
- }
-
- @Test
- public void testCompareTo() {
- Row testrow = new Row("testtar",1,1,1);
- Assert.assertEquals(-4, row.compareTo(testrow));
- Assert.assertEquals(0, row.compareTo(row));
- }
-
- @Test
- public void testToString() {
- Assert.assertEquals("target|10|1|2", row.toString());
- }
-
- @After
- public void cleanUp() {
- File g = new File("Monthlyenv.dat.bak");
- if(f.exists()) {
- f.delete();
- }
- if(g.exists()) {
- g.delete();
- }
- }
+ @Test
+ public void testAdd() {
+ mData.add(2, "target", 10, 1, 1);
+ }
+
+ @Test
+ public void testNotExists() {
+ mData.notExists(2);
+ }
+
+ @Test
+ public void testWrite() throws IOException {
+ mData.write();
+ }
+
+ @Test
+ public void testCompareTo() {
+ Row testrow = new Row("testtar",1,1,1);
+ Assert.assertEquals(-4, row.compareTo(testrow));
+ Assert.assertEquals(0, row.compareTo(row));
+ }
+
+ @Test
+ public void testToString() {
+ Assert.assertEquals("target|10|1|2", row.toString());
+ }
+
+ @After
+ public void cleanUp() {
+ File g = new File("Monthlyenv.dat.bak");
+ if(f.exists()) {
+ f.delete();
+ }
+ if(g.exists()) {
+ g.delete();
+ }
+ }
}
diff --git a/auth/auth-batch/src/test/java/org/onap/aaf/auth/helpers/test/JU_NS.java b/auth/auth-batch/src/test/java/org/onap/aaf/auth/helpers/test/JU_NS.java
index 32c8a122..ec158c41 100644
--- a/auth/auth-batch/src/test/java/org/onap/aaf/auth/helpers/test/JU_NS.java
+++ b/auth/auth-batch/src/test/java/org/onap/aaf/auth/helpers/test/JU_NS.java
@@ -36,44 +36,44 @@ import static org.mockito.Mockito.*;
import org.junit.Test;
public class JU_NS {
-
- NS ns;
- NSSplit nSSplit;
-
- @Before
- public void setUp() {
- ns = new NS("name", "description", "parent", 1, 1);
- nSSplit = new NSSplit("string",1);
- }
+
+ NS ns;
+ NSSplit nSSplit;
+
+ @Before
+ public void setUp() {
+ ns = new NS("name", "description", "parent", 1, 1);
+ nSSplit = new NSSplit("string",1);
+ }
- @Test
- public void testToString() {
- Assert.assertEquals("name", ns.toString());
- }
-
- @Test
- public void testHashCode() {
- Assert.assertEquals(3373707, ns.hashCode());
- }
-
- @Test
- public void testEquals() {
- Assert.assertEquals(true, ns.equals("name"));
- Assert.assertEquals(false, ns.equals("name1"));
- }
-
- @Test
- public void testCompareTo() {
- NS nsValid = new NS("name", "description", "parent", 1, 1);
- Assert.assertEquals(0, ns.compareTo(nsValid));
-
- NS nsInvalid = new NS("name1", "description", "parent", 1, 1);
- Assert.assertEquals(-1, ns.compareTo(nsInvalid));
- }
-
- @Test
- public void testDeriveParent() {
- ns.deriveParent("d.ot.te.d");
- }
+ @Test
+ public void testToString() {
+ Assert.assertEquals("name", ns.toString());
+ }
+
+ @Test
+ public void testHashCode() {
+ Assert.assertEquals(3373707, ns.hashCode());
+ }
+
+ @Test
+ public void testEquals() {
+ Assert.assertEquals(true, ns.equals("name"));
+ Assert.assertEquals(false, ns.equals("name1"));
+ }
+
+ @Test
+ public void testCompareTo() {
+ NS nsValid = new NS("name", "description", "parent", 1, 1);
+ Assert.assertEquals(0, ns.compareTo(nsValid));
+
+ NS nsInvalid = new NS("name1", "description", "parent", 1, 1);
+ Assert.assertEquals(-1, ns.compareTo(nsInvalid));
+ }
+
+ @Test
+ public void testDeriveParent() {
+ ns.deriveParent("d.ot.te.d");
+ }
}
diff --git a/auth/auth-batch/src/test/java/org/onap/aaf/auth/helpers/test/JU_NsAttrib.java b/auth/auth-batch/src/test/java/org/onap/aaf/auth/helpers/test/JU_NsAttrib.java
index b9c09dd9..a566f8d1 100644
--- a/auth/auth-batch/src/test/java/org/onap/aaf/auth/helpers/test/JU_NsAttrib.java
+++ b/auth/auth-batch/src/test/java/org/onap/aaf/auth/helpers/test/JU_NsAttrib.java
@@ -39,17 +39,17 @@ import static org.mockito.Mockito.*;
import org.junit.Test;
public class JU_NsAttrib {
-
- NsAttrib nsAttrib;
-
- @Before
- public void setUp() {
- nsAttrib = new NsAttrib("ns", "key", "value");
- }
-
- @Test
- public void testToString() {
- Assert.assertEquals("\"ns\",\"key\",\"value\"", nsAttrib.toString());
- }
+
+ NsAttrib nsAttrib;
+
+ @Before
+ public void setUp() {
+ nsAttrib = new NsAttrib("ns", "key", "value");
+ }
+
+ @Test
+ public void testToString() {
+ Assert.assertEquals("\"ns\",\"key\",\"value\"", nsAttrib.toString());
+ }
}
diff --git a/auth/auth-batch/src/test/java/org/onap/aaf/auth/helpers/test/JU_Perm.java b/auth/auth-batch/src/test/java/org/onap/aaf/auth/helpers/test/JU_Perm.java
index 313eb978..0ccc77a2 100644
--- a/auth/auth-batch/src/test/java/org/onap/aaf/auth/helpers/test/JU_Perm.java
+++ b/auth/auth-batch/src/test/java/org/onap/aaf/auth/helpers/test/JU_Perm.java
@@ -39,60 +39,60 @@ import java.util.Set;
import org.junit.Test;
public class JU_Perm {
-
- Perm perm;
- Set set;
-
- @Before
- public void setUp() {
- set = new HashSet();
- perm = new Perm("ns","type", "instance", "action","description", set);
- }
+
+ Perm perm;
+ Set set;
+
+ @Before
+ public void setUp() {
+ set = new HashSet();
+ perm = new Perm("ns","type", "instance", "action","description", set);
+ }
- @Test
- public void testFullType() {
- Assert.assertEquals("ns.type", perm.fullType());
- }
-
- @Test
- public void testFullPerm() {
- Assert.assertEquals("ns.type|instance|action", perm.fullPerm());
- }
-
- @Test
- public void testEncode() {
- Assert.assertEquals("ns|type|instance|action", perm.encode());
- }
-
- @Test
- public void testHashCode() {
- Assert.assertEquals(850667666, perm.hashCode());
- }
-
- @Test
- public void testToString() {
- Assert.assertEquals("ns|type|instance|action", perm.toString());
- }
-
- @Test
- public void testEquals() {
- Perm perm1 = new Perm("ns","type", "instance", "action","description", set);
- Assert.assertEquals(false, perm.equals(perm1));
- }
-
- @Test
- public void testCompareTo() {
- Perm perm1 = new Perm("ns","type", "instance", "action","description", set);
- Perm perm2 = new Perm("ns1","type", "instance", "action","description", set);
-
- Assert.assertEquals(0, perm.compareTo(perm1));
- Assert.assertEquals(75, perm.compareTo(perm2));
- }
-
- @Test
- public void testStageRemove() {
- Perm perm1 = new Perm("ns","type", "instance", "action","description", set);
- perm.stageRemove(perm1);
- }
+ @Test
+ public void testFullType() {
+ Assert.assertEquals("ns.type", perm.fullType());
+ }
+
+ @Test
+ public void testFullPerm() {
+ Assert.assertEquals("ns.type|instance|action", perm.fullPerm());
+ }
+
+ @Test
+ public void testEncode() {
+ Assert.assertEquals("ns|type|instance|action", perm.encode());
+ }
+
+ @Test
+ public void testHashCode() {
+ Assert.assertEquals(850667666, perm.hashCode());
+ }
+
+ @Test
+ public void testToString() {
+ Assert.assertEquals("ns|type|instance|action", perm.toString());
+ }
+
+ @Test
+ public void testEquals() {
+ Perm perm1 = new Perm("ns","type", "instance", "action","description", set);
+ Assert.assertEquals(false, perm.equals(perm1));
+ }
+
+ @Test
+ public void testCompareTo() {
+ Perm perm1 = new Perm("ns","type", "instance", "action","description", set);
+ Perm perm2 = new Perm("ns1","type", "instance", "action","description", set);
+
+ Assert.assertEquals(0, perm.compareTo(perm1));
+ Assert.assertEquals(75, perm.compareTo(perm2));
+ }
+
+ @Test
+ public void testStageRemove() {
+ Perm perm1 = new Perm("ns","type", "instance", "action","description", set);
+ perm.stageRemove(perm1);
+ }
}
diff --git a/auth/auth-batch/src/test/java/org/onap/aaf/auth/helpers/test/JU_Role.java b/auth/auth-batch/src/test/java/org/onap/aaf/auth/helpers/test/JU_Role.java
index fcfbec11..3fd9f870 100644
--- a/auth/auth-batch/src/test/java/org/onap/aaf/auth/helpers/test/JU_Role.java
+++ b/auth/auth-batch/src/test/java/org/onap/aaf/auth/helpers/test/JU_Role.java
@@ -40,55 +40,55 @@ import java.util.Set;
import org.junit.Test;
public class JU_Role {
-
- Role shortRole;
- Role longRole;
- Set set;
-
- @Before
- public void setUp() {
- set = new HashSet();
- shortRole = new Role("full");
- longRole = new Role("ns", "name", "description", set);
- }
+
+ Role shortRole;
+ Role longRole;
+ Set set;
+
+ @Before
+ public void setUp() {
+ set = new HashSet();
+ shortRole = new Role("full");
+ longRole = new Role("ns", "name", "description", set);
+ }
- @Test
- public void testEncode() {
- Assert.assertEquals("ns|name", longRole.encode());
- }
-
- @Test
- public void testFullName() {
- Assert.assertEquals("ns.name", longRole.fullName());
- Assert.assertEquals("full", shortRole.fullName());
-
- longRole.fullName("test");
- }
-
- @Test
- public void testToString() {
- Assert.assertEquals("ns|name", longRole.toString());
- }
-
- @Test
- public void testHashCode() {
- Assert.assertEquals(-2043567518, longRole.hashCode());
- }
-
- @Test
- public void testEquals() {
- Assert.assertEquals(false, longRole.equals(longRole));
- }
-
- @Test
- public void testCompareTo() {
- Assert.assertEquals(-14, longRole.compareTo(shortRole));
- Assert.assertEquals(14, shortRole.compareTo(longRole));
- }
-
- @Test
- public void testStageRemove() {
- longRole.stageRemove(shortRole);
- }
+ @Test
+ public void testEncode() {
+ Assert.assertEquals("ns|name", longRole.encode());
+ }
+
+ @Test
+ public void testFullName() {
+ Assert.assertEquals("ns.name", longRole.fullName());
+ Assert.assertEquals("full", shortRole.fullName());
+
+ longRole.fullName("test");
+ }
+
+ @Test
+ public void testToString() {
+ Assert.assertEquals("ns|name", longRole.toString());
+ }
+
+ @Test
+ public void testHashCode() {
+ Assert.assertEquals(-2043567518, longRole.hashCode());
+ }
+
+ @Test
+ public void testEquals() {
+ Assert.assertEquals(false, longRole.equals(longRole));
+ }
+
+ @Test
+ public void testCompareTo() {
+ Assert.assertEquals(-14, longRole.compareTo(shortRole));
+ Assert.assertEquals(14, shortRole.compareTo(longRole));
+ }
+
+ @Test
+ public void testStageRemove() {
+ longRole.stageRemove(shortRole);
+ }
}
diff --git a/auth/auth-batch/src/test/java/org/onap/aaf/auth/helpers/test/JU_UserRole.java b/auth/auth-batch/src/test/java/org/onap/aaf/auth/helpers/test/JU_UserRole.java
index ec94d7fc..b6ba7d48 100644
--- a/auth/auth-batch/src/test/java/org/onap/aaf/auth/helpers/test/JU_UserRole.java
+++ b/auth/auth-batch/src/test/java/org/onap/aaf/auth/helpers/test/JU_UserRole.java
@@ -42,105 +42,105 @@ import java.util.Date;
import org.junit.Test;
public class JU_UserRole {
-
- UserRole userRole;
- UserRole userRole1;
- Date date;
- PrintStream ds;
-
- @Before
- public void setUp() {
- date = new Date();
- userRole = new UserRole("user", "ns", "rname", date);
- userRole = new UserRole("user", "role", "ns", "rname", date);
- }
+
+ UserRole userRole;
+ UserRole userRole1;
+ Date date;
+ PrintStream ds;
+
+ @Before
+ public void setUp() {
+ date = new Date();
+ userRole = new UserRole("user", "ns", "rname", date);
+ userRole = new UserRole("user", "role", "ns", "rname", date);
+ }
- @Test
- public void testTotalLoaded() {
- Assert.assertEquals(0, userRole.totalLoaded());
- }
-
- @Test
- public void testDeleted() {
- Assert.assertEquals(0, userRole.deleted());
- }
-
- @Test
- public void testExpunge() {
- userRole.expunge();
- }
-
- @Test
- public void testSetDeleteStream() {
- userRole.setDeleteStream(ds);
- }
-
- @Test
- public void testSetRecoverStream() {
- userRole.setRecoverStream(ds);
- }
-
- @Test
- public void testUrdd() {
- Assert.assertTrue(userRole.urdd() instanceof UserRoleDAO.Data);
- }
-
- @Test
- public void testUser() {
- Assert.assertEquals("user", userRole.user());
- }
-
- @Test
- public void testRole() {
- Assert.assertEquals("role", userRole.role());
- }
-
- @Test
- public void testNs() {
- Assert.assertEquals("ns", userRole.ns());
- }
-
- @Test
- public void testRName() {
- Assert.assertEquals("rname", userRole.rname());
- }
-
- @Test
- public void testExpires() {
- Assert.assertEquals(date, userRole.expires());
- userRole.expires(date);
- }
-
- @Test
- public void testToString() {
- Assert.assertTrue(userRole.toString() instanceof String);
- }
-
- @Test
- public void testGet() {
- userRole.get("u", "r");
- }
-
- @Test
- public void testResetLocalData() {
- userRole.resetLocalData();
- }
-
- @Test
- public void testSizeForDeletion() {
- Assert.assertEquals(0, userRole.sizeForDeletion());
- }
-
- @Test
- public void testPendingDelete() {
- Assert.assertFalse(userRole.pendingDelete(userRole));
- }
-
- @Test
- public void testActuateDeletionNow() {
- AuthzTrans trans = mock(AuthzTrans.class);
- URDelete urd = mock(URDelete.class);
- userRole.actuateDeletionNow(trans,urd);
- }
+ @Test
+ public void testTotalLoaded() {
+ Assert.assertEquals(0, userRole.totalLoaded());
+ }
+
+ @Test
+ public void testDeleted() {
+ Assert.assertEquals(0, userRole.deleted());
+ }
+
+ @Test
+ public void testExpunge() {
+ userRole.expunge();
+ }
+
+ @Test
+ public void testSetDeleteStream() {
+ userRole.setDeleteStream(ds);
+ }
+
+ @Test
+ public void testSetRecoverStream() {
+ userRole.setRecoverStream(ds);
+ }
+
+ @Test
+ public void testUrdd() {
+ Assert.assertTrue(userRole.urdd() instanceof UserRoleDAO.Data);
+ }
+
+ @Test
+ public void testUser() {
+ Assert.assertEquals("user", userRole.user());
+ }
+
+ @Test
+ public void testRole() {
+ Assert.assertEquals("role", userRole.role());
+ }
+
+ @Test
+ public void testNs() {
+ Assert.assertEquals("ns", userRole.ns());
+ }
+
+ @Test
+ public void testRName() {
+ Assert.assertEquals("rname", userRole.rname());
+ }
+
+ @Test
+ public void testExpires() {
+ Assert.assertEquals(date, userRole.expires());
+ userRole.expires(date);
+ }
+
+ @Test
+ public void testToString() {
+ Assert.assertTrue(userRole.toString() instanceof String);
+ }
+
+ @Test
+ public void testGet() {
+ userRole.get("u", "r");
+ }
+
+ @Test
+ public void testResetLocalData() {
+ userRole.resetLocalData();
+ }
+
+ @Test
+ public void testSizeForDeletion() {
+ Assert.assertEquals(0, userRole.sizeForDeletion());
+ }
+
+ @Test
+ public void testPendingDelete() {
+ Assert.assertFalse(userRole.pendingDelete(userRole));
+ }
+
+ @Test
+ public void testActuateDeletionNow() {
+ AuthzTrans trans = mock(AuthzTrans.class);
+ URDelete urd = mock(URDelete.class);
+ userRole.actuateDeletionNow(trans,urd);
+ }
}
diff --git a/auth/auth-batch/src/test/java/org/onap/aaf/auth/test/JU_Batch.java b/auth/auth-batch/src/test/java/org/onap/aaf/auth/test/JU_Batch.java
index 752b98b7..5394c323 100644
--- a/auth/auth-batch/src/test/java/org/onap/aaf/auth/test/JU_Batch.java
+++ b/auth/auth-batch/src/test/java/org/onap/aaf/auth/test/JU_Batch.java
@@ -46,47 +46,47 @@ import org.junit.Test;
public class JU_Batch {
- AuthzEnv env;
- Batch batch;
-
- private class BatchStub extends Batch {
+ AuthzEnv env;
+ Batch batch;
+
+ private class BatchStub extends Batch {
- protected BatchStub(AuthzEnv env) throws APIException, IOException, OrganizationException {
- super(env);
- // TODO Auto-generated constructor stub
- }
+ protected BatchStub(AuthzEnv env) throws APIException, IOException, OrganizationException {
+ super(env);
+ // TODO Auto-generated constructor stub
+ }
- @Override
- protected void run(AuthzTrans trans) {
- // TODO Auto-generated method stub
-
- }
+ @Override
+ protected void run(AuthzTrans trans) {
+ // TODO Auto-generated method stub
+
+ }
- @Override
- protected void _close(AuthzTrans trans) {
- // TODO Auto-generated method stub
-
- }
+ @Override
+ protected void _close(AuthzTrans trans) {
+ // TODO Auto-generated method stub
+
+ }
- }
-
- @Before
- public void setUp() throws OrganizationException {
- env = new AuthzEnv();
- env.access().setProperty(Config.CADI_LATITUDE, "38.550674");
- env.access().setProperty(Config.CADI_LONGITUDE, "-90.146942");
- env.setProperty("DRY_RUN", "test");
- env.setProperty("Organization.@aaf.com", "test");
- //env.setProperty("Organization.com.@aaf", "java.lang.Integer");
- env.setProperty("Organization.com.@aaf", "org.onap.aaf.auth.org.Organization");
- env.setProperty("CASS_ENV", "test");
- env.setProperty("test.VERSION", "test.VERSION");
- }
-
- @Test
- public void testIsSpecial() throws APIException, IOException, OrganizationException {
- //BatchStub bStub = new BatchStub(env);
- //bStub.isSpecial("user");
- }
+ }
+
+ @Before
+ public void setUp() throws OrganizationException {
+ env = new AuthzEnv();
+ env.access().setProperty(Config.CADI_LATITUDE, "38.550674");
+ env.access().setProperty(Config.CADI_LONGITUDE, "-90.146942");
+ env.setProperty("DRY_RUN", "test");
+ env.setProperty("Organization.@aaf.com", "test");
+ //env.setProperty("Organization.com.@aaf", "java.lang.Integer");
+ env.setProperty("Organization.com.@aaf", "org.onap.aaf.auth.org.Organization");
+ env.setProperty("CASS_ENV", "test");
+ env.setProperty("test.VERSION", "test.VERSION");
+ }
+
+ @Test
+ public void testIsSpecial() throws APIException, IOException, OrganizationException {
+ //BatchStub bStub = new BatchStub(env);
+ //bStub.isSpecial("user");
+ }
}
diff --git a/auth/auth-batch/src/test/java/org/onap/aaf/auth/test/JU_BatchException.java b/auth/auth-batch/src/test/java/org/onap/aaf/auth/test/JU_BatchException.java
index 9b2f2db0..c56a76c8 100644
--- a/auth/auth-batch/src/test/java/org/onap/aaf/auth/test/JU_BatchException.java
+++ b/auth/auth-batch/src/test/java/org/onap/aaf/auth/test/JU_BatchException.java
@@ -35,25 +35,25 @@ import org.junit.Test;
public class JU_BatchException {
- BatchException bExcept1;
- BatchException bExcept2;
- BatchException bExcept3;
- BatchException bExcept4;
- BatchException bExcept5;
- Throwable throwable;
-
- @Before
- public void setUp() {
- throwable = new Throwable();
- }
-
- @Test
- public void testBatchException() {
- bExcept1 = new BatchException();
- bExcept2 = new BatchException("test");
- bExcept3 = new BatchException(throwable);
- bExcept4 = new BatchException("test", throwable);
- bExcept5 = new BatchException("test", throwable,true,true);
- }
+ BatchException bExcept1;
+ BatchException bExcept2;
+ BatchException bExcept3;
+ BatchException bExcept4;
+ BatchException bExcept5;
+ Throwable throwable;
+
+ @Before
+ public void setUp() {
+ throwable = new Throwable();
+ }
+
+ @Test
+ public void testBatchException() {
+ bExcept1 = new BatchException();
+ bExcept2 = new BatchException("test");
+ bExcept3 = new BatchException(throwable);
+ bExcept4 = new BatchException("test", throwable);
+ bExcept5 = new BatchException("test", throwable,true,true);
+ }
}
diff --git a/auth/auth-batch/src/test/java/org/onap/aaf/auth/test/JU_BatchPrincipal.java b/auth/auth-batch/src/test/java/org/onap/aaf/auth/test/JU_BatchPrincipal.java
index e3cd359f..6186df95 100644
--- a/auth/auth-batch/src/test/java/org/onap/aaf/auth/test/JU_BatchPrincipal.java
+++ b/auth/auth-batch/src/test/java/org/onap/aaf/auth/test/JU_BatchPrincipal.java
@@ -36,13 +36,13 @@ import org.junit.Test;
public class JU_BatchPrincipal {
- BatchPrincipal bPrincipal;
-
- @Test
- public void testBatchPrincipal() {
- bPrincipal = new BatchPrincipal("name");
- Assert.assertEquals("batch:name", bPrincipal.getName());
- Assert.assertEquals("Btch", bPrincipal.tag());
- }
+ BatchPrincipal bPrincipal;
+
+ @Test
+ public void testBatchPrincipal() {
+ bPrincipal = new BatchPrincipal("name");
+ Assert.assertEquals("batch:name", bPrincipal.getName());
+ Assert.assertEquals("Btch", bPrincipal.tag());
+ }
}
diff --git a/auth/auth-batch/src/test/java/org/onap/aaf/auth/test/JU_CassBatch.java b/auth/auth-batch/src/test/java/org/onap/aaf/auth/test/JU_CassBatch.java
index 0e7a4244..d1934a42 100644
--- a/auth/auth-batch/src/test/java/org/onap/aaf/auth/test/JU_CassBatch.java
+++ b/auth/auth-batch/src/test/java/org/onap/aaf/auth/test/JU_CassBatch.java
@@ -39,29 +39,29 @@ import java.io.IOException;
import org.junit.Test;
public class JU_CassBatch {
-
- AuthzTrans aTrans;
-
- private class CassBatchStub extends CassBatch {
+
+ AuthzTrans aTrans;
+
+ private class CassBatchStub extends CassBatch {
- protected CassBatchStub(AuthzTrans trans, String log4jName)
- throws APIException, IOException, OrganizationException {
- super(trans, log4jName);
- // TODO Auto-generated constructor stub
- }
+ protected CassBatchStub(AuthzTrans trans, String log4jName)
+ throws APIException, IOException, OrganizationException {
+ super(trans, log4jName);
+ // TODO Auto-generated constructor stub
+ }
- @Override
- protected void run(AuthzTrans trans) {
- // TODO Auto-generated method stub
-
- }
-
- }
-
- @Before
- public void setUp() throws APIException, IOException, OrganizationException {
- aTrans = mock(AuthzTrans.class);
- //CassBatchStub cassBatchStub = new CassBatchStub(aTrans,"log"); //Cannot do until Batch is understood
- }
+ @Override
+ protected void run(AuthzTrans trans) {
+ // TODO Auto-generated method stub
+
+ }
+
+ }
+
+ @Before
+ public void setUp() throws APIException, IOException, OrganizationException {
+ aTrans = mock(AuthzTrans.class);
+ //CassBatchStub cassBatchStub = new CassBatchStub(aTrans,"log"); //Cannot do until Batch is understood
+ }
}
diff --git a/auth/auth-cass/src/main/java/org/onap/aaf/auth/dao/AbsCassDAO.java b/auth/auth-cass/src/main/java/org/onap/aaf/auth/dao/AbsCassDAO.java
index b5a950d4..f24c7c9f 100644
--- a/auth/auth-cass/src/main/java/org/onap/aaf/auth/dao/AbsCassDAO.java
+++ b/auth/auth-cass/src/main/java/org/onap/aaf/auth/dao/AbsCassDAO.java
@@ -45,459 +45,459 @@ import com.datastax.driver.core.Session;
import com.datastax.driver.core.exceptions.DriverException;
public abstract class AbsCassDAO<TRANS extends TransStore,DATA> {
- protected static final char DOT = '.';
- protected static final char DOT_PLUS_ONE = '.'+1;
- protected static final String FIRST_CHAR = Character.toString((char)0);
- protected static final String LAST_CHAR = Character.toString((char)Character.MAX_VALUE);
- protected static final int FIELD_COMMAS = 0;
- protected static final int QUESTION_COMMAS = 1;
- protected static final int ASSIGNMENT_COMMAS = 2;
- protected static final int WHERE_ANDS = 3;
+ protected static final char DOT = '.';
+ protected static final char DOT_PLUS_ONE = '.'+1;
+ protected static final String FIRST_CHAR = Character.toString((char)0);
+ protected static final String LAST_CHAR = Character.toString((char)Character.MAX_VALUE);
+ protected static final int FIELD_COMMAS = 0;
+ protected static final int QUESTION_COMMAS = 1;
+ protected static final int ASSIGNMENT_COMMAS = 2;
+ protected static final int WHERE_ANDS = 3;
- private Cluster cluster;
- /*
- * From DataStax
- * com.datastax.driver.core.Session
- A session holds connections to a Cassandra cluster, allowing it to be queried. Each session maintains multiple connections to the cluster nodes,
- provides policies to choose which node to use for each query (round-robin on all nodes of the cluster by default), and handles retries for
- failed query (when it makes sense), etc...
- Session instances are thread-safe and usually a single instance is enough per application. However, a given session can only be set to one
- keyspace at a time, so one instance per keyspace is necessary.
- */
- private Session session;
- private final String keyspace;
- // If this is null, then we own session
- private final AbsCassDAO<TRANS,?> owningDAO;
- protected Class<DATA> dataClass;
- private final String name;
-// private static Slot sessionSlot; // not used since 2015
- private static final ArrayList<AbsCassDAO<? extends TransStore,?>.PSInfo> psinfos = new ArrayList<>();
- private static final List<Object> EMPTY = new ArrayList<>(0);
- private static final Deque<ResetRequest> resetDeque = new ConcurrentLinkedDeque<ResetRequest>();
- private static boolean resetTrigger = false;
- private static long nextAvailableReset = 0;
-
- public AbsCassDAO(TRANS trans, String name, Cluster cluster, String keyspace, Class<DATA> dataClass) {
- this.name = name;
- this.cluster = cluster;
- this.keyspace = keyspace;
- owningDAO = null; // we own session
- session = null;
- this.dataClass = dataClass;
- }
+ private Cluster cluster;
+ /*
+ * From DataStax
+ * com.datastax.driver.core.Session
+ A session holds connections to a Cassandra cluster, allowing it to be queried. Each session maintains multiple connections to the cluster nodes,
+ provides policies to choose which node to use for each query (round-robin on all nodes of the cluster by default), and handles retries for
+ failed query (when it makes sense), etc...
+ Session instances are thread-safe and usually a single instance is enough per application. However, a given session can only be set to one
+ keyspace at a time, so one instance per keyspace is necessary.
+ */
+ private Session session;
+ private final String keyspace;
+ // If this is null, then we own session
+ private final AbsCassDAO<TRANS,?> owningDAO;
+ protected Class<DATA> dataClass;
+ private final String name;
+// private static Slot sessionSlot; // not used since 2015
+ private static final ArrayList<AbsCassDAO<? extends TransStore,?>.PSInfo> psinfos = new ArrayList<>();
+ private static final List<Object> EMPTY = new ArrayList<>(0);
+ private static final Deque<ResetRequest> resetDeque = new ConcurrentLinkedDeque<ResetRequest>();
+ private static boolean resetTrigger = false;
+ private static long nextAvailableReset = 0;
+
+ public AbsCassDAO(TRANS trans, String name, Cluster cluster, String keyspace, Class<DATA> dataClass) {
+ this.name = name;
+ this.cluster = cluster;
+ this.keyspace = keyspace;
+ owningDAO = null; // we own session
+ session = null;
+ this.dataClass = dataClass;
+ }
- public AbsCassDAO(TRANS trans, String name, AbsCassDAO<TRANS,?> aDao, Class<DATA> dataClass) {
- this.name = name;
- cluster = aDao.cluster;
- keyspace = aDao.keyspace;
- session = null;
- // We do not own session
- owningDAO = aDao;
- this.dataClass = dataClass;
- }
-
+ public AbsCassDAO(TRANS trans, String name, AbsCassDAO<TRANS,?> aDao, Class<DATA> dataClass) {
+ this.name = name;
+ cluster = aDao.cluster;
+ keyspace = aDao.keyspace;
+ session = null;
+ // We do not own session
+ owningDAO = aDao;
+ this.dataClass = dataClass;
+ }
+
// Not used since 2015
-// public static void setSessionSlot(Slot slot) {
-// sessionSlot = slot;
-// }
+// public static void setSessionSlot(Slot slot) {
+// sessionSlot = slot;
+// }
- //Note: Lower case ON PURPOSE. These names used to create History Messages
- public enum CRUD {
- create,read,update,delete;
- }
+ //Note: Lower case ON PURPOSE. These names used to create History Messages
+ public enum CRUD {
+ create,read,update,delete;
+ }
- public class PSInfo {
- private PreparedStatement ps;
- private final int size;
- private final Loader<DATA> loader;
- private final CRUD crud; // Store CRUD, because it makes a difference in Object Order, see Loader
- private final String cql;
- private final ConsistencyLevel consistency;
+ public class PSInfo {
+ private PreparedStatement ps;
+ private final int size;
+ private final Loader<DATA> loader;
+ private final CRUD crud; // Store CRUD, because it makes a difference in Object Order, see Loader
+ private final String cql;
+ private final ConsistencyLevel consistency;
- /**
- * Create a PSInfo and create Prepared Statement
- *
- * @param trans
- * @param theCQL
- * @param loader
- */
- public PSInfo(TRANS trans, String theCQL, Loader<DATA> loader, ConsistencyLevel consistency) {
- this.loader = loader;
- this.consistency=consistency;
- psinfos.add(this);
+ /**
+ * Create a PSInfo and create Prepared Statement
+ *
+ * @param trans
+ * @param theCQL
+ * @param loader
+ */
+ public PSInfo(TRANS trans, String theCQL, Loader<DATA> loader, ConsistencyLevel consistency) {
+ this.loader = loader;
+ this.consistency=consistency;
+ psinfos.add(this);
- cql = theCQL.trim().toUpperCase();
- if(cql.startsWith("INSERT")) {
- crud = CRUD.create;
- } else if(cql.startsWith("UPDATE")) {
- crud = CRUD.update;
- } else if(cql.startsWith("DELETE")) {
- crud = CRUD.delete;
- } else {
- crud = CRUD.read;
- }
-
- int idx = 0, count=0;
- while((idx=cql.indexOf('?',idx))>=0) {
- ++idx;
- ++count;
- }
- size=count;
- }
-
- public synchronized void reset() {
- ps = null;
- }
-
- private synchronized BoundStatement ps(TransStore trans) throws APIException, IOException {
- /* From Datastax
- You should prepare only once, and cache the PreparedStatement in your application (it is thread-safe).
- If you call prepare multiple times with the same query string, the driver will log a warning.
- */
- if(ps==null) {
- TimeTaken tt = trans.start("Preparing PSInfo " + crud.toString().toUpperCase() + " on " + name,Env.SUB);
- try {
- ps = getSession(trans).prepare(cql);
- ps.setConsistencyLevel(consistency);
- } catch (DriverException e) {
- reportPerhapsReset(trans,e);
- throw e;
- } finally {
- tt.done();
- }
- }
- // BoundStatements are NOT threadsafe... need a new one each time.
- return new BoundStatement(ps);
- }
+ cql = theCQL.trim().toUpperCase();
+ if(cql.startsWith("INSERT")) {
+ crud = CRUD.create;
+ } else if(cql.startsWith("UPDATE")) {
+ crud = CRUD.update;
+ } else if(cql.startsWith("DELETE")) {
+ crud = CRUD.delete;
+ } else {
+ crud = CRUD.read;
+ }
+
+ int idx = 0, count=0;
+ while((idx=cql.indexOf('?',idx))>=0) {
+ ++idx;
+ ++count;
+ }
+ size=count;
+ }
+
+ public synchronized void reset() {
+ ps = null;
+ }
+
+ private synchronized BoundStatement ps(TransStore trans) throws APIException, IOException {
+ /* From Datastax
+ You should prepare only once, and cache the PreparedStatement in your application (it is thread-safe).
+ If you call prepare multiple times with the same query string, the driver will log a warning.
+ */
+ if(ps==null) {
+ TimeTaken tt = trans.start("Preparing PSInfo " + crud.toString().toUpperCase() + " on " + name,Env.SUB);
+ try {
+ ps = getSession(trans).prepare(cql);
+ ps.setConsistencyLevel(consistency);
+ } catch (DriverException e) {
+ reportPerhapsReset(trans,e);
+ throw e;
+ } finally {
+ tt.done();
+ }
+ }
+ // BoundStatements are NOT threadsafe... need a new one each time.
+ return new BoundStatement(ps);
+ }
- /**
- * Execute a Prepared Statement by extracting from DATA object
- *
- * @param trans
- * @param text
- * @param data
- * @return
- */
- public Result<ResultSetFuture> execAsync(TRANS trans, String text, DATA data) {
- TimeTaken tt = trans.start(text, Env.REMOTE);
- try {
- return Result.ok(getSession(trans).executeAsync(
- ps(trans).bind(loader.extract(data, size, crud))));
- } catch (DriverException | APIException | IOException e) {
- AbsCassDAO.this.reportPerhapsReset(trans,e);
- return Result.err(Status.ERR_Backend,"%s-%s executing %s",e.getClass().getName(),e.getMessage(), cql);
- } finally {
- tt.done();
- }
- }
+ /**
+ * Execute a Prepared Statement by extracting from DATA object
+ *
+ * @param trans
+ * @param text
+ * @param data
+ * @return
+ */
+ public Result<ResultSetFuture> execAsync(TRANS trans, String text, DATA data) {
+ TimeTaken tt = trans.start(text, Env.REMOTE);
+ try {
+ return Result.ok(getSession(trans).executeAsync(
+ ps(trans).bind(loader.extract(data, size, crud))));
+ } catch (DriverException | APIException | IOException e) {
+ AbsCassDAO.this.reportPerhapsReset(trans,e);
+ return Result.err(Status.ERR_Backend,"%s-%s executing %s",e.getClass().getName(),e.getMessage(), cql);
+ } finally {
+ tt.done();
+ }
+ }
- /**
- * Execute a Prepared Statement on Object[] key
- *
- * @param trans
- * @param text
- * @param objs
- * @return
- */
- public Result<ResultSetFuture> execAsync(TRANS trans, String text, Object ... objs) {
- TimeTaken tt = trans.start(text, Env.REMOTE);
- try {
- return Result.ok(getSession(trans).executeAsync(ps(trans).bind(objs)));
- } catch (DriverException | APIException | IOException e) {
- AbsCassDAO.this.reportPerhapsReset(trans,e);
- return Result.err(Status.ERR_Backend,"%s-%s executing %s",e.getClass().getName(),e.getMessage(), cql);
- } finally {
- tt.done();
- }
- }
-
- /*
- * Note:
- *
- */
+ /**
+ * Execute a Prepared Statement on Object[] key
+ *
+ * @param trans
+ * @param text
+ * @param objs
+ * @return
+ */
+ public Result<ResultSetFuture> execAsync(TRANS trans, String text, Object ... objs) {
+ TimeTaken tt = trans.start(text, Env.REMOTE);
+ try {
+ return Result.ok(getSession(trans).executeAsync(ps(trans).bind(objs)));
+ } catch (DriverException | APIException | IOException e) {
+ AbsCassDAO.this.reportPerhapsReset(trans,e);
+ return Result.err(Status.ERR_Backend,"%s-%s executing %s",e.getClass().getName(),e.getMessage(), cql);
+ } finally {
+ tt.done();
+ }
+ }
+
+ /*
+ * Note:
+ *
+ */
- /**
- * Execute a Prepared Statement by extracting from DATA object
- *
- * @param trans
- * @param text
- * @param data
- * @return
- */
- public Result<ResultSet> exec(TRANS trans, String text, DATA data) {
- TimeTaken tt = trans.start(text, Env.REMOTE);
- try {
- /*
- * "execute" (and executeAsync)
- * Executes the provided query.
- This method blocks until at least some result has been received from the database. However,
- for SELECT queries, it does not guarantee that the result has been received in full. But it
- does guarantee that some response has been received from the database, and in particular
- guarantee that if the request is invalid, an exception will be thrown by this method.
+ /**
+ * Execute a Prepared Statement by extracting from DATA object
+ *
+ * @param trans
+ * @param text
+ * @param data
+ * @return
+ */
+ public Result<ResultSet> exec(TRANS trans, String text, DATA data) {
+ TimeTaken tt = trans.start(text, Env.REMOTE);
+ try {
+ /*
+ * "execute" (and executeAsync)
+ * Executes the provided query.
+ This method blocks until at least some result has been received from the database. However,
+ for SELECT queries, it does not guarantee that the result has been received in full. But it
+ does guarantee that some response has been received from the database, and in particular
+ guarantee that if the request is invalid, an exception will be thrown by this method.
- Parameters:
- statement - the CQL query to execute (that can be any Statement).
- Returns:
- the result of the query. That result will never be null but can be empty (and will
- be for any non SELECT query).
- */
- return Result.ok(getSession(trans).execute(
- ps(trans).bind(loader.extract(data, size, crud))));
- } catch (DriverException | APIException | IOException e) {
- AbsCassDAO.this.reportPerhapsReset(trans,e);
- return Result.err(Status.ERR_Backend,"%s-%s executing %s",e.getClass().getName(),e.getMessage(), cql);
- } finally {
- tt.done();
- }
- }
+ Parameters:
+ statement - the CQL query to execute (that can be any Statement).
+ Returns:
+ the result of the query. That result will never be null but can be empty (and will
+ be for any non SELECT query).
+ */
+ return Result.ok(getSession(trans).execute(
+ ps(trans).bind(loader.extract(data, size, crud))));
+ } catch (DriverException | APIException | IOException e) {
+ AbsCassDAO.this.reportPerhapsReset(trans,e);
+ return Result.err(Status.ERR_Backend,"%s-%s executing %s",e.getClass().getName(),e.getMessage(), cql);
+ } finally {
+ tt.done();
+ }
+ }
- /**
- * Execute a Prepared Statement on Object[] key
- *
- * @param trans
- * @param text
- * @param objs
- * @return
- */
- public Result<ResultSet> exec(TRANS trans, String text, Object ... objs) {
- TimeTaken tt = trans.start(text, Env.REMOTE);
- try {
- return Result.ok(getSession(trans).execute(ps(trans).bind(objs)));
- } catch (DriverException | APIException | IOException e) {
- AbsCassDAO.this.reportPerhapsReset(trans,e);
- return Result.err(Status.ERR_Backend,"%s-%s executing %s",e.getClass().getName(),e.getMessage(), cql);
- } finally {
- tt.done();
- }
- }
+ /**
+ * Execute a Prepared Statement on Object[] key
+ *
+ * @param trans
+ * @param text
+ * @param objs
+ * @return
+ */
+ public Result<ResultSet> exec(TRANS trans, String text, Object ... objs) {
+ TimeTaken tt = trans.start(text, Env.REMOTE);
+ try {
+ return Result.ok(getSession(trans).execute(ps(trans).bind(objs)));
+ } catch (DriverException | APIException | IOException e) {
+ AbsCassDAO.this.reportPerhapsReset(trans,e);
+ return Result.err(Status.ERR_Backend,"%s-%s executing %s",e.getClass().getName(),e.getMessage(), cql);
+ } finally {
+ tt.done();
+ }
+ }
- /**
- * Read the Data from Cassandra given a Prepared Statement (defined by the
- * DAO Instance)
- *
- * This is common behavior among all DAOs.
- * @throws DAOException
- */
- public Result<List<DATA>> read(TRANS trans, String text, Object[] key) {
- TimeTaken tt = trans.start(text,Env.REMOTE);
-
- ResultSet rs;
- try {
- rs = getSession(trans).execute(key==null?ps(trans):ps(trans).bind(key));
-/// TEST CODE for Exception
-// boolean force = true;
-// if(force) {
-// Map<InetSocketAddress, Throwable> misa = new HashMap<>();
-// //misa.put(new InetSocketAddress(444),new Exception("no host was tried"));
-// misa.put(new InetSocketAddress(444),new Exception("Connection has been closed"));
-// throw new com.datastax.driver.core.exceptions.NoHostAvailableException(misa);
-//// throw new com.datastax.driver.core.exceptions.AuthenticationException(new InetSocketAddress(9999),"no host was tried");
-// }
+ /**
+ * Read the Data from Cassandra given a Prepared Statement (defined by the
+ * DAO Instance)
+ *
+ * This is common behavior among all DAOs.
+ * @throws DAOException
+ */
+ public Result<List<DATA>> read(TRANS trans, String text, Object[] key) {
+ TimeTaken tt = trans.start(text,Env.REMOTE);
+
+ ResultSet rs;
+ try {
+ rs = getSession(trans).execute(key==null?ps(trans):ps(trans).bind(key));
+/// TEST CODE for Exception
+// boolean force = true;
+// if(force) {
+// Map<InetSocketAddress, Throwable> misa = new HashMap<>();
+// //misa.put(new InetSocketAddress(444),new Exception("no host was tried"));
+// misa.put(new InetSocketAddress(444),new Exception("Connection has been closed"));
+// throw new com.datastax.driver.core.exceptions.NoHostAvailableException(misa);
+//// throw new com.datastax.driver.core.exceptions.AuthenticationException(new InetSocketAddress(9999),"no host was tried");
+// }
//// END TEST CODE
- } catch (DriverException | APIException | IOException e) {
- AbsCassDAO.this.reportPerhapsReset(trans,e);
- return Result.err(Status.ERR_Backend,"%s-%s executing %s",e.getClass().getName(),e.getMessage(), cql);
- } finally {
- tt.done();
- }
-
- return extract(loader,rs,null /*let Array be created if necessary*/,dflt);
- }
-
- public Result<List<DATA>> read(TRANS trans, String text, DATA data) {
- return read(trans,text, loader.extract(data, size, crud));
- }
-
- public Object[] keyFrom(DATA data) {
- return loader.extract(data, size, CRUD.delete); // Delete is key only
- }
+ } catch (DriverException | APIException | IOException e) {
+ AbsCassDAO.this.reportPerhapsReset(trans,e);
+ return Result.err(Status.ERR_Backend,"%s-%s executing %s",e.getClass().getName(),e.getMessage(), cql);
+ } finally {
+ tt.done();
+ }
+
+ return extract(loader,rs,null /*let Array be created if necessary*/,dflt);
+ }
+
+ public Result<List<DATA>> read(TRANS trans, String text, DATA data) {
+ return read(trans,text, loader.extract(data, size, crud));
+ }
+
+ public Object[] keyFrom(DATA data) {
+ return loader.extract(data, size, CRUD.delete); // Delete is key only
+ }
- /*
- * Note: in case PSInfos are deleted, we want to remove them from list. This is not expected,
- * but we don't want a data leak if it does. Finalize doesn't have to happen quickly
- */
- @Override
- protected void finalize() throws Throwable {
- psinfos.remove(this);
- }
- }
+ /*
+ * Note: in case PSInfos are deleted, we want to remove them from list. This is not expected,
+ * but we don't want a data leak if it does. Finalize doesn't have to happen quickly
+ */
+ @Override
+ protected void finalize() throws Throwable {
+ psinfos.remove(this);
+ }
+ }
- protected final Accept<DATA> dflt = new Accept<DATA>() {
- @Override
- public boolean ok(DATA data) {
- return true;
- }
- };
+ protected final Accept<DATA> dflt = new Accept<DATA>() {
+ @Override
+ public boolean ok(DATA data) {
+ return true;
+ }
+ };
- @SuppressWarnings("unchecked")
+ @SuppressWarnings("unchecked")
protected final Result<List<DATA>> extract(Loader<DATA> loader, ResultSet rs, List<DATA> indata, Accept<DATA> accept) {
- List<Row> rows = rs.all();
- if(rows.isEmpty()) {
- return Result.ok((List<DATA>)EMPTY); // Result sets now .emptyList(true);
- } else {
- DATA d;
- List<DATA> data = indata==null?new ArrayList<>(rows.size()):indata;
-
- for(Row row : rows) {
- try {
- d = loader.load(dataClass.newInstance(),row);
- if(accept.ok(d)) {
- data.add(d);
- }
- } catch(Exception e) {
- return Result.err(e);
- }
- }
- return Result.ok(data);
- }
+ List<Row> rows = rs.all();
+ if(rows.isEmpty()) {
+ return Result.ok((List<DATA>)EMPTY); // Result sets now .emptyList(true);
+ } else {
+ DATA d;
+ List<DATA> data = indata==null?new ArrayList<>(rows.size()):indata;
+
+ for(Row row : rows) {
+ try {
+ d = loader.load(dataClass.newInstance(),row);
+ if(accept.ok(d)) {
+ data.add(d);
+ }
+ } catch(Exception e) {
+ return Result.err(e);
+ }
+ }
+ return Result.ok(data);
+ }
}
- private static final String NEW_CASSANDRA_SESSION_CREATED = "New Cassandra Session Created";
- private static final String NEW_CASSANDRA_CLUSTER_OBJECT_CREATED = "New Cassandra Cluster Object Created";
- private static final String NEW_CASSANDRA_SESSION = "New Cassandra Session";
- private static final Object LOCK = new Object();
+ private static final String NEW_CASSANDRA_SESSION_CREATED = "New Cassandra Session Created";
+ private static final String NEW_CASSANDRA_CLUSTER_OBJECT_CREATED = "New Cassandra Cluster Object Created";
+ private static final String NEW_CASSANDRA_SESSION = "New Cassandra Session";
+ private static final Object LOCK = new Object();
- private static class ResetRequest {
- //package on purpose
- Session session;
- long timestamp;
-
- public ResetRequest(Session session) {
- this.session = session;
- timestamp = System.currentTimeMillis();
- }
- }
+ private static class ResetRequest {
+ //package on purpose
+ Session session;
+ long timestamp;
+
+ public ResetRequest(Session session) {
+ this.session = session;
+ timestamp = System.currentTimeMillis();
+ }
+ }
-
- public static final void primePSIs(TransStore trans) throws APIException, IOException {
- for(AbsCassDAO<? extends TransStore, ?>.PSInfo psi : psinfos) {
- if(psi.ps==null) {
- psi.ps(trans);
- }
- }
- }
-
- public final Session getSession(TransStore trans) throws APIException, IOException {
- // SessionFilter unused since 2015
- // Try to use Trans' session, if exists
-// if(sessionSlot!=null) { // try to get from Trans
-// Session sess = trans.get(sessionSlot, null);
-// if(sess!=null) {
-// return sess;
-// }
-// }
-
- // If there's an owning DAO, use it's session
- if(owningDAO!=null) {
- return owningDAO.getSession(trans);
- }
-
- // OK, nothing else works... get our own.
- if(session==null || resetTrigger) {
- Cluster tempCluster = null;
- Session tempSession = null;
- try {
- synchronized(LOCK) {
- boolean reset = false;
- for(ResetRequest r : resetDeque) {
- if(r.session == session) {
- if(r.timestamp>nextAvailableReset) {
- reset=true;
- nextAvailableReset = System.currentTimeMillis() + 60000;
- tempCluster = cluster;
- tempSession = session;
- break;
- } else {
- trans.warn().log("Cassandra Connection Reset Ignored: Recent Reset");
- }
- }
- }
-
- if(reset || session == null) {
- TimeTaken tt = trans.start(NEW_CASSANDRA_SESSION, Env.SUB);
- try {
- // Note: Maitrayee recommended not closing the cluster, just
- // overwrite it. Jonathan 9/30/2016 assuming same for Session
- // This was a bad idea. Ran out of File Handles as I suspected, Jonathan
- if(reset) {
- for(AbsCassDAO<? extends TransStore, ?>.PSInfo psi : psinfos) {
- psi.reset();
- }
- }
- if(reset || cluster==null) {
- cluster = CassAccess.cluster(trans, keyspace);
- trans.warn().log(NEW_CASSANDRA_CLUSTER_OBJECT_CREATED);
- }
- if(reset || session==null) {
- session = cluster.connect(keyspace);
- trans.warn().log(NEW_CASSANDRA_SESSION_CREATED);
- }
- } finally {
- resetTrigger=false;
- tt.done();
- }
- }
- }
- } finally {
- TimeTaken tt = trans.start("Clear Reset Deque", Env.SUB);
- try {
- resetDeque.clear();
- // Not clearing Session/Cluster appears to kill off FileHandles
- if(tempSession!=null && !tempSession.isClosed()) {
- tempSession.close();
- }
- if(tempCluster!=null && !tempCluster.isClosed()) {
- tempCluster.close();
- }
- } finally {
- tt.done();
- }
- }
- }
- return session;
- }
-
- public final boolean reportPerhapsReset(TransStore trans, Exception e) {
- if(owningDAO!=null) {
- return owningDAO.reportPerhapsReset(trans, e);
- } else {
- boolean rv = false;
- if(CassAccess.isResetException(e)) {
- trans.warn().printf("Session Reset called for %s by %s ",session==null?"":session,e==null?"Mgmt Command":e.getClass().getName());
- resetDeque.addFirst(new ResetRequest(session));
- rv = resetTrigger = true;
- }
- trans.error().log(e);
- return rv;
- }
- }
+
+ public static final void primePSIs(TransStore trans) throws APIException, IOException {
+ for(AbsCassDAO<? extends TransStore, ?>.PSInfo psi : psinfos) {
+ if(psi.ps==null) {
+ psi.ps(trans);
+ }
+ }
+ }
+
+ public final Session getSession(TransStore trans) throws APIException, IOException {
+ // SessionFilter unused since 2015
+ // Try to use Trans' session, if exists
+// if(sessionSlot!=null) { // try to get from Trans
+// Session sess = trans.get(sessionSlot, null);
+// if(sess!=null) {
+// return sess;
+// }
+// }
+
+ // If there's an owning DAO, use it's session
+ if(owningDAO!=null) {
+ return owningDAO.getSession(trans);
+ }
+
+ // OK, nothing else works... get our own.
+ if(session==null || resetTrigger) {
+ Cluster tempCluster = null;
+ Session tempSession = null;
+ try {
+ synchronized(LOCK) {
+ boolean reset = false;
+ for(ResetRequest r : resetDeque) {
+ if(r.session == session) {
+ if(r.timestamp>nextAvailableReset) {
+ reset=true;
+ nextAvailableReset = System.currentTimeMillis() + 60000;
+ tempCluster = cluster;
+ tempSession = session;
+ break;
+ } else {
+ trans.warn().log("Cassandra Connection Reset Ignored: Recent Reset");
+ }
+ }
+ }
+
+ if(reset || session == null) {
+ TimeTaken tt = trans.start(NEW_CASSANDRA_SESSION, Env.SUB);
+ try {
+ // Note: Maitrayee recommended not closing the cluster, just
+ // overwrite it. Jonathan 9/30/2016 assuming same for Session
+ // This was a bad idea. Ran out of File Handles as I suspected, Jonathan
+ if(reset) {
+ for(AbsCassDAO<? extends TransStore, ?>.PSInfo psi : psinfos) {
+ psi.reset();
+ }
+ }
+ if(reset || cluster==null) {
+ cluster = CassAccess.cluster(trans, keyspace);
+ trans.warn().log(NEW_CASSANDRA_CLUSTER_OBJECT_CREATED);
+ }
+ if(reset || session==null) {
+ session = cluster.connect(keyspace);
+ trans.warn().log(NEW_CASSANDRA_SESSION_CREATED);
+ }
+ } finally {
+ resetTrigger=false;
+ tt.done();
+ }
+ }
+ }
+ } finally {
+ TimeTaken tt = trans.start("Clear Reset Deque", Env.SUB);
+ try {
+ resetDeque.clear();
+ // Not clearing Session/Cluster appears to kill off FileHandles
+ if(tempSession!=null && !tempSession.isClosed()) {
+ tempSession.close();
+ }
+ if(tempCluster!=null && !tempCluster.isClosed()) {
+ tempCluster.close();
+ }
+ } finally {
+ tt.done();
+ }
+ }
+ }
+ return session;
+ }
+
+ public final boolean reportPerhapsReset(TransStore trans, Exception e) {
+ if(owningDAO!=null) {
+ return owningDAO.reportPerhapsReset(trans, e);
+ } else {
+ boolean rv = false;
+ if(CassAccess.isResetException(e)) {
+ trans.warn().printf("Session Reset called for %s by %s ",session==null?"":session,e==null?"Mgmt Command":e.getClass().getName());
+ resetDeque.addFirst(new ResetRequest(session));
+ rv = resetTrigger = true;
+ }
+ trans.error().log(e);
+ return rv;
+ }
+ }
- public void close(TransStore trans) {
- if(owningDAO==null) {
- if(session!=null) {
- TimeTaken tt = trans.start("Cassandra Session Close", Env.SUB);
- try {
- session.close();
- } finally {
- tt.done();
- }
- session = null;
- } else {
- trans.debug().log("close called(), Session already closed");
- }
- } else {
- owningDAO.close(trans);
- }
- }
+ public void close(TransStore trans) {
+ if(owningDAO==null) {
+ if(session!=null) {
+ TimeTaken tt = trans.start("Cassandra Session Close", Env.SUB);
+ try {
+ session.close();
+ } finally {
+ tt.done();
+ }
+ session = null;
+ } else {
+ trans.debug().log("close called(), Session already closed");
+ }
+ } else {
+ owningDAO.close(trans);
+ }
+ }
- protected void wasModified(TRANS trans, CRUD modified, DATA data, String ... override) {
- }
-
- protected interface Accept<DATA> {
- public boolean ok(DATA data);
- }
+ protected void wasModified(TRANS trans, CRUD modified, DATA data, String ... override) {
+ }
+
+ protected interface Accept<DATA> {
+ public boolean ok(DATA data);
+ }
}
diff --git a/auth/auth-cass/src/main/java/org/onap/aaf/auth/dao/Bytification.java b/auth/auth-cass/src/main/java/org/onap/aaf/auth/dao/Bytification.java
index 279f399d..965ee2c2 100644
--- a/auth/auth-cass/src/main/java/org/onap/aaf/auth/dao/Bytification.java
+++ b/auth/auth-cass/src/main/java/org/onap/aaf/auth/dao/Bytification.java
@@ -25,6 +25,6 @@ import java.io.IOException;
import java.nio.ByteBuffer;
public interface Bytification {
- public ByteBuffer bytify() throws IOException;
- public void reconstitute(ByteBuffer bb) throws IOException;
+ public ByteBuffer bytify() throws IOException;
+ public void reconstitute(ByteBuffer bb) throws IOException;
}
diff --git a/auth/auth-cass/src/main/java/org/onap/aaf/auth/dao/CIDAO.java b/auth/auth-cass/src/main/java/org/onap/aaf/auth/dao/CIDAO.java
index 83b13c34..b148e87a 100644
--- a/auth/auth-cass/src/main/java/org/onap/aaf/auth/dao/CIDAO.java
+++ b/auth/auth-cass/src/main/java/org/onap/aaf/auth/dao/CIDAO.java
@@ -28,23 +28,23 @@ import org.onap.aaf.misc.env.Trans;
public interface CIDAO<TRANS extends Trans> {
- /**
- * Touch the date field for given Table
- *
- * @param trans
- * @param name
- * @return
- */
- public abstract Result<Void> touch(TRANS trans, String name, int ... seg);
-
- /**
- * Read all Info entries, and set local Date objects
- *
- * This is to support regular data checks on the Database to speed up Caching behavior
- *
- */
- public abstract Result<Void> check(TRANS trans);
-
- public abstract Date get(TRANS trans, String table, int seg);
+ /**
+ * Touch the date field for given Table
+ *
+ * @param trans
+ * @param name
+ * @return
+ */
+ public abstract Result<Void> touch(TRANS trans, String name, int ... seg);
+
+ /**
+ * Read all Info entries, and set local Date objects
+ *
+ * This is to support regular data checks on the Database to speed up Caching behavior
+ *
+ */
+ public abstract Result<Void> check(TRANS trans);
+
+ public abstract Date get(TRANS trans, String table, int seg);
} \ No newline at end of file
diff --git a/auth/auth-cass/src/main/java/org/onap/aaf/auth/dao/Cacheable.java b/auth/auth-cass/src/main/java/org/onap/aaf/auth/dao/Cacheable.java
index d697b90e..3632aa15 100644
--- a/auth/auth-cass/src/main/java/org/onap/aaf/auth/dao/Cacheable.java
+++ b/auth/auth-cass/src/main/java/org/onap/aaf/auth/dao/Cacheable.java
@@ -30,5 +30,5 @@ package org.onap.aaf.auth.dao;
*
*/
public interface Cacheable {
- public int[] invalidate(Cached<?,?> cache);
+ public int[] invalidate(Cached<?,?> cache);
}
diff --git a/auth/auth-cass/src/main/java/org/onap/aaf/auth/dao/Cached.java b/auth/auth-cass/src/main/java/org/onap/aaf/auth/dao/Cached.java
index 0797b041..3f4bbb20 100644
--- a/auth/auth-cass/src/main/java/org/onap/aaf/auth/dao/Cached.java
+++ b/auth/auth-cass/src/main/java/org/onap/aaf/auth/dao/Cached.java
@@ -36,164 +36,164 @@ import org.onap.aaf.misc.env.Env;
import org.onap.aaf.misc.env.Trans;
public class Cached<TRANS extends Trans, DATA extends Cacheable> extends Cache<TRANS,DATA> {
- // Java does not allow creation of Arrays with Generics in them...
- // private Map<String,Dated> cache[];
- protected final CIDAO<TRANS> info;
-
- private static Timer infoTimer;
- private Object cache[];
- public final int segSize;
-
- protected final String name;
-
- private final long expireIn;
-
-
-
- // Taken from String Hash, but coded, to ensure consistent across Java versions. Also covers negative case;
- public int cacheIdx(String key) {
- int h = 0;
- for (int i = 0; i < key.length(); i++) {
- h = 31*h + key.charAt(i);
- }
- if(h<0)h*=-1;
- return h%segSize;
- }
-
- public Cached(CIDAO<TRANS> info, String name, int segSize, long expireIn) {
- this.name =name;
- this.segSize = segSize;
- this.info = info;
- this.expireIn = expireIn;
- cache = new Object[segSize];
- // Create a new Map for each Segment, and store locally
- for(int i=0;i<segSize;++i) {
- cache[i]=obtain(name+i);
- }
- }
-
- public void add(String key, List<DATA> data) {
- @SuppressWarnings("unchecked")
- Map<String,Dated> map = ((Map<String,Dated>)cache[cacheIdx(key)]);
- map.put(key, new Dated(data, expireIn));
- }
-
-
- public int invalidate(String key) {
- int cacheIdx = cacheIdx(key);
- @SuppressWarnings("unchecked")
- Map<String,Dated> map = ((Map<String,Dated>)cache[cacheIdx]);
-// if(map.remove(key)!=null) // Not seeming to remove all the time
- if(map!=null)map.clear();
-// System.err.println("Remove " + name + " " + key);
- return cacheIdx;
- }
-
- public Result<Void> invalidate(int segment) {
- if(segment<0 || segment>=cache.length) return Result.err(Status.ERR_BadData,"Cache Segment %s is out of range",Integer.toString(segment));
- @SuppressWarnings("unchecked")
- Map<String,Dated> map = ((Map<String,Dated>)cache[segment]);
- if(map!=null) {
- map.clear();
- }
- return Result.ok();
- }
-
- protected interface Getter<D> {
- public abstract Result<List<D>> get();
- };
-
- // TODO utilize Segmented Caches, and fold "get" into "reads"
- @SuppressWarnings("unchecked")
- public Result<List<DATA>> get(TRANS trans, String key, Getter<DATA> getter) {
- List<DATA> ld = null;
- Result<List<DATA>> rld = null;
-
- int cacheIdx = cacheIdx(key);
- Map<String, Dated> map = ((Map<String,Dated>)cache[cacheIdx]);
-
- // Check for saved element in cache
- Dated cached = map.get(key);
- // Note: These Segment Timestamps are kept up to date with DB
- Date dbStamp = info.get(trans, name,cacheIdx);
-
- // Check for cache Entry and whether it is still good (a good Cache Entry is same or after DBEntry, so we use "before" syntax)
- if(cached!=null && dbStamp.before(cached.timestamp)) {
- ld = (List<DATA>)cached.data;
- rld = Result.ok(ld);
- } else {
- rld = getter.get();
- if(rld.isOK()) { // only store valid lists
- map.put(key, new Dated(rld.value,expireIn)); // successful item found gets put in cache
-// } else if(rld.status == Result.ERR_Backend){
-// map.remove(key);
- }
- }
- return rld;
- }
-
- /**
- * Each Cached object has multiple Segments that need cleaning. Derive each, and add to Cleansing Thread
- * @param env
- * @param dao
- */
- public static void startCleansing(AuthzEnv env, CachedDAO<?,?,?> ... dao) {
- for(CachedDAO<?,?,?> d : dao) {
- for(int i=0;i<d.segSize;++i) {
- startCleansing(env, d.table()+i);
- }
- }
- }
-
-
- public static<T extends Trans> void startRefresh(AuthzEnv env, CIDAO<AuthzTrans> cidao) {
- if(infoTimer==null) {
- infoTimer = new Timer("CachedDAO Info Refresh Timer");
- int minRefresh = 10*1000*60; // 10 mins Integer.parseInt(env.getProperty(CACHE_MIN_REFRESH_INTERVAL,"2000")); // 2 second minimum refresh
- infoTimer.schedule(new Refresh(env,cidao, minRefresh), 1000, minRefresh); // note: Refresh from DB immediately
- }
- }
-
- public static void stopTimer() {
- Cache.stopTimer();
- if(infoTimer!=null) {
- infoTimer.cancel();
- infoTimer = null;
- }
- }
-
- private final static class Refresh extends TimerTask {
- private static final int maxRefresh = 2*60*10000; // 20 mins
- private AuthzEnv env;
- private CIDAO<AuthzTrans> cidao;
- private int minRefresh;
- private long lastRun;
-
- public Refresh(AuthzEnv env, CIDAO<AuthzTrans> cidao, int minRefresh) {
- this.env = env;
- this.cidao = cidao;
- this.minRefresh = minRefresh;
- lastRun = System.currentTimeMillis()-maxRefresh-1000;
- }
-
- @Override
- public void run() {
- // Evaluate whether to refresh based on transaction rate
- long now = System.currentTimeMillis();
- long interval = now-lastRun;
-
- if(interval < minRefresh || interval < Math.min(env.transRate(),maxRefresh)) return;
- lastRun = now;
- AuthzTrans trans = env.newTransNoAvg();
- Result<Void> rv = cidao.check(trans);
- if(rv.status!=Result.OK) {
- env.error().log("Error in CacheInfo Refresh",rv.details);
- }
- if(env.debug().isLoggable()) {
- StringBuilder sb = new StringBuilder("Cache Info Refresh: ");
- trans.auditTrail(0, sb, Env.REMOTE);
- env.debug().log(sb);
- }
- }
- }
+ // Java does not allow creation of Arrays with Generics in them...
+ // private Map<String,Dated> cache[];
+ protected final CIDAO<TRANS> info;
+
+ private static Timer infoTimer;
+ private Object cache[];
+ public final int segSize;
+
+ protected final String name;
+
+ private final long expireIn;
+
+
+
+ // Taken from String Hash, but coded, to ensure consistent across Java versions. Also covers negative case;
+ public int cacheIdx(String key) {
+ int h = 0;
+ for (int i = 0; i < key.length(); i++) {
+ h = 31*h + key.charAt(i);
+ }
+ if(h<0)h*=-1;
+ return h%segSize;
+ }
+
+ public Cached(CIDAO<TRANS> info, String name, int segSize, long expireIn) {
+ this.name =name;
+ this.segSize = segSize;
+ this.info = info;
+ this.expireIn = expireIn;
+ cache = new Object[segSize];
+ // Create a new Map for each Segment, and store locally
+ for(int i=0;i<segSize;++i) {
+ cache[i]=obtain(name+i);
+ }
+ }
+
+ public void add(String key, List<DATA> data) {
+ @SuppressWarnings("unchecked")
+ Map<String,Dated> map = ((Map<String,Dated>)cache[cacheIdx(key)]);
+ map.put(key, new Dated(data, expireIn));
+ }
+
+
+ public int invalidate(String key) {
+ int cacheIdx = cacheIdx(key);
+ @SuppressWarnings("unchecked")
+ Map<String,Dated> map = ((Map<String,Dated>)cache[cacheIdx]);
+// if(map.remove(key)!=null) // Not seeming to remove all the time
+ if(map!=null)map.clear();
+// System.err.println("Remove " + name + " " + key);
+ return cacheIdx;
+ }
+
+ public Result<Void> invalidate(int segment) {
+ if(segment<0 || segment>=cache.length) return Result.err(Status.ERR_BadData,"Cache Segment %s is out of range",Integer.toString(segment));
+ @SuppressWarnings("unchecked")
+ Map<String,Dated> map = ((Map<String,Dated>)cache[segment]);
+ if(map!=null) {
+ map.clear();
+ }
+ return Result.ok();
+ }
+
+ protected interface Getter<D> {
+ public abstract Result<List<D>> get();
+ };
+
+ // TODO utilize Segmented Caches, and fold "get" into "reads"
+ @SuppressWarnings("unchecked")
+ public Result<List<DATA>> get(TRANS trans, String key, Getter<DATA> getter) {
+ List<DATA> ld = null;
+ Result<List<DATA>> rld = null;
+
+ int cacheIdx = cacheIdx(key);
+ Map<String, Dated> map = ((Map<String,Dated>)cache[cacheIdx]);
+
+ // Check for saved element in cache
+ Dated cached = map.get(key);
+ // Note: These Segment Timestamps are kept up to date with DB
+ Date dbStamp = info.get(trans, name,cacheIdx);
+
+ // Check for cache Entry and whether it is still good (a good Cache Entry is same or after DBEntry, so we use "before" syntax)
+ if(cached!=null && dbStamp.before(cached.timestamp)) {
+ ld = (List<DATA>)cached.data;
+ rld = Result.ok(ld);
+ } else {
+ rld = getter.get();
+ if(rld.isOK()) { // only store valid lists
+ map.put(key, new Dated(rld.value,expireIn)); // successful item found gets put in cache
+// } else if(rld.status == Result.ERR_Backend){
+// map.remove(key);
+ }
+ }
+ return rld;
+ }
+
+ /**
+ * Each Cached object has multiple Segments that need cleaning. Derive each, and add to Cleansing Thread
+ * @param env
+ * @param dao
+ */
+ public static void startCleansing(AuthzEnv env, CachedDAO<?,?,?> ... dao) {
+ for(CachedDAO<?,?,?> d : dao) {
+ for(int i=0;i<d.segSize;++i) {
+ startCleansing(env, d.table()+i);
+ }
+ }
+ }
+
+
+ public static<T extends Trans> void startRefresh(AuthzEnv env, CIDAO<AuthzTrans> cidao) {
+ if(infoTimer==null) {
+ infoTimer = new Timer("CachedDAO Info Refresh Timer");
+ int minRefresh = 10*1000*60; // 10 mins Integer.parseInt(env.getProperty(CACHE_MIN_REFRESH_INTERVAL,"2000")); // 2 second minimum refresh
+ infoTimer.schedule(new Refresh(env,cidao, minRefresh), 1000, minRefresh); // note: Refresh from DB immediately
+ }
+ }
+
+ public static void stopTimer() {
+ Cache.stopTimer();
+ if(infoTimer!=null) {
+ infoTimer.cancel();
+ infoTimer = null;
+ }
+ }
+
+ private final static class Refresh extends TimerTask {
+ private static final int maxRefresh = 2*60*10000; // 20 mins
+ private AuthzEnv env;
+ private CIDAO<AuthzTrans> cidao;
+ private int minRefresh;
+ private long lastRun;
+
+ public Refresh(AuthzEnv env, CIDAO<AuthzTrans> cidao, int minRefresh) {
+ this.env = env;
+ this.cidao = cidao;
+ this.minRefresh = minRefresh;
+ lastRun = System.currentTimeMillis()-maxRefresh-1000;
+ }
+
+ @Override
+ public void run() {
+ // Evaluate whether to refresh based on transaction rate
+ long now = System.currentTimeMillis();
+ long interval = now-lastRun;
+
+ if(interval < minRefresh || interval < Math.min(env.transRate(),maxRefresh)) return;
+ lastRun = now;
+ AuthzTrans trans = env.newTransNoAvg();
+ Result<Void> rv = cidao.check(trans);
+ if(rv.status!=Result.OK) {
+ env.error().log("Error in CacheInfo Refresh",rv.details);
+ }
+ if(env.debug().isLoggable()) {
+ StringBuilder sb = new StringBuilder("Cache Info Refresh: ");
+ trans.auditTrail(0, sb, Env.REMOTE);
+ env.debug().log(sb);
+ }
+ }
+ }
}
diff --git a/auth/auth-cass/src/main/java/org/onap/aaf/auth/dao/CachedDAO.java b/auth/auth-cass/src/main/java/org/onap/aaf/auth/dao/CachedDAO.java
index f468dba4..9375502c 100644
--- a/auth/auth-cass/src/main/java/org/onap/aaf/auth/dao/CachedDAO.java
+++ b/auth/auth-cass/src/main/java/org/onap/aaf/auth/dao/CachedDAO.java
@@ -40,189 +40,189 @@ import org.onap.aaf.misc.env.Trans;
* @param <DATA>
*/
public class CachedDAO<TRANS extends Trans,D extends DAO<TRANS,DATA>,DATA extends Cacheable>
- extends Cached<TRANS,DATA> implements DAO_RO<TRANS,DATA>{
-// private final String dirty_str;
-
- private final D dao;
+ extends Cached<TRANS,DATA> implements DAO_RO<TRANS,DATA>{
+// private final String dirty_str;
+
+ private final D dao;
- public CachedDAO(D dao, CIDAO<TRANS> info, int segsize, long expireIn) {
- super(info, dao.table(), segsize, expireIn);
-
- // Instantiate a new Cache per DAO name (so separate instances use the same cache)
- this.dao = dao;
- //read_str = "Cached READ for " + dao.table();
-// dirty_str = "Cache DIRTY on " + dao.table();
- if(dao instanceof CassDAOImpl) {
- ((CassDAOImpl<?,?>)dao).cache = this;
- }
- }
-
- public static<T extends Trans, DA extends DAO<T,DT>, DT extends Cacheable>
- CachedDAO<T,DA,DT> create(DA dao, CIDAO<T> info, int segsize, long expireIn) {
- return new CachedDAO<T,DA,DT>(dao,info, segsize, expireIn);
- }
+ public CachedDAO(D dao, CIDAO<TRANS> info, int segsize, long expireIn) {
+ super(info, dao.table(), segsize, expireIn);
+
+ // Instantiate a new Cache per DAO name (so separate instances use the same cache)
+ this.dao = dao;
+ //read_str = "Cached READ for " + dao.table();
+// dirty_str = "Cache DIRTY on " + dao.table();
+ if(dao instanceof CassDAOImpl) {
+ ((CassDAOImpl<?,?>)dao).cache = this;
+ }
+ }
+
+ public static<T extends Trans, DA extends DAO<T,DT>, DT extends Cacheable>
+ CachedDAO<T,DA,DT> create(DA dao, CIDAO<T> info, int segsize, long expireIn) {
+ return new CachedDAO<T,DA,DT>(dao,info, segsize, expireIn);
+ }
- public void add(DATA data) {
- String key = keyFromObjs(dao.keyFrom(data));
- List<DATA> list = new ArrayList<>();
- list.add(data);
- super.add(key,list);
- }
-
-// public void invalidate(TRANS trans, Object ... objs) {
-// TimeTaken tt = trans.start(dirty_str, Env.SUB);
-// try {
-// super.invalidate(keyFromObjs(objs));
-// } finally {
-// tt.done();
-// }
-// }
+ public void add(DATA data) {
+ String key = keyFromObjs(dao.keyFrom(data));
+ List<DATA> list = new ArrayList<>();
+ list.add(data);
+ super.add(key,list);
+ }
+
+// public void invalidate(TRANS trans, Object ... objs) {
+// TimeTaken tt = trans.start(dirty_str, Env.SUB);
+// try {
+// super.invalidate(keyFromObjs(objs));
+// } finally {
+// tt.done();
+// }
+// }
- public static String keyFromObjs(Object ... objs) {
- String key;
- if(objs.length==1 && objs[0] instanceof String) {
- key = (String)objs[0];
- } else {
- StringBuilder sb = new StringBuilder();
- boolean first = true;
- for(Object o : objs) {
- if(o!=null) {
- if(first) {
- first =false;
- } else {
- sb.append('|');
- }
- sb.append(o.toString());
- }
- }
- key = sb.toString();
- }
- return key;
- }
+ public static String keyFromObjs(Object ... objs) {
+ String key;
+ if(objs.length==1 && objs[0] instanceof String) {
+ key = (String)objs[0];
+ } else {
+ StringBuilder sb = new StringBuilder();
+ boolean first = true;
+ for(Object o : objs) {
+ if(o!=null) {
+ if(first) {
+ first =false;
+ } else {
+ sb.append('|');
+ }
+ sb.append(o.toString());
+ }
+ }
+ key = sb.toString();
+ }
+ return key;
+ }
- public Result<DATA> create(TRANS trans, DATA data) {
- Result<DATA> d = dao.create(trans,data);
- if(d.status==Status.OK) {
- add(d.value);
- } else {
- trans.error().log(d.errorString());
- }
- // dao.create already modifies cache. Do not invalidate again. invalidate(trans,data);
- return d;
- }
+ public Result<DATA> create(TRANS trans, DATA data) {
+ Result<DATA> d = dao.create(trans,data);
+ if(d.status==Status.OK) {
+ add(d.value);
+ } else {
+ trans.error().log(d.errorString());
+ }
+ // dao.create already modifies cache. Do not invalidate again. invalidate(trans,data);
+ return d;
+ }
- protected class DAOGetter implements Getter<DATA> {
- protected TRANS trans;
- protected Object objs[];
- protected D dao;
- public Result<List<DATA>> result;
+ protected class DAOGetter implements Getter<DATA> {
+ protected TRANS trans;
+ protected Object objs[];
+ protected D dao;
+ public Result<List<DATA>> result;
- public DAOGetter(TRANS trans, D dao, Object ... objs) {
- this.trans = trans;
- this.dao = dao;
- this.objs = objs;
- }
-
- /**
- * Separated into single call for easy overloading
- * @return
- */
- public Result<List<DATA>> call() {
- return dao.read(trans, objs);
- }
-
- @Override
- public final Result<List<DATA>> get() {
- return call();
-// if(result.isOKhasData()) { // Note, given above logic, could exist, but stale
-// return result.value;
-// } else {
-// return null;
-// }
- }
- }
+ public DAOGetter(TRANS trans, D dao, Object ... objs) {
+ this.trans = trans;
+ this.dao = dao;
+ this.objs = objs;
+ }
+
+ /**
+ * Separated into single call for easy overloading
+ * @return
+ */
+ public Result<List<DATA>> call() {
+ return dao.read(trans, objs);
+ }
+
+ @Override
+ public final Result<List<DATA>> get() {
+ return call();
+// if(result.isOKhasData()) { // Note, given above logic, could exist, but stale
+// return result.value;
+// } else {
+// return null;
+// }
+ }
+ }
- @Override
- public Result<List<DATA>> read(final TRANS trans, final Object ... objs) {
- DAOGetter getter = new DAOGetter(trans,dao,objs);
- return get(trans, keyFromObjs(objs),getter);
-// if(ld!=null) {
-// return Result.ok(ld);//.emptyList(ld.isEmpty());
-// }
-// // Result Result if exists
-// if(getter.result==null) {
-// return Result.err(Status.ERR_NotFound, "No Cache or Lookup found on [%s]",dao.table());
-// }
-// return getter.result;
- }
+ @Override
+ public Result<List<DATA>> read(final TRANS trans, final Object ... objs) {
+ DAOGetter getter = new DAOGetter(trans,dao,objs);
+ return get(trans, keyFromObjs(objs),getter);
+// if(ld!=null) {
+// return Result.ok(ld);//.emptyList(ld.isEmpty());
+// }
+// // Result Result if exists
+// if(getter.result==null) {
+// return Result.err(Status.ERR_NotFound, "No Cache or Lookup found on [%s]",dao.table());
+// }
+// return getter.result;
+ }
- // Slight Improved performance available when String and Obj versions are known.
- public Result<List<DATA>> read(final String key, final TRANS trans, final Object[] objs) {
- DAOGetter getter = new DAOGetter(trans,dao,objs);
- return get(trans, key, getter);
-// if(ld!=null) {
-// return Result.ok(ld);//.emptyList(ld.isEmpty());
-// }
-// // Result Result if exists
-// if(getter.result==null) {
-// return Result.err(Status.ERR_NotFound, "No Cache or Lookup found on [%s]",dao.table());
-// }
-// return getter.result;
- }
-
- @Override
- public Result<List<DATA>> read(TRANS trans, DATA data) {
- return read(trans,dao.keyFrom(data));
- }
- public Result<Void> update(TRANS trans, DATA data) {
- Result<Void> d = dao.update(trans, data);
- if(d.status==Status.OK) {
- add(data);
- } else {
- trans.error().log(d.errorString());
- }
- return d;
- }
+ // Slight Improved performance available when String and Obj versions are known.
+ public Result<List<DATA>> read(final String key, final TRANS trans, final Object[] objs) {
+ DAOGetter getter = new DAOGetter(trans,dao,objs);
+ return get(trans, key, getter);
+// if(ld!=null) {
+// return Result.ok(ld);//.emptyList(ld.isEmpty());
+// }
+// // Result Result if exists
+// if(getter.result==null) {
+// return Result.err(Status.ERR_NotFound, "No Cache or Lookup found on [%s]",dao.table());
+// }
+// return getter.result;
+ }
+
+ @Override
+ public Result<List<DATA>> read(TRANS trans, DATA data) {
+ return read(trans,dao.keyFrom(data));
+ }
+ public Result<Void> update(TRANS trans, DATA data) {
+ Result<Void> d = dao.update(trans, data);
+ if(d.status==Status.OK) {
+ add(data);
+ } else {
+ trans.error().log(d.errorString());
+ }
+ return d;
+ }
- public Result<Void> delete(TRANS trans, DATA data, boolean reread) {
- if(reread) { // If reread, get from Cache, if possible, not DB exclusively
- Result<List<DATA>> rd = read(trans,data);
- if(rd.notOK()) {
- return Result.err(rd);
-// } else {
-// trans.error().log(rd.errorString());
- }
- if(rd.isEmpty()) {
- data.invalidate(this);
- return Result.err(Status.ERR_NotFound,"Not Found");
- }
- data = rd.value.get(0);
- }
- Result<Void> rv=dao.delete(trans, data, false);
- data.invalidate(this);
- return rv;
- }
-
- @Override
- public void close(TRANS trans) {
- if(dao!=null) {
- dao.close(trans);
- }
- }
-
+ public Result<Void> delete(TRANS trans, DATA data, boolean reread) {
+ if(reread) { // If reread, get from Cache, if possible, not DB exclusively
+ Result<List<DATA>> rd = read(trans,data);
+ if(rd.notOK()) {
+ return Result.err(rd);
+// } else {
+// trans.error().log(rd.errorString());
+ }
+ if(rd.isEmpty()) {
+ data.invalidate(this);
+ return Result.err(Status.ERR_NotFound,"Not Found");
+ }
+ data = rd.value.get(0);
+ }
+ Result<Void> rv=dao.delete(trans, data, false);
+ data.invalidate(this);
+ return rv;
+ }
+
+ @Override
+ public void close(TRANS trans) {
+ if(dao!=null) {
+ dao.close(trans);
+ }
+ }
+
- @Override
- public String table() {
- return dao.table();
- }
-
- public D dao() {
- return dao;
- }
-
- public void invalidate(TRANS trans, DATA data) {
+ @Override
+ public String table() {
+ return dao.table();
+ }
+
+ public D dao() {
+ return dao;
+ }
+
+ public void invalidate(TRANS trans, DATA data) {
if(info.touch(trans, dao.table(),data.invalidate(this)).notOK()) {
- trans.error().log("Cannot touch CacheInfo for Role");
- }
- }
+ trans.error().log("Cannot touch CacheInfo for Role");
+ }
+ }
}
diff --git a/auth/auth-cass/src/main/java/org/onap/aaf/auth/dao/CassAccess.java b/auth/auth-cass/src/main/java/org/onap/aaf/auth/dao/CassAccess.java
index c213a04b..9b168a83 100644
--- a/auth/auth-cass/src/main/java/org/onap/aaf/auth/dao/CassAccess.java
+++ b/auth/auth-cass/src/main/java/org/onap/aaf/auth/dao/CassAccess.java
@@ -38,186 +38,186 @@ import com.datastax.driver.core.policies.DCAwareRoundRobinPolicy;
import com.datastax.driver.core.policies.TokenAwarePolicy;
public class CassAccess {
- public static final String KEYSPACE = "authz";
- public static final String CASSANDRA_CLUSTERS = "cassandra.clusters";
- public static final String CASSANDRA_CLUSTERS_PORT = "cassandra.clusters.port";
- public static final String CASSANDRA_CLUSTERS_USER_NAME = "cassandra.clusters.user";
- public static final String CASSANDRA_CLUSTERS_PASSWORD = "cassandra.clusters.password";
- public static final String CASSANDRA_RESET_EXCEPTIONS = "cassandra.reset.exceptions";
- private static final List<Resettable> resetExceptions = new ArrayList<>();
- public static final String ERR_ACCESS_MSG = "Accessing Backend";
- private static Builder cb = null;
+ public static final String KEYSPACE = "authz";
+ public static final String CASSANDRA_CLUSTERS = "cassandra.clusters";
+ public static final String CASSANDRA_CLUSTERS_PORT = "cassandra.clusters.port";
+ public static final String CASSANDRA_CLUSTERS_USER_NAME = "cassandra.clusters.user";
+ public static final String CASSANDRA_CLUSTERS_PASSWORD = "cassandra.clusters.password";
+ public static final String CASSANDRA_RESET_EXCEPTIONS = "cassandra.reset.exceptions";
+ private static final List<Resettable> resetExceptions = new ArrayList<>();
+ public static final String ERR_ACCESS_MSG = "Accessing Backend";
+ private static Builder cb = null;
- /**
- * To create DCAwareRoundRobing Policy:
- * Need Properties
- * LATITUDE (or AFT_LATITUDE)
- * LONGITUDE (or AFT_LONGITUDE)
- * CASSANDRA CLUSTERS with additional information:
- * machine:DC:lat:long,machine:DC:lat:long
- * @param env
- * @param prefix
- * @return
- * @throws APIException
- * @throws IOException
- */
+ /**
+ * To create DCAwareRoundRobing Policy:
+ * Need Properties
+ * LATITUDE (or AFT_LATITUDE)
+ * LONGITUDE (or AFT_LONGITUDE)
+ * CASSANDRA CLUSTERS with additional information:
+ * machine:DC:lat:long,machine:DC:lat:long
+ * @param env
+ * @param prefix
+ * @return
+ * @throws APIException
+ * @throws IOException
+ */
-// @SuppressWarnings("deprecation")
- public static synchronized Cluster cluster(Env env, String prefix) throws APIException, IOException {
- if(cb == null) {
- String pre;
- if(prefix==null) {
- pre="";
- } else {
- env.info().log("Cassandra Connection for ",prefix);
- pre = prefix+'.';
- }
- cb = Cluster.builder();
- String str = env.getProperty(pre+CASSANDRA_CLUSTERS_PORT,env.getProperty(CASSANDRA_CLUSTERS_PORT,"9042"));
- if(str!=null) {
- env.init().log("Cass Port = ",str );
- cb.withPort(Integer.parseInt(str));
- }
- str = env.getProperty(pre+CASSANDRA_CLUSTERS_USER_NAME,env.getProperty(CASSANDRA_CLUSTERS_USER_NAME,null));
- if(str!=null) {
- env.init().log("Cass User = ",str );
- String epass = env.getProperty(pre + CASSANDRA_CLUSTERS_PASSWORD,env.getProperty(CASSANDRA_CLUSTERS_PASSWORD,null));
- if(epass==null) {
- throw new APIException("No Password configured for " + str);
- }
- //TODO Figure out way to ensure Decryptor setting in AuthzEnv
- if(env instanceof AuthzEnv) {
- cb.withCredentials(str,((AuthzEnv)env).decrypt(epass,true));
- } else {
- cb.withCredentials(str, env.decryptor().decrypt(epass));
- }
- }
-
- str = env.getProperty(pre+CASSANDRA_RESET_EXCEPTIONS,env.getProperty(CASSANDRA_RESET_EXCEPTIONS,null));
- if(str!=null) {
- env.init().log("Cass ResetExceptions = ",str );
- for(String ex : Split.split(',', str)) {
- resetExceptions.add(new Resettable(env,ex));
- }
- }
-
- str = env.getProperty(Config.CADI_LATITUDE);
- Double lat = str!=null?Double.parseDouble(str):null;
- str = env.getProperty(Config.CADI_LONGITUDE);
- Double lon = str!=null?Double.parseDouble(str):null;
- if(lat == null || lon == null) {
- throw new APIException(Config.CADI_LATITUDE + " and/or " + Config.CADI_LONGITUDE + " are not set");
- }
-
- env.init().printf("Service Latitude,Longitude = %f,%f",lat,lon);
-
- str = env.getProperty(pre+CASSANDRA_CLUSTERS,env.getProperty(CASSANDRA_CLUSTERS,"localhost"));
- env.init().log("Cass Clusters = ",str );
- String[] machs = Split.split(',', str);
- String[] cpoints = new String[machs.length];
- String bestDC = null;
- int numInBestDC = 1;
- double mlat, mlon,temp,distance = Double.MAX_VALUE;
- for(int i=0;i<machs.length;++i) {
- String[] minfo = Split.split(':',machs[i]);
- if(minfo.length>0) {
- cpoints[i]=minfo[0];
- }
-
- if(minfo.length>3) {
- if(minfo[1].equals(bestDC)) {
- ++numInBestDC;
- } else {
- // Calc closest DC with Great Circle
- mlat = Double.parseDouble(minfo[2]);
- mlon = Double.parseDouble(minfo[3]);
- // Note: GreatCircle Distance is always >= 0.0 (not negative)
- if((temp=GreatCircle.calc(lat, lon, mlat, mlon)) < distance) {
- distance = temp;
- if(bestDC==null || !bestDC.equals(minfo[1])) {
- bestDC = minfo[1];
- numInBestDC = 1;
- }
- }
- }
- }
- }
-
- cb.addContactPoints(cpoints);
-
- if(bestDC!=null) {
- // 8/26/2016 Management has determined that Accuracy is preferred over speed in bad situations
- // Local DC Aware Load Balancing appears to have the highest normal performance, with the best
- // Degraded Accuracy
- DCAwareRoundRobinPolicy dcrrPolicy = DCAwareRoundRobinPolicy.builder()
- .withLocalDc(bestDC)
- .withUsedHostsPerRemoteDc(numInBestDC)
- .build();
-// cb.withLoadBalancingPolicy(new DCAwareRoundRobinPolicy(
-// bestDC, numInBestDC, true /*allow LocalDC to look at other DCs for LOCAL_QUORUM */));
- cb.withLoadBalancingPolicy(new TokenAwarePolicy(dcrrPolicy));
- env.init().printf("Cassandra configured for DCAwareRoundRobinPolicy with best DC at %s with emergency remote of up to %d node(s)"
- ,bestDC, numInBestDC);
- } else {
- env.init().printf("Cassandra is using Default Policy, which is not DC aware");
- }
- }
- return cb.build();
- }
-
- private static class Resettable {
- private Class<? extends Exception> cls;
- private List<String> messages;
-
- @SuppressWarnings("unchecked")
- public Resettable(Env env, String propData) throws APIException {
- if(propData!=null && propData.length()>1) {
- String[] split = Split.split(':', propData);
- if(split.length>0) {
- try {
- cls = (Class<? extends Exception>)Class.forName(split[0]);
- } catch (ClassNotFoundException e) {
- throw new APIException("Declared Cassandra Reset Exception, " + propData + ", cannot be ClassLoaded");
- }
- }
- if(split.length>1) {
- messages=new ArrayList<>();
- for(int i=1;i<split.length;++i) {
- String str = split[i];
- int start = str.startsWith("\"")?1:0;
- int end = str.length()-(str.endsWith("\"")?1:0);
- messages.add(split[i].substring(start, end));
- }
- } else {
- messages = null;
- }
- }
- }
-
- public boolean matches(Exception ex) {
- if(ex.getClass().equals(cls)) {
- if(messages!=null) {
- String msg = ex.getMessage();
- for(String m : messages) {
- if(msg.contains(m)) {
- return true;
- }
- }
- }
- }
- return false;
- }
- }
-
- public static final boolean isResetException(Exception e) {
- if(e==null) {
- return true;
- }
- for(Resettable re : resetExceptions) {
- if(re.matches(e)) {
- return true;
- }
- }
- return false;
- }
+// @SuppressWarnings("deprecation")
+ public static synchronized Cluster cluster(Env env, String prefix) throws APIException, IOException {
+ if(cb == null) {
+ String pre;
+ if(prefix==null) {
+ pre="";
+ } else {
+ env.info().log("Cassandra Connection for ",prefix);
+ pre = prefix+'.';
+ }
+ cb = Cluster.builder();
+ String str = env.getProperty(pre+CASSANDRA_CLUSTERS_PORT,env.getProperty(CASSANDRA_CLUSTERS_PORT,"9042"));
+ if(str!=null) {
+ env.init().log("Cass Port = ",str );
+ cb.withPort(Integer.parseInt(str));
+ }
+ str = env.getProperty(pre+CASSANDRA_CLUSTERS_USER_NAME,env.getProperty(CASSANDRA_CLUSTERS_USER_NAME,null));
+ if(str!=null) {
+ env.init().log("Cass User = ",str );
+ String epass = env.getProperty(pre + CASSANDRA_CLUSTERS_PASSWORD,env.getProperty(CASSANDRA_CLUSTERS_PASSWORD,null));
+ if(epass==null) {
+ throw new APIException("No Password configured for " + str);
+ }
+ //TODO Figure out way to ensure Decryptor setting in AuthzEnv
+ if(env instanceof AuthzEnv) {
+ cb.withCredentials(str,((AuthzEnv)env).decrypt(epass,true));
+ } else {
+ cb.withCredentials(str, env.decryptor().decrypt(epass));
+ }
+ }
+
+ str = env.getProperty(pre+CASSANDRA_RESET_EXCEPTIONS,env.getProperty(CASSANDRA_RESET_EXCEPTIONS,null));
+ if(str!=null) {
+ env.init().log("Cass ResetExceptions = ",str );
+ for(String ex : Split.split(',', str)) {
+ resetExceptions.add(new Resettable(env,ex));
+ }
+ }
+
+ str = env.getProperty(Config.CADI_LATITUDE);
+ Double lat = str!=null?Double.parseDouble(str):null;
+ str = env.getProperty(Config.CADI_LONGITUDE);
+ Double lon = str!=null?Double.parseDouble(str):null;
+ if(lat == null || lon == null) {
+ throw new APIException(Config.CADI_LATITUDE + " and/or " + Config.CADI_LONGITUDE + " are not set");
+ }
+
+ env.init().printf("Service Latitude,Longitude = %f,%f",lat,lon);
+
+ str = env.getProperty(pre+CASSANDRA_CLUSTERS,env.getProperty(CASSANDRA_CLUSTERS,"localhost"));
+ env.init().log("Cass Clusters = ",str );
+ String[] machs = Split.split(',', str);
+ String[] cpoints = new String[machs.length];
+ String bestDC = null;
+ int numInBestDC = 1;
+ double mlat, mlon,temp,distance = Double.MAX_VALUE;
+ for(int i=0;i<machs.length;++i) {
+ String[] minfo = Split.split(':',machs[i]);
+ if(minfo.length>0) {
+ cpoints[i]=minfo[0];
+ }
+
+ if(minfo.length>3) {
+ if(minfo[1].equals(bestDC)) {
+ ++numInBestDC;
+ } else {
+ // Calc closest DC with Great Circle
+ mlat = Double.parseDouble(minfo[2]);
+ mlon = Double.parseDouble(minfo[3]);
+ // Note: GreatCircle Distance is always >= 0.0 (not negative)
+ if((temp=GreatCircle.calc(lat, lon, mlat, mlon)) < distance) {
+ distance = temp;
+ if(bestDC==null || !bestDC.equals(minfo[1])) {
+ bestDC = minfo[1];
+ numInBestDC = 1;
+ }
+ }
+ }
+ }
+ }
+
+ cb.addContactPoints(cpoints);
+
+ if(bestDC!=null) {
+ // 8/26/2016 Management has determined that Accuracy is preferred over speed in bad situations
+ // Local DC Aware Load Balancing appears to have the highest normal performance, with the best
+ // Degraded Accuracy
+ DCAwareRoundRobinPolicy dcrrPolicy = DCAwareRoundRobinPolicy.builder()
+ .withLocalDc(bestDC)
+ .withUsedHostsPerRemoteDc(numInBestDC)
+ .build();
+// cb.withLoadBalancingPolicy(new DCAwareRoundRobinPolicy(
+// bestDC, numInBestDC, true /*allow LocalDC to look at other DCs for LOCAL_QUORUM */));
+ cb.withLoadBalancingPolicy(new TokenAwarePolicy(dcrrPolicy));
+ env.init().printf("Cassandra configured for DCAwareRoundRobinPolicy with best DC at %s with emergency remote of up to %d node(s)"
+ ,bestDC, numInBestDC);
+ } else {
+ env.init().printf("Cassandra is using Default Policy, which is not DC aware");
+ }
+ }
+ return cb.build();
+ }
+
+ private static class Resettable {
+ private Class<? extends Exception> cls;
+ private List<String> messages;
+
+ @SuppressWarnings("unchecked")
+ public Resettable(Env env, String propData) throws APIException {
+ if(propData!=null && propData.length()>1) {
+ String[] split = Split.split(':', propData);
+ if(split.length>0) {
+ try {
+ cls = (Class<? extends Exception>)Class.forName(split[0]);
+ } catch (ClassNotFoundException e) {
+ throw new APIException("Declared Cassandra Reset Exception, " + propData + ", cannot be ClassLoaded");
+ }
+ }
+ if(split.length>1) {
+ messages=new ArrayList<>();
+ for(int i=1;i<split.length;++i) {
+ String str = split[i];
+ int start = str.startsWith("\"")?1:0;
+ int end = str.length()-(str.endsWith("\"")?1:0);
+ messages.add(split[i].substring(start, end));
+ }
+ } else {
+ messages = null;
+ }
+ }
+ }
+
+ public boolean matches(Exception ex) {
+ if(ex.getClass().equals(cls)) {
+ if(messages!=null) {
+ String msg = ex.getMessage();
+ for(String m : messages) {
+ if(msg.contains(m)) {
+ return true;
+ }
+ }
+ }
+ }
+ return false;
+ }
+ }
+
+ public static final boolean isResetException(Exception e) {
+ if(e==null) {
+ return true;
+ }
+ for(Resettable re : resetExceptions) {
+ if(re.matches(e)) {
+ return true;
+ }
+ }
+ return false;
+ }
}
diff --git a/auth/auth-cass/src/main/java/org/onap/aaf/auth/dao/CassDAOImpl.java b/auth/auth-cass/src/main/java/org/onap/aaf/auth/dao/CassDAOImpl.java
index f7cdec5e..fae8f693 100644
--- a/auth/auth-cass/src/main/java/org/onap/aaf/auth/dao/CassDAOImpl.java
+++ b/auth/auth-cass/src/main/java/org/onap/aaf/auth/dao/CassDAOImpl.java
@@ -47,302 +47,302 @@ import com.datastax.driver.core.ResultSetFuture;
* @param <DATA>
*/
public class CassDAOImpl<TRANS extends TransStore,DATA> extends AbsCassDAO<TRANS, DATA> implements DAO<TRANS,DATA> {
- public static final String USER_NAME = "__USER_NAME__";
- protected static final String CREATE_SP = "CREATE ";
- protected static final String UPDATE_SP = "UPDATE ";
- protected static final String DELETE_SP = "DELETE ";
- protected static final String SELECT_SP = "SELECT ";
+ public static final String USER_NAME = "__USER_NAME__";
+ protected static final String CREATE_SP = "CREATE ";
+ protected static final String UPDATE_SP = "UPDATE ";
+ protected static final String DELETE_SP = "DELETE ";
+ protected static final String SELECT_SP = "SELECT ";
- protected final String C_TEXT = getClass().getSimpleName() + " CREATE";
- protected final String R_TEXT = getClass().getSimpleName() + " READ";
- protected final String U_TEXT = getClass().getSimpleName() + " UPDATE";
- protected final String D_TEXT = getClass().getSimpleName() + " DELETE";
- private String table;
-
- protected final ConsistencyLevel readConsistency,writeConsistency;
-
- // Setteable only by CachedDAO
- protected Cached<?, ?> cache;
+ protected final String C_TEXT = getClass().getSimpleName() + " CREATE";
+ protected final String R_TEXT = getClass().getSimpleName() + " READ";
+ protected final String U_TEXT = getClass().getSimpleName() + " UPDATE";
+ protected final String D_TEXT = getClass().getSimpleName() + " DELETE";
+ private String table;
+
+ protected final ConsistencyLevel readConsistency,writeConsistency;
+
+ // Setteable only by CachedDAO
+ protected Cached<?, ?> cache;
- /**
- * A Constructor from the originating Cluster. This DAO will open the Session at need,
- * and shutdown the session when "close()" is called.
- *
- * @param cluster
- * @param keyspace
- * @param dataClass
- */
- public CassDAOImpl(TRANS trans, String name, Cluster cluster, String keyspace, Class<DATA> dataClass, String table, ConsistencyLevel read, ConsistencyLevel write) {
- super(trans, name, cluster,keyspace,dataClass);
- this.table = table;
- readConsistency = read;
- writeConsistency = write;
- }
-
- /**
- * A Constructor to share Session with other DAOs.
- *
- * This method get the Session and Cluster information from the calling DAO, and won't
- * touch the Session on closure.
- *
- * @param aDao
- * @param dataClass
- */
- public CassDAOImpl(TRANS trans, String name, AbsCassDAO<TRANS,?> aDao, Class<DATA> dataClass, String table, ConsistencyLevel read, ConsistencyLevel write) {
- super(trans, name, aDao,dataClass);
- this.table = table;
- readConsistency = read;
- writeConsistency = write;
- }
+ /**
+ * A Constructor from the originating Cluster. This DAO will open the Session at need,
+ * and shutdown the session when "close()" is called.
+ *
+ * @param cluster
+ * @param keyspace
+ * @param dataClass
+ */
+ public CassDAOImpl(TRANS trans, String name, Cluster cluster, String keyspace, Class<DATA> dataClass, String table, ConsistencyLevel read, ConsistencyLevel write) {
+ super(trans, name, cluster,keyspace,dataClass);
+ this.table = table;
+ readConsistency = read;
+ writeConsistency = write;
+ }
+
+ /**
+ * A Constructor to share Session with other DAOs.
+ *
+ * This method get the Session and Cluster information from the calling DAO, and won't
+ * touch the Session on closure.
+ *
+ * @param aDao
+ * @param dataClass
+ */
+ public CassDAOImpl(TRANS trans, String name, AbsCassDAO<TRANS,?> aDao, Class<DATA> dataClass, String table, ConsistencyLevel read, ConsistencyLevel write) {
+ super(trans, name, aDao,dataClass);
+ this.table = table;
+ readConsistency = read;
+ writeConsistency = write;
+ }
- protected PSInfo createPS;
- protected PSInfo readPS;
- protected PSInfo updatePS;
- protected PSInfo deletePS;
- protected boolean async=false;
+ protected PSInfo createPS;
+ protected PSInfo readPS;
+ protected PSInfo updatePS;
+ protected PSInfo deletePS;
+ protected boolean async=false;
- public void async(boolean bool) {
- async = bool;
- }
+ public void async(boolean bool) {
+ async = bool;
+ }
- public final String[] setCRUD(TRANS trans, String table, Class<?> dc,Loader<DATA> loader) {
- return setCRUD(trans, table, dc, loader, -1);
- }
-
- public final String[] setCRUD(TRANS trans, String table, Class<?> dc,Loader<DATA> loader, int max) {
- Field[] fields = dc.getDeclaredFields();
- int end = max>=0 & max<fields.length?max:fields.length;
- // get keylimit from a non-null Loader
- int keylimit = loader.keylimit();
-
- StringBuilder sbfc = new StringBuilder();
- StringBuilder sbq = new StringBuilder();
- StringBuilder sbwc = new StringBuilder();
- StringBuilder sbup = new StringBuilder();
-
- if(keylimit>0) {
- for(int i=0;i<end;++i) {
- if(i>0) {
- sbfc.append(',');
- sbq.append(',');
- if(i<keylimit) {
- sbwc.append(" AND ");
- }
- }
- sbfc.append(fields[i].getName());
- sbq.append('?');
- if(i>=keylimit) {
- if(i>keylimit) {
- sbup.append(',');
- }
- sbup.append(fields[i].getName());
- sbup.append("=?");
- }
- if(i<keylimit) {
- sbwc.append(fields[i].getName());
- sbwc.append("=?");
- }
- }
-
- createPS = new PSInfo(trans, "INSERT INTO " + table + " ("+ sbfc +") VALUES ("+ sbq +");",loader,writeConsistency);
-
- readPS = new PSInfo(trans, "SELECT " + sbfc + " FROM " + table + " WHERE " + sbwc + ';',loader,readConsistency);
-
- // Note: UPDATES can't compile if there are no fields besides keys... Use "Insert"
- if(sbup.length()==0) {
- updatePS = createPS; // the same as an insert
- } else {
- updatePS = new PSInfo(trans, "UPDATE " + table + " SET " + sbup + " WHERE " + sbwc + ';',loader,writeConsistency);
- }
-
- deletePS = new PSInfo(trans, "DELETE FROM " + table + " WHERE " + sbwc + ';',loader,writeConsistency);
- }
- return new String[] {sbfc.toString(), sbq.toString(), sbup.toString(), sbwc.toString()};
- }
+ public final String[] setCRUD(TRANS trans, String table, Class<?> dc,Loader<DATA> loader) {
+ return setCRUD(trans, table, dc, loader, -1);
+ }
+
+ public final String[] setCRUD(TRANS trans, String table, Class<?> dc,Loader<DATA> loader, int max) {
+ Field[] fields = dc.getDeclaredFields();
+ int end = max>=0 & max<fields.length?max:fields.length;
+ // get keylimit from a non-null Loader
+ int keylimit = loader.keylimit();
+
+ StringBuilder sbfc = new StringBuilder();
+ StringBuilder sbq = new StringBuilder();
+ StringBuilder sbwc = new StringBuilder();
+ StringBuilder sbup = new StringBuilder();
+
+ if(keylimit>0) {
+ for(int i=0;i<end;++i) {
+ if(i>0) {
+ sbfc.append(',');
+ sbq.append(',');
+ if(i<keylimit) {
+ sbwc.append(" AND ");
+ }
+ }
+ sbfc.append(fields[i].getName());
+ sbq.append('?');
+ if(i>=keylimit) {
+ if(i>keylimit) {
+ sbup.append(',');
+ }
+ sbup.append(fields[i].getName());
+ sbup.append("=?");
+ }
+ if(i<keylimit) {
+ sbwc.append(fields[i].getName());
+ sbwc.append("=?");
+ }
+ }
+
+ createPS = new PSInfo(trans, "INSERT INTO " + table + " ("+ sbfc +") VALUES ("+ sbq +");",loader,writeConsistency);
+
+ readPS = new PSInfo(trans, "SELECT " + sbfc + " FROM " + table + " WHERE " + sbwc + ';',loader,readConsistency);
+
+ // Note: UPDATES can't compile if there are no fields besides keys... Use "Insert"
+ if(sbup.length()==0) {
+ updatePS = createPS; // the same as an insert
+ } else {
+ updatePS = new PSInfo(trans, "UPDATE " + table + " SET " + sbup + " WHERE " + sbwc + ';',loader,writeConsistency);
+ }
+
+ deletePS = new PSInfo(trans, "DELETE FROM " + table + " WHERE " + sbwc + ';',loader,writeConsistency);
+ }
+ return new String[] {sbfc.toString(), sbq.toString(), sbup.toString(), sbwc.toString()};
+ }
- public void replace(CRUD crud, PSInfo psInfo) {
- switch(crud) {
- case create: createPS = psInfo; break;
- case read: readPS = psInfo; break;
- case update: updatePS = psInfo; break;
- case delete: deletePS = psInfo; break;
- }
- }
+ public void replace(CRUD crud, PSInfo psInfo) {
+ switch(crud) {
+ case create: createPS = psInfo; break;
+ case read: readPS = psInfo; break;
+ case update: updatePS = psInfo; break;
+ case delete: deletePS = psInfo; break;
+ }
+ }
- public void disable(CRUD crud) {
- switch(crud) {
- case create: createPS = null; break;
- case read: readPS = null; break;
- case update: updatePS = null; break;
- case delete: deletePS = null; break;
- }
- }
+ public void disable(CRUD crud) {
+ switch(crud) {
+ case create: createPS = null; break;
+ case read: readPS = null; break;
+ case update: updatePS = null; break;
+ case delete: deletePS = null; break;
+ }
+ }
-
- /**
- * Given a DATA object, extract the individual elements from the Data into an Object Array for the
- * execute element.
- */
- public Result<DATA> create(TRANS trans, DATA data) {
- if(createPS==null) {
- return Result.err(Result.ERR_NotImplemented,"Create is disabled for %s",getClass().getSimpleName());
- }
- if(async) /*ResultSetFuture */ {
- Result<ResultSetFuture> rs = createPS.execAsync(trans, C_TEXT, data);
- if(rs.notOK()) {
- return Result.err(rs);
- }
- } else {
- Result<ResultSet> rs = createPS.exec(trans, C_TEXT, data);
- if(rs.notOK()) {
- return Result.err(rs);
- }
- }
- wasModified(trans, CRUD.create, data);
- return Result.ok(data);
- }
+
+ /**
+ * Given a DATA object, extract the individual elements from the Data into an Object Array for the
+ * execute element.
+ */
+ public Result<DATA> create(TRANS trans, DATA data) {
+ if(createPS==null) {
+ return Result.err(Result.ERR_NotImplemented,"Create is disabled for %s",getClass().getSimpleName());
+ }
+ if(async) /*ResultSetFuture */ {
+ Result<ResultSetFuture> rs = createPS.execAsync(trans, C_TEXT, data);
+ if(rs.notOK()) {
+ return Result.err(rs);
+ }
+ } else {
+ Result<ResultSet> rs = createPS.exec(trans, C_TEXT, data);
+ if(rs.notOK()) {
+ return Result.err(rs);
+ }
+ }
+ wasModified(trans, CRUD.create, data);
+ return Result.ok(data);
+ }
- /**
- * Read the Unique Row associated with Full Keys
- */
- public Result<List<DATA>> read(TRANS trans, DATA data) {
- if(readPS==null) {
- return Result.err(Result.ERR_NotImplemented,"Read is disabled for %s",getClass().getSimpleName());
- }
- return readPS.read(trans, R_TEXT, data);
- }
+ /**
+ * Read the Unique Row associated with Full Keys
+ */
+ public Result<List<DATA>> read(TRANS trans, DATA data) {
+ if(readPS==null) {
+ return Result.err(Result.ERR_NotImplemented,"Read is disabled for %s",getClass().getSimpleName());
+ }
+ return readPS.read(trans, R_TEXT, data);
+ }
- public Result<List<DATA>> read(TRANS trans, Object ... key) {
- if(readPS==null) {
- return Result.err(Result.ERR_NotImplemented,"Read is disabled for %s",getClass().getSimpleName());
- }
- return readPS.read(trans, R_TEXT, key);
- }
-
- public Result<DATA> readPrimKey(TRANS trans, Object ... key) {
- if(readPS==null) {
- return Result.err(Result.ERR_NotImplemented,"Read is disabled for %s",getClass().getSimpleName());
- }
- Result<List<DATA>> rld = readPS.read(trans, R_TEXT, key);
- if(rld.isOK()) {
- if(rld.isEmpty()) {
- return Result.err(Result.ERR_NotFound,rld.details);
- } else {
- return Result.ok(rld.value.get(0));
- }
- } else {
- return Result.err(rld);
- }
- }
+ public Result<List<DATA>> read(TRANS trans, Object ... key) {
+ if(readPS==null) {
+ return Result.err(Result.ERR_NotImplemented,"Read is disabled for %s",getClass().getSimpleName());
+ }
+ return readPS.read(trans, R_TEXT, key);
+ }
+
+ public Result<DATA> readPrimKey(TRANS trans, Object ... key) {
+ if(readPS==null) {
+ return Result.err(Result.ERR_NotImplemented,"Read is disabled for %s",getClass().getSimpleName());
+ }
+ Result<List<DATA>> rld = readPS.read(trans, R_TEXT, key);
+ if(rld.isOK()) {
+ if(rld.isEmpty()) {
+ return Result.err(Result.ERR_NotFound,rld.details);
+ } else {
+ return Result.ok(rld.value.get(0));
+ }
+ } else {
+ return Result.err(rld);
+ }
+ }
- public Result<Void> update(TRANS trans, DATA data) {
- return update(trans, data, async);
- }
+ public Result<Void> update(TRANS trans, DATA data) {
+ return update(trans, data, async);
+ }
- public Result<Void> update(TRANS trans, DATA data, boolean async) {
- if(updatePS==null) {
- return Result.err(Result.ERR_NotImplemented,"Update is disabled for %s",getClass().getSimpleName());
- }
- if(async)/* ResultSet rs =*/ {
- Result<ResultSetFuture> rs = updatePS.execAsync(trans, U_TEXT, data);
- if(rs.notOK()) {
- return Result.err(rs);
- }
- } else {
- Result<ResultSet> rs = updatePS.exec(trans, U_TEXT, data);
- if(rs.notOK()) {
- return Result.err(rs);
- }
- }
-
- wasModified(trans, CRUD.update, data);
- return Result.ok();
- }
+ public Result<Void> update(TRANS trans, DATA data, boolean async) {
+ if(updatePS==null) {
+ return Result.err(Result.ERR_NotImplemented,"Update is disabled for %s",getClass().getSimpleName());
+ }
+ if(async)/* ResultSet rs =*/ {
+ Result<ResultSetFuture> rs = updatePS.execAsync(trans, U_TEXT, data);
+ if(rs.notOK()) {
+ return Result.err(rs);
+ }
+ } else {
+ Result<ResultSet> rs = updatePS.exec(trans, U_TEXT, data);
+ if(rs.notOK()) {
+ return Result.err(rs);
+ }
+ }
+
+ wasModified(trans, CRUD.update, data);
+ return Result.ok();
+ }
- // This method Sig for Cached...
- public Result<Void> delete(TRANS trans, DATA data, boolean reread) {
- if(deletePS==null) {
- return Result.err(Result.ERR_NotImplemented,"Delete is disabled for %s",getClass().getSimpleName());
- }
- // Since Deleting will be stored off, for possible re-constitution, need the whole thing
- if(reread) {
- Result<List<DATA>> rd = read(trans,data);
- if(rd.notOK()) {
- return Result.err(rd);
- }
- if(rd.isEmpty()) {
- return Result.err(Status.ERR_NotFound,"Not Found");
- }
- for(DATA d : rd.value) {
- if(async) {
- Result<ResultSetFuture> rs = deletePS.execAsync(trans, D_TEXT, d);
- if(rs.notOK()) {
- return Result.err(rs);
- }
- } else {
- Result<ResultSet> rs = deletePS.exec(trans, D_TEXT, d);
- if(rs.notOK()) {
- return Result.err(rs);
- }
- }
- wasModified(trans, CRUD.delete, d);
- }
- } else {
- if(async)/* ResultSet rs =*/ {
- Result<ResultSetFuture> rs = deletePS.execAsync(trans, D_TEXT, data);
- if(rs.notOK()) {
- return Result.err(rs);
- }
- } else {
- Result<ResultSet> rs = deletePS.exec(trans, D_TEXT, data);
- if(rs.notOK()) {
- return Result.err(rs);
- }
- }
- wasModified(trans, CRUD.delete, data);
- }
- return Result.ok();
- }
-
- public final Object[] keyFrom(DATA data) {
- return createPS.keyFrom(data);
- }
+ // This method Sig for Cached...
+ public Result<Void> delete(TRANS trans, DATA data, boolean reread) {
+ if(deletePS==null) {
+ return Result.err(Result.ERR_NotImplemented,"Delete is disabled for %s",getClass().getSimpleName());
+ }
+ // Since Deleting will be stored off, for possible re-constitution, need the whole thing
+ if(reread) {
+ Result<List<DATA>> rd = read(trans,data);
+ if(rd.notOK()) {
+ return Result.err(rd);
+ }
+ if(rd.isEmpty()) {
+ return Result.err(Status.ERR_NotFound,"Not Found");
+ }
+ for(DATA d : rd.value) {
+ if(async) {
+ Result<ResultSetFuture> rs = deletePS.execAsync(trans, D_TEXT, d);
+ if(rs.notOK()) {
+ return Result.err(rs);
+ }
+ } else {
+ Result<ResultSet> rs = deletePS.exec(trans, D_TEXT, d);
+ if(rs.notOK()) {
+ return Result.err(rs);
+ }
+ }
+ wasModified(trans, CRUD.delete, d);
+ }
+ } else {
+ if(async)/* ResultSet rs =*/ {
+ Result<ResultSetFuture> rs = deletePS.execAsync(trans, D_TEXT, data);
+ if(rs.notOK()) {
+ return Result.err(rs);
+ }
+ } else {
+ Result<ResultSet> rs = deletePS.exec(trans, D_TEXT, data);
+ if(rs.notOK()) {
+ return Result.err(rs);
+ }
+ }
+ wasModified(trans, CRUD.delete, data);
+ }
+ return Result.ok();
+ }
+
+ public final Object[] keyFrom(DATA data) {
+ return createPS.keyFrom(data);
+ }
- @Override
- public String table() {
- return table;
- }
-
- public static final String CASS_READ_CONSISTENCY="cassandra.readConsistency";
- public static final String CASS_WRITE_CONSISTENCY="cassandra.writeConsistency";
- protected static ConsistencyLevel readConsistency(AuthzTrans trans, String table) {
- String prop = trans.getProperty(CASS_READ_CONSISTENCY+'.'+table);
- if(prop==null) {
- prop = trans.getProperty(CASS_READ_CONSISTENCY);
- if(prop==null) {
- return ConsistencyLevel.ONE; // this is Cassandra Default
- }
- }
- return ConsistencyLevel.valueOf(prop);
- }
+ @Override
+ public String table() {
+ return table;
+ }
+
+ public static final String CASS_READ_CONSISTENCY="cassandra.readConsistency";
+ public static final String CASS_WRITE_CONSISTENCY="cassandra.writeConsistency";
+ protected static ConsistencyLevel readConsistency(AuthzTrans trans, String table) {
+ String prop = trans.getProperty(CASS_READ_CONSISTENCY+'.'+table);
+ if(prop==null) {
+ prop = trans.getProperty(CASS_READ_CONSISTENCY);
+ if(prop==null) {
+ return ConsistencyLevel.ONE; // this is Cassandra Default
+ }
+ }
+ return ConsistencyLevel.valueOf(prop);
+ }
- protected static ConsistencyLevel writeConsistency(AuthzTrans trans, String table) {
- String prop = trans.getProperty(CASS_WRITE_CONSISTENCY+'.'+table);
- if(prop==null) {
- prop = trans.getProperty(CASS_WRITE_CONSISTENCY);
- if(prop==null) {
- return ConsistencyLevel.ONE; // this is Cassandra Default\
- }
- }
- return ConsistencyLevel.valueOf(prop);
- }
+ protected static ConsistencyLevel writeConsistency(AuthzTrans trans, String table) {
+ String prop = trans.getProperty(CASS_WRITE_CONSISTENCY+'.'+table);
+ if(prop==null) {
+ prop = trans.getProperty(CASS_WRITE_CONSISTENCY);
+ if(prop==null) {
+ return ConsistencyLevel.ONE; // this is Cassandra Default\
+ }
+ }
+ return ConsistencyLevel.valueOf(prop);
+ }
- public static DataInputStream toDIS(ByteBuffer bb) {
- byte[] b = bb.array();
- return new DataInputStream(
- new ByteArrayInputStream(b,bb.position(),bb.limit())
- );
- }
+ public static DataInputStream toDIS(ByteBuffer bb) {
+ byte[] b = bb.array();
+ return new DataInputStream(
+ new ByteArrayInputStream(b,bb.position(),bb.limit())
+ );
+ }
}
diff --git a/auth/auth-cass/src/main/java/org/onap/aaf/auth/dao/DAO.java b/auth/auth-cass/src/main/java/org/onap/aaf/auth/dao/DAO.java
index 70db430e..38759075 100644
--- a/auth/auth-cass/src/main/java/org/onap/aaf/auth/dao/DAO.java
+++ b/auth/auth-cass/src/main/java/org/onap/aaf/auth/dao/DAO.java
@@ -35,10 +35,10 @@ import org.onap.aaf.misc.env.Trans;
* @param <DATA>
*/
public interface DAO<TRANS extends Trans,DATA> extends DAO_RO<TRANS,DATA> {
- public Result<DATA> create(TRANS trans, DATA data);
- public Result<Void> update(TRANS trans, DATA data);
- // In many cases, the data has been correctly read first, so we shouldn't read again
- // Use reread=true if you are using DATA with only a Key
- public Result<Void> delete(TRANS trans, DATA data, boolean reread);
- public Object[] keyFrom(DATA data);
+ public Result<DATA> create(TRANS trans, DATA data);
+ public Result<Void> update(TRANS trans, DATA data);
+ // In many cases, the data has been correctly read first, so we shouldn't read again
+ // Use reread=true if you are using DATA with only a Key
+ public Result<Void> delete(TRANS trans, DATA data, boolean reread);
+ public Object[] keyFrom(DATA data);
}
diff --git a/auth/auth-cass/src/main/java/org/onap/aaf/auth/dao/DAOException.java b/auth/auth-cass/src/main/java/org/onap/aaf/auth/dao/DAOException.java
index 207576e4..b6c35f20 100644
--- a/auth/auth-cass/src/main/java/org/onap/aaf/auth/dao/DAOException.java
+++ b/auth/auth-cass/src/main/java/org/onap/aaf/auth/dao/DAOException.java
@@ -23,10 +23,10 @@ package org.onap.aaf.auth.dao;
public class DAOException extends Exception {
- /**
- *
- */
- private static final long serialVersionUID = 1527904125585539823L;
+ /**
+ *
+ */
+ private static final long serialVersionUID = 1527904125585539823L;
// // TODO - enum in result class == is our intended design, currently the DAO layer does not use Result<RV> so we still use these for now
// public final static DAOException RoleNotFoundDAOException = new DAOException("RoleNotFound");
@@ -34,18 +34,18 @@ public class DAOException extends Exception {
// public final static DAOException UserNotFoundDAOException = new DAOException("UserNotFound");
public DAOException() {
- }
+ }
- public DAOException(String message) {
- super(message);
- }
+ public DAOException(String message) {
+ super(message);
+ }
- public DAOException(Throwable cause) {
- super(cause);
- }
+ public DAOException(Throwable cause) {
+ super(cause);
+ }
- public DAOException(String message, Throwable cause) {
- super(message, cause);
- }
+ public DAOException(String message, Throwable cause) {
+ super(message, cause);
+ }
}
diff --git a/auth/auth-cass/src/main/java/org/onap/aaf/auth/dao/DAO_RO.java b/auth/auth-cass/src/main/java/org/onap/aaf/auth/dao/DAO_RO.java
index 4bffb5f3..ca4277e1 100644
--- a/auth/auth-cass/src/main/java/org/onap/aaf/auth/dao/DAO_RO.java
+++ b/auth/auth-cass/src/main/java/org/onap/aaf/auth/dao/DAO_RO.java
@@ -38,33 +38,33 @@ import org.onap.aaf.misc.env.Trans;
* @param <DATA>
*/
public interface DAO_RO<TRANS extends Trans,DATA> {
- /**
- * Get a List of Data given Key of Object Array
- * @param objs
- * @return
- * @throws DAOException
- */
- public Result<List<DATA>> read(TRANS trans, Object ... key);
+ /**
+ * Get a List of Data given Key of Object Array
+ * @param objs
+ * @return
+ * @throws DAOException
+ */
+ public Result<List<DATA>> read(TRANS trans, Object ... key);
- /**
- * Get a List of Data given Key of DATA Object
- * @param trans
- * @param key
- * @return
- * @throws DAOException
- */
- public Result<List<DATA>> read(TRANS trans, DATA key);
+ /**
+ * Get a List of Data given Key of DATA Object
+ * @param trans
+ * @param key
+ * @return
+ * @throws DAOException
+ */
+ public Result<List<DATA>> read(TRANS trans, DATA key);
- /**
- * close DAO
- */
- public void close(TRANS trans);
+ /**
+ * close DAO
+ */
+ public void close(TRANS trans);
- /**
- * Return name of referenced Data
- * @return
- */
- public String table();
+ /**
+ * Return name of referenced Data
+ * @return
+ */
+ public String table();
}
diff --git a/auth/auth-cass/src/main/java/org/onap/aaf/auth/dao/Loader.java b/auth/auth-cass/src/main/java/org/onap/aaf/auth/dao/Loader.java
index 00423161..cdfd0697 100644
--- a/auth/auth-cass/src/main/java/org/onap/aaf/auth/dao/Loader.java
+++ b/auth/auth-cass/src/main/java/org/onap/aaf/auth/dao/Loader.java
@@ -36,179 +36,179 @@ import java.util.Set;
import com.datastax.driver.core.Row;
public abstract class Loader<DATA> {
- private int keylimit;
- public Loader(int keylimit) {
- this.keylimit = keylimit;
- }
-
- public int keylimit() {
- return keylimit;
- }
-
- protected abstract DATA load(DATA data, Row row);
- protected abstract void key(DATA data, int idx, Object[] obj);
- protected abstract void body(DATA data, int idx, Object[] obj);
+ private int keylimit;
+ public Loader(int keylimit) {
+ this.keylimit = keylimit;
+ }
+
+ public int keylimit() {
+ return keylimit;
+ }
+
+ protected abstract DATA load(DATA data, Row row);
+ protected abstract void key(DATA data, int idx, Object[] obj);
+ protected abstract void body(DATA data, int idx, Object[] obj);
- public final Object[] extract(DATA data, int size, CassDAOImpl.CRUD type) {
- Object[] rv=null;
- switch(type) {
- case delete:
- rv = new Object[keylimit()];
- key(data,0,rv);
- break;
- case update:
- rv = new Object[size];
- body(data,0,rv);
- int body = size-keylimit();
- if(body>0) {
- key(data,body,rv);
- }
- break;
- default:
- rv = new Object[size];
- key(data,0,rv);
- if(size>keylimit()) {
- body(data,keylimit(),rv);
- }
- break;
- }
- return rv;
- }
-
- public static void writeString(DataOutputStream os, String s) throws IOException {
- if(s==null) {
- os.writeInt(-1);
- } else {
- switch(s.length()) {
- case 0:
- os.writeInt(0);
- break;
- default:
- byte[] bytes = s.getBytes();
- os.writeInt(bytes.length);
- os.write(bytes);
- }
- }
- }
-
-
- /**
- * We use bytes here to set a Maximum
- *
- * @param is
- * @param MAX
- * @return
- * @throws IOException
- */
- public static String readString(DataInputStream is, byte[] _buff) throws IOException {
- int l = is.readInt();
- byte[] buff = _buff;
- switch(l) {
- case -1: return null;
- case 0: return "";
- default:
- // Cover case where there is a large string, without always allocating a large buffer.
- if(l>buff.length) {
- buff = new byte[l];
- }
- is.read(buff,0,l);
- return new String(buff,0,l);
- }
- }
+ public final Object[] extract(DATA data, int size, CassDAOImpl.CRUD type) {
+ Object[] rv=null;
+ switch(type) {
+ case delete:
+ rv = new Object[keylimit()];
+ key(data,0,rv);
+ break;
+ case update:
+ rv = new Object[size];
+ body(data,0,rv);
+ int body = size-keylimit();
+ if(body>0) {
+ key(data,body,rv);
+ }
+ break;
+ default:
+ rv = new Object[size];
+ key(data,0,rv);
+ if(size>keylimit()) {
+ body(data,keylimit(),rv);
+ }
+ break;
+ }
+ return rv;
+ }
+
+ public static void writeString(DataOutputStream os, String s) throws IOException {
+ if(s==null) {
+ os.writeInt(-1);
+ } else {
+ switch(s.length()) {
+ case 0:
+ os.writeInt(0);
+ break;
+ default:
+ byte[] bytes = s.getBytes();
+ os.writeInt(bytes.length);
+ os.write(bytes);
+ }
+ }
+ }
+
+
+ /**
+ * We use bytes here to set a Maximum
+ *
+ * @param is
+ * @param MAX
+ * @return
+ * @throws IOException
+ */
+ public static String readString(DataInputStream is, byte[] _buff) throws IOException {
+ int l = is.readInt();
+ byte[] buff = _buff;
+ switch(l) {
+ case -1: return null;
+ case 0: return "";
+ default:
+ // Cover case where there is a large string, without always allocating a large buffer.
+ if(l>buff.length) {
+ buff = new byte[l];
+ }
+ is.read(buff,0,l);
+ return new String(buff,0,l);
+ }
+ }
- /**
- * Write a set with proper sizing
- *
- * Note: at the moment, this is just String. Probably can develop system where types
- * are supported too... but not now.
- *
- * @param os
- * @param set
- * @throws IOException
- */
- public static void writeStringSet(DataOutputStream os, Collection<String> set) throws IOException {
- if(set==null) {
- os.writeInt(-1);
- } else {
- os.writeInt(set.size());
- for(String s : set) {
- writeString(os, s);
- }
- }
+ /**
+ * Write a set with proper sizing
+ *
+ * Note: at the moment, this is just String. Probably can develop system where types
+ * are supported too... but not now.
+ *
+ * @param os
+ * @param set
+ * @throws IOException
+ */
+ public static void writeStringSet(DataOutputStream os, Collection<String> set) throws IOException {
+ if(set==null) {
+ os.writeInt(-1);
+ } else {
+ os.writeInt(set.size());
+ for(String s : set) {
+ writeString(os, s);
+ }
+ }
- }
-
- public static Set<String> readStringSet(DataInputStream is, byte[] buff) throws IOException {
- int l = is.readInt();
- if(l<0) {
- return null;
- }
- Set<String> set = new HashSet<>(l);
- for(int i=0;i<l;++i) {
- set.add(readString(is,buff));
- }
- return set;
- }
-
- public static List<String> readStringList(DataInputStream is, byte[] buff) throws IOException {
- int l = is.readInt();
- if(l<0) {
- return null;
- }
- List<String> list = new ArrayList<>(l);
- for(int i=0;i<l;++i) {
- list.add(Loader.readString(is,buff));
- }
- return list;
- }
+ }
+
+ public static Set<String> readStringSet(DataInputStream is, byte[] buff) throws IOException {
+ int l = is.readInt();
+ if(l<0) {
+ return null;
+ }
+ Set<String> set = new HashSet<>(l);
+ for(int i=0;i<l;++i) {
+ set.add(readString(is,buff));
+ }
+ return set;
+ }
+
+ public static List<String> readStringList(DataInputStream is, byte[] buff) throws IOException {
+ int l = is.readInt();
+ if(l<0) {
+ return null;
+ }
+ List<String> list = new ArrayList<>(l);
+ for(int i=0;i<l;++i) {
+ list.add(Loader.readString(is,buff));
+ }
+ return list;
+ }
- /**
- * Write a map
- * @param os
- * @param map
- * @throws IOException
- */
- public static void writeStringMap(DataOutputStream os, Map<String,String> map) throws IOException {
- if(map==null) {
- os.writeInt(-1);
- } else {
- Set<Entry<String, String>> es = map.entrySet();
- os.writeInt(es.size());
- for(Entry<String,String> e : es) {
- writeString(os, e.getKey());
- writeString(os, e.getValue());
- }
- }
+ /**
+ * Write a map
+ * @param os
+ * @param map
+ * @throws IOException
+ */
+ public static void writeStringMap(DataOutputStream os, Map<String,String> map) throws IOException {
+ if(map==null) {
+ os.writeInt(-1);
+ } else {
+ Set<Entry<String, String>> es = map.entrySet();
+ os.writeInt(es.size());
+ for(Entry<String,String> e : es) {
+ writeString(os, e.getKey());
+ writeString(os, e.getValue());
+ }
+ }
- }
+ }
- public static Map<String,String> readStringMap(DataInputStream is, byte[] buff) throws IOException {
- int l = is.readInt();
- if(l<0) {
- return null;
- }
- Map<String,String> map = new HashMap<>(l);
- for(int i=0;i<l;++i) {
- String key = readString(is,buff);
- map.put(key,readString(is,buff));
- }
- return map;
- }
- public static void writeHeader(DataOutputStream os, int magic, int version) throws IOException {
- os.writeInt(magic);
- os.writeInt(version);
- }
-
- public static int readHeader(DataInputStream is, final int magic, final int version) throws IOException {
- if(is.readInt()!=magic) {
- throw new IOException("Corrupted Data Stream");
- }
- int v = is.readInt();
- if(version<0 || v>version) {
- throw new IOException("Unsupported Data Version: " + v);
- }
- return v;
- }
+ public static Map<String,String> readStringMap(DataInputStream is, byte[] buff) throws IOException {
+ int l = is.readInt();
+ if(l<0) {
+ return null;
+ }
+ Map<String,String> map = new HashMap<>(l);
+ for(int i=0;i<l;++i) {
+ String key = readString(is,buff);
+ map.put(key,readString(is,buff));
+ }
+ return map;
+ }
+ public static void writeHeader(DataOutputStream os, int magic, int version) throws IOException {
+ os.writeInt(magic);
+ os.writeInt(version);
+ }
+
+ public static int readHeader(DataInputStream is, final int magic, final int version) throws IOException {
+ if(is.readInt()!=magic) {
+ throw new IOException("Corrupted Data Stream");
+ }
+ int v = is.readInt();
+ if(version<0 || v>version) {
+ throw new IOException("Unsupported Data Version: " + v);
+ }
+ return v;
+ }
}
diff --git a/auth/auth-cass/src/main/java/org/onap/aaf/auth/dao/Streamer.java b/auth/auth-cass/src/main/java/org/onap/aaf/auth/dao/Streamer.java
index c40d74fa..af3567eb 100644
--- a/auth/auth-cass/src/main/java/org/onap/aaf/auth/dao/Streamer.java
+++ b/auth/auth-cass/src/main/java/org/onap/aaf/auth/dao/Streamer.java
@@ -26,6 +26,6 @@ import java.io.DataOutputStream;
import java.io.IOException;
public interface Streamer<DATA> {
- public abstract void marshal(DATA data, DataOutputStream os) throws IOException;
- public abstract void unmarshal(DATA data, DataInputStream is) throws IOException;
+ public abstract void marshal(DATA data, DataOutputStream os) throws IOException;
+ public abstract void unmarshal(DATA data, DataInputStream is) throws IOException;
}
diff --git a/auth/auth-cass/src/main/java/org/onap/aaf/auth/dao/Touchable.java b/auth/auth-cass/src/main/java/org/onap/aaf/auth/dao/Touchable.java
index c00c1048..0fcda19c 100644
--- a/auth/auth-cass/src/main/java/org/onap/aaf/auth/dao/Touchable.java
+++ b/auth/auth-cass/src/main/java/org/onap/aaf/auth/dao/Touchable.java
@@ -22,5 +22,5 @@
package org.onap.aaf.auth.dao;
public interface Touchable {
- // Or make all DAOs accept list of CIDAOs...
+ // Or make all DAOs accept list of CIDAOs...
}
diff --git a/auth/auth-cass/src/main/java/org/onap/aaf/auth/dao/cached/CachedCertDAO.java b/auth/auth-cass/src/main/java/org/onap/aaf/auth/dao/cached/CachedCertDAO.java
index 9526bf28..c0a2c49c 100644
--- a/auth/auth-cass/src/main/java/org/onap/aaf/auth/dao/cached/CachedCertDAO.java
+++ b/auth/auth-cass/src/main/java/org/onap/aaf/auth/dao/cached/CachedCertDAO.java
@@ -30,25 +30,25 @@ import org.onap.aaf.auth.env.AuthzTrans;
import org.onap.aaf.auth.layer.Result;
public class CachedCertDAO extends CachedDAO<AuthzTrans, CertDAO, CertDAO.Data> {
- public CachedCertDAO(CertDAO dao, CIDAO<AuthzTrans> info, long expiresIn) {
- super(dao, info, CertDAO.CACHE_SEG, expiresIn);
- }
-
- /**
- * Pass through Cert ID Lookup
- *
- * @param trans
- * @param ns
- * @return
- */
-
- public Result<List<CertDAO.Data>> readID(AuthzTrans trans, final String id) {
- return dao().readID(trans, id);
- }
-
- public Result<List<CertDAO.Data>> readX500(AuthzTrans trans, final String x500) {
- return dao().readX500(trans, x500);
- }
+ public CachedCertDAO(CertDAO dao, CIDAO<AuthzTrans> info, long expiresIn) {
+ super(dao, info, CertDAO.CACHE_SEG, expiresIn);
+ }
+
+ /**
+ * Pass through Cert ID Lookup
+ *
+ * @param trans
+ * @param ns
+ * @return
+ */
+
+ public Result<List<CertDAO.Data>> readID(AuthzTrans trans, final String id) {
+ return dao().readID(trans, id);
+ }
+
+ public Result<List<CertDAO.Data>> readX500(AuthzTrans trans, final String x500) {
+ return dao().readX500(trans, x500);
+ }
}
diff --git a/auth/auth-cass/src/main/java/org/onap/aaf/auth/dao/cached/CachedCredDAO.java b/auth/auth-cass/src/main/java/org/onap/aaf/auth/dao/cached/CachedCredDAO.java
index 76fd5530..eb5885f0 100644
--- a/auth/auth-cass/src/main/java/org/onap/aaf/auth/dao/cached/CachedCredDAO.java
+++ b/auth/auth-cass/src/main/java/org/onap/aaf/auth/dao/cached/CachedCredDAO.java
@@ -31,36 +31,36 @@ import org.onap.aaf.auth.env.AuthzTrans;
import org.onap.aaf.auth.layer.Result;
public class CachedCredDAO extends CachedDAO<AuthzTrans, CredDAO, CredDAO.Data> {
- public CachedCredDAO(CredDAO dao, CIDAO<AuthzTrans> info, long expiresIn) {
- super(dao, info, CredDAO.CACHE_SEG, expiresIn);
- }
-
- /**
- * Pass through Cred Lookup
- *
- * Unlike Role and Perm, we don't need or want to cache these elements... Only used for NS Delete.
- *
- * @param trans
- * @param ns
- * @return
- */
- public Result<List<CredDAO.Data>> readNS(AuthzTrans trans, final String ns) {
-
- return dao().readNS(trans, ns);
- }
-
- public Result<List<CredDAO.Data>> readID(AuthzTrans trans, final String id) {
- DAOGetter getter = new DAOGetter(trans,dao()) {
- public Result<List<CredDAO.Data>> call() {
- return dao().readID(trans, id);
- }
- };
-
- Result<List<CredDAO.Data>> lurd = get(trans, id, getter);
- if(lurd.isOK() && lurd.isEmpty()) {
- return Result.err(Status.ERR_UserNotFound,"No User Cred found");
- }
- return lurd;
- }
+ public CachedCredDAO(CredDAO dao, CIDAO<AuthzTrans> info, long expiresIn) {
+ super(dao, info, CredDAO.CACHE_SEG, expiresIn);
+ }
+
+ /**
+ * Pass through Cred Lookup
+ *
+ * Unlike Role and Perm, we don't need or want to cache these elements... Only used for NS Delete.
+ *
+ * @param trans
+ * @param ns
+ * @return
+ */
+ public Result<List<CredDAO.Data>> readNS(AuthzTrans trans, final String ns) {
+
+ return dao().readNS(trans, ns);
+ }
+
+ public Result<List<CredDAO.Data>> readID(AuthzTrans trans, final String id) {
+ DAOGetter getter = new DAOGetter(trans,dao()) {
+ public Result<List<CredDAO.Data>> call() {
+ return dao().readID(trans, id);
+ }
+ };
+
+ Result<List<CredDAO.Data>> lurd = get(trans, id, getter);
+ if(lurd.isOK() && lurd.isEmpty()) {
+ return Result.err(Status.ERR_UserNotFound,"No User Cred found");
+ }
+ return lurd;
+ }
}
diff --git a/auth/auth-cass/src/main/java/org/onap/aaf/auth/dao/cached/CachedNSDAO.java b/auth/auth-cass/src/main/java/org/onap/aaf/auth/dao/cached/CachedNSDAO.java
index be860488..e639767c 100644
--- a/auth/auth-cass/src/main/java/org/onap/aaf/auth/dao/cached/CachedNSDAO.java
+++ b/auth/auth-cass/src/main/java/org/onap/aaf/auth/dao/cached/CachedNSDAO.java
@@ -27,7 +27,7 @@ import org.onap.aaf.auth.dao.cass.NsDAO;
import org.onap.aaf.auth.env.AuthzTrans;
public class CachedNSDAO extends CachedDAO<AuthzTrans, NsDAO, NsDAO.Data> {
- public CachedNSDAO(NsDAO dao, CIDAO<AuthzTrans> info, long expiresIn) {
- super(dao, info, NsDAO.CACHE_SEG, expiresIn);
- }
+ public CachedNSDAO(NsDAO dao, CIDAO<AuthzTrans> info, long expiresIn) {
+ super(dao, info, NsDAO.CACHE_SEG, expiresIn);
+ }
}
diff --git a/auth/auth-cass/src/main/java/org/onap/aaf/auth/dao/cached/CachedPermDAO.java b/auth/auth-cass/src/main/java/org/onap/aaf/auth/dao/cached/CachedPermDAO.java
index 4cb7cf2e..a18e6a67 100644
--- a/auth/auth-cass/src/main/java/org/onap/aaf/auth/dao/cached/CachedPermDAO.java
+++ b/auth/auth-cass/src/main/java/org/onap/aaf/auth/dao/cached/CachedPermDAO.java
@@ -34,91 +34,91 @@ import org.onap.aaf.auth.layer.Result;
public class CachedPermDAO extends CachedDAO<AuthzTrans,PermDAO, PermDAO.Data> {
- public CachedPermDAO(PermDAO dao, CIDAO<AuthzTrans> info, long expiresIn) {
- super(dao, info, PermDAO.CACHE_SEG, expiresIn);
- }
+ public CachedPermDAO(PermDAO dao, CIDAO<AuthzTrans> info, long expiresIn) {
+ super(dao, info, PermDAO.CACHE_SEG, expiresIn);
+ }
- public Result<List<Data>> readNS(AuthzTrans trans, final String ns) {
- DAOGetter getter = new DAOGetter(trans,dao()) {
- public Result<List<Data>> call() {
- return dao.readNS(trans, ns);
- }
- };
-
- Result<List<Data>> lurd = get(trans, ns, getter);
- if(lurd.isOKhasData()) {
- return lurd;
- } else {
-
- }
-// if(getter.result==null) {
-// if(lurd==null) {
- return Result.err(Status.ERR_PermissionNotFound,"No Permission found - " + lurd.details);
-// } else {
-// return Result.ok(lurd);
-// }
-// }
-// return getter.result;
- }
+ public Result<List<Data>> readNS(AuthzTrans trans, final String ns) {
+ DAOGetter getter = new DAOGetter(trans,dao()) {
+ public Result<List<Data>> call() {
+ return dao.readNS(trans, ns);
+ }
+ };
+
+ Result<List<Data>> lurd = get(trans, ns, getter);
+ if(lurd.isOKhasData()) {
+ return lurd;
+ } else {
+
+ }
+// if(getter.result==null) {
+// if(lurd==null) {
+ return Result.err(Status.ERR_PermissionNotFound,"No Permission found - " + lurd.details);
+// } else {
+// return Result.ok(lurd);
+// }
+// }
+// return getter.result;
+ }
- public Result<List<Data>> readChildren(AuthzTrans trans, final String ns, final String type) {
- return dao().readChildren(trans,ns,type);
- }
+ public Result<List<Data>> readChildren(AuthzTrans trans, final String ns, final String type) {
+ return dao().readChildren(trans,ns,type);
+ }
- /**
- *
- * @param trans
- * @param ns
- * @param type
- * @return
- */
- public Result<List<Data>> readByType(AuthzTrans trans, final String ns, final String type) {
- DAOGetter getter = new DAOGetter(trans,dao()) {
- public Result<List<Data>> call() {
- return dao.readByType(trans, ns, type);
- }
- };
-
- // Note: Can reuse index1 here, because there is no name collision versus response
- Result<List<Data>> lurd = get(trans, ns+'|'+type, getter);
- if(lurd.isOK() && lurd.isEmpty()) {
- return Result.err(Status.ERR_PermissionNotFound,"No Permission found");
- }
- return lurd;
- }
-
- /**
- * Add desciption to this permission
- *
- * @param trans
- * @param ns
- * @param type
- * @param instance
- * @param action
- * @param description
- * @return
- */
- public Result<Void> addDescription(AuthzTrans trans, String ns, String type,
- String instance, String action, String description) {
- //TODO Invalidate?
- return dao().addDescription(trans, ns, type, instance, action, description);
- }
-
- public Result<Void> addRole(AuthzTrans trans, PermDAO.Data perm, RoleDAO.Data role) {
- Result<Void> rv = dao().addRole(trans,perm,role.encode());
- if(trans.debug().isLoggable())
- trans.debug().log("Adding",role.encode(),"to", perm, "with CachedPermDAO.addRole");
- invalidate(trans,perm);
- return rv;
- }
+ /**
+ *
+ * @param trans
+ * @param ns
+ * @param type
+ * @return
+ */
+ public Result<List<Data>> readByType(AuthzTrans trans, final String ns, final String type) {
+ DAOGetter getter = new DAOGetter(trans,dao()) {
+ public Result<List<Data>> call() {
+ return dao.readByType(trans, ns, type);
+ }
+ };
+
+ // Note: Can reuse index1 here, because there is no name collision versus response
+ Result<List<Data>> lurd = get(trans, ns+'|'+type, getter);
+ if(lurd.isOK() && lurd.isEmpty()) {
+ return Result.err(Status.ERR_PermissionNotFound,"No Permission found");
+ }
+ return lurd;
+ }
+
+ /**
+ * Add desciption to this permission
+ *
+ * @param trans
+ * @param ns
+ * @param type
+ * @param instance
+ * @param action
+ * @param description
+ * @return
+ */
+ public Result<Void> addDescription(AuthzTrans trans, String ns, String type,
+ String instance, String action, String description) {
+ //TODO Invalidate?
+ return dao().addDescription(trans, ns, type, instance, action, description);
+ }
+
+ public Result<Void> addRole(AuthzTrans trans, PermDAO.Data perm, RoleDAO.Data role) {
+ Result<Void> rv = dao().addRole(trans,perm,role.encode());
+ if(trans.debug().isLoggable())
+ trans.debug().log("Adding",role.encode(),"to", perm, "with CachedPermDAO.addRole");
+ invalidate(trans,perm);
+ return rv;
+ }
- public Result<Void> delRole(AuthzTrans trans, Data perm, RoleDAO.Data role) {
- Result<Void> rv = dao().delRole(trans,perm,role.encode());
- if(trans.debug().isLoggable())
- trans.debug().log("Removing",role.encode(),"from", perm, "with CachedPermDAO.delRole");
- invalidate(trans,perm);
- return rv;
- }
+ public Result<Void> delRole(AuthzTrans trans, Data perm, RoleDAO.Data role) {
+ Result<Void> rv = dao().delRole(trans,perm,role.encode());
+ if(trans.debug().isLoggable())
+ trans.debug().log("Removing",role.encode(),"from", perm, "with CachedPermDAO.delRole");
+ invalidate(trans,perm);
+ return rv;
+ }
}
diff --git a/auth/auth-cass/src/main/java/org/onap/aaf/auth/dao/cached/CachedRoleDAO.java b/auth/auth-cass/src/main/java/org/onap/aaf/auth/dao/cached/CachedRoleDAO.java
index 5fac680c..1d8e6709 100644
--- a/auth/auth-cass/src/main/java/org/onap/aaf/auth/dao/cached/CachedRoleDAO.java
+++ b/auth/auth-cass/src/main/java/org/onap/aaf/auth/dao/cached/CachedRoleDAO.java
@@ -33,74 +33,74 @@ import org.onap.aaf.auth.env.AuthzTrans;
import org.onap.aaf.auth.layer.Result;
public class CachedRoleDAO extends CachedDAO<AuthzTrans,RoleDAO, RoleDAO.Data> {
- public CachedRoleDAO(RoleDAO dao, CIDAO<AuthzTrans> info, long expiresIn) {
- super(dao, info, RoleDAO.CACHE_SEG, expiresIn);
- }
+ public CachedRoleDAO(RoleDAO dao, CIDAO<AuthzTrans> info, long expiresIn) {
+ super(dao, info, RoleDAO.CACHE_SEG, expiresIn);
+ }
- public Result<List<Data>> readNS(AuthzTrans trans, final String ns) {
- DAOGetter getter = new DAOGetter(trans,dao()) {
- public Result<List<Data>> call() {
- return dao.readNS(trans, ns);
- }
- };
-
- Result<List<Data>> lurd = get(trans, ns, getter);
- if(lurd.isOK() && lurd.isEmpty()) {
- return Result.err(Status.ERR_RoleNotFound,"No Role found");
- }
- return lurd;
- }
+ public Result<List<Data>> readNS(AuthzTrans trans, final String ns) {
+ DAOGetter getter = new DAOGetter(trans,dao()) {
+ public Result<List<Data>> call() {
+ return dao.readNS(trans, ns);
+ }
+ };
+
+ Result<List<Data>> lurd = get(trans, ns, getter);
+ if(lurd.isOK() && lurd.isEmpty()) {
+ return Result.err(Status.ERR_RoleNotFound,"No Role found");
+ }
+ return lurd;
+ }
- public Result<List<Data>> readName(AuthzTrans trans, final String name) {
- DAOGetter getter = new DAOGetter(trans,dao()) {
- public Result<List<Data>> call() {
- return dao().readName(trans, name);
- }
- };
-
- Result<List<Data>> lurd = get(trans, name, getter);
- if(lurd.isOK() && lurd.isEmpty()) {
- return Result.err(Status.ERR_RoleNotFound,"No Role found");
- }
- return lurd;
- }
+ public Result<List<Data>> readName(AuthzTrans trans, final String name) {
+ DAOGetter getter = new DAOGetter(trans,dao()) {
+ public Result<List<Data>> call() {
+ return dao().readName(trans, name);
+ }
+ };
+
+ Result<List<Data>> lurd = get(trans, name, getter);
+ if(lurd.isOK() && lurd.isEmpty()) {
+ return Result.err(Status.ERR_RoleNotFound,"No Role found");
+ }
+ return lurd;
+ }
- public Result<List<Data>> readChildren(AuthzTrans trans, final String ns, final String name) {
- // At this point, I'm thinking it's better not to try to cache "*" results
- // Data probably won't be accurate, and adding it makes every update invalidate most of the cache
- // Jonathan 2/4/2014
- return dao().readChildren(trans,ns,name);
- }
+ public Result<List<Data>> readChildren(AuthzTrans trans, final String ns, final String name) {
+ // At this point, I'm thinking it's better not to try to cache "*" results
+ // Data probably won't be accurate, and adding it makes every update invalidate most of the cache
+ // Jonathan 2/4/2014
+ return dao().readChildren(trans,ns,name);
+ }
- public Result<Void> addPerm(AuthzTrans trans, RoleDAO.Data rd, PermDAO.Data perm) {
- Result<Void> rv = dao().addPerm(trans,rd,perm);
- if(trans.debug().isLoggable())
- trans.debug().log("Adding",perm,"to", rd, "with CachedRoleDAO.addPerm");
- invalidate(trans, rd);
- return rv;
- }
+ public Result<Void> addPerm(AuthzTrans trans, RoleDAO.Data rd, PermDAO.Data perm) {
+ Result<Void> rv = dao().addPerm(trans,rd,perm);
+ if(trans.debug().isLoggable())
+ trans.debug().log("Adding",perm,"to", rd, "with CachedRoleDAO.addPerm");
+ invalidate(trans, rd);
+ return rv;
+ }
- public Result<Void> delPerm(AuthzTrans trans, RoleDAO.Data rd, PermDAO.Data perm) {
- Result<Void> rv = dao().delPerm(trans,rd,perm);
- if(trans.debug().isLoggable())
- trans.debug().log("Removing",perm,"from", rd, "with CachedRoleDAO.addPerm");
- invalidate(trans, rd);
- return rv;
- }
-
- /**
- * Add description to this role
- *
- * @param trans
- * @param ns
- * @param name
- * @param description
- * @return
- */
- public Result<Void> addDescription(AuthzTrans trans, String ns, String name, String description) {
- //TODO Invalidate?
- return dao().addDescription(trans, ns, name, description);
+ public Result<Void> delPerm(AuthzTrans trans, RoleDAO.Data rd, PermDAO.Data perm) {
+ Result<Void> rv = dao().delPerm(trans,rd,perm);
+ if(trans.debug().isLoggable())
+ trans.debug().log("Removing",perm,"from", rd, "with CachedRoleDAO.addPerm");
+ invalidate(trans, rd);
+ return rv;
+ }
+
+ /**
+ * Add description to this role
+ *
+ * @param trans
+ * @param ns
+ * @param name
+ * @param description
+ * @return
+ */
+ public Result<Void> addDescription(AuthzTrans trans, String ns, String name, String description) {
+ //TODO Invalidate?
+ return dao().addDescription(trans, ns, name, description);
- }
+ }
}
diff --git a/auth/auth-cass/src/main/java/org/onap/aaf/auth/dao/cached/CachedUserRoleDAO.java b/auth/auth-cass/src/main/java/org/onap/aaf/auth/dao/cached/CachedUserRoleDAO.java
index 100c81d5..2121b136 100644
--- a/auth/auth-cass/src/main/java/org/onap/aaf/auth/dao/cached/CachedUserRoleDAO.java
+++ b/auth/auth-cass/src/main/java/org/onap/aaf/auth/dao/cached/CachedUserRoleDAO.java
@@ -34,82 +34,82 @@ import org.onap.aaf.auth.layer.Result;
import org.onap.aaf.misc.env.Slot;
public class CachedUserRoleDAO extends CachedDAO<AuthzTrans,UserRoleDAO, UserRoleDAO.Data> {
- private Slot transURSlot;
+ private Slot transURSlot;
- public CachedUserRoleDAO(UserRoleDAO dao, CIDAO<AuthzTrans> info, long expiresIn) {
- super(dao, info, UserRoleDAO.CACHE_SEG, expiresIn);
- transURSlot = dao.transURSlot;
- }
+ public CachedUserRoleDAO(UserRoleDAO dao, CIDAO<AuthzTrans> info, long expiresIn) {
+ super(dao, info, UserRoleDAO.CACHE_SEG, expiresIn);
+ transURSlot = dao.transURSlot;
+ }
- /**
- * Special Case.
- * User Roles by User are very likely to be called many times in a Transaction, to validate "May User do..."
- * Pull result, and make accessible by the Trans, which is always keyed by User.
- * @param trans
- * @param user
- * @return
- */
- public Result<List<Data>> readByUser(AuthzTrans trans, final String user) {
- DAOGetter getter = new DAOGetter(trans,dao()) {
- public Result<List<Data>> call() {
- // If the call is for THIS user, and it exists, get from TRANS, add to TRANS if not.
- if(user!=null && user.equals(trans.user())) {
- Result<List<Data>> transLD = trans.get(transURSlot,null);
- if(transLD==null ) {
- transLD = dao.readByUser(trans, user);
- }
- return transLD;
- } else {
- return dao.readByUser(trans, user);
- }
- }
- };
- Result<List<Data>> lurd = get(trans, user, getter);
- if(lurd.isOK() && lurd.isEmpty()) {
- return Result.err(Status.ERR_UserRoleNotFound,"UserRole not found for [%s]",user);
- }
- return lurd;
- }
+ /**
+ * Special Case.
+ * User Roles by User are very likely to be called many times in a Transaction, to validate "May User do..."
+ * Pull result, and make accessible by the Trans, which is always keyed by User.
+ * @param trans
+ * @param user
+ * @return
+ */
+ public Result<List<Data>> readByUser(AuthzTrans trans, final String user) {
+ DAOGetter getter = new DAOGetter(trans,dao()) {
+ public Result<List<Data>> call() {
+ // If the call is for THIS user, and it exists, get from TRANS, add to TRANS if not.
+ if(user!=null && user.equals(trans.user())) {
+ Result<List<Data>> transLD = trans.get(transURSlot,null);
+ if(transLD==null ) {
+ transLD = dao.readByUser(trans, user);
+ }
+ return transLD;
+ } else {
+ return dao.readByUser(trans, user);
+ }
+ }
+ };
+ Result<List<Data>> lurd = get(trans, user, getter);
+ if(lurd.isOK() && lurd.isEmpty()) {
+ return Result.err(Status.ERR_UserRoleNotFound,"UserRole not found for [%s]",user);
+ }
+ return lurd;
+ }
-
- public Result<List<Data>> readByRole(AuthzTrans trans, final String role) {
- DAOGetter getter = new DAOGetter(trans,dao()) {
- public Result<List<Data>> call() {
- return dao.readByRole(trans, role);
- }
- };
- Result<List<Data>> lurd = get(trans, role, getter);
- if(lurd.isOK() && lurd.isEmpty()) {
- return Result.err(Status.ERR_UserRoleNotFound,"UserRole not found for [%s]",role);
- }
- return lurd;
- }
+
+ public Result<List<Data>> readByRole(AuthzTrans trans, final String role) {
+ DAOGetter getter = new DAOGetter(trans,dao()) {
+ public Result<List<Data>> call() {
+ return dao.readByRole(trans, role);
+ }
+ };
+ Result<List<Data>> lurd = get(trans, role, getter);
+ if(lurd.isOK() && lurd.isEmpty()) {
+ return Result.err(Status.ERR_UserRoleNotFound,"UserRole not found for [%s]",role);
+ }
+ return lurd;
+ }
- public Result<List<UserRoleDAO.Data>> readUserInRole(final AuthzTrans trans, final String user, final String role) {
- DAOGetter getter = new DAOGetter(trans,dao()) {
- public Result<List<Data>> call() {
- if(user.equals(trans.user())) {
- Result<List<Data>> rrbu = readByUser(trans, user);
- if(rrbu.isOK()) {
- List<Data> ld = new ArrayList<>(1);
- for(Data d : rrbu.value) {
- if(d.role.equals(role)) {
- ld.add(d);
- break;
- }
- }
- return Result.ok(ld).emptyList(ld.isEmpty());
- } else {
- return rrbu;
- }
- }
- return dao.readByUserRole(trans, user, role);
- }
- };
- Result<List<Data>> lurd = get(trans, keyFromObjs(user,role), getter);
- if(lurd.isOK() && lurd.isEmpty()) {
- return Result.err(Status.ERR_UserRoleNotFound,"UserRole not found for role [%s] and user [%s]",role,user);
- }
- return lurd;
- }
+ public Result<List<UserRoleDAO.Data>> readUserInRole(final AuthzTrans trans, final String user, final String role) {
+ DAOGetter getter = new DAOGetter(trans,dao()) {
+ public Result<List<Data>> call() {
+ if(user.equals(trans.user())) {
+ Result<List<Data>> rrbu = readByUser(trans, user);
+ if(rrbu.isOK()) {
+ List<Data> ld = new ArrayList<>(1);
+ for(Data d : rrbu.value) {
+ if(d.role.equals(role)) {
+ ld.add(d);
+ break;
+ }
+ }
+ return Result.ok(ld).emptyList(ld.isEmpty());
+ } else {
+ return rrbu;
+ }
+ }
+ return dao.readByUserRole(trans, user, role);
+ }
+ };
+ Result<List<Data>> lurd = get(trans, keyFromObjs(user,role), getter);
+ if(lurd.isOK() && lurd.isEmpty()) {
+ return Result.err(Status.ERR_UserRoleNotFound,"UserRole not found for role [%s] and user [%s]",role,user);
+ }
+ return lurd;
+ }
}
diff --git a/auth/auth-cass/src/main/java/org/onap/aaf/auth/dao/cass/ApprovalDAO.java b/auth/auth-cass/src/main/java/org/onap/aaf/auth/dao/cass/ApprovalDAO.java
index 284d0a84..1948ac65 100644
--- a/auth/auth-cass/src/main/java/org/onap/aaf/auth/dao/cass/ApprovalDAO.java
+++ b/auth/auth-cass/src/main/java/org/onap/aaf/auth/dao/cass/ApprovalDAO.java
@@ -43,212 +43,212 @@ import com.datastax.driver.core.exceptions.DriverException;
public class ApprovalDAO extends CassDAOImpl<AuthzTrans,ApprovalDAO.Data> {
- public static final String PENDING = "pending";
- public static final String DENIED = "denied";
- public static final String APPROVED = "approved";
-
- private static final String TABLE = "approval";
- private static final String TABLELOG = "approved";
- private HistoryDAO historyDAO;
- private PSInfo psByUser, psByApprover, psByTicket, psByStatus;
+ public static final String PENDING = "pending";
+ public static final String DENIED = "denied";
+ public static final String APPROVED = "approved";
+
+ private static final String TABLE = "approval";
+ private static final String TABLELOG = "approved";
+ private HistoryDAO historyDAO;
+ private PSInfo psByUser, psByApprover, psByTicket, psByStatus;
-
- public ApprovalDAO(AuthzTrans trans, Cluster cluster, String keyspace) {
- super(trans, ApprovalDAO.class.getSimpleName(),cluster,keyspace,Data.class,TABLE, readConsistency(trans,TABLE), writeConsistency(trans,TABLE));
+
+ public ApprovalDAO(AuthzTrans trans, Cluster cluster, String keyspace) {
+ super(trans, ApprovalDAO.class.getSimpleName(),cluster,keyspace,Data.class,TABLE, readConsistency(trans,TABLE), writeConsistency(trans,TABLE));
historyDAO = new HistoryDAO(trans, this);
- init(trans);
- }
+ init(trans);
+ }
- public ApprovalDAO(AuthzTrans trans, HistoryDAO hDAO) {
- super(trans, ApprovalDAO.class.getSimpleName(),hDAO,Data.class,TABLE, readConsistency(trans,TABLE), writeConsistency(trans,TABLE));
- historyDAO=hDAO;
- init(trans);
- }
+ public ApprovalDAO(AuthzTrans trans, HistoryDAO hDAO) {
+ super(trans, ApprovalDAO.class.getSimpleName(),hDAO,Data.class,TABLE, readConsistency(trans,TABLE), writeConsistency(trans,TABLE));
+ historyDAO=hDAO;
+ init(trans);
+ }
- private static final int KEYLIMIT = 1;
- public static class Data {
- public UUID id;
+ private static final int KEYLIMIT = 1;
+ public static class Data {
+ public UUID id;
public UUID ticket;
- public String user;
- public String approver;
- public String type;
- public String status;
- public String memo;
- public String operation;
- public Date last_notified;
- public Date updated;
- }
-
- private static class ApprovalLoader extends Loader<Data> {
- public static final ApprovalLoader deflt = new ApprovalLoader(KEYLIMIT);
-
- public ApprovalLoader(int keylimit) {
- super(keylimit);
- }
-
- @Override
- public Data load(Data data, Row row) {
- data.id = row.getUUID(0);
- data.ticket = row.getUUID(1);
- data.user = row.getString(2);
- data.approver = row.getString(3);
- data.type = row.getString(4);
- data.status = row.getString(5);
- data.memo = row.getString(6);
- data.operation = row.getString(7);
- data.last_notified = row.getTimestamp(8);
- // This is used to get "WRITETIME(STATUS)" from Approval, which gives us an "updated"
- if(row.getColumnDefinitions().size()>9) {
- // Rows reported in MicroSeconds
- data.updated = new Date(row.getLong(9)/1000);
- }
- return data;
- }
+ public String user;
+ public String approver;
+ public String type;
+ public String status;
+ public String memo;
+ public String operation;
+ public Date last_notified;
+ public Date updated;
+ }
+
+ private static class ApprovalLoader extends Loader<Data> {
+ public static final ApprovalLoader deflt = new ApprovalLoader(KEYLIMIT);
+
+ public ApprovalLoader(int keylimit) {
+ super(keylimit);
+ }
+
+ @Override
+ public Data load(Data data, Row row) {
+ data.id = row.getUUID(0);
+ data.ticket = row.getUUID(1);
+ data.user = row.getString(2);
+ data.approver = row.getString(3);
+ data.type = row.getString(4);
+ data.status = row.getString(5);
+ data.memo = row.getString(6);
+ data.operation = row.getString(7);
+ data.last_notified = row.getTimestamp(8);
+ // This is used to get "WRITETIME(STATUS)" from Approval, which gives us an "updated"
+ if(row.getColumnDefinitions().size()>9) {
+ // Rows reported in MicroSeconds
+ data.updated = new Date(row.getLong(9)/1000);
+ }
+ return data;
+ }
- @Override
- protected void key(Data data, int idx, Object[] obj) {
- obj[idx]=data.id;
- }
+ @Override
+ protected void key(Data data, int idx, Object[] obj) {
+ obj[idx]=data.id;
+ }
- @Override
- protected void body(Data data, int _idx, Object[] obj) {
- int idx = _idx;
- obj[idx]=data.ticket;
- obj[++idx]=data.user;
- obj[++idx]=data.approver;
- obj[++idx]=data.type;
- obj[++idx]=data.status;
- obj[++idx]=data.memo;
- obj[++idx]=data.operation;
- obj[++idx]=data.last_notified;
- }
- }
-
- private void init(AuthzTrans trans) {
- String[] helpers = setCRUD(trans, TABLE, Data.class, ApprovalLoader.deflt,9);
- psByUser = new PSInfo(trans, SELECT_SP + helpers[FIELD_COMMAS] + ", WRITETIME(status) FROM " + TABLE +
- " WHERE user = ?", new ApprovalLoader(1) {
- @Override
- protected void key(Data data, int idx, Object[] obj) {
- obj[idx]=data.user;
- }
- }, readConsistency);
-
- psByApprover = new PSInfo(trans, SELECT_SP + helpers[FIELD_COMMAS] + ", WRITETIME(status) FROM " + TABLE +
- " WHERE approver = ?", new ApprovalLoader(1) {
- @Override
- protected void key(Data data, int idx, Object[] obj) {
- obj[idx]=data.approver;
- }
- }, readConsistency);
+ @Override
+ protected void body(Data data, int _idx, Object[] obj) {
+ int idx = _idx;
+ obj[idx]=data.ticket;
+ obj[++idx]=data.user;
+ obj[++idx]=data.approver;
+ obj[++idx]=data.type;
+ obj[++idx]=data.status;
+ obj[++idx]=data.memo;
+ obj[++idx]=data.operation;
+ obj[++idx]=data.last_notified;
+ }
+ }
+
+ private void init(AuthzTrans trans) {
+ String[] helpers = setCRUD(trans, TABLE, Data.class, ApprovalLoader.deflt,9);
+ psByUser = new PSInfo(trans, SELECT_SP + helpers[FIELD_COMMAS] + ", WRITETIME(status) FROM " + TABLE +
+ " WHERE user = ?", new ApprovalLoader(1) {
+ @Override
+ protected void key(Data data, int idx, Object[] obj) {
+ obj[idx]=data.user;
+ }
+ }, readConsistency);
+
+ psByApprover = new PSInfo(trans, SELECT_SP + helpers[FIELD_COMMAS] + ", WRITETIME(status) FROM " + TABLE +
+ " WHERE approver = ?", new ApprovalLoader(1) {
+ @Override
+ protected void key(Data data, int idx, Object[] obj) {
+ obj[idx]=data.approver;
+ }
+ }, readConsistency);
- psByTicket = new PSInfo(trans, SELECT_SP + helpers[FIELD_COMMAS] + ", WRITETIME(status) FROM " + TABLE +
- " WHERE ticket = ?", new ApprovalLoader(1) {
- @Override
- protected void key(Data data, int idx, Object[] obj) {
- obj[idx]=data.ticket;
- }
- }, readConsistency);
+ psByTicket = new PSInfo(trans, SELECT_SP + helpers[FIELD_COMMAS] + ", WRITETIME(status) FROM " + TABLE +
+ " WHERE ticket = ?", new ApprovalLoader(1) {
+ @Override
+ protected void key(Data data, int idx, Object[] obj) {
+ obj[idx]=data.ticket;
+ }
+ }, readConsistency);
- psByStatus = new PSInfo(trans, SELECT_SP + helpers[FIELD_COMMAS] + ", WRITETIME(status) FROM " + TABLE +
- " WHERE status = ?", new ApprovalLoader(1) {
- @Override
- protected void key(Data data, int idx, Object[] obj) {
- obj[idx]=data.status;
- }
- }, readConsistency);
+ psByStatus = new PSInfo(trans, SELECT_SP + helpers[FIELD_COMMAS] + ", WRITETIME(status) FROM " + TABLE +
+ " WHERE status = ?", new ApprovalLoader(1) {
+ @Override
+ protected void key(Data data, int idx, Object[] obj) {
+ obj[idx]=data.status;
+ }
+ }, readConsistency);
- }
+ }
- /* (non-Javadoc)
- * @see org.onap.aaf.auth.dao.CassDAOImpl#create(com.att.inno.env.TransStore, java.lang.Object)
- */
- @Override
- public Result<Data> create(AuthzTrans trans, Data data) {
- // If ID is not set (typical), create one.
- if(data.id==null) {
- data.id = Chrono.dateToUUID(System.currentTimeMillis());
- }
- Result<ResultSet> rs = createPS.exec(trans, C_TEXT, data);
- if(rs.notOK()) {
- return Result.err(rs);
- }
- return Result.ok(data);
- }
+ /* (non-Javadoc)
+ * @see org.onap.aaf.auth.dao.CassDAOImpl#create(com.att.inno.env.TransStore, java.lang.Object)
+ */
+ @Override
+ public Result<Data> create(AuthzTrans trans, Data data) {
+ // If ID is not set (typical), create one.
+ if(data.id==null) {
+ data.id = Chrono.dateToUUID(System.currentTimeMillis());
+ }
+ Result<ResultSet> rs = createPS.exec(trans, C_TEXT, data);
+ if(rs.notOK()) {
+ return Result.err(rs);
+ }
+ return Result.ok(data);
+ }
- public Result<List<ApprovalDAO.Data>> readByUser(AuthzTrans trans, String user) {
- return psByUser.read(trans, R_TEXT, new Object[]{user});
- }
+ public Result<List<ApprovalDAO.Data>> readByUser(AuthzTrans trans, String user) {
+ return psByUser.read(trans, R_TEXT, new Object[]{user});
+ }
- public Result<List<ApprovalDAO.Data>> readByApprover(AuthzTrans trans, String approver) {
- return psByApprover.read(trans, R_TEXT, new Object[]{approver});
- }
+ public Result<List<ApprovalDAO.Data>> readByApprover(AuthzTrans trans, String approver) {
+ return psByApprover.read(trans, R_TEXT, new Object[]{approver});
+ }
- public Result<List<ApprovalDAO.Data>> readByTicket(AuthzTrans trans, UUID ticket) {
- return psByTicket.read(trans, R_TEXT, new Object[]{ticket});
- }
+ public Result<List<ApprovalDAO.Data>> readByTicket(AuthzTrans trans, UUID ticket) {
+ return psByTicket.read(trans, R_TEXT, new Object[]{ticket});
+ }
- public Result<List<ApprovalDAO.Data>> readByStatus(AuthzTrans trans, String status) {
- return psByStatus.read(trans, R_TEXT, new Object[]{status});
- }
+ public Result<List<ApprovalDAO.Data>> readByStatus(AuthzTrans trans, String status) {
+ return psByStatus.read(trans, R_TEXT, new Object[]{status});
+ }
- /* (non-Javadoc)
- * @see org.onap.aaf.auth.dao.CassDAOImpl#delete(com.att.inno.env.TransStore, java.lang.Object, boolean)
- */
- @Override
- public Result<Void> delete(AuthzTrans trans, Data data, boolean reread) {
- if(reread || data.status == null) { // if Memo is empty, likely not full record
- Result<ResultSet> rd = readPS.exec(trans, R_TEXT, data);
- if(rd.notOK()) {
- return Result.err(rd);
- }
- ApprovalLoader.deflt.load(data, rd.value.one());
- }
- if("approved".equals(data.status) || "denied".equals(data.status)) {
- StringBuilder sb = new StringBuilder("BEGIN BATCH\n");
- sb.append("INSERT INTO ");
- sb.append(TABLELOG);
- sb.append(" (id,user,approver,type,status,memo,operation) VALUES (");
- sb.append(data.id);
- sb.append(",'"); sb.append(data.user);
- sb.append("','"); sb.append(data.approver);
- sb.append("','"); sb.append(data.type);
- sb.append("','"); sb.append(data.status);
- sb.append("','"); sb.append(data.memo.replace("'", "''"));
- sb.append("','"); sb.append(data.operation);
- sb.append("');\n");
- sb.append("DELETE FROM ");
- sb.append(TABLE);
- sb.append(" WHERE id=");
- sb.append(data.id);
- sb.append(";\n");
- sb.append("APPLY BATCH;\n");
- TimeTaken tt = trans.start("DELETE APPROVAL",Env.REMOTE);
- try {
- if(async) {
- getSession(trans).executeAsync(sb.toString());
- return Result.ok();
- } else {
- getSession(trans).execute(sb.toString());
- return Result.ok();
- }
- } catch (DriverException | APIException | IOException e) {
- reportPerhapsReset(trans,e);
- return Result.err(Result.ERR_Backend, CassAccess.ERR_ACCESS_MSG);
- } finally {
- tt.done();
- }
- } else {
- return super.delete(trans, data, false);
- }
+ /* (non-Javadoc)
+ * @see org.onap.aaf.auth.dao.CassDAOImpl#delete(com.att.inno.env.TransStore, java.lang.Object, boolean)
+ */
+ @Override
+ public Result<Void> delete(AuthzTrans trans, Data data, boolean reread) {
+ if(reread || data.status == null) { // if Memo is empty, likely not full record
+ Result<ResultSet> rd = readPS.exec(trans, R_TEXT, data);
+ if(rd.notOK()) {
+ return Result.err(rd);
+ }
+ ApprovalLoader.deflt.load(data, rd.value.one());
+ }
+ if("approved".equals(data.status) || "denied".equals(data.status)) {
+ StringBuilder sb = new StringBuilder("BEGIN BATCH\n");
+ sb.append("INSERT INTO ");
+ sb.append(TABLELOG);
+ sb.append(" (id,user,approver,type,status,memo,operation) VALUES (");
+ sb.append(data.id);
+ sb.append(",'"); sb.append(data.user);
+ sb.append("','"); sb.append(data.approver);
+ sb.append("','"); sb.append(data.type);
+ sb.append("','"); sb.append(data.status);
+ sb.append("','"); sb.append(data.memo.replace("'", "''"));
+ sb.append("','"); sb.append(data.operation);
+ sb.append("');\n");
+ sb.append("DELETE FROM ");
+ sb.append(TABLE);
+ sb.append(" WHERE id=");
+ sb.append(data.id);
+ sb.append(";\n");
+ sb.append("APPLY BATCH;\n");
+ TimeTaken tt = trans.start("DELETE APPROVAL",Env.REMOTE);
+ try {
+ if(async) {
+ getSession(trans).executeAsync(sb.toString());
+ return Result.ok();
+ } else {
+ getSession(trans).execute(sb.toString());
+ return Result.ok();
+ }
+ } catch (DriverException | APIException | IOException e) {
+ reportPerhapsReset(trans,e);
+ return Result.err(Result.ERR_Backend, CassAccess.ERR_ACCESS_MSG);
+ } finally {
+ tt.done();
+ }
+ } else {
+ return super.delete(trans, data, false);
+ }
- }
+ }
- /**
+ /**
* Log Modification statements to History
*
* @param modified which CRUD action was done
@@ -257,8 +257,8 @@ public class ApprovalDAO extends CassDAOImpl<AuthzTrans,ApprovalDAO.Data> {
*/
@Override
protected void wasModified(AuthzTrans trans, CRUD modified, Data data, String ... override) {
- boolean memo = override.length>0 && override[0]!=null;
- boolean subject = override.length>1 && override[1]!=null;
+ boolean memo = override.length>0 && override[0]!=null;
+ boolean subject = override.length>1 && override[1]!=null;
HistoryDAO.Data hd = HistoryDAO.newInitedData();
hd.user = trans.user();
@@ -271,7 +271,7 @@ public class ApprovalDAO extends CassDAOImpl<AuthzTrans,ApprovalDAO.Data> {
// Detail?
// Reconstruct?
if(historyDAO.create(trans, hd).status!=Status.OK) {
- trans.error().log("Cannot log to History");
+ trans.error().log("Cannot log to History");
}
}
}
diff --git a/auth/auth-cass/src/main/java/org/onap/aaf/auth/dao/cass/ArtiDAO.java b/auth/auth-cass/src/main/java/org/onap/aaf/auth/dao/cass/ArtiDAO.java
index a6fbecaf..6702476a 100644
--- a/auth/auth-cass/src/main/java/org/onap/aaf/auth/dao/cass/ArtiDAO.java
+++ b/auth/auth-cass/src/main/java/org/onap/aaf/auth/dao/cass/ArtiDAO.java
@@ -52,7 +52,7 @@ public class ArtiDAO extends CassDAOImpl<AuthzTrans,ArtiDAO.Data> {
private HistoryDAO historyDAO;
private PSInfo psByMechID,psByMachine, psByNs;
-
+
public ArtiDAO(AuthzTrans trans, Cluster cluster, String keyspace) {
super(trans, ArtiDAO.class.getSimpleName(),cluster, keyspace, Data.class,TABLE, readConsistency(trans,TABLE), writeConsistency(trans,TABLE));
init(trans);
@@ -65,67 +65,67 @@ public class ArtiDAO extends CassDAOImpl<AuthzTrans,ArtiDAO.Data> {
}
public static final int KEYLIMIT = 2;
- public static class Data implements Bytification {
- public String mechid;
- public String machine;
- private Set<String> type;
- public String sponsor;
- public String ca;
- public String dir;
- public String ns;
- public String os_user;
- public String notify;
- public Date expires;
- public int renewDays;
- public Set<String> sans;
+ public static class Data implements Bytification {
+ public String mechid;
+ public String machine;
+ private Set<String> type;
+ public String sponsor;
+ public String ca;
+ public String dir;
+ public String ns;
+ public String os_user;
+ public String notify;
+ public Date expires;
+ public int renewDays;
+ public Set<String> sans;
// // Getters
- public Set<String> type(boolean mutable) {
- if (type == null) {
- type = new HashSet<>();
- } else if (mutable && !(type instanceof HashSet)) {
- type = new HashSet<>(type);
- }
- return type;
- }
+ public Set<String> type(boolean mutable) {
+ if (type == null) {
+ type = new HashSet<>();
+ } else if (mutable && !(type instanceof HashSet)) {
+ type = new HashSet<>(type);
+ }
+ return type;
+ }
- public Set<String> sans(boolean mutable) {
- if (sans == null) {
- sans = new HashSet<>();
- } else if (mutable && !(sans instanceof HashSet)) {
- sans = new HashSet<>(sans);
- }
- return sans;
- }
+ public Set<String> sans(boolean mutable) {
+ if (sans == null) {
+ sans = new HashSet<>();
+ } else if (mutable && !(sans instanceof HashSet)) {
+ sans = new HashSet<>(sans);
+ }
+ return sans;
+ }
- @Override
- public ByteBuffer bytify() throws IOException {
- ByteArrayOutputStream baos = new ByteArrayOutputStream();
- ArtifactLoader.deflt.marshal(this,new DataOutputStream(baos));
- return ByteBuffer.wrap(baos.toByteArray());
- }
-
- @Override
- public void reconstitute(ByteBuffer bb) throws IOException {
- ArtifactLoader.deflt.unmarshal(this, toDIS(bb));
- }
+ @Override
+ public ByteBuffer bytify() throws IOException {
+ ByteArrayOutputStream baos = new ByteArrayOutputStream();
+ ArtifactLoader.deflt.marshal(this,new DataOutputStream(baos));
+ return ByteBuffer.wrap(baos.toByteArray());
+ }
+
+ @Override
+ public void reconstitute(ByteBuffer bb) throws IOException {
+ ArtifactLoader.deflt.unmarshal(this, toDIS(bb));
+ }
- public String toString() {
- return mechid + ' ' + machine + ' ' + Chrono.dateTime(expires);
- }
+ public String toString() {
+ return mechid + ' ' + machine + ' ' + Chrono.dateTime(expires);
+ }
}
private static class ArtifactLoader extends Loader<Data> implements Streamer<Data>{
- public static final int MAGIC=95829343;
- public static final int VERSION=1;
- public static final int BUFF_SIZE=48; // Note:
+ public static final int MAGIC=95829343;
+ public static final int VERSION=1;
+ public static final int BUFF_SIZE=48; // Note:
- public static final ArtifactLoader deflt = new ArtifactLoader(KEYLIMIT);
- public ArtifactLoader(int keylimit) {
+ public static final ArtifactLoader deflt = new ArtifactLoader(KEYLIMIT);
+ public ArtifactLoader(int keylimit) {
super(keylimit);
}
- @Override
+ @Override
public Data load(Data data, Row row) {
data.mechid = row.getString(0);
data.machine = row.getString(1);
@@ -144,7 +144,7 @@ public class ArtiDAO extends CassDAOImpl<AuthzTrans,ArtiDAO.Data> {
@Override
protected void key(final Data data, final int idx, Object[] obj) {
- int i;
+ int i;
obj[i=idx] = data.mechid;
obj[++i] = data.machine;
}
@@ -164,110 +164,110 @@ public class ArtiDAO extends CassDAOImpl<AuthzTrans,ArtiDAO.Data> {
obj[++i] = data.sans;
}
- @Override
- public void marshal(Data data, DataOutputStream os) throws IOException {
- writeHeader(os,MAGIC,VERSION);
- writeString(os, data.mechid);
- writeString(os, data.machine);
- os.writeInt(data.type.size());
- for(String s : data.type) {
- writeString(os, s);
- }
- writeString(os, data.sponsor);
- writeString(os, data.ca);
- writeString(os, data.dir);
- writeString(os, data.ns);
- writeString(os, data.os_user);
- writeString(os, data.notify);
- os.writeLong(data.expires==null?-1:data.expires.getTime());
- os.writeInt(data.renewDays);
- if(data.sans!=null) {
- os.writeInt(data.sans.size());
- for(String s : data.sans) {
- writeString(os, s);
- }
- } else {
- os.writeInt(0);
- }
- }
+ @Override
+ public void marshal(Data data, DataOutputStream os) throws IOException {
+ writeHeader(os,MAGIC,VERSION);
+ writeString(os, data.mechid);
+ writeString(os, data.machine);
+ os.writeInt(data.type.size());
+ for(String s : data.type) {
+ writeString(os, s);
+ }
+ writeString(os, data.sponsor);
+ writeString(os, data.ca);
+ writeString(os, data.dir);
+ writeString(os, data.ns);
+ writeString(os, data.os_user);
+ writeString(os, data.notify);
+ os.writeLong(data.expires==null?-1:data.expires.getTime());
+ os.writeInt(data.renewDays);
+ if(data.sans!=null) {
+ os.writeInt(data.sans.size());
+ for(String s : data.sans) {
+ writeString(os, s);
+ }
+ } else {
+ os.writeInt(0);
+ }
+ }
- @Override
- public void unmarshal(Data data, DataInputStream is) throws IOException {
- /*int version = */readHeader(is,MAGIC,VERSION);
- // If Version Changes between Production runs, you'll need to do a switch Statement, and adequately read in fields
- byte[] buff = new byte[BUFF_SIZE];
- data.mechid = readString(is,buff);
- data.machine = readString(is,buff);
- int size = is.readInt();
- data.type = new HashSet<>(size);
- for(int i=0;i<size;++i) {
- data.type.add(readString(is,buff));
- }
- data.sponsor = readString(is,buff);
- data.ca = readString(is,buff);
- data.dir = readString(is,buff);
- data.ns = readString(is,buff);
- data.os_user = readString(is,buff);
- data.notify = readString(is,buff);
- long l = is.readLong();
- data.expires = l<0?null:new Date(l);
- data.renewDays = is.readInt();
- size = is.readInt();
- data.sans = new HashSet<>(size);
- for(int i=0;i<size;++i) {
- data.sans.add(readString(is,buff));
- }
- }
+ @Override
+ public void unmarshal(Data data, DataInputStream is) throws IOException {
+ /*int version = */readHeader(is,MAGIC,VERSION);
+ // If Version Changes between Production runs, you'll need to do a switch Statement, and adequately read in fields
+ byte[] buff = new byte[BUFF_SIZE];
+ data.mechid = readString(is,buff);
+ data.machine = readString(is,buff);
+ int size = is.readInt();
+ data.type = new HashSet<>(size);
+ for(int i=0;i<size;++i) {
+ data.type.add(readString(is,buff));
+ }
+ data.sponsor = readString(is,buff);
+ data.ca = readString(is,buff);
+ data.dir = readString(is,buff);
+ data.ns = readString(is,buff);
+ data.os_user = readString(is,buff);
+ data.notify = readString(is,buff);
+ long l = is.readLong();
+ data.expires = l<0?null:new Date(l);
+ data.renewDays = is.readInt();
+ size = is.readInt();
+ data.sans = new HashSet<>(size);
+ for(int i=0;i<size;++i) {
+ data.sans.add(readString(is,buff));
+ }
+ }
}
private void init(AuthzTrans trans) {
// Set up sub-DAOs
if(historyDAO==null) {
- historyDAO = new HistoryDAO(trans,this);
+ historyDAO = new HistoryDAO(trans,this);
}
String[] helpers = setCRUD(trans, TABLE, Data.class, ArtifactLoader.deflt);
- psByMechID = new PSInfo(trans, SELECT_SP + helpers[FIELD_COMMAS] + " FROM " + TABLE +
- " WHERE mechid = ?", new ArtifactLoader(1) {
- @Override
- protected void key(Data data, int idx, Object[] obj) {
- obj[idx]=data.type;
- }
- },readConsistency);
+ psByMechID = new PSInfo(trans, SELECT_SP + helpers[FIELD_COMMAS] + " FROM " + TABLE +
+ " WHERE mechid = ?", new ArtifactLoader(1) {
+ @Override
+ protected void key(Data data, int idx, Object[] obj) {
+ obj[idx]=data.type;
+ }
+ },readConsistency);
- psByMachine = new PSInfo(trans, SELECT_SP + helpers[FIELD_COMMAS] + " FROM " + TABLE +
- " WHERE machine = ?", new ArtifactLoader(1) {
- @Override
- protected void key(Data data, int idx, Object[] obj) {
- obj[idx]=data.type;
- }
- },readConsistency);
+ psByMachine = new PSInfo(trans, SELECT_SP + helpers[FIELD_COMMAS] + " FROM " + TABLE +
+ " WHERE machine = ?", new ArtifactLoader(1) {
+ @Override
+ protected void key(Data data, int idx, Object[] obj) {
+ obj[idx]=data.type;
+ }
+ },readConsistency);
- psByNs = new PSInfo(trans, SELECT_SP + helpers[FIELD_COMMAS] + " FROM " + TABLE +
- " WHERE ns = ?", new ArtifactLoader(1) {
- @Override
- protected void key(Data data, int idx, Object[] obj) {
- obj[idx]=data.type;
- }
- },readConsistency);
+ psByNs = new PSInfo(trans, SELECT_SP + helpers[FIELD_COMMAS] + " FROM " + TABLE +
+ " WHERE ns = ?", new ArtifactLoader(1) {
+ @Override
+ protected void key(Data data, int idx, Object[] obj) {
+ obj[idx]=data.type;
+ }
+ },readConsistency);
}
-
+
public Result<List<Data>> readByMechID(AuthzTrans trans, String mechid) {
- return psByMechID.read(trans, R_TEXT, new Object[]{mechid});
- }
+ return psByMechID.read(trans, R_TEXT, new Object[]{mechid});
+ }
- public Result<List<ArtiDAO.Data>> readByMachine(AuthzTrans trans, String machine) {
- return psByMachine.read(trans, R_TEXT, new Object[]{machine});
- }
+ public Result<List<ArtiDAO.Data>> readByMachine(AuthzTrans trans, String machine) {
+ return psByMachine.read(trans, R_TEXT, new Object[]{machine});
+ }
- public Result<List<org.onap.aaf.auth.dao.cass.ArtiDAO.Data>> readByNs(AuthzTrans trans, String ns) {
- return psByNs.read(trans, R_TEXT, new Object[]{ns});
- }
+ public Result<List<org.onap.aaf.auth.dao.cass.ArtiDAO.Data>> readByNs(AuthzTrans trans, String ns) {
+ return psByNs.read(trans, R_TEXT, new Object[]{ns});
+ }
- /**
+ /**
* Log Modification statements to History
*
* @param modified which CRUD action was done
@@ -276,8 +276,8 @@ public class ArtiDAO extends CassDAOImpl<AuthzTrans,ArtiDAO.Data> {
*/
@Override
protected void wasModified(AuthzTrans trans, CRUD modified, Data data, String ... override) {
- boolean memo = override.length>0 && override[0]!=null;
- boolean subject = override.length>1 && override[1]!=null;
+ boolean memo = override.length>0 && override[0]!=null;
+ boolean subject = override.length>1 && override[1]!=null;
HistoryDAO.Data hd = HistoryDAO.newInitedData();
hd.user = trans.user();
@@ -288,16 +288,16 @@ public class ArtiDAO extends CassDAOImpl<AuthzTrans,ArtiDAO.Data> {
? String.format("%s by %s", override[0], hd.user)
: String.format("%sd %s for %s",modified.name(),data.mechid,data.machine);
// Detail?
- if(modified==CRUD.delete) {
- try {
- hd.reconstruct = data.bytify();
- } catch (IOException e) {
- trans.error().log(e,"Could not serialize CredDAO.Data");
- }
- }
+ if(modified==CRUD.delete) {
+ try {
+ hd.reconstruct = data.bytify();
+ } catch (IOException e) {
+ trans.error().log(e,"Could not serialize CredDAO.Data");
+ }
+ }
if(historyDAO.create(trans, hd).status!=Status.OK) {
- trans.error().log("Cannot log to History");
+ trans.error().log("Cannot log to History");
}
}
}
diff --git a/auth/auth-cass/src/main/java/org/onap/aaf/auth/dao/cass/CacheInfoDAO.java b/auth/auth-cass/src/main/java/org/onap/aaf/auth/dao/cass/CacheInfoDAO.java
index 6d9900b9..e3f994c0 100644
--- a/auth/auth-cass/src/main/java/org/onap/aaf/auth/dao/cass/CacheInfoDAO.java
+++ b/auth/auth-cass/src/main/java/org/onap/aaf/auth/dao/cass/CacheInfoDAO.java
@@ -62,405 +62,405 @@ import com.datastax.driver.core.exceptions.DriverException;
public class CacheInfoDAO extends CassDAOImpl<AuthzTrans,CacheInfoDAO.Data> implements CIDAO<AuthzTrans> {
- private static final String TABLE = "cache";
- public static final Map<String,Date[]> info = new ConcurrentHashMap<>();
+ private static final String TABLE = "cache";
+ public static final Map<String,Date[]> info = new ConcurrentHashMap<>();
- private static CacheUpdate cacheUpdate;
-
- // Hold current time stamps from Tables
- private final Date startTime;
- private PreparedStatement psCheck;
-
- public CacheInfoDAO(AuthzTrans trans, Cluster cluster, String keyspace) throws APIException, IOException {
- super(trans, CacheInfoDAO.class.getSimpleName(),cluster,keyspace,Data.class,TABLE,readConsistency(trans,TABLE), writeConsistency(trans,TABLE));
- startTime = new Date();
- init(trans);
- }
+ private static CacheUpdate cacheUpdate;
+
+ // Hold current time stamps from Tables
+ private final Date startTime;
+ private PreparedStatement psCheck;
+
+ public CacheInfoDAO(AuthzTrans trans, Cluster cluster, String keyspace) throws APIException, IOException {
+ super(trans, CacheInfoDAO.class.getSimpleName(),cluster,keyspace,Data.class,TABLE,readConsistency(trans,TABLE), writeConsistency(trans,TABLE));
+ startTime = new Date();
+ init(trans);
+ }
- public CacheInfoDAO(AuthzTrans trans, AbsCassDAO<AuthzTrans,?> aDao) throws APIException, IOException {
- super(trans, CacheInfoDAO.class.getSimpleName(),aDao,Data.class,TABLE,readConsistency(trans,TABLE), writeConsistency(trans,TABLE));
- startTime = new Date();
- init(trans);
- }
+ public CacheInfoDAO(AuthzTrans trans, AbsCassDAO<AuthzTrans,?> aDao) throws APIException, IOException {
+ super(trans, CacheInfoDAO.class.getSimpleName(),aDao,Data.class,TABLE,readConsistency(trans,TABLE), writeConsistency(trans,TABLE));
+ startTime = new Date();
+ init(trans);
+ }
//////////////////////////////////////////
// Data Definition, matches Cassandra DM
//////////////////////////////////////////
private static final int KEYLIMIT = 2;
- /**
+ /**
* @author Jonathan
*/
- public static class Data {
- public Data() {
- name = null;
- touched = null;
- }
- public Data(String name, int seg) {
- this.name = name;
- this.seg = seg;
- touched = null;
- }
-
- public String name;
- public int seg;
- public Date touched;
+ public static class Data {
+ public Data() {
+ name = null;
+ touched = null;
+ }
+ public Data(String name, int seg) {
+ this.name = name;
+ this.seg = seg;
+ touched = null;
+ }
+
+ public String name;
+ public int seg;
+ public Date touched;
}
private static class InfoLoader extends Loader<Data> {
- public static final InfoLoader dflt = new InfoLoader(KEYLIMIT);
-
- public InfoLoader(int keylimit) {
- super(keylimit);
- }
-
- @Override
- public Data load(Data data, Row row) {
- // Int more efficient
- data.name = row.getString(0);
- data.seg = row.getInt(1);
- data.touched = row.getTimestamp(2);
- return data;
- }
+ public static final InfoLoader dflt = new InfoLoader(KEYLIMIT);
+
+ public InfoLoader(int keylimit) {
+ super(keylimit);
+ }
+
+ @Override
+ public Data load(Data data, Row row) {
+ // Int more efficient
+ data.name = row.getString(0);
+ data.seg = row.getInt(1);
+ data.touched = row.getTimestamp(2);
+ return data;
+ }
- @Override
- protected void key(Data data, int _idx, Object[] obj) {
- int idx = _idx;
+ @Override
+ protected void key(Data data, int _idx, Object[] obj) {
+ int idx = _idx;
- obj[idx]=data.name;
- obj[++idx]=data.seg;
- }
+ obj[idx]=data.name;
+ obj[++idx]=data.seg;
+ }
- @Override
- protected void body(Data data, int idx, Object[] obj) {
- obj[idx]=data.touched;
- }
+ @Override
+ protected void body(Data data, int idx, Object[] obj) {
+ obj[idx]=data.touched;
+ }
}
- public static<T extends Trans> void startUpdate(AuthzEnv env, HMangr hman, SecuritySetter<HttpURLConnection> ss, String ip, int port) {
- if(cacheUpdate==null) {
- Thread t= new Thread(cacheUpdate = new CacheUpdate(env,hman,ss, ip,port),"CacheInfo Update Thread");
- t.setDaemon(true);
- t.start();
- }
- }
+ public static<T extends Trans> void startUpdate(AuthzEnv env, HMangr hman, SecuritySetter<HttpURLConnection> ss, String ip, int port) {
+ if(cacheUpdate==null) {
+ Thread t= new Thread(cacheUpdate = new CacheUpdate(env,hman,ss, ip,port),"CacheInfo Update Thread");
+ t.setDaemon(true);
+ t.start();
+ }
+ }
- public static<T extends Trans> void stopUpdate() {
- if(cacheUpdate!=null) {
- cacheUpdate.go=false;
- }
- }
+ public static<T extends Trans> void stopUpdate() {
+ if(cacheUpdate!=null) {
+ cacheUpdate.go=false;
+ }
+ }
- private final static class CacheUpdate extends Thread {
- public static BlockingQueue<Transfer> notifyDQ = new LinkedBlockingQueue<Transfer>(2000);
+ private final static class CacheUpdate extends Thread {
+ public static BlockingQueue<Transfer> notifyDQ = new LinkedBlockingQueue<Transfer>(2000);
- private static final String VOID_CT="application/Void+json;q=1.0;charset=utf-8;version=2.0,application/json;q=1.0;version=2.0,*/*;q=1.0";
- private AuthzEnv env;
- private HMangr hman;
- private SecuritySetter<HttpURLConnection> ss;
- private final String authority;
- public boolean go = true;
-
- public CacheUpdate(AuthzEnv env, HMangr hman, SecuritySetter<HttpURLConnection> ss, String ip, int port) {
- this.env = env;
- this.hman = hman;
- this.ss = ss;
-
- this.authority = ip+':'+port;
- }
-
- private static class Transfer {
- public String table;
- public int segs[];
- public Transfer(String table, int[] segs) {
- this.table = table;
- this.segs = segs;
- }
- }
- private class CacheClear extends Retryable<Integer> {
- public int total=0;
- private AuthzTrans trans;
- private String type;
- private String segs;
-
- public CacheClear(AuthzTrans trans) {
- this.trans = trans;
- }
+ private static final String VOID_CT="application/Void+json;q=1.0;charset=utf-8;version=2.0,application/json;q=1.0;version=2.0,*/*;q=1.0";
+ private AuthzEnv env;
+ private HMangr hman;
+ private SecuritySetter<HttpURLConnection> ss;
+ private final String authority;
+ public boolean go = true;
+
+ public CacheUpdate(AuthzEnv env, HMangr hman, SecuritySetter<HttpURLConnection> ss, String ip, int port) {
+ this.env = env;
+ this.hman = hman;
+ this.ss = ss;
+
+ this.authority = ip+':'+port;
+ }
+
+ private static class Transfer {
+ public String table;
+ public int segs[];
+ public Transfer(String table, int[] segs) {
+ this.table = table;
+ this.segs = segs;
+ }
+ }
+ private class CacheClear extends Retryable<Integer> {
+ public int total=0;
+ private AuthzTrans trans;
+ private String type;
+ private String segs;
+
+ public CacheClear(AuthzTrans trans) {
+ this.trans = trans;
+ }
- public void set(Entry<String, IntHolder> es) {
- type = es.getKey();
- segs = es.getValue().toString();
- }
-
- @Override
- public Integer code(Rcli<?> client) throws APIException, CadiException {
- URI to = client.getURI();
- if(!to.getAuthority().equals(authority)) {
- Future<Void> f = client.delete("/mgmt/cache/"+type+'/'+segs,VOID_CT);
- if(f.get(hman.readTimeout())) {
- ++total;
- } else {
- trans.error().log("Error During AAF Peer Notify",f.code(),f.body());
- }
- }
- return total;
- }
- }
-
- private class IntHolder {
- private int[] raw;
- HashSet<Integer> set;
-
- public IntHolder(int ints[]) {
- raw = ints;
- set = null;
- }
- public void add(int[] ints) {
- if(set==null) {
- set = new HashSet<>();
-
- for(int i=0;i<raw.length;++i) {
- set.add(raw[i]);
- }
- }
- for(int i=0;i<ints.length;++i) {
- set.add(ints[i]);
- }
- }
+ public void set(Entry<String, IntHolder> es) {
+ type = es.getKey();
+ segs = es.getValue().toString();
+ }
+
+ @Override
+ public Integer code(Rcli<?> client) throws APIException, CadiException {
+ URI to = client.getURI();
+ if(!to.getAuthority().equals(authority)) {
+ Future<Void> f = client.delete("/mgmt/cache/"+type+'/'+segs,VOID_CT);
+ if(f.get(hman.readTimeout())) {
+ ++total;
+ } else {
+ trans.error().log("Error During AAF Peer Notify",f.code(),f.body());
+ }
+ }
+ return total;
+ }
+ }
+
+ private class IntHolder {
+ private int[] raw;
+ HashSet<Integer> set;
+
+ public IntHolder(int ints[]) {
+ raw = ints;
+ set = null;
+ }
+ public void add(int[] ints) {
+ if(set==null) {
+ set = new HashSet<>();
+
+ for(int i=0;i<raw.length;++i) {
+ set.add(raw[i]);
+ }
+ }
+ for(int i=0;i<ints.length;++i) {
+ set.add(ints[i]);
+ }
+ }
- @Override
- public String toString() {
- StringBuilder sb = new StringBuilder();
- boolean first = true;
- if(set==null) {
- for(int i : raw) {
- if(first) {
- first=false;
- } else {
- sb.append(',');
- }
- sb.append(i);
- }
- } else {
- for(Integer i : set) {
- if(first) {
- first=false;
- } else {
- sb.append(',');
- }
- sb.append(i);
- }
- }
- return sb.toString();
- }
- }
-
- @Override
- public void run() {
- do {
- try {
- Transfer data = notifyDQ.poll(4,TimeUnit.SECONDS);
- if(data==null) {
- continue;
- }
-
- int count = 0;
- CacheClear cc = null;
- Map<String,IntHolder> gather = null;
- AuthzTrans trans = null;
- long start=0;
- // Do a block poll first
- do {
- if(gather==null) {
- start = System.nanoTime();
- trans = env.newTransNoAvg();
- cc = new CacheClear(trans);
- gather = new HashMap<>();
- }
- IntHolder prev = gather.get(data.table);
- if(prev==null) {
- gather.put(data.table,new IntHolder(data.segs));
- } else {
- prev.add(data.segs);
- }
- // continue while there is data
- } while((data = notifyDQ.poll())!=null);
- if(gather!=null) {
- for(Entry<String, IntHolder> es : gather.entrySet()) {
- cc.set(es);
- try {
- if(hman.all(ss, cc, false)!=null) {
- ++count;
- }
- } catch (Exception e) {
- trans.error().log(e, "Error on Cache Update");
- }
- }
- if(env.debug().isLoggable()) {
- float millis = (System.nanoTime()-start)/1000000f;
- StringBuilder sb = new StringBuilder("Direct Cache Refresh: ");
- sb.append("Updated ");
- sb.append(count);
- if(count==1) {
- sb.append(" entry for ");
- } else {
- sb.append(" entries for ");
- }
- int peers = count<=0?0:cc.total/count;
- sb.append(peers);
- sb.append(" client");
- if(peers!=1) {
- sb.append('s');
- }
- sb.append(" in ");
- sb.append(millis);
- sb.append("ms");
- trans.auditTrail(0, sb, Env.REMOTE);
- env.debug().log(sb);
- }
- }
- } catch (InterruptedException e1) {
- go = false;
- Thread.currentThread().interrupt();
- }
- } while(go);
- }
- }
+ @Override
+ public String toString() {
+ StringBuilder sb = new StringBuilder();
+ boolean first = true;
+ if(set==null) {
+ for(int i : raw) {
+ if(first) {
+ first=false;
+ } else {
+ sb.append(',');
+ }
+ sb.append(i);
+ }
+ } else {
+ for(Integer i : set) {
+ if(first) {
+ first=false;
+ } else {
+ sb.append(',');
+ }
+ sb.append(i);
+ }
+ }
+ return sb.toString();
+ }
+ }
+
+ @Override
+ public void run() {
+ do {
+ try {
+ Transfer data = notifyDQ.poll(4,TimeUnit.SECONDS);
+ if(data==null) {
+ continue;
+ }
+
+ int count = 0;
+ CacheClear cc = null;
+ Map<String,IntHolder> gather = null;
+ AuthzTrans trans = null;
+ long start=0;
+ // Do a block poll first
+ do {
+ if(gather==null) {
+ start = System.nanoTime();
+ trans = env.newTransNoAvg();
+ cc = new CacheClear(trans);
+ gather = new HashMap<>();
+ }
+ IntHolder prev = gather.get(data.table);
+ if(prev==null) {
+ gather.put(data.table,new IntHolder(data.segs));
+ } else {
+ prev.add(data.segs);
+ }
+ // continue while there is data
+ } while((data = notifyDQ.poll())!=null);
+ if(gather!=null) {
+ for(Entry<String, IntHolder> es : gather.entrySet()) {
+ cc.set(es);
+ try {
+ if(hman.all(ss, cc, false)!=null) {
+ ++count;
+ }
+ } catch (Exception e) {
+ trans.error().log(e, "Error on Cache Update");
+ }
+ }
+ if(env.debug().isLoggable()) {
+ float millis = (System.nanoTime()-start)/1000000f;
+ StringBuilder sb = new StringBuilder("Direct Cache Refresh: ");
+ sb.append("Updated ");
+ sb.append(count);
+ if(count==1) {
+ sb.append(" entry for ");
+ } else {
+ sb.append(" entries for ");
+ }
+ int peers = count<=0?0:cc.total/count;
+ sb.append(peers);
+ sb.append(" client");
+ if(peers!=1) {
+ sb.append('s');
+ }
+ sb.append(" in ");
+ sb.append(millis);
+ sb.append("ms");
+ trans.auditTrail(0, sb, Env.REMOTE);
+ env.debug().log(sb);
+ }
+ }
+ } catch (InterruptedException e1) {
+ go = false;
+ Thread.currentThread().interrupt();
+ }
+ } while(go);
+ }
+ }
- private void init(AuthzTrans trans) throws APIException, IOException {
-
- String[] helpers = setCRUD(trans, TABLE, Data.class, InfoLoader.dflt);
- psCheck = getSession(trans).prepare(SELECT_SP + helpers[FIELD_COMMAS] + " FROM " + TABLE);
+ private void init(AuthzTrans trans) throws APIException, IOException {
+
+ String[] helpers = setCRUD(trans, TABLE, Data.class, InfoLoader.dflt);
+ psCheck = getSession(trans).prepare(SELECT_SP + helpers[FIELD_COMMAS] + " FROM " + TABLE);
- disable(CRUD.create);
- disable(CRUD.delete);
- }
+ disable(CRUD.create);
+ disable(CRUD.delete);
+ }
- /* (non-Javadoc)
- * @see org.onap.aaf.auth.dao.cass.CIDAO#touch(org.onap.aaf.auth.env.test.AuthzTrans, java.lang.String, int)
- */
-
- @Override
- public Result<Void> touch(AuthzTrans trans, String name, int ... seg) {
- /////////////
- // Direct Service Cache Invalidation
- /////////////
- // ConcurrentQueues are open-ended. We don't want any Memory leaks
- // Note: we keep a separate counter, because "size()" on a Linked Queue is expensive
- if(cacheUpdate!=null) {
- try {
- if(!CacheUpdate.notifyDQ.offer(new CacheUpdate.Transfer(name, seg),2,TimeUnit.SECONDS)) {
- trans.error().log("Cache Notify Queue is not accepting messages, bouncing may be appropriate" );
- }
- } catch (InterruptedException e) {
- trans.error().log("Cache Notify Queue posting was interrupted" );
- Thread.currentThread().interrupt();
- }
- }
+ /* (non-Javadoc)
+ * @see org.onap.aaf.auth.dao.cass.CIDAO#touch(org.onap.aaf.auth.env.test.AuthzTrans, java.lang.String, int)
+ */
+
+ @Override
+ public Result<Void> touch(AuthzTrans trans, String name, int ... seg) {
+ /////////////
+ // Direct Service Cache Invalidation
+ /////////////
+ // ConcurrentQueues are open-ended. We don't want any Memory leaks
+ // Note: we keep a separate counter, because "size()" on a Linked Queue is expensive
+ if(cacheUpdate!=null) {
+ try {
+ if(!CacheUpdate.notifyDQ.offer(new CacheUpdate.Transfer(name, seg),2,TimeUnit.SECONDS)) {
+ trans.error().log("Cache Notify Queue is not accepting messages, bouncing may be appropriate" );
+ }
+ } catch (InterruptedException e) {
+ trans.error().log("Cache Notify Queue posting was interrupted" );
+ Thread.currentThread().interrupt();
+ }
+ }
- /////////////
- // Table Based Cache Invalidation (original)
- /////////////
- // Note: Save time with multiple Sequence Touches, but PreparedStmt doesn't support IN
- StringBuilder start = new StringBuilder("CacheInfoDAO Touch segments ");
- start.append(name);
- start.append(": ");
- StringBuilder sb = new StringBuilder("BEGIN BATCH\n");
- boolean first = true;
- for(int s : seg) {
- sb.append(UPDATE_SP);
- sb.append(TABLE);
- sb.append(" SET touched=dateof(now()) WHERE name = '");
- sb.append(name);
- sb.append("' AND seg = ");
- sb.append(s);
- sb.append(";\n");
- if(first) {
- first =false;
- } else {
- start.append(',');
- }
- start.append(s);
- }
- sb.append("APPLY BATCH;");
- TimeTaken tt = trans.start(start.toString(),Env.REMOTE);
- try {
- getSession(trans).executeAsync(sb.toString());
- } catch (DriverException | APIException | IOException e) {
- reportPerhapsReset(trans,e);
- return Result.err(Result.ERR_Backend, CassAccess.ERR_ACCESS_MSG);
- } finally {
- tt.done();
- }
- return Result.ok();
- }
+ /////////////
+ // Table Based Cache Invalidation (original)
+ /////////////
+ // Note: Save time with multiple Sequence Touches, but PreparedStmt doesn't support IN
+ StringBuilder start = new StringBuilder("CacheInfoDAO Touch segments ");
+ start.append(name);
+ start.append(": ");
+ StringBuilder sb = new StringBuilder("BEGIN BATCH\n");
+ boolean first = true;
+ for(int s : seg) {
+ sb.append(UPDATE_SP);
+ sb.append(TABLE);
+ sb.append(" SET touched=dateof(now()) WHERE name = '");
+ sb.append(name);
+ sb.append("' AND seg = ");
+ sb.append(s);
+ sb.append(";\n");
+ if(first) {
+ first =false;
+ } else {
+ start.append(',');
+ }
+ start.append(s);
+ }
+ sb.append("APPLY BATCH;");
+ TimeTaken tt = trans.start(start.toString(),Env.REMOTE);
+ try {
+ getSession(trans).executeAsync(sb.toString());
+ } catch (DriverException | APIException | IOException e) {
+ reportPerhapsReset(trans,e);
+ return Result.err(Result.ERR_Backend, CassAccess.ERR_ACCESS_MSG);
+ } finally {
+ tt.done();
+ }
+ return Result.ok();
+ }
- /* (non-Javadoc)
- * @see org.onap.aaf.auth.dao.cass.CIDAO#check(org.onap.aaf.auth.env.test.AuthzTrans)
- */
- @Override
- public Result<Void> check(AuthzTrans trans) {
- ResultSet rs;
- TimeTaken tt = trans.start("Check Table Timestamps",Env.REMOTE);
- try {
- rs = getSession(trans).execute(new BoundStatement(psCheck));
- } catch (DriverException | APIException | IOException e) {
- reportPerhapsReset(trans,e);
- return Result.err(Result.ERR_Backend, CassAccess.ERR_ACCESS_MSG);
- } finally {
- tt.done();
- }
-
- String lastName = null;
- Date[] dates = null;
- for(Row row : rs.all()) {
- String name = row.getString(0);
- int seg = row.getInt(1);
- if(!name.equals(lastName)) {
- dates = info.get(name);
- lastName=name;
- }
- if(dates==null) {
- dates=new Date[seg+1];
- info.put(name,dates);
- } else if(dates.length<=seg) {
- Date[] temp = new Date[seg+1];
- System.arraycopy(dates, 0, temp, 0, dates.length);
- dates = temp;
- info.put(name, dates);
- }
- Date temp = row.getTimestamp(2);
- if(dates[seg]==null || dates[seg].before(temp)) {
- dates[seg]=temp;
- }
- }
- return Result.ok();
- }
-
/* (non-Javadoc)
- * @see org.onap.aaf.auth.dao.cass.CIDAO#get(java.lang.String, int)
- */
+ * @see org.onap.aaf.auth.dao.cass.CIDAO#check(org.onap.aaf.auth.env.test.AuthzTrans)
+ */
@Override
- public Date get(AuthzTrans trans, String table, int seg) {
- Date[] dates = info.get(table);
- if(dates==null) {
- dates = new Date[seg+1];
- touch(trans,table, seg);
- } else if(dates.length<=seg) {
- Date[] temp = new Date[seg+1];
- System.arraycopy(dates, 0, temp, 0, dates.length);
- dates = temp;
- }
- Date rv = dates[seg];
- if(rv==null) {
- rv=dates[seg]=startTime;
- }
- return rv;
- }
+ public Result<Void> check(AuthzTrans trans) {
+ ResultSet rs;
+ TimeTaken tt = trans.start("Check Table Timestamps",Env.REMOTE);
+ try {
+ rs = getSession(trans).execute(new BoundStatement(psCheck));
+ } catch (DriverException | APIException | IOException e) {
+ reportPerhapsReset(trans,e);
+ return Result.err(Result.ERR_Backend, CassAccess.ERR_ACCESS_MSG);
+ } finally {
+ tt.done();
+ }
+
+ String lastName = null;
+ Date[] dates = null;
+ for(Row row : rs.all()) {
+ String name = row.getString(0);
+ int seg = row.getInt(1);
+ if(!name.equals(lastName)) {
+ dates = info.get(name);
+ lastName=name;
+ }
+ if(dates==null) {
+ dates=new Date[seg+1];
+ info.put(name,dates);
+ } else if(dates.length<=seg) {
+ Date[] temp = new Date[seg+1];
+ System.arraycopy(dates, 0, temp, 0, dates.length);
+ dates = temp;
+ info.put(name, dates);
+ }
+ Date temp = row.getTimestamp(2);
+ if(dates[seg]==null || dates[seg].before(temp)) {
+ dates[seg]=temp;
+ }
+ }
+ return Result.ok();
+ }
+
+ /* (non-Javadoc)
+ * @see org.onap.aaf.auth.dao.cass.CIDAO#get(java.lang.String, int)
+ */
+ @Override
+ public Date get(AuthzTrans trans, String table, int seg) {
+ Date[] dates = info.get(table);
+ if(dates==null) {
+ dates = new Date[seg+1];
+ touch(trans,table, seg);
+ } else if(dates.length<=seg) {
+ Date[] temp = new Date[seg+1];
+ System.arraycopy(dates, 0, temp, 0, dates.length);
+ dates = temp;
+ }
+ Date rv = dates[seg];
+ if(rv==null) {
+ rv=dates[seg]=startTime;
+ }
+ return rv;
+ }
- @Override
- protected void wasModified(AuthzTrans trans, CRUD modified, Data data, String ... override) {
- // Do nothing
- }
+ @Override
+ protected void wasModified(AuthzTrans trans, CRUD modified, Data data, String ... override) {
+ // Do nothing
+ }
} \ No newline at end of file
diff --git a/auth/auth-cass/src/main/java/org/onap/aaf/auth/dao/cass/CacheableData.java b/auth/auth-cass/src/main/java/org/onap/aaf/auth/dao/cass/CacheableData.java
index af4b2302..be7c44ae 100644
--- a/auth/auth-cass/src/main/java/org/onap/aaf/auth/dao/cass/CacheableData.java
+++ b/auth/auth-cass/src/main/java/org/onap/aaf/auth/dao/cass/CacheableData.java
@@ -26,10 +26,10 @@ import org.onap.aaf.auth.dao.Cached;
import org.onap.aaf.auth.dao.CachedDAO;
public abstract class CacheableData implements Cacheable {
- // WARNING: DON'T attempt to add any members here, as it will
- // be treated by system as fields expected in Tables
- protected int seg(Cached<?,?> cache, Object ... fields) {
- return cache==null?0:cache.invalidate(CachedDAO.keyFromObjs(fields));
- }
-
+ // WARNING: DON'T attempt to add any members here, as it will
+ // be treated by system as fields expected in Tables
+ protected int seg(Cached<?,?> cache, Object ... fields) {
+ return cache==null?0:cache.invalidate(CachedDAO.keyFromObjs(fields));
+ }
+
}
diff --git a/auth/auth-cass/src/main/java/org/onap/aaf/auth/dao/cass/CertDAO.java b/auth/auth-cass/src/main/java/org/onap/aaf/auth/dao/cass/CertDAO.java
index 28e27497..00c9ae90 100644
--- a/auth/auth-cass/src/main/java/org/onap/aaf/auth/dao/cass/CertDAO.java
+++ b/auth/auth-cass/src/main/java/org/onap/aaf/auth/dao/cass/CertDAO.java
@@ -52,9 +52,9 @@ public class CertDAO extends CassDAOImpl<AuthzTrans,CertDAO.Data> {
public static final int CACHE_SEG = 0x40; // yields segment 0x0-0x3F
private HistoryDAO historyDAO;
- private CIDAO<AuthzTrans> infoDAO;
- private PSInfo psX500,psID;
-
+ private CIDAO<AuthzTrans> infoDAO;
+ private PSInfo psX500,psID;
+
public CertDAO(AuthzTrans trans, Cluster cluster, String keyspace) throws APIException, IOException {
super(trans, CertDAO.class.getSimpleName(),cluster, keyspace, Data.class,TABLE, readConsistency(trans,TABLE), writeConsistency(trans,TABLE));
init(trans);
@@ -68,47 +68,47 @@ public class CertDAO extends CassDAOImpl<AuthzTrans,CertDAO.Data> {
}
public static final int KEYLIMIT = 2;
- public static class Data extends CacheableData implements Bytification {
-
- public String ca;
- public BigInteger serial;
- public String id;
- public String x500;
- public String x509;
+ public static class Data extends CacheableData implements Bytification {
+
+ public String ca;
+ public BigInteger serial;
+ public String id;
+ public String x500;
+ public String x509;
@Override
- public int[] invalidate(Cached<?,?> cache) {
- return new int[] {
- seg(cache,ca,serial)
- };
- }
+ public int[] invalidate(Cached<?,?> cache) {
+ return new int[] {
+ seg(cache,ca,serial)
+ };
+ }
- @Override
- public ByteBuffer bytify() throws IOException {
- ByteArrayOutputStream baos = new ByteArrayOutputStream();
- CertLoader.deflt.marshal(this,new DataOutputStream(baos));
- return ByteBuffer.wrap(baos.toByteArray());
- }
-
- @Override
- public void reconstitute(ByteBuffer bb) throws IOException {
- CertLoader.deflt.unmarshal(this, toDIS(bb));
- }
+ @Override
+ public ByteBuffer bytify() throws IOException {
+ ByteArrayOutputStream baos = new ByteArrayOutputStream();
+ CertLoader.deflt.marshal(this,new DataOutputStream(baos));
+ return ByteBuffer.wrap(baos.toByteArray());
+ }
+
+ @Override
+ public void reconstitute(ByteBuffer bb) throws IOException {
+ CertLoader.deflt.unmarshal(this, toDIS(bb));
+ }
}
private static class CertLoader extends Loader<Data> implements Streamer<Data>{
- public static final int MAGIC=85102934;
- public static final int VERSION=1;
- public static final int BUFF_SIZE=48; // Note:
+ public static final int MAGIC=85102934;
+ public static final int VERSION=1;
+ public static final int BUFF_SIZE=48; // Note:
- public static final CertLoader deflt = new CertLoader(KEYLIMIT);
- public CertLoader(int keylimit) {
+ public static final CertLoader deflt = new CertLoader(KEYLIMIT);
+ public CertLoader(int keylimit) {
super(keylimit);
}
- @Override
+ @Override
public Data load(Data data, Row row) {
- data.ca = row.getString(0);
+ data.ca = row.getString(0);
ByteBuffer bb = row.getBytesUnsafe(1);
byte[] bytes = new byte[bb.remaining()];
bb.get(bytes);
@@ -127,7 +127,7 @@ public class CertDAO extends CassDAOImpl<AuthzTrans,CertDAO.Data> {
@Override
protected void body(Data data, int _idx, Object[] obj) {
- int idx = _idx;
+ int idx = _idx;
obj[idx] = data.id;
obj[++idx] = data.x500;
@@ -136,74 +136,74 @@ public class CertDAO extends CassDAOImpl<AuthzTrans,CertDAO.Data> {
}
- @Override
- public void marshal(Data data, DataOutputStream os) throws IOException {
- writeHeader(os,MAGIC,VERSION);
- writeString(os, data.id);
- writeString(os, data.x500);
- writeString(os, data.x509);
- writeString(os, data.ca);
- if(data.serial==null) {
- os.writeInt(-1);
- } else {
- byte[] dsba = data.serial.toByteArray();
- int l = dsba.length;
- os.writeInt(l);
- os.write(dsba,0,l);
- }
- }
-
- @Override
- public void unmarshal(Data data, DataInputStream is) throws IOException {
- /*int version = */readHeader(is,MAGIC,VERSION);
- // If Version Changes between Production runs, you'll need to do a switch Statement, and adequately read in fields
- byte[] buff = new byte[BUFF_SIZE];
- data.id = readString(is,buff);
- data.x500 = readString(is,buff);
- data.x509 = readString(is,buff);
- data.ca = readString(is,buff);
- int i = is.readInt();
- data.serial=null;
- if(i>=0) {
- byte[] bytes = new byte[i]; // a bit dangerous, but lessened because of all the previous sized data reads
- if(is.read(bytes)>0) {
- data.serial = new BigInteger(bytes);
- }
- }
- }
+ @Override
+ public void marshal(Data data, DataOutputStream os) throws IOException {
+ writeHeader(os,MAGIC,VERSION);
+ writeString(os, data.id);
+ writeString(os, data.x500);
+ writeString(os, data.x509);
+ writeString(os, data.ca);
+ if(data.serial==null) {
+ os.writeInt(-1);
+ } else {
+ byte[] dsba = data.serial.toByteArray();
+ int l = dsba.length;
+ os.writeInt(l);
+ os.write(dsba,0,l);
+ }
+ }
+
+ @Override
+ public void unmarshal(Data data, DataInputStream is) throws IOException {
+ /*int version = */readHeader(is,MAGIC,VERSION);
+ // If Version Changes between Production runs, you'll need to do a switch Statement, and adequately read in fields
+ byte[] buff = new byte[BUFF_SIZE];
+ data.id = readString(is,buff);
+ data.x500 = readString(is,buff);
+ data.x509 = readString(is,buff);
+ data.ca = readString(is,buff);
+ int i = is.readInt();
+ data.serial=null;
+ if(i>=0) {
+ byte[] bytes = new byte[i]; // a bit dangerous, but lessened because of all the previous sized data reads
+ if(is.read(bytes)>0) {
+ data.serial = new BigInteger(bytes);
+ }
+ }
+ }
}
public Result<List<CertDAO.Data>> read(AuthzTrans trans, Object ... key) {
- // Translate BigInteger to Byte array for lookup
- return super.read(trans, key[0],ByteBuffer.wrap(((BigInteger)key[1]).toByteArray()));
+ // Translate BigInteger to Byte array for lookup
+ return super.read(trans, key[0],ByteBuffer.wrap(((BigInteger)key[1]).toByteArray()));
}
private void init(AuthzTrans trans) throws APIException, IOException {
// Set up sub-DAOs
if(historyDAO==null) {
- historyDAO = new HistoryDAO(trans,this);
+ historyDAO = new HistoryDAO(trans,this);
+ }
+ if(infoDAO==null) {
+ infoDAO = new CacheInfoDAO(trans,this);
}
- if(infoDAO==null) {
- infoDAO = new CacheInfoDAO(trans,this);
- }
- String[] helpers = setCRUD(trans, TABLE, Data.class, CertLoader.deflt);
+ String[] helpers = setCRUD(trans, TABLE, Data.class, CertLoader.deflt);
- psID = new PSInfo(trans, SELECT_SP + helpers[FIELD_COMMAS] + " FROM " + TABLE +
- " WHERE id = ?", CertLoader.deflt,readConsistency);
+ psID = new PSInfo(trans, SELECT_SP + helpers[FIELD_COMMAS] + " FROM " + TABLE +
+ " WHERE id = ?", CertLoader.deflt,readConsistency);
- psX500 = new PSInfo(trans, SELECT_SP + helpers[FIELD_COMMAS] + " FROM " + TABLE +
- " WHERE x500 = ?", CertLoader.deflt,readConsistency);
-
+ psX500 = new PSInfo(trans, SELECT_SP + helpers[FIELD_COMMAS] + " FROM " + TABLE +
+ " WHERE x500 = ?", CertLoader.deflt,readConsistency);
+
}
- public Result<List<Data>> readX500(AuthzTrans trans, String x500) {
- return psX500.read(trans, R_TEXT, new Object[]{x500});
- }
+ public Result<List<Data>> readX500(AuthzTrans trans, String x500) {
+ return psX500.read(trans, R_TEXT, new Object[]{x500});
+ }
- public Result<List<Data>> readID(AuthzTrans trans, String id) {
- return psID.read(trans, R_TEXT, new Object[]{id});
- }
+ public Result<List<Data>> readID(AuthzTrans trans, String id) {
+ return psID.read(trans, R_TEXT, new Object[]{id});
+ }
/**
* Log Modification statements to History
@@ -214,8 +214,8 @@ public class CertDAO extends CassDAOImpl<AuthzTrans,CertDAO.Data> {
*/
@Override
protected void wasModified(AuthzTrans trans, CRUD modified, Data data, String ... override) {
- boolean memo = override.length>0 && override[0]!=null;
- boolean subject = override.length>1 && override[1]!=null;
+ boolean memo = override.length>0 && override[0]!=null;
+ boolean subject = override.length>1 && override[1]!=null;
HistoryDAO.Data hd = HistoryDAO.newInitedData();
hd.user = trans.user();
@@ -226,19 +226,19 @@ public class CertDAO extends CassDAOImpl<AuthzTrans,CertDAO.Data> {
? String.format("%s by %s", override[0], hd.user)
: (modified.name() + "d certificate info for " + data.id);
// Detail?
- if(modified==CRUD.delete) {
- try {
- hd.reconstruct = data.bytify();
- } catch (IOException e) {
- trans.error().log(e,"Could not serialize CertDAO.Data");
- }
- }
+ if(modified==CRUD.delete) {
+ try {
+ hd.reconstruct = data.bytify();
+ } catch (IOException e) {
+ trans.error().log(e,"Could not serialize CertDAO.Data");
+ }
+ }
if(historyDAO.create(trans, hd).status!=Status.OK) {
- trans.error().log("Cannot log to History");
+ trans.error().log("Cannot log to History");
}
if(infoDAO.touch(trans, TABLE,data.invalidate(cache)).status!=Status.OK) {
- trans.error().log("Cannot touch Cert");
+ trans.error().log("Cannot touch Cert");
}
}
}
diff --git a/auth/auth-cass/src/main/java/org/onap/aaf/auth/dao/cass/ConfigDAO.java b/auth/auth-cass/src/main/java/org/onap/aaf/auth/dao/cass/ConfigDAO.java
index df284044..398e7323 100644
--- a/auth/auth-cass/src/main/java/org/onap/aaf/auth/dao/cass/ConfigDAO.java
+++ b/auth/auth-cass/src/main/java/org/onap/aaf/auth/dao/cass/ConfigDAO.java
@@ -45,7 +45,7 @@ import com.datastax.driver.core.Row;
public class ConfigDAO extends CassDAOImpl<AuthzTrans,ConfigDAO.Data> {
public static final String TABLE = "config";
public static final int CACHE_SEG = 0x40; // yields segment 0x0-0x3F
- private PSInfo psName;
+ private PSInfo psName;
public ConfigDAO(AuthzTrans trans, Cluster cluster, String keyspace) throws APIException, IOException {
super(trans, ConfigDAO.class.getSimpleName(),cluster, keyspace, Data.class,TABLE, readConsistency(trans,TABLE), writeConsistency(trans,TABLE));
@@ -58,25 +58,25 @@ public class ConfigDAO extends CassDAOImpl<AuthzTrans,ConfigDAO.Data> {
}
public static final int KEYLIMIT = 2;
- public static class Data {
- public String name;
- public String tag;
- public String value;
+ public static class Data {
+ public String name;
+ public String tag;
+ public String value;
}
private static class ConfigLoader extends Loader<Data> implements Streamer<Data>{
- public static final int MAGIC=2673849;
- public static final int VERSION=1;
- public static final int BUFF_SIZE=48;
+ public static final int MAGIC=2673849;
+ public static final int VERSION=1;
+ public static final int BUFF_SIZE=48;
- public static final ConfigLoader deflt = new ConfigLoader(KEYLIMIT);
- public ConfigLoader(int keylimit) {
+ public static final ConfigLoader deflt = new ConfigLoader(KEYLIMIT);
+ public ConfigLoader(int keylimit) {
super(keylimit);
}
- @Override
+ @Override
public Data load(Data data, Row row) {
- data.name = row.getString(0);
+ data.name = row.getString(0);
data.tag = row.getString(1);
data.value = row.getString(2);
return data;
@@ -93,30 +93,30 @@ public class ConfigDAO extends CassDAOImpl<AuthzTrans,ConfigDAO.Data> {
obj[_idx] = data.value;
}
- @Override
- public void marshal(Data data, DataOutputStream os) throws IOException {
- writeHeader(os,MAGIC,VERSION);
- writeString(os, data.name);
- writeString(os, data.tag);
- writeString(os, data.value);
- }
-
- @Override
- public void unmarshal(Data data, DataInputStream is) throws IOException {
- /*int version = */readHeader(is,MAGIC,VERSION);
- // If Version Changes between Production runs, you'll need to do a switch Statement, and adequately read in fields
- byte[] buff = new byte[BUFF_SIZE];
- data.name = readString(is,buff);
- data.tag = readString(is,buff);
- data.value = readString(is,buff);
- }
+ @Override
+ public void marshal(Data data, DataOutputStream os) throws IOException {
+ writeHeader(os,MAGIC,VERSION);
+ writeString(os, data.name);
+ writeString(os, data.tag);
+ writeString(os, data.value);
+ }
+
+ @Override
+ public void unmarshal(Data data, DataInputStream is) throws IOException {
+ /*int version = */readHeader(is,MAGIC,VERSION);
+ // If Version Changes between Production runs, you'll need to do a switch Statement, and adequately read in fields
+ byte[] buff = new byte[BUFF_SIZE];
+ data.name = readString(is,buff);
+ data.tag = readString(is,buff);
+ data.value = readString(is,buff);
+ }
}
private void init(AuthzTrans trans) throws APIException, IOException {
- String[] helpers = setCRUD(trans, TABLE, Data.class, ConfigLoader.deflt);
+ String[] helpers = setCRUD(trans, TABLE, Data.class, ConfigLoader.deflt);
- psName = new PSInfo(trans, SELECT_SP + helpers[FIELD_COMMAS] + " FROM " + TABLE +
- " WHERE name = ?", ConfigLoader.deflt,readConsistency);
+ psName = new PSInfo(trans, SELECT_SP + helpers[FIELD_COMMAS] + " FROM " + TABLE +
+ " WHERE name = ?", ConfigLoader.deflt,readConsistency);
}
@@ -129,12 +129,12 @@ public class ConfigDAO extends CassDAOImpl<AuthzTrans,ConfigDAO.Data> {
*/
@Override
protected void wasModified(AuthzTrans trans, CRUD modified, Data data, String ... override) {
- // not an auditable table.
+ // not an auditable table.
}
- public Result<List<Data>> readName(AuthzTrans trans, String name) {
- return psName.read(trans, R_TEXT, new Object[]{name});
- }
+ public Result<List<Data>> readName(AuthzTrans trans, String name) {
+ return psName.read(trans, R_TEXT, new Object[]{name});
+ }
}
diff --git a/auth/auth-cass/src/main/java/org/onap/aaf/auth/dao/cass/CredDAO.java b/auth/auth-cass/src/main/java/org/onap/aaf/auth/dao/cass/CredDAO.java
index 76e3b424..5bcba9d9 100644
--- a/auth/auth-cass/src/main/java/org/onap/aaf/auth/dao/cass/CredDAO.java
+++ b/auth/auth-cass/src/main/java/org/onap/aaf/auth/dao/cass/CredDAO.java
@@ -51,16 +51,16 @@ import com.datastax.driver.core.Row;
public class CredDAO extends CassDAOImpl<AuthzTrans,CredDAO.Data> {
public static final String TABLE = "cred";
public static final int CACHE_SEG = 0x40; // yields segment 0x0-0x3F
- public static final int RAW = -1;
+ public static final int RAW = -1;
public static final int BASIC_AUTH = 1;
public static final int BASIC_AUTH_SHA256 = 2;
public static final int CERT_SHA256_RSA =200;
private HistoryDAO historyDAO;
- private CIDAO<AuthzTrans> infoDAO;
- private PSInfo psNS;
- private PSInfo psID;
-
+ private CIDAO<AuthzTrans> infoDAO;
+ private PSInfo psNS;
+ private PSInfo psID;
+
public CredDAO(AuthzTrans trans, Cluster cluster, String keyspace) throws APIException, IOException {
super(trans, CredDAO.class.getSimpleName(),cluster, keyspace, Data.class,TABLE, readConsistency(trans,TABLE), writeConsistency(trans,TABLE));
init(trans);
@@ -74,52 +74,52 @@ public class CredDAO extends CassDAOImpl<AuthzTrans,CredDAO.Data> {
}
public static final int KEYLIMIT = 3;
- public static class Data extends CacheableData implements Bytification {
-
- public String id;
- public Integer type;
- public Date expires;
- public Integer other;
- public String ns;
- public String notes;
- public ByteBuffer cred; // this is a blob in cassandra
+ public static class Data extends CacheableData implements Bytification {
+
+ public String id;
+ public Integer type;
+ public Date expires;
+ public Integer other;
+ public String ns;
+ public String notes;
+ public ByteBuffer cred; // this is a blob in cassandra
@Override
- public int[] invalidate(Cached<?,?> cache) {
- return new int[] {
- seg(cache,id) // cache is for all entities
- };
- }
+ public int[] invalidate(Cached<?,?> cache) {
+ return new int[] {
+ seg(cache,id) // cache is for all entities
+ };
+ }
+
+ @Override
+ public ByteBuffer bytify() throws IOException {
+ ByteArrayOutputStream baos = new ByteArrayOutputStream();
+ CredLoader.deflt.marshal(this,new DataOutputStream(baos));
+ return ByteBuffer.wrap(baos.toByteArray());
+ }
- @Override
- public ByteBuffer bytify() throws IOException {
- ByteArrayOutputStream baos = new ByteArrayOutputStream();
- CredLoader.deflt.marshal(this,new DataOutputStream(baos));
- return ByteBuffer.wrap(baos.toByteArray());
- }
-
- @Override
- public void reconstitute(ByteBuffer bb) throws IOException {
- CredLoader.deflt.unmarshal(this, toDIS(bb));
- }
+ @Override
+ public void reconstitute(ByteBuffer bb) throws IOException {
+ CredLoader.deflt.unmarshal(this, toDIS(bb));
+ }
- public String toString() {
- return id + ' ' + type + ' ' + Chrono.dateTime(expires);
- }
+ public String toString() {
+ return id + ' ' + type + ' ' + Chrono.dateTime(expires);
+ }
}
private static class CredLoader extends Loader<Data> implements Streamer<Data>{
- public static final int MAGIC=153323443;
- public static final int VERSION=1;
- public static final int BUFF_SIZE=48; // Note:
+ public static final int MAGIC=153323443;
+ public static final int VERSION=1;
+ public static final int BUFF_SIZE=48; // Note:
- public static final CredLoader deflt = new CredLoader(KEYLIMIT);
- public CredLoader(int keylimit) {
+ public static final CredLoader deflt = new CredLoader(KEYLIMIT);
+ public CredLoader(int keylimit) {
super(keylimit);
}
- @Override
+ @Override
public Data load(Data data, Row row) {
data.id = row.getString(0);
data.type = row.getInt(1); // NOTE: in datastax driver, If the int value is NULL, 0 is returned!
@@ -133,7 +133,7 @@ public class CredDAO extends CassDAOImpl<AuthzTrans,CredDAO.Data> {
@Override
protected void key(Data data, int _idx, Object[] obj) {
- int idx = _idx;
+ int idx = _idx;
obj[idx] = data.id;
obj[++idx] = data.type;
@@ -149,77 +149,77 @@ public class CredDAO extends CassDAOImpl<AuthzTrans,CredDAO.Data> {
obj[++i] = data.cred;
}
- @Override
- public void marshal(Data data, DataOutputStream os) throws IOException {
- writeHeader(os,MAGIC,VERSION);
- writeString(os, data.id);
- os.writeInt(data.type);
- os.writeLong(data.expires==null?-1:data.expires.getTime());
- os.writeInt(data.other==null?0:data.other);
- writeString(os, data.ns);
- writeString(os, data.notes);
- if(data.cred==null) {
- os.writeInt(-1);
- } else {
- int l = data.cred.limit()-data.cred.position();
- os.writeInt(l);
- os.write(data.cred.array(),data.cred.position(),l);
- }
- }
+ @Override
+ public void marshal(Data data, DataOutputStream os) throws IOException {
+ writeHeader(os,MAGIC,VERSION);
+ writeString(os, data.id);
+ os.writeInt(data.type);
+ os.writeLong(data.expires==null?-1:data.expires.getTime());
+ os.writeInt(data.other==null?0:data.other);
+ writeString(os, data.ns);
+ writeString(os, data.notes);
+ if(data.cred==null) {
+ os.writeInt(-1);
+ } else {
+ int l = data.cred.limit()-data.cred.position();
+ os.writeInt(l);
+ os.write(data.cred.array(),data.cred.position(),l);
+ }
+ }
- @Override
- public void unmarshal(Data data, DataInputStream is) throws IOException {
- /*int version = */readHeader(is,MAGIC,VERSION);
- // If Version Changes between Production runs, you'll need to do a switch Statement, and adequately read in fields
- byte[] buff = new byte[BUFF_SIZE];
- data.id = readString(is,buff);
- data.type = is.readInt();
-
- long l = is.readLong();
- data.expires = l<0?null:new Date(l);
- data.other = is.readInt();
- data.ns = readString(is,buff);
- data.notes = readString(is,buff);
-
- int i = is.readInt();
- data.cred=null;
- if(i>=0) {
- byte[] bytes = new byte[i]; // a bit dangerous, but lessened because of all the previous sized data reads
- int read = is.read(bytes);
- if(read>0) {
- data.cred = ByteBuffer.wrap(bytes);
- }
- }
- }
+ @Override
+ public void unmarshal(Data data, DataInputStream is) throws IOException {
+ /*int version = */readHeader(is,MAGIC,VERSION);
+ // If Version Changes between Production runs, you'll need to do a switch Statement, and adequately read in fields
+ byte[] buff = new byte[BUFF_SIZE];
+ data.id = readString(is,buff);
+ data.type = is.readInt();
+
+ long l = is.readLong();
+ data.expires = l<0?null:new Date(l);
+ data.other = is.readInt();
+ data.ns = readString(is,buff);
+ data.notes = readString(is,buff);
+
+ int i = is.readInt();
+ data.cred=null;
+ if(i>=0) {
+ byte[] bytes = new byte[i]; // a bit dangerous, but lessened because of all the previous sized data reads
+ int read = is.read(bytes);
+ if(read>0) {
+ data.cred = ByteBuffer.wrap(bytes);
+ }
+ }
+ }
}
private void init(AuthzTrans trans) throws APIException, IOException {
// Set up sub-DAOs
if(historyDAO==null) {
- historyDAO = new HistoryDAO(trans,this);
+ historyDAO = new HistoryDAO(trans,this);
}
- if(infoDAO==null) {
- infoDAO = new CacheInfoDAO(trans,this);
- }
-
+ if(infoDAO==null) {
+ infoDAO = new CacheInfoDAO(trans,this);
+ }
+
- String[] helpers = setCRUD(trans, TABLE, Data.class, CredLoader.deflt);
-
- psNS = new PSInfo(trans, SELECT_SP + helpers[FIELD_COMMAS] + " FROM " + TABLE +
- " WHERE ns = ?", CredLoader.deflt,readConsistency);
-
- psID = new PSInfo(trans, SELECT_SP + helpers[FIELD_COMMAS] + " FROM " + TABLE +
- " WHERE id = ?", CredLoader.deflt,readConsistency);
+ String[] helpers = setCRUD(trans, TABLE, Data.class, CredLoader.deflt);
+
+ psNS = new PSInfo(trans, SELECT_SP + helpers[FIELD_COMMAS] + " FROM " + TABLE +
+ " WHERE ns = ?", CredLoader.deflt,readConsistency);
+
+ psID = new PSInfo(trans, SELECT_SP + helpers[FIELD_COMMAS] + " FROM " + TABLE +
+ " WHERE id = ?", CredLoader.deflt,readConsistency);
+ }
+
+ public Result<List<Data>> readNS(AuthzTrans trans, String ns) {
+ return psNS.read(trans, R_TEXT, new Object[]{ns});
+ }
+
+ public Result<List<Data>> readID(AuthzTrans trans, String id) {
+ return psID.read(trans, R_TEXT, new Object[]{id});
}
- public Result<List<Data>> readNS(AuthzTrans trans, String ns) {
- return psNS.read(trans, R_TEXT, new Object[]{ns});
- }
-
- public Result<List<Data>> readID(AuthzTrans trans, String id) {
- return psID.read(trans, R_TEXT, new Object[]{id});
- }
-
/**
* Log Modification statements to History
*
@@ -229,8 +229,8 @@ public class CredDAO extends CassDAOImpl<AuthzTrans,CredDAO.Data> {
*/
@Override
protected void wasModified(AuthzTrans trans, CRUD modified, Data data, String ... override) {
- boolean memo = override.length>0 && override[0]!=null;
- boolean subject = override.length>1 && override[1]!=null;
+ boolean memo = override.length>0 && override[0]!=null;
+ boolean subject = override.length>1 && override[1]!=null;
HistoryDAO.Data hd = HistoryDAO.newInitedData();
hd.user = trans.user();
@@ -241,19 +241,19 @@ public class CredDAO extends CassDAOImpl<AuthzTrans,CredDAO.Data> {
? String.format("%s by %s", override[0], hd.user)
: (modified.name() + "d credential for " + data.id);
// Detail?
- if(modified==CRUD.delete) {
- try {
- hd.reconstruct = data.bytify();
- } catch (IOException e) {
- trans.error().log(e,"Could not serialize CredDAO.Data");
- }
- }
+ if(modified==CRUD.delete) {
+ try {
+ hd.reconstruct = data.bytify();
+ } catch (IOException e) {
+ trans.error().log(e,"Could not serialize CredDAO.Data");
+ }
+ }
if(historyDAO.create(trans, hd).status!=Status.OK) {
- trans.error().log("Cannot log to History");
+ trans.error().log("Cannot log to History");
}
if(infoDAO.touch(trans, TABLE,data.invalidate(cache)).status!=Status.OK) {
- trans.error().log("Cannot touch Cred");
+ trans.error().log("Cannot touch Cred");
}
}
}
diff --git a/auth/auth-cass/src/main/java/org/onap/aaf/auth/dao/cass/DelegateDAO.java b/auth/auth-cass/src/main/java/org/onap/aaf/auth/dao/cass/DelegateDAO.java
index 78a98e1d..b137b640 100644
--- a/auth/auth-cass/src/main/java/org/onap/aaf/auth/dao/cass/DelegateDAO.java
+++ b/auth/auth-cass/src/main/java/org/onap/aaf/auth/dao/cass/DelegateDAO.java
@@ -42,97 +42,97 @@ import com.datastax.driver.core.Row;
public class DelegateDAO extends CassDAOImpl<AuthzTrans, DelegateDAO.Data> {
- public static final String TABLE = "delegate";
- private PSInfo psByDelegate;
-
- public DelegateDAO(AuthzTrans trans, Cluster cluster, String keyspace) {
- super(trans, DelegateDAO.class.getSimpleName(),cluster,keyspace,Data.class,TABLE, readConsistency(trans,TABLE), writeConsistency(trans,TABLE));
- init(trans);
- }
-
- public DelegateDAO(AuthzTrans trans, AbsCassDAO<AuthzTrans,?> aDao) {
- super(trans, DelegateDAO.class.getSimpleName(),aDao,Data.class,TABLE, readConsistency(trans,TABLE), writeConsistency(trans,TABLE));
- init(trans);
- }
-
- private static final int KEYLIMIT = 1;
- public static class Data implements Bytification {
- public String user;
- public String delegate;
- public Date expires;
-
- @Override
- public ByteBuffer bytify() throws IOException {
- ByteArrayOutputStream baos = new ByteArrayOutputStream();
- DelegateLoader.dflt.marshal(this,new DataOutputStream(baos));
- return ByteBuffer.wrap(baos.toByteArray());
- }
-
- @Override
- public void reconstitute(ByteBuffer bb) throws IOException {
- DelegateLoader.dflt.unmarshal(this, toDIS(bb));
- }
- }
-
- private static class DelegateLoader extends Loader<Data> implements Streamer<Data>{
- public static final int MAGIC=0xD823ACF2;
- public static final int VERSION=1;
- public static final int BUFF_SIZE=48;
-
- public static final DelegateLoader dflt = new DelegateLoader(KEYLIMIT);
-
- public DelegateLoader(int keylimit) {
- super(keylimit);
- }
-
- @Override
- public Data load(Data data, Row row) {
- data.user = row.getString(0);
- data.delegate = row.getString(1);
- data.expires = row.getTimestamp(2);
- return data;
- }
-
- @Override
- protected void key(Data data, int idx, Object[] obj) {
- obj[idx]=data.user;
- }
-
- @Override
- protected void body(Data data, int _idx, Object[] obj) {
- int idx = _idx;
-
- obj[idx]=data.delegate;
- obj[++idx]=data.expires;
- }
-
- @Override
- public void marshal(Data data, DataOutputStream os) throws IOException {
- writeHeader(os,MAGIC,VERSION);
- writeString(os, data.user);
- writeString(os, data.delegate);
- os.writeLong(data.expires.getTime());
- }
-
- @Override
- public void unmarshal(Data data, DataInputStream is) throws IOException {
- /*int version = */readHeader(is,MAGIC,VERSION);
- // If Version Changes between Production runs, you'll need to do a switch Statement, and adequately read in fields
- byte[] buff = new byte[BUFF_SIZE];
- data.user = readString(is, buff);
- data.delegate = readString(is,buff);
- data.expires = new Date(is.readLong());
- }
- }
-
- private void init(AuthzTrans trans) {
- String[] helpers = setCRUD(trans, TABLE, Data.class, DelegateLoader.dflt);
- psByDelegate = new PSInfo(trans, SELECT_SP + helpers[FIELD_COMMAS] + " FROM " + TABLE +
- " WHERE delegate = ?", new DelegateLoader(1),readConsistency);
-
- }
-
- public Result<List<DelegateDAO.Data>> readByDelegate(AuthzTrans trans, String delegate) {
- return psByDelegate.read(trans, R_TEXT, new Object[]{delegate});
- }
+ public static final String TABLE = "delegate";
+ private PSInfo psByDelegate;
+
+ public DelegateDAO(AuthzTrans trans, Cluster cluster, String keyspace) {
+ super(trans, DelegateDAO.class.getSimpleName(),cluster,keyspace,Data.class,TABLE, readConsistency(trans,TABLE), writeConsistency(trans,TABLE));
+ init(trans);
+ }
+
+ public DelegateDAO(AuthzTrans trans, AbsCassDAO<AuthzTrans,?> aDao) {
+ super(trans, DelegateDAO.class.getSimpleName(),aDao,Data.class,TABLE, readConsistency(trans,TABLE), writeConsistency(trans,TABLE));
+ init(trans);
+ }
+
+ private static final int KEYLIMIT = 1;
+ public static class Data implements Bytification {
+ public String user;
+ public String delegate;
+ public Date expires;
+
+ @Override
+ public ByteBuffer bytify() throws IOException {
+ ByteArrayOutputStream baos = new ByteArrayOutputStream();
+ DelegateLoader.dflt.marshal(this,new DataOutputStream(baos));
+ return ByteBuffer.wrap(baos.toByteArray());
+ }
+
+ @Override
+ public void reconstitute(ByteBuffer bb) throws IOException {
+ DelegateLoader.dflt.unmarshal(this, toDIS(bb));
+ }
+ }
+
+ private static class DelegateLoader extends Loader<Data> implements Streamer<Data>{
+ public static final int MAGIC=0xD823ACF2;
+ public static final int VERSION=1;
+ public static final int BUFF_SIZE=48;
+
+ public static final DelegateLoader dflt = new DelegateLoader(KEYLIMIT);
+
+ public DelegateLoader(int keylimit) {
+ super(keylimit);
+ }
+
+ @Override
+ public Data load(Data data, Row row) {
+ data.user = row.getString(0);
+ data.delegate = row.getString(1);
+ data.expires = row.getTimestamp(2);
+ return data;
+ }
+
+ @Override
+ protected void key(Data data, int idx, Object[] obj) {
+ obj[idx]=data.user;
+ }
+
+ @Override
+ protected void body(Data data, int _idx, Object[] obj) {
+ int idx = _idx;
+
+ obj[idx]=data.delegate;
+ obj[++idx]=data.expires;
+ }
+
+ @Override
+ public void marshal(Data data, DataOutputStream os) throws IOException {
+ writeHeader(os,MAGIC,VERSION);
+ writeString(os, data.user);
+ writeString(os, data.delegate);
+ os.writeLong(data.expires.getTime());
+ }
+
+ @Override
+ public void unmarshal(Data data, DataInputStream is) throws IOException {
+ /*int version = */readHeader(is,MAGIC,VERSION);
+ // If Version Changes between Production runs, you'll need to do a switch Statement, and adequately read in fields
+ byte[] buff = new byte[BUFF_SIZE];
+ data.user = readString(is, buff);
+ data.delegate = readString(is,buff);
+ data.expires = new Date(is.readLong());
+ }
+ }
+
+ private void init(AuthzTrans trans) {
+ String[] helpers = setCRUD(trans, TABLE, Data.class, DelegateLoader.dflt);
+ psByDelegate = new PSInfo(trans, SELECT_SP + helpers[FIELD_COMMAS] + " FROM " + TABLE +
+ " WHERE delegate = ?", new DelegateLoader(1),readConsistency);
+
+ }
+
+ public Result<List<DelegateDAO.Data>> readByDelegate(AuthzTrans trans, String delegate) {
+ return psByDelegate.read(trans, R_TEXT, new Object[]{delegate});
+ }
}
diff --git a/auth/auth-cass/src/main/java/org/onap/aaf/auth/dao/cass/FutureDAO.java b/auth/auth-cass/src/main/java/org/onap/aaf/auth/dao/cass/FutureDAO.java
index 0263e009..6b0ea2df 100644
--- a/auth/auth-cass/src/main/java/org/onap/aaf/auth/dao/cass/FutureDAO.java
+++ b/auth/auth-cass/src/main/java/org/onap/aaf/auth/dao/cass/FutureDAO.java
@@ -45,13 +45,13 @@ import com.datastax.driver.core.Row;
*/
public class FutureDAO extends CassDAOImpl<AuthzTrans,FutureDAO.Data> {
private static final String TABLE = "future";
- private final HistoryDAO historyDAO;
-// private static String createString;
- private PSInfo psByStartAndTarget;
-
+ private final HistoryDAO historyDAO;
+// private static String createString;
+ private PSInfo psByStartAndTarget;
+
public FutureDAO(AuthzTrans trans, Cluster cluster, String keyspace) {
super(trans, FutureDAO.class.getSimpleName(),cluster, keyspace, Data.class,TABLE, readConsistency(trans,TABLE), writeConsistency(trans,TABLE));
- historyDAO = new HistoryDAO(trans, this);
+ historyDAO = new HistoryDAO(trans, this);
init(trans);
}
@@ -64,11 +64,11 @@ public class FutureDAO extends CassDAOImpl<AuthzTrans,FutureDAO.Data> {
public static final int KEYLIMIT = 1;
public static class Data {
public UUID id;
- public String target;
- public String memo;
- public Date start;
- public Date expires;
- public ByteBuffer construct; // this is a blob in cassandra
+ public String target;
+ public String memo;
+ public Date start;
+ public Date expires;
+ public ByteBuffer construct; // this is a blob in cassandra
}
private static class FLoader extends Loader<Data> {
@@ -81,13 +81,13 @@ public class FutureDAO extends CassDAOImpl<AuthzTrans,FutureDAO.Data> {
}
@Override
- public Data load(Data data, Row row) {
- data.id = row.getUUID(0);
- data.target = row.getString(1);
+ public Data load(Data data, Row row) {
+ data.id = row.getUUID(0);
+ data.target = row.getString(1);
data.memo = row.getString(2);
- data.start = row.getTimestamp(3);
- data.expires = row.getTimestamp(4);
- data.construct = row.getBytes(5);
+ data.start = row.getTimestamp(3);
+ data.expires = row.getTimestamp(4);
+ data.construct = row.getBytes(5);
return data;
}
@@ -98,7 +98,7 @@ public class FutureDAO extends CassDAOImpl<AuthzTrans,FutureDAO.Data> {
@Override
protected void body(Data data, int _idx, Object[] obj) {
- int idx = _idx;
+ int idx = _idx;
obj[idx] = data.target;
obj[++idx] = data.memo;
@@ -113,71 +113,71 @@ public class FutureDAO extends CassDAOImpl<AuthzTrans,FutureDAO.Data> {
String[] helpers = setCRUD(trans, TABLE, Data.class, new FLoader(KEYLIMIT));
// Uh, oh. Can't use "now()" in Prepared Statements (at least at this level)
-// createString = "INSERT INTO " + TABLE + " ("+helpers[FIELD_COMMAS] +") VALUES (now(),";
+// createString = "INSERT INTO " + TABLE + " ("+helpers[FIELD_COMMAS] +") VALUES (now(),";
//
-// // Need a specialty Creator to handle the "now()"
-// replace(CRUD.Create, new PSInfo(trans, "INSERT INTO future (" + helpers[FIELD_COMMAS] +
-// ") VALUES(now(),?,?,?,?,?)",new FLoader(0)));
-
- // Other SELECT style statements... match with a local Method
- psByStartAndTarget = new PSInfo(trans, SELECT_SP + helpers[FIELD_COMMAS] +
- " FROM future WHERE start <= ? and target = ? ALLOW FILTERING", new FLoader(2) {
- @Override
- protected void key(Data data, int _idx, Object[] obj) {
- int idx = _idx;
-
- obj[idx]=data.start;
- obj[++idx]=data.target;
- }
- },readConsistency);
-
+// // Need a specialty Creator to handle the "now()"
+// replace(CRUD.Create, new PSInfo(trans, "INSERT INTO future (" + helpers[FIELD_COMMAS] +
+// ") VALUES(now(),?,?,?,?,?)",new FLoader(0)));
+
+ // Other SELECT style statements... match with a local Method
+ psByStartAndTarget = new PSInfo(trans, SELECT_SP + helpers[FIELD_COMMAS] +
+ " FROM future WHERE start <= ? and target = ? ALLOW FILTERING", new FLoader(2) {
+ @Override
+ protected void key(Data data, int _idx, Object[] obj) {
+ int idx = _idx;
+
+ obj[idx]=data.start;
+ obj[++idx]=data.target;
+ }
+ },readConsistency);
+
}
public Result<List<Data>> readByStartAndTarget(AuthzTrans trans, Date start, String target) throws DAOException {
- return psByStartAndTarget.read(trans, R_TEXT, new Object[]{start, target});
- }
+ return psByStartAndTarget.read(trans, R_TEXT, new Object[]{start, target});
+ }
/**
- * Override create to add secondary ID to Subject in History, and create Data.ID, if it is null
+ * Override create to add secondary ID to Subject in History, and create Data.ID, if it is null
*/
- public Result<FutureDAO.Data> create(AuthzTrans trans, FutureDAO.Data data, String id) {
- // If ID is not set (typical), create one.
- if(data.id==null) {
- StringBuilder sb = new StringBuilder(trans.user());
- sb.append(data.target);
- sb.append(System.currentTimeMillis());
- data.id = UUID.nameUUIDFromBytes(sb.toString().getBytes());
- }
- Result<ResultSet> rs = createPS.exec(trans, C_TEXT, data);
- if(rs.notOK()) {
- return Result.err(rs);
- }
- wasModified(trans, CRUD.create, data, null, id);
- return Result.ok(data);
- }
-
- /**
- * Log Modification statements to History
- *
- * @param modified which CRUD action was done
- * @param data entity data that needs a log entry
- * @param overrideMessage if this is specified, we use it rather than crafting a history message based on data
- */
- @Override
- protected void wasModified(AuthzTrans trans, CRUD modified, Data data, String ... override) {
- boolean memo = override.length>0 && override[0]!=null;
- boolean subject = override.length>1 && override[1]!=null;
- HistoryDAO.Data hd = HistoryDAO.newInitedData();
- hd.user = trans.user();
- hd.action = modified.name();
- hd.target = TABLE;
- hd.subject = subject?override[1]:"";
- hd.memo = memo?String.format("%s by %s", override[0], hd.user):data.memo;
-
- if(historyDAO.create(trans, hd).status!=Status.OK) {
- trans.error().log("Cannot log to History");
- }
- }
+ public Result<FutureDAO.Data> create(AuthzTrans trans, FutureDAO.Data data, String id) {
+ // If ID is not set (typical), create one.
+ if(data.id==null) {
+ StringBuilder sb = new StringBuilder(trans.user());
+ sb.append(data.target);
+ sb.append(System.currentTimeMillis());
+ data.id = UUID.nameUUIDFromBytes(sb.toString().getBytes());
+ }
+ Result<ResultSet> rs = createPS.exec(trans, C_TEXT, data);
+ if(rs.notOK()) {
+ return Result.err(rs);
+ }
+ wasModified(trans, CRUD.create, data, null, id);
+ return Result.ok(data);
+ }
+
+ /**
+ * Log Modification statements to History
+ *
+ * @param modified which CRUD action was done
+ * @param data entity data that needs a log entry
+ * @param overrideMessage if this is specified, we use it rather than crafting a history message based on data
+ */
+ @Override
+ protected void wasModified(AuthzTrans trans, CRUD modified, Data data, String ... override) {
+ boolean memo = override.length>0 && override[0]!=null;
+ boolean subject = override.length>1 && override[1]!=null;
+ HistoryDAO.Data hd = HistoryDAO.newInitedData();
+ hd.user = trans.user();
+ hd.action = modified.name();
+ hd.target = TABLE;
+ hd.subject = subject?override[1]:"";
+ hd.memo = memo?String.format("%s by %s", override[0], hd.user):data.memo;
+
+ if(historyDAO.create(trans, hd).status!=Status.OK) {
+ trans.error().log("Cannot log to History");
+ }
+ }
}
diff --git a/auth/auth-cass/src/main/java/org/onap/aaf/auth/dao/cass/HistoryDAO.java b/auth/auth-cass/src/main/java/org/onap/aaf/auth/dao/cass/HistoryDAO.java
index 13af8795..ce7e5477 100644
--- a/auth/auth-cass/src/main/java/org/onap/aaf/auth/dao/cass/HistoryDAO.java
+++ b/auth/auth-cass/src/main/java/org/onap/aaf/auth/dao/cass/HistoryDAO.java
@@ -54,175 +54,175 @@ import com.datastax.driver.core.Row;
*
*/
public class HistoryDAO extends CassDAOImpl<AuthzTrans, HistoryDAO.Data> {
- private static final String TABLE = "history";
-
- private String[] helpers;
-
- private HistLoader defLoader;
-
- private AbsCassDAO<AuthzTrans, Data>.PSInfo readByUser, readBySubject, readByYRMN;
-
- public HistoryDAO(AuthzTrans trans, Cluster cluster, String keyspace) {
- super(trans, HistoryDAO.class.getSimpleName(),cluster,keyspace,Data.class,TABLE,ConsistencyLevel.LOCAL_ONE,ConsistencyLevel.ANY);
- init(trans);
- }
-
- public HistoryDAO(AuthzTrans trans, AbsCassDAO<AuthzTrans,?> aDao) {
- super(trans, HistoryDAO.class.getSimpleName(),aDao,Data.class,TABLE,ConsistencyLevel.LOCAL_ONE,ConsistencyLevel.ANY);
- init(trans);
- }
-
-
- private static final int KEYLIMIT = 1;
- public static class Data {
- public UUID id;
- public int yr_mon;
- public String user;
- public String action;
- public String target;
- public String subject;
- public String memo;
- public ByteBuffer reconstruct;
- }
-
- private static class HistLoader extends Loader<Data> {
- public HistLoader(int keylimit) {
- super(keylimit);
- }
-
- @Override
- public Data load(Data data, Row row) {
- data.id = row.getUUID(0);
- data.yr_mon = row.getInt(1);
- data.user = row.getString(2);
- data.action = row.getString(3);
- data.target = row.getString(4);
- data.subject = row.getString(5);
- data.memo = row.getString(6);
- data.reconstruct = row.getBytes(7);
- return data;
- }
-
- @Override
- protected void key(Data data, int idx, Object[] obj) {
- obj[idx]=data.id;
- }
-
- @Override
- protected void body(Data data, int _idx, Object[] obj) {
- int idx = _idx;
- obj[idx]=data.yr_mon;
- obj[++idx]=data.user;
- obj[++idx]=data.action;
- obj[++idx]=data.target;
- obj[++idx]=data.subject;
- obj[++idx]=data.memo;
-// obj[++idx]=data.detail;
- obj[++idx]=data.reconstruct;
- }
- };
-
- private void init(AuthzTrans trans) {
- // Loader must match fields order
- defLoader = new HistLoader(KEYLIMIT);
- helpers = setCRUD(trans, TABLE, Data.class, defLoader);
-
- // Need a specialty Creator to handle the "now()"
- // 9/9/2013 - Jonathan - Just great... now() is evaluated once on Client side, invalidating usage (what point is a now() from a long time in the past?
- // Unless this is fixed, we're putting in non-prepared statement
- // Solved in Cassandra. Make sure you are running 1.2.6 Cassandra or later. https://issues.apache.org/jira/browse/CASSANDRA-5616
- replace(CRUD.create, new PSInfo(trans, "INSERT INTO history (" + helpers[FIELD_COMMAS] +
- ") VALUES(now(),?,?,?,?,?,?,?)",
- new HistLoader(0) {
- @Override
- protected void key(Data data, int idx, Object[] obj) {
- }
- },writeConsistency)
- );
-// disable(CRUD.Create);
-
- replace(CRUD.read, new PSInfo(trans, SELECT_SP + helpers[FIELD_COMMAS] +
- " FROM history WHERE id = ?", defLoader,readConsistency)
-// new HistLoader(2) {
-// @Override
-// protected void key(Data data, int idx, Object[] obj) {
-// obj[idx]=data.yr_mon;
-// obj[++idx]=data.id;
-// }
-// })
- );
- disable(CRUD.update);
- disable(CRUD.delete);
-
- readByUser = new PSInfo(trans, SELECT_SP + helpers[FIELD_COMMAS] +
- " FROM history WHERE user = ?", defLoader,readConsistency);
- readBySubject = new PSInfo(trans, SELECT_SP + helpers[FIELD_COMMAS] +
- " FROM history WHERE subject = ? and target = ? ALLOW FILTERING", defLoader,readConsistency);
- readByYRMN = new PSInfo(trans, SELECT_SP + helpers[FIELD_COMMAS] +
- " FROM history WHERE yr_mon = ?", defLoader,readConsistency);
- async(true); //TODO dropping messages with Async
- }
-
- public static Data newInitedData() {
- Data data = new Data();
- Date now = new Date();
- // Sonar claims that SimpleDateFormat is not thread safe, so we can't be static
- data.yr_mon = Integer.parseInt(new SimpleDateFormat("yyyyMM").format(now));
- // data.day_time = Integer.parseInt(dayTimeFormat.format(now));
- return data;
- }
-
- public Result<List<Data>> readByYYYYMM(AuthzTrans trans, int yyyymm) {
- Result<ResultSet> rs = readByYRMN.exec(trans, "yr_mon", yyyymm);
- if(rs.notOK()) {
- return Result.err(rs);
- }
- return extract(defLoader,rs.value,null,dflt);
- }
-
- /**
- * Gets the history for a user in the specified year and month
- * year - the year in yyyy format
- * month - the month in a year ...values 1 - 12
- **/
- public Result<List<Data>> readByUser(AuthzTrans trans, String user, int ... yyyymm) {
- if(yyyymm.length==0) {
- return Result.err(Status.ERR_BadData, "No or invalid yyyymm specified");
- }
- Result<ResultSet> rs = readByUser.exec(trans, "user", user);
- if(rs.notOK()) {
- return Result.err(rs);
- }
- return extract(defLoader,rs.value,null,yyyymm.length>0?new YYYYMM(yyyymm):dflt);
- }
-
- public Result<List<Data>> readBySubject(AuthzTrans trans, String subject, String target, int ... yyyymm) {
- if(yyyymm.length==0) {
- return Result.err(Status.ERR_BadData, "No or invalid yyyymm specified");
- }
- Result<ResultSet> rs = readBySubject.exec(trans, "subject", subject, target);
- if(rs.notOK()) {
- return Result.err(rs);
- }
- return extract(defLoader,rs.value,null,yyyymm.length>0?new YYYYMM(yyyymm):dflt);
- }
-
- private class YYYYMM implements Accept<Data> {
- private int[] yyyymm;
- public YYYYMM(int yyyymm[]) {
- this.yyyymm = yyyymm;
- }
- @Override
- public boolean ok(Data data) {
- int dym = data.yr_mon;
- for(int ym:yyyymm) {
- if(dym==ym) {
- return true;
- }
- }
- return false;
- }
-
- };
-
+ private static final String TABLE = "history";
+
+ private String[] helpers;
+
+ private HistLoader defLoader;
+
+ private AbsCassDAO<AuthzTrans, Data>.PSInfo readByUser, readBySubject, readByYRMN;
+
+ public HistoryDAO(AuthzTrans trans, Cluster cluster, String keyspace) {
+ super(trans, HistoryDAO.class.getSimpleName(),cluster,keyspace,Data.class,TABLE,ConsistencyLevel.LOCAL_ONE,ConsistencyLevel.ANY);
+ init(trans);
+ }
+
+ public HistoryDAO(AuthzTrans trans, AbsCassDAO<AuthzTrans,?> aDao) {
+ super(trans, HistoryDAO.class.getSimpleName(),aDao,Data.class,TABLE,ConsistencyLevel.LOCAL_ONE,ConsistencyLevel.ANY);
+ init(trans);
+ }
+
+
+ private static final int KEYLIMIT = 1;
+ public static class Data {
+ public UUID id;
+ public int yr_mon;
+ public String user;
+ public String action;
+ public String target;
+ public String subject;
+ public String memo;
+ public ByteBuffer reconstruct;
+ }
+
+ private static class HistLoader extends Loader<Data> {
+ public HistLoader(int keylimit) {
+ super(keylimit);
+ }
+
+ @Override
+ public Data load(Data data, Row row) {
+ data.id = row.getUUID(0);
+ data.yr_mon = row.getInt(1);
+ data.user = row.getString(2);
+ data.action = row.getString(3);
+ data.target = row.getString(4);
+ data.subject = row.getString(5);
+ data.memo = row.getString(6);
+ data.reconstruct = row.getBytes(7);
+ return data;
+ }
+
+ @Override
+ protected void key(Data data, int idx, Object[] obj) {
+ obj[idx]=data.id;
+ }
+
+ @Override
+ protected void body(Data data, int _idx, Object[] obj) {
+ int idx = _idx;
+ obj[idx]=data.yr_mon;
+ obj[++idx]=data.user;
+ obj[++idx]=data.action;
+ obj[++idx]=data.target;
+ obj[++idx]=data.subject;
+ obj[++idx]=data.memo;
+// obj[++idx]=data.detail;
+ obj[++idx]=data.reconstruct;
+ }
+ };
+
+ private void init(AuthzTrans trans) {
+ // Loader must match fields order
+ defLoader = new HistLoader(KEYLIMIT);
+ helpers = setCRUD(trans, TABLE, Data.class, defLoader);
+
+ // Need a specialty Creator to handle the "now()"
+ // 9/9/2013 - Jonathan - Just great... now() is evaluated once on Client side, invalidating usage (what point is a now() from a long time in the past?
+ // Unless this is fixed, we're putting in non-prepared statement
+ // Solved in Cassandra. Make sure you are running 1.2.6 Cassandra or later. https://issues.apache.org/jira/browse/CASSANDRA-5616
+ replace(CRUD.create, new PSInfo(trans, "INSERT INTO history (" + helpers[FIELD_COMMAS] +
+ ") VALUES(now(),?,?,?,?,?,?,?)",
+ new HistLoader(0) {
+ @Override
+ protected void key(Data data, int idx, Object[] obj) {
+ }
+ },writeConsistency)
+ );
+// disable(CRUD.Create);
+
+ replace(CRUD.read, new PSInfo(trans, SELECT_SP + helpers[FIELD_COMMAS] +
+ " FROM history WHERE id = ?", defLoader,readConsistency)
+// new HistLoader(2) {
+// @Override
+// protected void key(Data data, int idx, Object[] obj) {
+// obj[idx]=data.yr_mon;
+// obj[++idx]=data.id;
+// }
+// })
+ );
+ disable(CRUD.update);
+ disable(CRUD.delete);
+
+ readByUser = new PSInfo(trans, SELECT_SP + helpers[FIELD_COMMAS] +
+ " FROM history WHERE user = ?", defLoader,readConsistency);
+ readBySubject = new PSInfo(trans, SELECT_SP + helpers[FIELD_COMMAS] +
+ " FROM history WHERE subject = ? and target = ? ALLOW FILTERING", defLoader,readConsistency);
+ readByYRMN = new PSInfo(trans, SELECT_SP + helpers[FIELD_COMMAS] +
+ " FROM history WHERE yr_mon = ?", defLoader,readConsistency);
+ async(true); //TODO dropping messages with Async
+ }
+
+ public static Data newInitedData() {
+ Data data = new Data();
+ Date now = new Date();
+ // Sonar claims that SimpleDateFormat is not thread safe, so we can't be static
+ data.yr_mon = Integer.parseInt(new SimpleDateFormat("yyyyMM").format(now));
+ // data.day_time = Integer.parseInt(dayTimeFormat.format(now));
+ return data;
+ }
+
+ public Result<List<Data>> readByYYYYMM(AuthzTrans trans, int yyyymm) {
+ Result<ResultSet> rs = readByYRMN.exec(trans, "yr_mon", yyyymm);
+ if(rs.notOK()) {
+ return Result.err(rs);
+ }
+ return extract(defLoader,rs.value,null,dflt);
+ }
+
+ /**
+ * Gets the history for a user in the specified year and month
+ * year - the year in yyyy format
+ * month - the month in a year ...values 1 - 12
+ **/
+ public Result<List<Data>> readByUser(AuthzTrans trans, String user, int ... yyyymm) {
+ if(yyyymm.length==0) {
+ return Result.err(Status.ERR_BadData, "No or invalid yyyymm specified");
+ }
+ Result<ResultSet> rs = readByUser.exec(trans, "user", user);
+ if(rs.notOK()) {
+ return Result.err(rs);
+ }
+ return extract(defLoader,rs.value,null,yyyymm.length>0?new YYYYMM(yyyymm):dflt);
+ }
+
+ public Result<List<Data>> readBySubject(AuthzTrans trans, String subject, String target, int ... yyyymm) {
+ if(yyyymm.length==0) {
+ return Result.err(Status.ERR_BadData, "No or invalid yyyymm specified");
+ }
+ Result<ResultSet> rs = readBySubject.exec(trans, "subject", subject, target);
+ if(rs.notOK()) {
+ return Result.err(rs);
+ }
+ return extract(defLoader,rs.value,null,yyyymm.length>0?new YYYYMM(yyyymm):dflt);
+ }
+
+ private class YYYYMM implements Accept<Data> {
+ private int[] yyyymm;
+ public YYYYMM(int yyyymm[]) {
+ this.yyyymm = yyyymm;
+ }
+ @Override
+ public boolean ok(Data data) {
+ int dym = data.yr_mon;
+ for(int ym:yyyymm) {
+ if(dym==ym) {
+ return true;
+ }
+ }
+ return false;
+ }
+
+ };
+
}
diff --git a/auth/auth-cass/src/main/java/org/onap/aaf/auth/dao/cass/LocateDAO.java b/auth/auth-cass/src/main/java/org/onap/aaf/auth/dao/cass/LocateDAO.java
index 4778331b..5d7aebed 100644
--- a/auth/auth-cass/src/main/java/org/onap/aaf/auth/dao/cass/LocateDAO.java
+++ b/auth/auth-cass/src/main/java/org/onap/aaf/auth/dao/cass/LocateDAO.java
@@ -50,7 +50,7 @@ import com.datastax.driver.core.Row;
*/
public class LocateDAO extends CassDAOImpl<AuthzTrans,LocateDAO.Data> {
public static final String TABLE = "locate";
- private AbsCassDAO<AuthzTrans, Data>.PSInfo psName;
+ private AbsCassDAO<AuthzTrans, Data>.PSInfo psName;
public LocateDAO(AuthzTrans trans, Cluster cluster, String keyspace) throws APIException, IOException {
super(trans, LocateDAO.class.getSimpleName(),cluster, keyspace, Data.class,TABLE, readConsistency(trans,TABLE), writeConsistency(trans,TABLE));
@@ -63,68 +63,68 @@ public class LocateDAO extends CassDAOImpl<AuthzTrans,LocateDAO.Data> {
}
public static final int KEYLIMIT = 3;
- public static class Data implements Bytification {
-
- public String name;
- public String hostname;
- public int port;
- public int major;
- public int minor;
- public int patch;
- public int pkg;
- public float latitude;
- public float longitude;
- public String protocol;
- private Set<String> subprotocol;
- public UUID port_key; // Note: Keep Port_key LAST at all times, because we shorten the UPDATE to leave Port_key Alone during reregistration.
+ public static class Data implements Bytification {
+
+ public String name;
+ public String hostname;
+ public int port;
+ public int major;
+ public int minor;
+ public int patch;
+ public int pkg;
+ public float latitude;
+ public float longitude;
+ public String protocol;
+ private Set<String> subprotocol;
+ public UUID port_key; // Note: Keep Port_key LAST at all times, because we shorten the UPDATE to leave Port_key Alone during reregistration.
- // Getters
- public Set<String> subprotocol(boolean mutable) {
- if (subprotocol == null) {
- subprotocol = new HashSet<>();
- } else if (mutable && !(subprotocol instanceof HashSet)) {
- subprotocol = new HashSet<>(subprotocol);
- }
- return subprotocol;
- }
-
+ // Getters
+ public Set<String> subprotocol(boolean mutable) {
+ if (subprotocol == null) {
+ subprotocol = new HashSet<>();
+ } else if (mutable && !(subprotocol instanceof HashSet)) {
+ subprotocol = new HashSet<>(subprotocol);
+ }
+ return subprotocol;
+ }
+
+ @Override
+ public ByteBuffer bytify() throws IOException {
+ ByteArrayOutputStream baos = new ByteArrayOutputStream();
+ LocateLoader.deflt.marshal(this,new DataOutputStream(baos));
+ return ByteBuffer.wrap(baos.toByteArray());
+ }
+
@Override
- public ByteBuffer bytify() throws IOException {
- ByteArrayOutputStream baos = new ByteArrayOutputStream();
- LocateLoader.deflt.marshal(this,new DataOutputStream(baos));
- return ByteBuffer.wrap(baos.toByteArray());
- }
-
- @Override
- public void reconstitute(ByteBuffer bb) throws IOException {
- LocateLoader.deflt.unmarshal(this, toDIS(bb));
- }
+ public void reconstitute(ByteBuffer bb) throws IOException {
+ LocateLoader.deflt.unmarshal(this, toDIS(bb));
+ }
}
private static class LocateLoader extends Loader<Data> implements Streamer<Data>{
- public static final int MAGIC=85102934;
- public static final int VERSION=1;
- public static final int BUFF_SIZE=48; // Note:
-
- public static final LocateLoader deflt = new LocateLoader(KEYLIMIT);
- public LocateLoader(int keylimit) {
- super(keylimit);
+ public static final int MAGIC=85102934;
+ public static final int VERSION=1;
+ public static final int BUFF_SIZE=48; // Note:
+
+ public static final LocateLoader deflt = new LocateLoader(KEYLIMIT);
+ public LocateLoader(int keylimit) {
+ super(keylimit);
}
- @Override
+ @Override
public Data load(Data data, Row row) {
- data.name = row.getString(0);
- data.hostname = row.getString(1);
- data.port = row.getInt(2);
- data.major = row.getInt(3);
- data.minor = row.getInt(4);
- data.patch = row.getInt(5);
- data.pkg = row.getInt(6);
- data.latitude = row.getFloat(7);
- data.longitude = row.getFloat(8);
- data.protocol = row.getString(9);
- data.subprotocol = row.getSet(10,String.class);
- data.port_key = row.getUUID(11);
+ data.name = row.getString(0);
+ data.hostname = row.getString(1);
+ data.port = row.getInt(2);
+ data.major = row.getInt(3);
+ data.minor = row.getInt(4);
+ data.patch = row.getInt(5);
+ data.pkg = row.getInt(6);
+ data.latitude = row.getFloat(7);
+ data.longitude = row.getFloat(8);
+ data.protocol = row.getString(9);
+ data.subprotocol = row.getSet(10,String.class);
+ data.port_key = row.getUUID(11);
return data;
}
@@ -137,7 +137,7 @@ public class LocateDAO extends CassDAOImpl<AuthzTrans,LocateDAO.Data> {
@Override
protected void body(final Data data, final int _idx, final Object[] obj) {
- int idx = _idx;
+ int idx = _idx;
obj[idx] = data.major;
obj[++idx] = data.minor;
obj[++idx] = data.patch;
@@ -149,73 +149,73 @@ public class LocateDAO extends CassDAOImpl<AuthzTrans,LocateDAO.Data> {
obj[++idx] = data.port_key;
}
- @Override
- public void marshal(Data data, DataOutputStream os) throws IOException {
- writeHeader(os,MAGIC,VERSION);
- writeString(os, data.name);
- writeString(os, data.hostname);
- os.writeInt(data.port);
- os.writeInt(data.major);
- os.writeInt(data.minor);
- os.writeInt(data.patch);
- os.writeInt(data.pkg);
- os.writeFloat(data.latitude);
- os.writeFloat(data.longitude);
- writeString(os, data.protocol);
- if(data.subprotocol==null) {
- os.writeInt(0);
- } else {
- os.writeInt(data.subprotocol.size());
- for(String s: data.subprotocol) {
- writeString(os,s);
- }
- }
-
- writeString(os,data.port_key==null?"":data.port_key.toString());
- }
+ @Override
+ public void marshal(Data data, DataOutputStream os) throws IOException {
+ writeHeader(os,MAGIC,VERSION);
+ writeString(os, data.name);
+ writeString(os, data.hostname);
+ os.writeInt(data.port);
+ os.writeInt(data.major);
+ os.writeInt(data.minor);
+ os.writeInt(data.patch);
+ os.writeInt(data.pkg);
+ os.writeFloat(data.latitude);
+ os.writeFloat(data.longitude);
+ writeString(os, data.protocol);
+ if(data.subprotocol==null) {
+ os.writeInt(0);
+ } else {
+ os.writeInt(data.subprotocol.size());
+ for(String s: data.subprotocol) {
+ writeString(os,s);
+ }
+ }
+
+ writeString(os,data.port_key==null?"":data.port_key.toString());
+ }
- @Override
- public void unmarshal(Data data, DataInputStream is) throws IOException {
- /*int version = */readHeader(is,MAGIC,VERSION);
- // If Version Changes between Production runs, you'll need to do a switch Statement, and adequately read in fields
- byte[] buff = new byte[BUFF_SIZE];
- data.name = readString(is,buff);
- data.hostname = readString(is,buff);
- data.port = is.readInt();
- data.major = is.readInt();
- data.minor = is.readInt();
- data.patch = is.readInt();
- data.pkg = is.readInt();
- data.latitude = is.readFloat();
- data.longitude = is.readFloat();
- data.protocol = readString(is,buff);
-
- int size = is.readInt();
- data.subprotocol = new HashSet<>(size);
- for(int i=0;i<size;++i) {
- data.subprotocol.add(readString(is,buff));
- }
- String port_key = readString(is,buff);
- if(port_key.length()>0) {
- data.port_key=UUID.fromString(port_key);
- } else {
- data.port_key = null;
- }
- }
+ @Override
+ public void unmarshal(Data data, DataInputStream is) throws IOException {
+ /*int version = */readHeader(is,MAGIC,VERSION);
+ // If Version Changes between Production runs, you'll need to do a switch Statement, and adequately read in fields
+ byte[] buff = new byte[BUFF_SIZE];
+ data.name = readString(is,buff);
+ data.hostname = readString(is,buff);
+ data.port = is.readInt();
+ data.major = is.readInt();
+ data.minor = is.readInt();
+ data.patch = is.readInt();
+ data.pkg = is.readInt();
+ data.latitude = is.readFloat();
+ data.longitude = is.readFloat();
+ data.protocol = readString(is,buff);
+
+ int size = is.readInt();
+ data.subprotocol = new HashSet<>(size);
+ for(int i=0;i<size;++i) {
+ data.subprotocol.add(readString(is,buff));
+ }
+ String port_key = readString(is,buff);
+ if(port_key.length()>0) {
+ data.port_key=UUID.fromString(port_key);
+ } else {
+ data.port_key = null;
+ }
+ }
}
public Result<List<LocateDAO.Data>> readByName(AuthzTrans trans, String service) {
- return psName.read(trans, "Read By Name", new Object[] {service});
+ return psName.read(trans, "Read By Name", new Object[] {service});
}
private void init(AuthzTrans trans) throws APIException, IOException {
// Set up sub-DAOs
- String[] helpers = setCRUD(trans, TABLE, Data.class, LocateLoader.deflt);
-// int lastComma = helpers[ASSIGNMENT_COMMAS].lastIndexOf(',');
-// replace(CRUD.update,new PSInfo(trans,"UPDATE LOCATE SET " + helpers[ASSIGNMENT_COMMAS].substring(0, lastComma) +
-// " WHERE name=? AND hostname=? AND port=?;", new LocateLoader(3),writeConsistency));
- psName = new PSInfo(trans, SELECT_SP + helpers[FIELD_COMMAS] + " FROM " + TABLE +
- " WHERE name = ?", new LocateLoader(1),readConsistency);
+ String[] helpers = setCRUD(trans, TABLE, Data.class, LocateLoader.deflt);
+// int lastComma = helpers[ASSIGNMENT_COMMAS].lastIndexOf(',');
+// replace(CRUD.update,new PSInfo(trans,"UPDATE LOCATE SET " + helpers[ASSIGNMENT_COMMAS].substring(0, lastComma) +
+// " WHERE name=? AND hostname=? AND port=?;", new LocateLoader(3),writeConsistency));
+ psName = new PSInfo(trans, SELECT_SP + helpers[FIELD_COMMAS] + " FROM " + TABLE +
+ " WHERE name = ?", new LocateLoader(1),readConsistency);
}
/**
diff --git a/auth/auth-cass/src/main/java/org/onap/aaf/auth/dao/cass/Namespace.java b/auth/auth-cass/src/main/java/org/onap/aaf/auth/dao/cass/Namespace.java
index 11ee4bcb..29ac379b 100644
--- a/auth/auth-cass/src/main/java/org/onap/aaf/auth/dao/cass/Namespace.java
+++ b/auth/auth-cass/src/main/java/org/onap/aaf/auth/dao/cass/Namespace.java
@@ -37,114 +37,114 @@ import org.onap.aaf.auth.rserv.Pair;
public class Namespace implements Bytification {
- public static final int MAGIC=250935515;
- public static final int VERSION=1;
- public static final int BUFF_SIZE=48;
+ public static final int MAGIC=250935515;
+ public static final int VERSION=1;
+ public static final int BUFF_SIZE=48;
- public String name;
- public List<String> owner;
- public List<String> admin;
- public List<Pair<String,String>> attrib;
- public String description;
- public Integer type;
- public String parent;
- public Namespace() {}
-
- public Namespace(NsDAO.Data ndd) {
- name = ndd.name;
- description = ndd.description;
- type = ndd.type;
- parent = ndd.parent;
- if(ndd.attrib!=null && !ndd.attrib.isEmpty()) {
- attrib = new ArrayList<>();
- for( Entry<String, String> entry : ndd.attrib.entrySet()) {
- attrib.add(new Pair<String,String>(entry.getKey(),entry.getValue()));
- }
- }
- }
-
- public Namespace(NsDAO.Data ndd,List<String> owner, List<String> admin) {
- name = ndd.name;
- this.owner = owner;
- this.admin = admin;
- description = ndd.description;
- type = ndd.type;
- parent = ndd.parent;
- if(ndd.attrib!=null && !ndd.attrib.isEmpty()) {
- attrib = new ArrayList<>();
- for( Entry<String, String> entry : ndd.attrib.entrySet()) {
- attrib.add(new Pair<String,String>(entry.getKey(),entry.getValue()));
- }
- }
- }
+ public String name;
+ public List<String> owner;
+ public List<String> admin;
+ public List<Pair<String,String>> attrib;
+ public String description;
+ public Integer type;
+ public String parent;
+ public Namespace() {}
+
+ public Namespace(NsDAO.Data ndd) {
+ name = ndd.name;
+ description = ndd.description;
+ type = ndd.type;
+ parent = ndd.parent;
+ if(ndd.attrib!=null && !ndd.attrib.isEmpty()) {
+ attrib = new ArrayList<>();
+ for( Entry<String, String> entry : ndd.attrib.entrySet()) {
+ attrib.add(new Pair<String,String>(entry.getKey(),entry.getValue()));
+ }
+ }
+ }
+
+ public Namespace(NsDAO.Data ndd,List<String> owner, List<String> admin) {
+ name = ndd.name;
+ this.owner = owner;
+ this.admin = admin;
+ description = ndd.description;
+ type = ndd.type;
+ parent = ndd.parent;
+ if(ndd.attrib!=null && !ndd.attrib.isEmpty()) {
+ attrib = new ArrayList<>();
+ for( Entry<String, String> entry : ndd.attrib.entrySet()) {
+ attrib.add(new Pair<String,String>(entry.getKey(),entry.getValue()));
+ }
+ }
+ }
- public NsDAO.Data data() {
- NsDAO.Data ndd = new NsDAO.Data();
- ndd.name = name;
- ndd.description = description;
- ndd.parent = parent;
- ndd.type = type;
- return ndd;
- }
+ public NsDAO.Data data() {
+ NsDAO.Data ndd = new NsDAO.Data();
+ ndd.name = name;
+ ndd.description = description;
+ ndd.parent = parent;
+ ndd.type = type;
+ return ndd;
+ }
- @Override
- public ByteBuffer bytify() throws IOException {
- ByteArrayOutputStream baos = new ByteArrayOutputStream();
- DataOutputStream os = new DataOutputStream(baos);
+ @Override
+ public ByteBuffer bytify() throws IOException {
+ ByteArrayOutputStream baos = new ByteArrayOutputStream();
+ DataOutputStream os = new DataOutputStream(baos);
- Loader.writeHeader(os,MAGIC,VERSION);
- Loader.writeString(os, name);
- os.writeInt(type);
- Loader.writeStringSet(os,admin);
- Loader.writeStringSet(os,owner);
- Loader.writeString(os,description);
- Loader.writeString(os,parent);
+ Loader.writeHeader(os,MAGIC,VERSION);
+ Loader.writeString(os, name);
+ os.writeInt(type);
+ Loader.writeStringSet(os,admin);
+ Loader.writeStringSet(os,owner);
+ Loader.writeString(os,description);
+ Loader.writeString(os,parent);
- return ByteBuffer.wrap(baos.toByteArray());
- }
+ return ByteBuffer.wrap(baos.toByteArray());
+ }
- @Override
- public void reconstitute(ByteBuffer bb) throws IOException {
- DataInputStream is = CassDAOImpl.toDIS(bb);
- /*int version = */Loader.readHeader(is,MAGIC,VERSION);
- // If Version Changes between Production runs, you'll need to do a switch Statement, and adequately read in fields
-
- byte[] buff = new byte[BUFF_SIZE];
- name = Loader.readString(is, buff);
- type = is.readInt();
- admin = Loader.readStringList(is,buff);
- owner = Loader.readStringList(is,buff);
- description = Loader.readString(is,buff);
- parent = Loader.readString(is,buff);
-
- }
+ @Override
+ public void reconstitute(ByteBuffer bb) throws IOException {
+ DataInputStream is = CassDAOImpl.toDIS(bb);
+ /*int version = */Loader.readHeader(is,MAGIC,VERSION);
+ // If Version Changes between Production runs, you'll need to do a switch Statement, and adequately read in fields
+
+ byte[] buff = new byte[BUFF_SIZE];
+ name = Loader.readString(is, buff);
+ type = is.readInt();
+ admin = Loader.readStringList(is,buff);
+ owner = Loader.readStringList(is,buff);
+ description = Loader.readString(is,buff);
+ parent = Loader.readString(is,buff);
+
+ }
- /* (non-Javadoc)
- * @see java.lang.Object#hashCode()
- */
- @Override
- public int hashCode() {
- return name.hashCode();
- }
-
+ /* (non-Javadoc)
+ * @see java.lang.Object#hashCode()
+ */
+ @Override
+ public int hashCode() {
+ return name.hashCode();
+ }
+
- /* (non-Javadoc)
- * @see java.lang.Object#toString()
- */
- @Override
- public String toString() {
- return name.toString();
- }
+ /* (non-Javadoc)
+ * @see java.lang.Object#toString()
+ */
+ @Override
+ public String toString() {
+ return name.toString();
+ }
- /* (non-Javadoc)
- * @see java.lang.Object#equals(java.lang.Object)
- */
- @Override
- public boolean equals(Object arg0) {
- if(arg0==null || !(arg0 instanceof Namespace)) {
- return false;
- }
- return name.equals(((Namespace)arg0).name);
- }
+ /* (non-Javadoc)
+ * @see java.lang.Object#equals(java.lang.Object)
+ */
+ @Override
+ public boolean equals(Object arg0) {
+ if(arg0==null || !(arg0 instanceof Namespace)) {
+ return false;
+ }
+ return name.equals(((Namespace)arg0).name);
+ }
}
diff --git a/auth/auth-cass/src/main/java/org/onap/aaf/auth/dao/cass/NsDAO.java b/auth/auth-cass/src/main/java/org/onap/aaf/auth/dao/cass/NsDAO.java
index 07890544..30f0d6b5 100644
--- a/auth/auth-cass/src/main/java/org/onap/aaf/auth/dao/cass/NsDAO.java
+++ b/auth/auth-cass/src/main/java/org/onap/aaf/auth/dao/cass/NsDAO.java
@@ -61,33 +61,33 @@ import com.datastax.driver.core.exceptions.DriverException;
*
*/
public class NsDAO extends CassDAOImpl<AuthzTrans,NsDAO.Data> {
- public static final String TABLE = "ns";
- public static final String TABLE_ATTRIB = "ns_attrib";
+ public static final String TABLE = "ns";
+ public static final String TABLE_ATTRIB = "ns_attrib";
public static final int CACHE_SEG = 0x40; // yields segment 0x0-0x3F
public static final int ROOT = 1;
public static final int COMPANY=2;
public static final int APP = 3;
- private static final String BEGIN_BATCH = "BEGIN BATCH\n";
- private static final String APPLY_BATCH = "\nAPPLY BATCH;\n";
- private static final String SQSCCR = "';\n";
- private static final String SQCSQ = "','";
+ private static final String BEGIN_BATCH = "BEGIN BATCH\n";
+ private static final String APPLY_BATCH = "\nAPPLY BATCH;\n";
+ private static final String SQSCCR = "';\n";
+ private static final String SQCSQ = "','";
- private HistoryDAO historyDAO;
- private CacheInfoDAO infoDAO;
- private PSInfo psNS;
+ private HistoryDAO historyDAO;
+ private CacheInfoDAO infoDAO;
+ private PSInfo psNS;
- public NsDAO(AuthzTrans trans, Cluster cluster, String keyspace) throws APIException, IOException {
- super(trans, NsDAO.class.getSimpleName(),cluster,keyspace,Data.class,TABLE, readConsistency(trans,TABLE), writeConsistency(trans,TABLE));
- init(trans);
- }
+ public NsDAO(AuthzTrans trans, Cluster cluster, String keyspace) throws APIException, IOException {
+ super(trans, NsDAO.class.getSimpleName(),cluster,keyspace,Data.class,TABLE, readConsistency(trans,TABLE), writeConsistency(trans,TABLE));
+ init(trans);
+ }
- public NsDAO(AuthzTrans trans, HistoryDAO hDAO, CacheInfoDAO iDAO) throws APIException, IOException {
- super(trans, NsDAO.class.getSimpleName(),hDAO,Data.class,TABLE, readConsistency(trans,TABLE), writeConsistency(trans,TABLE));
- historyDAO=hDAO;
- infoDAO = iDAO;
- init(trans);
- }
+ public NsDAO(AuthzTrans trans, HistoryDAO hDAO, CacheInfoDAO iDAO) throws APIException, IOException {
+ super(trans, NsDAO.class.getSimpleName(),hDAO,Data.class,TABLE, readConsistency(trans,TABLE), writeConsistency(trans,TABLE));
+ historyDAO=hDAO;
+ infoDAO = iDAO;
+ init(trans);
+ }
//////////////////////////////////////////
@@ -99,428 +99,428 @@ public class NsDAO extends CassDAOImpl<AuthzTrans,NsDAO.Data> {
*
* @author Jonathan
*/
- public static class Data extends CacheableData implements Bytification {
- public String name;
- public int type;
- public String description;
- public String parent;
- public Map<String,String> attrib;
-
-// ////////////////////////////////////////
+ public static class Data extends CacheableData implements Bytification {
+ public String name;
+ public int type;
+ public String description;
+ public String parent;
+ public Map<String,String> attrib;
+
+// ////////////////////////////////////////
// // Getters
- public Map<String,String> attrib(boolean mutable) {
- if (attrib == null) {
- attrib = new HashMap<>();
- } else if (mutable && !(attrib instanceof HashMap)) {
- attrib = new HashMap<>(attrib);
- }
- return attrib;
- }
-
- @Override
- public int[] invalidate(Cached<?,?> cache) {
- return new int[] {
- seg(cache,name)
- };
- }
-
- public NsSplit split(String name) {
- return new NsSplit(this,name);
- }
-
- @Override
- public ByteBuffer bytify() throws IOException {
- ByteArrayOutputStream baos = new ByteArrayOutputStream();
- NSLoader.deflt.marshal(this,new DataOutputStream(baos));
- return ByteBuffer.wrap(baos.toByteArray());
- }
-
- @Override
- public void reconstitute(ByteBuffer bb) throws IOException {
- NSLoader.deflt.unmarshal(this,toDIS(bb));
- }
-
- @Override
- public String toString() {
- return name;
- }
-
+ public Map<String,String> attrib(boolean mutable) {
+ if (attrib == null) {
+ attrib = new HashMap<>();
+ } else if (mutable && !(attrib instanceof HashMap)) {
+ attrib = new HashMap<>(attrib);
+ }
+ return attrib;
+ }
+
+ @Override
+ public int[] invalidate(Cached<?,?> cache) {
+ return new int[] {
+ seg(cache,name)
+ };
+ }
+
+ public NsSplit split(String name) {
+ return new NsSplit(this,name);
+ }
+
+ @Override
+ public ByteBuffer bytify() throws IOException {
+ ByteArrayOutputStream baos = new ByteArrayOutputStream();
+ NSLoader.deflt.marshal(this,new DataOutputStream(baos));
+ return ByteBuffer.wrap(baos.toByteArray());
+ }
+
+ @Override
+ public void reconstitute(ByteBuffer bb) throws IOException {
+ NSLoader.deflt.unmarshal(this,toDIS(bb));
+ }
+
+ @Override
+ public String toString() {
+ return name;
+ }
+
}
private void init(AuthzTrans trans) throws APIException, IOException {
// Set up sub-DAOs
if(historyDAO==null) {
- historyDAO = new HistoryDAO(trans, this);
- }
+ historyDAO = new HistoryDAO(trans, this);
+ }
if(infoDAO==null) {
- infoDAO = new CacheInfoDAO(trans,this);
- }
+ infoDAO = new CacheInfoDAO(trans,this);
+ }
- String[] helpers = setCRUD(trans, TABLE, Data.class, NSLoader.deflt,4/*need to skip attrib */);
-
- psNS = new PSInfo(trans, SELECT_SP + helpers[FIELD_COMMAS] + " FROM " + TABLE +
- " WHERE parent = ?", new NSLoader(1),readConsistency);
+ String[] helpers = setCRUD(trans, TABLE, Data.class, NSLoader.deflt,4/*need to skip attrib */);
+
+ psNS = new PSInfo(trans, SELECT_SP + helpers[FIELD_COMMAS] + " FROM " + TABLE +
+ " WHERE parent = ?", new NSLoader(1),readConsistency);
- }
-
+ }
+
private static final class NSLoader extends Loader<Data> implements Streamer<Data> {
- public static final int MAGIC=250935515;
- public static final int VERSION=1;
- public static final int BUFF_SIZE=48;
-
- public static final NSLoader deflt = new NSLoader(KEYLIMIT);
-
- public NSLoader(int keylimit) {
- super(keylimit);
- }
-
- @Override
- public Data load(Data data, Row row) {
- // Int more efficient
- data.name = row.getString(0);
- data.type = row.getInt(1);
- data.description = row.getString(2);
- data.parent = row.getString(3);
- return data;
- }
-
- @Override
- protected void key(Data data, int idx, Object[] obj) {
- obj[idx]=data.name;
- }
-
- @Override
- protected void body(Data data, int _idx, Object[] obj) {
- int idx = _idx;
-
- obj[idx]=data.type;
- obj[++idx]=data.description;
- obj[++idx]=data.parent;
- }
-
- @Override
- public void marshal(Data data, DataOutputStream os) throws IOException {
- writeHeader(os,MAGIC,VERSION);
- writeString(os, data.name);
- os.writeInt(data.type);
- writeString(os,data.description);
- writeString(os,data.parent);
- if(data.attrib==null) {
- os.writeInt(-1);
- } else {
- os.writeInt(data.attrib.size());
- for(Entry<String, String> es : data.attrib(false).entrySet()) {
- writeString(os,es.getKey());
- writeString(os,es.getValue());
- }
- }
- }
-
- @Override
- public void unmarshal(Data data, DataInputStream is) throws IOException {
- /*int version = */readHeader(is,MAGIC,VERSION);
- // If Version Changes between Production runs, you'll need to do a switch Statement, and adequately read in fields
-
- byte[] buff = new byte[BUFF_SIZE];
- data.name = readString(is, buff);
- data.type = is.readInt();
- data.description = readString(is,buff);
- data.parent = readString(is,buff);
- int count = is.readInt();
- if(count>0) {
- Map<String, String> da = data.attrib(true);
- for(int i=0;i<count;++i) {
- da.put(readString(is,buff), readString(is,buff));
- }
- }
- }
+ public static final int MAGIC=250935515;
+ public static final int VERSION=1;
+ public static final int BUFF_SIZE=48;
+
+ public static final NSLoader deflt = new NSLoader(KEYLIMIT);
+
+ public NSLoader(int keylimit) {
+ super(keylimit);
+ }
+
+ @Override
+ public Data load(Data data, Row row) {
+ // Int more efficient
+ data.name = row.getString(0);
+ data.type = row.getInt(1);
+ data.description = row.getString(2);
+ data.parent = row.getString(3);
+ return data;
+ }
+
+ @Override
+ protected void key(Data data, int idx, Object[] obj) {
+ obj[idx]=data.name;
+ }
+
+ @Override
+ protected void body(Data data, int _idx, Object[] obj) {
+ int idx = _idx;
+
+ obj[idx]=data.type;
+ obj[++idx]=data.description;
+ obj[++idx]=data.parent;
+ }
+
+ @Override
+ public void marshal(Data data, DataOutputStream os) throws IOException {
+ writeHeader(os,MAGIC,VERSION);
+ writeString(os, data.name);
+ os.writeInt(data.type);
+ writeString(os,data.description);
+ writeString(os,data.parent);
+ if(data.attrib==null) {
+ os.writeInt(-1);
+ } else {
+ os.writeInt(data.attrib.size());
+ for(Entry<String, String> es : data.attrib(false).entrySet()) {
+ writeString(os,es.getKey());
+ writeString(os,es.getValue());
+ }
+ }
+ }
+
+ @Override
+ public void unmarshal(Data data, DataInputStream is) throws IOException {
+ /*int version = */readHeader(is,MAGIC,VERSION);
+ // If Version Changes between Production runs, you'll need to do a switch Statement, and adequately read in fields
+
+ byte[] buff = new byte[BUFF_SIZE];
+ data.name = readString(is, buff);
+ data.type = is.readInt();
+ data.description = readString(is,buff);
+ data.parent = readString(is,buff);
+ int count = is.readInt();
+ if(count>0) {
+ Map<String, String> da = data.attrib(true);
+ for(int i=0;i<count;++i) {
+ da.put(readString(is,buff), readString(is,buff));
+ }
+ }
+ }
}
- @Override
- public Result<Data> create(AuthzTrans trans, Data data) {
- String ns = data.name;
- // Ensure Parent is set
- if(data.parent==null) {
- return Result.err(Result.ERR_BadData, "Need parent for %s", ns);
- }
-
- // insert Attributes
- StringBuilder stmt = new StringBuilder();
- stmt.append(BEGIN_BATCH);
- attribInsertStmts(stmt, data);
- stmt.append(APPLY_BATCH);
- try {
- getSession(trans).execute(stmt.toString());
-//// TEST CODE for Exception
-// boolean force = true;
-// if(force) {
-// throw new com.datastax.driver.core.exceptions.NoHostAvailableException(new HashMap<>());
-//// throw new com.datastax.driver.core.exceptions.AuthenticationException(new InetSocketAddress(9999),"Sample Message");
-// }
+ @Override
+ public Result<Data> create(AuthzTrans trans, Data data) {
+ String ns = data.name;
+ // Ensure Parent is set
+ if(data.parent==null) {
+ return Result.err(Result.ERR_BadData, "Need parent for %s", ns);
+ }
+
+ // insert Attributes
+ StringBuilder stmt = new StringBuilder();
+ stmt.append(BEGIN_BATCH);
+ attribInsertStmts(stmt, data);
+ stmt.append(APPLY_BATCH);
+ try {
+ getSession(trans).execute(stmt.toString());
+//// TEST CODE for Exception
+// boolean force = true;
+// if(force) {
+// throw new com.datastax.driver.core.exceptions.NoHostAvailableException(new HashMap<>());
+//// throw new com.datastax.driver.core.exceptions.AuthenticationException(new InetSocketAddress(9999),"Sample Message");
+// }
////END TEST CODE
- } catch (DriverException | APIException | IOException e) {
- reportPerhapsReset(trans,e);
- trans.info().log(stmt);
- return Result.err(Result.ERR_Backend, "Backend Access");
- }
- return super.create(trans, data);
- }
-
- @Override
- public Result<Void> update(AuthzTrans trans, Data data) {
- String ns = data.name;
- // Ensure Parent is set
- if(data.parent==null) {
- return Result.err(Result.ERR_BadData, "Need parent for %s", ns);
- }
-
- StringBuilder stmt = new StringBuilder();
- stmt.append(BEGIN_BATCH);
- try {
- Map<String, String> localAttr = data.attrib;
- Result<Map<String, String>> rremoteAttr = readAttribByNS(trans,ns);
- if(rremoteAttr.notOK()) {
- return Result.err(rremoteAttr);
- }
- // update Attributes
- String str;
- for(Entry<String, String> es : localAttr.entrySet()) {
- str = rremoteAttr.value.get(es.getKey());
- if(str==null || !str.equals(es.getValue())) {
- attribUpdateStmt(stmt, ns, es.getKey(),es.getValue());
- }
- }
-
- // No point in deleting... insert overwrites...
-// for(Entry<String, String> es : remoteAttr.entrySet()) {
-// str = localAttr.get(es.getKey());
-// if(str==null || !str.equals(es.getValue())) {
-// attribDeleteStmt(stmt, ns, es.getKey());
-// }
-// }
- if(stmt.length()>BEGIN_BATCH.length()) {
- stmt.append(APPLY_BATCH);
- getSession(trans).execute(stmt.toString());
- }
- } catch (DriverException | APIException | IOException e) {
- reportPerhapsReset(trans,e);
- trans.info().log(stmt);
- return Result.err(Result.ERR_Backend, CassAccess.ERR_ACCESS_MSG);
- }
-
- return super.update(trans,data);
- }
-
- /* (non-Javadoc)
- * @see org.onap.aaf.auth.dao.CassDAOImpl#read(com.att.inno.env.TransStore, java.lang.Object)
- */
- @Override
- public Result<List<Data>> read(AuthzTrans trans, Data data) {
- Result<List<Data>> rld = super.read(trans, data);
-
- if(rld.isOKhasData()) {
- for(Data d : rld.value) {
- // Note: Map is null at this point, save time/mem by assignment
- Result<Map<String, String>> rabn = readAttribByNS(trans,d.name);
- if(rabn.isOK()) {
- d.attrib = rabn.value;
- } else {
- return Result.err(rabn);
- }
- }
- }
- return rld;
- }
-
- /* (non-Javadoc)
- * @see org.onap.aaf.auth.dao.CassDAOImpl#read(com.att.inno.env.TransStore, java.lang.Object[])
- */
- @Override
- public Result<List<Data>> read(AuthzTrans trans, Object... key) {
- Result<List<Data>> rld = super.read(trans, key);
-
- if(rld.isOKhasData()) {
- for(Data d : rld.value) {
- // Note: Map is null at this point, save time/mem by assignment
- Result<Map<String, String>> rabn = readAttribByNS(trans,d.name);
- if(rabn.isOK()) {
- d.attrib = rabn.value;
- } else {
- return Result.err(rabn);
- }
- }
- }
- return rld;
- }
-
- @Override
- public Result<Void> delete(AuthzTrans trans, Data data, boolean reread) {
- TimeTaken tt = trans.start("Delete NS Attributes " + data.name, Env.REMOTE);
- try {
- StringBuilder stmt = new StringBuilder();
- attribDeleteAllStmt(stmt, data);
- try {
- getSession(trans).execute(stmt.toString());
- } catch (DriverException | APIException | IOException e) {
- reportPerhapsReset(trans,e);
- trans.info().log(stmt);
- return Result.err(Result.ERR_Backend, CassAccess.ERR_ACCESS_MSG);
- }
- } finally {
- tt.done();
- }
- return super.delete(trans, data, reread);
-
- }
+ } catch (DriverException | APIException | IOException e) {
+ reportPerhapsReset(trans,e);
+ trans.info().log(stmt);
+ return Result.err(Result.ERR_Backend, "Backend Access");
+ }
+ return super.create(trans, data);
+ }
+
+ @Override
+ public Result<Void> update(AuthzTrans trans, Data data) {
+ String ns = data.name;
+ // Ensure Parent is set
+ if(data.parent==null) {
+ return Result.err(Result.ERR_BadData, "Need parent for %s", ns);
+ }
+
+ StringBuilder stmt = new StringBuilder();
+ stmt.append(BEGIN_BATCH);
+ try {
+ Map<String, String> localAttr = data.attrib;
+ Result<Map<String, String>> rremoteAttr = readAttribByNS(trans,ns);
+ if(rremoteAttr.notOK()) {
+ return Result.err(rremoteAttr);
+ }
+ // update Attributes
+ String str;
+ for(Entry<String, String> es : localAttr.entrySet()) {
+ str = rremoteAttr.value.get(es.getKey());
+ if(str==null || !str.equals(es.getValue())) {
+ attribUpdateStmt(stmt, ns, es.getKey(),es.getValue());
+ }
+ }
+
+ // No point in deleting... insert overwrites...
+// for(Entry<String, String> es : remoteAttr.entrySet()) {
+// str = localAttr.get(es.getKey());
+// if(str==null || !str.equals(es.getValue())) {
+// attribDeleteStmt(stmt, ns, es.getKey());
+// }
+// }
+ if(stmt.length()>BEGIN_BATCH.length()) {
+ stmt.append(APPLY_BATCH);
+ getSession(trans).execute(stmt.toString());
+ }
+ } catch (DriverException | APIException | IOException e) {
+ reportPerhapsReset(trans,e);
+ trans.info().log(stmt);
+ return Result.err(Result.ERR_Backend, CassAccess.ERR_ACCESS_MSG);
+ }
+
+ return super.update(trans,data);
+ }
+
+ /* (non-Javadoc)
+ * @see org.onap.aaf.auth.dao.CassDAOImpl#read(com.att.inno.env.TransStore, java.lang.Object)
+ */
+ @Override
+ public Result<List<Data>> read(AuthzTrans trans, Data data) {
+ Result<List<Data>> rld = super.read(trans, data);
+
+ if(rld.isOKhasData()) {
+ for(Data d : rld.value) {
+ // Note: Map is null at this point, save time/mem by assignment
+ Result<Map<String, String>> rabn = readAttribByNS(trans,d.name);
+ if(rabn.isOK()) {
+ d.attrib = rabn.value;
+ } else {
+ return Result.err(rabn);
+ }
+ }
+ }
+ return rld;
+ }
+
+ /* (non-Javadoc)
+ * @see org.onap.aaf.auth.dao.CassDAOImpl#read(com.att.inno.env.TransStore, java.lang.Object[])
+ */
+ @Override
+ public Result<List<Data>> read(AuthzTrans trans, Object... key) {
+ Result<List<Data>> rld = super.read(trans, key);
+
+ if(rld.isOKhasData()) {
+ for(Data d : rld.value) {
+ // Note: Map is null at this point, save time/mem by assignment
+ Result<Map<String, String>> rabn = readAttribByNS(trans,d.name);
+ if(rabn.isOK()) {
+ d.attrib = rabn.value;
+ } else {
+ return Result.err(rabn);
+ }
+ }
+ }
+ return rld;
+ }
+
+ @Override
+ public Result<Void> delete(AuthzTrans trans, Data data, boolean reread) {
+ TimeTaken tt = trans.start("Delete NS Attributes " + data.name, Env.REMOTE);
+ try {
+ StringBuilder stmt = new StringBuilder();
+ attribDeleteAllStmt(stmt, data);
+ try {
+ getSession(trans).execute(stmt.toString());
+ } catch (DriverException | APIException | IOException e) {
+ reportPerhapsReset(trans,e);
+ trans.info().log(stmt);
+ return Result.err(Result.ERR_Backend, CassAccess.ERR_ACCESS_MSG);
+ }
+ } finally {
+ tt.done();
+ }
+ return super.delete(trans, data, reread);
+
+ }
- public Result<Map<String,String>> readAttribByNS(AuthzTrans trans, String ns) {
- Map<String,String> map = new HashMap<>();
- TimeTaken tt = trans.start("readAttribByNS " + ns, Env.REMOTE);
- try {
- ResultSet rs = getSession(trans).execute("SELECT key,value FROM "
- + TABLE_ATTRIB
- + " WHERE ns='"
- + ns
- + "';");
-
- for(Iterator<Row> iter = rs.iterator();iter.hasNext(); ) {
- Row r = iter.next();
- map.put(r.getString(0), r.getString(1));
- }
- } catch (DriverException | APIException | IOException e) {
- reportPerhapsReset(trans,e);
- return Result.err(Result.ERR_Backend, CassAccess.ERR_ACCESS_MSG);
- } finally {
- tt.done();
- }
- return Result.ok(map);
- }
-
- public Result<Set<String>> readNsByAttrib(AuthzTrans trans, String key) {
- Set<String> set = new HashSet<>();
- TimeTaken tt = trans.start("readNsBykey " + key, Env.REMOTE);
- try {
- ResultSet rs = getSession(trans).execute("SELECT ns FROM "
- + TABLE_ATTRIB
- + " WHERE key='"
- + key
- + "';");
-
- for(Iterator<Row> iter = rs.iterator();iter.hasNext(); ) {
- Row r = iter.next();
- set.add(r.getString(0));
- }
- } catch (DriverException | APIException | IOException e) {
- reportPerhapsReset(trans,e);
- return Result.err(Result.ERR_Backend, CassAccess.ERR_ACCESS_MSG);
- } finally {
- tt.done();
- }
- return Result.ok(set);
- }
-
- public Result<Void> attribAdd(AuthzTrans trans, String ns, String key, String value) {
- try {
- getSession(trans).execute(attribInsertStmt(new StringBuilder(),ns,key,value).toString());
- return Result.ok();
- } catch (DriverException | APIException | IOException e) {
- reportPerhapsReset(trans,e);
- return Result.err(Result.ERR_Backend, CassAccess.ERR_ACCESS_MSG);
- }
- }
-
- private StringBuilder attribInsertStmt(StringBuilder sb, String ns, String key, String value) {
- sb.append("INSERT INTO ");
- sb.append(TABLE_ATTRIB);
- sb.append(" (ns,key,value) VALUES ('");
- sb.append(ns);
- sb.append(SQCSQ);
- sb.append(key);
- sb.append(SQCSQ);
- sb.append(value);
- sb.append("');");
- return sb;
- }
-
- private StringBuilder attribUpdateStmt(StringBuilder sb, String ns, String key, String value) {
- sb.append("UPDATE ");
- sb.append(TABLE_ATTRIB);
- sb.append(" set value='");
- sb.append(value);
- sb.append("' where ns='");
- sb.append(ns);
- sb.append("' AND key='");
- sb.append(key);
- sb.append("';");
- return sb;
- }
-
-
- public Result<Void> attribRemove(AuthzTrans trans, String ns, String key) {
- try {
- getSession(trans).execute(attribDeleteStmt(new StringBuilder(),ns,key).toString());
- return Result.ok();
- } catch (DriverException | APIException | IOException e) {
- reportPerhapsReset(trans,e);
- return Result.err(Result.ERR_Backend, CassAccess.ERR_ACCESS_MSG);
- }
- }
-
- private StringBuilder attribDeleteStmt(StringBuilder stmt, String ns, String key) {
- stmt.append("DELETE FROM ");
- stmt.append(TABLE_ATTRIB);
- stmt.append(" WHERE ns='");
- stmt.append(ns);
- stmt.append("' AND key='");
- stmt.append(key);
- stmt.append("';");
- return stmt;
- }
-
- private void attribDeleteAllStmt(StringBuilder stmt, Data data) {
- stmt.append(" DELETE FROM ");
- stmt.append(TABLE_ATTRIB);
- stmt.append(" WHERE ns='");
- stmt.append(data.name);
- stmt.append(SQSCCR);
- }
-
- private void attribInsertStmts(StringBuilder stmt, Data data) {
- // INSERT new Attrib
- for(Entry<String,String> es : data.attrib(false).entrySet() ) {
- stmt.append(" ");
- attribInsertStmt(stmt,data.name,es.getKey(),es.getValue());
- }
- }
-
- /**
- * Add description to Namespace
- * @param trans
- * @param ns
- * @param description
- * @return
- */
- public Result<Void> addDescription(AuthzTrans trans, String ns, String description) {
- try {
- getSession(trans).execute(UPDATE_SP + TABLE + " SET description = '"
- + description.replace("'", "''") + "' WHERE name = '" + ns + "';");
- } catch (DriverException | APIException | IOException e) {
- reportPerhapsReset(trans,e);
- return Result.err(Result.ERR_Backend, CassAccess.ERR_ACCESS_MSG);
- }
-
- Data data = new Data();
- data.name=ns;
- wasModified(trans, CRUD.update, data, "Added description " + description + " to namespace " + ns, null );
- return Result.ok();
- }
-
- public Result<List<Data>> getChildren(AuthzTrans trans, String parent) {
- return psNS.read(trans, R_TEXT, new Object[]{parent});
- }
-
+ public Result<Map<String,String>> readAttribByNS(AuthzTrans trans, String ns) {
+ Map<String,String> map = new HashMap<>();
+ TimeTaken tt = trans.start("readAttribByNS " + ns, Env.REMOTE);
+ try {
+ ResultSet rs = getSession(trans).execute("SELECT key,value FROM "
+ + TABLE_ATTRIB
+ + " WHERE ns='"
+ + ns
+ + "';");
+
+ for(Iterator<Row> iter = rs.iterator();iter.hasNext(); ) {
+ Row r = iter.next();
+ map.put(r.getString(0), r.getString(1));
+ }
+ } catch (DriverException | APIException | IOException e) {
+ reportPerhapsReset(trans,e);
+ return Result.err(Result.ERR_Backend, CassAccess.ERR_ACCESS_MSG);
+ } finally {
+ tt.done();
+ }
+ return Result.ok(map);
+ }
+
+ public Result<Set<String>> readNsByAttrib(AuthzTrans trans, String key) {
+ Set<String> set = new HashSet<>();
+ TimeTaken tt = trans.start("readNsBykey " + key, Env.REMOTE);
+ try {
+ ResultSet rs = getSession(trans).execute("SELECT ns FROM "
+ + TABLE_ATTRIB
+ + " WHERE key='"
+ + key
+ + "';");
+
+ for(Iterator<Row> iter = rs.iterator();iter.hasNext(); ) {
+ Row r = iter.next();
+ set.add(r.getString(0));
+ }
+ } catch (DriverException | APIException | IOException e) {
+ reportPerhapsReset(trans,e);
+ return Result.err(Result.ERR_Backend, CassAccess.ERR_ACCESS_MSG);
+ } finally {
+ tt.done();
+ }
+ return Result.ok(set);
+ }
+
+ public Result<Void> attribAdd(AuthzTrans trans, String ns, String key, String value) {
+ try {
+ getSession(trans).execute(attribInsertStmt(new StringBuilder(),ns,key,value).toString());
+ return Result.ok();
+ } catch (DriverException | APIException | IOException e) {
+ reportPerhapsReset(trans,e);
+ return Result.err(Result.ERR_Backend, CassAccess.ERR_ACCESS_MSG);
+ }
+ }
+
+ private StringBuilder attribInsertStmt(StringBuilder sb, String ns, String key, String value) {
+ sb.append("INSERT INTO ");
+ sb.append(TABLE_ATTRIB);
+ sb.append(" (ns,key,value) VALUES ('");
+ sb.append(ns);
+ sb.append(SQCSQ);
+ sb.append(key);
+ sb.append(SQCSQ);
+ sb.append(value);
+ sb.append("');");
+ return sb;
+ }
+
+ private StringBuilder attribUpdateStmt(StringBuilder sb, String ns, String key, String value) {
+ sb.append("UPDATE ");
+ sb.append(TABLE_ATTRIB);
+ sb.append(" set value='");
+ sb.append(value);
+ sb.append("' where ns='");
+ sb.append(ns);
+ sb.append("' AND key='");
+ sb.append(key);
+ sb.append("';");
+ return sb;
+ }
+
+
+ public Result<Void> attribRemove(AuthzTrans trans, String ns, String key) {
+ try {
+ getSession(trans).execute(attribDeleteStmt(new StringBuilder(),ns,key).toString());
+ return Result.ok();
+ } catch (DriverException | APIException | IOException e) {
+ reportPerhapsReset(trans,e);
+ return Result.err(Result.ERR_Backend, CassAccess.ERR_ACCESS_MSG);
+ }
+ }
+
+ private StringBuilder attribDeleteStmt(StringBuilder stmt, String ns, String key) {
+ stmt.append("DELETE FROM ");
+ stmt.append(TABLE_ATTRIB);
+ stmt.append(" WHERE ns='");
+ stmt.append(ns);
+ stmt.append("' AND key='");
+ stmt.append(key);
+ stmt.append("';");
+ return stmt;
+ }
+
+ private void attribDeleteAllStmt(StringBuilder stmt, Data data) {
+ stmt.append(" DELETE FROM ");
+ stmt.append(TABLE_ATTRIB);
+ stmt.append(" WHERE ns='");
+ stmt.append(data.name);
+ stmt.append(SQSCCR);
+ }
+
+ private void attribInsertStmts(StringBuilder stmt, Data data) {
+ // INSERT new Attrib
+ for(Entry<String,String> es : data.attrib(false).entrySet() ) {
+ stmt.append(" ");
+ attribInsertStmt(stmt,data.name,es.getKey(),es.getValue());
+ }
+ }
+
+ /**
+ * Add description to Namespace
+ * @param trans
+ * @param ns
+ * @param description
+ * @return
+ */
+ public Result<Void> addDescription(AuthzTrans trans, String ns, String description) {
+ try {
+ getSession(trans).execute(UPDATE_SP + TABLE + " SET description = '"
+ + description.replace("'", "''") + "' WHERE name = '" + ns + "';");
+ } catch (DriverException | APIException | IOException e) {
+ reportPerhapsReset(trans,e);
+ return Result.err(Result.ERR_Backend, CassAccess.ERR_ACCESS_MSG);
+ }
+
+ Data data = new Data();
+ data.name=ns;
+ wasModified(trans, CRUD.update, data, "Added description " + description + " to namespace " + ns, null );
+ return Result.ok();
+ }
+
+ public Result<List<Data>> getChildren(AuthzTrans trans, String parent) {
+ return psNS.read(trans, R_TEXT, new Object[]{parent});
+ }
+
/**
* Log Modification statements to History
@@ -531,8 +531,8 @@ public class NsDAO extends CassDAOImpl<AuthzTrans,NsDAO.Data> {
*/
@Override
protected void wasModified(AuthzTrans trans, CRUD modified, Data data, String ... override) {
- boolean memo = override.length>0 && override[0]!=null;
- boolean subject = override.length>1 && override[1]!=null;
+ boolean memo = override.length>0 && override[0]!=null;
+ boolean subject = override.length>1 && override[1]!=null;
//TODO Must log history
HistoryDAO.Data hd = HistoryDAO.newInitedData();
@@ -541,20 +541,20 @@ public class NsDAO extends CassDAOImpl<AuthzTrans,NsDAO.Data> {
hd.target = TABLE;
hd.subject = subject ? override[1] : data.name;
hd.memo = memo ? override[0] : (data.name + " was " + modified.name() + 'd' );
- if(modified==CRUD.delete) {
- try {
- hd.reconstruct = data.bytify();
- } catch (IOException e) {
- trans.error().log(e,"Could not serialize NsDAO.Data");
- }
- }
+ if(modified==CRUD.delete) {
+ try {
+ hd.reconstruct = data.bytify();
+ } catch (IOException e) {
+ trans.error().log(e,"Could not serialize NsDAO.Data");
+ }
+ }
if(historyDAO.create(trans, hd).status!=Status.OK) {
- trans.error().log("Cannot log to History");
- }
+ trans.error().log("Cannot log to History");
+ }
if(infoDAO.touch(trans, TABLE,data.invalidate(cache)).notOK()) {
- trans.error().log("Cannot touch CacheInfo");
- }
+ trans.error().log("Cannot touch CacheInfo");
+ }
}
} \ No newline at end of file
diff --git a/auth/auth-cass/src/main/java/org/onap/aaf/auth/dao/cass/NsSplit.java b/auth/auth-cass/src/main/java/org/onap/aaf/auth/dao/cass/NsSplit.java
index 2694c6c8..a64c0a94 100644
--- a/auth/auth-cass/src/main/java/org/onap/aaf/auth/dao/cass/NsSplit.java
+++ b/auth/auth-cass/src/main/java/org/onap/aaf/auth/dao/cass/NsSplit.java
@@ -22,40 +22,40 @@
package org.onap.aaf.auth.dao.cass;
public class NsSplit {
- public final String ns;
- public final String name;
- public final NsDAO.Data nsd;
-
- public NsSplit(NsDAO.Data nsd, String child) {
- this.nsd = nsd;
- if(child.startsWith(nsd.name)) {
- ns = nsd.name;
- int dot = ns.length();
- if(dot<child.length() && child.charAt(dot)=='.') {
- name = child.substring(dot+1);
- } else {
- name="";
- }
- } else {
- name=null;
- ns = null;
- }
- }
-
- public NsSplit(String ns, String name) {
- this.ns = ns;
- this.name = name;
- this.nsd = new NsDAO.Data();
- nsd.name = ns;
- int dot = ns.lastIndexOf('.');
- if(dot>=0) {
- nsd.parent = ns.substring(0, dot);
- } else {
- nsd.parent = ".";
- }
- }
+ public final String ns;
+ public final String name;
+ public final NsDAO.Data nsd;
+
+ public NsSplit(NsDAO.Data nsd, String child) {
+ this.nsd = nsd;
+ if(child.startsWith(nsd.name)) {
+ ns = nsd.name;
+ int dot = ns.length();
+ if(dot<child.length() && child.charAt(dot)=='.') {
+ name = child.substring(dot+1);
+ } else {
+ name="";
+ }
+ } else {
+ name=null;
+ ns = null;
+ }
+ }
+
+ public NsSplit(String ns, String name) {
+ this.ns = ns;
+ this.name = name;
+ this.nsd = new NsDAO.Data();
+ nsd.name = ns;
+ int dot = ns.lastIndexOf('.');
+ if(dot>=0) {
+ nsd.parent = ns.substring(0, dot);
+ } else {
+ nsd.parent = ".";
+ }
+ }
- public boolean isOK() {
- return ns!=null && name !=null;
- }
+ public boolean isOK() {
+ return ns!=null && name !=null;
+ }
} \ No newline at end of file
diff --git a/auth/auth-cass/src/main/java/org/onap/aaf/auth/dao/cass/NsType.java b/auth/auth-cass/src/main/java/org/onap/aaf/auth/dao/cass/NsType.java
index 18d5eeec..59e18ae9 100644
--- a/auth/auth-cass/src/main/java/org/onap/aaf/auth/dao/cass/NsType.java
+++ b/auth/auth-cass/src/main/java/org/onap/aaf/auth/dao/cass/NsType.java
@@ -27,48 +27,48 @@ package org.onap.aaf.auth.dao.cass;
*
*/
public enum NsType {
- UNKNOWN (-1),
- DOT (0),
- ROOT (1),
- COMPANY (2),
- APP (3),
- STACKED_APP (10),
- STACK (11);
-
- public final int type;
- private NsType(int t) {
- type = t;
- }
- /**
- * This is not the Ordinal, but the Type that is stored in NS Tables
- *
- * @param t
- * @return
- */
- public static NsType fromType(int t) {
- for(NsType nst : values()) {
- if(t==nst.type) {
- return nst;
- }
- }
- return UNKNOWN;
- }
-
- /**
- * Use this one rather than "valueOf" to avoid Exception
- * @param s
- * @return
- */
- public static NsType fromString(String s) {
- if(s!=null) {
- for(NsType nst : values()) {
- if(nst.name().equals(s)) {
- return nst;
- }
- }
- }
- return UNKNOWN;
- }
+ UNKNOWN (-1),
+ DOT (0),
+ ROOT (1),
+ COMPANY (2),
+ APP (3),
+ STACKED_APP (10),
+ STACK (11);
+
+ public final int type;
+ private NsType(int t) {
+ type = t;
+ }
+ /**
+ * This is not the Ordinal, but the Type that is stored in NS Tables
+ *
+ * @param t
+ * @return
+ */
+ public static NsType fromType(int t) {
+ for(NsType nst : values()) {
+ if(t==nst.type) {
+ return nst;
+ }
+ }
+ return UNKNOWN;
+ }
+
+ /**
+ * Use this one rather than "valueOf" to avoid Exception
+ * @param s
+ * @return
+ */
+ public static NsType fromString(String s) {
+ if(s!=null) {
+ for(NsType nst : values()) {
+ if(nst.name().equals(s)) {
+ return nst;
+ }
+ }
+ }
+ return UNKNOWN;
+ }
-
+
}
diff --git a/auth/auth-cass/src/main/java/org/onap/aaf/auth/dao/cass/OAuthTokenDAO.java b/auth/auth-cass/src/main/java/org/onap/aaf/auth/dao/cass/OAuthTokenDAO.java
index 4fe3aaab..5d0f084b 100644
--- a/auth/auth-cass/src/main/java/org/onap/aaf/auth/dao/cass/OAuthTokenDAO.java
+++ b/auth/auth-cass/src/main/java/org/onap/aaf/auth/dao/cass/OAuthTokenDAO.java
@@ -50,7 +50,7 @@ import com.datastax.driver.core.Row;
*/
public class OAuthTokenDAO extends CassDAOImpl<AuthzTrans,OAuthTokenDAO.Data> {
public static final String TABLE = "oauth_token";
- private AbsCassDAO<AuthzTrans, Data>.PSInfo psByUser;
+ private AbsCassDAO<AuthzTrans, Data>.PSInfo psByUser;
public OAuthTokenDAO(AuthzTrans trans, Cluster cluster, String keyspace) {
super(trans, OAuthTokenDAO.class.getSimpleName(),cluster, keyspace, Data.class,TABLE, readConsistency(trans,TABLE), writeConsistency(trans,TABLE));
@@ -58,63 +58,63 @@ public class OAuthTokenDAO extends CassDAOImpl<AuthzTrans,OAuthTokenDAO.Data> {
}
public OAuthTokenDAO(AuthzTrans trans, AbsCassDAO<AuthzTrans,?> aDao) {
- super(trans, OAuthTokenDAO.class.getSimpleName(),aDao, Data.class, TABLE, readConsistency(trans,TABLE), writeConsistency(trans,TABLE));
- init(trans);
+ super(trans, OAuthTokenDAO.class.getSimpleName(),aDao, Data.class, TABLE, readConsistency(trans,TABLE), writeConsistency(trans,TABLE));
+ init(trans);
}
public static final int KEYLIMIT = 1;
- public static class Data implements Bytification {
- public String id;
- public String client_id;
- public String user;
- public boolean active;
- public int type;
- public String refresh;
- public Date expires;
- public long exp_sec;
- public String content;
- public Set<String> scopes;
- public String state;
- public String req_ip; // requesting
-
- public Set<String> scopes(boolean mutable) {
- if (scopes == null) {
- scopes = new HashSet<>();
- } else if (mutable && !(scopes instanceof HashSet)) {
- scopes = new HashSet<>(scopes);
- }
- return scopes;
- }
-
- @Override
- public ByteBuffer bytify() throws IOException {
- ByteArrayOutputStream baos = new ByteArrayOutputStream();
- OAuthLoader.deflt.marshal(this,new DataOutputStream(baos));
- return ByteBuffer.wrap(baos.toByteArray());
- }
-
- @Override
- public void reconstitute(ByteBuffer bb) throws IOException {
- OAuthLoader.deflt.unmarshal(this, toDIS(bb));
- }
-
- public String toString() {
- return user.toString() + ' ' + id.toString() + ' ' + Chrono.dateTime(expires) + (active?"":"in") + "active";
- }
+ public static class Data implements Bytification {
+ public String id;
+ public String client_id;
+ public String user;
+ public boolean active;
+ public int type;
+ public String refresh;
+ public Date expires;
+ public long exp_sec;
+ public String content;
+ public Set<String> scopes;
+ public String state;
+ public String req_ip; // requesting
+
+ public Set<String> scopes(boolean mutable) {
+ if (scopes == null) {
+ scopes = new HashSet<>();
+ } else if (mutable && !(scopes instanceof HashSet)) {
+ scopes = new HashSet<>(scopes);
+ }
+ return scopes;
+ }
+
+ @Override
+ public ByteBuffer bytify() throws IOException {
+ ByteArrayOutputStream baos = new ByteArrayOutputStream();
+ OAuthLoader.deflt.marshal(this,new DataOutputStream(baos));
+ return ByteBuffer.wrap(baos.toByteArray());
+ }
+
+ @Override
+ public void reconstitute(ByteBuffer bb) throws IOException {
+ OAuthLoader.deflt.unmarshal(this, toDIS(bb));
+ }
+
+ public String toString() {
+ return user.toString() + ' ' + id.toString() + ' ' + Chrono.dateTime(expires) + (active?"":"in") + "active";
+ }
}
private static class OAuthLoader extends Loader<Data> implements Streamer<Data>{
- public static final int MAGIC=235677843;
- public static final int VERSION=1;
- public static final int BUFF_SIZE=96; // Note: only used when
-
- public static final OAuthLoader deflt = new OAuthLoader(KEYLIMIT);
- public OAuthLoader(int keylimit) {
- super(keylimit);
- }
-
- @Override
+ public static final int MAGIC=235677843;
+ public static final int VERSION=1;
+ public static final int BUFF_SIZE=96; // Note: only used when
+
+ public static final OAuthLoader deflt = new OAuthLoader(KEYLIMIT);
+ public OAuthLoader(int keylimit) {
+ super(keylimit);
+ }
+
+ @Override
public Data load(Data data, Row row) {
data.id = row.getString(0);
data.client_id = row.getString(1);
@@ -152,43 +152,43 @@ public class OAuthTokenDAO extends CassDAOImpl<AuthzTrans,OAuthTokenDAO.Data> {
obj[++i] = data.req_ip;
}
- @Override
- public void marshal(Data data, DataOutputStream os) throws IOException {
- writeHeader(os,MAGIC,VERSION);
- writeString(os, data.id);
- writeString(os, data.client_id);
- writeString(os, data.user);
- os.writeBoolean(data.active);
- os.writeInt(data.type);
- writeString(os, data.refresh);
- os.writeLong(data.expires==null?-1:data.expires.getTime());
- os.writeLong(data.exp_sec);
- writeString(os, data.content);
- writeStringSet(os,data.scopes);
- writeString(os, data.state);
- writeString(os, data.req_ip);
- }
-
-
- @Override
- public void unmarshal(Data data, DataInputStream is) throws IOException {
- /*int version = */readHeader(is,MAGIC,VERSION);
- // If Version Changes between Production runs, you'll need to do a switch Statement, and adequately read in fields
- byte[] buff = new byte[BUFF_SIZE]; // used only if fits
- data.id = readString(is,buff);
- data.client_id = readString(is,buff);
- data.user = readString(is,buff);
- data.active = is.readBoolean();
- data.type = is.readInt();
- data.refresh = readString(is,buff);
- long l = is.readLong();
- data.expires = l<0?null:new Date(l);
- data.exp_sec = is.readLong();
- data.content = readString(is,buff); // note, large strings still ok with small buffer
- data.scopes = readStringSet(is,buff);
- data.state = readString(is,buff);
- data.req_ip = readString(is,buff);
- }
+ @Override
+ public void marshal(Data data, DataOutputStream os) throws IOException {
+ writeHeader(os,MAGIC,VERSION);
+ writeString(os, data.id);
+ writeString(os, data.client_id);
+ writeString(os, data.user);
+ os.writeBoolean(data.active);
+ os.writeInt(data.type);
+ writeString(os, data.refresh);
+ os.writeLong(data.expires==null?-1:data.expires.getTime());
+ os.writeLong(data.exp_sec);
+ writeString(os, data.content);
+ writeStringSet(os,data.scopes);
+ writeString(os, data.state);
+ writeString(os, data.req_ip);
+ }
+
+
+ @Override
+ public void unmarshal(Data data, DataInputStream is) throws IOException {
+ /*int version = */readHeader(is,MAGIC,VERSION);
+ // If Version Changes between Production runs, you'll need to do a switch Statement, and adequately read in fields
+ byte[] buff = new byte[BUFF_SIZE]; // used only if fits
+ data.id = readString(is,buff);
+ data.client_id = readString(is,buff);
+ data.user = readString(is,buff);
+ data.active = is.readBoolean();
+ data.type = is.readInt();
+ data.refresh = readString(is,buff);
+ long l = is.readLong();
+ data.expires = l<0?null:new Date(l);
+ data.exp_sec = is.readLong();
+ data.content = readString(is,buff); // note, large strings still ok with small buffer
+ data.scopes = readStringSet(is,buff);
+ data.state = readString(is,buff);
+ data.req_ip = readString(is,buff);
+ }
}
private void init(AuthzTrans trans) {
@@ -196,7 +196,7 @@ public class OAuthTokenDAO extends CassDAOImpl<AuthzTrans,OAuthTokenDAO.Data> {
psByUser = new PSInfo(trans, "SELECT " + helpers[0] + " from " + TABLE + " WHERE user=?",OAuthLoader.deflt,readConsistency);
}
- /**
+ /**
* Log Modification statements to History
*
* @param modified which CRUD action was done
@@ -207,7 +207,7 @@ public class OAuthTokenDAO extends CassDAOImpl<AuthzTrans,OAuthTokenDAO.Data> {
protected void wasModified(AuthzTrans trans, CRUD modified, Data data, String ... override) {
}
- public Result<List<Data>> readByUser(AuthzTrans trans, String user) {
- return psByUser.read(trans, "Read By User", new Object[]{user});
- }
+ public Result<List<Data>> readByUser(AuthzTrans trans, String user) {
+ return psByUser.read(trans, "Read By User", new Object[]{user});
+ }
}
diff --git a/auth/auth-cass/src/main/java/org/onap/aaf/auth/dao/cass/PermDAO.java b/auth/auth-cass/src/main/java/org/onap/aaf/auth/dao/cass/PermDAO.java
index 0ecdd98d..c02387b1 100644
--- a/auth/auth-cass/src/main/java/org/onap/aaf/auth/dao/cass/PermDAO.java
+++ b/auth/auth-cass/src/main/java/org/onap/aaf/auth/dao/cass/PermDAO.java
@@ -49,169 +49,169 @@ import com.datastax.driver.core.exceptions.DriverException;
public class PermDAO extends CassDAOImpl<AuthzTrans,PermDAO.Data> {
- public static final String TABLE = "perm";
+ public static final String TABLE = "perm";
public static final int CACHE_SEG = 0x40; // yields segment 0x0-0x3F
- private static final String STAR = "*";
-
- private final HistoryDAO historyDAO;
- private final CacheInfoDAO infoDAO;
-
- private PSInfo psNS, psChildren, psByType;
-
- public PermDAO(AuthzTrans trans, Cluster cluster, String keyspace) throws APIException, IOException {
- super(trans, PermDAO.class.getSimpleName(),cluster,keyspace,Data.class,TABLE, readConsistency(trans,TABLE), writeConsistency(trans,TABLE));
- init(trans);
- historyDAO = new HistoryDAO(trans, this);
- infoDAO = new CacheInfoDAO(trans,this);
- }
-
- public PermDAO(AuthzTrans trans, HistoryDAO hDAO, CacheInfoDAO ciDAO) {
- super(trans, PermDAO.class.getSimpleName(),hDAO,Data.class,TABLE, readConsistency(trans,TABLE), writeConsistency(trans,TABLE));
- historyDAO = hDAO;
- infoDAO=ciDAO;
- init(trans);
- }
-
-
- private static final int KEYLIMIT = 4;
- public static class Data extends CacheableData implements Bytification {
- public String ns;
- public String type;
- public String instance;
- public String action;
- public Set<String> roles;
- public String description;
-
- public Data() {}
-
- public Data(NsSplit nss, String instance, String action) {
- ns = nss.ns;
- type = nss.name;
- this.instance = instance;
- this.action = action;
- }
-
- public String fullType() {
- return ns + '.' + type;
- }
-
- public String fullPerm() {
- return ns + '.' + type + '|' + instance + '|' + action;
- }
-
- public String encode() {
- return ns + '|' + type + '|' + instance + '|' + action;
- }
-
- /**
- * Decode Perm String, including breaking into appropriate Namespace
- *
- * @param trans
- * @param q
- * @param p
- * @return
- */
- public static Result<Data> decode(AuthzTrans trans, Question q, String p) {
- String[] ss = Split.splitTrim('|', p,4);
- if(ss[2]==null) {
- return Result.err(Status.ERR_BadData,"Perm Encodings must be separated by '|'");
- }
- Data data = new Data();
- if(ss[3]==null) { // older 3 part encoding must be evaluated for NS
- Result<NsSplit> nss = q.deriveNsSplit(trans, ss[0]);
- if(nss.notOK()) {
- return Result.err(nss);
- }
- data.ns=nss.value.ns;
- data.type=nss.value.name;
- data.instance=ss[1];
- data.action=ss[2];
- } else { // new 4 part encoding
- data.ns=ss[0];
- data.type=ss[1];
- data.instance=ss[2];
- data.action=ss[3];
- }
- return Result.ok(data);
- }
-
- /**
- * Decode Perm String, including breaking into appropriate Namespace
- *
- * @param trans
- * @param q
- * @param p
- * @return
- */
- public static Result<String[]> decodeToArray(AuthzTrans trans, Question q, String p) {
- String[] ss = Split.splitTrim('|', p,4);
- if(ss[2]==null) {
- return Result.err(Status.ERR_BadData,"Perm Encodings must be separated by '|'");
- }
-
- if(ss[3]==null) { // older 3 part encoding must be evaluated for NS
- ss[3] = ss[2];
- ss[2] = ss[1];
- Result<NsSplit> nss = q.deriveNsSplit(trans, ss[0]);
- if(nss.notOK()) {
- return Result.err(nss);
- }
- ss[1] = nss.value.name;
- ss[0] = nss.value.ns;
- }
- return Result.ok(ss);
- }
-
- public static Data create(NsDAO.Data ns, String name) {
- NsSplit nss = new NsSplit(ns,name);
- Data rv = new Data();
- rv.ns = nss.ns;
- String[] s = nss.name.split("\\|");
- switch(s.length) {
- case 3:
- rv.type=s[0];
- rv.instance=s[1];
- rv.action=s[2];
- break;
- case 2:
- rv.type=s[0];
- rv.instance=s[1];
- rv.action=STAR;
- break;
- default:
- rv.type=s[0];
- rv.instance = STAR;
- rv.action = STAR;
- }
- return rv;
- }
-
- public static Data create(AuthzTrans trans, Question q, String name) {
- String[] s = name.split("\\|");
- Result<NsSplit> rdns = q.deriveNsSplit(trans, s[0]);
- Data rv = new PermDAO.Data();
- if(rdns.isOKhasData()) {
- switch(s.length) {
- case 3:
- rv.type=s[1];
- rv.instance=s[2];
- rv.action=s[3];
- break;
- case 2:
- rv.type=s[1];
- rv.instance=s[2];
- rv.action=STAR;
- break;
- default:
- rv.type=s[1];
- rv.instance = STAR;
- rv.action = STAR;
- }
- }
- return rv;
- }
-
+ private static final String STAR = "*";
+
+ private final HistoryDAO historyDAO;
+ private final CacheInfoDAO infoDAO;
+
+ private PSInfo psNS, psChildren, psByType;
+
+ public PermDAO(AuthzTrans trans, Cluster cluster, String keyspace) throws APIException, IOException {
+ super(trans, PermDAO.class.getSimpleName(),cluster,keyspace,Data.class,TABLE, readConsistency(trans,TABLE), writeConsistency(trans,TABLE));
+ init(trans);
+ historyDAO = new HistoryDAO(trans, this);
+ infoDAO = new CacheInfoDAO(trans,this);
+ }
+
+ public PermDAO(AuthzTrans trans, HistoryDAO hDAO, CacheInfoDAO ciDAO) {
+ super(trans, PermDAO.class.getSimpleName(),hDAO,Data.class,TABLE, readConsistency(trans,TABLE), writeConsistency(trans,TABLE));
+ historyDAO = hDAO;
+ infoDAO=ciDAO;
+ init(trans);
+ }
+
+
+ private static final int KEYLIMIT = 4;
+ public static class Data extends CacheableData implements Bytification {
+ public String ns;
+ public String type;
+ public String instance;
+ public String action;
+ public Set<String> roles;
+ public String description;
+
+ public Data() {}
+
+ public Data(NsSplit nss, String instance, String action) {
+ ns = nss.ns;
+ type = nss.name;
+ this.instance = instance;
+ this.action = action;
+ }
+
+ public String fullType() {
+ return ns + '.' + type;
+ }
+
+ public String fullPerm() {
+ return ns + '.' + type + '|' + instance + '|' + action;
+ }
+
+ public String encode() {
+ return ns + '|' + type + '|' + instance + '|' + action;
+ }
+
+ /**
+ * Decode Perm String, including breaking into appropriate Namespace
+ *
+ * @param trans
+ * @param q
+ * @param p
+ * @return
+ */
+ public static Result<Data> decode(AuthzTrans trans, Question q, String p) {
+ String[] ss = Split.splitTrim('|', p,4);
+ if(ss[2]==null) {
+ return Result.err(Status.ERR_BadData,"Perm Encodings must be separated by '|'");
+ }
+ Data data = new Data();
+ if(ss[3]==null) { // older 3 part encoding must be evaluated for NS
+ Result<NsSplit> nss = q.deriveNsSplit(trans, ss[0]);
+ if(nss.notOK()) {
+ return Result.err(nss);
+ }
+ data.ns=nss.value.ns;
+ data.type=nss.value.name;
+ data.instance=ss[1];
+ data.action=ss[2];
+ } else { // new 4 part encoding
+ data.ns=ss[0];
+ data.type=ss[1];
+ data.instance=ss[2];
+ data.action=ss[3];
+ }
+ return Result.ok(data);
+ }
+
+ /**
+ * Decode Perm String, including breaking into appropriate Namespace
+ *
+ * @param trans
+ * @param q
+ * @param p
+ * @return
+ */
+ public static Result<String[]> decodeToArray(AuthzTrans trans, Question q, String p) {
+ String[] ss = Split.splitTrim('|', p,4);
+ if(ss[2]==null) {
+ return Result.err(Status.ERR_BadData,"Perm Encodings must be separated by '|'");
+ }
+
+ if(ss[3]==null) { // older 3 part encoding must be evaluated for NS
+ ss[3] = ss[2];
+ ss[2] = ss[1];
+ Result<NsSplit> nss = q.deriveNsSplit(trans, ss[0]);
+ if(nss.notOK()) {
+ return Result.err(nss);
+ }
+ ss[1] = nss.value.name;
+ ss[0] = nss.value.ns;
+ }
+ return Result.ok(ss);
+ }
+
+ public static Data create(NsDAO.Data ns, String name) {
+ NsSplit nss = new NsSplit(ns,name);
+ Data rv = new Data();
+ rv.ns = nss.ns;
+ String[] s = nss.name.split("\\|");
+ switch(s.length) {
+ case 3:
+ rv.type=s[0];
+ rv.instance=s[1];
+ rv.action=s[2];
+ break;
+ case 2:
+ rv.type=s[0];
+ rv.instance=s[1];
+ rv.action=STAR;
+ break;
+ default:
+ rv.type=s[0];
+ rv.instance = STAR;
+ rv.action = STAR;
+ }
+ return rv;
+ }
+
+ public static Data create(AuthzTrans trans, Question q, String name) {
+ String[] s = name.split("\\|");
+ Result<NsSplit> rdns = q.deriveNsSplit(trans, s[0]);
+ Data rv = new PermDAO.Data();
+ if(rdns.isOKhasData()) {
+ switch(s.length) {
+ case 3:
+ rv.type=s[1];
+ rv.instance=s[2];
+ rv.action=s[3];
+ break;
+ case 2:
+ rv.type=s[1];
+ rv.instance=s[2];
+ rv.action=STAR;
+ break;
+ default:
+ rv.type=s[1];
+ rv.instance = STAR;
+ rv.action = STAR;
+ }
+ }
+ return rv;
+ }
+
////////////////////////////////////////
// Getters
public Set<String> roles(boolean mutable) {
@@ -223,279 +223,279 @@ public class PermDAO extends CassDAOImpl<AuthzTrans,PermDAO.Data> {
return roles;
}
- @Override
- public int[] invalidate(Cached<?,?> cache) {
- return new int[] {
- seg(cache,ns),
- seg(cache,ns,type),
- seg(cache,ns,type,STAR),
- seg(cache,ns,type,instance,action)
- };
- }
-
- @Override
- public ByteBuffer bytify() throws IOException {
- ByteArrayOutputStream baos = new ByteArrayOutputStream();
- PermLoader.deflt.marshal(this, new DataOutputStream(baos));
- return ByteBuffer.wrap(baos.toByteArray());
- }
-
- @Override
- public void reconstitute(ByteBuffer bb) throws IOException {
- PermLoader.deflt.unmarshal(this, toDIS(bb));
- }
-
- @Override
- public String toString() {
- return encode();
- }
- }
-
- private static class PermLoader extends Loader<Data> implements Streamer<Data> {
- public static final int MAGIC=283939453;
- public static final int VERSION=1;
- public static final int BUFF_SIZE=96;
-
- public static final PermLoader deflt = new PermLoader(KEYLIMIT);
-
- public PermLoader(int keylimit) {
- super(keylimit);
- }
-
- @Override
- public Data load(Data data, Row row) {
- // Int more efficient Match "fields" string
- data.ns = row.getString(0);
- data.type = row.getString(1);
- data.instance = row.getString(2);
- data.action = row.getString(3);
- data.roles = row.getSet(4,String.class);
- data.description = row.getString(5);
- return data;
- }
-
- @Override
- protected void key(Data data, int _idx, Object[] obj) {
- int idx = _idx;
- obj[idx]=data.ns;
- obj[++idx]=data.type;
- obj[++idx]=data.instance;
- obj[++idx]=data.action;
- }
-
- @Override
- protected void body(Data data, int _idx, Object[] obj) {
- int idx = _idx;
- obj[idx]=data.roles;
- obj[++idx]=data.description;
- }
-
- @Override
- public void marshal(Data data, DataOutputStream os) throws IOException {
- writeHeader(os,MAGIC,VERSION);
- writeString(os, data.ns);
- writeString(os, data.type);
- writeString(os, data.instance);
- writeString(os, data.action);
- writeStringSet(os, data.roles);
- writeString(os, data.description);
- }
-
- @Override
- public void unmarshal(Data data, DataInputStream is) throws IOException {
- /*int version = */readHeader(is,MAGIC,VERSION);
- // If Version Changes between Production runs, you'll need to do a switch Statement, and adequately read in fields
- byte[] buff = new byte[BUFF_SIZE];
- data.ns = readString(is, buff);
- data.type = readString(is,buff);
- data.instance = readString(is,buff);
- data.action = readString(is,buff);
- data.roles = readStringSet(is,buff);
- data.description = readString(is,buff);
- }
- }
-
- private void init(AuthzTrans trans) {
- // the 3 is the number of key fields
- String[] helpers = setCRUD(trans, TABLE, Data.class, PermLoader.deflt);
-
- // Other SELECT style statements... match with a local Method
- psByType = new PSInfo(trans, SELECT_SP + helpers[FIELD_COMMAS] + " FROM " + TABLE +
- " WHERE ns = ? AND type = ?", new PermLoader(2) {
- @Override
- protected void key(Data data, int idx, Object[] obj) {
- obj[idx]=data.type;
- }
- },readConsistency);
-
- psNS = new PSInfo(trans, SELECT_SP + helpers[FIELD_COMMAS] + " FROM " + TABLE +
- " WHERE ns = ?", new PermLoader(1),readConsistency);
-
- psChildren = new PSInfo(trans, SELECT_SP + helpers[FIELD_COMMAS] + " FROM " + TABLE +
- " WHERE ns=? AND type > ? AND type < ?",
- new PermLoader(3) {
- @Override
- protected void key(Data data, int _idx, Object[] obj) {
- int idx = _idx;
- obj[idx] = data.ns;
- obj[++idx]=data.type + DOT;
- obj[++idx]=data.type + DOT_PLUS_ONE;
- }
- },readConsistency);
-
- }
-
-
- /**
- * Add a single Permission to the Role's Permission Collection
- *
- * @param trans
- * @param roleFullName
- * @param perm
- * @param type
- * @param action
- * @return
- */
- public Result<Void> addRole(AuthzTrans trans, PermDAO.Data perm, String roleFullName) {
- // Note: Prepared Statements for Collection updates aren't supported
- //ResultSet rv =
- try {
- getSession(trans).execute(UPDATE_SP + TABLE + " SET roles = roles + {'" + roleFullName + "'} " +
- "WHERE " +
- "ns = '" + perm.ns + "' AND " +
- "type = '" + perm.type + "' AND " +
- "instance = '" + perm.instance + "' AND " +
- "action = '" + perm.action + "';"
- );
- } catch (DriverException | APIException | IOException e) {
- reportPerhapsReset(trans,e);
- return Result.err(Result.ERR_Backend, CassAccess.ERR_ACCESS_MSG);
- }
-
- wasModified(trans, CRUD.update, perm, "Added role " + roleFullName + " to perm " +
- perm.ns + '.' + perm.type + '|' + perm.instance + '|' + perm.action);
- return Result.ok();
- }
-
- /**
- * Remove a single Permission from the Role's Permission Collection
- * @param trans
- * @param roleFullName
- * @param perm
- * @param type
- * @param action
- * @return
- */
- public Result<Void> delRole(AuthzTrans trans, PermDAO.Data perm, String roleFullName) {
- // Note: Prepared Statements for Collection updates aren't supported
- //ResultSet rv =
- try {
- getSession(trans).execute(UPDATE_SP + TABLE + " SET roles = roles - {'" + roleFullName + "'} " +
- "WHERE " +
- "ns = '" + perm.ns + "' AND " +
- "type = '" + perm.type + "' AND " +
- "instance = '" + perm.instance + "' AND " +
- "action = '" + perm.action + "';"
- );
- } catch (DriverException | APIException | IOException e) {
- reportPerhapsReset(trans,e);
- return Result.err(Result.ERR_Backend, CassAccess.ERR_ACCESS_MSG);
- }
-
- //TODO how can we tell when it doesn't?
- wasModified(trans, CRUD.update, perm, "Removed role " + roleFullName + " from perm " +
- perm.ns + '.' + perm.type + '|' + perm.instance + '|' + perm.action);
- return Result.ok();
- }
-
-
-
- /**
- * Additional method:
- * Select all Permissions by Name
- *
- * @param name
- * @return
- * @throws DAOException
- */
- public Result<List<Data>> readByType(AuthzTrans trans, String ns, String type) {
- return psByType.read(trans, R_TEXT, new Object[]{ns, type});
- }
-
- public Result<List<Data>> readChildren(AuthzTrans trans, String ns, String type) {
- return psChildren.read(trans, R_TEXT, new Object[]{ns, type+DOT, type + DOT_PLUS_ONE});
- }
-
- public Result<List<Data>> readNS(AuthzTrans trans, String ns) {
- return psNS.read(trans, R_TEXT, new Object[]{ns});
- }
-
- /**
- * Add description to this permission
- *
- * @param trans
- * @param ns
- * @param type
- * @param instance
- * @param action
- * @param description
- * @return
- */
- public Result<Void> addDescription(AuthzTrans trans, String ns, String type,
- String instance, String action, String description) {
- try {
- getSession(trans).execute(UPDATE_SP + TABLE + " SET description = '"
- + description + "' WHERE ns = '" + ns + "' AND type = '" + type + "'"
- + "AND instance = '" + instance + "' AND action = '" + action + "';");
- } catch (DriverException | APIException | IOException e) {
- reportPerhapsReset(trans,e);
- return Result.err(Result.ERR_Backend, CassAccess.ERR_ACCESS_MSG);
- }
-
- Data data = new Data();
- data.ns=ns;
- data.type=type;
- data.instance=instance;
- data.action=action;
- wasModified(trans, CRUD.update, data, "Added description " + description + " to permission "
- + data.encode(), null );
- return Result.ok();
- }
-
- /**
- * Log Modification statements to History
- */
- @Override
- protected void wasModified(AuthzTrans trans, CRUD modified, Data data, String ... override) {
- boolean memo = override.length>0 && override[0]!=null;
- boolean subject = override.length>1 && override[1]!=null;
-
- // Need to update history
- HistoryDAO.Data hd = HistoryDAO.newInitedData();
- hd.user = trans.user();
- hd.action = modified.name();
- hd.target = TABLE;
- hd.subject = subject ? override[1] : data.fullType();
- if (memo) {
+ @Override
+ public int[] invalidate(Cached<?,?> cache) {
+ return new int[] {
+ seg(cache,ns),
+ seg(cache,ns,type),
+ seg(cache,ns,type,STAR),
+ seg(cache,ns,type,instance,action)
+ };
+ }
+
+ @Override
+ public ByteBuffer bytify() throws IOException {
+ ByteArrayOutputStream baos = new ByteArrayOutputStream();
+ PermLoader.deflt.marshal(this, new DataOutputStream(baos));
+ return ByteBuffer.wrap(baos.toByteArray());
+ }
+
+ @Override
+ public void reconstitute(ByteBuffer bb) throws IOException {
+ PermLoader.deflt.unmarshal(this, toDIS(bb));
+ }
+
+ @Override
+ public String toString() {
+ return encode();
+ }
+ }
+
+ private static class PermLoader extends Loader<Data> implements Streamer<Data> {
+ public static final int MAGIC=283939453;
+ public static final int VERSION=1;
+ public static final int BUFF_SIZE=96;
+
+ public static final PermLoader deflt = new PermLoader(KEYLIMIT);
+
+ public PermLoader(int keylimit) {
+ super(keylimit);
+ }
+
+ @Override
+ public Data load(Data data, Row row) {
+ // Int more efficient Match "fields" string
+ data.ns = row.getString(0);
+ data.type = row.getString(1);
+ data.instance = row.getString(2);
+ data.action = row.getString(3);
+ data.roles = row.getSet(4,String.class);
+ data.description = row.getString(5);
+ return data;
+ }
+
+ @Override
+ protected void key(Data data, int _idx, Object[] obj) {
+ int idx = _idx;
+ obj[idx]=data.ns;
+ obj[++idx]=data.type;
+ obj[++idx]=data.instance;
+ obj[++idx]=data.action;
+ }
+
+ @Override
+ protected void body(Data data, int _idx, Object[] obj) {
+ int idx = _idx;
+ obj[idx]=data.roles;
+ obj[++idx]=data.description;
+ }
+
+ @Override
+ public void marshal(Data data, DataOutputStream os) throws IOException {
+ writeHeader(os,MAGIC,VERSION);
+ writeString(os, data.ns);
+ writeString(os, data.type);
+ writeString(os, data.instance);
+ writeString(os, data.action);
+ writeStringSet(os, data.roles);
+ writeString(os, data.description);
+ }
+
+ @Override
+ public void unmarshal(Data data, DataInputStream is) throws IOException {
+ /*int version = */readHeader(is,MAGIC,VERSION);
+ // If Version Changes between Production runs, you'll need to do a switch Statement, and adequately read in fields
+ byte[] buff = new byte[BUFF_SIZE];
+ data.ns = readString(is, buff);
+ data.type = readString(is,buff);
+ data.instance = readString(is,buff);
+ data.action = readString(is,buff);
+ data.roles = readStringSet(is,buff);
+ data.description = readString(is,buff);
+ }
+ }
+
+ private void init(AuthzTrans trans) {
+ // the 3 is the number of key fields
+ String[] helpers = setCRUD(trans, TABLE, Data.class, PermLoader.deflt);
+
+ // Other SELECT style statements... match with a local Method
+ psByType = new PSInfo(trans, SELECT_SP + helpers[FIELD_COMMAS] + " FROM " + TABLE +
+ " WHERE ns = ? AND type = ?", new PermLoader(2) {
+ @Override
+ protected void key(Data data, int idx, Object[] obj) {
+ obj[idx]=data.type;
+ }
+ },readConsistency);
+
+ psNS = new PSInfo(trans, SELECT_SP + helpers[FIELD_COMMAS] + " FROM " + TABLE +
+ " WHERE ns = ?", new PermLoader(1),readConsistency);
+
+ psChildren = new PSInfo(trans, SELECT_SP + helpers[FIELD_COMMAS] + " FROM " + TABLE +
+ " WHERE ns=? AND type > ? AND type < ?",
+ new PermLoader(3) {
+ @Override
+ protected void key(Data data, int _idx, Object[] obj) {
+ int idx = _idx;
+ obj[idx] = data.ns;
+ obj[++idx]=data.type + DOT;
+ obj[++idx]=data.type + DOT_PLUS_ONE;
+ }
+ },readConsistency);
+
+ }
+
+
+ /**
+ * Add a single Permission to the Role's Permission Collection
+ *
+ * @param trans
+ * @param roleFullName
+ * @param perm
+ * @param type
+ * @param action
+ * @return
+ */
+ public Result<Void> addRole(AuthzTrans trans, PermDAO.Data perm, String roleFullName) {
+ // Note: Prepared Statements for Collection updates aren't supported
+ //ResultSet rv =
+ try {
+ getSession(trans).execute(UPDATE_SP + TABLE + " SET roles = roles + {'" + roleFullName + "'} " +
+ "WHERE " +
+ "ns = '" + perm.ns + "' AND " +
+ "type = '" + perm.type + "' AND " +
+ "instance = '" + perm.instance + "' AND " +
+ "action = '" + perm.action + "';"
+ );
+ } catch (DriverException | APIException | IOException e) {
+ reportPerhapsReset(trans,e);
+ return Result.err(Result.ERR_Backend, CassAccess.ERR_ACCESS_MSG);
+ }
+
+ wasModified(trans, CRUD.update, perm, "Added role " + roleFullName + " to perm " +
+ perm.ns + '.' + perm.type + '|' + perm.instance + '|' + perm.action);
+ return Result.ok();
+ }
+
+ /**
+ * Remove a single Permission from the Role's Permission Collection
+ * @param trans
+ * @param roleFullName
+ * @param perm
+ * @param type
+ * @param action
+ * @return
+ */
+ public Result<Void> delRole(AuthzTrans trans, PermDAO.Data perm, String roleFullName) {
+ // Note: Prepared Statements for Collection updates aren't supported
+ //ResultSet rv =
+ try {
+ getSession(trans).execute(UPDATE_SP + TABLE + " SET roles = roles - {'" + roleFullName + "'} " +
+ "WHERE " +
+ "ns = '" + perm.ns + "' AND " +
+ "type = '" + perm.type + "' AND " +
+ "instance = '" + perm.instance + "' AND " +
+ "action = '" + perm.action + "';"
+ );
+ } catch (DriverException | APIException | IOException e) {
+ reportPerhapsReset(trans,e);
+ return Result.err(Result.ERR_Backend, CassAccess.ERR_ACCESS_MSG);
+ }
+
+ //TODO how can we tell when it doesn't?
+ wasModified(trans, CRUD.update, perm, "Removed role " + roleFullName + " from perm " +
+ perm.ns + '.' + perm.type + '|' + perm.instance + '|' + perm.action);
+ return Result.ok();
+ }
+
+
+
+ /**
+ * Additional method:
+ * Select all Permissions by Name
+ *
+ * @param name
+ * @return
+ * @throws DAOException
+ */
+ public Result<List<Data>> readByType(AuthzTrans trans, String ns, String type) {
+ return psByType.read(trans, R_TEXT, new Object[]{ns, type});
+ }
+
+ public Result<List<Data>> readChildren(AuthzTrans trans, String ns, String type) {
+ return psChildren.read(trans, R_TEXT, new Object[]{ns, type+DOT, type + DOT_PLUS_ONE});
+ }
+
+ public Result<List<Data>> readNS(AuthzTrans trans, String ns) {
+ return psNS.read(trans, R_TEXT, new Object[]{ns});
+ }
+
+ /**
+ * Add description to this permission
+ *
+ * @param trans
+ * @param ns
+ * @param type
+ * @param instance
+ * @param action
+ * @param description
+ * @return
+ */
+ public Result<Void> addDescription(AuthzTrans trans, String ns, String type,
+ String instance, String action, String description) {
+ try {
+ getSession(trans).execute(UPDATE_SP + TABLE + " SET description = '"
+ + description + "' WHERE ns = '" + ns + "' AND type = '" + type + "'"
+ + "AND instance = '" + instance + "' AND action = '" + action + "';");
+ } catch (DriverException | APIException | IOException e) {
+ reportPerhapsReset(trans,e);
+ return Result.err(Result.ERR_Backend, CassAccess.ERR_ACCESS_MSG);
+ }
+
+ Data data = new Data();
+ data.ns=ns;
+ data.type=type;
+ data.instance=instance;
+ data.action=action;
+ wasModified(trans, CRUD.update, data, "Added description " + description + " to permission "
+ + data.encode(), null );
+ return Result.ok();
+ }
+
+ /**
+ * Log Modification statements to History
+ */
+ @Override
+ protected void wasModified(AuthzTrans trans, CRUD modified, Data data, String ... override) {
+ boolean memo = override.length>0 && override[0]!=null;
+ boolean subject = override.length>1 && override[1]!=null;
+
+ // Need to update history
+ HistoryDAO.Data hd = HistoryDAO.newInitedData();
+ hd.user = trans.user();
+ hd.action = modified.name();
+ hd.target = TABLE;
+ hd.subject = subject ? override[1] : data.fullType();
+ if (memo) {
hd.memo = String.format("%s", override[0]);
} else {
hd.memo = String.format("%sd %s|%s|%s", modified.name(),data.fullType(),data.instance,data.action);
}
-
- if(modified==CRUD.delete) {
- try {
- hd.reconstruct = data.bytify();
- } catch (IOException e) {
- trans.error().log(e,"Could not serialize PermDAO.Data");
- }
- }
-
+
+ if(modified==CRUD.delete) {
+ try {
+ hd.reconstruct = data.bytify();
+ } catch (IOException e) {
+ trans.error().log(e,"Could not serialize PermDAO.Data");
+ }
+ }
+
if(historyDAO.create(trans, hd).status!=Status.OK) {
- trans.error().log("Cannot log to History");
+ trans.error().log("Cannot log to History");
}
if(infoDAO.touch(trans, TABLE,data.invalidate(cache)).notOK()) {
- trans.error().log("Cannot touch CacheInfo");
+ trans.error().log("Cannot touch CacheInfo");
}
- }
+ }
}
diff --git a/auth/auth-cass/src/main/java/org/onap/aaf/auth/dao/cass/RoleDAO.java b/auth/auth-cass/src/main/java/org/onap/aaf/auth/dao/cass/RoleDAO.java
index 974f73fe..4489d268 100644
--- a/auth/auth-cass/src/main/java/org/onap/aaf/auth/dao/cass/RoleDAO.java
+++ b/auth/auth-cass/src/main/java/org/onap/aaf/auth/dao/cass/RoleDAO.java
@@ -48,28 +48,28 @@ import com.datastax.driver.core.exceptions.DriverException;
public class RoleDAO extends CassDAOImpl<AuthzTrans,RoleDAO.Data> {
- public static final String TABLE = "role";
+ public static final String TABLE = "role";
public static final int CACHE_SEG = 0x40; // yields segment 0x0-0x3F
- private final HistoryDAO historyDAO;
- private final CacheInfoDAO infoDAO;
+ private final HistoryDAO historyDAO;
+ private final CacheInfoDAO infoDAO;
- private PSInfo psChildren, psNS, psName;
+ private PSInfo psChildren, psNS, psName;
- public RoleDAO(AuthzTrans trans, Cluster cluster, String keyspace) throws APIException, IOException {
- super(trans, RoleDAO.class.getSimpleName(),cluster,keyspace,Data.class,TABLE, readConsistency(trans,TABLE), writeConsistency(trans,TABLE));
+ public RoleDAO(AuthzTrans trans, Cluster cluster, String keyspace) throws APIException, IOException {
+ super(trans, RoleDAO.class.getSimpleName(),cluster,keyspace,Data.class,TABLE, readConsistency(trans,TABLE), writeConsistency(trans,TABLE));
// Set up sub-DAOs
historyDAO = new HistoryDAO(trans, this);
- infoDAO = new CacheInfoDAO(trans,this);
- init(trans);
- }
+ infoDAO = new CacheInfoDAO(trans,this);
+ init(trans);
+ }
- public RoleDAO(AuthzTrans trans, HistoryDAO hDAO, CacheInfoDAO ciDAO) {
- super(trans, RoleDAO.class.getSimpleName(),hDAO,Data.class,TABLE, readConsistency(trans,TABLE), writeConsistency(trans,TABLE));
- historyDAO = hDAO;
- infoDAO = ciDAO;
- init(trans);
- }
+ public RoleDAO(AuthzTrans trans, HistoryDAO hDAO, CacheInfoDAO ciDAO) {
+ super(trans, RoleDAO.class.getSimpleName(),hDAO,Data.class,TABLE, readConsistency(trans,TABLE), writeConsistency(trans,TABLE));
+ historyDAO = hDAO;
+ infoDAO = ciDAO;
+ init(trans);
+ }
//////////////////////////////////////////
@@ -80,301 +80,301 @@ public class RoleDAO extends CassDAOImpl<AuthzTrans,RoleDAO.Data> {
* Data class that matches the Cassandra Table "role"
* @author Jonathan
*/
- public static class Data extends CacheableData implements Bytification {
- public String ns;
- public String name;
- public Set<String> perms;
- public String description;
+ public static class Data extends CacheableData implements Bytification {
+ public String ns;
+ public String name;
+ public Set<String> perms;
+ public String description;
////////////////////////////////////////
// Getters
- public Set<String> perms(boolean mutable) {
- if (perms == null) {
- perms = new HashSet<>();
- } else if (mutable && !(perms instanceof HashSet)) {
- perms = new HashSet<>(perms);
- }
- return perms;
- }
-
- public static Data create(NsDAO.Data ns, String name) {
- NsSplit nss = new NsSplit(ns,name);
- RoleDAO.Data rv = new Data();
- rv.ns = nss.ns;
- rv.name=nss.name;
- return rv;
- }
-
- public String fullName() {
- return ns + '.' + name;
- }
-
- public String encode() {
- return ns + '|' + name;
- }
-
- /**
- * Decode Perm String, including breaking into appropriate Namespace
- *
- * @param trans
- * @param q
- * @param r
- * @return
- */
- public static Result<Data> decode(AuthzTrans trans, Question q, String r) {
- String[] ss = Split.splitTrim('|', r,2);
- Data data = new Data();
- if(ss[1]==null) { // older 1 part encoding must be evaluated for NS
- Result<NsSplit> nss = q.deriveNsSplit(trans, ss[0]);
- if(nss.notOK()) {
- return Result.err(nss);
- }
- data.ns=nss.value.ns;
- data.name=nss.value.name;
- } else { // new 4 part encoding
- data.ns=ss[0];
- data.name=ss[1];
- }
- return Result.ok(data);
- }
-
- /**
- * Decode from UserRole Data
- * @param urdd
- * @return
- */
- public static RoleDAO.Data decode(UserRoleDAO.Data urdd) {
- RoleDAO.Data rd = new RoleDAO.Data();
- rd.ns = urdd.ns;
- rd.name = urdd.rname;
- return rd;
- }
-
-
- /**
- * Decode Perm String, including breaking into appropriate Namespace
- *
- * @param trans
- * @param q
- * @param p
- * @return
- */
- public static Result<String[]> decodeToArray(AuthzTrans trans, Question q, String p) {
- String[] ss = Split.splitTrim('|', p,2);
- if(ss[1]==null) { // older 1 part encoding must be evaluated for NS
- Result<NsSplit> nss = q.deriveNsSplit(trans, ss[0]);
- if(nss.notOK()) {
- return Result.err(nss);
- }
- ss[0] = nss.value.ns;
- ss[1] = nss.value.name;
- }
- return Result.ok(ss);
- }
-
- @Override
- public int[] invalidate(Cached<?,?> cache) {
- return new int[] {
- seg(cache,ns,name),
- seg(cache,ns),
- seg(cache,name),
- };
- }
-
- @Override
- public ByteBuffer bytify() throws IOException {
- ByteArrayOutputStream baos = new ByteArrayOutputStream();
- RoleLoader.deflt.marshal(this,new DataOutputStream(baos));
- return ByteBuffer.wrap(baos.toByteArray());
- }
-
- @Override
- public void reconstitute(ByteBuffer bb) throws IOException {
- RoleLoader.deflt.unmarshal(this, toDIS(bb));
- }
-
- @Override
- public String toString() {
- return ns + '.' + name;
- }
+ public Set<String> perms(boolean mutable) {
+ if (perms == null) {
+ perms = new HashSet<>();
+ } else if (mutable && !(perms instanceof HashSet)) {
+ perms = new HashSet<>(perms);
+ }
+ return perms;
+ }
+
+ public static Data create(NsDAO.Data ns, String name) {
+ NsSplit nss = new NsSplit(ns,name);
+ RoleDAO.Data rv = new Data();
+ rv.ns = nss.ns;
+ rv.name=nss.name;
+ return rv;
+ }
+
+ public String fullName() {
+ return ns + '.' + name;
+ }
+
+ public String encode() {
+ return ns + '|' + name;
+ }
+
+ /**
+ * Decode Perm String, including breaking into appropriate Namespace
+ *
+ * @param trans
+ * @param q
+ * @param r
+ * @return
+ */
+ public static Result<Data> decode(AuthzTrans trans, Question q, String r) {
+ String[] ss = Split.splitTrim('|', r,2);
+ Data data = new Data();
+ if(ss[1]==null) { // older 1 part encoding must be evaluated for NS
+ Result<NsSplit> nss = q.deriveNsSplit(trans, ss[0]);
+ if(nss.notOK()) {
+ return Result.err(nss);
+ }
+ data.ns=nss.value.ns;
+ data.name=nss.value.name;
+ } else { // new 4 part encoding
+ data.ns=ss[0];
+ data.name=ss[1];
+ }
+ return Result.ok(data);
+ }
+
+ /**
+ * Decode from UserRole Data
+ * @param urdd
+ * @return
+ */
+ public static RoleDAO.Data decode(UserRoleDAO.Data urdd) {
+ RoleDAO.Data rd = new RoleDAO.Data();
+ rd.ns = urdd.ns;
+ rd.name = urdd.rname;
+ return rd;
+ }
+
+
+ /**
+ * Decode Perm String, including breaking into appropriate Namespace
+ *
+ * @param trans
+ * @param q
+ * @param p
+ * @return
+ */
+ public static Result<String[]> decodeToArray(AuthzTrans trans, Question q, String p) {
+ String[] ss = Split.splitTrim('|', p,2);
+ if(ss[1]==null) { // older 1 part encoding must be evaluated for NS
+ Result<NsSplit> nss = q.deriveNsSplit(trans, ss[0]);
+ if(nss.notOK()) {
+ return Result.err(nss);
+ }
+ ss[0] = nss.value.ns;
+ ss[1] = nss.value.name;
+ }
+ return Result.ok(ss);
+ }
+
+ @Override
+ public int[] invalidate(Cached<?,?> cache) {
+ return new int[] {
+ seg(cache,ns,name),
+ seg(cache,ns),
+ seg(cache,name),
+ };
+ }
+
+ @Override
+ public ByteBuffer bytify() throws IOException {
+ ByteArrayOutputStream baos = new ByteArrayOutputStream();
+ RoleLoader.deflt.marshal(this,new DataOutputStream(baos));
+ return ByteBuffer.wrap(baos.toByteArray());
+ }
+
+ @Override
+ public void reconstitute(ByteBuffer bb) throws IOException {
+ RoleLoader.deflt.unmarshal(this, toDIS(bb));
+ }
+
+ @Override
+ public String toString() {
+ return ns + '.' + name;
+ }
}
private static class RoleLoader extends Loader<Data> implements Streamer<Data> {
- public static final int MAGIC=923577343;
- public static final int VERSION=1;
- public static final int BUFF_SIZE=96;
-
- public static final RoleLoader deflt = new RoleLoader(KEYLIMIT);
-
- public RoleLoader(int keylimit) {
- super(keylimit);
- }
-
- @Override
- public Data load(Data data, Row row) {
- // Int more efficient
- data.ns = row.getString(0);
- data.name = row.getString(1);
- data.perms = row.getSet(2,String.class);
- data.description = row.getString(3);
- return data;
- }
-
- @Override
- protected void key(Data data, int _idx, Object[] obj) {
- int idx = _idx;
- obj[idx]=data.ns;
- obj[++idx]=data.name;
- }
-
- @Override
- protected void body(Data data, int _idx, Object[] obj) {
- int idx = _idx;
- obj[idx]=data.perms;
- obj[++idx]=data.description;
- }
-
- @Override
- public void marshal(Data data, DataOutputStream os) throws IOException {
- writeHeader(os,MAGIC,VERSION);
- writeString(os, data.ns);
- writeString(os, data.name);
- writeStringSet(os,data.perms);
- writeString(os, data.description);
- }
-
- @Override
- public void unmarshal(Data data, DataInputStream is) throws IOException {
- /*int version = */readHeader(is,MAGIC,VERSION);
- // If Version Changes between Production runs, you'll need to do a switch Statement, and adequately read in fields
- byte[] buff = new byte[BUFF_SIZE];
- data.ns = readString(is, buff);
- data.name = readString(is,buff);
- data.perms = readStringSet(is,buff);
- data.description = readString(is,buff);
- }
+ public static final int MAGIC=923577343;
+ public static final int VERSION=1;
+ public static final int BUFF_SIZE=96;
+
+ public static final RoleLoader deflt = new RoleLoader(KEYLIMIT);
+
+ public RoleLoader(int keylimit) {
+ super(keylimit);
+ }
+
+ @Override
+ public Data load(Data data, Row row) {
+ // Int more efficient
+ data.ns = row.getString(0);
+ data.name = row.getString(1);
+ data.perms = row.getSet(2,String.class);
+ data.description = row.getString(3);
+ return data;
+ }
+
+ @Override
+ protected void key(Data data, int _idx, Object[] obj) {
+ int idx = _idx;
+ obj[idx]=data.ns;
+ obj[++idx]=data.name;
+ }
+
+ @Override
+ protected void body(Data data, int _idx, Object[] obj) {
+ int idx = _idx;
+ obj[idx]=data.perms;
+ obj[++idx]=data.description;
+ }
+
+ @Override
+ public void marshal(Data data, DataOutputStream os) throws IOException {
+ writeHeader(os,MAGIC,VERSION);
+ writeString(os, data.ns);
+ writeString(os, data.name);
+ writeStringSet(os,data.perms);
+ writeString(os, data.description);
+ }
+
+ @Override
+ public void unmarshal(Data data, DataInputStream is) throws IOException {
+ /*int version = */readHeader(is,MAGIC,VERSION);
+ // If Version Changes between Production runs, you'll need to do a switch Statement, and adequately read in fields
+ byte[] buff = new byte[BUFF_SIZE];
+ data.ns = readString(is, buff);
+ data.name = readString(is,buff);
+ data.perms = readStringSet(is,buff);
+ data.description = readString(is,buff);
+ }
};
- private void init(AuthzTrans trans) {
- String[] helpers = setCRUD(trans, TABLE, Data.class, RoleLoader.deflt);
-
- psNS = new PSInfo(trans, SELECT_SP + helpers[FIELD_COMMAS] + " FROM " + TABLE +
- " WHERE ns = ?", new RoleLoader(1),readConsistency);
-
- psName = new PSInfo(trans, SELECT_SP + helpers[FIELD_COMMAS] + " FROM " + TABLE +
- " WHERE name = ?", new RoleLoader(1),readConsistency);
-
- psChildren = new PSInfo(trans, SELECT_SP + helpers[FIELD_COMMAS] + " FROM " + TABLE +
- " WHERE ns=? AND name > ? AND name < ?",
- new RoleLoader(3) {
- @Override
- protected void key(Data data, int _idx, Object[] obj) {
- int idx = _idx;
- obj[idx] = data.ns;
- obj[++idx]=data.name + DOT;
- obj[++idx]=data.name + DOT_PLUS_ONE;
- }
- },readConsistency);
-
- }
-
- public Result<List<Data>> readNS(AuthzTrans trans, String ns) {
- return psNS.read(trans, R_TEXT + " NS " + ns, new Object[]{ns});
- }
-
- public Result<List<Data>> readName(AuthzTrans trans, String name) {
- return psName.read(trans, R_TEXT + name, new Object[]{name});
- }
-
- public Result<List<Data>> readChildren(AuthzTrans trans, String ns, String role) {
- if(role.length()==0 || "*".equals(role)) {
- return psChildren.read(trans, R_TEXT, new Object[]{ns, FIRST_CHAR, LAST_CHAR});
- } else {
- return psChildren.read(trans, R_TEXT, new Object[]{ns, role+DOT, role+DOT_PLUS_ONE});
- }
- }
-
- /**
- * Add a single Permission to the Role's Permission Collection
- *
- * @param trans
- * @param role
- * @param perm
- * @param type
- * @param action
- * @return
- */
- public Result<Void> addPerm(AuthzTrans trans, RoleDAO.Data role, PermDAO.Data perm) {
- // Note: Prepared Statements for Collection updates aren't supported
- String pencode = perm.encode();
- try {
- getSession(trans).execute(UPDATE_SP + TABLE + " SET perms = perms + {'" +
- pencode + "'} WHERE " +
- "ns = '" + role.ns + "' AND name = '" + role.name + "';");
- } catch (DriverException | APIException | IOException e) {
- reportPerhapsReset(trans,e);
- return Result.err(Result.ERR_Backend, CassAccess.ERR_ACCESS_MSG);
- }
-
- wasModified(trans, CRUD.update, role, "Added permission " + pencode + " to role " + role.fullName());
- return Result.ok();
- }
-
- /**
- * Remove a single Permission from the Role's Permission Collection
- * @param trans
- * @param role
- * @param perm
- * @param type
- * @param action
- * @return
- */
- public Result<Void> delPerm(AuthzTrans trans, RoleDAO.Data role, PermDAO.Data perm) {
- // Note: Prepared Statements for Collection updates aren't supported
-
- String pencode = perm.encode();
-
- //ResultSet rv =
- try {
- getSession(trans).execute(UPDATE_SP + TABLE + " SET perms = perms - {'" +
- pencode + "'} WHERE " +
- "ns = '" + role.ns + "' AND name = '" + role.name + "';");
- } catch (DriverException | APIException | IOException e) {
- reportPerhapsReset(trans,e);
- return Result.err(Result.ERR_Backend, CassAccess.ERR_ACCESS_MSG);
- }
-
- //TODO how can we tell when it doesn't?
- wasModified(trans, CRUD.update, role, "Removed permission " + pencode + " from role " + role.fullName() );
- return Result.ok();
- }
-
- /**
- * Add description to role
- *
- * @param trans
- * @param ns
- * @param name
- * @param description
- * @return
- */
- public Result<Void> addDescription(AuthzTrans trans, String ns, String name, String description) {
- try {
- getSession(trans).execute(UPDATE_SP + TABLE + " SET description = '"
- + description + "' WHERE ns = '" + ns + "' AND name = '" + name + "';");
- } catch (DriverException | APIException | IOException e) {
- reportPerhapsReset(trans,e);
- return Result.err(Result.ERR_Backend, CassAccess.ERR_ACCESS_MSG);
- }
-
- Data data = new Data();
- data.ns=ns;
- data.name=name;
- wasModified(trans, CRUD.update, data, "Added description " + description + " to role " + data.fullName(), null );
- return Result.ok();
- }
-
-
+ private void init(AuthzTrans trans) {
+ String[] helpers = setCRUD(trans, TABLE, Data.class, RoleLoader.deflt);
+
+ psNS = new PSInfo(trans, SELECT_SP + helpers[FIELD_COMMAS] + " FROM " + TABLE +
+ " WHERE ns = ?", new RoleLoader(1),readConsistency);
+
+ psName = new PSInfo(trans, SELECT_SP + helpers[FIELD_COMMAS] + " FROM " + TABLE +
+ " WHERE name = ?", new RoleLoader(1),readConsistency);
+
+ psChildren = new PSInfo(trans, SELECT_SP + helpers[FIELD_COMMAS] + " FROM " + TABLE +
+ " WHERE ns=? AND name > ? AND name < ?",
+ new RoleLoader(3) {
+ @Override
+ protected void key(Data data, int _idx, Object[] obj) {
+ int idx = _idx;
+ obj[idx] = data.ns;
+ obj[++idx]=data.name + DOT;
+ obj[++idx]=data.name + DOT_PLUS_ONE;
+ }
+ },readConsistency);
+
+ }
+
+ public Result<List<Data>> readNS(AuthzTrans trans, String ns) {
+ return psNS.read(trans, R_TEXT + " NS " + ns, new Object[]{ns});
+ }
+
+ public Result<List<Data>> readName(AuthzTrans trans, String name) {
+ return psName.read(trans, R_TEXT + name, new Object[]{name});
+ }
+
+ public Result<List<Data>> readChildren(AuthzTrans trans, String ns, String role) {
+ if(role.length()==0 || "*".equals(role)) {
+ return psChildren.read(trans, R_TEXT, new Object[]{ns, FIRST_CHAR, LAST_CHAR});
+ } else {
+ return psChildren.read(trans, R_TEXT, new Object[]{ns, role+DOT, role+DOT_PLUS_ONE});
+ }
+ }
+
+ /**
+ * Add a single Permission to the Role's Permission Collection
+ *
+ * @param trans
+ * @param role
+ * @param perm
+ * @param type
+ * @param action
+ * @return
+ */
+ public Result<Void> addPerm(AuthzTrans trans, RoleDAO.Data role, PermDAO.Data perm) {
+ // Note: Prepared Statements for Collection updates aren't supported
+ String pencode = perm.encode();
+ try {
+ getSession(trans).execute(UPDATE_SP + TABLE + " SET perms = perms + {'" +
+ pencode + "'} WHERE " +
+ "ns = '" + role.ns + "' AND name = '" + role.name + "';");
+ } catch (DriverException | APIException | IOException e) {
+ reportPerhapsReset(trans,e);
+ return Result.err(Result.ERR_Backend, CassAccess.ERR_ACCESS_MSG);
+ }
+
+ wasModified(trans, CRUD.update, role, "Added permission " + pencode + " to role " + role.fullName());
+ return Result.ok();
+ }
+
+ /**
+ * Remove a single Permission from the Role's Permission Collection
+ * @param trans
+ * @param role
+ * @param perm
+ * @param type
+ * @param action
+ * @return
+ */
+ public Result<Void> delPerm(AuthzTrans trans, RoleDAO.Data role, PermDAO.Data perm) {
+ // Note: Prepared Statements for Collection updates aren't supported
+
+ String pencode = perm.encode();
+
+ //ResultSet rv =
+ try {
+ getSession(trans).execute(UPDATE_SP + TABLE + " SET perms = perms - {'" +
+ pencode + "'} WHERE " +
+ "ns = '" + role.ns + "' AND name = '" + role.name + "';");
+ } catch (DriverException | APIException | IOException e) {
+ reportPerhapsReset(trans,e);
+ return Result.err(Result.ERR_Backend, CassAccess.ERR_ACCESS_MSG);
+ }
+
+ //TODO how can we tell when it doesn't?
+ wasModified(trans, CRUD.update, role, "Removed permission " + pencode + " from role " + role.fullName() );
+ return Result.ok();
+ }
+
+ /**
+ * Add description to role
+ *
+ * @param trans
+ * @param ns
+ * @param name
+ * @param description
+ * @return
+ */
+ public Result<Void> addDescription(AuthzTrans trans, String ns, String name, String description) {
+ try {
+ getSession(trans).execute(UPDATE_SP + TABLE + " SET description = '"
+ + description + "' WHERE ns = '" + ns + "' AND name = '" + name + "';");
+ } catch (DriverException | APIException | IOException e) {
+ reportPerhapsReset(trans,e);
+ return Result.err(Result.ERR_Backend, CassAccess.ERR_ACCESS_MSG);
+ }
+
+ Data data = new Data();
+ data.ns=ns;
+ data.name=name;
+ wasModified(trans, CRUD.update, data, "Added description " + description + " to role " + data.fullName(), null );
+ return Result.ok();
+ }
+
+
/**
* Log Modification statements to History
* @param modified which CRUD action was done
@@ -383,28 +383,28 @@ public class RoleDAO extends CassDAOImpl<AuthzTrans,RoleDAO.Data> {
*/
@Override
protected void wasModified(AuthzTrans trans, CRUD modified, Data data, String ... override) {
- boolean memo = override.length>0 && override[0]!=null;
- boolean subject = override.length>1 && override[1]!=null;
+ boolean memo = override.length>0 && override[0]!=null;
+ boolean subject = override.length>1 && override[1]!=null;
- HistoryDAO.Data hd = HistoryDAO.newInitedData();
+ HistoryDAO.Data hd = HistoryDAO.newInitedData();
hd.user = trans.user();
hd.action = modified.name();
hd.target = TABLE;
hd.subject = subject ? override[1] : data.fullName();
hd.memo = memo ? override[0] : (data.fullName() + " was " + modified.name() + 'd' );
- if(modified==CRUD.delete) {
- try {
- hd.reconstruct = data.bytify();
- } catch (IOException e) {
- trans.error().log(e,"Could not serialize RoleDAO.Data");
- }
- }
+ if(modified==CRUD.delete) {
+ try {
+ hd.reconstruct = data.bytify();
+ } catch (IOException e) {
+ trans.error().log(e,"Could not serialize RoleDAO.Data");
+ }
+ }
if(historyDAO.create(trans, hd).status!=Status.OK) {
- trans.error().log("Cannot log to History");
+ trans.error().log("Cannot log to History");
}
if(infoDAO.touch(trans, TABLE,data.invalidate(cache)).notOK()) {
- trans.error().log("Cannot touch CacheInfo for Role");
+ trans.error().log("Cannot touch CacheInfo for Role");
}
}
diff --git a/auth/auth-cass/src/main/java/org/onap/aaf/auth/dao/cass/Status.java b/auth/auth-cass/src/main/java/org/onap/aaf/auth/dao/cass/Status.java
index be52c406..8a617b94 100644
--- a/auth/auth-cass/src/main/java/org/onap/aaf/auth/dao/cass/Status.java
+++ b/auth/auth-cass/src/main/java/org/onap/aaf/auth/dao/cass/Status.java
@@ -36,53 +36,53 @@ import org.onap.aaf.auth.layer.Result;
* @param <RV>
*/
public class Status<RV> extends Result<RV> {
-
- // Jonathan 10/1/2013: Initially, I used enum, but it's not extensible.
+
+ // Jonathan 10/1/2013: Initially, I used enum, but it's not extensible.
public final static int ERR_NsNotFound = Result.ERR_General+1,
- ERR_RoleNotFound = Result.ERR_General+2,
- ERR_PermissionNotFound = Result.ERR_General+3,
- ERR_UserNotFound = Result.ERR_General+4,
- ERR_UserRoleNotFound = Result.ERR_General+5,
- ERR_DelegateNotFound = Result.ERR_General+6,
- ERR_InvalidDelegate = Result.ERR_General+7,
- ERR_DependencyExists = Result.ERR_General+8,
- ERR_NoApprovals = Result.ERR_General+9,
- ACC_Now = Result.ERR_General+10,
- ACC_Future = Result.ERR_General+11,
- ERR_ChoiceNeeded = Result.ERR_General+12,
- ERR_FutureNotRequested = Result.ERR_General+13;
+ ERR_RoleNotFound = Result.ERR_General+2,
+ ERR_PermissionNotFound = Result.ERR_General+3,
+ ERR_UserNotFound = Result.ERR_General+4,
+ ERR_UserRoleNotFound = Result.ERR_General+5,
+ ERR_DelegateNotFound = Result.ERR_General+6,
+ ERR_InvalidDelegate = Result.ERR_General+7,
+ ERR_DependencyExists = Result.ERR_General+8,
+ ERR_NoApprovals = Result.ERR_General+9,
+ ACC_Now = Result.ERR_General+10,
+ ACC_Future = Result.ERR_General+11,
+ ERR_ChoiceNeeded = Result.ERR_General+12,
+ ERR_FutureNotRequested = Result.ERR_General+13;
- /**
+ /**
* Constructor for Result set.
* @param data
* @param status
*/
private Status(RV value, int status, String details, String[] variables ) {
- super(value,status,details,variables);
+ super(value,status,details,variables);
}
- public static String name(int status) {
- switch(status) {
- case OK: return "OK";
- case ERR_NsNotFound: return "ERR_NsNotFound";
- case ERR_RoleNotFound: return "ERR_RoleNotFound";
- case ERR_PermissionNotFound: return "ERR_PermissionNotFound";
- case ERR_UserNotFound: return "ERR_UserNotFound";
- case ERR_UserRoleNotFound: return "ERR_UserRoleNotFound";
- case ERR_DelegateNotFound: return "ERR_DelegateNotFound";
- case ERR_InvalidDelegate: return "ERR_InvalidDelegate";
- case ERR_ConflictAlreadyExists: return "ERR_ConflictAlreadyExists";
- case ERR_DependencyExists: return "ERR_DependencyExists";
- case ERR_ActionNotCompleted: return "ERR_ActionNotCompleted";
- case ERR_Denied: return "ERR_Denied";
- case ERR_Policy: return "ERR_Policy";
- case ERR_BadData: return "ERR_BadData";
- case ERR_NotImplemented: return "ERR_NotImplemented";
- case ERR_NotFound: return "ERR_NotFound";
- case ERR_ChoiceNeeded: return "ERR_ChoiceNeeded";
- }
- //case ERR_General: or unknown...
- return "ERR_General";
- }
+ public static String name(int status) {
+ switch(status) {
+ case OK: return "OK";
+ case ERR_NsNotFound: return "ERR_NsNotFound";
+ case ERR_RoleNotFound: return "ERR_RoleNotFound";
+ case ERR_PermissionNotFound: return "ERR_PermissionNotFound";
+ case ERR_UserNotFound: return "ERR_UserNotFound";
+ case ERR_UserRoleNotFound: return "ERR_UserRoleNotFound";
+ case ERR_DelegateNotFound: return "ERR_DelegateNotFound";
+ case ERR_InvalidDelegate: return "ERR_InvalidDelegate";
+ case ERR_ConflictAlreadyExists: return "ERR_ConflictAlreadyExists";
+ case ERR_DependencyExists: return "ERR_DependencyExists";
+ case ERR_ActionNotCompleted: return "ERR_ActionNotCompleted";
+ case ERR_Denied: return "ERR_Denied";
+ case ERR_Policy: return "ERR_Policy";
+ case ERR_BadData: return "ERR_BadData";
+ case ERR_NotImplemented: return "ERR_NotImplemented";
+ case ERR_NotFound: return "ERR_NotFound";
+ case ERR_ChoiceNeeded: return "ERR_ChoiceNeeded";
+ }
+ //case ERR_General: or unknown...
+ return "ERR_General";
+ }
}
diff --git a/auth/auth-cass/src/main/java/org/onap/aaf/auth/dao/cass/UserRoleDAO.java b/auth/auth-cass/src/main/java/org/onap/aaf/auth/dao/cass/UserRoleDAO.java
index 301e47fc..7b9f7b91 100644
--- a/auth/auth-cass/src/main/java/org/onap/aaf/auth/dao/cass/UserRoleDAO.java
+++ b/auth/auth-cass/src/main/java/org/onap/aaf/auth/dao/cass/UserRoleDAO.java
@@ -46,274 +46,274 @@ import com.datastax.driver.core.Cluster;
import com.datastax.driver.core.Row;
public class UserRoleDAO extends CassDAOImpl<AuthzTrans,UserRoleDAO.Data> {
- public static final String TABLE = "user_role";
-
+ public static final String TABLE = "user_role";
+
public static final int CACHE_SEG = 0x40; // yields segment 0x0-0x3F
- private static final String TRANS_UR_SLOT = "_TRANS_UR_SLOT_";
- public Slot transURSlot;
-
- private final HistoryDAO historyDAO;
- private final CacheInfoDAO infoDAO;
-
- private PSInfo psByUser, psByRole, psUserInRole;
+ private static final String TRANS_UR_SLOT = "_TRANS_UR_SLOT_";
+ public Slot transURSlot;
+
+ private final HistoryDAO historyDAO;
+ private final CacheInfoDAO infoDAO;
+
+ private PSInfo psByUser, psByRole, psUserInRole;
- public UserRoleDAO(AuthzTrans trans, Cluster cluster, String keyspace) throws APIException, IOException {
- super(trans, UserRoleDAO.class.getSimpleName(),cluster,keyspace,Data.class,TABLE, readConsistency(trans,TABLE), writeConsistency(trans,TABLE));
- transURSlot = trans.slot(TRANS_UR_SLOT);
- init(trans);
+ public UserRoleDAO(AuthzTrans trans, Cluster cluster, String keyspace) throws APIException, IOException {
+ super(trans, UserRoleDAO.class.getSimpleName(),cluster,keyspace,Data.class,TABLE, readConsistency(trans,TABLE), writeConsistency(trans,TABLE));
+ transURSlot = trans.slot(TRANS_UR_SLOT);
+ init(trans);
- // Set up sub-DAOs
- historyDAO = new HistoryDAO(trans, this);
- infoDAO = new CacheInfoDAO(trans,this);
- }
+ // Set up sub-DAOs
+ historyDAO = new HistoryDAO(trans, this);
+ infoDAO = new CacheInfoDAO(trans,this);
+ }
- public UserRoleDAO(AuthzTrans trans, HistoryDAO hDAO, CacheInfoDAO ciDAO) {
- super(trans, UserRoleDAO.class.getSimpleName(),hDAO,Data.class,TABLE, readConsistency(trans,TABLE), writeConsistency(trans,TABLE));
- transURSlot = trans.slot(TRANS_UR_SLOT);
- historyDAO = hDAO;
- infoDAO = ciDAO;
- init(trans);
- }
+ public UserRoleDAO(AuthzTrans trans, HistoryDAO hDAO, CacheInfoDAO ciDAO) {
+ super(trans, UserRoleDAO.class.getSimpleName(),hDAO,Data.class,TABLE, readConsistency(trans,TABLE), writeConsistency(trans,TABLE));
+ transURSlot = trans.slot(TRANS_UR_SLOT);
+ historyDAO = hDAO;
+ infoDAO = ciDAO;
+ init(trans);
+ }
- private static final int KEYLIMIT = 2;
- public static class Data extends CacheableData implements Bytification {
- public String user;
- public String role;
- public String ns;
- public String rname;
- public Date expires;
-
- @Override
- public int[] invalidate(Cached<?,?> cache) {
- // Note: I'm not worried about Name collisions, because the formats are different:
- // Jonathan... etc versus
- // com. ...
- // The "dot" makes the difference.
- return new int[] {
- seg(cache,user,role),
- seg(cache,user),
- seg(cache,role)
- };
- }
+ private static final int KEYLIMIT = 2;
+ public static class Data extends CacheableData implements Bytification {
+ public String user;
+ public String role;
+ public String ns;
+ public String rname;
+ public Date expires;
+
+ @Override
+ public int[] invalidate(Cached<?,?> cache) {
+ // Note: I'm not worried about Name collisions, because the formats are different:
+ // Jonathan... etc versus
+ // com. ...
+ // The "dot" makes the difference.
+ return new int[] {
+ seg(cache,user,role),
+ seg(cache,user),
+ seg(cache,role)
+ };
+ }
- @Override
- public ByteBuffer bytify() throws IOException {
- ByteArrayOutputStream baos = new ByteArrayOutputStream();
- URLoader.deflt.marshal(this,new DataOutputStream(baos));
- return ByteBuffer.wrap(baos.toByteArray());
- }
-
- @Override
- public void reconstitute(ByteBuffer bb) throws IOException {
- URLoader.deflt.unmarshal(this, toDIS(bb));
- }
+ @Override
+ public ByteBuffer bytify() throws IOException {
+ ByteArrayOutputStream baos = new ByteArrayOutputStream();
+ URLoader.deflt.marshal(this,new DataOutputStream(baos));
+ return ByteBuffer.wrap(baos.toByteArray());
+ }
+
+ @Override
+ public void reconstitute(ByteBuffer bb) throws IOException {
+ URLoader.deflt.unmarshal(this, toDIS(bb));
+ }
- public void role(String ns, String rname) {
- this.ns = ns;
- this.rname = rname;
- this.role = ns + '.' + rname;
- }
-
- public void role(RoleDAO.Data rdd) {
- ns = rdd.ns;
- rname = rdd.name;
- role = rdd.fullName();
- }
+ public void role(String ns, String rname) {
+ this.ns = ns;
+ this.rname = rname;
+ this.role = ns + '.' + rname;
+ }
+
+ public void role(RoleDAO.Data rdd) {
+ ns = rdd.ns;
+ rname = rdd.name;
+ role = rdd.fullName();
+ }
-
- public boolean role(AuthzTrans trans, Question ques, String role) {
- this.role = role;
- Result<NsSplit> rnss = ques.deriveNsSplit(trans, role);
- if(rnss.isOKhasData()) {
- ns = rnss.value.ns;
- rname = rnss.value.name;
- return true;
- } else {
- return false;
- }
- }
+
+ public boolean role(AuthzTrans trans, Question ques, String role) {
+ this.role = role;
+ Result<NsSplit> rnss = ques.deriveNsSplit(trans, role);
+ if(rnss.isOKhasData()) {
+ ns = rnss.value.ns;
+ rname = rnss.value.name;
+ return true;
+ } else {
+ return false;
+ }
+ }
- @Override
- public String toString() {
- return user + '|' + ns + '|' + rname + '|' + Chrono.dateStamp(expires);
- }
+ @Override
+ public String toString() {
+ return user + '|' + ns + '|' + rname + '|' + Chrono.dateStamp(expires);
+ }
- }
-
- private static class URLoader extends Loader<Data> implements Streamer<Data> {
- public static final int MAGIC=738469903;
- public static final int VERSION=1;
- public static final int BUFF_SIZE=48;
-
- public static final URLoader deflt = new URLoader(KEYLIMIT);
+ }
+
+ private static class URLoader extends Loader<Data> implements Streamer<Data> {
+ public static final int MAGIC=738469903;
+ public static final int VERSION=1;
+ public static final int BUFF_SIZE=48;
+
+ public static final URLoader deflt = new URLoader(KEYLIMIT);
- public URLoader(int keylimit) {
- super(keylimit);
- }
+ public URLoader(int keylimit) {
+ super(keylimit);
+ }
- @Override
- public Data load(Data data, Row row) {
- data.user = row.getString(0);
- data.role = row.getString(1);
- data.ns = row.getString(2);
- data.rname = row.getString(3);
- data.expires = row.getTimestamp(4);
- return data;
- }
+ @Override
+ public Data load(Data data, Row row) {
+ data.user = row.getString(0);
+ data.role = row.getString(1);
+ data.ns = row.getString(2);
+ data.rname = row.getString(3);
+ data.expires = row.getTimestamp(4);
+ return data;
+ }
- @Override
- protected void key(Data data, int _idx, Object[] obj) {
- int idx = _idx;
- obj[idx]=data.user;
- obj[++idx]=data.role;
- }
+ @Override
+ protected void key(Data data, int _idx, Object[] obj) {
+ int idx = _idx;
+ obj[idx]=data.user;
+ obj[++idx]=data.role;
+ }
- @Override
- protected void body(Data data, int _idx, Object[] obj) {
- int idx = _idx;
- obj[idx]=data.ns;
- obj[++idx]=data.rname;
- obj[++idx]=data.expires;
- }
-
- @Override
- public void marshal(Data data, DataOutputStream os) throws IOException {
- writeHeader(os,MAGIC,VERSION);
+ @Override
+ protected void body(Data data, int _idx, Object[] obj) {
+ int idx = _idx;
+ obj[idx]=data.ns;
+ obj[++idx]=data.rname;
+ obj[++idx]=data.expires;
+ }
+
+ @Override
+ public void marshal(Data data, DataOutputStream os) throws IOException {
+ writeHeader(os,MAGIC,VERSION);
- writeString(os, data.user);
- writeString(os, data.role);
- writeString(os, data.ns);
- writeString(os, data.rname);
- os.writeLong(data.expires==null?-1:data.expires.getTime());
- }
+ writeString(os, data.user);
+ writeString(os, data.role);
+ writeString(os, data.ns);
+ writeString(os, data.rname);
+ os.writeLong(data.expires==null?-1:data.expires.getTime());
+ }
- @Override
- public void unmarshal(Data data, DataInputStream is) throws IOException {
- /*int version = */readHeader(is,MAGIC,VERSION);
- // If Version Changes between Production runs, you'll need to do a switch Statement, and adequately read in fields
-
- byte[] buff = new byte[BUFF_SIZE];
- data.user = readString(is,buff);
- data.role = readString(is,buff);
- data.ns = readString(is,buff);
- data.rname = readString(is,buff);
- long l = is.readLong();
- data.expires = l<0?null:new Date(l);
- }
+ @Override
+ public void unmarshal(Data data, DataInputStream is) throws IOException {
+ /*int version = */readHeader(is,MAGIC,VERSION);
+ // If Version Changes between Production runs, you'll need to do a switch Statement, and adequately read in fields
+
+ byte[] buff = new byte[BUFF_SIZE];
+ data.user = readString(is,buff);
+ data.role = readString(is,buff);
+ data.ns = readString(is,buff);
+ data.rname = readString(is,buff);
+ long l = is.readLong();
+ data.expires = l<0?null:new Date(l);
+ }
- };
-
- private void init(AuthzTrans trans) {
- String[] helper = setCRUD(trans, TABLE, Data.class, URLoader.deflt);
-
- psByUser = new PSInfo(trans, SELECT_SP + helper[FIELD_COMMAS] + " FROM user_role WHERE user = ?",
- new URLoader(1) {
- @Override
- protected void key(Data data, int idx, Object[] obj) {
- obj[idx]=data.user;
- }
- },readConsistency);
-
- // Note: We understand this call may have poor performance, so only should be used in Management (Delete) func
- psByRole = new PSInfo(trans, SELECT_SP + helper[FIELD_COMMAS] + " FROM user_role WHERE role = ? ALLOW FILTERING",
- new URLoader(1) {
- @Override
- protected void key(Data data, int idx, Object[] obj) {
- obj[idx]=data.role;
- }
- },readConsistency);
-
- psUserInRole = new PSInfo(trans,SELECT_SP + helper[FIELD_COMMAS] + " FROM user_role WHERE user = ? AND role = ?",
- URLoader.deflt,readConsistency);
- }
+ };
+
+ private void init(AuthzTrans trans) {
+ String[] helper = setCRUD(trans, TABLE, Data.class, URLoader.deflt);
+
+ psByUser = new PSInfo(trans, SELECT_SP + helper[FIELD_COMMAS] + " FROM user_role WHERE user = ?",
+ new URLoader(1) {
+ @Override
+ protected void key(Data data, int idx, Object[] obj) {
+ obj[idx]=data.user;
+ }
+ },readConsistency);
+
+ // Note: We understand this call may have poor performance, so only should be used in Management (Delete) func
+ psByRole = new PSInfo(trans, SELECT_SP + helper[FIELD_COMMAS] + " FROM user_role WHERE role = ? ALLOW FILTERING",
+ new URLoader(1) {
+ @Override
+ protected void key(Data data, int idx, Object[] obj) {
+ obj[idx]=data.role;
+ }
+ },readConsistency);
+
+ psUserInRole = new PSInfo(trans,SELECT_SP + helper[FIELD_COMMAS] + " FROM user_role WHERE user = ? AND role = ?",
+ URLoader.deflt,readConsistency);
+ }
- public Result<List<Data>> readByUser(AuthzTrans trans, String user) {
- return psByUser.read(trans, R_TEXT + " by User " + user, new Object[]{user});
- }
+ public Result<List<Data>> readByUser(AuthzTrans trans, String user) {
+ return psByUser.read(trans, R_TEXT + " by User " + user, new Object[]{user});
+ }
- /**
- * Note: Use Sparingly. Cassandra's forced key structure means this will perform fairly poorly
- * @param trans
- * @param role
- * @return
- * @throws DAOException
- */
- public Result<List<Data>> readByRole(AuthzTrans trans, String role) {
- return psByRole.read(trans, R_TEXT + " by Role " + role, new Object[]{role});
- }
-
- /**
- * Direct Lookup of User Role
- * Don't forget to check for Expiration
- */
- public Result<List<Data>> readByUserRole(AuthzTrans trans, String user, String role) {
- return psUserInRole.read(trans, R_TEXT + " by User " + user + " and Role " + role, new Object[]{user,role});
- }
+ /**
+ * Note: Use Sparingly. Cassandra's forced key structure means this will perform fairly poorly
+ * @param trans
+ * @param role
+ * @return
+ * @throws DAOException
+ */
+ public Result<List<Data>> readByRole(AuthzTrans trans, String role) {
+ return psByRole.read(trans, R_TEXT + " by Role " + role, new Object[]{role});
+ }
+
+ /**
+ * Direct Lookup of User Role
+ * Don't forget to check for Expiration
+ */
+ public Result<List<Data>> readByUserRole(AuthzTrans trans, String user, String role) {
+ return psUserInRole.read(trans, R_TEXT + " by User " + user + " and Role " + role, new Object[]{user,role});
+ }
- /**
+ /**
* Log Modification statements to History
* @param modified which CRUD action was done
* @param data entity data that needs a log entry
* @param overrideMessage if this is specified, we use it rather than crafting a history message based on data
*/
- @Override
- protected void wasModified(AuthzTrans trans, CRUD modified, Data data, String ... override) {
- boolean memo = override.length>0 && override[0]!=null;
- boolean subject = override.length>1 && override[1]!=null;
+ @Override
+ protected void wasModified(AuthzTrans trans, CRUD modified, Data data, String ... override) {
+ boolean memo = override.length>0 && override[0]!=null;
+ boolean subject = override.length>1 && override[1]!=null;
- HistoryDAO.Data hd = HistoryDAO.newInitedData();
- HistoryDAO.Data hdRole = HistoryDAO.newInitedData();
-
+ HistoryDAO.Data hd = HistoryDAO.newInitedData();
+ HistoryDAO.Data hdRole = HistoryDAO.newInitedData();
+
hd.user = hdRole.user = trans.user();
- hd.action = modified.name();
- // Modifying User/Role is an Update to Role, not a Create. Jonathan, 07-14-2015
- hdRole.action = CRUD.update.name();
- hd.target = TABLE;
- hdRole.target = RoleDAO.TABLE;
- hd.subject = subject?override[1] : (data.user + '|'+data.role);
- hdRole.subject = data.role;
- switch(modified) {
- case create:
- hd.memo = hdRole.memo = memo
- ? String.format("%s by %s", override[0], hd.user)
- : String.format("%s added to %s",data.user,data.role);
- break;
- case update:
- hd.memo = hdRole.memo = memo
- ? String.format("%s by %s", override[0], hd.user)
- : String.format("%s - %s was updated",data.user,data.role);
- break;
- case delete:
- hd.memo = hdRole.memo = memo
- ? String.format("%s by %s", override[0], hd.user)
- : String.format("%s removed from %s",data.user,data.role);
- try {
- hd.reconstruct = hdRole.reconstruct = data.bytify();
- } catch (IOException e) {
- trans.warn().log(e,"Deleted UserRole could not be serialized");
- }
- break;
- default:
- hd.memo = hdRole.memo = memo
- ? String.format("%s by %s", override[0], hd.user)
- : "n/a";
- }
+ hd.action = modified.name();
+ // Modifying User/Role is an Update to Role, not a Create. Jonathan, 07-14-2015
+ hdRole.action = CRUD.update.name();
+ hd.target = TABLE;
+ hdRole.target = RoleDAO.TABLE;
+ hd.subject = subject?override[1] : (data.user + '|'+data.role);
+ hdRole.subject = data.role;
+ switch(modified) {
+ case create:
+ hd.memo = hdRole.memo = memo
+ ? String.format("%s by %s", override[0], hd.user)
+ : String.format("%s added to %s",data.user,data.role);
+ break;
+ case update:
+ hd.memo = hdRole.memo = memo
+ ? String.format("%s by %s", override[0], hd.user)
+ : String.format("%s - %s was updated",data.user,data.role);
+ break;
+ case delete:
+ hd.memo = hdRole.memo = memo
+ ? String.format("%s by %s", override[0], hd.user)
+ : String.format("%s removed from %s",data.user,data.role);
+ try {
+ hd.reconstruct = hdRole.reconstruct = data.bytify();
+ } catch (IOException e) {
+ trans.warn().log(e,"Deleted UserRole could not be serialized");
+ }
+ break;
+ default:
+ hd.memo = hdRole.memo = memo
+ ? String.format("%s by %s", override[0], hd.user)
+ : "n/a";
+ }
- if(historyDAO.create(trans, hd).status!=Status.OK) {
- trans.error().log("Cannot log to History");
- }
-
- if(historyDAO.create(trans, hdRole).status!=Status.OK) {
- trans.error().log("Cannot log to History");
- }
- // uses User as Segment
+ if(historyDAO.create(trans, hd).status!=Status.OK) {
+ trans.error().log("Cannot log to History");
+ }
+
+ if(historyDAO.create(trans, hdRole).status!=Status.OK) {
+ trans.error().log("Cannot log to History");
+ }
+ // uses User as Segment
if(infoDAO.touch(trans, TABLE,data.invalidate(cache)).notOK()) {
- trans.error().log("Cannot touch CacheInfo");
+ trans.error().log("Cannot touch CacheInfo");
}
- }
+ }
}
diff --git a/auth/auth-cass/src/main/java/org/onap/aaf/auth/dao/hl/CassExecutor.java b/auth/auth-cass/src/main/java/org/onap/aaf/auth/dao/hl/CassExecutor.java
index 1979db28..f0a59582 100644
--- a/auth/auth-cass/src/main/java/org/onap/aaf/auth/dao/hl/CassExecutor.java
+++ b/auth/auth-cass/src/main/java/org/onap/aaf/auth/dao/hl/CassExecutor.java
@@ -29,45 +29,45 @@ import org.onap.aaf.auth.org.Executor;
public class CassExecutor implements Executor {
- private Question q;
- private Function f;
- private AuthzTrans trans;
+ private Question q;
+ private Function f;
+ private AuthzTrans trans;
- public CassExecutor(AuthzTrans trans, Function f) {
- this.trans = trans;
- this.f = f;
- this.q = this.f.q;
- }
+ public CassExecutor(AuthzTrans trans, Function f) {
+ this.trans = trans;
+ this.f = f;
+ this.q = this.f.q;
+ }
- @Override
- public boolean hasPermission(String user, String ns, String type, String instance, String action) {
- return isGranted(user, ns, type, instance, action);
- }
+ @Override
+ public boolean hasPermission(String user, String ns, String type, String instance, String action) {
+ return isGranted(user, ns, type, instance, action);
+ }
- @Override
- public boolean inRole(String name) {
- Result<NsSplit> nss = q.deriveNsSplit(trans, name);
- if(nss.notOK())return false;
- return q.roleDAO.read(trans, nss.value.ns,nss.value.name).isOKhasData();
- }
+ @Override
+ public boolean inRole(String name) {
+ Result<NsSplit> nss = q.deriveNsSplit(trans, name);
+ if(nss.notOK())return false;
+ return q.roleDAO.read(trans, nss.value.ns,nss.value.name).isOKhasData();
+ }
- public boolean isGranted(String user, String ns, String type, String instance, String action) {
- return q.isGranted(trans, user, ns, type, instance,action);
- }
+ public boolean isGranted(String user, String ns, String type, String instance, String action) {
+ return q.isGranted(trans, user, ns, type, instance,action);
+ }
- @Override
- public String namespace() throws Exception {
- Result<Data> res = q.validNSOfDomain(trans,trans.user());
- if(res.isOK()) {
- String user[] = trans.user().split("\\.");
- return user[user.length-1] + '.' + user[user.length-2];
- }
- throw new Exception(res.status + ' ' + res.details);
- }
+ @Override
+ public String namespace() throws Exception {
+ Result<Data> res = q.validNSOfDomain(trans,trans.user());
+ if(res.isOK()) {
+ String user[] = trans.user().split("\\.");
+ return user[user.length-1] + '.' + user[user.length-2];
+ }
+ throw new Exception(res.status + ' ' + res.details);
+ }
- @Override
- public String id() {
- return trans.user();
- }
+ @Override
+ public String id() {
+ return trans.user();
+ }
}
diff --git a/auth/auth-cass/src/main/java/org/onap/aaf/auth/dao/hl/Function.java b/auth/auth-cass/src/main/java/org/onap/aaf/auth/dao/hl/Function.java
index 8529ce87..f3aae2ec 100644
--- a/auth/auth-cass/src/main/java/org/onap/aaf/auth/dao/hl/Function.java
+++ b/auth/auth-cass/src/main/java/org/onap/aaf/auth/dao/hl/Function.java
@@ -60,1733 +60,1733 @@ import org.onap.aaf.auth.org.OrganizationException;
public class Function {
- private static final String CANNOT_BE_THE_OWNER_OF_A_NAMESPACE = "%s(%s) cannot be the owner of the namespace '%s'. Owners %s.";
-
- public enum FUTURE_OP {
- C("Create"),U("Update"),D("Delete"),G("Grant"),UG("UnGrant"),A("Approval");
-
- private String desc;
-
- private FUTURE_OP(String desc) {
- this.desc = desc;
- }
-
- public String desc() {
- return desc;
- }
-
- /**
- * Same as valueOf(), but passes back null instead of throwing Exception
- * @param value
- * @return
- */
- public static FUTURE_OP toFO(String value) {
- if(value!=null) {
- for(FUTURE_OP fo : values()) {
- if(fo.name().equals(value)){
- return fo;
- }
- }
- }
- return null;
- }
- }
-
- public enum OP_STATUS {
- E("Executed"),D("Denied"),P("Pending"),L("Lapsed");
-
- private String desc;
- public final static Result<OP_STATUS> RE = Result.ok(OP_STATUS.E);
- public final static Result<OP_STATUS> RD = Result.ok(OP_STATUS.D);
- public final static Result<OP_STATUS> RP = Result.ok(OP_STATUS.P);
- public final static Result<OP_STATUS> RL = Result.ok(OP_STATUS.L);
-
- private OP_STATUS(String desc) {
- this.desc = desc;
- }
-
- public String desc() {
- return desc;
- }
-
- }
-
- public static final String FOP_CRED = "cred";
- public static final String FOP_DELEGATE = "delegate";
- public static final String FOP_NS = "ns";
- public static final String FOP_PERM = "perm";
- public static final String FOP_ROLE = "role";
- public static final String FOP_USER_ROLE = "user_role";
- private static final List<Identity> NO_ADDL_APPROVE = new ArrayList<>();
- private static final String ROOT_NS = Define.ROOT_NS();
- // First Action should ALWAYS be "write", see "CreateRole"
- public final Question q;
-
- public Function(AuthzTrans trans, Question question) {
- q = question;
- }
-
- private class ErrBuilder {
- private StringBuilder sb;
- private List<String> ao;
-
- public void log(Result<?> result) {
- if (result.notOK()) {
- if (sb == null) {
- sb = new StringBuilder();
- ao = new ArrayList<>();
- }
- sb.append(result.details);
- sb.append('\n');
- for (String s : result.variables) {
- ao.add(s);
- }
- }
- }
-
- public String[] vars() {
- String[] rv = new String[ao.size()];
- ao.toArray(rv);
- return rv;
- }
-
- public boolean hasErr() {
- return sb != null;
- }
-
- @Override
- public String toString() {
- return sb == null ? "" : String.format(sb.toString(), ao);
- }
- }
-
- /**
- * createNS
- *
- * Create Namespace
- *
- * @param trans
- * @param org
- * @param ns
- * @param user
- * @return
- * @throws DAOException
- *
- * To create an NS, you need to: 1) validate permission to
- * modify parent NS 2) Does NS exist already? 3) Create NS with
- * a) "user" as owner. NOTE: Per 10-15 request for AAF 1.0 4)
- * Loop through Roles with Parent NS, and map any that start
- * with this NS into this one 5) Loop through Perms with Parent
- * NS, and map any that start with this NS into this one
- */
- public Result<Void> createNS(AuthzTrans trans, Namespace namespace, boolean fromApproval) {
- Result<?> rq;
-// if (namespace.name.endsWith(Question.DOT_ADMIN)
-// || namespace.name.endsWith(Question.DOT_OWNER)) {
-// return Result.err(Status.ERR_BadData,
-// "'admin' and 'owner' are reserved names in AAF");
-// }
-
- try {
- for (String u : namespace.owner) {
- Organization org = trans.org();
- Identity orgUser = org.getIdentity(trans, u);
- String reason;
- if (orgUser == null) {
- return Result.err(Status.ERR_Policy,"%s is not a valid user at %s",u,org.getName());
- } else if((reason=orgUser.mayOwn())!=null) {
- if (org.isTestEnv()) {
- String reason2;
- if((reason2=org.validate(trans, Policy.AS_RESPONSIBLE,new CassExecutor(trans, this), u))!=null) { // can masquerade as responsible
- trans.debug().log(reason2);
- return Result.err(Status.ERR_Policy,CANNOT_BE_THE_OWNER_OF_A_NAMESPACE,orgUser.fullName(),orgUser.id(),namespace.name,reason);
- }
- // a null means ok
- } else {
- if(orgUser.isFound()) {
- return Result.err(Status.ERR_Policy,CANNOT_BE_THE_OWNER_OF_A_NAMESPACE,orgUser.fullName(),orgUser.id(),namespace.name, reason);
- } else {
- return Result.err(Status.ERR_Policy,u + " is an invalid Identity");
- }
- }
- }
- }
- } catch (Exception e) {
- trans.error().log(e,
- "Could not contact Organization for User Validation");
- }
-
- String user = trans.user();
- // 1) May Change Parent?
- int idx = namespace.name.lastIndexOf('.');
- String parent;
- if (idx < 0) {
- if (!q.isGranted(trans, user, ROOT_NS,Question.NS, ".", "create")) {
- return Result.err(Result.ERR_Security,
- "%s may not create Root Namespaces", user);
- }
- parent = null;
- fromApproval = true;
- } else {
- parent = namespace.name.substring(0, idx); // get Parent String
- }
-
- Result<NsDAO.Data> rparent = q.deriveNs(trans, parent);
- if (rparent.notOK()) {
- return Result.err(rparent);
- }
- if (!fromApproval) {
- rparent = q.mayUser(trans, user, rparent.value, Access.write);
- if (rparent.notOK()) {
- return Result.err(rparent);
- }
- }
- parent = namespace.parent = rparent.value.name; // Correct Namespace from real data
-
- // 2) Does requested NS exist
- if (q.nsDAO.read(trans, namespace.name).isOKhasData()) {
- return Result.err(Status.ERR_ConflictAlreadyExists,
- "Target Namespace already exists");
- }
-
- // Someone must be responsible.
- if (namespace.owner == null || namespace.owner.isEmpty()) {
- return Result
- .err(Status.ERR_Policy,
- "Namespaces must be assigned at least one responsible party");
- }
-
- // 3) Create NS
- Date now = new Date();
-
- Result<Void> r;
- // 3a) Admin
-
- try {
- // Originally, added the enterer as Admin, but that's not necessary,
- // or helpful for Operations folks..
- // Admins can be empty, because they can be changed by lower level
- // NSs
- // if(ns.admin(false).isEmpty()) {
- // ns.admin(true).add(user);
- // }
- if (namespace.admin != null) {
- for (String u : namespace.admin) {
- if ((r = checkValidID(trans, now, u)).notOK()) {
- return r;
- }
- }
- }
-
- // 3b) Responsible
- Organization org = trans.org();
- for (String u : namespace.owner) {
- Identity orgUser = org.getIdentity(trans, u);
- if (orgUser == null) {
- return Result
- .err(Status.ERR_BadData,
- "NS must be created with an %s approved Responsible Party",
- org.getName());
- }
- }
- } catch (Exception e) {
- return Result.err(Status.ERR_UserNotFound, e.getMessage());
- }
-
- // VALIDATIONS done... Add NS
- if ((rq = q.nsDAO.create(trans, namespace.data())).notOK()) {
- return Result.err(rq);
- }
-
- // Since Namespace is now created, we need to grab all subsequent errors
- ErrBuilder eb = new ErrBuilder();
-
- // Add UserRole(s)
- UserRoleDAO.Data urdd = new UserRoleDAO.Data();
- urdd.expires = trans.org().expiration(null, Expiration.UserInRole).getTime();
- urdd.role(namespace.name, Question.ADMIN);
- for (String admin : namespace.admin) {
- urdd.user = admin;
- eb.log(q.userRoleDAO.create(trans, urdd));
- }
- urdd.role(namespace.name,Question.OWNER);
- for (String owner : namespace.owner) {
- urdd.user = owner;
- eb.log(q.userRoleDAO.create(trans, urdd));
- }
-
- addNSAdminRolesPerms(trans, eb, namespace.name);
-
- addNSOwnerRolesPerms(trans, eb, namespace.name);
-
- if (parent != null) {
- // Build up with any errors
-
- String targetNs = rparent.value.name; // Get the Parent Namespace,
- // not target
- String targetName = namespace.name.substring(targetNs.length() + 1); // Remove the Parent Namespace from the
- // Target + a dot, and you'll get the name
- int targetNameDot = targetName.length() + 1;
-
- // 4) Change any roles with children matching this NS, and
- Result<List<RoleDAO.Data>> rrdc = q.roleDAO.readChildren(trans, targetNs, targetName);
- if (rrdc.isOKhasData()) {
- for (RoleDAO.Data rdd : rrdc.value) {
- // Remove old Role from Perms, save them off
- List<PermDAO.Data> lpdd = new ArrayList<>();
- for(String p : rdd.perms(false)) {
- Result<PermDAO.Data> rpdd = PermDAO.Data.decode(trans,q,p);
- if(rpdd.isOKhasData()) {
- PermDAO.Data pdd = rpdd.value;
- lpdd.add(pdd);
- q.permDAO.delRole(trans, pdd, rdd);
- } else{
- trans.error().log(rpdd.errorString());
- }
- }
-
- // Save off Old keys
- String delP1 = rdd.ns;
- String delP2 = rdd.name;
-
- // Write in new key
- rdd.ns = namespace.name;
- rdd.name = (delP2.length() > targetNameDot) ? delP2
- .substring(targetNameDot) : "";
-
- // Need to use non-cached, because switching namespaces, not
- // "create" per se
- if ((rq = q.roleDAO.create(trans, rdd)).isOK()) {
- // Put Role back into Perm, with correct info
- for(PermDAO.Data pdd : lpdd) {
- q.permDAO.addRole(trans, pdd, rdd);
- }
- // Change data for User Roles
- Result<List<UserRoleDAO.Data>> rurd = q.userRoleDAO.readByRole(trans, rdd.fullName());
- if(rurd.isOKhasData()) {
- for(UserRoleDAO.Data urd : rurd.value) {
- urd.ns = rdd.ns;
- urd.rname = rdd.name;
- q.userRoleDAO.update(trans, urd);
- }
- }
- // Now delete old one
- rdd.ns = delP1;
- rdd.name = delP2;
- if ((rq = q.roleDAO.delete(trans, rdd, false)).notOK()) {
- eb.log(rq);
- }
- } else {
- eb.log(rq);
- }
- }
- }
-
- // 4) Change any Permissions with children matching this NS, and
- Result<List<PermDAO.Data>> rpdc = q.permDAO.readChildren(trans,targetNs, targetName);
- if (rpdc.isOKhasData()) {
- for (PermDAO.Data pdd : rpdc.value) {
- // Remove old Perm from Roles, save them off
- List<RoleDAO.Data> lrdd = new ArrayList<>();
-
- for(String rl : pdd.roles(false)) {
- Result<RoleDAO.Data> rrdd = RoleDAO.Data.decode(trans,q,rl);
- if(rrdd.isOKhasData()) {
- RoleDAO.Data rdd = rrdd.value;
- lrdd.add(rdd);
- q.roleDAO.delPerm(trans, rdd, pdd);
- } else{
- trans.error().log(rrdd.errorString());
- }
- }
-
- // Save off Old keys
- String delP1 = pdd.ns;
- String delP2 = pdd.type;
- pdd.ns = namespace.name;
- pdd.type = (delP2.length() > targetNameDot) ? delP2
- .substring(targetNameDot) : "";
- if ((rq = q.permDAO.create(trans, pdd)).isOK()) {
- // Put Role back into Perm, with correct info
- for(RoleDAO.Data rdd : lrdd) {
- q.roleDAO.addPerm(trans, rdd, pdd);
- }
-
- pdd.ns = delP1;
- pdd.type = delP2;
- if ((rq = q.permDAO.delete(trans, pdd, false)).notOK()) {
- eb.log(rq);
- // } else {
- // Need to invalidate directly, because we're
- // switching places in NS, not normal cache behavior
- // q.permDAO.invalidate(trans,pdd);
- }
- } else {
- eb.log(rq);
- }
- }
- }
- if (eb.hasErr()) {
- return Result.err(Status.ERR_ActionNotCompleted,eb.sb.toString(), eb.vars());
- }
- }
- return Result.ok();
- }
-
- private void addNSAdminRolesPerms(AuthzTrans trans, ErrBuilder eb, String ns) {
- // Admin Role/Perm
- RoleDAO.Data rd = new RoleDAO.Data();
- rd.ns = ns;
- rd.name = "admin";
- rd.description = "AAF Namespace Administrators";
-
- PermDAO.Data pd = new PermDAO.Data();
- pd.ns = ns;
- pd.type = "access";
- pd.instance = Question.ASTERIX;
- pd.action = Question.ASTERIX;
- pd.description = "AAF Namespace Write Access";
-
- rd.perms = new HashSet<>();
- rd.perms.add(pd.encode());
- eb.log(q.roleDAO.create(trans, rd));
-
- pd.roles = new HashSet<>();
- pd.roles.add(rd.encode());
- eb.log(q.permDAO.create(trans, pd));
- }
-
- private void addNSOwnerRolesPerms(AuthzTrans trans, ErrBuilder eb, String ns) {
- RoleDAO.Data rd = new RoleDAO.Data();
- rd.ns = ns;
- rd.name = "owner";
- rd.description = "AAF Namespace Owners";
-
- PermDAO.Data pd = new PermDAO.Data();
- pd.ns = ns;
- pd.type = "access";
- pd.instance = Question.ASTERIX;
- pd.action = Question.READ;
- pd.description = "AAF Namespace Read Access";
-
- rd.perms = new HashSet<>();
- rd.perms.add(pd.encode());
- eb.log(q.roleDAO.create(trans, rd));
-
- pd.roles = new HashSet<>();
- pd.roles.add(rd.encode());
- eb.log(q.permDAO.create(trans, pd));
- }
-
- /**
- * deleteNS
- *
- * Delete Namespace
- *
- * @param trans
- * @param org
- * @param ns
- * @param force
- * @param user
- * @return
- * @throws DAOException
- *
- *
- * To delete an NS, you need to: 1) validate permission to
- * modify this NS 2) Find all Roles with this NS, and 2a) if
- * Force, delete them, else modify to Parent NS 3) Find all
- * Perms with this NS, and modify to Parent NS 3a) if Force,
- * delete them, else modify to Parent NS 4) Find all IDs
- * associated to this NS, and deny if exists. 5) Remove NS
- */
- public Result<Void> deleteNS(AuthzTrans trans, String ns) {
- boolean force = trans.requested(REQD_TYPE.force);
- boolean move = trans.requested(REQD_TYPE.move);
- // 1) Validate
- Result<List<NsDAO.Data>> nsl;
- if ((nsl = q.nsDAO.read(trans, ns)).notOKorIsEmpty()) {
- return Result.err(Status.ERR_NsNotFound, "%s does not exist", ns);
- }
- NsDAO.Data nsd = nsl.value.get(0);
- NsType nt;
- if (move && !q.canMove(nt = NsType.fromType(nsd.type))) {
- return Result.err(Status.ERR_Denied, "Namespace Force=move not permitted for Type %s",nt.name());
- }
-
- Result<NsDAO.Data> dnr = q.mayUser(trans, trans.user(), nsd, Access.write);
- if (dnr.status != Status.OK) {
- return Result.err(dnr);
- }
-
- // 2) Find Parent
- String user = trans.user();
- int idx = ns.lastIndexOf('.');
- NsDAO.Data parent;
- if (idx < 0) {
- if (!q.isGranted(trans, user, ROOT_NS,Question.NS, ".", "delete")) {
- return Result.err(Result.ERR_Security,
- "%s may not delete Root Namespaces", user);
- }
- parent = null;
- } else {
- Result<NsDAO.Data> rlparent = q.deriveNs(trans, ns.substring(0, idx));
- if (rlparent.notOKorIsEmpty()) {
- return Result.err(rlparent);
- }
- parent = rlparent.value;
- }
-
- // Build up with any errors
- // If sb != null below is an indication of error
- StringBuilder sb = null;
- ErrBuilder er = new ErrBuilder();
-
- // 2a) Deny if any IDs on Namespace
- Result<List<CredDAO.Data>> creds = q.credDAO.readNS(trans, ns);
- if (creds.isOKhasData()) {
- if (force || move) {
- for (CredDAO.Data cd : creds.value) {
- er.log(q.credDAO.delete(trans, cd, false));
- // Since we're deleting all the creds, we should delete all
- // the user Roles for that Cred
- Result<List<UserRoleDAO.Data>> rlurd = q.userRoleDAO
- .readByUser(trans, cd.id);
- if (rlurd.isOK()) {
- for (UserRoleDAO.Data data : rlurd.value) {
- q.userRoleDAO.delete(trans, data, false);
- }
- }
-
- }
- } else {
- // first possible StringBuilder Create.
- sb = new StringBuilder();
- sb.append('[');
- sb.append(ns);
- sb.append("] contains users");
- }
- }
-
- // 2b) Find (or delete if forced flag is set) dependencies
- // First, find if NS Perms are the only ones
- Result<List<PermDAO.Data>> rpdc = q.permDAO.readNS(trans, ns);
- if (rpdc.isOKhasData()) {
- // Since there are now NS perms, we have to count NON-NS perms.
- // FYI, if we delete them now, and the NS is not deleted, it is in
- // an inconsistent state.
- boolean nonaccess = false;
- for (PermDAO.Data pdd : rpdc.value) {
- if (!"access".equals(pdd.type)) {
- nonaccess = true;
- break;
- }
- }
- if (nonaccess && !force && !move) {
- if (sb == null) {
- sb = new StringBuilder();
- sb.append('[');
- sb.append(ns);
- sb.append("] contains ");
- } else {
- sb.append(", ");
- }
- sb.append("permissions");
- }
- }
-
- Result<List<RoleDAO.Data>> rrdc = q.roleDAO.readNS(trans, ns);
- if (rrdc.isOKhasData()) {
- // Since there are now NS roles, we have to count NON-NS roles.
- // FYI, if we delete th)em now, and the NS is not deleted, it is in
- // an inconsistent state.
- int count = rrdc.value.size();
- for (RoleDAO.Data rdd : rrdc.value) {
- if ("admin".equals(rdd.name) || "owner".equals(rdd.name)) {
- --count;
- }
- }
- if (count > 0 && !force && !move) {
- if (sb == null) {
- sb = new StringBuilder();
- sb.append('[');
- sb.append(ns);
- sb.append("] contains ");
- } else {
- sb.append(", ");
- }
- sb.append("roles");
- }
- }
-
- // 2c) Deny if dependencies exist that would be moved to root level
- // parent is root level parent here. Need to find closest parent ns that
- // exists
- if (sb != null) {
- if (!force && !move) {
- sb.append(".\n Delete dependencies and try again. Note: using \"force=true\" will delete all. \"force=move\" will delete Creds, but move Roles and Perms to parent.");
- return Result.err(Status.ERR_DependencyExists, sb.toString());
- }
-
- if (move && (parent == null || parent.type == NsType.COMPANY.type)) {
- return Result
- .err(Status.ERR_DependencyExists,
- "Cannot move users, roles or permissions to [%s].\nDelete dependencies and try again",
- parent.name);
- }
- } else if (move && parent != null) {
- sb = new StringBuilder();
- // 3) Change any roles with children matching this NS, and
- moveRoles(trans, parent, sb, rrdc);
- // 4) Change any Perms with children matching this NS, and
- movePerms(trans, parent, sb, rpdc);
- }
-
- if (sb != null && sb.length() > 0) {
- return Result.err(Status.ERR_DependencyExists, sb.toString());
- }
-
- if (er.hasErr()) {
- if (trans.debug().isLoggable()) {
- trans.debug().log(er.toString());
- }
- return Result.err(Status.ERR_DependencyExists,
- "Namespace members cannot be deleted for %s", ns);
- }
-
- // 5) OK... good to go for NS Deletion...
- if (!rpdc.isEmpty()) {
- for (PermDAO.Data perm : rpdc.value) {
- deletePerm(trans, perm, true, true);
- }
- }
- if (!rrdc.isEmpty()) {
- for (RoleDAO.Data role : rrdc.value) {
- deleteRole(trans, role, true, true);
- }
- }
-
- return q.nsDAO.delete(trans, nsd, false);
- }
-
- public Result<List<String>> getOwners(AuthzTrans trans, String ns,
- boolean includeExpired) {
- return getUsersByRole(trans, ns + Question.DOT_OWNER, includeExpired);
- }
-
- private Result<Void> mayAddOwner(AuthzTrans trans, String ns, String id) {
- Result<NsDAO.Data> rq = q.deriveNs(trans, ns);
- if (rq.notOK()) {
- return Result.err(rq);
- }
-
- rq = q.mayUser(trans, trans.user(), rq.value, Access.write);
- if (rq.notOK()) {
- return Result.err(rq);
- }
-
- Identity user;
- Organization org = trans.org();
- try {
- if ((user = org.getIdentity(trans, id)) == null) {
- return Result.err(Status.ERR_Policy,
- "%s reports that this is not a valid credential",
- org.getName());
- }
- String reason;
- if ((reason=user.mayOwn())==null) {
- return Result.ok();
- } else {
- if (org.isTestEnv()) {
- String reason2;
- if((reason2 = org.validate(trans, Policy.AS_RESPONSIBLE, new CassExecutor(trans, this), id))==null) {
- return Result.ok();
- } else {
- trans.debug().log(reason2);
- }
- }
- return Result.err(Status.ERR_Policy,CANNOT_BE_THE_OWNER_OF_A_NAMESPACE,user.fullName(),user.id(),ns, reason);
- }
- } catch (Exception e) {
- return Result.err(e);
- }
- }
-
- private Result<Void> mayAddAdmin(AuthzTrans trans, String ns, String id) {
- // Does NS Exist?
- Result<Void> r = checkValidID(trans, new Date(), id);
- if (r.notOK()) {
- return r;
- }
- // Is id able to be an Admin
- Result<NsDAO.Data> rq = q.deriveNs(trans, ns);
- if (rq.notOK()) {
- return Result.err(rq);
- }
-
- rq = q.mayUser(trans, trans.user(), rq.value, Access.write);
- if (rq.notOK()) {
- Result<List<UserRoleDAO.Data>> ruinr = q.userRoleDAO.readUserInRole(trans, trans.user(),ns+".owner");
- if(!(ruinr.isOKhasData() && ruinr.value.get(0).expires.after(new Date()))) {
- return Result.err(rq);
- }
- }
- return r;
- }
-
- private Result<Void> checkValidID(AuthzTrans trans, Date now, String user) {
- Organization org = trans.org();
- if (org.supportsRealm(user)) {
- try {
- if (org.getIdentity(trans, user) == null) {
- return Result.err(Status.ERR_Denied,
- "%s reports that %s is a faulty ID", org.getName(),
- user);
- }
- return Result.ok();
- } catch (Exception e) {
- return Result.err(Result.ERR_Security,
- "%s is not a valid %s Credential", user, org.getName());
- }
- //TODO find out how to make sure good ALTERNATE OAUTH DOMAIN USER
-// } else if(user.endsWith(ALTERNATE OAUTH DOMAIN)) {
-// return Result.ok();
- } else {
- Result<List<CredDAO.Data>> cdr = q.credDAO.readID(trans, user);
- if (cdr.notOKorIsEmpty()) {
- return Result.err(Status.ERR_Security,
- "%s is not a valid AAF Credential", user);
- }
-
- for (CredDAO.Data cd : cdr.value) {
- if (cd.expires.after(now)) {
- return Result.ok();
- }
- }
- }
- return Result.err(Result.ERR_Security, "%s has expired", user);
- }
-
- public Result<Void> delOwner(AuthzTrans trans, String ns, String id) {
- Result<NsDAO.Data> rq = q.deriveNs(trans, ns);
- if (rq.notOK()) {
- return Result.err(rq);
- }
-
- rq = q.mayUser(trans, trans.user(), rq.value, Access.write);
- if (rq.notOK()) {
- return Result.err(rq);
- }
-
- return delUserRole(trans, id, ns,Question.OWNER);
- }
-
- public Result<List<String>> getAdmins(AuthzTrans trans, String ns, boolean includeExpired) {
- return getUsersByRole(trans, ns + Question.DOT_ADMIN, includeExpired);
- }
-
- public Result<Void> delAdmin(AuthzTrans trans, String ns, String id) {
- Result<NsDAO.Data> rq = q.deriveNs(trans, ns);
- if (rq.notOK()) {
- return Result.err(rq);
- }
-
- rq = q.mayUser(trans, trans.user(), rq.value, Access.write);
- if (rq.notOK()) {
- // Even though not a "writer", Owners still determine who gets to be an Admin
- Result<List<UserRoleDAO.Data>> ruinr = q.userRoleDAO.readUserInRole(trans, trans.user(),ns+".owner");
- if(!(ruinr.isOKhasData() && ruinr.value.get(0).expires.after(new Date()))) {
- return Result.err(rq);
- }
- }
-
- return delUserRole(trans, id, ns, Question.ADMIN);
- }
-
- /**
- * Helper function that moves permissions from a namespace being deleted to
- * its parent namespace
- *
- * @param trans
- * @param parent
- * @param sb
- * @param rpdc
- * - list of permissions in namespace being deleted
- */
- private void movePerms(AuthzTrans trans, NsDAO.Data parent,
- StringBuilder sb, Result<List<PermDAO.Data>> rpdc) {
-
- Result<Void> rv;
- Result<PermDAO.Data> pd;
-
- if (rpdc.isOKhasData()) {
- for (PermDAO.Data pdd : rpdc.value) {
- String delP2 = pdd.type;
- if ("access".equals(delP2)) {
- continue;
- }
- // Remove old Perm from Roles, save them off
- List<RoleDAO.Data> lrdd = new ArrayList<>();
-
- for(String rl : pdd.roles(false)) {
- Result<RoleDAO.Data> rrdd = RoleDAO.Data.decode(trans,q,rl);
- if(rrdd.isOKhasData()) {
- RoleDAO.Data rdd = rrdd.value;
- lrdd.add(rdd);
- q.roleDAO.delPerm(trans, rdd, pdd);
- } else{
- trans.error().log(rrdd.errorString());
- }
- }
-
- // Save off Old keys
- String delP1 = pdd.ns;
- NsSplit nss = new NsSplit(parent, pdd.fullType());
- pdd.ns = nss.ns;
- pdd.type = nss.name;
- // Use direct Create/Delete, because switching namespaces
- if ((pd = q.permDAO.create(trans, pdd)).isOK()) {
- // Put Role back into Perm, with correct info
- for(RoleDAO.Data rdd : lrdd) {
- q.roleDAO.addPerm(trans, rdd, pdd);
- }
-
- pdd.ns = delP1;
- pdd.type = delP2;
- if ((rv = q.permDAO.delete(trans, pdd, false)).notOK()) {
- sb.append(rv.details);
- sb.append('\n');
- // } else {
- // Need to invalidate directly, because we're switching
- // places in NS, not normal cache behavior
- // q.permDAO.invalidate(trans,pdd);
- }
- } else {
- sb.append(pd.details);
- sb.append('\n');
- }
- }
- }
- }
-
- /**
- * Helper function that moves roles from a namespace being deleted to its
- * parent namespace
- *
- * @param trans
- * @param parent
- * @param sb
- * @param rrdc
- * - list of roles in namespace being deleted
- */
- private void moveRoles(AuthzTrans trans, NsDAO.Data parent,
- StringBuilder sb, Result<List<RoleDAO.Data>> rrdc) {
-
- Result<Void> rv;
- Result<RoleDAO.Data> rd;
-
- if (rrdc.isOKhasData()) {
- for (RoleDAO.Data rdd : rrdc.value) {
- String delP2 = rdd.name;
- if ("admin".equals(delP2) || "owner".equals(delP2)) {
- continue;
- }
- // Remove old Role from Perms, save them off
- List<PermDAO.Data> lpdd = new ArrayList<>();
- for(String p : rdd.perms(false)) {
- Result<PermDAO.Data> rpdd = PermDAO.Data.decode(trans,q,p);
- if(rpdd.isOKhasData()) {
- PermDAO.Data pdd = rpdd.value;
- lpdd.add(pdd);
- q.permDAO.delRole(trans, pdd, rdd);
- } else{
- trans.error().log(rpdd.errorString());
- }
- }
-
- // Save off Old keys
- String delP1 = rdd.ns;
-
- NsSplit nss = new NsSplit(parent, rdd.fullName());
- rdd.ns = nss.ns;
- rdd.name = nss.name;
- // Use direct Create/Delete, because switching namespaces
- if ((rd = q.roleDAO.create(trans, rdd)).isOK()) {
- // Put Role back into Perm, with correct info
- for(PermDAO.Data pdd : lpdd) {
- q.permDAO.addRole(trans, pdd, rdd);
- }
-
- rdd.ns = delP1;
- rdd.name = delP2;
- if ((rv = q.roleDAO.delete(trans, rdd, true)).notOK()) {
- sb.append(rv.details);
- sb.append('\n');
- // } else {
- // Need to invalidate directly, because we're switching
- // places in NS, not normal cache behavior
- // q.roleDAO.invalidate(trans,rdd);
- }
- } else {
- sb.append(rd.details);
- sb.append('\n');
- }
- }
- }
- }
-
- /**
- * Create Permission (and any missing Permission between this and Parent) if
- * we have permission
- *
- * Pass in the desired Management Permission for this Permission
- *
- * If Force is set, then Roles listed will be created, if allowed,
- * pre-granted.
- */
- public Result<Void> createPerm(AuthzTrans trans, PermDAO.Data perm, boolean fromApproval) {
- String user = trans.user();
- // Next, see if User is allowed to Manage Parent Permission
-
- Result<NsDAO.Data> rnsd;
- if (!fromApproval) {
- rnsd = q.mayUser(trans, user, perm, Access.write);
- if (rnsd.notOK()) {
- return Result.err(rnsd);
- }
- } else {
- rnsd = q.deriveNs(trans, perm.ns);
- }
-
- // Does Child exist?
- if (!trans.requested(REQD_TYPE.force)) {
- if (q.permDAO.read(trans, perm).isOKhasData()) {
- return Result.err(Status.ERR_ConflictAlreadyExists,
- "Permission [%s.%s|%s|%s] already exists.", perm.ns,
- perm.type, perm.instance, perm.action);
- }
- }
-
- // Attempt to add perms to roles, creating as possible
- Set<String> roles;
- String pstring = perm.encode();
-
- // For each Role
- for (String role : roles = perm.roles(true)) {
- Result<RoleDAO.Data> rdd = RoleDAO.Data.decode(trans,q,role);
- if(rdd.isOKhasData()) {
- RoleDAO.Data rd = rdd.value;
- if (!fromApproval) {
- // May User write to the Role in question.
- Result<NsDAO.Data> rns = q.mayUser(trans, user, rd,
- Access.write);
- if (rns.notOK()) {
- // Remove the role from Add, because
- roles.remove(role); // Don't allow adding
- trans.warn()
- .log("User [%s] does not have permission to relate Permissions to Role [%s]",
- user, role);
- }
- }
-
- Result<List<RoleDAO.Data>> rlrd;
- if ((rlrd = q.roleDAO.read(trans, rd)).notOKorIsEmpty()) {
- rd.perms(true).add(pstring);
- if (q.roleDAO.create(trans, rd).notOK()) {
- roles.remove(role); // Role doesn't exist, and can't be
- // created
- }
- } else {
- rd = rlrd.value.get(0);
- if (!rd.perms.contains(pstring)) {
- q.roleDAO.addPerm(trans, rd, perm);
- }
- }
- }
- }
-
- Result<PermDAO.Data> pdr = q.permDAO.create(trans, perm);
- if (pdr.isOK()) {
- return Result.ok();
- } else {
- return Result.err(pdr);
- }
- }
-
- public Result<Void> deletePerm(final AuthzTrans trans, final PermDAO.Data perm, boolean force, boolean fromApproval) {
- String user = trans.user();
-
- // Next, see if User is allowed to Manage Permission
- Result<NsDAO.Data> rnsd;
- if (!fromApproval) {
- rnsd = q.mayUser(trans, user, perm, Access.write);
- if (rnsd.notOK()) {
- return Result.err(rnsd);
- }
- }
- // Does Perm exist?
- Result<List<PermDAO.Data>> pdr = q.permDAO.read(trans, perm);
- if (pdr.notOKorIsEmpty()) {
- return Result.err(Status.ERR_PermissionNotFound,"Permission [%s.%s|%s|%s] does not exist.",
- perm.ns,perm.type, perm.instance, perm.action);
- }
- // Get perm, but with rest of data.
- PermDAO.Data fullperm = pdr.value.get(0);
-
- // Attached to any Roles?
- if (fullperm.roles != null) {
- if (force) {
- for (String role : fullperm.roles) {
- Result<Void> rv = null;
- Result<RoleDAO.Data> rrdd = RoleDAO.Data.decode(trans, q, role);
- if(rrdd.isOKhasData()) {
- trans.debug().log("Removing", role, "from", fullperm, "on Perm Delete");
- if ((rv = q.roleDAO.delPerm(trans, rrdd.value, fullperm)).notOK()) {
- if (rv.notOK()) {
- trans.error().log("Error removing Role during delFromPermRole: ",
- trans.getUserPrincipal(),
- rv.errorString());
- }
- }
- } else {
- return Result.err(rrdd);
- }
- }
- } else if (!fullperm.roles.isEmpty()) {
- return Result
- .err(Status.ERR_DependencyExists,
- "Permission [%s.%s|%s|%s] cannot be deleted as it is attached to 1 or more roles.",
- fullperm.ns, fullperm.type, fullperm.instance, fullperm.action);
- }
- }
-
- return q.permDAO.delete(trans, fullperm, false);
- }
-
- public Result<Void> deleteRole(final AuthzTrans trans, final RoleDAO.Data role, boolean force, boolean fromApproval) {
- String user = trans.user();
-
- // Next, see if User is allowed to Manage Role
- Result<NsDAO.Data> rnsd;
- if (!fromApproval) {
- rnsd = q.mayUser(trans, user, role, Access.write);
- if (rnsd.notOK()) {
- return Result.err(rnsd);
- }
- }
-
- // Are there any Users Attached to Role?
- Result<List<UserRoleDAO.Data>> urdr = q.userRoleDAO.readByRole(trans,role.fullName());
- if (force) {
- if (urdr.isOKhasData()) {
- for (UserRoleDAO.Data urd : urdr.value) {
- q.userRoleDAO.delete(trans, urd, false);
- }
- }
- } else if (urdr.isOKhasData()) {
- return Result.err(Status.ERR_DependencyExists,
- "Role [%s.%s] cannot be deleted as it is used by 1 or more Users.",
- role.ns, role.name);
- }
-
- // Does Role exist?
- Result<List<RoleDAO.Data>> rdr = q.roleDAO.read(trans, role);
- if (rdr.notOKorIsEmpty()) {
- return Result.err(Status.ERR_RoleNotFound,
- "Role [%s.%s] does not exist", role.ns, role.name);
- }
- RoleDAO.Data fullrole = rdr.value.get(0); // full key search
-
- // Remove Self from Permissions... always, force or not. Force only applies to Dependencies (Users)
- if (fullrole.perms != null) {
- for (String perm : fullrole.perms(false)) {
- Result<PermDAO.Data> rpd = PermDAO.Data.decode(trans,q,perm);
- if (rpd.isOK()) {
- trans.debug().log("Removing", perm, "from", fullrole,"on Role Delete");
-
- Result<?> r = q.permDAO.delRole(trans, rpd.value, fullrole);
- if (r.notOK()) {
- trans.error().log("ERR_FDR1 unable to remove",fullrole,"from",perm,':',r.status,'-',r.details);
- }
- } else {
- trans.error().log("ERR_FDR2 Could not remove",perm,"from",fullrole);
- }
- }
- }
- return q.roleDAO.delete(trans, fullrole, false);
- }
-
- /**
- * Only owner of Permission may add to Role
- *
- * If force set, however, Role will be created before Grant, if User is
- * allowed to create.
- *
- * @param trans
- * @param role
- * @param pd
- * @return
- */
- public Result<Void> addPermToRole(AuthzTrans trans, RoleDAO.Data role,PermDAO.Data pd, boolean fromApproval) {
- String user = trans.user();
-
- if (!fromApproval) {
- Result<NsDAO.Data> rRoleCo = q.deriveFirstNsForType(trans, role.ns, NsType.COMPANY);
- if(rRoleCo.notOK()) {
- return Result.err(rRoleCo);
- }
- Result<NsDAO.Data> rPermCo = q.deriveFirstNsForType(trans, pd.ns, NsType.COMPANY);
- if(rPermCo.notOK()) {
- return Result.err(rPermCo);
- }
-
- // Not from same company
- if(!rRoleCo.value.name.equals(rPermCo.value.name)) {
- Result<Data> r;
- // Only grant if User ALSO has Write ability in Other Company
- if((r = q.mayUser(trans, user, role, Access.write)).notOK()) {
- return Result.err(r);
- }
- }
-
-
- // Must be Perm Admin, or Granted Special Permission
- Result<NsDAO.Data> ucp = q.mayUser(trans, user, pd, Access.write);
- if (ucp.notOK()) {
- // Don't allow CLI potential Grantees to change their own AAF
- // Perms,
- if ((ROOT_NS.equals(pd.ns) && Question.NS.equals(pd.type))
- || !q.isGranted(trans, trans.user(),ROOT_NS,Question.PERM, rPermCo.value.name, "grant")) {
- // Not otherwise granted
- // TODO Needed?
- return Result.err(ucp);
- }
- // Final Check... Don't allow Grantees to add to Roles they are
- // part of
- Result<List<UserRoleDAO.Data>> rlurd = q.userRoleDAO
- .readByUser(trans, trans.user());
- if (rlurd.isOK()) {
- for (UserRoleDAO.Data ur : rlurd.value) {
- if (role.ns.equals(ur.ns) && role.name.equals(ur.rname)) {
- return Result.err(ucp);
- }
- }
- }
- }
- }
-
- Result<List<PermDAO.Data>> rlpd = q.permDAO.read(trans, pd);
- if (rlpd.notOKorIsEmpty()) {
- return Result.err(Status.ERR_PermissionNotFound,
- "Permission must exist to add to Role");
- }
-
- Result<List<RoleDAO.Data>> rlrd = q.roleDAO.read(trans, role); // Already
- // Checked
- // for
- // can
- // change
- // Role
- Result<Void> rv;
-
- if (rlrd.notOKorIsEmpty()) {
- if (trans.requested(REQD_TYPE.force)) {
- Result<NsDAO.Data> ucr = q.mayUser(trans, user, role,
- Access.write);
- if (ucr.notOK()) {
- return Result
- .err(Status.ERR_Denied,
- "Role [%s.%s] does not exist. User [%s] cannot create.",
- role.ns, role.name, user);
- }
-
- role.perms(true).add(pd.encode());
- Result<RoleDAO.Data> rdd = q.roleDAO.create(trans, role);
- if (rdd.isOK()) {
- rv = Result.ok();
- } else {
- rv = Result.err(rdd);
- }
- } else {
- return Result.err(Status.ERR_RoleNotFound,
- "Role [%s.%s] does not exist.", role.ns, role.name);
- }
- } else {
- role = rlrd.value.get(0);
- if (role.perms(false).contains(pd.encode())) {
- return Result.err(Status.ERR_ConflictAlreadyExists,
- "Permission [%s.%s] is already a member of role [%s,%s]",
- pd.ns, pd.type, role.ns, role.name);
- }
- role.perms(true).add(pd.encode()); // this is added for Caching
- // access purposes... doesn't
- // affect addPerm
- rv = q.roleDAO.addPerm(trans, role, pd);
- }
- if (rv.status == Status.OK) {
- return q.permDAO.addRole(trans, pd, role);
- // exploring how to add information message to successful http
- // request
- }
- return rv;
- }
-
- /**
- * Either Owner of Role or Permission may delete from Role
- *
- * @param trans
- * @param role
- * @param pd
- * @return
- */
- public Result<Void> delPermFromRole(AuthzTrans trans, RoleDAO.Data role,PermDAO.Data pd, boolean fromApproval) {
- String user = trans.user();
- if (!fromApproval) {
- Result<NsDAO.Data> ucr = q.mayUser(trans, user, role, Access.write);
- Result<NsDAO.Data> ucp = q.mayUser(trans, user, pd, Access.write);
-
- // If Can't change either Role or Perm, then deny
- if (ucr.notOK() && ucp.notOK()) {
- return Result.err(Status.ERR_Denied,
- "User [" + trans.user()
- + "] does not have permission to delete ["
- + pd.encode() + "] from Role ["
- + role.fullName() + ']');
- }
- }
-
- Result<List<RoleDAO.Data>> rlr = q.roleDAO.read(trans, role);
- if (rlr.notOKorIsEmpty()) {
- // If Bad Data, clean out
- Result<List<PermDAO.Data>> rlp = q.permDAO.read(trans, pd);
- if (rlp.isOKhasData()) {
- for (PermDAO.Data pv : rlp.value) {
- q.permDAO.delRole(trans, pv, role);
- }
- }
- return Result.err(rlr);
- }
- String perm1 = pd.encode();
- boolean notFound;
- if (trans.requested(REQD_TYPE.force)) {
- notFound = false;
- } else { // only check if force not set.
- notFound = true;
- for (RoleDAO.Data r : rlr.value) {
- if (r.perms != null) {
- for (String perm : r.perms) {
- if (perm1.equals(perm)) {
- notFound = false;
- break;
- }
- }
- if(!notFound) {
- break;
- }
- }
- }
- }
- if (notFound) { // Need to check both, in case of corruption
- return Result.err(Status.ERR_PermissionNotFound,
- "Permission [%s.%s|%s|%s] not associated with any Role",
- pd.ns,pd.type,pd.instance,pd.action);
- }
-
- // Read Perm for full data
- Result<List<PermDAO.Data>> rlp = q.permDAO.read(trans, pd);
- Result<Void> rv = null;
- if (rlp.isOKhasData()) {
- for (PermDAO.Data pv : rlp.value) {
- if ((rv = q.permDAO.delRole(trans, pv, role)).isOK()) {
- if ((rv = q.roleDAO.delPerm(trans, role, pv)).notOK()) {
- trans.error().log(
- "Error removing Perm during delFromPermRole:",
- trans.getUserPrincipal(), rv.errorString());
- }
- } else {
- trans.error().log(
- "Error removing Role during delFromPermRole:",
- trans.getUserPrincipal(), rv.errorString());
- }
- }
- } else {
- rv = q.roleDAO.delPerm(trans, role, pd);
- if (rv.notOK()) {
- trans.error().log("Error removing Role during delFromPermRole",
- rv.errorString());
- }
- }
- return rv == null ? Result.ok() : rv;
- }
-
- public Result<Void> delPermFromRole(AuthzTrans trans, String role,PermDAO.Data pd) {
- Result<NsSplit> nss = q.deriveNsSplit(trans, role);
- if (nss.notOK()) {
- return Result.err(nss);
- }
- RoleDAO.Data rd = new RoleDAO.Data();
- rd.ns = nss.value.ns;
- rd.name = nss.value.name;
- return delPermFromRole(trans, rd, pd, false);
- }
-
- /**
- * Add a User to Role
- *
- * 1) Role must exist 2) User must be a known Credential (i.e. mechID ok if
- * Credential) or known Organizational User
- *
- * @param trans
- * @param org
- * @param urData
- * @return
- * @throws DAOException
- */
- public Result<Void> addUserRole(AuthzTrans trans,UserRoleDAO.Data urData) {
- Result<Void> rv;
- if(Question.ADMIN.equals(urData.rname)) {
- rv = mayAddAdmin(trans, urData.ns, urData.user);
- } else if(Question.OWNER.equals(urData.rname)) {
- rv = mayAddOwner(trans, urData.ns, urData.user);
- } else {
- rv = checkValidID(trans, new Date(), urData.user);
- }
- if(rv.notOK()) {
- return rv;
- }
-
- // Check if record exists
- if (q.userRoleDAO.read(trans, urData).isOKhasData()) {
- return Result.err(Status.ERR_ConflictAlreadyExists,
- "User Role exists");
- }
- if (q.roleDAO.read(trans, urData.ns, urData.rname).notOKorIsEmpty()) {
- return Result.err(Status.ERR_RoleNotFound,
- "Role [%s.%s] does not exist", urData.ns, urData.rname);
- }
-
- urData.expires = trans.org().expiration(null, Expiration.UserInRole, urData.user).getTime();
-
-
- Result<UserRoleDAO.Data> udr = q.userRoleDAO.create(trans, urData);
- switch (udr.status) {
- case OK:
- return Result.ok();
- default:
- return Result.err(udr);
- }
- }
-
- public Result<Void> addUserRole(AuthzTrans trans, String user, String ns, String rname) {
- try {
- if(trans.org().getIdentity(trans, user)==null) {
- return Result.err(Result.ERR_BadData,user+" is an Invalid Identity for " + trans.org().getName());
- }
- } catch (OrganizationException e) {
- return Result.err(e);
- }
- UserRoleDAO.Data urdd = new UserRoleDAO.Data();
- urdd.ns = ns;
- urdd.role(ns, rname);
- urdd.user = user;
- return addUserRole(trans,urdd);
- }
-
- /**
- * Extend User Role.
- *
- * extend the Expiration data, according to Organization rules.
- *
- * @param trans
- * @param org
- * @param urData
- * @return
- */
- public Result<Void> extendUserRole(AuthzTrans trans, UserRoleDAO.Data urData, boolean checkForExist) {
- // Check if record still exists
- if (checkForExist && q.userRoleDAO.read(trans, urData).notOKorIsEmpty()) {
- return Result.err(Status.ERR_UserRoleNotFound,
- "User Role does not exist");
- }
-
- if (q.roleDAO.read(trans, urData.ns, urData.rname).notOKorIsEmpty()) {
- return Result.err(Status.ERR_RoleNotFound,
- "Role [%s.%s] does not exist", urData.ns,urData.rname);
- }
- // Special case for "Admin" roles. Issue brought forward with Prod
- // problem 9/26
- Date now = new Date();
- GregorianCalendar gc = new GregorianCalendar();
- gc.setTime(now.after(urData.expires)?now:urData.expires);
- urData.expires = trans.org().expiration(gc, Expiration.UserInRole).getTime(); // get
- // Full
- // time
- // starting
- // today
- return q.userRoleDAO.update(trans, urData);
- }
-
- // ////////////////////////////////////////////////////
- // Special User Role Functions
- // These exist, because User Roles have Expiration dates, which must be
- // accounted for
- // Also, as of July, 2015, Namespace Owners and Admins are now regular User
- // Roles
- // ////////////////////////////////////////////////////
- public Result<List<String>> getUsersByRole(AuthzTrans trans, String role, boolean includeExpired) {
- Result<List<UserRoleDAO.Data>> rurdd = q.userRoleDAO.readByRole(trans,role);
- if (rurdd.notOK()) {
- return Result.err(rurdd);
- }
- Date now = new Date();
- List<UserRoleDAO.Data> list = rurdd.value;
- List<String> rv = new ArrayList<>(list.size()); // presize
- for (UserRoleDAO.Data urdd : rurdd.value) {
- if (includeExpired || urdd.expires.after(now)) {
- rv.add(urdd.user);
- }
- }
- return Result.ok(rv);
- }
-
- public Result<Void> delUserRole(AuthzTrans trans, String user, String ns, String rname) {
- UserRoleDAO.Data urdd = new UserRoleDAO.Data();
- urdd.user = user;
- urdd.role(ns,rname);
- Result<List<UserRoleDAO.Data>> r = q.userRoleDAO.read(trans, urdd);
- if (r.status == 404 || r.isEmpty()) {
- return Result.err(Status.ERR_UserRoleNotFound,
- "UserRole [%s] [%s.%s]", user, ns, rname);
- }
- if (r.notOK()) {
- return Result.err(r);
- }
-
- return q.userRoleDAO.delete(trans, urdd, false);
- }
-
- public Result<String> createFuture(AuthzTrans trans, FutureDAO.Data data, String id, String user,
- NsDAO.Data nsd, FUTURE_OP op) {
- StringBuilder sb = new StringBuilder();
- try {
- Organization org = trans.org();
- // For Reapproval, only check Owners.. Do Supervisors, etc, separately
- List<Identity> approvers = op.equals(FUTURE_OP.A)?NO_ADDL_APPROVE:org.getApprovers(trans, user);
- List<Identity> owners = new ArrayList<>();
- if (nsd != null) {
- Result<List<UserRoleDAO.Data>> rrbr = q.userRoleDAO
- .readByRole(trans, nsd.name + Question.DOT_OWNER);
- if (rrbr.isOKhasData()) {
- for(UserRoleDAO.Data urd : rrbr.value) {
- Identity owner = org.getIdentity(trans, urd.user);
- if(owner==null) {
- return Result.err(Result.ERR_NotFound,urd.user + " is not a Valid Owner of " + nsd.name);
- } else {
- owners.add(owner);
- }
- }
- }
- }
-
- if(owners.isEmpty()) {
- return Result.err(Result.ERR_NotFound,"No Owners found for " + nsd.name);
- }
-
- // Create Future Object
-
- Result<FutureDAO.Data> fr = q.futureDAO.create(trans, data, id);
- if (fr.isOK()) {
- sb.append("Created Future: ");
- sb.append(data.id);
- // User Future ID as ticket for Approvals
- final UUID ticket = fr.value.id;
- sb.append(", Approvals: ");
- Boolean first[] = new Boolean[]{true};
- if(op!=FUTURE_OP.A) {
- for (Identity u : approvers) {
- Result<ApprovalDAO.Data> r = addIdentity(trans,sb,first,user,data.memo,op,u,ticket,org.getApproverType());
- if(r.notOK()) {
- return Result.err(r);
- }
- }
- }
- for (Identity u : owners) {
- Result<ApprovalDAO.Data> r = addIdentity(trans,sb,first,user,data.memo,op,u,ticket,"owner");
- if(r.notOK()) {
- return Result.err(r);
- }
- }
- }
- } catch (Exception e) {
- return Result.err(e);
- }
-
- return Result.ok(sb.toString());
- }
-
- /*
- * This interface is to allow performFutureOps with either Realtime Data, or Batched lookups (See Expiring)
- */
- public interface Lookup<T> {
- T get(AuthzTrans trans, Object ... keys);
- }
-
- public Lookup<UserRoleDAO.Data> urDBLookup = new Lookup<UserRoleDAO.Data>() {
- @Override
- public UserRoleDAO.Data get(AuthzTrans trans, Object ... keys) {
- Result<List<UserRoleDAO.Data>> r = q.userRoleDAO.read(trans, keys);
- if(r.isOKhasData()) {
- return r.value.get(0);
- } else {
- return null;
- }
- }
- };
-
- /**
- * Note: if "allApprovals for Ticket is null, it will be looked up.
- * if "fdd" is null, it will be looked up, but
- *
- * They can be passed for performance reasons.
- *
- * @param trans
- * @param cd
- * @param allApprovalsForTicket
- * @return
- */
- public Result<OP_STATUS> performFutureOp(final AuthzTrans trans, FUTURE_OP fop, FutureDAO.Data curr, Lookup<List<ApprovalDAO.Data>> la, Lookup<UserRoleDAO.Data> lur) {
- // Pre-Evaluate if ReApproval is already done.
- UserRoleDAO.Data urdd = null;
- if(fop.equals(FUTURE_OP.A) && curr.target.equals(FOP_USER_ROLE) && curr.construct!=null) {
- try {
- // Get Expected UserRole from Future
- urdd = new UserRoleDAO.Data();
- urdd.reconstitute(curr.construct);
- // Get Current UserRole from lookup
- UserRoleDAO.Data lurdd = lur.get(trans, urdd.user,urdd.role);
- if(lurdd==null) {
- q.futureDAO.delete(trans, curr, false);
- return OP_STATUS.RL;
- } else {
- if(curr.expires.compareTo(lurdd.expires)<0) {
- q.futureDAO.delete(trans, curr, false);
- return OP_STATUS.RL;
- }
- }
- } catch (IOException e) {
- return Result.err(Result.ERR_BadData,"Cannot reconstitute %1",curr.memo);
- }
- }
-
- boolean aDenial = false;
- int cntSuper=0, appSuper=0,cntOwner=0, appOwner=0;
- for(ApprovalDAO.Data add : la.get(trans)) {
- switch(add.status) {
- case "approved":
- if("owner".equals(add.type)) {
- ++cntOwner;
- ++appOwner;
- } else if("supervisor".equals(add.type)) {
- ++cntSuper;
- ++appSuper;
- }
- break;
- case "pending":
- if("owner".equals(add.type)) {
- ++cntOwner;
- } else if("supervisor".equals(add.type)) {
- ++cntSuper;
- }
- break;
- case "denied":
- aDenial=true;
- break;
- }
- }
-
- Result<OP_STATUS> ros=null;
- if(aDenial) {
- // Note: Denial will be Audit-logged.
-// for (ApprovalDAO.Data ad : allApprovalsForTicket.value) {
-// q.approvalDAO.delete(trans, ad, false);
-// }
- ros = OP_STATUS.RD;
- if(q.futureDAO.delete(trans, curr, false).notOK()) {
- trans.info().printf("Future %s could not be deleted", curr.id.toString());
- } else {
- if (FOP_USER_ROLE.equalsIgnoreCase(curr.target)) {
- // A Denial means we must remove UserRole
- if(fop.equals(FUTURE_OP.U) || fop.equals(FUTURE_OP.A)) {
- UserRoleDAO.Data data = new UserRoleDAO.Data();
- try {
- data.reconstitute(curr.construct);
- } catch (IOException e) {
- trans.error().log("Cannot reconstitue",curr.memo);
- }
- ros = set(OP_STATUS.RD,delUserRole(trans, data.user, data.ns, data.rname));
- }
- }
- }
- }
-
- // Decision: If not Denied, and at least owner, if exists, and at least one Super, if exists
- boolean goDecision = (cntOwner>0?appOwner>0:true) && (cntSuper>0?appSuper>0:true);
-
- if(goDecision) {
- // should check if any other pendings before performing
- // actions
- try {
- if (FOP_ROLE.equalsIgnoreCase(curr.target)) {
- RoleDAO.Data data = new RoleDAO.Data();
- data.reconstitute(curr.construct);
- switch(fop) {
- case C:
- ros = set(OP_STATUS.RE,q.roleDAO.dao().create(trans, data));
- break;
- case D:
- ros = set(OP_STATUS.RE,deleteRole(trans, data, true, true));
- break;
- default:
- }
- } else if (FOP_PERM.equalsIgnoreCase(curr.target)) {
- PermDAO.Data pdd = new PermDAO.Data();
- pdd.reconstitute(curr.construct);
- Set<String> roles;
- Result<RoleDAO.Data> rrdd;
- switch(fop) {
- case C:
- ros = set(OP_STATUS.RE,createPerm(trans, pdd, true));
- break;
- case D:
- ros = set(OP_STATUS.RE,deletePerm(trans, pdd, true, true));
- break;
- case G:
- roles = pdd.roles(true);
- for (String roleStr : roles) {
- rrdd = RoleDAO.Data.decode(trans, q, roleStr);
- if (rrdd.isOKhasData()) {
- ros = set(OP_STATUS.RE,addPermToRole(trans, rrdd.value, pdd, true));
- } else {
- trans.error().log(rrdd.errorString());
- }
- }
- break;
- case UG:
- roles = pdd.roles(true);
- for (String roleStr : roles) {
- rrdd = RoleDAO.Data.decode(trans, q, roleStr);
- if (rrdd.isOKhasData()) {
- ros = set(OP_STATUS.RE,delPermFromRole(trans, rrdd.value, pdd, true));
- } else {
- trans.error().log(rrdd.errorString());
- }
- }
- break;
- default:
- }
- } else if (FOP_USER_ROLE.equalsIgnoreCase(curr.target)) {
- if(urdd==null) {
- urdd = new UserRoleDAO.Data();
- urdd.reconstitute(curr.construct);
- }
- // if I am the last to approve, create user role
- switch(fop) {
- case C:
- ros = set(OP_STATUS.RE,addUserRole(trans, urdd));
- break;
- case U:
- case A:
- ros = set(OP_STATUS.RE,extendUserRole(trans,urdd,true));
- break;
- default:
- }
- } else if (FOP_NS.equalsIgnoreCase(curr.target)) {
- Namespace namespace = new Namespace();
- namespace.reconstitute(curr.construct);
- switch(fop) {
- case C:
- ros = set(OP_STATUS.RE,createNS(trans, namespace, true));
- break;
- default:
- }
- } else if (FOP_DELEGATE.equalsIgnoreCase(curr.target)) {
- DelegateDAO.Data data = new DelegateDAO.Data();
- data.reconstitute(curr.construct);
- switch(fop) {
- case C:
- ros = set(OP_STATUS.RE,q.delegateDAO.create(trans, data));
- break;
- case U:
- ros = set(OP_STATUS.RE,q.delegateDAO.update(trans, data));
- break;
- default:
- }
- } else if (FOP_CRED.equalsIgnoreCase(curr.target)) {
- CredDAO.Data data = new CredDAO.Data();
- data.reconstitute(curr.construct);
- switch(fop) {
- case C:
- ros = set(OP_STATUS.RE,q.credDAO.dao().create(trans, data));
- break;
- default:
- }
- }
- } catch (Exception e) {
- trans.error().log("Exception: ", e.getMessage(),
- " \n occurred while performing", curr.memo,
- " from Ticket ", curr.id.toString());
- }
- q.futureDAO.delete(trans, curr, false);
- } // end for goDecision
- if(ros==null) {
- //return Result.err(Status.ACC_Future, "Full Approvals not obtained: No action taken");
- ros = OP_STATUS.RP;
- }
-
- return ros;
- }
-
- // Convenience method for setting OPSTatus Results
- private Result<OP_STATUS> set(Result<OP_STATUS> rs, Result<?> orig) {
- if(orig.isOK()) {
- return rs;
- } else {
- return Result.err(orig);
- }
- }
-
- private Result<ApprovalDAO.Data> addIdentity(AuthzTrans trans, StringBuilder sb,
- Boolean[] first, String user, String memo, FUTURE_OP op, Identity u, UUID ticket, String type) throws OrganizationException {
- ApprovalDAO.Data ad = new ApprovalDAO.Data();
- // Note ad.id is set by ApprovalDAO Create
- ad.ticket = ticket;
- ad.user = user;
- ad.approver = u.fullID();
- ad.status = ApprovalDAO.PENDING;
- ad.memo = memo;
- ad.type = type;
- ad.operation = op.name();
- // Note ad.updated is created in System
- Result<ApprovalDAO.Data> r = q.approvalDAO.create(trans,ad);
- if(r.isOK()) {
- if(first[0]) {
- first[0] = false;
- } else {
- sb.append(", ");
- }
- sb.append(r.value.user);
- sb.append(':');
- sb.append(r.value.ticket);
- return r;
- } else {
- return Result.err(Status.ERR_ActionNotCompleted,
- "Approval for %s, %s could not be created: %s",
- ad.user, ad.approver,
- r.details, sb.toString());
- }
- }
-
- public Executor newExecutor(AuthzTrans trans) {
- return new CassExecutor(trans, this);
- }
+ private static final String CANNOT_BE_THE_OWNER_OF_A_NAMESPACE = "%s(%s) cannot be the owner of the namespace '%s'. Owners %s.";
+
+ public enum FUTURE_OP {
+ C("Create"),U("Update"),D("Delete"),G("Grant"),UG("UnGrant"),A("Approval");
+
+ private String desc;
+
+ private FUTURE_OP(String desc) {
+ this.desc = desc;
+ }
+
+ public String desc() {
+ return desc;
+ }
+
+ /**
+ * Same as valueOf(), but passes back null instead of throwing Exception
+ * @param value
+ * @return
+ */
+ public static FUTURE_OP toFO(String value) {
+ if(value!=null) {
+ for(FUTURE_OP fo : values()) {
+ if(fo.name().equals(value)){
+ return fo;
+ }
+ }
+ }
+ return null;
+ }
+ }
+
+ public enum OP_STATUS {
+ E("Executed"),D("Denied"),P("Pending"),L("Lapsed");
+
+ private String desc;
+ public final static Result<OP_STATUS> RE = Result.ok(OP_STATUS.E);
+ public final static Result<OP_STATUS> RD = Result.ok(OP_STATUS.D);
+ public final static Result<OP_STATUS> RP = Result.ok(OP_STATUS.P);
+ public final static Result<OP_STATUS> RL = Result.ok(OP_STATUS.L);
+
+ private OP_STATUS(String desc) {
+ this.desc = desc;
+ }
+
+ public String desc() {
+ return desc;
+ }
+
+ }
+
+ public static final String FOP_CRED = "cred";
+ public static final String FOP_DELEGATE = "delegate";
+ public static final String FOP_NS = "ns";
+ public static final String FOP_PERM = "perm";
+ public static final String FOP_ROLE = "role";
+ public static final String FOP_USER_ROLE = "user_role";
+ private static final List<Identity> NO_ADDL_APPROVE = new ArrayList<>();
+ private static final String ROOT_NS = Define.ROOT_NS();
+ // First Action should ALWAYS be "write", see "CreateRole"
+ public final Question q;
+
+ public Function(AuthzTrans trans, Question question) {
+ q = question;
+ }
+
+ private class ErrBuilder {
+ private StringBuilder sb;
+ private List<String> ao;
+
+ public void log(Result<?> result) {
+ if (result.notOK()) {
+ if (sb == null) {
+ sb = new StringBuilder();
+ ao = new ArrayList<>();
+ }
+ sb.append(result.details);
+ sb.append('\n');
+ for (String s : result.variables) {
+ ao.add(s);
+ }
+ }
+ }
+
+ public String[] vars() {
+ String[] rv = new String[ao.size()];
+ ao.toArray(rv);
+ return rv;
+ }
+
+ public boolean hasErr() {
+ return sb != null;
+ }
+
+ @Override
+ public String toString() {
+ return sb == null ? "" : String.format(sb.toString(), ao);
+ }
+ }
+
+ /**
+ * createNS
+ *
+ * Create Namespace
+ *
+ * @param trans
+ * @param org
+ * @param ns
+ * @param user
+ * @return
+ * @throws DAOException
+ *
+ * To create an NS, you need to: 1) validate permission to
+ * modify parent NS 2) Does NS exist already? 3) Create NS with
+ * a) "user" as owner. NOTE: Per 10-15 request for AAF 1.0 4)
+ * Loop through Roles with Parent NS, and map any that start
+ * with this NS into this one 5) Loop through Perms with Parent
+ * NS, and map any that start with this NS into this one
+ */
+ public Result<Void> createNS(AuthzTrans trans, Namespace namespace, boolean fromApproval) {
+ Result<?> rq;
+// if (namespace.name.endsWith(Question.DOT_ADMIN)
+// || namespace.name.endsWith(Question.DOT_OWNER)) {
+// return Result.err(Status.ERR_BadData,
+// "'admin' and 'owner' are reserved names in AAF");
+// }
+
+ try {
+ for (String u : namespace.owner) {
+ Organization org = trans.org();
+ Identity orgUser = org.getIdentity(trans, u);
+ String reason;
+ if (orgUser == null) {
+ return Result.err(Status.ERR_Policy,"%s is not a valid user at %s",u,org.getName());
+ } else if((reason=orgUser.mayOwn())!=null) {
+ if (org.isTestEnv()) {
+ String reason2;
+ if((reason2=org.validate(trans, Policy.AS_RESPONSIBLE,new CassExecutor(trans, this), u))!=null) { // can masquerade as responsible
+ trans.debug().log(reason2);
+ return Result.err(Status.ERR_Policy,CANNOT_BE_THE_OWNER_OF_A_NAMESPACE,orgUser.fullName(),orgUser.id(),namespace.name,reason);
+ }
+ // a null means ok
+ } else {
+ if(orgUser.isFound()) {
+ return Result.err(Status.ERR_Policy,CANNOT_BE_THE_OWNER_OF_A_NAMESPACE,orgUser.fullName(),orgUser.id(),namespace.name, reason);
+ } else {
+ return Result.err(Status.ERR_Policy,u + " is an invalid Identity");
+ }
+ }
+ }
+ }
+ } catch (Exception e) {
+ trans.error().log(e,
+ "Could not contact Organization for User Validation");
+ }
+
+ String user = trans.user();
+ // 1) May Change Parent?
+ int idx = namespace.name.lastIndexOf('.');
+ String parent;
+ if (idx < 0) {
+ if (!q.isGranted(trans, user, ROOT_NS,Question.NS, ".", "create")) {
+ return Result.err(Result.ERR_Security,
+ "%s may not create Root Namespaces", user);
+ }
+ parent = null;
+ fromApproval = true;
+ } else {
+ parent = namespace.name.substring(0, idx); // get Parent String
+ }
+
+ Result<NsDAO.Data> rparent = q.deriveNs(trans, parent);
+ if (rparent.notOK()) {
+ return Result.err(rparent);
+ }
+ if (!fromApproval) {
+ rparent = q.mayUser(trans, user, rparent.value, Access.write);
+ if (rparent.notOK()) {
+ return Result.err(rparent);
+ }
+ }
+ parent = namespace.parent = rparent.value.name; // Correct Namespace from real data
+
+ // 2) Does requested NS exist
+ if (q.nsDAO.read(trans, namespace.name).isOKhasData()) {
+ return Result.err(Status.ERR_ConflictAlreadyExists,
+ "Target Namespace already exists");
+ }
+
+ // Someone must be responsible.
+ if (namespace.owner == null || namespace.owner.isEmpty()) {
+ return Result
+ .err(Status.ERR_Policy,
+ "Namespaces must be assigned at least one responsible party");
+ }
+
+ // 3) Create NS
+ Date now = new Date();
+
+ Result<Void> r;
+ // 3a) Admin
+
+ try {
+ // Originally, added the enterer as Admin, but that's not necessary,
+ // or helpful for Operations folks..
+ // Admins can be empty, because they can be changed by lower level
+ // NSs
+ // if(ns.admin(false).isEmpty()) {
+ // ns.admin(true).add(user);
+ // }
+ if (namespace.admin != null) {
+ for (String u : namespace.admin) {
+ if ((r = checkValidID(trans, now, u)).notOK()) {
+ return r;
+ }
+ }
+ }
+
+ // 3b) Responsible
+ Organization org = trans.org();
+ for (String u : namespace.owner) {
+ Identity orgUser = org.getIdentity(trans, u);
+ if (orgUser == null) {
+ return Result
+ .err(Status.ERR_BadData,
+ "NS must be created with an %s approved Responsible Party",
+ org.getName());
+ }
+ }
+ } catch (Exception e) {
+ return Result.err(Status.ERR_UserNotFound, e.getMessage());
+ }
+
+ // VALIDATIONS done... Add NS
+ if ((rq = q.nsDAO.create(trans, namespace.data())).notOK()) {
+ return Result.err(rq);
+ }
+
+ // Since Namespace is now created, we need to grab all subsequent errors
+ ErrBuilder eb = new ErrBuilder();
+
+ // Add UserRole(s)
+ UserRoleDAO.Data urdd = new UserRoleDAO.Data();
+ urdd.expires = trans.org().expiration(null, Expiration.UserInRole).getTime();
+ urdd.role(namespace.name, Question.ADMIN);
+ for (String admin : namespace.admin) {
+ urdd.user = admin;
+ eb.log(q.userRoleDAO.create(trans, urdd));
+ }
+ urdd.role(namespace.name,Question.OWNER);
+ for (String owner : namespace.owner) {
+ urdd.user = owner;
+ eb.log(q.userRoleDAO.create(trans, urdd));
+ }
+
+ addNSAdminRolesPerms(trans, eb, namespace.name);
+
+ addNSOwnerRolesPerms(trans, eb, namespace.name);
+
+ if (parent != null) {
+ // Build up with any errors
+
+ String targetNs = rparent.value.name; // Get the Parent Namespace,
+ // not target
+ String targetName = namespace.name.substring(targetNs.length() + 1); // Remove the Parent Namespace from the
+ // Target + a dot, and you'll get the name
+ int targetNameDot = targetName.length() + 1;
+
+ // 4) Change any roles with children matching this NS, and
+ Result<List<RoleDAO.Data>> rrdc = q.roleDAO.readChildren(trans, targetNs, targetName);
+ if (rrdc.isOKhasData()) {
+ for (RoleDAO.Data rdd : rrdc.value) {
+ // Remove old Role from Perms, save them off
+ List<PermDAO.Data> lpdd = new ArrayList<>();
+ for(String p : rdd.perms(false)) {
+ Result<PermDAO.Data> rpdd = PermDAO.Data.decode(trans,q,p);
+ if(rpdd.isOKhasData()) {
+ PermDAO.Data pdd = rpdd.value;
+ lpdd.add(pdd);
+ q.permDAO.delRole(trans, pdd, rdd);
+ } else{
+ trans.error().log(rpdd.errorString());
+ }
+ }
+
+ // Save off Old keys
+ String delP1 = rdd.ns;
+ String delP2 = rdd.name;
+
+ // Write in new key
+ rdd.ns = namespace.name;
+ rdd.name = (delP2.length() > targetNameDot) ? delP2
+ .substring(targetNameDot) : "";
+
+ // Need to use non-cached, because switching namespaces, not
+ // "create" per se
+ if ((rq = q.roleDAO.create(trans, rdd)).isOK()) {
+ // Put Role back into Perm, with correct info
+ for(PermDAO.Data pdd : lpdd) {
+ q.permDAO.addRole(trans, pdd, rdd);
+ }
+ // Change data for User Roles
+ Result<List<UserRoleDAO.Data>> rurd = q.userRoleDAO.readByRole(trans, rdd.fullName());
+ if(rurd.isOKhasData()) {
+ for(UserRoleDAO.Data urd : rurd.value) {
+ urd.ns = rdd.ns;
+ urd.rname = rdd.name;
+ q.userRoleDAO.update(trans, urd);
+ }
+ }
+ // Now delete old one
+ rdd.ns = delP1;
+ rdd.name = delP2;
+ if ((rq = q.roleDAO.delete(trans, rdd, false)).notOK()) {
+ eb.log(rq);
+ }
+ } else {
+ eb.log(rq);
+ }
+ }
+ }
+
+ // 4) Change any Permissions with children matching this NS, and
+ Result<List<PermDAO.Data>> rpdc = q.permDAO.readChildren(trans,targetNs, targetName);
+ if (rpdc.isOKhasData()) {
+ for (PermDAO.Data pdd : rpdc.value) {
+ // Remove old Perm from Roles, save them off
+ List<RoleDAO.Data> lrdd = new ArrayList<>();
+
+ for(String rl : pdd.roles(false)) {
+ Result<RoleDAO.Data> rrdd = RoleDAO.Data.decode(trans,q,rl);
+ if(rrdd.isOKhasData()) {
+ RoleDAO.Data rdd = rrdd.value;
+ lrdd.add(rdd);
+ q.roleDAO.delPerm(trans, rdd, pdd);
+ } else{
+ trans.error().log(rrdd.errorString());
+ }
+ }
+
+ // Save off Old keys
+ String delP1 = pdd.ns;
+ String delP2 = pdd.type;
+ pdd.ns = namespace.name;
+ pdd.type = (delP2.length() > targetNameDot) ? delP2
+ .substring(targetNameDot) : "";
+ if ((rq = q.permDAO.create(trans, pdd)).isOK()) {
+ // Put Role back into Perm, with correct info
+ for(RoleDAO.Data rdd : lrdd) {
+ q.roleDAO.addPerm(trans, rdd, pdd);
+ }
+
+ pdd.ns = delP1;
+ pdd.type = delP2;
+ if ((rq = q.permDAO.delete(trans, pdd, false)).notOK()) {
+ eb.log(rq);
+ // } else {
+ // Need to invalidate directly, because we're
+ // switching places in NS, not normal cache behavior
+ // q.permDAO.invalidate(trans,pdd);
+ }
+ } else {
+ eb.log(rq);
+ }
+ }
+ }
+ if (eb.hasErr()) {
+ return Result.err(Status.ERR_ActionNotCompleted,eb.sb.toString(), eb.vars());
+ }
+ }
+ return Result.ok();
+ }
+
+ private void addNSAdminRolesPerms(AuthzTrans trans, ErrBuilder eb, String ns) {
+ // Admin Role/Perm
+ RoleDAO.Data rd = new RoleDAO.Data();
+ rd.ns = ns;
+ rd.name = "admin";
+ rd.description = "AAF Namespace Administrators";
+
+ PermDAO.Data pd = new PermDAO.Data();
+ pd.ns = ns;
+ pd.type = "access";
+ pd.instance = Question.ASTERIX;
+ pd.action = Question.ASTERIX;
+ pd.description = "AAF Namespace Write Access";
+
+ rd.perms = new HashSet<>();
+ rd.perms.add(pd.encode());
+ eb.log(q.roleDAO.create(trans, rd));
+
+ pd.roles = new HashSet<>();
+ pd.roles.add(rd.encode());
+ eb.log(q.permDAO.create(trans, pd));
+ }
+
+ private void addNSOwnerRolesPerms(AuthzTrans trans, ErrBuilder eb, String ns) {
+ RoleDAO.Data rd = new RoleDAO.Data();
+ rd.ns = ns;
+ rd.name = "owner";
+ rd.description = "AAF Namespace Owners";
+
+ PermDAO.Data pd = new PermDAO.Data();
+ pd.ns = ns;
+ pd.type = "access";
+ pd.instance = Question.ASTERIX;
+ pd.action = Question.READ;
+ pd.description = "AAF Namespace Read Access";
+
+ rd.perms = new HashSet<>();
+ rd.perms.add(pd.encode());
+ eb.log(q.roleDAO.create(trans, rd));
+
+ pd.roles = new HashSet<>();
+ pd.roles.add(rd.encode());
+ eb.log(q.permDAO.create(trans, pd));
+ }
+
+ /**
+ * deleteNS
+ *
+ * Delete Namespace
+ *
+ * @param trans
+ * @param org
+ * @param ns
+ * @param force
+ * @param user
+ * @return
+ * @throws DAOException
+ *
+ *
+ * To delete an NS, you need to: 1) validate permission to
+ * modify this NS 2) Find all Roles with this NS, and 2a) if
+ * Force, delete them, else modify to Parent NS 3) Find all
+ * Perms with this NS, and modify to Parent NS 3a) if Force,
+ * delete them, else modify to Parent NS 4) Find all IDs
+ * associated to this NS, and deny if exists. 5) Remove NS
+ */
+ public Result<Void> deleteNS(AuthzTrans trans, String ns) {
+ boolean force = trans.requested(REQD_TYPE.force);
+ boolean move = trans.requested(REQD_TYPE.move);
+ // 1) Validate
+ Result<List<NsDAO.Data>> nsl;
+ if ((nsl = q.nsDAO.read(trans, ns)).notOKorIsEmpty()) {
+ return Result.err(Status.ERR_NsNotFound, "%s does not exist", ns);
+ }
+ NsDAO.Data nsd = nsl.value.get(0);
+ NsType nt;
+ if (move && !q.canMove(nt = NsType.fromType(nsd.type))) {
+ return Result.err(Status.ERR_Denied, "Namespace Force=move not permitted for Type %s",nt.name());
+ }
+
+ Result<NsDAO.Data> dnr = q.mayUser(trans, trans.user(), nsd, Access.write);
+ if (dnr.status != Status.OK) {
+ return Result.err(dnr);
+ }
+
+ // 2) Find Parent
+ String user = trans.user();
+ int idx = ns.lastIndexOf('.');
+ NsDAO.Data parent;
+ if (idx < 0) {
+ if (!q.isGranted(trans, user, ROOT_NS,Question.NS, ".", "delete")) {
+ return Result.err(Result.ERR_Security,
+ "%s may not delete Root Namespaces", user);
+ }
+ parent = null;
+ } else {
+ Result<NsDAO.Data> rlparent = q.deriveNs(trans, ns.substring(0, idx));
+ if (rlparent.notOKorIsEmpty()) {
+ return Result.err(rlparent);
+ }
+ parent = rlparent.value;
+ }
+
+ // Build up with any errors
+ // If sb != null below is an indication of error
+ StringBuilder sb = null;
+ ErrBuilder er = new ErrBuilder();
+
+ // 2a) Deny if any IDs on Namespace
+ Result<List<CredDAO.Data>> creds = q.credDAO.readNS(trans, ns);
+ if (creds.isOKhasData()) {
+ if (force || move) {
+ for (CredDAO.Data cd : creds.value) {
+ er.log(q.credDAO.delete(trans, cd, false));
+ // Since we're deleting all the creds, we should delete all
+ // the user Roles for that Cred
+ Result<List<UserRoleDAO.Data>> rlurd = q.userRoleDAO
+ .readByUser(trans, cd.id);
+ if (rlurd.isOK()) {
+ for (UserRoleDAO.Data data : rlurd.value) {
+ q.userRoleDAO.delete(trans, data, false);
+ }
+ }
+
+ }
+ } else {
+ // first possible StringBuilder Create.
+ sb = new StringBuilder();
+ sb.append('[');
+ sb.append(ns);
+ sb.append("] contains users");
+ }
+ }
+
+ // 2b) Find (or delete if forced flag is set) dependencies
+ // First, find if NS Perms are the only ones
+ Result<List<PermDAO.Data>> rpdc = q.permDAO.readNS(trans, ns);
+ if (rpdc.isOKhasData()) {
+ // Since there are now NS perms, we have to count NON-NS perms.
+ // FYI, if we delete them now, and the NS is not deleted, it is in
+ // an inconsistent state.
+ boolean nonaccess = false;
+ for (PermDAO.Data pdd : rpdc.value) {
+ if (!"access".equals(pdd.type)) {
+ nonaccess = true;
+ break;
+ }
+ }
+ if (nonaccess && !force && !move) {
+ if (sb == null) {
+ sb = new StringBuilder();
+ sb.append('[');
+ sb.append(ns);
+ sb.append("] contains ");
+ } else {
+ sb.append(", ");
+ }
+ sb.append("permissions");
+ }
+ }
+
+ Result<List<RoleDAO.Data>> rrdc = q.roleDAO.readNS(trans, ns);
+ if (rrdc.isOKhasData()) {
+ // Since there are now NS roles, we have to count NON-NS roles.
+ // FYI, if we delete th)em now, and the NS is not deleted, it is in
+ // an inconsistent state.
+ int count = rrdc.value.size();
+ for (RoleDAO.Data rdd : rrdc.value) {
+ if ("admin".equals(rdd.name) || "owner".equals(rdd.name)) {
+ --count;
+ }
+ }
+ if (count > 0 && !force && !move) {
+ if (sb == null) {
+ sb = new StringBuilder();
+ sb.append('[');
+ sb.append(ns);
+ sb.append("] contains ");
+ } else {
+ sb.append(", ");
+ }
+ sb.append("roles");
+ }
+ }
+
+ // 2c) Deny if dependencies exist that would be moved to root level
+ // parent is root level parent here. Need to find closest parent ns that
+ // exists
+ if (sb != null) {
+ if (!force && !move) {
+ sb.append(".\n Delete dependencies and try again. Note: using \"force=true\" will delete all. \"force=move\" will delete Creds, but move Roles and Perms to parent.");
+ return Result.err(Status.ERR_DependencyExists, sb.toString());
+ }
+
+ if (move && (parent == null || parent.type == NsType.COMPANY.type)) {
+ return Result
+ .err(Status.ERR_DependencyExists,
+ "Cannot move users, roles or permissions to [%s].\nDelete dependencies and try again",
+ parent.name);
+ }
+ } else if (move && parent != null) {
+ sb = new StringBuilder();
+ // 3) Change any roles with children matching this NS, and
+ moveRoles(trans, parent, sb, rrdc);
+ // 4) Change any Perms with children matching this NS, and
+ movePerms(trans, parent, sb, rpdc);
+ }
+
+ if (sb != null && sb.length() > 0) {
+ return Result.err(Status.ERR_DependencyExists, sb.toString());
+ }
+
+ if (er.hasErr()) {
+ if (trans.debug().isLoggable()) {
+ trans.debug().log(er.toString());
+ }
+ return Result.err(Status.ERR_DependencyExists,
+ "Namespace members cannot be deleted for %s", ns);
+ }
+
+ // 5) OK... good to go for NS Deletion...
+ if (!rpdc.isEmpty()) {
+ for (PermDAO.Data perm : rpdc.value) {
+ deletePerm(trans, perm, true, true);
+ }
+ }
+ if (!rrdc.isEmpty()) {
+ for (RoleDAO.Data role : rrdc.value) {
+ deleteRole(trans, role, true, true);
+ }
+ }
+
+ return q.nsDAO.delete(trans, nsd, false);
+ }
+
+ public Result<List<String>> getOwners(AuthzTrans trans, String ns,
+ boolean includeExpired) {
+ return getUsersByRole(trans, ns + Question.DOT_OWNER, includeExpired);
+ }
+
+ private Result<Void> mayAddOwner(AuthzTrans trans, String ns, String id) {
+ Result<NsDAO.Data> rq = q.deriveNs(trans, ns);
+ if (rq.notOK()) {
+ return Result.err(rq);
+ }
+
+ rq = q.mayUser(trans, trans.user(), rq.value, Access.write);
+ if (rq.notOK()) {
+ return Result.err(rq);
+ }
+
+ Identity user;
+ Organization org = trans.org();
+ try {
+ if ((user = org.getIdentity(trans, id)) == null) {
+ return Result.err(Status.ERR_Policy,
+ "%s reports that this is not a valid credential",
+ org.getName());
+ }
+ String reason;
+ if ((reason=user.mayOwn())==null) {
+ return Result.ok();
+ } else {
+ if (org.isTestEnv()) {
+ String reason2;
+ if((reason2 = org.validate(trans, Policy.AS_RESPONSIBLE, new CassExecutor(trans, this), id))==null) {
+ return Result.ok();
+ } else {
+ trans.debug().log(reason2);
+ }
+ }
+ return Result.err(Status.ERR_Policy,CANNOT_BE_THE_OWNER_OF_A_NAMESPACE,user.fullName(),user.id(),ns, reason);
+ }
+ } catch (Exception e) {
+ return Result.err(e);
+ }
+ }
+
+ private Result<Void> mayAddAdmin(AuthzTrans trans, String ns, String id) {
+ // Does NS Exist?
+ Result<Void> r = checkValidID(trans, new Date(), id);
+ if (r.notOK()) {
+ return r;
+ }
+ // Is id able to be an Admin
+ Result<NsDAO.Data> rq = q.deriveNs(trans, ns);
+ if (rq.notOK()) {
+ return Result.err(rq);
+ }
+
+ rq = q.mayUser(trans, trans.user(), rq.value, Access.write);
+ if (rq.notOK()) {
+ Result<List<UserRoleDAO.Data>> ruinr = q.userRoleDAO.readUserInRole(trans, trans.user(),ns+".owner");
+ if(!(ruinr.isOKhasData() && ruinr.value.get(0).expires.after(new Date()))) {
+ return Result.err(rq);
+ }
+ }
+ return r;
+ }
+
+ private Result<Void> checkValidID(AuthzTrans trans, Date now, String user) {
+ Organization org = trans.org();
+ if (org.supportsRealm(user)) {
+ try {
+ if (org.getIdentity(trans, user) == null) {
+ return Result.err(Status.ERR_Denied,
+ "%s reports that %s is a faulty ID", org.getName(),
+ user);
+ }
+ return Result.ok();
+ } catch (Exception e) {
+ return Result.err(Result.ERR_Security,
+ "%s is not a valid %s Credential", user, org.getName());
+ }
+ //TODO find out how to make sure good ALTERNATE OAUTH DOMAIN USER
+// } else if(user.endsWith(ALTERNATE OAUTH DOMAIN)) {
+// return Result.ok();
+ } else {
+ Result<List<CredDAO.Data>> cdr = q.credDAO.readID(trans, user);
+ if (cdr.notOKorIsEmpty()) {
+ return Result.err(Status.ERR_Security,
+ "%s is not a valid AAF Credential", user);
+ }
+
+ for (CredDAO.Data cd : cdr.value) {
+ if (cd.expires.after(now)) {
+ return Result.ok();
+ }
+ }
+ }
+ return Result.err(Result.ERR_Security, "%s has expired", user);
+ }
+
+ public Result<Void> delOwner(AuthzTrans trans, String ns, String id) {
+ Result<NsDAO.Data> rq = q.deriveNs(trans, ns);
+ if (rq.notOK()) {
+ return Result.err(rq);
+ }
+
+ rq = q.mayUser(trans, trans.user(), rq.value, Access.write);
+ if (rq.notOK()) {
+ return Result.err(rq);
+ }
+
+ return delUserRole(trans, id, ns,Question.OWNER);
+ }
+
+ public Result<List<String>> getAdmins(AuthzTrans trans, String ns, boolean includeExpired) {
+ return getUsersByRole(trans, ns + Question.DOT_ADMIN, includeExpired);
+ }
+
+ public Result<Void> delAdmin(AuthzTrans trans, String ns, String id) {
+ Result<NsDAO.Data> rq = q.deriveNs(trans, ns);
+ if (rq.notOK()) {
+ return Result.err(rq);
+ }
+
+ rq = q.mayUser(trans, trans.user(), rq.value, Access.write);
+ if (rq.notOK()) {
+ // Even though not a "writer", Owners still determine who gets to be an Admin
+ Result<List<UserRoleDAO.Data>> ruinr = q.userRoleDAO.readUserInRole(trans, trans.user(),ns+".owner");
+ if(!(ruinr.isOKhasData() && ruinr.value.get(0).expires.after(new Date()))) {
+ return Result.err(rq);
+ }
+ }
+
+ return delUserRole(trans, id, ns, Question.ADMIN);
+ }
+
+ /**
+ * Helper function that moves permissions from a namespace being deleted to
+ * its parent namespace
+ *
+ * @param trans
+ * @param parent
+ * @param sb
+ * @param rpdc
+ * - list of permissions in namespace being deleted
+ */
+ private void movePerms(AuthzTrans trans, NsDAO.Data parent,
+ StringBuilder sb, Result<List<PermDAO.Data>> rpdc) {
+
+ Result<Void> rv;
+ Result<PermDAO.Data> pd;
+
+ if (rpdc.isOKhasData()) {
+ for (PermDAO.Data pdd : rpdc.value) {
+ String delP2 = pdd.type;
+ if ("access".equals(delP2)) {
+ continue;
+ }
+ // Remove old Perm from Roles, save them off
+ List<RoleDAO.Data> lrdd = new ArrayList<>();
+
+ for(String rl : pdd.roles(false)) {
+ Result<RoleDAO.Data> rrdd = RoleDAO.Data.decode(trans,q,rl);
+ if(rrdd.isOKhasData()) {
+ RoleDAO.Data rdd = rrdd.value;
+ lrdd.add(rdd);
+ q.roleDAO.delPerm(trans, rdd, pdd);
+ } else{
+ trans.error().log(rrdd.errorString());
+ }
+ }
+
+ // Save off Old keys
+ String delP1 = pdd.ns;
+ NsSplit nss = new NsSplit(parent, pdd.fullType());
+ pdd.ns = nss.ns;
+ pdd.type = nss.name;
+ // Use direct Create/Delete, because switching namespaces
+ if ((pd = q.permDAO.create(trans, pdd)).isOK()) {
+ // Put Role back into Perm, with correct info
+ for(RoleDAO.Data rdd : lrdd) {
+ q.roleDAO.addPerm(trans, rdd, pdd);
+ }
+
+ pdd.ns = delP1;
+ pdd.type = delP2;
+ if ((rv = q.permDAO.delete(trans, pdd, false)).notOK()) {
+ sb.append(rv.details);
+ sb.append('\n');
+ // } else {
+ // Need to invalidate directly, because we're switching
+ // places in NS, not normal cache behavior
+ // q.permDAO.invalidate(trans,pdd);
+ }
+ } else {
+ sb.append(pd.details);
+ sb.append('\n');
+ }
+ }
+ }
+ }
+
+ /**
+ * Helper function that moves roles from a namespace being deleted to its
+ * parent namespace
+ *
+ * @param trans
+ * @param parent
+ * @param sb
+ * @param rrdc
+ * - list of roles in namespace being deleted
+ */
+ private void moveRoles(AuthzTrans trans, NsDAO.Data parent,
+ StringBuilder sb, Result<List<RoleDAO.Data>> rrdc) {
+
+ Result<Void> rv;
+ Result<RoleDAO.Data> rd;
+
+ if (rrdc.isOKhasData()) {
+ for (RoleDAO.Data rdd : rrdc.value) {
+ String delP2 = rdd.name;
+ if ("admin".equals(delP2) || "owner".equals(delP2)) {
+ continue;
+ }
+ // Remove old Role from Perms, save them off
+ List<PermDAO.Data> lpdd = new ArrayList<>();
+ for(String p : rdd.perms(false)) {
+ Result<PermDAO.Data> rpdd = PermDAO.Data.decode(trans,q,p);
+ if(rpdd.isOKhasData()) {
+ PermDAO.Data pdd = rpdd.value;
+ lpdd.add(pdd);
+ q.permDAO.delRole(trans, pdd, rdd);
+ } else{
+ trans.error().log(rpdd.errorString());
+ }
+ }
+
+ // Save off Old keys
+ String delP1 = rdd.ns;
+
+ NsSplit nss = new NsSplit(parent, rdd.fullName());
+ rdd.ns = nss.ns;
+ rdd.name = nss.name;
+ // Use direct Create/Delete, because switching namespaces
+ if ((rd = q.roleDAO.create(trans, rdd)).isOK()) {
+ // Put Role back into Perm, with correct info
+ for(PermDAO.Data pdd : lpdd) {
+ q.permDAO.addRole(trans, pdd, rdd);
+ }
+
+ rdd.ns = delP1;
+ rdd.name = delP2;
+ if ((rv = q.roleDAO.delete(trans, rdd, true)).notOK()) {
+ sb.append(rv.details);
+ sb.append('\n');
+ // } else {
+ // Need to invalidate directly, because we're switching
+ // places in NS, not normal cache behavior
+ // q.roleDAO.invalidate(trans,rdd);
+ }
+ } else {
+ sb.append(rd.details);
+ sb.append('\n');
+ }
+ }
+ }
+ }
+
+ /**
+ * Create Permission (and any missing Permission between this and Parent) if
+ * we have permission
+ *
+ * Pass in the desired Management Permission for this Permission
+ *
+ * If Force is set, then Roles listed will be created, if allowed,
+ * pre-granted.
+ */
+ public Result<Void> createPerm(AuthzTrans trans, PermDAO.Data perm, boolean fromApproval) {
+ String user = trans.user();
+ // Next, see if User is allowed to Manage Parent Permission
+
+ Result<NsDAO.Data> rnsd;
+ if (!fromApproval) {
+ rnsd = q.mayUser(trans, user, perm, Access.write);
+ if (rnsd.notOK()) {
+ return Result.err(rnsd);
+ }
+ } else {
+ rnsd = q.deriveNs(trans, perm.ns);
+ }
+
+ // Does Child exist?
+ if (!trans.requested(REQD_TYPE.force)) {
+ if (q.permDAO.read(trans, perm).isOKhasData()) {
+ return Result.err(Status.ERR_ConflictAlreadyExists,
+ "Permission [%s.%s|%s|%s] already exists.", perm.ns,
+ perm.type, perm.instance, perm.action);
+ }
+ }
+
+ // Attempt to add perms to roles, creating as possible
+ Set<String> roles;
+ String pstring = perm.encode();
+
+ // For each Role
+ for (String role : roles = perm.roles(true)) {
+ Result<RoleDAO.Data> rdd = RoleDAO.Data.decode(trans,q,role);
+ if(rdd.isOKhasData()) {
+ RoleDAO.Data rd = rdd.value;
+ if (!fromApproval) {
+ // May User write to the Role in question.
+ Result<NsDAO.Data> rns = q.mayUser(trans, user, rd,
+ Access.write);
+ if (rns.notOK()) {
+ // Remove the role from Add, because
+ roles.remove(role); // Don't allow adding
+ trans.warn()
+ .log("User [%s] does not have permission to relate Permissions to Role [%s]",
+ user, role);
+ }
+ }
+
+ Result<List<RoleDAO.Data>> rlrd;
+ if ((rlrd = q.roleDAO.read(trans, rd)).notOKorIsEmpty()) {
+ rd.perms(true).add(pstring);
+ if (q.roleDAO.create(trans, rd).notOK()) {
+ roles.remove(role); // Role doesn't exist, and can't be
+ // created
+ }
+ } else {
+ rd = rlrd.value.get(0);
+ if (!rd.perms.contains(pstring)) {
+ q.roleDAO.addPerm(trans, rd, perm);
+ }
+ }
+ }
+ }
+
+ Result<PermDAO.Data> pdr = q.permDAO.create(trans, perm);
+ if (pdr.isOK()) {
+ return Result.ok();
+ } else {
+ return Result.err(pdr);
+ }
+ }
+
+ public Result<Void> deletePerm(final AuthzTrans trans, final PermDAO.Data perm, boolean force, boolean fromApproval) {
+ String user = trans.user();
+
+ // Next, see if User is allowed to Manage Permission
+ Result<NsDAO.Data> rnsd;
+ if (!fromApproval) {
+ rnsd = q.mayUser(trans, user, perm, Access.write);
+ if (rnsd.notOK()) {
+ return Result.err(rnsd);
+ }
+ }
+ // Does Perm exist?
+ Result<List<PermDAO.Data>> pdr = q.permDAO.read(trans, perm);
+ if (pdr.notOKorIsEmpty()) {
+ return Result.err(Status.ERR_PermissionNotFound,"Permission [%s.%s|%s|%s] does not exist.",
+ perm.ns,perm.type, perm.instance, perm.action);
+ }
+ // Get perm, but with rest of data.
+ PermDAO.Data fullperm = pdr.value.get(0);
+
+ // Attached to any Roles?
+ if (fullperm.roles != null) {
+ if (force) {
+ for (String role : fullperm.roles) {
+ Result<Void> rv = null;
+ Result<RoleDAO.Data> rrdd = RoleDAO.Data.decode(trans, q, role);
+ if(rrdd.isOKhasData()) {
+ trans.debug().log("Removing", role, "from", fullperm, "on Perm Delete");
+ if ((rv = q.roleDAO.delPerm(trans, rrdd.value, fullperm)).notOK()) {
+ if (rv.notOK()) {
+ trans.error().log("Error removing Role during delFromPermRole: ",
+ trans.getUserPrincipal(),
+ rv.errorString());
+ }
+ }
+ } else {
+ return Result.err(rrdd);
+ }
+ }
+ } else if (!fullperm.roles.isEmpty()) {
+ return Result
+ .err(Status.ERR_DependencyExists,
+ "Permission [%s.%s|%s|%s] cannot be deleted as it is attached to 1 or more roles.",
+ fullperm.ns, fullperm.type, fullperm.instance, fullperm.action);
+ }
+ }
+
+ return q.permDAO.delete(trans, fullperm, false);
+ }
+
+ public Result<Void> deleteRole(final AuthzTrans trans, final RoleDAO.Data role, boolean force, boolean fromApproval) {
+ String user = trans.user();
+
+ // Next, see if User is allowed to Manage Role
+ Result<NsDAO.Data> rnsd;
+ if (!fromApproval) {
+ rnsd = q.mayUser(trans, user, role, Access.write);
+ if (rnsd.notOK()) {
+ return Result.err(rnsd);
+ }
+ }
+
+ // Are there any Users Attached to Role?
+ Result<List<UserRoleDAO.Data>> urdr = q.userRoleDAO.readByRole(trans,role.fullName());
+ if (force) {
+ if (urdr.isOKhasData()) {
+ for (UserRoleDAO.Data urd : urdr.value) {
+ q.userRoleDAO.delete(trans, urd, false);
+ }
+ }
+ } else if (urdr.isOKhasData()) {
+ return Result.err(Status.ERR_DependencyExists,
+ "Role [%s.%s] cannot be deleted as it is used by 1 or more Users.",
+ role.ns, role.name);
+ }
+
+ // Does Role exist?
+ Result<List<RoleDAO.Data>> rdr = q.roleDAO.read(trans, role);
+ if (rdr.notOKorIsEmpty()) {
+ return Result.err(Status.ERR_RoleNotFound,
+ "Role [%s.%s] does not exist", role.ns, role.name);
+ }
+ RoleDAO.Data fullrole = rdr.value.get(0); // full key search
+
+ // Remove Self from Permissions... always, force or not. Force only applies to Dependencies (Users)
+ if (fullrole.perms != null) {
+ for (String perm : fullrole.perms(false)) {
+ Result<PermDAO.Data> rpd = PermDAO.Data.decode(trans,q,perm);
+ if (rpd.isOK()) {
+ trans.debug().log("Removing", perm, "from", fullrole,"on Role Delete");
+
+ Result<?> r = q.permDAO.delRole(trans, rpd.value, fullrole);
+ if (r.notOK()) {
+ trans.error().log("ERR_FDR1 unable to remove",fullrole,"from",perm,':',r.status,'-',r.details);
+ }
+ } else {
+ trans.error().log("ERR_FDR2 Could not remove",perm,"from",fullrole);
+ }
+ }
+ }
+ return q.roleDAO.delete(trans, fullrole, false);
+ }
+
+ /**
+ * Only owner of Permission may add to Role
+ *
+ * If force set, however, Role will be created before Grant, if User is
+ * allowed to create.
+ *
+ * @param trans
+ * @param role
+ * @param pd
+ * @return
+ */
+ public Result<Void> addPermToRole(AuthzTrans trans, RoleDAO.Data role,PermDAO.Data pd, boolean fromApproval) {
+ String user = trans.user();
+
+ if (!fromApproval) {
+ Result<NsDAO.Data> rRoleCo = q.deriveFirstNsForType(trans, role.ns, NsType.COMPANY);
+ if(rRoleCo.notOK()) {
+ return Result.err(rRoleCo);
+ }
+ Result<NsDAO.Data> rPermCo = q.deriveFirstNsForType(trans, pd.ns, NsType.COMPANY);
+ if(rPermCo.notOK()) {
+ return Result.err(rPermCo);
+ }
+
+ // Not from same company
+ if(!rRoleCo.value.name.equals(rPermCo.value.name)) {
+ Result<Data> r;
+ // Only grant if User ALSO has Write ability in Other Company
+ if((r = q.mayUser(trans, user, role, Access.write)).notOK()) {
+ return Result.err(r);
+ }
+ }
+
+
+ // Must be Perm Admin, or Granted Special Permission
+ Result<NsDAO.Data> ucp = q.mayUser(trans, user, pd, Access.write);
+ if (ucp.notOK()) {
+ // Don't allow CLI potential Grantees to change their own AAF
+ // Perms,
+ if ((ROOT_NS.equals(pd.ns) && Question.NS.equals(pd.type))
+ || !q.isGranted(trans, trans.user(),ROOT_NS,Question.PERM, rPermCo.value.name, "grant")) {
+ // Not otherwise granted
+ // TODO Needed?
+ return Result.err(ucp);
+ }
+ // Final Check... Don't allow Grantees to add to Roles they are
+ // part of
+ Result<List<UserRoleDAO.Data>> rlurd = q.userRoleDAO
+ .readByUser(trans, trans.user());
+ if (rlurd.isOK()) {
+ for (UserRoleDAO.Data ur : rlurd.value) {
+ if (role.ns.equals(ur.ns) && role.name.equals(ur.rname)) {
+ return Result.err(ucp);
+ }
+ }
+ }
+ }
+ }
+
+ Result<List<PermDAO.Data>> rlpd = q.permDAO.read(trans, pd);
+ if (rlpd.notOKorIsEmpty()) {
+ return Result.err(Status.ERR_PermissionNotFound,
+ "Permission must exist to add to Role");
+ }
+
+ Result<List<RoleDAO.Data>> rlrd = q.roleDAO.read(trans, role); // Already
+ // Checked
+ // for
+ // can
+ // change
+ // Role
+ Result<Void> rv;
+
+ if (rlrd.notOKorIsEmpty()) {
+ if (trans.requested(REQD_TYPE.force)) {
+ Result<NsDAO.Data> ucr = q.mayUser(trans, user, role,
+ Access.write);
+ if (ucr.notOK()) {
+ return Result
+ .err(Status.ERR_Denied,
+ "Role [%s.%s] does not exist. User [%s] cannot create.",
+ role.ns, role.name, user);
+ }
+
+ role.perms(true).add(pd.encode());
+ Result<RoleDAO.Data> rdd = q.roleDAO.create(trans, role);
+ if (rdd.isOK()) {
+ rv = Result.ok();
+ } else {
+ rv = Result.err(rdd);
+ }
+ } else {
+ return Result.err(Status.ERR_RoleNotFound,
+ "Role [%s.%s] does not exist.", role.ns, role.name);
+ }
+ } else {
+ role = rlrd.value.get(0);
+ if (role.perms(false).contains(pd.encode())) {
+ return Result.err(Status.ERR_ConflictAlreadyExists,
+ "Permission [%s.%s] is already a member of role [%s,%s]",
+ pd.ns, pd.type, role.ns, role.name);
+ }
+ role.perms(true).add(pd.encode()); // this is added for Caching
+ // access purposes... doesn't
+ // affect addPerm
+ rv = q.roleDAO.addPerm(trans, role, pd);
+ }
+ if (rv.status == Status.OK) {
+ return q.permDAO.addRole(trans, pd, role);
+ // exploring how to add information message to successful http
+ // request
+ }
+ return rv;
+ }
+
+ /**
+ * Either Owner of Role or Permission may delete from Role
+ *
+ * @param trans
+ * @param role
+ * @param pd
+ * @return
+ */
+ public Result<Void> delPermFromRole(AuthzTrans trans, RoleDAO.Data role,PermDAO.Data pd, boolean fromApproval) {
+ String user = trans.user();
+ if (!fromApproval) {
+ Result<NsDAO.Data> ucr = q.mayUser(trans, user, role, Access.write);
+ Result<NsDAO.Data> ucp = q.mayUser(trans, user, pd, Access.write);
+
+ // If Can't change either Role or Perm, then deny
+ if (ucr.notOK() && ucp.notOK()) {
+ return Result.err(Status.ERR_Denied,
+ "User [" + trans.user()
+ + "] does not have permission to delete ["
+ + pd.encode() + "] from Role ["
+ + role.fullName() + ']');
+ }
+ }
+
+ Result<List<RoleDAO.Data>> rlr = q.roleDAO.read(trans, role);
+ if (rlr.notOKorIsEmpty()) {
+ // If Bad Data, clean out
+ Result<List<PermDAO.Data>> rlp = q.permDAO.read(trans, pd);
+ if (rlp.isOKhasData()) {
+ for (PermDAO.Data pv : rlp.value) {
+ q.permDAO.delRole(trans, pv, role);
+ }
+ }
+ return Result.err(rlr);
+ }
+ String perm1 = pd.encode();
+ boolean notFound;
+ if (trans.requested(REQD_TYPE.force)) {
+ notFound = false;
+ } else { // only check if force not set.
+ notFound = true;
+ for (RoleDAO.Data r : rlr.value) {
+ if (r.perms != null) {
+ for (String perm : r.perms) {
+ if (perm1.equals(perm)) {
+ notFound = false;
+ break;
+ }
+ }
+ if(!notFound) {
+ break;
+ }
+ }
+ }
+ }
+ if (notFound) { // Need to check both, in case of corruption
+ return Result.err(Status.ERR_PermissionNotFound,
+ "Permission [%s.%s|%s|%s] not associated with any Role",
+ pd.ns,pd.type,pd.instance,pd.action);
+ }
+
+ // Read Perm for full data
+ Result<List<PermDAO.Data>> rlp = q.permDAO.read(trans, pd);
+ Result<Void> rv = null;
+ if (rlp.isOKhasData()) {
+ for (PermDAO.Data pv : rlp.value) {
+ if ((rv = q.permDAO.delRole(trans, pv, role)).isOK()) {
+ if ((rv = q.roleDAO.delPerm(trans, role, pv)).notOK()) {
+ trans.error().log(
+ "Error removing Perm during delFromPermRole:",
+ trans.getUserPrincipal(), rv.errorString());
+ }
+ } else {
+ trans.error().log(
+ "Error removing Role during delFromPermRole:",
+ trans.getUserPrincipal(), rv.errorString());
+ }
+ }
+ } else {
+ rv = q.roleDAO.delPerm(trans, role, pd);
+ if (rv.notOK()) {
+ trans.error().log("Error removing Role during delFromPermRole",
+ rv.errorString());
+ }
+ }
+ return rv == null ? Result.ok() : rv;
+ }
+
+ public Result<Void> delPermFromRole(AuthzTrans trans, String role,PermDAO.Data pd) {
+ Result<NsSplit> nss = q.deriveNsSplit(trans, role);
+ if (nss.notOK()) {
+ return Result.err(nss);
+ }
+ RoleDAO.Data rd = new RoleDAO.Data();
+ rd.ns = nss.value.ns;
+ rd.name = nss.value.name;
+ return delPermFromRole(trans, rd, pd, false);
+ }
+
+ /**
+ * Add a User to Role
+ *
+ * 1) Role must exist 2) User must be a known Credential (i.e. mechID ok if
+ * Credential) or known Organizational User
+ *
+ * @param trans
+ * @param org
+ * @param urData
+ * @return
+ * @throws DAOException
+ */
+ public Result<Void> addUserRole(AuthzTrans trans,UserRoleDAO.Data urData) {
+ Result<Void> rv;
+ if(Question.ADMIN.equals(urData.rname)) {
+ rv = mayAddAdmin(trans, urData.ns, urData.user);
+ } else if(Question.OWNER.equals(urData.rname)) {
+ rv = mayAddOwner(trans, urData.ns, urData.user);
+ } else {
+ rv = checkValidID(trans, new Date(), urData.user);
+ }
+ if(rv.notOK()) {
+ return rv;
+ }
+
+ // Check if record exists
+ if (q.userRoleDAO.read(trans, urData).isOKhasData()) {
+ return Result.err(Status.ERR_ConflictAlreadyExists,
+ "User Role exists");
+ }
+ if (q.roleDAO.read(trans, urData.ns, urData.rname).notOKorIsEmpty()) {
+ return Result.err(Status.ERR_RoleNotFound,
+ "Role [%s.%s] does not exist", urData.ns, urData.rname);
+ }
+
+ urData.expires = trans.org().expiration(null, Expiration.UserInRole, urData.user).getTime();
+
+
+ Result<UserRoleDAO.Data> udr = q.userRoleDAO.create(trans, urData);
+ switch (udr.status) {
+ case OK:
+ return Result.ok();
+ default:
+ return Result.err(udr);
+ }
+ }
+
+ public Result<Void> addUserRole(AuthzTrans trans, String user, String ns, String rname) {
+ try {
+ if(trans.org().getIdentity(trans, user)==null) {
+ return Result.err(Result.ERR_BadData,user+" is an Invalid Identity for " + trans.org().getName());
+ }
+ } catch (OrganizationException e) {
+ return Result.err(e);
+ }
+ UserRoleDAO.Data urdd = new UserRoleDAO.Data();
+ urdd.ns = ns;
+ urdd.role(ns, rname);
+ urdd.user = user;
+ return addUserRole(trans,urdd);
+ }
+
+ /**
+ * Extend User Role.
+ *
+ * extend the Expiration data, according to Organization rules.
+ *
+ * @param trans
+ * @param org
+ * @param urData
+ * @return
+ */
+ public Result<Void> extendUserRole(AuthzTrans trans, UserRoleDAO.Data urData, boolean checkForExist) {
+ // Check if record still exists
+ if (checkForExist && q.userRoleDAO.read(trans, urData).notOKorIsEmpty()) {
+ return Result.err(Status.ERR_UserRoleNotFound,
+ "User Role does not exist");
+ }
+
+ if (q.roleDAO.read(trans, urData.ns, urData.rname).notOKorIsEmpty()) {
+ return Result.err(Status.ERR_RoleNotFound,
+ "Role [%s.%s] does not exist", urData.ns,urData.rname);
+ }
+ // Special case for "Admin" roles. Issue brought forward with Prod
+ // problem 9/26
+ Date now = new Date();
+ GregorianCalendar gc = new GregorianCalendar();
+ gc.setTime(now.after(urData.expires)?now:urData.expires);
+ urData.expires = trans.org().expiration(gc, Expiration.UserInRole).getTime(); // get
+ // Full
+ // time
+ // starting
+ // today
+ return q.userRoleDAO.update(trans, urData);
+ }
+
+ // ////////////////////////////////////////////////////
+ // Special User Role Functions
+ // These exist, because User Roles have Expiration dates, which must be
+ // accounted for
+ // Also, as of July, 2015, Namespace Owners and Admins are now regular User
+ // Roles
+ // ////////////////////////////////////////////////////
+ public Result<List<String>> getUsersByRole(AuthzTrans trans, String role, boolean includeExpired) {
+ Result<List<UserRoleDAO.Data>> rurdd = q.userRoleDAO.readByRole(trans,role);
+ if (rurdd.notOK()) {
+ return Result.err(rurdd);
+ }
+ Date now = new Date();
+ List<UserRoleDAO.Data> list = rurdd.value;
+ List<String> rv = new ArrayList<>(list.size()); // presize
+ for (UserRoleDAO.Data urdd : rurdd.value) {
+ if (includeExpired || urdd.expires.after(now)) {
+ rv.add(urdd.user);
+ }
+ }
+ return Result.ok(rv);
+ }
+
+ public Result<Void> delUserRole(AuthzTrans trans, String user, String ns, String rname) {
+ UserRoleDAO.Data urdd = new UserRoleDAO.Data();
+ urdd.user = user;
+ urdd.role(ns,rname);
+ Result<List<UserRoleDAO.Data>> r = q.userRoleDAO.read(trans, urdd);
+ if (r.status == 404 || r.isEmpty()) {
+ return Result.err(Status.ERR_UserRoleNotFound,
+ "UserRole [%s] [%s.%s]", user, ns, rname);
+ }
+ if (r.notOK()) {
+ return Result.err(r);
+ }
+
+ return q.userRoleDAO.delete(trans, urdd, false);
+ }
+
+ public Result<String> createFuture(AuthzTrans trans, FutureDAO.Data data, String id, String user,
+ NsDAO.Data nsd, FUTURE_OP op) {
+ StringBuilder sb = new StringBuilder();
+ try {
+ Organization org = trans.org();
+ // For Reapproval, only check Owners.. Do Supervisors, etc, separately
+ List<Identity> approvers = op.equals(FUTURE_OP.A)?NO_ADDL_APPROVE:org.getApprovers(trans, user);
+ List<Identity> owners = new ArrayList<>();
+ if (nsd != null) {
+ Result<List<UserRoleDAO.Data>> rrbr = q.userRoleDAO
+ .readByRole(trans, nsd.name + Question.DOT_OWNER);
+ if (rrbr.isOKhasData()) {
+ for(UserRoleDAO.Data urd : rrbr.value) {
+ Identity owner = org.getIdentity(trans, urd.user);
+ if(owner==null) {
+ return Result.err(Result.ERR_NotFound,urd.user + " is not a Valid Owner of " + nsd.name);
+ } else {
+ owners.add(owner);
+ }
+ }
+ }
+ }
+
+ if(owners.isEmpty()) {
+ return Result.err(Result.ERR_NotFound,"No Owners found for " + nsd.name);
+ }
+
+ // Create Future Object
+
+ Result<FutureDAO.Data> fr = q.futureDAO.create(trans, data, id);
+ if (fr.isOK()) {
+ sb.append("Created Future: ");
+ sb.append(data.id);
+ // User Future ID as ticket for Approvals
+ final UUID ticket = fr.value.id;
+ sb.append(", Approvals: ");
+ Boolean first[] = new Boolean[]{true};
+ if(op!=FUTURE_OP.A) {
+ for (Identity u : approvers) {
+ Result<ApprovalDAO.Data> r = addIdentity(trans,sb,first,user,data.memo,op,u,ticket,org.getApproverType());
+ if(r.notOK()) {
+ return Result.err(r);
+ }
+ }
+ }
+ for (Identity u : owners) {
+ Result<ApprovalDAO.Data> r = addIdentity(trans,sb,first,user,data.memo,op,u,ticket,"owner");
+ if(r.notOK()) {
+ return Result.err(r);
+ }
+ }
+ }
+ } catch (Exception e) {
+ return Result.err(e);
+ }
+
+ return Result.ok(sb.toString());
+ }
+
+ /*
+ * This interface is to allow performFutureOps with either Realtime Data, or Batched lookups (See Expiring)
+ */
+ public interface Lookup<T> {
+ T get(AuthzTrans trans, Object ... keys);
+ }
+
+ public Lookup<UserRoleDAO.Data> urDBLookup = new Lookup<UserRoleDAO.Data>() {
+ @Override
+ public UserRoleDAO.Data get(AuthzTrans trans, Object ... keys) {
+ Result<List<UserRoleDAO.Data>> r = q.userRoleDAO.read(trans, keys);
+ if(r.isOKhasData()) {
+ return r.value.get(0);
+ } else {
+ return null;
+ }
+ }
+ };
+
+ /**
+ * Note: if "allApprovals for Ticket is null, it will be looked up.
+ * if "fdd" is null, it will be looked up, but
+ *
+ * They can be passed for performance reasons.
+ *
+ * @param trans
+ * @param cd
+ * @param allApprovalsForTicket
+ * @return
+ */
+ public Result<OP_STATUS> performFutureOp(final AuthzTrans trans, FUTURE_OP fop, FutureDAO.Data curr, Lookup<List<ApprovalDAO.Data>> la, Lookup<UserRoleDAO.Data> lur) {
+ // Pre-Evaluate if ReApproval is already done.
+ UserRoleDAO.Data urdd = null;
+ if(fop.equals(FUTURE_OP.A) && curr.target.equals(FOP_USER_ROLE) && curr.construct!=null) {
+ try {
+ // Get Expected UserRole from Future
+ urdd = new UserRoleDAO.Data();
+ urdd.reconstitute(curr.construct);
+ // Get Current UserRole from lookup
+ UserRoleDAO.Data lurdd = lur.get(trans, urdd.user,urdd.role);
+ if(lurdd==null) {
+ q.futureDAO.delete(trans, curr, false);
+ return OP_STATUS.RL;
+ } else {
+ if(curr.expires.compareTo(lurdd.expires)<0) {
+ q.futureDAO.delete(trans, curr, false);
+ return OP_STATUS.RL;
+ }
+ }
+ } catch (IOException e) {
+ return Result.err(Result.ERR_BadData,"Cannot reconstitute %1",curr.memo);
+ }
+ }
+
+ boolean aDenial = false;
+ int cntSuper=0, appSuper=0,cntOwner=0, appOwner=0;
+ for(ApprovalDAO.Data add : la.get(trans)) {
+ switch(add.status) {
+ case "approved":
+ if("owner".equals(add.type)) {
+ ++cntOwner;
+ ++appOwner;
+ } else if("supervisor".equals(add.type)) {
+ ++cntSuper;
+ ++appSuper;
+ }
+ break;
+ case "pending":
+ if("owner".equals(add.type)) {
+ ++cntOwner;
+ } else if("supervisor".equals(add.type)) {
+ ++cntSuper;
+ }
+ break;
+ case "denied":
+ aDenial=true;
+ break;
+ }
+ }
+
+ Result<OP_STATUS> ros=null;
+ if(aDenial) {
+ // Note: Denial will be Audit-logged.
+// for (ApprovalDAO.Data ad : allApprovalsForTicket.value) {
+// q.approvalDAO.delete(trans, ad, false);
+// }
+ ros = OP_STATUS.RD;
+ if(q.futureDAO.delete(trans, curr, false).notOK()) {
+ trans.info().printf("Future %s could not be deleted", curr.id.toString());
+ } else {
+ if (FOP_USER_ROLE.equalsIgnoreCase(curr.target)) {
+ // A Denial means we must remove UserRole
+ if(fop.equals(FUTURE_OP.U) || fop.equals(FUTURE_OP.A)) {
+ UserRoleDAO.Data data = new UserRoleDAO.Data();
+ try {
+ data.reconstitute(curr.construct);
+ } catch (IOException e) {
+ trans.error().log("Cannot reconstitue",curr.memo);
+ }
+ ros = set(OP_STATUS.RD,delUserRole(trans, data.user, data.ns, data.rname));
+ }
+ }
+ }
+ }
+
+ // Decision: If not Denied, and at least owner, if exists, and at least one Super, if exists
+ boolean goDecision = (cntOwner>0?appOwner>0:true) && (cntSuper>0?appSuper>0:true);
+
+ if(goDecision) {
+ // should check if any other pendings before performing
+ // actions
+ try {
+ if (FOP_ROLE.equalsIgnoreCase(curr.target)) {
+ RoleDAO.Data data = new RoleDAO.Data();
+ data.reconstitute(curr.construct);
+ switch(fop) {
+ case C:
+ ros = set(OP_STATUS.RE,q.roleDAO.dao().create(trans, data));
+ break;
+ case D:
+ ros = set(OP_STATUS.RE,deleteRole(trans, data, true, true));
+ break;
+ default:
+ }
+ } else if (FOP_PERM.equalsIgnoreCase(curr.target)) {
+ PermDAO.Data pdd = new PermDAO.Data();
+ pdd.reconstitute(curr.construct);
+ Set<String> roles;
+ Result<RoleDAO.Data> rrdd;
+ switch(fop) {
+ case C:
+ ros = set(OP_STATUS.RE,createPerm(trans, pdd, true));
+ break;
+ case D:
+ ros = set(OP_STATUS.RE,deletePerm(trans, pdd, true, true));
+ break;
+ case G:
+ roles = pdd.roles(true);
+ for (String roleStr : roles) {
+ rrdd = RoleDAO.Data.decode(trans, q, roleStr);
+ if (rrdd.isOKhasData()) {
+ ros = set(OP_STATUS.RE,addPermToRole(trans, rrdd.value, pdd, true));
+ } else {
+ trans.error().log(rrdd.errorString());
+ }
+ }
+ break;
+ case UG:
+ roles = pdd.roles(true);
+ for (String roleStr : roles) {
+ rrdd = RoleDAO.Data.decode(trans, q, roleStr);
+ if (rrdd.isOKhasData()) {
+ ros = set(OP_STATUS.RE,delPermFromRole(trans, rrdd.value, pdd, true));
+ } else {
+ trans.error().log(rrdd.errorString());
+ }
+ }
+ break;
+ default:
+ }
+ } else if (FOP_USER_ROLE.equalsIgnoreCase(curr.target)) {
+ if(urdd==null) {
+ urdd = new UserRoleDAO.Data();
+ urdd.reconstitute(curr.construct);
+ }
+ // if I am the last to approve, create user role
+ switch(fop) {
+ case C:
+ ros = set(OP_STATUS.RE,addUserRole(trans, urdd));
+ break;
+ case U:
+ case A:
+ ros = set(OP_STATUS.RE,extendUserRole(trans,urdd,true));
+ break;
+ default:
+ }
+ } else if (FOP_NS.equalsIgnoreCase(curr.target)) {
+ Namespace namespace = new Namespace();
+ namespace.reconstitute(curr.construct);
+ switch(fop) {
+ case C:
+ ros = set(OP_STATUS.RE,createNS(trans, namespace, true));
+ break;
+ default:
+ }
+ } else if (FOP_DELEGATE.equalsIgnoreCase(curr.target)) {
+ DelegateDAO.Data data = new DelegateDAO.Data();
+ data.reconstitute(curr.construct);
+ switch(fop) {
+ case C:
+ ros = set(OP_STATUS.RE,q.delegateDAO.create(trans, data));
+ break;
+ case U:
+ ros = set(OP_STATUS.RE,q.delegateDAO.update(trans, data));
+ break;
+ default:
+ }
+ } else if (FOP_CRED.equalsIgnoreCase(curr.target)) {
+ CredDAO.Data data = new CredDAO.Data();
+ data.reconstitute(curr.construct);
+ switch(fop) {
+ case C:
+ ros = set(OP_STATUS.RE,q.credDAO.dao().create(trans, data));
+ break;
+ default:
+ }
+ }
+ } catch (Exception e) {
+ trans.error().log("Exception: ", e.getMessage(),
+ " \n occurred while performing", curr.memo,
+ " from Ticket ", curr.id.toString());
+ }
+ q.futureDAO.delete(trans, curr, false);
+ } // end for goDecision
+ if(ros==null) {
+ //return Result.err(Status.ACC_Future, "Full Approvals not obtained: No action taken");
+ ros = OP_STATUS.RP;
+ }
+
+ return ros;
+ }
+
+ // Convenience method for setting OPSTatus Results
+ private Result<OP_STATUS> set(Result<OP_STATUS> rs, Result<?> orig) {
+ if(orig.isOK()) {
+ return rs;
+ } else {
+ return Result.err(orig);
+ }
+ }
+
+ private Result<ApprovalDAO.Data> addIdentity(AuthzTrans trans, StringBuilder sb,
+ Boolean[] first, String user, String memo, FUTURE_OP op, Identity u, UUID ticket, String type) throws OrganizationException {
+ ApprovalDAO.Data ad = new ApprovalDAO.Data();
+ // Note ad.id is set by ApprovalDAO Create
+ ad.ticket = ticket;
+ ad.user = user;
+ ad.approver = u.fullID();
+ ad.status = ApprovalDAO.PENDING;
+ ad.memo = memo;
+ ad.type = type;
+ ad.operation = op.name();
+ // Note ad.updated is created in System
+ Result<ApprovalDAO.Data> r = q.approvalDAO.create(trans,ad);
+ if(r.isOK()) {
+ if(first[0]) {
+ first[0] = false;
+ } else {
+ sb.append(", ");
+ }
+ sb.append(r.value.user);
+ sb.append(':');
+ sb.append(r.value.ticket);
+ return r;
+ } else {
+ return Result.err(Status.ERR_ActionNotCompleted,
+ "Approval for %s, %s could not be created: %s",
+ ad.user, ad.approver,
+ r.details, sb.toString());
+ }
+ }
+
+ public Executor newExecutor(AuthzTrans trans) {
+ return new CassExecutor(trans, this);
+ }
}
diff --git a/auth/auth-cass/src/main/java/org/onap/aaf/auth/dao/hl/PermLookup.java b/auth/auth-cass/src/main/java/org/onap/aaf/auth/dao/hl/PermLookup.java
index 1544aab8..6bb440ad 100644
--- a/auth/auth-cass/src/main/java/org/onap/aaf/auth/dao/hl/PermLookup.java
+++ b/auth/auth-cass/src/main/java/org/onap/aaf/auth/dao/hl/PermLookup.java
@@ -45,141 +45,141 @@ import org.onap.aaf.auth.layer.Result;
*/
// Package on purpose
class PermLookup {
- private AuthzTrans trans;
- private String user;
- private Question q;
- private Result<List<UserRoleDAO.Data>> userRoles = null;
- private Result<List<RoleDAO.Data>> roles = null;
- private Result<Set<String>> permNames = null;
- private Result<List<PermDAO.Data>> perms = null;
-
- private PermLookup() {}
-
- static PermLookup get(AuthzTrans trans, Question q, String user) {
- PermLookup lp=null;
- Map<String, PermLookup> permMap = trans.get(Question.PERMS, null);
- if (permMap == null) {
- trans.put(Question.PERMS, permMap = new HashMap<>());
- } else {
- lp = permMap.get(user);
- }
+ private AuthzTrans trans;
+ private String user;
+ private Question q;
+ private Result<List<UserRoleDAO.Data>> userRoles = null;
+ private Result<List<RoleDAO.Data>> roles = null;
+ private Result<Set<String>> permNames = null;
+ private Result<List<PermDAO.Data>> perms = null;
+
+ private PermLookup() {}
+
+ static PermLookup get(AuthzTrans trans, Question q, String user) {
+ PermLookup lp=null;
+ Map<String, PermLookup> permMap = trans.get(Question.PERMS, null);
+ if (permMap == null) {
+ trans.put(Question.PERMS, permMap = new HashMap<>());
+ } else {
+ lp = permMap.get(user);
+ }
- if (lp == null) {
- lp = new PermLookup();
- lp.trans = trans;
- lp.user = user;
- lp.q = q;
- permMap.put(user, lp);
- }
- return lp;
- }
-
- public Result<List<UserRoleDAO.Data>> getUserRoles() {
- if(userRoles==null) {
- userRoles = q.userRoleDAO.readByUser(trans,user);
- if(userRoles.isOKhasData()) {
- List<UserRoleDAO.Data> lurdd = new ArrayList<>();
- Date now = new Date();
- for(UserRoleDAO.Data urdd : userRoles.value) {
- if(urdd.expires.after(now)) { // Remove Expired
- lurdd.add(urdd);
- }
- }
- if(lurdd.size()==0) {
- return userRoles = Result.err(Status.ERR_UserNotFound,
- "%s not found or not associated with any Roles: ",
- user);
- } else {
- return userRoles = Result.ok(lurdd);
- }
- } else {
- return userRoles;
- }
- } else {
- return userRoles;
- }
- }
+ if (lp == null) {
+ lp = new PermLookup();
+ lp.trans = trans;
+ lp.user = user;
+ lp.q = q;
+ permMap.put(user, lp);
+ }
+ return lp;
+ }
+
+ public Result<List<UserRoleDAO.Data>> getUserRoles() {
+ if(userRoles==null) {
+ userRoles = q.userRoleDAO.readByUser(trans,user);
+ if(userRoles.isOKhasData()) {
+ List<UserRoleDAO.Data> lurdd = new ArrayList<>();
+ Date now = new Date();
+ for(UserRoleDAO.Data urdd : userRoles.value) {
+ if(urdd.expires.after(now)) { // Remove Expired
+ lurdd.add(urdd);
+ }
+ }
+ if(lurdd.size()==0) {
+ return userRoles = Result.err(Status.ERR_UserNotFound,
+ "%s not found or not associated with any Roles: ",
+ user);
+ } else {
+ return userRoles = Result.ok(lurdd);
+ }
+ } else {
+ return userRoles;
+ }
+ } else {
+ return userRoles;
+ }
+ }
- public Result<List<RoleDAO.Data>> getRoles() {
- if(roles==null) {
- Result<List<UserRoleDAO.Data>> rur = getUserRoles();
- if(rur.isOK()) {
- List<RoleDAO.Data> lrdd = new ArrayList<>();
- for (UserRoleDAO.Data urdata : rur.value) {
- // Gather all permissions from all Roles
- if(urdata.ns==null || urdata.rname==null) {
- return Result.err(Status.ERR_BadData,"DB Content Error: nulls in User Role %s %s", urdata.user,urdata.role);
- } else {
- Result<List<RoleDAO.Data>> rlrd = q.roleDAO.read(
- trans, urdata.ns, urdata.rname);
- if(rlrd.isOK()) {
- lrdd.addAll(rlrd.value);
- }
- }
- }
- return roles = Result.ok(lrdd);
- } else {
- return roles = Result.err(rur);
- }
- } else {
- return roles;
- }
- }
+ public Result<List<RoleDAO.Data>> getRoles() {
+ if(roles==null) {
+ Result<List<UserRoleDAO.Data>> rur = getUserRoles();
+ if(rur.isOK()) {
+ List<RoleDAO.Data> lrdd = new ArrayList<>();
+ for (UserRoleDAO.Data urdata : rur.value) {
+ // Gather all permissions from all Roles
+ if(urdata.ns==null || urdata.rname==null) {
+ return Result.err(Status.ERR_BadData,"DB Content Error: nulls in User Role %s %s", urdata.user,urdata.role);
+ } else {
+ Result<List<RoleDAO.Data>> rlrd = q.roleDAO.read(
+ trans, urdata.ns, urdata.rname);
+ if(rlrd.isOK()) {
+ lrdd.addAll(rlrd.value);
+ }
+ }
+ }
+ return roles = Result.ok(lrdd);
+ } else {
+ return roles = Result.err(rur);
+ }
+ } else {
+ return roles;
+ }
+ }
- public Result<Set<String>> getPermNames() {
- if(permNames==null) {
- Result<List<RoleDAO.Data>> rlrd = getRoles();
- if (rlrd.isOK()) {
- Set<String> pns = new TreeSet<>();
- for (RoleDAO.Data rdata : rlrd.value) {
- pns.addAll(rdata.perms(false));
- }
- return permNames = Result.ok(pns);
- } else {
- return permNames = Result.err(rlrd);
- }
- } else {
- return permNames;
- }
- }
-
- public Result<List<PermDAO.Data>> getPerms(boolean lookup) {
- if(perms==null) {
- // Note: It should be ok for a Valid user to have no permissions -
- // Jonathan 8/12/2013
- Result<Set<String>> rss = getPermNames();
- if(rss.isOK()) {
- List<PermDAO.Data> lpdd = new ArrayList<>();
- for (String perm : rss.value) {
- if(lookup) {
- Result<String[]> ap = PermDAO.Data.decodeToArray(trans, q, perm);
- if(ap.isOK()) {
-
- Result<List<PermDAO.Data>> rlpd = q.permDAO.read(perm,trans,ap.value);
- if (rlpd.isOKhasData()) {
- for (PermDAO.Data pData : rlpd.value) {
- lpdd.add(pData);
- }
- }
- } else {
- trans.error().log("In getPermsByUser, for", user, perm);
- }
- } else {
- Result<PermDAO.Data> pr = PermDAO.Data.decode(trans, q, perm);
- if (pr.notOK()) {
- trans.error().log("In getPermsByUser, for", user, pr.errorString());
- } else {
- lpdd.add(pr.value);
- }
- }
+ public Result<Set<String>> getPermNames() {
+ if(permNames==null) {
+ Result<List<RoleDAO.Data>> rlrd = getRoles();
+ if (rlrd.isOK()) {
+ Set<String> pns = new TreeSet<>();
+ for (RoleDAO.Data rdata : rlrd.value) {
+ pns.addAll(rdata.perms(false));
+ }
+ return permNames = Result.ok(pns);
+ } else {
+ return permNames = Result.err(rlrd);
+ }
+ } else {
+ return permNames;
+ }
+ }
+
+ public Result<List<PermDAO.Data>> getPerms(boolean lookup) {
+ if(perms==null) {
+ // Note: It should be ok for a Valid user to have no permissions -
+ // Jonathan 8/12/2013
+ Result<Set<String>> rss = getPermNames();
+ if(rss.isOK()) {
+ List<PermDAO.Data> lpdd = new ArrayList<>();
+ for (String perm : rss.value) {
+ if(lookup) {
+ Result<String[]> ap = PermDAO.Data.decodeToArray(trans, q, perm);
+ if(ap.isOK()) {
+
+ Result<List<PermDAO.Data>> rlpd = q.permDAO.read(perm,trans,ap.value);
+ if (rlpd.isOKhasData()) {
+ for (PermDAO.Data pData : rlpd.value) {
+ lpdd.add(pData);
+ }
+ }
+ } else {
+ trans.error().log("In getPermsByUser, for", user, perm);
+ }
+ } else {
+ Result<PermDAO.Data> pr = PermDAO.Data.decode(trans, q, perm);
+ if (pr.notOK()) {
+ trans.error().log("In getPermsByUser, for", user, pr.errorString());
+ } else {
+ lpdd.add(pr.value);
+ }
+ }
- }
- return perms = Result.ok(lpdd);
- } else {
- return perms = Result.err(rss);
- }
- } else {
- return perms;
- }
- }
+ }
+ return perms = Result.ok(lpdd);
+ } else {
+ return perms = Result.err(rss);
+ }
+ } else {
+ return perms;
+ }
+ }
}
diff --git a/auth/auth-cass/src/main/java/org/onap/aaf/auth/dao/hl/Question.java b/auth/auth-cass/src/main/java/org/onap/aaf/auth/dao/hl/Question.java
index 8d148ec1..152412a2 100644
--- a/auth/auth-cass/src/main/java/org/onap/aaf/auth/dao/hl/Question.java
+++ b/auth/auth-cass/src/main/java/org/onap/aaf/auth/dao/hl/Question.java
@@ -88,1065 +88,1065 @@ import com.datastax.driver.core.Cluster;
*/
public class Question {
- // DON'T CHANGE FROM lower Case!!!
- public static enum Type {
- ns, role, perm, cred
- };
-
- public static final String OWNER="owner";
- public static final String ADMIN="admin";
- public static final String DOT_OWNER=".owner";
- public static final String DOT_ADMIN=".admin";
- public static final String ACCESS = "access";
-
- static final String ASTERIX = "*";
-
- public static enum Access {
- read, write, create
- };
-
- public static final String READ = Access.read.name();
- public static final String WRITE = Access.write.name();
- public static final String CREATE = Access.create.name();
-
- public static final String ROLE = Type.role.name();
- public static final String PERM = Type.perm.name();
- public static final String NS = Type.ns.name();
- public static final String CRED = Type.cred.name();
- private static final String DELG = "delg";
- public static final String ROOT_NS = Define.isInitialized() ? Define.ROOT_NS() : "undefined";
- public static final String ATTRIB = "attrib";
-
-
- public static final int MAX_SCOPE = 10;
- public static final int APP_SCOPE = 3;
- public static final int COMPANY_SCOPE = 2;
- static Slot PERMS;
-
- private static Set<String> specialLog = null;
- public static final Random random = new SecureRandom();
- private static long traceID = random.nextLong();
- private static Slot specialLogSlot = null;
- private static Slot transIDSlot = null;
-
-
- public final HistoryDAO historyDAO;
- public final CachedNSDAO nsDAO;
- public final CachedRoleDAO roleDAO;
- public final CachedPermDAO permDAO;
- public final CachedUserRoleDAO userRoleDAO;
- public final CachedCredDAO credDAO;
- public final CachedCertDAO certDAO;
- public final DelegateDAO delegateDAO;
- public final FutureDAO futureDAO;
- public final ApprovalDAO approvalDAO;
- private final CacheInfoDAO cacheInfoDAO;
- public final LocateDAO locateDAO;
-
- public Question(AuthzTrans trans, Cluster cluster, String keyspace, boolean startClean) throws APIException, IOException {
- PERMS = trans.slot("USER_PERMS");
- trans.init().log("Instantiating DAOs");
- long expiresIn = Long.parseLong(trans.getProperty(Config.AAF_USER_EXPIRES, Config.AAF_USER_EXPIRES_DEF));
- historyDAO = new HistoryDAO(trans, cluster, keyspace);
-
- // Deal with Cached Entries
- cacheInfoDAO = new CacheInfoDAO(trans, historyDAO);
-
- nsDAO = new CachedNSDAO(new NsDAO(trans, historyDAO, cacheInfoDAO),cacheInfoDAO, expiresIn);
- permDAO = new CachedPermDAO(new PermDAO(trans, historyDAO, cacheInfoDAO), cacheInfoDAO, expiresIn);
- roleDAO = new CachedRoleDAO(new RoleDAO(trans, historyDAO, cacheInfoDAO), cacheInfoDAO, expiresIn);
- userRoleDAO = new CachedUserRoleDAO(new UserRoleDAO(trans, historyDAO,cacheInfoDAO), cacheInfoDAO, expiresIn);
- credDAO = new CachedCredDAO(new CredDAO(trans, historyDAO, cacheInfoDAO), cacheInfoDAO, expiresIn);
- certDAO = new CachedCertDAO(new CertDAO(trans, historyDAO, cacheInfoDAO), cacheInfoDAO, expiresIn);
-
- locateDAO = new LocateDAO(trans,historyDAO);
- futureDAO = new FutureDAO(trans, historyDAO);
- delegateDAO = new DelegateDAO(trans, historyDAO);
- approvalDAO = new ApprovalDAO(trans, historyDAO);
-
- // Only want to aggressively cleanse User related Caches... The others,
- // just normal refresh
- if(startClean) {
- CachedDAO.startCleansing(trans.env(), credDAO, userRoleDAO);
- CachedDAO.startRefresh(trans.env(), cacheInfoDAO);
- }
- // Set a Timer to Check Caches to send messages for Caching changes
-
- if(specialLogSlot==null) {
- specialLogSlot = trans.slot(AuthzTransFilter.SPECIAL_LOG_SLOT);
- }
-
- if(transIDSlot==null) {
- transIDSlot = trans.slot(AuthzTransFilter.TRANS_ID_SLOT);
- }
-
- AbsCassDAO.primePSIs(trans);
- }
-
-
- public void close(AuthzTrans trans) {
- historyDAO.close(trans);
- cacheInfoDAO.close(trans);
- nsDAO.close(trans);
- permDAO.close(trans);
- roleDAO.close(trans);
- userRoleDAO.close(trans);
- credDAO.close(trans);
- certDAO.close(trans);
- delegateDAO.close(trans);
- futureDAO.close(trans);
- approvalDAO.close(trans);
- }
-
- public Result<PermDAO.Data> permFrom(AuthzTrans trans, String type,
- String instance, String action) {
- Result<NsDAO.Data> rnd = deriveNs(trans, type);
- if (rnd.isOK()) {
- return Result.ok(new PermDAO.Data(new NsSplit(rnd.value, type),
- instance, action));
- } else {
- return Result.err(rnd);
- }
- }
-
- /**
- * getPermsByUser
- *
- * Because this call is frequently called internally, AND because we already
- * look for it in the initial Call, we cache within the Transaction
- *
- * @param trans
- * @param user
- * @return
- */
- public Result<List<PermDAO.Data>> getPermsByUser(AuthzTrans trans, String user, boolean lookup) {
- return PermLookup.get(trans, this, user).getPerms(lookup);
- }
-
- public Result<List<PermDAO.Data>> getPermsByUserFromRolesFilter(AuthzTrans trans, String user, String forUser) {
- PermLookup plUser = PermLookup.get(trans, this, user);
- Result<Set<String>> plPermNames = plUser.getPermNames();
- if(plPermNames.notOK()) {
- return Result.err(plPermNames);
- }
-
- Set<String> nss;
- if(forUser.equals(user)) {
- nss = null;
- } else {
- // Setup a TreeSet to check on Namespaces to
- nss = new TreeSet<>();
- PermLookup fUser = PermLookup.get(trans, this, forUser);
- Result<Set<String>> forUpn = fUser.getPermNames();
- if(forUpn.notOK()) {
- return Result.err(forUpn);
- }
-
- for(String pn : forUpn.value) {
- Result<String[]> decoded = PermDAO.Data.decodeToArray(trans, this, pn);
- if(decoded.isOKhasData()) {
- nss.add(decoded.value[0]);
- } else {
- trans.error().log(pn,", derived from a Role, is invalid:",decoded.errorString());
- }
- }
- }
-
- List<PermDAO.Data> rlpUser = new ArrayList<>();
- Result<PermDAO.Data> rpdd;
- PermDAO.Data pdd;
- for(String pn : plPermNames.value) {
- rpdd = PermDAO.Data.decode(trans, this, pn);
- if(rpdd.isOKhasData()) {
- pdd=rpdd.value;
- if(nss==null || nss.contains(pdd.ns)) {
- rlpUser.add(pdd);
- }
- } else {
- trans.error().log(pn,", derived from a Role, is invalid. Run Data Cleanup:",rpdd.errorString());
- }
- }
- return Result.ok(rlpUser);
- }
-
- public Result<List<PermDAO.Data>> getPermsByType(AuthzTrans trans, String perm) {
- Result<NsSplit> nss = deriveNsSplit(trans, perm);
- if (nss.notOK()) {
- return Result.err(nss);
- }
- return permDAO.readByType(trans, nss.value.ns, nss.value.name);
- }
-
- public Result<List<PermDAO.Data>> getPermsByName(AuthzTrans trans,
- String type, String instance, String action) {
- Result<NsSplit> nss = deriveNsSplit(trans, type);
- if (nss.notOK()) {
- return Result.err(nss);
- }
- return permDAO.read(trans, nss.value.ns, nss.value.name, instance,action);
- }
-
- public Result<List<PermDAO.Data>> getPermsByRole(AuthzTrans trans, String role, boolean lookup) {
- Result<NsSplit> nss = deriveNsSplit(trans, role);
- if (nss.notOK()) {
- return Result.err(nss);
- }
-
- Result<List<RoleDAO.Data>> rlrd = roleDAO.read(trans, nss.value.ns,
- nss.value.name);
- if (rlrd.notOKorIsEmpty()) {
- return Result.err(rlrd);
- }
- // Using Set to avoid duplicates
- Set<String> permNames = new HashSet<>();
- if (rlrd.isOKhasData()) {
- for (RoleDAO.Data drr : rlrd.value) {
- permNames.addAll(drr.perms(false));
- }
- }
-
- // Note: It should be ok for a Valid user to have no permissions -
- // Jonathan 8/12/2013
- List<PermDAO.Data> perms = new ArrayList<>();
- for (String perm : permNames) {
- Result<PermDAO.Data> pr = PermDAO.Data.decode(trans, this, perm);
- if (pr.notOK()) {
- return Result.err(pr);
- }
-
- if(lookup) {
- Result<List<PermDAO.Data>> rlpd = permDAO.read(trans, pr.value);
- if (rlpd.isOKhasData()) {
- for (PermDAO.Data pData : rlpd.value) {
- perms.add(pData);
- }
- }
- } else {
- perms.add(pr.value);
- }
- }
-
- return Result.ok(perms);
- }
-
- public Result<List<RoleDAO.Data>> getRolesByName(AuthzTrans trans,
- String role) {
- Result<NsSplit> nss = deriveNsSplit(trans, role);
- if (nss.notOK()) {
- return Result.err(nss);
- }
- String r = nss.value.name;
- if (r.endsWith(".*")) { // do children Search
- return roleDAO.readChildren(trans, nss.value.ns,
- r.substring(0, r.length() - 2));
- } else if (ASTERIX.equals(r)) {
- return roleDAO.readChildren(trans, nss.value.ns, ASTERIX);
- } else {
- return roleDAO.read(trans, nss.value.ns, r);
- }
- }
-
- /**
- * Derive NS
- *
- * Given a Child Namespace, figure out what the best Namespace parent is.
- *
- * For instance, if in the NS table, the parent "org.osaaf" exists, but not
- * "org.osaaf.child" or "org.osaaf.a.b.c", then passing in either
- * "org.osaaf.child" or "org.osaaf.a.b.c" will return "org.osaaf"
- *
- * Uses recursive search on Cached DAO data
- *
- * @param trans
- * @param child
- * @return
- */
- public Result<NsDAO.Data> deriveNs(AuthzTrans trans, String child) {
- Result<List<NsDAO.Data>> r = nsDAO.read(trans, child);
-
- if (r.isOKhasData()) {
- return Result.ok(r.value.get(0));
- } else {
- int dot;
- if(child==null) {
- return Result.err(Status.ERR_NsNotFound, "No Namespace");
- } else {
- dot = child.lastIndexOf('.');
- }
- if (dot < 0) {
- return Result.err(Status.ERR_NsNotFound, "No Namespace for [%s]", child);
- } else {
- return deriveNs(trans, child.substring(0, dot));
- }
- }
- }
-
- public Result<NsDAO.Data> deriveFirstNsForType(AuthzTrans trans, String str, NsType type) {
- NsDAO.Data nsd;
-
- for(String lookup = str;!".".equals(lookup) && lookup!=null;) {
- Result<List<NsDAO.Data>> rld = nsDAO.read(trans, lookup);
- if(rld.isOKhasData()) {
- nsd=rld.value.get(0);
- lookup = nsd.parent;
- if(type.type == nsd.type) {
- return Result.ok(nsd);
- }
- } else {
- return Result.err(Status.ERR_NsNotFound,"There is no valid Company Namespace for %s",str);
- }
- }
- return Result.err(Status.ERR_NotFound, str + " does not contain type " + type.name());
- }
-
- public Result<NsSplit> deriveNsSplit(AuthzTrans trans, String child) {
- Result<NsDAO.Data> ndd = deriveNs(trans, child);
- if (ndd.isOK()) {
- NsSplit nss = new NsSplit(ndd.value, child);
- if (nss.isOK()) {
- return Result.ok(nss);
- } else {
- return Result.err(Status.ERR_NsNotFound,
- "Cannot split [%s] into valid namespace elements",
- child);
- }
- }
- return Result.err(ndd);
- }
-
- /**
- * Translate an ID into it's domain
- *
- * i.e. myid1234@aaf.att.com results in domain of com.att.aaf
- *
- * @param id
- * @return
- */
- public static String domain2ns(String id) {
- int at = id.indexOf('@');
- if (at >= 0) {
- String[] domain = id.substring(at + 1).split("\\.");
- StringBuilder ns = new StringBuilder(id.length());
- boolean first = true;
- for (int i = domain.length - 1; i >= 0; --i) {
- if (first) {
- first = false;
- } else {
- ns.append('.');
- }
- ns.append(domain[i]);
- }
- return ns.toString();
- } else {
- return "";
- }
-
- }
-
- /**
- * Validate Namespace of ID@Domain
- *
- * Namespace is reverse order of Domain.
- *
- * @param trans
- * @param id
- * @return
- */
- public Result<NsDAO.Data> validNSOfDomain(AuthzTrans trans, String id) {
- // Take domain, reverse order, and check on NS
- String ns;
- if(id.indexOf('@')<0) { // it's already an ns, not an ID
- ns = id;
- } else {
- ns = domain2ns(id);
- }
- if (ns.length() > 0) {
- if(!trans.org().getDomain().equals(ns)) {
- Result<List<NsDAO.Data>> rlnsd = nsDAO.read(trans, ns);
- if (rlnsd.isOKhasData()) {
- return Result.ok(rlnsd.value.get(0));
- }
- }
- }
- return Result.err(Status.ERR_NsNotFound,
- "A Namespace is not available for %s", id);
- }
-
- public Result<NsDAO.Data> mayUser(AuthzTrans trans, String user,NsDAO.Data ndd, Access access) {
- // <ns>.access|:role:<role name>|<read|write>
- String ns = ndd.name;
- int last;
- do {
- if (isGranted(trans, user, ns, ACCESS, ":ns", access.name())) {
- return Result.ok(ndd);
- }
- if ((last = ns.lastIndexOf('.')) >= 0) {
- ns = ns.substring(0, last);
- }
- } while (last >= 0);
- // com.att.aaf.ns|:<client ns>:ns|<access>
- // AAF-724 - Make consistent response for May User", and not take the
- // last check... too confusing.
- Result<NsDAO.Data> rv = mayUserVirtueOfNS(trans, user, ndd, ":" + ndd.name + ":ns", access.name());
- if (rv.isOK()) {
- return rv;
- } else if(rv.status==Result.ERR_Backend) {
- return Result.err(rv);
- } else {
- return Result.err(Status.ERR_Denied, "[%s] may not %s in NS [%s]",
- user, access.name(), ndd.name);
- }
- }
-
- public Result<NsDAO.Data> mayUser(AuthzTrans trans, String user, RoleDAO.Data rdd, Access access) {
- Result<NsDAO.Data> rnsd = deriveNs(trans, rdd.ns);
- if (rnsd.isOK()) {
- return mayUser(trans, user, rnsd.value, rdd, access);
- }
- return rnsd;
- }
-
- public Result<NsDAO.Data> mayUser(AuthzTrans trans, String user, NsDAO.Data ndd, RoleDAO.Data rdd, Access access) {
- // 1) Is User in the Role?
- Result<List<UserRoleDAO.Data>> rurd = userRoleDAO.readUserInRole(trans, user, rdd.fullName());
- if (rurd.isOKhasData()) {
- return Result.ok(ndd);
- }
-
- String roleInst = ":role:" + rdd.name;
- // <ns>.access|:role:<role name>|<read|write>
- String ns = rdd.ns;
- int last;
- do {
- if (isGranted(trans, user, ns,ACCESS, roleInst, access.name())) {
- return Result.ok(ndd);
- }
- if ((last = ns.lastIndexOf('.')) >= 0) {
- ns = ns.substring(0, last);
- }
- } while (last >= 0);
-
- // Check if Access by Global Role perm
- // com.att.aaf.ns|:<client ns>:role:name|<access>
- Result<NsDAO.Data> rnsd = mayUserVirtueOfNS(trans, user, ndd, ":"
- + rdd.ns + roleInst, access.name());
- if (rnsd.isOK()) {
- return rnsd;
- } else if(rnsd.status==Result.ERR_Backend) {
- return Result.err(rnsd);
- }
-
- // Check if Access to Whole NS
- // AAF-724 - Make consistent response for May User", and not take the
- // last check... too confusing.
- Result<org.onap.aaf.auth.dao.cass.NsDAO.Data> rv = mayUserVirtueOfNS(trans, user, ndd,
- ":" + rdd.ns + ":ns", access.name());
- if (rv.isOK()) {
- return rv;
- } else if(rnsd.status==Result.ERR_Backend) {
- return Result.err(rnsd);
- } else {
- return Result.err(Status.ERR_Denied, "[%s] may not %s Role [%s]",
- user, access.name(), rdd.fullName());
- }
-
- }
-
- public Result<NsDAO.Data> mayUser(AuthzTrans trans, String user,PermDAO.Data pdd, Access access) {
- Result<NsDAO.Data> rnsd = deriveNs(trans, pdd.ns);
- if (rnsd.isOK()) {
- return mayUser(trans, user, rnsd.value, pdd, access);
- }
- return rnsd;
- }
-
- public Result<NsDAO.Data> mayUser(AuthzTrans trans, String user,NsDAO.Data ndd, PermDAO.Data pdd, Access access) {
- if (isGranted(trans, user, pdd.ns, pdd.type, pdd.instance, pdd.action)) {
- return Result.ok(ndd);
- }
- String permInst = ":perm:" + pdd.type + ':' + pdd.instance + ':' + pdd.action;
- // <ns>.access|:role:<role name>|<read|write>
- String ns = ndd.name;
- int last;
- do {
- if (isGranted(trans, user, ns, ACCESS, permInst, access.name())) {
- return Result.ok(ndd);
- }
- if ((last = ns.lastIndexOf('.')) >= 0) {
- ns = ns.substring(0, last);
- }
- } while (last >= 0);
-
- // Check if Access by NS perm
- // com.att.aaf.ns|:<client ns>:role:name|<access>
- Result<NsDAO.Data> rnsd = mayUserVirtueOfNS(trans, user, ndd, ":" + pdd.ns + permInst, access.name());
- if (rnsd.isOK()) {
- return rnsd;
- } else if(rnsd.status==Result.ERR_Backend) {
- return Result.err(rnsd);
- }
-
- // Check if Access to Whole NS
- // AAF-724 - Make consistent response for May User", and not take the
- // last check... too confusing.
- Result<NsDAO.Data> rv = mayUserVirtueOfNS(trans, user, ndd, ":" + pdd.ns + ":ns", access.name());
- if (rv.isOK()) {
- return rv;
- } else {
- return Result.err(Status.ERR_Denied,
- "[%s] may not %s Perm [%s|%s|%s]", user, access.name(),
- pdd.fullType(), pdd.instance, pdd.action);
- }
-
- }
-
- public Result<Void> mayUser(AuthzTrans trans, DelegateDAO.Data dd, Access access) {
- try {
- Result<NsDAO.Data> rnsd = deriveNs(trans, domain2ns(trans.user()));
- if(rnsd.isOKhasData() && mayUserVirtueOfNS(trans,trans.user(),rnsd.value, ":" + rnsd.value.name + ":ns", access.name()).isOK()) {
- return Result.ok();
- }
- boolean isUser = trans.user().equals(dd.user);
- boolean isDelegate = dd.delegate != null
- && (dd.user.equals(dd.delegate) || trans.user().equals(
- dd.delegate));
- Organization org = trans.org();
- switch (access) {
- case create:
- if (org.getIdentity(trans, dd.user) == null) {
- return Result.err(Status.ERR_UserNotFound,
- "[%s] is not a user in the company database.",
- dd.user);
- }
- if (!dd.user.equals(dd.delegate) && org.getIdentity(trans, dd.delegate) == null) {
- return Result.err(Status.ERR_UserNotFound,
- "[%s] is not a user in the company database.",
- dd.delegate);
- }
- if (!trans.requested(REQD_TYPE.force) && dd.user != null && dd.user.equals(dd.delegate)) {
- return Result.err(Status.ERR_BadData,
- "[%s] cannot be a delegate for self", dd.user);
- }
- if (!isUser && !isGranted(trans, trans.user(), ROOT_NS,DELG,
- org.getDomain(), Question.CREATE)) {
- return Result.err(Status.ERR_Denied,
- "[%s] may not create a delegate for [%s]",
- trans.user(), dd.user);
- }
- break;
- case read:
- case write:
- if (!isUser && !isDelegate &&
- !isGranted(trans, trans.user(), ROOT_NS,DELG,org.getDomain(), access.name())) {
- return Result.err(Status.ERR_Denied,
- "[%s] may not %s delegates for [%s]", trans.user(),
- access.name(), dd.user);
- }
- break;
- default:
- return Result.err(Status.ERR_BadData,"Unknown Access type [%s]", access.name());
- }
- } catch (Exception e) {
- return Result.err(e);
- }
- return Result.ok();
- }
-
- /*
- * Check (recursively, if necessary), if able to do something based on NS
- */
- private Result<NsDAO.Data> mayUserVirtueOfNS(AuthzTrans trans, String user, NsDAO.Data nsd, String ns_and_type, String access) {
- String ns = nsd.name;
-
- // If an ADMIN of the Namespace, then allow
-
- Result<List<UserRoleDAO.Data>> rurd;
- if ((rurd = userRoleDAO.readUserInRole(trans, user, ns+DOT_ADMIN)).isOKhasData()) {
- return Result.ok(nsd);
- } else if(rurd.status==Result.ERR_Backend) {
- return Result.err(rurd);
- }
-
- // If Specially granted Global Permission
- if (isGranted(trans, user, ROOT_NS,NS, ns_and_type, access)) {
- return Result.ok(nsd);
- }
-
- // Check recur
-
- int dot = ns.length();
- if ((dot = ns.lastIndexOf('.', dot - 1)) >= 0) {
- Result<NsDAO.Data> rnsd = deriveNs(trans, ns.substring(0, dot));
- if (rnsd.isOK()) {
- rnsd = mayUserVirtueOfNS(trans, user, rnsd.value, ns_and_type,access);
- } else if(rnsd.status==Result.ERR_Backend) {
- return Result.err(rnsd);
- }
- if (rnsd.isOK()) {
- return Result.ok(nsd);
- } else if(rnsd.status==Result.ERR_Backend) {
- return Result.err(rnsd);
- }
- }
- return Result.err(Status.ERR_Denied, "%s may not %s %s", user, access,
- ns_and_type);
- }
-
-
- /**
- * isGranted
- *
- * Important function - Check internal Permission Schemes for Permission to
- * do things
- *
- * @param trans
- * @param type
- * @param instance
- * @param action
- * @return
- */
- public boolean isGranted(AuthzTrans trans, String user, String ns, String type,String instance, String action) {
- Result<List<PermDAO.Data>> perms = getPermsByUser(trans, user, false);
- if (perms.isOK()) {
- for (PermDAO.Data pd : perms.value) {
- if (ns.equals(pd.ns)) {
- if (type.equals(pd.type)) {
- if (PermEval.evalInstance(pd.instance, instance)) {
- if(PermEval.evalAction(pd.action, action)) { // don't return action here, might miss other action
- return true;
- }
- }
- }
- }
- }
- }
- return false;
- }
-
- public Result<Date> doesUserCredMatch(AuthzTrans trans, String user, byte[] cred) throws DAOException {
- Result<List<CredDAO.Data>> result;
- TimeTaken tt = trans.start("Read DB Cred", Env.REMOTE);
- try {
- result = credDAO.readID(trans, user);
- } finally {
- tt.done();
- }
-
- Result<Date> rv = null;
- if(result.isOK()) {
- if (result.isEmpty()) {
- rv = Result.err(Status.ERR_UserNotFound, user);
- if (willSpecialLog(trans,user)) {
- trans.audit().log("Special DEBUG:", user, " does not exist in DB");
- }
- } else {
- Date now = new Date();//long now = System.currentTimeMillis();
- // Bug noticed 6/22. Sorting on the result can cause Concurrency Issues.
- List<CredDAO.Data> cddl;
- if(result.value.size() > 1) {
- cddl = new ArrayList<>(result.value.size());
- for(CredDAO.Data old : result.value) {
- if(old.type==CredDAO.BASIC_AUTH || old.type==CredDAO.BASIC_AUTH_SHA256) {
- cddl.add(old);
- }
- }
- if(cddl.size()>1) {
- Collections.sort(cddl,new Comparator<CredDAO.Data>() {
- @Override
- public int compare(org.onap.aaf.auth.dao.cass.CredDAO.Data a,
- org.onap.aaf.auth.dao.cass.CredDAO.Data b) {
- return b.expires.compareTo(a.expires);
- }
- });
- }
- } else {
- cddl = result.value;
- }
-
- Date expired = null;
- StringBuilder debug = willSpecialLog(trans,user)?new StringBuilder():null;
- for (CredDAO.Data cdd : cddl) {
- if(!cdd.id.equals(user)) {
- trans.error().log("doesUserCredMatch DB call does not match for user: " + user);
- }
- if (cdd.expires.after(now)) {
- byte[] dbcred = cdd.cred.array();
-
- try {
- switch(cdd.type) {
- case CredDAO.BASIC_AUTH:
- byte[] md5=Hash.hashMD5(cred);
- if(Hash.compareTo(md5,dbcred)==0) {
- checkLessThanDays(trans,7,now,cdd);
- return Result.ok(cdd.expires);
- } else if (debug!=null) {
- load(debug, cdd);
- }
- break;
- case CredDAO.BASIC_AUTH_SHA256:
- ByteBuffer bb = ByteBuffer.allocate(Integer.SIZE + cred.length);
- bb.putInt(cdd.other);
- bb.put(cred);
- byte[] hash = Hash.hashSHA256(bb.array());
-
- if(Hash.compareTo(hash,dbcred)==0) {
- checkLessThanDays(trans,7,now,cdd);
- return Result.ok(cdd.expires);
- } else if (debug!=null) {
- load(debug, cdd);
- }
- break;
- default:
- trans.error().log("Unknown Credential Type %s for %s, %s",Integer.toString(cdd.type),cdd.id, Chrono.dateTime(cdd.expires));
- }
- } catch (NoSuchAlgorithmException e) {
- trans.error().log(e);
- }
- } else {
- if(expired==null || expired.before(cdd.expires)) {
- expired = cdd.expires;
- }
- }
- } // end for each
- if(debug==null) {
- trans.audit().printf("No cred matches ip=%s, user=%s\n",trans.ip(),user);
- } else {
- trans.audit().printf("No cred matches ip=%s, user=%s %s\n",trans.ip(),user,debug.toString());
- }
- if(expired!=null) {
- // Note: this is only returned if there are no good Credentials
- rv = Result.err(Status.ERR_Security,
- "Credentials %s from %s expired %s",trans.user(), trans.ip(), Chrono.dateTime(expired));
- }
- }
- } else {
- return Result.err(result);
- }
- return rv == null ? Result.create((Date) null, Status.ERR_Security, "Wrong credential") : rv;
- }
-
-
- private void load(StringBuilder debug, Data cdd) {
- debug.append("DB Entry: user=");
- debug.append(cdd.id);
- debug.append(",type=");
- debug.append(cdd.type);
- debug.append(",expires=");
- debug.append(Chrono.dateTime(cdd.expires));
- debug.append('\n');
- }
-
-
- private void checkLessThanDays(AuthzTrans trans, int days, Date now, Data cdd) {
- long close = now.getTime() + (days * 86400000);
- long cexp=cdd.expires.getTime();
- if(cexp<close) {
- int daysLeft = days-(int)((close-cexp)/86400000);
- trans.audit().printf("user=%s,ip=%s,expires=%s,days=%d,msg=\"Password expires in less than %d day%s\"",
- cdd.id,trans.ip(),Chrono.dateOnlyStamp(cdd.expires),daysLeft, daysLeft,daysLeft==1?"":"s");
- }
- }
-
-
- public Result<CredDAO.Data> userCredSetup(AuthzTrans trans, CredDAO.Data cred) {
- if(cred.type==CredDAO.RAW) {
- TimeTaken tt = trans.start("Hash Cred", Env.SUB);
- try {
- cred.type = CredDAO.BASIC_AUTH_SHA256;
- cred.other = random.nextInt();
- ByteBuffer bb = ByteBuffer.allocate(Integer.SIZE + cred.cred.capacity());
- bb.putInt(cred.other);
- bb.put(cred.cred);
- byte[] hash = Hash.hashSHA256(bb.array());
- cred.cred = ByteBuffer.wrap(hash);
- return Result.ok(cred);
- } catch (NoSuchAlgorithmException e) {
- return Result.err(Status.ERR_General,e.getLocalizedMessage());
- } finally {
- tt.done();
- }
-
- }
- return Result.err(Status.ERR_Security,"invalid/unreadable credential");
- }
-
- public Result<Boolean> userCredCheck(AuthzTrans trans, CredDAO.Data orig, final byte[] raw) {
- TimeTaken tt = trans.start("CheckCred Cred", Env.SUB);
- try {
- switch(orig.type) {
- case CredDAO.BASIC_AUTH_SHA256:
- ByteBuffer bb = ByteBuffer.allocate(Integer.SIZE + raw.length);
- bb.putInt(orig.other);
- bb.put(raw);
- return Result.ok(Hash.compareTo(orig.cred.array(),Hash.hashSHA256(bb.array()))==0);
- case CredDAO.BASIC_AUTH:
- return Result.ok( Hash.compareTo(orig.cred.array(), Hash.hashMD5(raw))==0);
- default:
- return Result.ok(false);
- }
- } catch (NoSuchAlgorithmException e) {
- return Result.err(Status.ERR_General,e.getLocalizedMessage());
- } finally {
- tt.done();
- }
- }
-
- public static final String APPROVED = "APPROVE";
- public static final String REJECT = "REJECT";
- public static final String PENDING = "PENDING";
-
- public Result<Void> canAddUser(AuthzTrans trans, UserRoleDAO.Data data,
- List<ApprovalDAO.Data> approvals) {
- // get the approval policy for the organization
-
- // get the list of approvals with an accept status
-
- // validate the approvals against the policy
-
- // for now check if all approvals are received and return
- // SUCCESS/FAILURE/SKIP
- boolean bReject = false;
- boolean bPending = false;
-
- for (ApprovalDAO.Data approval : approvals) {
- if (approval.status.equals(REJECT)) {
- bReject = true;
- } else if (approval.status.equals(PENDING)) {
- bPending = true;
- }
- }
- if (bReject) {
- return Result.err(Status.ERR_Policy,
- "Approval Polocy not conformed");
- }
- if (bPending) {
- return Result.err(Status.ERR_ActionNotCompleted,
- "Required Approvals not received");
- }
-
- return Result.ok();
- }
-
- private static final String NO_CACHE_NAME = "No Cache Data named %s";
-
- public Result<Void> clearCache(AuthzTrans trans, String cname) {
- boolean all = "all".equals(cname);
- Result<Void> rv = null;
-
- if (all || NsDAO.TABLE.equals(cname)) {
- int seg[] = series(NsDAO.CACHE_SEG);
- for(int i: seg) {cacheClear(trans, NsDAO.TABLE,i);}
- rv = cacheInfoDAO.touch(trans, NsDAO.TABLE, seg);
- }
- if (all || PermDAO.TABLE.equals(cname)) {
- int seg[] = series(NsDAO.CACHE_SEG);
- for(int i: seg) {cacheClear(trans, PermDAO.TABLE,i);}
- rv = cacheInfoDAO.touch(trans, PermDAO.TABLE,seg);
- }
- if (all || RoleDAO.TABLE.equals(cname)) {
- int seg[] = series(NsDAO.CACHE_SEG);
- for(int i: seg) {cacheClear(trans, RoleDAO.TABLE,i);}
- rv = cacheInfoDAO.touch(trans, RoleDAO.TABLE,seg);
- }
- if (all || UserRoleDAO.TABLE.equals(cname)) {
- int seg[] = series(NsDAO.CACHE_SEG);
- for(int i: seg) {cacheClear(trans, UserRoleDAO.TABLE,i);}
- rv = cacheInfoDAO.touch(trans, UserRoleDAO.TABLE,seg);
- }
- if (all || CredDAO.TABLE.equals(cname)) {
- int seg[] = series(NsDAO.CACHE_SEG);
- for(int i: seg) {cacheClear(trans, CredDAO.TABLE,i);}
- rv = cacheInfoDAO.touch(trans, CredDAO.TABLE,seg);
- }
- if (all || CertDAO.TABLE.equals(cname)) {
- int seg[] = series(NsDAO.CACHE_SEG);
- for(int i: seg) {cacheClear(trans, CertDAO.TABLE,i);}
- rv = cacheInfoDAO.touch(trans, CertDAO.TABLE,seg);
- }
-
- if (rv == null) {
- rv = Result.err(Status.ERR_BadData, NO_CACHE_NAME, cname);
- }
- return rv;
- }
-
- public Result<Void> cacheClear(AuthzTrans trans, String cname,Integer segment) {
- Result<Void> rv;
- if (NsDAO.TABLE.equals(cname)) {
- rv = nsDAO.invalidate(segment);
- } else if (PermDAO.TABLE.equals(cname)) {
- rv = permDAO.invalidate(segment);
- } else if (RoleDAO.TABLE.equals(cname)) {
- rv = roleDAO.invalidate(segment);
- } else if (UserRoleDAO.TABLE.equals(cname)) {
- rv = userRoleDAO.invalidate(segment);
- } else if (CredDAO.TABLE.equals(cname)) {
- rv = credDAO.invalidate(segment);
- } else if (CertDAO.TABLE.equals(cname)) {
- rv = certDAO.invalidate(segment);
- } else {
- rv = Result.err(Status.ERR_BadData, NO_CACHE_NAME, cname);
- }
- return rv;
- }
-
- private int[] series(int max) {
- int[] series = new int[max];
- for (int i = 0; i < max; ++i)
- series[i] = i;
- return series;
- }
-
- public boolean isDelegated(AuthzTrans trans, String user, String approver, Map<String,Result<List<DelegateDAO.Data>>> rldd ) {
- Result<List<DelegateDAO.Data>> userDelegatedFor = rldd.get(user);
- if(userDelegatedFor==null) {
- userDelegatedFor=delegateDAO.readByDelegate(trans, user);
- rldd.put(user, userDelegatedFor);
- }
- if(userDelegatedFor.isOKhasData()) {
- for (DelegateDAO.Data curr : userDelegatedFor.value) {
- if (curr.user.equals(approver) && curr.delegate.equals(user)
- && curr.expires.after(new Date())) {
- return true;
- }
- }
- }
- return false;
- }
-
- public static boolean willSpecialLog(AuthzTrans trans, String user) {
- Boolean b = trans.get(specialLogSlot, null);
- if(b==null) { // we haven't evaluated in this trans for Special Log yet
- if(specialLog==null) {
- return false;
- } else {
- b = specialLog.contains(user);
- trans.put(specialLogSlot, b);
- }
- }
- return b;
- }
-
- public static void logEncryptTrace(AuthzTrans trans, String data) {
- long ti;
- trans.put(transIDSlot, ti=nextTraceID());
- trans.trace().log("id="+Long.toHexString(ti)+",data=\""+trans.env().encryptor().encrypt(data)+'"');
- }
-
- private synchronized static long nextTraceID() {
- return ++traceID;
- }
-
- public static synchronized boolean specialLogOn(AuthzTrans trans, String id) {
- if (specialLog == null) {
- specialLog = new HashSet<>();
- }
- boolean rc = specialLog.add(id);
- if(rc) {
- trans.trace().printf("Trace on for %s requested by %s",id,trans.user());
- }
- return rc;
- }
-
- public static synchronized boolean specialLogOff(AuthzTrans trans, String id) {
- if(specialLog==null) {
- return false;
- }
- boolean rv = specialLog.remove(id);
- if (specialLog.isEmpty()) {
- specialLog = null;
- }
- if(rv) {
- trans.trace().printf("Trace off for %s requested by %s",id,trans.user());
- }
- return rv;
- }
-
- /**
- * canMove
- * Which Types can be moved
- * @param nsType
- * @return
- */
- public boolean canMove(NsType nsType) {
- boolean rv;
- switch(nsType) {
- case DOT:
- case ROOT:
- case COMPANY:
- case UNKNOWN:
- rv = false;
- break;
- default:
- rv = true;
- }
- return rv;
- }
-
- public boolean isAdmin(AuthzTrans trans, String user, String ns) {
- Date now = new Date();
- Result<List<UserRoleDAO.Data>> rur = userRoleDAO.read(trans, user,ns+DOT_ADMIN);
- if(rur.isOKhasData()) {for(UserRoleDAO.Data urdd : rur.value){
- if(urdd.expires.after(now)) {
- return true;
- }
- }};
- return false;
- }
-
- public boolean isOwner(AuthzTrans trans, String user, String ns) {
- Result<List<UserRoleDAO.Data>> rur = userRoleDAO.read(trans, user,ns+DOT_OWNER);
- Date now = new Date();
- if(rur.isOKhasData()) {for(UserRoleDAO.Data urdd : rur.value){
- if(urdd.expires.after(now)) {
- return true;
- }
- }};
- return false;
- }
-
- public int countOwner(AuthzTrans trans, String ns) {
- Result<List<UserRoleDAO.Data>> rur = userRoleDAO.readByRole(trans,ns+DOT_OWNER);
- Date now = new Date();
- int count = 0;
- if(rur.isOKhasData()) {for(UserRoleDAO.Data urdd : rur.value){
- if(urdd.expires.after(now)) {
- ++count;
- }
- }};
- return count;
- }
-
- /**
- * Return a Unique String, (same string, if it is already unique), with only
- * lowercase letters, digits and the '.' character.
- *
- * @param name
- * @return
- * @throws IOException
- */
- public static String toUnique(String name) throws IOException {
- byte[] from = name.getBytes();
- StringBuilder sb = new StringBuilder();
- byte f;
- for(int i=0;i<from.length;++i) {
- f=(byte)(from[i]); // printables;
- sb.append((char)((f>>4)+0x61));
- sb.append((char)((f&0x0F)+0x61));
- }
- return sb.toString();
- }
-
- public static String fromUnique(String name) throws IOException {
- byte[] from = name.getBytes();
- StringBuilder sb = new StringBuilder();
- char c;
- for(int i=0;i<from.length;++i) {
- c = (char)((from[i]-0x61)<<4);
- c |= (from[++i]-0x61);
- sb.append(c);
- }
- return sb.toString();
- }
+ // DON'T CHANGE FROM lower Case!!!
+ public static enum Type {
+ ns, role, perm, cred
+ };
+
+ public static final String OWNER="owner";
+ public static final String ADMIN="admin";
+ public static final String DOT_OWNER=".owner";
+ public static final String DOT_ADMIN=".admin";
+ public static final String ACCESS = "access";
+
+ static final String ASTERIX = "*";
+
+ public static enum Access {
+ read, write, create
+ };
+
+ public static final String READ = Access.read.name();
+ public static final String WRITE = Access.write.name();
+ public static final String CREATE = Access.create.name();
+
+ public static final String ROLE = Type.role.name();
+ public static final String PERM = Type.perm.name();
+ public static final String NS = Type.ns.name();
+ public static final String CRED = Type.cred.name();
+ private static final String DELG = "delg";
+ public static final String ROOT_NS = Define.isInitialized() ? Define.ROOT_NS() : "undefined";
+ public static final String ATTRIB = "attrib";
+
+
+ public static final int MAX_SCOPE = 10;
+ public static final int APP_SCOPE = 3;
+ public static final int COMPANY_SCOPE = 2;
+ static Slot PERMS;
+
+ private static Set<String> specialLog = null;
+ public static final Random random = new SecureRandom();
+ private static long traceID = random.nextLong();
+ private static Slot specialLogSlot = null;
+ private static Slot transIDSlot = null;
+
+
+ public final HistoryDAO historyDAO;
+ public final CachedNSDAO nsDAO;
+ public final CachedRoleDAO roleDAO;
+ public final CachedPermDAO permDAO;
+ public final CachedUserRoleDAO userRoleDAO;
+ public final CachedCredDAO credDAO;
+ public final CachedCertDAO certDAO;
+ public final DelegateDAO delegateDAO;
+ public final FutureDAO futureDAO;
+ public final ApprovalDAO approvalDAO;
+ private final CacheInfoDAO cacheInfoDAO;
+ public final LocateDAO locateDAO;
+
+ public Question(AuthzTrans trans, Cluster cluster, String keyspace, boolean startClean) throws APIException, IOException {
+ PERMS = trans.slot("USER_PERMS");
+ trans.init().log("Instantiating DAOs");
+ long expiresIn = Long.parseLong(trans.getProperty(Config.AAF_USER_EXPIRES, Config.AAF_USER_EXPIRES_DEF));
+ historyDAO = new HistoryDAO(trans, cluster, keyspace);
+
+ // Deal with Cached Entries
+ cacheInfoDAO = new CacheInfoDAO(trans, historyDAO);
+
+ nsDAO = new CachedNSDAO(new NsDAO(trans, historyDAO, cacheInfoDAO),cacheInfoDAO, expiresIn);
+ permDAO = new CachedPermDAO(new PermDAO(trans, historyDAO, cacheInfoDAO), cacheInfoDAO, expiresIn);
+ roleDAO = new CachedRoleDAO(new RoleDAO(trans, historyDAO, cacheInfoDAO), cacheInfoDAO, expiresIn);
+ userRoleDAO = new CachedUserRoleDAO(new UserRoleDAO(trans, historyDAO,cacheInfoDAO), cacheInfoDAO, expiresIn);
+ credDAO = new CachedCredDAO(new CredDAO(trans, historyDAO, cacheInfoDAO), cacheInfoDAO, expiresIn);
+ certDAO = new CachedCertDAO(new CertDAO(trans, historyDAO, cacheInfoDAO), cacheInfoDAO, expiresIn);
+
+ locateDAO = new LocateDAO(trans,historyDAO);
+ futureDAO = new FutureDAO(trans, historyDAO);
+ delegateDAO = new DelegateDAO(trans, historyDAO);
+ approvalDAO = new ApprovalDAO(trans, historyDAO);
+
+ // Only want to aggressively cleanse User related Caches... The others,
+ // just normal refresh
+ if(startClean) {
+ CachedDAO.startCleansing(trans.env(), credDAO, userRoleDAO);
+ CachedDAO.startRefresh(trans.env(), cacheInfoDAO);
+ }
+ // Set a Timer to Check Caches to send messages for Caching changes
+
+ if(specialLogSlot==null) {
+ specialLogSlot = trans.slot(AuthzTransFilter.SPECIAL_LOG_SLOT);
+ }
+
+ if(transIDSlot==null) {
+ transIDSlot = trans.slot(AuthzTransFilter.TRANS_ID_SLOT);
+ }
+
+ AbsCassDAO.primePSIs(trans);
+ }
+
+
+ public void close(AuthzTrans trans) {
+ historyDAO.close(trans);
+ cacheInfoDAO.close(trans);
+ nsDAO.close(trans);
+ permDAO.close(trans);
+ roleDAO.close(trans);
+ userRoleDAO.close(trans);
+ credDAO.close(trans);
+ certDAO.close(trans);
+ delegateDAO.close(trans);
+ futureDAO.close(trans);
+ approvalDAO.close(trans);
+ }
+
+ public Result<PermDAO.Data> permFrom(AuthzTrans trans, String type,
+ String instance, String action) {
+ Result<NsDAO.Data> rnd = deriveNs(trans, type);
+ if (rnd.isOK()) {
+ return Result.ok(new PermDAO.Data(new NsSplit(rnd.value, type),
+ instance, action));
+ } else {
+ return Result.err(rnd);
+ }
+ }
+
+ /**
+ * getPermsByUser
+ *
+ * Because this call is frequently called internally, AND because we already
+ * look for it in the initial Call, we cache within the Transaction
+ *
+ * @param trans
+ * @param user
+ * @return
+ */
+ public Result<List<PermDAO.Data>> getPermsByUser(AuthzTrans trans, String user, boolean lookup) {
+ return PermLookup.get(trans, this, user).getPerms(lookup);
+ }
+
+ public Result<List<PermDAO.Data>> getPermsByUserFromRolesFilter(AuthzTrans trans, String user, String forUser) {
+ PermLookup plUser = PermLookup.get(trans, this, user);
+ Result<Set<String>> plPermNames = plUser.getPermNames();
+ if(plPermNames.notOK()) {
+ return Result.err(plPermNames);
+ }
+
+ Set<String> nss;
+ if(forUser.equals(user)) {
+ nss = null;
+ } else {
+ // Setup a TreeSet to check on Namespaces to
+ nss = new TreeSet<>();
+ PermLookup fUser = PermLookup.get(trans, this, forUser);
+ Result<Set<String>> forUpn = fUser.getPermNames();
+ if(forUpn.notOK()) {
+ return Result.err(forUpn);
+ }
+
+ for(String pn : forUpn.value) {
+ Result<String[]> decoded = PermDAO.Data.decodeToArray(trans, this, pn);
+ if(decoded.isOKhasData()) {
+ nss.add(decoded.value[0]);
+ } else {
+ trans.error().log(pn,", derived from a Role, is invalid:",decoded.errorString());
+ }
+ }
+ }
+
+ List<PermDAO.Data> rlpUser = new ArrayList<>();
+ Result<PermDAO.Data> rpdd;
+ PermDAO.Data pdd;
+ for(String pn : plPermNames.value) {
+ rpdd = PermDAO.Data.decode(trans, this, pn);
+ if(rpdd.isOKhasData()) {
+ pdd=rpdd.value;
+ if(nss==null || nss.contains(pdd.ns)) {
+ rlpUser.add(pdd);
+ }
+ } else {
+ trans.error().log(pn,", derived from a Role, is invalid. Run Data Cleanup:",rpdd.errorString());
+ }
+ }
+ return Result.ok(rlpUser);
+ }
+
+ public Result<List<PermDAO.Data>> getPermsByType(AuthzTrans trans, String perm) {
+ Result<NsSplit> nss = deriveNsSplit(trans, perm);
+ if (nss.notOK()) {
+ return Result.err(nss);
+ }
+ return permDAO.readByType(trans, nss.value.ns, nss.value.name);
+ }
+
+ public Result<List<PermDAO.Data>> getPermsByName(AuthzTrans trans,
+ String type, String instance, String action) {
+ Result<NsSplit> nss = deriveNsSplit(trans, type);
+ if (nss.notOK()) {
+ return Result.err(nss);
+ }
+ return permDAO.read(trans, nss.value.ns, nss.value.name, instance,action);
+ }
+
+ public Result<List<PermDAO.Data>> getPermsByRole(AuthzTrans trans, String role, boolean lookup) {
+ Result<NsSplit> nss = deriveNsSplit(trans, role);
+ if (nss.notOK()) {
+ return Result.err(nss);
+ }
+
+ Result<List<RoleDAO.Data>> rlrd = roleDAO.read(trans, nss.value.ns,
+ nss.value.name);
+ if (rlrd.notOKorIsEmpty()) {
+ return Result.err(rlrd);
+ }
+ // Using Set to avoid duplicates
+ Set<String> permNames = new HashSet<>();
+ if (rlrd.isOKhasData()) {
+ for (RoleDAO.Data drr : rlrd.value) {
+ permNames.addAll(drr.perms(false));
+ }
+ }
+
+ // Note: It should be ok for a Valid user to have no permissions -
+ // Jonathan 8/12/2013
+ List<PermDAO.Data> perms = new ArrayList<>();
+ for (String perm : permNames) {
+ Result<PermDAO.Data> pr = PermDAO.Data.decode(trans, this, perm);
+ if (pr.notOK()) {
+ return Result.err(pr);
+ }
+
+ if(lookup) {
+ Result<List<PermDAO.Data>> rlpd = permDAO.read(trans, pr.value);
+ if (rlpd.isOKhasData()) {
+ for (PermDAO.Data pData : rlpd.value) {
+ perms.add(pData);
+ }
+ }
+ } else {
+ perms.add(pr.value);
+ }
+ }
+
+ return Result.ok(perms);
+ }
+
+ public Result<List<RoleDAO.Data>> getRolesByName(AuthzTrans trans,
+ String role) {
+ Result<NsSplit> nss = deriveNsSplit(trans, role);
+ if (nss.notOK()) {
+ return Result.err(nss);
+ }
+ String r = nss.value.name;
+ if (r.endsWith(".*")) { // do children Search
+ return roleDAO.readChildren(trans, nss.value.ns,
+ r.substring(0, r.length() - 2));
+ } else if (ASTERIX.equals(r)) {
+ return roleDAO.readChildren(trans, nss.value.ns, ASTERIX);
+ } else {
+ return roleDAO.read(trans, nss.value.ns, r);
+ }
+ }
+
+ /**
+ * Derive NS
+ *
+ * Given a Child Namespace, figure out what the best Namespace parent is.
+ *
+ * For instance, if in the NS table, the parent "org.osaaf" exists, but not
+ * "org.osaaf.child" or "org.osaaf.a.b.c", then passing in either
+ * "org.osaaf.child" or "org.osaaf.a.b.c" will return "org.osaaf"
+ *
+ * Uses recursive search on Cached DAO data
+ *
+ * @param trans
+ * @param child
+ * @return
+ */
+ public Result<NsDAO.Data> deriveNs(AuthzTrans trans, String child) {
+ Result<List<NsDAO.Data>> r = nsDAO.read(trans, child);
+
+ if (r.isOKhasData()) {
+ return Result.ok(r.value.get(0));
+ } else {
+ int dot;
+ if(child==null) {
+ return Result.err(Status.ERR_NsNotFound, "No Namespace");
+ } else {
+ dot = child.lastIndexOf('.');
+ }
+ if (dot < 0) {
+ return Result.err(Status.ERR_NsNotFound, "No Namespace for [%s]", child);
+ } else {
+ return deriveNs(trans, child.substring(0, dot));
+ }
+ }
+ }
+
+ public Result<NsDAO.Data> deriveFirstNsForType(AuthzTrans trans, String str, NsType type) {
+ NsDAO.Data nsd;
+
+ for(String lookup = str;!".".equals(lookup) && lookup!=null;) {
+ Result<List<NsDAO.Data>> rld = nsDAO.read(trans, lookup);
+ if(rld.isOKhasData()) {
+ nsd=rld.value.get(0);
+ lookup = nsd.parent;
+ if(type.type == nsd.type) {
+ return Result.ok(nsd);
+ }
+ } else {
+ return Result.err(Status.ERR_NsNotFound,"There is no valid Company Namespace for %s",str);
+ }
+ }
+ return Result.err(Status.ERR_NotFound, str + " does not contain type " + type.name());
+ }
+
+ public Result<NsSplit> deriveNsSplit(AuthzTrans trans, String child) {
+ Result<NsDAO.Data> ndd = deriveNs(trans, child);
+ if (ndd.isOK()) {
+ NsSplit nss = new NsSplit(ndd.value, child);
+ if (nss.isOK()) {
+ return Result.ok(nss);
+ } else {
+ return Result.err(Status.ERR_NsNotFound,
+ "Cannot split [%s] into valid namespace elements",
+ child);
+ }
+ }
+ return Result.err(ndd);
+ }
+
+ /**
+ * Translate an ID into it's domain
+ *
+ * i.e. myid1234@aaf.att.com results in domain of com.att.aaf
+ *
+ * @param id
+ * @return
+ */
+ public static String domain2ns(String id) {
+ int at = id.indexOf('@');
+ if (at >= 0) {
+ String[] domain = id.substring(at + 1).split("\\.");
+ StringBuilder ns = new StringBuilder(id.length());
+ boolean first = true;
+ for (int i = domain.length - 1; i >= 0; --i) {
+ if (first) {
+ first = false;
+ } else {
+ ns.append('.');
+ }
+ ns.append(domain[i]);
+ }
+ return ns.toString();
+ } else {
+ return "";
+ }
+
+ }
+
+ /**
+ * Validate Namespace of ID@Domain
+ *
+ * Namespace is reverse order of Domain.
+ *
+ * @param trans
+ * @param id
+ * @return
+ */
+ public Result<NsDAO.Data> validNSOfDomain(AuthzTrans trans, String id) {
+ // Take domain, reverse order, and check on NS
+ String ns;
+ if(id.indexOf('@')<0) { // it's already an ns, not an ID
+ ns = id;
+ } else {
+ ns = domain2ns(id);
+ }
+ if (ns.length() > 0) {
+ if(!trans.org().getDomain().equals(ns)) {
+ Result<List<NsDAO.Data>> rlnsd = nsDAO.read(trans, ns);
+ if (rlnsd.isOKhasData()) {
+ return Result.ok(rlnsd.value.get(0));
+ }
+ }
+ }
+ return Result.err(Status.ERR_NsNotFound,
+ "A Namespace is not available for %s", id);
+ }
+
+ public Result<NsDAO.Data> mayUser(AuthzTrans trans, String user,NsDAO.Data ndd, Access access) {
+ // <ns>.access|:role:<role name>|<read|write>
+ String ns = ndd.name;
+ int last;
+ do {
+ if (isGranted(trans, user, ns, ACCESS, ":ns", access.name())) {
+ return Result.ok(ndd);
+ }
+ if ((last = ns.lastIndexOf('.')) >= 0) {
+ ns = ns.substring(0, last);
+ }
+ } while (last >= 0);
+ // com.att.aaf.ns|:<client ns>:ns|<access>
+ // AAF-724 - Make consistent response for May User", and not take the
+ // last check... too confusing.
+ Result<NsDAO.Data> rv = mayUserVirtueOfNS(trans, user, ndd, ":" + ndd.name + ":ns", access.name());
+ if (rv.isOK()) {
+ return rv;
+ } else if(rv.status==Result.ERR_Backend) {
+ return Result.err(rv);
+ } else {
+ return Result.err(Status.ERR_Denied, "[%s] may not %s in NS [%s]",
+ user, access.name(), ndd.name);
+ }
+ }
+
+ public Result<NsDAO.Data> mayUser(AuthzTrans trans, String user, RoleDAO.Data rdd, Access access) {
+ Result<NsDAO.Data> rnsd = deriveNs(trans, rdd.ns);
+ if (rnsd.isOK()) {
+ return mayUser(trans, user, rnsd.value, rdd, access);
+ }
+ return rnsd;
+ }
+
+ public Result<NsDAO.Data> mayUser(AuthzTrans trans, String user, NsDAO.Data ndd, RoleDAO.Data rdd, Access access) {
+ // 1) Is User in the Role?
+ Result<List<UserRoleDAO.Data>> rurd = userRoleDAO.readUserInRole(trans, user, rdd.fullName());
+ if (rurd.isOKhasData()) {
+ return Result.ok(ndd);
+ }
+
+ String roleInst = ":role:" + rdd.name;
+ // <ns>.access|:role:<role name>|<read|write>
+ String ns = rdd.ns;
+ int last;
+ do {
+ if (isGranted(trans, user, ns,ACCESS, roleInst, access.name())) {
+ return Result.ok(ndd);
+ }
+ if ((last = ns.lastIndexOf('.')) >= 0) {
+ ns = ns.substring(0, last);
+ }
+ } while (last >= 0);
+
+ // Check if Access by Global Role perm
+ // com.att.aaf.ns|:<client ns>:role:name|<access>
+ Result<NsDAO.Data> rnsd = mayUserVirtueOfNS(trans, user, ndd, ":"
+ + rdd.ns + roleInst, access.name());
+ if (rnsd.isOK()) {
+ return rnsd;
+ } else if(rnsd.status==Result.ERR_Backend) {
+ return Result.err(rnsd);
+ }
+
+ // Check if Access to Whole NS
+ // AAF-724 - Make consistent response for May User", and not take the
+ // last check... too confusing.
+ Result<org.onap.aaf.auth.dao.cass.NsDAO.Data> rv = mayUserVirtueOfNS(trans, user, ndd,
+ ":" + rdd.ns + ":ns", access.name());
+ if (rv.isOK()) {
+ return rv;
+ } else if(rnsd.status==Result.ERR_Backend) {
+ return Result.err(rnsd);
+ } else {
+ return Result.err(Status.ERR_Denied, "[%s] may not %s Role [%s]",
+ user, access.name(), rdd.fullName());
+ }
+
+ }
+
+ public Result<NsDAO.Data> mayUser(AuthzTrans trans, String user,PermDAO.Data pdd, Access access) {
+ Result<NsDAO.Data> rnsd = deriveNs(trans, pdd.ns);
+ if (rnsd.isOK()) {
+ return mayUser(trans, user, rnsd.value, pdd, access);
+ }
+ return rnsd;
+ }
+
+ public Result<NsDAO.Data> mayUser(AuthzTrans trans, String user,NsDAO.Data ndd, PermDAO.Data pdd, Access access) {
+ if (isGranted(trans, user, pdd.ns, pdd.type, pdd.instance, pdd.action)) {
+ return Result.ok(ndd);
+ }
+ String permInst = ":perm:" + pdd.type + ':' + pdd.instance + ':' + pdd.action;
+ // <ns>.access|:role:<role name>|<read|write>
+ String ns = ndd.name;
+ int last;
+ do {
+ if (isGranted(trans, user, ns, ACCESS, permInst, access.name())) {
+ return Result.ok(ndd);
+ }
+ if ((last = ns.lastIndexOf('.')) >= 0) {
+ ns = ns.substring(0, last);
+ }
+ } while (last >= 0);
+
+ // Check if Access by NS perm
+ // com.att.aaf.ns|:<client ns>:role:name|<access>
+ Result<NsDAO.Data> rnsd = mayUserVirtueOfNS(trans, user, ndd, ":" + pdd.ns + permInst, access.name());
+ if (rnsd.isOK()) {
+ return rnsd;
+ } else if(rnsd.status==Result.ERR_Backend) {
+ return Result.err(rnsd);
+ }
+
+ // Check if Access to Whole NS
+ // AAF-724 - Make consistent response for May User", and not take the
+ // last check... too confusing.
+ Result<NsDAO.Data> rv = mayUserVirtueOfNS(trans, user, ndd, ":" + pdd.ns + ":ns", access.name());
+ if (rv.isOK()) {
+ return rv;
+ } else {
+ return Result.err(Status.ERR_Denied,
+ "[%s] may not %s Perm [%s|%s|%s]", user, access.name(),
+ pdd.fullType(), pdd.instance, pdd.action);
+ }
+
+ }
+
+ public Result<Void> mayUser(AuthzTrans trans, DelegateDAO.Data dd, Access access) {
+ try {
+ Result<NsDAO.Data> rnsd = deriveNs(trans, domain2ns(trans.user()));
+ if(rnsd.isOKhasData() && mayUserVirtueOfNS(trans,trans.user(),rnsd.value, ":" + rnsd.value.name + ":ns", access.name()).isOK()) {
+ return Result.ok();
+ }
+ boolean isUser = trans.user().equals(dd.user);
+ boolean isDelegate = dd.delegate != null
+ && (dd.user.equals(dd.delegate) || trans.user().equals(
+ dd.delegate));
+ Organization org = trans.org();
+ switch (access) {
+ case create:
+ if (org.getIdentity(trans, dd.user) == null) {
+ return Result.err(Status.ERR_UserNotFound,
+ "[%s] is not a user in the company database.",
+ dd.user);
+ }
+ if (!dd.user.equals(dd.delegate) && org.getIdentity(trans, dd.delegate) == null) {
+ return Result.err(Status.ERR_UserNotFound,
+ "[%s] is not a user in the company database.",
+ dd.delegate);
+ }
+ if (!trans.requested(REQD_TYPE.force) && dd.user != null && dd.user.equals(dd.delegate)) {
+ return Result.err(Status.ERR_BadData,
+ "[%s] cannot be a delegate for self", dd.user);
+ }
+ if (!isUser && !isGranted(trans, trans.user(), ROOT_NS,DELG,
+ org.getDomain(), Question.CREATE)) {
+ return Result.err(Status.ERR_Denied,
+ "[%s] may not create a delegate for [%s]",
+ trans.user(), dd.user);
+ }
+ break;
+ case read:
+ case write:
+ if (!isUser && !isDelegate &&
+ !isGranted(trans, trans.user(), ROOT_NS,DELG,org.getDomain(), access.name())) {
+ return Result.err(Status.ERR_Denied,
+ "[%s] may not %s delegates for [%s]", trans.user(),
+ access.name(), dd.user);
+ }
+ break;
+ default:
+ return Result.err(Status.ERR_BadData,"Unknown Access type [%s]", access.name());
+ }
+ } catch (Exception e) {
+ return Result.err(e);
+ }
+ return Result.ok();
+ }
+
+ /*
+ * Check (recursively, if necessary), if able to do something based on NS
+ */
+ private Result<NsDAO.Data> mayUserVirtueOfNS(AuthzTrans trans, String user, NsDAO.Data nsd, String ns_and_type, String access) {
+ String ns = nsd.name;
+
+ // If an ADMIN of the Namespace, then allow
+
+ Result<List<UserRoleDAO.Data>> rurd;
+ if ((rurd = userRoleDAO.readUserInRole(trans, user, ns+DOT_ADMIN)).isOKhasData()) {
+ return Result.ok(nsd);
+ } else if(rurd.status==Result.ERR_Backend) {
+ return Result.err(rurd);
+ }
+
+ // If Specially granted Global Permission
+ if (isGranted(trans, user, ROOT_NS,NS, ns_and_type, access)) {
+ return Result.ok(nsd);
+ }
+
+ // Check recur
+
+ int dot = ns.length();
+ if ((dot = ns.lastIndexOf('.', dot - 1)) >= 0) {
+ Result<NsDAO.Data> rnsd = deriveNs(trans, ns.substring(0, dot));
+ if (rnsd.isOK()) {
+ rnsd = mayUserVirtueOfNS(trans, user, rnsd.value, ns_and_type,access);
+ } else if(rnsd.status==Result.ERR_Backend) {
+ return Result.err(rnsd);
+ }
+ if (rnsd.isOK()) {
+ return Result.ok(nsd);
+ } else if(rnsd.status==Result.ERR_Backend) {
+ return Result.err(rnsd);
+ }
+ }
+ return Result.err(Status.ERR_Denied, "%s may not %s %s", user, access,
+ ns_and_type);
+ }
+
+
+ /**
+ * isGranted
+ *
+ * Important function - Check internal Permission Schemes for Permission to
+ * do things
+ *
+ * @param trans
+ * @param type
+ * @param instance
+ * @param action
+ * @return
+ */
+ public boolean isGranted(AuthzTrans trans, String user, String ns, String type,String instance, String action) {
+ Result<List<PermDAO.Data>> perms = getPermsByUser(trans, user, false);
+ if (perms.isOK()) {
+ for (PermDAO.Data pd : perms.value) {
+ if (ns.equals(pd.ns)) {
+ if (type.equals(pd.type)) {
+ if (PermEval.evalInstance(pd.instance, instance)) {
+ if(PermEval.evalAction(pd.action, action)) { // don't return action here, might miss other action
+ return true;
+ }
+ }
+ }
+ }
+ }
+ }
+ return false;
+ }
+
+ public Result<Date> doesUserCredMatch(AuthzTrans trans, String user, byte[] cred) throws DAOException {
+ Result<List<CredDAO.Data>> result;
+ TimeTaken tt = trans.start("Read DB Cred", Env.REMOTE);
+ try {
+ result = credDAO.readID(trans, user);
+ } finally {
+ tt.done();
+ }
+
+ Result<Date> rv = null;
+ if(result.isOK()) {
+ if (result.isEmpty()) {
+ rv = Result.err(Status.ERR_UserNotFound, user);
+ if (willSpecialLog(trans,user)) {
+ trans.audit().log("Special DEBUG:", user, " does not exist in DB");
+ }
+ } else {
+ Date now = new Date();//long now = System.currentTimeMillis();
+ // Bug noticed 6/22. Sorting on the result can cause Concurrency Issues.
+ List<CredDAO.Data> cddl;
+ if(result.value.size() > 1) {
+ cddl = new ArrayList<>(result.value.size());
+ for(CredDAO.Data old : result.value) {
+ if(old.type==CredDAO.BASIC_AUTH || old.type==CredDAO.BASIC_AUTH_SHA256) {
+ cddl.add(old);
+ }
+ }
+ if(cddl.size()>1) {
+ Collections.sort(cddl,new Comparator<CredDAO.Data>() {
+ @Override
+ public int compare(org.onap.aaf.auth.dao.cass.CredDAO.Data a,
+ org.onap.aaf.auth.dao.cass.CredDAO.Data b) {
+ return b.expires.compareTo(a.expires);
+ }
+ });
+ }
+ } else {
+ cddl = result.value;
+ }
+
+ Date expired = null;
+ StringBuilder debug = willSpecialLog(trans,user)?new StringBuilder():null;
+ for (CredDAO.Data cdd : cddl) {
+ if(!cdd.id.equals(user)) {
+ trans.error().log("doesUserCredMatch DB call does not match for user: " + user);
+ }
+ if (cdd.expires.after(now)) {
+ byte[] dbcred = cdd.cred.array();
+
+ try {
+ switch(cdd.type) {
+ case CredDAO.BASIC_AUTH:
+ byte[] md5=Hash.hashMD5(cred);
+ if(Hash.compareTo(md5,dbcred)==0) {
+ checkLessThanDays(trans,7,now,cdd);
+ return Result.ok(cdd.expires);
+ } else if (debug!=null) {
+ load(debug, cdd);
+ }
+ break;
+ case CredDAO.BASIC_AUTH_SHA256:
+ ByteBuffer bb = ByteBuffer.allocate(Integer.SIZE + cred.length);
+ bb.putInt(cdd.other);
+ bb.put(cred);
+ byte[] hash = Hash.hashSHA256(bb.array());
+
+ if(Hash.compareTo(hash,dbcred)==0) {
+ checkLessThanDays(trans,7,now,cdd);
+ return Result.ok(cdd.expires);
+ } else if (debug!=null) {
+ load(debug, cdd);
+ }
+ break;
+ default:
+ trans.error().log("Unknown Credential Type %s for %s, %s",Integer.toString(cdd.type),cdd.id, Chrono.dateTime(cdd.expires));
+ }
+ } catch (NoSuchAlgorithmException e) {
+ trans.error().log(e);
+ }
+ } else {
+ if(expired==null || expired.before(cdd.expires)) {
+ expired = cdd.expires;
+ }
+ }
+ } // end for each
+ if(debug==null) {
+ trans.audit().printf("No cred matches ip=%s, user=%s\n",trans.ip(),user);
+ } else {
+ trans.audit().printf("No cred matches ip=%s, user=%s %s\n",trans.ip(),user,debug.toString());
+ }
+ if(expired!=null) {
+ // Note: this is only returned if there are no good Credentials
+ rv = Result.err(Status.ERR_Security,
+ "Credentials %s from %s expired %s",trans.user(), trans.ip(), Chrono.dateTime(expired));
+ }
+ }
+ } else {
+ return Result.err(result);
+ }
+ return rv == null ? Result.create((Date) null, Status.ERR_Security, "Wrong credential") : rv;
+ }
+
+
+ private void load(StringBuilder debug, Data cdd) {
+ debug.append("DB Entry: user=");
+ debug.append(cdd.id);
+ debug.append(",type=");
+ debug.append(cdd.type);
+ debug.append(",expires=");
+ debug.append(Chrono.dateTime(cdd.expires));
+ debug.append('\n');
+ }
+
+
+ private void checkLessThanDays(AuthzTrans trans, int days, Date now, Data cdd) {
+ long close = now.getTime() + (days * 86400000);
+ long cexp=cdd.expires.getTime();
+ if(cexp<close) {
+ int daysLeft = days-(int)((close-cexp)/86400000);
+ trans.audit().printf("user=%s,ip=%s,expires=%s,days=%d,msg=\"Password expires in less than %d day%s\"",
+ cdd.id,trans.ip(),Chrono.dateOnlyStamp(cdd.expires),daysLeft, daysLeft,daysLeft==1?"":"s");
+ }
+ }
+
+
+ public Result<CredDAO.Data> userCredSetup(AuthzTrans trans, CredDAO.Data cred) {
+ if(cred.type==CredDAO.RAW) {
+ TimeTaken tt = trans.start("Hash Cred", Env.SUB);
+ try {
+ cred.type = CredDAO.BASIC_AUTH_SHA256;
+ cred.other = random.nextInt();
+ ByteBuffer bb = ByteBuffer.allocate(Integer.SIZE + cred.cred.capacity());
+ bb.putInt(cred.other);
+ bb.put(cred.cred);
+ byte[] hash = Hash.hashSHA256(bb.array());
+ cred.cred = ByteBuffer.wrap(hash);
+ return Result.ok(cred);
+ } catch (NoSuchAlgorithmException e) {
+ return Result.err(Status.ERR_General,e.getLocalizedMessage());
+ } finally {
+ tt.done();
+ }
+
+ }
+ return Result.err(Status.ERR_Security,"invalid/unreadable credential");
+ }
+
+ public Result<Boolean> userCredCheck(AuthzTrans trans, CredDAO.Data orig, final byte[] raw) {
+ TimeTaken tt = trans.start("CheckCred Cred", Env.SUB);
+ try {
+ switch(orig.type) {
+ case CredDAO.BASIC_AUTH_SHA256:
+ ByteBuffer bb = ByteBuffer.allocate(Integer.SIZE + raw.length);
+ bb.putInt(orig.other);
+ bb.put(raw);
+ return Result.ok(Hash.compareTo(orig.cred.array(),Hash.hashSHA256(bb.array()))==0);
+ case CredDAO.BASIC_AUTH:
+ return Result.ok( Hash.compareTo(orig.cred.array(), Hash.hashMD5(raw))==0);
+ default:
+ return Result.ok(false);
+ }
+ } catch (NoSuchAlgorithmException e) {
+ return Result.err(Status.ERR_General,e.getLocalizedMessage());
+ } finally {
+ tt.done();
+ }
+ }
+
+ public static final String APPROVED = "APPROVE";
+ public static final String REJECT = "REJECT";
+ public static final String PENDING = "PENDING";
+
+ public Result<Void> canAddUser(AuthzTrans trans, UserRoleDAO.Data data,
+ List<ApprovalDAO.Data> approvals) {
+ // get the approval policy for the organization
+
+ // get the list of approvals with an accept status
+
+ // validate the approvals against the policy
+
+ // for now check if all approvals are received and return
+ // SUCCESS/FAILURE/SKIP
+ boolean bReject = false;
+ boolean bPending = false;
+
+ for (ApprovalDAO.Data approval : approvals) {
+ if (approval.status.equals(REJECT)) {
+ bReject = true;
+ } else if (approval.status.equals(PENDING)) {
+ bPending = true;
+ }
+ }
+ if (bReject) {
+ return Result.err(Status.ERR_Policy,
+ "Approval Polocy not conformed");
+ }
+ if (bPending) {
+ return Result.err(Status.ERR_ActionNotCompleted,
+ "Required Approvals not received");
+ }
+
+ return Result.ok();
+ }
+
+ private static final String NO_CACHE_NAME = "No Cache Data named %s";
+
+ public Result<Void> clearCache(AuthzTrans trans, String cname) {
+ boolean all = "all".equals(cname);
+ Result<Void> rv = null;
+
+ if (all || NsDAO.TABLE.equals(cname)) {
+ int seg[] = series(NsDAO.CACHE_SEG);
+ for(int i: seg) {cacheClear(trans, NsDAO.TABLE,i);}
+ rv = cacheInfoDAO.touch(trans, NsDAO.TABLE, seg);
+ }
+ if (all || PermDAO.TABLE.equals(cname)) {
+ int seg[] = series(NsDAO.CACHE_SEG);
+ for(int i: seg) {cacheClear(trans, PermDAO.TABLE,i);}
+ rv = cacheInfoDAO.touch(trans, PermDAO.TABLE,seg);
+ }
+ if (all || RoleDAO.TABLE.equals(cname)) {
+ int seg[] = series(NsDAO.CACHE_SEG);
+ for(int i: seg) {cacheClear(trans, RoleDAO.TABLE,i);}
+ rv = cacheInfoDAO.touch(trans, RoleDAO.TABLE,seg);
+ }
+ if (all || UserRoleDAO.TABLE.equals(cname)) {
+ int seg[] = series(NsDAO.CACHE_SEG);
+ for(int i: seg) {cacheClear(trans, UserRoleDAO.TABLE,i);}
+ rv = cacheInfoDAO.touch(trans, UserRoleDAO.TABLE,seg);
+ }
+ if (all || CredDAO.TABLE.equals(cname)) {
+ int seg[] = series(NsDAO.CACHE_SEG);
+ for(int i: seg) {cacheClear(trans, CredDAO.TABLE,i);}
+ rv = cacheInfoDAO.touch(trans, CredDAO.TABLE,seg);
+ }
+ if (all || CertDAO.TABLE.equals(cname)) {
+ int seg[] = series(NsDAO.CACHE_SEG);
+ for(int i: seg) {cacheClear(trans, CertDAO.TABLE,i);}
+ rv = cacheInfoDAO.touch(trans, CertDAO.TABLE,seg);
+ }
+
+ if (rv == null) {
+ rv = Result.err(Status.ERR_BadData, NO_CACHE_NAME, cname);
+ }
+ return rv;
+ }
+
+ public Result<Void> cacheClear(AuthzTrans trans, String cname,Integer segment) {
+ Result<Void> rv;
+ if (NsDAO.TABLE.equals(cname)) {
+ rv = nsDAO.invalidate(segment);
+ } else if (PermDAO.TABLE.equals(cname)) {
+ rv = permDAO.invalidate(segment);
+ } else if (RoleDAO.TABLE.equals(cname)) {
+ rv = roleDAO.invalidate(segment);
+ } else if (UserRoleDAO.TABLE.equals(cname)) {
+ rv = userRoleDAO.invalidate(segment);
+ } else if (CredDAO.TABLE.equals(cname)) {
+ rv = credDAO.invalidate(segment);
+ } else if (CertDAO.TABLE.equals(cname)) {
+ rv = certDAO.invalidate(segment);
+ } else {
+ rv = Result.err(Status.ERR_BadData, NO_CACHE_NAME, cname);
+ }
+ return rv;
+ }
+
+ private int[] series(int max) {
+ int[] series = new int[max];
+ for (int i = 0; i < max; ++i)
+ series[i] = i;
+ return series;
+ }
+
+ public boolean isDelegated(AuthzTrans trans, String user, String approver, Map<String,Result<List<DelegateDAO.Data>>> rldd ) {
+ Result<List<DelegateDAO.Data>> userDelegatedFor = rldd.get(user);
+ if(userDelegatedFor==null) {
+ userDelegatedFor=delegateDAO.readByDelegate(trans, user);
+ rldd.put(user, userDelegatedFor);
+ }
+ if(userDelegatedFor.isOKhasData()) {
+ for (DelegateDAO.Data curr : userDelegatedFor.value) {
+ if (curr.user.equals(approver) && curr.delegate.equals(user)
+ && curr.expires.after(new Date())) {
+ return true;
+ }
+ }
+ }
+ return false;
+ }
+
+ public static boolean willSpecialLog(AuthzTrans trans, String user) {
+ Boolean b = trans.get(specialLogSlot, null);
+ if(b==null) { // we haven't evaluated in this trans for Special Log yet
+ if(specialLog==null) {
+ return false;
+ } else {
+ b = specialLog.contains(user);
+ trans.put(specialLogSlot, b);
+ }
+ }
+ return b;
+ }
+
+ public static void logEncryptTrace(AuthzTrans trans, String data) {
+ long ti;
+ trans.put(transIDSlot, ti=nextTraceID());
+ trans.trace().log("id="+Long.toHexString(ti)+",data=\""+trans.env().encryptor().encrypt(data)+'"');
+ }
+
+ private synchronized static long nextTraceID() {
+ return ++traceID;
+ }
+
+ public static synchronized boolean specialLogOn(AuthzTrans trans, String id) {
+ if (specialLog == null) {
+ specialLog = new HashSet<>();
+ }
+ boolean rc = specialLog.add(id);
+ if(rc) {
+ trans.trace().printf("Trace on for %s requested by %s",id,trans.user());
+ }
+ return rc;
+ }
+
+ public static synchronized boolean specialLogOff(AuthzTrans trans, String id) {
+ if(specialLog==null) {
+ return false;
+ }
+ boolean rv = specialLog.remove(id);
+ if (specialLog.isEmpty()) {
+ specialLog = null;
+ }
+ if(rv) {
+ trans.trace().printf("Trace off for %s requested by %s",id,trans.user());
+ }
+ return rv;
+ }
+
+ /**
+ * canMove
+ * Which Types can be moved
+ * @param nsType
+ * @return
+ */
+ public boolean canMove(NsType nsType) {
+ boolean rv;
+ switch(nsType) {
+ case DOT:
+ case ROOT:
+ case COMPANY:
+ case UNKNOWN:
+ rv = false;
+ break;
+ default:
+ rv = true;
+ }
+ return rv;
+ }
+
+ public boolean isAdmin(AuthzTrans trans, String user, String ns) {
+ Date now = new Date();
+ Result<List<UserRoleDAO.Data>> rur = userRoleDAO.read(trans, user,ns+DOT_ADMIN);
+ if(rur.isOKhasData()) {for(UserRoleDAO.Data urdd : rur.value){
+ if(urdd.expires.after(now)) {
+ return true;
+ }
+ }};
+ return false;
+ }
+
+ public boolean isOwner(AuthzTrans trans, String user, String ns) {
+ Result<List<UserRoleDAO.Data>> rur = userRoleDAO.read(trans, user,ns+DOT_OWNER);
+ Date now = new Date();
+ if(rur.isOKhasData()) {for(UserRoleDAO.Data urdd : rur.value){
+ if(urdd.expires.after(now)) {
+ return true;
+ }
+ }};
+ return false;
+ }
+
+ public int countOwner(AuthzTrans trans, String ns) {
+ Result<List<UserRoleDAO.Data>> rur = userRoleDAO.readByRole(trans,ns+DOT_OWNER);
+ Date now = new Date();
+ int count = 0;
+ if(rur.isOKhasData()) {for(UserRoleDAO.Data urdd : rur.value){
+ if(urdd.expires.after(now)) {
+ ++count;
+ }
+ }};
+ return count;
+ }
+
+ /**
+ * Return a Unique String, (same string, if it is already unique), with only
+ * lowercase letters, digits and the '.' character.
+ *
+ * @param name
+ * @return
+ * @throws IOException
+ */
+ public static String toUnique(String name) throws IOException {
+ byte[] from = name.getBytes();
+ StringBuilder sb = new StringBuilder();
+ byte f;
+ for(int i=0;i<from.length;++i) {
+ f=(byte)(from[i]); // printables;
+ sb.append((char)((f>>4)+0x61));
+ sb.append((char)((f&0x0F)+0x61));
+ }
+ return sb.toString();
+ }
+
+ public static String fromUnique(String name) throws IOException {
+ byte[] from = name.getBytes();
+ StringBuilder sb = new StringBuilder();
+ char c;
+ for(int i=0;i<from.length;++i) {
+ c = (char)((from[i]-0x61)<<4);
+ c |= (from[++i]-0x61);
+ sb.append(c);
+ }
+ return sb.toString();
+ }
}
diff --git a/auth/auth-cass/src/main/java/org/onap/aaf/auth/direct/DirectAAFLocator.java b/auth/auth-cass/src/main/java/org/onap/aaf/auth/direct/DirectAAFLocator.java
index 586ae4df..1fb050b8 100644
--- a/auth/auth-cass/src/main/java/org/onap/aaf/auth/direct/DirectAAFLocator.java
+++ b/auth/auth-cass/src/main/java/org/onap/aaf/auth/direct/DirectAAFLocator.java
@@ -41,92 +41,92 @@ import org.onap.aaf.misc.env.util.Split;
import locate.v1_0.Endpoint;
public class DirectAAFLocator extends AbsAAFLocator<AuthzTrans> {
- private LocateDAO ldao;
- private int major=-1, minor=-1, patch=-1, pkg=-1;
- private AuthzEnv env;
- private final URI uri;
+ private LocateDAO ldao;
+ private int major=-1, minor=-1, patch=-1, pkg=-1;
+ private AuthzEnv env;
+ private final URI uri;
- /**
- *
- * @param env
- * @param ldao
- * @param key must be one or more of service, version, other in that order
- * @throws LocatorException
- */
- public DirectAAFLocator(AuthzEnv env, LocateDAO ldao, String name, String version) throws LocatorException {
- super(env.access(), name, 1000L /* Don't hit DB more than once a second */);
- this.env = env;
- this.ldao = ldao;
- if(version!=null) {
- try {
- String[] v = Split.split('.',version);
- if(v.length>0) {major = Integer.parseInt(v[0]);}
- if(v.length>1) {minor = Integer.parseInt(v[1]);}
- if(v.length>2) {patch = Integer.parseInt(v[2]);}
- if(v.length>3) {pkg = Integer.parseInt(v[3]);}
- } catch (NumberFormatException e) {
- throw new LocatorException("Invalid Version String: " + version);
- }
- }
-
- try {
- uri = new URI(access.getProperty(Config.AAF_LOCATE_URL, "localhost")+"/locate/"+name+':'+version);
- } catch (URISyntaxException e) {
- throw new LocatorException(e);
- }
- myhostname=null;
- myport = 0;
- }
-
-
- @Override
- public boolean refresh() {
- AuthzTrans trans = env.newTransNoAvg();
- Result<List<Data>> rl = ldao.readByName(trans, name);
- if(rl.isOK()) {
- LinkedList<EP> epl = new LinkedList<>();
- for(Data d : rl.value) {
-// if(myhostname!=null && d.port==myport && d.hostname.equals(myhostname)) {
-// continue;
-// }
- if((major<0 || major==d.major) &&
- (minor<0 || minor<=d.minor) &&
- (patch<0 || patch==d.patch) &&
- (pkg<0 || pkg ==d.pkg)) {
- Endpoint endpoint = new Endpoint();
- endpoint.setName(d.name);
- endpoint.setHostname(d.hostname);
- endpoint.setPort(d.port);
- endpoint.setMajor(d.major);
- endpoint.setMinor(d.minor);
- endpoint.setPatch(d.patch);
- endpoint.setPkg(d.pkg);
- endpoint.setLatitude(d.latitude);
- endpoint.setLongitude(d.longitude);
- endpoint.setProtocol(d.protocol);
- for(String s : d.subprotocol(false)) {
- endpoint.getSubprotocol().add(s);
- }
-
- try {
- epl.add(new EP(endpoint,latitude,longitude));
- } catch (URISyntaxException e) {
- e.printStackTrace();
- }
- }
- }
- Collections.sort(epl);
- replace(epl);
- return true;
- } else {
- access.log(Level.ERROR, rl.errorString());
- }
- return false;
- }
+ /**
+ *
+ * @param env
+ * @param ldao
+ * @param key must be one or more of service, version, other in that order
+ * @throws LocatorException
+ */
+ public DirectAAFLocator(AuthzEnv env, LocateDAO ldao, String name, String version) throws LocatorException {
+ super(env.access(), name, 1000L /* Don't hit DB more than once a second */);
+ this.env = env;
+ this.ldao = ldao;
+ if(version!=null) {
+ try {
+ String[] v = Split.split('.',version);
+ if(v.length>0) {major = Integer.parseInt(v[0]);}
+ if(v.length>1) {minor = Integer.parseInt(v[1]);}
+ if(v.length>2) {patch = Integer.parseInt(v[2]);}
+ if(v.length>3) {pkg = Integer.parseInt(v[3]);}
+ } catch (NumberFormatException e) {
+ throw new LocatorException("Invalid Version String: " + version);
+ }
+ }
+
+ try {
+ uri = new URI(access.getProperty(Config.AAF_LOCATE_URL, "localhost")+"/locate/"+name+':'+version);
+ } catch (URISyntaxException e) {
+ throw new LocatorException(e);
+ }
+ myhostname=null;
+ myport = 0;
+ }
+
+
+ @Override
+ public boolean refresh() {
+ AuthzTrans trans = env.newTransNoAvg();
+ Result<List<Data>> rl = ldao.readByName(trans, name);
+ if(rl.isOK()) {
+ LinkedList<EP> epl = new LinkedList<>();
+ for(Data d : rl.value) {
+// if(myhostname!=null && d.port==myport && d.hostname.equals(myhostname)) {
+// continue;
+// }
+ if((major<0 || major==d.major) &&
+ (minor<0 || minor<=d.minor) &&
+ (patch<0 || patch==d.patch) &&
+ (pkg<0 || pkg ==d.pkg)) {
+ Endpoint endpoint = new Endpoint();
+ endpoint.setName(d.name);
+ endpoint.setHostname(d.hostname);
+ endpoint.setPort(d.port);
+ endpoint.setMajor(d.major);
+ endpoint.setMinor(d.minor);
+ endpoint.setPatch(d.patch);
+ endpoint.setPkg(d.pkg);
+ endpoint.setLatitude(d.latitude);
+ endpoint.setLongitude(d.longitude);
+ endpoint.setProtocol(d.protocol);
+ for(String s : d.subprotocol(false)) {
+ endpoint.getSubprotocol().add(s);
+ }
+
+ try {
+ epl.add(new EP(endpoint,latitude,longitude));
+ } catch (URISyntaxException e) {
+ e.printStackTrace();
+ }
+ }
+ }
+ Collections.sort(epl);
+ replace(epl);
+ return true;
+ } else {
+ access.log(Level.ERROR, rl.errorString());
+ }
+ return false;
+ }
- @Override
- protected URI getURI() {
- return uri;
- }
+ @Override
+ protected URI getURI() {
+ return uri;
+ }
}
diff --git a/auth/auth-cass/src/main/java/org/onap/aaf/auth/direct/DirectAAFLur.java b/auth/auth-cass/src/main/java/org/onap/aaf/auth/direct/DirectAAFLur.java
index eb44e143..75f6c7a5 100644
--- a/auth/auth-cass/src/main/java/org/onap/aaf/auth/direct/DirectAAFLur.java
+++ b/auth/auth-cass/src/main/java/org/onap/aaf/auth/direct/DirectAAFLur.java
@@ -42,158 +42,158 @@ import org.onap.aaf.cadi.lur.LocalPermission;
import org.onap.aaf.misc.env.util.Split;
public class DirectAAFLur implements Lur {
- private final AuthzEnv env;
- private final Question question;
-
- public DirectAAFLur(AuthzEnv env, Question question/*, TokenMgr tm*/) {
- this.env = env;
- this.question = question;
-// oauth = new OAuth2Lur(null);
- }
+ private final AuthzEnv env;
+ private final Question question;
+
+ public DirectAAFLur(AuthzEnv env, Question question/*, TokenMgr tm*/) {
+ this.env = env;
+ this.question = question;
+// oauth = new OAuth2Lur(null);
+ }
- @Override
- public boolean fish(Principal bait, Permission ... pond) {
- return fish(env.newTransNoAvg(),bait,pond);
- }
-
- public boolean fish(AuthzTrans trans, Principal bait, Permission ... pond) {
- boolean rv = false;
- Result<List<Data>> pdr = question.getPermsByUser(trans, bait.getName(),false);
- switch(pdr.status) {
- case OK:
- for(PermDAO.Data d : pdr.value) {
- if(!rv) {
- for (Permission p : pond) {
- if(new PermPermission(d).match(p)) {
- rv=true;
- break;
- }
- }
- }
- }
- break;
- case Status.ERR_UserRoleNotFound:
- case Status.ERR_BadData:
- return false;
- default:
- trans.error().log("Can't access Cassandra to fulfill Permission Query: ",pdr.status,"-",pdr.details);
- }
- return rv;
- }
+ @Override
+ public boolean fish(Principal bait, Permission ... pond) {
+ return fish(env.newTransNoAvg(),bait,pond);
+ }
+
+ public boolean fish(AuthzTrans trans, Principal bait, Permission ... pond) {
+ boolean rv = false;
+ Result<List<Data>> pdr = question.getPermsByUser(trans, bait.getName(),false);
+ switch(pdr.status) {
+ case OK:
+ for(PermDAO.Data d : pdr.value) {
+ if(!rv) {
+ for (Permission p : pond) {
+ if(new PermPermission(d).match(p)) {
+ rv=true;
+ break;
+ }
+ }
+ }
+ }
+ break;
+ case Status.ERR_UserRoleNotFound:
+ case Status.ERR_BadData:
+ return false;
+ default:
+ trans.error().log("Can't access Cassandra to fulfill Permission Query: ",pdr.status,"-",pdr.details);
+ }
+ return rv;
+ }
- @Override
- public void fishAll(Principal bait, List<Permission> permissions) {
- Result<List<Data>> pdr = question.getPermsByUser(env.newTrans(), bait.getName(),false);
- switch(pdr.status) {
- case OK:
- for(PermDAO.Data d : pdr.value) {
- permissions.add(new PermPermission(d));
- }
- break;
- default:
- env.error().log("Can't access Cassandra to fulfill Permission Query: ",pdr.status,"-", pdr.details);
- }
- }
-
- @Override
- public void destroy() {
- }
+ @Override
+ public void fishAll(Principal bait, List<Permission> permissions) {
+ Result<List<Data>> pdr = question.getPermsByUser(env.newTrans(), bait.getName(),false);
+ switch(pdr.status) {
+ case OK:
+ for(PermDAO.Data d : pdr.value) {
+ permissions.add(new PermPermission(d));
+ }
+ break;
+ default:
+ env.error().log("Can't access Cassandra to fulfill Permission Query: ",pdr.status,"-", pdr.details);
+ }
+ }
+
+ @Override
+ public void destroy() {
+ }
- @Override
- public boolean handlesExclusively(Permission ... pond) {
- return false;
- }
-
- /**
- * Small Class implementing CADI's Permission with Cassandra Data
- * @author Jonathan
- *
- */
- public static class PermPermission implements Permission {
- private PermDAO.Data data;
-
- public PermPermission(PermDAO.Data d) {
- data = d;
- }
-
- public PermPermission(AuthzTrans trans, Question q, String p) {
- data = PermDAO.Data.create(trans, q, p);
- }
-
- public PermPermission(String ns, String type, String instance, String action) {
- data = new PermDAO.Data();
- data.ns = ns;
- data.type = type;
- data.instance = instance;
- data.action = action;
- }
+ @Override
+ public boolean handlesExclusively(Permission ... pond) {
+ return false;
+ }
+
+ /**
+ * Small Class implementing CADI's Permission with Cassandra Data
+ * @author Jonathan
+ *
+ */
+ public static class PermPermission implements Permission {
+ private PermDAO.Data data;
+
+ public PermPermission(PermDAO.Data d) {
+ data = d;
+ }
+
+ public PermPermission(AuthzTrans trans, Question q, String p) {
+ data = PermDAO.Data.create(trans, q, p);
+ }
+
+ public PermPermission(String ns, String type, String instance, String action) {
+ data = new PermDAO.Data();
+ data.ns = ns;
+ data.type = type;
+ data.instance = instance;
+ data.action = action;
+ }
- @Override
- public String getKey() {
- return data.type;
- }
+ @Override
+ public String getKey() {
+ return data.type;
+ }
- @Override
- public boolean match(Permission p) {
- if(p==null) {
- return false;
- }
- PermDAO.Data pd;
- if(p instanceof DirectAAFLur.PermPermission) {
- pd = ((DirectAAFLur.PermPermission)p).data;
- if(data.ns.equals(pd.ns))
- if(data.type.equals(pd.type))
- if(data.instance!=null && (data.instance.equals(pd.instance) || "*".equals(data.instance)))
- if(data.action!=null && (data.action.equals(pd.action) || "*".equals(data.action)))
- return true;
- } else{
- String[] lp = p.getKey().split("\\|");
- if(lp.length<3)return false;
- if(data.fullType().equals(lp[0]))
- if(data.instance!=null && (data.instance.equals(lp[1]) || "*".equals(data.instance)))
- if(data.action!=null && (data.action.equals(lp[2]) || "*".equals(data.action)))
- return true;
- }
- return false;
- }
+ @Override
+ public boolean match(Permission p) {
+ if(p==null) {
+ return false;
+ }
+ PermDAO.Data pd;
+ if(p instanceof DirectAAFLur.PermPermission) {
+ pd = ((DirectAAFLur.PermPermission)p).data;
+ if(data.ns.equals(pd.ns))
+ if(data.type.equals(pd.type))
+ if(data.instance!=null && (data.instance.equals(pd.instance) || "*".equals(data.instance)))
+ if(data.action!=null && (data.action.equals(pd.action) || "*".equals(data.action)))
+ return true;
+ } else{
+ String[] lp = p.getKey().split("\\|");
+ if(lp.length<3)return false;
+ if(data.fullType().equals(lp[0]))
+ if(data.instance!=null && (data.instance.equals(lp[1]) || "*".equals(data.instance)))
+ if(data.action!=null && (data.action.equals(lp[2]) || "*".equals(data.action)))
+ return true;
+ }
+ return false;
+ }
- @Override
- public String permType() {
- return "AAFLUR";
- }
-
- }
-
- public String toString() {
- return "DirectAAFLur is enabled";
-
- }
+ @Override
+ public String permType() {
+ return "AAFLUR";
+ }
+
+ }
+
+ public String toString() {
+ return "DirectAAFLur is enabled";
+
+ }
- /* (non-Javadoc)
- * @see org.onap.aaf.cadi.Lur#handles(java.security.Principal)
- */
- @Override
- public boolean handles(Principal principal) {
- return true;
- }
+ /* (non-Javadoc)
+ * @see org.onap.aaf.cadi.Lur#handles(java.security.Principal)
+ */
+ @Override
+ public boolean handles(Principal principal) {
+ return true;
+ }
- @Override
- public Permission createPerm(String p) {
- String[] params = Split.split('|', p);
- if(params.length==3) {
- Result<NsSplit> nss = question.deriveNsSplit(NullTrans.singleton(), params[0]);
- if(nss.isOK()) {
- return new PermPermission(nss.value.ns,nss.value.name,params[1],params[2]);
- }
- }
- return new LocalPermission(p);
- }
+ @Override
+ public Permission createPerm(String p) {
+ String[] params = Split.split('|', p);
+ if(params.length==3) {
+ Result<NsSplit> nss = question.deriveNsSplit(NullTrans.singleton(), params[0]);
+ if(nss.isOK()) {
+ return new PermPermission(nss.value.ns,nss.value.name,params[1],params[2]);
+ }
+ }
+ return new LocalPermission(p);
+ }
- @Override
- public void clear(Principal p, StringBuilder sb) {
- AuthzTrans trans = env.newTrans();
- question.clearCache(trans,"all");
- env.log(Level.AUDIT, p.getName(), "has cleared Cache for",getClass().getSimpleName());
- trans.auditTrail(0, sb);
- }
+ @Override
+ public void clear(Principal p, StringBuilder sb) {
+ AuthzTrans trans = env.newTrans();
+ question.clearCache(trans,"all");
+ env.log(Level.AUDIT, p.getName(), "has cleared Cache for",getClass().getSimpleName());
+ trans.auditTrail(0, sb);
+ }
}
diff --git a/auth/auth-cass/src/main/java/org/onap/aaf/auth/direct/DirectAAFUserPass.java b/auth/auth-cass/src/main/java/org/onap/aaf/auth/direct/DirectAAFUserPass.java
index f241cdf1..9d4cd05f 100644
--- a/auth/auth-cass/src/main/java/org/onap/aaf/auth/direct/DirectAAFUserPass.java
+++ b/auth/auth-cass/src/main/java/org/onap/aaf/auth/direct/DirectAAFUserPass.java
@@ -42,42 +42,42 @@ import org.onap.aaf.cadi.CredVal;
*
*/
public class DirectAAFUserPass implements CredVal {
- private final AuthzEnv env;
- private final Question question;
-
- public DirectAAFUserPass(AuthzEnv env, Question question) {
- this.env = env;
- this.question = question;
- }
+ private final AuthzEnv env;
+ private final Question question;
+
+ public DirectAAFUserPass(AuthzEnv env, Question question) {
+ this.env = env;
+ this.question = question;
+ }
- @Override
- public boolean validate(String user, Type type, byte[] pass, Object state) {
- try {
- AuthzTrans trans;
- if(state !=null) {
- if(state instanceof AuthzTrans) {
- trans = (AuthzTrans)state;
- } else {
- trans = env.newTransNoAvg();
- if(state instanceof HttpServletRequest) {
- trans.set((HttpServletRequest)state);
- }
- }
- } else {
- trans = env.newTransNoAvg();
- }
- Result<Date> result = question.doesUserCredMatch(trans, user, pass);
- trans.logAuditTrail(env.info());
- switch(result.status) {
- case OK:
- return true;
- default:
- String ip = trans.ip()==null?"":(", ip="+trans.ip());
- env.warn().log(user, "failed password validation" + ip + ':',result.errorString());
- }
- } catch (DAOException e) {
- env.error().log(e,"Cannot validate user/pass from cassandra");
- }
- return false;
- }
+ @Override
+ public boolean validate(String user, Type type, byte[] pass, Object state) {
+ try {
+ AuthzTrans trans;
+ if(state !=null) {
+ if(state instanceof AuthzTrans) {
+ trans = (AuthzTrans)state;
+ } else {
+ trans = env.newTransNoAvg();
+ if(state instanceof HttpServletRequest) {
+ trans.set((HttpServletRequest)state);
+ }
+ }
+ } else {
+ trans = env.newTransNoAvg();
+ }
+ Result<Date> result = question.doesUserCredMatch(trans, user, pass);
+ trans.logAuditTrail(env.info());
+ switch(result.status) {
+ case OK:
+ return true;
+ default:
+ String ip = trans.ip()==null?"":(", ip="+trans.ip());
+ env.warn().log(user, "failed password validation" + ip + ':',result.errorString());
+ }
+ } catch (DAOException e) {
+ env.error().log(e,"Cannot validate user/pass from cassandra");
+ }
+ return false;
+ }
}
diff --git a/auth/auth-cass/src/main/java/org/onap/aaf/auth/direct/DirectCertIdentity.java b/auth/auth-cass/src/main/java/org/onap/aaf/auth/direct/DirectCertIdentity.java
index 2c0c054b..6dd5e006 100644
--- a/auth/auth-cass/src/main/java/org/onap/aaf/auth/direct/DirectCertIdentity.java
+++ b/auth/auth-cass/src/main/java/org/onap/aaf/auth/direct/DirectCertIdentity.java
@@ -48,31 +48,31 @@ import org.onap.aaf.cadi.taf.cert.X509Taf;
*
*/
public class DirectCertIdentity implements CertIdentity {
- private static CachedCertDAO certDAO;
+ private static CachedCertDAO certDAO;
- @Override
- public TaggedPrincipal identity(HttpServletRequest req, X509Certificate cert, byte[] _certBytes) throws CertificateException {
- byte[] certBytes = _certBytes;
- if(cert==null && certBytes==null) {
- return null;
- }
- if(certBytes==null) {
- certBytes = cert.getEncoded();
- }
- byte[] fingerprint = X509Taf.getFingerPrint(certBytes);
+ @Override
+ public TaggedPrincipal identity(HttpServletRequest req, X509Certificate cert, byte[] _certBytes) throws CertificateException {
+ byte[] certBytes = _certBytes;
+ if(cert==null && certBytes==null) {
+ return null;
+ }
+ if(certBytes==null) {
+ certBytes = cert.getEncoded();
+ }
+ byte[] fingerprint = X509Taf.getFingerPrint(certBytes);
- AuthzTrans trans = (AuthzTrans) req.getAttribute(TransFilter.TRANS_TAG);
-
- Result<List<Data>> cresp = certDAO.read(trans, ByteBuffer.wrap(fingerprint));
- if(cresp.isOKhasData()) {
- Data cdata = cresp.value.get(0);
- return new X509Principal(cdata.id,cert,certBytes,null);
- }
- return null;
- }
+ AuthzTrans trans = (AuthzTrans) req.getAttribute(TransFilter.TRANS_TAG);
+
+ Result<List<Data>> cresp = certDAO.read(trans, ByteBuffer.wrap(fingerprint));
+ if(cresp.isOKhasData()) {
+ Data cdata = cresp.value.get(0);
+ return new X509Principal(cdata.id,cert,certBytes,null);
+ }
+ return null;
+ }
- public static void set(CachedCertDAO ccd) {
- certDAO = ccd;
- }
+ public static void set(CachedCertDAO ccd) {
+ certDAO = ccd;
+ }
}
diff --git a/auth/auth-cass/src/main/java/org/onap/aaf/auth/direct/DirectLocatorCreator.java b/auth/auth-cass/src/main/java/org/onap/aaf/auth/direct/DirectLocatorCreator.java
index 3dceb3bf..caededa2 100644
--- a/auth/auth-cass/src/main/java/org/onap/aaf/auth/direct/DirectLocatorCreator.java
+++ b/auth/auth-cass/src/main/java/org/onap/aaf/auth/direct/DirectLocatorCreator.java
@@ -27,33 +27,33 @@ import org.onap.aaf.cadi.LocatorException;
import org.onap.aaf.cadi.aaf.v2_0.AbsAAFLocator;
public class DirectLocatorCreator implements AbsAAFLocator.LocatorCreator {
- private final AuthzEnv env;
- private final LocateDAO locateDAO;
- private String myhostname;
- private int myport;
-
- public DirectLocatorCreator(AuthzEnv env, LocateDAO locateDAO) {
- this.env = env;
- this.locateDAO = locateDAO;
- }
-
- @Override
- public AbsAAFLocator<?> create(String key, String version) throws LocatorException {
- DirectAAFLocator dal = new DirectAAFLocator(env,locateDAO,key,version);
- if(myhostname!=null) {
- dal.setSelf(myhostname, myport);
- }
- return dal;
- }
-
- /**
- * Make sure DirectAAFLocator created does not include self.
- * @param hostname
- * @param port
- */
- public void setSelf(String hostname, int port) {
- myhostname = hostname;
- myport = port;
- }
+ private final AuthzEnv env;
+ private final LocateDAO locateDAO;
+ private String myhostname;
+ private int myport;
+
+ public DirectLocatorCreator(AuthzEnv env, LocateDAO locateDAO) {
+ this.env = env;
+ this.locateDAO = locateDAO;
+ }
+
+ @Override
+ public AbsAAFLocator<?> create(String key, String version) throws LocatorException {
+ DirectAAFLocator dal = new DirectAAFLocator(env,locateDAO,key,version);
+ if(myhostname!=null) {
+ dal.setSelf(myhostname, myport);
+ }
+ return dal;
+ }
+
+ /**
+ * Make sure DirectAAFLocator created does not include self.
+ * @param hostname
+ * @param port
+ */
+ public void setSelf(String hostname, int port) {
+ myhostname = hostname;
+ myport = port;
+ }
}
diff --git a/auth/auth-cass/src/main/java/org/onap/aaf/auth/direct/DirectRegistrar.java b/auth/auth-cass/src/main/java/org/onap/aaf/auth/direct/DirectRegistrar.java
index 1ddf022c..da7044cf 100644
--- a/auth/auth-cass/src/main/java/org/onap/aaf/auth/direct/DirectRegistrar.java
+++ b/auth/auth-cass/src/main/java/org/onap/aaf/auth/direct/DirectRegistrar.java
@@ -35,77 +35,77 @@ import org.onap.aaf.cadi.register.Registrant;
import org.onap.aaf.cadi.util.Split;
public class DirectRegistrar implements Registrant<AuthzEnv> {
- private Data locate;
- private LocateDAO ldao;
- public DirectRegistrar(Access access, LocateDAO ldao, String name, String version, int port) throws CadiException {
- this.ldao = ldao;
- locate = new LocateDAO.Data();
- locate.name = name;
- locate.port = port;
-
- try {
- String latitude = access.getProperty(Config.CADI_LATITUDE, null);
- if(latitude==null) {
- latitude = access.getProperty("AFT_LATITUDE", null);
- }
- String longitude = access.getProperty(Config.CADI_LONGITUDE, null);
- if(longitude==null) {
- longitude = access.getProperty("AFT_LONGITUDE", null);
- }
- if(latitude==null || longitude==null) {
- throw new CadiException(Config.CADI_LATITUDE + " and " + Config.CADI_LONGITUDE + " is required");
- } else {
- locate.latitude = Float.parseFloat(latitude);
- locate.longitude = Float.parseFloat(longitude);
- }
- String split[] = Split.splitTrim('.', version);
- locate.pkg = split.length>3?Integer.parseInt(split[3]):0;
- locate.patch = split.length>2?Integer.parseInt(split[2]):0;
- locate.minor = split.length>1?Integer.parseInt(split[1]):0;
- locate.major = split.length>0?Integer.parseInt(split[0]):0;
- locate.hostname = access.getProperty(Config.AAF_REGISTER_AS, null);
- if(locate.hostname==null) {
- locate.hostname = access.getProperty(Config.HOSTNAME, null);
- }
- if(locate.hostname==null) {
- locate.hostname = Inet4Address.getLocalHost().getHostName();
- }
- String subprotocols = access.getProperty(Config.CADI_PROTOCOLS, null);
- if(subprotocols==null) {
- locate.protocol="http";
- } else {
- locate.protocol="https";
- for(String s : Split.split(',', subprotocols)) {
- locate.subprotocol(true).add(s);
- }
- }
- } catch (NumberFormatException | UnknownHostException e) {
- throw new CadiException("Error extracting Data from Properties for Registrar",e);
- }
- }
-
- @Override
- public Result<Void> update(AuthzEnv env) {
- org.onap.aaf.auth.layer.Result<Void> dr = ldao.update(env.newTransNoAvg(), locate);
- if(dr.isOK()) {
- return Result.ok(200, null);
- } else {
- return Result.err(503, dr.errorString());
- }
- }
+ private Data locate;
+ private LocateDAO ldao;
+ public DirectRegistrar(Access access, LocateDAO ldao, String name, String version, int port) throws CadiException {
+ this.ldao = ldao;
+ locate = new LocateDAO.Data();
+ locate.name = name;
+ locate.port = port;
+
+ try {
+ String latitude = access.getProperty(Config.CADI_LATITUDE, null);
+ if(latitude==null) {
+ latitude = access.getProperty("AFT_LATITUDE", null);
+ }
+ String longitude = access.getProperty(Config.CADI_LONGITUDE, null);
+ if(longitude==null) {
+ longitude = access.getProperty("AFT_LONGITUDE", null);
+ }
+ if(latitude==null || longitude==null) {
+ throw new CadiException(Config.CADI_LATITUDE + " and " + Config.CADI_LONGITUDE + " is required");
+ } else {
+ locate.latitude = Float.parseFloat(latitude);
+ locate.longitude = Float.parseFloat(longitude);
+ }
+ String split[] = Split.splitTrim('.', version);
+ locate.pkg = split.length>3?Integer.parseInt(split[3]):0;
+ locate.patch = split.length>2?Integer.parseInt(split[2]):0;
+ locate.minor = split.length>1?Integer.parseInt(split[1]):0;
+ locate.major = split.length>0?Integer.parseInt(split[0]):0;
+ locate.hostname = access.getProperty(Config.AAF_REGISTER_AS, null);
+ if(locate.hostname==null) {
+ locate.hostname = access.getProperty(Config.HOSTNAME, null);
+ }
+ if(locate.hostname==null) {
+ locate.hostname = Inet4Address.getLocalHost().getHostName();
+ }
+ String subprotocols = access.getProperty(Config.CADI_PROTOCOLS, null);
+ if(subprotocols==null) {
+ locate.protocol="http";
+ } else {
+ locate.protocol="https";
+ for(String s : Split.split(',', subprotocols)) {
+ locate.subprotocol(true).add(s);
+ }
+ }
+ } catch (NumberFormatException | UnknownHostException e) {
+ throw new CadiException("Error extracting Data from Properties for Registrar",e);
+ }
+ }
+
+ @Override
+ public Result<Void> update(AuthzEnv env) {
+ org.onap.aaf.auth.layer.Result<Void> dr = ldao.update(env.newTransNoAvg(), locate);
+ if(dr.isOK()) {
+ return Result.ok(200, null);
+ } else {
+ return Result.err(503, dr.errorString());
+ }
+ }
- /* (non-Javadoc)
- * @see org.onap.aaf.auth.server.Registrant#cancel(org.onap.aaf.auth.env.test.AuthzEnv)
- */
- @Override
- public Result<Void> cancel(AuthzEnv env) {
- org.onap.aaf.auth.layer.Result<Void> dr = ldao.delete(env.newTransNoAvg(), locate, false);
- if(dr.isOK()) {
- return Result.ok(200, null);
- } else {
- return Result.err(503, dr.errorString());
- }
+ /* (non-Javadoc)
+ * @see org.onap.aaf.auth.server.Registrant#cancel(org.onap.aaf.auth.env.test.AuthzEnv)
+ */
+ @Override
+ public Result<Void> cancel(AuthzEnv env) {
+ org.onap.aaf.auth.layer.Result<Void> dr = ldao.delete(env.newTransNoAvg(), locate, false);
+ if(dr.isOK()) {
+ return Result.ok(200, null);
+ } else {
+ return Result.err(503, dr.errorString());
+ }
- }
+ }
}
diff --git a/auth/auth-cass/src/test/java/org/onap/aaf/auth/dao/JU_Cached.java b/auth/auth-cass/src/test/java/org/onap/aaf/auth/dao/JU_Cached.java
index 31a93723..47723e6b 100644
--- a/auth/auth-cass/src/test/java/org/onap/aaf/auth/dao/JU_Cached.java
+++ b/auth/auth-cass/src/test/java/org/onap/aaf/auth/dao/JU_Cached.java
@@ -50,91 +50,91 @@ import org.onap.aaf.misc.env.Trans;
// @RunWith(PowerMockRunner.class)
public class JU_Cached {
- @Mock
- CIDAO<Trans> ciDaoMock;
+ @Mock
+ CIDAO<Trans> ciDaoMock;
- @Mock
- AuthzEnv authzEnvMock;
+ @Mock
+ AuthzEnv authzEnvMock;
- @Mock
- CIDAO<AuthzTrans> cidaoATMock;
-
- String name = "nameString";
+ @Mock
+ CIDAO<AuthzTrans> cidaoATMock;
+
+ String name = "nameString";
- @Before
- public void setUp(){
- MockitoAnnotations.initMocks(this);
- }
-
- @Test
- public void testCachedIdx(){
- Cached<Trans, DataStub> cached = new Cached<Trans, DataStub>(ciDaoMock, name, 1, 30000L);
- assertThat(cached.cacheIdx("1234567890"), is(0));
- }
-
- @Test
- public void testInvalidate(){
- Cached<Trans, DataStub> cached = new Cached<Trans, DataStub>(ciDaoMock, name, 5, 30000L);
- cached.add("test", new ArrayList<>());
- cached.invalidate("test");
- cached.invalidate("test1");
- }
-
- @SuppressWarnings("static-access")
- @Test
- public void testStopTimer(){
- Cached<Trans, DataStub> cached = new Cached<Trans, DataStub>(ciDaoMock, name, 1, 30000L);
- cached.stopTimer();
- assertTrue(true);
- }
+ @Before
+ public void setUp(){
+ MockitoAnnotations.initMocks(this);
+ }
+
+ @Test
+ public void testCachedIdx(){
+ Cached<Trans, DataStub> cached = new Cached<Trans, DataStub>(ciDaoMock, name, 1, 30000L);
+ assertThat(cached.cacheIdx("1234567890"), is(0));
+ }
+
+ @Test
+ public void testInvalidate(){
+ Cached<Trans, DataStub> cached = new Cached<Trans, DataStub>(ciDaoMock, name, 5, 30000L);
+ cached.add("test", new ArrayList<>());
+ cached.invalidate("test");
+ cached.invalidate("test1");
+ }
+
+ @SuppressWarnings("static-access")
+ @Test
+ public void testStopTimer(){
+ Cached<Trans, DataStub> cached = new Cached<Trans, DataStub>(ciDaoMock, name, 1, 30000L);
+ cached.stopTimer();
+ assertTrue(true);
+ }
- @SuppressWarnings("static-access")
- @Test
- public void testStartRefresh(){
- Cached<Trans, DataStub> cached = new Cached<Trans, DataStub>(ciDaoMock, name, 1, 30000L);
- cached.startRefresh(authzEnvMock, cidaoATMock);
- assertTrue(true);
- }
-// @Mock
-// Trans transMock;
-// @Mock
-// Getter<DAO> getterMock;
-//
-// @Test
-// public void testGet(){
-// cached.get(transMock, name, getterMock);
-// fail("not implemented");
-// }
-//
-// @SuppressWarnings("unchecked")
-// public Result<List<DATA>> get(TRANS trans, String key, Getter<DATA> getter) {
-// List<DATA> ld = null;
-// Result<List<DATA>> rld = null;
-//
-// int cacheIdx = cacheIdx(key);
-// Map<String, Dated> map = ((Map<String,Dated>)cache[cacheIdx]);
-//
-// // Check for saved element in cache
-// Dated cached = map.get(key);
-// // Note: These Segment Timestamps are kept up to date with DB
-// Date dbStamp = info.get(trans, name,cacheIdx);
-//
-// // Check for cache Entry and whether it is still good (a good Cache Entry is same or after DBEntry, so we use "before" syntax)
-// if(cached!=null && dbStamp.before(cached.timestamp)) {
-// ld = (List<DATA>)cached.data;
-// rld = Result.ok(ld);
-// } else {
-// rld = getter.get();
-// if(rld.isOK()) { // only store valid lists
-// map.put(key, new Dated(rld.value)); // successful item found gets put in cache
-//// } else if(rld.status == Result.ERR_Backend){
-//// map.remove(key);
-// }
-// }
-// return rld;
-// }
+ @SuppressWarnings("static-access")
+ @Test
+ public void testStartRefresh(){
+ Cached<Trans, DataStub> cached = new Cached<Trans, DataStub>(ciDaoMock, name, 1, 30000L);
+ cached.startRefresh(authzEnvMock, cidaoATMock);
+ assertTrue(true);
+ }
+// @Mock
+// Trans transMock;
+// @Mock
+// Getter<DAO> getterMock;
+//
+// @Test
+// public void testGet(){
+// cached.get(transMock, name, getterMock);
+// fail("not implemented");
+// }
+//
+// @SuppressWarnings("unchecked")
+// public Result<List<DATA>> get(TRANS trans, String key, Getter<DATA> getter) {
+// List<DATA> ld = null;
+// Result<List<DATA>> rld = null;
+//
+// int cacheIdx = cacheIdx(key);
+// Map<String, Dated> map = ((Map<String,Dated>)cache[cacheIdx]);
+//
+// // Check for saved element in cache
+// Dated cached = map.get(key);
+// // Note: These Segment Timestamps are kept up to date with DB
+// Date dbStamp = info.get(trans, name,cacheIdx);
+//
+// // Check for cache Entry and whether it is still good (a good Cache Entry is same or after DBEntry, so we use "before" syntax)
+// if(cached!=null && dbStamp.before(cached.timestamp)) {
+// ld = (List<DATA>)cached.data;
+// rld = Result.ok(ld);
+// } else {
+// rld = getter.get();
+// if(rld.isOK()) { // only store valid lists
+// map.put(key, new Dated(rld.value)); // successful item found gets put in cache
+//// } else if(rld.status == Result.ERR_Backend){
+//// map.remove(key);
+// }
+// }
+// return rld;
+// }
- class DataStub extends CacheableData {
- @Override public int[] invalidate(Cached<?, ?> cache) { return null; }
- }
+ class DataStub extends CacheableData {
+ @Override public int[] invalidate(Cached<?, ?> cache) { return null; }
+ }
}
diff --git a/auth/auth-cass/src/test/java/org/onap/aaf/auth/dao/JU_CachedDAO.java b/auth/auth-cass/src/test/java/org/onap/aaf/auth/dao/JU_CachedDAO.java
index 14612a1f..8ffc5c2f 100644
--- a/auth/auth-cass/src/test/java/org/onap/aaf/auth/dao/JU_CachedDAO.java
+++ b/auth/auth-cass/src/test/java/org/onap/aaf/auth/dao/JU_CachedDAO.java
@@ -39,26 +39,26 @@ import org.powermock.modules.junit4.PowerMockRunner;
@RunWith(PowerMockRunner.class)
public class JU_CachedDAO {
- CachedDAO cachedDAO;
- @Mock
- DAO daoMock;
- @Mock
- CIDAO<Trans> ciDAOMock;
- int segsize=1;
- Object[ ] objs = new Object[2];
-
- @Before
- public void setUp(){
- objs[0] = "helo";
- objs[1] = "polo";
- cachedDAO = new CachedDAO(daoMock, ciDAOMock, segsize, segsize);
- }
-
- @Test
- public void testKeyFromObjs(){
- String result = cachedDAO.keyFromObjs(objs);
- System.out.println("value of resut " +result);
- assertTrue(true);
- }
-
+ CachedDAO cachedDAO;
+ @Mock
+ DAO daoMock;
+ @Mock
+ CIDAO<Trans> ciDAOMock;
+ int segsize=1;
+ Object[ ] objs = new Object[2];
+
+ @Before
+ public void setUp(){
+ objs[0] = "helo";
+ objs[1] = "polo";
+ cachedDAO = new CachedDAO(daoMock, ciDAOMock, segsize, segsize);
+ }
+
+ @Test
+ public void testKeyFromObjs(){
+ String result = cachedDAO.keyFromObjs(objs);
+ System.out.println("value of resut " +result);
+ assertTrue(true);
+ }
+
}
diff --git a/auth/auth-cass/src/test/java/org/onap/aaf/auth/dao/JU_CassAccess.java b/auth/auth-cass/src/test/java/org/onap/aaf/auth/dao/JU_CassAccess.java
index 525450a6..722011b0 100644
--- a/auth/auth-cass/src/test/java/org/onap/aaf/auth/dao/JU_CassAccess.java
+++ b/auth/auth-cass/src/test/java/org/onap/aaf/auth/dao/JU_CassAccess.java
@@ -41,33 +41,33 @@ import com.datastax.driver.core.Cluster.Builder;
@RunWith(PowerMockRunner.class)
public class JU_CassAccess {
- CassAccess cassAccess;
-
- public static final String KEYSPACE = "authz";
- public static final String CASSANDRA_CLUSTERS = "cassandra.clusters";
- public static final String CASSANDRA_CLUSTERS_PORT = "cassandra.clusters.port";
- public static final String CASSANDRA_CLUSTERS_USER_NAME = "cassandra.clusters.user";
- public static final String CASSANDRA_CLUSTERS_PASSWORD = "cassandra.clusters.password";
- public static final String CASSANDRA_RESET_EXCEPTIONS = "cassandra.reset.exceptions";
- public static final String LATITUDE = "LATITUDE";
- public static final String LONGITUDE = "LONGITUDE";
- //private static final List<Resettable> resetExceptions = new ArrayList<>();
- public static final String ERR_ACCESS_MSG = "Accessing Backend";
- private static Builder cb = null;
- @Mock
- Env envMock;
- String prefix=null;
-
- @Before
- public void setUp(){
- cassAccess = new CassAccess();
- }
+ CassAccess cassAccess;
+
+ public static final String KEYSPACE = "authz";
+ public static final String CASSANDRA_CLUSTERS = "cassandra.clusters";
+ public static final String CASSANDRA_CLUSTERS_PORT = "cassandra.clusters.port";
+ public static final String CASSANDRA_CLUSTERS_USER_NAME = "cassandra.clusters.user";
+ public static final String CASSANDRA_CLUSTERS_PASSWORD = "cassandra.clusters.password";
+ public static final String CASSANDRA_RESET_EXCEPTIONS = "cassandra.reset.exceptions";
+ public static final String LATITUDE = "LATITUDE";
+ public static final String LONGITUDE = "LONGITUDE";
+ //private static final List<Resettable> resetExceptions = new ArrayList<>();
+ public static final String ERR_ACCESS_MSG = "Accessing Backend";
+ private static Builder cb = null;
+ @Mock
+ Env envMock;
+ String prefix=null;
+
+ @Before
+ public void setUp(){
+ cassAccess = new CassAccess();
+ }
- @Test(expected=APIException.class)
- public void testCluster() throws APIException, IOException {
- cassAccess.cluster(envMock, prefix);
-
- }
+ @Test(expected=APIException.class)
+ public void testCluster() throws APIException, IOException {
+ cassAccess.cluster(envMock, prefix);
+
+ }
}
diff --git a/auth/auth-cass/src/test/java/org/onap/aaf/auth/dao/JU_CassDAOImpl.java b/auth/auth-cass/src/test/java/org/onap/aaf/auth/dao/JU_CassDAOImpl.java
index d06e38f7..b5749747 100644
--- a/auth/auth-cass/src/test/java/org/onap/aaf/auth/dao/JU_CassDAOImpl.java
+++ b/auth/auth-cass/src/test/java/org/onap/aaf/auth/dao/JU_CassDAOImpl.java
@@ -64,33 +64,33 @@ AuthzTrans authzTransMock;
- @SuppressWarnings({ "rawtypes", "unchecked" })
- @Before
- public void setUp()
- {
- String name = "name";
- String keySpace = "keySpace";
- String table = "table";
- cassDAOImpl = new CassDAOImpl(transStoreMock, name, clusterMock, keySpace, classDataMock, table, consistencyLevelMock, consistencyLevelMock);
- }
+ @SuppressWarnings({ "rawtypes", "unchecked" })
+ @Before
+ public void setUp()
+ {
+ String name = "name";
+ String keySpace = "keySpace";
+ String table = "table";
+ cassDAOImpl = new CassDAOImpl(transStoreMock, name, clusterMock, keySpace, classDataMock, table, consistencyLevelMock, consistencyLevelMock);
+ }
- //TODO: Gabe [JUnit] Visibility issue
- @Test
- public void testReadConsistency() {
- String table = "users";
- PowerMockito.when(authzTransMock.getProperty(CASS_READ_CONSISTENCY+'.'+table)).thenReturn("TWO");
- ConsistencyLevel consistencyLevel = cassDAOImpl.readConsistency(authzTransMock, table);
- System.out.println("Consistency level" + consistencyLevel.name());
- assertEquals("TWO", consistencyLevel.name());
- }
-
- @Test
- public void testWriteConsistency() {
- String table = "users";
- PowerMockito.when(authzTransMock.getProperty(CASS_WRITE_CONSISTENCY+'.'+table)).thenReturn(null);
- ConsistencyLevel consistencyLevel = cassDAOImpl.writeConsistency(authzTransMock, table);
- System.out.println("Consistency level" + consistencyLevel.name());
- assertEquals("ONE", consistencyLevel.name());
- }
-
+ //TODO: Gabe [JUnit] Visibility issue
+ @Test
+ public void testReadConsistency() {
+ String table = "users";
+ PowerMockito.when(authzTransMock.getProperty(CASS_READ_CONSISTENCY+'.'+table)).thenReturn("TWO");
+ ConsistencyLevel consistencyLevel = cassDAOImpl.readConsistency(authzTransMock, table);
+ System.out.println("Consistency level" + consistencyLevel.name());
+ assertEquals("TWO", consistencyLevel.name());
+ }
+
+ @Test
+ public void testWriteConsistency() {
+ String table = "users";
+ PowerMockito.when(authzTransMock.getProperty(CASS_WRITE_CONSISTENCY+'.'+table)).thenReturn(null);
+ ConsistencyLevel consistencyLevel = cassDAOImpl.writeConsistency(authzTransMock, table);
+ System.out.println("Consistency level" + consistencyLevel.name());
+ assertEquals("ONE", consistencyLevel.name());
+ }
+
}
diff --git a/auth/auth-cass/src/test/java/org/onap/aaf/auth/dao/JU_DAOException.java b/auth/auth-cass/src/test/java/org/onap/aaf/auth/dao/JU_DAOException.java
index 8cfb8520..8cd412d2 100644
--- a/auth/auth-cass/src/test/java/org/onap/aaf/auth/dao/JU_DAOException.java
+++ b/auth/auth-cass/src/test/java/org/onap/aaf/auth/dao/JU_DAOException.java
@@ -34,16 +34,16 @@ import org.powermock.modules.junit4.PowerMockRunner;
public class JU_DAOException {
DAOException daoException;
- //DAOException daoException = new DAOException();
- String message = "message";
- Throwable cause;
- @Before
- public void setUp(){
- daoException = new DAOException();
- }
+ //DAOException daoException = new DAOException();
+ String message = "message";
+ Throwable cause;
+ @Before
+ public void setUp(){
+ daoException = new DAOException();
+ }
- @Test
- public void test(){
- assertTrue(true);
- }
+ @Test
+ public void test(){
+ assertTrue(true);
+ }
}
diff --git a/auth/auth-cass/src/test/java/org/onap/aaf/auth/dao/aaf/test/AbsJUCass.java b/auth/auth-cass/src/test/java/org/onap/aaf/auth/dao/aaf/test/AbsJUCass.java
index 3064de55..331e4c8b 100644
--- a/auth/auth-cass/src/test/java/org/onap/aaf/auth/dao/aaf/test/AbsJUCass.java
+++ b/auth/auth-cass/src/test/java/org/onap/aaf/auth/dao/aaf/test/AbsJUCass.java
@@ -53,148 +53,148 @@ import junit.framework.Assert;
*
*/
public class AbsJUCass {
- protected static final String AUTHZ = "authz";
- protected static Cluster cluster;
- protected static AuthzEnv env;
- protected static int iterations = 0;
- protected static float totals=0.0f;
- protected static float remote = 0.0f;
- protected static float json = 0.0f;
- protected static AuthzTrans trans;
- protected static boolean details = true;
-
- @BeforeClass
- public static void startup() throws APIException, IOException {
- synchronized(AUTHZ) {
- if(env==null) {
- final String resource = "cadi.properties";
- File f = new File("etc" + resource);
- InputStream is=null;
- Properties props = new Properties();
- try {
- if(f.exists()) {
- is = new FileInputStream(f);
- } else {
- URL rsrc = ClassLoader.getSystemResource(resource);
- is = rsrc.openStream();
- }
- props.load(is);
- } finally {
- if(is==null) {
- env= new AuthzEnv();
- Assert.fail(resource + " must exist in etc dir, or in Classpath");
- }
- is.close();
- }
- env = new AuthzEnv(props);
- }
- }
- cluster = CassAccess.cluster(env,"LOCAL");
+ protected static final String AUTHZ = "authz";
+ protected static Cluster cluster;
+ protected static AuthzEnv env;
+ protected static int iterations = 0;
+ protected static float totals=0.0f;
+ protected static float remote = 0.0f;
+ protected static float json = 0.0f;
+ protected static AuthzTrans trans;
+ protected static boolean details = true;
+
+ @BeforeClass
+ public static void startup() throws APIException, IOException {
+ synchronized(AUTHZ) {
+ if(env==null) {
+ final String resource = "cadi.properties";
+ File f = new File("etc" + resource);
+ InputStream is=null;
+ Properties props = new Properties();
+ try {
+ if(f.exists()) {
+ is = new FileInputStream(f);
+ } else {
+ URL rsrc = ClassLoader.getSystemResource(resource);
+ is = rsrc.openStream();
+ }
+ props.load(is);
+ } finally {
+ if(is==null) {
+ env= new AuthzEnv();
+ Assert.fail(resource + " must exist in etc dir, or in Classpath");
+ }
+ is.close();
+ }
+ env = new AuthzEnv(props);
+ }
+ }
+ cluster = CassAccess.cluster(env,"LOCAL");
- env.info().log("Connecting to Cluster");
- try {
- cluster.connect(AUTHZ);
- } catch(Exception e) {
- cluster=null;
- env.error().log(e);
- Assert.fail("Not able to connect to DB: " + e.getLocalizedMessage());
- }
- env.info().log("Connected");
-
- // Load special data here
-
- // WebPhone
- env.setProperty("java.naming.provider.url","ldap://ldap.webphone.att.com:389");
- env.setProperty("com.sun.jndi.ldap.connect.pool","true");
-
- iterations = 0;
-
- }
-
- @AfterClass
- public static void shutdown() {
- if(cluster!=null) {
- cluster.close();
- cluster = null;
- }
- }
+ env.info().log("Connecting to Cluster");
+ try {
+ cluster.connect(AUTHZ);
+ } catch(Exception e) {
+ cluster=null;
+ env.error().log(e);
+ Assert.fail("Not able to connect to DB: " + e.getLocalizedMessage());
+ }
+ env.info().log("Connected");
+
+ // Load special data here
+
+ // WebPhone
+ env.setProperty("java.naming.provider.url","ldap://ldap.webphone.att.com:389");
+ env.setProperty("com.sun.jndi.ldap.connect.pool","true");
+
+ iterations = 0;
+
+ }
+
+ @AfterClass
+ public static void shutdown() {
+ if(cluster!=null) {
+ cluster.close();
+ cluster = null;
+ }
+ }
- @Before
- public void newTrans() {
- trans = env.newTrans();
-
- trans.setProperty(CassDAOImpl.USER_NAME, System.getProperty("user.name"));
- }
-
- @After
- public void auditTrail() {
- if(totals==0) { // "updateTotals()" was not called... just do one Trans
- StringBuilder sb = new StringBuilder();
- Metric metric = trans.auditTrail(4, sb, Env.JSON, Env.REMOTE);
- if(details) {
- env.info().log(
- sb,
- "Total time:",
- totals += metric.total,
- "JSON time: ",
- metric.buckets[0],
- "REMOTE time: ",
- metric.buckets[1]
- );
- } else {
- totals += metric.total;
- }
- }
- }
-
- protected void updateTotals() {
- Metric metric = trans.auditTrail(0, null, Env.JSON, Env.REMOTE);
- totals+=metric.total;
- json +=metric.buckets[0];
- remote+=metric.buckets[1];
- }
+ @Before
+ public void newTrans() {
+ trans = env.newTrans();
+
+ trans.setProperty(CassDAOImpl.USER_NAME, System.getProperty("user.name"));
+ }
+
+ @After
+ public void auditTrail() {
+ if(totals==0) { // "updateTotals()" was not called... just do one Trans
+ StringBuilder sb = new StringBuilder();
+ Metric metric = trans.auditTrail(4, sb, Env.JSON, Env.REMOTE);
+ if(details) {
+ env.info().log(
+ sb,
+ "Total time:",
+ totals += metric.total,
+ "JSON time: ",
+ metric.buckets[0],
+ "REMOTE time: ",
+ metric.buckets[1]
+ );
+ } else {
+ totals += metric.total;
+ }
+ }
+ }
+
+ protected void updateTotals() {
+ Metric metric = trans.auditTrail(0, null, Env.JSON, Env.REMOTE);
+ totals+=metric.total;
+ json +=metric.buckets[0];
+ remote+=metric.buckets[1];
+ }
- @AfterClass
- public static void print() {
- float transTime;
- if(iterations==0) {
- transTime=totals;
- } else {
- transTime=totals/iterations;
- }
- env.info().log(
- "Total time:",
- totals,
- "JSON time:",
- json,
- "REMOTE time:",
- remote,
- "Iterations:",
- iterations,
- "Transaction time:",
- transTime
- );
- }
-
- /**
- * Take a User/Pass and turn into an MD5 Hashed BasicAuth
- *
- * @param user
- * @param pass
- * @return
- * @throws IOException
- * @throws NoSuchAlgorithmException
- */
- //TODO: Gabe [JUnit] Issue
- public static byte[] userPassToBytes(String user, String pass)
- throws IOException, NoSuchAlgorithmException {
- // Take the form of BasicAuth, so as to allow any character in Password
- // (this is an issue in 1.0)
- // Also, it makes it quicker to evaluate Basic Auth direct questions
- String ba = Symm.base64url.encode(user + ':' + pass);
- // Take MD5 Hash, so that data in DB can't be reversed out.
- return Hash.hashMD5(ba.getBytes());
- }
+ @AfterClass
+ public static void print() {
+ float transTime;
+ if(iterations==0) {
+ transTime=totals;
+ } else {
+ transTime=totals/iterations;
+ }
+ env.info().log(
+ "Total time:",
+ totals,
+ "JSON time:",
+ json,
+ "REMOTE time:",
+ remote,
+ "Iterations:",
+ iterations,
+ "Transaction time:",
+ transTime
+ );
+ }
+
+ /**
+ * Take a User/Pass and turn into an MD5 Hashed BasicAuth
+ *
+ * @param user
+ * @param pass
+ * @return
+ * @throws IOException
+ * @throws NoSuchAlgorithmException
+ */
+ //TODO: Gabe [JUnit] Issue
+ public static byte[] userPassToBytes(String user, String pass)
+ throws IOException, NoSuchAlgorithmException {
+ // Take the form of BasicAuth, so as to allow any character in Password
+ // (this is an issue in 1.0)
+ // Also, it makes it quicker to evaluate Basic Auth direct questions
+ String ba = Symm.base64url.encode(user + ':' + pass);
+ // Take MD5 Hash, so that data in DB can't be reversed out.
+ return Hash.hashMD5(ba.getBytes());
+ }
}
diff --git a/auth/auth-cass/src/test/java/org/onap/aaf/auth/dao/aaf/test/JU_Bytification.java b/auth/auth-cass/src/test/java/org/onap/aaf/auth/dao/aaf/test/JU_Bytification.java
index e316ac7e..4ffa946f 100644
--- a/auth/auth-cass/src/test/java/org/onap/aaf/auth/dao/aaf/test/JU_Bytification.java
+++ b/auth/auth-cass/src/test/java/org/onap/aaf/auth/dao/aaf/test/JU_Bytification.java
@@ -38,228 +38,228 @@ import org.onap.aaf.auth.dao.cass.UserRoleDAO;
public class JU_Bytification {
- @Test
- public void testNS() throws IOException {
-
- // Normal
- NsDAO.Data ns = new NsDAO.Data();
- ns.name = "org.osaaf.<pass>";
- ns.type = NsType.APP.type;
+ @Test
+ public void testNS() throws IOException {
+
+ // Normal
+ NsDAO.Data ns = new NsDAO.Data();
+ ns.name = "org.osaaf.<pass>";
+ ns.type = NsType.APP.type;
- ByteBuffer bb = ns.bytify();
-
- NsDAO.Data nsr = new NsDAO.Data();
- nsr.reconstitute(bb);
- check(ns,nsr);
-
- // Empty admin
-// ns.admin(true).clear();
- bb = ns.bytify();
- nsr = new NsDAO.Data();
- nsr.reconstitute(bb);
- check(ns,nsr);
-
- // Empty responsible
-// ns.responsible(true).clear();
- bb = ns.bytify();
- nsr = new NsDAO.Data();
- nsr.reconstitute(bb);
- check(ns,nsr);
+ ByteBuffer bb = ns.bytify();
+
+ NsDAO.Data nsr = new NsDAO.Data();
+ nsr.reconstitute(bb);
+ check(ns,nsr);
+
+ // Empty admin
+// ns.admin(true).clear();
+ bb = ns.bytify();
+ nsr = new NsDAO.Data();
+ nsr.reconstitute(bb);
+ check(ns,nsr);
+
+ // Empty responsible
+// ns.responsible(true).clear();
+ bb = ns.bytify();
+ nsr = new NsDAO.Data();
+ nsr.reconstitute(bb);
+ check(ns,nsr);
- bb = ns.bytify();
- nsr = new NsDAO.Data();
- nsr.reconstitute(bb);
- check(ns,nsr);
- }
-
- private void check(NsDAO.Data a, NsDAO.Data b) {
- assertEquals(a.name,b.name);
- assertEquals(a.type,b.type);
-// assertEquals(a.admin.size(),b.admin.size());
-
-// for(String s: a.admin) {
-// assertTrue(b.admin.contains(s));
-// }
-//
-// assertEquals(a.responsible.size(),b.responsible.size());
-// for(String s: a.responsible) {
-// assertTrue(b.responsible.contains(s));
-// }
- }
+ bb = ns.bytify();
+ nsr = new NsDAO.Data();
+ nsr.reconstitute(bb);
+ check(ns,nsr);
+ }
+
+ private void check(NsDAO.Data a, NsDAO.Data b) {
+ assertEquals(a.name,b.name);
+ assertEquals(a.type,b.type);
+// assertEquals(a.admin.size(),b.admin.size());
+
+// for(String s: a.admin) {
+// assertTrue(b.admin.contains(s));
+// }
+//
+// assertEquals(a.responsible.size(),b.responsible.size());
+// for(String s: a.responsible) {
+// assertTrue(b.responsible.contains(s));
+// }
+ }
- @Test
- public void testRole() throws IOException {
- RoleDAO.Data rd1 = new RoleDAO.Data();
- rd1.ns = "org.osaaf.<pass>";
- rd1.name = "my.role";
- rd1.perms(true).add("org.osaaf.<pass>.my.Perm|myInstance|myAction");
- rd1.perms(true).add("org.osaaf.<pass>.my.Perm|myInstance|myAction2");
+ @Test
+ public void testRole() throws IOException {
+ RoleDAO.Data rd1 = new RoleDAO.Data();
+ rd1.ns = "org.osaaf.<pass>";
+ rd1.name = "my.role";
+ rd1.perms(true).add("org.osaaf.<pass>.my.Perm|myInstance|myAction");
+ rd1.perms(true).add("org.osaaf.<pass>.my.Perm|myInstance|myAction2");
- // Normal
- ByteBuffer bb = rd1.bytify();
- RoleDAO.Data rd2 = new RoleDAO.Data();
- rd2.reconstitute(bb);
- check(rd1,rd2);
-
- // Overshoot Buffer
- StringBuilder sb = new StringBuilder(300);
- sb.append("role|instance|veryLongAction...");
- for(int i=0;i<280;++i) {
- sb.append('a');
- }
- rd1.perms(true).add(sb.toString());
- bb = rd1.bytify();
- rd2 = new RoleDAO.Data();
- rd2.reconstitute(bb);
- check(rd1,rd2);
-
- // No Perms
- rd1.perms.clear();
-
- bb = rd1.bytify();
- rd2 = new RoleDAO.Data();
- rd2.reconstitute(bb);
- check(rd1,rd2);
-
- // 1000 Perms
- for(int i=0;i<1000;++i) {
- rd1.perms(true).add("com|inst|action"+ i);
- }
+ // Normal
+ ByteBuffer bb = rd1.bytify();
+ RoleDAO.Data rd2 = new RoleDAO.Data();
+ rd2.reconstitute(bb);
+ check(rd1,rd2);
+
+ // Overshoot Buffer
+ StringBuilder sb = new StringBuilder(300);
+ sb.append("role|instance|veryLongAction...");
+ for(int i=0;i<280;++i) {
+ sb.append('a');
+ }
+ rd1.perms(true).add(sb.toString());
+ bb = rd1.bytify();
+ rd2 = new RoleDAO.Data();
+ rd2.reconstitute(bb);
+ check(rd1,rd2);
+
+ // No Perms
+ rd1.perms.clear();
+
+ bb = rd1.bytify();
+ rd2 = new RoleDAO.Data();
+ rd2.reconstitute(bb);
+ check(rd1,rd2);
+
+ // 1000 Perms
+ for(int i=0;i<1000;++i) {
+ rd1.perms(true).add("com|inst|action"+ i);
+ }
- bb = rd1.bytify();
- rd2 = new RoleDAO.Data();
- rd2.reconstitute(bb);
- check(rd1,rd2);
+ bb = rd1.bytify();
+ rd2 = new RoleDAO.Data();
+ rd2.reconstitute(bb);
+ check(rd1,rd2);
- }
-
- private void check(RoleDAO.Data a, RoleDAO.Data b) {
- assertEquals(a.ns,b.ns);
- assertEquals(a.name,b.name);
-
- assertEquals(a.perms.size(),b.perms.size());
- for(String s: a.perms) {
- assertTrue(b.perms.contains(s));
- }
- }
+ }
+
+ private void check(RoleDAO.Data a, RoleDAO.Data b) {
+ assertEquals(a.ns,b.ns);
+ assertEquals(a.name,b.name);
+
+ assertEquals(a.perms.size(),b.perms.size());
+ for(String s: a.perms) {
+ assertTrue(b.perms.contains(s));
+ }
+ }
- @Test
- public void testPerm() throws IOException {
- PermDAO.Data pd1 = new PermDAO.Data();
- pd1.ns = "org.osaaf.<pass>";
- pd1.type = "my.perm";
- pd1.instance = "instance";
- pd1.action = "read";
- pd1.roles(true).add("org.osaaf.<pass>.my.Role");
- pd1.roles(true).add("org.osaaf.<pass>.my.Role2");
+ @Test
+ public void testPerm() throws IOException {
+ PermDAO.Data pd1 = new PermDAO.Data();
+ pd1.ns = "org.osaaf.<pass>";
+ pd1.type = "my.perm";
+ pd1.instance = "instance";
+ pd1.action = "read";
+ pd1.roles(true).add("org.osaaf.<pass>.my.Role");
+ pd1.roles(true).add("org.osaaf.<pass>.my.Role2");
- // Normal
- ByteBuffer bb = pd1.bytify();
- PermDAO.Data rd2 = new PermDAO.Data();
- rd2.reconstitute(bb);
- check(pd1,rd2);
-
- // No Perms
- pd1.roles.clear();
-
- bb = pd1.bytify();
- rd2 = new PermDAO.Data();
- rd2.reconstitute(bb);
- check(pd1,rd2);
-
- // 1000 Perms
- for(int i=0;i<1000;++i) {
- pd1.roles(true).add("org.osaaf.<pass>.my.Role"+ i);
- }
+ // Normal
+ ByteBuffer bb = pd1.bytify();
+ PermDAO.Data rd2 = new PermDAO.Data();
+ rd2.reconstitute(bb);
+ check(pd1,rd2);
+
+ // No Perms
+ pd1.roles.clear();
+
+ bb = pd1.bytify();
+ rd2 = new PermDAO.Data();
+ rd2.reconstitute(bb);
+ check(pd1,rd2);
+
+ // 1000 Perms
+ for(int i=0;i<1000;++i) {
+ pd1.roles(true).add("org.osaaf.<pass>.my.Role"+ i);
+ }
- bb = pd1.bytify();
- rd2 = new PermDAO.Data();
- rd2.reconstitute(bb);
- check(pd1,rd2);
+ bb = pd1.bytify();
+ rd2 = new PermDAO.Data();
+ rd2.reconstitute(bb);
+ check(pd1,rd2);
- }
-
- private void check(PermDAO.Data a, PermDAO.Data b) {
- assertEquals(a.ns,b.ns);
- assertEquals(a.type,b.type);
- assertEquals(a.instance,b.instance);
- assertEquals(a.action,b.action);
-
- assertEquals(a.roles.size(),b.roles.size());
- for(String s: a.roles) {
- assertTrue(b.roles.contains(s));
- }
- }
+ }
+
+ private void check(PermDAO.Data a, PermDAO.Data b) {
+ assertEquals(a.ns,b.ns);
+ assertEquals(a.type,b.type);
+ assertEquals(a.instance,b.instance);
+ assertEquals(a.action,b.action);
+
+ assertEquals(a.roles.size(),b.roles.size());
+ for(String s: a.roles) {
+ assertTrue(b.roles.contains(s));
+ }
+ }
- @Test
- public void testUserRole() throws IOException {
- UserRoleDAO.Data urd1 = new UserRoleDAO.Data();
- urd1.user = "myname@abc.att.com";
- urd1.role("org.osaaf.<pass>","my.role");
- urd1.expires = new Date();
+ @Test
+ public void testUserRole() throws IOException {
+ UserRoleDAO.Data urd1 = new UserRoleDAO.Data();
+ urd1.user = "myname@abc.att.com";
+ urd1.role("org.osaaf.<pass>","my.role");
+ urd1.expires = new Date();
- // Normal
- ByteBuffer bb = urd1.bytify();
- UserRoleDAO.Data urd2 = new UserRoleDAO.Data();
- urd2.reconstitute(bb);
- check(urd1,urd2);
-
- // A null
- urd1.expires = null;
- urd1.role = null;
-
- bb = urd1.bytify();
- urd2 = new UserRoleDAO.Data();
- urd2.reconstitute(bb);
- check(urd1,urd2);
- }
+ // Normal
+ ByteBuffer bb = urd1.bytify();
+ UserRoleDAO.Data urd2 = new UserRoleDAO.Data();
+ urd2.reconstitute(bb);
+ check(urd1,urd2);
+
+ // A null
+ urd1.expires = null;
+ urd1.role = null;
+
+ bb = urd1.bytify();
+ urd2 = new UserRoleDAO.Data();
+ urd2.reconstitute(bb);
+ check(urd1,urd2);
+ }
- private void check(UserRoleDAO.Data a, UserRoleDAO.Data b) {
- assertEquals(a.user,b.user);
- assertEquals(a.role,b.role);
- assertEquals(a.expires,b.expires);
- }
+ private void check(UserRoleDAO.Data a, UserRoleDAO.Data b) {
+ assertEquals(a.user,b.user);
+ assertEquals(a.role,b.role);
+ assertEquals(a.expires,b.expires);
+ }
-
- @Test
- public void testCred() throws IOException {
- CredDAO.Data cd = new CredDAO.Data();
- cd.id = "m55555@abc.att.com";
- cd.ns = "org.osaaf.abc";
- cd.type = 2;
- cd.cred = ByteBuffer.wrap(new byte[]{1,34,5,3,25,0,2,5,3,4});
- cd.expires = new Date();
+
+ @Test
+ public void testCred() throws IOException {
+ CredDAO.Data cd = new CredDAO.Data();
+ cd.id = "m55555@abc.att.com";
+ cd.ns = "org.osaaf.abc";
+ cd.type = 2;
+ cd.cred = ByteBuffer.wrap(new byte[]{1,34,5,3,25,0,2,5,3,4});
+ cd.expires = new Date();
- // Normal
- ByteBuffer bb = cd.bytify();
- CredDAO.Data cd2 = new CredDAO.Data();
- cd2.reconstitute(bb);
- check(cd,cd2);
-
- // nulls
- cd.expires = null;
- cd.cred = null;
-
- bb = cd.bytify();
- cd2 = new CredDAO.Data();
- cd2.reconstitute(bb);
- check(cd,cd2);
+ // Normal
+ ByteBuffer bb = cd.bytify();
+ CredDAO.Data cd2 = new CredDAO.Data();
+ cd2.reconstitute(bb);
+ check(cd,cd2);
+
+ // nulls
+ cd.expires = null;
+ cd.cred = null;
+
+ bb = cd.bytify();
+ cd2 = new CredDAO.Data();
+ cd2.reconstitute(bb);
+ check(cd,cd2);
- }
+ }
- private void check(CredDAO.Data a, CredDAO.Data b) {
- assertEquals(a.id,b.id);
- assertEquals(a.ns,b.ns);
- assertEquals(a.type,b.type);
- if(a.cred==null) {
- assertEquals(a.cred,b.cred);
- } else {
- int l = a.cred.limit();
- assertEquals(l,b.cred.limit());
- for (int i=0;i<l;++i) {
- assertEquals(a.cred.get(),b.cred.get());
- }
- }
- }
+ private void check(CredDAO.Data a, CredDAO.Data b) {
+ assertEquals(a.id,b.id);
+ assertEquals(a.ns,b.ns);
+ assertEquals(a.type,b.type);
+ if(a.cred==null) {
+ assertEquals(a.cred,b.cred);
+ } else {
+ int l = a.cred.limit();
+ assertEquals(l,b.cred.limit());
+ for (int i=0;i<l;++i) {
+ assertEquals(a.cred.get(),b.cred.get());
+ }
+ }
+ }
}
diff --git a/auth/auth-cass/src/test/java/org/onap/aaf/auth/dao/aaf/test/JU_NsType.java b/auth/auth-cass/src/test/java/org/onap/aaf/auth/dao/aaf/test/JU_NsType.java
index 06e5f0ed..38d0fbfd 100644
--- a/auth/auth-cass/src/test/java/org/onap/aaf/auth/dao/aaf/test/JU_NsType.java
+++ b/auth/auth-cass/src/test/java/org/onap/aaf/auth/dao/aaf/test/JU_NsType.java
@@ -29,30 +29,30 @@ import org.onap.aaf.auth.dao.cass.NsType;
public class JU_NsType {
- @AfterClass
- public static void tearDownAfterClass() throws Exception {
- }
+ @AfterClass
+ public static void tearDownAfterClass() throws Exception {
+ }
- @Test
- public void test() {
- NsType nt,nt2;
- String[] tests = new String[] {"DOT","ROOT","COMPANY","APP","STACKED_APP","STACK"};
- for(String s : tests) {
- nt = NsType.valueOf(s);
- assertEquals(s,nt.name());
-
- nt2 = NsType.fromString(s);
- assertEquals(nt,nt2);
-
- int t = nt.type;
- nt2 = NsType.fromType(t);
- assertEquals(nt,nt2);
- }
-
- nt = NsType.fromType(Integer.MIN_VALUE);
- assertEquals(nt,NsType.UNKNOWN);
- nt = NsType.fromString("Garbage");
- assertEquals(nt,NsType.UNKNOWN);
- }
+ @Test
+ public void test() {
+ NsType nt,nt2;
+ String[] tests = new String[] {"DOT","ROOT","COMPANY","APP","STACKED_APP","STACK"};
+ for(String s : tests) {
+ nt = NsType.valueOf(s);
+ assertEquals(s,nt.name());
+
+ nt2 = NsType.fromString(s);
+ assertEquals(nt,nt2);
+
+ int t = nt.type;
+ nt2 = NsType.fromType(t);
+ assertEquals(nt,nt2);
+ }
+
+ nt = NsType.fromType(Integer.MIN_VALUE);
+ assertEquals(nt,NsType.UNKNOWN);
+ nt = NsType.fromString("Garbage");
+ assertEquals(nt,NsType.UNKNOWN);
+ }
}
diff --git a/auth/auth-cass/src/test/java/org/onap/aaf/auth/direct/test/JU_DirectCertIdentity.java b/auth/auth-cass/src/test/java/org/onap/aaf/auth/direct/test/JU_DirectCertIdentity.java
index 07cd7ae9..f9ad5a9e 100644
--- a/auth/auth-cass/src/test/java/org/onap/aaf/auth/direct/test/JU_DirectCertIdentity.java
+++ b/auth/auth-cass/src/test/java/org/onap/aaf/auth/direct/test/JU_DirectCertIdentity.java
@@ -39,33 +39,33 @@ import org.powermock.modules.junit4.PowerMockRunner;
@RunWith(PowerMockRunner.class)
public class JU_DirectCertIdentity {
-
- public DirectCertIdentity directCertIdentity;
-
- @Before
- public void setUp(){
- directCertIdentity = new DirectCertIdentity();
- }
+
+ public DirectCertIdentity directCertIdentity;
+
+ @Before
+ public void setUp(){
+ directCertIdentity = new DirectCertIdentity();
+ }
- @Mock
- HttpServletRequest req;
- X509Certificate cert;
- byte[] _certBytes;
-
- @Test
- public void testidentity(){
-
- try {
- Principal p = directCertIdentity.identity(req, cert, _certBytes);
- assertEquals(( (p) == null),true);
-
- } catch (CertificateException e) {
- // TODO Auto-generated catch block
- e.printStackTrace();
- }
- //assertTrue(true);
-
- }
+ @Mock
+ HttpServletRequest req;
+ X509Certificate cert;
+ byte[] _certBytes;
+
+ @Test
+ public void testidentity(){
+
+ try {
+ Principal p = directCertIdentity.identity(req, cert, _certBytes);
+ assertEquals(( (p) == null),true);
+
+ } catch (CertificateException e) {
+ // TODO Auto-generated catch block
+ e.printStackTrace();
+ }
+ //assertTrue(true);
+
+ }
}
diff --git a/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/AAF_CM.java b/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/AAF_CM.java
index a9a9b4e5..d80b085b 100644
--- a/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/AAF_CM.java
+++ b/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/AAF_CM.java
@@ -70,173 +70,173 @@ import com.datastax.driver.core.Cluster;
public class AAF_CM extends AbsService<AuthzEnv, AuthzTrans> {
- private static final String USER_PERMS = "userPerms";
- private static final Map<String,CA> certAuths = new TreeMap<>();
- public Facade1_0 facade1_0; // this is the default Facade
- public Facade1_0 facade1_0_XML; // this is the XML Facade
- public Map<String, Dated> cacheUser;
- public AAFAuthn<?> aafAuthn;
- public AAFLurPerm aafLurPerm;
- final public Cluster cluster;
- public final LocateDAO locateDAO;
-
-
- /**
- * Construct AuthzAPI with all the Context Supporting Routes that Authz needs
- *
- * @param env
- * @param si
- * @param dm
- * @param decryptor
- * @throws APIException
- */
- public AAF_CM(AuthzEnv env) throws Exception {
- super(env.access(),env);
- aafLurPerm = aafCon().newLur();
- // Note: If you need both Authn and Authz construct the following:
- aafAuthn = aafCon().newAuthn(aafLurPerm);
-
- String aaf_env = env.getProperty(Config.AAF_ENV);
- if(aaf_env==null) {
- throw new APIException("aaf_env needs to be set");
- }
-
- // Initialize Facade for all uses
- AuthzTrans trans = env.newTrans();
-
- cluster = org.onap.aaf.auth.dao.CassAccess.cluster(env,null);
- locateDAO = new LocateDAO(trans,cluster,CassAccess.KEYSPACE);
-
- // Have AAFLocator object Create DirectLocators for Location needs
- AbsAAFLocator.setCreator(new DirectLocatorCreator(env, locateDAO));
-
- // Load Supported Certificate Authorities by property
- // Note: Some will be dynamic Properties, so we need to look through all
- for(Entry<Object, Object> es : env.access().getProperties().entrySet()) {
- String key = es.getKey().toString();
- if(key.startsWith(CA.CM_CA_PREFIX)) {
- int idx = key.indexOf('.');
- if(idx==key.lastIndexOf('.')) { // else it's a regular property
-
- env.log(Level.INIT, "Loading Certificate Authority Module: " + key.substring(idx+1));
- String[] segs = Split.split(',', env.getProperty(key));
- if(segs.length>0) {
- String[][] multiParams = new String[segs.length-1][];
- for(int i=0;i<multiParams.length;++i) {
- multiParams[i]=Split.split(';',segs[1+i]);
- }
- @SuppressWarnings("unchecked")
- Class<CA> cac = (Class<CA>)Class.forName(segs[0]);
- Constructor<CA> cons = cac.getConstructor(new Class<?>[] {
- Access.class,String.class,String.class,String[][].class
- });
- Object pinst[] = new Object[4];
- pinst[0]=env;
- pinst[1]= key.substring(idx+1);
- pinst[2]= aaf_env;
- pinst[3] = multiParams;
- CA ca = cons.newInstance(pinst);
- certAuths.put(ca.getName(),ca);
- }
- }
- }
- }
- if(certAuths.size()==0) {
- throw new APIException("No Certificate Authorities have been configured in CertMan");
- }
-
- CMService service = new CMService(trans, this);
- // note: Service knows how to shutdown Cluster on Shutdown, etc. See Constructor
- facade1_0 = FacadeFactory.v1_0(this,trans, service,Data.TYPE.JSON); // Default Facade
- facade1_0_XML = FacadeFactory.v1_0(this,trans,service,Data.TYPE.XML);
-
-
- synchronized(env) {
- if(cacheUser == null) {
- cacheUser = Cache.obtain(USER_PERMS);
- Cache.startCleansing(env, USER_PERMS);
- }
- }
-
- ////////////////////////////////////////////////////////////////////////////
- // APIs
- ////////////////////////////////////////////////////////////////////////
- API_Cert.init(this);
- API_Artifact.init(this);
-
- StringBuilder sb = new StringBuilder();
- trans.auditTrail(2, sb);
- trans.init().log(sb);
- }
-
- public CA getCA(String key) {
- return certAuths.get(key);
- }
-
- /**
- * Setup XML and JSON implementations for each supported Version type
- *
- * We do this by taking the Code passed in and creating clones of these with the appropriate Facades and properties
- * to do Versions and Content switches
- *
- */
- public void route(HttpMethods meth, String path, API api, Code code) throws Exception {
- String version = "1.0";
- // Get Correct API Class from Mapper
- Class<?> respCls = facade1_0.mapper().getClass(api);
- if(respCls==null) throw new Exception("Unknown class associated with " + api.getClass().getName() + ' ' + api.name());
- // setup Application API HTML ContentTypes for JSON and Route
- String application = applicationJSON(respCls, version);
- route(env,meth,path,code,application,"application/json;version="+version,"*/*");
-
- // setup Application API HTML ContentTypes for XML and Route
- application = applicationXML(respCls, version);
- route(env,meth,path,code.clone(facade1_0_XML),application,"application/xml;version="+version);
-
- // Add other Supported APIs here as created
- }
-
- public void routeAll(HttpMethods meth, String path, API api, Code code) throws Exception {
- route(env,meth,path,code,""); // this will always match
- }
-
- @Override
- public Filter[] _filters(Object ... additionalTafLurs) throws CadiException, LocatorException {
- try {
- return new Filter[] {
- new AuthzTransFilter(env,aafCon(),
- new AAFTrustChecker((Env)env),
- additionalTafLurs)
- };
- } catch (NumberFormatException e) {
- throw new CadiException("Invalid Property information", e);
- }
- }
-
- @SuppressWarnings("unchecked")
- @Override
- public Registrant<AuthzEnv>[] registrants(final int port) throws CadiException, LocatorException {
- return new Registrant[] {
- new DirectRegistrar(access,locateDAO,app_name,app_version,port)
- };
- }
-
- public void destroy() {
- Cache.stopTimer();
- locateDAO.close(env.newTransNoAvg());
- cluster.close();
- }
-
- public static void main(final String[] args) {
- try {
- Log4JLogIt logIt = new Log4JLogIt(args, "cm");
- PropAccess propAccess = new PropAccess(logIt,args);
-
- AAF_CM service = new AAF_CM(new AuthzEnv(propAccess));
- JettyServiceStarter<AuthzEnv,AuthzTrans> jss = new JettyServiceStarter<AuthzEnv,AuthzTrans>(service);
- jss.start();
- } catch (Exception e) {
- e.printStackTrace();
- }
- }
+ private static final String USER_PERMS = "userPerms";
+ private static final Map<String,CA> certAuths = new TreeMap<>();
+ public Facade1_0 facade1_0; // this is the default Facade
+ public Facade1_0 facade1_0_XML; // this is the XML Facade
+ public Map<String, Dated> cacheUser;
+ public AAFAuthn<?> aafAuthn;
+ public AAFLurPerm aafLurPerm;
+ final public Cluster cluster;
+ public final LocateDAO locateDAO;
+
+
+ /**
+ * Construct AuthzAPI with all the Context Supporting Routes that Authz needs
+ *
+ * @param env
+ * @param si
+ * @param dm
+ * @param decryptor
+ * @throws APIException
+ */
+ public AAF_CM(AuthzEnv env) throws Exception {
+ super(env.access(),env);
+ aafLurPerm = aafCon().newLur();
+ // Note: If you need both Authn and Authz construct the following:
+ aafAuthn = aafCon().newAuthn(aafLurPerm);
+
+ String aaf_env = env.getProperty(Config.AAF_ENV);
+ if(aaf_env==null) {
+ throw new APIException("aaf_env needs to be set");
+ }
+
+ // Initialize Facade for all uses
+ AuthzTrans trans = env.newTrans();
+
+ cluster = org.onap.aaf.auth.dao.CassAccess.cluster(env,null);
+ locateDAO = new LocateDAO(trans,cluster,CassAccess.KEYSPACE);
+
+ // Have AAFLocator object Create DirectLocators for Location needs
+ AbsAAFLocator.setCreator(new DirectLocatorCreator(env, locateDAO));
+
+ // Load Supported Certificate Authorities by property
+ // Note: Some will be dynamic Properties, so we need to look through all
+ for(Entry<Object, Object> es : env.access().getProperties().entrySet()) {
+ String key = es.getKey().toString();
+ if(key.startsWith(CA.CM_CA_PREFIX)) {
+ int idx = key.indexOf('.');
+ if(idx==key.lastIndexOf('.')) { // else it's a regular property
+
+ env.log(Level.INIT, "Loading Certificate Authority Module: " + key.substring(idx+1));
+ String[] segs = Split.split(',', env.getProperty(key));
+ if(segs.length>0) {
+ String[][] multiParams = new String[segs.length-1][];
+ for(int i=0;i<multiParams.length;++i) {
+ multiParams[i]=Split.split(';',segs[1+i]);
+ }
+ @SuppressWarnings("unchecked")
+ Class<CA> cac = (Class<CA>)Class.forName(segs[0]);
+ Constructor<CA> cons = cac.getConstructor(new Class<?>[] {
+ Access.class,String.class,String.class,String[][].class
+ });
+ Object pinst[] = new Object[4];
+ pinst[0]=env;
+ pinst[1]= key.substring(idx+1);
+ pinst[2]= aaf_env;
+ pinst[3] = multiParams;
+ CA ca = cons.newInstance(pinst);
+ certAuths.put(ca.getName(),ca);
+ }
+ }
+ }
+ }
+ if(certAuths.size()==0) {
+ throw new APIException("No Certificate Authorities have been configured in CertMan");
+ }
+
+ CMService service = new CMService(trans, this);
+ // note: Service knows how to shutdown Cluster on Shutdown, etc. See Constructor
+ facade1_0 = FacadeFactory.v1_0(this,trans, service,Data.TYPE.JSON); // Default Facade
+ facade1_0_XML = FacadeFactory.v1_0(this,trans,service,Data.TYPE.XML);
+
+
+ synchronized(env) {
+ if(cacheUser == null) {
+ cacheUser = Cache.obtain(USER_PERMS);
+ Cache.startCleansing(env, USER_PERMS);
+ }
+ }
+
+ ////////////////////////////////////////////////////////////////////////////
+ // APIs
+ ////////////////////////////////////////////////////////////////////////
+ API_Cert.init(this);
+ API_Artifact.init(this);
+
+ StringBuilder sb = new StringBuilder();
+ trans.auditTrail(2, sb);
+ trans.init().log(sb);
+ }
+
+ public CA getCA(String key) {
+ return certAuths.get(key);
+ }
+
+ /**
+ * Setup XML and JSON implementations for each supported Version type
+ *
+ * We do this by taking the Code passed in and creating clones of these with the appropriate Facades and properties
+ * to do Versions and Content switches
+ *
+ */
+ public void route(HttpMethods meth, String path, API api, Code code) throws Exception {
+ String version = "1.0";
+ // Get Correct API Class from Mapper
+ Class<?> respCls = facade1_0.mapper().getClass(api);
+ if(respCls==null) throw new Exception("Unknown class associated with " + api.getClass().getName() + ' ' + api.name());
+ // setup Application API HTML ContentTypes for JSON and Route
+ String application = applicationJSON(respCls, version);
+ route(env,meth,path,code,application,"application/json;version="+version,"*/*");
+
+ // setup Application API HTML ContentTypes for XML and Route
+ application = applicationXML(respCls, version);
+ route(env,meth,path,code.clone(facade1_0_XML),application,"application/xml;version="+version);
+
+ // Add other Supported APIs here as created
+ }
+
+ public void routeAll(HttpMethods meth, String path, API api, Code code) throws Exception {
+ route(env,meth,path,code,""); // this will always match
+ }
+
+ @Override
+ public Filter[] _filters(Object ... additionalTafLurs) throws CadiException, LocatorException {
+ try {
+ return new Filter[] {
+ new AuthzTransFilter(env,aafCon(),
+ new AAFTrustChecker((Env)env),
+ additionalTafLurs)
+ };
+ } catch (NumberFormatException e) {
+ throw new CadiException("Invalid Property information", e);
+ }
+ }
+
+ @SuppressWarnings("unchecked")
+ @Override
+ public Registrant<AuthzEnv>[] registrants(final int port) throws CadiException, LocatorException {
+ return new Registrant[] {
+ new DirectRegistrar(access,locateDAO,app_name,app_version,port)
+ };
+ }
+
+ public void destroy() {
+ Cache.stopTimer();
+ locateDAO.close(env.newTransNoAvg());
+ cluster.close();
+ }
+
+ public static void main(final String[] args) {
+ try {
+ Log4JLogIt logIt = new Log4JLogIt(args, "cm");
+ PropAccess propAccess = new PropAccess(logIt,args);
+
+ AAF_CM service = new AAF_CM(new AuthzEnv(propAccess));
+ JettyServiceStarter<AuthzEnv,AuthzTrans> jss = new JettyServiceStarter<AuthzEnv,AuthzTrans>(service);
+ jss.start();
+ } catch (Exception e) {
+ e.printStackTrace();
+ }
+ }
}
diff --git a/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/api/API_Artifact.java b/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/api/API_Artifact.java
index 134ad7c5..34f7927e 100644
--- a/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/api/API_Artifact.java
+++ b/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/api/API_Artifact.java
@@ -39,95 +39,95 @@ import org.onap.aaf.auth.rserv.HttpMethods;
*
*/
public class API_Artifact {
- private static final String GET_ARTIFACTS = "Get Artifacts";
+ private static final String GET_ARTIFACTS = "Get Artifacts";
private static final String CERT_ARTIFACTS = "/cert/artifacts";
- /**
- * Normal Init level APIs
- *
- * @param cmAPI
- * @throws Exception
- */
- public static void init(final AAF_CM cmAPI) throws Exception {
- cmAPI.route(HttpMethods.POST, CERT_ARTIFACTS, API.ARTIFACTS, new Code(cmAPI,"Create Artifacts") {
- @Override
- public void handle(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp) throws Exception {
- Result<Void> r = context.createArtifacts(trans, req, resp);
- if(r.isOK()) {
- resp.setStatus(HttpStatus.CREATED_201);
- } else {
- context.error(trans,resp,r);
- }
- }
- });
+ /**
+ * Normal Init level APIs
+ *
+ * @param cmAPI
+ * @throws Exception
+ */
+ public static void init(final AAF_CM cmAPI) throws Exception {
+ cmAPI.route(HttpMethods.POST, CERT_ARTIFACTS, API.ARTIFACTS, new Code(cmAPI,"Create Artifacts") {
+ @Override
+ public void handle(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp) throws Exception {
+ Result<Void> r = context.createArtifacts(trans, req, resp);
+ if(r.isOK()) {
+ resp.setStatus(HttpStatus.CREATED_201);
+ } else {
+ context.error(trans,resp,r);
+ }
+ }
+ });
- /**
- * Use Query Params to get Artifacts by Machine or MechID
- */
- cmAPI.route(HttpMethods.GET, CERT_ARTIFACTS, API.ARTIFACTS, new Code(cmAPI,GET_ARTIFACTS) {
- @Override
- public void handle(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp) throws Exception {
- Result<Void> r = context.readArtifacts(trans, req, resp);
- if(r.isOK()) {
- resp.setStatus(HttpStatus.OK_200);
- } else {
- context.error(trans,resp,r);
- }
- }
- });
+ /**
+ * Use Query Params to get Artifacts by Machine or MechID
+ */
+ cmAPI.route(HttpMethods.GET, CERT_ARTIFACTS, API.ARTIFACTS, new Code(cmAPI,GET_ARTIFACTS) {
+ @Override
+ public void handle(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp) throws Exception {
+ Result<Void> r = context.readArtifacts(trans, req, resp);
+ if(r.isOK()) {
+ resp.setStatus(HttpStatus.OK_200);
+ } else {
+ context.error(trans,resp,r);
+ }
+ }
+ });
- cmAPI.route(HttpMethods.GET, "/cert/artifacts/:mechid/:machine", API.ARTIFACTS, new Code(cmAPI,GET_ARTIFACTS) {
- @Override
- public void handle(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp) throws Exception {
-
- Result<Void> r = context.readArtifacts(trans, resp, pathParam(req,":mechid"), pathParam(req,":machine"));
- if(r.isOK()) {
- resp.setStatus(HttpStatus.OK_200);
- } else {
- context.error(trans,resp,r);
- }
- }
- });
-
-
- cmAPI.route(HttpMethods.PUT, CERT_ARTIFACTS, API.ARTIFACTS, new Code(cmAPI,"Update Artifacts") {
- @Override
- public void handle(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp) throws Exception {
- Result<Void> r = context.updateArtifacts(trans, req, resp);
- if(r.isOK()) {
- resp.setStatus(HttpStatus.OK_200);
- } else {
- context.error(trans,resp,r);
- }
- }
- });
+ cmAPI.route(HttpMethods.GET, "/cert/artifacts/:mechid/:machine", API.ARTIFACTS, new Code(cmAPI,GET_ARTIFACTS) {
+ @Override
+ public void handle(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp) throws Exception {
+
+ Result<Void> r = context.readArtifacts(trans, resp, pathParam(req,":mechid"), pathParam(req,":machine"));
+ if(r.isOK()) {
+ resp.setStatus(HttpStatus.OK_200);
+ } else {
+ context.error(trans,resp,r);
+ }
+ }
+ });
+
+
+ cmAPI.route(HttpMethods.PUT, CERT_ARTIFACTS, API.ARTIFACTS, new Code(cmAPI,"Update Artifacts") {
+ @Override
+ public void handle(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp) throws Exception {
+ Result<Void> r = context.updateArtifacts(trans, req, resp);
+ if(r.isOK()) {
+ resp.setStatus(HttpStatus.OK_200);
+ } else {
+ context.error(trans,resp,r);
+ }
+ }
+ });
- cmAPI.route(HttpMethods.DELETE, "/cert/artifacts/:mechid/:machine", API.VOID, new Code(cmAPI,"Delete Artifacts") {
- @Override
- public void handle(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp) throws Exception {
- Result<Void> r = context.deleteArtifacts(trans, resp,
- pathParam(req, ":mechid"), pathParam(req,":machine"));
- if(r.isOK()) {
- resp.setStatus(HttpStatus.OK_200);
- } else {
- context.error(trans,resp,r);
- }
- }
- });
-
+ cmAPI.route(HttpMethods.DELETE, "/cert/artifacts/:mechid/:machine", API.VOID, new Code(cmAPI,"Delete Artifacts") {
+ @Override
+ public void handle(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp) throws Exception {
+ Result<Void> r = context.deleteArtifacts(trans, resp,
+ pathParam(req, ":mechid"), pathParam(req,":machine"));
+ if(r.isOK()) {
+ resp.setStatus(HttpStatus.OK_200);
+ } else {
+ context.error(trans,resp,r);
+ }
+ }
+ });
+
- cmAPI.route(HttpMethods.DELETE, CERT_ARTIFACTS, API.VOID, new Code(cmAPI,"Delete Artifacts") {
- @Override
- public void handle(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp) throws Exception {
- Result<Void> r = context.deleteArtifacts(trans, req, resp);
- if(r.isOK()) {
- resp.setStatus(HttpStatus.OK_200);
- } else {
- context.error(trans,resp,r);
- }
- }
- });
-
+ cmAPI.route(HttpMethods.DELETE, CERT_ARTIFACTS, API.VOID, new Code(cmAPI,"Delete Artifacts") {
+ @Override
+ public void handle(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp) throws Exception {
+ Result<Void> r = context.deleteArtifacts(trans, req, resp);
+ if(r.isOK()) {
+ resp.setStatus(HttpStatus.OK_200);
+ } else {
+ context.error(trans,resp,r);
+ }
+ }
+ });
+
- }
+ }
}
diff --git a/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/api/API_Cert.java b/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/api/API_Cert.java
index 0cea9c73..625fed62 100644
--- a/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/api/API_Cert.java
+++ b/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/api/API_Cert.java
@@ -41,102 +41,102 @@ import org.onap.aaf.misc.env.Slot;
*
*/
public class API_Cert {
- public static final String CERT_AUTH = "CertAuthority";
- private static Slot sCertAuth;
+ public static final String CERT_AUTH = "CertAuthority";
+ private static Slot sCertAuth;
- /**
- * Normal Init level APIs
- *
- * @param aafCM
- * @param facade
- * @throws Exception
- */
- public static void init(final AAF_CM aafCM) throws Exception {
- // Check for Created Certificate Authorities in TRANS
- sCertAuth = aafCM.env.slot(CERT_AUTH);
-
- ////////
- // Overall APIs
- ///////
- aafCM.route(HttpMethods.PUT,"/cert/:ca",API.CERT_REQ,new Code(aafCM,"Request Certificate") {
- @Override
- public void handle(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp) throws Exception {
- String key = pathParam(req, ":ca");
- CA ca;
- if((ca = aafCM.getCA(key))==null) {
- context.error(trans,resp,Result.ERR_BadData,"CA %s is not supported",key);
- } else {
- trans.put(sCertAuth, ca);
- Result<Void> r = context.requestCert(trans, req, resp, ca);
- if(r.isOK()) {
- resp.setStatus(HttpStatus.OK_200);
- } else {
- context.error(trans,resp,r);
- }
- }
- }
- });
-
- aafCM.route(HttpMethods.GET,"/cert/:ca/personal",API.CERT,new Code(aafCM,"Request Personal Certificate") {
- @Override
- public void handle(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp) throws Exception {
- String key = pathParam(req, ":ca");
- CA ca;
- if((ca = aafCM.getCA(key))==null) {
- context.error(trans,resp,Result.ERR_BadData,"CA %s is not supported",key);
- } else {
- trans.put(sCertAuth, ca);
- Result<Void> r = context.requestPersonalCert(trans, req, resp, ca);
- if(r.isOK()) {
- resp.setStatus(HttpStatus.OK_200);
- } else {
- context.error(trans,resp,r);
- }
- }
- }
- });
+ /**
+ * Normal Init level APIs
+ *
+ * @param aafCM
+ * @param facade
+ * @throws Exception
+ */
+ public static void init(final AAF_CM aafCM) throws Exception {
+ // Check for Created Certificate Authorities in TRANS
+ sCertAuth = aafCM.env.slot(CERT_AUTH);
+
+ ////////
+ // Overall APIs
+ ///////
+ aafCM.route(HttpMethods.PUT,"/cert/:ca",API.CERT_REQ,new Code(aafCM,"Request Certificate") {
+ @Override
+ public void handle(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp) throws Exception {
+ String key = pathParam(req, ":ca");
+ CA ca;
+ if((ca = aafCM.getCA(key))==null) {
+ context.error(trans,resp,Result.ERR_BadData,"CA %s is not supported",key);
+ } else {
+ trans.put(sCertAuth, ca);
+ Result<Void> r = context.requestCert(trans, req, resp, ca);
+ if(r.isOK()) {
+ resp.setStatus(HttpStatus.OK_200);
+ } else {
+ context.error(trans,resp,r);
+ }
+ }
+ }
+ });
+
+ aafCM.route(HttpMethods.GET,"/cert/:ca/personal",API.CERT,new Code(aafCM,"Request Personal Certificate") {
+ @Override
+ public void handle(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp) throws Exception {
+ String key = pathParam(req, ":ca");
+ CA ca;
+ if((ca = aafCM.getCA(key))==null) {
+ context.error(trans,resp,Result.ERR_BadData,"CA %s is not supported",key);
+ } else {
+ trans.put(sCertAuth, ca);
+ Result<Void> r = context.requestPersonalCert(trans, req, resp, ca);
+ if(r.isOK()) {
+ resp.setStatus(HttpStatus.OK_200);
+ } else {
+ context.error(trans,resp,r);
+ }
+ }
+ }
+ });
-
- /**
- *
- */
- aafCM.route(HttpMethods.GET, "/cert/may/:perm", API.VOID, new Code(aafCM,"Check Permission") {
- @Override
- public void handle(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp) throws Exception {
- Result<Void> r = context.check(trans, resp, pathParam(req,"perm"));
- if(r.isOK()) {
- resp.setStatus(HttpStatus.OK_200);
- } else {
- trans.checkpoint(r.errorString());
- context.error(trans,resp,Result.err(Result.ERR_Denied,"%s does not have Permission.",trans.user()));
- }
- }
- });
+
+ /**
+ *
+ */
+ aafCM.route(HttpMethods.GET, "/cert/may/:perm", API.VOID, new Code(aafCM,"Check Permission") {
+ @Override
+ public void handle(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp) throws Exception {
+ Result<Void> r = context.check(trans, resp, pathParam(req,"perm"));
+ if(r.isOK()) {
+ resp.setStatus(HttpStatus.OK_200);
+ } else {
+ trans.checkpoint(r.errorString());
+ context.error(trans,resp,Result.err(Result.ERR_Denied,"%s does not have Permission.",trans.user()));
+ }
+ }
+ });
- /**
- * Get Cert by ID and Machine
- */
+ /**
+ * Get Cert by ID and Machine
+ */
-
- /**
- * Get Certs by ID
- */
- aafCM.route(HttpMethods.GET, "/cert/id/:id", API.CERT, new Code(aafCM,"GetByID") {
- @Override
- public void handle(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp) throws Exception {
- Result<Void> r = context.readCertsByMechID(trans, resp, pathParam(req,"id"));
- if(r.isOK()) {
- resp.setStatus(HttpStatus.OK_200);
- } else {
- context.error(trans,resp,r);
- }
- }
- });
+
+ /**
+ * Get Certs by ID
+ */
+ aafCM.route(HttpMethods.GET, "/cert/id/:id", API.CERT, new Code(aafCM,"GetByID") {
+ @Override
+ public void handle(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp) throws Exception {
+ Result<Void> r = context.readCertsByMechID(trans, resp, pathParam(req,"id"));
+ if(r.isOK()) {
+ resp.setStatus(HttpStatus.OK_200);
+ } else {
+ context.error(trans,resp,r);
+ }
+ }
+ });
-
- /**
- * Get Certs by Machine
- */
-
- }
+
+ /**
+ * Get Certs by Machine
+ */
+
+ }
}
diff --git a/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/ca/CA.java b/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/ca/CA.java
index f1f70a7e..820f02d1 100644
--- a/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/ca/CA.java
+++ b/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/ca/CA.java
@@ -42,198 +42,198 @@ import org.onap.aaf.misc.env.Trans;
import org.onap.aaf.misc.env.util.Split;
public abstract class CA {
- private static final String MUST_EXIST_TO_CREATE_CSRS_FOR = " must exist to create CSRs for ";
- //TODO figuring out what is an Issuing CA is a matter of convention. Consider SubClassing for Open Source
- public static final String ISSUING_CA = "Issuing CA";
- public static final String CM_CA_PREFIX = "cm_ca.";
- public static final String CM_CA_BASE_SUBJECT = ".baseSubject";
- protected static final String CM_PUBLIC_DIR = "cm_public_dir";
- private static final String CM_TRUST_CAS = "cm_trust_cas";
- protected static final String CM_BACKUP_CAS = "cm_backup_cas";
+ private static final String MUST_EXIST_TO_CREATE_CSRS_FOR = " must exist to create CSRs for ";
+ //TODO figuring out what is an Issuing CA is a matter of convention. Consider SubClassing for Open Source
+ public static final String ISSUING_CA = "Issuing CA";
+ public static final String CM_CA_PREFIX = "cm_ca.";
+ public static final String CM_CA_BASE_SUBJECT = ".baseSubject";
+ protected static final String CM_PUBLIC_DIR = "cm_public_dir";
+ private static final String CM_TRUST_CAS = "cm_trust_cas";
+ protected static final String CM_BACKUP_CAS = "cm_backup_cas";
- public static final Set<String> EMPTY = Collections.unmodifiableSet(new HashSet<>());
+ public static final Set<String> EMPTY = Collections.unmodifiableSet(new HashSet<>());
-
- private final String name;
- private final String env;
- private MessageDigest messageDigest;
- private final String permNS;
- private final String permType;
- private final ArrayList<String> idDomains;
- private String[] trustedCAs;
- private String[] caIssuerDNs;
- private List<RDN> rdns;
+
+ private final String name;
+ private final String env;
+ private MessageDigest messageDigest;
+ private final String permNS;
+ private final String permType;
+ private final ArrayList<String> idDomains;
+ private String[] trustedCAs;
+ private String[] caIssuerDNs;
+ private List<RDN> rdns;
- protected CA(Access access, String caName, String env) throws IOException, CertException {
- trustedCAs = new String[4]; // starting array
- this.name = caName;
- this.env = env;
- permNS = CM_CA_PREFIX + name;
- permType = access.getProperty(permNS + ".perm_type",null);
- if(permType==null) {
- throw new CertException(permNS + ".perm_type" + MUST_EXIST_TO_CREATE_CSRS_FOR + caName);
- }
- caIssuerDNs = Split.splitTrim(':', access.getProperty(Config.CADI_X509_ISSUERS, null));
-
- String tag = CA.CM_CA_PREFIX+caName+CA.CM_CA_BASE_SUBJECT;
-
- String fields = access.getProperty(tag, null);
- if(fields==null) {
- throw new CertException(tag + MUST_EXIST_TO_CREATE_CSRS_FOR + caName);
- }
- access.log(Level.INFO, tag, "=",fields);
- rdns = RDN.parse('/',fields);
- for(RDN rdn : rdns) {
- if(rdn.aoi==BCStyle.EmailAddress) { // Cert Specs say Emails belong in Subject
- throw new CertException("email address is not allowed in " + CM_CA_BASE_SUBJECT);
- }
- }
-
- idDomains = new ArrayList<>();
- StringBuilder sb = null;
- for(String s : Split.splitTrim(',', access.getProperty(CA.CM_CA_PREFIX+caName+".idDomains", ""))) {
- if(s.length()>0) {
- if(sb==null) {
- sb = new StringBuilder();
- } else {
- sb.append(", ");
- }
- idDomains.add(s);
- sb.append(s);
- }
- }
- if(sb!=null) {
- access.printf(Level.INIT, "CA '%s' supports Personal Certificates for %s", caName, sb);
- }
-
- String dataDir = access.getProperty(CM_PUBLIC_DIR,null);
- if(dataDir!=null) {
- File data = new File(dataDir);
- byte[] bytes;
- if(data.exists()) {
- String trustCas = access.getProperty(CM_TRUST_CAS,null);
- if(trustCas!=null) {
- for(String fname : Split.splitTrim(',', trustCas)) {
- File crt;
- if(fname.contains("/")) {
- crt = new File(fname);
- } else {
- crt = new File(data,fname);
- }
- if(crt.exists()) {
- access.printf(Level.INIT, "Loading CA Cert from %s", crt.getAbsolutePath());
- bytes = new byte[(int)crt.length()];
- FileInputStream fis = new FileInputStream(crt);
- try {
- int read = fis.read(bytes);
- if(read>0) {
- addTrustedCA(new String(bytes));
- }
- } finally {
- fis.close();
- }
- } else {
- access.printf(Level.INIT, "FAILED to Load CA Cert from %s", crt.getAbsolutePath());
- }
- }
- } else {
- access.printf(Level.INIT, "Cannot load external TRUST CAs: No property %s",CM_TRUST_CAS);
- }
- } else {
- access.printf(Level.INIT, "Cannot load external TRUST CAs: %s doesn't exist, or is not accessible",data.getAbsolutePath());
- }
- }
- }
+ protected CA(Access access, String caName, String env) throws IOException, CertException {
+ trustedCAs = new String[4]; // starting array
+ this.name = caName;
+ this.env = env;
+ permNS = CM_CA_PREFIX + name;
+ permType = access.getProperty(permNS + ".perm_type",null);
+ if(permType==null) {
+ throw new CertException(permNS + ".perm_type" + MUST_EXIST_TO_CREATE_CSRS_FOR + caName);
+ }
+ caIssuerDNs = Split.splitTrim(':', access.getProperty(Config.CADI_X509_ISSUERS, null));
+
+ String tag = CA.CM_CA_PREFIX+caName+CA.CM_CA_BASE_SUBJECT;
+
+ String fields = access.getProperty(tag, null);
+ if(fields==null) {
+ throw new CertException(tag + MUST_EXIST_TO_CREATE_CSRS_FOR + caName);
+ }
+ access.log(Level.INFO, tag, "=",fields);
+ rdns = RDN.parse('/',fields);
+ for(RDN rdn : rdns) {
+ if(rdn.aoi==BCStyle.EmailAddress) { // Cert Specs say Emails belong in Subject
+ throw new CertException("email address is not allowed in " + CM_CA_BASE_SUBJECT);
+ }
+ }
+
+ idDomains = new ArrayList<>();
+ StringBuilder sb = null;
+ for(String s : Split.splitTrim(',', access.getProperty(CA.CM_CA_PREFIX+caName+".idDomains", ""))) {
+ if(s.length()>0) {
+ if(sb==null) {
+ sb = new StringBuilder();
+ } else {
+ sb.append(", ");
+ }
+ idDomains.add(s);
+ sb.append(s);
+ }
+ }
+ if(sb!=null) {
+ access.printf(Level.INIT, "CA '%s' supports Personal Certificates for %s", caName, sb);
+ }
+
+ String dataDir = access.getProperty(CM_PUBLIC_DIR,null);
+ if(dataDir!=null) {
+ File data = new File(dataDir);
+ byte[] bytes;
+ if(data.exists()) {
+ String trustCas = access.getProperty(CM_TRUST_CAS,null);
+ if(trustCas!=null) {
+ for(String fname : Split.splitTrim(',', trustCas)) {
+ File crt;
+ if(fname.contains("/")) {
+ crt = new File(fname);
+ } else {
+ crt = new File(data,fname);
+ }
+ if(crt.exists()) {
+ access.printf(Level.INIT, "Loading CA Cert from %s", crt.getAbsolutePath());
+ bytes = new byte[(int)crt.length()];
+ FileInputStream fis = new FileInputStream(crt);
+ try {
+ int read = fis.read(bytes);
+ if(read>0) {
+ addTrustedCA(new String(bytes));
+ }
+ } finally {
+ fis.close();
+ }
+ } else {
+ access.printf(Level.INIT, "FAILED to Load CA Cert from %s", crt.getAbsolutePath());
+ }
+ }
+ } else {
+ access.printf(Level.INIT, "Cannot load external TRUST CAs: No property %s",CM_TRUST_CAS);
+ }
+ } else {
+ access.printf(Level.INIT, "Cannot load external TRUST CAs: %s doesn't exist, or is not accessible",data.getAbsolutePath());
+ }
+ }
+ }
- protected void addCaIssuerDN(String issuerDN) {
- boolean changed = true;
- for(String id : caIssuerDNs) {
- if(id.equals(issuerDN)) {
- changed = false;
- break;
- }
- }
- if(changed) {
- String[] newsa = new String[caIssuerDNs.length+1];
- newsa[0]=issuerDN;
- System.arraycopy(caIssuerDNs, 0, newsa, 1, caIssuerDNs.length);
- caIssuerDNs = newsa;
- }
- }
-
- protected synchronized void addTrustedCA(final String crtString) {
- String crt;
- if(crtString.endsWith("\n")) {
- crt = crtString;
- } else {
- crt = crtString + '\n';
- }
- for(int i=0;i<trustedCAs.length;++i) {
- if(trustedCAs[i]==null) {
- trustedCAs[i]=crt;
- return;
- }
- }
- String[] temp = new String[trustedCAs.length+5];
- System.arraycopy(trustedCAs,0,temp, 0, trustedCAs.length);
- temp[trustedCAs.length]=crt;
- trustedCAs = temp;
- }
-
- public String[] getCaIssuerDNs() {
- return caIssuerDNs;
- }
-
- public String[] getTrustedCAs() {
- return trustedCAs;
- }
-
- public String getEnv() {
- return env;
- }
+ protected void addCaIssuerDN(String issuerDN) {
+ boolean changed = true;
+ for(String id : caIssuerDNs) {
+ if(id.equals(issuerDN)) {
+ changed = false;
+ break;
+ }
+ }
+ if(changed) {
+ String[] newsa = new String[caIssuerDNs.length+1];
+ newsa[0]=issuerDN;
+ System.arraycopy(caIssuerDNs, 0, newsa, 1, caIssuerDNs.length);
+ caIssuerDNs = newsa;
+ }
+ }
+
+ protected synchronized void addTrustedCA(final String crtString) {
+ String crt;
+ if(crtString.endsWith("\n")) {
+ crt = crtString;
+ } else {
+ crt = crtString + '\n';
+ }
+ for(int i=0;i<trustedCAs.length;++i) {
+ if(trustedCAs[i]==null) {
+ trustedCAs[i]=crt;
+ return;
+ }
+ }
+ String[] temp = new String[trustedCAs.length+5];
+ System.arraycopy(trustedCAs,0,temp, 0, trustedCAs.length);
+ temp[trustedCAs.length]=crt;
+ trustedCAs = temp;
+ }
+
+ public String[] getCaIssuerDNs() {
+ return caIssuerDNs;
+ }
+
+ public String[] getTrustedCAs() {
+ return trustedCAs;
+ }
+
+ public String getEnv() {
+ return env;
+ }
- protected void setMessageDigest(MessageDigest md) {
- messageDigest = md;
- }
+ protected void setMessageDigest(MessageDigest md) {
+ messageDigest = md;
+ }
- /*
- * End Required Constructor calls
- */
+ /*
+ * End Required Constructor calls
+ */
- public String getName() {
- return name;
- }
-
-
- public String getPermNS() {
- return permNS;
- }
-
- public String getPermType() {
- return permType;
- }
-
- public abstract X509andChain sign(Trans trans, CSRMeta csrmeta) throws IOException, CertException;
+ public String getName() {
+ return name;
+ }
+
+
+ public String getPermNS() {
+ return permNS;
+ }
+
+ public String getPermType() {
+ return permType;
+ }
+
+ public abstract X509andChain sign(Trans trans, CSRMeta csrmeta) throws IOException, CertException;
- /* (non-Javadoc)
- * @see org.onap.aaf.auth.cm.ca.CA#inPersonalDomains(java.security.Principal)
- */
- public boolean inPersonalDomains(Principal p) {
- int at = p.getName().indexOf('@');
- if(at>=0) {
- return idDomains.contains(p.getName().substring(at+1));
- } else {
- return false;
- }
- }
+ /* (non-Javadoc)
+ * @see org.onap.aaf.auth.cm.ca.CA#inPersonalDomains(java.security.Principal)
+ */
+ public boolean inPersonalDomains(Principal p) {
+ int at = p.getName().indexOf('@');
+ if(at>=0) {
+ return idDomains.contains(p.getName().substring(at+1));
+ } else {
+ return false;
+ }
+ }
- public MessageDigest messageDigest() {
- return messageDigest;
- }
+ public MessageDigest messageDigest() {
+ return messageDigest;
+ }
- public CSRMeta newCSRMeta() {
- return new CSRMeta(rdns);
- }
+ public CSRMeta newCSRMeta() {
+ return new CSRMeta(rdns);
+ }
}
diff --git a/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/ca/JscepCA.java b/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/ca/JscepCA.java
index 3f398381..000b6dd5 100644
--- a/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/ca/JscepCA.java
+++ b/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/ca/JscepCA.java
@@ -56,203 +56,203 @@ import org.onap.aaf.misc.env.Trans;
import org.onap.aaf.misc.env.util.Split;
public class JscepCA extends CA {
- static final String CA_PREFIX = "http://";
- static final String CA_POSTFIX="/certsrv/mscep_admin/mscep.dll";
+ static final String CA_PREFIX = "http://";
+ static final String CA_POSTFIX="/certsrv/mscep_admin/mscep.dll";
- private static final String MS_PROFILE="1";
- private static final int MAX_RETRY=3;
- public static final long INVALIDATE_TIME = 1000*60*10L; // 10 mins
+ private static final String MS_PROFILE="1";
+ private static final int MAX_RETRY=3;
+ public static final long INVALIDATE_TIME = 1000*60*10L; // 10 mins
- // package on purpose
- private Map<String,X509ChainWithIssuer> mxcwiS;
- private Map<Client,X509ChainWithIssuer> mxcwiC;
+ // package on purpose
+ private Map<String,X509ChainWithIssuer> mxcwiS;
+ private Map<Client,X509ChainWithIssuer> mxcwiC;
- private JscepClientLocator clients;
+ private JscepClientLocator clients;
- public JscepCA(final Access access, final String name, final String env, String [][] params) throws IOException, CertException, LocatorException {
- super(access, name, env);
- mxcwiS = new ConcurrentHashMap<>();
- mxcwiC = new ConcurrentHashMap<>();
-
- if(params.length<2) {
- throw new CertException("No Trust Chain parameters are included");
- }
- if(params[0].length<2) {
- throw new CertException("User/Password required for JSCEP");
- }
- final String id = params[0][0];
- final String pw = params[0][1];
-
- // Set this for NTLM password Microsoft
- Authenticator.setDefault(new Authenticator() {
- public PasswordAuthentication getPasswordAuthentication () {
- try {
- return new PasswordAuthentication (id,access.decrypt(pw,true).toCharArray());
- } catch (IOException e) {
- access.log(e);
- }
- return null;
- }
- });
-
- StringBuilder urlstr = new StringBuilder();
+ public JscepCA(final Access access, final String name, final String env, String [][] params) throws IOException, CertException, LocatorException {
+ super(access, name, env);
+ mxcwiS = new ConcurrentHashMap<>();
+ mxcwiC = new ConcurrentHashMap<>();
+
+ if(params.length<2) {
+ throw new CertException("No Trust Chain parameters are included");
+ }
+ if(params[0].length<2) {
+ throw new CertException("User/Password required for JSCEP");
+ }
+ final String id = params[0][0];
+ final String pw = params[0][1];
+
+ // Set this for NTLM password Microsoft
+ Authenticator.setDefault(new Authenticator() {
+ public PasswordAuthentication getPasswordAuthentication () {
+ try {
+ return new PasswordAuthentication (id,access.decrypt(pw,true).toCharArray());
+ } catch (IOException e) {
+ access.log(e);
+ }
+ return null;
+ }
+ });
+
+ StringBuilder urlstr = new StringBuilder();
- for(int i=1;i<params.length;++i) { // skip first section, which is user/pass
- // Work
- if(i>1) {
- urlstr.append(','); // delimiter
- }
- urlstr.append(params[i][0]);
-
- String dir = access.getProperty(CM_PUBLIC_DIR, "");
- if(!"".equals(dir) && !dir.endsWith("/")) {
- dir = dir + '/';
- }
- String path;
- List<FileReader> frs = new ArrayList<>(params.length-1);
- try {
- for(int j=1; j<params[i].length; ++j) { // first 3 taken up, see above
- path = !params[i][j].contains("/")?dir+params[i][j]:params[i][j];
- access.printf(Level.INIT, "Loading a TrustChain Member for %s from %s",name, path);
- frs.add(new FileReader(path));
- }
- X509ChainWithIssuer xcwi = new X509ChainWithIssuer(frs);
- addCaIssuerDN(xcwi.getIssuerDN());
- mxcwiS.put(params[i][0],xcwi);
- } finally {
- for(FileReader fr : frs) {
- if(fr!=null) {
- fr.close();
- }
- }
- }
- }
- clients = new JscepClientLocator(access,urlstr.toString());
- }
+ for(int i=1;i<params.length;++i) { // skip first section, which is user/pass
+ // Work
+ if(i>1) {
+ urlstr.append(','); // delimiter
+ }
+ urlstr.append(params[i][0]);
+
+ String dir = access.getProperty(CM_PUBLIC_DIR, "");
+ if(!"".equals(dir) && !dir.endsWith("/")) {
+ dir = dir + '/';
+ }
+ String path;
+ List<FileReader> frs = new ArrayList<>(params.length-1);
+ try {
+ for(int j=1; j<params[i].length; ++j) { // first 3 taken up, see above
+ path = !params[i][j].contains("/")?dir+params[i][j]:params[i][j];
+ access.printf(Level.INIT, "Loading a TrustChain Member for %s from %s",name, path);
+ frs.add(new FileReader(path));
+ }
+ X509ChainWithIssuer xcwi = new X509ChainWithIssuer(frs);
+ addCaIssuerDN(xcwi.getIssuerDN());
+ mxcwiS.put(params[i][0],xcwi);
+ } finally {
+ for(FileReader fr : frs) {
+ if(fr!=null) {
+ fr.close();
+ }
+ }
+ }
+ }
+ clients = new JscepClientLocator(access,urlstr.toString());
+ }
- // package on purpose
-
- @Override
- public X509ChainWithIssuer sign(Trans trans, CSRMeta csrmeta) throws IOException, CertException {
- TimeTaken tt = trans.start("Generating CSR and Keys for New Certificate", Env.SUB);
- PKCS10CertificationRequest csr;
- try {
- csr = csrmeta.generateCSR(trans);
- if(trans.info().isLoggable()) {
- trans.info().log(BCFactory.toString(csr));
- }
- if(trans.info().isLoggable()) {
- trans.info().log(csr);
- }
- } finally {
- tt.done();
- }
-
- tt = trans.start("Enroll CSR", Env.SUB);
- Client client = null;
- Item item = null;
- for(int i=0; i<MAX_RETRY;++i) {
- try {
- item = clients.best();
- client = clients.get(item);
-
- EnrollmentResponse er = client.enrol(
- csrmeta.initialConversationCert(trans),
- csrmeta.keypair(trans).getPrivate(),
- csr,
- MS_PROFILE /* profile... MS can't deal with blanks*/);
-
- while(true) {
- if(er.isSuccess()) {
- trans.checkpoint("Cert from " + clients.info(item));
- X509Certificate x509 = null;
- for( Certificate cert : er.getCertStore().getCertificates(null)) {
- if(x509==null) {
- x509 = (X509Certificate)cert;
- break;
- }
- }
- X509ChainWithIssuer mxcwi = mxcwiC.get(client);
- return new X509ChainWithIssuer(mxcwi,x509);
+ // package on purpose
+
+ @Override
+ public X509ChainWithIssuer sign(Trans trans, CSRMeta csrmeta) throws IOException, CertException {
+ TimeTaken tt = trans.start("Generating CSR and Keys for New Certificate", Env.SUB);
+ PKCS10CertificationRequest csr;
+ try {
+ csr = csrmeta.generateCSR(trans);
+ if(trans.info().isLoggable()) {
+ trans.info().log(BCFactory.toString(csr));
+ }
+ if(trans.info().isLoggable()) {
+ trans.info().log(csr);
+ }
+ } finally {
+ tt.done();
+ }
+
+ tt = trans.start("Enroll CSR", Env.SUB);
+ Client client = null;
+ Item item = null;
+ for(int i=0; i<MAX_RETRY;++i) {
+ try {
+ item = clients.best();
+ client = clients.get(item);
+
+ EnrollmentResponse er = client.enrol(
+ csrmeta.initialConversationCert(trans),
+ csrmeta.keypair(trans).getPrivate(),
+ csr,
+ MS_PROFILE /* profile... MS can't deal with blanks*/);
+
+ while(true) {
+ if(er.isSuccess()) {
+ trans.checkpoint("Cert from " + clients.info(item));
+ X509Certificate x509 = null;
+ for( Certificate cert : er.getCertStore().getCertificates(null)) {
+ if(x509==null) {
+ x509 = (X509Certificate)cert;
+ break;
+ }
+ }
+ X509ChainWithIssuer mxcwi = mxcwiC.get(client);
+ return new X509ChainWithIssuer(mxcwi,x509);
- } else if (er.isPending()) {
- trans.checkpoint("Polling, waiting on CA to complete");
- Thread.sleep(3000);
- } else if (er.isFailure()) {
- throw new CertException(clients.info(item)+':'+er.getFailInfo().toString());
- }
- }
- } catch(LocatorException e) {
- trans.error().log(e);
- i=MAX_RETRY;
- } catch (ClientException e) {
- trans.error().log(e,"SCEP Client Error, Temporarily Invalidating Client: " + clients.info(item));
- try {
- clients.invalidate(client);
- if(!clients.hasItems()) {
- clients.refresh();
- }
- } catch (LocatorException e1) {
- trans.error().log(e,clients.info(item));
- i=MAX_RETRY; // can't go any further
- }
- } catch (InterruptedException|TransactionException|CertificateException|OperatorCreationException | CertStoreException e) {
- trans.error().log(e);
- i=MAX_RETRY;
- } finally {
- tt.done();
- }
- }
-
- return null;
- }
-
- /**
- * Locator specifically for Jscep Clients.
- *
- * Class based client for access to common Map
- */
- private class JscepClientLocator extends HotPeerLocator<Client> {
+ } else if (er.isPending()) {
+ trans.checkpoint("Polling, waiting on CA to complete");
+ Thread.sleep(3000);
+ } else if (er.isFailure()) {
+ throw new CertException(clients.info(item)+':'+er.getFailInfo().toString());
+ }
+ }
+ } catch(LocatorException e) {
+ trans.error().log(e);
+ i=MAX_RETRY;
+ } catch (ClientException e) {
+ trans.error().log(e,"SCEP Client Error, Temporarily Invalidating Client: " + clients.info(item));
+ try {
+ clients.invalidate(client);
+ if(!clients.hasItems()) {
+ clients.refresh();
+ }
+ } catch (LocatorException e1) {
+ trans.error().log(e,clients.info(item));
+ i=MAX_RETRY; // can't go any further
+ }
+ } catch (InterruptedException|TransactionException|CertificateException|OperatorCreationException | CertStoreException e) {
+ trans.error().log(e);
+ i=MAX_RETRY;
+ } finally {
+ tt.done();
+ }
+ }
+
+ return null;
+ }
+
+ /**
+ * Locator specifically for Jscep Clients.
+ *
+ * Class based client for access to common Map
+ */
+ private class JscepClientLocator extends HotPeerLocator<Client> {
- protected JscepClientLocator(Access access, String urlstr)throws LocatorException {
- super(access, urlstr, JscepCA.INVALIDATE_TIME,
- access.getProperty("cadi_latitude","39.833333"), //Note: Defaulting to GEO center of US
- access.getProperty("cadi_longitude","-98.583333")
- );
- }
+ protected JscepClientLocator(Access access, String urlstr)throws LocatorException {
+ super(access, urlstr, JscepCA.INVALIDATE_TIME,
+ access.getProperty("cadi_latitude","39.833333"), //Note: Defaulting to GEO center of US
+ access.getProperty("cadi_longitude","-98.583333")
+ );
+ }
- @Override
- protected Client _newClient(String urlinfo) throws LocatorException {
- try {
- String[] info = Split.split('/', urlinfo);
- Client c = new Client(new URL(JscepCA.CA_PREFIX + info[0] + JscepCA.CA_POSTFIX),
- new CertificateVerifier() {
- @Override
- public boolean verify(X509Certificate cert) {
- //TODO checkIssuer
- return true;
- }
- }
- );
- // Map URL to Client, because Client doesn't expose Connection
- mxcwiC.put(c, mxcwiS.get(urlinfo));
- return c;
- } catch (MalformedURLException e) {
- throw new LocatorException(e);
- }
- }
+ @Override
+ protected Client _newClient(String urlinfo) throws LocatorException {
+ try {
+ String[] info = Split.split('/', urlinfo);
+ Client c = new Client(new URL(JscepCA.CA_PREFIX + info[0] + JscepCA.CA_POSTFIX),
+ new CertificateVerifier() {
+ @Override
+ public boolean verify(X509Certificate cert) {
+ //TODO checkIssuer
+ return true;
+ }
+ }
+ );
+ // Map URL to Client, because Client doesn't expose Connection
+ mxcwiC.put(c, mxcwiS.get(urlinfo));
+ return c;
+ } catch (MalformedURLException e) {
+ throw new LocatorException(e);
+ }
+ }
- @Override
- protected Client _invalidate(Client client) {
- return null;
- }
+ @Override
+ protected Client _invalidate(Client client) {
+ return null;
+ }
- @Override
- protected void _destroy(Client client) {
- mxcwiC.remove(client);
- }
-
-
- }
+ @Override
+ protected void _destroy(Client client) {
+ mxcwiC.remove(client);
+ }
+
+
+ }
}
diff --git a/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/ca/LocalCA.java b/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/ca/LocalCA.java
index 893e9f32..b7d78f05 100644
--- a/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/ca/LocalCA.java
+++ b/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/ca/LocalCA.java
@@ -73,194 +73,194 @@ import org.onap.aaf.misc.env.Trans;
public class LocalCA extends CA {
- private final static BigInteger ONE = new BigInteger("1");
- // Extensions
- private static final KeyPurposeId[] ASN_WebUsage = new KeyPurposeId[] {
- KeyPurposeId.id_kp_serverAuth, // WebServer
- KeyPurposeId.id_kp_clientAuth // WebClient
- };
-
- private final PrivateKey caKey;
- private final X500Name issuer;
- private final SecureRandom random = new SecureRandom();
- private BigInteger serial;
- private final X509ChainWithIssuer x509cwi; // "Cert" is CACert
-
-
- public LocalCA(Access access, final String name, final String env, final String[][] params) throws IOException, CertException {
- super(access, name, env);
-
- serial = new BigInteger(64,random);
+ private final static BigInteger ONE = new BigInteger("1");
+ // Extensions
+ private static final KeyPurposeId[] ASN_WebUsage = new KeyPurposeId[] {
+ KeyPurposeId.id_kp_serverAuth, // WebServer
+ KeyPurposeId.id_kp_clientAuth // WebClient
+ };
+
+ private final PrivateKey caKey;
+ private final X500Name issuer;
+ private final SecureRandom random = new SecureRandom();
+ private BigInteger serial;
+ private final X509ChainWithIssuer x509cwi; // "Cert" is CACert
+
+
+ public LocalCA(Access access, final String name, final String env, final String[][] params) throws IOException, CertException {
+ super(access, name, env);
+
+ serial = new BigInteger(64,random);
- if(params.length<1 || params[0].length<2) {
- throw new IOException("LocalCA expects cm_ca.<ca name>=org.onap.aaf.auth.cm.ca.LocalCA,<full path to key file>[;<Full Path to Trust Chain, ending with actual CA>]+");
- }
-
- // Read in the Private Key
- String configured;
- File f = new File(params[0][0]);
- if(f.exists() && f.isFile()) {
- String fileName = f.getName();
- if(fileName.endsWith(".key")) {
- caKey = Factory.toPrivateKey(NullTrans.singleton(),f);
- List<FileReader> frs = new ArrayList<>(params.length-1);
- try {
- String dir = access.getProperty(CM_PUBLIC_DIR, "");
- if(!"".equals(dir) && !dir.endsWith("/")) {
- dir = dir + '/';
- }
+ if(params.length<1 || params[0].length<2) {
+ throw new IOException("LocalCA expects cm_ca.<ca name>=org.onap.aaf.auth.cm.ca.LocalCA,<full path to key file>[;<Full Path to Trust Chain, ending with actual CA>]+");
+ }
+
+ // Read in the Private Key
+ String configured;
+ File f = new File(params[0][0]);
+ if(f.exists() && f.isFile()) {
+ String fileName = f.getName();
+ if(fileName.endsWith(".key")) {
+ caKey = Factory.toPrivateKey(NullTrans.singleton(),f);
+ List<FileReader> frs = new ArrayList<>(params.length-1);
+ try {
+ String dir = access.getProperty(CM_PUBLIC_DIR, "");
+ if(!"".equals(dir) && !dir.endsWith("/")) {
+ dir = dir + '/';
+ }
- String path;
- for(int i=1; i<params[0].length; ++i) { // first param is Private Key, remainder are TrustChain
- path = !params[0][i].contains("/")?dir+params[0][i]:params[0][i];
- access.printf(Level.INIT, "Loading a TrustChain Member for %s from %s\n",name, path);
- frs.add(new FileReader(path));
- }
- x509cwi = new X509ChainWithIssuer(frs);
- } finally {
- for(FileReader fr : frs) {
- if(fr!=null) {
- fr.close();
- }
- }
- }
- configured = "Configured with " + fileName;
- } else {
- if(params.length<1 || params[0].length<3) {
- throw new CertException("LocalCA parameters must be <keystore [.p12|.pkcs12|.jks|.pkcs11(sun only)]; <alias>; enc:<encrypted Keystore Password>>");
- }
- try {
- Provider p;
- KeyStore keyStore;
- FileInputStream fis = null;
- if(fileName.endsWith(".pkcs11")) {
- String ksType="PKCS11";
- p = Factory.getSecurityProvider(ksType,params);
- keyStore = KeyStore.getInstance(ksType,p);
- } else if(fileName.endsWith(".jks")) {
- keyStore = KeyStore.getInstance("JKS");
- fis = new FileInputStream(f);
- } else if(fileName.endsWith(".p12") || fileName.endsWith(".pkcs12")) {
- keyStore = KeyStore.getInstance("PKCS12");
- fis = new FileInputStream(f);
- } else {
- throw new CertException("Unknown Keystore type from filename " + fileName);
- }
-
- KeyStore.ProtectionParameter keyPass;
+ String path;
+ for(int i=1; i<params[0].length; ++i) { // first param is Private Key, remainder are TrustChain
+ path = !params[0][i].contains("/")?dir+params[0][i]:params[0][i];
+ access.printf(Level.INIT, "Loading a TrustChain Member for %s from %s\n",name, path);
+ frs.add(new FileReader(path));
+ }
+ x509cwi = new X509ChainWithIssuer(frs);
+ } finally {
+ for(FileReader fr : frs) {
+ if(fr!=null) {
+ fr.close();
+ }
+ }
+ }
+ configured = "Configured with " + fileName;
+ } else {
+ if(params.length<1 || params[0].length<3) {
+ throw new CertException("LocalCA parameters must be <keystore [.p12|.pkcs12|.jks|.pkcs11(sun only)]; <alias>; enc:<encrypted Keystore Password>>");
+ }
+ try {
+ Provider p;
+ KeyStore keyStore;
+ FileInputStream fis = null;
+ if(fileName.endsWith(".pkcs11")) {
+ String ksType="PKCS11";
+ p = Factory.getSecurityProvider(ksType,params);
+ keyStore = KeyStore.getInstance(ksType,p);
+ } else if(fileName.endsWith(".jks")) {
+ keyStore = KeyStore.getInstance("JKS");
+ fis = new FileInputStream(f);
+ } else if(fileName.endsWith(".p12") || fileName.endsWith(".pkcs12")) {
+ keyStore = KeyStore.getInstance("PKCS12");
+ fis = new FileInputStream(f);
+ } else {
+ throw new CertException("Unknown Keystore type from filename " + fileName);
+ }
+
+ KeyStore.ProtectionParameter keyPass;
- try {
- String pass = access.decrypt(params[0][2]/*encrypted passcode*/, true);
- if(pass==null) {
- throw new CertException("Passcode for " + fileName + " cannot be decrypted.");
- }
- char[] ksPass = pass.toCharArray();
- //Assuming Key Pass is same as Keystore Pass
- keyPass = new KeyStore.PasswordProtection(ksPass);
+ try {
+ String pass = access.decrypt(params[0][2]/*encrypted passcode*/, true);
+ if(pass==null) {
+ throw new CertException("Passcode for " + fileName + " cannot be decrypted.");
+ }
+ char[] ksPass = pass.toCharArray();
+ //Assuming Key Pass is same as Keystore Pass
+ keyPass = new KeyStore.PasswordProtection(ksPass);
- keyStore.load(fis,ksPass);
- } finally {
- if (fis != null)
- fis.close();
- }
- Entry entry;
- if(fileName.endsWith(".pkcs11")) {
- entry = keyStore.getEntry(params[0][1]/*alias*/, null);
- } else {
- entry = keyStore.getEntry(params[0][1]/*alias*/, keyPass);
- }
- if(entry==null) {
- throw new CertException("There is no Keystore entry with name '" + params[0][1] +'\'');
- }
- PrivateKeyEntry privateKeyEntry = (PrivateKeyEntry)entry;
- caKey = privateKeyEntry.getPrivateKey();
-
- x509cwi = new X509ChainWithIssuer(privateKeyEntry.getCertificateChain());
- configured = "keystore \"" + fileName + "\", alias " + params[0][1];
- } catch (KeyStoreException | NoSuchAlgorithmException | CertificateException | UnrecoverableEntryException e) {
- throw new CertException("Exception opening Keystore " + fileName, e);
- }
- }
- } else {
- throw new CertException("Private Key, " + f.getPath() + ", does not exist");
- }
-
- X500NameBuilder xnb = new X500NameBuilder();
- List<RDN> rp = RDN.parse(',', x509cwi.getIssuerDN());
- Collections.reverse(rp);
- for(RDN rnd : rp) {
- xnb.addRDN(rnd.aoi,rnd.value);
- }
- issuer = xnb.build();
- access.printf(Level.INIT, "LocalCA is configured with %s. The Issuer DN is %s.",
- configured, issuer.toString());
- }
+ keyStore.load(fis,ksPass);
+ } finally {
+ if (fis != null)
+ fis.close();
+ }
+ Entry entry;
+ if(fileName.endsWith(".pkcs11")) {
+ entry = keyStore.getEntry(params[0][1]/*alias*/, null);
+ } else {
+ entry = keyStore.getEntry(params[0][1]/*alias*/, keyPass);
+ }
+ if(entry==null) {
+ throw new CertException("There is no Keystore entry with name '" + params[0][1] +'\'');
+ }
+ PrivateKeyEntry privateKeyEntry = (PrivateKeyEntry)entry;
+ caKey = privateKeyEntry.getPrivateKey();
+
+ x509cwi = new X509ChainWithIssuer(privateKeyEntry.getCertificateChain());
+ configured = "keystore \"" + fileName + "\", alias " + params[0][1];
+ } catch (KeyStoreException | NoSuchAlgorithmException | CertificateException | UnrecoverableEntryException e) {
+ throw new CertException("Exception opening Keystore " + fileName, e);
+ }
+ }
+ } else {
+ throw new CertException("Private Key, " + f.getPath() + ", does not exist");
+ }
+
+ X500NameBuilder xnb = new X500NameBuilder();
+ List<RDN> rp = RDN.parse(',', x509cwi.getIssuerDN());
+ Collections.reverse(rp);
+ for(RDN rnd : rp) {
+ xnb.addRDN(rnd.aoi,rnd.value);
+ }
+ issuer = xnb.build();
+ access.printf(Level.INIT, "LocalCA is configured with %s. The Issuer DN is %s.",
+ configured, issuer.toString());
+ }
- /* (non-Javadoc)
- * @see org.onap.aaf.auth.cm.service.CA#sign(org.bouncycastle.pkcs.PKCS10CertificationRequest)
- */
- @Override
- public X509andChain sign(Trans trans, CSRMeta csrmeta) throws IOException, CertException {
- GregorianCalendar gc = new GregorianCalendar();
- Date start = gc.getTime();
- gc.add(GregorianCalendar.MONTH, 6);
- Date end = gc.getTime();
- X509Certificate x509;
- TimeTaken tt = trans.start("Create/Sign Cert",Env.SUB);
- try {
- BigInteger bi;
-
- synchronized(ONE) {
- bi = serial;
- serial = serial.add(ONE);
- }
-
- RSAPublicKey rpk = (RSAPublicKey)csrmeta.keypair(trans).getPublic();
- X509v3CertificateBuilder xcb = new X509v3CertificateBuilder(
- issuer,
- bi, // replace with Serialnumber scheme
- start,
- end,
- csrmeta.x500Name(),
- SubjectPublicKeyInfoFactory.createSubjectPublicKeyInfo(new RSAKeyParameters(false,rpk.getModulus(),rpk.getPublicExponent()))
-// new SubjectPublicKeyInfo(ASN1Sequence.getInstance(caCert.getPublicKey().getEncoded()))
- );
- List<GeneralName> lsan = new ArrayList<>();
- for(String s : csrmeta.sans()) {
- lsan.add(new GeneralName(GeneralName.dNSName,s));
- }
- GeneralName[] sans = new GeneralName[lsan.size()];
- lsan.toArray(sans);
+ /* (non-Javadoc)
+ * @see org.onap.aaf.auth.cm.service.CA#sign(org.bouncycastle.pkcs.PKCS10CertificationRequest)
+ */
+ @Override
+ public X509andChain sign(Trans trans, CSRMeta csrmeta) throws IOException, CertException {
+ GregorianCalendar gc = new GregorianCalendar();
+ Date start = gc.getTime();
+ gc.add(GregorianCalendar.MONTH, 6);
+ Date end = gc.getTime();
+ X509Certificate x509;
+ TimeTaken tt = trans.start("Create/Sign Cert",Env.SUB);
+ try {
+ BigInteger bi;
+
+ synchronized(ONE) {
+ bi = serial;
+ serial = serial.add(ONE);
+ }
+
+ RSAPublicKey rpk = (RSAPublicKey)csrmeta.keypair(trans).getPublic();
+ X509v3CertificateBuilder xcb = new X509v3CertificateBuilder(
+ issuer,
+ bi, // replace with Serialnumber scheme
+ start,
+ end,
+ csrmeta.x500Name(),
+ SubjectPublicKeyInfoFactory.createSubjectPublicKeyInfo(new RSAKeyParameters(false,rpk.getModulus(),rpk.getPublicExponent()))
+// new SubjectPublicKeyInfo(ASN1Sequence.getInstance(caCert.getPublicKey().getEncoded()))
+ );
+ List<GeneralName> lsan = new ArrayList<>();
+ for(String s : csrmeta.sans()) {
+ lsan.add(new GeneralName(GeneralName.dNSName,s));
+ }
+ GeneralName[] sans = new GeneralName[lsan.size()];
+ lsan.toArray(sans);
- JcaX509ExtensionUtils extUtils = new JcaX509ExtensionUtils();
- xcb.addExtension(Extension.basicConstraints,
- false, new BasicConstraints(false
- ))
- .addExtension(Extension.keyUsage,
- true, new KeyUsage(KeyUsage.digitalSignature
- | KeyUsage.keyEncipherment
- | KeyUsage.nonRepudiation))
- .addExtension(Extension.extendedKeyUsage,
- true, new ExtendedKeyUsage(ASN_WebUsage))
+ JcaX509ExtensionUtils extUtils = new JcaX509ExtensionUtils();
+ xcb.addExtension(Extension.basicConstraints,
+ false, new BasicConstraints(false
+ ))
+ .addExtension(Extension.keyUsage,
+ true, new KeyUsage(KeyUsage.digitalSignature
+ | KeyUsage.keyEncipherment
+ | KeyUsage.nonRepudiation))
+ .addExtension(Extension.extendedKeyUsage,
+ true, new ExtendedKeyUsage(ASN_WebUsage))
.addExtension(Extension.authorityKeyIdentifier,
- false, extUtils.createAuthorityKeyIdentifier(x509cwi.cert))
+ false, extUtils.createAuthorityKeyIdentifier(x509cwi.cert))
.addExtension(Extension.subjectKeyIdentifier,
- false, extUtils.createSubjectKeyIdentifier(rpk))
- .addExtension(Extension.subjectAlternativeName,
- false, new GeneralNames(sans))
-// .addExtension(MiscObjectIdentifiers.netscape, true, new NetscapeCertType(
-// NetscapeCertType.sslClient|NetscapeCertType.sslClient))
- ;
-
- x509 = new JcaX509CertificateConverter().getCertificate(
- xcb.build(BCFactory.contentSigner(caKey)));
- } catch (GeneralSecurityException|OperatorCreationException e) {
- throw new CertException(e);
- } finally {
- tt.done();
- }
-
- return new X509andChain(x509,x509cwi.trustChain);
- }
+ false, extUtils.createSubjectKeyIdentifier(rpk))
+ .addExtension(Extension.subjectAlternativeName,
+ false, new GeneralNames(sans))
+// .addExtension(MiscObjectIdentifiers.netscape, true, new NetscapeCertType(
+// NetscapeCertType.sslClient|NetscapeCertType.sslClient))
+ ;
+
+ x509 = new JcaX509CertificateConverter().getCertificate(
+ xcb.build(BCFactory.contentSigner(caKey)));
+ } catch (GeneralSecurityException|OperatorCreationException e) {
+ throw new CertException(e);
+ } finally {
+ tt.done();
+ }
+
+ return new X509andChain(x509,x509cwi.trustChain);
+ }
}
diff --git a/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/ca/X509ChainWithIssuer.java b/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/ca/X509ChainWithIssuer.java
index e31b9988..e51f2faa 100644
--- a/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/ca/X509ChainWithIssuer.java
+++ b/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/ca/X509ChainWithIssuer.java
@@ -33,61 +33,61 @@ import org.onap.aaf.cadi.configure.CertException;
import org.onap.aaf.cadi.configure.Factory;
public class X509ChainWithIssuer extends X509andChain {
- private String issuerDN;
- public X509Certificate caX509;
+ private String issuerDN;
+ public X509Certificate caX509;
- public X509ChainWithIssuer(X509ChainWithIssuer orig, X509Certificate x509) throws IOException, CertException {
- super(x509,orig.trustChain);
- issuerDN=orig.issuerDN;
- }
-
- public X509ChainWithIssuer(final List<? extends Reader> rdrs) throws IOException, CertException {
- // Trust Chain. Last one should be the CA
- Collection<? extends Certificate> certs;
- X509Certificate x509;
- for(Reader rdr : rdrs) {
- if(rdr==null) { // cover for badly formed array
- continue;
- }
-
- byte[] bytes = Factory.decode(rdr,null);
- try {
- certs = Factory.toX509Certificate(bytes);
- } catch (CertificateException e) {
- throw new CertException(e);
- }
- for(Certificate c : certs) {
- x509=(X509Certificate)c;
- Principal subject = x509.getSubjectDN();
- if(subject==null) {
- continue;
- }
- if(cert==null) { // first in Trust Chain
- issuerDN = subject.toString();
- cert=x509; // adding each time makes sure last one is signer.
- }
- addTrustChainEntry(x509);
- }
- }
- }
-
- public X509ChainWithIssuer(Certificate[] certs) throws IOException, CertException {
- X509Certificate x509;
- for(int i=certs.length-1; i>=0; --i) {
- x509=(X509Certificate)certs[i];
- Principal subject = x509.getSubjectDN();
- if(subject!=null) {
- addTrustChainEntry(x509);
- if(i==0) { // last one is signer
- cert=x509;
- issuerDN= subject.toString();
- }
- }
- }
- }
+ public X509ChainWithIssuer(X509ChainWithIssuer orig, X509Certificate x509) throws IOException, CertException {
+ super(x509,orig.trustChain);
+ issuerDN=orig.issuerDN;
+ }
+
+ public X509ChainWithIssuer(final List<? extends Reader> rdrs) throws IOException, CertException {
+ // Trust Chain. Last one should be the CA
+ Collection<? extends Certificate> certs;
+ X509Certificate x509;
+ for(Reader rdr : rdrs) {
+ if(rdr==null) { // cover for badly formed array
+ continue;
+ }
+
+ byte[] bytes = Factory.decode(rdr,null);
+ try {
+ certs = Factory.toX509Certificate(bytes);
+ } catch (CertificateException e) {
+ throw new CertException(e);
+ }
+ for(Certificate c : certs) {
+ x509=(X509Certificate)c;
+ Principal subject = x509.getSubjectDN();
+ if(subject==null) {
+ continue;
+ }
+ if(cert==null) { // first in Trust Chain
+ issuerDN = subject.toString();
+ cert=x509; // adding each time makes sure last one is signer.
+ }
+ addTrustChainEntry(x509);
+ }
+ }
+ }
+
+ public X509ChainWithIssuer(Certificate[] certs) throws IOException, CertException {
+ X509Certificate x509;
+ for(int i=certs.length-1; i>=0; --i) {
+ x509=(X509Certificate)certs[i];
+ Principal subject = x509.getSubjectDN();
+ if(subject!=null) {
+ addTrustChainEntry(x509);
+ if(i==0) { // last one is signer
+ cert=x509;
+ issuerDN= subject.toString();
+ }
+ }
+ }
+ }
- public String getIssuerDN() {
- return issuerDN;
- }
+ public String getIssuerDN() {
+ return issuerDN;
+ }
} \ No newline at end of file
diff --git a/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/ca/X509andChain.java b/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/ca/X509andChain.java
index 5141cc62..3c684db2 100644
--- a/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/ca/X509andChain.java
+++ b/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/ca/X509andChain.java
@@ -37,44 +37,44 @@ import org.onap.aaf.cadi.configure.Factory;
*
*/
public class X509andChain {
- protected X509Certificate cert;
- protected String[] trustChain;
-
- public X509andChain() {
- cert = null;
- trustChain = null;
- }
-
- public X509andChain(X509Certificate cert, String[] tc) throws IOException, CertException {
- this.cert = cert;
- trustChain=tc;
- }
+ protected X509Certificate cert;
+ protected String[] trustChain;
+
+ public X509andChain() {
+ cert = null;
+ trustChain = null;
+ }
+
+ public X509andChain(X509Certificate cert, String[] tc) throws IOException, CertException {
+ this.cert = cert;
+ trustChain=tc;
+ }
- public X509andChain(X509Certificate cert, List<String> chain) throws IOException, CertException {
- this.cert = cert;
- trustChain = new String[chain.size()+1];
- chain.toArray(trustChain);
- }
-
-
- public void addTrustChainEntry(X509Certificate x509) throws IOException, CertException {
- if(trustChain==null) {
- trustChain = new String[] {Factory.toString(NullTrans.singleton(),x509)};
- } else {
- String[] temp = new String[trustChain.length+1];
- System.arraycopy(trustChain, 0, temp, 0, trustChain.length);
- temp[trustChain.length]=Factory.toString(NullTrans.singleton(),x509);
- trustChain=temp;
- }
- }
-
+ public X509andChain(X509Certificate cert, List<String> chain) throws IOException, CertException {
+ this.cert = cert;
+ trustChain = new String[chain.size()+1];
+ chain.toArray(trustChain);
+ }
+
+
+ public void addTrustChainEntry(X509Certificate x509) throws IOException, CertException {
+ if(trustChain==null) {
+ trustChain = new String[] {Factory.toString(NullTrans.singleton(),x509)};
+ } else {
+ String[] temp = new String[trustChain.length+1];
+ System.arraycopy(trustChain, 0, temp, 0, trustChain.length);
+ temp[trustChain.length]=Factory.toString(NullTrans.singleton(),x509);
+ trustChain=temp;
+ }
+ }
+
- public X509Certificate getX509() {
- return cert;
- }
-
- public String[] getTrustChain() {
- return trustChain;
- }
-
+ public X509Certificate getX509() {
+ return cert;
+ }
+
+ public String[] getTrustChain() {
+ return trustChain;
+ }
+
}
diff --git a/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/cert/BCFactory.java b/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/cert/BCFactory.java
index e40a7a21..8edfa634 100644
--- a/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/cert/BCFactory.java
+++ b/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/cert/BCFactory.java
@@ -52,100 +52,100 @@ import org.onap.aaf.misc.env.Trans;
*
*/
public class BCFactory extends Factory {
- private static final JcaContentSignerBuilder jcsb;
+ private static final JcaContentSignerBuilder jcsb;
- static {
- // Bouncy
- jcsb = new JcaContentSignerBuilder(Factory.SIG_ALGO);
- }
-
- public static ContentSigner contentSigner(PrivateKey pk) throws OperatorCreationException {
- return jcsb.build(pk);
- }
-
- public static String toString(PKCS10CertificationRequest csr) throws IOException, CertException {
- if(csr==null) {
- throw new CertException("x509 Certificate Request not built");
- }
- return textBuilder("CERTIFICATE REQUEST",csr.getEncoded());
- }
+ static {
+ // Bouncy
+ jcsb = new JcaContentSignerBuilder(Factory.SIG_ALGO);
+ }
+
+ public static ContentSigner contentSigner(PrivateKey pk) throws OperatorCreationException {
+ return jcsb.build(pk);
+ }
+
+ public static String toString(PKCS10CertificationRequest csr) throws IOException, CertException {
+ if(csr==null) {
+ throw new CertException("x509 Certificate Request not built");
+ }
+ return textBuilder("CERTIFICATE REQUEST",csr.getEncoded());
+ }
- public static PKCS10CertificationRequest toCSR(Trans trans, File file) throws IOException {
- TimeTaken tt = trans.start("Reconstitute CSR", Env.SUB);
- try {
- FileReader fr = new FileReader(file);
- return new PKCS10CertificationRequest(decode(strip(fr)));
- } finally {
- tt.done();
- }
- }
+ public static PKCS10CertificationRequest toCSR(Trans trans, File file) throws IOException {
+ TimeTaken tt = trans.start("Reconstitute CSR", Env.SUB);
+ try {
+ FileReader fr = new FileReader(file);
+ return new PKCS10CertificationRequest(decode(strip(fr)));
+ } finally {
+ tt.done();
+ }
+ }
- public static byte[] sign(Trans trans, ASN1Object toSign, PrivateKey pk) throws IOException, InvalidKeyException, SignatureException, NoSuchAlgorithmException {
- TimeTaken tt = trans.start("Encode Security Object", Env.SUB);
- try {
- return sign(trans,toSign.getEncoded(),pk);
- } finally {
- tt.done();
- }
- }
-
- public static CSRMeta createCSRMeta(CA ca, String mechid, String sponsorEmail, List<String> fqdns) throws CertException {
- CSRMeta csr = ca.newCSRMeta();
- boolean first = true;
- // Set CN (and SAN)
- for(String fqdn : fqdns) {
- if(first) {
- first = false;
- csr.cn(fqdn);
- }
- csr.san(fqdn); // duplicate CN in SAN, per RFC 5280 section 4.2.1.6
- }
-
- csr.challenge(new String(Symm.randomGen(24)));
- csr.mechID(mechid);
- csr.email(sponsorEmail);
- String errs;
- if((errs=validateApp(csr))!=null) {
- throw new CertException(errs);
- }
- return csr;
- }
-
- private static String validateApp(CSRMeta csr) {
- CertmanValidator v = new CertmanValidator();
- if(v.nullOrBlank("cn", csr.cn())
- .nullOrBlank("mechID", csr.mechID())
-// .nullOrBlank("email", csr.email())
- .err()) {
- return v.errs();
- } else {
- return null;
- }
- }
+ public static byte[] sign(Trans trans, ASN1Object toSign, PrivateKey pk) throws IOException, InvalidKeyException, SignatureException, NoSuchAlgorithmException {
+ TimeTaken tt = trans.start("Encode Security Object", Env.SUB);
+ try {
+ return sign(trans,toSign.getEncoded(),pk);
+ } finally {
+ tt.done();
+ }
+ }
+
+ public static CSRMeta createCSRMeta(CA ca, String mechid, String sponsorEmail, List<String> fqdns) throws CertException {
+ CSRMeta csr = ca.newCSRMeta();
+ boolean first = true;
+ // Set CN (and SAN)
+ for(String fqdn : fqdns) {
+ if(first) {
+ first = false;
+ csr.cn(fqdn);
+ }
+ csr.san(fqdn); // duplicate CN in SAN, per RFC 5280 section 4.2.1.6
+ }
+
+ csr.challenge(new String(Symm.randomGen(24)));
+ csr.mechID(mechid);
+ csr.email(sponsorEmail);
+ String errs;
+ if((errs=validateApp(csr))!=null) {
+ throw new CertException(errs);
+ }
+ return csr;
+ }
+
+ private static String validateApp(CSRMeta csr) {
+ CertmanValidator v = new CertmanValidator();
+ if(v.nullOrBlank("cn", csr.cn())
+ .nullOrBlank("mechID", csr.mechID())
+// .nullOrBlank("email", csr.email())
+ .err()) {
+ return v.errs();
+ } else {
+ return null;
+ }
+ }
- public static CSRMeta createPersonalCSRMeta(CA ca, String personal, String email) throws CertException {
- CSRMeta csr = ca.newCSRMeta();
- csr.cn(personal);
- csr.challenge(new String(Symm.randomGen(24)));
- csr.email(email);
- String errs;
- if((errs=validatePersonal(csr))!=null) {
- throw new CertException(errs);
- }
- return csr;
- }
+ public static CSRMeta createPersonalCSRMeta(CA ca, String personal, String email) throws CertException {
+ CSRMeta csr = ca.newCSRMeta();
+ csr.cn(personal);
+ csr.challenge(new String(Symm.randomGen(24)));
+ csr.email(email);
+ String errs;
+ if((errs=validatePersonal(csr))!=null) {
+ throw new CertException(errs);
+ }
+ return csr;
+ }
- private static String validatePersonal(CSRMeta csr) {
- CertmanValidator v = new CertmanValidator();
- if(v.nullOrBlank("cn", csr.cn())
- .nullOrBlank("email", csr.email())
- .err()) {
- return v.errs();
- } else {
- return null;
- }
- }
-
+ private static String validatePersonal(CSRMeta csr) {
+ CertmanValidator v = new CertmanValidator();
+ if(v.nullOrBlank("cn", csr.cn())
+ .nullOrBlank("email", csr.email())
+ .err()) {
+ return v.errs();
+ } else {
+ return null;
+ }
+ }
+
}
diff --git a/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/cert/CSRMeta.java b/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/cert/CSRMeta.java
index f9fcad17..5df439ab 100644
--- a/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/cert/CSRMeta.java
+++ b/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/cert/CSRMeta.java
@@ -54,212 +54,212 @@ import org.onap.aaf.cadi.configure.Factory;
import org.onap.aaf.misc.env.Trans;
public class CSRMeta {
- private String cn;
- private String mechID;
- private String environment;
- private String email;
- private String challenge;
- private List<RDN> rdns;
- private ArrayList<String> sanList = new ArrayList<>();
- private KeyPair keyPair;
- private X500Name name = null;
- private SecureRandom random = new SecureRandom();
+ private String cn;
+ private String mechID;
+ private String environment;
+ private String email;
+ private String challenge;
+ private List<RDN> rdns;
+ private ArrayList<String> sanList = new ArrayList<>();
+ private KeyPair keyPair;
+ private X500Name name = null;
+ private SecureRandom random = new SecureRandom();
- public CSRMeta(List<RDN> rdns) {
- this.rdns = rdns;
- }
+ public CSRMeta(List<RDN> rdns) {
+ this.rdns = rdns;
+ }
- public X500Name x500Name() {
- if(name==null) {
- X500NameBuilder xnb = new X500NameBuilder();
- xnb.addRDN(BCStyle.CN,cn);
- xnb.addRDN(BCStyle.E,email);
- if(mechID!=null) {
- if(environment==null) {
- xnb.addRDN(BCStyle.OU,mechID);
- } else {
- xnb.addRDN(BCStyle.OU,mechID+':'+environment);
- }
- }
- for(RDN rdn : rdns) {
- xnb.addRDN(rdn.aoi,rdn.value);
- }
- name = xnb.build();
- }
- return name;
- }
-
-
- public PKCS10CertificationRequest generateCSR(Trans trans) throws IOException, CertException {
- PKCS10CertificationRequestBuilder builder = new JcaPKCS10CertificationRequestBuilder(x500Name(),keypair(trans).getPublic());
- if(challenge!=null) {
- DERPrintableString password = new DERPrintableString(challenge);
- builder.addAttribute(PKCSObjectIdentifiers.pkcs_9_at_challengePassword, password);
- }
-
- int plus = email==null?0:1;
- if(!sanList.isEmpty()) {
- GeneralName[] gna = new GeneralName[sanList.size()+plus];
- int i=-1;
- for(String s : sanList) {
- gna[++i]=new GeneralName(GeneralName.dNSName,s);
- }
- gna[++i]=new GeneralName(GeneralName.rfc822Name,email);
-
- builder.addAttribute(
- PKCSObjectIdentifiers.pkcs_9_at_extensionRequest,
- new Extensions(new Extension[] {
- new Extension(Extension.subjectAlternativeName,false,new GeneralNames(gna).getEncoded())
- })
- );
- }
+ public X500Name x500Name() {
+ if(name==null) {
+ X500NameBuilder xnb = new X500NameBuilder();
+ xnb.addRDN(BCStyle.CN,cn);
+ xnb.addRDN(BCStyle.E,email);
+ if(mechID!=null) {
+ if(environment==null) {
+ xnb.addRDN(BCStyle.OU,mechID);
+ } else {
+ xnb.addRDN(BCStyle.OU,mechID+':'+environment);
+ }
+ }
+ for(RDN rdn : rdns) {
+ xnb.addRDN(rdn.aoi,rdn.value);
+ }
+ name = xnb.build();
+ }
+ return name;
+ }
+
+
+ public PKCS10CertificationRequest generateCSR(Trans trans) throws IOException, CertException {
+ PKCS10CertificationRequestBuilder builder = new JcaPKCS10CertificationRequestBuilder(x500Name(),keypair(trans).getPublic());
+ if(challenge!=null) {
+ DERPrintableString password = new DERPrintableString(challenge);
+ builder.addAttribute(PKCSObjectIdentifiers.pkcs_9_at_challengePassword, password);
+ }
+
+ int plus = email==null?0:1;
+ if(!sanList.isEmpty()) {
+ GeneralName[] gna = new GeneralName[sanList.size()+plus];
+ int i=-1;
+ for(String s : sanList) {
+ gna[++i]=new GeneralName(GeneralName.dNSName,s);
+ }
+ gna[++i]=new GeneralName(GeneralName.rfc822Name,email);
+
+ builder.addAttribute(
+ PKCSObjectIdentifiers.pkcs_9_at_extensionRequest,
+ new Extensions(new Extension[] {
+ new Extension(Extension.subjectAlternativeName,false,new GeneralNames(gna).getEncoded())
+ })
+ );
+ }
- try {
- return builder.build(BCFactory.contentSigner(keypair(trans).getPrivate()));
- } catch (OperatorCreationException e) {
- throw new CertException(e);
- }
- }
-
- @SuppressWarnings("deprecation")
- public static void dump(PKCS10CertificationRequest csr) {
- Attribute[] certAttributes = csr.getAttributes();
- for (Attribute attribute : certAttributes) {
- if (!attribute.getAttrType().equals(PKCSObjectIdentifiers.pkcs_9_at_extensionRequest)) {
- continue;
- }
+ try {
+ return builder.build(BCFactory.contentSigner(keypair(trans).getPrivate()));
+ } catch (OperatorCreationException e) {
+ throw new CertException(e);
+ }
+ }
+
+ @SuppressWarnings("deprecation")
+ public static void dump(PKCS10CertificationRequest csr) {
+ Attribute[] certAttributes = csr.getAttributes();
+ for (Attribute attribute : certAttributes) {
+ if (!attribute.getAttrType().equals(PKCSObjectIdentifiers.pkcs_9_at_extensionRequest)) {
+ continue;
+ }
- Extensions extensions = Extensions.getInstance(attribute.getAttrValues().getObjectAt(0));
- GeneralNames gns = GeneralNames.fromExtensions(extensions,Extension.subjectAlternativeName);
- GeneralName[] names = gns.getNames();
- for(int k=0; k < names.length; k++) {
- String title = "";
- if(names[k].getTagNo() == GeneralName.dNSName) {
- title = "dNSName";
- } else if(names[k].getTagNo() == GeneralName.iPAddress) {
- title = "iPAddress";
- // Deprecated, but I don't see anything better to use.
- names[k].toASN1Object();
- } else if(names[k].getTagNo() == GeneralName.otherName) {
- title = "otherName";
- } else if(names[k].getTagNo() == GeneralName.rfc822Name) {
- title = "email";
- }
+ Extensions extensions = Extensions.getInstance(attribute.getAttrValues().getObjectAt(0));
+ GeneralNames gns = GeneralNames.fromExtensions(extensions,Extension.subjectAlternativeName);
+ GeneralName[] names = gns.getNames();
+ for(int k=0; k < names.length; k++) {
+ String title = "";
+ if(names[k].getTagNo() == GeneralName.dNSName) {
+ title = "dNSName";
+ } else if(names[k].getTagNo() == GeneralName.iPAddress) {
+ title = "iPAddress";
+ // Deprecated, but I don't see anything better to use.
+ names[k].toASN1Object();
+ } else if(names[k].getTagNo() == GeneralName.otherName) {
+ title = "otherName";
+ } else if(names[k].getTagNo() == GeneralName.rfc822Name) {
+ title = "email";
+ }
- System.out.println(title + ": "+ names[k].getName());
- }
- }
- }
-
- public X509Certificate initialConversationCert(Trans trans) throws IOException, CertificateException, OperatorCreationException {
- GregorianCalendar gc = new GregorianCalendar();
- Date start = gc.getTime();
- gc.add(GregorianCalendar.DAY_OF_MONTH,2);
- Date end = gc.getTime();
- @SuppressWarnings("deprecation")
- X509v3CertificateBuilder xcb = new X509v3CertificateBuilder(
- x500Name(),
- new BigInteger(12,random), // replace with Serialnumber scheme
- start,
- end,
- x500Name(),
- new SubjectPublicKeyInfo(ASN1Sequence.getInstance(keypair(trans).getPublic().getEncoded()))
- );
- return new JcaX509CertificateConverter().getCertificate(
- xcb.build(BCFactory.contentSigner(keypair(trans).getPrivate())));
- }
+ System.out.println(title + ": "+ names[k].getName());
+ }
+ }
+ }
+
+ public X509Certificate initialConversationCert(Trans trans) throws IOException, CertificateException, OperatorCreationException {
+ GregorianCalendar gc = new GregorianCalendar();
+ Date start = gc.getTime();
+ gc.add(GregorianCalendar.DAY_OF_MONTH,2);
+ Date end = gc.getTime();
+ @SuppressWarnings("deprecation")
+ X509v3CertificateBuilder xcb = new X509v3CertificateBuilder(
+ x500Name(),
+ new BigInteger(12,random), // replace with Serialnumber scheme
+ start,
+ end,
+ x500Name(),
+ new SubjectPublicKeyInfo(ASN1Sequence.getInstance(keypair(trans).getPublic().getEncoded()))
+ );
+ return new JcaX509CertificateConverter().getCertificate(
+ xcb.build(BCFactory.contentSigner(keypair(trans).getPrivate())));
+ }
- public CSRMeta san(String v) {
- sanList.add(v);
- return this;
- }
+ public CSRMeta san(String v) {
+ sanList.add(v);
+ return this;
+ }
- public List<String> sans() {
- return sanList;
- }
+ public List<String> sans() {
+ return sanList;
+ }
- public KeyPair keypair(Trans trans) {
- if(keyPair == null) {
- keyPair = Factory.generateKeyPair(trans);
- }
- return keyPair;
- }
+ public KeyPair keypair(Trans trans) {
+ if(keyPair == null) {
+ keyPair = Factory.generateKeyPair(trans);
+ }
+ return keyPair;
+ }
- /**
- * @return the cn
- */
- public String cn() {
- return cn;
- }
+ /**
+ * @return the cn
+ */
+ public String cn() {
+ return cn;
+ }
- /**
- * @param cn the cn to set
- */
- public void cn(String cn) {
- this.cn = cn;
- }
+ /**
+ * @param cn the cn to set
+ */
+ public void cn(String cn) {
+ this.cn = cn;
+ }
- /**
- * Environment of Service MechID is good for
- */
- public void environment(String env) {
- environment = env;
- }
-
- /**
- *
- * @return
- */
- public String environment() {
- return environment;
- }
-
- /**
- * @return the mechID
- */
- public String mechID() {
- return mechID;
- }
+ /**
+ * Environment of Service MechID is good for
+ */
+ public void environment(String env) {
+ environment = env;
+ }
+
+ /**
+ *
+ * @return
+ */
+ public String environment() {
+ return environment;
+ }
+
+ /**
+ * @return the mechID
+ */
+ public String mechID() {
+ return mechID;
+ }
- /**
- * @param mechID the mechID to set
- */
- public void mechID(String mechID) {
- this.mechID = mechID;
- }
+ /**
+ * @param mechID the mechID to set
+ */
+ public void mechID(String mechID) {
+ this.mechID = mechID;
+ }
- /**
- * @return the email
- */
- public String email() {
- return email;
- }
+ /**
+ * @return the email
+ */
+ public String email() {
+ return email;
+ }
- /**
- * @param email the email to set
- */
- public void email(String email) {
- this.email = email;
- }
+ /**
+ * @param email the email to set
+ */
+ public void email(String email) {
+ this.email = email;
+ }
- /**
- * @return the challenge
- */
- public String challenge() {
- return challenge;
- }
+ /**
+ * @return the challenge
+ */
+ public String challenge() {
+ return challenge;
+ }
- /**
- * @param challenge the challenge to set
- */
- public void challenge(String challenge) {
- this.challenge = challenge;
- }
-
+ /**
+ * @param challenge the challenge to set
+ */
+ public void challenge(String challenge) {
+ this.challenge = challenge;
+ }
+
}
diff --git a/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/cert/RDN.java b/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/cert/RDN.java
index b109ffcb..c39ba6d3 100644
--- a/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/cert/RDN.java
+++ b/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/cert/RDN.java
@@ -29,75 +29,75 @@ import org.onap.aaf.cadi.configure.CertException;
import org.onap.aaf.cadi.util.Split;
public class RDN {
- public String tag;
- public String value;
- public ASN1ObjectIdentifier aoi;
- public RDN(final String tagValue) throws CertException {
- String[] tv = Split.splitTrim('=',tagValue);
- switch(tv[0]) {
- case "cn":case "CN": aoi = BCStyle.CN; break;
- case "c":case "C": aoi = BCStyle.C;break;
- case "st":case "ST": aoi = BCStyle.ST;break;
- case "l":case "L": aoi = BCStyle.L;break;
- case "o":case "O": aoi = BCStyle.O;break;
- case "ou":case "OU": aoi = BCStyle.OU;break;
- case "dc":case "DC": aoi = BCStyle.DC;break;
- case "gn":case "GN": aoi = BCStyle.GIVENNAME; break;
- case "sn":case "SN": aoi = BCStyle.SN; break; // surname
- case "email":case "EMAIL":
- case "emailaddress":
- case "EMAILADDRESS": aoi = BCStyle.EmailAddress;break; // should be SAN extension
- case "initials": aoi = BCStyle.INITIALS; break;
- case "pseudonym": aoi = BCStyle.PSEUDONYM; break;
- case "generationQualifier": aoi = BCStyle.GENERATION; break;
- case "serialNumber": aoi = BCStyle.SERIALNUMBER; break;
- default:
- throw new CertException("Unknown ASN1ObjectIdentifier for " + tv[0] + " in " + tagValue);
- }
- tag = tv[0];
- value = tv[1];
- }
-
- /**
- * Parse various forms of DNs into appropriate RDNs, which have the ASN1ObjectIdentifier
- * @param delim
- * @param dnString
- * @return
- * @throws CertException
- */
- public static List<RDN> parse(final char delim, final String dnString ) throws CertException {
- List<RDN> lrnd = new ArrayList<>();
- StringBuilder sb = new StringBuilder();
- boolean inQuotes = false;
- for(int i=0;i<dnString.length();++i) {
- char c = dnString.charAt(i);
- if(inQuotes) {
- if('"' == c) {
- inQuotes=false;
- } else {
- sb.append(dnString.charAt(i));
- }
- } else {
- if('"' == c) {
- inQuotes=true;
- } else if(delim==c) {
- if(sb.length()>0) {
- lrnd.add(new RDN(sb.toString()));
- sb.setLength(0);
- }
- } else {
- sb.append(dnString.charAt(i));
- }
- }
- }
- if(sb.indexOf("=")>0) {
- lrnd.add(new RDN(sb.toString()));
- }
- return lrnd;
- }
-
- @Override
- public String toString() {
- return tag + '=' + value;
- }
+ public String tag;
+ public String value;
+ public ASN1ObjectIdentifier aoi;
+ public RDN(final String tagValue) throws CertException {
+ String[] tv = Split.splitTrim('=',tagValue);
+ switch(tv[0]) {
+ case "cn":case "CN": aoi = BCStyle.CN; break;
+ case "c":case "C": aoi = BCStyle.C;break;
+ case "st":case "ST": aoi = BCStyle.ST;break;
+ case "l":case "L": aoi = BCStyle.L;break;
+ case "o":case "O": aoi = BCStyle.O;break;
+ case "ou":case "OU": aoi = BCStyle.OU;break;
+ case "dc":case "DC": aoi = BCStyle.DC;break;
+ case "gn":case "GN": aoi = BCStyle.GIVENNAME; break;
+ case "sn":case "SN": aoi = BCStyle.SN; break; // surname
+ case "email":case "EMAIL":
+ case "emailaddress":
+ case "EMAILADDRESS": aoi = BCStyle.EmailAddress;break; // should be SAN extension
+ case "initials": aoi = BCStyle.INITIALS; break;
+ case "pseudonym": aoi = BCStyle.PSEUDONYM; break;
+ case "generationQualifier": aoi = BCStyle.GENERATION; break;
+ case "serialNumber": aoi = BCStyle.SERIALNUMBER; break;
+ default:
+ throw new CertException("Unknown ASN1ObjectIdentifier for " + tv[0] + " in " + tagValue);
+ }
+ tag = tv[0];
+ value = tv[1];
+ }
+
+ /**
+ * Parse various forms of DNs into appropriate RDNs, which have the ASN1ObjectIdentifier
+ * @param delim
+ * @param dnString
+ * @return
+ * @throws CertException
+ */
+ public static List<RDN> parse(final char delim, final String dnString ) throws CertException {
+ List<RDN> lrnd = new ArrayList<>();
+ StringBuilder sb = new StringBuilder();
+ boolean inQuotes = false;
+ for(int i=0;i<dnString.length();++i) {
+ char c = dnString.charAt(i);
+ if(inQuotes) {
+ if('"' == c) {
+ inQuotes=false;
+ } else {
+ sb.append(dnString.charAt(i));
+ }
+ } else {
+ if('"' == c) {
+ inQuotes=true;
+ } else if(delim==c) {
+ if(sb.length()>0) {
+ lrnd.add(new RDN(sb.toString()));
+ sb.setLength(0);
+ }
+ } else {
+ sb.append(dnString.charAt(i));
+ }
+ }
+ }
+ if(sb.indexOf("=")>0) {
+ lrnd.add(new RDN(sb.toString()));
+ }
+ return lrnd;
+ }
+
+ @Override
+ public String toString() {
+ return tag + '=' + value;
+ }
} \ No newline at end of file
diff --git a/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/data/CertReq.java b/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/data/CertReq.java
index d960945c..ad7f10eb 100644
--- a/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/data/CertReq.java
+++ b/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/data/CertReq.java
@@ -31,19 +31,19 @@ import org.onap.aaf.auth.cm.cert.CSRMeta;
import org.onap.aaf.cadi.configure.CertException;
public class CertReq {
- // These cannot be null
- public CA certAuthority;
- public String mechid;
- public List<String> fqdns;
- // Notify
- public List<String> emails;
-
-
- // These may be null
- public String sponsor;
- public XMLGregorianCalendar start, end;
-
- public CSRMeta getCSRMeta() throws CertException {
- return BCFactory.createCSRMeta(certAuthority, mechid, sponsor,fqdns);
- }
+ // These cannot be null
+ public CA certAuthority;
+ public String mechid;
+ public List<String> fqdns;
+ // Notify
+ public List<String> emails;
+
+
+ // These may be null
+ public String sponsor;
+ public XMLGregorianCalendar start, end;
+
+ public CSRMeta getCSRMeta() throws CertException {
+ return BCFactory.createCSRMeta(certAuthority, mechid, sponsor,fqdns);
+ }
}
diff --git a/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/data/CertResp.java b/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/data/CertResp.java
index 970bfb85..e156fe91 100644
--- a/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/data/CertResp.java
+++ b/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/data/CertResp.java
@@ -33,59 +33,59 @@ import org.onap.aaf.cadi.configure.Factory;
import org.onap.aaf.misc.env.Trans;
public class CertResp {
- private CA ca;
- private KeyPair keyPair;
- private String challenge;
-
- private String privateKey, certString;
- private String[] trustChain;
- private String[] notes;
-
- public CertResp(Trans trans, CA ca, X509Certificate x509, CSRMeta csrMeta, String[] trustChain, String[] notes) throws IOException, GeneralSecurityException, CertException {
- keyPair = csrMeta.keypair(trans);
- privateKey = Factory.toString(trans, keyPair.getPrivate());
- certString = Factory.toString(trans,x509);
- challenge=csrMeta.challenge();
- this.ca = ca;
- this.trustChain = trustChain;
- this.notes = notes;
- }
+ private CA ca;
+ private KeyPair keyPair;
+ private String challenge;
+
+ private String privateKey, certString;
+ private String[] trustChain;
+ private String[] notes;
+
+ public CertResp(Trans trans, CA ca, X509Certificate x509, CSRMeta csrMeta, String[] trustChain, String[] notes) throws IOException, GeneralSecurityException, CertException {
+ keyPair = csrMeta.keypair(trans);
+ privateKey = Factory.toString(trans, keyPair.getPrivate());
+ certString = Factory.toString(trans,x509);
+ challenge=csrMeta.challenge();
+ this.ca = ca;
+ this.trustChain = trustChain;
+ this.notes = notes;
+ }
- // Use for Read Responses, etc
- public CertResp(String cert) {
- certString = cert;
- }
+ // Use for Read Responses, etc
+ public CertResp(String cert) {
+ certString = cert;
+ }
-
- public String asCertString() {
- return certString;
- }
-
- public String privateString() throws IOException {
- return privateKey;
- }
-
- public String challenge() {
- return challenge==null?"":challenge;
- }
-
- public String[] notes() {
- return notes;
- }
-
- public String[] caIssuerDNs() {
- return ca.getCaIssuerDNs();
- }
-
- public String env() {
- return ca.getEnv();
- }
-
- public String[] trustChain() {
- return trustChain;
- }
-
- public String[] trustCAs() {
- return ca.getTrustedCAs();
- }
+
+ public String asCertString() {
+ return certString;
+ }
+
+ public String privateString() throws IOException {
+ return privateKey;
+ }
+
+ public String challenge() {
+ return challenge==null?"":challenge;
+ }
+
+ public String[] notes() {
+ return notes;
+ }
+
+ public String[] caIssuerDNs() {
+ return ca.getCaIssuerDNs();
+ }
+
+ public String env() {
+ return ca.getEnv();
+ }
+
+ public String[] trustChain() {
+ return trustChain;
+ }
+
+ public String[] trustCAs() {
+ return ca.getTrustedCAs();
+ }
}
diff --git a/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/facade/Facade.java b/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/facade/Facade.java
index 9eb9c2fa..4952dbec 100644
--- a/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/facade/Facade.java
+++ b/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/facade/Facade.java
@@ -40,143 +40,143 @@ import org.onap.aaf.auth.layer.Result;
public interface Facade<REQ,CERT,ARTIFACTS,ERROR> {
///////////////////// STANDARD ELEMENTS //////////////////
- /**
- * @param trans
- * @param response
- * @param result
- */
- void error(AuthzTrans trans, HttpServletResponse response, Result<?> result);
-
- /**
- *
- * @param trans
- * @param response
- * @param status
- */
- void error(AuthzTrans trans, HttpServletResponse response, int status, String msg, String ... detail);
-
- /**
- * Permission checker
- *
- * @param trans
- * @param resp
- * @param perm
- * @return
- * @throws IOException
- */
- Result<Void> check(AuthzTrans trans, HttpServletResponse resp, String perm) throws IOException;
-
- /**
- *
- * @return
- */
- public Mapper<REQ,CERT,ARTIFACTS,ERROR> mapper();
+ /**
+ * @param trans
+ * @param response
+ * @param result
+ */
+ void error(AuthzTrans trans, HttpServletResponse response, Result<?> result);
+
+ /**
+ *
+ * @param trans
+ * @param response
+ * @param status
+ */
+ void error(AuthzTrans trans, HttpServletResponse response, int status, String msg, String ... detail);
+
+ /**
+ * Permission checker
+ *
+ * @param trans
+ * @param resp
+ * @param perm
+ * @return
+ * @throws IOException
+ */
+ Result<Void> check(AuthzTrans trans, HttpServletResponse resp, String perm) throws IOException;
+
+ /**
+ *
+ * @return
+ */
+ public Mapper<REQ,CERT,ARTIFACTS,ERROR> mapper();
///////////////////// STANDARD ELEMENTS //////////////////
-
- /**
- *
- * @param trans
- * @param resp
- * @param rservlet
- * @return
- */
- public abstract Result<Void> requestCert(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp, CA ca);
-
- /**
- *
- * @param trans
- * @param resp
- * @param rservlet
- * @return
- */
- public abstract Result<Void> requestPersonalCert(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp, CA ca);
-
-
- /**
- *
- * @param trans
- * @param req
- * @param resp
- * @return
- */
- public abstract Result<Void> renewCert(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp, boolean withTrust);
-
- /**
- *
- * @param trans
- * @param req
- * @param resp
- * @return
- */
- public abstract Result<Void> dropCert(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp);
-
-
- /**
- *
- * @param trans
- * @param resp
- * @param pathParam
- * @return
- */
- public Result<Void> readCertsByMechID(AuthzTrans trans, HttpServletResponse resp, String mechID);
-
-
- /**
- *
- * @param trans
- * @param req
- * @param resp
- * @return
- */
- Result<Void> createArtifacts(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp);
-
- /**
- *
- * @param trans
- * @param req
- * @param resp
- * @return
- */
- Result<Void> readArtifacts(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp);
-
- /**
- *
- * @param trans
- * @param resp
- * @param mechid
- * @param machine
- * @return
- */
- Result<Void> readArtifacts(AuthzTrans trans, HttpServletResponse resp, String mechid, String machine);
-
- /**
- *
- * @param trans
- * @param req
- * @param resp
- * @return
- */
- Result<Void> updateArtifacts(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp);
-
- /**
- *
- * @param trans
- * @param req
- * @param resp
- * @return
- */
- Result<Void> deleteArtifacts(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp);
-
- /**
- *
- * @param trans
- * @param resp
- * @param mechid
- * @param machine
- * @return
- */
- Result<Void> deleteArtifacts(AuthzTrans trans, HttpServletResponse resp, String mechid, String machine);
+
+ /**
+ *
+ * @param trans
+ * @param resp
+ * @param rservlet
+ * @return
+ */
+ public abstract Result<Void> requestCert(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp, CA ca);
+
+ /**
+ *
+ * @param trans
+ * @param resp
+ * @param rservlet
+ * @return
+ */
+ public abstract Result<Void> requestPersonalCert(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp, CA ca);
+
+
+ /**
+ *
+ * @param trans
+ * @param req
+ * @param resp
+ * @return
+ */
+ public abstract Result<Void> renewCert(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp, boolean withTrust);
+
+ /**
+ *
+ * @param trans
+ * @param req
+ * @param resp
+ * @return
+ */
+ public abstract Result<Void> dropCert(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp);
+
+
+ /**
+ *
+ * @param trans
+ * @param resp
+ * @param pathParam
+ * @return
+ */
+ public Result<Void> readCertsByMechID(AuthzTrans trans, HttpServletResponse resp, String mechID);
+
+
+ /**
+ *
+ * @param trans
+ * @param req
+ * @param resp
+ * @return
+ */
+ Result<Void> createArtifacts(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp);
+
+ /**
+ *
+ * @param trans
+ * @param req
+ * @param resp
+ * @return
+ */
+ Result<Void> readArtifacts(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp);
+
+ /**
+ *
+ * @param trans
+ * @param resp
+ * @param mechid
+ * @param machine
+ * @return
+ */
+ Result<Void> readArtifacts(AuthzTrans trans, HttpServletResponse resp, String mechid, String machine);
+
+ /**
+ *
+ * @param trans
+ * @param req
+ * @param resp
+ * @return
+ */
+ Result<Void> updateArtifacts(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp);
+
+ /**
+ *
+ * @param trans
+ * @param req
+ * @param resp
+ * @return
+ */
+ Result<Void> deleteArtifacts(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp);
+
+ /**
+ *
+ * @param trans
+ * @param resp
+ * @param mechid
+ * @param machine
+ * @return
+ */
+ Result<Void> deleteArtifacts(AuthzTrans trans, HttpServletResponse resp, String mechid, String machine);
} \ No newline at end of file
diff --git a/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/facade/Facade1_0.java b/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/facade/Facade1_0.java
index 49d976b2..4a3b5cbe 100644
--- a/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/facade/Facade1_0.java
+++ b/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/facade/Facade1_0.java
@@ -37,10 +37,10 @@ import certman.v1_0.CertInfo;
*
*/
public class Facade1_0 extends FacadeImpl<BaseRequest,CertInfo, Artifacts, Error> {
- public Facade1_0(AAF_CM certman,
- CMService service,
- Mapper<BaseRequest,CertInfo,Artifacts,Error> mapper,
- Data.TYPE type) throws APIException {
- super(certman, service, mapper, type);
- }
+ public Facade1_0(AAF_CM certman,
+ CMService service,
+ Mapper<BaseRequest,CertInfo,Artifacts,Error> mapper,
+ Data.TYPE type) throws APIException {
+ super(certman, service, mapper, type);
+ }
}
diff --git a/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/facade/FacadeFactory.java b/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/facade/FacadeFactory.java
index 6eb13f93..e9ffb908 100644
--- a/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/facade/FacadeFactory.java
+++ b/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/facade/FacadeFactory.java
@@ -30,12 +30,12 @@ import org.onap.aaf.misc.env.Data;
public class FacadeFactory {
- public static Facade1_0 v1_0(AAF_CM certman, AuthzTrans trans, CMService service, Data.TYPE type) throws APIException {
- return new Facade1_0(
- certman,
- service,
- new Mapper1_0(),
- type);
- }
+ public static Facade1_0 v1_0(AAF_CM certman, AuthzTrans trans, CMService service, Data.TYPE type) throws APIException {
+ return new Facade1_0(
+ certman,
+ service,
+ new Mapper1_0(),
+ type);
+ }
}
diff --git a/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/facade/FacadeImpl.java b/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/facade/FacadeImpl.java
index 98fdf11b..310ea8b2 100644
--- a/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/facade/FacadeImpl.java
+++ b/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/facade/FacadeImpl.java
@@ -66,7 +66,7 @@ import org.onap.aaf.misc.rosetta.env.RosettaData;
* 1) Interact with the Service Implementation (which might be supported by various kinds of Backend Storage)
* 2) Validate incoming data (if applicable)
* 3) Convert the Service response into the right Format, and mark the Content Type
- * a) In the future, we may support multiple Response Formats, aka JSON or XML, based on User Request.
+ * a) In the future, we may support multiple Response Formats, aka JSON or XML, based on User Request.
* 4) Log Service info, warnings and exceptions as necessary
* 5) When asked by the API layer, this will create and write Error content to the OutputStream
*
@@ -77,562 +77,562 @@ import org.onap.aaf.misc.rosetta.env.RosettaData;
*
*/
public abstract class FacadeImpl<REQ,CERT,ARTIFACTS,ERROR> extends org.onap.aaf.auth.layer.FacadeImpl implements Facade<REQ,CERT,ARTIFACTS,ERROR>
- {
- private static final String TRUE = "TRUE";
- private static final String REQUEST_CERT = "Request New Certificate";
- private static final String RENEW_CERT = "Renew Certificate";
- private static final String DROP_CERT = "Drop Certificate";
- private static final String READ_CERTS_MECHID = "Read Certificates by MechID";
- private static final String CREATE_ARTIFACTS = "Create Deployment Artifact";
- private static final String READ_ARTIFACTS = "Read Deployment Artifact";
- private static final String UPDATE_ARTIFACTS = "Update Deployment Artifact";
- private static final String DELETE_ARTIFACTS = "Delete Deployment Artifact";
-
- private CMService service;
-
- private final RosettaDF<ERROR> errDF;
- private final RosettaDF<REQ> certRequestDF, certRenewDF, certDropDF;
- private final RosettaDF<CERT> certDF;
- private final RosettaDF<ARTIFACTS> artiDF;
- private Mapper<REQ, CERT, ARTIFACTS, ERROR> mapper;
-// private Slot sCertAuth;
- private AAF_CM certman;
- private final String voidResp;
-
- public FacadeImpl(AAF_CM certman,
- CMService service,
- Mapper<REQ,CERT,ARTIFACTS,ERROR> mapper,
- Data.TYPE dataType) throws APIException {
- this.service = service;
- this.mapper = mapper;
- this.certman = certman;
- AuthzEnv env = certman.env;
- //TODO: Gabe [JUnit] Static issue, talk to Jonathan
- (errDF = env.newDataFactory(mapper.getClass(API.ERROR))).in(dataType).out(dataType);
- (certRequestDF = env.newDataFactory(mapper.getClass(API.CERT_REQ))).in(dataType).out(dataType);
- (certRenewDF = env.newDataFactory(mapper.getClass(API.CERT_RENEW))).in(dataType).out(dataType);
- (certDropDF = env.newDataFactory(mapper.getClass(API.CERT_DROP))).in(dataType).out(dataType);
- (certDF = env.newDataFactory(mapper.getClass(API.CERT))).in(dataType).out(dataType);
- (artiDF = env.newDataFactory(mapper.getClass(API.ARTIFACTS))).in(dataType).out(dataType);
-// sCertAuth = env.slot(API_Cert.CERT_AUTH);
- if(artiDF.getOutType().name().contains("xml")) {
- voidResp = "application/Void+xml;charset=utf-8;version=1.0,application/xml;version=1.0,*/*";
- } else {
- voidResp = "application/Void+json;charset=utf-8;version=1.0,application/json;version=1.0,*/*";
- }
- }
-
- public Mapper<REQ,CERT,ARTIFACTS,ERROR> mapper() {
- return mapper;
- }
-
- /* (non-Javadoc)
- * @see com.att.authz.facade.AuthzFacade#error(org.onap.aaf.auth.env.test.AuthzTrans, javax.servlet.http.HttpServletResponse, int)
- *
- * Note: Conforms to AT&T TSS RESTful Error Structure
- */
- @Override
- public void error(AuthzTrans trans, HttpServletResponse response, Result<?> result) {
- error(trans, response, result.status,
- result.details==null?"":result.details.trim(),
- result.variables==null?new String[0]:result.variables);
- }
-
- @Override
- public void error(AuthzTrans trans, HttpServletResponse response, int status, final String _msg, final String ... _detail) {
- String msgId;
- String prefix;
- boolean hidemsg=false;
- switch(status) {
- case 202:
- case ERR_ActionNotCompleted:
- msgId = "SVC1202";
- prefix = "Accepted, Action not complete";
- response.setStatus(/*httpstatus=*/202);
- break;
-
- case 403:
- case ERR_Policy:
- case ERR_Security:
- case ERR_Denied:
- msgId = "SVC1403";
- prefix = "Forbidden";
- response.setStatus(/*httpstatus=*/403);
- break;
-
- case 404:
- case ERR_NotFound:
- msgId = "SVC1404";
- prefix = "Not Found";
- response.setStatus(/*httpstatus=*/404);
- break;
-
- case 406:
- case ERR_BadData:
- msgId="SVC1406";
- prefix = "Not Acceptable";
- response.setStatus(/*httpstatus=*/406);
- break;
-
- case 409:
- case ERR_ConflictAlreadyExists:
- msgId = "SVC1409";
- prefix = "Conflict Already Exists";
- response.setStatus(/*httpstatus=*/409);
- break;
-
- case 501:
- case ERR_NotImplemented:
- msgId = "SVC1501";
- prefix = "Not Implemented";
- response.setStatus(/*httpstatus=*/501);
- break;
-
-
- default:
- msgId = "SVC1500";
- prefix = "General Service Error";
- response.setStatus(/*httpstatus=*/500);
- hidemsg=true;
- break;
- }
-
- try {
- StringBuilder holder = new StringBuilder();
- ERROR em = mapper().errorFromMessage(holder, msgId,prefix + ": " + _msg,_detail);
- trans.checkpoint(
- "ErrResp [" +
- msgId +
- "] " +
- holder.toString(),
- Env.ALWAYS);
- if(hidemsg) {
- holder.setLength(0);
- em = mapper().errorFromMessage(holder, msgId, "Server had an issue processing this request");
- }
- errDF.newData(trans).load(em).to(response.getOutputStream());
-
- } catch (Exception e) {
- trans.error().log(e,"unable to send response for",_msg);
- }
- }
-
- @Override
- public Result<Void> check(AuthzTrans trans, HttpServletResponse resp, String perm) throws IOException {
- String[] p = Split.split('|',perm);
- AAFPermission ap;
- switch(p.length) {
- case 3:
- ap = new AAFPermission(null, p[0],p[1],p[2]);
- break;
- case 4:
- ap = new AAFPermission(p[0],p[1],p[2],p[3]);
- break;
- default:
- return Result.err(Result.ERR_BadData,"Invalid Perm String");
- }
- if(certman.aafLurPerm.fish(trans.getUserPrincipal(), ap)) {
- resp.setContentType(voidResp);
- resp.getOutputStream().write(0);
- return Result.ok();
- } else {
- return Result.err(Result.ERR_Denied,"%s does not have %s",trans.user(),ap.getKey());
- }
- }
-
- /* (non-Javadoc)
- * @see com.att.auth.certman.facade.Facade#requestCert(org.onap.aaf.auth.env.test.AuthzTrans, javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse)
- */
- @Override
- public Result<Void> requestCert(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp, CA ca) {
- TimeTaken tt = trans.start(REQUEST_CERT, Env.SUB|Env.ALWAYS);
- String wt;
- boolean withTrust=(wt=req.getParameter("withTrust"))!=null || TRUE.equalsIgnoreCase(wt);
- try {
- REQ request;
- try {
- Data<REQ> rd = certRequestDF.newData().load(req.getInputStream());
- request = rd.asObject();
- } catch(APIException e) {
- trans.error().log("Invalid Input",IN,REQUEST_CERT);
- return Result.err(Result.ERR_BadData,"Invalid Input");
- }
-
- Result<CertResp> rcr = service.requestCert(trans,mapper.toReq(trans,request), ca);
- if(rcr.notOK()) {
- return Result.err(rcr);
- }
-
-// CA certAuth = trans.get(sCertAuth,null);
- Result<CERT> rc = mapper.toCert(trans, rcr, withTrust);
- switch(rc.status) {
- case OK:
- RosettaData<CERT> data = certDF.newData(trans).load(rc.value);
- data.to(resp.getOutputStream());
-
- setContentType(resp,certDF.getOutType());
- return Result.ok();
- default:
- return Result.err(rc);
- }
-
- } catch (Exception e) {
- trans.error().log(e,IN,REQUEST_CERT);
- return Result.err(e);
- } finally {
- tt.done();
- }
- }
-
- /* (non-Javadoc)
- * @see org.onap.aaf.auth.cm.facade.Facade#requestPersonalCert(org.onap.aaf.auth.env.test.AuthzTrans, javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse, boolean)
- */
- @Override
- public Result<Void> requestPersonalCert(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp, CA ca) {
- return Result.err(Result.ERR_NotImplemented,"not implemented yet");
-// Result<CertResp> rcr = service.requestPersonalCert(trans,ca);
-// if(rcr.notOK()) {
-// return Result.err(rcr);
-// } else {
-// try {
-// resp.setContentType("application/zip, application/octet-stream");
-// ZipOutputStream zos = new ZipOutputStream(resp.getOutputStream());
-// PrintStream ps = new PrintStream(zos);
-// ZipEntry ze = new ZipEntry(trans.user()+".key");
-// zos.putNextEntry(ze);
-// ps.print(rcr.value.privateString());
-// zos.closeEntry();
+ {
+ private static final String TRUE = "TRUE";
+ private static final String REQUEST_CERT = "Request New Certificate";
+ private static final String RENEW_CERT = "Renew Certificate";
+ private static final String DROP_CERT = "Drop Certificate";
+ private static final String READ_CERTS_MECHID = "Read Certificates by MechID";
+ private static final String CREATE_ARTIFACTS = "Create Deployment Artifact";
+ private static final String READ_ARTIFACTS = "Read Deployment Artifact";
+ private static final String UPDATE_ARTIFACTS = "Update Deployment Artifact";
+ private static final String DELETE_ARTIFACTS = "Delete Deployment Artifact";
+
+ private CMService service;
+
+ private final RosettaDF<ERROR> errDF;
+ private final RosettaDF<REQ> certRequestDF, certRenewDF, certDropDF;
+ private final RosettaDF<CERT> certDF;
+ private final RosettaDF<ARTIFACTS> artiDF;
+ private Mapper<REQ, CERT, ARTIFACTS, ERROR> mapper;
+// private Slot sCertAuth;
+ private AAF_CM certman;
+ private final String voidResp;
+
+ public FacadeImpl(AAF_CM certman,
+ CMService service,
+ Mapper<REQ,CERT,ARTIFACTS,ERROR> mapper,
+ Data.TYPE dataType) throws APIException {
+ this.service = service;
+ this.mapper = mapper;
+ this.certman = certman;
+ AuthzEnv env = certman.env;
+ //TODO: Gabe [JUnit] Static issue, talk to Jonathan
+ (errDF = env.newDataFactory(mapper.getClass(API.ERROR))).in(dataType).out(dataType);
+ (certRequestDF = env.newDataFactory(mapper.getClass(API.CERT_REQ))).in(dataType).out(dataType);
+ (certRenewDF = env.newDataFactory(mapper.getClass(API.CERT_RENEW))).in(dataType).out(dataType);
+ (certDropDF = env.newDataFactory(mapper.getClass(API.CERT_DROP))).in(dataType).out(dataType);
+ (certDF = env.newDataFactory(mapper.getClass(API.CERT))).in(dataType).out(dataType);
+ (artiDF = env.newDataFactory(mapper.getClass(API.ARTIFACTS))).in(dataType).out(dataType);
+// sCertAuth = env.slot(API_Cert.CERT_AUTH);
+ if(artiDF.getOutType().name().contains("xml")) {
+ voidResp = "application/Void+xml;charset=utf-8;version=1.0,application/xml;version=1.0,*/*";
+ } else {
+ voidResp = "application/Void+json;charset=utf-8;version=1.0,application/json;version=1.0,*/*";
+ }
+ }
+
+ public Mapper<REQ,CERT,ARTIFACTS,ERROR> mapper() {
+ return mapper;
+ }
+
+ /* (non-Javadoc)
+ * @see com.att.authz.facade.AuthzFacade#error(org.onap.aaf.auth.env.test.AuthzTrans, javax.servlet.http.HttpServletResponse, int)
+ *
+ * Note: Conforms to AT&T TSS RESTful Error Structure
+ */
+ @Override
+ public void error(AuthzTrans trans, HttpServletResponse response, Result<?> result) {
+ error(trans, response, result.status,
+ result.details==null?"":result.details.trim(),
+ result.variables==null?new String[0]:result.variables);
+ }
+
+ @Override
+ public void error(AuthzTrans trans, HttpServletResponse response, int status, final String _msg, final String ... _detail) {
+ String msgId;
+ String prefix;
+ boolean hidemsg=false;
+ switch(status) {
+ case 202:
+ case ERR_ActionNotCompleted:
+ msgId = "SVC1202";
+ prefix = "Accepted, Action not complete";
+ response.setStatus(/*httpstatus=*/202);
+ break;
+
+ case 403:
+ case ERR_Policy:
+ case ERR_Security:
+ case ERR_Denied:
+ msgId = "SVC1403";
+ prefix = "Forbidden";
+ response.setStatus(/*httpstatus=*/403);
+ break;
+
+ case 404:
+ case ERR_NotFound:
+ msgId = "SVC1404";
+ prefix = "Not Found";
+ response.setStatus(/*httpstatus=*/404);
+ break;
+
+ case 406:
+ case ERR_BadData:
+ msgId="SVC1406";
+ prefix = "Not Acceptable";
+ response.setStatus(/*httpstatus=*/406);
+ break;
+
+ case 409:
+ case ERR_ConflictAlreadyExists:
+ msgId = "SVC1409";
+ prefix = "Conflict Already Exists";
+ response.setStatus(/*httpstatus=*/409);
+ break;
+
+ case 501:
+ case ERR_NotImplemented:
+ msgId = "SVC1501";
+ prefix = "Not Implemented";
+ response.setStatus(/*httpstatus=*/501);
+ break;
+
+
+ default:
+ msgId = "SVC1500";
+ prefix = "General Service Error";
+ response.setStatus(/*httpstatus=*/500);
+ hidemsg=true;
+ break;
+ }
+
+ try {
+ StringBuilder holder = new StringBuilder();
+ ERROR em = mapper().errorFromMessage(holder, msgId,prefix + ": " + _msg,_detail);
+ trans.checkpoint(
+ "ErrResp [" +
+ msgId +
+ "] " +
+ holder.toString(),
+ Env.ALWAYS);
+ if(hidemsg) {
+ holder.setLength(0);
+ em = mapper().errorFromMessage(holder, msgId, "Server had an issue processing this request");
+ }
+ errDF.newData(trans).load(em).to(response.getOutputStream());
+
+ } catch (Exception e) {
+ trans.error().log(e,"unable to send response for",_msg);
+ }
+ }
+
+ @Override
+ public Result<Void> check(AuthzTrans trans, HttpServletResponse resp, String perm) throws IOException {
+ String[] p = Split.split('|',perm);
+ AAFPermission ap;
+ switch(p.length) {
+ case 3:
+ ap = new AAFPermission(null, p[0],p[1],p[2]);
+ break;
+ case 4:
+ ap = new AAFPermission(p[0],p[1],p[2],p[3]);
+ break;
+ default:
+ return Result.err(Result.ERR_BadData,"Invalid Perm String");
+ }
+ if(certman.aafLurPerm.fish(trans.getUserPrincipal(), ap)) {
+ resp.setContentType(voidResp);
+ resp.getOutputStream().write(0);
+ return Result.ok();
+ } else {
+ return Result.err(Result.ERR_Denied,"%s does not have %s",trans.user(),ap.getKey());
+ }
+ }
+
+ /* (non-Javadoc)
+ * @see com.att.auth.certman.facade.Facade#requestCert(org.onap.aaf.auth.env.test.AuthzTrans, javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse)
+ */
+ @Override
+ public Result<Void> requestCert(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp, CA ca) {
+ TimeTaken tt = trans.start(REQUEST_CERT, Env.SUB|Env.ALWAYS);
+ String wt;
+ boolean withTrust=(wt=req.getParameter("withTrust"))!=null || TRUE.equalsIgnoreCase(wt);
+ try {
+ REQ request;
+ try {
+ Data<REQ> rd = certRequestDF.newData().load(req.getInputStream());
+ request = rd.asObject();
+ } catch(APIException e) {
+ trans.error().log("Invalid Input",IN,REQUEST_CERT);
+ return Result.err(Result.ERR_BadData,"Invalid Input");
+ }
+
+ Result<CertResp> rcr = service.requestCert(trans,mapper.toReq(trans,request), ca);
+ if(rcr.notOK()) {
+ return Result.err(rcr);
+ }
+
+// CA certAuth = trans.get(sCertAuth,null);
+ Result<CERT> rc = mapper.toCert(trans, rcr, withTrust);
+ switch(rc.status) {
+ case OK:
+ RosettaData<CERT> data = certDF.newData(trans).load(rc.value);
+ data.to(resp.getOutputStream());
+
+ setContentType(resp,certDF.getOutType());
+ return Result.ok();
+ default:
+ return Result.err(rc);
+ }
+
+ } catch (Exception e) {
+ trans.error().log(e,IN,REQUEST_CERT);
+ return Result.err(e);
+ } finally {
+ tt.done();
+ }
+ }
+
+ /* (non-Javadoc)
+ * @see org.onap.aaf.auth.cm.facade.Facade#requestPersonalCert(org.onap.aaf.auth.env.test.AuthzTrans, javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse, boolean)
+ */
+ @Override
+ public Result<Void> requestPersonalCert(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp, CA ca) {
+ return Result.err(Result.ERR_NotImplemented,"not implemented yet");
+// Result<CertResp> rcr = service.requestPersonalCert(trans,ca);
+// if(rcr.notOK()) {
+// return Result.err(rcr);
+// } else {
+// try {
+// resp.setContentType("application/zip, application/octet-stream");
+// ZipOutputStream zos = new ZipOutputStream(resp.getOutputStream());
+// PrintStream ps = new PrintStream(zos);
+// ZipEntry ze = new ZipEntry(trans.user()+".key");
+// zos.putNextEntry(ze);
+// ps.print(rcr.value.privateString());
+// zos.closeEntry();
//
-// zos.putNextEntry(new ZipEntry(trans.user()+".crt"));
-// ps.print(rcr.value.asCertString());
-// zos.closeEntry();
-//
-// String wt;
-// if((wt=req.getParameter("withTrust"))!=null || TRUE.equalsIgnoreCase(wt)) {
-// zos.putNextEntry(new ZipEntry(trans.user()+".trustCrts"));
-// for(String s : ca.getTrustChain()) {
-// ps.println(s);
-// }
-// zos.closeEntry();
-// }
-//
-// boolean withJKS = (wt=req.getParameter("withJKS"))!=null || TRUE.equalsIgnoreCase(wt);
-// if(withJKS) {
-// if(trans.getUserPrincipal() instanceof BasicPrincipal) {
-// char[] cap = new String(((BasicPrincipal)trans.getUserPrincipal()).getCred()).toCharArray();
-// KeyStore ks = keystore(trans, rcr.value, ca.getTrustChain(), trans.user(), cap);
-// zos.putNextEntry(new ZipEntry(trans.user()+".jks"));
-// ks.store(zos, cap);
-// zos.closeEntry();
-// }
-// }
-//
-// zos.putNextEntry(new ZipEntry("cert_deploy.sh"));
-// ps.println("# Deploy Certificate to ~/.aaf");
-// ps.println("if [ \"$1\" = \"\" ]; then echo \"sh deploy.sh <zipfile>\";exit; else chmod 700 $HOME/.aaf; fi");
-// ps.println("chmod 600 $1");
-// ps.println("if [ ! -e $HOME/.aaf ]; then mkdir -m 700 $HOME/.aaf; fi");
-// ps.println("THE_PWD=`pwd`");
-// ps.println("cd $HOME/.aaf");
-// ps.println("echo \"Deploying to `pwd`\"");
-// ps.println("jar -xvf $THE_PWD/$1 " + trans.user());
-// ps.println("chmod 600 " + trans.user() + ".key");
-// if(withJKS) {
-// ps.println("chmod 600 " + trans.user() + ".jks");
-// }
-// ps.println("cd $THE_PWD");
-// ps.println("rm cert_deploy.sh");
-// zos.closeEntry();
-//
+// zos.putNextEntry(new ZipEntry(trans.user()+".crt"));
+// ps.print(rcr.value.asCertString());
+// zos.closeEntry();
+//
+// String wt;
+// if((wt=req.getParameter("withTrust"))!=null || TRUE.equalsIgnoreCase(wt)) {
+// zos.putNextEntry(new ZipEntry(trans.user()+".trustCrts"));
+// for(String s : ca.getTrustChain()) {
+// ps.println(s);
+// }
+// zos.closeEntry();
+// }
+//
+// boolean withJKS = (wt=req.getParameter("withJKS"))!=null || TRUE.equalsIgnoreCase(wt);
+// if(withJKS) {
+// if(trans.getUserPrincipal() instanceof BasicPrincipal) {
+// char[] cap = new String(((BasicPrincipal)trans.getUserPrincipal()).getCred()).toCharArray();
+// KeyStore ks = keystore(trans, rcr.value, ca.getTrustChain(), trans.user(), cap);
+// zos.putNextEntry(new ZipEntry(trans.user()+".jks"));
+// ks.store(zos, cap);
+// zos.closeEntry();
+// }
+// }
+//
+// zos.putNextEntry(new ZipEntry("cert_deploy.sh"));
+// ps.println("# Deploy Certificate to ~/.aaf");
+// ps.println("if [ \"$1\" = \"\" ]; then echo \"sh deploy.sh <zipfile>\";exit; else chmod 700 $HOME/.aaf; fi");
+// ps.println("chmod 600 $1");
+// ps.println("if [ ! -e $HOME/.aaf ]; then mkdir -m 700 $HOME/.aaf; fi");
+// ps.println("THE_PWD=`pwd`");
+// ps.println("cd $HOME/.aaf");
+// ps.println("echo \"Deploying to `pwd`\"");
+// ps.println("jar -xvf $THE_PWD/$1 " + trans.user());
+// ps.println("chmod 600 " + trans.user() + ".key");
+// if(withJKS) {
+// ps.println("chmod 600 " + trans.user() + ".jks");
+// }
+// ps.println("cd $THE_PWD");
+// ps.println("rm cert_deploy.sh");
+// zos.closeEntry();
+//
//
-// zos.close();
-//
-// } catch (IOException | KeyStoreException | CertificateException | APIException | CertException | NoSuchAlgorithmException e) {
-// return Result.err(e);
-// }
-// }
+// zos.close();
+//
+// } catch (IOException | KeyStoreException | CertificateException | APIException | CertException | NoSuchAlgorithmException e) {
+// return Result.err(e);
+// }
+// }
//
-// return Result.ok();
- }
-
-// private KeyStore keystore(AuthzTrans trans, CertResp cr, String[] trustChain, String name, char[] cap) throws KeyStoreException, CertificateException, APIException, IOException, CertException, NoSuchAlgorithmException {
-// KeyStore jks = KeyStore.getInstance("jks");
-// jks.load(null, cap);
-//
-// // Get the Cert(s)... Might include Trust store
-// List<String> lcerts = new ArrayList<>();
-// lcerts.add(cr.asCertString());
-// for(String s : trustChain) {
-// lcerts.add(s);
-// }
-//
-// Collection<? extends Certificate> certColl = Factory.toX509Certificate(lcerts);
-// X509Certificate[] certs = new X509Certificate[certColl.size()];
-// certColl.toArray(certs);
-// KeyStore.ProtectionParameter protParam = new KeyStore.PasswordProtection(cap);
-//
-// PrivateKey pk = Factory.toPrivateKey(trans, cr.privateString());
-// KeyStore.PrivateKeyEntry pkEntry =
-// new KeyStore.PrivateKeyEntry(pk, new Certificate[] {certs[0]});
-// jks.setEntry(name, pkEntry, protParam);
-//
-// int i=0;
-// for(X509Certificate x509 : certs) {
-// jks.setCertificateEntry("cert_"+ ++i, x509);
-// }
-// return jks;
-// }
-
- @Override
- public Result<Void> renewCert(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp, boolean withTrust) {
- TimeTaken tt = trans.start(RENEW_CERT, Env.SUB|Env.ALWAYS);
- try {
- REQ request;
- try {
- Data<REQ> rd = certRenewDF.newData().load(req.getInputStream());
- request = rd.asObject();
- } catch(APIException e) {
- trans.error().log("Invalid Input",IN,RENEW_CERT);
- return Result.err(Result.ERR_BadData,"Invalid Input");
- }
-
-// String certAuth = trans.get(sCertAuth,null);
- Result<CertResp> rcr = service.renewCert(trans,mapper.toRenew(trans,request));
- Result<CERT> rc = mapper.toCert(trans, rcr, withTrust);
-
- switch(rc.status) {
- case OK:
- RosettaData<CERT> data = certDF.newData(trans).load(rc.value);
- data.to(resp.getOutputStream());
-
- setContentType(resp,certDF.getOutType());
- return Result.ok();
- default:
- return Result.err(rc);
- }
- } catch (Exception e) {
- trans.error().log(e,IN,RENEW_CERT);
- return Result.err(e);
- } finally {
- tt.done();
- }
-
- }
-
- @Override
- public Result<Void> dropCert(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp) {
- TimeTaken tt = trans.start(DROP_CERT, Env.SUB|Env.ALWAYS);
- try {
- REQ request;
- try {
- Data<REQ> rd = certDropDF.newData().load(req.getInputStream());
- request = rd.asObject();
- } catch(APIException e) {
- trans.error().log("Invalid Input",IN,DROP_CERT);
- return Result.err(Result.ERR_BadData,"Invalid Input");
- }
-
- Result<Void> rv = service.dropCert(trans,mapper.toDrop(trans, request));
- switch(rv.status) {
- case OK:
- setContentType(resp,certRequestDF.getOutType());
- return Result.ok();
- default:
- return Result.err(rv);
- }
- } catch (Exception e) {
- trans.error().log(e,IN,DROP_CERT);
- return Result.err(e);
- } finally {
- tt.done();
- }
- }
-
- /* (non-Javadoc)
- * @see org.onap.aaf.auth.cm.facade.Facade#readCertsByMechID(org.onap.aaf.auth.env.test.AuthzTrans, javax.servlet.http.HttpServletResponse, java.lang.String)
- */
- @Override
- public Result<Void> readCertsByMechID(AuthzTrans trans, HttpServletResponse resp, String mechID) {
- TimeTaken tt = trans.start(READ_CERTS_MECHID, Env.SUB|Env.ALWAYS);
- try {
- Result<CERT> rc = mapper.toCert(trans, service.readCertsByMechID(trans,mechID));
- switch(rc.status) {
- case OK:
- RosettaData<CERT> data = certDF.newData(trans).load(rc.value);
- data.to(resp.getOutputStream());
-
- setContentType(resp,certDF.getOutType());
- return Result.ok();
- default:
- return Result.err(rc);
- }
- } catch (Exception e) {
- trans.error().log(e,IN,READ_CERTS_MECHID);
- return Result.err(e);
- } finally {
- tt.done();
- }
- }
-
- ////////////////////////////
- // Artifacts
- ////////////////////////////
- @Override
- public Result<Void> createArtifacts(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp) {
- TimeTaken tt = trans.start(CREATE_ARTIFACTS, Env.SUB);
- try {
- ARTIFACTS arti;
- try {
- Data<ARTIFACTS> rd = artiDF.newData().load(req.getInputStream());
- arti = rd.asObject();
- } catch(APIException e) {
- trans.error().log("Invalid Input",IN,CREATE_ARTIFACTS);
- return Result.err(Result.ERR_BadData,"Invalid Input");
- }
-
- return service.createArtifact(trans,mapper.toArtifact(trans,arti));
- } catch (Exception e) {
-
- trans.error().log(e,IN,CREATE_ARTIFACTS);
- return Result.err(e);
- } finally {
- tt.done();
- }
- }
-
- @Override
- public Result<Void> readArtifacts(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp) {
- TimeTaken tt = trans.start(READ_ARTIFACTS, Env.SUB);
- try {
- String mechid = req.getParameter("mechid");
- String machine = req.getParameter("machine");
- String ns = req.getParameter("ns");
-
- Result<ARTIFACTS> ra;
- if( machine !=null && mechid == null) {
- ra = mapper.fromArtifacts(service.readArtifactsByMachine(trans, machine));
- } else if(mechid!=null && machine==null) {
- ra = mapper.fromArtifacts(service.readArtifactsByMechID(trans, mechid));
- } else if(mechid!=null && machine!=null) {
- ArtiDAO.Data add = new ArtiDAO.Data();
- add.mechid = mechid;
- add.machine = machine;
- add.ns = ns;
- ra = mapper.fromArtifacts(service.readArtifacts(trans,add));
- } else if(ns!=null) {
- ra = mapper.fromArtifacts(service.readArtifactsByNs(trans, ns));
- } else {
- ra = Result.err(Status.ERR_BadData,"Invalid request inputs");
- }
-
- if(ra.isOK()) {
- RosettaData<ARTIFACTS> data = artiDF.newData(trans).load(ra.value);
- data.to(resp.getOutputStream());
- setContentType(resp,artiDF.getOutType());
- return Result.ok();
- } else {
- return Result.err(ra);
- }
-
- } catch (Exception e) {
- trans.error().log(e,IN,READ_ARTIFACTS);
- return Result.err(e);
- } finally {
- tt.done();
- }
- }
-
- @Override
- public Result<Void> readArtifacts(AuthzTrans trans, HttpServletResponse resp, String mechid, String machine) {
- TimeTaken tt = trans.start(READ_ARTIFACTS, Env.SUB);
- try {
- ArtiDAO.Data add = new ArtiDAO.Data();
- add.mechid = mechid;
- add.machine = machine;
- Result<ARTIFACTS> ra = mapper.fromArtifacts(service.readArtifacts(trans,add));
- if(ra.isOK()) {
- RosettaData<ARTIFACTS> data = artiDF.newData(trans).load(ra.value);
- data.to(resp.getOutputStream());
- setContentType(resp,artiDF.getOutType());
- return Result.ok();
- } else {
- return Result.err(ra);
- }
- } catch (Exception e) {
- trans.error().log(e,IN,READ_ARTIFACTS);
- return Result.err(e);
- } finally {
- tt.done();
- }
- }
-
-
- @Override
- public Result<Void> updateArtifacts(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp) {
- TimeTaken tt = trans.start(UPDATE_ARTIFACTS, Env.SUB);
- try {
- ARTIFACTS arti;
- try {
- Data<ARTIFACTS> rd = artiDF.newData().load(req.getInputStream());
- arti = rd.asObject();
- } catch(APIException e) {
- trans.error().log("Invalid Input",IN,UPDATE_ARTIFACTS);
- return Result.err(Result.ERR_BadData,"Invalid Input");
- }
-
- return service.updateArtifact(trans,mapper.toArtifact(trans,arti));
- } catch (Exception e) {
- trans.error().log(e,IN,UPDATE_ARTIFACTS);
- return Result.err(e);
- } finally {
- tt.done();
- }
- }
-
- @Override
- public Result<Void> deleteArtifacts(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp) {
- TimeTaken tt = trans.start(DELETE_ARTIFACTS, Env.SUB);
- try {
- ARTIFACTS arti;
- try {
- Data<ARTIFACTS> rd = artiDF.newData().load(req.getInputStream());
- arti = rd.asObject();
- } catch(APIException e) {
- trans.error().log("Invalid Input",IN,DELETE_ARTIFACTS);
- return Result.err(Result.ERR_BadData,"Invalid Input");
- }
-
- Result<Void> rv = service.deleteArtifact(trans,mapper.toArtifact(trans,arti));
- switch(rv.status) {
- case OK:
- setContentType(resp,artiDF.getOutType());
- }
- return rv;
- } catch (Exception e) {
- trans.error().log(e,IN,DELETE_ARTIFACTS);
- return Result.err(e);
- } finally {
- tt.done();
- }
- }
-
- @Override
- public Result<Void> deleteArtifacts(AuthzTrans trans, HttpServletResponse resp, String mechid, String machine) {
- TimeTaken tt = trans.start(DELETE_ARTIFACTS, Env.SUB);
- try {
- Result<Void> rv = service.deleteArtifact(trans, mechid, machine);
- switch(rv.status) {
- case OK:
- setContentType(resp,artiDF.getOutType());
- }
- return rv;
- } catch (Exception e) {
- trans.error().log(e,IN,DELETE_ARTIFACTS);
- return Result.err(e);
- } finally {
- tt.done();
- }
- }
+// return Result.ok();
+ }
+
+// private KeyStore keystore(AuthzTrans trans, CertResp cr, String[] trustChain, String name, char[] cap) throws KeyStoreException, CertificateException, APIException, IOException, CertException, NoSuchAlgorithmException {
+// KeyStore jks = KeyStore.getInstance("jks");
+// jks.load(null, cap);
+//
+// // Get the Cert(s)... Might include Trust store
+// List<String> lcerts = new ArrayList<>();
+// lcerts.add(cr.asCertString());
+// for(String s : trustChain) {
+// lcerts.add(s);
+// }
+//
+// Collection<? extends Certificate> certColl = Factory.toX509Certificate(lcerts);
+// X509Certificate[] certs = new X509Certificate[certColl.size()];
+// certColl.toArray(certs);
+// KeyStore.ProtectionParameter protParam = new KeyStore.PasswordProtection(cap);
+//
+// PrivateKey pk = Factory.toPrivateKey(trans, cr.privateString());
+// KeyStore.PrivateKeyEntry pkEntry =
+// new KeyStore.PrivateKeyEntry(pk, new Certificate[] {certs[0]});
+// jks.setEntry(name, pkEntry, protParam);
+//
+// int i=0;
+// for(X509Certificate x509 : certs) {
+// jks.setCertificateEntry("cert_"+ ++i, x509);
+// }
+// return jks;
+// }
+
+ @Override
+ public Result<Void> renewCert(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp, boolean withTrust) {
+ TimeTaken tt = trans.start(RENEW_CERT, Env.SUB|Env.ALWAYS);
+ try {
+ REQ request;
+ try {
+ Data<REQ> rd = certRenewDF.newData().load(req.getInputStream());
+ request = rd.asObject();
+ } catch(APIException e) {
+ trans.error().log("Invalid Input",IN,RENEW_CERT);
+ return Result.err(Result.ERR_BadData,"Invalid Input");
+ }
+
+// String certAuth = trans.get(sCertAuth,null);
+ Result<CertResp> rcr = service.renewCert(trans,mapper.toRenew(trans,request));
+ Result<CERT> rc = mapper.toCert(trans, rcr, withTrust);
+
+ switch(rc.status) {
+ case OK:
+ RosettaData<CERT> data = certDF.newData(trans).load(rc.value);
+ data.to(resp.getOutputStream());
+
+ setContentType(resp,certDF.getOutType());
+ return Result.ok();
+ default:
+ return Result.err(rc);
+ }
+ } catch (Exception e) {
+ trans.error().log(e,IN,RENEW_CERT);
+ return Result.err(e);
+ } finally {
+ tt.done();
+ }
+
+ }
+
+ @Override
+ public Result<Void> dropCert(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp) {
+ TimeTaken tt = trans.start(DROP_CERT, Env.SUB|Env.ALWAYS);
+ try {
+ REQ request;
+ try {
+ Data<REQ> rd = certDropDF.newData().load(req.getInputStream());
+ request = rd.asObject();
+ } catch(APIException e) {
+ trans.error().log("Invalid Input",IN,DROP_CERT);
+ return Result.err(Result.ERR_BadData,"Invalid Input");
+ }
+
+ Result<Void> rv = service.dropCert(trans,mapper.toDrop(trans, request));
+ switch(rv.status) {
+ case OK:
+ setContentType(resp,certRequestDF.getOutType());
+ return Result.ok();
+ default:
+ return Result.err(rv);
+ }
+ } catch (Exception e) {
+ trans.error().log(e,IN,DROP_CERT);
+ return Result.err(e);
+ } finally {
+ tt.done();
+ }
+ }
+
+ /* (non-Javadoc)
+ * @see org.onap.aaf.auth.cm.facade.Facade#readCertsByMechID(org.onap.aaf.auth.env.test.AuthzTrans, javax.servlet.http.HttpServletResponse, java.lang.String)
+ */
+ @Override
+ public Result<Void> readCertsByMechID(AuthzTrans trans, HttpServletResponse resp, String mechID) {
+ TimeTaken tt = trans.start(READ_CERTS_MECHID, Env.SUB|Env.ALWAYS);
+ try {
+ Result<CERT> rc = mapper.toCert(trans, service.readCertsByMechID(trans,mechID));
+ switch(rc.status) {
+ case OK:
+ RosettaData<CERT> data = certDF.newData(trans).load(rc.value);
+ data.to(resp.getOutputStream());
+
+ setContentType(resp,certDF.getOutType());
+ return Result.ok();
+ default:
+ return Result.err(rc);
+ }
+ } catch (Exception e) {
+ trans.error().log(e,IN,READ_CERTS_MECHID);
+ return Result.err(e);
+ } finally {
+ tt.done();
+ }
+ }
+
+ ////////////////////////////
+ // Artifacts
+ ////////////////////////////
+ @Override
+ public Result<Void> createArtifacts(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp) {
+ TimeTaken tt = trans.start(CREATE_ARTIFACTS, Env.SUB);
+ try {
+ ARTIFACTS arti;
+ try {
+ Data<ARTIFACTS> rd = artiDF.newData().load(req.getInputStream());
+ arti = rd.asObject();
+ } catch(APIException e) {
+ trans.error().log("Invalid Input",IN,CREATE_ARTIFACTS);
+ return Result.err(Result.ERR_BadData,"Invalid Input");
+ }
+
+ return service.createArtifact(trans,mapper.toArtifact(trans,arti));
+ } catch (Exception e) {
+
+ trans.error().log(e,IN,CREATE_ARTIFACTS);
+ return Result.err(e);
+ } finally {
+ tt.done();
+ }
+ }
+
+ @Override
+ public Result<Void> readArtifacts(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp) {
+ TimeTaken tt = trans.start(READ_ARTIFACTS, Env.SUB);
+ try {
+ String mechid = req.getParameter("mechid");
+ String machine = req.getParameter("machine");
+ String ns = req.getParameter("ns");
+
+ Result<ARTIFACTS> ra;
+ if( machine !=null && mechid == null) {
+ ra = mapper.fromArtifacts(service.readArtifactsByMachine(trans, machine));
+ } else if(mechid!=null && machine==null) {
+ ra = mapper.fromArtifacts(service.readArtifactsByMechID(trans, mechid));
+ } else if(mechid!=null && machine!=null) {
+ ArtiDAO.Data add = new ArtiDAO.Data();
+ add.mechid = mechid;
+ add.machine = machine;
+ add.ns = ns;
+ ra = mapper.fromArtifacts(service.readArtifacts(trans,add));
+ } else if(ns!=null) {
+ ra = mapper.fromArtifacts(service.readArtifactsByNs(trans, ns));
+ } else {
+ ra = Result.err(Status.ERR_BadData,"Invalid request inputs");
+ }
+
+ if(ra.isOK()) {
+ RosettaData<ARTIFACTS> data = artiDF.newData(trans).load(ra.value);
+ data.to(resp.getOutputStream());
+ setContentType(resp,artiDF.getOutType());
+ return Result.ok();
+ } else {
+ return Result.err(ra);
+ }
+
+ } catch (Exception e) {
+ trans.error().log(e,IN,READ_ARTIFACTS);
+ return Result.err(e);
+ } finally {
+ tt.done();
+ }
+ }
+
+ @Override
+ public Result<Void> readArtifacts(AuthzTrans trans, HttpServletResponse resp, String mechid, String machine) {
+ TimeTaken tt = trans.start(READ_ARTIFACTS, Env.SUB);
+ try {
+ ArtiDAO.Data add = new ArtiDAO.Data();
+ add.mechid = mechid;
+ add.machine = machine;
+ Result<ARTIFACTS> ra = mapper.fromArtifacts(service.readArtifacts(trans,add));
+ if(ra.isOK()) {
+ RosettaData<ARTIFACTS> data = artiDF.newData(trans).load(ra.value);
+ data.to(resp.getOutputStream());
+ setContentType(resp,artiDF.getOutType());
+ return Result.ok();
+ } else {
+ return Result.err(ra);
+ }
+ } catch (Exception e) {
+ trans.error().log(e,IN,READ_ARTIFACTS);
+ return Result.err(e);
+ } finally {
+ tt.done();
+ }
+ }
+
+
+ @Override
+ public Result<Void> updateArtifacts(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp) {
+ TimeTaken tt = trans.start(UPDATE_ARTIFACTS, Env.SUB);
+ try {
+ ARTIFACTS arti;
+ try {
+ Data<ARTIFACTS> rd = artiDF.newData().load(req.getInputStream());
+ arti = rd.asObject();
+ } catch(APIException e) {
+ trans.error().log("Invalid Input",IN,UPDATE_ARTIFACTS);
+ return Result.err(Result.ERR_BadData,"Invalid Input");
+ }
+
+ return service.updateArtifact(trans,mapper.toArtifact(trans,arti));
+ } catch (Exception e) {
+ trans.error().log(e,IN,UPDATE_ARTIFACTS);
+ return Result.err(e);
+ } finally {
+ tt.done();
+ }
+ }
+
+ @Override
+ public Result<Void> deleteArtifacts(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp) {
+ TimeTaken tt = trans.start(DELETE_ARTIFACTS, Env.SUB);
+ try {
+ ARTIFACTS arti;
+ try {
+ Data<ARTIFACTS> rd = artiDF.newData().load(req.getInputStream());
+ arti = rd.asObject();
+ } catch(APIException e) {
+ trans.error().log("Invalid Input",IN,DELETE_ARTIFACTS);
+ return Result.err(Result.ERR_BadData,"Invalid Input");
+ }
+
+ Result<Void> rv = service.deleteArtifact(trans,mapper.toArtifact(trans,arti));
+ switch(rv.status) {
+ case OK:
+ setContentType(resp,artiDF.getOutType());
+ }
+ return rv;
+ } catch (Exception e) {
+ trans.error().log(e,IN,DELETE_ARTIFACTS);
+ return Result.err(e);
+ } finally {
+ tt.done();
+ }
+ }
+
+ @Override
+ public Result<Void> deleteArtifacts(AuthzTrans trans, HttpServletResponse resp, String mechid, String machine) {
+ TimeTaken tt = trans.start(DELETE_ARTIFACTS, Env.SUB);
+ try {
+ Result<Void> rv = service.deleteArtifact(trans, mechid, machine);
+ switch(rv.status) {
+ case OK:
+ setContentType(resp,artiDF.getOutType());
+ }
+ return rv;
+ } catch (Exception e) {
+ trans.error().log(e,IN,DELETE_ARTIFACTS);
+ return Result.err(e);
+ } finally {
+ tt.done();
+ }
+ }
} \ No newline at end of file
diff --git a/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/mapper/Mapper.java b/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/mapper/Mapper.java
index aadb6650..7328f099 100644
--- a/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/mapper/Mapper.java
+++ b/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/mapper/Mapper.java
@@ -35,20 +35,20 @@ import org.onap.aaf.auth.layer.Result;
public interface Mapper<REQ,CERT,ARTIFACTS,ERROR>
{
- public enum API{ERROR,VOID,CERT,CERT_REQ,CERT_RENEW,CERT_DROP,ARTIFACTS};
-
- public Class<?> getClass(API api);
- public<A> A newInstance(API api);
+ public enum API{ERROR,VOID,CERT,CERT_REQ,CERT_RENEW,CERT_DROP,ARTIFACTS};
+
+ public Class<?> getClass(API api);
+ public<A> A newInstance(API api);
- public ERROR errorFromMessage(StringBuilder holder, String msgID, String text, String... detail);
-
- public Result<CERT> toCert(AuthzTrans trans, Result<CertResp> in, boolean withTrustChain) throws IOException;
- public Result<CERT> toCert(AuthzTrans trans, Result<List<CertDAO.Data>> in);
+ public ERROR errorFromMessage(StringBuilder holder, String msgID, String text, String... detail);
+
+ public Result<CERT> toCert(AuthzTrans trans, Result<CertResp> in, boolean withTrustChain) throws IOException;
+ public Result<CERT> toCert(AuthzTrans trans, Result<List<CertDAO.Data>> in);
- public Result<CertReq> toReq(AuthzTrans trans, REQ req);
- public Result<CertRenew> toRenew(AuthzTrans trans, REQ req);
- public Result<CertDrop> toDrop(AuthzTrans trans, REQ req);
-
- public List<ArtiDAO.Data> toArtifact(AuthzTrans trans, ARTIFACTS arti);
- public Result<ARTIFACTS> fromArtifacts(Result<List<ArtiDAO.Data>> readArtifactsByMachine);
+ public Result<CertReq> toReq(AuthzTrans trans, REQ req);
+ public Result<CertRenew> toRenew(AuthzTrans trans, REQ req);
+ public Result<CertDrop> toDrop(AuthzTrans trans, REQ req);
+
+ public List<ArtiDAO.Data> toArtifact(AuthzTrans trans, ARTIFACTS arti);
+ public Result<ARTIFACTS> fromArtifacts(Result<List<ArtiDAO.Data>> readArtifactsByMachine);
}
diff --git a/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/mapper/Mapper1_0.java b/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/mapper/Mapper1_0.java
index c06734f4..53b97626 100644
--- a/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/mapper/Mapper1_0.java
+++ b/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/mapper/Mapper1_0.java
@@ -49,234 +49,234 @@ import certman.v1_0.CertificateRequest;
public class Mapper1_0 implements Mapper<BaseRequest,CertInfo,Artifacts,Error> {
-
- @Override
- public Class<?> getClass(API api) {
- switch(api) {
- case CERT_REQ: return CertificateRequest.class;
- case CERT_RENEW: return CertificateRenew.class;
- case CERT_DROP: return CertificateDrop.class;
- case CERT: return CertInfo.class;
- case ARTIFACTS: return Artifacts.class;
- case ERROR: return Error.class;
- case VOID: return Void.class;
- }
- return null;
- }
+
+ @Override
+ public Class<?> getClass(API api) {
+ switch(api) {
+ case CERT_REQ: return CertificateRequest.class;
+ case CERT_RENEW: return CertificateRenew.class;
+ case CERT_DROP: return CertificateDrop.class;
+ case CERT: return CertInfo.class;
+ case ARTIFACTS: return Artifacts.class;
+ case ERROR: return Error.class;
+ case VOID: return Void.class;
+ }
+ return null;
+ }
- @SuppressWarnings("unchecked")
- @Override
- public <A> A newInstance(API api) {
- switch(api) {
- case CERT_REQ: return (A) new CertificateRequest();
- case CERT_RENEW: return (A) new CertificateRenew();
- case CERT_DROP: return (A) new CertificateDrop();
- case CERT: return (A) new CertInfo();
- case ARTIFACTS: return (A) new Artifacts();
- case ERROR: return (A)new Error();
- case VOID: return null;
- }
- return null;
- }
+ @SuppressWarnings("unchecked")
+ @Override
+ public <A> A newInstance(API api) {
+ switch(api) {
+ case CERT_REQ: return (A) new CertificateRequest();
+ case CERT_RENEW: return (A) new CertificateRenew();
+ case CERT_DROP: return (A) new CertificateDrop();
+ case CERT: return (A) new CertInfo();
+ case ARTIFACTS: return (A) new Artifacts();
+ case ERROR: return (A)new Error();
+ case VOID: return null;
+ }
+ return null;
+ }
- ////////////// Mapping Functions /////////////
- @Override
- public Error errorFromMessage(StringBuilder holder, String msgID, String text, String... var) {
- Error err = new Error();
- err.setMessageId(msgID);
- // AT&T Restful Error Format requires numbers "%" placements
- err.setText(Vars.convert(holder, text, var));
- for(String s : var) {
- err.getVariables().add(s);
- }
- return err;
- }
+ ////////////// Mapping Functions /////////////
+ @Override
+ public Error errorFromMessage(StringBuilder holder, String msgID, String text, String... var) {
+ Error err = new Error();
+ err.setMessageId(msgID);
+ // AT&T Restful Error Format requires numbers "%" placements
+ err.setText(Vars.convert(holder, text, var));
+ for(String s : var) {
+ err.getVariables().add(s);
+ }
+ return err;
+ }
- /* (non-Javadoc)
- * @see com.att.authz.certman.mapper.Mapper#toCert(org.onap.aaf.auth.env.test.AuthzTrans, org.onap.aaf.auth.layer.test.Result)
- */
- @Override
- public Result<CertInfo> toCert(AuthzTrans trans, Result<CertResp> in, boolean withTrustChain) throws IOException {
- if(!in.isOK()) {
- return Result.err(in);
- }
+ /* (non-Javadoc)
+ * @see com.att.authz.certman.mapper.Mapper#toCert(org.onap.aaf.auth.env.test.AuthzTrans, org.onap.aaf.auth.layer.test.Result)
+ */
+ @Override
+ public Result<CertInfo> toCert(AuthzTrans trans, Result<CertResp> in, boolean withTrustChain) throws IOException {
+ if(!in.isOK()) {
+ return Result.err(in);
+ }
- CertResp cin = in.value;
- CertInfo cout = newInstance(API.CERT);
- cout.setPrivatekey(cin.privateString());
- String value;
- if((value=cin.challenge())!=null) {
- cout.setChallenge(value);
- }
- // In Version 1, Cert is always first
- cout.getCerts().add(cin.asCertString());
- // Follow with Trust Chain
- if(cin.trustChain()!=null) {
- for(String c : cin.trustChain()) {
- if(c!=null) {
- cout.getCerts().add(c);
- }
- }
- }
+ CertResp cin = in.value;
+ CertInfo cout = newInstance(API.CERT);
+ cout.setPrivatekey(cin.privateString());
+ String value;
+ if((value=cin.challenge())!=null) {
+ cout.setChallenge(value);
+ }
+ // In Version 1, Cert is always first
+ cout.getCerts().add(cin.asCertString());
+ // Follow with Trust Chain
+ if(cin.trustChain()!=null) {
+ for(String c : cin.trustChain()) {
+ if(c!=null) {
+ cout.getCerts().add(c);
+ }
+ }
+ }
- // Adding all the Certs in one response is a mistake. Makes it very hard for Agent to setup
- // Certs in keystore versus Truststore. Separate in Version 2_0
- if(cin.trustCAs()!=null) {
- for(String c : cin.trustCAs()) {
- if(c!=null) {
- if(!cout.getCerts().contains(c)) {
- cout.getCerts().add(c);
- }
- }
- }
- }
- if(cin.notes()!=null) {
- boolean first = true;
- StringBuilder sb = new StringBuilder();
- for(String n : cin.notes()) {
- if(first) {
- first = false;
- } else {
- sb.append('\n');
- }
- sb.append(n);
- }
- cout.setNotes(sb.toString());
- }
- List<String> caIssuerDNs = cout.getCaIssuerDNs();
- for(String s : cin.caIssuerDNs()) {
- caIssuerDNs.add(s);
- }
- cout.setEnv(cin.env());
- return Result.ok(cout);
+ // Adding all the Certs in one response is a mistake. Makes it very hard for Agent to setup
+ // Certs in keystore versus Truststore. Separate in Version 2_0
+ if(cin.trustCAs()!=null) {
+ for(String c : cin.trustCAs()) {
+ if(c!=null) {
+ if(!cout.getCerts().contains(c)) {
+ cout.getCerts().add(c);
+ }
+ }
+ }
+ }
+ if(cin.notes()!=null) {
+ boolean first = true;
+ StringBuilder sb = new StringBuilder();
+ for(String n : cin.notes()) {
+ if(first) {
+ first = false;
+ } else {
+ sb.append('\n');
+ }
+ sb.append(n);
+ }
+ cout.setNotes(sb.toString());
+ }
+ List<String> caIssuerDNs = cout.getCaIssuerDNs();
+ for(String s : cin.caIssuerDNs()) {
+ caIssuerDNs.add(s);
+ }
+ cout.setEnv(cin.env());
+ return Result.ok(cout);
- }
+ }
- @Override
- public Result<CertInfo> toCert(AuthzTrans trans, Result<List<CertDAO.Data>> in) {
- if(in.isOK()) {
- CertInfo cout = newInstance(API.CERT);
- List<String> certs = cout.getCerts();
- for(CertDAO.Data cdd : in.value) {
- certs.add(cdd.x509);
- }
- return Result.ok(cout);
- } else {
- return Result.err(in);
- }
- }
+ @Override
+ public Result<CertInfo> toCert(AuthzTrans trans, Result<List<CertDAO.Data>> in) {
+ if(in.isOK()) {
+ CertInfo cout = newInstance(API.CERT);
+ List<String> certs = cout.getCerts();
+ for(CertDAO.Data cdd : in.value) {
+ certs.add(cdd.x509);
+ }
+ return Result.ok(cout);
+ } else {
+ return Result.err(in);
+ }
+ }
- /* (non-Javadoc)
- * @see com.att.authz.certman.mapper.Mapper#toReq(org.onap.aaf.auth.env.test.AuthzTrans, java.lang.Object)
- */
- @Override
- public Result<CertReq> toReq(AuthzTrans trans, BaseRequest req) {
- CertificateRequest in;
- try {
- in = (CertificateRequest)req;
- } catch(ClassCastException e) {
- return Result.err(Result.ERR_BadData,"Request is not a CertificateRequest");
- }
+ /* (non-Javadoc)
+ * @see com.att.authz.certman.mapper.Mapper#toReq(org.onap.aaf.auth.env.test.AuthzTrans, java.lang.Object)
+ */
+ @Override
+ public Result<CertReq> toReq(AuthzTrans trans, BaseRequest req) {
+ CertificateRequest in;
+ try {
+ in = (CertificateRequest)req;
+ } catch(ClassCastException e) {
+ return Result.err(Result.ERR_BadData,"Request is not a CertificateRequest");
+ }
- CertReq out = new CertReq();
- CertmanValidator v = new CertmanValidator();
- out.mechid=in.getMechid();
- out.fqdns=in.getFqdns();
- v.isNull("CertRequest", req).nullOrBlank("MechID", out.mechid);
- v.nullBlankMin("FQDNs", out.fqdns,1);
- if(v.err()) {
- return Result.err(Result.ERR_BadData, v.errs());
- }
- out.emails = in.getEmail();
- out.sponsor=in.getSponsor();
- out.start = in.getStart();
- out.end = in.getEnd();
- out.fqdns = in.getFqdns();
- return Result.ok(out);
- }
+ CertReq out = new CertReq();
+ CertmanValidator v = new CertmanValidator();
+ out.mechid=in.getMechid();
+ out.fqdns=in.getFqdns();
+ v.isNull("CertRequest", req).nullOrBlank("MechID", out.mechid);
+ v.nullBlankMin("FQDNs", out.fqdns,1);
+ if(v.err()) {
+ return Result.err(Result.ERR_BadData, v.errs());
+ }
+ out.emails = in.getEmail();
+ out.sponsor=in.getSponsor();
+ out.start = in.getStart();
+ out.end = in.getEnd();
+ out.fqdns = in.getFqdns();
+ return Result.ok(out);
+ }
- /* (non-Javadoc)
- * @see com.att.authz.certman.mapper.Mapper#toRenew(org.onap.aaf.auth.env.test.AuthzTrans, java.lang.Object)
- */
- @Override
- public Result<CertRenew> toRenew(AuthzTrans trans, BaseRequest req) {
- return Result.err(Result.ERR_NotImplemented,"Not Implemented... yet");
- }
+ /* (non-Javadoc)
+ * @see com.att.authz.certman.mapper.Mapper#toRenew(org.onap.aaf.auth.env.test.AuthzTrans, java.lang.Object)
+ */
+ @Override
+ public Result<CertRenew> toRenew(AuthzTrans trans, BaseRequest req) {
+ return Result.err(Result.ERR_NotImplemented,"Not Implemented... yet");
+ }
- /* (non-Javadoc)
- * @see com.att.authz.certman.mapper.Mapper#toDrop(org.onap.aaf.auth.env.test.AuthzTrans, java.lang.Object)
- */
- @Override
- public Result<CertDrop> toDrop(AuthzTrans trans, BaseRequest req) {
- return Result.err(Result.ERR_NotImplemented,"Not Implemented... yet");
- }
+ /* (non-Javadoc)
+ * @see com.att.authz.certman.mapper.Mapper#toDrop(org.onap.aaf.auth.env.test.AuthzTrans, java.lang.Object)
+ */
+ @Override
+ public Result<CertDrop> toDrop(AuthzTrans trans, BaseRequest req) {
+ return Result.err(Result.ERR_NotImplemented,"Not Implemented... yet");
+ }
- /* (non-Javadoc)
- * @see org.onap.aaf.auth.cm.mapper.Mapper#toArtifact(org.onap.aaf.auth.env.test.AuthzTrans, java.lang.Object)
- */
- @Override
- public List<ArtiDAO.Data> toArtifact(AuthzTrans trans, Artifacts artifacts) {
- List<ArtiDAO.Data> ladd = new ArrayList<>();
- for(Artifact arti : artifacts.getArtifact()) {
- ArtiDAO.Data data = new ArtiDAO.Data();
- data.mechid = arti.getMechid();
- data.machine = arti.getMachine();
- data.type(true).addAll(arti.getType());
- data.ca = arti.getCa();
- data.dir = arti.getDir();
- data.os_user = arti.getOsUser();
- // Optional (on way in)
- data.ns = arti.getNs();
- data.renewDays = arti.getRenewDays();
- data.notify = arti.getNotification();
-
- // Ignored on way in for create/update
- data.sponsor = arti.getSponsor();
- data.expires = null;
-
- // Derive Optional Data from Machine (Domain) if exists
- if(data.machine!=null) {
- if(data.ca==null && data.machine.endsWith(".att.com")) {
- data.ca = "aaf"; // default
- }
- if(data.ns==null ) {
- data.ns=FQI.reverseDomain(data.machine);
- }
- }
- data.sans(true).addAll(arti.getSans());
- ladd.add(data);
- }
- return ladd;
- }
+ /* (non-Javadoc)
+ * @see org.onap.aaf.auth.cm.mapper.Mapper#toArtifact(org.onap.aaf.auth.env.test.AuthzTrans, java.lang.Object)
+ */
+ @Override
+ public List<ArtiDAO.Data> toArtifact(AuthzTrans trans, Artifacts artifacts) {
+ List<ArtiDAO.Data> ladd = new ArrayList<>();
+ for(Artifact arti : artifacts.getArtifact()) {
+ ArtiDAO.Data data = new ArtiDAO.Data();
+ data.mechid = arti.getMechid();
+ data.machine = arti.getMachine();
+ data.type(true).addAll(arti.getType());
+ data.ca = arti.getCa();
+ data.dir = arti.getDir();
+ data.os_user = arti.getOsUser();
+ // Optional (on way in)
+ data.ns = arti.getNs();
+ data.renewDays = arti.getRenewDays();
+ data.notify = arti.getNotification();
+
+ // Ignored on way in for create/update
+ data.sponsor = arti.getSponsor();
+ data.expires = null;
+
+ // Derive Optional Data from Machine (Domain) if exists
+ if(data.machine!=null) {
+ if(data.ca==null && data.machine.endsWith(".att.com")) {
+ data.ca = "aaf"; // default
+ }
+ if(data.ns==null ) {
+ data.ns=FQI.reverseDomain(data.machine);
+ }
+ }
+ data.sans(true).addAll(arti.getSans());
+ ladd.add(data);
+ }
+ return ladd;
+ }
- /* (non-Javadoc)
- * @see org.onap.aaf.auth.cm.mapper.Mapper#fromArtifacts(org.onap.aaf.auth.layer.test.Result)
- */
- @Override
- public Result<Artifacts> fromArtifacts(Result<List<Data>> lArtiDAO) {
- if(lArtiDAO.isOK()) {
- Artifacts artis = new Artifacts();
- for(ArtiDAO.Data arti : lArtiDAO.value) {
- Artifact a = new Artifact();
- a.setMechid(arti.mechid);
- a.setMachine(arti.machine);
- a.setSponsor(arti.sponsor);
- a.setNs(arti.ns);
- a.setCa(arti.ca);
- a.setDir(arti.dir);
- a.getType().addAll(arti.type(false));
- a.setOsUser(arti.os_user);
- a.setRenewDays(arti.renewDays);
- a.setNotification(arti.notify);
- a.getSans().addAll(arti.sans(false));
- artis.getArtifact().add(a);
- }
- return Result.ok(artis);
- } else {
- return Result.err(lArtiDAO);
- }
- }
-
-
+ /* (non-Javadoc)
+ * @see org.onap.aaf.auth.cm.mapper.Mapper#fromArtifacts(org.onap.aaf.auth.layer.test.Result)
+ */
+ @Override
+ public Result<Artifacts> fromArtifacts(Result<List<Data>> lArtiDAO) {
+ if(lArtiDAO.isOK()) {
+ Artifacts artis = new Artifacts();
+ for(ArtiDAO.Data arti : lArtiDAO.value) {
+ Artifact a = new Artifact();
+ a.setMechid(arti.mechid);
+ a.setMachine(arti.machine);
+ a.setSponsor(arti.sponsor);
+ a.setNs(arti.ns);
+ a.setCa(arti.ca);
+ a.setDir(arti.dir);
+ a.getType().addAll(arti.type(false));
+ a.setOsUser(arti.os_user);
+ a.setRenewDays(arti.renewDays);
+ a.setNotification(arti.notify);
+ a.getSans().addAll(arti.sans(false));
+ artis.getArtifact().add(a);
+ }
+ return Result.ok(artis);
+ } else {
+ return Result.err(lArtiDAO);
+ }
+ }
+
+
} \ No newline at end of file
diff --git a/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/mapper/Mapper2_0.java b/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/mapper/Mapper2_0.java
index 23a0c543..d85ea2ca 100644
--- a/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/mapper/Mapper2_0.java
+++ b/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/mapper/Mapper2_0.java
@@ -49,225 +49,225 @@ import certman.v1_0.CertificateRequest;
public class Mapper2_0 implements Mapper<BaseRequest,CertInfo,Artifacts,Error> {
-
- @Override
- public Class<?> getClass(API api) {
- switch(api) {
- case CERT_REQ: return CertificateRequest.class;
- case CERT_RENEW: return CertificateRenew.class;
- case CERT_DROP: return CertificateDrop.class;
- case CERT: return CertInfo.class;
- case ARTIFACTS: return Artifacts.class;
- case ERROR: return Error.class;
- case VOID: return Void.class;
- }
- return null;
- }
+
+ @Override
+ public Class<?> getClass(API api) {
+ switch(api) {
+ case CERT_REQ: return CertificateRequest.class;
+ case CERT_RENEW: return CertificateRenew.class;
+ case CERT_DROP: return CertificateDrop.class;
+ case CERT: return CertInfo.class;
+ case ARTIFACTS: return Artifacts.class;
+ case ERROR: return Error.class;
+ case VOID: return Void.class;
+ }
+ return null;
+ }
- @SuppressWarnings("unchecked")
- @Override
- public <A> A newInstance(API api) {
- switch(api) {
- case CERT_REQ: return (A) new CertificateRequest();
- case CERT_RENEW: return (A) new CertificateRenew();
- case CERT_DROP: return (A) new CertificateDrop();
- case CERT: return (A) new CertInfo();
- case ARTIFACTS: return (A) new Artifacts();
- case ERROR: return (A)new Error();
- case VOID: return null;
- }
- return null;
- }
+ @SuppressWarnings("unchecked")
+ @Override
+ public <A> A newInstance(API api) {
+ switch(api) {
+ case CERT_REQ: return (A) new CertificateRequest();
+ case CERT_RENEW: return (A) new CertificateRenew();
+ case CERT_DROP: return (A) new CertificateDrop();
+ case CERT: return (A) new CertInfo();
+ case ARTIFACTS: return (A) new Artifacts();
+ case ERROR: return (A)new Error();
+ case VOID: return null;
+ }
+ return null;
+ }
- ////////////// Mapping Functions /////////////
- @Override
- public Error errorFromMessage(StringBuilder holder, String msgID, String text, String... var) {
- Error err = new Error();
- err.setMessageId(msgID);
- // AT&T Restful Error Format requires numbers "%" placements
- err.setText(Vars.convert(holder, text, var));
- for(String s : var) {
- err.getVariables().add(s);
- }
- return err;
- }
+ ////////////// Mapping Functions /////////////
+ @Override
+ public Error errorFromMessage(StringBuilder holder, String msgID, String text, String... var) {
+ Error err = new Error();
+ err.setMessageId(msgID);
+ // AT&T Restful Error Format requires numbers "%" placements
+ err.setText(Vars.convert(holder, text, var));
+ for(String s : var) {
+ err.getVariables().add(s);
+ }
+ return err;
+ }
- /* (non-Javadoc)
- * @see com.att.authz.certman.mapper.Mapper#toCert(org.onap.aaf.auth.env.test.AuthzTrans, org.onap.aaf.auth.layer.test.Result)
- */
- /* (non-Javadoc)
- * @see com.att.authz.certman.mapper.Mapper#toCert(org.onap.aaf.auth.env.test.AuthzTrans, org.onap.aaf.auth.layer.test.Result)
- */
- @Override
- public Result<CertInfo> toCert(AuthzTrans trans, Result<CertResp> in, boolean withTrustChain) throws IOException {
- if(!in.isOK()) {
- CertResp cin = in.value;
- CertInfo cout = newInstance(API.CERT);
- cout.setPrivatekey(cin.privateString());
- String value;
- if((value=cin.challenge())!=null) {
- cout.setChallenge(value);
- }
- cout.getCerts().add(cin.asCertString());
- if(cin.trustChain()!=null) {
- for(String c : cin.trustChain()) {
- cout.getCerts().add(c);
- }
- }
- if(cin.notes()!=null) {
- boolean first = true;
- StringBuilder sb = new StringBuilder();
- for(String n : cin.notes()) {
- if(first) {
- first = false;
- } else {
- sb.append('\n');
- }
- sb.append(n);
- }
- cout.setNotes(sb.toString());
- }
-
- List<String> caIssuerDNs = cout.getCaIssuerDNs();
- for(String s : cin.caIssuerDNs()) {
- caIssuerDNs.add(s);
- }
+ /* (non-Javadoc)
+ * @see com.att.authz.certman.mapper.Mapper#toCert(org.onap.aaf.auth.env.test.AuthzTrans, org.onap.aaf.auth.layer.test.Result)
+ */
+ /* (non-Javadoc)
+ * @see com.att.authz.certman.mapper.Mapper#toCert(org.onap.aaf.auth.env.test.AuthzTrans, org.onap.aaf.auth.layer.test.Result)
+ */
+ @Override
+ public Result<CertInfo> toCert(AuthzTrans trans, Result<CertResp> in, boolean withTrustChain) throws IOException {
+ if(!in.isOK()) {
+ CertResp cin = in.value;
+ CertInfo cout = newInstance(API.CERT);
+ cout.setPrivatekey(cin.privateString());
+ String value;
+ if((value=cin.challenge())!=null) {
+ cout.setChallenge(value);
+ }
+ cout.getCerts().add(cin.asCertString());
+ if(cin.trustChain()!=null) {
+ for(String c : cin.trustChain()) {
+ cout.getCerts().add(c);
+ }
+ }
+ if(cin.notes()!=null) {
+ boolean first = true;
+ StringBuilder sb = new StringBuilder();
+ for(String n : cin.notes()) {
+ if(first) {
+ first = false;
+ } else {
+ sb.append('\n');
+ }
+ sb.append(n);
+ }
+ cout.setNotes(sb.toString());
+ }
+
+ List<String> caIssuerDNs = cout.getCaIssuerDNs();
+ for(String s : cin.caIssuerDNs()) {
+ caIssuerDNs.add(s);
+ }
- cout.setEnv(cin.env());
- return Result.ok(cout);
- } else {
- return Result.err(in);
- }
- }
+ cout.setEnv(cin.env());
+ return Result.ok(cout);
+ } else {
+ return Result.err(in);
+ }
+ }
- @Override
- public Result<CertInfo> toCert(AuthzTrans trans, Result<List<CertDAO.Data>> in) {
- if(in.isOK()) {
- CertInfo cout = newInstance(API.CERT);
- List<String> certs = cout.getCerts();
- for(CertDAO.Data cdd : in.value) {
- certs.add(cdd.x509);
- }
- return Result.ok(cout);
- } else {
- return Result.err(in);
- }
- }
+ @Override
+ public Result<CertInfo> toCert(AuthzTrans trans, Result<List<CertDAO.Data>> in) {
+ if(in.isOK()) {
+ CertInfo cout = newInstance(API.CERT);
+ List<String> certs = cout.getCerts();
+ for(CertDAO.Data cdd : in.value) {
+ certs.add(cdd.x509);
+ }
+ return Result.ok(cout);
+ } else {
+ return Result.err(in);
+ }
+ }
- /* (non-Javadoc)
- * @see com.att.authz.certman.mapper.Mapper#toReq(org.onap.aaf.auth.env.test.AuthzTrans, java.lang.Object)
- */
- @Override
- public Result<CertReq> toReq(AuthzTrans trans, BaseRequest req) {
- CertificateRequest in;
- try {
- in = (CertificateRequest)req;
- } catch(ClassCastException e) {
- return Result.err(Result.ERR_BadData,"Request is not a CertificateRequest");
- }
+ /* (non-Javadoc)
+ * @see com.att.authz.certman.mapper.Mapper#toReq(org.onap.aaf.auth.env.test.AuthzTrans, java.lang.Object)
+ */
+ @Override
+ public Result<CertReq> toReq(AuthzTrans trans, BaseRequest req) {
+ CertificateRequest in;
+ try {
+ in = (CertificateRequest)req;
+ } catch(ClassCastException e) {
+ return Result.err(Result.ERR_BadData,"Request is not a CertificateRequest");
+ }
- CertReq out = new CertReq();
- CertmanValidator v = new CertmanValidator();
- v.isNull("CertRequest", req)
- .nullOrBlank("MechID", out.mechid=in.getMechid());
- v.nullBlankMin("FQDNs", out.fqdns=in.getFqdns(),1);
- if(v.err()) {
- return Result.err(Result.ERR_BadData, v.errs());
- }
+ CertReq out = new CertReq();
+ CertmanValidator v = new CertmanValidator();
+ v.isNull("CertRequest", req)
+ .nullOrBlank("MechID", out.mechid=in.getMechid());
+ v.nullBlankMin("FQDNs", out.fqdns=in.getFqdns(),1);
+ if(v.err()) {
+ return Result.err(Result.ERR_BadData, v.errs());
+ }
- out.emails = in.getEmail();
- out.sponsor=in.getSponsor();
- out.start = in.getStart();
- out.end = in.getEnd();
- out.fqdns = in.getFqdns();
- return Result.ok(out);
- }
+ out.emails = in.getEmail();
+ out.sponsor=in.getSponsor();
+ out.start = in.getStart();
+ out.end = in.getEnd();
+ out.fqdns = in.getFqdns();
+ return Result.ok(out);
+ }
- /* (non-Javadoc)
- * @see com.att.authz.certman.mapper.Mapper#toRenew(org.onap.aaf.auth.env.test.AuthzTrans, java.lang.Object)
- */
- @Override
- public Result<CertRenew> toRenew(AuthzTrans trans, BaseRequest req) {
- return Result.err(Result.ERR_NotImplemented,"Not Implemented... yet");
- }
+ /* (non-Javadoc)
+ * @see com.att.authz.certman.mapper.Mapper#toRenew(org.onap.aaf.auth.env.test.AuthzTrans, java.lang.Object)
+ */
+ @Override
+ public Result<CertRenew> toRenew(AuthzTrans trans, BaseRequest req) {
+ return Result.err(Result.ERR_NotImplemented,"Not Implemented... yet");
+ }
- /* (non-Javadoc)
- * @see com.att.authz.certman.mapper.Mapper#toDrop(org.onap.aaf.auth.env.test.AuthzTrans, java.lang.Object)
- */
- @Override
- public Result<CertDrop> toDrop(AuthzTrans trans, BaseRequest req) {
- return Result.err(Result.ERR_NotImplemented,"Not Implemented... yet");
- }
+ /* (non-Javadoc)
+ * @see com.att.authz.certman.mapper.Mapper#toDrop(org.onap.aaf.auth.env.test.AuthzTrans, java.lang.Object)
+ */
+ @Override
+ public Result<CertDrop> toDrop(AuthzTrans trans, BaseRequest req) {
+ return Result.err(Result.ERR_NotImplemented,"Not Implemented... yet");
+ }
- /* (non-Javadoc)
- * @see org.onap.aaf.auth.cm.mapper.Mapper#toArtifact(org.onap.aaf.auth.env.test.AuthzTrans, java.lang.Object)
- */
- @Override
- public List<ArtiDAO.Data> toArtifact(AuthzTrans trans, Artifacts artifacts) {
- List<ArtiDAO.Data> ladd = new ArrayList<>();
- for(Artifact arti : artifacts.getArtifact()) {
- ArtiDAO.Data data = new ArtiDAO.Data();
- data.mechid = arti.getMechid();
- data.machine = arti.getMachine();
- data.type(true).addAll(arti.getType());
- data.ca = arti.getCa();
- data.dir = arti.getDir();
- data.os_user = arti.getOsUser();
- // Optional (on way in)
- data.ns = arti.getNs();
- data.renewDays = arti.getRenewDays();
- data.notify = arti.getNotification();
-
- // Ignored on way in for create/update
- data.sponsor = arti.getSponsor();
- data.expires = null;
-
- // Derive Optional Data from Machine (Domain) if exists
- if(data.machine!=null) {
- if(data.ca==null) {
- if(data.machine.endsWith(".att.com")) {
- data.ca = "aaf"; // default
- }
- }
- if(data.ns==null ) {
- data.ns=FQI.reverseDomain(data.machine);
- }
- }
- data.sans(true).addAll(arti.getSans());
- ladd.add(data);
- }
- return ladd;
- }
+ /* (non-Javadoc)
+ * @see org.onap.aaf.auth.cm.mapper.Mapper#toArtifact(org.onap.aaf.auth.env.test.AuthzTrans, java.lang.Object)
+ */
+ @Override
+ public List<ArtiDAO.Data> toArtifact(AuthzTrans trans, Artifacts artifacts) {
+ List<ArtiDAO.Data> ladd = new ArrayList<>();
+ for(Artifact arti : artifacts.getArtifact()) {
+ ArtiDAO.Data data = new ArtiDAO.Data();
+ data.mechid = arti.getMechid();
+ data.machine = arti.getMachine();
+ data.type(true).addAll(arti.getType());
+ data.ca = arti.getCa();
+ data.dir = arti.getDir();
+ data.os_user = arti.getOsUser();
+ // Optional (on way in)
+ data.ns = arti.getNs();
+ data.renewDays = arti.getRenewDays();
+ data.notify = arti.getNotification();
+
+ // Ignored on way in for create/update
+ data.sponsor = arti.getSponsor();
+ data.expires = null;
+
+ // Derive Optional Data from Machine (Domain) if exists
+ if(data.machine!=null) {
+ if(data.ca==null) {
+ if(data.machine.endsWith(".att.com")) {
+ data.ca = "aaf"; // default
+ }
+ }
+ if(data.ns==null ) {
+ data.ns=FQI.reverseDomain(data.machine);
+ }
+ }
+ data.sans(true).addAll(arti.getSans());
+ ladd.add(data);
+ }
+ return ladd;
+ }
- /* (non-Javadoc)
- * @see org.onap.aaf.auth.cm.mapper.Mapper#fromArtifacts(org.onap.aaf.auth.layer.test.Result)
- */
- @Override
- public Result<Artifacts> fromArtifacts(Result<List<Data>> lArtiDAO) {
- if(lArtiDAO.isOK()) {
- Artifacts artis = new Artifacts();
- for(ArtiDAO.Data arti : lArtiDAO.value) {
- Artifact a = new Artifact();
- a.setMechid(arti.mechid);
- a.setMachine(arti.machine);
- a.setSponsor(arti.sponsor);
- a.setNs(arti.ns);
- a.setCa(arti.ca);
- a.setDir(arti.dir);
- a.getType().addAll(arti.type(false));
- a.setOsUser(arti.os_user);
- a.setRenewDays(arti.renewDays);
- a.setNotification(arti.notify);
- a.getSans().addAll(arti.sans(false));
- artis.getArtifact().add(a);
- }
- return Result.ok(artis);
- } else {
- return Result.err(lArtiDAO);
- }
- }
-
-
+ /* (non-Javadoc)
+ * @see org.onap.aaf.auth.cm.mapper.Mapper#fromArtifacts(org.onap.aaf.auth.layer.test.Result)
+ */
+ @Override
+ public Result<Artifacts> fromArtifacts(Result<List<Data>> lArtiDAO) {
+ if(lArtiDAO.isOK()) {
+ Artifacts artis = new Artifacts();
+ for(ArtiDAO.Data arti : lArtiDAO.value) {
+ Artifact a = new Artifact();
+ a.setMechid(arti.mechid);
+ a.setMachine(arti.machine);
+ a.setSponsor(arti.sponsor);
+ a.setNs(arti.ns);
+ a.setCa(arti.ca);
+ a.setDir(arti.dir);
+ a.getType().addAll(arti.type(false));
+ a.setOsUser(arti.os_user);
+ a.setRenewDays(arti.renewDays);
+ a.setNotification(arti.notify);
+ a.getSans().addAll(arti.sans(false));
+ artis.getArtifact().add(a);
+ }
+ return Result.ok(artis);
+ } else {
+ return Result.err(lArtiDAO);
+ }
+ }
+
+
} \ No newline at end of file
diff --git a/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/service/CMService.java b/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/service/CMService.java
index 259dfac9..62f0d680 100644
--- a/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/service/CMService.java
+++ b/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/service/CMService.java
@@ -67,632 +67,632 @@ import org.onap.aaf.misc.env.APIException;
import org.onap.aaf.misc.env.util.Chrono;
public class CMService {
- // If we add more CAs, may want to parameterize
- private static final int STD_RENEWAL = 30;
- private static final int MAX_RENEWAL = 60;
- private static final int MIN_RENEWAL = 10;
-
- public static final String REQUEST = "request";
- public static final String IGNORE_IPS = "ignoreIPs";
- public static final String RENEW = "renew";
- public static final String DROP = "drop";
- public static final String DOMAIN = "domain";
-
- private static final String CERTMAN = "certman";
- private static final String ACCESS = "access";
-
- private static final String[] NO_NOTES = new String[0];
- private final Permission root_read_permission;
- private final CertDAO certDAO;
- private final CredDAO credDAO;
- private final ArtiDAO artiDAO;
- private AAF_CM certman;
-
- // @SuppressWarnings("unchecked")
- public CMService(final AuthzTrans trans, AAF_CM certman) throws APIException, IOException {
- // Jonathan 4/2015 SessionFilter unneeded... DataStax already deals with
- // Multithreading well
-
- HistoryDAO hd = new HistoryDAO(trans, certman.cluster, CassAccess.KEYSPACE);
- CacheInfoDAO cid = new CacheInfoDAO(trans, hd);
- certDAO = new CertDAO(trans, hd, cid);
- credDAO = new CredDAO(trans, hd, cid);
- artiDAO = new ArtiDAO(trans, hd, cid);
-
- this.certman = certman;
-
- root_read_permission=new AAFPermission(
- trans.getProperty(Config.AAF_ROOT_NS, Config.AAF_ROOT_NS_DEF),
- "access",
- "*",
- "read"
- );
- }
-
- public Result<CertResp> requestCert(final AuthzTrans trans, final Result<CertReq> req, final CA ca) {
- if (req.isOK()) {
-
- if (req.value.fqdns.isEmpty()) {
- return Result.err(Result.ERR_BadData, "No Machines passed in Request");
- }
-
- String key = req.value.fqdns.get(0);
-
- // Policy 6: Requester must be granted Change permission in Namespace requested
- String mechNS = FQI.reverseDomain(req.value.mechid);
- if (mechNS == null) {
- return Result.err(Status.ERR_Denied, "%s does not reflect a valid AAF Namespace", req.value.mechid);
- }
-
- List<String> notes = null;
- List<String> fqdns = new ArrayList<>(req.value.fqdns);
-
- String email = null;
-
- try {
- Organization org = trans.org();
-
- boolean ignoreIPs = trans.fish(new AAFPermission(mechNS,CERTMAN, ca.getName(), IGNORE_IPS));
-
- InetAddress primary = null;
- // Organize incoming information to get to appropriate Artifact
- if (!fqdns.isEmpty()) {
- // Accept domain wild cards, but turn into real machines
- // Need *domain.com:real.machine.domain.com:san.machine.domain.com:...
- if (fqdns.get(0).startsWith("*")) { // Domain set
- if (!trans.fish(new AAFPermission(null,ca.getPermType(), ca.getName(), DOMAIN))) {
- return Result.err(Result.ERR_Denied,
- "Domain based Authorizations (" + fqdns.get(0) + ") requires Exception");
- }
-
- // TODO check for Permission in Add Artifact?
- String domain = fqdns.get(0).substring(1);
- fqdns.remove(0);
- if (fqdns.isEmpty()) {
- return Result.err(Result.ERR_Denied, "Requests using domain require machine declaration");
- }
-
- if (!ignoreIPs) {
- InetAddress ia = InetAddress.getByName(fqdns.get(0));
- if (ia == null) {
- return Result.err(Result.ERR_Denied,
- "Request not made from matching IP matching domain");
- } else if (ia.getHostName().endsWith(domain)) {
- primary = ia;
- }
- }
-
- } else {
- for (String cn : req.value.fqdns) {
- if(!ignoreIPs) {
- try {
- InetAddress[] ias = InetAddress.getAllByName(cn);
- Set<String> potentialSanNames = new HashSet<>();
- for (InetAddress ia1 : ias) {
- InetAddress ia2 = InetAddress.getByAddress(ia1.getAddress());
- if (primary == null && ias.length == 1 && trans.ip().equals(ia1.getHostAddress())) {
- primary = ia1;
- } else if (!cn.equals(ia1.getHostName())
- && !ia2.getHostName().equals(ia2.getHostAddress())) {
- potentialSanNames.add(ia1.getHostName());
- }
- }
- } catch (UnknownHostException e1) {
- return Result.err(Result.ERR_BadData, "There is no DNS lookup for %s", cn);
- }
- }
- }
- }
- }
-
- final String host;
- if(ignoreIPs) {
- host = req.value.fqdns.get(0);
- } else if (primary == null) {
- return Result.err(Result.ERR_Denied, "Request not made from matching IP (%s)", trans.ip());
- } else {
- host = primary.getHostAddress();
- }
-
- ArtiDAO.Data add = null;
- Result<List<ArtiDAO.Data>> ra = artiDAO.read(trans, req.value.mechid, host);
- if (ra.isOKhasData()) {
- if (add == null) {
- add = ra.value.get(0); // single key
- }
- } else {
- ra = artiDAO.read(trans, req.value.mechid, key);
- if (ra.isOKhasData()) { // is the Template available?
- add = ra.value.get(0);
- add.machine = host;
- for (String s : fqdns) {
- if (!s.equals(add.machine)) {
- add.sans(true).add(s);
- }
- }
- Result<ArtiDAO.Data> rc = artiDAO.create(trans, add); // Create new Artifact from Template
- if (rc.notOK()) {
- return Result.err(rc);
- }
- } else {
- add = ra.value.get(0);
- }
- }
-
- // Add Artifact listed FQDNs
- if (add.sans != null) {
- for (String s : add.sans) {
- if (!fqdns.contains(s)) {
- fqdns.add(s);
- }
- }
- }
-
- // Policy 2: If Config marked as Expired, do not create or renew
- Date now = new Date();
- if (add.expires != null && now.after(add.expires)) {
- return Result.err(Result.ERR_Policy, "Configuration for %s %s is expired %s", add.mechid,
- add.machine, Chrono.dateFmt.format(add.expires));
- }
-
- // Policy 3: MechID must be current
- Identity muser = org.getIdentity(trans, add.mechid);
- if (muser == null) {
- return Result.err(Result.ERR_Policy, "MechID must exist in %s", org.getName());
- }
-
- // Policy 4: Sponsor must be current
- Identity ouser = muser.responsibleTo();
- if (ouser == null) {
- return Result.err(Result.ERR_Policy, "%s does not have a current sponsor at %s", add.mechid,
- org.getName());
- } else if (!ouser.isFound() || ouser.mayOwn() != null) {
- return Result.err(Result.ERR_Policy, "%s reports that %s cannot be responsible for %s",
- org.getName(), trans.user());
- }
-
- // Set Email from most current Sponsor
- email = ouser.email();
-
- // Policy 5: keep Artifact data current
- if (!ouser.fullID().equals(add.sponsor)) {
- add.sponsor = ouser.fullID();
- artiDAO.update(trans, add);
- }
-
- // Policy 7: Caller must be the MechID or have specifically delegated
- // permissions
- if (!(trans.user().equals(req.value.mechid)
- || trans.fish(new AAFPermission(mechNS,CERTMAN, ca.getName(), REQUEST)))) {
- return Result.err(Status.ERR_Denied, "%s must have access to modify x509 certs in NS %s",
- trans.user(), mechNS);
- }
-
- // Make sure Primary is the first in fqdns
- if (fqdns.size() > 1) {
- for (int i = 0; i < fqdns.size(); ++i) {
- if(primary==null) {
- trans.error().log("CMService var primary is null");
- } else {
- String fg = fqdns.get(i);
- if (fg!=null && fg.equals(primary.getHostName())) {
- if (i != 0) {
- String tmp = fqdns.get(0);
- fqdns.set(0, primary.getHostName());
- fqdns.set(i, tmp);
- }
- }
- }
- }
- }
- } catch (Exception e) {
- e.printStackTrace();
- trans.error().log(e);
- return Result.err(Status.ERR_Denied,
- "AppID Sponsorship cannot be determined at this time. Try later.");
- }
-
- CSRMeta csrMeta;
- try {
- csrMeta = BCFactory.createCSRMeta(ca, req.value.mechid, email, fqdns);
- X509andChain x509ac = ca.sign(trans, csrMeta);
- if (x509ac == null) {
- return Result.err(Result.ERR_ActionNotCompleted, "x509 Certificate not signed by CA");
- }
- trans.info().printf("X509 Subject: %s", x509ac.getX509().getSubjectDN());
-
- X509Certificate x509 = x509ac.getX509();
- CertDAO.Data cdd = new CertDAO.Data();
- cdd.ca = ca.getName();
- cdd.serial = x509.getSerialNumber();
- cdd.id = req.value.mechid;
- cdd.x500 = x509.getSubjectDN().getName();
- cdd.x509 = Factory.toString(trans, x509);
- certDAO.create(trans, cdd);
-
- CredDAO.Data crdd = new CredDAO.Data();
- crdd.other = Question.random.nextInt();
- crdd.cred = getChallenge256SaltedHash(csrMeta.challenge(), crdd.other);
- crdd.expires = x509.getNotAfter();
- crdd.id = req.value.mechid;
- crdd.ns = Question.domain2ns(crdd.id);
- crdd.type = CredDAO.CERT_SHA256_RSA;
- credDAO.create(trans, crdd);
-
- CertResp cr = new CertResp(trans, ca, x509, csrMeta, x509ac.getTrustChain(), compileNotes(notes));
- return Result.ok(cr);
- } catch (Exception e) {
- trans.error().log(e);
- return Result.err(Result.ERR_ActionNotCompleted, e.getMessage());
- }
- } else {
- return Result.err(req);
- }
- }
-
- public Result<CertResp> renewCert(AuthzTrans trans, Result<CertRenew> renew) {
- if (renew.isOK()) {
- return Result.err(Result.ERR_NotImplemented, "Not implemented yet");
- } else {
- return Result.err(renew);
- }
- }
-
- public Result<Void> dropCert(AuthzTrans trans, Result<CertDrop> drop) {
- if (drop.isOK()) {
- return Result.err(Result.ERR_NotImplemented, "Not implemented yet");
- } else {
- return Result.err(drop);
- }
- }
-
- public Result<List<Data>> readCertsByMechID(AuthzTrans trans, String mechID) {
- // Policy 1: To Read, must have NS Read or is Sponsor
- String ns = Question.domain2ns(mechID);
- try {
- if (trans.user().equals(mechID) || trans.fish(new AAFPermission(ns,ACCESS, "*", "read"))
- || (trans.org().validate(trans, Organization.Policy.OWNS_MECHID, null, mechID)) == null) {
- return certDAO.readID(trans, mechID);
- } else {
- return Result.err(Result.ERR_Denied, "%s is not the ID, Sponsor or NS Owner/Admin for %s at %s",
- trans.user(), mechID, trans.org().getName());
- }
- } catch (OrganizationException e) {
- return Result.err(e);
- }
- }
-
- public Result<CertResp> requestPersonalCert(AuthzTrans trans, CA ca) {
- if (ca.inPersonalDomains(trans.getUserPrincipal())) {
- Organization org = trans.org();
-
- // Policy 1: MechID must be current
- Identity ouser;
- try {
- ouser = org.getIdentity(trans, trans.user());
- } catch (OrganizationException e1) {
- trans.error().log(e1);
- ouser = null;
- }
- if (ouser == null) {
- return Result.err(Result.ERR_Policy, "Requesting User must exist in %s", org.getName());
- }
-
- // Set Email from most current Sponsor
-
- CSRMeta csrMeta;
- try {
- csrMeta = BCFactory.createPersonalCSRMeta(ca, trans.user(), ouser.email());
- X509andChain x509ac = ca.sign(trans, csrMeta);
- if (x509ac == null) {
- return Result.err(Result.ERR_ActionNotCompleted, "x509 Certificate not signed by CA");
- }
- X509Certificate x509 = x509ac.getX509();
- CertDAO.Data cdd = new CertDAO.Data();
- cdd.ca = ca.getName();
- cdd.serial = x509.getSerialNumber();
- cdd.id = trans.user();
- cdd.x500 = x509.getSubjectDN().getName();
- cdd.x509 = Factory.toString(trans, x509);
- certDAO.create(trans, cdd);
-
- CertResp cr = new CertResp(trans, ca, x509, csrMeta, x509ac.getTrustChain(), compileNotes(null));
- return Result.ok(cr);
- } catch (Exception e) {
- trans.error().log(e);
- return Result.err(Result.ERR_ActionNotCompleted, e.getMessage());
- }
- } else {
- return Result.err(Result.ERR_Denied, trans.user(), " not supported for CA", ca.getName());
- }
- }
-
- ///////////////
- // Artifact
- //////////////
- public Result<Void> createArtifact(AuthzTrans trans, List<ArtiDAO.Data> list) {
- CertmanValidator v = new CertmanValidator().artisRequired(list, 1);
- if (v.err()) {
- return Result.err(Result.ERR_BadData, v.errs());
- }
- for (ArtiDAO.Data add : list) {
- try {
- // Policy 1: MechID must exist in Org
- Identity muser = trans.org().getIdentity(trans, add.mechid);
- if (muser == null) {
- return Result.err(Result.ERR_Denied, "%s is not valid for %s", add.mechid, trans.org().getName());
- }
-
- // Policy 2: MechID must have valid Organization Owner
- Identity emailUser;
- if (muser.isPerson()) {
- emailUser = muser;
- } else {
- Identity ouser = muser.responsibleTo();
- if (ouser == null) {
- return Result.err(Result.ERR_Denied, "%s is not a valid Sponsor for %s at %s", trans.user(),
- add.mechid, trans.org().getName());
- }
-
- // Policy 3: Calling ID must be MechID Owner
- if (!trans.user().startsWith(ouser.id())) {
- return Result.err(Result.ERR_Denied, "%s is not the Sponsor for %s at %s", trans.user(),
- add.mechid, trans.org().getName());
- }
- emailUser = ouser;
- }
-
- // Policy 4: Renewal Days are between 10 and 60 (constants, may be
- // parameterized)
- if (add.renewDays < MIN_RENEWAL) {
- add.renewDays = STD_RENEWAL;
- } else if (add.renewDays > MAX_RENEWAL) {
- add.renewDays = MAX_RENEWAL;
- }
-
- // Policy 5: If Notify is blank, set to Owner's Email
- if (add.notify == null || add.notify.length() == 0) {
- add.notify = "mailto:" + emailUser.email();
- }
-
- // Policy 6: Only do Domain by Exception
- if (add.machine.startsWith("*")) { // Domain set
- CA ca = certman.getCA(add.ca);
-
- if (!trans.fish(new AAFPermission(ca.getPermNS(),ca.getPermType(), add.ca, DOMAIN))) {
- return Result.err(Result.ERR_Denied, "Domain Artifacts (%s) requires specific Permission",
- add.machine);
- }
- }
-
- // Set Sponsor from Golden Source
- add.sponsor = emailUser.fullID();
-
- } catch (OrganizationException e) {
- return Result.err(e);
- }
- // Add to DB
- Result<ArtiDAO.Data> rv = artiDAO.create(trans, add);
- // TODO come up with Partial Reporting Scheme, or allow only one at a time.
- if (rv.notOK()) {
- return Result.err(rv);
- }
- }
- return Result.ok();
- }
-
- public Result<List<ArtiDAO.Data>> readArtifacts(AuthzTrans trans, ArtiDAO.Data add) throws OrganizationException {
- CertmanValidator v = new CertmanValidator().keys(add);
- if (v.err()) {
- return Result.err(Result.ERR_BadData, v.errs());
- }
- Result<List<ArtiDAO.Data>> data = artiDAO.read(trans, add);
- if (data.notOKorIsEmpty()) {
- return data;
- }
- add = data.value.get(0);
- if (trans.user().equals(add.mechid)
- || trans.fish(root_read_permission,
- new AAFPermission(add.ns,ACCESS, "*", "read"),
- new AAFPermission(add.ns,CERTMAN, add.ca, "read"),
- new AAFPermission(add.ns,CERTMAN, add.ca, "request"))
- || (trans.org().validate(trans, Organization.Policy.OWNS_MECHID, null, add.mechid)) == null) {
- return data;
- } else {
- return Result.err(Result.ERR_Denied,
- "%s is not %s, is not the sponsor, and doesn't have delegated permission.", trans.user(),
- add.mechid, add.ns + ".certman|" + add.ca + "|read or ...|request"); // note: reason is set by 2nd
- // case, if 1st case misses
- }
-
- }
-
- public Result<List<ArtiDAO.Data>> readArtifactsByMechID(AuthzTrans trans, String mechid)
- throws OrganizationException {
- CertmanValidator v = new CertmanValidator();
- v.nullOrBlank("mechid", mechid);
- if (v.err()) {
- return Result.err(Result.ERR_BadData, v.errs());
- }
- String ns = FQI.reverseDomain(mechid);
-
- String reason;
- if (trans.fish(new AAFPermission(ns, ACCESS, "*", "read"))
- || (reason = trans.org().validate(trans, Organization.Policy.OWNS_MECHID, null, mechid)) == null) {
- return artiDAO.readByMechID(trans, mechid);
- } else {
- return Result.err(Result.ERR_Denied, reason); // note: reason is set by 2nd case, if 1st case misses
- }
-
- }
-
- public Result<List<ArtiDAO.Data>> readArtifactsByMachine(AuthzTrans trans, String machine) {
- CertmanValidator v = new CertmanValidator();
- v.nullOrBlank("machine", machine);
- if (v.err()) {
- return Result.err(Result.ERR_BadData, v.errs());
- }
-
- // TODO do some checks?
-
- Result<List<ArtiDAO.Data>> rv = artiDAO.readByMachine(trans, machine);
- return rv;
- }
-
- public Result<List<ArtiDAO.Data>> readArtifactsByNs(AuthzTrans trans, String ns) {
- CertmanValidator v = new CertmanValidator();
- v.nullOrBlank("ns", ns);
- if (v.err()) {
- return Result.err(Result.ERR_BadData, v.errs());
- }
-
- // TODO do some checks?
-
- return artiDAO.readByNs(trans, ns);
- }
-
- public Result<Void> updateArtifact(AuthzTrans trans, List<ArtiDAO.Data> list) throws OrganizationException {
- CertmanValidator v = new CertmanValidator();
- v.artisRequired(list, 1);
- if (v.err()) {
- return Result.err(Result.ERR_BadData, v.errs());
- }
-
- // Check if requesting User is Sponsor
- // TODO - Shall we do one, or multiples?
- for (ArtiDAO.Data add : list) {
- // Policy 1: MechID must exist in Org
- Identity muser = trans.org().getIdentity(trans, add.mechid);
- if (muser == null) {
- return Result.err(Result.ERR_Denied, "%s is not valid for %s", add.mechid, trans.org().getName());
- }
-
- // Policy 2: MechID must have valid Organization Owner
- Identity ouser = muser.responsibleTo();
- if (ouser == null) {
- return Result.err(Result.ERR_Denied, "%s is not a valid Sponsor for %s at %s", trans.user(), add.mechid,
- trans.org().getName());
- }
-
- // Policy 3: Renewal Days are between 10 and 60 (constants, may be
- // parameterized)
- if (add.renewDays < MIN_RENEWAL) {
- add.renewDays = STD_RENEWAL;
- } else if (add.renewDays > MAX_RENEWAL) {
- add.renewDays = MAX_RENEWAL;
- }
-
- // Policy 4: Data is always updated with the latest Sponsor
- // Add to Sponsor, to make sure we are always up to date.
- add.sponsor = ouser.fullID();
-
- // Policy 5: If Notify is blank, set to Owner's Email
- if (add.notify == null || add.notify.length() == 0) {
- add.notify = "mailto:" + ouser.email();
- }
- // Policy 6: Only do Domain by Exception
- if (add.machine.startsWith("*")) { // Domain set
- CA ca = certman.getCA(add.ca);
- if (ca == null) {
- return Result.err(Result.ERR_BadData, "CA is required in Artifact");
- }
- if (!trans.fish(new AAFPermission(null,ca.getPermType(), add.ca, DOMAIN))) {
- return Result.err(Result.ERR_Denied, "Domain Artifacts (%s) requires specific Permission",
- add.machine);
- }
- }
-
- // Policy 7: only Owner may update info
- if (trans.user().startsWith(ouser.id())) {
- return artiDAO.update(trans, add);
- } else {
- return Result.err(Result.ERR_Denied, "%s may not update info for %s", trans.user(), muser.fullID());
- }
- }
- return Result.err(Result.ERR_BadData, "No Artifacts to update");
- }
-
- public Result<Void> deleteArtifact(AuthzTrans trans, String mechid, String machine) throws OrganizationException {
- CertmanValidator v = new CertmanValidator();
- v.nullOrBlank("mechid", mechid).nullOrBlank("machine", machine);
- if (v.err()) {
- return Result.err(Result.ERR_BadData, v.errs());
- }
-
- Result<List<ArtiDAO.Data>> rlad = artiDAO.read(trans, mechid, machine);
- if (rlad.notOKorIsEmpty()) {
- return Result.err(Result.ERR_NotFound, "Artifact for %s %s does not exist.", mechid, machine);
- }
-
- return deleteArtifact(trans, rlad.value.get(0));
- }
-
- private Result<Void> deleteArtifact(AuthzTrans trans, ArtiDAO.Data add) throws OrganizationException {
- // Policy 1: Record should be delete able only by Existing Sponsor.
- String sponsor = null;
- Identity muser = trans.org().getIdentity(trans, add.mechid);
- if (muser != null) {
- Identity ouser = muser.responsibleTo();
- if (ouser != null) {
- sponsor = ouser.fullID();
- }
- }
- // Policy 1.a: If Sponsorship is deleted in system of Record, then
- // accept deletion by sponsor in Artifact Table
- if (sponsor == null) {
- sponsor = add.sponsor;
- }
-
- String ns = FQI.reverseDomain(add.mechid);
-
- if (trans.fish(new AAFPermission(ns,ACCESS, "*", "write")) || trans.user().equals(sponsor)) {
- return artiDAO.delete(trans, add, false);
- }
- return Result.err(Result.ERR_Denied, "%1 is not allowed to delete this item", trans.user());
- }
-
- public Result<Void> deleteArtifact(AuthzTrans trans, List<ArtiDAO.Data> list) {
- CertmanValidator v = new CertmanValidator().artisRequired(list, 1);
- if (v.err()) {
- return Result.err(Result.ERR_BadData, v.errs());
- }
-
- try {
- boolean partial = false;
- Result<Void> result = null;
- for (ArtiDAO.Data add : list) {
- result = deleteArtifact(trans, add);
- if (result.notOK()) {
- partial = true;
- }
- }
- if (result == null) {
- result = Result.err(Result.ERR_BadData, "No Artifacts to delete");
- } else if (partial) {
- result.partialContent(true);
- }
- return result;
- } catch (Exception e) {
- return Result.err(e);
- }
- }
-
- private String[] compileNotes(List<String> notes) {
- String[] rv;
- if (notes == null) {
- rv = NO_NOTES;
- } else {
- rv = new String[notes.size()];
- notes.toArray(rv);
- }
- return rv;
- }
-
- private ByteBuffer getChallenge256SaltedHash(String challenge, int salt) throws NoSuchAlgorithmException {
- ByteBuffer bb = ByteBuffer.allocate(Integer.SIZE + challenge.length());
- bb.putInt(salt);
- bb.put(challenge.getBytes());
- byte[] hash = Hash.hashSHA256(bb.array());
- return ByteBuffer.wrap(hash);
- }
+ // If we add more CAs, may want to parameterize
+ private static final int STD_RENEWAL = 30;
+ private static final int MAX_RENEWAL = 60;
+ private static final int MIN_RENEWAL = 10;
+
+ public static final String REQUEST = "request";
+ public static final String IGNORE_IPS = "ignoreIPs";
+ public static final String RENEW = "renew";
+ public static final String DROP = "drop";
+ public static final String DOMAIN = "domain";
+
+ private static final String CERTMAN = "certman";
+ private static final String ACCESS = "access";
+
+ private static final String[] NO_NOTES = new String[0];
+ private final Permission root_read_permission;
+ private final CertDAO certDAO;
+ private final CredDAO credDAO;
+ private final ArtiDAO artiDAO;
+ private AAF_CM certman;
+
+ // @SuppressWarnings("unchecked")
+ public CMService(final AuthzTrans trans, AAF_CM certman) throws APIException, IOException {
+ // Jonathan 4/2015 SessionFilter unneeded... DataStax already deals with
+ // Multithreading well
+
+ HistoryDAO hd = new HistoryDAO(trans, certman.cluster, CassAccess.KEYSPACE);
+ CacheInfoDAO cid = new CacheInfoDAO(trans, hd);
+ certDAO = new CertDAO(trans, hd, cid);
+ credDAO = new CredDAO(trans, hd, cid);
+ artiDAO = new ArtiDAO(trans, hd, cid);
+
+ this.certman = certman;
+
+ root_read_permission=new AAFPermission(
+ trans.getProperty(Config.AAF_ROOT_NS, Config.AAF_ROOT_NS_DEF),
+ "access",
+ "*",
+ "read"
+ );
+ }
+
+ public Result<CertResp> requestCert(final AuthzTrans trans, final Result<CertReq> req, final CA ca) {
+ if (req.isOK()) {
+
+ if (req.value.fqdns.isEmpty()) {
+ return Result.err(Result.ERR_BadData, "No Machines passed in Request");
+ }
+
+ String key = req.value.fqdns.get(0);
+
+ // Policy 6: Requester must be granted Change permission in Namespace requested
+ String mechNS = FQI.reverseDomain(req.value.mechid);
+ if (mechNS == null) {
+ return Result.err(Status.ERR_Denied, "%s does not reflect a valid AAF Namespace", req.value.mechid);
+ }
+
+ List<String> notes = null;
+ List<String> fqdns = new ArrayList<>(req.value.fqdns);
+
+ String email = null;
+
+ try {
+ Organization org = trans.org();
+
+ boolean ignoreIPs = trans.fish(new AAFPermission(mechNS,CERTMAN, ca.getName(), IGNORE_IPS));
+
+ InetAddress primary = null;
+ // Organize incoming information to get to appropriate Artifact
+ if (!fqdns.isEmpty()) {
+ // Accept domain wild cards, but turn into real machines
+ // Need *domain.com:real.machine.domain.com:san.machine.domain.com:...
+ if (fqdns.get(0).startsWith("*")) { // Domain set
+ if (!trans.fish(new AAFPermission(null,ca.getPermType(), ca.getName(), DOMAIN))) {
+ return Result.err(Result.ERR_Denied,
+ "Domain based Authorizations (" + fqdns.get(0) + ") requires Exception");
+ }
+
+ // TODO check for Permission in Add Artifact?
+ String domain = fqdns.get(0).substring(1);
+ fqdns.remove(0);
+ if (fqdns.isEmpty()) {
+ return Result.err(Result.ERR_Denied, "Requests using domain require machine declaration");
+ }
+
+ if (!ignoreIPs) {
+ InetAddress ia = InetAddress.getByName(fqdns.get(0));
+ if (ia == null) {
+ return Result.err(Result.ERR_Denied,
+ "Request not made from matching IP matching domain");
+ } else if (ia.getHostName().endsWith(domain)) {
+ primary = ia;
+ }
+ }
+
+ } else {
+ for (String cn : req.value.fqdns) {
+ if(!ignoreIPs) {
+ try {
+ InetAddress[] ias = InetAddress.getAllByName(cn);
+ Set<String> potentialSanNames = new HashSet<>();
+ for (InetAddress ia1 : ias) {
+ InetAddress ia2 = InetAddress.getByAddress(ia1.getAddress());
+ if (primary == null && ias.length == 1 && trans.ip().equals(ia1.getHostAddress())) {
+ primary = ia1;
+ } else if (!cn.equals(ia1.getHostName())
+ && !ia2.getHostName().equals(ia2.getHostAddress())) {
+ potentialSanNames.add(ia1.getHostName());
+ }
+ }
+ } catch (UnknownHostException e1) {
+ return Result.err(Result.ERR_BadData, "There is no DNS lookup for %s", cn);
+ }
+ }
+ }
+ }
+ }
+
+ final String host;
+ if(ignoreIPs) {
+ host = req.value.fqdns.get(0);
+ } else if (primary == null) {
+ return Result.err(Result.ERR_Denied, "Request not made from matching IP (%s)", trans.ip());
+ } else {
+ host = primary.getHostAddress();
+ }
+
+ ArtiDAO.Data add = null;
+ Result<List<ArtiDAO.Data>> ra = artiDAO.read(trans, req.value.mechid, host);
+ if (ra.isOKhasData()) {
+ if (add == null) {
+ add = ra.value.get(0); // single key
+ }
+ } else {
+ ra = artiDAO.read(trans, req.value.mechid, key);
+ if (ra.isOKhasData()) { // is the Template available?
+ add = ra.value.get(0);
+ add.machine = host;
+ for (String s : fqdns) {
+ if (!s.equals(add.machine)) {
+ add.sans(true).add(s);
+ }
+ }
+ Result<ArtiDAO.Data> rc = artiDAO.create(trans, add); // Create new Artifact from Template
+ if (rc.notOK()) {
+ return Result.err(rc);
+ }
+ } else {
+ add = ra.value.get(0);
+ }
+ }
+
+ // Add Artifact listed FQDNs
+ if (add.sans != null) {
+ for (String s : add.sans) {
+ if (!fqdns.contains(s)) {
+ fqdns.add(s);
+ }
+ }
+ }
+
+ // Policy 2: If Config marked as Expired, do not create or renew
+ Date now = new Date();
+ if (add.expires != null && now.after(add.expires)) {
+ return Result.err(Result.ERR_Policy, "Configuration for %s %s is expired %s", add.mechid,
+ add.machine, Chrono.dateFmt.format(add.expires));
+ }
+
+ // Policy 3: MechID must be current
+ Identity muser = org.getIdentity(trans, add.mechid);
+ if (muser == null) {
+ return Result.err(Result.ERR_Policy, "MechID must exist in %s", org.getName());
+ }
+
+ // Policy 4: Sponsor must be current
+ Identity ouser = muser.responsibleTo();
+ if (ouser == null) {
+ return Result.err(Result.ERR_Policy, "%s does not have a current sponsor at %s", add.mechid,
+ org.getName());
+ } else if (!ouser.isFound() || ouser.mayOwn() != null) {
+ return Result.err(Result.ERR_Policy, "%s reports that %s cannot be responsible for %s",
+ org.getName(), trans.user());
+ }
+
+ // Set Email from most current Sponsor
+ email = ouser.email();
+
+ // Policy 5: keep Artifact data current
+ if (!ouser.fullID().equals(add.sponsor)) {
+ add.sponsor = ouser.fullID();
+ artiDAO.update(trans, add);
+ }
+
+ // Policy 7: Caller must be the MechID or have specifically delegated
+ // permissions
+ if (!(trans.user().equals(req.value.mechid)
+ || trans.fish(new AAFPermission(mechNS,CERTMAN, ca.getName(), REQUEST)))) {
+ return Result.err(Status.ERR_Denied, "%s must have access to modify x509 certs in NS %s",
+ trans.user(), mechNS);
+ }
+
+ // Make sure Primary is the first in fqdns
+ if (fqdns.size() > 1) {
+ for (int i = 0; i < fqdns.size(); ++i) {
+ if(primary==null) {
+ trans.error().log("CMService var primary is null");
+ } else {
+ String fg = fqdns.get(i);
+ if (fg!=null && fg.equals(primary.getHostName())) {
+ if (i != 0) {
+ String tmp = fqdns.get(0);
+ fqdns.set(0, primary.getHostName());
+ fqdns.set(i, tmp);
+ }
+ }
+ }
+ }
+ }
+ } catch (Exception e) {
+ e.printStackTrace();
+ trans.error().log(e);
+ return Result.err(Status.ERR_Denied,
+ "AppID Sponsorship cannot be determined at this time. Try later.");
+ }
+
+ CSRMeta csrMeta;
+ try {
+ csrMeta = BCFactory.createCSRMeta(ca, req.value.mechid, email, fqdns);
+ X509andChain x509ac = ca.sign(trans, csrMeta);
+ if (x509ac == null) {
+ return Result.err(Result.ERR_ActionNotCompleted, "x509 Certificate not signed by CA");
+ }
+ trans.info().printf("X509 Subject: %s", x509ac.getX509().getSubjectDN());
+
+ X509Certificate x509 = x509ac.getX509();
+ CertDAO.Data cdd = new CertDAO.Data();
+ cdd.ca = ca.getName();
+ cdd.serial = x509.getSerialNumber();
+ cdd.id = req.value.mechid;
+ cdd.x500 = x509.getSubjectDN().getName();
+ cdd.x509 = Factory.toString(trans, x509);
+ certDAO.create(trans, cdd);
+
+ CredDAO.Data crdd = new CredDAO.Data();
+ crdd.other = Question.random.nextInt();
+ crdd.cred = getChallenge256SaltedHash(csrMeta.challenge(), crdd.other);
+ crdd.expires = x509.getNotAfter();
+ crdd.id = req.value.mechid;
+ crdd.ns = Question.domain2ns(crdd.id);
+ crdd.type = CredDAO.CERT_SHA256_RSA;
+ credDAO.create(trans, crdd);
+
+ CertResp cr = new CertResp(trans, ca, x509, csrMeta, x509ac.getTrustChain(), compileNotes(notes));
+ return Result.ok(cr);
+ } catch (Exception e) {
+ trans.error().log(e);
+ return Result.err(Result.ERR_ActionNotCompleted, e.getMessage());
+ }
+ } else {
+ return Result.err(req);
+ }
+ }
+
+ public Result<CertResp> renewCert(AuthzTrans trans, Result<CertRenew> renew) {
+ if (renew.isOK()) {
+ return Result.err(Result.ERR_NotImplemented, "Not implemented yet");
+ } else {
+ return Result.err(renew);
+ }
+ }
+
+ public Result<Void> dropCert(AuthzTrans trans, Result<CertDrop> drop) {
+ if (drop.isOK()) {
+ return Result.err(Result.ERR_NotImplemented, "Not implemented yet");
+ } else {
+ return Result.err(drop);
+ }
+ }
+
+ public Result<List<Data>> readCertsByMechID(AuthzTrans trans, String mechID) {
+ // Policy 1: To Read, must have NS Read or is Sponsor
+ String ns = Question.domain2ns(mechID);
+ try {
+ if (trans.user().equals(mechID) || trans.fish(new AAFPermission(ns,ACCESS, "*", "read"))
+ || (trans.org().validate(trans, Organization.Policy.OWNS_MECHID, null, mechID)) == null) {
+ return certDAO.readID(trans, mechID);
+ } else {
+ return Result.err(Result.ERR_Denied, "%s is not the ID, Sponsor or NS Owner/Admin for %s at %s",
+ trans.user(), mechID, trans.org().getName());
+ }
+ } catch (OrganizationException e) {
+ return Result.err(e);
+ }
+ }
+
+ public Result<CertResp> requestPersonalCert(AuthzTrans trans, CA ca) {
+ if (ca.inPersonalDomains(trans.getUserPrincipal())) {
+ Organization org = trans.org();
+
+ // Policy 1: MechID must be current
+ Identity ouser;
+ try {
+ ouser = org.getIdentity(trans, trans.user());
+ } catch (OrganizationException e1) {
+ trans.error().log(e1);
+ ouser = null;
+ }
+ if (ouser == null) {
+ return Result.err(Result.ERR_Policy, "Requesting User must exist in %s", org.getName());
+ }
+
+ // Set Email from most current Sponsor
+
+ CSRMeta csrMeta;
+ try {
+ csrMeta = BCFactory.createPersonalCSRMeta(ca, trans.user(), ouser.email());
+ X509andChain x509ac = ca.sign(trans, csrMeta);
+ if (x509ac == null) {
+ return Result.err(Result.ERR_ActionNotCompleted, "x509 Certificate not signed by CA");
+ }
+ X509Certificate x509 = x509ac.getX509();
+ CertDAO.Data cdd = new CertDAO.Data();
+ cdd.ca = ca.getName();
+ cdd.serial = x509.getSerialNumber();
+ cdd.id = trans.user();
+ cdd.x500 = x509.getSubjectDN().getName();
+ cdd.x509 = Factory.toString(trans, x509);
+ certDAO.create(trans, cdd);
+
+ CertResp cr = new CertResp(trans, ca, x509, csrMeta, x509ac.getTrustChain(), compileNotes(null));
+ return Result.ok(cr);
+ } catch (Exception e) {
+ trans.error().log(e);
+ return Result.err(Result.ERR_ActionNotCompleted, e.getMessage());
+ }
+ } else {
+ return Result.err(Result.ERR_Denied, trans.user(), " not supported for CA", ca.getName());
+ }
+ }
+
+ ///////////////
+ // Artifact
+ //////////////
+ public Result<Void> createArtifact(AuthzTrans trans, List<ArtiDAO.Data> list) {
+ CertmanValidator v = new CertmanValidator().artisRequired(list, 1);
+ if (v.err()) {
+ return Result.err(Result.ERR_BadData, v.errs());
+ }
+ for (ArtiDAO.Data add : list) {
+ try {
+ // Policy 1: MechID must exist in Org
+ Identity muser = trans.org().getIdentity(trans, add.mechid);
+ if (muser == null) {
+ return Result.err(Result.ERR_Denied, "%s is not valid for %s", add.mechid, trans.org().getName());
+ }
+
+ // Policy 2: MechID must have valid Organization Owner
+ Identity emailUser;
+ if (muser.isPerson()) {
+ emailUser = muser;
+ } else {
+ Identity ouser = muser.responsibleTo();
+ if (ouser == null) {
+ return Result.err(Result.ERR_Denied, "%s is not a valid Sponsor for %s at %s", trans.user(),
+ add.mechid, trans.org().getName());
+ }
+
+ // Policy 3: Calling ID must be MechID Owner
+ if (!trans.user().startsWith(ouser.id())) {
+ return Result.err(Result.ERR_Denied, "%s is not the Sponsor for %s at %s", trans.user(),
+ add.mechid, trans.org().getName());
+ }
+ emailUser = ouser;
+ }
+
+ // Policy 4: Renewal Days are between 10 and 60 (constants, may be
+ // parameterized)
+ if (add.renewDays < MIN_RENEWAL) {
+ add.renewDays = STD_RENEWAL;
+ } else if (add.renewDays > MAX_RENEWAL) {
+ add.renewDays = MAX_RENEWAL;
+ }
+
+ // Policy 5: If Notify is blank, set to Owner's Email
+ if (add.notify == null || add.notify.length() == 0) {
+ add.notify = "mailto:" + emailUser.email();
+ }
+
+ // Policy 6: Only do Domain by Exception
+ if (add.machine.startsWith("*")) { // Domain set
+ CA ca = certman.getCA(add.ca);
+
+ if (!trans.fish(new AAFPermission(ca.getPermNS(),ca.getPermType(), add.ca, DOMAIN))) {
+ return Result.err(Result.ERR_Denied, "Domain Artifacts (%s) requires specific Permission",
+ add.machine);
+ }
+ }
+
+ // Set Sponsor from Golden Source
+ add.sponsor = emailUser.fullID();
+
+ } catch (OrganizationException e) {
+ return Result.err(e);
+ }
+ // Add to DB
+ Result<ArtiDAO.Data> rv = artiDAO.create(trans, add);
+ // TODO come up with Partial Reporting Scheme, or allow only one at a time.
+ if (rv.notOK()) {
+ return Result.err(rv);
+ }
+ }
+ return Result.ok();
+ }
+
+ public Result<List<ArtiDAO.Data>> readArtifacts(AuthzTrans trans, ArtiDAO.Data add) throws OrganizationException {
+ CertmanValidator v = new CertmanValidator().keys(add);
+ if (v.err()) {
+ return Result.err(Result.ERR_BadData, v.errs());
+ }
+ Result<List<ArtiDAO.Data>> data = artiDAO.read(trans, add);
+ if (data.notOKorIsEmpty()) {
+ return data;
+ }
+ add = data.value.get(0);
+ if (trans.user().equals(add.mechid)
+ || trans.fish(root_read_permission,
+ new AAFPermission(add.ns,ACCESS, "*", "read"),
+ new AAFPermission(add.ns,CERTMAN, add.ca, "read"),
+ new AAFPermission(add.ns,CERTMAN, add.ca, "request"))
+ || (trans.org().validate(trans, Organization.Policy.OWNS_MECHID, null, add.mechid)) == null) {
+ return data;
+ } else {
+ return Result.err(Result.ERR_Denied,
+ "%s is not %s, is not the sponsor, and doesn't have delegated permission.", trans.user(),
+ add.mechid, add.ns + ".certman|" + add.ca + "|read or ...|request"); // note: reason is set by 2nd
+ // case, if 1st case misses
+ }
+
+ }
+
+ public Result<List<ArtiDAO.Data>> readArtifactsByMechID(AuthzTrans trans, String mechid)
+ throws OrganizationException {
+ CertmanValidator v = new CertmanValidator();
+ v.nullOrBlank("mechid", mechid);
+ if (v.err()) {
+ return Result.err(Result.ERR_BadData, v.errs());
+ }
+ String ns = FQI.reverseDomain(mechid);
+
+ String reason;
+ if (trans.fish(new AAFPermission(ns, ACCESS, "*", "read"))
+ || (reason = trans.org().validate(trans, Organization.Policy.OWNS_MECHID, null, mechid)) == null) {
+ return artiDAO.readByMechID(trans, mechid);
+ } else {
+ return Result.err(Result.ERR_Denied, reason); // note: reason is set by 2nd case, if 1st case misses
+ }
+
+ }
+
+ public Result<List<ArtiDAO.Data>> readArtifactsByMachine(AuthzTrans trans, String machine) {
+ CertmanValidator v = new CertmanValidator();
+ v.nullOrBlank("machine", machine);
+ if (v.err()) {
+ return Result.err(Result.ERR_BadData, v.errs());
+ }
+
+ // TODO do some checks?
+
+ Result<List<ArtiDAO.Data>> rv = artiDAO.readByMachine(trans, machine);
+ return rv;
+ }
+
+ public Result<List<ArtiDAO.Data>> readArtifactsByNs(AuthzTrans trans, String ns) {
+ CertmanValidator v = new CertmanValidator();
+ v.nullOrBlank("ns", ns);
+ if (v.err()) {
+ return Result.err(Result.ERR_BadData, v.errs());
+ }
+
+ // TODO do some checks?
+
+ return artiDAO.readByNs(trans, ns);
+ }
+
+ public Result<Void> updateArtifact(AuthzTrans trans, List<ArtiDAO.Data> list) throws OrganizationException {
+ CertmanValidator v = new CertmanValidator();
+ v.artisRequired(list, 1);
+ if (v.err()) {
+ return Result.err(Result.ERR_BadData, v.errs());
+ }
+
+ // Check if requesting User is Sponsor
+ // TODO - Shall we do one, or multiples?
+ for (ArtiDAO.Data add : list) {
+ // Policy 1: MechID must exist in Org
+ Identity muser = trans.org().getIdentity(trans, add.mechid);
+ if (muser == null) {
+ return Result.err(Result.ERR_Denied, "%s is not valid for %s", add.mechid, trans.org().getName());
+ }
+
+ // Policy 2: MechID must have valid Organization Owner
+ Identity ouser = muser.responsibleTo();
+ if (ouser == null) {
+ return Result.err(Result.ERR_Denied, "%s is not a valid Sponsor for %s at %s", trans.user(), add.mechid,
+ trans.org().getName());
+ }
+
+ // Policy 3: Renewal Days are between 10 and 60 (constants, may be
+ // parameterized)
+ if (add.renewDays < MIN_RENEWAL) {
+ add.renewDays = STD_RENEWAL;
+ } else if (add.renewDays > MAX_RENEWAL) {
+ add.renewDays = MAX_RENEWAL;
+ }
+
+ // Policy 4: Data is always updated with the latest Sponsor
+ // Add to Sponsor, to make sure we are always up to date.
+ add.sponsor = ouser.fullID();
+
+ // Policy 5: If Notify is blank, set to Owner's Email
+ if (add.notify == null || add.notify.length() == 0) {
+ add.notify = "mailto:" + ouser.email();
+ }
+ // Policy 6: Only do Domain by Exception
+ if (add.machine.startsWith("*")) { // Domain set
+ CA ca = certman.getCA(add.ca);
+ if (ca == null) {
+ return Result.err(Result.ERR_BadData, "CA is required in Artifact");
+ }
+ if (!trans.fish(new AAFPermission(null,ca.getPermType(), add.ca, DOMAIN))) {
+ return Result.err(Result.ERR_Denied, "Domain Artifacts (%s) requires specific Permission",
+ add.machine);
+ }
+ }
+
+ // Policy 7: only Owner may update info
+ if (trans.user().startsWith(ouser.id())) {
+ return artiDAO.update(trans, add);
+ } else {
+ return Result.err(Result.ERR_Denied, "%s may not update info for %s", trans.user(), muser.fullID());
+ }
+ }
+ return Result.err(Result.ERR_BadData, "No Artifacts to update");
+ }
+
+ public Result<Void> deleteArtifact(AuthzTrans trans, String mechid, String machine) throws OrganizationException {
+ CertmanValidator v = new CertmanValidator();
+ v.nullOrBlank("mechid", mechid).nullOrBlank("machine", machine);
+ if (v.err()) {
+ return Result.err(Result.ERR_BadData, v.errs());
+ }
+
+ Result<List<ArtiDAO.Data>> rlad = artiDAO.read(trans, mechid, machine);
+ if (rlad.notOKorIsEmpty()) {
+ return Result.err(Result.ERR_NotFound, "Artifact for %s %s does not exist.", mechid, machine);
+ }
+
+ return deleteArtifact(trans, rlad.value.get(0));
+ }
+
+ private Result<Void> deleteArtifact(AuthzTrans trans, ArtiDAO.Data add) throws OrganizationException {
+ // Policy 1: Record should be delete able only by Existing Sponsor.
+ String sponsor = null;
+ Identity muser = trans.org().getIdentity(trans, add.mechid);
+ if (muser != null) {
+ Identity ouser = muser.responsibleTo();
+ if (ouser != null) {
+ sponsor = ouser.fullID();
+ }
+ }
+ // Policy 1.a: If Sponsorship is deleted in system of Record, then
+ // accept deletion by sponsor in Artifact Table
+ if (sponsor == null) {
+ sponsor = add.sponsor;
+ }
+
+ String ns = FQI.reverseDomain(add.mechid);
+
+ if (trans.fish(new AAFPermission(ns,ACCESS, "*", "write")) || trans.user().equals(sponsor)) {
+ return artiDAO.delete(trans, add, false);
+ }
+ return Result.err(Result.ERR_Denied, "%1 is not allowed to delete this item", trans.user());
+ }
+
+ public Result<Void> deleteArtifact(AuthzTrans trans, List<ArtiDAO.Data> list) {
+ CertmanValidator v = new CertmanValidator().artisRequired(list, 1);
+ if (v.err()) {
+ return Result.err(Result.ERR_BadData, v.errs());
+ }
+
+ try {
+ boolean partial = false;
+ Result<Void> result = null;
+ for (ArtiDAO.Data add : list) {
+ result = deleteArtifact(trans, add);
+ if (result.notOK()) {
+ partial = true;
+ }
+ }
+ if (result == null) {
+ result = Result.err(Result.ERR_BadData, "No Artifacts to delete");
+ } else if (partial) {
+ result.partialContent(true);
+ }
+ return result;
+ } catch (Exception e) {
+ return Result.err(e);
+ }
+ }
+
+ private String[] compileNotes(List<String> notes) {
+ String[] rv;
+ if (notes == null) {
+ rv = NO_NOTES;
+ } else {
+ rv = new String[notes.size()];
+ notes.toArray(rv);
+ }
+ return rv;
+ }
+
+ private ByteBuffer getChallenge256SaltedHash(String challenge, int salt) throws NoSuchAlgorithmException {
+ ByteBuffer bb = ByteBuffer.allocate(Integer.SIZE + challenge.length());
+ bb.putInt(salt);
+ bb.put(challenge.getBytes());
+ byte[] hash = Hash.hashSHA256(bb.array());
+ return ByteBuffer.wrap(hash);
+ }
}
diff --git a/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/service/Code.java b/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/service/Code.java
index ce2ca065..a6663ad7 100644
--- a/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/service/Code.java
+++ b/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/service/Code.java
@@ -28,18 +28,18 @@ import org.onap.aaf.auth.rserv.HttpCode;
public abstract class Code extends HttpCode<AuthzTrans,Facade1_0> implements Cloneable {
- public Code(AAF_CM cma, String description, String ... roles) {
- super(cma.facade1_0, description, roles);
- // Note, the first "Code" will be created with default Facade, "JSON".
- // use clone for another Code with XML
- }
-
+ public Code(AAF_CM cma, String description, String ... roles) {
+ super(cma.facade1_0, description, roles);
+ // Note, the first "Code" will be created with default Facade, "JSON".
+ // use clone for another Code with XML
+ }
+
- public <D extends Code> D clone(Facade1_0 facade) throws Exception {
- @SuppressWarnings("unchecked")
- D d = (D)clone();
- d.context = facade;
- return d;
- }
+ public <D extends Code> D clone(Facade1_0 facade) throws Exception {
+ @SuppressWarnings("unchecked")
+ D d = (D)clone();
+ d.context = facade;
+ return d;
+ }
}
diff --git a/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/validation/CertmanValidator.java b/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/validation/CertmanValidator.java
index d3ce0ace..ea97dd0d 100644
--- a/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/validation/CertmanValidator.java
+++ b/auth/auth-certman/src/main/java/org/onap/aaf/auth/cm/validation/CertmanValidator.java
@@ -37,85 +37,85 @@ import org.onap.aaf.auth.validation.Validator;
*
*/
public class CertmanValidator extends Validator{
- // Repeated Msg fragments
- private static final String MECHID = "mechid";
- private static final String MACHINE = "machine";
- private static final String ARTIFACT_LIST_IS_NULL = "Artifact List is null.";
- private static final String Y = "y.";
- private static final String IES = "ies.";
- private static final String ENTR = " entr";
- private static final String MUST_HAVE_AT_LEAST = " must have at least ";
- private static final String IS_NULL = " is null.";
- private static final String ARTIFACTS_MUST_HAVE_AT_LEAST = "Artifacts must have at least ";
+ // Repeated Msg fragments
+ private static final String MECHID = "mechid";
+ private static final String MACHINE = "machine";
+ private static final String ARTIFACT_LIST_IS_NULL = "Artifact List is null.";
+ private static final String Y = "y.";
+ private static final String IES = "ies.";
+ private static final String ENTR = " entr";
+ private static final String MUST_HAVE_AT_LEAST = " must have at least ";
+ private static final String IS_NULL = " is null.";
+ private static final String ARTIFACTS_MUST_HAVE_AT_LEAST = "Artifacts must have at least ";
- public CertmanValidator nullBlankMin(String name, List<String> list, int min) {
- if(list==null) {
- msg(name + IS_NULL);
- } else {
- if(list.size()<min) {
- msg(name + MUST_HAVE_AT_LEAST + min + ENTR + (min==1?Y:IES));
- } else {
- for(String s : list) {
- nullOrBlank("List Item",s);
- }
- }
- }
- return this;
- }
+ public CertmanValidator nullBlankMin(String name, List<String> list, int min) {
+ if(list==null) {
+ msg(name + IS_NULL);
+ } else {
+ if(list.size()<min) {
+ msg(name + MUST_HAVE_AT_LEAST + min + ENTR + (min==1?Y:IES));
+ } else {
+ for(String s : list) {
+ nullOrBlank("List Item",s);
+ }
+ }
+ }
+ return this;
+ }
- public CertmanValidator artisRequired(List<ArtiDAO.Data> list, int min) {
- if(list==null) {
- msg(ARTIFACT_LIST_IS_NULL);
- } else {
- if(list.size()<min) {
- msg(ARTIFACTS_MUST_HAVE_AT_LEAST + min + ENTR + (min==1?Y:IES));
- } else {
- for(ArtiDAO.Data a : list) {
- allRequired(a);
- }
- }
- }
- return this;
- }
+ public CertmanValidator artisRequired(List<ArtiDAO.Data> list, int min) {
+ if(list==null) {
+ msg(ARTIFACT_LIST_IS_NULL);
+ } else {
+ if(list.size()<min) {
+ msg(ARTIFACTS_MUST_HAVE_AT_LEAST + min + ENTR + (min==1?Y:IES));
+ } else {
+ for(ArtiDAO.Data a : list) {
+ allRequired(a);
+ }
+ }
+ }
+ return this;
+ }
- public CertmanValidator artisKeys(List<ArtiDAO.Data> list, int min) {
- if(list==null) {
- msg(ARTIFACT_LIST_IS_NULL);
- } else {
- if(list.size()<min) {
- msg(ARTIFACTS_MUST_HAVE_AT_LEAST + min + ENTR + (min==1?Y:IES));
- } else {
- for(ArtiDAO.Data a : list) {
- keys(a);
- }
- }
- }
- return this;
- }
+ public CertmanValidator artisKeys(List<ArtiDAO.Data> list, int min) {
+ if(list==null) {
+ msg(ARTIFACT_LIST_IS_NULL);
+ } else {
+ if(list.size()<min) {
+ msg(ARTIFACTS_MUST_HAVE_AT_LEAST + min + ENTR + (min==1?Y:IES));
+ } else {
+ for(ArtiDAO.Data a : list) {
+ keys(a);
+ }
+ }
+ }
+ return this;
+ }
- public CertmanValidator keys(ArtiDAO.Data add) {
- if(add==null) {
- msg("Artifact is null.");
- } else {
- nullOrBlank(MECHID, add.mechid);
- nullOrBlank(MACHINE, add.machine);
- }
- return this;
- }
-
- private CertmanValidator allRequired(Data a) {
- if(a==null) {
- msg("Artifact is null.");
- } else {
- nullOrBlank(MECHID, a.mechid);
- nullOrBlank(MACHINE, a.machine);
- nullOrBlank("ca",a.ca);
- nullOrBlank("dir",a.dir);
- nullOrBlank("os_user",a.os_user);
- // Note: AppName, Notify & Sponsor are currently not required
- }
- return this;
- }
+ public CertmanValidator keys(ArtiDAO.Data add) {
+ if(add==null) {
+ msg("Artifact is null.");
+ } else {
+ nullOrBlank(MECHID, add.mechid);
+ nullOrBlank(MACHINE, add.machine);
+ }
+ return this;
+ }
+
+ private CertmanValidator allRequired(Data a) {
+ if(a==null) {
+ msg("Artifact is null.");
+ } else {
+ nullOrBlank(MECHID, a.mechid);
+ nullOrBlank(MACHINE, a.machine);
+ nullOrBlank("ca",a.ca);
+ nullOrBlank("dir",a.dir);
+ nullOrBlank("os_user",a.os_user);
+ // Note: AppName, Notify & Sponsor are currently not required
+ }
+ return this;
+ }
}
diff --git a/auth/auth-certman/src/test/java/org/onap/aaf/auth/cm/api/JU_API_Artifact.java b/auth/auth-certman/src/test/java/org/onap/aaf/auth/cm/api/JU_API_Artifact.java
index f50190d3..fc450bef 100644
--- a/auth/auth-certman/src/test/java/org/onap/aaf/auth/cm/api/JU_API_Artifact.java
+++ b/auth/auth-certman/src/test/java/org/onap/aaf/auth/cm/api/JU_API_Artifact.java
@@ -41,67 +41,67 @@ import org.onap.aaf.auth.env.AuthzTrans;
@RunWith(MockitoJUnitRunner.class)
public class JU_API_Artifact {
-
- @Mock
- private static API_Artifact api;
-
- @Mock
- private static AAF_CM certManApi;
-
- private static AAF_CM noMockAPI;
- private static API_Artifact api_1;
-
- private static HttpServletRequest req;
- private static HttpServletResponse res;
-
- @BeforeClass
- public static void setUp() {
- AuthzTrans trans = mock(AuthzTrans.class);
- req = mock(HttpServletRequest.class);
- trans.setProperty("testTag", "UserValue");
- trans.set(req);
- }
-
- @Rule
+
+ @Mock
+ private static API_Artifact api;
+
+ @Mock
+ private static AAF_CM certManApi;
+
+ private static AAF_CM noMockAPI;
+ private static API_Artifact api_1;
+
+ private static HttpServletRequest req;
+ private static HttpServletResponse res;
+
+ @BeforeClass
+ public static void setUp() {
+ AuthzTrans trans = mock(AuthzTrans.class);
+ req = mock(HttpServletRequest.class);
+ trans.setProperty("testTag", "UserValue");
+ trans.set(req);
+ }
+
+ @Rule
public ExpectedException thrown= ExpectedException.none();
-
- @Test
- public void init_bothValued() {
- try {
- api.init(certManApi);
- } catch (Exception e) {
- thrown.expect(NullPointerException.class);
- e.printStackTrace();
- }
- }
-
- @Test
- public void init_Null_() {
- try {
- api.init(null);
- } catch (Exception e) {
- //thrown.expect(Exception.class);
- e.printStackTrace();
- }
- }
-
- @Test
- public void init_NMC_Null() {
- try {
- api_1.init(null);
- } catch (Exception e) {
- //thrown.expect(NullPointerException.class);
- e.printStackTrace();
- }
- }
-
- @Test
- public void init_NMC() {
- try {
- api_1.init(noMockAPI);
- } catch (Exception e) {
- //thrown.expect(NullPointerException.class);
- e.printStackTrace();
- }
- }
+
+ @Test
+ public void init_bothValued() {
+ try {
+ api.init(certManApi);
+ } catch (Exception e) {
+ thrown.expect(NullPointerException.class);
+ e.printStackTrace();
+ }
+ }
+
+ @Test
+ public void init_Null_() {
+ try {
+ api.init(null);
+ } catch (Exception e) {
+ //thrown.expect(Exception.class);
+ e.printStackTrace();
+ }
+ }
+
+ @Test
+ public void init_NMC_Null() {
+ try {
+ api_1.init(null);
+ } catch (Exception e) {
+ //thrown.expect(NullPointerException.class);
+ e.printStackTrace();
+ }
+ }
+
+ @Test
+ public void init_NMC() {
+ try {
+ api_1.init(noMockAPI);
+ } catch (Exception e) {
+ //thrown.expect(NullPointerException.class);
+ e.printStackTrace();
+ }
+ }
}
diff --git a/auth/auth-certman/src/test/java/org/onap/aaf/auth/cm/api/JU_API_Cert.java b/auth/auth-certman/src/test/java/org/onap/aaf/auth/cm/api/JU_API_Cert.java
index dbd66e41..f42a02a9 100644
--- a/auth/auth-certman/src/test/java/org/onap/aaf/auth/cm/api/JU_API_Cert.java
+++ b/auth/auth-certman/src/test/java/org/onap/aaf/auth/cm/api/JU_API_Cert.java
@@ -41,67 +41,67 @@ import org.onap.aaf.auth.env.AuthzTrans;
@RunWith(MockitoJUnitRunner.class)
public class JU_API_Cert {
-
- @Mock
- private static API_Cert api;
-
- @Mock
- private static AAF_CM certManApi;
-
- private static AAF_CM noMockAPI;
- private static API_Cert api_1;
-
- private static HttpServletRequest req;
- private static HttpServletResponse res;
-
- @BeforeClass
- public static void setUp() {
- AuthzTrans trans = mock(AuthzTrans.class);
- req = mock(HttpServletRequest.class);
- trans.setProperty("testTag", "UserValue");
- trans.set(req);
- }
-
- @Rule
+
+ @Mock
+ private static API_Cert api;
+
+ @Mock
+ private static AAF_CM certManApi;
+
+ private static AAF_CM noMockAPI;
+ private static API_Cert api_1;
+
+ private static HttpServletRequest req;
+ private static HttpServletResponse res;
+
+ @BeforeClass
+ public static void setUp() {
+ AuthzTrans trans = mock(AuthzTrans.class);
+ req = mock(HttpServletRequest.class);
+ trans.setProperty("testTag", "UserValue");
+ trans.set(req);
+ }
+
+ @Rule
public ExpectedException thrown= ExpectedException.none();
-
- @Test
- public void init_bothValued() {
- try {
- api.init(certManApi);
- } catch (Exception e) {
- //thrown.expect(NullPointerException.class);
- e.printStackTrace();
- }
- }
-
- @Test
- public void init_Null_() {
- try {
- api.init(null);
- } catch (Exception e) {
- //thrown.expect(Exception.class);
- e.printStackTrace();
- }
- }
-
- @Test
- public void init_NMC_Null() {
- try {
- api_1.init(null);
- } catch (Exception e) {
- //thrown.expect(NullPointerException.class);
- e.printStackTrace();
- }
- }
-
- @Test
- public void init_NMC() {
- try {
- api_1.init(noMockAPI);
- } catch (Exception e) {
- //thrown.expect(NullPointerException.class);
- e.printStackTrace();
- }
- }
+
+ @Test
+ public void init_bothValued() {
+ try {
+ api.init(certManApi);
+ } catch (Exception e) {
+ //thrown.expect(NullPointerException.class);
+ e.printStackTrace();
+ }
+ }
+
+ @Test
+ public void init_Null_() {
+ try {
+ api.init(null);
+ } catch (Exception e) {
+ //thrown.expect(Exception.class);
+ e.printStackTrace();
+ }
+ }
+
+ @Test
+ public void init_NMC_Null() {
+ try {
+ api_1.init(null);
+ } catch (Exception e) {
+ //thrown.expect(NullPointerException.class);
+ e.printStackTrace();
+ }
+ }
+
+ @Test
+ public void init_NMC() {
+ try {
+ api_1.init(noMockAPI);
+ } catch (Exception e) {
+ //thrown.expect(NullPointerException.class);
+ e.printStackTrace();
+ }
+ }
}
diff --git a/auth/auth-certman/src/test/java/org/onap/aaf/auth/cm/ca/JU_AppCA.java b/auth/auth-certman/src/test/java/org/onap/aaf/auth/cm/ca/JU_AppCA.java
index 1ab0f4bd..1c38a8ed 100644
--- a/auth/auth-certman/src/test/java/org/onap/aaf/auth/cm/ca/JU_AppCA.java
+++ b/auth/auth-certman/src/test/java/org/onap/aaf/auth/cm/ca/JU_AppCA.java
@@ -60,223 +60,223 @@ import org.onap.aaf.misc.env.Trans;
//TODO: Gabe [JUnit] Import does not exist
@RunWith(MockitoJUnitRunner.class)
public class JU_AppCA {
-
- @Mock
- private static CachedCertDAO certDAO;
-
- @Mock
- private static HttpServletRequest req;
-
- @Mock
- private static CSRMeta csrMeta;
-
- static Trans trans;
-
- static X509andChain cert1;
- static byte [] name = {1,23,4,54,6,56};
-
- private static LocalCA localCA;
-
- @BeforeClass
- public static void setUp() throws CertificateException, CertException, IOException {
- String str = "core java api";
+
+ @Mock
+ private static CachedCertDAO certDAO;
+
+ @Mock
+ private static HttpServletRequest req;
+
+ @Mock
+ private static CSRMeta csrMeta;
+
+ static Trans trans;
+
+ static X509andChain cert1;
+ static byte [] name = {1,23,4,54,6,56};
+
+ private static LocalCA localCA;
+
+ @BeforeClass
+ public static void setUp() throws CertificateException, CertException, IOException {
+ String str = "core java api";
byte[] b = str.getBytes();
- Principal prc = new X500Principal("CN=Duke, OU=JavaSoft, O=Sun Microsystems, C=US");
- req = mock(HttpServletRequest.class);
- localCA = mock(LocalCA.class);
- X509Certificate cert = new X509Certificate() {
-
- @Override
- public boolean hasUnsupportedCriticalExtension() {
- return false;
- }
-
- @Override
- public Set<String> getNonCriticalExtensionOIDs() {
-
- return null;
- }
-
- @Override
- public byte[] getExtensionValue(String oid) {
-
- return null;
- }
-
- @Override
- public Set<String> getCriticalExtensionOIDs() {
-
- return null;
- }
-
- @Override
- public void verify(PublicKey key, String sigProvider) throws CertificateException, NoSuchAlgorithmException,
- InvalidKeyException, NoSuchProviderException, SignatureException {
-
-
- }
-
- @Override
- public void verify(PublicKey key) throws CertificateException, NoSuchAlgorithmException, InvalidKeyException,
- NoSuchProviderException, SignatureException {
-
-
- }
-
- @Override
- public String toString() {
-
- return null;
- }
-
- @Override
- public PublicKey getPublicKey() {
-
- return null;
- }
-
- @Override
- public byte[] getEncoded() throws CertificateEncodingException {
-
- return null;
- }
-
- @Override
- public int getVersion() {
-
- return 0;
- }
-
- @Override
- public byte[] getTBSCertificate() throws CertificateEncodingException {
-
- return null;
- }
-
- @Override
- public boolean[] getSubjectUniqueID() {
-
- return null;
- }
-
- @Override
- public Principal getSubjectDN() {
-
- return null;
- }
-
- @Override
- public byte[] getSignature() {
-
- return null;
- }
-
- @Override
- public byte[] getSigAlgParams() {
-
- return null;
- }
-
- @Override
- public String getSigAlgOID() {
-
- return null;
- }
-
- @Override
- public String getSigAlgName() {
-
- return null;
- }
-
- @Override
- public BigInteger getSerialNumber() {
-
- return null;
- }
-
- @Override
- public Date getNotBefore() {
-
- return null;
- }
-
- @Override
- public Date getNotAfter() {
-
- return null;
- }
-
- @Override
- public boolean[] getKeyUsage() {
-
- return null;
- }
-
- @Override
- public boolean[] getIssuerUniqueID() {
-
- return null;
- }
-
- @Override
- public Principal getIssuerDN() {
-
- return null;
- }
-
- @Override
- public int getBasicConstraints() {
-
- return 0;
- }
-
- @Override
- public void checkValidity(Date date) throws CertificateExpiredException, CertificateNotYetValidException {
-
-
- }
-
- @Override
- public void checkValidity() throws CertificateExpiredException, CertificateNotYetValidException {
-
- }
- };
- X509andChain xac = new X509andChain(cert, new ArrayList<>());
- when(localCA.sign(Mockito.any(Trans.class), Mockito.any(CSRMeta.class))).thenReturn(xac);
- certDAO = mock(CachedCertDAO.class, CALLS_REAL_METHODS);
- }
-
- @Test
- public void identity_True() throws CertificateException, IOException, CertException {
- assertNotNull(localCA.sign(trans, csrMeta));
- }
-
-
- @Test
- public void identityNull() throws CertificateException {
- try {
- assertNotNull(localCA.sign(null, csrMeta));
- } catch (IOException e) {
-
- e.printStackTrace();
- } catch (CertException e) {
-
- e.printStackTrace();
- }
- }
-
- @Test
- public void identityBothNull() throws CertificateException {
- try {
- assertNotNull(localCA.sign(null, null));
- } catch (IOException e) {
-
- e.printStackTrace();
- } catch (CertException e) {
-
- e.printStackTrace();
- }
- }
+ Principal prc = new X500Principal("CN=Duke, OU=JavaSoft, O=Sun Microsystems, C=US");
+ req = mock(HttpServletRequest.class);
+ localCA = mock(LocalCA.class);
+ X509Certificate cert = new X509Certificate() {
+
+ @Override
+ public boolean hasUnsupportedCriticalExtension() {
+ return false;
+ }
+
+ @Override
+ public Set<String> getNonCriticalExtensionOIDs() {
+
+ return null;
+ }
+
+ @Override
+ public byte[] getExtensionValue(String oid) {
+
+ return null;
+ }
+
+ @Override
+ public Set<String> getCriticalExtensionOIDs() {
+
+ return null;
+ }
+
+ @Override
+ public void verify(PublicKey key, String sigProvider) throws CertificateException, NoSuchAlgorithmException,
+ InvalidKeyException, NoSuchProviderException, SignatureException {
+
+
+ }
+
+ @Override
+ public void verify(PublicKey key) throws CertificateException, NoSuchAlgorithmException, InvalidKeyException,
+ NoSuchProviderException, SignatureException {
+
+
+ }
+
+ @Override
+ public String toString() {
+
+ return null;
+ }
+
+ @Override
+ public PublicKey getPublicKey() {
+
+ return null;
+ }
+
+ @Override
+ public byte[] getEncoded() throws CertificateEncodingException {
+
+ return null;
+ }
+
+ @Override
+ public int getVersion() {
+
+ return 0;
+ }
+
+ @Override
+ public byte[] getTBSCertificate() throws CertificateEncodingException {
+
+ return null;
+ }
+
+ @Override
+ public boolean[] getSubjectUniqueID() {
+
+ return null;
+ }
+
+ @Override
+ public Principal getSubjectDN() {
+
+ return null;
+ }
+
+ @Override
+ public byte[] getSignature() {
+
+ return null;
+ }
+
+ @Override
+ public byte[] getSigAlgParams() {
+
+ return null;
+ }
+
+ @Override
+ public String getSigAlgOID() {
+
+ return null;
+ }
+
+ @Override
+ public String getSigAlgName() {
+
+ return null;
+ }
+
+ @Override
+ public BigInteger getSerialNumber() {
+
+ return null;
+ }
+
+ @Override
+ public Date getNotBefore() {
+
+ return null;
+ }
+
+ @Override
+ public Date getNotAfter() {
+
+ return null;
+ }
+
+ @Override
+ public boolean[] getKeyUsage() {
+
+ return null;
+ }
+
+ @Override
+ public boolean[] getIssuerUniqueID() {
+
+ return null;
+ }
+
+ @Override
+ public Principal getIssuerDN() {
+
+ return null;
+ }
+
+ @Override
+ public int getBasicConstraints() {
+
+ return 0;
+ }
+
+ @Override
+ public void checkValidity(Date date) throws CertificateExpiredException, CertificateNotYetValidException {
+
+
+ }
+
+ @Override
+ public void checkValidity() throws CertificateExpiredException, CertificateNotYetValidException {
+
+ }
+ };
+ X509andChain xac = new X509andChain(cert, new ArrayList<>());
+ when(localCA.sign(Mockito.any(Trans.class), Mockito.any(CSRMeta.class))).thenReturn(xac);
+ certDAO = mock(CachedCertDAO.class, CALLS_REAL_METHODS);
+ }
+
+ @Test
+ public void identity_True() throws CertificateException, IOException, CertException {
+ assertNotNull(localCA.sign(trans, csrMeta));
+ }
+
+
+ @Test
+ public void identityNull() throws CertificateException {
+ try {
+ assertNotNull(localCA.sign(null, csrMeta));
+ } catch (IOException e) {
+
+ e.printStackTrace();
+ } catch (CertException e) {
+
+ e.printStackTrace();
+ }
+ }
+
+ @Test
+ public void identityBothNull() throws CertificateException {
+ try {
+ assertNotNull(localCA.sign(null, null));
+ } catch (IOException e) {
+
+ e.printStackTrace();
+ } catch (CertException e) {
+
+ e.printStackTrace();
+ }
+ }
}
diff --git a/auth/auth-certman/src/test/java/org/onap/aaf/auth/cm/cert/JU_BCFactory.java b/auth/auth-certman/src/test/java/org/onap/aaf/auth/cm/cert/JU_BCFactory.java
index 337bc9ed..eae37640 100644
--- a/auth/auth-certman/src/test/java/org/onap/aaf/auth/cm/cert/JU_BCFactory.java
+++ b/auth/auth-certman/src/test/java/org/onap/aaf/auth/cm/cert/JU_BCFactory.java
@@ -47,82 +47,82 @@ import org.onap.aaf.misc.env.Trans;
@RunWith(MockitoJUnitRunner.class)
public class JU_BCFactory {
-
- private static BCFactory bcFactory = new BCFactory();
-
- private static BCFactory bcFact;
-
- private static PrivateKey pk;
-
-
- private static Trans trans;
-
-
- private static PKCS10CertificationRequest req;
-
- @BeforeClass
- public static void setUp() throws IOException {
- pk = new XYZKey();
- trans = mock(Trans.class);
- req = mock(PKCS10CertificationRequest.class);
- when(req.getEncoded()).thenReturn(new byte[1]);
- when(trans.start(Mockito.anyString(), Mockito.anyInt())).thenReturn(new TimeTaken(null, 0) {
-
- @Override
- public void output(StringBuilder sb) {
- // TODO Auto-generated method stub
-
- }
- });
- bcFact = mock(BCFactory.class);
- }
-
- @Test
- public void toStrin() throws OperatorCreationException, IOException, CertException {
- assertNotNull(bcFactory.toString(req));
- }
-
- @Test
- public void toStrinMoc() throws OperatorCreationException, IOException, CertException {
- assertNotNull(bcFact.toString(req));
- }
-
- @Rule
+
+ private static BCFactory bcFactory = new BCFactory();
+
+ private static BCFactory bcFact;
+
+ private static PrivateKey pk;
+
+
+ private static Trans trans;
+
+
+ private static PKCS10CertificationRequest req;
+
+ @BeforeClass
+ public static void setUp() throws IOException {
+ pk = new XYZKey();
+ trans = mock(Trans.class);
+ req = mock(PKCS10CertificationRequest.class);
+ when(req.getEncoded()).thenReturn(new byte[1]);
+ when(trans.start(Mockito.anyString(), Mockito.anyInt())).thenReturn(new TimeTaken(null, 0) {
+
+ @Override
+ public void output(StringBuilder sb) {
+ // TODO Auto-generated method stub
+
+ }
+ });
+ bcFact = mock(BCFactory.class);
+ }
+
+ @Test
+ public void toStrin() throws OperatorCreationException, IOException, CertException {
+ assertNotNull(bcFactory.toString(req));
+ }
+
+ @Test
+ public void toStrinMoc() throws OperatorCreationException, IOException, CertException {
+ assertNotNull(bcFact.toString(req));
+ }
+
+ @Rule
public ExpectedException thrown= ExpectedException.none();
-
- @Test
- public void toCSR() {
- try {
- assertNotNull(bcFactory.toCSR(trans, new File("/random/path")));
- thrown.expect(FileNotFoundException.class);
- } catch (IOException e) {
-
- e.printStackTrace();
- }
- }
-
+
+ @Test
+ public void toCSR() {
+ try {
+ assertNotNull(bcFactory.toCSR(trans, new File("/random/path")));
+ thrown.expect(FileNotFoundException.class);
+ } catch (IOException e) {
+
+ e.printStackTrace();
+ }
+ }
+
}
class XYZKey implements Key, PublicKey, PrivateKey {
-
- int rotValue;
- public XYZKey() {
- rotValue = 1200213;
- }
- public String getAlgorithm() {
- return "XYZ";
- }
+
+ int rotValue;
+ public XYZKey() {
+ rotValue = 1200213;
+ }
+ public String getAlgorithm() {
+ return "XYZ";
+ }
- public String getFormat() {
- return "XYZ Special Format";
- }
+ public String getFormat() {
+ return "XYZ Special Format";
+ }
- public byte[] getEncoded() {
- byte b[] = new byte[4];
- b[3] = (byte) ((rotValue << 24) & 0xff);
- b[2] = (byte) ((rotValue << 16) & 0xff);
- b[1] = (byte) ((rotValue << 8) & 0xff);
- b[0] = (byte) ((rotValue << 0) & 0xff);
- return b;
- }
+ public byte[] getEncoded() {
+ byte b[] = new byte[4];
+ b[3] = (byte) ((rotValue << 24) & 0xff);
+ b[2] = (byte) ((rotValue << 16) & 0xff);
+ b[1] = (byte) ((rotValue << 8) & 0xff);
+ b[0] = (byte) ((rotValue << 0) & 0xff);
+ return b;
+ }
}
diff --git a/auth/auth-certman/src/test/java/org/onap/aaf/auth/cm/facade/JU_FacadeImpl.java b/auth/auth-certman/src/test/java/org/onap/aaf/auth/cm/facade/JU_FacadeImpl.java
index 27ac04e5..48f5f1b6 100644
--- a/auth/auth-certman/src/test/java/org/onap/aaf/auth/cm/facade/JU_FacadeImpl.java
+++ b/auth/auth-certman/src/test/java/org/onap/aaf/auth/cm/facade/JU_FacadeImpl.java
@@ -52,134 +52,134 @@ import org.onap.aaf.misc.env.TimeTaken;
@RunWith(MockitoJUnitRunner.class)
public class JU_FacadeImpl<REQ,CERT,ARTIFACTS,ERROR> {
-
- private static AuthzTrans trans;
- private static HttpServletResponse resp;
- private static AAF_CM certman;
- private static FacadeImpl hImpl;
- private static CMService service;
- private Mapper<REQ,CERT,ARTIFACTS,ERROR> mapper;
- private Data.TYPE dataType;
- private static AuthzEnv env;
-
- private static FacadeImpl fImpl;
- private static HttpServletRequest req;
-
- @Before
- public void setUp() throws APIException, IOException {
- fImpl = mock(FacadeImpl.class);
- env = mock(AuthzEnv.class);
- resp = mock(HttpServletResponse.class);
- req = mock(HttpServletRequest.class);
- hImpl = mock(FacadeImpl.class, CALLS_REAL_METHODS);
- Result<Void> rvd = (Result) mock(Result.class);
- trans = mock(AuthzTrans.class);
- when(trans.error()).thenReturn(new LogTarget() {
-
- @Override
- public void printf(String fmt, Object... vars) {}
-
- @Override
- public void log(Throwable e, Object... msgs) {
- e.getMessage();
- e.printStackTrace();
- msgs.toString();
-
- }
-
- @Override
- public void log(Object... msgs) {
- }
-
- @Override
- public boolean isLoggable() {
-
- return false;
- }
- });
- when(trans.start(Mockito.anyString(), Mockito.anyInt())).thenReturn(new TimeTaken("Now", 1) {
-
- @Override
- public void output(StringBuilder sb) {
-
- }
- });
- when(fImpl.check(Mockito.any(AuthzTrans.class), Mockito.any(HttpServletResponse.class), Mockito.anyString())).thenReturn(rvd);
- when(resp.getOutputStream()).thenReturn(new ServletOutputStream() {
-
- @Override
- public void write(int b) throws IOException {
-
-
- }
- });
-
- }
-
- @Test
- public void check() throws IOException {
- AAFPermission ap = new AAFPermission("str0","str1","str3","str2");
- String perms = ap.getInstance();
- assertNotNull(hImpl.check(trans, resp, perms));
- }
-
- @Test
- public void checkNull() throws IOException {
- AAFPermission ap = new AAFPermission(null,null,"Str3","str2");
- String perms = ap.getInstance();
- assertNotNull(hImpl.check(trans, resp, perms));
- }
-
- @Test
- public void checkTwoNull() throws IOException {
- AAFPermission ap = new AAFPermission(null,null,null,"str2");
- String perms = ap.getInstance();
- assertNotNull(fImpl.check(trans, resp, perms));
- }
-
- @Test
- public void checkAllNull() throws IOException {
- AAFPermission ap = new AAFPermission(null,null,null,null);
- String perms = ap.getInstance();
- assertNotNull(fImpl.check(trans, resp, perms));
- }
-
- @Test
- public void checkTrans_null() throws IOException {
- AAFPermission ap = new AAFPermission("str0","str1","str3","str2");
- String perms = ap.getInstance();
- assertNotNull(hImpl.check(null, resp, perms));
- }
-
- @Test
- public void checkRespNull() throws IOException {
- AAFPermission ap = new AAFPermission("str0","str1","str3","str2");
- String perms = ap.getInstance();
- assertNotNull(hImpl.check(trans, null, perms));
- }
-
- @Test
- public void requestCert() {
- assertNotNull(hImpl.requestCert(trans, req, resp, null));
- }
-
- @Test
- public void renewCert() {
- assertNotNull(hImpl.renewCert(trans, req, resp, true));
- }
-
- @Test
- public void dropCert() {
- assertNotNull(hImpl.renewCert(trans, req, resp, true));
- }
-
- @Test
- public void createArtifacts() {
- assertNotNull(hImpl.createArtifacts(trans, req, resp));
- }
-
- @Test
- public void readArtifacts() {
- assertNotNull(hImpl.readArtifacts(trans, req, resp));
- }
+
+ private static AuthzTrans trans;
+ private static HttpServletResponse resp;
+ private static AAF_CM certman;
+ private static FacadeImpl hImpl;
+ private static CMService service;
+ private Mapper<REQ,CERT,ARTIFACTS,ERROR> mapper;
+ private Data.TYPE dataType;
+ private static AuthzEnv env;
+
+ private static FacadeImpl fImpl;
+ private static HttpServletRequest req;
+
+ @Before
+ public void setUp() throws APIException, IOException {
+ fImpl = mock(FacadeImpl.class);
+ env = mock(AuthzEnv.class);
+ resp = mock(HttpServletResponse.class);
+ req = mock(HttpServletRequest.class);
+ hImpl = mock(FacadeImpl.class, CALLS_REAL_METHODS);
+ Result<Void> rvd = (Result) mock(Result.class);
+ trans = mock(AuthzTrans.class);
+ when(trans.error()).thenReturn(new LogTarget() {
+
+ @Override
+ public void printf(String fmt, Object... vars) {}
+
+ @Override
+ public void log(Throwable e, Object... msgs) {
+ e.getMessage();
+ e.printStackTrace();
+ msgs.toString();
+
+ }
+
+ @Override
+ public void log(Object... msgs) {
+ }
+
+ @Override
+ public boolean isLoggable() {
+
+ return false;
+ }
+ });
+ when(trans.start(Mockito.anyString(), Mockito.anyInt())).thenReturn(new TimeTaken("Now", 1) {
+
+ @Override
+ public void output(StringBuilder sb) {
+
+ }
+ });
+ when(fImpl.check(Mockito.any(AuthzTrans.class), Mockito.any(HttpServletResponse.class), Mockito.anyString())).thenReturn(rvd);
+ when(resp.getOutputStream()).thenReturn(new ServletOutputStream() {
+
+ @Override
+ public void write(int b) throws IOException {
+
+
+ }
+ });
+
+ }
+
+ @Test
+ public void check() throws IOException {
+ AAFPermission ap = new AAFPermission("str0","str1","str3","str2");
+ String perms = ap.getInstance();
+ assertNotNull(hImpl.check(trans, resp, perms));
+ }
+
+ @Test
+ public void checkNull() throws IOException {
+ AAFPermission ap = new AAFPermission(null,null,"Str3","str2");
+ String perms = ap.getInstance();
+ assertNotNull(hImpl.check(trans, resp, perms));
+ }
+
+ @Test
+ public void checkTwoNull() throws IOException {
+ AAFPermission ap = new AAFPermission(null,null,null,"str2");
+ String perms = ap.getInstance();
+ assertNotNull(fImpl.check(trans, resp, perms));
+ }
+
+ @Test
+ public void checkAllNull() throws IOException {
+ AAFPermission ap = new AAFPermission(null,null,null,null);
+ String perms = ap.getInstance();
+ assertNotNull(fImpl.check(trans, resp, perms));
+ }
+
+ @Test
+ public void checkTrans_null() throws IOException {
+ AAFPermission ap = new AAFPermission("str0","str1","str3","str2");
+ String perms = ap.getInstance();
+ assertNotNull(hImpl.check(null, resp, perms));
+ }
+
+ @Test
+ public void checkRespNull() throws IOException {
+ AAFPermission ap = new AAFPermission("str0","str1","str3","str2");
+ String perms = ap.getInstance();
+ assertNotNull(hImpl.check(trans, null, perms));
+ }
+
+ @Test
+ public void requestCert() {
+ assertNotNull(hImpl.requestCert(trans, req, resp, null));
+ }
+
+ @Test
+ public void renewCert() {
+ assertNotNull(hImpl.renewCert(trans, req, resp, true));
+ }
+
+ @Test
+ public void dropCert() {
+ assertNotNull(hImpl.renewCert(trans, req, resp, true));
+ }
+
+ @Test
+ public void createArtifacts() {
+ assertNotNull(hImpl.createArtifacts(trans, req, resp));
+ }
+
+ @Test
+ public void readArtifacts() {
+ assertNotNull(hImpl.readArtifacts(trans, req, resp));
+ }
}
diff --git a/auth/auth-certman/src/test/java/org/onap/aaf/auth/cm/test/CertmanTest.java b/auth/auth-certman/src/test/java/org/onap/aaf/auth/cm/test/CertmanTest.java
index a8f9934a..90875dab 100644
--- a/auth/auth-certman/src/test/java/org/onap/aaf/auth/cm/test/CertmanTest.java
+++ b/auth/auth-certman/src/test/java/org/onap/aaf/auth/cm/test/CertmanTest.java
@@ -58,109 +58,109 @@ import junit.framework.Assert;
public class CertmanTest {
- private static HMangr hman;
- private static AuthzEnv env;
- private static HBasicAuthSS ss;
- private static RosettaDF<CertificateRequest> reqDF;
- private static RosettaDF<CertInfo> certDF;
+ private static HMangr hman;
+ private static AuthzEnv env;
+ private static HBasicAuthSS ss;
+ private static RosettaDF<CertificateRequest> reqDF;
+ private static RosettaDF<CertInfo> certDF;
- @BeforeClass
- public static void setUpBeforeClass() throws Exception {
- env = new AuthzEnv();
-// InputStream ris = env.classLoader().getResource("certman.props").openStream();
-// try {
-// env.load(ris);
-// } finally {
-// ris.close();
-// }
+ @BeforeClass
+ public static void setUpBeforeClass() throws Exception {
+ env = new AuthzEnv();
+// InputStream ris = env.classLoader().getResource("certman.props").openStream();
+// try {
+// env.load(ris);
+// } finally {
+// ris.close();
+// }
//
-// Locator<URI> loc = new DNSLocator(env, "https", "aaf.it.att.com", "8150");
-// for(Item item = loc.first(); item!=null; item=loc.next(item)) {
-// System.out.println(loc.get(item));
-// }
-//
-//
-// SecurityInfoC<HttpURLConnection> si = SecurityInfoC.instance(env, HttpURLConnection.class);
-// ss = new HBasicAuthSS(si,"m12345@aaf.att.com",
-// env.decrypt("enc:gvptdJyo0iKdVZw2rzMb0woxa7YKMdqLuhfQ4OQfZ8k",false));
-// env.decrypt("enc:jFfAnO3mOKb9Gzm2OFysslmXpbnyuAxuoNJK",false), si);
-// SecuritySetter<HttpURLConnection> ss = new X509SS(si, "aaf");
-
-// hman = new HMangr(env,loc);
+// Locator<URI> loc = new DNSLocator(env, "https", "aaf.it.att.com", "8150");
+// for(Item item = loc.first(); item!=null; item=loc.next(item)) {
+// System.out.println(loc.get(item));
+// }
+//
+//
+// SecurityInfoC<HttpURLConnection> si = SecurityInfoC.instance(env, HttpURLConnection.class);
+// ss = new HBasicAuthSS(si,"m12345@aaf.att.com",
+// env.decrypt("enc:gvptdJyo0iKdVZw2rzMb0woxa7YKMdqLuhfQ4OQfZ8k",false));
+// env.decrypt("enc:jFfAnO3mOKb9Gzm2OFysslmXpbnyuAxuoNJK",false), si);
+// SecuritySetter<HttpURLConnection> ss = new X509SS(si, "aaf");
+
+// hman = new HMangr(env,loc);
//
-// reqDF = env.newDataFactory(CertificateRequest.class);
-// reqDF.out(TYPE.JSON);
-// certDF = env.newDataFactory(CertInfo.class);
- }
+// reqDF = env.newDataFactory(CertificateRequest.class);
+// reqDF.out(TYPE.JSON);
+// certDF = env.newDataFactory(CertInfo.class);
+ }
-// @AfterClass
-// public static void tearDownAfterClass() throws Exception {
-// hman.close();
-// }
+// @AfterClass
+// public static void tearDownAfterClass() throws Exception {
+// hman.close();
+// }
- @Before
- public void setUp() throws Exception {
+ @Before
+ public void setUp() throws Exception {
- }
+ }
- @After
- public void tearDown() throws Exception {
- }
+ @After
+ public void tearDown() throws Exception {
+ }
-// @Test
-// public void testX500Name() throws Exception {
-//
-// for( InetAddress ia : InetAddress.getAllByName("aaf.dev.att.com")) {
-// System.out.printf("%s - %s\n", ia.getHostName(), ia.getHostAddress());
-// InetAddress ia1 = InetAddress.getByName(ia.getHostAddress());
-// System.out.printf("%s - %s\n", ia1.getHostName(), ia1.getHostAddress());
-// }
-//
-// hman.best(ss, new Retryable<Void>() {
-// @Override
-// public Void code(Rcli<?> client) throws APIException, CadiException {
-// CertificateRequest cr = new CertificateRequest();
-// cr.setMechid("a12345@org.osaaf.org");
-// cr.setSponsor("something");
-// cr.getFqdns().add("mithrilcsp.sbc.com");
-// cr.getFqdns().add("zld01907.vci.att.com");
-// cr.getFqdns().add("aaftest.test.att.com");
-//
-// String path = "/cert/local"; // Local Test
-//// String path = "/cert/aaf"; // Official CA
-// long end=0,start = System.nanoTime();
-// try {
-// System.out.println(reqDF.newData().option(Data.PRETTY).load(cr).asString());
-// Future<String> f = client.updateRespondString(path, reqDF, cr);
-// if(f.get(10000)) {
-// end = System.nanoTime();
-// System.out.println(f.body());
-// CertInfo capi = certDF.newData().in(Data.TYPE.JSON).load(f.body()).asObject();
-// for(String c :capi.getCerts()) {
-// for( java.security.cert.Certificate x509 : Factory.toX509Certificate(c)) {
-// System.out.println(x509.toString());
-// }
-// }
-// } else {
-// end = System.nanoTime();
-// String msg = "Client returned " + f.code() + ": " + f.body();
-// System.out.println(msg);
-// Assert.fail(msg);
-// }
-// } catch (CertificateException e) {
-// throw new CadiException(e);
-// } finally {
-// System.out.println(Chrono.millisFromNanos(start,end) + " ms");
-// }
-// return null;
-// }
-// });
-//
-//
-// }
+// @Test
+// public void testX500Name() throws Exception {
+//
+// for( InetAddress ia : InetAddress.getAllByName("aaf.dev.att.com")) {
+// System.out.printf("%s - %s\n", ia.getHostName(), ia.getHostAddress());
+// InetAddress ia1 = InetAddress.getByName(ia.getHostAddress());
+// System.out.printf("%s - %s\n", ia1.getHostName(), ia1.getHostAddress());
+// }
+//
+// hman.best(ss, new Retryable<Void>() {
+// @Override
+// public Void code(Rcli<?> client) throws APIException, CadiException {
+// CertificateRequest cr = new CertificateRequest();
+// cr.setMechid("a12345@org.osaaf.org");
+// cr.setSponsor("something");
+// cr.getFqdns().add("mithrilcsp.sbc.com");
+// cr.getFqdns().add("zld01907.vci.att.com");
+// cr.getFqdns().add("aaftest.test.att.com");
+//
+// String path = "/cert/local"; // Local Test
+//// String path = "/cert/aaf"; // Official CA
+// long end=0,start = System.nanoTime();
+// try {
+// System.out.println(reqDF.newData().option(Data.PRETTY).load(cr).asString());
+// Future<String> f = client.updateRespondString(path, reqDF, cr);
+// if(f.get(10000)) {
+// end = System.nanoTime();
+// System.out.println(f.body());
+// CertInfo capi = certDF.newData().in(Data.TYPE.JSON).load(f.body()).asObject();
+// for(String c :capi.getCerts()) {
+// for( java.security.cert.Certificate x509 : Factory.toX509Certificate(c)) {
+// System.out.println(x509.toString());
+// }
+// }
+// } else {
+// end = System.nanoTime();
+// String msg = "Client returned " + f.code() + ": " + f.body();
+// System.out.println(msg);
+// Assert.fail(msg);
+// }
+// } catch (CertificateException e) {
+// throw new CadiException(e);
+// } finally {
+// System.out.println(Chrono.millisFromNanos(start,end) + " ms");
+// }
+// return null;
+// }
+// });
+//
+//
+// }
//
-// public X500Principal ephemeral() {
-// return null;
-// }
-
+// public X500Principal ephemeral() {
+// return null;
+// }
+
}
diff --git a/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/AAFcli.java b/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/AAFcli.java
index 2d5e172d..c308e775 100644
--- a/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/AAFcli.java
+++ b/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/AAFcli.java
@@ -57,588 +57,588 @@ import org.onap.aaf.misc.env.APIException;
import jline.console.ConsoleReader;
public class AAFcli {
- protected static PrintWriter pw;
- protected HMangr hman;
- // Storage for last reused client. We can do this
- // because we're technically "single" threaded calls.
- public Retryable<?> prevCall;
-
- protected SecuritySetter<HttpURLConnection> ss;
-// protected AuthzEnv env;
- private boolean close;
- private List<Cmd> cmds;
-
- // Lex State
- private ArrayList<Integer> expect = new ArrayList<>();
- private boolean verbose = true;
- private int delay;
- private SecurityInfoC<HttpURLConnection> si;
- private boolean request = false;
- private String force = null;
- private boolean gui = false;
- // Package on purpose
- Access access;
- AuthzEnv env;
-
- private static int TIMEOUT = Integer.parseInt(Config.AAF_CONN_TIMEOUT_DEF);
- private static boolean isConsole = false;
- private static boolean isTest = false;
- private static boolean showDetails = false;
- private static boolean ignoreDelay = false;
- private static int globalDelay=0;
-
- public static int timeout() {
- return TIMEOUT;
- }
-
- // Create when only have Access
- public AAFcli(Access access, Writer wtr, HMangr hman, SecurityInfoC<HttpURLConnection> si, SecuritySetter<HttpURLConnection> ss) throws APIException, CadiException {
- this(access,new AuthzEnv(access.getProperties()),wtr,hman, si,ss);
- }
-
- public AAFcli(Access access, AuthzEnv env, Writer wtr, HMangr hman, SecurityInfoC<HttpURLConnection> si, SecuritySetter<HttpURLConnection> ss) throws APIException, CadiException {
- this.env = env;
- this.access = access;
- this.ss = ss;
- this.hman = hman;
- this.si = si;
- if (wtr instanceof PrintWriter) {
- pw = (PrintWriter) wtr;
- close = false;
- } else {
- pw = new PrintWriter(wtr);
- close = true;
- }
-
- /*
- * Create Cmd Tree
- */
- cmds = new ArrayList<>();
-
- Role role = new Role(this);
- cmds.add(new Help(this, cmds));
- cmds.add(new Version(this));
- cmds.add(new Perm(role));
- cmds.add(role);
- cmds.add(new User(this));
- cmds.add(new NS(this));
- cmds.add(new Mgmt(this));
- }
-
- public void verbose(boolean v) {
- verbose = v;
- }
-
- public void close() {
-// if (hman != null) {
-// hman.close();
-// hman = null;
-// }
- if (close) {
- pw.close();
- }
- }
-
- public boolean eval(String line) throws Exception {
- if (line.length() == 0) {
- return true;
- } else if (line.startsWith("#")) {
- pw.println(line);
- return true;
- }
-
- String[] largs = argEval(line);
- int idx = 0;
-
- // Variable replacement
- StringBuilder sb = null;
- while (idx < largs.length) {
- int e = 0;
- for (int v = largs[idx].indexOf("@["); v >= 0; v = largs[idx].indexOf("@[", v + 1)) {
- if (sb == null) {
- sb = new StringBuilder();
- }
- sb.append(largs[idx], e, v);
- if ((e = largs[idx].indexOf(']', v)) >= 0) {
- String p = access.getProperty(largs[idx].substring(v + 2, e),null);
- if(p==null) {
- p = System.getProperty(largs[idx].substring(v+2,e));
- }
- ++e;
- if (p != null) {
- sb.append(p);
- }
- }
- }
- if (sb != null && sb.length() > 0) {
- sb.append(largs[idx], e, largs[idx].length());
- largs[idx] = sb.toString();
- sb.setLength(0);
- }
- ++idx;
- }
-
- idx = 0;
- boolean rv = true;
- while (rv && idx < largs.length) {
- // Allow Script to change Credential
- if (!gui) {
- if("as".equalsIgnoreCase(largs[idx])) {
- if (largs.length > ++idx) {
- // get Password from Props with ID as Key
- String user = largs[idx++];
- int colon = user.indexOf(':');
- String pass;
- if (colon > 0) {
- pass = user.substring(colon + 1);
- user = user.substring(0, colon);
- } else {
- pass = access.getProperty(user, null);
- }
- if (pass != null) {
- pass = access.decrypt(pass, false);
- access.getProperties().put(user, pass);
- ss=new HBasicAuthSS(si, user, pass);
- pw.println("as " + user);
- } else { // get Pass from System Properties, under name of
- // Tag
- pw.println("ERROR: No password set for " + user);
- rv = false;
- }
- continue;
- }
- } else if ("expect".equalsIgnoreCase(largs[idx])) {
- expect.clear();
- if (largs.length > idx++) {
- if (!"nothing".equals(largs[idx])) {
- for (String str : largs[idx].split(",")) {
- try {
- if ("Exception".equalsIgnoreCase(str)) {
- expect.add(-1);
- } else {
- expect.add(Integer.parseInt(str));
- }
- } catch (NumberFormatException e) {
- throw new CadiException("\"expect\" should be followed by Number");
- }
- }
- ++idx;
- }
- }
- continue;
- // Sleep, typically for reports, to allow DB to update
- // Milliseconds
-
- } else if ("sleep".equalsIgnoreCase(largs[idx])) {
- Integer t = Integer.parseInt(largs[++idx]);
- pw.println("sleep " + t);
- Thread.sleep(t);
- ++idx;
- continue;
- } else if ("delay".equalsIgnoreCase(largs[idx])) {
- delay = Integer.parseInt(largs[++idx]);
- pw.println("delay " + delay);
- ++idx;
- continue;
- } else if ("pause".equalsIgnoreCase(largs[idx])) {
- pw.println("Press <Return> to continue...");
- ++idx;
- // Sonar insists we do something with the string, though it's only a pause. Not very helpful...
- String sonar = new BufferedReader(new InputStreamReader(System.in)).readLine();
- sonar=""; // this useless code brought to you by Sonar.
- pw.print(sonar);
- continue;
- } else if ("exit".equalsIgnoreCase(largs[idx])) {
- pw.println("Exiting...");
- return false;
- }
-
- }
-
- if("REQUEST".equalsIgnoreCase(largs[idx])) {
- request=true;
- ++idx;
- } else if("FORCE".equalsIgnoreCase(largs[idx])) {
- force="true";
- ++idx;
- } else if("DETAILS".equalsIgnoreCase(largs[idx])) {
- showDetails=true;
- ++idx;
- } else if ("set".equalsIgnoreCase(largs[idx])) {
- while (largs.length > ++idx) {
- int equals = largs[idx].indexOf('=');
- String tag, value;
- if (equals < 0) {
- tag = largs[idx];
- value = access.getProperty(Config.AAF_APPPASS,null);
- if(value==null) {
- break;
- } else {
- value = access.decrypt(value, false);
- if(value==null) {
- break;
- }
- access.getProperties().put(tag, value);
- pw.println("set " + tag + " <encrypted>");
- }
- } else {
- tag = largs[idx].substring(0, equals);
- value = largs[idx].substring(++equals);
- pw.println("set " + tag + ' ' + value);
- }
- boolean isTrue = "TRUE".equalsIgnoreCase(value);
- if("FORCE".equalsIgnoreCase(tag)) {
- force = value;
- } else if("REQUEST".equalsIgnoreCase(tag)) {
- request = isTrue;
- } else if("DETAILS".equalsIgnoreCase(tag)) {
- showDetails = isTrue;
- } else {
- access.getProperties().put(tag, value);
- }
- }
- continue;
- // Allow Script to indicate if Failure is what is expected
- }
-
- int ret = 0;
- for (Cmd c : cmds) {
- if (largs[idx].equalsIgnoreCase(c.getName())) {
- if (verbose) {
- pw.println(line);
- if (expect.size() > 0) {
- pw.print("** Expect ");
- boolean first = true;
- for (Integer i : expect) {
- if (first) {
- first = false;
- } else {
- pw.print(',');
- }
- pw.print(i);
- }
- pw.println(" **");
- }
- }
- try {
- ret = c.exec(++idx, largs);
- if (delay+globalDelay > 0) {
- Thread.sleep((long)(delay+globalDelay));
- }
- } catch (Exception e) {
- if (expect.contains(-1)) {
- pw.println(e.getMessage());
- ret = -1;
- } else {
- throw e;
- }
- } finally {
- clearSingleLineProperties();
- }
- rv = expect.isEmpty() ? true : expect.contains(ret);
- if (verbose) {
- if (rv) {
- pw.println();
- } else {
- pw.print("!!! Unexpected Return Code: ");
- pw.print(ret);
- pw.println(", VALIDATE OUTPUT!!!");
- }
- }
- return rv;
- }
- }
- pw.write("Unknown Instruction \"");
- pw.write(largs[idx]);
- pw.write("\"\n");
- idx = largs.length;// always end after one command
- }
- return rv;
- }
-
- private String[] argEval(String line) {
- StringBuilder sb = new StringBuilder();
- ArrayList<String> arr = new ArrayList<>();
- boolean start = true;
- char quote = 0;
- char last = 0;
- for (int i = 0; i < line.length(); ++i) {
- char ch;
- if (Character.isWhitespace(ch = line.charAt(i))) {
- if (start || last==',') {
- continue; // trim
- } else if (quote != 0) {
- sb.append(ch);
- } else {
- arr.add(sb.toString());
- sb.setLength(0);
- start = true;
- }
- } else if (ch == '\'' || ch == '"') { // toggle
- if (quote == ch) {
- quote = 0;
- } else {
- quote = ch;
- }
- } else if(ch=='|' && quote==0) {
- arr.add(sb.toString());
- sb.setLength(0);
- start = true;
- } else {
- start = false;
- sb.append(ch);
- last = ch;
- }
- }
- if (sb.length() > 0) {
- arr.add(sb.toString());
- }
-
- String[] rv = new String[arr.size()];
- arr.toArray(rv);
- return rv;
- }
-
- public static void keyboardHelp() {
- System.out.println("'C-' means hold the ctrl key down while pressing the next key.");
- System.out.println("'M-' means hold the alt key down while pressing the next key.");
- System.out.println("For instance, C-b means hold ctrl key and press b, M-b means hold alt and press b\n");
-
- System.out.println("Basic Keybindings:");
- System.out.println("\tC-l - clear screen");
- System.out.println("\tC-a - beginning of line");
- System.out.println("\tC-e - end of line");
- System.out.println("\tC-b - backward character (left arrow also works)");
- System.out.println("\tM-b - backward word");
- System.out.println("\tC-f - forward character (right arrow also works)");
- System.out.println("\tM-f - forward word");
- System.out.println("\tC-d - delete character under cursor");
- System.out.println("\tM-d - delete word forward");
- System.out.println("\tM-backspace - delete word backward");
- System.out.println("\tC-k - delete from cursor to end of line");
- System.out.println("\tC-u - delete entire line, regardless of cursor position\n");
-
- System.out.println("Command History:");
- System.out.println("\tC-r - search backward in history (repeating C-r continues the search)");
- System.out.println("\tC-p - move backwards through history (up arrow also works)");
- System.out.println("\tC-n - move forwards through history (down arrow also works)\n");
-
- }
-
- /**
- * @param args
- */
- public static void main(String[] args) {
- int rv = 0;
-
- try {
- AAFSSO aafsso = new AAFSSO(args);
- String noexit = aafsso.access().getProperty("no_exit");
- try {
- PropAccess access = aafsso.access();
-
- if(aafsso.ok()) {
- Define.set(access);
- AuthzEnv env = new AuthzEnv(access);
-
- Reader rdr = null;
- boolean exitOnFailure = true;
- /*
- * Check for "-" options anywhere in command line
- */
- StringBuilder sb = new StringBuilder();
- for (int i = 0; i < args.length; ++i) {
- if ("-i".equalsIgnoreCase(args[i])) {
- rdr = new InputStreamReader(System.in);
- // } else if("-o".equalsIgnoreCase(args[i])) {
- // // shall we do something different? Output stream is
- // already done...
- } else if ("-f".equalsIgnoreCase(args[i])) {
- if (args.length > i + 1) {
- rdr = new FileReader(args[++i]);
- }
- } else if ("-a".equalsIgnoreCase(args[i])) {
- exitOnFailure = false;
- } else if ("-c".equalsIgnoreCase(args[i])) {
- isConsole = true;
- } else if ("-s".equalsIgnoreCase(args[i]) && args.length > i + 1) {
- access.setProperty(Cmd.STARTDATE, args[++i]);
- } else if ("-e".equalsIgnoreCase(args[i]) && args.length > i + 1) {
- access.setProperty(Cmd.ENDDATE, args[++i]);
- } else if ("-t".equalsIgnoreCase(args[i])) {
- isTest = true;
- } else if ("-d".equalsIgnoreCase(args[i])) {
- showDetails = true;
- } else if ("-n".equalsIgnoreCase(args[i])) {
- ignoreDelay = true;
- } else {
- if (sb.length() > 0) {
- sb.append(' ');
- }
- sb.append(args[i]);
- }
- }
-
- AAFConHttp aafcon = new AAFConHttp(access);
-//
-// SecurityInfoC<?> si = aafcon.securityInfo();
-// Locator<URI> loc;
-
- aafsso.setLogDefault();
- aafsso.setStdErrDefault();
-
- // Note, with AAF Locator, this may not longer be necessary 3/2018 Jonathan
- if(!aafsso.loginOnly()) {
-// try {
-// loc = new AAFLocator(si,new URI(access.getProperty(Config.AAF_URL)));
-// } catch (Throwable t) {
-// aafsso.setStdErrDefault();
-// throw t;
-// } finally {
-// // Other Access is done writing to StdOut and StdErr, reset Std out
-// aafsso.setLogDefault();
-// }
-
- TIMEOUT = Integer.parseInt(access.getProperty(Config.AAF_CONN_TIMEOUT, Config.AAF_CONN_TIMEOUT_DEF));
-// HMangr hman = new HMangr(access, loc).readTimeout(TIMEOUT).apiVersion(Config.AAF_DEFAULT_VERSION);
-
- if(access.getProperty(Config.AAF_DEFAULT_REALM)==null) {
- access.setProperty(Config.AAF_DEFAULT_REALM, "people.osaaf.org");
- aafsso.addProp(Config.AAF_DEFAULT_REALM, "people.osaaf.org");
- }
-
- AAFcli aafcli = new AAFcli(access,env, new OutputStreamWriter(System.out),
- aafcon.hman(), aafcon.securityInfo(), aafcon.securityInfo().defSS);
-// new HBasicAuthSS(si,aafsso.user(), access.decrypt(aafsso.enc_pass(),false)));
-// }
- if(!ignoreDelay) {
- File delay = new File("aafcli.delay");
- if(delay.exists()) {
- BufferedReader br = new BufferedReader(new FileReader(delay));
- try {
- globalDelay = Integer.parseInt(br.readLine());
- } catch(Exception e) {
- access.log(Level.DEBUG,e);
- } finally {
- br.close();
- }
- }
- }
- try {
- if (isConsole) {
- System.out.println("Type 'help' for short help or 'help -d' for detailed help with aafcli commands");
- System.out.println("Type '?' for help with command line editing");
- System.out.println("Type 'q', 'quit', or 'exit' to quit aafcli\n");
-
- ConsoleReader reader = new ConsoleReader();
- try {
- reader.setPrompt("aafcli > ");
-
- String line;
- while ((line = reader.readLine()) != null) {
- showDetails = (line.contains("-d"))?true:false;
-
- if (line.equalsIgnoreCase("quit") || line.equalsIgnoreCase("q") || line.equalsIgnoreCase("exit")) {
- break;
- } else if (line.equalsIgnoreCase("--help -d") || line.equalsIgnoreCase("help -d")
- || line.equalsIgnoreCase("help")) {
- line = "--help";
- } else if (line.equalsIgnoreCase("cls")) {
- reader.clearScreen();
- continue;
- } else if (line.equalsIgnoreCase("?")) {
- keyboardHelp();
- continue;
- }
- try {
- aafcli.eval(line);
- pw.flush();
- } catch (Exception e) {
- pw.println(e.getMessage());
- pw.flush();
- }
- }
- } finally {
- reader.close();
- }
- } else if (rdr != null) {
- BufferedReader br = new BufferedReader(rdr);
- String line;
- while ((line = br.readLine()) != null) {
- if (!aafcli.eval(line) && exitOnFailure) {
- rv = 1;
- break;
- }
- }
- } else { // just run the command line
- aafcli.verbose(false);
- if (sb.length() == 0) {
- sb.append("--help");
- }
- rv = aafcli.eval(sb.toString()) ? 0 : 1;
- }
-
- } finally {
- aafcli.close();
-
- // Don't close if No Reader, or it's a Reader of Standard In
- if (rdr != null && !(rdr instanceof InputStreamReader)) {
- rdr.close();
- }
- }
- }
- }
- } finally {
- aafsso.close();
- StringBuilder err = aafsso.err();
- if (err != null) {
- err.append("to continue...");
- System.err.println(err);
- }
- }
- if(noexit==null) {
- return;
- }
-
-
- } catch (MessageException e) {
- System.out.println("MessageException caught");
-
- System.err.println(e.getMessage());
- } catch (Exception e) {
- e.printStackTrace(System.err);
- }
- System.exit(rv);
- }
-
- public boolean isTest() {
- return AAFcli.isTest;
- }
-
- public boolean isDetailed() {
- return AAFcli.showDetails;
- }
-
- public String typeString(Class<?> cls, boolean json) {
- return "application/" + cls.getSimpleName() + "+" + (json ? "json" : "xml");//+ ";version=" + hman.apiVersion();
- }
-
- public String forceString() {
- return force;
- }
-
- public boolean addRequest() {
- return request;
- }
-
- public void clearSingleLineProperties() {
- force = null;
- request = false;
- showDetails = false;
- }
-
- public void gui(boolean b) {
- gui = b;
- }
+ protected static PrintWriter pw;
+ protected HMangr hman;
+ // Storage for last reused client. We can do this
+ // because we're technically "single" threaded calls.
+ public Retryable<?> prevCall;
+
+ protected SecuritySetter<HttpURLConnection> ss;
+// protected AuthzEnv env;
+ private boolean close;
+ private List<Cmd> cmds;
+
+ // Lex State
+ private ArrayList<Integer> expect = new ArrayList<>();
+ private boolean verbose = true;
+ private int delay;
+ private SecurityInfoC<HttpURLConnection> si;
+ private boolean request = false;
+ private String force = null;
+ private boolean gui = false;
+ // Package on purpose
+ Access access;
+ AuthzEnv env;
+
+ private static int TIMEOUT = Integer.parseInt(Config.AAF_CONN_TIMEOUT_DEF);
+ private static boolean isConsole = false;
+ private static boolean isTest = false;
+ private static boolean showDetails = false;
+ private static boolean ignoreDelay = false;
+ private static int globalDelay=0;
+
+ public static int timeout() {
+ return TIMEOUT;
+ }
+
+ // Create when only have Access
+ public AAFcli(Access access, Writer wtr, HMangr hman, SecurityInfoC<HttpURLConnection> si, SecuritySetter<HttpURLConnection> ss) throws APIException, CadiException {
+ this(access,new AuthzEnv(access.getProperties()),wtr,hman, si,ss);
+ }
+
+ public AAFcli(Access access, AuthzEnv env, Writer wtr, HMangr hman, SecurityInfoC<HttpURLConnection> si, SecuritySetter<HttpURLConnection> ss) throws APIException, CadiException {
+ this.env = env;
+ this.access = access;
+ this.ss = ss;
+ this.hman = hman;
+ this.si = si;
+ if (wtr instanceof PrintWriter) {
+ pw = (PrintWriter) wtr;
+ close = false;
+ } else {
+ pw = new PrintWriter(wtr);
+ close = true;
+ }
+
+ /*
+ * Create Cmd Tree
+ */
+ cmds = new ArrayList<>();
+
+ Role role = new Role(this);
+ cmds.add(new Help(this, cmds));
+ cmds.add(new Version(this));
+ cmds.add(new Perm(role));
+ cmds.add(role);
+ cmds.add(new User(this));
+ cmds.add(new NS(this));
+ cmds.add(new Mgmt(this));
+ }
+
+ public void verbose(boolean v) {
+ verbose = v;
+ }
+
+ public void close() {
+// if (hman != null) {
+// hman.close();
+// hman = null;
+// }
+ if (close) {
+ pw.close();
+ }
+ }
+
+ public boolean eval(String line) throws Exception {
+ if (line.length() == 0) {
+ return true;
+ } else if (line.startsWith("#")) {
+ pw.println(line);
+ return true;
+ }
+
+ String[] largs = argEval(line);
+ int idx = 0;
+
+ // Variable replacement
+ StringBuilder sb = null;
+ while (idx < largs.length) {
+ int e = 0;
+ for (int v = largs[idx].indexOf("@["); v >= 0; v = largs[idx].indexOf("@[", v + 1)) {
+ if (sb == null) {
+ sb = new StringBuilder();
+ }
+ sb.append(largs[idx], e, v);
+ if ((e = largs[idx].indexOf(']', v)) >= 0) {
+ String p = access.getProperty(largs[idx].substring(v + 2, e),null);
+ if(p==null) {
+ p = System.getProperty(largs[idx].substring(v+2,e));
+ }
+ ++e;
+ if (p != null) {
+ sb.append(p);
+ }
+ }
+ }
+ if (sb != null && sb.length() > 0) {
+ sb.append(largs[idx], e, largs[idx].length());
+ largs[idx] = sb.toString();
+ sb.setLength(0);
+ }
+ ++idx;
+ }
+
+ idx = 0;
+ boolean rv = true;
+ while (rv && idx < largs.length) {
+ // Allow Script to change Credential
+ if (!gui) {
+ if("as".equalsIgnoreCase(largs[idx])) {
+ if (largs.length > ++idx) {
+ // get Password from Props with ID as Key
+ String user = largs[idx++];
+ int colon = user.indexOf(':');
+ String pass;
+ if (colon > 0) {
+ pass = user.substring(colon + 1);
+ user = user.substring(0, colon);
+ } else {
+ pass = access.getProperty(user, null);
+ }
+ if (pass != null) {
+ pass = access.decrypt(pass, false);
+ access.getProperties().put(user, pass);
+ ss=new HBasicAuthSS(si, user, pass);
+ pw.println("as " + user);
+ } else { // get Pass from System Properties, under name of
+ // Tag
+ pw.println("ERROR: No password set for " + user);
+ rv = false;
+ }
+ continue;
+ }
+ } else if ("expect".equalsIgnoreCase(largs[idx])) {
+ expect.clear();
+ if (largs.length > idx++) {
+ if (!"nothing".equals(largs[idx])) {
+ for (String str : largs[idx].split(",")) {
+ try {
+ if ("Exception".equalsIgnoreCase(str)) {
+ expect.add(-1);
+ } else {
+ expect.add(Integer.parseInt(str));
+ }
+ } catch (NumberFormatException e) {
+ throw new CadiException("\"expect\" should be followed by Number");
+ }
+ }
+ ++idx;
+ }
+ }
+ continue;
+ // Sleep, typically for reports, to allow DB to update
+ // Milliseconds
+
+ } else if ("sleep".equalsIgnoreCase(largs[idx])) {
+ Integer t = Integer.parseInt(largs[++idx]);
+ pw.println("sleep " + t);
+ Thread.sleep(t);
+ ++idx;
+ continue;
+ } else if ("delay".equalsIgnoreCase(largs[idx])) {
+ delay = Integer.parseInt(largs[++idx]);
+ pw.println("delay " + delay);
+ ++idx;
+ continue;
+ } else if ("pause".equalsIgnoreCase(largs[idx])) {
+ pw.println("Press <Return> to continue...");
+ ++idx;
+ // Sonar insists we do something with the string, though it's only a pause. Not very helpful...
+ String sonar = new BufferedReader(new InputStreamReader(System.in)).readLine();
+ sonar=""; // this useless code brought to you by Sonar.
+ pw.print(sonar);
+ continue;
+ } else if ("exit".equalsIgnoreCase(largs[idx])) {
+ pw.println("Exiting...");
+ return false;
+ }
+
+ }
+
+ if("REQUEST".equalsIgnoreCase(largs[idx])) {
+ request=true;
+ ++idx;
+ } else if("FORCE".equalsIgnoreCase(largs[idx])) {
+ force="true";
+ ++idx;
+ } else if("DETAILS".equalsIgnoreCase(largs[idx])) {
+ showDetails=true;
+ ++idx;
+ } else if ("set".equalsIgnoreCase(largs[idx])) {
+ while (largs.length > ++idx) {
+ int equals = largs[idx].indexOf('=');
+ String tag, value;
+ if (equals < 0) {
+ tag = largs[idx];
+ value = access.getProperty(Config.AAF_APPPASS,null);
+ if(value==null) {
+ break;
+ } else {
+ value = access.decrypt(value, false);
+ if(value==null) {
+ break;
+ }
+ access.getProperties().put(tag, value);
+ pw.println("set " + tag + " <encrypted>");
+ }
+ } else {
+ tag = largs[idx].substring(0, equals);
+ value = largs[idx].substring(++equals);
+ pw.println("set " + tag + ' ' + value);
+ }
+ boolean isTrue = "TRUE".equalsIgnoreCase(value);
+ if("FORCE".equalsIgnoreCase(tag)) {
+ force = value;
+ } else if("REQUEST".equalsIgnoreCase(tag)) {
+ request = isTrue;
+ } else if("DETAILS".equalsIgnoreCase(tag)) {
+ showDetails = isTrue;
+ } else {
+ access.getProperties().put(tag, value);
+ }
+ }
+ continue;
+ // Allow Script to indicate if Failure is what is expected
+ }
+
+ int ret = 0;
+ for (Cmd c : cmds) {
+ if (largs[idx].equalsIgnoreCase(c.getName())) {
+ if (verbose) {
+ pw.println(line);
+ if (expect.size() > 0) {
+ pw.print("** Expect ");
+ boolean first = true;
+ for (Integer i : expect) {
+ if (first) {
+ first = false;
+ } else {
+ pw.print(',');
+ }
+ pw.print(i);
+ }
+ pw.println(" **");
+ }
+ }
+ try {
+ ret = c.exec(++idx, largs);
+ if (delay+globalDelay > 0) {
+ Thread.sleep((long)(delay+globalDelay));
+ }
+ } catch (Exception e) {
+ if (expect.contains(-1)) {
+ pw.println(e.getMessage());
+ ret = -1;
+ } else {
+ throw e;
+ }
+ } finally {
+ clearSingleLineProperties();
+ }
+ rv = expect.isEmpty() ? true : expect.contains(ret);
+ if (verbose) {
+ if (rv) {
+ pw.println();
+ } else {
+ pw.print("!!! Unexpected Return Code: ");
+ pw.print(ret);
+ pw.println(", VALIDATE OUTPUT!!!");
+ }
+ }
+ return rv;
+ }
+ }
+ pw.write("Unknown Instruction \"");
+ pw.write(largs[idx]);
+ pw.write("\"\n");
+ idx = largs.length;// always end after one command
+ }
+ return rv;
+ }
+
+ private String[] argEval(String line) {
+ StringBuilder sb = new StringBuilder();
+ ArrayList<String> arr = new ArrayList<>();
+ boolean start = true;
+ char quote = 0;
+ char last = 0;
+ for (int i = 0; i < line.length(); ++i) {
+ char ch;
+ if (Character.isWhitespace(ch = line.charAt(i))) {
+ if (start || last==',') {
+ continue; // trim
+ } else if (quote != 0) {
+ sb.append(ch);
+ } else {
+ arr.add(sb.toString());
+ sb.setLength(0);
+ start = true;
+ }
+ } else if (ch == '\'' || ch == '"') { // toggle
+ if (quote == ch) {
+ quote = 0;
+ } else {
+ quote = ch;
+ }
+ } else if(ch=='|' && quote==0) {
+ arr.add(sb.toString());
+ sb.setLength(0);
+ start = true;
+ } else {
+ start = false;
+ sb.append(ch);
+ last = ch;
+ }
+ }
+ if (sb.length() > 0) {
+ arr.add(sb.toString());
+ }
+
+ String[] rv = new String[arr.size()];
+ arr.toArray(rv);
+ return rv;
+ }
+
+ public static void keyboardHelp() {
+ System.out.println("'C-' means hold the ctrl key down while pressing the next key.");
+ System.out.println("'M-' means hold the alt key down while pressing the next key.");
+ System.out.println("For instance, C-b means hold ctrl key and press b, M-b means hold alt and press b\n");
+
+ System.out.println("Basic Keybindings:");
+ System.out.println("\tC-l - clear screen");
+ System.out.println("\tC-a - beginning of line");
+ System.out.println("\tC-e - end of line");
+ System.out.println("\tC-b - backward character (left arrow also works)");
+ System.out.println("\tM-b - backward word");
+ System.out.println("\tC-f - forward character (right arrow also works)");
+ System.out.println("\tM-f - forward word");
+ System.out.println("\tC-d - delete character under cursor");
+ System.out.println("\tM-d - delete word forward");
+ System.out.println("\tM-backspace - delete word backward");
+ System.out.println("\tC-k - delete from cursor to end of line");
+ System.out.println("\tC-u - delete entire line, regardless of cursor position\n");
+
+ System.out.println("Command History:");
+ System.out.println("\tC-r - search backward in history (repeating C-r continues the search)");
+ System.out.println("\tC-p - move backwards through history (up arrow also works)");
+ System.out.println("\tC-n - move forwards through history (down arrow also works)\n");
+
+ }
+
+ /**
+ * @param args
+ */
+ public static void main(String[] args) {
+ int rv = 0;
+
+ try {
+ AAFSSO aafsso = new AAFSSO(args);
+ String noexit = aafsso.access().getProperty("no_exit");
+ try {
+ PropAccess access = aafsso.access();
+
+ if(aafsso.ok()) {
+ Define.set(access);
+ AuthzEnv env = new AuthzEnv(access);
+
+ Reader rdr = null;
+ boolean exitOnFailure = true;
+ /*
+ * Check for "-" options anywhere in command line
+ */
+ StringBuilder sb = new StringBuilder();
+ for (int i = 0; i < args.length; ++i) {
+ if ("-i".equalsIgnoreCase(args[i])) {
+ rdr = new InputStreamReader(System.in);
+ // } else if("-o".equalsIgnoreCase(args[i])) {
+ // // shall we do something different? Output stream is
+ // already done...
+ } else if ("-f".equalsIgnoreCase(args[i])) {
+ if (args.length > i + 1) {
+ rdr = new FileReader(args[++i]);
+ }
+ } else if ("-a".equalsIgnoreCase(args[i])) {
+ exitOnFailure = false;
+ } else if ("-c".equalsIgnoreCase(args[i])) {
+ isConsole = true;
+ } else if ("-s".equalsIgnoreCase(args[i]) && args.length > i + 1) {
+ access.setProperty(Cmd.STARTDATE, args[++i]);
+ } else if ("-e".equalsIgnoreCase(args[i]) && args.length > i + 1) {
+ access.setProperty(Cmd.ENDDATE, args[++i]);
+ } else if ("-t".equalsIgnoreCase(args[i])) {
+ isTest = true;
+ } else if ("-d".equalsIgnoreCase(args[i])) {
+ showDetails = true;
+ } else if ("-n".equalsIgnoreCase(args[i])) {
+ ignoreDelay = true;
+ } else {
+ if (sb.length() > 0) {
+ sb.append(' ');
+ }
+ sb.append(args[i]);
+ }
+ }
+
+ AAFConHttp aafcon = new AAFConHttp(access);
+//
+// SecurityInfoC<?> si = aafcon.securityInfo();
+// Locator<URI> loc;
+
+ aafsso.setLogDefault();
+ aafsso.setStdErrDefault();
+
+ // Note, with AAF Locator, this may not longer be necessary 3/2018 Jonathan
+ if(!aafsso.loginOnly()) {
+// try {
+// loc = new AAFLocator(si,new URI(access.getProperty(Config.AAF_URL)));
+// } catch (Throwable t) {
+// aafsso.setStdErrDefault();
+// throw t;
+// } finally {
+// // Other Access is done writing to StdOut and StdErr, reset Std out
+// aafsso.setLogDefault();
+// }
+
+ TIMEOUT = Integer.parseInt(access.getProperty(Config.AAF_CONN_TIMEOUT, Config.AAF_CONN_TIMEOUT_DEF));
+// HMangr hman = new HMangr(access, loc).readTimeout(TIMEOUT).apiVersion(Config.AAF_DEFAULT_VERSION);
+
+ if(access.getProperty(Config.AAF_DEFAULT_REALM)==null) {
+ access.setProperty(Config.AAF_DEFAULT_REALM, "people.osaaf.org");
+ aafsso.addProp(Config.AAF_DEFAULT_REALM, "people.osaaf.org");
+ }
+
+ AAFcli aafcli = new AAFcli(access,env, new OutputStreamWriter(System.out),
+ aafcon.hman(), aafcon.securityInfo(), aafcon.securityInfo().defSS);
+// new HBasicAuthSS(si,aafsso.user(), access.decrypt(aafsso.enc_pass(),false)));
+// }
+ if(!ignoreDelay) {
+ File delay = new File("aafcli.delay");
+ if(delay.exists()) {
+ BufferedReader br = new BufferedReader(new FileReader(delay));
+ try {
+ globalDelay = Integer.parseInt(br.readLine());
+ } catch(Exception e) {
+ access.log(Level.DEBUG,e);
+ } finally {
+ br.close();
+ }
+ }
+ }
+ try {
+ if (isConsole) {
+ System.out.println("Type 'help' for short help or 'help -d' for detailed help with aafcli commands");
+ System.out.println("Type '?' for help with command line editing");
+ System.out.println("Type 'q', 'quit', or 'exit' to quit aafcli\n");
+
+ ConsoleReader reader = new ConsoleReader();
+ try {
+ reader.setPrompt("aafcli > ");
+
+ String line;
+ while ((line = reader.readLine()) != null) {
+ showDetails = (line.contains("-d"))?true:false;
+
+ if (line.equalsIgnoreCase("quit") || line.equalsIgnoreCase("q") || line.equalsIgnoreCase("exit")) {
+ break;
+ } else if (line.equalsIgnoreCase("--help -d") || line.equalsIgnoreCase("help -d")
+ || line.equalsIgnoreCase("help")) {
+ line = "--help";
+ } else if (line.equalsIgnoreCase("cls")) {
+ reader.clearScreen();
+ continue;
+ } else if (line.equalsIgnoreCase("?")) {
+ keyboardHelp();
+ continue;
+ }
+ try {
+ aafcli.eval(line);
+ pw.flush();
+ } catch (Exception e) {
+ pw.println(e.getMessage());
+ pw.flush();
+ }
+ }
+ } finally {
+ reader.close();
+ }
+ } else if (rdr != null) {
+ BufferedReader br = new BufferedReader(rdr);
+ String line;
+ while ((line = br.readLine()) != null) {
+ if (!aafcli.eval(line) && exitOnFailure) {
+ rv = 1;
+ break;
+ }
+ }
+ } else { // just run the command line
+ aafcli.verbose(false);
+ if (sb.length() == 0) {
+ sb.append("--help");
+ }
+ rv = aafcli.eval(sb.toString()) ? 0 : 1;
+ }
+
+ } finally {
+ aafcli.close();
+
+ // Don't close if No Reader, or it's a Reader of Standard In
+ if (rdr != null && !(rdr instanceof InputStreamReader)) {
+ rdr.close();
+ }
+ }
+ }
+ }
+ } finally {
+ aafsso.close();
+ StringBuilder err = aafsso.err();
+ if (err != null) {
+ err.append("to continue...");
+ System.err.println(err);
+ }
+ }
+ if(noexit==null) {
+ return;
+ }
+
+
+ } catch (MessageException e) {
+ System.out.println("MessageException caught");
+
+ System.err.println(e.getMessage());
+ } catch (Exception e) {
+ e.printStackTrace(System.err);
+ }
+ System.exit(rv);
+ }
+
+ public boolean isTest() {
+ return AAFcli.isTest;
+ }
+
+ public boolean isDetailed() {
+ return AAFcli.showDetails;
+ }
+
+ public String typeString(Class<?> cls, boolean json) {
+ return "application/" + cls.getSimpleName() + "+" + (json ? "json" : "xml");//+ ";version=" + hman.apiVersion();
+ }
+
+ public String forceString() {
+ return force;
+ }
+
+ public boolean addRequest() {
+ return request;
+ }
+
+ public void clearSingleLineProperties() {
+ force = null;
+ request = false;
+ showDetails = false;
+ }
+
+ public void gui(boolean b) {
+ gui = b;
+ }
}
diff --git a/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/BaseCmd.java b/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/BaseCmd.java
index 7079fed7..168d2753 100644
--- a/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/BaseCmd.java
+++ b/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/BaseCmd.java
@@ -30,39 +30,39 @@ import org.onap.aaf.misc.env.APIException;
public class BaseCmd<CMD extends Cmd> extends Cmd {
- protected List<Cmd> cmds;
+ protected List<Cmd> cmds;
- public BaseCmd(AAFcli aafcli, String name, Param ... params) {
- super(aafcli, null, name, params);
- cmds = new ArrayList<>();
- }
-
- public BaseCmd(CMD parent, String name, Param ... params) {
- super(parent.aafcli, parent, name, params);
- cmds = new ArrayList<>();
- }
+ public BaseCmd(AAFcli aafcli, String name, Param ... params) {
+ super(aafcli, null, name, params);
+ cmds = new ArrayList<>();
+ }
+
+ public BaseCmd(CMD parent, String name, Param ... params) {
+ super(parent.aafcli, parent, name, params);
+ cmds = new ArrayList<>();
+ }
-
- @Override
- public int _exec( int idx, final String ... args) throws CadiException, APIException, LocatorException {
- if(args.length-idx<1) {
- pw().println(build(new StringBuilder(),null).toString());
- } else {
- String s = args[idx];
- String name;
- Cmd empty = null;
- for(Cmd c: cmds) {
- name = c.getName();
- if(name==null && empty==null) { // Mark with Command is null, and take the first one.
- empty = c;
- } else if(s.equalsIgnoreCase(c.getName()))
- return c.exec(idx+1, args);
- }
- if(empty!=null) {
- return empty.exec(idx, args); // If name is null, don't account for it on command line. Jonathan 4-29
- }
- pw().println("Instructions not understood.");
- }
- return 0;
- }
+
+ @Override
+ public int _exec( int idx, final String ... args) throws CadiException, APIException, LocatorException {
+ if(args.length-idx<1) {
+ pw().println(build(new StringBuilder(),null).toString());
+ } else {
+ String s = args[idx];
+ String name;
+ Cmd empty = null;
+ for(Cmd c: cmds) {
+ name = c.getName();
+ if(name==null && empty==null) { // Mark with Command is null, and take the first one.
+ empty = c;
+ } else if(s.equalsIgnoreCase(c.getName()))
+ return c.exec(idx+1, args);
+ }
+ if(empty!=null) {
+ return empty.exec(idx, args); // If name is null, don't account for it on command line. Jonathan 4-29
+ }
+ pw().println("Instructions not understood.");
+ }
+ return 0;
+ }
}
diff --git a/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/Cmd.java b/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/Cmd.java
index 71643cd0..9ec126b4 100644
--- a/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/Cmd.java
+++ b/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/Cmd.java
@@ -56,487 +56,487 @@ import aaf.v2_0.Request;
public abstract class Cmd {
- // Sonar claims DateFormat is not thread safe. Leave as Instance Variable.
- private final DateFormat dateFmt = new SimpleDateFormat("yyyy-MM-dd HH:mm:ss:SSS");
- protected static final String BLANK = "";
- protected static final String COMMA = ","; // for use in splits
+ // Sonar claims DateFormat is not thread safe. Leave as Instance Variable.
+ private final DateFormat dateFmt = new SimpleDateFormat("yyyy-MM-dd HH:mm:ss:SSS");
+ protected static final String BLANK = "";
+ protected static final String COMMA = ","; // for use in splits
- protected static final int lineLength = 80;
+ protected static final int lineLength = 80;
- private final static String hformat = "%-23s %-5s %-20s %-35s\n";
+ private final static String hformat = "%-23s %-5s %-20s %-35s\n";
- public static final String STARTDATE = "startdate";
- public static final String ENDDATE = "enddate";
-
- private String name;
- private final Param[] params;
- private int required;
- protected final Cmd parent;
- protected final List<Cmd> children;
- private final static ConcurrentHashMap<Class<?>,RosettaDF<?>> dfs = new ConcurrentHashMap<>();
- public final AAFcli aafcli;
- protected Access access;
- private AuthzEnv env;
- private final String defaultRealm;
+ public static final String STARTDATE = "startdate";
+ public static final String ENDDATE = "enddate";
+
+ private String name;
+ private final Param[] params;
+ private int required;
+ protected final Cmd parent;
+ protected final List<Cmd> children;
+ private final static ConcurrentHashMap<Class<?>,RosettaDF<?>> dfs = new ConcurrentHashMap<>();
+ public final AAFcli aafcli;
+ protected Access access;
+ private AuthzEnv env;
+ private final String defaultRealm;
- public Cmd(AAFcli aafcli, String name, Param ... params) {
- this(aafcli,null, name,params);
- }
+ public Cmd(AAFcli aafcli, String name, Param ... params) {
+ this(aafcli,null, name,params);
+ }
- public Cmd(Cmd parent, String name, Param ... params) {
- this(parent.aafcli,parent, name,params);
- }
+ public Cmd(Cmd parent, String name, Param ... params) {
+ this(parent.aafcli,parent, name,params);
+ }
- Cmd(AAFcli aafcli, Cmd parent, String name, Param ... params) {
- this.parent = parent;
- this.aafcli = aafcli;
- this.env = aafcli.env;
- this.access = aafcli.access;
- if(parent!=null) {
- parent.children.add(this);
- }
- children = new ArrayList<>();
- this.params = params;
- this.name = name;
- required=0;
- for(Param p : params) {
- if(p.required) {
- ++required;
- }
- }
-
- String temp = access.getProperty(Config.AAF_DEFAULT_REALM,null);
- if(temp!=null && !temp.startsWith("@")) {
- defaultRealm = '@' + temp;
- } else {
- defaultRealm="<Set Default Realm>";
- }
- }
-
- public final int exec(int idx, String ... args) throws CadiException, APIException, LocatorException {
- if(args.length-idx<required) {
- throw new CadiException(build(new StringBuilder("Too few args: "),null).toString());
- }
- return _exec(idx,args);
- }
-
- protected abstract int _exec(int idx, final String ... args) throws CadiException, APIException, LocatorException;
-
- public void detailedHelp(int indent,StringBuilder sb) {
- }
+ Cmd(AAFcli aafcli, Cmd parent, String name, Param ... params) {
+ this.parent = parent;
+ this.aafcli = aafcli;
+ this.env = aafcli.env;
+ this.access = aafcli.access;
+ if(parent!=null) {
+ parent.children.add(this);
+ }
+ children = new ArrayList<>();
+ this.params = params;
+ this.name = name;
+ required=0;
+ for(Param p : params) {
+ if(p.required) {
+ ++required;
+ }
+ }
+
+ String temp = access.getProperty(Config.AAF_DEFAULT_REALM,null);
+ if(temp!=null && !temp.startsWith("@")) {
+ defaultRealm = '@' + temp;
+ } else {
+ defaultRealm="<Set Default Realm>";
+ }
+ }
+
+ public final int exec(int idx, String ... args) throws CadiException, APIException, LocatorException {
+ if(args.length-idx<required) {
+ throw new CadiException(build(new StringBuilder("Too few args: "),null).toString());
+ }
+ return _exec(idx,args);
+ }
+
+ protected abstract int _exec(int idx, final String ... args) throws CadiException, APIException, LocatorException;
+
+ public void detailedHelp(int indent,StringBuilder sb) {
+ }
- protected void detailLine(StringBuilder sb, int length, String s) {
- multiChar(sb,length,' ',0);
- sb.append(s);
- }
+ protected void detailLine(StringBuilder sb, int length, String s) {
+ multiChar(sb,length,' ',0);
+ sb.append(s);
+ }
- public void apis(int indent,StringBuilder sb) {
- }
+ public void apis(int indent,StringBuilder sb) {
+ }
- protected void api(StringBuilder sb, int indent, HttpMethods meth, String pathInfo, Class<?> cls,boolean head) {
- final String smeth = meth.name();
- if(head) {
- sb.append('\n');
- detailLine(sb,indent,"APIs:");
- }
- indent+=2;
- multiChar(sb,indent,' ',0);
- sb.append(smeth);
- sb.append(' ');
- sb.append(pathInfo);
- String cliString = aafcli.typeString(cls,true);
- if(indent+smeth.length()+pathInfo.length()+cliString.length()+2>80) {
- sb.append(" ...");
- multiChar(sb,indent+3+smeth.length(),' ',0);
- } else { // same line
- sb.append(' ');
- }
- sb.append(cliString);
- }
+ protected void api(StringBuilder sb, int indent, HttpMethods meth, String pathInfo, Class<?> cls,boolean head) {
+ final String smeth = meth.name();
+ if(head) {
+ sb.append('\n');
+ detailLine(sb,indent,"APIs:");
+ }
+ indent+=2;
+ multiChar(sb,indent,' ',0);
+ sb.append(smeth);
+ sb.append(' ');
+ sb.append(pathInfo);
+ String cliString = aafcli.typeString(cls,true);
+ if(indent+smeth.length()+pathInfo.length()+cliString.length()+2>80) {
+ sb.append(" ...");
+ multiChar(sb,indent+3+smeth.length(),' ',0);
+ } else { // same line
+ sb.append(' ');
+ }
+ sb.append(cliString);
+ }
- protected void multiChar(StringBuilder sb, int length, char c, int indent) {
- sb.append('\n');
- for(int i=0;i<indent;++i)sb.append(' ');
- for(int i=indent;i<length;++i)sb.append(c);
- }
+ protected void multiChar(StringBuilder sb, int length, char c, int indent) {
+ sb.append('\n');
+ for(int i=0;i<indent;++i)sb.append(' ');
+ for(int i=indent;i<length;++i)sb.append(c);
+ }
- public StringBuilder build(StringBuilder sb, StringBuilder detail) {
- if(name!=null) {
- sb.append(name);
- sb.append(' ');
- }
- int line = sb.lastIndexOf("\n")+1;
- if(line<0) {
- line=0;
- }
- int indent = sb.length()-line;
- for(Param p : params) {
- sb.append(p.required?'<':'[');
- sb.append(p.tag);
- sb.append(p.required?"> ": "] ");
- }
-
- boolean first = true;
- for(Cmd child : children) {
- if(!(child instanceof DeprecatedCMD)) {
- if(first) {
- first = false;
- } else if(detail==null) {
- multiChar(sb,indent,' ',0);
- } else {
- // Write parents for Detailed Report
- Stack<String> stack = new Stack<String>();
- for(Cmd c = child.parent;c!=null;c=c.parent) {
- if(c.name!=null) {
- stack.push(c.name);
- }
- }
- if(!stack.isEmpty()) {
- sb.append(" ");
- while(!stack.isEmpty()) {
- sb.append(stack.pop());
- sb.append(' ');
- }
- }
- }
- child.build(sb,detail);
- if(detail!=null) {
- child.detailedHelp(4, detail);
- // If Child wrote something, then add, bracketing by lines
- if(detail.length()>0) {
- multiChar(sb,80,'-',2);
- sb.append(detail);
- sb.append('\n');
- multiChar(sb,80,'-',2);
- sb.append('\n');
- detail.setLength(0); // reuse
- } else {
- sb.append('\n');
- }
- }
- }
- }
- return sb;
- }
-
- protected void error(Future<?> future) {
- StringBuilder sb = new StringBuilder("Failed");
- String desc = future.body();
- int code = future.code();
- if(desc==null || desc.length()==0) {
- withCode(sb,code);
- } else if(desc.startsWith("{")) {
- StringReader sr = new StringReader(desc);
- try {
- // Note: 11-18-2013, JonathanGathman. This rather convoluted Message Structure required by TSS Restful Specs, reflecting "Northbound" practices.
- Error err = getDF(Error.class).newData().in(TYPE.JSON).load(sr).asObject();
- sb.append(" [");
- sb.append(err.getMessageId());
- sb.append("]: ");
- String messageBody = err.getText();
- List<String> vars = err.getVariables();
- int pipe;
- for (int varCounter=0;varCounter<vars.size();) {
- String var = vars.get(varCounter);
- ++varCounter;
- if (messageBody.indexOf("%" + varCounter) >= 0) {
- if((pipe = var.indexOf('|'))>=0) { // In AAF, we use a PIPE for Choice
- if (aafcli.isTest()) {
- String expiresStr = var.substring(pipe);
- var = var.replace(expiresStr, "[Placeholder]");
- } else {
- StringBuilder varsb = new StringBuilder(var);
- varsb.deleteCharAt(pipe);
- var = varsb.toString();
- }
- messageBody = messageBody.replace("%" + varCounter, varCounter-1 + ") " + var);
- } else {
- messageBody = messageBody.replace("%" + varCounter, var);
- }
- }
- }
- sb.append(messageBody);
- } catch (Exception e) {
- withCode(sb,code);
- sb.append(" (Note: Details cannot be obtained from Error Structure)");
- }
- } else if(desc.startsWith("<html>")){ // Core Jetty, etc sends HTML for Browsers
- withCode(sb,code);
- } else {
- sb.append(" with code ");
- sb.append(code);
- sb.append(", ");
- sb.append(desc);
- }
- pw().println(sb);
- }
+ public StringBuilder build(StringBuilder sb, StringBuilder detail) {
+ if(name!=null) {
+ sb.append(name);
+ sb.append(' ');
+ }
+ int line = sb.lastIndexOf("\n")+1;
+ if(line<0) {
+ line=0;
+ }
+ int indent = sb.length()-line;
+ for(Param p : params) {
+ sb.append(p.required?'<':'[');
+ sb.append(p.tag);
+ sb.append(p.required?"> ": "] ");
+ }
+
+ boolean first = true;
+ for(Cmd child : children) {
+ if(!(child instanceof DeprecatedCMD)) {
+ if(first) {
+ first = false;
+ } else if(detail==null) {
+ multiChar(sb,indent,' ',0);
+ } else {
+ // Write parents for Detailed Report
+ Stack<String> stack = new Stack<String>();
+ for(Cmd c = child.parent;c!=null;c=c.parent) {
+ if(c.name!=null) {
+ stack.push(c.name);
+ }
+ }
+ if(!stack.isEmpty()) {
+ sb.append(" ");
+ while(!stack.isEmpty()) {
+ sb.append(stack.pop());
+ sb.append(' ');
+ }
+ }
+ }
+ child.build(sb,detail);
+ if(detail!=null) {
+ child.detailedHelp(4, detail);
+ // If Child wrote something, then add, bracketing by lines
+ if(detail.length()>0) {
+ multiChar(sb,80,'-',2);
+ sb.append(detail);
+ sb.append('\n');
+ multiChar(sb,80,'-',2);
+ sb.append('\n');
+ detail.setLength(0); // reuse
+ } else {
+ sb.append('\n');
+ }
+ }
+ }
+ }
+ return sb;
+ }
+
+ protected void error(Future<?> future) {
+ StringBuilder sb = new StringBuilder("Failed");
+ String desc = future.body();
+ int code = future.code();
+ if(desc==null || desc.length()==0) {
+ withCode(sb,code);
+ } else if(desc.startsWith("{")) {
+ StringReader sr = new StringReader(desc);
+ try {
+ // Note: 11-18-2013, JonathanGathman. This rather convoluted Message Structure required by TSS Restful Specs, reflecting "Northbound" practices.
+ Error err = getDF(Error.class).newData().in(TYPE.JSON).load(sr).asObject();
+ sb.append(" [");
+ sb.append(err.getMessageId());
+ sb.append("]: ");
+ String messageBody = err.getText();
+ List<String> vars = err.getVariables();
+ int pipe;
+ for (int varCounter=0;varCounter<vars.size();) {
+ String var = vars.get(varCounter);
+ ++varCounter;
+ if (messageBody.indexOf("%" + varCounter) >= 0) {
+ if((pipe = var.indexOf('|'))>=0) { // In AAF, we use a PIPE for Choice
+ if (aafcli.isTest()) {
+ String expiresStr = var.substring(pipe);
+ var = var.replace(expiresStr, "[Placeholder]");
+ } else {
+ StringBuilder varsb = new StringBuilder(var);
+ varsb.deleteCharAt(pipe);
+ var = varsb.toString();
+ }
+ messageBody = messageBody.replace("%" + varCounter, varCounter-1 + ") " + var);
+ } else {
+ messageBody = messageBody.replace("%" + varCounter, var);
+ }
+ }
+ }
+ sb.append(messageBody);
+ } catch (Exception e) {
+ withCode(sb,code);
+ sb.append(" (Note: Details cannot be obtained from Error Structure)");
+ }
+ } else if(desc.startsWith("<html>")){ // Core Jetty, etc sends HTML for Browsers
+ withCode(sb,code);
+ } else {
+ sb.append(" with code ");
+ sb.append(code);
+ sb.append(", ");
+ sb.append(desc);
+ }
+ pw().println(sb);
+ }
-
- private void withCode(StringBuilder sb, Integer code) {
- sb.append(" with code ");
- sb.append(code);
- switch(code) {
- case 401:
- sb.append(" (HTTP Not Authenticated)");
- break;
- case 403:
- sb.append(" (HTTP Forbidden)");
- break;
- case 404:
- sb.append(" (HTTP Not Found)");
- break;
- default:
- }
- }
+
+ private void withCode(StringBuilder sb, Integer code) {
+ sb.append(" with code ");
+ sb.append(code);
+ switch(code) {
+ case 401:
+ sb.append(" (HTTP Not Authenticated)");
+ break;
+ case 403:
+ sb.append(" (HTTP Forbidden)");
+ break;
+ case 404:
+ sb.append(" (HTTP Not Found)");
+ break;
+ default:
+ }
+ }
- /**
- * Consistently set start and end dates from Requests (all derived from Request)
- * @param req
- */
- protected void setStartEnd(Request req) {
- // Set Start/End Dates, if exist
- String str;
- if((str = access.getProperty(Cmd.STARTDATE,null))!=null) {
- req.setStart(Chrono.timeStamp(Date.valueOf(str)));
- }
-
- if((str = access.getProperty(Cmd.ENDDATE,null))!=null) {
- req.setEnd(Chrono.timeStamp(Date.valueOf(str)));
- }
- }
+ /**
+ * Consistently set start and end dates from Requests (all derived from Request)
+ * @param req
+ */
+ protected void setStartEnd(Request req) {
+ // Set Start/End Dates, if exist
+ String str;
+ if((str = access.getProperty(Cmd.STARTDATE,null))!=null) {
+ req.setStart(Chrono.timeStamp(Date.valueOf(str)));
+ }
+
+ if((str = access.getProperty(Cmd.ENDDATE,null))!=null) {
+ req.setEnd(Chrono.timeStamp(Date.valueOf(str)));
+ }
+ }
- /**
- * For Derived classes, who have ENV in this parent
- *
- * @param cls
- * @return
- * @throws APIException
- */
- protected <T> RosettaDF<T> getDF(Class<T> cls) throws APIException {
- return getDF(env,cls);
- }
+ /**
+ * For Derived classes, who have ENV in this parent
+ *
+ * @param cls
+ * @return
+ * @throws APIException
+ */
+ protected <T> RosettaDF<T> getDF(Class<T> cls) throws APIException {
+ return getDF(env,cls);
+ }
- /**
- * This works well, making available for GUI, etc.
- * @param env
- * @param cls
- * @return
- * @throws APIException
- */
- @SuppressWarnings("unchecked")
- public static <T> RosettaDF<T> getDF(AuthzEnv env, Class<T> cls) throws APIException {
- RosettaDF<T> rdf = (RosettaDF<T>)dfs.get(cls);
- if(rdf == null) {
- rdf = env.newDataFactory(cls);
- dfs.put(cls, rdf);
- }
- return rdf;
- }
+ /**
+ * This works well, making available for GUI, etc.
+ * @param env
+ * @param cls
+ * @return
+ * @throws APIException
+ */
+ @SuppressWarnings("unchecked")
+ public static <T> RosettaDF<T> getDF(AuthzEnv env, Class<T> cls) throws APIException {
+ RosettaDF<T> rdf = (RosettaDF<T>)dfs.get(cls);
+ if(rdf == null) {
+ rdf = env.newDataFactory(cls);
+ dfs.put(cls, rdf);
+ }
+ return rdf;
+ }
- public void activity(History history, String header) {
- if (history.getItem().isEmpty()) {
- int start = header.indexOf('[');
- if (start >= 0) {
- pw().println("No Activity Found for " + header.substring(start));
- }
- } else {
- pw().println(header);
- for(int i=0;i<lineLength;++i)pw().print('-');
- pw().println();
-
- pw().format(hformat,"Date","Table","User","Memo");
- for(int i=0;i<lineLength;++i)pw().print('-');
- pw().println();
-
- // Save Server time by Sorting locally
- List<Item> items = history.getItem();
- java.util.Collections.sort(items, new Comparator<Item>() {
- @Override
- public int compare(Item o1, Item o2) {
- return o2.getTimestamp().compare(o1.getTimestamp());
- }
- });
-
- for(History.Item item : items) {
- GregorianCalendar gc = item.getTimestamp().toGregorianCalendar();
- pw().format(hformat,
- dateFmt.format(gc.getTime()),
- item.getTarget(),
- item.getUser(),
- item.getMemo());
- }
- }
- }
-
- /**
- * Turn String Array into a | delimited String
- * @param options
- * @return
- */
- public static String optionsToString(String[] options) {
- StringBuilder sb = new StringBuilder();
- boolean first = true;
- for(String s : options) {
- if(first) {
- first = false;
- } else {
- sb.append('|');
- }
- sb.append(s);
- }
- return sb.toString();
- }
-
- /**
- * return which index number the Option matches.
- *
- * throws an Exception if not part of this Option Set
- *
- * @param options
- * @param test
- * @return
- * @throws Exception
- */
- public int whichOption(String[] options, String test) throws CadiException {
- for(int i=0;i<options.length;++i) {
- if(options[i].equals(test)) {
- return i;
- }
- }
- throw new CadiException(build(new StringBuilder("Invalid Option: "),null).toString());
- }
+ public void activity(History history, String header) {
+ if (history.getItem().isEmpty()) {
+ int start = header.indexOf('[');
+ if (start >= 0) {
+ pw().println("No Activity Found for " + header.substring(start));
+ }
+ } else {
+ pw().println(header);
+ for(int i=0;i<lineLength;++i)pw().print('-');
+ pw().println();
+
+ pw().format(hformat,"Date","Table","User","Memo");
+ for(int i=0;i<lineLength;++i)pw().print('-');
+ pw().println();
+
+ // Save Server time by Sorting locally
+ List<Item> items = history.getItem();
+ java.util.Collections.sort(items, new Comparator<Item>() {
+ @Override
+ public int compare(Item o1, Item o2) {
+ return o2.getTimestamp().compare(o1.getTimestamp());
+ }
+ });
+
+ for(History.Item item : items) {
+ GregorianCalendar gc = item.getTimestamp().toGregorianCalendar();
+ pw().format(hformat,
+ dateFmt.format(gc.getTime()),
+ item.getTarget(),
+ item.getUser(),
+ item.getMemo());
+ }
+ }
+ }
+
+ /**
+ * Turn String Array into a | delimited String
+ * @param options
+ * @return
+ */
+ public static String optionsToString(String[] options) {
+ StringBuilder sb = new StringBuilder();
+ boolean first = true;
+ for(String s : options) {
+ if(first) {
+ first = false;
+ } else {
+ sb.append('|');
+ }
+ sb.append(s);
+ }
+ return sb.toString();
+ }
+
+ /**
+ * return which index number the Option matches.
+ *
+ * throws an Exception if not part of this Option Set
+ *
+ * @param options
+ * @param test
+ * @return
+ * @throws Exception
+ */
+ public int whichOption(String[] options, String test) throws CadiException {
+ for(int i=0;i<options.length;++i) {
+ if(options[i].equals(test)) {
+ return i;
+ }
+ }
+ throw new CadiException(build(new StringBuilder("Invalid Option: "),null).toString());
+ }
-// protected RosettaEnv env() {
-// return aafcli.env;
-// }
+// protected RosettaEnv env() {
+// return aafcli.env;
+// }
- protected HMangr hman() {
- return aafcli.hman;
- }
+ protected HMangr hman() {
+ return aafcli.hman;
+ }
- public<RET> RET same(Retryable<RET> retryable) throws APIException, CadiException, LocatorException {
- // We're storing in AAFCli, because we know it's always the same, and single threaded
- if(aafcli.prevCall!=null) {
- retryable.item(aafcli.prevCall.item());
- retryable.lastClient=aafcli.prevCall.lastClient;
- }
-
- RET ret = aafcli.hman.same(aafcli.ss,retryable);
-
- // Store last call in AAFcli, because Cmds are all different instances.
- aafcli.prevCall = retryable;
- return ret;
- }
+ public<RET> RET same(Retryable<RET> retryable) throws APIException, CadiException, LocatorException {
+ // We're storing in AAFCli, because we know it's always the same, and single threaded
+ if(aafcli.prevCall!=null) {
+ retryable.item(aafcli.prevCall.item());
+ retryable.lastClient=aafcli.prevCall.lastClient;
+ }
+
+ RET ret = aafcli.hman.same(aafcli.ss,retryable);
+
+ // Store last call in AAFcli, because Cmds are all different instances.
+ aafcli.prevCall = retryable;
+ return ret;
+ }
- public<RET> RET all(Retryable<RET> retryable) throws APIException, CadiException, LocatorException {
- this.setQueryParamsOn(retryable.lastClient);
- return aafcli.hman.all(aafcli.ss,retryable);
- }
+ public<RET> RET all(Retryable<RET> retryable) throws APIException, CadiException, LocatorException {
+ this.setQueryParamsOn(retryable.lastClient);
+ return aafcli.hman.all(aafcli.ss,retryable);
+ }
- public<RET> RET oneOf(Retryable<RET> retryable,String host) throws APIException, CadiException, LocatorException {
- this.setQueryParamsOn(retryable.lastClient);
- return aafcli.hman.oneOf(aafcli.ss,retryable,true,host);
- }
+ public<RET> RET oneOf(Retryable<RET> retryable,String host) throws APIException, CadiException, LocatorException {
+ this.setQueryParamsOn(retryable.lastClient);
+ return aafcli.hman.oneOf(aafcli.ss,retryable,true,host);
+ }
- protected PrintWriter pw() {
- return AAFcli.pw;
- }
+ protected PrintWriter pw() {
+ return AAFcli.pw;
+ }
- public String getName() {
- return name;
- }
-
- public void reportHead(String ... str) {
- pw().println();
- boolean first = true;
- int i=0;
- for(String s : str) {
- if(first) {
- if(++i>1) {
- first = false;
- pw().print("[");
- }
- } else {
- pw().print("] [");
- }
- pw().print(s);
- }
- if(!first) {
- pw().print(']');
- }
- pw().println();
- reportLine();
- }
-
- public String reportColHead(String format, String ... args) {
- pw().format(format,(Object[])args);
- reportLine();
- return format;
- }
+ public String getName() {
+ return name;
+ }
+
+ public void reportHead(String ... str) {
+ pw().println();
+ boolean first = true;
+ int i=0;
+ for(String s : str) {
+ if(first) {
+ if(++i>1) {
+ first = false;
+ pw().print("[");
+ }
+ } else {
+ pw().print("] [");
+ }
+ pw().print(s);
+ }
+ if(!first) {
+ pw().print(']');
+ }
+ pw().println();
+ reportLine();
+ }
+
+ public String reportColHead(String format, String ... args) {
+ pw().format(format,(Object[])args);
+ reportLine();
+ return format;
+ }
- public void reportLine() {
- for(int i=0;i<lineLength;++i)pw().print('-');
- pw().println();
- }
-
- protected void setQueryParamsOn(Rcli<?> rcli) {
- StringBuilder sb=null;
- String force;
- if((force=aafcli.forceString())!=null) {
- sb = new StringBuilder("force=");
- sb.append(force);
- }
- if(aafcli.addRequest()) {
- if(sb==null) {
- sb = new StringBuilder("future=true");
- } else {
- sb.append("&future=true");
- }
- }
- if(sb!=null && rcli!=null) {
- rcli.setQueryParams(sb.toString());
- }
- }
+ public void reportLine() {
+ for(int i=0;i<lineLength;++i)pw().print('-');
+ pw().println();
+ }
+
+ protected void setQueryParamsOn(Rcli<?> rcli) {
+ StringBuilder sb=null;
+ String force;
+ if((force=aafcli.forceString())!=null) {
+ sb = new StringBuilder("force=");
+ sb.append(force);
+ }
+ if(aafcli.addRequest()) {
+ if(sb==null) {
+ sb = new StringBuilder("future=true");
+ } else {
+ sb.append("&future=true");
+ }
+ }
+ if(sb!=null && rcli!=null) {
+ rcli.setQueryParams(sb.toString());
+ }
+ }
//
-// /**
-// * If Force is set, will return True once only, then revert to "FALSE".
-// *
-// * @return
-// */
-// protected String checkForce() {
-// if(TRUE.equalsIgnoreCase(env.getProperty(FORCE, FALSE))) {
-// env.setProperty(FORCE, FALSE);
-// return "true";
-// }
-// return FALSE;
-// }
+// /**
+// * If Force is set, will return True once only, then revert to "FALSE".
+// *
+// * @return
+// */
+// protected String checkForce() {
+// if(TRUE.equalsIgnoreCase(env.getProperty(FORCE, FALSE))) {
+// env.setProperty(FORCE, FALSE);
+// return "true";
+// }
+// return FALSE;
+// }
- public String toString() {
- StringBuilder sb = new StringBuilder();
- if(parent==null) { // ultimate parent
- build(sb,null);
- return sb.toString();
- } else {
- return parent.toString();
- }
- }
-
-// private String getOrgRealm() {
-// return ;
-// }
-//
- /**
- * Appends shortID with Realm, but only when allowed by Organization
- * @throws OrganizationException
- */
- public String fullID(String id) {
- if(id != null) {
- if (id.indexOf('@') < 0) {
- id+=defaultRealm;
- } else {
- return id; // is already a full ID
- }
- }
- return id;
- }
+ public String toString() {
+ StringBuilder sb = new StringBuilder();
+ if(parent==null) { // ultimate parent
+ build(sb,null);
+ return sb.toString();
+ } else {
+ return parent.toString();
+ }
+ }
+
+// private String getOrgRealm() {
+// return ;
+// }
+//
+ /**
+ * Appends shortID with Realm, but only when allowed by Organization
+ * @throws OrganizationException
+ */
+ public String fullID(String id) {
+ if(id != null) {
+ if (id.indexOf('@') < 0) {
+ id+=defaultRealm;
+ } else {
+ return id; // is already a full ID
+ }
+ }
+ return id;
+ }
}
diff --git a/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/DeprecatedCMD.java b/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/DeprecatedCMD.java
index b13c7333..dad2076f 100644
--- a/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/DeprecatedCMD.java
+++ b/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/DeprecatedCMD.java
@@ -36,18 +36,18 @@ import org.onap.aaf.misc.env.APIException;
* @param <X>
*/
public class DeprecatedCMD<X extends Cmd> extends BaseCmd<X> {
- private String text;
+ private String text;
- @SuppressWarnings("unchecked")
- public DeprecatedCMD(Cmd cmd, String name, String text) {
- super((X)cmd,name);
- this.text = text;
- }
+ @SuppressWarnings("unchecked")
+ public DeprecatedCMD(Cmd cmd, String name, String text) {
+ super((X)cmd,name);
+ this.text = text;
+ }
- @Override
- public int _exec(int _idx, final String ... args) throws CadiException, APIException, LocatorException {
- pw().println(text);
- return _idx;
- }
+ @Override
+ public int _exec(int _idx, final String ... args) throws CadiException, APIException, LocatorException {
+ pw().println(text);
+ return _idx;
+ }
}
diff --git a/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/Help.java b/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/Help.java
index ca10915d..bd70d9e5 100644
--- a/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/Help.java
+++ b/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/Help.java
@@ -28,91 +28,91 @@ import org.onap.aaf.cadi.LocatorException;
import org.onap.aaf.misc.env.APIException;
public class Help extends Cmd {
- private List<Cmd> cmds;
+ private List<Cmd> cmds;
- public Help(AAFcli aafcli, List<Cmd> cmds) {
- super(aafcli, "--help",
- new Param("-d (more details)", false),
- new Param("command",false));
- this.cmds = cmds;
- }
+ public Help(AAFcli aafcli, List<Cmd> cmds) {
+ super(aafcli, "--help",
+ new Param("-d (more details)", false),
+ new Param("command",false));
+ this.cmds = cmds;
+ }
- @Override
- public int _exec( int _idx, final String ... args) throws CadiException, APIException, LocatorException {
- int idx = _idx;
- boolean first = true;
- StringBuilder sb = new StringBuilder("AAF Command Line Tool");
- StringBuilder details;
- multiChar(sb, 21, '-',0);
- sb.append("\n SingleLine Commands");
- multiChar(sb, 21, '-',2);
- sb.append("\n force - add to regular commands to override depency checks");
- sb.append("\n details - add to role list or perm list commands for rich format");
- multiChar(sb, 48, '-',2);
- // if details !=null, then extra details are written to it.
- details = aafcli.isDetailed()?new StringBuilder():null;
+ @Override
+ public int _exec( int _idx, final String ... args) throws CadiException, APIException, LocatorException {
+ int idx = _idx;
+ boolean first = true;
+ StringBuilder sb = new StringBuilder("AAF Command Line Tool");
+ StringBuilder details;
+ multiChar(sb, 21, '-',0);
+ sb.append("\n SingleLine Commands");
+ multiChar(sb, 21, '-',2);
+ sb.append("\n force - add to regular commands to override depency checks");
+ sb.append("\n details - add to role list or perm list commands for rich format");
+ multiChar(sb, 48, '-',2);
+ // if details !=null, then extra details are written to it.
+ details = aafcli.isDetailed()?new StringBuilder():null;
- String comp = args.length>idx?args[idx++]:null;
- if("help".equalsIgnoreCase(comp)) {
- build(sb,null);
- detailedHelp(4, sb);
- sb.append('\n');
- } else {
- for(Cmd c : cmds) {
- if(!(c instanceof DeprecatedCMD)) {
- if(comp!=null) {
- if(comp.equals(c.getName())) {
- multiChar(sb,2,' ',0);
- c.build(sb,details);
- }
- } else {
- if(first) {
- first=false;
- } else {
- multiChar(sb,80,'-',2);
- }
- multiChar(sb,2,' ',0);
- c.build(sb,details);
- if(details!=null) {
- c.detailedHelp(4, sb);
- // multiChar(sb,80,'-',2);
- }
- }
- }
- }
- }
- pw().println(sb.toString());
- return 200 /*HttpStatus.OK_200*/;
- }
-
- @Override
- public void detailedHelp(int _indent, StringBuilder sb) {
- int indent = _indent;
- detailLine(sb,indent,"To print main help, enter \"aafcli\" or \"aafcli --help \"");
- detailLine(sb,indent,"To print narrow the help content, enter sub-entries after aafcli,");
- detailLine(sb,indent+2,"i.e. \"aafcli perm\"");
- detailLine(sb,indent,"To see version of AAF CLI, enter \"aafcli --version \"");
- sb.append('\n');
- detailLine(sb,indent,"State Commands: change variables or credentials between calls.");
- indent+=4;
- detailLine(sb,indent,"set <tag>=<value> - Set any System Property to a new value");
- detailLine(sb,indent,"as <id:password> - Change Credentials. Password may be encrypted");
- detailLine(sb,indent,"expect <int> [int]* - In test mode, check for proper HTTP Status Codes");
- detailLine(sb,indent,"sleep <int> - Wait for <int> seconds");
- detailLine(sb,indent,"force - force deletions that have relationships");
- detailLine(sb,indent,"details - cause list commands (role, perm) to print rich format");
- detailLine(sb,indent," - In GUI CmdLine, use HourGlass option (top right)");
- sb.append('\n');
- detailLine(sb,indent-4,"CmdLine Arguments: change behavior of the aafcli program");
- detailLine(sb,indent,"-i - Read commands from Shell Standard Input");
- detailLine(sb,indent,"-f - Read commands from a file");
- detailLine(sb,indent,"-r - Clear Command Line SSO credential");
- detailLine(sb,indent,"-a - In test mode, do not stop execution on unexpected error");
- detailLine(sb,indent,"-t - Test Mode will not print variable fields that could break tc runs");
- detailLine(sb,indent+6,"such as expiration dates of a credential");
- detailLine(sb,indent,"-s - Request specific Start Date (not immediately)");
- detailLine(sb,indent+6,"Format YYYY-MM-DD. Can also be set with \"set " + Cmd.STARTDATE + "=<value>\"");
- detailLine(sb,indent,"-e - Set Expiration/End Date, where commands support");
- detailLine(sb,indent+6,"Format YYYY-MM-DD. Can also be set with \"set " + Cmd.ENDDATE + "=<value>\"");
- }
+ String comp = args.length>idx?args[idx++]:null;
+ if("help".equalsIgnoreCase(comp)) {
+ build(sb,null);
+ detailedHelp(4, sb);
+ sb.append('\n');
+ } else {
+ for(Cmd c : cmds) {
+ if(!(c instanceof DeprecatedCMD)) {
+ if(comp!=null) {
+ if(comp.equals(c.getName())) {
+ multiChar(sb,2,' ',0);
+ c.build(sb,details);
+ }
+ } else {
+ if(first) {
+ first=false;
+ } else {
+ multiChar(sb,80,'-',2);
+ }
+ multiChar(sb,2,' ',0);
+ c.build(sb,details);
+ if(details!=null) {
+ c.detailedHelp(4, sb);
+ // multiChar(sb,80,'-',2);
+ }
+ }
+ }
+ }
+ }
+ pw().println(sb.toString());
+ return 200 /*HttpStatus.OK_200*/;
+ }
+
+ @Override
+ public void detailedHelp(int _indent, StringBuilder sb) {
+ int indent = _indent;
+ detailLine(sb,indent,"To print main help, enter \"aafcli\" or \"aafcli --help \"");
+ detailLine(sb,indent,"To print narrow the help content, enter sub-entries after aafcli,");
+ detailLine(sb,indent+2,"i.e. \"aafcli perm\"");
+ detailLine(sb,indent,"To see version of AAF CLI, enter \"aafcli --version \"");
+ sb.append('\n');
+ detailLine(sb,indent,"State Commands: change variables or credentials between calls.");
+ indent+=4;
+ detailLine(sb,indent,"set <tag>=<value> - Set any System Property to a new value");
+ detailLine(sb,indent,"as <id:password> - Change Credentials. Password may be encrypted");
+ detailLine(sb,indent,"expect <int> [int]* - In test mode, check for proper HTTP Status Codes");
+ detailLine(sb,indent,"sleep <int> - Wait for <int> seconds");
+ detailLine(sb,indent,"force - force deletions that have relationships");
+ detailLine(sb,indent,"details - cause list commands (role, perm) to print rich format");
+ detailLine(sb,indent," - In GUI CmdLine, use HourGlass option (top right)");
+ sb.append('\n');
+ detailLine(sb,indent-4,"CmdLine Arguments: change behavior of the aafcli program");
+ detailLine(sb,indent,"-i - Read commands from Shell Standard Input");
+ detailLine(sb,indent,"-f - Read commands from a file");
+ detailLine(sb,indent,"-r - Clear Command Line SSO credential");
+ detailLine(sb,indent,"-a - In test mode, do not stop execution on unexpected error");
+ detailLine(sb,indent,"-t - Test Mode will not print variable fields that could break tc runs");
+ detailLine(sb,indent+6,"such as expiration dates of a credential");
+ detailLine(sb,indent,"-s - Request specific Start Date (not immediately)");
+ detailLine(sb,indent+6,"Format YYYY-MM-DD. Can also be set with \"set " + Cmd.STARTDATE + "=<value>\"");
+ detailLine(sb,indent,"-e - Set Expiration/End Date, where commands support");
+ detailLine(sb,indent+6,"Format YYYY-MM-DD. Can also be set with \"set " + Cmd.ENDDATE + "=<value>\"");
+ }
}
diff --git a/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/MessageException.java b/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/MessageException.java
index 3ed81222..934212ca 100644
--- a/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/MessageException.java
+++ b/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/MessageException.java
@@ -31,16 +31,16 @@ package org.onap.aaf.auth.cmd;
*
*/
public class MessageException extends Exception {
- /**
- *
- */
- private static final long serialVersionUID = 8143933588878259048L;
+ /**
+ *
+ */
+ private static final long serialVersionUID = 8143933588878259048L;
- /**
- * @param Message
- */
- public MessageException(String msg) {
- super(msg);
- }
+ /**
+ * @param Message
+ */
+ public MessageException(String msg) {
+ super(msg);
+ }
}
diff --git a/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/Param.java b/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/Param.java
index 0d79df0a..8e485528 100644
--- a/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/Param.java
+++ b/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/Param.java
@@ -22,16 +22,16 @@
package org.onap.aaf.auth.cmd;
public class Param {
- public final String tag;
- public final boolean required;
-
- /**
- *
- * @param t
- * @param b
- */
- public Param(String t, boolean required) {
- tag = t;
- this.required=required;
- }
+ public final String tag;
+ public final boolean required;
+
+ /**
+ *
+ * @param t
+ * @param b
+ */
+ public Param(String t, boolean required) {
+ tag = t;
+ this.required=required;
+ }
}
diff --git a/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/Version.java b/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/Version.java
index fe04dac7..9bb01956 100644
--- a/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/Version.java
+++ b/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/Version.java
@@ -29,15 +29,15 @@ import org.onap.aaf.misc.env.APIException;
public class Version extends Cmd {
- public Version(AAFcli aafcli) {
- super(aafcli, "--version");
- }
+ public Version(AAFcli aafcli) {
+ super(aafcli, "--version");
+ }
- @Override
- protected int _exec(int idx, String... args) throws CadiException, APIException, LocatorException {
- pw().println("AAF Command Line Tool");
- pw().print("Version: ");
- pw().println(Config.AAF_DEFAULT_VERSION);
- return 200 /*HttpStatus.OK_200;*/;
- }
+ @Override
+ protected int _exec(int idx, String... args) throws CadiException, APIException, LocatorException {
+ pw().println("AAF Command Line Tool");
+ pw().print("Version: ");
+ pw().println(Config.AAF_DEFAULT_VERSION);
+ return 200 /*HttpStatus.OK_200;*/;
+ }
}
diff --git a/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/mgmt/Cache.java b/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/mgmt/Cache.java
index cd153537..fd257d63 100644
--- a/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/mgmt/Cache.java
+++ b/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/mgmt/Cache.java
@@ -25,8 +25,8 @@ import org.onap.aaf.auth.cmd.BaseCmd;
import org.onap.aaf.misc.env.APIException;
public class Cache extends BaseCmd<Mgmt> {
- public Cache(Mgmt mgmt) throws APIException {
- super(mgmt, "cache");
- cmds.add(new Clear(this));
- }
+ public Cache(Mgmt mgmt) throws APIException {
+ super(mgmt, "cache");
+ cmds.add(new Clear(this));
+ }
}
diff --git a/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/mgmt/Clear.java b/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/mgmt/Clear.java
index a18c1c48..ca8a72ca 100644
--- a/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/mgmt/Clear.java
+++ b/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/mgmt/Clear.java
@@ -39,47 +39,47 @@ import org.onap.aaf.misc.env.APIException;
*
*/
public class Clear extends Cmd {
- public Clear(Cache parent) {
- super(parent,"clear",
- new Param("name[,name]*",true));
- }
+ public Clear(Cache parent) {
+ super(parent,"clear",
+ new Param("name[,name]*",true));
+ }
- @Override
- public int _exec(int _idx, String ... args) throws CadiException, APIException, LocatorException {
- int idx = _idx;
- int rv=409;
- for(final String name : args[idx++].split(COMMA)) {
- rv = all(new Retryable<Integer>() {
- @Override
- public Integer code(Rcli<?> client) throws APIException, CadiException {
- int rv = 409;
- Future<Void> fp = client.delete(
- "/mgmt/cache/"+name,
- Void.class
- );
- if(fp.get(AAFcli.timeout())) {
- pw().println("Cleared Cache for " + name + " on " + client);
- rv=200;
- } else {
- if(rv==409)rv = fp.code();
- error(fp);
- }
- return rv;
- }
- });
- }
- return rv;
- }
+ @Override
+ public int _exec(int _idx, String ... args) throws CadiException, APIException, LocatorException {
+ int idx = _idx;
+ int rv=409;
+ for(final String name : args[idx++].split(COMMA)) {
+ rv = all(new Retryable<Integer>() {
+ @Override
+ public Integer code(Rcli<?> client) throws APIException, CadiException {
+ int rv = 409;
+ Future<Void> fp = client.delete(
+ "/mgmt/cache/"+name,
+ Void.class
+ );
+ if(fp.get(AAFcli.timeout())) {
+ pw().println("Cleared Cache for " + name + " on " + client);
+ rv=200;
+ } else {
+ if(rv==409)rv = fp.code();
+ error(fp);
+ }
+ return rv;
+ }
+ });
+ }
+ return rv;
+ }
- @Override
- public void detailedHelp(int _indent, StringBuilder sb) {
- int indent = _indent;
- detailLine(sb,indent,"Clear the cache for certain tables");
- indent+=2;
- detailLine(sb,indent,"name - name of table or 'all'");
- detailLine(sb,indent+14,"Must have admin rights to '" + Define.ROOT_NS() + '\'');
- indent-=2;
- api(sb,indent,HttpMethods.DELETE,"mgmt/cache/:name",Void.class,true);
- }
+ @Override
+ public void detailedHelp(int _indent, StringBuilder sb) {
+ int indent = _indent;
+ detailLine(sb,indent,"Clear the cache for certain tables");
+ indent+=2;
+ detailLine(sb,indent,"name - name of table or 'all'");
+ detailLine(sb,indent+14,"Must have admin rights to '" + Define.ROOT_NS() + '\'');
+ indent-=2;
+ api(sb,indent,HttpMethods.DELETE,"mgmt/cache/:name",Void.class,true);
+ }
}
diff --git a/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/mgmt/Deny.java b/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/mgmt/Deny.java
index b8fc4a23..17f23729 100644
--- a/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/mgmt/Deny.java
+++ b/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/mgmt/Deny.java
@@ -34,68 +34,68 @@ import org.onap.aaf.cadi.config.Config;
import org.onap.aaf.misc.env.APIException;
public class Deny extends BaseCmd<Mgmt> {
- private final static String[] options = {"add","del"};
+ private final static String[] options = {"add","del"};
- public Deny(Mgmt mgmt) throws APIException {
- super(mgmt, "deny");
- cmds.add(new DenySomething(this,"ip","ipv4or6[,ipv4or6]*"));
- cmds.add(new DenySomething(this,"id","identity[,identity]*"));
- }
-
- public class DenySomething extends Cmd {
+ public Deny(Mgmt mgmt) throws APIException {
+ super(mgmt, "deny");
+ cmds.add(new DenySomething(this,"ip","ipv4or6[,ipv4or6]*"));
+ cmds.add(new DenySomething(this,"id","identity[,identity]*"));
+ }
+
+ public class DenySomething extends Cmd {
- private boolean isID;
+ private boolean isID;
- public DenySomething(Deny deny, String type, String repeatable) {
- super(deny, type,
- new Param(optionsToString(options),true),
- new Param(repeatable,true));
- isID = "id".equals(type);
- }
+ public DenySomething(Deny deny, String type, String repeatable) {
+ super(deny, type,
+ new Param(optionsToString(options),true),
+ new Param(repeatable,true));
+ isID = "id".equals(type);
+ }
- @Override
- protected int _exec(int _idx, String... args) throws CadiException, APIException, LocatorException {
- int idx = _idx;
- String action = args[idx++];
- final int option = whichOption(options, action);
- int rv=409;
- for(final String name : args[idx++].split(COMMA)) {
- final String append;
- if(isID && name.indexOf("@")<0) {
- append='@'+ access.getProperty(Config.AAF_DEFAULT_REALM,null);
- } else {
- append = "";
- }
- final String path = "/mgmt/deny/"+getName() + '/'+ name + append;
- rv = all(new Retryable<Integer>() {
- @Override
- public Integer code(Rcli<?> client) throws APIException, CadiException {
- int rv = 409;
- Future<Void> fp;
- String resp;
- switch(option) {
- case 0:
- fp = client.create(path, Void.class);
- resp = " added";
- break;
- default:
- fp = client.delete(path, Void.class);
- resp = " deleted";
- }
- if(fp.get(AAFcli.timeout())) {
- pw().println(name + append + resp + " on " + client);
- rv=fp.code();
- } else {
- if(rv==409)rv = fp.code();
- error(fp);
- }
- return rv;
- }
- });
- }
- return rv;
- }
+ @Override
+ protected int _exec(int _idx, String... args) throws CadiException, APIException, LocatorException {
+ int idx = _idx;
+ String action = args[idx++];
+ final int option = whichOption(options, action);
+ int rv=409;
+ for(final String name : args[idx++].split(COMMA)) {
+ final String append;
+ if(isID && name.indexOf("@")<0) {
+ append='@'+ access.getProperty(Config.AAF_DEFAULT_REALM,null);
+ } else {
+ append = "";
+ }
+ final String path = "/mgmt/deny/"+getName() + '/'+ name + append;
+ rv = all(new Retryable<Integer>() {
+ @Override
+ public Integer code(Rcli<?> client) throws APIException, CadiException {
+ int rv = 409;
+ Future<Void> fp;
+ String resp;
+ switch(option) {
+ case 0:
+ fp = client.create(path, Void.class);
+ resp = " added";
+ break;
+ default:
+ fp = client.delete(path, Void.class);
+ resp = " deleted";
+ }
+ if(fp.get(AAFcli.timeout())) {
+ pw().println(name + append + resp + " on " + client);
+ rv=fp.code();
+ } else {
+ if(rv==409)rv = fp.code();
+ error(fp);
+ }
+ return rv;
+ }
+ });
+ }
+ return rv;
+ }
- }
+ }
}
diff --git a/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/mgmt/Log.java b/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/mgmt/Log.java
index 80ad8a46..535de3bb 100644
--- a/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/mgmt/Log.java
+++ b/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/mgmt/Log.java
@@ -35,74 +35,74 @@ import org.onap.aaf.cadi.config.Config;
import org.onap.aaf.misc.env.APIException;
public class Log extends BaseCmd<Mgmt> {
- private final static String[] options = {"add","del"};
+ private final static String[] options = {"add","del"};
- public Log(Mgmt mgmt) throws APIException {
- super(mgmt, "log",
- new Param(optionsToString(options),true),
- new Param("id[,id]*",true));
- }
-
- @Override
- public int _exec(int _idx, String ... args) throws CadiException, APIException, LocatorException {
- int rv=409;
- int idx = _idx;
- final int option = whichOption(options, args[idx++]);
+ public Log(Mgmt mgmt) throws APIException {
+ super(mgmt, "log",
+ new Param(optionsToString(options),true),
+ new Param("id[,id]*",true));
+ }
+
+ @Override
+ public int _exec(int _idx, String ... args) throws CadiException, APIException, LocatorException {
+ int rv=409;
+ int idx = _idx;
+ final int option = whichOption(options, args[idx++]);
- for(String name : args[idx++].split(COMMA)) {
- final String fname;
- if(name.indexOf("@")<0) {
- fname=name+'@'+ access.getProperty(Config.AAF_DEFAULT_REALM,null);
- } else {
- fname = name;
- }
-
- rv = all(new Retryable<Integer>() {
- @Override
- public Integer code(Rcli<?> client) throws APIException, CadiException {
- int rv = 409;
- Future<Void> fp;
- String str = "/mgmt/log/id/"+fname;
- String msg;
- switch(option) {
- case 0:
- fp = client.create(str,Void.class);
- msg = "Added";
- break;
- case 1:
- fp = client.delete(str,Void.class);
- msg = "Deleted";
- break;
- default:
- fp = null;
- msg = "Ignored";
- }
-
- if(fp!=null) {
- if(fp.get(AAFcli.timeout())) {
- pw().println(msg + " Special Log for " + fname + " on " + client);
- rv=200;
- } else {
- if(rv==409)rv = fp.code();
- error(fp);
- }
- return rv;
- }
- return rv;
- }
- });
- }
- return rv;
- }
+ for(String name : args[idx++].split(COMMA)) {
+ final String fname;
+ if(name.indexOf("@")<0) {
+ fname=name+'@'+ access.getProperty(Config.AAF_DEFAULT_REALM,null);
+ } else {
+ fname = name;
+ }
+
+ rv = all(new Retryable<Integer>() {
+ @Override
+ public Integer code(Rcli<?> client) throws APIException, CadiException {
+ int rv = 409;
+ Future<Void> fp;
+ String str = "/mgmt/log/id/"+fname;
+ String msg;
+ switch(option) {
+ case 0:
+ fp = client.create(str,Void.class);
+ msg = "Added";
+ break;
+ case 1:
+ fp = client.delete(str,Void.class);
+ msg = "Deleted";
+ break;
+ default:
+ fp = null;
+ msg = "Ignored";
+ }
+
+ if(fp!=null) {
+ if(fp.get(AAFcli.timeout())) {
+ pw().println(msg + " Special Log for " + fname + " on " + client);
+ rv=200;
+ } else {
+ if(rv==409)rv = fp.code();
+ error(fp);
+ }
+ return rv;
+ }
+ return rv;
+ }
+ });
+ }
+ return rv;
+ }
- @Override
- public void detailedHelp(int _indent, StringBuilder sb) {
- int indent = _indent;
- detailLine(sb,indent,"Clear the cache for certain tables");
- indent+=2;
- detailLine(sb,indent,"name - name of table or 'all'");
- detailLine(sb,indent+14,"Must have admin rights to '" + Define.ROOT_NS() + '\'');
- indent-=2;
- api(sb,indent,HttpMethods.DELETE,"mgmt/cache/:name",Void.class,true);
- }
+ @Override
+ public void detailedHelp(int _indent, StringBuilder sb) {
+ int indent = _indent;
+ detailLine(sb,indent,"Clear the cache for certain tables");
+ indent+=2;
+ detailLine(sb,indent,"name - name of table or 'all'");
+ detailLine(sb,indent+14,"Must have admin rights to '" + Define.ROOT_NS() + '\'');
+ indent-=2;
+ api(sb,indent,HttpMethods.DELETE,"mgmt/cache/:name",Void.class,true);
+ }
}
diff --git a/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/mgmt/Mgmt.java b/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/mgmt/Mgmt.java
index 6b5e2d66..e5097a32 100644
--- a/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/mgmt/Mgmt.java
+++ b/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/mgmt/Mgmt.java
@@ -26,11 +26,11 @@ import org.onap.aaf.auth.cmd.BaseCmd;
import org.onap.aaf.misc.env.APIException;
public class Mgmt extends BaseCmd<Mgmt> {
- public Mgmt(AAFcli aafcli) throws APIException {
- super(aafcli, "mgmt");
- cmds.add(new Cache(this));
- cmds.add(new Deny(this));
- cmds.add(new Log(this));
- cmds.add(new Session(this));
- }
+ public Mgmt(AAFcli aafcli) throws APIException {
+ super(aafcli, "mgmt");
+ cmds.add(new Cache(this));
+ cmds.add(new Deny(this));
+ cmds.add(new Log(this));
+ cmds.add(new Session(this));
+ }
}
diff --git a/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/mgmt/SessClear.java b/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/mgmt/SessClear.java
index cfd2fa8d..a52d5dc7 100644
--- a/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/mgmt/SessClear.java
+++ b/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/mgmt/SessClear.java
@@ -39,45 +39,45 @@ import org.onap.aaf.misc.env.APIException;
*
*/
public class SessClear extends Cmd {
- public SessClear(Session parent) {
- super(parent,"clear",
- new Param("machine",true));
- }
+ public SessClear(Session parent) {
+ super(parent,"clear",
+ new Param("machine",true));
+ }
- @Override
- public int _exec(int idx, String ... args) throws CadiException, APIException, LocatorException {
- int rv=409;
- String machine = args[idx++];
- rv = oneOf(new Retryable<Integer>() {
- @Override
- public Integer code(Rcli<?> client) throws APIException, CadiException {
- int rv = 409;
- Future<Void> fp = client.delete(
- "/mgmt/dbsession",
- Void.class
- );
- if(fp.get(AAFcli.timeout())) {
- pw().println("Cleared DBSession on " + client);
- rv=200;
- } else {
- if(rv==409)rv = fp.code();
- error(fp);
- }
- return rv;
- }
- },machine);
- return rv;
- }
+ @Override
+ public int _exec(int idx, String ... args) throws CadiException, APIException, LocatorException {
+ int rv=409;
+ String machine = args[idx++];
+ rv = oneOf(new Retryable<Integer>() {
+ @Override
+ public Integer code(Rcli<?> client) throws APIException, CadiException {
+ int rv = 409;
+ Future<Void> fp = client.delete(
+ "/mgmt/dbsession",
+ Void.class
+ );
+ if(fp.get(AAFcli.timeout())) {
+ pw().println("Cleared DBSession on " + client);
+ rv=200;
+ } else {
+ if(rv==409)rv = fp.code();
+ error(fp);
+ }
+ return rv;
+ }
+ },machine);
+ return rv;
+ }
- @Override
- public void detailedHelp(int _indent, StringBuilder sb) {
- int indent = _indent;
- detailLine(sb,indent,"Clear the cache for certain tables");
- indent+=2;
- detailLine(sb,indent,"name - name of table or 'all'");
- detailLine(sb,indent+14,"Must have admin rights to " + Define.ROOT_NS() + '\'');
- indent-=2;
- api(sb,indent,HttpMethods.DELETE,"mgmt/cache/:name",Void.class,true);
- }
+ @Override
+ public void detailedHelp(int _indent, StringBuilder sb) {
+ int indent = _indent;
+ detailLine(sb,indent,"Clear the cache for certain tables");
+ indent+=2;
+ detailLine(sb,indent,"name - name of table or 'all'");
+ detailLine(sb,indent+14,"Must have admin rights to " + Define.ROOT_NS() + '\'');
+ indent-=2;
+ api(sb,indent,HttpMethods.DELETE,"mgmt/cache/:name",Void.class,true);
+ }
}
diff --git a/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/mgmt/Session.java b/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/mgmt/Session.java
index 5929caea..fa3eb522 100644
--- a/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/mgmt/Session.java
+++ b/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/mgmt/Session.java
@@ -25,8 +25,8 @@ import org.onap.aaf.auth.cmd.BaseCmd;
import org.onap.aaf.misc.env.APIException;
public class Session extends BaseCmd<Mgmt> {
- public Session(Mgmt mgmt) throws APIException {
- super(mgmt, "dbsession");
- cmds.add(new SessClear(this));
- }
+ public Session(Mgmt mgmt) throws APIException {
+ super(mgmt, "dbsession");
+ cmds.add(new SessClear(this));
+ }
}
diff --git a/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/ns/Admin.java b/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/ns/Admin.java
index 363c7482..f1952fa9 100644
--- a/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/ns/Admin.java
+++ b/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/ns/Admin.java
@@ -33,71 +33,71 @@ import org.onap.aaf.cadi.client.Retryable;
import org.onap.aaf.misc.env.APIException;
public class Admin extends BaseCmd<NS> {
- private final static String[] options = {"add","del"};
+ private final static String[] options = {"add","del"};
- public Admin(NS ns) throws APIException {
- super(ns,"admin",
- new Param(optionsToString(options),true),
- new Param("ns-name",true),
- new Param("id[,id]*",true)
- );
- }
+ public Admin(NS ns) throws APIException {
+ super(ns,"admin",
+ new Param(optionsToString(options),true),
+ new Param("ns-name",true),
+ new Param("id[,id]*",true)
+ );
+ }
- @Override
- public int _exec(int _idx, final String ... args) throws CadiException, APIException, LocatorException {
- int idx = _idx;
- final int option = whichOption(options, args[idx++]);
- final String ns = args[idx++];
- final String ids[] = args[idx++].split(",");
+ @Override
+ public int _exec(int _idx, final String ... args) throws CadiException, APIException, LocatorException {
+ int idx = _idx;
+ final int option = whichOption(options, args[idx++]);
+ final String ns = args[idx++];
+ final String ids[] = args[idx++].split(",");
- return same(new Retryable<Integer>() {
- @Override
- public Integer code(Rcli<?> client) throws CadiException, APIException {
- Future<Void> fp = null;
- for(String id : ids) {
- id = fullID(id);
- String verb;
- switch(option) {
- case 0:
- fp = client.create("/authz/ns/"+ns+"/admin/"+id,Void.class);
- verb = " added to ";
- break;
- case 1:
- fp = client.delete("/authz/ns/"+ns+"/admin/"+id,Void.class);
- verb = " deleted from ";
- break;
- default:
- throw new CadiException("Bad Argument");
- };
-
- if(fp.get(AAFcli.timeout())) {
- pw().append("Admin ");
- pw().append(id);
- pw().append(verb);
- pw().println(ns);
- } else {
- error(fp);
- return fp.code();
- }
-
- }
- return fp==null?500:fp.code();
- }
- });
- }
+ return same(new Retryable<Integer>() {
+ @Override
+ public Integer code(Rcli<?> client) throws CadiException, APIException {
+ Future<Void> fp = null;
+ for(String id : ids) {
+ id = fullID(id);
+ String verb;
+ switch(option) {
+ case 0:
+ fp = client.create("/authz/ns/"+ns+"/admin/"+id,Void.class);
+ verb = " added to ";
+ break;
+ case 1:
+ fp = client.delete("/authz/ns/"+ns+"/admin/"+id,Void.class);
+ verb = " deleted from ";
+ break;
+ default:
+ throw new CadiException("Bad Argument");
+ };
+
+ if(fp.get(AAFcli.timeout())) {
+ pw().append("Admin ");
+ pw().append(id);
+ pw().append(verb);
+ pw().println(ns);
+ } else {
+ error(fp);
+ return fp.code();
+ }
+
+ }
+ return fp==null?500:fp.code();
+ }
+ });
+ }
- @Override
- public void detailedHelp(int _indent, StringBuilder sb) {
- int indent = _indent;
- detailLine(sb,indent,"Add or Delete Administrator to/from Namespace");
- indent+=4;
- detailLine(sb,indent,"name - Name of Namespace");
- detailLine(sb,indent,"id - Credential of Person(s) to be Administrator");
- sb.append('\n');
- detailLine(sb,indent,"aafcli will call API on each ID presented.");
- indent-=4;
- api(sb,indent,HttpMethods.POST,"authz/ns/<ns>/admin/<id>",Void.class,true);
- api(sb,indent,HttpMethods.DELETE,"authz/ns/<ns>/admin/<id>",Void.class,false);
- }
+ @Override
+ public void detailedHelp(int _indent, StringBuilder sb) {
+ int indent = _indent;
+ detailLine(sb,indent,"Add or Delete Administrator to/from Namespace");
+ indent+=4;
+ detailLine(sb,indent,"name - Name of Namespace");
+ detailLine(sb,indent,"id - Credential of Person(s) to be Administrator");
+ sb.append('\n');
+ detailLine(sb,indent,"aafcli will call API on each ID presented.");
+ indent-=4;
+ api(sb,indent,HttpMethods.POST,"authz/ns/<ns>/admin/<id>",Void.class,true);
+ api(sb,indent,HttpMethods.DELETE,"authz/ns/<ns>/admin/<id>",Void.class,false);
+ }
}
diff --git a/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/ns/Attrib.java b/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/ns/Attrib.java
index 19caa4f4..f1b2621d 100644
--- a/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/ns/Attrib.java
+++ b/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/ns/Attrib.java
@@ -33,83 +33,83 @@ import org.onap.aaf.cadi.client.Retryable;
import org.onap.aaf.misc.env.APIException;
public class Attrib extends BaseCmd<NS> {
- private final static String[] options = {"add","upd","del"};
+ private final static String[] options = {"add","upd","del"};
- public Attrib(NS ns) throws APIException {
- super(ns,"attrib",
- new Param(optionsToString(options),true),
- new Param("ns-name",true),
- new Param("key",true),
- new Param("value",false)
- );
- }
+ public Attrib(NS ns) throws APIException {
+ super(ns,"attrib",
+ new Param(optionsToString(options),true),
+ new Param("ns-name",true),
+ new Param("key",true),
+ new Param("value",false)
+ );
+ }
- @Override
- public int _exec(final int idx, final String ... args) throws CadiException, APIException, LocatorException {
- final int option = whichOption(options, args[idx]);
- final String ns = args[idx+1];
- final String key = args[idx+2];
- final String value;
- if(option!=2) {
- if(args.length<=idx+3) {
- throw new CadiException("Not added: Need more Data");
- }
- value = args[idx+3];
- } else {
- value = "";
- }
-
- return same(new Retryable<Integer>() {
- @Override
- public Integer code(Rcli<?> client) throws CadiException, APIException {
- Future<Void> fp = null;
- String message;
- switch(option) {
- case 0:
- fp = client.create("/authz/ns/"+ns+"/attrib/"+key+'/'+value,Void.class);
- message = String.format("Add Attrib %s=%s to %s",
- key,value,ns);
- break;
- case 1:
- fp = client.update("/authz/ns/"+ns+"/attrib/"+key+'/'+value);
- message = String.format("Update Attrib %s=%s for %s",
- key,value,ns);
- break;
- case 2:
- fp = client.delete("/authz/ns/"+ns+"/attrib/"+key,Void.class);
- message = String.format("Attrib %s deleted from %s",
- key,ns);
- break;
- default:
- throw new CadiException("Bad Argument");
- };
- if(fp==null) {
- return 500;
- } else {
- if(fp.get(AAFcli.timeout())) {
- pw().println(message);
- } else {
- error(fp);
- }
-
- return fp.code();
- }
- }
- });
- }
+ @Override
+ public int _exec(final int idx, final String ... args) throws CadiException, APIException, LocatorException {
+ final int option = whichOption(options, args[idx]);
+ final String ns = args[idx+1];
+ final String key = args[idx+2];
+ final String value;
+ if(option!=2) {
+ if(args.length<=idx+3) {
+ throw new CadiException("Not added: Need more Data");
+ }
+ value = args[idx+3];
+ } else {
+ value = "";
+ }
+
+ return same(new Retryable<Integer>() {
+ @Override
+ public Integer code(Rcli<?> client) throws CadiException, APIException {
+ Future<Void> fp = null;
+ String message;
+ switch(option) {
+ case 0:
+ fp = client.create("/authz/ns/"+ns+"/attrib/"+key+'/'+value,Void.class);
+ message = String.format("Add Attrib %s=%s to %s",
+ key,value,ns);
+ break;
+ case 1:
+ fp = client.update("/authz/ns/"+ns+"/attrib/"+key+'/'+value);
+ message = String.format("Update Attrib %s=%s for %s",
+ key,value,ns);
+ break;
+ case 2:
+ fp = client.delete("/authz/ns/"+ns+"/attrib/"+key,Void.class);
+ message = String.format("Attrib %s deleted from %s",
+ key,ns);
+ break;
+ default:
+ throw new CadiException("Bad Argument");
+ };
+ if(fp==null) {
+ return 500;
+ } else {
+ if(fp.get(AAFcli.timeout())) {
+ pw().println(message);
+ } else {
+ error(fp);
+ }
+
+ return fp.code();
+ }
+ }
+ });
+ }
- @Override
- public void detailedHelp(int _indent, StringBuilder sb) {
- int indent = _indent;
- detailLine(sb,indent,"Add or Delete Administrator to/from Namespace");
- indent+=4;
- detailLine(sb,indent,"name - Name of Namespace");
- detailLine(sb,indent,"id - Credential of Person(s) to be Administrator");
- sb.append('\n');
- detailLine(sb,indent,"aafcli will call API on each ID presented.");
- indent-=4;
- api(sb,indent,HttpMethods.POST,"authz/ns/<ns>/admin/<id>",Void.class,true);
- api(sb,indent,HttpMethods.DELETE,"authz/ns/<ns>/admin/<id>",Void.class,false);
- }
+ @Override
+ public void detailedHelp(int _indent, StringBuilder sb) {
+ int indent = _indent;
+ detailLine(sb,indent,"Add or Delete Administrator to/from Namespace");
+ indent+=4;
+ detailLine(sb,indent,"name - Name of Namespace");
+ detailLine(sb,indent,"id - Credential of Person(s) to be Administrator");
+ sb.append('\n');
+ detailLine(sb,indent,"aafcli will call API on each ID presented.");
+ indent-=4;
+ api(sb,indent,HttpMethods.POST,"authz/ns/<ns>/admin/<id>",Void.class,true);
+ api(sb,indent,HttpMethods.DELETE,"authz/ns/<ns>/admin/<id>",Void.class,false);
+ }
}
diff --git a/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/ns/Create.java b/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/ns/Create.java
index a62d5531..1719ada7 100644
--- a/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/ns/Create.java
+++ b/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/ns/Create.java
@@ -39,85 +39,85 @@ import aaf.v2_0.NsRequest;
*
*/
public class Create extends Cmd {
- private static final String COMMA = ",";
+ private static final String COMMA = ",";
- public Create(NS parent) {
- super(parent,"create",
- new Param("ns-name",true),
- new Param("owner (id[,id]*)",true),
- new Param("admin (id[,id]*)",false));
- }
+ public Create(NS parent) {
+ super(parent,"create",
+ new Param("ns-name",true),
+ new Param("owner (id[,id]*)",true),
+ new Param("admin (id[,id]*)",false));
+ }
- @Override
- public int _exec(int _idx, final String ... args) throws CadiException, APIException, LocatorException {
- int idx = _idx;
+ @Override
+ public int _exec(int _idx, final String ... args) throws CadiException, APIException, LocatorException {
+ int idx = _idx;
- final NsRequest nr = new NsRequest();
-
- nr.setName(args[idx++]);
- String[] responsible = args[idx++].split(COMMA);
- for(String s : responsible) {
- nr.getResponsible().add(fullID(s));
- }
- String[] admin;
- if(args.length>idx) {
- admin = args[idx++].split(COMMA);
- } else {
- admin = responsible;
- }
- for(String s : admin) {
- nr.getAdmin().add(fullID(s));
- }
-
- // Set Start/End commands
- setStartEnd(nr);
-
- return same(new Retryable<Integer>() {
- @Override
- public Integer code(Rcli<?> client) throws CadiException, APIException {
- // Requestable
- setQueryParamsOn(client);
- Future<NsRequest> fp = client.create(
- "/authz/ns",
- getDF(NsRequest.class),
- nr
- );
- if(fp.get(AAFcli.timeout())) {
- pw().println("Created Namespace");
- } else {
- if(fp.code()==202) {
- pw().println("Namespace Creation Accepted, but requires Approvals before actualizing");
- } else {
- error(fp);
- }
- }
- return fp.code();
- }
- });
- }
+ final NsRequest nr = new NsRequest();
+
+ nr.setName(args[idx++]);
+ String[] responsible = args[idx++].split(COMMA);
+ for(String s : responsible) {
+ nr.getResponsible().add(fullID(s));
+ }
+ String[] admin;
+ if(args.length>idx) {
+ admin = args[idx++].split(COMMA);
+ } else {
+ admin = responsible;
+ }
+ for(String s : admin) {
+ nr.getAdmin().add(fullID(s));
+ }
+
+ // Set Start/End commands
+ setStartEnd(nr);
+
+ return same(new Retryable<Integer>() {
+ @Override
+ public Integer code(Rcli<?> client) throws CadiException, APIException {
+ // Requestable
+ setQueryParamsOn(client);
+ Future<NsRequest> fp = client.create(
+ "/authz/ns",
+ getDF(NsRequest.class),
+ nr
+ );
+ if(fp.get(AAFcli.timeout())) {
+ pw().println("Created Namespace");
+ } else {
+ if(fp.code()==202) {
+ pw().println("Namespace Creation Accepted, but requires Approvals before actualizing");
+ } else {
+ error(fp);
+ }
+ }
+ return fp.code();
+ }
+ });
+ }
- @Override
- public void detailedHelp(int _indent, StringBuilder sb) {
- int indent = _indent;
- detailLine(sb,indent,"Create a Namespace");
- indent+=2;
- detailLine(sb,indent,"name - Namespaces are dot-delimited, ex com.att.myapp");
- detailLine(sb,indent+14,"and must be created with parent credentials.");
- detailLine(sb,indent+14,"Ex: to create com.att.myapp, you must be admin for com.att");
- detailLine(sb,indent+14,"or com");
- detailLine(sb,indent,"owner - This is the person(s) who is responsible for the ");
- detailLine(sb,indent+14,"app. These person or persons receive Notifications and");
- detailLine(sb,indent+14,"approves Requests regarding this Namespace. Companies have");
- detailLine(sb,indent+14,"Policies as to who may take on this responsibility");
- detailLine(sb,indent,"admin - These are the people who are allowed to make changes on");
- detailLine(sb,indent+14,"the Namespace, including creating Roles, Permissions");
- detailLine(sb,indent+14,"and Credentials");
- sb.append('\n');
- detailLine(sb,indent,"Namespaces can be created even though there are Roles/Permissions which");
- detailLine(sb,indent,"start with the requested sub-namespace. They are reassigned to the");
- detailLine(sb,indent,"Child Namespace");
- indent-=2;
- api(sb,indent,HttpMethods.POST,"authz/ns",NsRequest.class,true);
- }
+ @Override
+ public void detailedHelp(int _indent, StringBuilder sb) {
+ int indent = _indent;
+ detailLine(sb,indent,"Create a Namespace");
+ indent+=2;
+ detailLine(sb,indent,"name - Namespaces are dot-delimited, ex com.att.myapp");
+ detailLine(sb,indent+14,"and must be created with parent credentials.");
+ detailLine(sb,indent+14,"Ex: to create com.att.myapp, you must be admin for com.att");
+ detailLine(sb,indent+14,"or com");
+ detailLine(sb,indent,"owner - This is the person(s) who is responsible for the ");
+ detailLine(sb,indent+14,"app. These person or persons receive Notifications and");
+ detailLine(sb,indent+14,"approves Requests regarding this Namespace. Companies have");
+ detailLine(sb,indent+14,"Policies as to who may take on this responsibility");
+ detailLine(sb,indent,"admin - These are the people who are allowed to make changes on");
+ detailLine(sb,indent+14,"the Namespace, including creating Roles, Permissions");
+ detailLine(sb,indent+14,"and Credentials");
+ sb.append('\n');
+ detailLine(sb,indent,"Namespaces can be created even though there are Roles/Permissions which");
+ detailLine(sb,indent,"start with the requested sub-namespace. They are reassigned to the");
+ detailLine(sb,indent,"Child Namespace");
+ indent-=2;
+ api(sb,indent,HttpMethods.POST,"authz/ns",NsRequest.class,true);
+ }
}
diff --git a/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/ns/Delete.java b/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/ns/Delete.java
index 19915f4e..99ac7ed2 100644
--- a/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/ns/Delete.java
+++ b/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/ns/Delete.java
@@ -38,52 +38,52 @@ import org.onap.aaf.misc.env.APIException;
*
*/
public class Delete extends Cmd {
- public Delete(NS parent) {
- super(parent,"delete",
- new Param("ns-name",true));
- }
+ public Delete(NS parent) {
+ super(parent,"delete",
+ new Param("ns-name",true));
+ }
- @Override
- public int _exec(final int idx, final String ... args) throws CadiException, APIException, LocatorException {
- return same(new Retryable<Integer>() {
- @Override
- public Integer code(Rcli<?> client) throws CadiException, APIException {
- int index = idx;
- StringBuilder path = new StringBuilder("/authz/ns/");
- path.append(args[index++]);
-
- // Send "Force" if set
- setQueryParamsOn(client);
- Future<Void> fp = client.delete(path.toString(),Void.class);
-
- if(fp.get(AAFcli.timeout())) {
- pw().println("Deleted Namespace");
- } else {
- error(fp);
- }
- return fp.code();
- }
- });
- }
+ @Override
+ public int _exec(final int idx, final String ... args) throws CadiException, APIException, LocatorException {
+ return same(new Retryable<Integer>() {
+ @Override
+ public Integer code(Rcli<?> client) throws CadiException, APIException {
+ int index = idx;
+ StringBuilder path = new StringBuilder("/authz/ns/");
+ path.append(args[index++]);
+
+ // Send "Force" if set
+ setQueryParamsOn(client);
+ Future<Void> fp = client.delete(path.toString(),Void.class);
+
+ if(fp.get(AAFcli.timeout())) {
+ pw().println("Deleted Namespace");
+ } else {
+ error(fp);
+ }
+ return fp.code();
+ }
+ });
+ }
- @Override
- public void detailedHelp(int _indent, StringBuilder sb) {
- int indent = _indent;
- detailLine(sb,indent,"Delete a Namespace");
- indent+=4;
- detailLine(sb,indent,"Namespaces cannot normally be deleted when there are still credentials,");
- detailLine(sb,indent,"permissions or roles associated with them. These can be deleted");
- detailLine(sb,indent,"automatically by setting \"force\" property.");
- detailLine(sb,indent,"i.e. set force=true or just starting with \"force\"");
- detailLine(sb,indent," (note force is unset after first use)");
- sb.append('\n');
- detailLine(sb,indent,"If \"set force=move\" is set, credentials are deleted, but ");
- detailLine(sb,indent,"Permissions and Roles are assigned to the Parent Namespace instead of");
- detailLine(sb,indent,"being deleted. Similarly, Namespaces can be created even though there");
- detailLine(sb,indent,"are Roles/Perms whose type starts with the requested sub-namespace.");
- detailLine(sb,indent,"They are simply reassigned to the Child Namespace");
- indent-=4;
- api(sb,indent,HttpMethods.DELETE,"authz/ns/<ns>[?force=true]",Void.class,true);
- }
+ @Override
+ public void detailedHelp(int _indent, StringBuilder sb) {
+ int indent = _indent;
+ detailLine(sb,indent,"Delete a Namespace");
+ indent+=4;
+ detailLine(sb,indent,"Namespaces cannot normally be deleted when there are still credentials,");
+ detailLine(sb,indent,"permissions or roles associated with them. These can be deleted");
+ detailLine(sb,indent,"automatically by setting \"force\" property.");
+ detailLine(sb,indent,"i.e. set force=true or just starting with \"force\"");
+ detailLine(sb,indent," (note force is unset after first use)");
+ sb.append('\n');
+ detailLine(sb,indent,"If \"set force=move\" is set, credentials are deleted, but ");
+ detailLine(sb,indent,"Permissions and Roles are assigned to the Parent Namespace instead of");
+ detailLine(sb,indent,"being deleted. Similarly, Namespaces can be created even though there");
+ detailLine(sb,indent,"are Roles/Perms whose type starts with the requested sub-namespace.");
+ detailLine(sb,indent,"They are simply reassigned to the Child Namespace");
+ indent-=4;
+ api(sb,indent,HttpMethods.DELETE,"authz/ns/<ns>[?force=true]",Void.class,true);
+ }
}
diff --git a/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/ns/Describe.java b/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/ns/Describe.java
index af40ff99..18823297 100644
--- a/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/ns/Describe.java
+++ b/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/ns/Describe.java
@@ -35,60 +35,60 @@ import org.onap.aaf.misc.env.APIException;
import aaf.v2_0.NsRequest;
public class Describe extends Cmd {
- private static final String NS_PATH = "/authz/ns";
- public Describe(NS parent) {
- super(parent,"describe",
- new Param("ns-name",true),
- new Param("description",true));
- }
+ private static final String NS_PATH = "/authz/ns";
+ public Describe(NS parent) {
+ super(parent,"describe",
+ new Param("ns-name",true),
+ new Param("description",true));
+ }
- @Override
- public int _exec(final int index, final String ... args) throws CadiException, APIException, LocatorException {
- return same(new Retryable<Integer>() {
- @Override
- public Integer code(Rcli<?> client) throws CadiException, APIException {
- int idx = index;
- String name = args[idx++];
- StringBuilder desc = new StringBuilder();
- while (idx < args.length) {
- desc.append(args[idx++] + ' ');
- }
-
- NsRequest nsr = new NsRequest();
- nsr.setName(name);
- nsr.setDescription(desc.toString());
-
- // Set Start/End commands
- setStartEnd(nsr);
-
- Future<NsRequest> fn = null;
- int rv;
+ @Override
+ public int _exec(final int index, final String ... args) throws CadiException, APIException, LocatorException {
+ return same(new Retryable<Integer>() {
+ @Override
+ public Integer code(Rcli<?> client) throws CadiException, APIException {
+ int idx = index;
+ String name = args[idx++];
+ StringBuilder desc = new StringBuilder();
+ while (idx < args.length) {
+ desc.append(args[idx++] + ' ');
+ }
+
+ NsRequest nsr = new NsRequest();
+ nsr.setName(name);
+ nsr.setDescription(desc.toString());
+
+ // Set Start/End commands
+ setStartEnd(nsr);
+
+ Future<NsRequest> fn = null;
+ int rv;
- fn = client.update(
- NS_PATH,
- getDF(NsRequest.class),
- nsr
- );
+ fn = client.update(
+ NS_PATH,
+ getDF(NsRequest.class),
+ nsr
+ );
- if(fn.get(AAFcli.timeout())) {
- rv=fn.code();
- pw().println("Description added to Namespace");
- } else {
- if((rv=fn.code())==202) {
- pw().print("Adding description");
- pw().println(" Accepted, but requires Approvals before actualizing");
- } else {
- error(fn);
- }
- }
- return rv;
- }
- });
- }
+ if(fn.get(AAFcli.timeout())) {
+ rv=fn.code();
+ pw().println("Description added to Namespace");
+ } else {
+ if((rv=fn.code())==202) {
+ pw().print("Adding description");
+ pw().println(" Accepted, but requires Approvals before actualizing");
+ } else {
+ error(fn);
+ }
+ }
+ return rv;
+ }
+ });
+ }
- @Override
- public void detailedHelp(int indent, StringBuilder sb) {
- detailLine(sb,indent,"Add a description to a namespace");
- api(sb,indent,HttpMethods.PUT,"authz/ns",NsRequest.class,true);
- }
+ @Override
+ public void detailedHelp(int indent, StringBuilder sb) {
+ detailLine(sb,indent,"Add a description to a namespace");
+ api(sb,indent,HttpMethods.PUT,"authz/ns",NsRequest.class,true);
+ }
} \ No newline at end of file
diff --git a/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/ns/List.java b/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/ns/List.java
index 387bae00..01b3ad14 100644
--- a/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/ns/List.java
+++ b/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/ns/List.java
@@ -38,139 +38,139 @@ import aaf.v2_0.Users.User;
public class List extends BaseCmd<NS> {
- public List(NS parent) {
- super(parent,"list");
- cmds.add(new ListByName(this));
-
-// TODO: uncomment when on cassandra 2.1.2 if we like cli command to get all ns's
-// a user is admin or responsible for
- cmds.add(new ListAdminResponsible(this));
- cmds.add(new DeprecatedCMD<List>(this,"responsible","'responsible' is deprecated. use 'owner'")); // deprecated
- cmds.add(new ListActivity(this));
- cmds.add(new ListUsers(this));
- cmds.add(new ListChildren(this));
- cmds.add(new ListNsKeysByAttrib(this));
- }
+ public List(NS parent) {
+ super(parent,"list");
+ cmds.add(new ListByName(this));
+
+// TODO: uncomment when on cassandra 2.1.2 if we like cli command to get all ns's
+// a user is admin or responsible for
+ cmds.add(new ListAdminResponsible(this));
+ cmds.add(new DeprecatedCMD<List>(this,"responsible","'responsible' is deprecated. use 'owner'")); // deprecated
+ cmds.add(new ListActivity(this));
+ cmds.add(new ListUsers(this));
+ cmds.add(new ListChildren(this));
+ cmds.add(new ListNsKeysByAttrib(this));
+ }
- private static final String sformat = " %-72s\n";
- protected static final String kformat = " %-72s\n";
+ private static final String sformat = " %-72s\n";
+ protected static final String kformat = " %-72s\n";
-
- public void report(Future<Nss> fp, String ... str) {
- reportHead(str);
- if(fp==null) {
- pw().println(" *** Namespace Not Found ***");
- }
-
- if(fp!=null && fp.value!=null) {
- for(Ns ns : fp.value.getNs()) {
- pw().println(ns.getName());
- if (this.aafcli.isDetailed()) {
- pw().println(" Description");
- pw().format(sformat,ns.getDescription()==null?"":ns.getDescription());
- }
- if(ns.getAdmin().size()>0) {
- pw().println(" Administrators");
- for(String admin : ns.getAdmin()) {
- pw().format(sformat,admin);
- }
- }
- if(ns.getResponsible().size()>0) {
- pw().println(" Owners (Responsible for Namespace)");
- for(String responsible : ns.getResponsible()) {
- pw().format(sformat,responsible);
- }
- }
- if(ns.getAttrib().size()>0) {
- pw().println(" Namespace Attributes");
- for( Ns.Attrib attr : ns.getAttrib()) {
- StringBuilder sb = new StringBuilder(attr.getKey());
- if(attr.getValue()==null || attr.getValue().length()>0) {
- sb.append('=');
- sb.append(attr.getValue());
- }
- pw().format(sformat,sb.toString());
- }
-
- }
- }
- }
- }
-
- public void reportName(Future<Nss> fp, String ... str) {
- reportHead(str);
- if(fp!=null && fp.value!=null) {
- java.util.List<Ns> nss = fp.value.getNs();
- Collections.sort(nss, new Comparator<Ns>() {
- @Override
- public int compare(Ns ns1, Ns ns2) {
- return ns1.getName().compareTo(ns2.getName());
- }
- });
-
- for(Ns ns : nss) {
- pw().println(ns.getName());
- if (this.aafcli.isDetailed() && ns.getDescription() != null) {
- pw().println(" " + ns.getDescription());
- }
- }
- }
- }
+
+ public void report(Future<Nss> fp, String ... str) {
+ reportHead(str);
+ if(fp==null) {
+ pw().println(" *** Namespace Not Found ***");
+ }
+
+ if(fp!=null && fp.value!=null) {
+ for(Ns ns : fp.value.getNs()) {
+ pw().println(ns.getName());
+ if (this.aafcli.isDetailed()) {
+ pw().println(" Description");
+ pw().format(sformat,ns.getDescription()==null?"":ns.getDescription());
+ }
+ if(ns.getAdmin().size()>0) {
+ pw().println(" Administrators");
+ for(String admin : ns.getAdmin()) {
+ pw().format(sformat,admin);
+ }
+ }
+ if(ns.getResponsible().size()>0) {
+ pw().println(" Owners (Responsible for Namespace)");
+ for(String responsible : ns.getResponsible()) {
+ pw().format(sformat,responsible);
+ }
+ }
+ if(ns.getAttrib().size()>0) {
+ pw().println(" Namespace Attributes");
+ for( Ns.Attrib attr : ns.getAttrib()) {
+ StringBuilder sb = new StringBuilder(attr.getKey());
+ if(attr.getValue()==null || attr.getValue().length()>0) {
+ sb.append('=');
+ sb.append(attr.getValue());
+ }
+ pw().format(sformat,sb.toString());
+ }
+
+ }
+ }
+ }
+ }
+
+ public void reportName(Future<Nss> fp, String ... str) {
+ reportHead(str);
+ if(fp!=null && fp.value!=null) {
+ java.util.List<Ns> nss = fp.value.getNs();
+ Collections.sort(nss, new Comparator<Ns>() {
+ @Override
+ public int compare(Ns ns1, Ns ns2) {
+ return ns1.getName().compareTo(ns2.getName());
+ }
+ });
+
+ for(Ns ns : nss) {
+ pw().println(ns.getName());
+ if (this.aafcli.isDetailed() && ns.getDescription() != null) {
+ pw().println(" " + ns.getDescription());
+ }
+ }
+ }
+ }
- public void reportRole(Future<Roles> fr) {
- if(fr!=null && fr.value!=null && fr.value.getRole().size()>0) {
- pw().println(" Roles");
- for(aaf.v2_0.Role r : fr.value.getRole()) {
- pw().format(sformat,r.getName());
- }
- }
- }
+ public void reportRole(Future<Roles> fr) {
+ if(fr!=null && fr.value!=null && fr.value.getRole().size()>0) {
+ pw().println(" Roles");
+ for(aaf.v2_0.Role r : fr.value.getRole()) {
+ pw().format(sformat,r.getName());
+ }
+ }
+ }
- private static final String pformat = " %-30s %-24s %-15s\n";
- public void reportPerm(Future<Perms> fp) {
- if(fp!=null && fp.value!=null && fp.value.getPerm().size()>0) {
- pw().println(" Permissions");
- for(aaf.v2_0.Perm p : fp.value.getPerm()) {
- pw().format(pformat,p.getType(),p.getInstance(),p.getAction());
- }
- }
- }
-
-
- private static final String cformat = " %-30s %-6s %-24s\n";
- public void reportCred(Future<Users> fc) {
- if(fc!=null && fc.value!=null && fc.value.getUser().size()>0) {
- pw().println(" Credentials");
- java.util.List<User> users = fc.value.getUser();
- Collections.sort(users, new Comparator<User>() {
- @Override
- public int compare(User u1, User u2) {
- return u1.getId().compareTo(u2.getId());
- }
- });
- for(aaf.v2_0.Users.User u : users) {
- if (this.aafcli.isTest()) {
- pw().format(sformat,u.getId());
- } else {
- pw().format(cformat,u.getId(),getType(u),Chrono.niceDateStamp(u.getExpires()));
- }
- }
- }
- }
+ private static final String pformat = " %-30s %-24s %-15s\n";
+ public void reportPerm(Future<Perms> fp) {
+ if(fp!=null && fp.value!=null && fp.value.getPerm().size()>0) {
+ pw().println(" Permissions");
+ for(aaf.v2_0.Perm p : fp.value.getPerm()) {
+ pw().format(pformat,p.getType(),p.getInstance(),p.getAction());
+ }
+ }
+ }
+
+
+ private static final String cformat = " %-30s %-6s %-24s\n";
+ public void reportCred(Future<Users> fc) {
+ if(fc!=null && fc.value!=null && fc.value.getUser().size()>0) {
+ pw().println(" Credentials");
+ java.util.List<User> users = fc.value.getUser();
+ Collections.sort(users, new Comparator<User>() {
+ @Override
+ public int compare(User u1, User u2) {
+ return u1.getId().compareTo(u2.getId());
+ }
+ });
+ for(aaf.v2_0.Users.User u : users) {
+ if (this.aafcli.isTest()) {
+ pw().format(sformat,u.getId());
+ } else {
+ pw().format(cformat,u.getId(),getType(u),Chrono.niceDateStamp(u.getExpires()));
+ }
+ }
+ }
+ }
- public static String getType(User u) {
- Integer type;
- if((type=u.getType())==null) {
- type = 9999;
- }
- switch(type) {
- case 1: return "U/P";
- case 2: return "U/P2";
- case 10: return "Cert";
- case 200: return "x509";
- default:
- return "n/a";
- }
- }
+ public static String getType(User u) {
+ Integer type;
+ if((type=u.getType())==null) {
+ type = 9999;
+ }
+ switch(type) {
+ case 1: return "U/P";
+ case 2: return "U/P2";
+ case 10: return "Cert";
+ case 200: return "x509";
+ default:
+ return "n/a";
+ }
+ }
}
diff --git a/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/ns/ListActivity.java b/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/ns/ListActivity.java
index 4cc4236e..52b9a108 100644
--- a/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/ns/ListActivity.java
+++ b/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/ns/ListActivity.java
@@ -39,41 +39,41 @@ import aaf.v2_0.History;
*
*/
public class ListActivity extends Cmd {
- private static final String HEADER = "List Activity of Namespace";
-
- public ListActivity(List parent) {
- super(parent,"activity",
- new Param("ns-name",true));
- }
+ private static final String HEADER = "List Activity of Namespace";
+
+ public ListActivity(List parent) {
+ super(parent,"activity",
+ new Param("ns-name",true));
+ }
- @Override
- public int _exec(int _idx, final String ... args) throws CadiException, APIException, LocatorException {
- int idx = _idx;
- final String ns = args[idx++];
-
- return same(new Retryable<Integer>() {
- @Override
- public Integer code(Rcli<?> client) throws CadiException, APIException {
- Future<History> fp = client.read(
- "/authz/hist/ns/"+ns,
- getDF(History.class)
- );
-
- if(fp.get(AAFcli.timeout())) {
- activity(fp.value, HEADER + " [ " + ns + " ]");
- } else {
- error(fp);
- }
- return fp.code();
- }
- });
- }
-
- @Override
- public void detailedHelp(int indent, StringBuilder sb) {
- detailLine(sb,indent,HEADER);
- api(sb,indent,HttpMethods.GET,"authz/hist/ns/<ns>",History.class,true);
- }
+ @Override
+ public int _exec(int _idx, final String ... args) throws CadiException, APIException, LocatorException {
+ int idx = _idx;
+ final String ns = args[idx++];
+
+ return same(new Retryable<Integer>() {
+ @Override
+ public Integer code(Rcli<?> client) throws CadiException, APIException {
+ Future<History> fp = client.read(
+ "/authz/hist/ns/"+ns,
+ getDF(History.class)
+ );
+
+ if(fp.get(AAFcli.timeout())) {
+ activity(fp.value, HEADER + " [ " + ns + " ]");
+ } else {
+ error(fp);
+ }
+ return fp.code();
+ }
+ });
+ }
+
+ @Override
+ public void detailedHelp(int indent, StringBuilder sb) {
+ detailLine(sb,indent,HEADER);
+ api(sb,indent,HttpMethods.GET,"authz/hist/ns/<ns>",History.class,true);
+ }
diff --git a/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/ns/ListAdminResponsible.java b/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/ns/ListAdminResponsible.java
index e17436a2..06de6cab 100644
--- a/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/ns/ListAdminResponsible.java
+++ b/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/ns/ListAdminResponsible.java
@@ -35,43 +35,43 @@ import org.onap.aaf.misc.env.APIException;
import aaf.v2_0.Nss;
public class ListAdminResponsible extends Cmd {
- private static final String HEADER="List Namespaces with ";
- private final static String[] options = {"admin","owner"};
-
- public ListAdminResponsible(List parent) {
- super(parent,null,
- new Param(optionsToString(options),true),
- new Param("user",true));
- }
+ private static final String HEADER="List Namespaces with ";
+ private final static String[] options = {"admin","owner"};
+
+ public ListAdminResponsible(List parent) {
+ super(parent,null,
+ new Param(optionsToString(options),true),
+ new Param("user",true));
+ }
- @Override
- protected int _exec(final int index, final String... args) throws CadiException, APIException, LocatorException {
+ @Override
+ protected int _exec(final int index, final String... args) throws CadiException, APIException, LocatorException {
- return same(new Retryable<Integer>() {
- @Override
- public Integer code(Rcli<?> client) throws CadiException, APIException {
- int idx = index;
- String title = args[idx++];
- String user = fullID(args[idx++]);
- String apipart = "owner".equals(title)?"responsible":title;
-
- Future<Nss> fn = client.read("/authz/nss/"+apipart+"/"+user,getDF(Nss.class));
- if(fn.get(AAFcli.timeout())) {
- ((List)parent).reportName(fn,HEADER + title + " privileges for ",user);
- } else if(fn.code()==404) {
- ((List)parent).report(null,HEADER + title + " privileges for ",user);
- return 200;
- } else {
- error(fn);
- }
- return fn.code();
- }
- });
- }
-
- @Override
- public void detailedHelp(int indent, StringBuilder sb) {
- detailLine(sb,indent,HEADER + "admin or owner privileges for user");
- api(sb,indent,HttpMethods.GET,"authz/nss/<admin|owner>/<user>",Nss.class,true);
- }
+ return same(new Retryable<Integer>() {
+ @Override
+ public Integer code(Rcli<?> client) throws CadiException, APIException {
+ int idx = index;
+ String title = args[idx++];
+ String user = fullID(args[idx++]);
+ String apipart = "owner".equals(title)?"responsible":title;
+
+ Future<Nss> fn = client.read("/authz/nss/"+apipart+"/"+user,getDF(Nss.class));
+ if(fn.get(AAFcli.timeout())) {
+ ((List)parent).reportName(fn,HEADER + title + " privileges for ",user);
+ } else if(fn.code()==404) {
+ ((List)parent).report(null,HEADER + title + " privileges for ",user);
+ return 200;
+ } else {
+ error(fn);
+ }
+ return fn.code();
+ }
+ });
+ }
+
+ @Override
+ public void detailedHelp(int indent, StringBuilder sb) {
+ detailLine(sb,indent,HEADER + "admin or owner privileges for user");
+ api(sb,indent,HttpMethods.GET,"authz/nss/<admin|owner>/<user>",Nss.class,true);
+ }
}
diff --git a/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/ns/ListByName.java b/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/ns/ListByName.java
index ffc1af89..ffd3cf01 100644
--- a/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/ns/ListByName.java
+++ b/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/ns/ListByName.java
@@ -44,62 +44,62 @@ import aaf.v2_0.Users;
*
*/
public class ListByName extends Cmd {
- private static final String HEADER="List Namespaces by Name";
-
- public ListByName(List parent) {
- super(parent,"name",
- new Param("ns-name",true));
- }
+ private static final String HEADER="List Namespaces by Name";
+
+ public ListByName(List parent) {
+ super(parent,"name",
+ new Param("ns-name",true));
+ }
- @Override
- public int _exec(int _idx, final String ... args) throws CadiException, APIException, LocatorException {
- int idx = _idx;
- final String ns=args[idx++];
- return same(new Retryable<Integer>() {
- @Override
- public Integer code(Rcli<?> client) throws CadiException, APIException {
- Future<Nss> fn = client.read("/authz/nss/"+ns,getDF(Nss.class));
- if(fn.get(AAFcli.timeout())) {
- ((List)parent).report(fn,HEADER,ns);
- if(fn.value!=null) {
- for(Ns n : fn.value.getNs()) {
- Future<Roles> fr = client.read("/authz/roles/ns/"+n.getName(), getDF(Roles.class));
- if(fr.get(AAFcli.timeout())) {
- ((List)parent).reportRole(fr);
- }
- }
- for(Ns n : fn.value.getNs()) {
- Future<Perms> fp = client.read("/authz/perms/ns/"+n.getName()+(aafcli.isDetailed()?"?ns":""), getDF(Perms.class));
- if(fp.get(AAFcli.timeout())) {
- ((List)parent).reportPerm(fp);
- }
- }
- for(Ns n : fn.value.getNs()) {
- Future<Users> fu = client.read("/authn/creds/ns/"+n.getName()+(aafcli.isDetailed()?"?ns":""), getDF(Users.class));
- if(fu.get(AAFcli.timeout())) {
- ((List)parent).reportCred(fu);
- }
- }
- }
- } else if(fn.code()==404) {
- ((List)parent).report(null,HEADER,ns);
- return 200;
- } else {
- error(fn);
- }
- return fn.code();
- }
- });
- }
+ @Override
+ public int _exec(int _idx, final String ... args) throws CadiException, APIException, LocatorException {
+ int idx = _idx;
+ final String ns=args[idx++];
+ return same(new Retryable<Integer>() {
+ @Override
+ public Integer code(Rcli<?> client) throws CadiException, APIException {
+ Future<Nss> fn = client.read("/authz/nss/"+ns,getDF(Nss.class));
+ if(fn.get(AAFcli.timeout())) {
+ ((List)parent).report(fn,HEADER,ns);
+ if(fn.value!=null) {
+ for(Ns n : fn.value.getNs()) {
+ Future<Roles> fr = client.read("/authz/roles/ns/"+n.getName(), getDF(Roles.class));
+ if(fr.get(AAFcli.timeout())) {
+ ((List)parent).reportRole(fr);
+ }
+ }
+ for(Ns n : fn.value.getNs()) {
+ Future<Perms> fp = client.read("/authz/perms/ns/"+n.getName()+(aafcli.isDetailed()?"?ns":""), getDF(Perms.class));
+ if(fp.get(AAFcli.timeout())) {
+ ((List)parent).reportPerm(fp);
+ }
+ }
+ for(Ns n : fn.value.getNs()) {
+ Future<Users> fu = client.read("/authn/creds/ns/"+n.getName()+(aafcli.isDetailed()?"?ns":""), getDF(Users.class));
+ if(fu.get(AAFcli.timeout())) {
+ ((List)parent).reportCred(fu);
+ }
+ }
+ }
+ } else if(fn.code()==404) {
+ ((List)parent).report(null,HEADER,ns);
+ return 200;
+ } else {
+ error(fn);
+ }
+ return fn.code();
+ }
+ });
+ }
- @Override
- public void detailedHelp(int indent, StringBuilder sb) {
- detailLine(sb,indent,HEADER);
- api(sb,indent,HttpMethods.GET,"authz/nss/<ns>",Nss.class,true);
- detailLine(sb,indent,"Indirectly uses:");
- api(sb,indent,HttpMethods.GET,"authz/roles/ns/<ns>",Roles.class,false);
- api(sb,indent,HttpMethods.GET,"authz/perms/ns/<ns>",Perms.class,false);
- api(sb,indent,HttpMethods.GET,"authn/creds/ns/<ns>",Users.class,false);
- }
+ @Override
+ public void detailedHelp(int indent, StringBuilder sb) {
+ detailLine(sb,indent,HEADER);
+ api(sb,indent,HttpMethods.GET,"authz/nss/<ns>",Nss.class,true);
+ detailLine(sb,indent,"Indirectly uses:");
+ api(sb,indent,HttpMethods.GET,"authz/roles/ns/<ns>",Roles.class,false);
+ api(sb,indent,HttpMethods.GET,"authz/perms/ns/<ns>",Perms.class,false);
+ api(sb,indent,HttpMethods.GET,"authn/creds/ns/<ns>",Users.class,false);
+ }
}
diff --git a/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/ns/ListChildren.java b/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/ns/ListChildren.java
index 07dcf701..6d514df8 100644
--- a/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/ns/ListChildren.java
+++ b/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/ns/ListChildren.java
@@ -41,41 +41,41 @@ import aaf.v2_0.Nss.Ns;
*
*/
public class ListChildren extends Cmd {
- private static final String HEADER="List Child Namespaces";
-
- public ListChildren(List parent) {
- super(parent,"children",
- new Param("ns-name",true));
- }
+ private static final String HEADER="List Child Namespaces";
+
+ public ListChildren(List parent) {
+ super(parent,"children",
+ new Param("ns-name",true));
+ }
- @Override
- public int _exec(int _idx, final String ... args) throws CadiException, APIException, LocatorException {
- int idx = _idx;
- final String ns=args[idx++];
- return same(new Retryable<Integer>() {
- @Override
- public Integer code(Rcli<?> client) throws CadiException, APIException {
- Future<Nss> fn = client.read("/authz/nss/children/"+ns,getDF(Nss.class));
- if(fn.get(AAFcli.timeout())) {
- parent.reportHead(HEADER);
- for(Ns ns : fn.value.getNs()) {
- pw().format(List.kformat, ns.getName());
- }
- } else if(fn.code()==404) {
- ((List)parent).report(null,HEADER,ns);
- return 200;
- } else {
- error(fn);
- }
- return fn.code();
- }
- });
- }
+ @Override
+ public int _exec(int _idx, final String ... args) throws CadiException, APIException, LocatorException {
+ int idx = _idx;
+ final String ns=args[idx++];
+ return same(new Retryable<Integer>() {
+ @Override
+ public Integer code(Rcli<?> client) throws CadiException, APIException {
+ Future<Nss> fn = client.read("/authz/nss/children/"+ns,getDF(Nss.class));
+ if(fn.get(AAFcli.timeout())) {
+ parent.reportHead(HEADER);
+ for(Ns ns : fn.value.getNs()) {
+ pw().format(List.kformat, ns.getName());
+ }
+ } else if(fn.code()==404) {
+ ((List)parent).report(null,HEADER,ns);
+ return 200;
+ } else {
+ error(fn);
+ }
+ return fn.code();
+ }
+ });
+ }
- @Override
- public void detailedHelp(int indent, StringBuilder sb) {
- detailLine(sb,indent,HEADER);
- api(sb,indent,HttpMethods.GET,"authz/nss/children/<ns>",Nss.class,true);
- }
+ @Override
+ public void detailedHelp(int indent, StringBuilder sb) {
+ detailLine(sb,indent,HEADER);
+ api(sb,indent,HttpMethods.GET,"authz/nss/children/<ns>",Nss.class,true);
+ }
}
diff --git a/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/ns/ListNsKeysByAttrib.java b/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/ns/ListNsKeysByAttrib.java
index 7c449565..df72ff08 100644
--- a/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/ns/ListNsKeysByAttrib.java
+++ b/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/ns/ListNsKeysByAttrib.java
@@ -44,45 +44,45 @@ import aaf.v2_0.Users;
*
*/
public class ListNsKeysByAttrib extends Cmd {
- private static final String HEADER="List Namespace Names by Attribute";
-
- public ListNsKeysByAttrib(List parent) {
- super(parent,"keys",
- new Param("attrib",true));
- }
+ private static final String HEADER="List Namespace Names by Attribute";
+
+ public ListNsKeysByAttrib(List parent) {
+ super(parent,"keys",
+ new Param("attrib",true));
+ }
- @Override
- public int _exec(final int idx, final String ... args) throws CadiException, APIException, LocatorException {
- final String attrib=args[idx];
- return same(new Retryable<Integer>() {
- @Override
- public Integer code(Rcli<?> client) throws CadiException, APIException {
- Future<Keys> fn = client.read("/authz/ns/attrib/"+attrib,getDF(Keys.class));
- if(fn.get(AAFcli.timeout())) {
- parent.reportHead(HEADER);
- for(String key : fn.value.getKey()) {
- pw().printf(List.kformat, key);
- }
- } else if(fn.code()==404) {
- parent.reportHead(HEADER);
- pw().println(" *** No Namespaces Found ***");
- return 200;
- } else {
- error(fn);
- }
- return fn.code();
- }
- });
- }
+ @Override
+ public int _exec(final int idx, final String ... args) throws CadiException, APIException, LocatorException {
+ final String attrib=args[idx];
+ return same(new Retryable<Integer>() {
+ @Override
+ public Integer code(Rcli<?> client) throws CadiException, APIException {
+ Future<Keys> fn = client.read("/authz/ns/attrib/"+attrib,getDF(Keys.class));
+ if(fn.get(AAFcli.timeout())) {
+ parent.reportHead(HEADER);
+ for(String key : fn.value.getKey()) {
+ pw().printf(List.kformat, key);
+ }
+ } else if(fn.code()==404) {
+ parent.reportHead(HEADER);
+ pw().println(" *** No Namespaces Found ***");
+ return 200;
+ } else {
+ error(fn);
+ }
+ return fn.code();
+ }
+ });
+ }
- @Override
- public void detailedHelp(int indent, StringBuilder sb) {
- detailLine(sb,indent,HEADER);
- api(sb,indent,HttpMethods.GET,"authz/nss/<ns>",Nss.class,true);
- detailLine(sb,indent,"Indirectly uses:");
- api(sb,indent,HttpMethods.GET,"authz/roles/ns/<ns>",Roles.class,false);
- api(sb,indent,HttpMethods.GET,"authz/perms/ns/<ns>",Perms.class,false);
- api(sb,indent,HttpMethods.GET,"authn/creds/ns/<ns>",Users.class,false);
- }
+ @Override
+ public void detailedHelp(int indent, StringBuilder sb) {
+ detailLine(sb,indent,HEADER);
+ api(sb,indent,HttpMethods.GET,"authz/nss/<ns>",Nss.class,true);
+ detailLine(sb,indent,"Indirectly uses:");
+ api(sb,indent,HttpMethods.GET,"authz/roles/ns/<ns>",Roles.class,false);
+ api(sb,indent,HttpMethods.GET,"authz/perms/ns/<ns>",Perms.class,false);
+ api(sb,indent,HttpMethods.GET,"authn/creds/ns/<ns>",Users.class,false);
+ }
}
diff --git a/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/ns/ListUsers.java b/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/ns/ListUsers.java
index 7106ba6d..4bd3aed4 100644
--- a/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/ns/ListUsers.java
+++ b/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/ns/ListUsers.java
@@ -31,46 +31,46 @@ import aaf.v2_0.Nss;
import aaf.v2_0.Users.User;
public class ListUsers extends BaseCmd<List> {
-
- public ListUsers(List parent) {
- super(parent,"user");
- cmds.add(new ListUsersWithPerm(this));
- cmds.add(new ListUsersInRole(this));
- }
- private static final Future<Nss> dummy = new Future<Nss>(){
+
+ public ListUsers(List parent) {
+ super(parent,"user");
+ cmds.add(new ListUsersWithPerm(this));
+ cmds.add(new ListUsersInRole(this));
+ }
+ private static final Future<Nss> dummy = new Future<Nss>(){
- @Override
- public boolean get(int timeout) throws CadiException {
- return false;
- }
+ @Override
+ public boolean get(int timeout) throws CadiException {
+ return false;
+ }
- @Override
- public int code() {
- return 0;
- }
+ @Override
+ public int code() {
+ return 0;
+ }
- @Override
- public String body() {
- return null;
- }
+ @Override
+ public String body() {
+ return null;
+ }
- @Override
- public String header(String tag) {
- return null;
- }
- };
- public void report(String header, String ns) {
- ((List)parent).report(dummy, header,ns);
- }
+ @Override
+ public String header(String tag) {
+ return null;
+ }
+ };
+ public void report(String header, String ns) {
+ ((List)parent).report(dummy, header,ns);
+ }
- public void report(String subHead) {
- pw().println(subHead);
- }
+ public void report(String subHead) {
+ pw().println(subHead);
+ }
- private static final String uformat = "%s%-50s expires:%02d/%02d/%04d\n";
- public void report(String prefix, User u) {
- XMLGregorianCalendar xgc = u.getExpires();
- pw().format(uformat,prefix,u.getId(),xgc.getMonth()+1,xgc.getDay(),xgc.getYear());
- }
+ private static final String uformat = "%s%-50s expires:%02d/%02d/%04d\n";
+ public void report(String prefix, User u) {
+ XMLGregorianCalendar xgc = u.getExpires();
+ pw().format(uformat,prefix,u.getId(),xgc.getMonth()+1,xgc.getDay(),xgc.getYear());
+ }
}
diff --git a/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/ns/ListUsersContact.java b/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/ns/ListUsersContact.java
index 01017e03..1347b918 100644
--- a/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/ns/ListUsersContact.java
+++ b/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/ns/ListUsersContact.java
@@ -48,81 +48,81 @@ import aaf.v2_0.Users.User;
*
*/
public class ListUsersContact extends Cmd {
- private static final String HEADER="List Contacts of Namespace ";
-
- public ListUsersContact(ListUsers parent) {
- super(parent,"contact",
- new Param("ns-name",true));
- }
+ private static final String HEADER="List Contacts of Namespace ";
+
+ public ListUsersContact(ListUsers parent) {
+ super(parent,"contact",
+ new Param("ns-name",true));
+ }
- @Override
- public int _exec(int _idx, final String ... args) throws CadiException, APIException, LocatorException {
- int idx = _idx;
- final String ns=args[idx++];
- final boolean detail = aafcli.isDetailed();
- return same(new Retryable<Integer>() {
- @Override
- public Integer code(Rcli<?> client) throws CadiException, APIException {
- ((ListUsers)parent).report(HEADER,ns);
- Future<Nss> fn = client.read("/authz/nss/"+ns,getDF(Nss.class));
- if(fn.get(AAFcli.timeout())) {
- if(fn.value!=null) {
- Set<String> uset = detail?null:new HashSet<>();
- for(Ns n : fn.value.getNs()) {
- Future<Roles> fr = client.read("/authz/roles/ns/"+n.getName(), getDF(Roles.class));
- if(fr.get(AAFcli.timeout())) {
- for(Role r : fr.value.getRole()) {
- if(detail) {
- ((ListUsers)parent).report(r.getName());
- }
- Future<Users> fus = client.read(
- "/authz/users/role/"+r.getName(),
- getDF(Users.class)
- );
- if(fus.get(AAFcli.timeout())) {
- for(User u : fus.value.getUser()) {
- if(detail) {
- ((ListUsers)parent).report(" ",u);
- } else {
- uset.add(u.getId());
- }
- }
- } else if(fn.code()==404) {
- return 200;
- }
- }
- }
- }
- if(uset!=null) {
- for(String u : uset) {
- pw().print(" ");
- pw().println(u);
- }
- }
- }
- } else if(fn.code()==404) {
- return 200;
- } else {
- error(fn);
- }
- return fn.code();
- }
- });
- }
+ @Override
+ public int _exec(int _idx, final String ... args) throws CadiException, APIException, LocatorException {
+ int idx = _idx;
+ final String ns=args[idx++];
+ final boolean detail = aafcli.isDetailed();
+ return same(new Retryable<Integer>() {
+ @Override
+ public Integer code(Rcli<?> client) throws CadiException, APIException {
+ ((ListUsers)parent).report(HEADER,ns);
+ Future<Nss> fn = client.read("/authz/nss/"+ns,getDF(Nss.class));
+ if(fn.get(AAFcli.timeout())) {
+ if(fn.value!=null) {
+ Set<String> uset = detail?null:new HashSet<>();
+ for(Ns n : fn.value.getNs()) {
+ Future<Roles> fr = client.read("/authz/roles/ns/"+n.getName(), getDF(Roles.class));
+ if(fr.get(AAFcli.timeout())) {
+ for(Role r : fr.value.getRole()) {
+ if(detail) {
+ ((ListUsers)parent).report(r.getName());
+ }
+ Future<Users> fus = client.read(
+ "/authz/users/role/"+r.getName(),
+ getDF(Users.class)
+ );
+ if(fus.get(AAFcli.timeout())) {
+ for(User u : fus.value.getUser()) {
+ if(detail) {
+ ((ListUsers)parent).report(" ",u);
+ } else {
+ uset.add(u.getId());
+ }
+ }
+ } else if(fn.code()==404) {
+ return 200;
+ }
+ }
+ }
+ }
+ if(uset!=null) {
+ for(String u : uset) {
+ pw().print(" ");
+ pw().println(u);
+ }
+ }
+ }
+ } else if(fn.code()==404) {
+ return 200;
+ } else {
+ error(fn);
+ }
+ return fn.code();
+ }
+ });
+ }
- @Override
- public void detailedHelp(int _indent, StringBuilder sb) {
- int indent = _indent;
- detailLine(sb,indent,HEADER);
- indent+=4;
- detailLine(sb,indent,"Report Users associated with this Namespace's Roles");
- sb.append('\n');
- detailLine(sb,indent,"If \"set details=true\" is specified, then all roles are printed ");
- detailLine(sb,indent,"with the associated users and expiration dates");
- indent-=4;
- api(sb,indent,HttpMethods.GET,"authz/nss/<ns>",Nss.class,true);
- api(sb,indent,HttpMethods.GET,"authz/roles/ns/<ns>",Roles.class,false);
- api(sb,indent,HttpMethods.GET,"authz/users/role/<ns>",Users.class,false);
- }
+ @Override
+ public void detailedHelp(int _indent, StringBuilder sb) {
+ int indent = _indent;
+ detailLine(sb,indent,HEADER);
+ indent+=4;
+ detailLine(sb,indent,"Report Users associated with this Namespace's Roles");
+ sb.append('\n');
+ detailLine(sb,indent,"If \"set details=true\" is specified, then all roles are printed ");
+ detailLine(sb,indent,"with the associated users and expiration dates");
+ indent-=4;
+ api(sb,indent,HttpMethods.GET,"authz/nss/<ns>",Nss.class,true);
+ api(sb,indent,HttpMethods.GET,"authz/roles/ns/<ns>",Roles.class,false);
+ api(sb,indent,HttpMethods.GET,"authz/users/role/<ns>",Users.class,false);
+ }
}
diff --git a/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/ns/ListUsersInRole.java b/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/ns/ListUsersInRole.java
index e49a6e97..301e1508 100644
--- a/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/ns/ListUsersInRole.java
+++ b/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/ns/ListUsersInRole.java
@@ -48,81 +48,81 @@ import aaf.v2_0.Users.User;
*
*/
public class ListUsersInRole extends Cmd {
- private static final String HEADER="List Users in Roles of Namespace ";
-
- public ListUsersInRole(ListUsers parent) {
- super(parent,"role",
- new Param("ns-name",true));
- }
+ private static final String HEADER="List Users in Roles of Namespace ";
+
+ public ListUsersInRole(ListUsers parent) {
+ super(parent,"role",
+ new Param("ns-name",true));
+ }
- @Override
- public int _exec(int _idx, final String ... args) throws CadiException, APIException, LocatorException {
- int idx = _idx;
- final String ns=args[idx++];
- final boolean detail = aafcli.isDetailed();
- return same(new Retryable<Integer>() {
- @Override
- public Integer code(Rcli<?> client) throws CadiException, APIException {
- ((ListUsers)parent).report(HEADER,ns);
- Future<Nss> fn = client.read("/authz/nss/"+ns,getDF(Nss.class));
- if(fn.get(AAFcli.timeout())) {
- if(fn.value!=null) {
- Set<String> uset = detail?null:new HashSet<>();
- for(Ns n : fn.value.getNs()) {
- Future<Roles> fr = client.read("/authz/roles/ns/"+n.getName(), getDF(Roles.class));
- if(fr.get(AAFcli.timeout())) {
- for(Role r : fr.value.getRole()) {
- if(detail) {
- ((ListUsers)parent).report(r.getName());
- }
- Future<Users> fus = client.read(
- "/authz/users/role/"+r.getName(),
- getDF(Users.class)
- );
- if(fus.get(AAFcli.timeout())) {
- for(User u : fus.value.getUser()) {
- if(detail) {
- ((ListUsers)parent).report(" ",u);
- } else {
- uset.add(u.getId());
- }
- }
- } else if(fn.code()==404) {
- return 200;
- }
- }
- }
- }
- if(uset!=null) {
- for(String u : uset) {
- pw().print(" ");
- pw().println(u);
- }
- }
- }
- } else if(fn.code()==404) {
- return 200;
- } else {
- error(fn);
- }
- return fn.code();
- }
- });
- }
+ @Override
+ public int _exec(int _idx, final String ... args) throws CadiException, APIException, LocatorException {
+ int idx = _idx;
+ final String ns=args[idx++];
+ final boolean detail = aafcli.isDetailed();
+ return same(new Retryable<Integer>() {
+ @Override
+ public Integer code(Rcli<?> client) throws CadiException, APIException {
+ ((ListUsers)parent).report(HEADER,ns);
+ Future<Nss> fn = client.read("/authz/nss/"+ns,getDF(Nss.class));
+ if(fn.get(AAFcli.timeout())) {
+ if(fn.value!=null) {
+ Set<String> uset = detail?null:new HashSet<>();
+ for(Ns n : fn.value.getNs()) {
+ Future<Roles> fr = client.read("/authz/roles/ns/"+n.getName(), getDF(Roles.class));
+ if(fr.get(AAFcli.timeout())) {
+ for(Role r : fr.value.getRole()) {
+ if(detail) {
+ ((ListUsers)parent).report(r.getName());
+ }
+ Future<Users> fus = client.read(
+ "/authz/users/role/"+r.getName(),
+ getDF(Users.class)
+ );
+ if(fus.get(AAFcli.timeout())) {
+ for(User u : fus.value.getUser()) {
+ if(detail) {
+ ((ListUsers)parent).report(" ",u);
+ } else {
+ uset.add(u.getId());
+ }
+ }
+ } else if(fn.code()==404) {
+ return 200;
+ }
+ }
+ }
+ }
+ if(uset!=null) {
+ for(String u : uset) {
+ pw().print(" ");
+ pw().println(u);
+ }
+ }
+ }
+ } else if(fn.code()==404) {
+ return 200;
+ } else {
+ error(fn);
+ }
+ return fn.code();
+ }
+ });
+ }
- @Override
- public void detailedHelp(int _indent, StringBuilder sb) {
- int indent = _indent;
- detailLine(sb,indent,HEADER);
- indent+=4;
- detailLine(sb,indent,"Report Users associated with this Namespace's Roles");
- sb.append('\n');
- detailLine(sb,indent,"If \"set details=true\" is specified, then all roles are printed ");
- detailLine(sb,indent,"with the associated users and expiration dates");
- indent-=4;
- api(sb,indent,HttpMethods.GET,"authz/nss/<ns>",Nss.class,true);
- api(sb,indent,HttpMethods.GET,"authz/roles/ns/<ns>",Roles.class,false);
- api(sb,indent,HttpMethods.GET,"authz/users/role/<ns>",Users.class,false);
- }
+ @Override
+ public void detailedHelp(int _indent, StringBuilder sb) {
+ int indent = _indent;
+ detailLine(sb,indent,HEADER);
+ indent+=4;
+ detailLine(sb,indent,"Report Users associated with this Namespace's Roles");
+ sb.append('\n');
+ detailLine(sb,indent,"If \"set details=true\" is specified, then all roles are printed ");
+ detailLine(sb,indent,"with the associated users and expiration dates");
+ indent-=4;
+ api(sb,indent,HttpMethods.GET,"authz/nss/<ns>",Nss.class,true);
+ api(sb,indent,HttpMethods.GET,"authz/roles/ns/<ns>",Roles.class,false);
+ api(sb,indent,HttpMethods.GET,"authz/users/role/<ns>",Users.class,false);
+ }
}
diff --git a/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/ns/ListUsersWithPerm.java b/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/ns/ListUsersWithPerm.java
index 1a4ed7a7..472070d9 100644
--- a/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/ns/ListUsersWithPerm.java
+++ b/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/ns/ListUsersWithPerm.java
@@ -48,81 +48,81 @@ import aaf.v2_0.Users.User;
*
*/
public class ListUsersWithPerm extends Cmd {
- private static final String HEADER="List Users of Permissions of Namespace ";
-
- public ListUsersWithPerm(ListUsers parent) {
- super(parent,"perm",
- new Param("ns-name",true));
- }
+ private static final String HEADER="List Users of Permissions of Namespace ";
+
+ public ListUsersWithPerm(ListUsers parent) {
+ super(parent,"perm",
+ new Param("ns-name",true));
+ }
- @Override
- public int _exec(int _idx, final String ... args) throws CadiException, APIException, LocatorException {
- int idx = _idx;
- final String ns=args[idx++];
- final boolean detail = aafcli.isDetailed();
- return same(new Retryable<Integer>() {
- @Override
- public Integer code(Rcli<?> client) throws CadiException, APIException {
- ((ListUsers)parent).report(HEADER,ns);
- Future<Nss> fn = client.read("/authz/nss/"+ns,getDF(Nss.class));
- if(fn.get(AAFcli.timeout())) {
- if(fn.value!=null) {
- Set<String> uset = detail?null:new HashSet<>();
-
- for(Ns n : fn.value.getNs()) {
- Future<Perms> fp = client.read("/authz/perms/ns/"+n.getName()+(aafcli.isDetailed()?"?ns":"")
- , getDF(Perms.class));
- if(fp.get(AAFcli.timeout())) {
- for(Perm p : fp.value.getPerm()) {
- String perm = p.getType()+'/'+p.getInstance()+'/'+p.getAction();
- if(detail)((ListUsers)parent).report(perm);
- Future<Users> fus = client.read(
- "/authz/users/perm/"+perm,
- getDF(Users.class)
- );
- if(fus.get(AAFcli.timeout())) {
- for(User u : fus.value.getUser()) {
- if(detail)
- ((ListUsers)parent).report(" ",u);
- else
- uset.add(u.getId());
- }
- } else if(fn.code()==404) {
- return 200;
- }
- }
- }
- }
- if(uset!=null) {
- for(String u : uset) {
- pw().print(" ");
- pw().println(u);
- }
- }
- }
- } else if(fn.code()==404) {
- return 200;
- } else {
- error(fn);
- }
- return fn.code();
- }
- });
- }
+ @Override
+ public int _exec(int _idx, final String ... args) throws CadiException, APIException, LocatorException {
+ int idx = _idx;
+ final String ns=args[idx++];
+ final boolean detail = aafcli.isDetailed();
+ return same(new Retryable<Integer>() {
+ @Override
+ public Integer code(Rcli<?> client) throws CadiException, APIException {
+ ((ListUsers)parent).report(HEADER,ns);
+ Future<Nss> fn = client.read("/authz/nss/"+ns,getDF(Nss.class));
+ if(fn.get(AAFcli.timeout())) {
+ if(fn.value!=null) {
+ Set<String> uset = detail?null:new HashSet<>();
+
+ for(Ns n : fn.value.getNs()) {
+ Future<Perms> fp = client.read("/authz/perms/ns/"+n.getName()+(aafcli.isDetailed()?"?ns":"")
+ , getDF(Perms.class));
+ if(fp.get(AAFcli.timeout())) {
+ for(Perm p : fp.value.getPerm()) {
+ String perm = p.getType()+'/'+p.getInstance()+'/'+p.getAction();
+ if(detail)((ListUsers)parent).report(perm);
+ Future<Users> fus = client.read(
+ "/authz/users/perm/"+perm,
+ getDF(Users.class)
+ );
+ if(fus.get(AAFcli.timeout())) {
+ for(User u : fus.value.getUser()) {
+ if(detail)
+ ((ListUsers)parent).report(" ",u);
+ else
+ uset.add(u.getId());
+ }
+ } else if(fn.code()==404) {
+ return 200;
+ }
+ }
+ }
+ }
+ if(uset!=null) {
+ for(String u : uset) {
+ pw().print(" ");
+ pw().println(u);
+ }
+ }
+ }
+ } else if(fn.code()==404) {
+ return 200;
+ } else {
+ error(fn);
+ }
+ return fn.code();
+ }
+ });
+ }
- @Override
- public void detailedHelp(int _indent, StringBuilder sb) {
- int indent = _indent;
- detailLine(sb,indent,HEADER);
- indent+=4;
- detailLine(sb,indent,"Report Users associated with this Namespace's Permissions");
- sb.append('\n');
- detailLine(sb,indent,"If \"set detail=true\" is specified, then Permissions are printed with the associated");
- detailLine(sb,indent,"users and expiration dates");
- indent-=4;
- api(sb,indent,HttpMethods.GET,"authz/nss/<ns>",Nss.class,true);
- api(sb,indent,HttpMethods.GET,"authz/perms/ns/<ns>",Perms.class,false);
- api(sb,indent,HttpMethods.GET,"authz/users/perm/<type>/<instance>/<action>",Users.class,false);
- }
+ @Override
+ public void detailedHelp(int _indent, StringBuilder sb) {
+ int indent = _indent;
+ detailLine(sb,indent,HEADER);
+ indent+=4;
+ detailLine(sb,indent,"Report Users associated with this Namespace's Permissions");
+ sb.append('\n');
+ detailLine(sb,indent,"If \"set detail=true\" is specified, then Permissions are printed with the associated");
+ detailLine(sb,indent,"users and expiration dates");
+ indent-=4;
+ api(sb,indent,HttpMethods.GET,"authz/nss/<ns>",Nss.class,true);
+ api(sb,indent,HttpMethods.GET,"authz/perms/ns/<ns>",Perms.class,false);
+ api(sb,indent,HttpMethods.GET,"authz/users/perm/<type>/<instance>/<action>",Users.class,false);
+ }
}
diff --git a/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/ns/NS.java b/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/ns/NS.java
index 8ceffde7..6a645733 100644
--- a/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/ns/NS.java
+++ b/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/ns/NS.java
@@ -27,19 +27,19 @@ import org.onap.aaf.auth.cmd.DeprecatedCMD;
import org.onap.aaf.misc.env.APIException;
public class NS extends BaseCmd<NS> {
-// final Role role;
+// final Role role;
- public NS(AAFcli aafcli) throws APIException {
- super(aafcli, "ns");
-// this.role = role;
-
- cmds.add(new Create(this));
- cmds.add(new Delete(this));
- cmds.add(new Admin(this));
- cmds.add(new Owner(this));
- cmds.add(new DeprecatedCMD<NS>(this,"responsible","'responsible' is deprecated. use 'owner'")); // deprecated
- cmds.add(new Describe(this));
- cmds.add(new Attrib(this));
- cmds.add(new List(this));
- }
+ public NS(AAFcli aafcli) throws APIException {
+ super(aafcli, "ns");
+// this.role = role;
+
+ cmds.add(new Create(this));
+ cmds.add(new Delete(this));
+ cmds.add(new Admin(this));
+ cmds.add(new Owner(this));
+ cmds.add(new DeprecatedCMD<NS>(this,"responsible","'responsible' is deprecated. use 'owner'")); // deprecated
+ cmds.add(new Describe(this));
+ cmds.add(new Attrib(this));
+ cmds.add(new List(this));
+ }
}
diff --git a/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/ns/Owner.java b/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/ns/Owner.java
index 5d1df496..e5e50187 100644
--- a/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/ns/Owner.java
+++ b/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/ns/Owner.java
@@ -33,77 +33,77 @@ import org.onap.aaf.cadi.client.Retryable;
import org.onap.aaf.misc.env.APIException;
public class Owner extends BaseCmd<NS> {
- private final static String[] options = {"add","del"};
+ private final static String[] options = {"add","del"};
- public Owner(NS ns) throws APIException {
- super(ns,"owner",
- new Param(optionsToString(options),true),
- new Param("ns-name",true),
- new Param("id[,id]*",true)
- );
- }
+ public Owner(NS ns) throws APIException {
+ super(ns,"owner",
+ new Param(optionsToString(options),true),
+ new Param("ns-name",true),
+ new Param("id[,id]*",true)
+ );
+ }
- @Override
- public int _exec(int _idx, final String ... args) throws CadiException, APIException, LocatorException {
- int idx = _idx;
+ @Override
+ public int _exec(int _idx, final String ... args) throws CadiException, APIException, LocatorException {
+ int idx = _idx;
- final int option = whichOption(options, args[idx++]);
- final String ns = args[idx++];
- final String ids[] = args[idx++].split(",");
+ final int option = whichOption(options, args[idx++]);
+ final String ns = args[idx++];
+ final String ids[] = args[idx++].split(",");
- return same(new Retryable<Integer>() {
- @Override
- public Integer code(Rcli<?> client) throws CadiException, APIException {
- Future<Void> fp=null;
- for(String id : ids) {
- id=fullID(id);
- String verb;
- switch(option) {
- case 0:
- fp = client.create("/authz/ns/"+ns+"/responsible/"+id,Void.class);
- verb = " is now ";
- break;
- case 1:
- fp = client.delete("/authz/ns/"+ns+"/responsible/"+id,Void.class);
- verb = " is no longer ";
- break;
- default:
- throw new CadiException("Bad Argument");
- };
-
- if(fp.get(AAFcli.timeout())) {
- pw().append(id);
- pw().append(verb);
- pw().append("responsible for ");
- pw().println(ns);
- } else {
- error(fp);
- return fp.code();
- }
- }
- return fp==null?500:fp.code();
- }
- });
- }
+ return same(new Retryable<Integer>() {
+ @Override
+ public Integer code(Rcli<?> client) throws CadiException, APIException {
+ Future<Void> fp=null;
+ for(String id : ids) {
+ id=fullID(id);
+ String verb;
+ switch(option) {
+ case 0:
+ fp = client.create("/authz/ns/"+ns+"/responsible/"+id,Void.class);
+ verb = " is now ";
+ break;
+ case 1:
+ fp = client.delete("/authz/ns/"+ns+"/responsible/"+id,Void.class);
+ verb = " is no longer ";
+ break;
+ default:
+ throw new CadiException("Bad Argument");
+ };
+
+ if(fp.get(AAFcli.timeout())) {
+ pw().append(id);
+ pw().append(verb);
+ pw().append("responsible for ");
+ pw().println(ns);
+ } else {
+ error(fp);
+ return fp.code();
+ }
+ }
+ return fp==null?500:fp.code();
+ }
+ });
+ }
- @Override
- public void detailedHelp(int _indent, StringBuilder sb) {
- int indent = _indent;
- detailLine(sb,indent,"Add or Delete Responsible person to/from Namespace");
- indent+=2;
- detailLine(sb,indent,"Namespace Owners are responsible to receive Notifications and ");
- detailLine(sb,indent,"approve Requests regarding this Namespace. Companies have ");
- detailLine(sb,indent,"Policies as to who may take on this responsibility");
+ @Override
+ public void detailedHelp(int _indent, StringBuilder sb) {
+ int indent = _indent;
+ detailLine(sb,indent,"Add or Delete Responsible person to/from Namespace");
+ indent+=2;
+ detailLine(sb,indent,"Namespace Owners are responsible to receive Notifications and ");
+ detailLine(sb,indent,"approve Requests regarding this Namespace. Companies have ");
+ detailLine(sb,indent,"Policies as to who may take on this responsibility");
- indent+=2;
- detailLine(sb,indent,"name - Name of Namespace");
- detailLine(sb,indent,"id - Credential of Person(s) to be made responsible");
- sb.append('\n');
- detailLine(sb,indent,"aafcli will call API on each ID presented.");
- indent-=4;
- api(sb,indent,HttpMethods.POST,"authz/ns/<ns>/responsible/<id>",Void.class,true);
- api(sb,indent,HttpMethods.DELETE,"authz/ns/<ns>/responsible/<id>",Void.class,false);
- }
+ indent+=2;
+ detailLine(sb,indent,"name - Name of Namespace");
+ detailLine(sb,indent,"id - Credential of Person(s) to be made responsible");
+ sb.append('\n');
+ detailLine(sb,indent,"aafcli will call API on each ID presented.");
+ indent-=4;
+ api(sb,indent,HttpMethods.POST,"authz/ns/<ns>/responsible/<id>",Void.class,true);
+ api(sb,indent,HttpMethods.DELETE,"authz/ns/<ns>/responsible/<id>",Void.class,false);
+ }
}
diff --git a/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/perm/Create.java b/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/perm/Create.java
index cc674568..1f123cff 100644
--- a/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/perm/Create.java
+++ b/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/perm/Create.java
@@ -41,123 +41,123 @@ import aaf.v2_0.RoleRequest;
*
*/
public class Create extends Cmd {
- public Create(Perm parent) {
- super(parent,"create",
- new Param("type",true),
- new Param("instance",true),
- new Param("action", true),
- new Param("role[,role]* (to Grant to)", false)
- );
- }
+ public Create(Perm parent) {
+ super(parent,"create",
+ new Param("type",true),
+ new Param("instance",true),
+ new Param("action", true),
+ new Param("role[,role]* (to Grant to)", false)
+ );
+ }
- @Override
- public int _exec(final int index, final String ... args) throws CadiException, APIException, LocatorException {
- return same(new Retryable<Integer>() {
- @Override
- public Integer code(Rcli<?> client) throws CadiException, APIException {
- int idx = index;
- final PermRequest pr = new PermRequest();
- pr.setType(args[idx++]);
- pr.setInstance(args[idx++]);
- pr.setAction(args[idx++]);
- String roleCommas = (args.length>idx)?args[idx++]:null;
- String[] roles = roleCommas==null?null:roleCommas.split("\\s*,\\s*");
- boolean force = aafcli.forceString()!=null;
- int rv;
-
- if(roles!=null && force) { // Make sure Roles are Created
- RoleRequest rr = new RoleRequest();
- for(String role : roles) {
- rr.setName(role);;
- Future<RoleRequest> fr = client.create(
- "/authz/role",
- getDF(RoleRequest.class),
- rr
- );
- fr.get(AAFcli.timeout());
- switch(fr.code()){
- case 201:
- pw().println("Created Role [" + role + ']');
- break;
- case 409:
- break;
- default:
- pw().println("Role [" + role + "] does not exist, and cannot be created.");
- return 206 /*HttpStatus.PARTIAL_CONTENT_206*/;
- }
- }
- }
+ @Override
+ public int _exec(final int index, final String ... args) throws CadiException, APIException, LocatorException {
+ return same(new Retryable<Integer>() {
+ @Override
+ public Integer code(Rcli<?> client) throws CadiException, APIException {
+ int idx = index;
+ final PermRequest pr = new PermRequest();
+ pr.setType(args[idx++]);
+ pr.setInstance(args[idx++]);
+ pr.setAction(args[idx++]);
+ String roleCommas = (args.length>idx)?args[idx++]:null;
+ String[] roles = roleCommas==null?null:roleCommas.split("\\s*,\\s*");
+ boolean force = aafcli.forceString()!=null;
+ int rv;
+
+ if(roles!=null && force) { // Make sure Roles are Created
+ RoleRequest rr = new RoleRequest();
+ for(String role : roles) {
+ rr.setName(role);;
+ Future<RoleRequest> fr = client.create(
+ "/authz/role",
+ getDF(RoleRequest.class),
+ rr
+ );
+ fr.get(AAFcli.timeout());
+ switch(fr.code()){
+ case 201:
+ pw().println("Created Role [" + role + ']');
+ break;
+ case 409:
+ break;
+ default:
+ pw().println("Role [" + role + "] does not exist, and cannot be created.");
+ return 206 /*HttpStatus.PARTIAL_CONTENT_206*/;
+ }
+ }
+ }
- // Set Start/End commands
- setStartEnd(pr);
- setQueryParamsOn(client);
- Future<PermRequest> fp = client.create(
- "/authz/perm",
- getDF(PermRequest.class),
- pr
- );
- if(fp.get(AAFcli.timeout())) {
- rv = fp.code();
- pw().println("Created Permission");
- if(roles!=null) {
- if(aafcli.forceString()!=null) { // Make sure Roles are Created
- RoleRequest rr = new RoleRequest();
- for(String role : roles) {
- rr.setName(role);;
- Future<RoleRequest> fr = client.create(
- "/authz/role",
- getDF(RoleRequest.class),
- rr
- );
- fr.get(AAFcli.timeout());
- switch(fr.code()){
- case 201:
- case 409:break;
- default:
-
- }
- }
- }
-
- try {
- if(201!=(rv=((Perm)parent)._exec(0,
- new String[] {"grant",pr.getType(),pr.getInstance(),pr.getAction(),roleCommas}))) {
- rv = 206 /*HttpStatus.PARTIAL_CONTENT_206*/;
- }
- } catch (LocatorException e) {
- throw new CadiException(e);
- }
- }
- } else {
- rv = fp.code();
- if(rv==409 && force) {
- rv = 201;
- } else if(rv==202) {
- pw().println("Permission Creation Accepted, but requires Approvals before actualizing");
- if (roles!=null)
- pw().println("You need to grant the roles after approval.");
- } else {
- error(fp);
- }
- }
- return rv;
- }
- });
- }
-
- @Override
- public void detailedHelp(int _indent, StringBuilder sb) {
- int indent = _indent;
- detailLine(sb,indent,"Create a Permission with:");
- detailLine(sb,indent+=2,"type - A Namespace qualified identifier identifying the kind of");
- detailLine(sb,indent+11,"resource to be protected");
- detailLine(sb,indent,"instance - A name that distinguishes a particular instance of resource");
- detailLine(sb,indent,"action - What kind of action is allowed");
- detailLine(sb,indent,"role(s) - Perms granted to these Comma separated Role(s)");
- detailLine(sb,indent+11,"Nonexistent role(s) will be created, if in same namespace");
- sb.append('\n');
- detailLine(sb,indent+2,"Note: Instance and Action can be a an '*' (enter \\\\* on Unix Shell)");
- api(sb,indent,HttpMethods.POST,"authz/perm",PermRequest.class,true);
- }
+ // Set Start/End commands
+ setStartEnd(pr);
+ setQueryParamsOn(client);
+ Future<PermRequest> fp = client.create(
+ "/authz/perm",
+ getDF(PermRequest.class),
+ pr
+ );
+ if(fp.get(AAFcli.timeout())) {
+ rv = fp.code();
+ pw().println("Created Permission");
+ if(roles!=null) {
+ if(aafcli.forceString()!=null) { // Make sure Roles are Created
+ RoleRequest rr = new RoleRequest();
+ for(String role : roles) {
+ rr.setName(role);;
+ Future<RoleRequest> fr = client.create(
+ "/authz/role",
+ getDF(RoleRequest.class),
+ rr
+ );
+ fr.get(AAFcli.timeout());
+ switch(fr.code()){
+ case 201:
+ case 409:break;
+ default:
+
+ }
+ }
+ }
+
+ try {
+ if(201!=(rv=((Perm)parent)._exec(0,
+ new String[] {"grant",pr.getType(),pr.getInstance(),pr.getAction(),roleCommas}))) {
+ rv = 206 /*HttpStatus.PARTIAL_CONTENT_206*/;
+ }
+ } catch (LocatorException e) {
+ throw new CadiException(e);
+ }
+ }
+ } else {
+ rv = fp.code();
+ if(rv==409 && force) {
+ rv = 201;
+ } else if(rv==202) {
+ pw().println("Permission Creation Accepted, but requires Approvals before actualizing");
+ if (roles!=null)
+ pw().println("You need to grant the roles after approval.");
+ } else {
+ error(fp);
+ }
+ }
+ return rv;
+ }
+ });
+ }
+
+ @Override
+ public void detailedHelp(int _indent, StringBuilder sb) {
+ int indent = _indent;
+ detailLine(sb,indent,"Create a Permission with:");
+ detailLine(sb,indent+=2,"type - A Namespace qualified identifier identifying the kind of");
+ detailLine(sb,indent+11,"resource to be protected");
+ detailLine(sb,indent,"instance - A name that distinguishes a particular instance of resource");
+ detailLine(sb,indent,"action - What kind of action is allowed");
+ detailLine(sb,indent,"role(s) - Perms granted to these Comma separated Role(s)");
+ detailLine(sb,indent+11,"Nonexistent role(s) will be created, if in same namespace");
+ sb.append('\n');
+ detailLine(sb,indent+2,"Note: Instance and Action can be a an '*' (enter \\\\* on Unix Shell)");
+ api(sb,indent,HttpMethods.POST,"authz/perm",PermRequest.class,true);
+ }
}
diff --git a/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/perm/Delete.java b/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/perm/Delete.java
index ba123d58..ed52a071 100644
--- a/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/perm/Delete.java
+++ b/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/perm/Delete.java
@@ -40,50 +40,50 @@ import aaf.v2_0.PermRequest;
*
*/
public class Delete extends Cmd {
- public Delete(Perm parent) {
- super(parent,"delete",
- new Param("type",true),
- new Param("instance",true),
- new Param("action", true));
- }
+ public Delete(Perm parent) {
+ super(parent,"delete",
+ new Param("type",true),
+ new Param("instance",true),
+ new Param("action", true));
+ }
- @Override
- public int _exec(final int index, final String ... args) throws CadiException, APIException, LocatorException {
- return same(new Retryable<Integer>() {
- @Override
- public Integer code(Rcli<?> client) throws CadiException, APIException {
- int idx = index;
- // Object Style Delete
- PermRequest pk = new PermRequest();
- pk.setType(args[idx++]);
- pk.setInstance(args[idx++]);
- pk.setAction(args[idx++]);
-
- // Set "Force" if set
- setQueryParamsOn(client);
- Future<PermRequest> fp = client.delete(
- "/authz/perm",
- getDF(PermRequest.class),
- pk);
- if(fp.get(AAFcli.timeout())) {
- pw().println("Deleted Permission");
- } else {
- if(fp.code()==202) {
- pw().println("Permission Deletion Accepted, but requires Approvals before actualizing");
- } else {
- error(fp);
- }
- }
- return fp.code();
- }
- });
- }
+ @Override
+ public int _exec(final int index, final String ... args) throws CadiException, APIException, LocatorException {
+ return same(new Retryable<Integer>() {
+ @Override
+ public Integer code(Rcli<?> client) throws CadiException, APIException {
+ int idx = index;
+ // Object Style Delete
+ PermRequest pk = new PermRequest();
+ pk.setType(args[idx++]);
+ pk.setInstance(args[idx++]);
+ pk.setAction(args[idx++]);
+
+ // Set "Force" if set
+ setQueryParamsOn(client);
+ Future<PermRequest> fp = client.delete(
+ "/authz/perm",
+ getDF(PermRequest.class),
+ pk);
+ if(fp.get(AAFcli.timeout())) {
+ pw().println("Deleted Permission");
+ } else {
+ if(fp.code()==202) {
+ pw().println("Permission Deletion Accepted, but requires Approvals before actualizing");
+ } else {
+ error(fp);
+ }
+ }
+ return fp.code();
+ }
+ });
+ }
- @Override
- public void detailedHelp(int indent, StringBuilder sb) {
- detailLine(sb,indent,"Delete a Permission with type,instance and action");
- detailLine(sb,indent+4,"see Create for definitions");
- api(sb,indent,HttpMethods.DELETE,"authz/perm",PermRequest.class,true);
- }
+ @Override
+ public void detailedHelp(int indent, StringBuilder sb) {
+ detailLine(sb,indent,"Delete a Permission with type,instance and action");
+ detailLine(sb,indent+4,"see Create for definitions");
+ api(sb,indent,HttpMethods.DELETE,"authz/perm",PermRequest.class,true);
+ }
}
diff --git a/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/perm/Describe.java b/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/perm/Describe.java
index 5a3fad3e..8396f7d3 100644
--- a/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/perm/Describe.java
+++ b/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/perm/Describe.java
@@ -35,66 +35,66 @@ import org.onap.aaf.misc.env.APIException;
import aaf.v2_0.PermRequest;
public class Describe extends Cmd {
- private static final String PERM_PATH = "/authz/perm";
- public Describe(Perm parent) {
- super(parent,"describe",
- new Param("type",true),
- new Param("instance", true),
- new Param("action", true),
- new Param("description",true));
- }
+ private static final String PERM_PATH = "/authz/perm";
+ public Describe(Perm parent) {
+ super(parent,"describe",
+ new Param("type",true),
+ new Param("instance", true),
+ new Param("action", true),
+ new Param("description",true));
+ }
- @Override
- public int _exec(final int index, final String ... args) throws CadiException, APIException, LocatorException {
- return same(new Retryable<Integer>() {
- @Override
- public Integer code(Rcli<?> client) throws CadiException, APIException {
- int idx = index;
- String type = args[idx++];
- String instance = args[idx++];
- String action = args[idx++];
- StringBuilder desc = new StringBuilder();
- while (idx < args.length) {
- desc.append(args[idx++] + ' ');
- }
-
- PermRequest pr = new PermRequest();
- pr.setType(type);
- pr.setInstance(instance);
- pr.setAction(action);
- pr.setDescription(desc.toString());
-
- // Set Start/End commands
- setStartEnd(pr);
-
- Future<PermRequest> fp = null;
- int rv;
+ @Override
+ public int _exec(final int index, final String ... args) throws CadiException, APIException, LocatorException {
+ return same(new Retryable<Integer>() {
+ @Override
+ public Integer code(Rcli<?> client) throws CadiException, APIException {
+ int idx = index;
+ String type = args[idx++];
+ String instance = args[idx++];
+ String action = args[idx++];
+ StringBuilder desc = new StringBuilder();
+ while (idx < args.length) {
+ desc.append(args[idx++] + ' ');
+ }
+
+ PermRequest pr = new PermRequest();
+ pr.setType(type);
+ pr.setInstance(instance);
+ pr.setAction(action);
+ pr.setDescription(desc.toString());
+
+ // Set Start/End commands
+ setStartEnd(pr);
+
+ Future<PermRequest> fp = null;
+ int rv;
- fp = client.update(
- PERM_PATH,
- getDF(PermRequest.class),
- pr
- );
+ fp = client.update(
+ PERM_PATH,
+ getDF(PermRequest.class),
+ pr
+ );
- if(fp.get(AAFcli.timeout())) {
- rv=fp.code();
- pw().println("Description added to Permission");
- } else {
- if((rv=fp.code())==202) {
- pw().print("Adding description");
- pw().println(" Accepted, but requires Approvals before actualizing");
- } else {
- error(fp);
- }
- }
- return rv;
- }
- });
- }
+ if(fp.get(AAFcli.timeout())) {
+ rv=fp.code();
+ pw().println("Description added to Permission");
+ } else {
+ if((rv=fp.code())==202) {
+ pw().print("Adding description");
+ pw().println(" Accepted, but requires Approvals before actualizing");
+ } else {
+ error(fp);
+ }
+ }
+ return rv;
+ }
+ });
+ }
- @Override
- public void detailedHelp(int indent, StringBuilder sb) {
- detailLine(sb,indent,"Add a description to a permission");
- api(sb,indent,HttpMethods.PUT,"authz/perm",PermRequest.class,true);
- }
+ @Override
+ public void detailedHelp(int indent, StringBuilder sb) {
+ detailLine(sb,indent,"Add a description to a permission");
+ api(sb,indent,HttpMethods.PUT,"authz/perm",PermRequest.class,true);
+ }
}
diff --git a/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/perm/Grant.java b/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/perm/Grant.java
index d4b26a84..4ed411ba 100644
--- a/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/perm/Grant.java
+++ b/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/perm/Grant.java
@@ -41,110 +41,110 @@ import aaf.v2_0.RolePermRequest;
*
*/
public class Grant extends Cmd {
- private final static String[] options = {"grant","ungrant","setTo"};
+ private final static String[] options = {"grant","ungrant","setTo"};
- public Grant(Perm parent) {
- super(parent,null,
- new Param(optionsToString(options),true),
- new Param("type",true),
- new Param("instance",true),
- new Param("action",true),
- new Param("role[,role]* (!REQ S)",false)
- );
- }
+ public Grant(Perm parent) {
+ super(parent,null,
+ new Param(optionsToString(options),true),
+ new Param("type",true),
+ new Param("instance",true),
+ new Param("action",true),
+ new Param("role[,role]* (!REQ S)",false)
+ );
+ }
- @Override
- public int _exec(final int index, final String ... args) throws CadiException, APIException, LocatorException {
- return same(new Retryable<Integer>() {
- @Override
- public Integer code(Rcli<?> client) throws CadiException, APIException {
- int idx = index;
- String action = args[idx++];
- int option = whichOption(options, action);
-
- RolePermRequest rpr = new RolePermRequest();
- Pkey pk = new Pkey();
- pk.setType(args[idx++]);
- pk.setInstance(args[idx++]);
- pk.setAction(args[idx++]);
- rpr.setPerm(pk);
- setStartEnd(rpr);
-
- Future<RolePermRequest> frpr = null;
-
- if (option != 2) {
- String[] roles = args[idx++].split(",");
- String strA,strB;
- for(String role : roles) {
- rpr.setRole(role);
- if(option==0) {
- // You can request to Grant Permission to a Role
- setQueryParamsOn(client);
- frpr = client.create(
- "/authz/role/perm",
- getDF(RolePermRequest.class),
- rpr
- );
- strA = "Granted Permission [";
- strB = "] to Role [";
- } else {
- // You can request to UnGrant Permission to a Role
- setQueryParamsOn(client);
- frpr = client.delete(
- "/authz/role/" + role + "/perm",
- getDF(RolePermRequest.class),
- rpr
- );
- strA = "UnGranted Permission [";
- strB = "] from Role [";
- }
- if(frpr.get(AAFcli.timeout())) {
- pw().println(strA + pk.getType() + '|' + pk.getInstance() + '|' + pk.getAction()
- + strB + role +']');
- } else {
- if (frpr.code()==202) {
- pw().print("Permission Role ");
- pw().print(option==0?"Granted":"Ungranted");
- pw().println(" Accepted, but requires Approvals before actualizing");
- } else {
- error(frpr);
- idx=Integer.MAX_VALUE;
- }
- }
- }
- } else {
- String allRoles = "";
- if (idx < args.length)
- allRoles = args[idx++];
-
- rpr.setRole(allRoles);
- frpr = client.update(
- "/authz/role/perm",
- getDF(RolePermRequest.class),
- rpr);
- if(frpr.get(AAFcli.timeout())) {
- pw().println("Set Permission's Roles to [" + allRoles + "]");
- } else {
- error(frpr);
- }
- }
- return frpr==null?0:frpr.code();
- }
- });
- }
+ @Override
+ public int _exec(final int index, final String ... args) throws CadiException, APIException, LocatorException {
+ return same(new Retryable<Integer>() {
+ @Override
+ public Integer code(Rcli<?> client) throws CadiException, APIException {
+ int idx = index;
+ String action = args[idx++];
+ int option = whichOption(options, action);
+
+ RolePermRequest rpr = new RolePermRequest();
+ Pkey pk = new Pkey();
+ pk.setType(args[idx++]);
+ pk.setInstance(args[idx++]);
+ pk.setAction(args[idx++]);
+ rpr.setPerm(pk);
+ setStartEnd(rpr);
+
+ Future<RolePermRequest> frpr = null;
+
+ if (option != 2) {
+ String[] roles = args[idx++].split(",");
+ String strA,strB;
+ for(String role : roles) {
+ rpr.setRole(role);
+ if(option==0) {
+ // You can request to Grant Permission to a Role
+ setQueryParamsOn(client);
+ frpr = client.create(
+ "/authz/role/perm",
+ getDF(RolePermRequest.class),
+ rpr
+ );
+ strA = "Granted Permission [";
+ strB = "] to Role [";
+ } else {
+ // You can request to UnGrant Permission to a Role
+ setQueryParamsOn(client);
+ frpr = client.delete(
+ "/authz/role/" + role + "/perm",
+ getDF(RolePermRequest.class),
+ rpr
+ );
+ strA = "UnGranted Permission [";
+ strB = "] from Role [";
+ }
+ if(frpr.get(AAFcli.timeout())) {
+ pw().println(strA + pk.getType() + '|' + pk.getInstance() + '|' + pk.getAction()
+ + strB + role +']');
+ } else {
+ if (frpr.code()==202) {
+ pw().print("Permission Role ");
+ pw().print(option==0?"Granted":"Ungranted");
+ pw().println(" Accepted, but requires Approvals before actualizing");
+ } else {
+ error(frpr);
+ idx=Integer.MAX_VALUE;
+ }
+ }
+ }
+ } else {
+ String allRoles = "";
+ if (idx < args.length)
+ allRoles = args[idx++];
+
+ rpr.setRole(allRoles);
+ frpr = client.update(
+ "/authz/role/perm",
+ getDF(RolePermRequest.class),
+ rpr);
+ if(frpr.get(AAFcli.timeout())) {
+ pw().println("Set Permission's Roles to [" + allRoles + "]");
+ } else {
+ error(frpr);
+ }
+ }
+ return frpr==null?0:frpr.code();
+ }
+ });
+ }
- @Override
- public void detailedHelp(int indent, StringBuilder sb) {
- detailLine(sb,indent,"Grant a Permission to a Role or Roles OR");
- detailLine(sb,indent,"Ungrant a Permission from a Role or Roles OR");
- detailLine(sb,indent,"Set a Permission's roles to roles supplied.");
- detailLine(sb,indent+4,"WARNING: Roles supplied with setTo will be the ONLY roles attached to this permission");
- detailLine(sb,indent+8,"If no roles are supplied, permission's roles are reset.");
- detailLine(sb,indent,"see Create for definitions of type,instance and action");
- api(sb,indent,HttpMethods.POST,"authz/role/perm",RolePermRequest.class,true);
- api(sb,indent,HttpMethods.DELETE,"authz/role/<role>/perm",RolePermRequest.class,false);
- api(sb,indent,HttpMethods.PUT,"authz/role/perm",RolePermRequest.class,false);
+ @Override
+ public void detailedHelp(int indent, StringBuilder sb) {
+ detailLine(sb,indent,"Grant a Permission to a Role or Roles OR");
+ detailLine(sb,indent,"Ungrant a Permission from a Role or Roles OR");
+ detailLine(sb,indent,"Set a Permission's roles to roles supplied.");
+ detailLine(sb,indent+4,"WARNING: Roles supplied with setTo will be the ONLY roles attached to this permission");
+ detailLine(sb,indent+8,"If no roles are supplied, permission's roles are reset.");
+ detailLine(sb,indent,"see Create for definitions of type,instance and action");
+ api(sb,indent,HttpMethods.POST,"authz/role/perm",RolePermRequest.class,true);
+ api(sb,indent,HttpMethods.DELETE,"authz/role/<role>/perm",RolePermRequest.class,false);
+ api(sb,indent,HttpMethods.PUT,"authz/role/perm",RolePermRequest.class,false);
- }
+ }
}
diff --git a/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/perm/List.java b/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/perm/List.java
index 2eadd38c..48b8a488 100644
--- a/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/perm/List.java
+++ b/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/perm/List.java
@@ -34,83 +34,83 @@ import org.onap.aaf.misc.env.APIException;
import aaf.v2_0.Perms;
public class List extends BaseCmd<Perm> {
-// private static final String LIST_PERM_DETAILS = "list permission details";
-
- public List(Perm parent) {
- super(parent,"list");
+// private static final String LIST_PERM_DETAILS = "list permission details";
+
+ public List(Perm parent) {
+ super(parent,"list");
- cmds.add(new ListByUser(this));
- cmds.add(new ListByName(this));
- cmds.add(new ListByNS(this));
- cmds.add(new ListByRole(this));
- cmds.add(new ListActivity(this));
- }
- // Package Level on purpose
- abstract class ListPerms extends Retryable<Integer> {
- protected int list(Future<Perms> fp,String header, String parentPerm) throws CadiException, APIException {
- if(fp.get(AAFcli.timeout())) {
- report(fp,header, parentPerm);
- } else {
- error(fp);
- }
- return fp.code();
- }
- }
+ cmds.add(new ListByUser(this));
+ cmds.add(new ListByName(this));
+ cmds.add(new ListByNS(this));
+ cmds.add(new ListByRole(this));
+ cmds.add(new ListActivity(this));
+ }
+ // Package Level on purpose
+ abstract class ListPerms extends Retryable<Integer> {
+ protected int list(Future<Perms> fp,String header, String parentPerm) throws CadiException, APIException {
+ if(fp.get(AAFcli.timeout())) {
+ report(fp,header, parentPerm);
+ } else {
+ error(fp);
+ }
+ return fp.code();
+ }
+ }
- private static final Comparator<aaf.v2_0.Perm> permCompare = new Comparator<aaf.v2_0.Perm>() {
- @Override
- public int compare(aaf.v2_0.Perm a, aaf.v2_0.Perm b) {
- int rc;
- if((rc=a.getType().compareTo(b.getType()))!=0) {
- return rc;
- }
- if((rc=a.getInstance().compareTo(b.getInstance()))!=0) {
- return rc;
- }
- return a.getAction().compareTo(b.getAction());
- }
- };
-
- private static final String permFormat = "%-30s %-30s %-10s\n";
-
- void report(Future<Perms> fp, String ... str) {
- reportHead(str);
- if (this.aafcli.isDetailed()) {
- String format = "%-36s %-30s %-15s\n";
- String descFmt = " %-75s\n";
- reportColHead(format + descFmt,"[PERM NS].Type","Instance","Action", "Description");
- Collections.sort(fp.value.getPerm(),permCompare);
- for(aaf.v2_0.Perm p : fp.value.getPerm()) {
- String pns = p.getNs();
- if(pns==null) {
- pw().format(format,
- p.getType(),
- p.getInstance(),
- p.getAction());
- } else {
- pw().format(format,
- '['+pns + "]." + p.getType().substring(pns.length()+1),
- p.getInstance(),
- p.getAction());
- }
- String desc = p.getDescription();
- if(desc!=null && desc.length()>0) {
- pw().format(descFmt,p.getDescription());
- }
- }
- pw().println();
- } else {
- String format = reportColHead(permFormat,"PERM Type","Instance","Action");
+ private static final Comparator<aaf.v2_0.Perm> permCompare = new Comparator<aaf.v2_0.Perm>() {
+ @Override
+ public int compare(aaf.v2_0.Perm a, aaf.v2_0.Perm b) {
+ int rc;
+ if((rc=a.getType().compareTo(b.getType()))!=0) {
+ return rc;
+ }
+ if((rc=a.getInstance().compareTo(b.getInstance()))!=0) {
+ return rc;
+ }
+ return a.getAction().compareTo(b.getAction());
+ }
+ };
+
+ private static final String permFormat = "%-30s %-30s %-10s\n";
+
+ void report(Future<Perms> fp, String ... str) {
+ reportHead(str);
+ if (this.aafcli.isDetailed()) {
+ String format = "%-36s %-30s %-15s\n";
+ String descFmt = " %-75s\n";
+ reportColHead(format + descFmt,"[PERM NS].Type","Instance","Action", "Description");
+ Collections.sort(fp.value.getPerm(),permCompare);
+ for(aaf.v2_0.Perm p : fp.value.getPerm()) {
+ String pns = p.getNs();
+ if(pns==null) {
+ pw().format(format,
+ p.getType(),
+ p.getInstance(),
+ p.getAction());
+ } else {
+ pw().format(format,
+ '['+pns + "]." + p.getType().substring(pns.length()+1),
+ p.getInstance(),
+ p.getAction());
+ }
+ String desc = p.getDescription();
+ if(desc!=null && desc.length()>0) {
+ pw().format(descFmt,p.getDescription());
+ }
+ }
+ pw().println();
+ } else {
+ String format = reportColHead(permFormat,"PERM Type","Instance","Action");
- Collections.sort(fp.value.getPerm(),permCompare);
- for(aaf.v2_0.Perm p : fp.value.getPerm()) {
- pw().format(format,
- p.getType(),
- p.getInstance(),
- p.getAction());
- }
- pw().println();
- }
- }
+ Collections.sort(fp.value.getPerm(),permCompare);
+ for(aaf.v2_0.Perm p : fp.value.getPerm()) {
+ pw().format(format,
+ p.getType(),
+ p.getInstance(),
+ p.getAction());
+ }
+ pw().println();
+ }
+ }
}
diff --git a/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/perm/ListActivity.java b/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/perm/ListActivity.java
index 4b5f569b..c59e9b5a 100644
--- a/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/perm/ListActivity.java
+++ b/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/perm/ListActivity.java
@@ -39,38 +39,38 @@ import aaf.v2_0.History;
*
*/
public class ListActivity extends Cmd {
- private static final String HEADER = "List Activity of Permission";
-
- public ListActivity(List parent) {
- super(parent,"activity",
- new Param("type",true));
- }
+ private static final String HEADER = "List Activity of Permission";
+
+ public ListActivity(List parent) {
+ super(parent,"activity",
+ new Param("type",true));
+ }
- @Override
- public int _exec(final int index, final String ... args) throws CadiException, APIException, LocatorException {
- return same(new Retryable<Integer>() {
- @Override
- public Integer code(Rcli<?> client) throws CadiException, APIException {
- int idx = index;
- String type = args[idx++];
- Future<History> fp = client.read(
- "/authz/hist/perm/"+type,
- getDF(History.class)
- );
- if(fp.get(AAFcli.timeout())) {
- activity(fp.value, HEADER + " [ " + type + " ]");
- } else {
- error(fp);
- }
- return fp.code();
- }
- });
- }
+ @Override
+ public int _exec(final int index, final String ... args) throws CadiException, APIException, LocatorException {
+ return same(new Retryable<Integer>() {
+ @Override
+ public Integer code(Rcli<?> client) throws CadiException, APIException {
+ int idx = index;
+ String type = args[idx++];
+ Future<History> fp = client.read(
+ "/authz/hist/perm/"+type,
+ getDF(History.class)
+ );
+ if(fp.get(AAFcli.timeout())) {
+ activity(fp.value, HEADER + " [ " + type + " ]");
+ } else {
+ error(fp);
+ }
+ return fp.code();
+ }
+ });
+ }
- @Override
- public void detailedHelp(int indent, StringBuilder sb) {
- detailLine(sb,indent,HEADER);
- api(sb,indent,HttpMethods.GET,"authz/hist/perm/<type>",History.class,true);
- }
+ @Override
+ public void detailedHelp(int indent, StringBuilder sb) {
+ detailLine(sb,indent,HEADER);
+ api(sb,indent,HttpMethods.GET,"authz/hist/perm/<type>",History.class,true);
+ }
}
diff --git a/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/perm/ListByNS.java b/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/perm/ListByNS.java
index 304055bf..7469eed5 100644
--- a/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/perm/ListByNS.java
+++ b/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/perm/ListByNS.java
@@ -39,33 +39,33 @@ import aaf.v2_0.Perms;
*
*/
public class ListByNS extends Cmd {
- private static final String HEADER = "List Perms by NS ";
-
- public ListByNS(List parent) {
- super(parent,"ns",
- new Param("name",true));
- }
+ private static final String HEADER = "List Perms by NS ";
+
+ public ListByNS(List parent) {
+ super(parent,"ns",
+ new Param("name",true));
+ }
- public int _exec( int idx, final String ... args) throws CadiException, APIException, LocatorException {
- final String ns=args[idx];
+ public int _exec( int idx, final String ... args) throws CadiException, APIException, LocatorException {
+ final String ns=args[idx];
- return same(((List)parent).new ListPerms() {
- @Override
- public Integer code(Rcli<?> client) throws CadiException, APIException {
- Future<Perms> fp = client.read(
- "/authz/perms/ns/"+ns+(aafcli.isDetailed()?"?ns":""),
- getDF(Perms.class)
- );
- return list(fp, HEADER, ns);
- }
- });
- }
-
- @Override
- public void detailedHelp(int indent, StringBuilder sb) {
- detailLine(sb,indent,HEADER);
- api(sb,indent,HttpMethods.GET,"authz/perms/ns/<ns>",Perms.class,true);
- }
+ return same(((List)parent).new ListPerms() {
+ @Override
+ public Integer code(Rcli<?> client) throws CadiException, APIException {
+ Future<Perms> fp = client.read(
+ "/authz/perms/ns/"+ns+(aafcli.isDetailed()?"?ns":""),
+ getDF(Perms.class)
+ );
+ return list(fp, HEADER, ns);
+ }
+ });
+ }
+
+ @Override
+ public void detailedHelp(int indent, StringBuilder sb) {
+ detailLine(sb,indent,HEADER);
+ api(sb,indent,HttpMethods.GET,"authz/perms/ns/<ns>",Perms.class,true);
+ }
}
diff --git a/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/perm/ListByName.java b/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/perm/ListByName.java
index 6310e24b..099fb5f8 100644
--- a/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/perm/ListByName.java
+++ b/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/perm/ListByName.java
@@ -38,32 +38,32 @@ import aaf.v2_0.Perms;
*
*/
public class ListByName extends Cmd {
- private static final String HEADER = "List Child Permissions";
-
- public ListByName(List parent) {
- super(parent,"name",
- new Param("root perm name",true));
- }
+ private static final String HEADER = "List Child Permissions";
+
+ public ListByName(List parent) {
+ super(parent,"name",
+ new Param("root perm name",true));
+ }
- public int _exec(final int index, final String ... args) throws CadiException, APIException, LocatorException {
- return same(((List)parent).new ListPerms() {
- @Override
- public Integer code(Rcli<?> client) throws CadiException, APIException {
- String parentPerm=args[index];
-
- Future<Perms> fp = client.read(
- "/authz/perms/"+parentPerm+(aafcli.isDetailed()?"?ns":""),
- getDF(Perms.class)
- );
- return list(fp,HEADER,parentPerm);
- }
- });
- }
+ public int _exec(final int index, final String ... args) throws CadiException, APIException, LocatorException {
+ return same(((List)parent).new ListPerms() {
+ @Override
+ public Integer code(Rcli<?> client) throws CadiException, APIException {
+ String parentPerm=args[index];
+
+ Future<Perms> fp = client.read(
+ "/authz/perms/"+parentPerm+(aafcli.isDetailed()?"?ns":""),
+ getDF(Perms.class)
+ );
+ return list(fp,HEADER,parentPerm);
+ }
+ });
+ }
- @Override
- public void detailedHelp(int indent, StringBuilder sb) {
- detailLine(sb,indent,HEADER);
- api(sb,indent,HttpMethods.GET,"authz/perms/<parent type>",Perms.class,true);
- }
+ @Override
+ public void detailedHelp(int indent, StringBuilder sb) {
+ detailLine(sb,indent,HEADER);
+ api(sb,indent,HttpMethods.GET,"authz/perms/<parent type>",Perms.class,true);
+ }
}
diff --git a/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/perm/ListByRole.java b/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/perm/ListByRole.java
index 75b88538..32b78a6b 100644
--- a/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/perm/ListByRole.java
+++ b/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/perm/ListByRole.java
@@ -39,34 +39,34 @@ import aaf.v2_0.Perms;
*
*/
public class ListByRole extends Cmd {
- private static final String HEADER = "List Perms by Role ";
-
- public ListByRole(List parent) {
- super(parent,"role",
- new Param("name",true));
- }
+ private static final String HEADER = "List Perms by Role ";
+
+ public ListByRole(List parent) {
+ super(parent,"role",
+ new Param("name",true));
+ }
- public int _exec(final int idx, final String ... args) throws CadiException, APIException, LocatorException {
- final String role=args[idx];
+ public int _exec(final int idx, final String ... args) throws CadiException, APIException, LocatorException {
+ final String role=args[idx];
- return same(((List)parent).new ListPerms() {
- @Override
- public Integer code(Rcli<?> client) throws CadiException, APIException {
+ return same(((List)parent).new ListPerms() {
+ @Override
+ public Integer code(Rcli<?> client) throws CadiException, APIException {
- Future<Perms> fp = client.read(
- "/authz/perms/role/"+role+(aafcli.isDetailed()?"?ns":""),
- getDF(Perms.class)
- );
- return list(fp, HEADER, role);
- }
- });
- }
-
- @Override
- public void detailedHelp(int indent, StringBuilder sb) {
- detailLine(sb,indent,HEADER);
- api(sb,indent,HttpMethods.GET,"authz/perms/role/<role>",Perms.class,true);
- }
+ Future<Perms> fp = client.read(
+ "/authz/perms/role/"+role+(aafcli.isDetailed()?"?ns":""),
+ getDF(Perms.class)
+ );
+ return list(fp, HEADER, role);
+ }
+ });
+ }
+
+ @Override
+ public void detailedHelp(int indent, StringBuilder sb) {
+ detailLine(sb,indent,HEADER);
+ api(sb,indent,HttpMethods.GET,"authz/perms/role/<role>",Perms.class,true);
+ }
}
diff --git a/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/perm/ListByUser.java b/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/perm/ListByUser.java
index ba708273..550386cf 100644
--- a/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/perm/ListByUser.java
+++ b/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/perm/ListByUser.java
@@ -38,45 +38,45 @@ import aaf.v2_0.Perms;
*
*/
public class ListByUser extends Cmd {
- private static final String HEADER = "List Permissions by User";
- public ListByUser(List parent) {
- super(parent,"user",
- new Param("id",true));
- }
+ private static final String HEADER = "List Permissions by User";
+ public ListByUser(List parent) {
+ super(parent,"user",
+ new Param("id",true));
+ }
- public int _exec( int idx, final String ... args) throws CadiException, APIException, LocatorException {
- final String user=fullID(args[idx]);
-
- return same(((List)parent).new ListPerms() {
- @Override
- public Integer code(Rcli<?> client) throws CadiException, APIException {
- StringBuilder sb = null;
- if("true".equalsIgnoreCase(aafcli.forceString())) {
- sb = new StringBuilder();
- sb.append("?force");
- }
- if(aafcli.isDetailed()) {
- if(sb==null) {
- sb = new StringBuilder('?');
- } else {
- sb.append('&');
- }
- sb.append("ns");
- }
- Future<Perms> fp = client.read(
- "/authz/perms/user/"+user+(sb==null?"":sb),
- getDF(Perms.class)
- );
- return list(fp,HEADER, user);
- }
- });
- }
-
- @Override
- public void detailedHelp(int indent, StringBuilder sb) {
- detailLine(sb,indent,HEADER);
- api(sb,indent,HttpMethods.GET,"authz/perms/user/<user id>",Perms.class,true);
- }
+ public int _exec( int idx, final String ... args) throws CadiException, APIException, LocatorException {
+ final String user=fullID(args[idx]);
+
+ return same(((List)parent).new ListPerms() {
+ @Override
+ public Integer code(Rcli<?> client) throws CadiException, APIException {
+ StringBuilder sb = null;
+ if("true".equalsIgnoreCase(aafcli.forceString())) {
+ sb = new StringBuilder();
+ sb.append("?force");
+ }
+ if(aafcli.isDetailed()) {
+ if(sb==null) {
+ sb = new StringBuilder('?');
+ } else {
+ sb.append('&');
+ }
+ sb.append("ns");
+ }
+ Future<Perms> fp = client.read(
+ "/authz/perms/user/"+user+(sb==null?"":sb),
+ getDF(Perms.class)
+ );
+ return list(fp,HEADER, user);
+ }
+ });
+ }
+
+ @Override
+ public void detailedHelp(int indent, StringBuilder sb) {
+ detailLine(sb,indent,HEADER);
+ api(sb,indent,HttpMethods.GET,"authz/perms/user/<user id>",Perms.class,true);
+ }
}
diff --git a/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/perm/Perm.java b/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/perm/Perm.java
index 805b6e62..02030211 100644
--- a/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/perm/Perm.java
+++ b/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/perm/Perm.java
@@ -26,17 +26,17 @@ import org.onap.aaf.auth.cmd.role.Role;
import org.onap.aaf.misc.env.APIException;
public class Perm extends BaseCmd<Perm> {
- Role role;
+ Role role;
- public Perm(Role role) throws APIException {
- super(role.aafcli, "perm");
- this.role = role;
+ public Perm(Role role) throws APIException {
+ super(role.aafcli, "perm");
+ this.role = role;
- cmds.add(new Create(this));
- cmds.add(new Delete(this));
- cmds.add(new Grant(this));
- cmds.add(new Rename(this));
- cmds.add(new Describe(this));
- cmds.add(new List(this));
- }
+ cmds.add(new Create(this));
+ cmds.add(new Delete(this));
+ cmds.add(new Grant(this));
+ cmds.add(new Rename(this));
+ cmds.add(new Describe(this));
+ cmds.add(new List(this));
+ }
}
diff --git a/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/perm/Rename.java b/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/perm/Rename.java
index fa65f61a..620e1e04 100644
--- a/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/perm/Rename.java
+++ b/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/perm/Rename.java
@@ -36,67 +36,67 @@ import org.onap.aaf.misc.env.APIException;
import aaf.v2_0.PermRequest;
public class Rename extends Cmd {
- public Rename(Perm parent) {
- super(parent,"rename",
- new Param("type",true),
- new Param("instance",true),
- new Param("action", true),
- new Param("new type",true),
- new Param("new instance",true),
- new Param("new action", true)
- );
- }
-
- @Override
- public int _exec(final int index, final String ... args) throws CadiException, APIException, LocatorException {
- return same(new Retryable<Integer>() {
- @Override
- public Integer code(Rcli<?> client) throws CadiException, APIException {
- int idx = index;
- String origType = args[idx++];
- String origInstance = args[idx++];
- String origAction = args[idx++];
-
- //Create new permission
- PermRequest pr = new PermRequest();
- pr.setType(args[idx++]);
- pr.setInstance(args[idx++]);
- pr.setAction(args[idx++]);
-
- // Set Start/End commands
- setStartEnd(pr);
- Future<PermRequest> fp = client.update(
- "/authz/perm/"+origType+"/"+origInstance+"/"+origAction,
- getDF(PermRequest.class),
- pr
- );
- int rv;
- if(fp.get(AAFcli.timeout())) {
- rv = fp.code();
- pw().println("Updated Permission");
- } else {
- rv = fp.code();
- if(rv==202) {
- pw().println("Permission Update Accepted, but requires Approvals before actualizing");
- } else {
- error(fp);
- }
- }
- return rv;
- }
- });
-
- }
-
- @Override
- public void detailedHelp(int indent, StringBuilder sb) {
- detailLine(sb,indent,"Rename a Permission from:");
- detailLine(sb,indent+2,"<type> <instance> <action>");
- detailLine(sb,indent,"to:");
- detailLine(sb,indent+2,"<new type> <new instance> <new action>");
- sb.append('\n');
- detailLine(sb,indent,"Namespace must be the same in <type> and <new type>");
- detailLine(sb,indent+4,"see Create for definitions of type,instance and action");
- api(sb,indent,HttpMethods.PUT,"authz/perm/<type>/<instance>/<action>",PermRequest.class,true);
- }
+ public Rename(Perm parent) {
+ super(parent,"rename",
+ new Param("type",true),
+ new Param("instance",true),
+ new Param("action", true),
+ new Param("new type",true),
+ new Param("new instance",true),
+ new Param("new action", true)
+ );
+ }
+
+ @Override
+ public int _exec(final int index, final String ... args) throws CadiException, APIException, LocatorException {
+ return same(new Retryable<Integer>() {
+ @Override
+ public Integer code(Rcli<?> client) throws CadiException, APIException {
+ int idx = index;
+ String origType = args[idx++];
+ String origInstance = args[idx++];
+ String origAction = args[idx++];
+
+ //Create new permission
+ PermRequest pr = new PermRequest();
+ pr.setType(args[idx++]);
+ pr.setInstance(args[idx++]);
+ pr.setAction(args[idx++]);
+
+ // Set Start/End commands
+ setStartEnd(pr);
+ Future<PermRequest> fp = client.update(
+ "/authz/perm/"+origType+"/"+origInstance+"/"+origAction,
+ getDF(PermRequest.class),
+ pr
+ );
+ int rv;
+ if(fp.get(AAFcli.timeout())) {
+ rv = fp.code();
+ pw().println("Updated Permission");
+ } else {
+ rv = fp.code();
+ if(rv==202) {
+ pw().println("Permission Update Accepted, but requires Approvals before actualizing");
+ } else {
+ error(fp);
+ }
+ }
+ return rv;
+ }
+ });
+
+ }
+
+ @Override
+ public void detailedHelp(int indent, StringBuilder sb) {
+ detailLine(sb,indent,"Rename a Permission from:");
+ detailLine(sb,indent+2,"<type> <instance> <action>");
+ detailLine(sb,indent,"to:");
+ detailLine(sb,indent+2,"<new type> <new instance> <new action>");
+ sb.append('\n');
+ detailLine(sb,indent,"Namespace must be the same in <type> and <new type>");
+ detailLine(sb,indent+4,"see Create for definitions of type,instance and action");
+ api(sb,indent,HttpMethods.PUT,"authz/perm/<type>/<instance>/<action>",PermRequest.class,true);
+ }
}
diff --git a/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/role/CreateDelete.java b/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/role/CreateDelete.java
index 3234fe9c..f9dcbcd8 100644
--- a/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/role/CreateDelete.java
+++ b/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/role/CreateDelete.java
@@ -40,94 +40,94 @@ import aaf.v2_0.RoleRequest;
*
*/
public class CreateDelete extends Cmd {
- private static final String ROLE_PATH = "/authz/role";
- private final static String[] options = {"create","delete"};
- public CreateDelete(Role parent) {
- super(parent,null,
- new Param(optionsToString(options),true),
- new Param("name",true));
- }
+ private static final String ROLE_PATH = "/authz/role";
+ private final static String[] options = {"create","delete"};
+ public CreateDelete(Role parent) {
+ super(parent,null,
+ new Param(optionsToString(options),true),
+ new Param("name",true));
+ }
- @Override
- public int _exec(final int index, final String ... args) throws CadiException, APIException, LocatorException {
- return same(new Retryable<Integer>() {
- @Override
- public Integer code(Rcli<?> client) throws CadiException, APIException {
- int idx = index;
- String action = args[idx++];
- int option = whichOption(options, action);
-
- RoleRequest rr = new RoleRequest();
- rr.setName(args[idx++]);
-
- // Set Start/End commands
- setStartEnd(rr);
-
- Future<RoleRequest> fp = null;
- String verb = null;
- int rv;
- switch(option) {
- case 0:
- fp = client.create(
- ROLE_PATH,
- getDF(RoleRequest.class),
- rr
- );
- verb = "Create";
- break;
- case 1:
- // Send "Force" if set
- setQueryParamsOn(client);
- fp = client.delete(
- ROLE_PATH, // +args[idx++],
- getDF(RoleRequest.class),
- rr
- );
- verb = "Delete";
- break;
- default: // note, if not an option, whichOption throws Exception
- break;
-
- }
- boolean rolesSupplied = (args.length>idx);
- if(fp == null) {// This useless code brought to you by Sonar.
- throw new CadiException("No call made.");
- }
- if(fp.get(AAFcli.timeout())) {
- rv=fp.code();
- pw().print(verb);
- pw().println("d Role");
- if(rolesSupplied) {
- for(;args.length>idx;++idx ) {
- try {
- if(201!=(rv=((Role)parent)._exec(0,new String[] {"user","add",rr.getName(),args[idx]}))) {
- rv = 206 /*HttpStatus.PARTIAL_CONTENT_206*/;
- }
- } catch (LocatorException e) {
- throw new CadiException(e);
- }
- }
- }
- } else {
- if((rv=fp.code())==202) {
- pw().print("Role ");
- pw().print(verb);
- pw().println(" Accepted, but requires Approvals before actualizing");
- } else {
- error(fp);
- }
- }
- return rv;
- }
- });
- }
+ @Override
+ public int _exec(final int index, final String ... args) throws CadiException, APIException, LocatorException {
+ return same(new Retryable<Integer>() {
+ @Override
+ public Integer code(Rcli<?> client) throws CadiException, APIException {
+ int idx = index;
+ String action = args[idx++];
+ int option = whichOption(options, action);
+
+ RoleRequest rr = new RoleRequest();
+ rr.setName(args[idx++]);
+
+ // Set Start/End commands
+ setStartEnd(rr);
+
+ Future<RoleRequest> fp = null;
+ String verb = null;
+ int rv;
+ switch(option) {
+ case 0:
+ fp = client.create(
+ ROLE_PATH,
+ getDF(RoleRequest.class),
+ rr
+ );
+ verb = "Create";
+ break;
+ case 1:
+ // Send "Force" if set
+ setQueryParamsOn(client);
+ fp = client.delete(
+ ROLE_PATH, // +args[idx++],
+ getDF(RoleRequest.class),
+ rr
+ );
+ verb = "Delete";
+ break;
+ default: // note, if not an option, whichOption throws Exception
+ break;
+
+ }
+ boolean rolesSupplied = (args.length>idx);
+ if(fp == null) {// This useless code brought to you by Sonar.
+ throw new CadiException("No call made.");
+ }
+ if(fp.get(AAFcli.timeout())) {
+ rv=fp.code();
+ pw().print(verb);
+ pw().println("d Role");
+ if(rolesSupplied) {
+ for(;args.length>idx;++idx ) {
+ try {
+ if(201!=(rv=((Role)parent)._exec(0,new String[] {"user","add",rr.getName(),args[idx]}))) {
+ rv = 206 /*HttpStatus.PARTIAL_CONTENT_206*/;
+ }
+ } catch (LocatorException e) {
+ throw new CadiException(e);
+ }
+ }
+ }
+ } else {
+ if((rv=fp.code())==202) {
+ pw().print("Role ");
+ pw().print(verb);
+ pw().println(" Accepted, but requires Approvals before actualizing");
+ } else {
+ error(fp);
+ }
+ }
+ return rv;
+ }
+ });
+ }
- @Override
- public void detailedHelp(int indent, StringBuilder sb) {
- detailLine(sb,indent,"Create OR Delete a Role");
- detailLine(sb,indent+2,"name - Name of Role to create");
- api(sb,indent,HttpMethods.POST,"authz/role",RoleRequest.class,true);
- api(sb,indent,HttpMethods.DELETE,"authz/role",RoleRequest.class,false);
- }
+ @Override
+ public void detailedHelp(int indent, StringBuilder sb) {
+ detailLine(sb,indent,"Create OR Delete a Role");
+ detailLine(sb,indent+2,"name - Name of Role to create");
+ api(sb,indent,HttpMethods.POST,"authz/role",RoleRequest.class,true);
+ api(sb,indent,HttpMethods.DELETE,"authz/role",RoleRequest.class,false);
+ }
}
diff --git a/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/role/Describe.java b/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/role/Describe.java
index 5498f29a..e8001040 100644
--- a/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/role/Describe.java
+++ b/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/role/Describe.java
@@ -35,60 +35,60 @@ import org.onap.aaf.misc.env.APIException;
import aaf.v2_0.RoleRequest;
public class Describe extends Cmd {
- private static final String ROLE_PATH = "/authz/role";
- public Describe(Role parent) {
- super(parent,"describe",
- new Param("name",true),
- new Param("description",true));
- }
+ private static final String ROLE_PATH = "/authz/role";
+ public Describe(Role parent) {
+ super(parent,"describe",
+ new Param("name",true),
+ new Param("description",true));
+ }
- @Override
- public int _exec(final int index, final String ... args) throws CadiException, APIException, LocatorException {
- return same(new Retryable<Integer>() {
- @Override
- public Integer code(Rcli<?> client) throws CadiException, APIException {
- int idx = index;
- String role = args[idx++];
- StringBuilder desc = new StringBuilder();
- while (idx < args.length) {
- desc.append(args[idx++] + ' ');
- }
-
- RoleRequest rr = new RoleRequest();
- rr.setName(role);
- rr.setDescription(desc.toString());
-
- // Set Start/End commands
- setStartEnd(rr);
-
- Future<RoleRequest> fp = null;
- int rv;
+ @Override
+ public int _exec(final int index, final String ... args) throws CadiException, APIException, LocatorException {
+ return same(new Retryable<Integer>() {
+ @Override
+ public Integer code(Rcli<?> client) throws CadiException, APIException {
+ int idx = index;
+ String role = args[idx++];
+ StringBuilder desc = new StringBuilder();
+ while (idx < args.length) {
+ desc.append(args[idx++] + ' ');
+ }
+
+ RoleRequest rr = new RoleRequest();
+ rr.setName(role);
+ rr.setDescription(desc.toString());
+
+ // Set Start/End commands
+ setStartEnd(rr);
+
+ Future<RoleRequest> fp = null;
+ int rv;
- fp = client.update(
- ROLE_PATH,
- getDF(RoleRequest.class),
- rr
- );
+ fp = client.update(
+ ROLE_PATH,
+ getDF(RoleRequest.class),
+ rr
+ );
- if(fp.get(AAFcli.timeout())) {
- rv=fp.code();
- pw().println("Description added to role");
- } else {
- if((rv=fp.code())==202) {
- pw().print("Adding description");
- pw().println(" Accepted, but requires Approvals before actualizing");
- } else {
- error(fp);
- }
- }
- return rv;
- }
- });
- }
+ if(fp.get(AAFcli.timeout())) {
+ rv=fp.code();
+ pw().println("Description added to role");
+ } else {
+ if((rv=fp.code())==202) {
+ pw().print("Adding description");
+ pw().println(" Accepted, but requires Approvals before actualizing");
+ } else {
+ error(fp);
+ }
+ }
+ return rv;
+ }
+ });
+ }
- @Override
- public void detailedHelp(int indent, StringBuilder sb) {
- detailLine(sb,indent,"Add a description to a role");
- api(sb,indent,HttpMethods.PUT,"authz/role",RoleRequest.class,true);
- }
+ @Override
+ public void detailedHelp(int indent, StringBuilder sb) {
+ detailLine(sb,indent,"Add a description to a role");
+ api(sb,indent,HttpMethods.PUT,"authz/role",RoleRequest.class,true);
+ }
}
diff --git a/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/role/List.java b/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/role/List.java
index 2e09b03b..ec8d8ee3 100644
--- a/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/role/List.java
+++ b/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/role/List.java
@@ -45,167 +45,167 @@ import aaf.v2_0.UserRoles;
public class List extends BaseCmd<Role> {
- private static final String XXXX_XX_XX = "XXXX-XX-XX";
- private static final String LIST_ROLES_BY_NAME = "list roles for role";
+ private static final String XXXX_XX_XX = "XXXX-XX-XX";
+ private static final String LIST_ROLES_BY_NAME = "list roles for role";
- public List(Role parent) {
- super(parent,"list");
- cmds.add(new ListByUser(this));
- cmds.add(new ListByRole(this));
- cmds.add(new ListByNS(this));
- cmds.add(new ListByNameOnly(this));
- cmds.add(new ListByPerm(this));
- cmds.add(new ListActivity(this));
- }
-
- // Package Level on purpose
- abstract class ListRoles extends Retryable<Integer> {
- protected int list(Future<Roles> fr,Rcli<?> client, String header) throws APIException, CadiException {
- if(fr.get(AAFcli.timeout())) {
- Perms perms=null;
- if (aafcli.isDetailed()) {
- for(aaf.v2_0.Role r : fr.value.getRole()) {
- Future<Perms> fp = client.read(
- "/authz/perms/role/"+r.getName()+(aafcli.isDetailed()?"?ns":""),
- getDF(Perms.class)
- );
- if(fp.get(AAFcli.timeout())) {
- if(perms==null) {
- perms = fp.value;
- } else {
- perms.getPerm().addAll(fp.value.getPerm());
- }
- }
- }
- }
- report(fr.value,perms,null,header);
- } else {
- error(fr);
- }
- return fr.code();
- }
- }
+ public List(Role parent) {
+ super(parent,"list");
+ cmds.add(new ListByUser(this));
+ cmds.add(new ListByRole(this));
+ cmds.add(new ListByNS(this));
+ cmds.add(new ListByNameOnly(this));
+ cmds.add(new ListByPerm(this));
+ cmds.add(new ListActivity(this));
+ }
+
+ // Package Level on purpose
+ abstract class ListRoles extends Retryable<Integer> {
+ protected int list(Future<Roles> fr,Rcli<?> client, String header) throws APIException, CadiException {
+ if(fr.get(AAFcli.timeout())) {
+ Perms perms=null;
+ if (aafcli.isDetailed()) {
+ for(aaf.v2_0.Role r : fr.value.getRole()) {
+ Future<Perms> fp = client.read(
+ "/authz/perms/role/"+r.getName()+(aafcli.isDetailed()?"?ns":""),
+ getDF(Perms.class)
+ );
+ if(fp.get(AAFcli.timeout())) {
+ if(perms==null) {
+ perms = fp.value;
+ } else {
+ perms.getPerm().addAll(fp.value.getPerm());
+ }
+ }
+ }
+ }
+ report(fr.value,perms,null,header);
+ } else {
+ error(fr);
+ }
+ return fr.code();
+ }
+ }
- private final static String roleFormat = "%-56s Expires %s\n";
- private final static String roleFormatNoDate = "%-61s\n";
- private final static String roleExpiredFormat = "%-53s !!! EXPIRED !!! %s\n";
- private final static String permFormat = " %-30s %-30s %-15s\n";
+ private final static String roleFormat = "%-56s Expires %s\n";
+ private final static String roleFormatNoDate = "%-61s\n";
+ private final static String roleExpiredFormat = "%-53s !!! EXPIRED !!! %s\n";
+ private final static String permFormat = " %-30s %-30s %-15s\n";
-
- private static final Comparator<aaf.v2_0.Role> roleCompare = new Comparator<aaf.v2_0.Role>() {
- @Override
- public int compare(aaf.v2_0.Role a, aaf.v2_0.Role b) {
- return a.getName().compareTo(b.getName());
- }
- };
- public void report(Roles roles, Perms perms, UserRoles urs, String ... str) {
- reportHead(str);
- XMLGregorianCalendar now = Chrono.timeStamp().normalize();
- if(roles==null || roles.getRole().isEmpty()) {
- pw().println("<No Roles Found>");
- } else if (aafcli.isDetailed()){
- if (aafcli.isDetailed() && str[0].toLowerCase().contains(LIST_ROLES_BY_NAME)) {
- String description = roles.getRole().get(0).getDescription();
- if (description == null) description = "";
- reportColHead("%-80s\n","Description: " + description);
- }
+
+ private static final Comparator<aaf.v2_0.Role> roleCompare = new Comparator<aaf.v2_0.Role>() {
+ @Override
+ public int compare(aaf.v2_0.Role a, aaf.v2_0.Role b) {
+ return a.getName().compareTo(b.getName());
+ }
+ };
+ public void report(Roles roles, Perms perms, UserRoles urs, String ... str) {
+ reportHead(str);
+ XMLGregorianCalendar now = Chrono.timeStamp().normalize();
+ if(roles==null || roles.getRole().isEmpty()) {
+ pw().println("<No Roles Found>");
+ } else if (aafcli.isDetailed()){
+ if (aafcli.isDetailed() && str[0].toLowerCase().contains(LIST_ROLES_BY_NAME)) {
+ String description = roles.getRole().get(0).getDescription();
+ if (description == null) description = "";
+ reportColHead("%-80s\n","Description: " + description);
+ }
- String fullFormat = roleFormat+permFormat;
- reportColHead(fullFormat,"[ROLE NS].Name","","[PERM NS].Type","Instance","Action");
- Collections.sort(roles.getRole(),roleCompare);
- for(aaf.v2_0.Role r : roles.getRole()) {
- String roleName = r.getName();
- String ns = r.getNs();
- if(aafcli.isTest()) {
- if(ns==null) {
- pw().format(roleFormat, roleName,XXXX_XX_XX);
- } else {
- pw().format(roleFormat, "["+ns+"]"+roleName.substring(ns.length()),XXXX_XX_XX);
- }
- } else {
- UserRole ur = get(roleName,urs);
- if(ur!=null && now.compare(ur.getExpires().normalize())>0) {
- if(ns==null) {
- pw().format(roleExpiredFormat, roleName,Chrono.dateOnlyStamp(ur.getExpires()));
- } else {
- pw().format(roleExpiredFormat, "["+ns+"]"+roleName.substring(ns.length()),Chrono.dateOnlyStamp(ur.getExpires()));
- }
- } else {
- if(ns==null) {
- pw().format(roleFormat, roleName,ur!=null?Chrono.dateOnlyStamp(ur.getExpires()):"");
- } else {
- pw().format(roleFormat, "["+ns+"]"+roleName.substring(ns.length()),ur!=null?Chrono.dateOnlyStamp(ur.getExpires()):"");
- }
- }
- }
+ String fullFormat = roleFormat+permFormat;
+ reportColHead(fullFormat,"[ROLE NS].Name","","[PERM NS].Type","Instance","Action");
+ Collections.sort(roles.getRole(),roleCompare);
+ for(aaf.v2_0.Role r : roles.getRole()) {
+ String roleName = r.getName();
+ String ns = r.getNs();
+ if(aafcli.isTest()) {
+ if(ns==null) {
+ pw().format(roleFormat, roleName,XXXX_XX_XX);
+ } else {
+ pw().format(roleFormat, "["+ns+"]"+roleName.substring(ns.length()),XXXX_XX_XX);
+ }
+ } else {
+ UserRole ur = get(roleName,urs);
+ if(ur!=null && now.compare(ur.getExpires().normalize())>0) {
+ if(ns==null) {
+ pw().format(roleExpiredFormat, roleName,Chrono.dateOnlyStamp(ur.getExpires()));
+ } else {
+ pw().format(roleExpiredFormat, "["+ns+"]"+roleName.substring(ns.length()),Chrono.dateOnlyStamp(ur.getExpires()));
+ }
+ } else {
+ if(ns==null) {
+ pw().format(roleFormat, roleName,ur!=null?Chrono.dateOnlyStamp(ur.getExpires()):"");
+ } else {
+ pw().format(roleFormat, "["+ns+"]"+roleName.substring(ns.length()),ur!=null?Chrono.dateOnlyStamp(ur.getExpires()):"");
+ }
+ }
+ }
- for(Pkey pkey : r.getPerms()) {
- Perm perm = get(pkey,perms);
- if(perm==null || perm.getNs()==null) {
- pw().format(permFormat,
- pkey.getType(),
- pkey.getInstance(),
- pkey.getAction());
- } else {
- String ns1 = perm.getNs();
- pw().format(permFormat,
- '['+ns1+"]"+perm.getType().substring(ns1.length()),
- perm.getInstance(),
- perm.getAction());
- }
- }
- }
- } else {
- String fullFormat = roleFormat;
- reportColHead(fullFormat,"ROLE Name","","PERM Type","Instance","Action");
- Collections.sort(roles.getRole(),roleCompare);
- for(aaf.v2_0.Role r : roles.getRole()) {
- if (urs != null) {
- String roleName = r.getName();
- if(!aafcli.isTest()) {
- UserRole ur = get(roleName,urs);
- if(ur!=null && now.compare(ur.getExpires().normalize())>0) {
- pw().format(roleExpiredFormat, roleName+"*",Chrono.dateOnlyStamp(ur.getExpires()));
- } else {
- pw().format(roleFormat, roleName,ur!=null?Chrono.dateOnlyStamp(ur.getExpires()):"");
- }
- } else {
- pw().format(roleFormat, roleName,XXXX_XX_XX);
- }
- } else {
- pw().format(roleFormatNoDate, r.getName());
- for(Pkey perm : r.getPerms()) {
- pw().format(permFormat,
- perm.getType(),
- perm.getInstance(),
- perm.getAction());
- }
- }
- }
- }
- }
- private Perm get(Pkey pkey, Perms perms) {
- if(perms!=null) {
- for(Perm p : perms.getPerm()) {
- if(pkey.getAction().equals(p.getAction()) &&
- pkey.getInstance().equals(p.getInstance()) &&
- pkey.getType().equals(p.getType())) {
- return p;
- }
- }
- }
- return null;
- }
- // The assumption is that these UserRoles are already pulled in by User... no need to check
- private UserRole get(String roleName, UserRoles urs) {
- if(urs!=null) {
- for(UserRole ur : urs.getUserRole()) {
- if(roleName.equals(ur.getRole())) {
- return ur;
- }
- }
- }
- return null;
- }
+ for(Pkey pkey : r.getPerms()) {
+ Perm perm = get(pkey,perms);
+ if(perm==null || perm.getNs()==null) {
+ pw().format(permFormat,
+ pkey.getType(),
+ pkey.getInstance(),
+ pkey.getAction());
+ } else {
+ String ns1 = perm.getNs();
+ pw().format(permFormat,
+ '['+ns1+"]"+perm.getType().substring(ns1.length()),
+ perm.getInstance(),
+ perm.getAction());
+ }
+ }
+ }
+ } else {
+ String fullFormat = roleFormat;
+ reportColHead(fullFormat,"ROLE Name","","PERM Type","Instance","Action");
+ Collections.sort(roles.getRole(),roleCompare);
+ for(aaf.v2_0.Role r : roles.getRole()) {
+ if (urs != null) {
+ String roleName = r.getName();
+ if(!aafcli.isTest()) {
+ UserRole ur = get(roleName,urs);
+ if(ur!=null && now.compare(ur.getExpires().normalize())>0) {
+ pw().format(roleExpiredFormat, roleName+"*",Chrono.dateOnlyStamp(ur.getExpires()));
+ } else {
+ pw().format(roleFormat, roleName,ur!=null?Chrono.dateOnlyStamp(ur.getExpires()):"");
+ }
+ } else {
+ pw().format(roleFormat, roleName,XXXX_XX_XX);
+ }
+ } else {
+ pw().format(roleFormatNoDate, r.getName());
+ for(Pkey perm : r.getPerms()) {
+ pw().format(permFormat,
+ perm.getType(),
+ perm.getInstance(),
+ perm.getAction());
+ }
+ }
+ }
+ }
+ }
+ private Perm get(Pkey pkey, Perms perms) {
+ if(perms!=null) {
+ for(Perm p : perms.getPerm()) {
+ if(pkey.getAction().equals(p.getAction()) &&
+ pkey.getInstance().equals(p.getInstance()) &&
+ pkey.getType().equals(p.getType())) {
+ return p;
+ }
+ }
+ }
+ return null;
+ }
+ // The assumption is that these UserRoles are already pulled in by User... no need to check
+ private UserRole get(String roleName, UserRoles urs) {
+ if(urs!=null) {
+ for(UserRole ur : urs.getUserRole()) {
+ if(roleName.equals(ur.getRole())) {
+ return ur;
+ }
+ }
+ }
+ return null;
+ }
}
diff --git a/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/role/ListActivity.java b/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/role/ListActivity.java
index 0331ae09..1f6f18f7 100644
--- a/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/role/ListActivity.java
+++ b/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/role/ListActivity.java
@@ -39,37 +39,37 @@ import aaf.v2_0.History;
*
*/
public class ListActivity extends Cmd {
- private static final String HEADER = "List Activity of Role";
+ private static final String HEADER = "List Activity of Role";
- public ListActivity(List parent) {
- super(parent,"activity",
- new Param("name",true));
- }
+ public ListActivity(List parent) {
+ super(parent,"activity",
+ new Param("name",true));
+ }
- @Override
- public int _exec(int _idx, final String ... args) throws CadiException, APIException, LocatorException {
- int idx = _idx;
- final String role = args[idx++];
- return same(new Retryable<Integer>() {
- @Override
- public Integer code(Rcli<?> client) throws CadiException, APIException {
- Future<History> fp = client.read(
- "/authz/hist/role/"+role,
- getDF(History.class)
- );
- if(fp.get(AAFcli.timeout())) {
- activity(fp.value,HEADER + " [ " + role + " ]");
- } else {
- error(fp);
- }
- return fp.code();
- }
- });
- }
+ @Override
+ public int _exec(int _idx, final String ... args) throws CadiException, APIException, LocatorException {
+ int idx = _idx;
+ final String role = args[idx++];
+ return same(new Retryable<Integer>() {
+ @Override
+ public Integer code(Rcli<?> client) throws CadiException, APIException {
+ Future<History> fp = client.read(
+ "/authz/hist/role/"+role,
+ getDF(History.class)
+ );
+ if(fp.get(AAFcli.timeout())) {
+ activity(fp.value,HEADER + " [ " + role + " ]");
+ } else {
+ error(fp);
+ }
+ return fp.code();
+ }
+ });
+ }
- @Override
- public void detailedHelp(int indent, StringBuilder sb) {
- detailLine(sb,indent,HEADER);
- api(sb,indent,HttpMethods.GET,"authz/hist/role/<role>",History.class,true);
- }
+ @Override
+ public void detailedHelp(int indent, StringBuilder sb) {
+ detailLine(sb,indent,HEADER);
+ api(sb,indent,HttpMethods.GET,"authz/hist/role/<role>",History.class,true);
+ }
}
diff --git a/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/role/ListByNS.java b/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/role/ListByNS.java
index 11476f10..361676a4 100644
--- a/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/role/ListByNS.java
+++ b/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/role/ListByNS.java
@@ -39,34 +39,34 @@ import aaf.v2_0.Roles;
*
*/
public class ListByNS extends Cmd {
- private static final String HEADER = "List Roles by NS ";
-
- public ListByNS(List parent) {
- super(parent,"ns",
- new Param("name",true));
- }
+ private static final String HEADER = "List Roles by NS ";
+
+ public ListByNS(List parent) {
+ super(parent,"ns",
+ new Param("name",true));
+ }
- @Override
- public int _exec( int idx, final String ... args) throws CadiException, APIException, LocatorException {
- final String ns=args[idx];
+ @Override
+ public int _exec( int idx, final String ... args) throws CadiException, APIException, LocatorException {
+ final String ns=args[idx];
- return same(((List)parent).new ListRoles() {
- @Override
- public Integer code(Rcli<?> client) throws CadiException, APIException {
- Future<Roles> fp = client.read(
- "/authz/roles/ns/"+ns+(aafcli.isDetailed()?"?ns":""),
- getDF(Roles.class)
- );
- return list(fp,client, HEADER+"["+ns+"]");
- }
- });
- }
-
- @Override
- public void detailedHelp(int indent, StringBuilder sb) {
- detailLine(sb,indent,HEADER);
- api(sb,indent,HttpMethods.GET,"authz/roles/name/<ns>",Roles.class,true);
- }
+ return same(((List)parent).new ListRoles() {
+ @Override
+ public Integer code(Rcli<?> client) throws CadiException, APIException {
+ Future<Roles> fp = client.read(
+ "/authz/roles/ns/"+ns+(aafcli.isDetailed()?"?ns":""),
+ getDF(Roles.class)
+ );
+ return list(fp,client, HEADER+"["+ns+"]");
+ }
+ });
+ }
+
+ @Override
+ public void detailedHelp(int indent, StringBuilder sb) {
+ detailLine(sb,indent,HEADER);
+ api(sb,indent,HttpMethods.GET,"authz/roles/name/<ns>",Roles.class,true);
+ }
}
diff --git a/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/role/ListByNameOnly.java b/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/role/ListByNameOnly.java
index 81b86718..4d77c460 100644
--- a/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/role/ListByNameOnly.java
+++ b/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/role/ListByNameOnly.java
@@ -39,34 +39,34 @@ import aaf.v2_0.Roles;
*
*/
public class ListByNameOnly extends Cmd {
- private static final String HEADER = "List Roles by Name ";
-
- public ListByNameOnly(List parent) {
- super(parent,"name",
- new Param("name",true));
- }
+ private static final String HEADER = "List Roles by Name ";
+
+ public ListByNameOnly(List parent) {
+ super(parent,"name",
+ new Param("name",true));
+ }
- @Override
- public int _exec( int idx, final String ... args) throws CadiException, APIException, LocatorException {
- final String name=args[idx];
+ @Override
+ public int _exec( int idx, final String ... args) throws CadiException, APIException, LocatorException {
+ final String name=args[idx];
- return same(((List)parent).new ListRoles() {
- @Override
- public Integer code(Rcli<?> client) throws CadiException, APIException {
- Future<Roles> fp = client.read(
- "/authz/roles/name/"+name+(aafcli.isDetailed()?"?ns":""),
- getDF(Roles.class)
- );
- return list(fp,client, HEADER+"["+name+"]");
- }
- });
- }
-
- @Override
- public void detailedHelp(int indent, StringBuilder sb) {
- detailLine(sb,indent,HEADER);
- api(sb,indent,HttpMethods.GET,"authz/roles/name/<name>",Roles.class,true);
- }
+ return same(((List)parent).new ListRoles() {
+ @Override
+ public Integer code(Rcli<?> client) throws CadiException, APIException {
+ Future<Roles> fp = client.read(
+ "/authz/roles/name/"+name+(aafcli.isDetailed()?"?ns":""),
+ getDF(Roles.class)
+ );
+ return list(fp,client, HEADER+"["+name+"]");
+ }
+ });
+ }
+
+ @Override
+ public void detailedHelp(int indent, StringBuilder sb) {
+ detailLine(sb,indent,HEADER);
+ api(sb,indent,HttpMethods.GET,"authz/roles/name/<name>",Roles.class,true);
+ }
}
diff --git a/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/role/ListByPerm.java b/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/role/ListByPerm.java
index cb18eb34..3431a0ea 100644
--- a/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/role/ListByPerm.java
+++ b/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/role/ListByPerm.java
@@ -39,40 +39,40 @@ import aaf.v2_0.Roles;
*
*/
public class ListByPerm extends Cmd {
- private static final String HEADER = "List Roles by Perm ";
-
- public ListByPerm(List parent) {
- super(parent,"perm",
- new Param("type",true),
- new Param("instance", true),
- new Param("action", true));
- }
+ private static final String HEADER = "List Roles by Perm ";
+
+ public ListByPerm(List parent) {
+ super(parent,"perm",
+ new Param("type",true),
+ new Param("instance", true),
+ new Param("action", true));
+ }
- @Override
- public int _exec(int _idx, final String ... args) throws CadiException, APIException, LocatorException {
- int idx = _idx;
- final String type=args[idx];
- final String instance=args[++idx];
- final String action=args[++idx];
+ @Override
+ public int _exec(int _idx, final String ... args) throws CadiException, APIException, LocatorException {
+ int idx = _idx;
+ final String type=args[idx];
+ final String instance=args[++idx];
+ final String action=args[++idx];
- return same(((List)parent).new ListRoles() {
- @Override
- public Integer code(Rcli<?> client) throws CadiException, APIException {
+ return same(((List)parent).new ListRoles() {
+ @Override
+ public Integer code(Rcli<?> client) throws CadiException, APIException {
- Future<Roles> fp = client.read(
- "/authz/roles/perm/"+type+'/'+instance+'/'+action,
- getDF(Roles.class)
- );
- return list(fp,client, HEADER+type+'|'+instance+'|'+action);
- }
- });
- }
-
- @Override
- public void detailedHelp(int indent, StringBuilder sb) {
- detailLine(sb,indent,HEADER);
- api(sb,indent,HttpMethods.GET,"authz/roles/user/<user>",Roles.class,true);
- }
+ Future<Roles> fp = client.read(
+ "/authz/roles/perm/"+type+'/'+instance+'/'+action,
+ getDF(Roles.class)
+ );
+ return list(fp,client, HEADER+type+'|'+instance+'|'+action);
+ }
+ });
+ }
+
+ @Override
+ public void detailedHelp(int indent, StringBuilder sb) {
+ detailLine(sb,indent,HEADER);
+ api(sb,indent,HttpMethods.GET,"authz/roles/user/<user>",Roles.class,true);
+ }
}
diff --git a/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/role/ListByRole.java b/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/role/ListByRole.java
index 0fafbd92..761df695 100644
--- a/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/role/ListByRole.java
+++ b/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/role/ListByRole.java
@@ -38,32 +38,32 @@ import aaf.v2_0.Roles;
*
*/
public class ListByRole extends Cmd {
- private static final String HEADER="List Roles for Role";
-
- public ListByRole(List parent) {
- super(parent,"role",
- new Param("role",true));
- }
+ private static final String HEADER="List Roles for Role";
+
+ public ListByRole(List parent) {
+ super(parent,"role",
+ new Param("role",true));
+ }
- @Override
- public int _exec(final int idx, final String ... args) throws CadiException, APIException, LocatorException {
- return same(((List)parent).new ListRoles() {
- @Override
- public Integer code(Rcli<?> client) throws CadiException, APIException {
- String role=args[idx];
- Future<Roles> fp = client.read(
- "/authz/roles/"+role+(aafcli.isDetailed()?"?ns":""),
- getDF(Roles.class)
- );
- return list(fp,client,HEADER+"["+role+"]");
- }
- });
- }
-
- @Override
- public void detailedHelp(int indent, StringBuilder sb) {
- detailLine(sb,indent,HEADER);
- api(sb,indent,HttpMethods.GET,"authz/roles/<role>",Roles.class,true);
- }
+ @Override
+ public int _exec(final int idx, final String ... args) throws CadiException, APIException, LocatorException {
+ return same(((List)parent).new ListRoles() {
+ @Override
+ public Integer code(Rcli<?> client) throws CadiException, APIException {
+ String role=args[idx];
+ Future<Roles> fp = client.read(
+ "/authz/roles/"+role+(aafcli.isDetailed()?"?ns":""),
+ getDF(Roles.class)
+ );
+ return list(fp,client,HEADER+"["+role+"]");
+ }
+ });
+ }
+
+ @Override
+ public void detailedHelp(int indent, StringBuilder sb) {
+ detailLine(sb,indent,HEADER);
+ api(sb,indent,HttpMethods.GET,"authz/roles/<role>",Roles.class,true);
+ }
}
diff --git a/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/role/ListByUser.java b/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/role/ListByUser.java
index 7165de67..c9ed37a4 100644
--- a/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/role/ListByUser.java
+++ b/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/role/ListByUser.java
@@ -42,58 +42,58 @@ import aaf.v2_0.UserRoles;
*
*/
public class ListByUser extends Cmd {
- private static final String HEADER = "List Roles for User ";
-
- public ListByUser(List parent) {
- super(parent,"user",
- new Param("id",true),
- new Param("detail", false));
- }
+ private static final String HEADER = "List Roles for User ";
+
+ public ListByUser(List parent) {
+ super(parent,"user",
+ new Param("id",true),
+ new Param("detail", false));
+ }
- @Override
- public int _exec( int idx, final String ... args) throws CadiException, APIException, LocatorException {
- final String user=fullID(args[idx]);
-
+ @Override
+ public int _exec( int idx, final String ... args) throws CadiException, APIException, LocatorException {
+ final String user=fullID(args[idx]);
+
- return same(new Retryable<Integer>() {
- @Override
- public Integer code(Rcli<?> client) throws CadiException, APIException {
- Perms perms=null;
- UserRoles urs=null;
- Future<Roles> fr = client.read(
- "/authz/roles/user/"+user+(aafcli.isDetailed()?"?ns":""),
- getDF(Roles.class)
- );
- Future<UserRoles> fur = client.read(
- "/authz/userRoles/user/"+user,
- getDF(UserRoles.class)
- );
- if(fr.get(AAFcli.timeout())) {
- if (aafcli.isDetailed()) {
- Future<Perms> fp = client.read(
- "/authz/perms/user/"+user+(aafcli.isDetailed()?"?ns":""),
- getDF(Perms.class)
- );
- if(fp.get(AAFcli.timeout())) {
- perms = fp.value;
- }
- }
- if (fur.get(AAFcli.timeout())) {
- urs = fur.value;
- }
-
- ((List)parent).report(fr.value,perms,urs,HEADER,user);
- } else {
- error(fr);
- }
- return fr.code();
- }
- });
- }
-
- @Override
- public void detailedHelp(int indent, StringBuilder sb) {
- detailLine(sb,indent,HEADER);
- api(sb,indent,HttpMethods.GET,"authz/roles/user/<user>",Roles.class,true);
- }
+ return same(new Retryable<Integer>() {
+ @Override
+ public Integer code(Rcli<?> client) throws CadiException, APIException {
+ Perms perms=null;
+ UserRoles urs=null;
+ Future<Roles> fr = client.read(
+ "/authz/roles/user/"+user+(aafcli.isDetailed()?"?ns":""),
+ getDF(Roles.class)
+ );
+ Future<UserRoles> fur = client.read(
+ "/authz/userRoles/user/"+user,
+ getDF(UserRoles.class)
+ );
+ if(fr.get(AAFcli.timeout())) {
+ if (aafcli.isDetailed()) {
+ Future<Perms> fp = client.read(
+ "/authz/perms/user/"+user+(aafcli.isDetailed()?"?ns":""),
+ getDF(Perms.class)
+ );
+ if(fp.get(AAFcli.timeout())) {
+ perms = fp.value;
+ }
+ }
+ if (fur.get(AAFcli.timeout())) {
+ urs = fur.value;
+ }
+
+ ((List)parent).report(fr.value,perms,urs,HEADER,user);
+ } else {
+ error(fr);
+ }
+ return fr.code();
+ }
+ });
+ }
+
+ @Override
+ public void detailedHelp(int indent, StringBuilder sb) {
+ detailLine(sb,indent,HEADER);
+ api(sb,indent,HttpMethods.GET,"authz/roles/user/<user>",Roles.class,true);
+ }
}
diff --git a/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/role/Role.java b/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/role/Role.java
index f28654ee..e3c838af 100644
--- a/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/role/Role.java
+++ b/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/role/Role.java
@@ -26,14 +26,14 @@ import org.onap.aaf.auth.cmd.BaseCmd;
import org.onap.aaf.misc.env.APIException;
public class Role extends BaseCmd<Role> {
- public List list;
+ public List list;
- public Role(AAFcli aafcli) throws APIException {
- super(aafcli, "role");
- cmds.add(new CreateDelete(this));
-// cmds.add(new Delete(this));
- cmds.add(new User(this));
- cmds.add(new Describe(this));
- cmds.add(list = new List(this));
- }
+ public Role(AAFcli aafcli) throws APIException {
+ super(aafcli, "role");
+ cmds.add(new CreateDelete(this));
+// cmds.add(new Delete(this));
+ cmds.add(new User(this));
+ cmds.add(new Describe(this));
+ cmds.add(list = new List(this));
+ }
}
diff --git a/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/role/User.java b/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/role/User.java
index 181804b9..c628eb17 100644
--- a/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/role/User.java
+++ b/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/role/User.java
@@ -40,130 +40,130 @@ import aaf.v2_0.UserRoleRequest;
*
*/
public class User extends Cmd {
- private final static String[] options = {"add","del","setTo","extend"};
- public User(Role parent) {
- super(parent,"user",
- new Param(optionsToString(options),true),
- new Param("role",true),
- new Param("id[,id]* (not required for setTo)",false));
- }
+ private final static String[] options = {"add","del","setTo","extend"};
+ public User(Role parent) {
+ super(parent,"user",
+ new Param(optionsToString(options),true),
+ new Param("role",true),
+ new Param("id[,id]* (not required for setTo)",false));
+ }
- @Override
- public int _exec(final int index, final String ... args) throws CadiException, APIException, LocatorException {
- return same(new Retryable<Integer>() {
- @Override
- public Integer code(Rcli<?> client) throws CadiException, APIException {
- int idx = index;
- String action = args[idx++];
- int option = whichOption(options, action);
- UserRoleRequest urr = new UserRoleRequest();
- urr.setRole(args[idx++]);
- // Set Start/End commands
- setStartEnd(urr);
-
- Future<?> fp = null;
-
- if (option != 2) {
- String[] ids = args[idx++].split(",");
- String verb=null,participle=null;
- // You can request to be added or removed from role.
- setQueryParamsOn(client);
+ @Override
+ public int _exec(final int index, final String ... args) throws CadiException, APIException, LocatorException {
+ return same(new Retryable<Integer>() {
+ @Override
+ public Integer code(Rcli<?> client) throws CadiException, APIException {
+ int idx = index;
+ String action = args[idx++];
+ int option = whichOption(options, action);
+ UserRoleRequest urr = new UserRoleRequest();
+ urr.setRole(args[idx++]);
+ // Set Start/End commands
+ setStartEnd(urr);
+
+ Future<?> fp = null;
+
+ if (option != 2) {
+ String[] ids = args[idx++].split(",");
+ String verb=null,participle=null;
+ // You can request to be added or removed from role.
+ setQueryParamsOn(client);
- for(String id: ids) {
- id=fullID(id);
- urr.setUser(id);
- switch(option) {
- case 0:
- fp = client.create(
- "/authz/userRole",
- getDF(UserRoleRequest.class),
- urr);
- verb = "Added";
- participle = "] to Role [" ;
- break;
- case 1:
- fp = client.delete(
- "/authz/userRole/"+urr.getUser()+'/'+urr.getRole(),
- Void.class);
- verb = "Removed";
- participle = "] from Role [" ;
- break;
- case 3:
- fp = client.update("/authz/userRole/extend/" + urr.getUser() + '/' + urr.getRole());
- verb = "Extended";
- participle = "] in Role [" ;
- break;
+ for(String id: ids) {
+ id=fullID(id);
+ urr.setUser(id);
+ switch(option) {
+ case 0:
+ fp = client.create(
+ "/authz/userRole",
+ getDF(UserRoleRequest.class),
+ urr);
+ verb = "Added";
+ participle = "] to Role [" ;
+ break;
+ case 1:
+ fp = client.delete(
+ "/authz/userRole/"+urr.getUser()+'/'+urr.getRole(),
+ Void.class);
+ verb = "Removed";
+ participle = "] from Role [" ;
+ break;
+ case 3:
+ fp = client.update("/authz/userRole/extend/" + urr.getUser() + '/' + urr.getRole());
+ verb = "Extended";
+ participle = "] in Role [" ;
+ break;
- default: // actually, should never get here...
- throw new CadiException("Invalid action [" + action + ']');
- }
- if(fp.get(AAFcli.timeout())) {
- pw().print(verb);
- pw().print(" User [");
- pw().print(urr.getUser());
- pw().print(participle);
- pw().print(urr.getRole());
- pw().println(']');
- } else {
- switch(fp.code()) {
- case 202:
- pw().print("User Role ");
- pw().print(action);
- pw().println(" is Accepted, but requires Approvals before actualizing");
- break;
- case 404:
- if(option==3) {
- pw().println("Failed with code 404: UserRole is not found, or you do not have permission to view");
- break;
- }
- default:
- error(fp);
- }
- }
- }
- } else {
- String allUsers = "";
- if (idx < args.length)
- allUsers = args[idx++];
- StringBuilder finalUsers = new StringBuilder();
- for (String u : allUsers.split(",")) {
- if (u != "") {
- u=fullID(u);
- if (finalUsers.length() > 0) finalUsers.append(",");
- finalUsers.append(u);
- }
- }
+ default: // actually, should never get here...
+ throw new CadiException("Invalid action [" + action + ']');
+ }
+ if(fp.get(AAFcli.timeout())) {
+ pw().print(verb);
+ pw().print(" User [");
+ pw().print(urr.getUser());
+ pw().print(participle);
+ pw().print(urr.getRole());
+ pw().println(']');
+ } else {
+ switch(fp.code()) {
+ case 202:
+ pw().print("User Role ");
+ pw().print(action);
+ pw().println(" is Accepted, but requires Approvals before actualizing");
+ break;
+ case 404:
+ if(option==3) {
+ pw().println("Failed with code 404: UserRole is not found, or you do not have permission to view");
+ break;
+ }
+ default:
+ error(fp);
+ }
+ }
+ }
+ } else {
+ String allUsers = "";
+ if (idx < args.length)
+ allUsers = args[idx++];
+ StringBuilder finalUsers = new StringBuilder();
+ for (String u : allUsers.split(",")) {
+ if (u != "") {
+ u=fullID(u);
+ if (finalUsers.length() > 0) finalUsers.append(",");
+ finalUsers.append(u);
+ }
+ }
- urr.setUser(finalUsers.toString());
- fp = client.update(
- "/authz/userRole/role",
- getDF(UserRoleRequest.class),
- urr);
- if(fp.get(AAFcli.timeout())) {
- pw().println("Set the Role to Users [" + allUsers + "]");
- } else {
- error(fp);
- }
- }
- return fp==null?0:fp.code();
- }
- });
- }
-
- @Override
- public void detailedHelp(int indent, StringBuilder sb) {
- detailLine(sb,indent,"Add OR Delete a User to/from a Role OR");
- detailLine(sb,indent,"Set a User's Roles to the roles supplied");
- detailLine(sb,indent+2,"role - Name of Role to create");
- detailLine(sb,indent+2,"id(s) - ID or IDs to add to the Role");
- sb.append('\n');
- detailLine(sb,indent+2,"Note: this is the same as \"user role add...\" except allows");
- detailLine(sb,indent+2,"assignment of role to multiple userss");
- detailLine(sb,indent+2,"WARNING: Users supplied with setTo will be the ONLY users attached to this role");
- detailLine(sb,indent+2,"If no users are supplied, the users attached to this role are reset.");
- api(sb,indent,HttpMethods.POST,"authz/userRole",UserRoleRequest.class,true);
- api(sb,indent,HttpMethods.DELETE,"authz/userRole/<user>/<role>",Void.class,false);
- api(sb,indent,HttpMethods.PUT,"authz/userRole/<role>",UserRoleRequest.class,false);
- }
+ urr.setUser(finalUsers.toString());
+ fp = client.update(
+ "/authz/userRole/role",
+ getDF(UserRoleRequest.class),
+ urr);
+ if(fp.get(AAFcli.timeout())) {
+ pw().println("Set the Role to Users [" + allUsers + "]");
+ } else {
+ error(fp);
+ }
+ }
+ return fp==null?0:fp.code();
+ }
+ });
+ }
+
+ @Override
+ public void detailedHelp(int indent, StringBuilder sb) {
+ detailLine(sb,indent,"Add OR Delete a User to/from a Role OR");
+ detailLine(sb,indent,"Set a User's Roles to the roles supplied");
+ detailLine(sb,indent+2,"role - Name of Role to create");
+ detailLine(sb,indent+2,"id(s) - ID or IDs to add to the Role");
+ sb.append('\n');
+ detailLine(sb,indent+2,"Note: this is the same as \"user role add...\" except allows");
+ detailLine(sb,indent+2,"assignment of role to multiple userss");
+ detailLine(sb,indent+2,"WARNING: Users supplied with setTo will be the ONLY users attached to this role");
+ detailLine(sb,indent+2,"If no users are supplied, the users attached to this role are reset.");
+ api(sb,indent,HttpMethods.POST,"authz/userRole",UserRoleRequest.class,true);
+ api(sb,indent,HttpMethods.DELETE,"authz/userRole/<user>/<role>",Void.class,false);
+ api(sb,indent,HttpMethods.PUT,"authz/userRole/<role>",UserRoleRequest.class,false);
+ }
}
diff --git a/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/user/Cred.java b/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/user/Cred.java
index 10333091..40447c19 100644
--- a/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/user/Cred.java
+++ b/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/user/Cred.java
@@ -35,123 +35,123 @@ import org.onap.aaf.misc.env.APIException;
import aaf.v2_0.CredRequest;
public class Cred extends Cmd {
- public static final String ATTEMPT_FAILED_SPECIFICS_WITHELD = "Attempt Failed. Specifics witheld.";
- private static final String CRED_PATH = "/authn/cred";
- private static final String[] options = {"add","del","reset","extend"/*,"clean"*/};
-// private Clean clean;
- public Cred(User parent) {
- super(parent,"cred",
- new Param(optionsToString(options),true),
- new Param("id",true),
- new Param("password (! D|E)",false),
- new Param("entry# (if multi)",false)
- );
-// clean = new Clean(this);
- }
+ public static final String ATTEMPT_FAILED_SPECIFICS_WITHELD = "Attempt Failed. Specifics witheld.";
+ private static final String CRED_PATH = "/authn/cred";
+ private static final String[] options = {"add","del","reset","extend"/*,"clean"*/};
+// private Clean clean;
+ public Cred(User parent) {
+ super(parent,"cred",
+ new Param(optionsToString(options),true),
+ new Param("id",true),
+ new Param("password (! D|E)",false),
+ new Param("entry# (if multi)",false)
+ );
+// clean = new Clean(this);
+ }
- @Override
- public int _exec(int _idx, final String ... args) throws CadiException, APIException, LocatorException {
- int idx = _idx;
- String key = args[idx++];
- final int option = whichOption(options,key);
+ @Override
+ public int _exec(int _idx, final String ... args) throws CadiException, APIException, LocatorException {
+ int idx = _idx;
+ String key = args[idx++];
+ final int option = whichOption(options,key);
- final CredRequest cr = new CredRequest();
- cr.setId(args[idx++]);
- if(option!=1 && option!=3) {
- if(idx>=args.length) throw new CadiException("Password Required");
- cr.setPassword(args[idx++]);
- }
- if(args.length>idx)
- cr.setEntry(args[idx++]);
-
- // Set Start/End commands
- setStartEnd(cr);
-// final int cleanIDX = _idx+1;
- Integer ret = same(new Retryable<Integer>() {
- @Override
- public Integer code(Rcli<?> client) throws CadiException, APIException {
- Future<CredRequest> fp=null;
- String verb =null;
- switch(option) {
- case 0:
- fp = client.create(
- CRED_PATH,
- getDF(CredRequest.class),
- cr
- );
- verb = "Added Credential [";
- break;
- case 1:
-// if(aafcli.addForce())cr.setForce("TRUE");
- setQueryParamsOn(client);
- fp = client.delete(CRED_PATH,
- getDF(CredRequest.class),
- cr
- );
- verb = "Deleted Credential [";
- break;
- case 2:
- fp = client.update(
- CRED_PATH,
- getDF(CredRequest.class),
- cr
- );
- verb = "Reset Credential [";
- break;
- case 3:
- fp = client.update(
- CRED_PATH+"/5",
- getDF(CredRequest.class),
- cr
- );
- verb = "Extended Credential [";
- break;
-// case 4:
-// return clean.exec(cleanIDX, args);
- }
- if(fp==null) {
- return null; // get by Sonar check.
- }
- if(fp.get(AAFcli.timeout())) {
- pw().print(verb);
- pw().print(cr.getId());
- pw().println(']');
- } else if(fp.code()==202) {
- pw().println("Credential Action Accepted, but requires Approvals before actualizing");
- } else if(fp.code()==406 && option==1) {
- pw().println("You cannot delete this Credential");
- } else {
- pw().println(ATTEMPT_FAILED_SPECIFICS_WITHELD);
- }
- return fp.code();
- }
- });
- if(ret==null)ret = -1;
- return ret;
- }
-
- @Override
- public void detailedHelp(int _indent, StringBuilder sb) {
- int indent = _indent;
- detailLine(sb,indent,"Add, Delete or Reset Credential");
- indent+=2;
- detailLine(sb,indent,"id - the ID to create/delete/reset within AAF");
- detailLine(sb,indent,"password - Company Policy compliant Password (not required for Delete)");
- detailLine(sb,indent,"entry - selected option when deleting/resetting a cred with multiple entries");
- sb.append('\n');
- detailLine(sb,indent,"The Domain can be related to any Namespace you have access to *");
- detailLine(sb,indent,"The Domain is in reverse order of Namespace, i.e. ");
- detailLine(sb,indent+2,"NS of com.att.myapp can create user of XY1234@myapp.att.com");
- sb.append('\n');
- detailLine(sb,indent,"NOTE: AAF does support multiple creds with the same ID. Check with your org if you");
- detailLine(sb,indent+2,"have this implemented. (For example, this is implemented for MechIDs at AT&T)");
- sb.append('\n');
- detailLine(sb,indent,"*NOTE: com.att.csp is a reserved Domain for Global Sign On");
+ final CredRequest cr = new CredRequest();
+ cr.setId(args[idx++]);
+ if(option!=1 && option!=3) {
+ if(idx>=args.length) throw new CadiException("Password Required");
+ cr.setPassword(args[idx++]);
+ }
+ if(args.length>idx)
+ cr.setEntry(args[idx++]);
+
+ // Set Start/End commands
+ setStartEnd(cr);
+// final int cleanIDX = _idx+1;
+ Integer ret = same(new Retryable<Integer>() {
+ @Override
+ public Integer code(Rcli<?> client) throws CadiException, APIException {
+ Future<CredRequest> fp=null;
+ String verb =null;
+ switch(option) {
+ case 0:
+ fp = client.create(
+ CRED_PATH,
+ getDF(CredRequest.class),
+ cr
+ );
+ verb = "Added Credential [";
+ break;
+ case 1:
+// if(aafcli.addForce())cr.setForce("TRUE");
+ setQueryParamsOn(client);
+ fp = client.delete(CRED_PATH,
+ getDF(CredRequest.class),
+ cr
+ );
+ verb = "Deleted Credential [";
+ break;
+ case 2:
+ fp = client.update(
+ CRED_PATH,
+ getDF(CredRequest.class),
+ cr
+ );
+ verb = "Reset Credential [";
+ break;
+ case 3:
+ fp = client.update(
+ CRED_PATH+"/5",
+ getDF(CredRequest.class),
+ cr
+ );
+ verb = "Extended Credential [";
+ break;
+// case 4:
+// return clean.exec(cleanIDX, args);
+ }
+ if(fp==null) {
+ return null; // get by Sonar check.
+ }
+ if(fp.get(AAFcli.timeout())) {
+ pw().print(verb);
+ pw().print(cr.getId());
+ pw().println(']');
+ } else if(fp.code()==202) {
+ pw().println("Credential Action Accepted, but requires Approvals before actualizing");
+ } else if(fp.code()==406 && option==1) {
+ pw().println("You cannot delete this Credential");
+ } else {
+ pw().println(ATTEMPT_FAILED_SPECIFICS_WITHELD);
+ }
+ return fp.code();
+ }
+ });
+ if(ret==null)ret = -1;
+ return ret;
+ }
+
+ @Override
+ public void detailedHelp(int _indent, StringBuilder sb) {
+ int indent = _indent;
+ detailLine(sb,indent,"Add, Delete or Reset Credential");
+ indent+=2;
+ detailLine(sb,indent,"id - the ID to create/delete/reset within AAF");
+ detailLine(sb,indent,"password - Company Policy compliant Password (not required for Delete)");
+ detailLine(sb,indent,"entry - selected option when deleting/resetting a cred with multiple entries");
+ sb.append('\n');
+ detailLine(sb,indent,"The Domain can be related to any Namespace you have access to *");
+ detailLine(sb,indent,"The Domain is in reverse order of Namespace, i.e. ");
+ detailLine(sb,indent+2,"NS of com.att.myapp can create user of XY1234@myapp.att.com");
+ sb.append('\n');
+ detailLine(sb,indent,"NOTE: AAF does support multiple creds with the same ID. Check with your org if you");
+ detailLine(sb,indent+2,"have this implemented. (For example, this is implemented for MechIDs at AT&T)");
+ sb.append('\n');
+ detailLine(sb,indent,"*NOTE: com.att.csp is a reserved Domain for Global Sign On");
- detailLine(sb,indent,"Delegates can be listed by the User or by the Delegate");
- indent-=2;
- api(sb,indent,HttpMethods.POST,"authn/cred",CredRequest.class,true);
- api(sb,indent,HttpMethods.DELETE,"authn/cred",CredRequest.class,false);
- api(sb,indent,HttpMethods.PUT,"authn/cred",CredRequest.class,false);
- }
+ detailLine(sb,indent,"Delegates can be listed by the User or by the Delegate");
+ indent-=2;
+ api(sb,indent,HttpMethods.POST,"authn/cred",CredRequest.class,true);
+ api(sb,indent,HttpMethods.DELETE,"authn/cred",CredRequest.class,false);
+ api(sb,indent,HttpMethods.PUT,"authn/cred",CredRequest.class,false);
+ }
}
diff --git a/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/user/Delg.java b/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/user/Delg.java
index ec1aa5a0..8587ac3d 100644
--- a/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/user/Delg.java
+++ b/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/user/Delg.java
@@ -40,92 +40,92 @@ import org.onap.aaf.misc.rosetta.env.RosettaDF;
import aaf.v2_0.DelgRequest;
public class Delg extends BaseCmd<User> {
- static final String AUTHZ_DELG = "/authz/delegate";
- private final static String[] options = {"add","upd","del"};
+ static final String AUTHZ_DELG = "/authz/delegate";
+ private final static String[] options = {"add","upd","del"};
- public Delg(User user) throws APIException {
- super(user,"delegate",
- new Param(optionsToString(options),true),
- new Param("from",true),
- new Param("to REQ A&U",false),
- new Param("until (YYYY-MM-DD) REQ A", false)
- );
- }
+ public Delg(User user) throws APIException {
+ super(user,"delegate",
+ new Param(optionsToString(options),true),
+ new Param("from",true),
+ new Param("to REQ A&U",false),
+ new Param("until (YYYY-MM-DD) REQ A", false)
+ );
+ }
- @Override
- public int _exec(final int index, final String ... args) throws CadiException, APIException, LocatorException {
- return same(new Retryable<Integer>() {
- @Override
- public Integer code(Rcli<?> client) throws CadiException, APIException {
- int idx = index;
- DelgRequest dr = new DelgRequest();
- setStartEnd(dr);
-
- int option= whichOption(options, args[idx++]);
- String user = fullID(args[idx++]);
- dr.setUser(user);
- if(option<2) {
- String delegate = fullID(args[idx++]);
- dr.setDelegate(delegate);
- if(option<2 && args.length>idx) {
- Date date;
- try {
- date = Chrono.dateOnlyFmt.parse(args[idx++]);
- } catch (ParseException e) {
- throw new CadiException(e);
- }
- dr.setEnd(Chrono.timeStamp(date));
- }
- }
-
- Future<DelgRequest> fp;
- RosettaDF<DelgRequest> df = getDF(DelgRequest.class);
- String verb;
- setQueryParamsOn(client);
+ @Override
+ public int _exec(final int index, final String ... args) throws CadiException, APIException, LocatorException {
+ return same(new Retryable<Integer>() {
+ @Override
+ public Integer code(Rcli<?> client) throws CadiException, APIException {
+ int idx = index;
+ DelgRequest dr = new DelgRequest();
+ setStartEnd(dr);
+
+ int option= whichOption(options, args[idx++]);
+ String user = fullID(args[idx++]);
+ dr.setUser(user);
+ if(option<2) {
+ String delegate = fullID(args[idx++]);
+ dr.setDelegate(delegate);
+ if(option<2 && args.length>idx) {
+ Date date;
+ try {
+ date = Chrono.dateOnlyFmt.parse(args[idx++]);
+ } catch (ParseException e) {
+ throw new CadiException(e);
+ }
+ dr.setEnd(Chrono.timeStamp(date));
+ }
+ }
+
+ Future<DelgRequest> fp;
+ RosettaDF<DelgRequest> df = getDF(DelgRequest.class);
+ String verb;
+ setQueryParamsOn(client);
- switch(option) {
- case 0:
- fp = client.create(AUTHZ_DELG, df, dr);
- verb = "Added";
- break;
- case 1:
- fp = client.update(AUTHZ_DELG, df, dr);
- verb = "Updated";
- break;
- case 2:
- fp = client.delete(AUTHZ_DELG, df, dr);
- verb = "Deleted";
- break;
- default:
- throw new CadiException("Bad Argument");
- };
-
- if(fp.get(AAFcli.timeout())) {
- pw().append("Delegate ");
- pw().println(verb);
- } else {
- error(fp);
- }
- return fp.code();
- }
- });
- }
+ switch(option) {
+ case 0:
+ fp = client.create(AUTHZ_DELG, df, dr);
+ verb = "Added";
+ break;
+ case 1:
+ fp = client.update(AUTHZ_DELG, df, dr);
+ verb = "Updated";
+ break;
+ case 2:
+ fp = client.delete(AUTHZ_DELG, df, dr);
+ verb = "Deleted";
+ break;
+ default:
+ throw new CadiException("Bad Argument");
+ };
+
+ if(fp.get(AAFcli.timeout())) {
+ pw().append("Delegate ");
+ pw().println(verb);
+ } else {
+ error(fp);
+ }
+ return fp.code();
+ }
+ });
+ }
- @Override
- public void detailedHelp(int _indent, StringBuilder sb) {
- int indent = _indent;
- detailLine(sb,indent,"Add, Update or Delete Delegate");
- indent+=2;
- detailLine(sb,indent,"A Delegate is a person who will temporarily cover the Approval and");
- detailLine(sb,indent,"Ownership questions on behalf of the person Responsible.");
- sb.append('\n');
- detailLine(sb,indent,"fromID - the person who is the Responsible person of record");
- detailLine(sb,indent,"toID - the person who will be delegated (required for Add/Update)");
- detailLine(sb,indent,"until - the end date for this delegation");
- indent-=2;
- api(sb,indent,HttpMethods.POST,AUTHZ_DELG,DelgRequest.class,true);
- api(sb,indent,HttpMethods.DELETE,AUTHZ_DELG,DelgRequest.class,false);
- api(sb,indent,HttpMethods.PUT,AUTHZ_DELG,DelgRequest.class,false);
- }
+ @Override
+ public void detailedHelp(int _indent, StringBuilder sb) {
+ int indent = _indent;
+ detailLine(sb,indent,"Add, Update or Delete Delegate");
+ indent+=2;
+ detailLine(sb,indent,"A Delegate is a person who will temporarily cover the Approval and");
+ detailLine(sb,indent,"Ownership questions on behalf of the person Responsible.");
+ sb.append('\n');
+ detailLine(sb,indent,"fromID - the person who is the Responsible person of record");
+ detailLine(sb,indent,"toID - the person who will be delegated (required for Add/Update)");
+ detailLine(sb,indent,"until - the end date for this delegation");
+ indent-=2;
+ api(sb,indent,HttpMethods.POST,AUTHZ_DELG,DelgRequest.class,true);
+ api(sb,indent,HttpMethods.DELETE,AUTHZ_DELG,DelgRequest.class,false);
+ api(sb,indent,HttpMethods.PUT,AUTHZ_DELG,DelgRequest.class,false);
+ }
}
diff --git a/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/user/List.java b/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/user/List.java
index a977431c..03148ce5 100644
--- a/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/user/List.java
+++ b/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/user/List.java
@@ -35,87 +35,87 @@ import aaf.v2_0.Users;
public class List extends BaseCmd<User> {
- public List(User parent) {
- super(parent,"list");
- cmds.add(new ListForRoles(this));
- cmds.add(new ListForPermission(this));
- cmds.add(new ListForCreds(this));
- cmds.add(new ListDelegates(this));
- cmds.add(new ListApprovals(this));
- cmds.add(new ListActivity(this));
- }
+ public List(User parent) {
+ super(parent,"list");
+ cmds.add(new ListForRoles(this));
+ cmds.add(new ListForPermission(this));
+ cmds.add(new ListForCreds(this));
+ cmds.add(new ListDelegates(this));
+ cmds.add(new ListApprovals(this));
+ cmds.add(new ListActivity(this));
+ }
-
- void report(Users users, boolean count, String ... str) {
- reportHead(str);
- int idx = 0;
- java.util.List<aaf.v2_0.Users.User> sorted = users.getUser();
- Collections.sort(sorted, new Comparator<aaf.v2_0.Users.User>() {
- @Override
- public int compare(aaf.v2_0.Users.User u1, aaf.v2_0.Users.User u2) {
- if(u1==null || u2 == null) {
- return -1;
- }
- return u1.getId().compareTo(u2.getId());
- }
- });
- String format = reportColHead("%-40s %-10s %-30s\n","User","Type","Expires");
- String date = "XXXX-XX-XX";
- for(aaf.v2_0.Users.User user : sorted) {
- if(!aafcli.isTest()) {
- date = Chrono.dateOnlyStamp(user.getExpires());
- }
- pw().format(format,
- count? (Integer.valueOf(++idx) + ") " + user.getId()): user.getId(),
- org.onap.aaf.auth.cmd.ns.List.getType(user),
- date);
- }
- pw().println();
- }
+
+ void report(Users users, boolean count, String ... str) {
+ reportHead(str);
+ int idx = 0;
+ java.util.List<aaf.v2_0.Users.User> sorted = users.getUser();
+ Collections.sort(sorted, new Comparator<aaf.v2_0.Users.User>() {
+ @Override
+ public int compare(aaf.v2_0.Users.User u1, aaf.v2_0.Users.User u2) {
+ if(u1==null || u2 == null) {
+ return -1;
+ }
+ return u1.getId().compareTo(u2.getId());
+ }
+ });
+ String format = reportColHead("%-40s %-10s %-30s\n","User","Type","Expires");
+ String date = "XXXX-XX-XX";
+ for(aaf.v2_0.Users.User user : sorted) {
+ if(!aafcli.isTest()) {
+ date = Chrono.dateOnlyStamp(user.getExpires());
+ }
+ pw().format(format,
+ count? (Integer.valueOf(++idx) + ") " + user.getId()): user.getId(),
+ org.onap.aaf.auth.cmd.ns.List.getType(user),
+ date);
+ }
+ pw().println();
+ }
- public void report(Approvals approvals, String title, String id) {
- reportHead(title,id);
- String format = reportColHead(" %-20s %-20s %-11s %-6s %12s\n","User","Approver","Type","Status","Updated");
- java.util.List<Approval> lapp = approvals.getApprovals();
- Collections.sort(lapp, new Comparator<Approval>() {
- @Override
- public int compare(Approval a1, Approval a2) {
- return a1.getTicket().compareTo(a2.getTicket());
- }
- } );
- String ticket = null, prev = null;
- for(Approval app : lapp ) {
- ticket = app.getTicket();
- if(!ticket.equals(prev)) {
- pw().print("Ticket: ");
- pw().println(ticket);
- }
- prev = ticket;
+ public void report(Approvals approvals, String title, String id) {
+ reportHead(title,id);
+ String format = reportColHead(" %-20s %-20s %-11s %-6s %12s\n","User","Approver","Type","Status","Updated");
+ java.util.List<Approval> lapp = approvals.getApprovals();
+ Collections.sort(lapp, new Comparator<Approval>() {
+ @Override
+ public int compare(Approval a1, Approval a2) {
+ return a1.getTicket().compareTo(a2.getTicket());
+ }
+ } );
+ String ticket = null, prev = null;
+ for(Approval app : lapp ) {
+ ticket = app.getTicket();
+ if(!ticket.equals(prev)) {
+ pw().print("Ticket: ");
+ pw().println(ticket);
+ }
+ prev = ticket;
- pw().format(format,
- app.getUser(),
- app.getApprover(),
- app.getType(),
- app.getStatus(),
- Chrono.niceDateStamp(app.getUpdated())
- );
- }
- }
+ pw().format(format,
+ app.getUser(),
+ app.getApprover(),
+ app.getType(),
+ app.getStatus(),
+ Chrono.niceDateStamp(app.getUpdated())
+ );
+ }
+ }
- public void report(Delgs delgs, String title, String id) {
- reportHead(title,id);
- String format = reportColHead(" %-25s %-25s %-10s\n","User","Delegate","Expires");
- String date = "XXXX-XX-XX";
- for(Delg delg : delgs.getDelgs()) {
- if(!this.aafcli.isTest())
- date = Chrono.dateOnlyStamp(delg.getExpires());
- pw().printf(format,
- delg.getUser(),
- delg.getDelegate(),
- date
- );
- }
- }
+ public void report(Delgs delgs, String title, String id) {
+ reportHead(title,id);
+ String format = reportColHead(" %-25s %-25s %-10s\n","User","Delegate","Expires");
+ String date = "XXXX-XX-XX";
+ for(Delg delg : delgs.getDelgs()) {
+ if(!this.aafcli.isTest())
+ date = Chrono.dateOnlyStamp(delg.getExpires());
+ pw().printf(format,
+ delg.getUser(),
+ delg.getDelegate(),
+ date
+ );
+ }
+ }
}
diff --git a/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/user/ListActivity.java b/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/user/ListActivity.java
index 8ffcb0b6..4bb87374 100644
--- a/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/user/ListActivity.java
+++ b/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/user/ListActivity.java
@@ -39,40 +39,40 @@ import aaf.v2_0.History;
*
*/
public class ListActivity extends Cmd {
- private static final String HEADER = "List Activity of User";
+ private static final String HEADER = "List Activity of User";
- public ListActivity(List parent) {
- super(parent,"activity",
- new Param("user",true));
- }
+ public ListActivity(List parent) {
+ super(parent,"activity",
+ new Param("user",true));
+ }
- @Override
- public int _exec(int _idx, final String ... args) throws CadiException, APIException, LocatorException {
- int idx = _idx;
- final String user = fullID(args[idx++]);
- return same(new Retryable<Integer>() {
- @Override
- public Integer code(Rcli<?> client) throws CadiException, APIException {
-
- Future<History> fp = client.read(
- "/authz/hist/user/"+user,
- getDF(History.class)
- );
- if(fp.get(AAFcli.timeout())) {
- activity(fp.value,HEADER + " [ " + user + " ]");
- } else {
- error(fp);
- }
- return fp.code();
- }
- });
- }
-
+ @Override
+ public int _exec(int _idx, final String ... args) throws CadiException, APIException, LocatorException {
+ int idx = _idx;
+ final String user = fullID(args[idx++]);
+ return same(new Retryable<Integer>() {
+ @Override
+ public Integer code(Rcli<?> client) throws CadiException, APIException {
+
+ Future<History> fp = client.read(
+ "/authz/hist/user/"+user,
+ getDF(History.class)
+ );
+ if(fp.get(AAFcli.timeout())) {
+ activity(fp.value,HEADER + " [ " + user + " ]");
+ } else {
+ error(fp);
+ }
+ return fp.code();
+ }
+ });
+ }
+
- @Override
- public void detailedHelp(int indent, StringBuilder sb) {
- detailLine(sb,indent,HEADER);
- api(sb,indent,HttpMethods.GET,"authz/hist/user/<user>",History.class,true);
- }
+ @Override
+ public void detailedHelp(int indent, StringBuilder sb) {
+ detailLine(sb,indent,HEADER);
+ api(sb,indent,HttpMethods.GET,"authz/hist/user/<user>",History.class,true);
+ }
}
diff --git a/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/user/ListApprovals.java b/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/user/ListApprovals.java
index 0a461c49..d9379174 100644
--- a/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/user/ListApprovals.java
+++ b/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/user/ListApprovals.java
@@ -40,63 +40,63 @@ import aaf.v2_0.Approvals;
*
*/
public class ListApprovals extends Cmd {
- private static final String HEADER = "List Approvals";
- private final static String[] options = {"user","approver","ticket"};
- public ListApprovals(List parent) {
- super(parent,"approvals",
- new Param(optionsToString(options),true),
- new Param("value",true));
- }
+ private static final String HEADER = "List Approvals";
+ private final static String[] options = {"user","approver","ticket"};
+ public ListApprovals(List parent) {
+ super(parent,"approvals",
+ new Param(optionsToString(options),true),
+ new Param("value",true));
+ }
- @Override
- public int _exec(int _idx, final String ... args) throws CadiException, APIException, LocatorException {
- int idx = _idx;
- final String type = args[idx++];
- int option = whichOption(options,type);
- String value = args[idx++];
- final String fullValue;
- if (option != 2) {
- fullValue = fullID(value);
- } else {
- fullValue = value;
- }
- return same(new Retryable<Integer>() {
- @Override
- public Integer code(Rcli<?> client) throws CadiException, APIException {
- Future<Approvals> fp = client.read(
- "/authz/approval/"+type+'/'+fullValue,
- getDF(Approvals.class)
- );
- if(fp.get(AAFcli.timeout())) {
- ((List)parent).report(fp.value,HEADER + " by " + type,fullValue);
- if(fp.code()==404) {
- return 200;
- }
- } else {
- error(fp);
- }
- return fp.code();
- }
- });
- }
+ @Override
+ public int _exec(int _idx, final String ... args) throws CadiException, APIException, LocatorException {
+ int idx = _idx;
+ final String type = args[idx++];
+ int option = whichOption(options,type);
+ String value = args[idx++];
+ final String fullValue;
+ if (option != 2) {
+ fullValue = fullID(value);
+ } else {
+ fullValue = value;
+ }
+ return same(new Retryable<Integer>() {
+ @Override
+ public Integer code(Rcli<?> client) throws CadiException, APIException {
+ Future<Approvals> fp = client.read(
+ "/authz/approval/"+type+'/'+fullValue,
+ getDF(Approvals.class)
+ );
+ if(fp.get(AAFcli.timeout())) {
+ ((List)parent).report(fp.value,HEADER + " by " + type,fullValue);
+ if(fp.code()==404) {
+ return 200;
+ }
+ } else {
+ error(fp);
+ }
+ return fp.code();
+ }
+ });
+ }
- @Override
- public void detailedHelp(int _indent, StringBuilder sb) {
- int indent = _indent;
- detailLine(sb,indent,HEADER);
- indent+=2;
- detailLine(sb,indent,"Approvals are used when the Requestor does not have the rights");
- detailLine(sb,indent,"to perform the action required. Approvers are those listed as");
- detailLine(sb,indent,"responsible for Namespace associated with the request, and those");
- detailLine(sb,indent,"required by the Company by Policy. This may be, for instance");
- detailLine(sb,indent,"the supervisor of the requestor");
- sb.append('\n');
- detailLine(sb,indent,"Delegates can be listed by User, Approver or Ticket.");
- indent-=2;
- api(sb,indent,HttpMethods.GET,"authz/approval/user/<value>",Approvals.class,true);
- api(sb,indent,HttpMethods.GET,"authz/approval/approver/<value>",Approvals.class,false);
- api(sb,indent,HttpMethods.GET,"authz/approval/ticket/<value>",Approvals.class,false);
- }
+ @Override
+ public void detailedHelp(int _indent, StringBuilder sb) {
+ int indent = _indent;
+ detailLine(sb,indent,HEADER);
+ indent+=2;
+ detailLine(sb,indent,"Approvals are used when the Requestor does not have the rights");
+ detailLine(sb,indent,"to perform the action required. Approvers are those listed as");
+ detailLine(sb,indent,"responsible for Namespace associated with the request, and those");
+ detailLine(sb,indent,"required by the Company by Policy. This may be, for instance");
+ detailLine(sb,indent,"the supervisor of the requestor");
+ sb.append('\n');
+ detailLine(sb,indent,"Delegates can be listed by User, Approver or Ticket.");
+ indent-=2;
+ api(sb,indent,HttpMethods.GET,"authz/approval/user/<value>",Approvals.class,true);
+ api(sb,indent,HttpMethods.GET,"authz/approval/approver/<value>",Approvals.class,false);
+ api(sb,indent,HttpMethods.GET,"authz/approval/ticket/<value>",Approvals.class,false);
+ }
}
diff --git a/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/user/ListDelegates.java b/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/user/ListDelegates.java
index 4397b426..5cc7a52b 100644
--- a/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/user/ListDelegates.java
+++ b/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/user/ListDelegates.java
@@ -39,54 +39,54 @@ import aaf.v2_0.Delgs;
*
*/
public class ListDelegates extends Cmd {
- private static final String HEADER = "List Delegates";
- private static final String[] options = {"user","delegate"};
- public ListDelegates(List parent) {
- super(parent,"delegates",
- new Param(optionsToString(options),true),
- new Param("id",true));
- }
+ private static final String HEADER = "List Delegates";
+ private static final String[] options = {"user","delegate"};
+ public ListDelegates(List parent) {
+ super(parent,"delegates",
+ new Param(optionsToString(options),true),
+ new Param("id",true));
+ }
- @Override
- public int _exec(int _idx, final String ... args) throws CadiException, APIException, LocatorException {
- int idx = _idx;
- final String key = args[idx++];
- //int option = whichOption(options,key);
- final String id = fullID(args[idx++]);
- return same(new Retryable<Integer>() {
- @Override
- public Integer code(Rcli<?> client) throws CadiException, APIException {
-
- Future<Delgs> fp = client.read(
- "/authz/delegates/" + key + '/' + id,
- getDF(Delgs.class)
- );
- if(fp.get(AAFcli.timeout())) {
- ((List)parent).report(fp.value,HEADER + " by " + key, id);
- if(fp.code()==404)return 200;
- } else {
- error(fp);
- }
- return fp.code();
- }
- });
- }
+ @Override
+ public int _exec(int _idx, final String ... args) throws CadiException, APIException, LocatorException {
+ int idx = _idx;
+ final String key = args[idx++];
+ //int option = whichOption(options,key);
+ final String id = fullID(args[idx++]);
+ return same(new Retryable<Integer>() {
+ @Override
+ public Integer code(Rcli<?> client) throws CadiException, APIException {
+
+ Future<Delgs> fp = client.read(
+ "/authz/delegates/" + key + '/' + id,
+ getDF(Delgs.class)
+ );
+ if(fp.get(AAFcli.timeout())) {
+ ((List)parent).report(fp.value,HEADER + " by " + key, id);
+ if(fp.code()==404)return 200;
+ } else {
+ error(fp);
+ }
+ return fp.code();
+ }
+ });
+ }
- @Override
- public void detailedHelp(int _indent, StringBuilder sb) {
- int indent = _indent;
- detailLine(sb,indent,HEADER);
- indent+=2;
- detailLine(sb,indent,"Delegates are those people temporarily assigned to cover the");
- detailLine(sb,indent,"responsibility of Approving, etc, while the actual Responsible");
- detailLine(sb,indent,"Party is absent. Typically, this is for Vacation, or Business");
- detailLine(sb,indent,"Travel.");
- sb.append('\n');
- detailLine(sb,indent,"Delegates can be listed by the User or by the Delegate");
- indent-=2;
- api(sb,indent,HttpMethods.GET,"authz/delegates/user/<id>",Delgs.class,true);
- api(sb,indent,HttpMethods.GET,"authz/delegates/delegate/<id>",Delgs.class,false);
- }
+ @Override
+ public void detailedHelp(int _indent, StringBuilder sb) {
+ int indent = _indent;
+ detailLine(sb,indent,HEADER);
+ indent+=2;
+ detailLine(sb,indent,"Delegates are those people temporarily assigned to cover the");
+ detailLine(sb,indent,"responsibility of Approving, etc, while the actual Responsible");
+ detailLine(sb,indent,"Party is absent. Typically, this is for Vacation, or Business");
+ detailLine(sb,indent,"Travel.");
+ sb.append('\n');
+ detailLine(sb,indent,"Delegates can be listed by the User or by the Delegate");
+ indent-=2;
+ api(sb,indent,HttpMethods.GET,"authz/delegates/user/<id>",Delgs.class,true);
+ api(sb,indent,HttpMethods.GET,"authz/delegates/delegate/<id>",Delgs.class,false);
+ }
}
diff --git a/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/user/ListForCreds.java b/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/user/ListForCreds.java
index 4aa42f9f..a71090ea 100644
--- a/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/user/ListForCreds.java
+++ b/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/user/ListForCreds.java
@@ -44,57 +44,57 @@ import aaf.v2_0.Users.User;
*
*/
public class ListForCreds extends Cmd {
- private final static String[] options = {"ns","id"};
+ private final static String[] options = {"ns","id"};
- private static final String HEADER = "List creds by Namespace or ID ";
- public ListForCreds(List parent) {
- super(parent,"cred",
- new Param(optionsToString(options),true),
- new Param("value",true));
- }
+ private static final String HEADER = "List creds by Namespace or ID ";
+ public ListForCreds(List parent) {
+ super(parent,"cred",
+ new Param(optionsToString(options),true),
+ new Param("value",true));
+ }
- @Override
- public int _exec(int _idx, final String ... args) throws CadiException, APIException, LocatorException {
- int idx = _idx;
- final int option = whichOption(options, args[idx++]);
- final String which = options[option];
- final String value = args[idx++];
- return same(new Retryable<Integer>() {
- @Override
- public Integer code(Rcli<?> client) throws CadiException, APIException {
- Future<Users> fp = client.read(
- "/authn/creds/"+which+'/'+value,
- getDF(Users.class)
- );
- if(fp.get(AAFcli.timeout())) {
- if (aafcli.isTest())
- Collections.sort(fp.value.getUser(), new Comparator<User>() {
- @Override
- public int compare(User u1, User u2) {
- return u1.getId().compareTo(u2.getId());
- }
- });
- ((org.onap.aaf.auth.cmd.user.List)parent).report(fp.value,option==1,HEADER+which,value);
- if(fp.code()==404)return 200;
- } else {
- error(fp);
- }
- return fp.code();
- }
- });
- }
-
- @Override
- public void detailedHelp(int _indent, StringBuilder sb) {
- int indent = _indent;
- detailLine(sb,indent,HEADER);
- indent+=2;
- detailLine(sb,indent,"This report lists the users associated to either Namespaces or IDs.");
- detailLine(sb,indent,"ns (literal) - which Namespace");
- detailLine(sb,indent,"id (literal) - identity");
- indent-=2;
- api(sb,indent,HttpMethods.GET,"authn/creds/ns/<ns>",Users.class,true);
- api(sb,indent,HttpMethods.GET,"authn/creds/id/<identity>",Users.class,true);
- }
+ @Override
+ public int _exec(int _idx, final String ... args) throws CadiException, APIException, LocatorException {
+ int idx = _idx;
+ final int option = whichOption(options, args[idx++]);
+ final String which = options[option];
+ final String value = args[idx++];
+ return same(new Retryable<Integer>() {
+ @Override
+ public Integer code(Rcli<?> client) throws CadiException, APIException {
+ Future<Users> fp = client.read(
+ "/authn/creds/"+which+'/'+value,
+ getDF(Users.class)
+ );
+ if(fp.get(AAFcli.timeout())) {
+ if (aafcli.isTest())
+ Collections.sort(fp.value.getUser(), new Comparator<User>() {
+ @Override
+ public int compare(User u1, User u2) {
+ return u1.getId().compareTo(u2.getId());
+ }
+ });
+ ((org.onap.aaf.auth.cmd.user.List)parent).report(fp.value,option==1,HEADER+which,value);
+ if(fp.code()==404)return 200;
+ } else {
+ error(fp);
+ }
+ return fp.code();
+ }
+ });
+ }
+
+ @Override
+ public void detailedHelp(int _indent, StringBuilder sb) {
+ int indent = _indent;
+ detailLine(sb,indent,HEADER);
+ indent+=2;
+ detailLine(sb,indent,"This report lists the users associated to either Namespaces or IDs.");
+ detailLine(sb,indent,"ns (literal) - which Namespace");
+ detailLine(sb,indent,"id (literal) - identity");
+ indent-=2;
+ api(sb,indent,HttpMethods.GET,"authn/creds/ns/<ns>",Users.class,true);
+ api(sb,indent,HttpMethods.GET,"authn/creds/id/<identity>",Users.class,true);
+ }
}
diff --git a/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/user/ListForPermission.java b/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/user/ListForPermission.java
index 32938101..439c8af6 100644
--- a/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/user/ListForPermission.java
+++ b/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/user/ListForPermission.java
@@ -44,60 +44,60 @@ import aaf.v2_0.Users.User;
*
*/
public class ListForPermission extends Cmd {
- private static final String HEADER = "List Users for Permission";
- public ListForPermission(List parent) {
- super(parent,"perm",
- new Param("type",true),
- new Param("instance",true),
- new Param("action",true));
- }
+ private static final String HEADER = "List Users for Permission";
+ public ListForPermission(List parent) {
+ super(parent,"perm",
+ new Param("type",true),
+ new Param("instance",true),
+ new Param("action",true));
+ }
- @Override
- public int _exec(final int index, final String ... args) throws CadiException, APIException, LocatorException {
- return same(new Retryable<Integer>() {
- @Override
- public Integer code(Rcli<?> client) throws CadiException, APIException {
- int idx = index;
- String type = args[idx++];
- String instance = args[idx++];
- if("\\*".equals(instance))instance="*";
- String action = args[idx++];
- if("\\*".equals(action))action="*";
- Future<Users> fp = client.read(
- "/authz/users/perm/"+type+'/'+instance+'/'+action,
- getDF(Users.class)
- );
- if(fp.get(AAFcli.timeout())) {
- if (aafcli.isTest())
- Collections.sort(fp.value.getUser(), new Comparator<User>() {
- @Override
- public int compare(User u1, User u2) {
- return u1.getId().compareTo(u2.getId());
- }
- });
- ((org.onap.aaf.auth.cmd.user.List)parent).report(fp.value,false,HEADER,type+"|"+instance+"|"+action);
- if(fp.code()==404)return 200;
- } else {
- error(fp);
- }
- return fp.code();
- }
- });
- }
-
- @Override
- public void detailedHelp(int _indent, StringBuilder sb) {
- int indent = _indent;
- detailLine(sb,indent,HEADER);
- indent+=2;
- detailLine(sb,indent,"This report lists the users associated to Permissions. Since Users");
- detailLine(sb,indent,"are associated to Roles, and Roles have Permissions, this report");
- detailLine(sb,indent,"accomodates all these linkages.");
- sb.append('\n');
- detailLine(sb,indent,"The URL must contain the Permission's type,instance and action, and ");
- detailLine(sb,indent,"may include \"*\"s (type in as \\\\*).");
- detailLine(sb,indent,"See Perm Create Documentation for definitions.");
- indent-=2;
- api(sb,indent,HttpMethods.GET,"authz/users/perm/<type>/<instance>/<action>",Users.class,true);
- }
+ @Override
+ public int _exec(final int index, final String ... args) throws CadiException, APIException, LocatorException {
+ return same(new Retryable<Integer>() {
+ @Override
+ public Integer code(Rcli<?> client) throws CadiException, APIException {
+ int idx = index;
+ String type = args[idx++];
+ String instance = args[idx++];
+ if("\\*".equals(instance))instance="*";
+ String action = args[idx++];
+ if("\\*".equals(action))action="*";
+ Future<Users> fp = client.read(
+ "/authz/users/perm/"+type+'/'+instance+'/'+action,
+ getDF(Users.class)
+ );
+ if(fp.get(AAFcli.timeout())) {
+ if (aafcli.isTest())
+ Collections.sort(fp.value.getUser(), new Comparator<User>() {
+ @Override
+ public int compare(User u1, User u2) {
+ return u1.getId().compareTo(u2.getId());
+ }
+ });
+ ((org.onap.aaf.auth.cmd.user.List)parent).report(fp.value,false,HEADER,type+"|"+instance+"|"+action);
+ if(fp.code()==404)return 200;
+ } else {
+ error(fp);
+ }
+ return fp.code();
+ }
+ });
+ }
+
+ @Override
+ public void detailedHelp(int _indent, StringBuilder sb) {
+ int indent = _indent;
+ detailLine(sb,indent,HEADER);
+ indent+=2;
+ detailLine(sb,indent,"This report lists the users associated to Permissions. Since Users");
+ detailLine(sb,indent,"are associated to Roles, and Roles have Permissions, this report");
+ detailLine(sb,indent,"accomodates all these linkages.");
+ sb.append('\n');
+ detailLine(sb,indent,"The URL must contain the Permission's type,instance and action, and ");
+ detailLine(sb,indent,"may include \"*\"s (type in as \\\\*).");
+ detailLine(sb,indent,"See Perm Create Documentation for definitions.");
+ indent-=2;
+ api(sb,indent,HttpMethods.GET,"authz/users/perm/<type>/<instance>/<action>",Users.class,true);
+ }
}
diff --git a/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/user/ListForRoles.java b/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/user/ListForRoles.java
index 28d7f57a..1d1b328a 100644
--- a/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/user/ListForRoles.java
+++ b/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/user/ListForRoles.java
@@ -44,49 +44,49 @@ import aaf.v2_0.Users.User;
*
*/
public class ListForRoles extends Cmd {
- private static final String HEADER = "List Users for Role";
- public ListForRoles(List parent) {
- super(parent,"role", new Param("role",true));
- }
+ private static final String HEADER = "List Users for Role";
+ public ListForRoles(List parent) {
+ super(parent,"role", new Param("role",true));
+ }
- @Override
- public int _exec(int _idx, final String ... args) throws CadiException, APIException, LocatorException {
- int idx = _idx;
- final String role = args[idx++];
- return same(new Retryable<Integer>() {
- @Override
- public Integer code(Rcli<?> client) throws CadiException, APIException {
- Future<Users> fp = client.read(
- "/authz/users/role/"+role,
- getDF(Users.class)
- );
- if(fp.get(AAFcli.timeout())) {
- if (aafcli.isTest())
- Collections.sort(fp.value.getUser(), new Comparator<User>() {
- @Override
- public int compare(User u1, User u2) {
- return u1.getId().compareTo(u2.getId());
- }
- });
- ((org.onap.aaf.auth.cmd.user.List)parent).report(fp.value,false, HEADER,role);
- if(fp.code()==404)return 200;
- } else {
- error(fp);
- }
- return fp.code();
- }
- });
- }
-
- @Override
- public void detailedHelp(int _indent, StringBuilder sb) {
- int indent = _indent;
- detailLine(sb,indent,HEADER);
- indent+=2;
- detailLine(sb,indent,"This report lists the users associated to Roles.");
- detailLine(sb,indent,"role - the Role name");
- indent-=2;
- api(sb,indent,HttpMethods.GET,"authz/users/role/<role>",Users.class,true);
- }
+ @Override
+ public int _exec(int _idx, final String ... args) throws CadiException, APIException, LocatorException {
+ int idx = _idx;
+ final String role = args[idx++];
+ return same(new Retryable<Integer>() {
+ @Override
+ public Integer code(Rcli<?> client) throws CadiException, APIException {
+ Future<Users> fp = client.read(
+ "/authz/users/role/"+role,
+ getDF(Users.class)
+ );
+ if(fp.get(AAFcli.timeout())) {
+ if (aafcli.isTest())
+ Collections.sort(fp.value.getUser(), new Comparator<User>() {
+ @Override
+ public int compare(User u1, User u2) {
+ return u1.getId().compareTo(u2.getId());
+ }
+ });
+ ((org.onap.aaf.auth.cmd.user.List)parent).report(fp.value,false, HEADER,role);
+ if(fp.code()==404)return 200;
+ } else {
+ error(fp);
+ }
+ return fp.code();
+ }
+ });
+ }
+
+ @Override
+ public void detailedHelp(int _indent, StringBuilder sb) {
+ int indent = _indent;
+ detailLine(sb,indent,HEADER);
+ indent+=2;
+ detailLine(sb,indent,"This report lists the users associated to Roles.");
+ detailLine(sb,indent,"role - the Role name");
+ indent-=2;
+ api(sb,indent,HttpMethods.GET,"authz/users/role/<role>",Users.class,true);
+ }
}
diff --git a/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/user/Role.java b/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/user/Role.java
index 70bc16a3..04b444a1 100644
--- a/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/user/Role.java
+++ b/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/user/Role.java
@@ -41,115 +41,115 @@ import aaf.v2_0.UserRoleRequest;
*
*/
public class Role extends Cmd {
- private static final String[] options = {"add", "del", "setTo","extend"};
- public Role(User parent) {
- super(parent, "role", new Param(optionsToString(options), true), new Param("user", true), new Param(
- "role[,role]* (!REQ S)", false));
- }
+ private static final String[] options = {"add", "del", "setTo","extend"};
+ public Role(User parent) {
+ super(parent, "role", new Param(optionsToString(options), true), new Param("user", true), new Param(
+ "role[,role]* (!REQ S)", false));
+ }
- @Override
- public int _exec(final int index, final String ... args) throws CadiException, APIException, LocatorException {
- return same(new Retryable<Integer>() {
- @Override
- public Integer code(Rcli<?> client) throws CadiException, APIException {
- int idx = index;
- String key = args[idx++];
- int option = whichOption(options, key);
- final String user = fullID(args[idx++]);
+ @Override
+ public int _exec(final int index, final String ... args) throws CadiException, APIException, LocatorException {
+ return same(new Retryable<Integer>() {
+ @Override
+ public Integer code(Rcli<?> client) throws CadiException, APIException {
+ int idx = index;
+ String key = args[idx++];
+ int option = whichOption(options, key);
+ final String user = fullID(args[idx++]);
- UserRoleRequest urr = new UserRoleRequest();
- urr.setUser(user);
- // Set Start/End commands
- setStartEnd(urr);
+ UserRoleRequest urr = new UserRoleRequest();
+ urr.setUser(user);
+ // Set Start/End commands
+ setStartEnd(urr);
- Future<?> fp = null;
+ Future<?> fp = null;
- if (option != 2) {
- if (args.length < 5) {
- throw new CadiException(build(new StringBuilder("Too few args: "), null).toString());
- }
- String[] roles = args[idx++].split(",");
- for (String role : roles) {
- String verb = null,participle=null;
- urr.setRole(role);
- // You can request to be added or removed from role.
- setQueryParamsOn(client);
- switch(option) {
- case 0:
- fp = client.create("/authz/userRole", getDF(UserRoleRequest.class), urr);
- verb = "Added";
- participle = "] to User [" ;
- break;
- case 1:
- fp = client.delete("/authz/userRole/" + urr.getUser() + '/' + urr.getRole(), Void.class);
- verb = "Removed";
- participle = "] from User [" ;
- break;
- case 3:
- fp = client.update("/authz/userRole/extend/" + urr.getUser() + '/' + urr.getRole());
- verb = "Extended";
- participle = "] to User [" ;
- break;
- default:
- throw new CadiException("Invalid action [" + key + ']');
- }
- if (fp.get(AAFcli.timeout())) {
- pw().print(verb);
- pw().print(" Role [");
- pw().print(urr.getRole());
- pw().print(participle);
- pw().print(urr.getUser());
- pw().println(']');
- } else {
- switch(fp.code()) {
- case 202:
- pw().print("UserRole ");
- pw().print(option == 0 ? "Creation" : option==1?"Deletion":"Extension");
- pw().println(" Accepted, but requires Approvals before actualizing");
- break;
- case 404:
- if(option==3) {
- pw().println("Failed with code 404: UserRole is not found, or you do not have permission to view");
- break;
- }
- default:
- error(fp);
- }
- }
- }
- } else {
- // option 2 is setTo command (an update call)
- String allRoles = "";
- if (idx < args.length)
- allRoles = args[idx++];
+ if (option != 2) {
+ if (args.length < 5) {
+ throw new CadiException(build(new StringBuilder("Too few args: "), null).toString());
+ }
+ String[] roles = args[idx++].split(",");
+ for (String role : roles) {
+ String verb = null,participle=null;
+ urr.setRole(role);
+ // You can request to be added or removed from role.
+ setQueryParamsOn(client);
+ switch(option) {
+ case 0:
+ fp = client.create("/authz/userRole", getDF(UserRoleRequest.class), urr);
+ verb = "Added";
+ participle = "] to User [" ;
+ break;
+ case 1:
+ fp = client.delete("/authz/userRole/" + urr.getUser() + '/' + urr.getRole(), Void.class);
+ verb = "Removed";
+ participle = "] from User [" ;
+ break;
+ case 3:
+ fp = client.update("/authz/userRole/extend/" + urr.getUser() + '/' + urr.getRole());
+ verb = "Extended";
+ participle = "] to User [" ;
+ break;
+ default:
+ throw new CadiException("Invalid action [" + key + ']');
+ }
+ if (fp.get(AAFcli.timeout())) {
+ pw().print(verb);
+ pw().print(" Role [");
+ pw().print(urr.getRole());
+ pw().print(participle);
+ pw().print(urr.getUser());
+ pw().println(']');
+ } else {
+ switch(fp.code()) {
+ case 202:
+ pw().print("UserRole ");
+ pw().print(option == 0 ? "Creation" : option==1?"Deletion":"Extension");
+ pw().println(" Accepted, but requires Approvals before actualizing");
+ break;
+ case 404:
+ if(option==3) {
+ pw().println("Failed with code 404: UserRole is not found, or you do not have permission to view");
+ break;
+ }
+ default:
+ error(fp);
+ }
+ }
+ }
+ } else {
+ // option 2 is setTo command (an update call)
+ String allRoles = "";
+ if (idx < args.length)
+ allRoles = args[idx++];
- urr.setRole(allRoles);
- fp = client.update("/authz/userRole/user", getDF(UserRoleRequest.class), urr);
- if (fp.get(AAFcli.timeout())) {
- pw().println("Set User's Roles to [" + allRoles + "]");
- } else {
- error(fp);
- }
- }
- return fp == null ? 0 : fp.code();
- }
- });
- }
+ urr.setRole(allRoles);
+ fp = client.update("/authz/userRole/user", getDF(UserRoleRequest.class), urr);
+ if (fp.get(AAFcli.timeout())) {
+ pw().println("Set User's Roles to [" + allRoles + "]");
+ } else {
+ error(fp);
+ }
+ }
+ return fp == null ? 0 : fp.code();
+ }
+ });
+ }
- @Override
- public void detailedHelp(int indent, StringBuilder sb) {
- detailLine(sb, indent, "Add OR Delete a User to/from a Role OR");
- detailLine(sb, indent, "Set a User's Roles to the roles supplied");
- detailLine(sb, indent + 2, "user - ID of User");
- detailLine(sb, indent + 2, "role(s) - Role or Roles to which to add the User");
- sb.append('\n');
- detailLine(sb, indent + 2, "Note: this is the same as \"role user add...\" except allows");
- detailLine(sb, indent + 2, "assignment of user to multiple roles");
- detailLine(sb, indent + 2, "WARNING: Roles supplied with setTo will be the ONLY roles attached to this user");
- detailLine(sb, indent + 2, "If no roles are supplied, user's roles are reset.");
- api(sb, indent, HttpMethods.POST, "authz/userRole", UserRoleRequest.class, true);
- api(sb, indent, HttpMethods.DELETE, "authz/userRole/<user>/<role>", Void.class, false);
- api(sb, indent, HttpMethods.PUT, "authz/userRole/<user>", UserRoleRequest.class, false);
- }
+ @Override
+ public void detailedHelp(int indent, StringBuilder sb) {
+ detailLine(sb, indent, "Add OR Delete a User to/from a Role OR");
+ detailLine(sb, indent, "Set a User's Roles to the roles supplied");
+ detailLine(sb, indent + 2, "user - ID of User");
+ detailLine(sb, indent + 2, "role(s) - Role or Roles to which to add the User");
+ sb.append('\n');
+ detailLine(sb, indent + 2, "Note: this is the same as \"role user add...\" except allows");
+ detailLine(sb, indent + 2, "assignment of user to multiple roles");
+ detailLine(sb, indent + 2, "WARNING: Roles supplied with setTo will be the ONLY roles attached to this user");
+ detailLine(sb, indent + 2, "If no roles are supplied, user's roles are reset.");
+ api(sb, indent, HttpMethods.POST, "authz/userRole", UserRoleRequest.class, true);
+ api(sb, indent, HttpMethods.DELETE, "authz/userRole/<user>/<role>", Void.class, false);
+ api(sb, indent, HttpMethods.PUT, "authz/userRole/<user>", UserRoleRequest.class, false);
+ }
}
diff --git a/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/user/User.java b/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/user/User.java
index 458fc33a..26e35bec 100644
--- a/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/user/User.java
+++ b/auth/auth-cmd/src/main/java/org/onap/aaf/auth/cmd/user/User.java
@@ -26,11 +26,11 @@ import org.onap.aaf.auth.cmd.BaseCmd;
import org.onap.aaf.misc.env.APIException;
public class User extends BaseCmd<User> {
- public User(AAFcli aafcli) throws APIException {
- super(aafcli,"user");
- cmds.add(new Role(this));
- cmds.add(new Cred(this));
- cmds.add(new Delg(this));
- cmds.add(new List(this));
- }
+ public User(AAFcli aafcli) throws APIException {
+ super(aafcli,"user");
+ cmds.add(new Role(this));
+ cmds.add(new Cred(this));
+ cmds.add(new Delg(this));
+ cmds.add(new List(this));
+ }
}
diff --git a/auth/auth-cmd/src/test/java/org/onap/aaf/auth/cmd/test/HMangrStub.java b/auth/auth-cmd/src/test/java/org/onap/aaf/auth/cmd/test/HMangrStub.java
index c1b87540..ddb39ea7 100644
--- a/auth/auth-cmd/src/test/java/org/onap/aaf/auth/cmd/test/HMangrStub.java
+++ b/auth/auth-cmd/src/test/java/org/onap/aaf/auth/cmd/test/HMangrStub.java
@@ -33,26 +33,26 @@ import org.onap.aaf.cadi.client.Retryable;
import org.onap.aaf.cadi.http.HMangr;
public class HMangrStub extends HMangr {
-
- private Rcli<HttpURLConnection> clientMock;
+
+ private Rcli<HttpURLConnection> clientMock;
- public HMangrStub(Access access, Locator<URI> loc, Rcli<HttpURLConnection> clientMock) throws LocatorException {
- super(access, loc);
- this.clientMock = clientMock;
- }
+ public HMangrStub(Access access, Locator<URI> loc, Rcli<HttpURLConnection> clientMock) throws LocatorException {
+ super(access, loc);
+ this.clientMock = clientMock;
+ }
- @Override public<RET> RET same(SecuritySetter<HttpURLConnection> ss, Retryable<RET> retryable) {
- try {
- return retryable.code(clientMock);
- } catch (Exception e) {
- }
- return null;
- }
- @Override public<RET> RET oneOf(SecuritySetter<HttpURLConnection> ss, Retryable<RET> retryable, boolean notify, String host) {
- try {
- return retryable.code(clientMock);
- } catch (Exception e) {
- }
- return null;
- }
+ @Override public<RET> RET same(SecuritySetter<HttpURLConnection> ss, Retryable<RET> retryable) {
+ try {
+ return retryable.code(clientMock);
+ } catch (Exception e) {
+ }
+ return null;
+ }
+ @Override public<RET> RET oneOf(SecuritySetter<HttpURLConnection> ss, Retryable<RET> retryable, boolean notify, String host) {
+ try {
+ return retryable.code(clientMock);
+ } catch (Exception e) {
+ }
+ return null;
+ }
}
diff --git a/auth/auth-cmd/src/test/java/org/onap/aaf/auth/cmd/test/JU_AAFCli.java b/auth/auth-cmd/src/test/java/org/onap/aaf/auth/cmd/test/JU_AAFCli.java
index d9da835d..9f439053 100644
--- a/auth/auth-cmd/src/test/java/org/onap/aaf/auth/cmd/test/JU_AAFCli.java
+++ b/auth/auth-cmd/src/test/java/org/onap/aaf/auth/cmd/test/JU_AAFCli.java
@@ -52,209 +52,209 @@ import org.onap.aaf.misc.env.APIException;
@RunWith(MockitoJUnitRunner.class)
public class JU_AAFCli {
- private static AAFcli cli;
- private static int TIMEOUT = Integer.parseInt(Config.AAF_CONN_TIMEOUT_DEF);
+ private static AAFcli cli;
+ private static int TIMEOUT = Integer.parseInt(Config.AAF_CONN_TIMEOUT_DEF);
- @BeforeClass
- public static void setUp() throws Exception, Exception {
- cli = getAAfCli();
- }
+ @BeforeClass
+ public static void setUp() throws Exception, Exception {
+ cli = getAAfCli();
+ }
- @Test
- public void eval() throws Exception {
- assertTrue(cli.eval("#startswith"));
- }
+ @Test
+ public void eval() throws Exception {
+ assertTrue(cli.eval("#startswith"));
+ }
- @Test
- public void eval_empty() throws Exception {
- assertTrue(cli.eval(""));
- }
+ @Test
+ public void eval_empty() throws Exception {
+ assertTrue(cli.eval(""));
+ }
- @Test
- public void eval1() throws Exception {
- assertTrue(cli.eval("@[123"));
- }
+ @Test
+ public void eval1() throws Exception {
+ assertTrue(cli.eval("@[123"));
+ }
-// @Test
-// public void eval2() throws Exception {
-// assertFalse(cli.eval("as @[ 123"));
-// }
+// @Test
+// public void eval2() throws Exception {
+// assertFalse(cli.eval("as @[ 123"));
+// }
- @Test
- public void eval3() throws Exception {
- try {
- cli.eval("expect @[ 123");
- } catch (Exception e) {
- // TODO Auto-generated catch block
- assertTrue(e instanceof CadiException);
- }
- }
+ @Test
+ public void eval3() throws Exception {
+ try {
+ cli.eval("expect @[ 123");
+ } catch (Exception e) {
+ // TODO Auto-generated catch block
+ assertTrue(e instanceof CadiException);
+ }
+ }
- public void eval31() throws Exception {
- try {
- cli.eval("expect 1 @[ 123");
- } catch (Exception e) {
- // TODO Auto-generated catch block
- assertTrue(e instanceof CadiException);
- }
- }
+ public void eval31() throws Exception {
+ try {
+ cli.eval("expect 1 @[ 123");
+ } catch (Exception e) {
+ // TODO Auto-generated catch block
+ assertTrue(e instanceof CadiException);
+ }
+ }
- @Test
- public void eval4() throws Exception {
- try {
- cli.eval("sleep @[ 123");
- } catch (Exception e) {
- assertTrue(e instanceof NumberFormatException);
- }
- }
+ @Test
+ public void eval4() throws Exception {
+ try {
+ cli.eval("sleep @[ 123");
+ } catch (Exception e) {
+ assertTrue(e instanceof NumberFormatException);
+ }
+ }
- @Test
- public void eval41() throws Exception {
- assertTrue(cli.eval("sleep 1 @[ 123"));
- }
+ @Test
+ public void eval41() throws Exception {
+ assertTrue(cli.eval("sleep 1 @[ 123"));
+ }
- @Test
- public void eval5() throws Exception {
- try {
- cli.eval("delay @[ 123");
- } catch (Exception e) {
- assertTrue(e instanceof NumberFormatException);
- }
- }
+ @Test
+ public void eval5() throws Exception {
+ try {
+ cli.eval("delay @[ 123");
+ } catch (Exception e) {
+ assertTrue(e instanceof NumberFormatException);
+ }
+ }
- @Test
- public void eval51() throws Exception {
- assertTrue(cli.eval("delay 1 @[ 123"));
- }
+ @Test
+ public void eval51() throws Exception {
+ assertTrue(cli.eval("delay 1 @[ 123"));
+ }
- @Test
- public void eval7() throws Exception {
- assertFalse(cli.eval("exit @[ 123"));
- }
+ @Test
+ public void eval7() throws Exception {
+ assertFalse(cli.eval("exit @[ 123"));
+ }
- @Test
- public void eval8() throws Exception {
- assertTrue(cli.eval("REQUEST @[ 123"));
- }
+ @Test
+ public void eval8() throws Exception {
+ assertTrue(cli.eval("REQUEST @[ 123"));
+ }
- @Test
- public void eval9() throws Exception {
- assertTrue(cli.eval("FORCE @[ 123"));
- }
+ @Test
+ public void eval9() throws Exception {
+ assertTrue(cli.eval("FORCE @[ 123"));
+ }
- @Test
- public void eval10() throws Exception {
- assertTrue(cli.eval("set @[ 123"));
- }
-
- @Test
- public void eval11() throws Exception {
- assertTrue(cli.eval("DETAILS @[ 123"));
- }
-
- @Test
- public void eval12() throws Exception {
- assertTrue(cli.eval(". |/, .\"0 \" "));
- }
+ @Test
+ public void eval10() throws Exception {
+ assertTrue(cli.eval("set @[ 123"));
+ }
+
+ @Test
+ public void eval11() throws Exception {
+ assertTrue(cli.eval("DETAILS @[ 123"));
+ }
+
+ @Test
+ public void eval12() throws Exception {
+ assertTrue(cli.eval(". |/, .\"0 \" "));
+ }
- @Test
- public void keyboardHelp() throws Exception {
- boolean noError=true;
- try {
- cli.keyboardHelp();
- } catch (Exception e) {
- noError=false;
- }
- assertTrue(noError);
- }
+ @Test
+ public void keyboardHelp() throws Exception {
+ boolean noError=true;
+ try {
+ cli.keyboardHelp();
+ } catch (Exception e) {
+ noError=false;
+ }
+ assertTrue(noError);
+ }
- @Test
- public void setProp() throws Exception {
- boolean noError=true;
- try {
- cli.keyboardHelp();
- } catch (Exception e) {
- noError=false;
- }
- assertTrue(noError);
- }
-
- @Test
- public void eval_randomString() throws Exception {
- assertTrue(cli.eval("Some random string @#&*& to check complete 100 coverage"));
- }
+ @Test
+ public void setProp() throws Exception {
+ boolean noError=true;
+ try {
+ cli.keyboardHelp();
+ } catch (Exception e) {
+ noError=false;
+ }
+ assertTrue(noError);
+ }
+
+ @Test
+ public void eval_randomString() throws Exception {
+ assertTrue(cli.eval("Some random string @#&*& to check complete 100 coverage"));
+ }
- public static AAFcli getAAfCli() throws APIException, LocatorException, GeneralSecurityException, IOException, CadiException {
- final AuthzEnv env = new AuthzEnv(System.getProperties());
- String aafUrl = "https://DME2RESOLVE";
- SecurityInfoC<HttpURLConnection> si = mock(SecurityInfoC.class);
- env.loadToSystemPropsStartsWith("AAF", "DME2");
- Locator loc;
- loc = new PropertyLocator(aafUrl);
- TIMEOUT = Integer.parseInt(env.getProperty(Config.AAF_CONN_TIMEOUT, Config.AAF_CONN_TIMEOUT_DEF));
- HMangr hman = new HMangr(env, loc).readTimeout(TIMEOUT).apiVersion("2.0");
+ public static AAFcli getAAfCli() throws APIException, LocatorException, GeneralSecurityException, IOException, CadiException {
+ final AuthzEnv env = new AuthzEnv(System.getProperties());
+ String aafUrl = "https://DME2RESOLVE";
+ SecurityInfoC<HttpURLConnection> si = mock(SecurityInfoC.class);
+ env.loadToSystemPropsStartsWith("AAF", "DME2");
+ Locator loc;
+ loc = new PropertyLocator(aafUrl);
+ TIMEOUT = Integer.parseInt(env.getProperty(Config.AAF_CONN_TIMEOUT, Config.AAF_CONN_TIMEOUT_DEF));
+ HMangr hman = new HMangr(env, loc).readTimeout(TIMEOUT).apiVersion("2.0");
- // TODO: Consider requiring a default in properties
- env.setProperty(Config.AAF_DEFAULT_REALM,
- System.getProperty(Config.AAF_DEFAULT_REALM, Config.getDefaultRealm()));
-
- HBasicAuthSS ss = mock(HBasicAuthSS.class);
- env.setProperty(Config.AAF_APPPASS, "test");
- return new AAFcli(env, new OutputStreamWriter(System.out), hman, si, ss);
- }
-
- @Test
- public void testVerbose() {
- cli.verbose(true);
- cli.verbose(false);
- }
-
- @Test
- public void testClose() {
- cli.close();
- }
-
- @Test
- public void testTimeout() {
- Assert.assertNotNull(cli.timeout());
- }
-
- @Test
- public void testTest() {
- Assert.assertNotNull(cli.isTest());
- }
-
- @Test
- public void testIsDetailed() {
- Assert.assertNotNull(cli.isDetailed());
- }
-
- @Test
- public void testAddRequest() {
- Assert.assertNotNull(cli.addRequest());
- }
-
- @Test
- public void testForceString() {
- cli.clearSingleLineProperties();
- Assert.assertNull(cli.forceString());
- }
-
- @Test
- public void testClearSingleLineProperties() {
- cli.clearSingleLineProperties();
- }
-
- @Test
- public void testGui() {
- cli.gui(true);
- cli.gui(false);
- }
-
- @Test
- public void testMain() {
- String[] strArr = {"\\*","test1"};
- //cli.main(strArr);
- }
-
+ // TODO: Consider requiring a default in properties
+ env.setProperty(Config.AAF_DEFAULT_REALM,
+ System.getProperty(Config.AAF_DEFAULT_REALM, Config.getDefaultRealm()));
+
+ HBasicAuthSS ss = mock(HBasicAuthSS.class);
+ env.setProperty(Config.AAF_APPPASS, "test");
+ return new AAFcli(env, new OutputStreamWriter(System.out), hman, si, ss);
+ }
+
+ @Test
+ public void testVerbose() {
+ cli.verbose(true);
+ cli.verbose(false);
+ }
+
+ @Test
+ public void testClose() {
+ cli.close();
+ }
+
+ @Test
+ public void testTimeout() {
+ Assert.assertNotNull(cli.timeout());
+ }
+
+ @Test
+ public void testTest() {
+ Assert.assertNotNull(cli.isTest());
+ }
+
+ @Test
+ public void testIsDetailed() {
+ Assert.assertNotNull(cli.isDetailed());
+ }
+
+ @Test
+ public void testAddRequest() {
+ Assert.assertNotNull(cli.addRequest());
+ }
+
+ @Test
+ public void testForceString() {
+ cli.clearSingleLineProperties();
+ Assert.assertNull(cli.forceString());
+ }
+
+ @Test
+ public void testClearSingleLineProperties() {
+ cli.clearSingleLineProperties();
+ }
+
+ @Test
+ public void testGui() {
+ cli.gui(true);
+ cli.gui(false);
+ }
+
+ @Test
+ public void testMain() {
+ String[] strArr = {"\\*","test1"};
+ //cli.main(strArr);
+ }
+
}
diff --git a/auth/auth-cmd/src/test/java/org/onap/aaf/auth/cmd/test/JU_BaseCmd.java b/auth/auth-cmd/src/test/java/org/onap/aaf/auth/cmd/test/JU_BaseCmd.java
index 79a3dd53..211ec7d0 100644
--- a/auth/auth-cmd/src/test/java/org/onap/aaf/auth/cmd/test/JU_BaseCmd.java
+++ b/auth/auth-cmd/src/test/java/org/onap/aaf/auth/cmd/test/JU_BaseCmd.java
@@ -50,71 +50,71 @@ import aaf.v2_0.History;
@RunWith(MockitoJUnitRunner.class)
public class JU_BaseCmd {
- private static AAFcli cli;
- private static BaseCmd bCmd;
-
- @BeforeClass
- public static void setUp() throws APIException, LocatorException, GeneralSecurityException, IOException, CadiException {
- cli = JU_AAFCli.getAAfCli();
- bCmd = new BaseCmd<>(cli, "testString");
- }
-
- @Test
- public void exec() throws CadiException, APIException, LocatorException {
- assertEquals(bCmd._exec(4, "add", "del", "reset", "extend"), 0);
-
- }
-
- @Test
- public void exec1() throws CadiException, APIException, LocatorException {
- assertEquals(bCmd._exec(0, "add", "del", "reset", "extend"), 0);
-
- }
-
- @Test
- public void activity() throws DatatypeConfigurationException {
- boolean noError = true;
- History history = new History();
- History.Item item = new History.Item();
- item.setTarget("target");
- item.setUser("user");
- item.setMemo("memo");
-
- GregorianCalendar c = new GregorianCalendar();
- c.setTime(new Date());
- XMLGregorianCalendar date = DatatypeFactory.newInstance().newXMLGregorianCalendar(c);
- item.setTimestamp(date);
- history.getItem().add(item);
- try {
- bCmd.activity(history, "history");
- } catch (Exception e) {
- noError = false;
- }
- assertEquals(noError, true);
-
- }
-
- @Test
- public void activity1() throws DatatypeConfigurationException {
- boolean noError = true;
- History history = new History();
- History.Item item = new History.Item();
- item.setTarget("target");
- item.setUser("user");
- item.setMemo("memo");
-
- GregorianCalendar c = new GregorianCalendar();
- c.setTime(new Date());
- XMLGregorianCalendar date = DatatypeFactory.newInstance().newXMLGregorianCalendar(c);
- item.setTimestamp(date);
- history.getItem().add(item);
- try {
- bCmd.activity(history, "1[]");
- } catch (Exception e) {
- noError = false;
- }
- assertEquals(noError, true);
-
- }
+ private static AAFcli cli;
+ private static BaseCmd bCmd;
+
+ @BeforeClass
+ public static void setUp() throws APIException, LocatorException, GeneralSecurityException, IOException, CadiException {
+ cli = JU_AAFCli.getAAfCli();
+ bCmd = new BaseCmd<>(cli, "testString");
+ }
+
+ @Test
+ public void exec() throws CadiException, APIException, LocatorException {
+ assertEquals(bCmd._exec(4, "add", "del", "reset", "extend"), 0);
+
+ }
+
+ @Test
+ public void exec1() throws CadiException, APIException, LocatorException {
+ assertEquals(bCmd._exec(0, "add", "del", "reset", "extend"), 0);
+
+ }
+
+ @Test
+ public void activity() throws DatatypeConfigurationException {
+ boolean noError = true;
+ History history = new History();
+ History.Item item = new History.Item();
+ item.setTarget("target");
+ item.setUser("user");
+ item.setMemo("memo");
+
+ GregorianCalendar c = new GregorianCalendar();
+ c.setTime(new Date());
+ XMLGregorianCalendar date = DatatypeFactory.newInstance().newXMLGregorianCalendar(c);
+ item.setTimestamp(date);
+ history.getItem().add(item);
+ try {
+ bCmd.activity(history, "history");
+ } catch (Exception e) {
+ noError = false;
+ }
+ assertEquals(noError, true);
+
+ }
+
+ @Test
+ public void activity1() throws DatatypeConfigurationException {
+ boolean noError = true;
+ History history = new History();
+ History.Item item = new History.Item();
+ item.setTarget("target");
+ item.setUser("user");
+ item.setMemo("memo");
+
+ GregorianCalendar c = new GregorianCalendar();
+ c.setTime(new Date());
+ XMLGregorianCalendar date = DatatypeFactory.newInstance().newXMLGregorianCalendar(c);
+ item.setTimestamp(date);
+ history.getItem().add(item);
+ try {
+ bCmd.activity(history, "1[]");
+ } catch (Exception e) {
+ noError = false;
+ }
+ assertEquals(noError, true);
+
+ }
}
diff --git a/auth/auth-cmd/src/test/java/org/onap/aaf/auth/cmd/test/JU_BasicAuth.java b/auth/auth-cmd/src/test/java/org/onap/aaf/auth/cmd/test/JU_BasicAuth.java
index 7cc5cede..d035ac59 100644
--- a/auth/auth-cmd/src/test/java/org/onap/aaf/auth/cmd/test/JU_BasicAuth.java
+++ b/auth/auth-cmd/src/test/java/org/onap/aaf/auth/cmd/test/JU_BasicAuth.java
@@ -35,22 +35,22 @@ import junit.framework.Assert;
//TODO: Gabe [JUnit] Import missing
@RunWith(MockitoJUnitRunner.class)
public class JU_BasicAuth {
-
-// @Test
-// public void getID () {
-// try {
-// BasicAuth bAuth = new BasicAuth("testUser", "nopass");
-// assertEquals(bAuth.getID(), "testUser");
-// System.out.println(bAuth.getID());
-// } catch (IOException e) {
-// // TODO Auto-generated catch block
-// e.printStackTrace();
-// }
-//
-// }
-
- @Test
- public void netYetTested() {
- Assert.assertTrue(true);
- }
+
+// @Test
+// public void getID () {
+// try {
+// BasicAuth bAuth = new BasicAuth("testUser", "nopass");
+// assertEquals(bAuth.getID(), "testUser");
+// System.out.println(bAuth.getID());
+// } catch (IOException e) {
+// // TODO Auto-generated catch block
+// e.printStackTrace();
+// }
+//
+// }
+
+ @Test
+ public void netYetTested() {
+ Assert.assertTrue(true);
+ }
}
diff --git a/auth/auth-cmd/src/test/java/org/onap/aaf/auth/cmd/test/JU_Cmd.java b/auth/auth-cmd/src/test/java/org/onap/aaf/auth/cmd/test/JU_Cmd.java
index 3566555d..8adeeee3 100644
--- a/auth/auth-cmd/src/test/java/org/onap/aaf/auth/cmd/test/JU_Cmd.java
+++ b/auth/auth-cmd/src/test/java/org/onap/aaf/auth/cmd/test/JU_Cmd.java
@@ -62,130 +62,130 @@ import org.junit.Test;
public class JU_Cmd {
- CmdStub cmd;
- CmdStub cmd1;
- CmdStub cmd2;
- AAFcli cli;
-
- private class CmdStub extends Cmd {
+ CmdStub cmd;
+ CmdStub cmd1;
+ CmdStub cmd2;
+ AAFcli cli;
+
+ private class CmdStub extends Cmd {
- public CmdStub(AAFcli aafcli, String name, Param[] params) {
- super(aafcli, name, params);
- // TODO Auto-generated constructor stub
- }
-
- public CmdStub(Cmd parent, String name, Param[] params) {
- super(parent, name, params);
- // TODO Auto-generated constructor stub
- }
+ public CmdStub(AAFcli aafcli, String name, Param[] params) {
+ super(aafcli, name, params);
+ // TODO Auto-generated constructor stub
+ }
+
+ public CmdStub(Cmd parent, String name, Param[] params) {
+ super(parent, name, params);
+ // TODO Auto-generated constructor stub
+ }
- @Override
- protected int _exec(int idx, String... args) throws CadiException, APIException, LocatorException {
- // TODO Auto-generated method stub
- return 0;
- }
-
- @Override
- public void error(Future<?> future) {
- super.error(future);
- }
+ @Override
+ protected int _exec(int idx, String... args) throws CadiException, APIException, LocatorException {
+ // TODO Auto-generated method stub
+ return 0;
+ }
+
+ @Override
+ public void error(Future<?> future) {
+ super.error(future);
+ }
- }
-
- @Before
- public void setUp() throws APIException, LocatorException, GeneralSecurityException, IOException, CadiException {
- cli = JU_AAFCli.getAAfCli();
- Param[] param = new Param[] {new Param("name",true)};
-
- cmd = new CmdStub(cli,"test", param);
- cmd1 = new CmdStub(cmd,"test", param);
- cmd2 = new CmdStub(cmd,"test", param);
- }
-
- @Test
- public void testReportColHead() {
- String[] args = new String[] {new String("test")};
- cmd.reportColHead("format", args);
- }
-
- @Test
- public void testBuilder() {
- StringBuilder detail = new StringBuilder();
- StringBuilder sb = new StringBuilder("test 123");
-
- cmd.build(sb, detail);
- detail.append("test");
- cmd.build(sb, detail);
- }
-
- @Test
- public void testApi() throws APIException, CadiException {
- StringBuilder sb = new StringBuilder("test 123");
- Define def = new Define();
- PropAccess prop = new PropAccess();
- def.set(prop);
- Mgmt mgmt = new Mgmt(cli);
- Cache cache = new Cache(mgmt);
- Clear clr = new Clear(cache);
- clr.detailedHelp(0, sb);
- }
-
- @Test
- public void testToString() {
- cmd.toString();
- }
-
- @Test
- public void testFullID() {
- cmd.fullID("test");
- cmd.fullID("t@st");
- cmd.fullID(null);
- }
-
- @Test
- public void testError() {
- Future<?> future = mock(Future.class);
- cmd.error(future);
- when(future.code()).thenReturn(401);
- cmd.error(future);
- when(future.code()).thenReturn(403);
- cmd.error(future);
- when(future.code()).thenReturn(404);
- cmd.error(future);
- when(future.body()).thenReturn("NotNull");
- cmd.error(future);
- when(future.body()).thenReturn("{NotNull");
- cmd.error(future);
- when(future.body()).thenReturn("<html>NotNull");
- cmd.error(future);
- }
-
- @Test
- public void testActivity() {
- History hist = new History();
- cmd.activity(hist, "test");
- cmd.activity(hist, "te[st");
- }
-
- @Test
- public void testWhichOption() throws CadiException {
- String[] strArr = {"a", "b", "c"};
- cmd.whichOption(strArr, "b");
- }
-
- @Test
- public void testOneOf() throws APIException, CadiException, LocatorException {
- Retryable retryable = mock(Retryable.class);
- //cmd.oneOf(retryable, "host"); //TODO: AAF-111 need input for hMan
- }
-
- @Test
- public void testExec() throws CadiException, APIException, LocatorException {
- String[] strArr = {"a", "b", "c"};
- cmd.exec(1, strArr);
- }
-
-
+ }
+
+ @Before
+ public void setUp() throws APIException, LocatorException, GeneralSecurityException, IOException, CadiException {
+ cli = JU_AAFCli.getAAfCli();
+ Param[] param = new Param[] {new Param("name",true)};
+
+ cmd = new CmdStub(cli,"test", param);
+ cmd1 = new CmdStub(cmd,"test", param);
+ cmd2 = new CmdStub(cmd,"test", param);
+ }
+
+ @Test
+ public void testReportColHead() {
+ String[] args = new String[] {new String("test")};
+ cmd.reportColHead("format", args);
+ }
+
+ @Test
+ public void testBuilder() {
+ StringBuilder detail = new StringBuilder();
+ StringBuilder sb = new StringBuilder("test 123");
+
+ cmd.build(sb, detail);
+ detail.append("test");
+ cmd.build(sb, detail);
+ }
+
+ @Test
+ public void testApi() throws APIException, CadiException {
+ StringBuilder sb = new StringBuilder("test 123");
+ Define def = new Define();
+ PropAccess prop = new PropAccess();
+ def.set(prop);
+ Mgmt mgmt = new Mgmt(cli);
+ Cache cache = new Cache(mgmt);
+ Clear clr = new Clear(cache);
+ clr.detailedHelp(0, sb);
+ }
+
+ @Test
+ public void testToString() {
+ cmd.toString();
+ }
+
+ @Test
+ public void testFullID() {
+ cmd.fullID("test");
+ cmd.fullID("t@st");
+ cmd.fullID(null);
+ }
+
+ @Test
+ public void testError() {
+ Future<?> future = mock(Future.class);
+ cmd.error(future);
+ when(future.code()).thenReturn(401);
+ cmd.error(future);
+ when(future.code()).thenReturn(403);
+ cmd.error(future);
+ when(future.code()).thenReturn(404);
+ cmd.error(future);
+ when(future.body()).thenReturn("NotNull");
+ cmd.error(future);
+ when(future.body()).thenReturn("{NotNull");
+ cmd.error(future);
+ when(future.body()).thenReturn("<html>NotNull");
+ cmd.error(future);
+ }
+
+ @Test
+ public void testActivity() {
+ History hist = new History();
+ cmd.activity(hist, "test");
+ cmd.activity(hist, "te[st");
+ }
+
+ @Test
+ public void testWhichOption() throws CadiException {
+ String[] strArr = {"a", "b", "c"};
+ cmd.whichOption(strArr, "b");
+ }
+
+ @Test
+ public void testOneOf() throws APIException, CadiException, LocatorException {
+ Retryable retryable = mock(Retryable.class);
+ //cmd.oneOf(retryable, "host"); //TODO: AAF-111 need input for hMan
+ }
+
+ @Test
+ public void testExec() throws CadiException, APIException, LocatorException {
+ String[] strArr = {"a", "b", "c"};
+ cmd.exec(1, strArr);
+ }
+
+
}
diff --git a/auth/auth-cmd/src/test/java/org/onap/aaf/auth/cmd/test/JU_DeprecatedCMD.java b/auth/auth-cmd/src/test/java/org/onap/aaf/auth/cmd/test/JU_DeprecatedCMD.java
index 02a9e26f..32697473 100644
--- a/auth/auth-cmd/src/test/java/org/onap/aaf/auth/cmd/test/JU_DeprecatedCMD.java
+++ b/auth/auth-cmd/src/test/java/org/onap/aaf/auth/cmd/test/JU_DeprecatedCMD.java
@@ -47,32 +47,32 @@ import org.junit.Test;
public class JU_DeprecatedCMD {
- CmdStub cmd;
- AAFcli cli;
-
- private class CmdStub extends Cmd {
+ CmdStub cmd;
+ AAFcli cli;
+
+ private class CmdStub extends Cmd {
- public CmdStub(AAFcli aafcli, String name, Param[] params) {
- super(aafcli, name, params);
- // TODO Auto-generated constructor stub
- }
+ public CmdStub(AAFcli aafcli, String name, Param[] params) {
+ super(aafcli, name, params);
+ // TODO Auto-generated constructor stub
+ }
- @Override
- protected int _exec(int idx, String... args) throws CadiException, APIException, LocatorException {
- // TODO Auto-generated method stub
- return 0;
- }
-
- }
-
- @Test
- public void testExec() throws CadiException, APIException, LocatorException, GeneralSecurityException, IOException {
- cli = JU_AAFCli.getAAfCli();
- Param[] param = new Param[] {new Param("name",true)};
-
- cmd = new CmdStub(cli,"test", param);
- DeprecatedCMD deprecatedcmd = new DeprecatedCMD(cmd,"test", "test");
- deprecatedcmd._exec(0, "test");
- }
+ @Override
+ protected int _exec(int idx, String... args) throws CadiException, APIException, LocatorException {
+ // TODO Auto-generated method stub
+ return 0;
+ }
+
+ }
+
+ @Test
+ public void testExec() throws CadiException, APIException, LocatorException, GeneralSecurityException, IOException {
+ cli = JU_AAFCli.getAAfCli();
+ Param[] param = new Param[] {new Param("name",true)};
+
+ cmd = new CmdStub(cli,"test", param);
+ DeprecatedCMD deprecatedcmd = new DeprecatedCMD(cmd,"test", "test");
+ deprecatedcmd._exec(0, "test");
+ }
}
diff --git a/auth/auth-cmd/src/test/java/org/onap/aaf/auth/cmd/test/JU_Help.java b/auth/auth-cmd/src/test/java/org/onap/aaf/auth/cmd/test/JU_Help.java
index 50da3e37..9599e803 100644
--- a/auth/auth-cmd/src/test/java/org/onap/aaf/auth/cmd/test/JU_Help.java
+++ b/auth/auth-cmd/src/test/java/org/onap/aaf/auth/cmd/test/JU_Help.java
@@ -50,79 +50,79 @@ import junit.framework.Assert;
@RunWith(MockitoJUnitRunner.class)
public class JU_Help {
-
- private static AAFcli cli;
- private static Help help;
- String[] strArr = {"null","null","b","c"};
- private class CmdStub extends Cmd {
+
+ private static AAFcli cli;
+ private static Help help;
+ String[] strArr = {"null","null","b","c"};
+ private class CmdStub extends Cmd {
- public CmdStub(AAFcli aafcli, String name, Param[] params) {
- super(aafcli, name, params);
- // TODO Auto-generated constructor stub
- }
-
- public CmdStub(Cmd parent, String name, Param[] params) {
- super(parent, name, params);
- // TODO Auto-generated constructor stub
- }
+ public CmdStub(AAFcli aafcli, String name, Param[] params) {
+ super(aafcli, name, params);
+ // TODO Auto-generated constructor stub
+ }
+
+ public CmdStub(Cmd parent, String name, Param[] params) {
+ super(parent, name, params);
+ // TODO Auto-generated constructor stub
+ }
- @Override
- protected int _exec(int idx, String... args) throws CadiException, APIException, LocatorException {
- // TODO Auto-generated method stub
- return 0;
- }
-
- @Override
- public void error(Future<?> future) {
- super.error(future);
- }
-
- }
-
- @Mock
- private static List<Cmd> cmds;
-
- @Before
- public void setUp() throws APIException, LocatorException, GeneralSecurityException, IOException, CadiException {
- cli = JU_AAFCli.getAAfCli();
- cmds = new ArrayList<>();
- Param[] param = new Param[] {new Param("name",true)};
- CmdStub cmd = new CmdStub(cli, "null", param);
- cmds.add(cmd);
- help = new Help(cli, cmds);
- }
-
- @Test
- public void exec_HTTP_200() {
- try {
- assertEquals(help._exec(1, "helps"), HttpStatus.OK_200);
- assertEquals(help._exec(1, strArr), HttpStatus.OK_200);
- } catch (CadiException | APIException | LocatorException e) {
- // TODO Auto-generated catch block
- e.printStackTrace();
- }
- }
-
- @Test
- public void exec_HTTP_200_1() {
- try {
- assertEquals(help._exec(1, "helps","help"), HttpStatus.OK_200);
- } catch (CadiException | APIException | LocatorException e) {
- // TODO Auto-generated catch block
- e.printStackTrace();
- }
- }
-
- @Test
- public void detailhelp() {
- boolean hasError=false;
- try {
- help.detailedHelp(2, new StringBuilder("detail help test"));
- } catch (Exception e) {
- hasError=true;
- }
- assertEquals(hasError,false);
- }
+ @Override
+ protected int _exec(int idx, String... args) throws CadiException, APIException, LocatorException {
+ // TODO Auto-generated method stub
+ return 0;
+ }
+
+ @Override
+ public void error(Future<?> future) {
+ super.error(future);
+ }
+
+ }
+
+ @Mock
+ private static List<Cmd> cmds;
+
+ @Before
+ public void setUp() throws APIException, LocatorException, GeneralSecurityException, IOException, CadiException {
+ cli = JU_AAFCli.getAAfCli();
+ cmds = new ArrayList<>();
+ Param[] param = new Param[] {new Param("name",true)};
+ CmdStub cmd = new CmdStub(cli, "null", param);
+ cmds.add(cmd);
+ help = new Help(cli, cmds);
+ }
+
+ @Test
+ public void exec_HTTP_200() {
+ try {
+ assertEquals(help._exec(1, "helps"), HttpStatus.OK_200);
+ assertEquals(help._exec(1, strArr), HttpStatus.OK_200);
+ } catch (CadiException | APIException | LocatorException e) {
+ // TODO Auto-generated catch block
+ e.printStackTrace();
+ }
+ }
+
+ @Test
+ public void exec_HTTP_200_1() {
+ try {
+ assertEquals(help._exec(1, "helps","help"), HttpStatus.OK_200);
+ } catch (CadiException | APIException | LocatorException e) {
+ // TODO Auto-generated catch block
+ e.printStackTrace();
+ }
+ }
+
+ @Test
+ public void detailhelp() {
+ boolean hasError=false;
+ try {
+ help.detailedHelp(2, new StringBuilder("detail help test"));
+ } catch (Exception e) {
+ hasError=true;
+ }
+ assertEquals(hasError,false);
+ }
}
diff --git a/auth/auth-cmd/src/test/java/org/onap/aaf/auth/cmd/test/JU_Version.java b/auth/auth-cmd/src/test/java/org/onap/aaf/auth/cmd/test/JU_Version.java
index c0ac0f21..112fc92c 100644
--- a/auth/auth-cmd/src/test/java/org/onap/aaf/auth/cmd/test/JU_Version.java
+++ b/auth/auth-cmd/src/test/java/org/onap/aaf/auth/cmd/test/JU_Version.java
@@ -45,24 +45,24 @@ import junit.framework.Assert;
//TODO: Gabe [JUnit] Import missing
@RunWith(MockitoJUnitRunner.class)
public class JU_Version {
-
- private static AAFcli cli;
- private static Version version;
-
- @BeforeClass
- public static void setUp() throws APIException, LocatorException, GeneralSecurityException, IOException, CadiException {
- cli = JU_AAFCli.getAAfCli();
- version = new Version(cli);
- }
-
-// @Test
-// public void exec_HTTP_200() throws CadiException, APIException, LocatorException {
-// assertEquals(version._exec(0, "Version"), HttpStatus.OK_200);
+
+ private static AAFcli cli;
+ private static Version version;
+
+ @BeforeClass
+ public static void setUp() throws APIException, LocatorException, GeneralSecurityException, IOException, CadiException {
+ cli = JU_AAFCli.getAAfCli();
+ version = new Version(cli);
+ }
+
+// @Test
+// public void exec_HTTP_200() throws CadiException, APIException, LocatorException {
+// assertEquals(version._exec(0, "Version"), HttpStatus.OK_200);
//
-// }
-
- @Test //TODO: Temporary fix AAF-111
- public void netYetTested() {
- Assert.assertTrue(true);
- }
+// }
+
+ @Test //TODO: Temporary fix AAF-111
+ public void netYetTested() {
+ Assert.assertTrue(true);
+ }
}
diff --git a/auth/auth-cmd/src/test/java/org/onap/aaf/auth/cmd/test/mgmt/JU_Clear.java b/auth/auth-cmd/src/test/java/org/onap/aaf/auth/cmd/test/mgmt/JU_Clear.java
index 43d228d6..102e8fcd 100644
--- a/auth/auth-cmd/src/test/java/org/onap/aaf/auth/cmd/test/mgmt/JU_Clear.java
+++ b/auth/auth-cmd/src/test/java/org/onap/aaf/auth/cmd/test/mgmt/JU_Clear.java
@@ -58,51 +58,51 @@ import org.onap.aaf.misc.env.APIException;
@RunWith(MockitoJUnitRunner.class)
public class JU_Clear {
-
- private static Clear clr;
- PropAccess prop;
- AuthzEnv aEnv;
- Writer wtr;
- Locator<URI> loc;
- HMangr hman;
- AAFcli aafcli;
- Cache cache;
- Mgmt mgmt;
-
- @Before
- public void setUp () throws NoSuchFieldException, SecurityException, Exception, IllegalAccessException {
- prop = new PropAccess();
- aEnv = new AuthzEnv();
- wtr = mock(Writer.class);
- loc = mock(Locator.class);
- SecuritySetter<HttpURLConnection> secSet = mock(SecuritySetter.class);
-// hman = new HMangr(aEnv, loc);
-// aafcli = new AAFcli(prop, aEnv, wtr, hman, null, secSet);
-// mgmt = new Mgmt(aafcli);
-// cache = new Cache(mgmt);
-// clr = new Clear(cache);
-
- }
-
- @Test
- public void testExec() throws APIException, LocatorException, CadiException, URISyntaxException {
- Item value = mock(Item.class);
- when(loc.best()).thenReturn(value);
- URI uri = new URI("http://www.oracle.com/technetwork/java/index.html");
- when(loc.get(value)).thenReturn(uri);
- when(loc.first()).thenReturn(value);
- SecuritySetter<HttpURLConnection> secSet = mock(SecuritySetter.class);
-// HRcli hcli = new HRcli(hman, uri, value, secSet);
-// String[] strArr = {"grant","ungrant","setTo","grant","ungrant","setTo"};
- //clr._exec(0, strArr);
+
+ private static Clear clr;
+ PropAccess prop;
+ AuthzEnv aEnv;
+ Writer wtr;
+ Locator<URI> loc;
+ HMangr hman;
+ AAFcli aafcli;
+ Cache cache;
+ Mgmt mgmt;
+
+ @Before
+ public void setUp () throws NoSuchFieldException, SecurityException, Exception, IllegalAccessException {
+ prop = new PropAccess();
+ aEnv = new AuthzEnv();
+ wtr = mock(Writer.class);
+ loc = mock(Locator.class);
+ SecuritySetter<HttpURLConnection> secSet = mock(SecuritySetter.class);
+// hman = new HMangr(aEnv, loc);
+// aafcli = new AAFcli(prop, aEnv, wtr, hman, null, secSet);
+// mgmt = new Mgmt(aafcli);
+// cache = new Cache(mgmt);
+// clr = new Clear(cache);
+
+ }
+
+ @Test
+ public void testExec() throws APIException, LocatorException, CadiException, URISyntaxException {
+ Item value = mock(Item.class);
+ when(loc.best()).thenReturn(value);
+ URI uri = new URI("http://www.oracle.com/technetwork/java/index.html");
+ when(loc.get(value)).thenReturn(uri);
+ when(loc.first()).thenReturn(value);
+ SecuritySetter<HttpURLConnection> secSet = mock(SecuritySetter.class);
+// HRcli hcli = new HRcli(hman, uri, value, secSet);
+// String[] strArr = {"grant","ungrant","setTo","grant","ungrant","setTo"};
+ //clr._exec(0, strArr);
- }
-
- @Test
- public void testDetailedHelp() throws CadiException {
- Define define = new Define();
- define.set(prop);
- StringBuilder sb = new StringBuilder();
-// clr.detailedHelp(0, sb);
- }
+ }
+
+ @Test
+ public void testDetailedHelp() throws CadiException {
+ Define define = new Define();
+ define.set(prop);
+ StringBuilder sb = new StringBuilder();
+// clr.detailedHelp(0, sb);
+ }
}
diff --git a/auth/auth-cmd/src/test/java/org/onap/aaf/auth/cmd/test/mgmt/JU_Deny.java b/auth/auth-cmd/src/test/java/org/onap/aaf/auth/cmd/test/mgmt/JU_Deny.java
index 7e888a7c..5b372881 100644
--- a/auth/auth-cmd/src/test/java/org/onap/aaf/auth/cmd/test/mgmt/JU_Deny.java
+++ b/auth/auth-cmd/src/test/java/org/onap/aaf/auth/cmd/test/mgmt/JU_Deny.java
@@ -59,50 +59,50 @@ import java.net.URISyntaxException;
import org.junit.Test;
public class JU_Deny {
-
- Deny deny;
- DenySomething denyS;
- PropAccess prop;
- AuthzEnv aEnv;
- Writer wtr;
- Locator<URI> loc;
- HMangr hman;
- AAFcli aafcli;
+
+ Deny deny;
+ DenySomething denyS;
+ PropAccess prop;
+ AuthzEnv aEnv;
+ Writer wtr;
+ Locator<URI> loc;
+ HMangr hman;
+ AAFcli aafcli;
- @Before
- public void setUp() throws NoSuchFieldException, SecurityException, Exception, IllegalAccessException {
- prop = new PropAccess();
- aEnv = new AuthzEnv();
- wtr = mock(Writer.class);
- loc = mock(Locator.class);
- SecuritySetter<HttpURLConnection> secSet = mock(SecuritySetter.class);
-// hman = new HMangr(aEnv, loc);
-// aafcli = new AAFcli(prop, aEnv, wtr, hman, null, secSet);
-// Mgmt mgmt = new Mgmt(aafcli);
-// deny = new Deny(mgmt);
- //denyS = deny.new DenySomething(deny,"ip","ipv4or6[,ipv4or6]*");
+ @Before
+ public void setUp() throws NoSuchFieldException, SecurityException, Exception, IllegalAccessException {
+ prop = new PropAccess();
+ aEnv = new AuthzEnv();
+ wtr = mock(Writer.class);
+ loc = mock(Locator.class);
+ SecuritySetter<HttpURLConnection> secSet = mock(SecuritySetter.class);
+// hman = new HMangr(aEnv, loc);
+// aafcli = new AAFcli(prop, aEnv, wtr, hman, null, secSet);
+// Mgmt mgmt = new Mgmt(aafcli);
+// deny = new Deny(mgmt);
+ //denyS = deny.new DenySomething(deny,"ip","ipv4or6[,ipv4or6]*");
- }
-
-
+ }
+
+
- @Test
- public void testExec() throws APIException, LocatorException, CadiException, URISyntaxException, IllegalAccessException, IllegalArgumentException, InvocationTargetException, NoSuchMethodException, SecurityException {
- Item value = mock(Item.class);
- Locator.Item item = new Locator.Item() {
- };
- when(loc.best()).thenReturn(value);
- URI uri = new URI("http://www.oracle.com/technetwork/java/index.html");
- when(loc.get(value)).thenReturn(uri);
- SecuritySetter<HttpURLConnection> secSet = mock(SecuritySetter.class);
-// HRcli hcli = new HRcli(hman, uri, item, secSet);
+ @Test
+ public void testExec() throws APIException, LocatorException, CadiException, URISyntaxException, IllegalAccessException, IllegalArgumentException, InvocationTargetException, NoSuchMethodException, SecurityException {
+ Item value = mock(Item.class);
+ Locator.Item item = new Locator.Item() {
+ };
+ when(loc.best()).thenReturn(value);
+ URI uri = new URI("http://www.oracle.com/technetwork/java/index.html");
+ when(loc.get(value)).thenReturn(uri);
+ SecuritySetter<HttpURLConnection> secSet = mock(SecuritySetter.class);
+// HRcli hcli = new HRcli(hman, uri, item, secSet);
-// String[] strArr = {"add","del", "add","del"};
-// deny._exec(0, strArr);
-//
-// String[] strArr1 = {"del", "add","del"};
-// deny._exec(0, strArr1);
-
- }
+// String[] strArr = {"add","del", "add","del"};
+// deny._exec(0, strArr);
+//
+// String[] strArr1 = {"del", "add","del"};
+// deny._exec(0, strArr1);
+
+ }
}
diff --git a/auth/auth-cmd/src/test/java/org/onap/aaf/auth/cmd/test/mgmt/JU_Log.java b/auth/auth-cmd/src/test/java/org/onap/aaf/auth/cmd/test/mgmt/JU_Log.java
index 6e6f06ed..6b227f38 100644
--- a/auth/auth-cmd/src/test/java/org/onap/aaf/auth/cmd/test/mgmt/JU_Log.java
+++ b/auth/auth-cmd/src/test/java/org/onap/aaf/auth/cmd/test/mgmt/JU_Log.java
@@ -55,53 +55,53 @@ import org.onap.aaf.misc.env.APIException;
@RunWith(MockitoJUnitRunner.class)
public class JU_Log {
-
- private static Log log;
- private static Log log1;
- PropAccess prop;
- AuthzEnv aEnv;
- Writer wtr;
- Locator<URI> loc;
- HMangr hman;
- AAFcli aafcli;
-
- @Before
- public void setUp() throws APIException, LocatorException, CadiException {
- prop = new PropAccess();
- aEnv = new AuthzEnv();
- wtr = mock(Writer.class);
- loc = mock(Locator.class);
- SecuritySetter<HttpURLConnection> secSet = mock(SecuritySetter.class);
- hman = new HMangr(aEnv, loc);
- aafcli = new AAFcli(prop, aEnv, wtr, hman, null, secSet);
- Mgmt mgmt = new Mgmt(aafcli);
- log1 = new Log(mgmt);
- }
-
- @Test
- public void testExec() throws APIException, LocatorException, CadiException, URISyntaxException {
- Item value = mock(Item.class);
- Locator.Item item = new Locator.Item() {
- };
- when(loc.best()).thenReturn(value);
- URI uri = new URI("http://www.oracle.com/technetwork/java/index.html");
- when(loc.get(value)).thenReturn(uri);
- SecuritySetter<HttpURLConnection> secSet = mock(SecuritySetter.class);
-// HRcli hcli = new HRcli(hman, uri, item, secSet);
-// when(loc.first()).thenReturn(value);
-// String[] strArr = {"add","upd","del","add","upd","del"};
-// log1._exec(0, strArr);
+
+ private static Log log;
+ private static Log log1;
+ PropAccess prop;
+ AuthzEnv aEnv;
+ Writer wtr;
+ Locator<URI> loc;
+ HMangr hman;
+ AAFcli aafcli;
+
+ @Before
+ public void setUp() throws APIException, LocatorException, CadiException {
+ prop = new PropAccess();
+ aEnv = new AuthzEnv();
+ wtr = mock(Writer.class);
+ loc = mock(Locator.class);
+ SecuritySetter<HttpURLConnection> secSet = mock(SecuritySetter.class);
+ hman = new HMangr(aEnv, loc);
+ aafcli = new AAFcli(prop, aEnv, wtr, hman, null, secSet);
+ Mgmt mgmt = new Mgmt(aafcli);
+ log1 = new Log(mgmt);
+ }
+
+ @Test
+ public void testExec() throws APIException, LocatorException, CadiException, URISyntaxException {
+ Item value = mock(Item.class);
+ Locator.Item item = new Locator.Item() {
+ };
+ when(loc.best()).thenReturn(value);
+ URI uri = new URI("http://www.oracle.com/technetwork/java/index.html");
+ when(loc.get(value)).thenReturn(uri);
+ SecuritySetter<HttpURLConnection> secSet = mock(SecuritySetter.class);
+// HRcli hcli = new HRcli(hman, uri, item, secSet);
+// when(loc.first()).thenReturn(value);
+// String[] strArr = {"add","upd","del","add","upd","del"};
+// log1._exec(0, strArr);
//
-// String[] strArr1 = {"del","add","upd","del"};
-// log1._exec(0, strArr1);
+// String[] strArr1 = {"del","add","upd","del"};
+// log1._exec(0, strArr1);
- }
-
- @Test
- public void testDetailedHelp() throws CadiException {
- Define define = new Define();
- define.set(prop);
- StringBuilder sb = new StringBuilder();
- log1.detailedHelp(0, sb);
- }
+ }
+
+ @Test
+ public void testDetailedHelp() throws CadiException {
+ Define define = new Define();
+ define.set(prop);
+ StringBuilder sb = new StringBuilder();
+ log1.detailedHelp(0, sb);
+ }
}
diff --git a/auth/auth-cmd/src/test/java/org/onap/aaf/auth/cmd/test/mgmt/JU_SessClear.java b/auth/auth-cmd/src/test/java/org/onap/aaf/auth/cmd/test/mgmt/JU_SessClear.java
index f55bf2f9..f1f4d9a9 100644
--- a/auth/auth-cmd/src/test/java/org/onap/aaf/auth/cmd/test/mgmt/JU_SessClear.java
+++ b/auth/auth-cmd/src/test/java/org/onap/aaf/auth/cmd/test/mgmt/JU_SessClear.java
@@ -56,50 +56,50 @@ import org.onap.aaf.misc.env.APIException;
@RunWith(MockitoJUnitRunner.class)
public class JU_SessClear {
-
- private static SessClear sessclr;
- PropAccess prop;
- AuthzEnv aEnv;
- Writer wtr;
- Locator<URI> loc;
- HMangr hman;
- AAFcli aafcli;
-
- @Before
- public void setUp() throws LocatorException, APIException, CadiException {
- prop = new PropAccess();
- aEnv = new AuthzEnv();
- wtr = mock(Writer.class);
- loc = mock(Locator.class);
- SecuritySetter<HttpURLConnection> secSet = mock(SecuritySetter.class);
-// hman = new HMangr(aEnv, loc);
-// aafcli = new AAFcli(prop, aEnv, wtr, hman, null, secSet);
-// Mgmt mgmt = new Mgmt(aafcli);
-// Session sess = new Session(mgmt);
-// sessclr = new SessClear(sess);
- }
-
- @Test
- public void testExec() throws APIException, LocatorException, CadiException, URISyntaxException {
- Item value = mock(Item.class);
- Locator.Item item = new Locator.Item() {
- };
- when(loc.best()).thenReturn(value);
- URI uri = new URI("http://www.oracle.com/technetwork/java/index.html");
- when(loc.get(value)).thenReturn(uri);
- SecuritySetter<HttpURLConnection> secSet = mock(SecuritySetter.class);
-// HRcli hcli = new HRcli(hman, uri, item, secSet);
-// when(loc.first()).thenReturn(value);
-// String[] strArr = {"add","upd","del","add","upd","del"};
- //sessclr._exec(0, strArr);
+
+ private static SessClear sessclr;
+ PropAccess prop;
+ AuthzEnv aEnv;
+ Writer wtr;
+ Locator<URI> loc;
+ HMangr hman;
+ AAFcli aafcli;
+
+ @Before
+ public void setUp() throws LocatorException, APIException, CadiException {
+ prop = new PropAccess();
+ aEnv = new AuthzEnv();
+ wtr = mock(Writer.class);
+ loc = mock(Locator.class);
+ SecuritySetter<HttpURLConnection> secSet = mock(SecuritySetter.class);
+// hman = new HMangr(aEnv, loc);
+// aafcli = new AAFcli(prop, aEnv, wtr, hman, null, secSet);
+// Mgmt mgmt = new Mgmt(aafcli);
+// Session sess = new Session(mgmt);
+// sessclr = new SessClear(sess);
+ }
+
+ @Test
+ public void testExec() throws APIException, LocatorException, CadiException, URISyntaxException {
+ Item value = mock(Item.class);
+ Locator.Item item = new Locator.Item() {
+ };
+ when(loc.best()).thenReturn(value);
+ URI uri = new URI("http://www.oracle.com/technetwork/java/index.html");
+ when(loc.get(value)).thenReturn(uri);
+ SecuritySetter<HttpURLConnection> secSet = mock(SecuritySetter.class);
+// HRcli hcli = new HRcli(hman, uri, item, secSet);
+// when(loc.first()).thenReturn(value);
+// String[] strArr = {"add","upd","del","add","upd","del"};
+ //sessclr._exec(0, strArr);
- }
-
- @Test
- public void testDetailedHelp() throws CadiException {
- Define define = new Define();
- define.set(prop);
- StringBuilder sb = new StringBuilder();
-// sessclr.detailedHelp(0, sb);
- }
+ }
+
+ @Test
+ public void testDetailedHelp() throws CadiException {
+ Define define = new Define();
+ define.set(prop);
+ StringBuilder sb = new StringBuilder();
+// sessclr.detailedHelp(0, sb);
+ }
}
diff --git a/auth/auth-cmd/src/test/java/org/onap/aaf/auth/cmd/test/ns/JU_Admin.java b/auth/auth-cmd/src/test/java/org/onap/aaf/auth/cmd/test/ns/JU_Admin.java
index 35dead11..ef4383fe 100644
--- a/auth/auth-cmd/src/test/java/org/onap/aaf/auth/cmd/test/ns/JU_Admin.java
+++ b/auth/auth-cmd/src/test/java/org/onap/aaf/auth/cmd/test/ns/JU_Admin.java
@@ -56,57 +56,57 @@ import org.onap.aaf.misc.env.APIException;
@RunWith(MockitoJUnitRunner.class)
public class JU_Admin {
- private static Admin admin;
-
- PropAccess prop;
- AuthzEnv aEnv;
- Writer wtr;
- Locator<URI> loc;
- HMangr hman;
- AAFcli aafcli;
-
+ private static Admin admin;
+
+ PropAccess prop;
+ AuthzEnv aEnv;
+ Writer wtr;
+ Locator<URI> loc;
+ HMangr hman;
+ AAFcli aafcli;
+
- @Before
- public void setUp() throws NoSuchFieldException, SecurityException, Exception, IllegalAccessException {
- prop = new PropAccess();
- aEnv = new AuthzEnv();
- wtr = mock(Writer.class);
- loc = mock(Locator.class);
- SecuritySetter<HttpURLConnection> secSet = mock(SecuritySetter.class);
- hman = new HMangr(aEnv, loc);
- aafcli = new AAFcli(prop, aEnv, wtr, hman, null, secSet);
- NS ns = new NS(aafcli);
- admin = new Admin(ns);
-
- }
-
- @Test
- public void testExec() throws APIException, LocatorException, CadiException, URISyntaxException {
- Item value = mock(Item.class);
- Locator.Item item = new Locator.Item() {
- };
- when(loc.best()).thenReturn(value);
- URI uri = new URI("http://www.oracle.com/technetwork/java/index.html");
- when(loc.get(value)).thenReturn(uri);
- SecuritySetter<HttpURLConnection> secSet = mock(SecuritySetter.class);
-// HRcli hcli = new HRcli(hman, uri, item, secSet);
-// String[] strArr = {"add", "del","add","add"};
-// admin._exec(0, strArr);
-//
-// String[] strArr1 = {"del","add","add"};
-// admin._exec(0, strArr1);
-
- }
+ @Before
+ public void setUp() throws NoSuchFieldException, SecurityException, Exception, IllegalAccessException {
+ prop = new PropAccess();
+ aEnv = new AuthzEnv();
+ wtr = mock(Writer.class);
+ loc = mock(Locator.class);
+ SecuritySetter<HttpURLConnection> secSet = mock(SecuritySetter.class);
+ hman = new HMangr(aEnv, loc);
+ aafcli = new AAFcli(prop, aEnv, wtr, hman, null, secSet);
+ NS ns = new NS(aafcli);
+ admin = new Admin(ns);
+
+ }
+
+ @Test
+ public void testExec() throws APIException, LocatorException, CadiException, URISyntaxException {
+ Item value = mock(Item.class);
+ Locator.Item item = new Locator.Item() {
+ };
+ when(loc.best()).thenReturn(value);
+ URI uri = new URI("http://www.oracle.com/technetwork/java/index.html");
+ when(loc.get(value)).thenReturn(uri);
+ SecuritySetter<HttpURLConnection> secSet = mock(SecuritySetter.class);
+// HRcli hcli = new HRcli(hman, uri, item, secSet);
+// String[] strArr = {"add", "del","add","add"};
+// admin._exec(0, strArr);
+//
+// String[] strArr1 = {"del","add","add"};
+// admin._exec(0, strArr1);
+
+ }
- @Test
- public void detailedHelp() {
- boolean hasNoError = true;
- try {
- admin.detailedHelp(1, new StringBuilder("test"));
- } catch (Exception e) {
- hasNoError = false;
- }
- assertEquals(hasNoError, true);
- }
+ @Test
+ public void detailedHelp() {
+ boolean hasNoError = true;
+ try {
+ admin.detailedHelp(1, new StringBuilder("test"));
+ } catch (Exception e) {
+ hasNoError = false;
+ }
+ assertEquals(hasNoError, true);
+ }
}
diff --git a/auth/auth-cmd/src/test/java/org/onap/aaf/auth/cmd/test/ns/JU_Attrib.java b/auth/auth-cmd/src/test/java/org/onap/aaf/auth/cmd/test/ns/JU_Attrib.java
index 181b4526..0f14d8ea 100644
--- a/auth/auth-cmd/src/test/java/org/onap/aaf/auth/cmd/test/ns/JU_Attrib.java
+++ b/auth/auth-cmd/src/test/java/org/onap/aaf/auth/cmd/test/ns/JU_Attrib.java
@@ -61,57 +61,57 @@ import org.onap.aaf.misc.env.APIException;
@RunWith(MockitoJUnitRunner.class)
public class JU_Attrib {
- private static Attrib attrib;
- PropAccess prop;
- AuthzEnv aEnv;
- Writer wtr;
- Locator<URI> loc;
- HMangr hman;
- AAFcli aafcli;
+ private static Attrib attrib;
+ PropAccess prop;
+ AuthzEnv aEnv;
+ Writer wtr;
+ Locator<URI> loc;
+ HMangr hman;
+ AAFcli aafcli;
- @Before
- public void setUp() throws NoSuchFieldException, SecurityException, Exception, IllegalAccessException {
- prop = new PropAccess();
- aEnv = new AuthzEnv();
- wtr = mock(Writer.class);
- loc = mock(Locator.class);
- SecuritySetter<HttpURLConnection> secSet = mock(SecuritySetter.class);
- hman = new HMangr(aEnv, loc);
- aafcli = new AAFcli(prop, aEnv, wtr, hman, null, secSet);
- NS ns = new NS(aafcli);
- attrib = new Attrib(ns);
- }
+ @Before
+ public void setUp() throws NoSuchFieldException, SecurityException, Exception, IllegalAccessException {
+ prop = new PropAccess();
+ aEnv = new AuthzEnv();
+ wtr = mock(Writer.class);
+ loc = mock(Locator.class);
+ SecuritySetter<HttpURLConnection> secSet = mock(SecuritySetter.class);
+ hman = new HMangr(aEnv, loc);
+ aafcli = new AAFcli(prop, aEnv, wtr, hman, null, secSet);
+ NS ns = new NS(aafcli);
+ attrib = new Attrib(ns);
+ }
- @Test
- public void testExec() throws APIException, LocatorException, CadiException, URISyntaxException {
- Item value = mock(Item.class);
- Locator.Item item = new Locator.Item() {
- };
- when(loc.best()).thenReturn(value);
- URI uri = new URI("http://www.oracle.com/technetwork/java/index.html");
- when(loc.get(value)).thenReturn(uri);
- SecuritySetter<HttpURLConnection> secSet = mock(SecuritySetter.class);
-// HRcli hcli = new HRcli(hman, uri, item, secSet);
-// String[] strArr = {"add","upd","del","add","upd","del"};
-// attrib._exec(0, strArr);
-//
-// String[] strArr1 = {"upd","del","add","upd","del","add"};
-// attrib._exec(0, strArr1);
-//
-// String[] strArr2 = {"del","add","upd","del","add","upd"};
-// attrib._exec(0, strArr2);
-
- }
+ @Test
+ public void testExec() throws APIException, LocatorException, CadiException, URISyntaxException {
+ Item value = mock(Item.class);
+ Locator.Item item = new Locator.Item() {
+ };
+ when(loc.best()).thenReturn(value);
+ URI uri = new URI("http://www.oracle.com/technetwork/java/index.html");
+ when(loc.get(value)).thenReturn(uri);
+ SecuritySetter<HttpURLConnection> secSet = mock(SecuritySetter.class);
+// HRcli hcli = new HRcli(hman, uri, item, secSet);
+// String[] strArr = {"add","upd","del","add","upd","del"};
+// attrib._exec(0, strArr);
+//
+// String[] strArr1 = {"upd","del","add","upd","del","add"};
+// attrib._exec(0, strArr1);
+//
+// String[] strArr2 = {"del","add","upd","del","add","upd"};
+// attrib._exec(0, strArr2);
+
+ }
- @Test
- public void detailedHelp() {
- boolean hasNoError = true;
- try {
- attrib.detailedHelp(1, new StringBuilder("test"));
- } catch (Exception e) {
- hasNoError = false;
- }
- assertEquals(hasNoError, true);
- }
+ @Test
+ public void detailedHelp() {
+ boolean hasNoError = true;
+ try {
+ attrib.detailedHelp(1, new StringBuilder("test"));
+ } catch (Exception e) {
+ hasNoError = false;
+ }
+ assertEquals(hasNoError, true);
+ }
}
diff --git a/auth/auth-cmd/src/test/java/org/onap/aaf/auth/cmd/test/ns/JU_Create.java b/auth/auth-cmd/src/test/java/org/onap/aaf/auth/cmd/test/ns/JU_Create.java
index bc590695..83417138 100644
--- a/auth/auth-cmd/src/test/java/org/onap/aaf/auth/cmd/test/ns/JU_Create.java
+++ b/auth/auth-cmd/src/test/java/org/onap/aaf/auth/cmd/test/ns/JU_Create.java
@@ -51,52 +51,52 @@ import org.onap.aaf.misc.env.APIException;
@RunWith(MockitoJUnitRunner.class)
public class JU_Create {
- private static Create create;//might need to replace import with org.onap.aaf.auth.cmd.perm
- PropAccess prop;
- AuthzEnv aEnv;
- Writer wtr;
- Locator<URI> loc;
- HMangr hman;
- AAFcli aafcli;
-
- @Before
- public void setUp() throws NoSuchFieldException, SecurityException, Exception, IllegalAccessException {
- prop = new PropAccess();
- aEnv = new AuthzEnv();
- wtr = mock(Writer.class);
- loc = mock(Locator.class);
- SecuritySetter<HttpURLConnection> secSet = mock(SecuritySetter.class);
- hman = new HMangr(aEnv, loc);
- aafcli = new AAFcli(prop, aEnv, wtr, hman, null, secSet);
- NS ns = new NS(aafcli);
- create = new Create(ns);
- }
-
-
+ private static Create create;//might need to replace import with org.onap.aaf.auth.cmd.perm
+ PropAccess prop;
+ AuthzEnv aEnv;
+ Writer wtr;
+ Locator<URI> loc;
+ HMangr hman;
+ AAFcli aafcli;
+
+ @Before
+ public void setUp() throws NoSuchFieldException, SecurityException, Exception, IllegalAccessException {
+ prop = new PropAccess();
+ aEnv = new AuthzEnv();
+ wtr = mock(Writer.class);
+ loc = mock(Locator.class);
+ SecuritySetter<HttpURLConnection> secSet = mock(SecuritySetter.class);
+ hman = new HMangr(aEnv, loc);
+ aafcli = new AAFcli(prop, aEnv, wtr, hman, null, secSet);
+ NS ns = new NS(aafcli);
+ create = new Create(ns);
+ }
+
+
- @Test
- public void testExec() throws APIException, LocatorException, CadiException, URISyntaxException {
- Item value = mock(Item.class);
- Locator.Item item = new Locator.Item() {
- };
- when(loc.best()).thenReturn(value);
- URI uri = new URI("http://www.oracle.com/technetwork/java/index.html");
- when(loc.get(value)).thenReturn(uri);
- SecuritySetter<HttpURLConnection> secSet = mock(SecuritySetter.class);
- HRcli hcli = new HRcli(hman, uri, item, secSet);
- String[] strArr = {"add","upd","del","add","upd","del"};
- create._exec(0, strArr);
-
- }
+ @Test
+ public void testExec() throws APIException, LocatorException, CadiException, URISyntaxException {
+ Item value = mock(Item.class);
+ Locator.Item item = new Locator.Item() {
+ };
+ when(loc.best()).thenReturn(value);
+ URI uri = new URI("http://www.oracle.com/technetwork/java/index.html");
+ when(loc.get(value)).thenReturn(uri);
+ SecuritySetter<HttpURLConnection> secSet = mock(SecuritySetter.class);
+ HRcli hcli = new HRcli(hman, uri, item, secSet);
+ String[] strArr = {"add","upd","del","add","upd","del"};
+ create._exec(0, strArr);
+
+ }
- @Test
- public void detailedHelp() {
- boolean hasNoError = true;
- try {
- create.detailedHelp(1, new StringBuilder("test"));
- } catch (Exception e) {
- hasNoError = false;
- }
- assertEquals(hasNoError, true);
- }
+ @Test
+ public void detailedHelp() {
+ boolean hasNoError = true;
+ try {
+ create.detailedHelp(1, new StringBuilder("test"));
+ } catch (Exception e) {
+ hasNoError = false;
+ }
+ assertEquals(hasNoError, true);
+ }
}
diff --git a/auth/auth-cmd/src/test/java/org/onap/aaf/auth/cmd/test/ns/JU_Delete.java b/auth/auth-cmd/src/test/java/org/onap/aaf/auth/cmd/test/ns/JU_Delete.java
index ee877a4b..8d4c739d 100644
--- a/auth/auth-cmd/src/test/java/org/onap/aaf/auth/cmd/test/ns/JU_Delete.java
+++ b/auth/auth-cmd/src/test/java/org/onap/aaf/auth/cmd/test/ns/JU_Delete.java
@@ -49,52 +49,52 @@ import org.onap.aaf.misc.env.APIException;
public class JU_Delete {
- private static Delete delete;//import may be org.onap.aaf.auth.cmd.perm
- PropAccess prop;
- AuthzEnv aEnv;
- Writer wtr;
- Locator<URI> loc;
- HMangr hman;
- AAFcli aafcli;
-
- @Before
- public void setUp() throws APIException, LocatorException, GeneralSecurityException, IOException, CadiException {
- prop = new PropAccess();
- aEnv = new AuthzEnv();
- wtr = mock(Writer.class);
- loc = mock(Locator.class);
- SecuritySetter<HttpURLConnection> secSet = mock(SecuritySetter.class);
- hman = new HMangr(aEnv, loc);
- aafcli = new AAFcli(prop, aEnv, wtr, hman, null, secSet);
- NS ns = new NS(aafcli);
- delete = new Delete(ns);
+ private static Delete delete;//import may be org.onap.aaf.auth.cmd.perm
+ PropAccess prop;
+ AuthzEnv aEnv;
+ Writer wtr;
+ Locator<URI> loc;
+ HMangr hman;
+ AAFcli aafcli;
+
+ @Before
+ public void setUp() throws APIException, LocatorException, GeneralSecurityException, IOException, CadiException {
+ prop = new PropAccess();
+ aEnv = new AuthzEnv();
+ wtr = mock(Writer.class);
+ loc = mock(Locator.class);
+ SecuritySetter<HttpURLConnection> secSet = mock(SecuritySetter.class);
+ hman = new HMangr(aEnv, loc);
+ aafcli = new AAFcli(prop, aEnv, wtr, hman, null, secSet);
+ NS ns = new NS(aafcli);
+ delete = new Delete(ns);
- }
+ }
- @Test
- public void testExec() throws APIException, LocatorException, CadiException, URISyntaxException {
- Item value = mock(Item.class);
- Locator.Item item = new Locator.Item() {
- };
- when(loc.best()).thenReturn(value);
- URI uri = new URI("http://www.oracle.com/technetwork/java/index.html");
- when(loc.get(value)).thenReturn(uri);
- SecuritySetter<HttpURLConnection> secSet = mock(SecuritySetter.class);
-// HRcli hcli = new HRcli(hman, uri, item, secSet);
-// String[] strArr = {"add","upd","del","add","upd","del"};
-// delete._exec(0, strArr);
-
- }
+ @Test
+ public void testExec() throws APIException, LocatorException, CadiException, URISyntaxException {
+ Item value = mock(Item.class);
+ Locator.Item item = new Locator.Item() {
+ };
+ when(loc.best()).thenReturn(value);
+ URI uri = new URI("http://www.oracle.com/technetwork/java/index.html");
+ when(loc.get(value)).thenReturn(uri);
+ SecuritySetter<HttpURLConnection> secSet = mock(SecuritySetter.class);
+// HRcli hcli = new HRcli(hman, uri, item, secSet);
+// String[] strArr = {"add","upd","del","add","upd","del"};
+// delete._exec(0, strArr);
+
+ }
- @Test
- public void detailedHelp() {
- boolean hasNoError = true;
- try {
- delete.detailedHelp(1, new StringBuilder("test"));
- } catch (Exception e) {
- hasNoError = false;
- }
- assertEquals(hasNoError, true);
- }
+ @Test
+ public void detailedHelp() {
+ boolean hasNoError = true;
+ try {
+ delete.detailedHelp(1, new StringBuilder("test"));
+ } catch (Exception e) {
+ hasNoError = false;
+ }
+ assertEquals(hasNoError, true);
+ }
}
diff --git a/auth/auth-cmd/src/test/java/org/onap/aaf/auth/cmd/test/ns/JU_Describe.java b/auth/auth-cmd/src/test/java/org/onap/aaf/auth/cmd/test/ns/JU_Describe.java
index c0efec00..862c1158 100644
--- a/auth/auth-cmd/src/test/java/org/onap/aaf/auth/cmd/test/ns/JU_Describe.java
+++ b/auth/auth-cmd/src/test/java/org/onap/aaf/auth/cmd/test/ns/JU_Describe.java
@@ -48,47 +48,47 @@ import org.onap.aaf.misc.env.APIException;
@RunWith(MockitoJUnitRunner.class)
public class JU_Describe {
-
- private static Describe desc;
- PropAccess prop;
- AuthzEnv aEnv;
- Writer wtr;
- Locator<URI> loc;
- HMangr hman;
- AAFcli aafcli;
-
- @Before
- public void setUp () throws NoSuchFieldException, SecurityException, Exception, IllegalAccessException {
- prop = new PropAccess();
- aEnv = new AuthzEnv();
- wtr = mock(Writer.class);
- loc = mock(Locator.class);
- SecuritySetter<HttpURLConnection> secSet = mock(SecuritySetter.class);
- hman = new HMangr(aEnv, loc);
- aafcli = new AAFcli(prop, aEnv, wtr, hman, null, secSet);
- NS ns = new NS(aafcli);
- desc = new Describe(ns);
- }
-
- @Test
- public void testExec() throws APIException, LocatorException, CadiException, URISyntaxException {
- Item value = mock(Item.class);
- Locator.Item item = new Locator.Item() {
- };
- when(loc.best()).thenReturn(value);
- URI uri = new URI("http://www.oracle.com/technetwork/java/index.html");
- when(loc.get(value)).thenReturn(uri);
- SecuritySetter<HttpURLConnection> secSet = mock(SecuritySetter.class);
-// HRcli hcli = new HRcli(hman, uri, item, secSet);
-// String[] strArr = {"add","upd","del","add","upd","del"};
-// desc._exec(0, strArr);
-
- }
-
- @Test
- public void testDetailedHelp() {
- StringBuilder sb = new StringBuilder();
- desc.detailedHelp(0, sb );
- }
+
+ private static Describe desc;
+ PropAccess prop;
+ AuthzEnv aEnv;
+ Writer wtr;
+ Locator<URI> loc;
+ HMangr hman;
+ AAFcli aafcli;
+
+ @Before
+ public void setUp () throws NoSuchFieldException, SecurityException, Exception, IllegalAccessException {
+ prop = new PropAccess();
+ aEnv = new AuthzEnv();
+ wtr = mock(Writer.class);
+ loc = mock(Locator.class);
+ SecuritySetter<HttpURLConnection> secSet = mock(SecuritySetter.class);
+ hman = new HMangr(aEnv, loc);
+ aafcli = new AAFcli(prop, aEnv, wtr, hman, null, secSet);
+ NS ns = new NS(aafcli);
+ desc = new Describe(ns);
+ }
+
+ @Test
+ public void testExec() throws APIException, LocatorException, CadiException, URISyntaxException {
+ Item value = mock(Item.class);
+ Locator.Item item = new Locator.Item() {
+ };
+ when(loc.best()).thenReturn(value);
+ URI uri = new URI("http://www.oracle.com/technetwork/java/index.html");
+ when(loc.get(value)).thenReturn(uri);
+ SecuritySetter<HttpURLConnection> secSet = mock(SecuritySetter.class);
+// HRcli hcli = new HRcli(hman, uri, item, secSet);
+// String[] strArr = {"add","upd","del","add","upd","del"};
+// desc._exec(0, strArr);
+
+ }
+
+ @Test
+ public void testDetailedHelp() {
+ StringBuilder sb = new StringBuilder();
+ desc.detailedHelp(0, sb );
+ }
}
diff --git a/auth/auth-cmd/src/test/java/org/onap/aaf/auth/cmd/test/ns/JU_List.java b/auth/auth-cmd/src/test/java/org/onap/aaf/auth/cmd/test/ns/JU_List.java
index a6d2130f..78add994 100644
--- a/auth/auth-cmd/src/test/java/org/onap/aaf/auth/cmd/test/ns/JU_List.java
+++ b/auth/auth-cmd/src/test/java/org/onap/aaf/auth/cmd/test/ns/JU_List.java
@@ -53,91 +53,91 @@ import static org.mockito.Mockito.*;
import org.junit.Test;
public class JU_List {
-
- List list;
- AAFcli aafcli;
- User user;
-
- private class NssStub extends Nss {
- public void addNs(Nss.Ns ns) {
- if (this.ns == null) {
- this.ns = new ArrayList<>();
- }
- this.ns.add(ns);
- }
-
- private class NsStub extends Ns{
- public void addAttrib(Nss.Ns.Attrib attrib) {
- if ( this.attrib == null) {
- this.attrib = new ArrayList<>();
- }
- this.attrib.add(attrib);
- }
-
- public void addResponsible(String str) {
- if (this.responsible == null) {
- this.responsible = new ArrayList<>();
- }
- this.responsible.add(str);
- }
-
- public void addAdmin(String str) {
- if (this.admin == null) {
- this.admin = new ArrayList<>();
- }
- this.admin.add(str);
- }
- }
-
-
-
-
- }
-
+
+ List list;
+ AAFcli aafcli;
+ User user;
+
+ private class NssStub extends Nss {
+ public void addNs(Nss.Ns ns) {
+ if (this.ns == null) {
+ this.ns = new ArrayList<>();
+ }
+ this.ns.add(ns);
+ }
+
+ private class NsStub extends Ns{
+ public void addAttrib(Nss.Ns.Attrib attrib) {
+ if ( this.attrib == null) {
+ this.attrib = new ArrayList<>();
+ }
+ this.attrib.add(attrib);
+ }
+
+ public void addResponsible(String str) {
+ if (this.responsible == null) {
+ this.responsible = new ArrayList<>();
+ }
+ this.responsible.add(str);
+ }
+
+ public void addAdmin(String str) {
+ if (this.admin == null) {
+ this.admin = new ArrayList<>();
+ }
+ this.admin.add(str);
+ }
+ }
+
+
+
+
+ }
+
- @Before
- public void setUp() throws APIException, LocatorException, CadiException {
- PropAccess prop = new PropAccess();
- AuthzEnv aEnv = new AuthzEnv();
- Writer wtr = mock(Writer.class);
- Locator loc = mock(Locator.class);
- HMangr hman = new HMangr(aEnv, loc);
- aafcli = new AAFcli(prop, aEnv, wtr, hman, null, null);
- user = new User();
- NS ns = new NS(aafcli);
-
- list = new List(ns);
- }
-
- @Test
- public void testReport() throws Exception {
- Future<Nss> fu = mock(Future.class);
- NssStub nssStub = new NssStub();
- NssStub.NsStub nsStub = nssStub.new NsStub();
- Nss.Ns.Attrib attrib = mock(Nss.Ns.Attrib.class);
- when(attrib.getKey()).thenReturn("key");
- when(attrib.getValue()).thenReturn("value");
- nsStub.addAttrib(attrib);
- nsStub.addResponsible("test");
- nsStub.addAdmin("admin");
- nssStub.addNs(nsStub);
- fu.value = nssStub;
- aafcli.eval("DETAILS @[ 123");
-
- list.report(fu, "test");
- }
-
- @Test
- public void testGetType() {
- Assert.assertEquals("n/a", list.getType(user));
- user.setType(1);
- Assert.assertEquals("U/P", list.getType(user));
- user.setType(2);
- Assert.assertEquals("U/P2", list.getType(user));
- user.setType(10);
- Assert.assertEquals("Cert", list.getType(user));
- user.setType(200);
- Assert.assertEquals("x509", list.getType(user));
- }
-
+ @Before
+ public void setUp() throws APIException, LocatorException, CadiException {
+ PropAccess prop = new PropAccess();
+ AuthzEnv aEnv = new AuthzEnv();
+ Writer wtr = mock(Writer.class);
+ Locator loc = mock(Locator.class);
+ HMangr hman = new HMangr(aEnv, loc);
+ aafcli = new AAFcli(prop, aEnv, wtr, hman, null, null);
+ user = new User();
+ NS ns = new NS(aafcli);
+
+ list = new List(ns);
+ }
+
+ @Test
+ public void testReport() throws Exception {
+ Future<Nss> fu = mock(Future.class);
+ NssStub nssStub = new NssStub();
+ NssStub.NsStub nsStub = nssStub.new NsStub();
+ Nss.Ns.Attrib attrib = mock(Nss.Ns.Attrib.class);
+ when(attrib.getKey()).thenReturn("key");
+ when(attrib.getValue()).thenReturn("value");
+ nsStub.addAttrib(attrib);
+ nsStub.addResponsible("test");
+ nsStub.addAdmin("admin");
+ nssStub.addNs(nsStub);
+ fu.value = nssStub;
+ aafcli.eval("DETAILS @[ 123");
+
+ list.report(fu, "test");
+ }
+
+ @Test
+ public void testGetType() {
+ Assert.assertEquals("n/a", list.getType(user));
+ user.setType(1);
+ Assert.assertEquals("U/P", list.getType(user));
+ user.setType(2);
+ Assert.assertEquals("U/P2", list.getType(user));
+ user.setType(10);
+ Assert.assertEquals("Cert", list.getType(user));
+ user.setType(200);
+ Assert.assertEquals("x509", list.getType(user));
+ }
+
}
diff --git a/auth/auth-cmd/src/test/java/org/onap/aaf/auth/cmd/test/ns/JU_ListActivity.java b/auth/auth-cmd/src/test/java/org/onap/aaf/auth/cmd/test/ns/JU_ListActivity.java
index bdebe0f9..298d4732 100644
--- a/auth/auth-cmd/src/test/java/org/onap/aaf/auth/cmd/test/ns/JU_ListActivity.java
+++ b/auth/auth-cmd/src/test/java/org/onap/aaf/auth/cmd/test/ns/JU_ListActivity.java
@@ -57,49 +57,49 @@ import org.onap.aaf.misc.env.APIException;
@RunWith(MockitoJUnitRunner.class)
public class JU_ListActivity {
-
- private static ListActivity lsActivity;
- PropAccess prop;
- AuthzEnv aEnv;
- Writer wtr;
- Locator<URI> loc;
- HMangr hman;
- AAFcli aafcli;
-
- @Before
- public void setUp () throws NoSuchFieldException, SecurityException, Exception, IllegalAccessException {
- prop = new PropAccess();
- aEnv = new AuthzEnv();
- wtr = mock(Writer.class);
- loc = mock(Locator.class);
- SecuritySetter<HttpURLConnection> secSet = mock(SecuritySetter.class);
- hman = new HMangr(aEnv, loc);
- aafcli = new AAFcli(prop, aEnv, wtr, hman, null, secSet);
- NS ns = new NS(aafcli);
- List ls = new List(ns);
- lsActivity = new ListActivity(ls);
- }
-
- @Test
- public void testExec() throws APIException, LocatorException, CadiException, URISyntaxException {
- Item value = mock(Item.class);
- Locator.Item item = new Locator.Item() {
- };
- when(loc.best()).thenReturn(value);
- URI uri = new URI("http://www.oracle.com/technetwork/java/index.html");
- when(loc.get(value)).thenReturn(uri);
- SecuritySetter<HttpURLConnection> secSet = mock(SecuritySetter.class);
- HRcli hcli = new HRcli(hman, uri, item, secSet);
- String[] strArr = {"add","upd","del","add","upd","del"};
- //lsActivity._exec(0, strArr);
-
- }
-
- @Test
- public void testDetailedHelp() {
- StringBuilder sb = new StringBuilder();
- lsActivity.detailedHelp(0, sb );
- }
+
+ private static ListActivity lsActivity;
+ PropAccess prop;
+ AuthzEnv aEnv;
+ Writer wtr;
+ Locator<URI> loc;
+ HMangr hman;
+ AAFcli aafcli;
+
+ @Before
+ public void setUp () throws NoSuchFieldException, SecurityException, Exception, IllegalAccessException {
+ prop = new PropAccess();
+ aEnv = new AuthzEnv();
+ wtr = mock(Writer.class);
+ loc = mock(Locator.class);
+ SecuritySetter<HttpURLConnection> secSet = mock(SecuritySetter.class);
+ hman = new HMangr(aEnv, loc);
+ aafcli = new AAFcli(prop, aEnv, wtr, hman, null, secSet);
+ NS ns = new NS(aafcli);
+ List ls = new List(ns);
+ lsActivity = new ListActivity(ls);
+ }
+
+ @Test
+ public void testExec() throws APIException, LocatorException, CadiException, URISyntaxException {
+ Item value = mock(Item.class);
+ Locator.Item item = new Locator.Item() {
+ };
+ when(loc.best()).thenReturn(value);
+ URI uri = new URI("http://www.oracle.com/technetwork/java/index.html");
+ when(loc.get(value)).thenReturn(uri);
+ SecuritySetter<HttpURLConnection> secSet = mock(SecuritySetter.class);
+ HRcli hcli = new HRcli(hman, uri, item, secSet);
+ String[] strArr = {"add","upd","del","add","upd","del"};
+ //lsActivity._exec(0, strArr);
+
+ }
+
+ @Test
+ public void testDetailedHelp() {
+ StringBuilder sb = new StringBuilder();
+ lsActivity.detailedHelp(0, sb );
+ }
}
diff --git a/auth/auth-cmd/src/test/java/org/onap/aaf/auth/cmd/test/ns/JU_ListAdminResponsible.java b/auth/auth-cmd/src/test/java/org/onap/aaf/auth/cmd/test/ns/JU_ListAdminResponsible.java
index 0e146edb..7d7422fd 100644
--- a/auth/auth-cmd/src/test/java/org/onap/aaf/auth/cmd/test/ns/JU_ListAdminResponsible.java
+++ b/auth/auth-cmd/src/test/java/org/onap/aaf/auth/cmd/test/ns/JU_ListAdminResponsible.java
@@ -56,48 +56,48 @@ import org.onap.aaf.misc.env.APIException;
@RunWith(MockitoJUnitRunner.class)
public class JU_ListAdminResponsible {
-
- private static ListAdminResponsible lsAdminRes;
- PropAccess prop;
- AuthzEnv aEnv;
- Writer wtr;
- Locator<URI> loc;
- HMangr hman;
- AAFcli aafcli;
-
- @Before
- public void setUp () throws NoSuchFieldException, SecurityException, Exception, IllegalAccessException {
- prop = new PropAccess();
- aEnv = new AuthzEnv();
- wtr = mock(Writer.class);
- loc = mock(Locator.class);
- SecuritySetter<HttpURLConnection> secSet = mock(SecuritySetter.class);
- hman = new HMangr(aEnv, loc);
- aafcli = new AAFcli(prop, aEnv, wtr, hman, null, secSet);
- NS ns = new NS(aafcli);
- List ls = new List(ns);
- lsAdminRes = new ListAdminResponsible(ls);
- }
-
- @Test
- public void testExec() throws APIException, LocatorException, CadiException, URISyntaxException {
- Item value = mock(Item.class);
- Locator.Item item = new Locator.Item() {
- };
- when(loc.best()).thenReturn(value);
- URI uri = new URI("http://www.oracle.com/technetwork/java/index.html");
- when(loc.get(value)).thenReturn(uri);
- SecuritySetter<HttpURLConnection> secSet = mock(SecuritySetter.class);
- HRcli hcli = new HRcli(hman, uri, item, secSet);
- String[] strArr = {"add","upd","del","add","upd","del"};
- //lsAdminRes._exec(0, strArr);
-
- }
-
- @Test
- public void testDetailedHelp() {
- StringBuilder sb = new StringBuilder();
- lsAdminRes.detailedHelp(0, sb );
- }
+
+ private static ListAdminResponsible lsAdminRes;
+ PropAccess prop;
+ AuthzEnv aEnv;
+ Writer wtr;
+ Locator<URI> loc;
+ HMangr hman;
+ AAFcli aafcli;
+
+ @Before
+ public void setUp () throws NoSuchFieldException, SecurityException, Exception, IllegalAccessException {
+ prop = new PropAccess();
+ aEnv = new AuthzEnv();
+ wtr = mock(Writer.class);
+ loc = mock(Locator.class);
+ SecuritySetter<HttpURLConnection> secSet = mock(SecuritySetter.class);
+ hman = new HMangr(aEnv, loc);
+ aafcli = new AAFcli(prop, aEnv, wtr, hman, null, secSet);
+ NS ns = new NS(aafcli);
+ List ls = new List(ns);
+ lsAdminRes = new ListAdminResponsible(ls);
+ }
+
+ @Test
+ public void testExec() throws APIException, LocatorException, CadiException, URISyntaxException {
+ Item value = mock(Item.class);
+ Locator.Item item = new Locator.Item() {
+ };
+ when(loc.best()).thenReturn(value);
+ URI uri = new URI("http://www.oracle.com/technetwork/java/index.html");
+ when(loc.get(value)).thenReturn(uri);
+ SecuritySetter<HttpURLConnection> secSet = mock(SecuritySetter.class);
+ HRcli hcli = new HRcli(hman, uri, item, secSet);
+ String[] strArr = {"add","upd","del","add","upd","del"};
+ //lsAdminRes._exec(0, strArr);
+
+ }
+
+ @Test
+ public void testDetailedHelp() {
+ StringBuilder sb = new StringBuilder();
+ lsAdminRes.detailedHelp(0, sb );
+ }
}
diff --git a/auth/auth-cmd/src/test/java/org/onap/aaf/auth/cmd/test/ns/JU_ListByName.java b/auth/auth-cmd/src/test/java/org/onap/aaf/auth/cmd/test/ns/JU_ListByName.java
index 48711dc9..c37237dc 100644
--- a/auth/auth-cmd/src/test/java/org/onap/aaf/auth/cmd/test/ns/JU_ListByName.java
+++ b/auth/auth-cmd/src/test/java/org/onap/aaf/auth/cmd/test/ns/JU_ListByName.java
@@ -56,48 +56,48 @@ import org.onap.aaf.misc.env.APIException;
@RunWith(MockitoJUnitRunner.class)
public class JU_ListByName {
-
- private static ListByName lsByName;
- PropAccess prop;
- AuthzEnv aEnv;
- Writer wtr;
- Locator<URI> loc;
- HMangr hman;
- AAFcli aafcli;
-
- @Before
- public void setUp () throws NoSuchFieldException, SecurityException, Exception, IllegalAccessException {
- prop = new PropAccess();
- aEnv = new AuthzEnv();
- wtr = mock(Writer.class);
- loc = mock(Locator.class);
- SecuritySetter<HttpURLConnection> secSet = mock(SecuritySetter.class);
- hman = new HMangr(aEnv, loc);
- aafcli = new AAFcli(prop, aEnv, wtr, hman, null, secSet);
- NS ns = new NS(aafcli);
- List ls = new List(ns);
- lsByName = new ListByName(ls);
- }
-
- @Test
- public void testExec() throws APIException, LocatorException, CadiException, URISyntaxException {
- Item value = mock(Item.class);
- Locator.Item item = new Locator.Item() {
- };
- when(loc.best()).thenReturn(value);
- URI uri = new URI("http://www.oracle.com/technetwork/java/index.html");
- when(loc.get(value)).thenReturn(uri);
- SecuritySetter<HttpURLConnection> secSet = mock(SecuritySetter.class);
- HRcli hcli = new HRcli(hman, uri, item, secSet);
- String[] strArr = {"add","upd","del","add","upd","del"};
- //lsByName._exec(0, strArr);
-
- }
-
- @Test
- public void testDetailedHelp() {
- StringBuilder sb = new StringBuilder();
- lsByName.detailedHelp(0, sb );
- }
+
+ private static ListByName lsByName;
+ PropAccess prop;
+ AuthzEnv aEnv;
+ Writer wtr;
+ Locator<URI> loc;
+ HMangr hman;
+ AAFcli aafcli;
+
+ @Before
+ public void setUp () throws NoSuchFieldException, SecurityException, Exception, IllegalAccessException {
+ prop = new PropAccess();
+ aEnv = new AuthzEnv();
+ wtr = mock(Writer.class);
+ loc = mock(Locator.class);
+ SecuritySetter<HttpURLConnection> secSet = mock(SecuritySetter.class);
+ hman = new HMangr(aEnv, loc);
+ aafcli = new AAFcli(prop, aEnv, wtr, hman, null, secSet);
+ NS ns = new NS(aafcli);
+ List ls = new List(ns);
+ lsByName = new ListByName(ls);
+ }
+
+ @Test
+ public void testExec() throws APIException, LocatorException, CadiException, URISyntaxException {
+ Item value = mock(Item.class);
+ Locator.Item item = new Locator.Item() {
+ };
+ when(loc.best()).thenReturn(value);
+ URI uri = new URI("http://www.oracle.com/technetwork/java/index.html");
+ when(loc.get(value)).thenReturn(uri);
+ SecuritySetter<HttpURLConnection> secSet = mock(SecuritySetter.class);
+ HRcli hcli = new HRcli(hman, uri, item, secSet);
+ String[] strArr = {"add","upd","del","add","upd","del"};
+ //lsByName._exec(0, strArr);
+
+ }
+
+ @Test
+ public void testDetailedHelp() {
+ StringBuilder sb = new StringBuilder();
+ lsByName.detailedHelp(0, sb );
+ }
}
diff --git a/auth/auth-cmd/src/test/java/org/onap/aaf/auth/cmd/test/ns/JU_ListChildren.java b/auth/auth-cmd/src/test/java/org/onap/aaf/auth/cmd/test/ns/JU_ListChildren.java
index 5723f19f..5b697de0 100644
--- a/auth/auth-cmd/src/test/java/org/onap/aaf/auth/cmd/test/ns/JU_ListChildren.java
+++ b/auth/auth-cmd/src/test/java/org/onap/aaf/auth/cmd/test/ns/JU_ListChildren.java
@@ -41,37 +41,37 @@ import org.onap.aaf.misc.env.APIException;
@RunWith(MockitoJUnitRunner.class)
public class JU_ListChildren {
-
- private static ListChildren lsChildren;
-
- @BeforeClass
- public static void setUp () throws NoSuchFieldException, SecurityException, Exception, IllegalAccessException {
- AAFcli cli = JU_AAFCli.getAAfCli();
- NS ns = new NS(cli);
- List ls = new List(ns);
- lsChildren = new ListChildren(ls);
- }
-
-// @Test
-// public void exec() {
-// try {
-// assertEquals(lsChildren._exec(0, "add","del","reset","extend"),500);
-// } catch (CadiException e) {
-// // TODO Auto-generated catch block
-// e.printStackTrace();
-// } catch (APIException e) {
-// // TODO Auto-generated catch block
-// e.printStackTrace();
-// } catch (LocatorException e) {
-// // TODO Auto-generated catch block
-// e.printStackTrace();
-// }
-// }
-
- @Test
- public void testDetailedHelp() {
- StringBuilder sb = new StringBuilder();
- lsChildren.detailedHelp(0, sb );
- }
+
+ private static ListChildren lsChildren;
+
+ @BeforeClass
+ public static void setUp () throws NoSuchFieldException, SecurityException, Exception, IllegalAccessException {
+ AAFcli cli = JU_AAFCli.getAAfCli();
+ NS ns = new NS(cli);
+ List ls = new List(ns);
+ lsChildren = new ListChildren(ls);
+ }
+
+// @Test
+// public void exec() {
+// try {
+// assertEquals(lsChildren._exec(0, "add","del","reset","extend"),500);
+// } catch (CadiException e) {
+// // TODO Auto-generated catch block
+// e.printStackTrace();
+// } catch (APIException e) {
+// // TODO Auto-generated catch block
+// e.printStackTrace();
+// } catch (LocatorException e) {
+// // TODO Auto-generated catch block
+// e.printStackTrace();
+// }
+// }
+
+ @Test
+ public void testDetailedHelp() {
+ StringBuilder sb = new StringBuilder();
+ lsChildren.detailedHelp(0, sb );
+ }
}
diff --git a/auth/auth-cmd/src/test/java/org/onap/aaf/auth/cmd/test/ns/JU_ListNsKeysByAttrib.java b/auth/auth-cmd/src/test/java/org/onap/aaf/auth/cmd/test/ns/JU_ListNsKeysByAttrib.java
index a1b0da19..6c8e61a5 100644
--- a/auth/auth-cmd/src/test/java/org/onap/aaf/auth/cmd/test/ns/JU_ListNsKeysByAttrib.java
+++ b/auth/auth-cmd/src/test/java/org/onap/aaf/auth/cmd/test/ns/JU_ListNsKeysByAttrib.java
@@ -40,37 +40,37 @@ import org.onap.aaf.misc.env.APIException;
@RunWith(MockitoJUnitRunner.class)
public class JU_ListNsKeysByAttrib {
-
- private static ListNsKeysByAttrib lsNsKeys;
-
- @BeforeClass
- public static void setUp () throws NoSuchFieldException, SecurityException, Exception, IllegalAccessException {
- AAFcli cli = JU_AAFCli.getAAfCli();
- NS ns = new NS(cli);
- List ls = new List(ns);
- lsNsKeys = new ListNsKeysByAttrib(ls);
- }
-
-// @Test
-// public void exec() {
-// try {
-// assertEquals(lsNsKeys._exec(0, "add","del","reset","extend"),500);
-// } catch (CadiException e) {
-// // TODO Auto-generated catch block
-// e.printStackTrace();
-// } catch (APIException e) {
-// // TODO Auto-generated catch block
-// e.printStackTrace();
-// } catch (LocatorException e) {
-// // TODO Auto-generated catch block
-// e.printStackTrace();
-// }
-// }
-
- @Test
- public void testDetailedHelp() {
- StringBuilder sb = new StringBuilder();
- lsNsKeys.detailedHelp(0, sb );
- }
+
+ private static ListNsKeysByAttrib lsNsKeys;
+
+ @BeforeClass
+ public static void setUp () throws NoSuchFieldException, SecurityException, Exception, IllegalAccessException {
+ AAFcli cli = JU_AAFCli.getAAfCli();
+ NS ns = new NS(cli);
+ List ls = new List(ns);
+ lsNsKeys = new ListNsKeysByAttrib(ls);
+ }
+
+// @Test
+// public void exec() {
+// try {
+// assertEquals(lsNsKeys._exec(0, "add","del","reset","extend"),500);
+// } catch (CadiException e) {
+// // TODO Auto-generated catch block
+// e.printStackTrace();
+// } catch (APIException e) {
+// // TODO Auto-generated catch block
+// e.printStackTrace();
+// } catch (LocatorException e) {
+// // TODO Auto-generated catch block
+// e.printStackTrace();
+// }
+// }
+
+ @Test
+ public void testDetailedHelp() {
+ StringBuilder sb = new StringBuilder();
+ lsNsKeys.detailedHelp(0, sb );
+ }
}
diff --git a/auth/auth-cmd/src/test/java/org/onap/aaf/auth/cmd/test/ns/JU_ListUsers.java b/auth/auth-cmd/src/test/java/org/onap/aaf/auth/cmd/test/ns/JU_ListUsers.java
index 909e852e..f400e16d 100644
--- a/auth/auth-cmd/src/test/java/org/onap/aaf/auth/cmd/test/ns/JU_ListUsers.java
+++ b/auth/auth-cmd/src/test/java/org/onap/aaf/auth/cmd/test/ns/JU_ListUsers.java
@@ -52,29 +52,29 @@ import org.junit.Test;
public class JU_ListUsers {
- AAFcli cli;
- NS ns;
- List list;
- ListUsers lUsers;
-
- @Before
- public void setUp() throws APIException, LocatorException, GeneralSecurityException, IOException, CadiException {
- cli = JU_AAFCli.getAAfCli();
- ns = new NS(cli);
- list = new List(ns);
- lUsers = new ListUsers(list);
- }
-
- @Test
- public void testReports() throws DatatypeConfigurationException {
- Users.User user = new Users.User();
- GregorianCalendar gcal = new GregorianCalendar();
- XMLGregorianCalendar xgcal = DatatypeFactory.newInstance().newXMLGregorianCalendar(gcal);
- user.setExpires(xgcal);
-
- lUsers.report("header", "ns");
- lUsers.report("subHead");
- lUsers.report("prefix", user);
- }
+ AAFcli cli;
+ NS ns;
+ List list;
+ ListUsers lUsers;
+
+ @Before
+ public void setUp() throws APIException, LocatorException, GeneralSecurityException, IOException, CadiException {
+ cli = JU_AAFCli.getAAfCli();
+ ns = new NS(cli);
+ list = new List(ns);
+ lUsers = new ListUsers(list);
+ }
+
+ @Test
+ public void testReports() throws DatatypeConfigurationException {
+ Users.User user = new Users.User();
+ GregorianCalendar gcal = new GregorianCalendar();
+ XMLGregorianCalendar xgcal = DatatypeFactory.newInstance().newXMLGregorianCalendar(gcal);
+ user.setExpires(xgcal);
+
+ lUsers.report("header", "ns");
+ lUsers.report("subHead");
+ lUsers.report("prefix", user);
+ }
}
diff --git a/auth/auth-cmd/src/test/java/org/onap/aaf/auth/cmd/test/ns/JU_ListUsersContact.java b/auth/auth-cmd/src/test/java/org/onap/aaf/auth/cmd/test/ns/JU_ListUsersContact.java
index 536d70fa..e0029791 100644
--- a/auth/auth-cmd/src/test/java/org/onap/aaf/auth/cmd/test/ns/JU_ListUsersContact.java
+++ b/auth/auth-cmd/src/test/java/org/onap/aaf/auth/cmd/test/ns/JU_ListUsersContact.java
@@ -55,51 +55,51 @@ import org.junit.Test;
public class JU_ListUsersContact {
- PropAccess prop;
- AuthzEnv aEnv;
- Writer wtr;
- Locator<URI> loc;
- HMangr hman;
- AAFcli aafcli;
- NS ns;
- List list;
- ListUsers lUsers;
- ListUsersContact lUContact;
-
- @Before
- public void setUp() throws LocatorException, APIException, CadiException {
- prop = new PropAccess();
- aEnv = new AuthzEnv();
- wtr = mock(Writer.class);
- loc = mock(Locator.class);
- SecuritySetter<HttpURLConnection> secSet = mock(SecuritySetter.class);
- hman = new HMangr(aEnv, loc);
- aafcli = new AAFcli(prop, aEnv, wtr, hman, null, secSet);
- ns = new NS(aafcli);
- list = new List(ns);
- lUsers = new ListUsers(list);
- }
-
- @Test
- public void testExec() throws APIException, LocatorException, CadiException, URISyntaxException {
- lUContact = new ListUsersContact(lUsers);
- Item value = mock(Item.class);
- Locator.Item item = new Locator.Item() {
- };
- when(loc.best()).thenReturn(value);
- URI uri = new URI("http://www.oracle.com/technetwork/java/index.html");
- when(loc.get(value)).thenReturn(uri);
- SecuritySetter<HttpURLConnection> secSet = mock(SecuritySetter.class);
- HRcli hcli = new HRcli(hman, uri, item, secSet);
- //lUContact._exec(0, "test");
-
- }
-
- @Test
- public void testDetailedHelp() {
- lUContact = new ListUsersContact(lUsers);
- StringBuilder sb = new StringBuilder();
- lUContact.detailedHelp(0, sb);
- }
+ PropAccess prop;
+ AuthzEnv aEnv;
+ Writer wtr;
+ Locator<URI> loc;
+ HMangr hman;
+ AAFcli aafcli;
+ NS ns;
+ List list;
+ ListUsers lUsers;
+ ListUsersContact lUContact;
+
+ @Before
+ public void setUp() throws LocatorException, APIException, CadiException {
+ prop = new PropAccess();
+ aEnv = new AuthzEnv();
+ wtr = mock(Writer.class);
+ loc = mock(Locator.class);
+ SecuritySetter<HttpURLConnection> secSet = mock(SecuritySetter.class);
+ hman = new HMangr(aEnv, loc);
+ aafcli = new AAFcli(prop, aEnv, wtr, hman, null, secSet);
+ ns = new NS(aafcli);
+ list = new List(ns);
+ lUsers = new ListUsers(list);
+ }
+
+ @Test
+ public void testExec() throws APIException, LocatorException, CadiException, URISyntaxException {
+ lUContact = new ListUsersContact(lUsers);
+ Item value = mock(Item.class);
+ Locator.Item item = new Locator.Item() {
+ };
+ when(loc.best()).thenReturn(value);
+ URI uri = new URI("http://www.oracle.com/technetwork/java/index.html");
+ when(loc.get(value)).thenReturn(uri);
+ SecuritySetter<HttpURLConnection> secSet = mock(SecuritySetter.class);
+ HRcli hcli = new HRcli(hman, uri, item, secSet);
+ //lUContact._exec(0, "test");
+
+ }
+
+ @Test
+ public void testDetailedHelp() {
+ lUContact = new ListUsersContact(lUsers);
+ StringBuilder sb = new StringBuilder();
+ lUContact.detailedHelp(0, sb);
+ }
}
diff --git a/auth/auth-cmd/src/test/java/org/onap/aaf/auth/cmd/test/ns/JU_ListUsersInRole.java b/auth/auth-cmd/src/test/java/org/onap/aaf/auth/cmd/test/ns/JU_ListUsersInRole.java
index 9f61b009..8d4cf593 100644
--- a/auth/auth-cmd/src/test/java/org/onap/aaf/auth/cmd/test/ns/JU_ListUsersInRole.java
+++ b/auth/auth-cmd/src/test/java/org/onap/aaf/auth/cmd/test/ns/JU_ListUsersInRole.java
@@ -39,35 +39,35 @@ import org.onap.aaf.auth.cmd.test.JU_AAFCli;
@RunWith(MockitoJUnitRunner.class)
public class JU_ListUsersInRole {
- private static ListUsersInRole lsUserinRole;
+ private static ListUsersInRole lsUserinRole;
- @BeforeClass
- public static void setUp() throws NoSuchFieldException, SecurityException, Exception, IllegalAccessException {
- AAFcli cli = JU_AAFCli.getAAfCli();
- NS ns = new NS(cli);
- List ls = new List(ns);//possible wrong import, remove import org.onap.aaf.auth.cmd.ns to see other options
- ListUsers lsU = new ListUsers(ls);
- lsUserinRole = new ListUsersInRole(lsU);
- }
+ @BeforeClass
+ public static void setUp() throws NoSuchFieldException, SecurityException, Exception, IllegalAccessException {
+ AAFcli cli = JU_AAFCli.getAAfCli();
+ NS ns = new NS(cli);
+ List ls = new List(ns);//possible wrong import, remove import org.onap.aaf.auth.cmd.ns to see other options
+ ListUsers lsU = new ListUsers(ls);
+ lsUserinRole = new ListUsersInRole(lsU);
+ }
-// @Test
-// public void exec() {
-// try {
-// assertEquals(lsUserinRole._exec(0, "add", "del", "reset", "extend"), 500);
-// } catch (Exception e) {
-// assertEquals(e.getMessage(), "java.net.UnknownHostException: DME2RESOLVE");
-// }
-// }
+// @Test
+// public void exec() {
+// try {
+// assertEquals(lsUserinRole._exec(0, "add", "del", "reset", "extend"), 500);
+// } catch (Exception e) {
+// assertEquals(e.getMessage(), "java.net.UnknownHostException: DME2RESOLVE");
+// }
+// }
- @Test
- public void detailedHelp() {
- boolean hasNoError = true;
- try {
- lsUserinRole.detailedHelp(1, new StringBuilder("test"));
- } catch (Exception e) {
- hasNoError = false;
- }
- assertEquals(hasNoError, true);
- }
+ @Test
+ public void detailedHelp() {
+ boolean hasNoError = true;
+ try {
+ lsUserinRole.detailedHelp(1, new StringBuilder("test"));
+ } catch (Exception e) {
+ hasNoError = false;
+ }
+ assertEquals(hasNoError, true);
+ }
}
diff --git a/auth/auth-cmd/src/test/java/org/onap/aaf/auth/cmd/test/ns/JU_ListUsersWithPerm.java b/auth/auth-cmd/src/test/java/org/onap/aaf/auth/cmd/test/ns/JU_ListUsersWithPerm.java
index 62984d63..dd750c66 100644
--- a/auth/auth-cmd/src/test/java/org/onap/aaf/auth/cmd/test/ns/JU_ListUsersWithPerm.java
+++ b/auth/auth-cmd/src/test/java/org/onap/aaf/auth/cmd/test/ns/JU_ListUsersWithPerm.java
@@ -39,40 +39,40 @@ import org.onap.aaf.auth.cmd.test.JU_AAFCli;
@RunWith(MockitoJUnitRunner.class)
public class JU_ListUsersWithPerm {
- private static ListUsersWithPerm lsUserWithPerm;
+ private static ListUsersWithPerm lsUserWithPerm;
- @BeforeClass
- public static void setUp() throws NoSuchFieldException, SecurityException, Exception, IllegalAccessException {
- AAFcli cli = JU_AAFCli.getAAfCli();
- NS ns = new NS(cli);
- List ls = new List(ns);//possible wrong import, remove import org.onap.aaf.auth.cmd.ns to see other option
- ListUsers lsU = new ListUsers(ls);
- lsUserWithPerm = new ListUsersWithPerm(lsU);
- }
+ @BeforeClass
+ public static void setUp() throws NoSuchFieldException, SecurityException, Exception, IllegalAccessException {
+ AAFcli cli = JU_AAFCli.getAAfCli();
+ NS ns = new NS(cli);
+ List ls = new List(ns);//possible wrong import, remove import org.onap.aaf.auth.cmd.ns to see other option
+ ListUsers lsU = new ListUsers(ls);
+ lsUserWithPerm = new ListUsersWithPerm(lsU);
+ }
-// @Test
-// public void exec() {
-// try {
-// assertEquals(lsUserWithPerm._exec(0, "add", "del", "reset", "extend"), 500);
-// } catch (Exception e) {
-// assertEquals(e.getMessage(), "No Services Found for https://DME2RESOLVE [ ]");
+// @Test
+// public void exec() {
+// try {
+// assertEquals(lsUserWithPerm._exec(0, "add", "del", "reset", "extend"), 500);
+// } catch (Exception e) {
+// assertEquals(e.getMessage(), "No Services Found for https://DME2RESOLVE [ ]");
//
-// }
-// }
+// }
+// }
- @Test
- public void detailedHelp() {
- boolean hasNoError = true;
- try {
- lsUserWithPerm.detailedHelp(1, new StringBuilder("test"));
- } catch (Exception e) {
- hasNoError = false;
- }
- assertEquals(hasNoError, true);
- }
-
- @Test //TODO: Temporary fix AAF-111
- public void netYetTested() {
- Assert.assertTrue(true);
- }
+ @Test
+ public void detailedHelp() {
+ boolean hasNoError = true;
+ try {
+ lsUserWithPerm.detailedHelp(1, new StringBuilder("test"));
+ } catch (Exception e) {
+ hasNoError = false;
+ }
+ assertEquals(hasNoError, true);
+ }
+
+ @Test //TODO: Temporary fix AAF-111
+ public void netYetTested() {
+ Assert.assertTrue(true);
+ }
}
diff --git a/auth/auth-cmd/src/test/java/org/onap/aaf/auth/cmd/test/ns/JU_Owner.java b/auth/auth-cmd/src/test/java/org/onap/aaf/auth/cmd/test/ns/JU_Owner.java
index a03cb3ad..2b552b91 100644
--- a/auth/auth-cmd/src/test/java/org/onap/aaf/auth/cmd/test/ns/JU_Owner.java
+++ b/auth/auth-cmd/src/test/java/org/onap/aaf/auth/cmd/test/ns/JU_Owner.java
@@ -52,31 +52,31 @@ import org.junit.Test;
public class JU_Owner {
- private static Owner owner;
+ private static Owner owner;
- @BeforeClass
- public static void setUp() throws NoSuchFieldException, SecurityException, Exception, IllegalAccessException {
- AAFcli cli = JU_AAFCli.getAAfCli();
- NS ns = new NS(cli);
- owner = new Owner(ns);
- }
-
- @Test
- public void testExec() throws APIException, LocatorException, CadiException, URISyntaxException {
- String[] strArr = {"add","del","add","del"};
- //owner._exec(0, strArr);
+ @BeforeClass
+ public static void setUp() throws NoSuchFieldException, SecurityException, Exception, IllegalAccessException {
+ AAFcli cli = JU_AAFCli.getAAfCli();
+ NS ns = new NS(cli);
+ owner = new Owner(ns);
+ }
+
+ @Test
+ public void testExec() throws APIException, LocatorException, CadiException, URISyntaxException {
+ String[] strArr = {"add","del","add","del"};
+ //owner._exec(0, strArr);
- }
-
- @Test
- public void detailedHelp() {
- boolean hasNoError = true;
- try {
- owner.detailedHelp(1, new StringBuilder("test"));
- } catch (Exception e) {
- hasNoError = false;
- }
- assertEquals(hasNoError, true);
- }
+ }
+
+ @Test
+ public void detailedHelp() {
+ boolean hasNoError = true;
+ try {
+ owner.detailedHelp(1, new StringBuilder("test"));
+ } catch (Exception e) {
+ hasNoError = false;
+ }
+ assertEquals(hasNoError, true);
+ }
}
diff --git a/auth/auth-cmd/src/test/java/org/onap/aaf/auth/cmd/test/ns/JU_Responsible.java b/auth/auth-cmd/src/test/java/org/onap/aaf/auth/cmd/test/ns/JU_Responsible.java
index 4c1cdc6f..9229ba2c 100644
--- a/auth/auth-cmd/src/test/java/org/onap/aaf/auth/cmd/test/ns/JU_Responsible.java
+++ b/auth/auth-cmd/src/test/java/org/onap/aaf/auth/cmd/test/ns/JU_Responsible.java
@@ -37,39 +37,39 @@ import org.onap.aaf.misc.env.APIException;
public class JU_Responsible {
-// private static Responsible responsible;//TODO: Gabe[JUnit] check with Jonathan
+// private static Responsible responsible;//TODO: Gabe[JUnit] check with Jonathan
//
-// @BeforeClass
-// public static void setUp() throws APIException, LocatorException, GeneralSecurityException, IOException {
-// AAFcli cli = JU_AAFCli.getAAfCli();
-// NS ns = new NS(cli);
-// responsible = new Responsible(ns);
+// @BeforeClass
+// public static void setUp() throws APIException, LocatorException, GeneralSecurityException, IOException {
+// AAFcli cli = JU_AAFCli.getAAfCli();
+// NS ns = new NS(cli);
+// responsible = new Responsible(ns);
//
-// }
+// }
//
-// @Test
-// public void exec1() {
-// try {
-// responsible._exec(0, "del", "del", "del");
-// } catch (Exception e) {
-// assertEquals(e.getMessage(), "java.net.UnknownHostException: DME2RESOLVE");
-// }
-// }
+// @Test
+// public void exec1() {
+// try {
+// responsible._exec(0, "del", "del", "del");
+// } catch (Exception e) {
+// assertEquals(e.getMessage(), "java.net.UnknownHostException: DME2RESOLVE");
+// }
+// }
//
-// @Test
-// public void detailedHelp() {
-// boolean hasNoError = true;
-// try {
-// responsible.detailedHelp(1, new StringBuilder("test"));
-// } catch (Exception e) {
-// hasNoError = false;
-// }
-// assertEquals(hasNoError, true);
-// }
-
- @Test
- public void netYetTested() {
- Assert.assertTrue(true);
- }
+// @Test
+// public void detailedHelp() {
+// boolean hasNoError = true;
+// try {
+// responsible.detailedHelp(1, new StringBuilder("test"));
+// } catch (Exception e) {
+// hasNoError = false;
+// }
+// assertEquals(hasNoError, true);
+// }
+
+ @Test
+ public void netYetTested() {
+ Assert.assertTrue(true);
+ }
}
diff --git a/auth/auth-cmd/src/test/java/org/onap/aaf/auth/cmd/test/perm/JU_Create.java b/auth/auth-cmd/src/test/java/org/onap/aaf/auth/cmd/test/perm/JU_Create.java
index 41295c79..bfd0ad6d 100644
--- a/auth/auth-cmd/src/test/java/org/onap/aaf/auth/cmd/test/perm/JU_Create.java
+++ b/auth/auth-cmd/src/test/java/org/onap/aaf/auth/cmd/test/perm/JU_Create.java
@@ -56,60 +56,60 @@ import org.onap.aaf.misc.env.APIException;
@RunWith(MockitoJUnitRunner.class)
public class JU_Create {
- @Mock private SecuritySetter<HttpURLConnection> ssMock;
- @Mock private Locator<URI> locMock;
- @Mock private Writer wrtMock;
- @Mock private Rcli<HttpURLConnection> clientMock;
- @Mock private Future<String> futureMock;
-
- private static Create create;
+ @Mock private SecuritySetter<HttpURLConnection> ssMock;
+ @Mock private Locator<URI> locMock;
+ @Mock private Writer wrtMock;
+ @Mock private Rcli<HttpURLConnection> clientMock;
+ @Mock private Future<String> futureMock;
+
+ private static Create create;
- private NS ns;
- private PropAccess access;
- private HMangrStub hman;
- private AuthzEnv aEnv;
- private AAFcli aafcli;
-
- @Before
- public void setUp () throws NoSuchFieldException, SecurityException, Exception, IllegalAccessException {
- MockitoAnnotations.initMocks(this);
-
- when(clientMock.create(any(), any(), any(String.class))).thenReturn(futureMock);
- when(clientMock.delete(any(), any(), any(String.class))).thenReturn(futureMock);
- when(clientMock.update(any(), any(), any(String.class))).thenReturn(futureMock);
+ private NS ns;
+ private PropAccess access;
+ private HMangrStub hman;
+ private AuthzEnv aEnv;
+ private AAFcli aafcli;
+
+ @Before
+ public void setUp () throws NoSuchFieldException, SecurityException, Exception, IllegalAccessException {
+ MockitoAnnotations.initMocks(this);
+
+ when(clientMock.create(any(), any(), any(String.class))).thenReturn(futureMock);
+ when(clientMock.delete(any(), any(), any(String.class))).thenReturn(futureMock);
+ when(clientMock.update(any(), any(), any(String.class))).thenReturn(futureMock);
- hman = new HMangrStub(access, locMock, clientMock);
- access = new PropAccess(new PrintStream(new ByteArrayOutputStream()), new String[0]);
- aEnv = new AuthzEnv();
- aafcli = new AAFcli(access, aEnv, wrtMock, hman, null, ssMock);
-
- ns = new NS(aafcli);
+ hman = new HMangrStub(access, locMock, clientMock);
+ access = new PropAccess(new PrintStream(new ByteArrayOutputStream()), new String[0]);
+ aEnv = new AuthzEnv();
+ aafcli = new AAFcli(access, aEnv, wrtMock, hman, null, ssMock);
+
+ ns = new NS(aafcli);
- create = new Create(ns);
- }
-
- @Test
- public void testError() throws APIException, LocatorException, CadiException, URISyntaxException {
- create._exec(0, new String[] {"grant","ungrant","setTo","grant","ungrant","setTo"});
- create._exec(4, new String[] {"grant","ungrant","setTo","grant","ungrant","setTo"});
- }
-
- @Test
- public void testSuccess1() throws APIException, LocatorException, CadiException, URISyntaxException {
- when(futureMock.code()).thenReturn(202);
- create._exec(0, new String[] {"grant","ungrant","setTo","grant","ungrant","setTo"});
- }
+ create = new Create(ns);
+ }
+
+ @Test
+ public void testError() throws APIException, LocatorException, CadiException, URISyntaxException {
+ create._exec(0, new String[] {"grant","ungrant","setTo","grant","ungrant","setTo"});
+ create._exec(4, new String[] {"grant","ungrant","setTo","grant","ungrant","setTo"});
+ }
+
+ @Test
+ public void testSuccess1() throws APIException, LocatorException, CadiException, URISyntaxException {
+ when(futureMock.code()).thenReturn(202);
+ create._exec(0, new String[] {"grant","ungrant","setTo","grant","ungrant","setTo"});
+ }
- @Test
- public void testSuccess2() throws APIException, LocatorException, CadiException, URISyntaxException {
- when(futureMock.get(any(Integer.class))).thenReturn(true);
- create._exec(0, new String[] {"grant","ungrant","setTo","grant","ungrant","setTo"});
- }
-
- @Test
- public void testDetailedHelp() {
- StringBuilder sb = new StringBuilder();
- create.detailedHelp(0, sb);
- }
-
+ @Test
+ public void testSuccess2() throws APIException, LocatorException, CadiException, URISyntaxException {
+ when(futureMock.get(any(Integer.class))).thenReturn(true);
+ create._exec(0, new String[] {"grant","ungrant","setTo","grant","ungrant","setTo"});
+ }
+
+ @Test
+ public void testDetailedHelp() {
+ StringBuilder sb = new StringBuilder();
+ create.detailedHelp(0, sb);
+ }
+
} \ No newline at end of file
diff --git a/auth/auth-cmd/src/test/java/org/onap/aaf/auth/cmd/test/perm/JU_Delete.java b/auth/auth-cmd/src/test/java/org/onap/aaf/auth/cmd/test/perm/JU_Delete.java
index 19cacedb..e504b765 100644
--- a/auth/auth-cmd/src/test/java/org/onap/aaf/auth/cmd/test/perm/JU_Delete.java
+++ b/auth/auth-cmd/src/test/java/org/onap/aaf/auth/cmd/test/perm/JU_Delete.java
@@ -57,60 +57,60 @@ import org.onap.aaf.misc.env.APIException;
@RunWith(MockitoJUnitRunner.class)
public class JU_Delete {
-
- @Mock private SecuritySetter<HttpURLConnection> ssMock;
- @Mock private Locator<URI> locMock;
- @Mock private Writer wrtMock;
- @Mock private Rcli<HttpURLConnection> clientMock;
- @Mock private Future<String> futureMock;
+
+ @Mock private SecuritySetter<HttpURLConnection> ssMock;
+ @Mock private Locator<URI> locMock;
+ @Mock private Writer wrtMock;
+ @Mock private Rcli<HttpURLConnection> clientMock;
+ @Mock private Future<String> futureMock;
- private static Delete del;
-
- private PropAccess access;
- private HMangrStub hman;
- private AuthzEnv aEnv;
- private AAFcli aafcli;
-
- @Before
- public void setUp() throws NoSuchFieldException, SecurityException, Exception, IllegalAccessException {
- MockitoAnnotations.initMocks(this);
+ private static Delete del;
+
+ private PropAccess access;
+ private HMangrStub hman;
+ private AuthzEnv aEnv;
+ private AAFcli aafcli;
+
+ @Before
+ public void setUp() throws NoSuchFieldException, SecurityException, Exception, IllegalAccessException {
+ MockitoAnnotations.initMocks(this);
- when(clientMock.create(any(), any(), any(String.class))).thenReturn(futureMock);
- when(clientMock.delete(any(), any(), any(String.class))).thenReturn(futureMock);
- when(clientMock.update(any(), any(), any(String.class))).thenReturn(futureMock);
+ when(clientMock.create(any(), any(), any(String.class))).thenReturn(futureMock);
+ when(clientMock.delete(any(), any(), any(String.class))).thenReturn(futureMock);
+ when(clientMock.update(any(), any(), any(String.class))).thenReturn(futureMock);
- hman = new HMangrStub(access, locMock, clientMock);
- access = new PropAccess(new PrintStream(new ByteArrayOutputStream()), new String[0]);
- aEnv = new AuthzEnv();
- aafcli = new AAFcli(access, aEnv, wrtMock, hman, null, ssMock);
+ hman = new HMangrStub(access, locMock, clientMock);
+ access = new PropAccess(new PrintStream(new ByteArrayOutputStream()), new String[0]);
+ aEnv = new AuthzEnv();
+ aafcli = new AAFcli(access, aEnv, wrtMock, hman, null, ssMock);
- Role role = new Role(aafcli);
- Perm perm = new Perm(role);
+ Role role = new Role(aafcli);
+ Perm perm = new Perm(role);
- del = new Delete(perm);
- }
-
- @Test
- public void testExecError() throws APIException, LocatorException, CadiException, URISyntaxException {
- del._exec(0, new String[] {"grant","ungrant","setTo","grant","ungrant","setTo"});
- }
+ del = new Delete(perm);
+ }
+
+ @Test
+ public void testExecError() throws APIException, LocatorException, CadiException, URISyntaxException {
+ del._exec(0, new String[] {"grant","ungrant","setTo","grant","ungrant","setTo"});
+ }
- @Test
- public void testExecSuccess1() throws APIException, LocatorException, CadiException, URISyntaxException {
- when(futureMock.code()).thenReturn(202);
- del._exec(0, new String[] {"grant","ungrant","setTo","grant","ungrant","setTo"});
- }
-
- @Test
- public void testExecSuccess2() throws APIException, LocatorException, CadiException, URISyntaxException {
- when(futureMock.get(any(Integer.class))).thenReturn(true);
- del._exec(0, new String[] {"grant","ungrant","setTo","grant","ungrant","setTo"});
- }
-
- @Test
- public void testDetailedHelp() {
- StringBuilder sb = new StringBuilder();
- del.detailedHelp(0, sb);
- }
-
+ @Test
+ public void testExecSuccess1() throws APIException, LocatorException, CadiException, URISyntaxException {
+ when(futureMock.code()).thenReturn(202);
+ del._exec(0, new String[] {"grant","ungrant","setTo","grant","ungrant","setTo"});
+ }
+
+ @Test
+ public void testExecSuccess2() throws APIException, LocatorException, CadiException, URISyntaxException {
+ when(futureMock.get(any(Integer.class))).thenReturn(true);
+ del._exec(0, new String[] {"grant","ungrant","setTo","grant","ungrant","setTo"});
+ }
+
+ @Test
+ public void testDetailedHelp() {
+ StringBuilder sb = new StringBuilder();
+ del.detailedHelp(0, sb);
+ }
+
} \ No newline at end of file
diff --git a/auth/auth-cmd/src/test/java/org/onap/aaf/auth/cmd/test/perm/JU_Describe.java b/auth/auth-cmd/src/test/java/org/onap/aaf/auth/cmd/test/perm/JU_Describe.java
index 9a5fc734..4d3b36d0 100644
--- a/auth/auth-cmd/src/test/java/org/onap/aaf/auth/cmd/test/perm/JU_Describe.java
+++ b/auth/auth-cmd/src/test/java/org/onap/aaf/auth/cmd/test/perm/JU_Describe.java
@@ -57,58 +57,58 @@ import org.onap.aaf.auth.cmd.test.HMangrStub;
@RunWith(MockitoJUnitRunner.class)
public class JU_Describe {
- @Mock private SecuritySetter<HttpURLConnection> ssMock;
- @Mock private Locator<URI> locMock;
- @Mock private Writer wrtMock;
- @Mock private Rcli<HttpURLConnection> clientMock;
- @Mock private Future<String> futureMock;
+ @Mock private SecuritySetter<HttpURLConnection> ssMock;
+ @Mock private Locator<URI> locMock;
+ @Mock private Writer wrtMock;
+ @Mock private Rcli<HttpURLConnection> clientMock;
+ @Mock private Future<String> futureMock;
- private PropAccess access;
- private HMangrStub hman;
- private AuthzEnv aEnv;
- private AAFcli aafcli;
-
- private Describe desc;
-
- @Before
- public void setUp () throws NoSuchFieldException, SecurityException, Exception, IllegalAccessException {
- MockitoAnnotations.initMocks(this);
+ private PropAccess access;
+ private HMangrStub hman;
+ private AuthzEnv aEnv;
+ private AAFcli aafcli;
+
+ private Describe desc;
+
+ @Before
+ public void setUp () throws NoSuchFieldException, SecurityException, Exception, IllegalAccessException {
+ MockitoAnnotations.initMocks(this);
- when(clientMock.create(any(), any(), any(String.class))).thenReturn(futureMock);
- when(clientMock.delete(any(), any(), any(String.class))).thenReturn(futureMock);
- when(clientMock.update(any(), any(), any(String.class))).thenReturn(futureMock);
+ when(clientMock.create(any(), any(), any(String.class))).thenReturn(futureMock);
+ when(clientMock.delete(any(), any(), any(String.class))).thenReturn(futureMock);
+ when(clientMock.update(any(), any(), any(String.class))).thenReturn(futureMock);
- hman = new HMangrStub(access, locMock, clientMock);
- access = new PropAccess(new PrintStream(new ByteArrayOutputStream()), new String[0]);
- aEnv = new AuthzEnv();
- aafcli = new AAFcli(access, aEnv, wrtMock, hman, null, ssMock);
+ hman = new HMangrStub(access, locMock, clientMock);
+ access = new PropAccess(new PrintStream(new ByteArrayOutputStream()), new String[0]);
+ aEnv = new AuthzEnv();
+ aafcli = new AAFcli(access, aEnv, wrtMock, hman, null, ssMock);
- Role role = new Role(aafcli);
- Perm perm = new Perm(role);
+ Role role = new Role(aafcli);
+ Perm perm = new Perm(role);
- desc = new Describe(perm);
- }
-
- @Test
- public void testExecError() throws APIException, LocatorException, CadiException, URISyntaxException {
- desc._exec(0, new String[] {"grant","ungrant","setTo","grant","ungrant","setTo"});
- }
-
- @Test
- public void testExecSuccess1() throws APIException, LocatorException, CadiException, URISyntaxException {
- when(futureMock.code()).thenReturn(202);
- desc._exec(0, new String[] {"grant","ungrant","setTo","grant","ungrant","setTo"});
- }
-
- @Test
- public void testExecSuccess2() throws APIException, LocatorException, CadiException, URISyntaxException {
- when(futureMock.get(any(Integer.class))).thenReturn(true);
- desc._exec(0, new String[] {"grant","ungrant","setTo","grant","ungrant","setTo"});
- }
-
- @Test
- public void testDetailedHelp() {
- StringBuilder sb = new StringBuilder();
- desc.detailedHelp(0, sb);
- }
+ desc = new Describe(perm);
+ }
+
+ @Test
+ public void testExecError() throws APIException, LocatorException, CadiException, URISyntaxException {
+ desc._exec(0, new String[] {"grant","ungrant","setTo","grant","ungrant","setTo"});
+ }
+
+ @Test
+ public void testExecSuccess1() throws APIException, LocatorException, CadiException, URISyntaxException {
+ when(futureMock.code()).thenReturn(202);
+ desc._exec(0, new String[] {"grant","ungrant","setTo","grant","ungrant","setTo"});
+ }
+
+ @Test
+ public void testExecSuccess2() throws APIException, LocatorException, CadiException, URISyntaxException {
+ when(futureMock.get(any(Integer.class))).thenReturn(true);
+ desc._exec(0, new String[] {"grant","ungrant","setTo","grant","ungrant","setTo"});
+ }
+
+ @Test
+ public void testDetailedHelp() {
+ StringBuilder sb = new StringBuilder();
+ desc.detailedHelp(0, sb);
+ }
}
diff --git a/auth/auth-cmd/src/test/java/org/onap/aaf/auth/cmd/test/perm/JU_Grant.java b/auth/auth-cmd/src/test/java/org/onap/aaf/auth/cmd/test/perm/JU_Grant.java
index 975b83d2..a85b1aa6 100644
--- a/auth/auth-cmd/src/test/java/org/onap/aaf/auth/cmd/test/perm/JU_Grant.java
+++ b/auth/auth-cmd/src/test/java/org/onap/aaf/auth/cmd/test/perm/JU_Grant.java
@@ -56,76 +56,76 @@ import org.onap.aaf.auth.cmd.test.HMangrStub;
@RunWith(MockitoJUnitRunner.class)
public class JU_Grant {
-
- private static Grant grant;
+
+ private static Grant grant;
- @Mock private SecuritySetter<HttpURLConnection> ssMock;
- @Mock private Locator<URI> locMock;
- @Mock private Writer wrtMock;
- @Mock private Rcli<HttpURLConnection> clientMock;
- @Mock private Future<String> futureMock;
+ @Mock private SecuritySetter<HttpURLConnection> ssMock;
+ @Mock private Locator<URI> locMock;
+ @Mock private Writer wrtMock;
+ @Mock private Rcli<HttpURLConnection> clientMock;
+ @Mock private Future<String> futureMock;
- private PropAccess access;
- private HMangrStub hman;
- private AuthzEnv aEnv;
- private AAFcli aafcli;
-
- @Before
- public void setUp () throws NoSuchFieldException, SecurityException, Exception, IllegalAccessException {
- MockitoAnnotations.initMocks(this);
+ private PropAccess access;
+ private HMangrStub hman;
+ private AuthzEnv aEnv;
+ private AAFcli aafcli;
+
+ @Before
+ public void setUp () throws NoSuchFieldException, SecurityException, Exception, IllegalAccessException {
+ MockitoAnnotations.initMocks(this);
- when(clientMock.create(any(), any(), any(String.class))).thenReturn(futureMock);
- when(clientMock.delete(any(), any(), any(String.class))).thenReturn(futureMock);
- when(clientMock.update(any(), any(), any(String.class))).thenReturn(futureMock);
+ when(clientMock.create(any(), any(), any(String.class))).thenReturn(futureMock);
+ when(clientMock.delete(any(), any(), any(String.class))).thenReturn(futureMock);
+ when(clientMock.update(any(), any(), any(String.class))).thenReturn(futureMock);
- hman = new HMangrStub(access, locMock, clientMock);
- access = new PropAccess(new PrintStream(new ByteArrayOutputStream()), new String[0]);
- aEnv = new AuthzEnv();
- aafcli = new AAFcli(access, aEnv, wrtMock, hman, null, ssMock);
+ hman = new HMangrStub(access, locMock, clientMock);
+ access = new PropAccess(new PrintStream(new ByteArrayOutputStream()), new String[0]);
+ aEnv = new AuthzEnv();
+ aafcli = new AAFcli(access, aEnv, wrtMock, hman, null, ssMock);
- Role role = new Role(aafcli);
- Perm perm = new Perm(role);
+ Role role = new Role(aafcli);
+ Perm perm = new Perm(role);
- grant = new Grant(perm);
- }
+ grant = new Grant(perm);
+ }
- @Test
- public void testExecError() throws APIException, LocatorException, CadiException, URISyntaxException {
- grant._exec(0, new String[] {"grant","ungrant","setTo","grant","ungrant","setTo"});
- }
-
- @Test
- public void testExecSuccess1() throws APIException, LocatorException, CadiException, URISyntaxException {
- when(futureMock.code()).thenReturn(202);
- grant._exec(0, new String[] {"grant","ungrant","setTo","grant","ungrant","setTo"});
- grant._exec(1, new String[] {"grant","ungrant","setTo","grant","ungrant","setTo"});
- }
-
- @Test
- public void testExecSuccess2() throws APIException, LocatorException, CadiException, URISyntaxException {
- when(futureMock.get(any(Integer.class))).thenReturn(true);
- grant._exec(0, new String[] {"grant","ungrant","setTo","grant","ungrant","setTo"});
- }
-
- @Test
- public void testExecSetToError() throws APIException, LocatorException, CadiException, URISyntaxException {
- grant._exec(2, new String[] {"grant","ungrant","setTo","grant","ungrant","setTo"});
- }
-
- @Test
- public void testExecSetToSuccess1() throws APIException, LocatorException, CadiException, URISyntaxException {
- when(futureMock.get(any(Integer.class))).thenReturn(true);
- grant._exec(2, new String[] {"grant","ungrant","setTo","grant","ungrant","setTo"});
- }
-
- @Test
- public void testExecSetToSuccess2() throws APIException, LocatorException, CadiException, URISyntaxException {
- grant._exec(2, new String[] {"grant","ungrant","setTo","grant","ungrant","setTo","another"});
- }
-
- @Test
- public void testDetailedHelp() {
- StringBuilder sb = new StringBuilder();
- grant.detailedHelp(0, sb);
- }
+ @Test
+ public void testExecError() throws APIException, LocatorException, CadiException, URISyntaxException {
+ grant._exec(0, new String[] {"grant","ungrant","setTo","grant","ungrant","setTo"});
+ }
+
+ @Test
+ public void testExecSuccess1() throws APIException, LocatorException, CadiException, URISyntaxException {
+ when(futureMock.code()).thenReturn(202);
+ grant._exec(0, new String[] {"grant","ungrant","setTo","grant","ungrant","setTo"});
+ grant._exec(1, new String[] {"grant","ungrant","setTo","grant","ungrant","setTo"});
+ }
+
+ @Test
+ public void testExecSuccess2() throws APIException, LocatorException, CadiException, URISyntaxException {
+ when(futureMock.get(any(Integer.class))).thenReturn(true);
+ grant._exec(0, new String[] {"grant","ungrant","setTo","grant","ungrant","setTo"});
+ }
+
+ @Test
+ public void testExecSetToError() throws APIException, LocatorException, CadiException, URISyntaxException {
+ grant._exec(2, new String[] {"grant","ungrant","setTo","grant","ungrant","setTo"});
+ }
+
+ @Test
+ public void testExecSetToSuccess1() throws APIException, LocatorException, CadiException, URISyntaxException {
+ when(futureMock.get(any(Integer.class))).thenReturn(true);
+ grant._exec(2, new String[] {"grant","ungrant","setTo","grant","ungrant","setTo"});
+ }
+
+ @Test
+ public void testExecSetToSuccess2() throws APIException, LocatorException, CadiException, URISyntaxException {
+ grant._exec(2, new String[] {"grant","ungrant","setTo","grant","ungrant","setTo","another"});
+ }
+
+ @Test
+ public void testDetailedHelp() {
+ StringBuilder sb = new StringBuilder();
+ grant.detailedHelp(0, sb);
+ }
}
diff --git a/auth/auth-cmd/src/test/java/org/onap/aaf/auth/cmd/test/perm/JU_ListActivity.java b/auth/auth-cmd/src/test/java/org/onap/aaf/auth/cmd/test/perm/JU_ListActivity.java
index 16bd3f9c..1f691768 100644
--- a/auth/auth-cmd/src/test/java/org/onap/aaf/auth/cmd/test/perm/JU_ListActivity.java
+++ b/auth/auth-cmd/src/test/java/org/onap/aaf/auth/cmd/test/perm/JU_ListActivity.java
@@ -57,48 +57,48 @@ import org.onap.aaf.misc.env.APIException;
@RunWith(MockitoJUnitRunner.class)
public class JU_ListActivity {
-
- private static ListActivity lsActivity;
- PropAccess prop;
- AuthzEnv aEnv;
- Writer wtr;
- Locator<URI> loc;
- HMangr hman;
- AAFcli aafcli;
-
- @Before
- public void setUp () throws NoSuchFieldException, SecurityException, Exception, IllegalAccessException {
- prop = new PropAccess();
- aEnv = new AuthzEnv();
- wtr = mock(Writer.class);
- loc = mock(Locator.class);
- SecuritySetter<HttpURLConnection> secSet = mock(SecuritySetter.class);
- hman = new HMangr(aEnv, loc);
- aafcli = new AAFcli(prop, aEnv, wtr, hman, null, secSet);
- Role role = new Role(aafcli);
- Perm perm = new Perm(role);
- List ls = new List(perm);
- lsActivity = new ListActivity(ls);
- }
-
- @Test
- public void testExec() throws APIException, LocatorException, CadiException, URISyntaxException {
- Item value = mock(Item.class);
- Locator.Item item = new Locator.Item() {
- };
- when(loc.best()).thenReturn(value);
- URI uri = new URI("http://www.oracle.com/technetwork/java/index.html");
- when(loc.get(value)).thenReturn(uri);
- SecuritySetter<HttpURLConnection> secSet = mock(SecuritySetter.class);
- HRcli hcli = new HRcli(hman, uri, item, secSet);
- String[] strArr = {"grant","ungrant","setTo","grant","ungrant","setTo"};
- //lsActivity._exec(0, strArr);
+
+ private static ListActivity lsActivity;
+ PropAccess prop;
+ AuthzEnv aEnv;
+ Writer wtr;
+ Locator<URI> loc;
+ HMangr hman;
+ AAFcli aafcli;
+
+ @Before
+ public void setUp () throws NoSuchFieldException, SecurityException, Exception, IllegalAccessException {
+ prop = new PropAccess();
+ aEnv = new AuthzEnv();
+ wtr = mock(Writer.class);
+ loc = mock(Locator.class);
+ SecuritySetter<HttpURLConnection> secSet = mock(SecuritySetter.class);
+ hman = new HMangr(aEnv, loc);
+ aafcli = new AAFcli(prop, aEnv, wtr, hman, null, secSet);
+ Role role = new Role(aafcli);
+ Perm perm = new Perm(role);
+ List ls = new List(perm);
+ lsActivity = new ListActivity(ls);
+ }
+
+ @Test
+ public void testExec() throws APIException, LocatorException, CadiException, URISyntaxException {
+ Item value = mock(Item.class);
+ Locator.Item item = new Locator.Item() {
+ };
+ when(loc.best()).thenReturn(value);
+ URI uri = new URI("http://www.oracle.com/technetwork/java/index.html");
+ when(loc.get(value)).thenReturn(uri);
+ SecuritySetter<HttpURLConnection> secSet = mock(SecuritySetter.class);
+ HRcli hcli = new HRcli(hman, uri, item, secSet);
+ String[] strArr = {"grant","ungrant","setTo","grant","ungrant","setTo"};
+ //lsActivity._exec(0, strArr);
- }
-
- @Test
- public void testDetailedHelp() {
- StringBuilder sb = new StringBuilder();
- lsActivity.detailedHelp(0, sb);
- }
+ }
+
+ @Test
+ public void testDetailedHelp() {
+ StringBuilder sb = new StringBuilder();
+ lsActivity.detailedHelp(0, sb);
+ }
}
diff --git a/auth/auth-cmd/src/test/java/org/onap/aaf/auth/cmd/test/perm/JU_ListByNS.java b/auth/auth-cmd/src/test/java/org/onap/aaf/auth/cmd/test/perm/JU_ListByNS.java
index e8f34f38..ee367541 100644
--- a/auth/auth-cmd/src/test/java/org/onap/aaf/auth/cmd/test/perm/JU_ListByNS.java
+++ b/auth/auth-cmd/src/test/java/org/onap/aaf/auth/cmd/test/perm/JU_ListByNS.java
@@ -41,37 +41,37 @@ import org.onap.aaf.misc.env.APIException;
@RunWith(MockitoJUnitRunner.class)
public class JU_ListByNS {
-
- private static ListByNS lsByNS;
-
- @BeforeClass
- public static void setUp () throws NoSuchFieldException, SecurityException, Exception, IllegalAccessException {
- AAFcli cli = JU_AAFCli.getAAfCli();
- Role role = new Role(cli);
- Perm perm = new Perm(role);
- List ls = new List(perm);
- lsByNS = new ListByNS(ls);
- }
-
-// @Test
-// public void exec() {
-// try {
-// assertEquals(lsByNS._exec(0, "add","del","reset","extend"),500);
-// } catch (CadiException e) {
-// // TODO Auto-generated catch block
-// e.printStackTrace();
-// } catch (APIException e) {
-// // TODO Auto-generated catch block
-// e.printStackTrace();
-// } catch (LocatorException e) {
-// // TODO Auto-generated catch block
-// e.printStackTrace();
-// }
-// }
-
- @Test
- public void testDetailedHelp() {
- StringBuilder sb = new StringBuilder();
- lsByNS.detailedHelp(0, sb);
- }
+
+ private static ListByNS lsByNS;
+
+ @BeforeClass
+ public static void setUp () throws NoSuchFieldException, SecurityException, Exception, IllegalAccessException {
+ AAFcli cli = JU_AAFCli.getAAfCli();
+ Role role = new Role(cli);
+ Perm perm = new Perm(role);
+ List ls = new List(perm);
+ lsByNS = new ListByNS(ls);
+ }
+
+// @Test
+// public void exec() {
+// try {
+// assertEquals(lsByNS._exec(0, "add","del","reset","extend"),500);
+// } catch (CadiException e) {
+// // TODO Auto-generated catch block
+// e.printStackTrace();
+// } catch (APIException e) {
+// // TODO Auto-generated catch block
+// e.printStackTrace();
+// } catch (LocatorException e) {
+// // TODO Auto-generated catch block
+// e.printStackTrace();
+// }
+// }
+
+ @Test
+ public void testDetailedHelp() {
+ StringBuilder sb = new StringBuilder();
+ lsByNS.detailedHelp(0, sb);
+ }
}
diff --git a/auth/auth-cmd/src/test/java/org/onap/aaf/auth/cmd/test/perm/JU_ListByName.java b/auth/auth-cmd/src/test/java/org/onap/aaf/auth/cmd/test/perm/JU_ListByName.java
index fb845181..a6c3a895 100644
--- a/auth/auth-cmd/src/test/java/org/onap/aaf/auth/cmd/test/perm/JU_ListByName.java
+++ b/auth/auth-cmd/src/test/java/org/onap/aaf/auth/cmd/test/perm/JU_ListByName.java
@@ -57,48 +57,48 @@ import org.onap.aaf.misc.env.APIException;
@RunWith(MockitoJUnitRunner.class)
public class JU_ListByName {
-
- private static ListByName lsByName;
- PropAccess prop;
- AuthzEnv aEnv;
- Writer wtr;
- Locator<URI> loc;
- HMangr hman;
- AAFcli aafcli;
-
- @Before
- public void setUp () throws NoSuchFieldException, SecurityException, Exception, IllegalAccessException {
- prop = new PropAccess();
- aEnv = new AuthzEnv();
- wtr = mock(Writer.class);
- loc = mock(Locator.class);
- SecuritySetter<HttpURLConnection> secSet = mock(SecuritySetter.class);
- hman = new HMangr(aEnv, loc);
- aafcli = new AAFcli(prop, aEnv, wtr, hman, null, secSet);
- Role role = new Role(aafcli);
- Perm perm = new Perm(role);
- List ls = new List(perm);
- lsByName = new ListByName(ls);
- }
-
- @Test
- public void testExec() throws APIException, LocatorException, CadiException, URISyntaxException {
- Item value = mock(Item.class);
- Locator.Item item = new Locator.Item() {
- };
- when(loc.best()).thenReturn(value);
- URI uri = new URI("http://www.oracle.com/technetwork/java/index.html");
- when(loc.get(value)).thenReturn(uri);
- SecuritySetter<HttpURLConnection> secSet = mock(SecuritySetter.class);
- HRcli hcli = new HRcli(hman, uri, item, secSet);
- String[] strArr = {"List Child Permissions"};
- //lsByName._exec(0, strArr);
+
+ private static ListByName lsByName;
+ PropAccess prop;
+ AuthzEnv aEnv;
+ Writer wtr;
+ Locator<URI> loc;
+ HMangr hman;
+ AAFcli aafcli;
+
+ @Before
+ public void setUp () throws NoSuchFieldException, SecurityException, Exception, IllegalAccessException {
+ prop = new PropAccess();
+ aEnv = new AuthzEnv();
+ wtr = mock(Writer.class);
+ loc = mock(Locator.class);
+ SecuritySetter<HttpURLConnection> secSet = mock(SecuritySetter.class);
+ hman = new HMangr(aEnv, loc);
+ aafcli = new AAFcli(prop, aEnv, wtr, hman, null, secSet);
+ Role role = new Role(aafcli);
+ Perm perm = new Perm(role);
+ List ls = new List(perm);
+ lsByName = new ListByName(ls);
+ }
+
+ @Test
+ public void testExec() throws APIException, LocatorException, CadiException, URISyntaxException {
+ Item value = mock(Item.class);
+ Locator.Item item = new Locator.Item() {
+ };
+ when(loc.best()).thenReturn(value);
+ URI uri = new URI("http://www.oracle.com/technetwork/java/index.html");
+ when(loc.get(value)).thenReturn(uri);
+ SecuritySetter<HttpURLConnection> secSet = mock(SecuritySetter.class);
+ HRcli hcli = new HRcli(hman, uri, item, secSet);
+ String[] strArr = {"List Child Permissions"};
+ //lsByName._exec(0, strArr);
- }
-
- @Test
- public void testDetailedHelp() {
- StringBuilder sb = new StringBuilder();
- lsByName.detailedHelp(0, sb);
- }
+ }
+
+ @Test
+ public void testDetailedHelp() {
+ StringBuilder sb = new StringBuilder();
+ lsByName.detailedHelp(0, sb);
+ }
}
diff --git a/auth/auth-cmd/src/test/java/org/onap/aaf/auth/cmd/test/perm/JU_ListByRole.java b/auth/auth-cmd/src/test/java/org/onap/aaf/auth/cmd/test/perm/JU_ListByRole.java
index c9302aa2..ae61d267 100644
--- a/auth/auth-cmd/src/test/java/org/onap/aaf/auth/cmd/test/perm/JU_ListByRole.java
+++ b/auth/auth-cmd/src/test/java/org/onap/aaf/auth/cmd/test/perm/JU_ListByRole.java
@@ -41,37 +41,37 @@ import org.onap.aaf.misc.env.APIException;
@RunWith(MockitoJUnitRunner.class)
public class JU_ListByRole {
-
- private static ListByRole lsByRole;
-
- @BeforeClass
- public static void setUp () throws NoSuchFieldException, SecurityException, Exception, IllegalAccessException {
- AAFcli cli = JU_AAFCli.getAAfCli();
- Role role = new Role(cli);
- Perm perm = new Perm(role);
- List ls = new List(perm);
- lsByRole = new ListByRole(ls);
- }
-
-// @Test
-// public void exec() {
-// try {
-// assertEquals(lsByRole._exec(0, "add","del","reset","extend"),500);
-// } catch (CadiException e) {
-// // TODO Auto-generated catch block
-// e.printStackTrace();
-// } catch (APIException e) {
-// // TODO Auto-generated catch block
-// e.printStackTrace();
-// } catch (LocatorException e) {
-// // TODO Auto-generated catch block
-// e.printStackTrace();
-// }
-// }
-
- @Test
- public void testDetailedHelp() {
- StringBuilder sb = new StringBuilder();
- lsByRole.detailedHelp(0, sb);
- }
+
+ private static ListByRole lsByRole;
+
+ @BeforeClass
+ public static void setUp () throws NoSuchFieldException, SecurityException, Exception, IllegalAccessException {
+ AAFcli cli = JU_AAFCli.getAAfCli();
+ Role role = new Role(cli);
+ Perm perm = new Perm(role);
+ List ls = new List(perm);
+ lsByRole = new ListByRole(ls);
+ }
+
+// @Test
+// public void exec() {
+// try {
+// assertEquals(lsByRole._exec(0, "add","del","reset","extend"),500);
+// } catch (CadiException e) {
+// // TODO Auto-generated catch block
+// e.printStackTrace();
+// } catch (APIException e) {
+// // TODO Auto-generated catch block
+// e.printStackTrace();
+// } catch (LocatorException e) {
+// // TODO Auto-generated catch block
+// e.printStackTrace();
+// }
+// }
+
+ @Test
+ public void testDetailedHelp() {
+ StringBuilder sb = new StringBuilder();
+ lsByRole.detailedHelp(0, sb);
+ }
}
diff --git a/auth/auth-cmd/src/test/java/org/onap/aaf/auth/cmd/test/perm/JU_ListByUser.java b/auth/auth-cmd/src/test/java/org/onap/aaf/auth/cmd/test/perm/JU_ListByUser.java
index d220d397..5eafbf05 100644
--- a/auth/auth-cmd/src/test/java/org/onap/aaf/auth/cmd/test/perm/JU_ListByUser.java
+++ b/auth/auth-cmd/src/test/java/org/onap/aaf/auth/cmd/test/perm/JU_ListByUser.java
@@ -41,37 +41,37 @@ import org.onap.aaf.misc.env.APIException;
@RunWith(MockitoJUnitRunner.class)
public class JU_ListByUser {
-
- private static ListByUser lsByName;
-
- @BeforeClass
- public static void setUp () throws NoSuchFieldException, SecurityException, Exception, IllegalAccessException {
- AAFcli cli = JU_AAFCli.getAAfCli();
- Role role = new Role(cli);
- Perm perm = new Perm(role);
- List ls = new List(perm);
- lsByName = new ListByUser(ls);
- }
-
-// @Test
-// public void exec() {
-// try {
-// assertEquals(lsByName._exec(0, "add","del","reset","extend"),500);
-// } catch (CadiException e) {
-// // TODO Auto-generated catch block
-// e.printStackTrace();
-// } catch (APIException e) {
-// // TODO Auto-generated catch block
-// e.printStackTrace();
-// } catch (LocatorException e) {
-// // TODO Auto-generated catch block
-// e.printStackTrace();
-// }
-// }
-
- @Test
- public void testDetailedHelp() {
- StringBuilder sb = new StringBuilder();
- lsByName.detailedHelp(0, sb);
- }
+
+ private static ListByUser lsByName;
+
+ @BeforeClass
+ public static void setUp () throws NoSuchFieldException, SecurityException, Exception, IllegalAccessException {
+ AAFcli cli = JU_AAFCli.getAAfCli();
+ Role role = new Role(cli);
+ Perm perm = new Perm(role);
+ List ls = new List(perm);
+ lsByName = new ListByUser(ls);
+ }
+
+// @Test
+// public void exec() {
+// try {
+// assertEquals(lsByName._exec(0, "add","del","reset","extend"),500);
+// } catch (CadiException e) {
+// // TODO Auto-generated catch block
+// e.printStackTrace();
+// } catch (APIException e) {
+// // TODO Auto-generated catch block
+// e.printStackTrace();
+// } catch (LocatorException e) {
+// // TODO Auto-generated catch block
+// e.printStackTrace();
+// }
+// }
+
+ @Test
+ public void testDetailedHelp() {
+ StringBuilder sb = new StringBuilder();
+ lsByName.detailedHelp(0, sb);
+ }
}
diff --git a/auth/auth-cmd/src/test/java/org/onap/aaf/auth/cmd/test/perm/JU_Rename.java b/auth/auth-cmd/src/test/java/org/onap/aaf/auth/cmd/test/perm/JU_Rename.java
index b4d86edd..5503750e 100644
--- a/auth/auth-cmd/src/test/java/org/onap/aaf/auth/cmd/test/perm/JU_Rename.java
+++ b/auth/auth-cmd/src/test/java/org/onap/aaf/auth/cmd/test/perm/JU_Rename.java
@@ -56,47 +56,47 @@ import org.onap.aaf.misc.env.APIException;
@RunWith(MockitoJUnitRunner.class)
public class JU_Rename {
-
- private static Rename rename;
- PropAccess prop;
- AuthzEnv aEnv;
- Writer wtr;
- Locator<URI> loc;
- HMangr hman;
- AAFcli aafcli;
-
- @Before
- public void setUp () throws NoSuchFieldException, SecurityException, Exception, IllegalAccessException {
- prop = new PropAccess();
- aEnv = new AuthzEnv();
- wtr = mock(Writer.class);
- loc = mock(Locator.class);
- SecuritySetter<HttpURLConnection> secSet = mock(SecuritySetter.class);
- hman = new HMangr(aEnv, loc);
- aafcli = new AAFcli(prop, aEnv, wtr, hman, null, secSet);
- Role role = new Role(aafcli);
- Perm perm = new Perm(role);
- rename = new Rename(perm);
- }
-
- @Test
- public void testExec() throws APIException, LocatorException, CadiException, URISyntaxException {
- Item value = mock(Item.class);
- Locator.Item item = new Locator.Item() {
- };
- when(loc.best()).thenReturn(value);
- URI uri = new URI("http://www.oracle.com/technetwork/java/index.html");
- when(loc.get(value)).thenReturn(uri);
- SecuritySetter<HttpURLConnection> secSet = mock(SecuritySetter.class);
-// HRcli hcli = new HRcli(hman, uri, item, secSet);
-// String[] strArr = {"grant","ungrant","setTo","grant","ungrant","setTo"};
-// rename._exec(0, strArr);
-
- }
-
- @Test
- public void testDetailedHelp() {
- StringBuilder sb = new StringBuilder();
- rename.detailedHelp(0, sb);
- }
+
+ private static Rename rename;
+ PropAccess prop;
+ AuthzEnv aEnv;
+ Writer wtr;
+ Locator<URI> loc;
+ HMangr hman;
+ AAFcli aafcli;
+
+ @Before
+ public void setUp () throws NoSuchFieldException, SecurityException, Exception, IllegalAccessException {
+ prop = new PropAccess();
+ aEnv = new AuthzEnv();
+ wtr = mock(Writer.class);
+ loc = mock(Locator.class);
+ SecuritySetter<HttpURLConnection> secSet = mock(SecuritySetter.class);
+ hman = new HMangr(aEnv, loc);
+ aafcli = new AAFcli(prop, aEnv, wtr, hman, null, secSet);
+ Role role = new Role(aafcli);
+ Perm perm = new Perm(role);
+ rename = new Rename(perm);
+ }
+
+ @Test
+ public void testExec() throws APIException, LocatorException, CadiException, URISyntaxException {
+ Item value = mock(Item.class);
+ Locator.Item item = new Locator.Item() {
+ };
+ when(loc.best()).thenReturn(value);
+ URI uri = new URI("http://www.oracle.com/technetwork/java/index.html");
+ when(loc.get(value)).thenReturn(uri);
+ SecuritySetter<HttpURLConnection> secSet = mock(SecuritySetter.class);
+// HRcli hcli = new HRcli(hman, uri, item, secSet);
+// String[] strArr = {"grant","ungrant","setTo","grant","ungrant","setTo"};
+// rename._exec(0, strArr);
+
+ }
+
+ @Test
+ public void testDetailedHelp() {
+ StringBuilder sb = new StringBuilder();
+ rename.detailedHelp(0, sb);
+ }
}
diff --git a/auth/auth-cmd/src/test/java/org/onap/aaf/auth/cmd/test/role/JU_CreateDelete.java b/auth/auth-cmd/src/test/java/org/onap/aaf/auth/cmd/test/role/JU_CreateDelete.java
index bf2741e5..e2cd56d4 100644
--- a/auth/auth-cmd/src/test/java/org/onap/aaf/auth/cmd/test/role/JU_CreateDelete.java
+++ b/auth/auth-cmd/src/test/java/org/onap/aaf/auth/cmd/test/role/JU_CreateDelete.java
@@ -55,54 +55,54 @@ import org.onap.aaf.misc.env.APIException;
@RunWith(MockitoJUnitRunner.class)
public class JU_CreateDelete {
-
- private static CreateDelete createDel;
- PropAccess prop;
- AuthzEnv aEnv;
- Writer wtr;
- Locator<URI> loc;
- HMangr hman;
- AAFcli aafcli;
-
- @Before
- public void setUp () throws NoSuchFieldException, SecurityException, Exception, IllegalAccessException {
- prop = new PropAccess();
- aEnv = new AuthzEnv();
- wtr = mock(Writer.class);
- loc = mock(Locator.class);
- SecuritySetter<HttpURLConnection> secSet = mock(SecuritySetter.class);
- hman = new HMangr(aEnv, loc);
- aafcli = new AAFcli(prop, aEnv, wtr, hman, null, secSet);
- Role role = new Role(aafcli);
- createDel = new CreateDelete(role);
- }
-
- @Test
- public void testExec() throws APIException, LocatorException, CadiException, URISyntaxException {
- Item value = mock(Item.class);
- Locator.Item item = new Locator.Item() {
- };
- when(loc.best()).thenReturn(value);
- URI uri = new URI("http://www.oracle.com/technetwork/java/index.html");
- when(loc.get(value)).thenReturn(uri);
- SecuritySetter<HttpURLConnection> secSet = mock(SecuritySetter.class);
-// HRcli hcli = new HRcli(hman, uri, item, secSet);
-// String[] strArr = {"create","delete","create","delete"};
-// createDel._exec(0, strArr);
-//
-// String[] strArr1 = {"delete","create","delete"};
-// createDel._exec(0, strArr1);
-
- }
-
- @Test
- public void testDetailedHelp() {
- boolean hasNoError = true;
- try {
- createDel.detailedHelp(1, new StringBuilder("test"));
- } catch (Exception e) {
- hasNoError = false;
- }
- assertEquals(hasNoError, true);
- }
+
+ private static CreateDelete createDel;
+ PropAccess prop;
+ AuthzEnv aEnv;
+ Writer wtr;
+ Locator<URI> loc;
+ HMangr hman;
+ AAFcli aafcli;
+
+ @Before
+ public void setUp () throws NoSuchFieldException, SecurityException, Exception, IllegalAccessException {
+ prop = new PropAccess();
+ aEnv = new AuthzEnv();
+ wtr = mock(Writer.class);
+ loc = mock(Locator.class);
+ SecuritySetter<HttpURLConnection> secSet = mock(SecuritySetter.class);
+ hman = new HMangr(aEnv, loc);
+ aafcli = new AAFcli(prop, aEnv, wtr, hman, null, secSet);
+ Role role = new Role(aafcli);
+ createDel = new CreateDelete(role);
+ }
+
+ @Test
+ public void testExec() throws APIException, LocatorException, CadiException, URISyntaxException {
+ Item value = mock(Item.class);
+ Locator.Item item = new Locator.Item() {
+ };
+ when(loc.best()).thenReturn(value);
+ URI uri = new URI("http://www.oracle.com/technetwork/java/index.html");
+ when(loc.get(value)).thenReturn(uri);
+ SecuritySetter<HttpURLConnection> secSet = mock(SecuritySetter.class);
+// HRcli hcli = new HRcli(hman, uri, item, secSet);
+// String[] strArr = {"create","delete","create","delete"};
+// createDel._exec(0, strArr);
+//
+// String[] strArr1 = {"delete","create","delete"};
+// createDel._exec(0, strArr1);
+
+ }
+
+ @Test
+ public void testDetailedHelp() {
+ boolean hasNoError = true;
+ try {
+ createDel.detailedHelp(1, new StringBuilder("test"));
+ } catch (Exception e) {
+ hasNoError = false;
+ }
+ assertEquals(hasNoError, true);
+ }
}
diff --git a/auth/auth-cmd/src/test/java/org/onap/aaf/auth/cmd/test/role/JU_Describe.java b/auth/auth-cmd/src/test/java/org/onap/aaf/auth/cmd/test/role/JU_Describe.java
index 61236eee..8733ceac 100644
--- a/auth/auth-cmd/src/test/java/org/onap/aaf/auth/cmd/test/role/JU_Describe.java
+++ b/auth/auth-cmd/src/test/java/org/onap/aaf/auth/cmd/test/role/JU_Describe.java
@@ -49,51 +49,51 @@ import org.onap.aaf.misc.env.APIException;
@RunWith(MockitoJUnitRunner.class)
public class JU_Describe {
-
- private static Describe desc;
- PropAccess prop;
- AuthzEnv aEnv;
- Writer wtr;
- Locator<URI> loc;
- HMangr hman;
- AAFcli aafcli;
-
- @Before
- public void setUp () throws NoSuchFieldException, SecurityException, Exception, IllegalAccessException {
- prop = new PropAccess();
- aEnv = new AuthzEnv();
- wtr = mock(Writer.class);
- loc = mock(Locator.class);
- SecuritySetter<HttpURLConnection> secSet = mock(SecuritySetter.class);
- hman = new HMangr(aEnv, loc);
- aafcli = new AAFcli(prop, aEnv, wtr, hman, null, secSet);
- Role role = new Role(aafcli);
- desc = new Describe(role);
- }
-
- @Test
- public void testExec() throws APIException, LocatorException, CadiException, URISyntaxException {
- Item value = mock(Item.class);
- Locator.Item item = new Locator.Item() {
- };
- when(loc.best()).thenReturn(value);
- URI uri = new URI("http://www.oracle.com/technetwork/java/index.html");
- when(loc.get(value)).thenReturn(uri);
- SecuritySetter<HttpURLConnection> secSet = mock(SecuritySetter.class);
-// HRcli hcli = new HRcli(hman, uri, item, secSet);
-// String[] strArr = {"add","upd","del","add","upd","del"};
-// desc._exec(0, strArr);
-
- }
-
- @Test
- public void detailedHelp() {
- boolean hasNoError = true;
- try {
- desc.detailedHelp(1, new StringBuilder("test"));
- } catch (Exception e) {
- hasNoError = false;
- }
- assertEquals(hasNoError, true);
- }
+
+ private static Describe desc;
+ PropAccess prop;
+ AuthzEnv aEnv;
+ Writer wtr;
+ Locator<URI> loc;
+ HMangr hman;
+ AAFcli aafcli;
+
+ @Before
+ public void setUp () throws NoSuchFieldException, SecurityException, Exception, IllegalAccessException {
+ prop = new PropAccess();
+ aEnv = new AuthzEnv();
+ wtr = mock(Writer.class);
+ loc = mock(Locator.class);
+ SecuritySetter<HttpURLConnection> secSet = mock(SecuritySetter.class);
+ hman = new HMangr(aEnv, loc);
+ aafcli = new AAFcli(prop, aEnv, wtr, hman, null, secSet);
+ Role role = new Role(aafcli);
+ desc = new Describe(role);
+ }
+
+ @Test
+ public void testExec() throws APIException, LocatorException, CadiException, URISyntaxException {
+ Item value = mock(Item.class);
+ Locator.Item item = new Locator.Item() {
+ };
+ when(loc.best()).thenReturn(value);
+ URI uri = new URI("http://www.oracle.com/technetwork/java/index.html");
+ when(loc.get(value)).thenReturn(uri);
+ SecuritySetter<HttpURLConnection> secSet = mock(SecuritySetter.class);
+// HRcli hcli = new HRcli(hman, uri, item, secSet);
+// String[] strArr = {"add","upd","del","add","upd","del"};
+// desc._exec(0, strArr);
+
+ }
+
+ @Test
+ public void detailedHelp() {
+ boolean hasNoError = true;
+ try {
+ desc.detailedHelp(1, new StringBuilder("test"));
+ } catch (Exception e) {
+ hasNoError = false;
+ }
+ assertEquals(hasNoError, true);
+ }
}
diff --git a/auth/auth-cmd/src/test/java/org/onap/aaf/auth/cmd/test/role/JU_List.java b/auth/auth-cmd/src/test/java/org/onap/aaf/auth/cmd/test/role/JU_List.java
index 84b3caa9..ce5d74d0 100644
--- a/auth/auth-cmd/src/test/java/org/onap/aaf/auth/cmd/test/role/JU_List.java
+++ b/auth/auth-cmd/src/test/java/org/onap/aaf/auth/cmd/test/role/JU_List.java
@@ -65,97 +65,97 @@ import java.util.ArrayList;
import org.junit.Test;
public class JU_List {
-
- AAFcli cli;
- Role role;
- List list;
- PropAccess prop;
- AuthzEnv aEnv;
- Writer wtr;
- Locator<URI> loc;
- HMangr hman;
- AAFcli aafcli;
+
+ AAFcli cli;
+ Role role;
+ List list;
+ PropAccess prop;
+ AuthzEnv aEnv;
+ Writer wtr;
+ Locator<URI> loc;
+ HMangr hman;
+ AAFcli aafcli;
- private class ListRolesStub extends List {
+ private class ListRolesStub extends List {
- public ListRolesStub(Role parent) {
- super(parent);
- // TODO Auto-generated constructor stub
- }
- }
-
- private class RolesStub extends Roles {
- public void addRole(aaf.v2_0.Role role) {
- if (this.role == null) {
- this.role = new ArrayList<>();
- }
- this.role.add(role);
- }
- }
-
- private class RoleStub extends aaf.v2_0.Role {
-
- public void addPerms(Pkey perms) {
- if (this.perms == null) {
- this.perms = new ArrayList<>();
- }
- this.perms.add(perms);
- }
- }
-
- @Before
- public void setUp() throws APIException, LocatorException, GeneralSecurityException, IOException, CadiException{
- prop = new PropAccess();
- aEnv = new AuthzEnv();
- wtr = mock(Writer.class);
- loc = mock(Locator.class);
- SecuritySetter<HttpURLConnection> secSet = mock(SecuritySetter.class);
- hman = new HMangr(aEnv, loc);
- aafcli = new AAFcli(prop, aEnv, wtr, hman, null, secSet);
- role = new Role(aafcli);
- list = new List(role);
- }
-
- @Test
- public void testRoles() throws APIException, NoSuchMethodException, SecurityException, IllegalAccessException, IllegalArgumentException, InvocationTargetException {
- Role role = new Role(aafcli);
- ListRolesStub listStub = new ListRolesStub(role);
- Future future = mock(Future.class);
- Rcli rcli = mock(Rcli.class);
-
- Class c = listStub.getClass();
- Class[] cArg = new Class[3];
- cArg[0] = Future.class;
- cArg[1] = Rcli.class;
- cArg[2] = String.class;//Steps to test a protected method
- //Method listMethod = c.getDeclaredMethod("list", cArg);
- //listMethod.setAccessible(true);
- //listMethod.invoke(listStub, future, rcli, "test");
-
- }
-
- @Test
- public void testReport() throws Exception {
- UserRoles urs = new UserRoles();
- Perms perms = new Perms();
- RolesStub roles = new RolesStub();
- list.report(roles, perms , urs , "test");
- AAFcli cli = JU_AAFCli.getAAfCli();
- RoleStub role = new RoleStub();
- roles.addRole(role);
- Pkey pkey = new Pkey();
- pkey.setInstance("test");
- pkey.setAction("test");
- pkey.setInstance("test");
- pkey.setType("test");
- role.addPerms(pkey);
- list.report(roles, perms , null , "test");
- list.report(roles, perms , urs , "test");
-
- aafcli.eval("DETAILS @[ 123");
- role.setName("test");
+ public ListRolesStub(Role parent) {
+ super(parent);
+ // TODO Auto-generated constructor stub
+ }
+ }
+
+ private class RolesStub extends Roles {
+ public void addRole(aaf.v2_0.Role role) {
+ if (this.role == null) {
+ this.role = new ArrayList<>();
+ }
+ this.role.add(role);
+ }
+ }
+
+ private class RoleStub extends aaf.v2_0.Role {
+
+ public void addPerms(Pkey perms) {
+ if (this.perms == null) {
+ this.perms = new ArrayList<>();
+ }
+ this.perms.add(perms);
+ }
+ }
+
+ @Before
+ public void setUp() throws APIException, LocatorException, GeneralSecurityException, IOException, CadiException{
+ prop = new PropAccess();
+ aEnv = new AuthzEnv();
+ wtr = mock(Writer.class);
+ loc = mock(Locator.class);
+ SecuritySetter<HttpURLConnection> secSet = mock(SecuritySetter.class);
+ hman = new HMangr(aEnv, loc);
+ aafcli = new AAFcli(prop, aEnv, wtr, hman, null, secSet);
+ role = new Role(aafcli);
+ list = new List(role);
+ }
+
+ @Test
+ public void testRoles() throws APIException, NoSuchMethodException, SecurityException, IllegalAccessException, IllegalArgumentException, InvocationTargetException {
+ Role role = new Role(aafcli);
+ ListRolesStub listStub = new ListRolesStub(role);
+ Future future = mock(Future.class);
+ Rcli rcli = mock(Rcli.class);
+
+ Class c = listStub.getClass();
+ Class[] cArg = new Class[3];
+ cArg[0] = Future.class;
+ cArg[1] = Rcli.class;
+ cArg[2] = String.class;//Steps to test a protected method
+ //Method listMethod = c.getDeclaredMethod("list", cArg);
+ //listMethod.setAccessible(true);
+ //listMethod.invoke(listStub, future, rcli, "test");
+
+ }
+
+ @Test
+ public void testReport() throws Exception {
+ UserRoles urs = new UserRoles();
+ Perms perms = new Perms();
+ RolesStub roles = new RolesStub();
+ list.report(roles, perms , urs , "test");
+ AAFcli cli = JU_AAFCli.getAAfCli();
+ RoleStub role = new RoleStub();
+ roles.addRole(role);
+ Pkey pkey = new Pkey();
+ pkey.setInstance("test");
+ pkey.setAction("test");
+ pkey.setInstance("test");
+ pkey.setType("test");
+ role.addPerms(pkey);
+ list.report(roles, perms , null , "test");
+ list.report(roles, perms , urs , "test");
+
+ aafcli.eval("DETAILS @[ 123");
+ role.setName("test");
- list.report(roles, perms , urs , "test");
- }
+ list.report(roles, perms , urs , "test");
+ }
}
diff --git a/auth/auth-cmd/src/test/java/org/onap/aaf/auth/cmd/test/role/JU_ListActivity.java b/auth/auth-cmd/src/test/java/org/onap/aaf/auth/cmd/test/role/JU_ListActivity.java
index 4976f753..5c1a839e 100644
--- a/auth/auth-cmd/src/test/java/org/onap/aaf/auth/cmd/test/role/JU_ListActivity.java
+++ b/auth/auth-cmd/src/test/java/org/onap/aaf/auth/cmd/test/role/JU_ListActivity.java
@@ -56,52 +56,52 @@ import org.onap.aaf.misc.env.APIException;
@RunWith(MockitoJUnitRunner.class)
public class JU_ListActivity {
-
- private static ListActivity lsActivity;
- PropAccess prop;
- AuthzEnv aEnv;
- Writer wtr;
- Locator<URI> loc;
- HMangr hman;
- AAFcli aafcli;
-
- @Before
- public void setUp () throws NoSuchFieldException, SecurityException, Exception, IllegalAccessException {
- prop = new PropAccess();
- aEnv = new AuthzEnv();
- wtr = mock(Writer.class);
- loc = mock(Locator.class);
- SecuritySetter<HttpURLConnection> secSet = mock(SecuritySetter.class);
- hman = new HMangr(aEnv, loc);
- aafcli = new AAFcli(prop, aEnv, wtr, hman, null, secSet);
- Role role = new Role(aafcli);
- List ls = new List(role);
- lsActivity = new ListActivity(ls);
- }
-
- @Test
- public void testExec() throws APIException, LocatorException, CadiException, URISyntaxException {
- Item value = mock(Item.class);
- Locator.Item item = new Locator.Item() {
- };
- when(loc.best()).thenReturn(value);
- URI uri = new URI("http://www.oracle.com/technetwork/java/index.html");
- when(loc.get(value)).thenReturn(uri);
- SecuritySetter<HttpURLConnection> secSet = mock(SecuritySetter.class);
- HRcli hcli = new HRcli(hman, uri, item, secSet);
- String[] strArr = {"add","upd","del","add","upd","del"};
- //lsActivity._exec(0, strArr);
-
- }
-
- @Test
- public void detailedHelp() {
- boolean hasNoError = true;
- try {
- lsActivity.detailedHelp(1, new StringBuilder("test"));
- } catch (Exception e) {
- hasNoError = false;
- }
- assertEquals(hasNoError, true);
- }
+
+ private static ListActivity lsActivity;
+ PropAccess prop;
+ AuthzEnv aEnv;
+ Writer wtr;
+ Locator<URI> loc;
+ HMangr hman;
+ AAFcli aafcli;
+
+ @Before
+ public void setUp () throws NoSuchFieldException, SecurityException, Exception, IllegalAccessException {
+ prop = new PropAccess();
+ aEnv = new AuthzEnv();
+ wtr = mock(Writer.class);
+ loc = mock(Locator.class);
+ SecuritySetter<HttpURLConnection> secSet = mock(SecuritySetter.class);
+ hman = new HMangr(aEnv, loc);
+ aafcli = new AAFcli(prop, aEnv, wtr, hman, null, secSet);
+ Role role = new Role(aafcli);
+ List ls = new List(role);
+ lsActivity = new ListActivity(ls);
+ }
+
+ @Test
+ public void testExec() throws APIException, LocatorException, CadiException, URISyntaxException {
+ Item value = mock(Item.class);
+ Locator.Item item = new Locator.Item() {
+ };
+ when(loc.best()).thenReturn(value);
+ URI uri = new URI("http://www.oracle.com/technetwork/java/index.html");
+ when(loc.get(value)).thenReturn(uri);
+ SecuritySetter<HttpURLConnection> secSet = mock(SecuritySetter.class);
+ HRcli hcli = new HRcli(hman, uri, item, secSet);
+ String[] strArr = {"add","upd","del","add","upd","del"};
+ //lsActivity._exec(0, strArr);
+
+ }
+
+ @Test
+ public void detailedHelp() {
+ boolean hasNoError = true;
+ try {
+ lsActivity.detailedHelp(1, new StringBuilder("test"));
+ } catch (Exception e) {
+ hasNoError = false;
+ }
+ assertEquals(hasNoError, true);
+ }
}
diff --git a/auth/auth-cmd/src/test/java/org/onap/aaf/auth/cmd/test/role/JU_ListByNS.java b/auth/auth-cmd/src/test/java/org/onap/aaf/auth/cmd/test/role/JU_ListByNS.java
index 6017905c..c8443912 100644
--- a/auth/auth-cmd/src/test/java/org/onap/aaf/auth/cmd/test/role/JU_ListByNS.java
+++ b/auth/auth-cmd/src/test/java/org/onap/aaf/auth/cmd/test/role/JU_ListByNS.java
@@ -40,41 +40,41 @@ import org.onap.aaf.misc.env.APIException;
@RunWith(MockitoJUnitRunner.class)
public class JU_ListByNS {
-
- private static ListByNS lsByNS;
-
- @BeforeClass
- public static void setUp () throws NoSuchFieldException, SecurityException, Exception, IllegalAccessException {
- AAFcli cli = JU_AAFCli.getAAfCli();
- Role role = new Role(cli);
- List ls = new List(role);
- lsByNS = new ListByNS(ls);
- }
-
-// @Test
-// public void exec() {
-// try {
-// assertEquals(lsByNS._exec(0, "add","del","reset","extend","clear", "rename", "create"),500);
-// } catch (CadiException e) {
-// // TODO Auto-generated catch block
-// e.printStackTrace();
-// } catch (APIException e) {
-// // TODO Auto-generated catch block
-// e.printStackTrace();
-// } catch (LocatorException e) {
-// // TODO Auto-generated catch block
-// e.printStackTrace();
-// }
-// }
-
- @Test
- public void detailedHelp() {
- boolean hasNoError = true;
- try {
- lsByNS.detailedHelp(1, new StringBuilder("test"));
- } catch (Exception e) {
- hasNoError = false;
- }
- assertEquals(hasNoError, true);
- }
+
+ private static ListByNS lsByNS;
+
+ @BeforeClass
+ public static void setUp () throws NoSuchFieldException, SecurityException, Exception, IllegalAccessException {
+ AAFcli cli = JU_AAFCli.getAAfCli();
+ Role role = new Role(cli);
+ List ls = new List(role);
+ lsByNS = new ListByNS(ls);
+ }
+
+// @Test
+// public void exec() {
+// try {
+// assertEquals(lsByNS._exec(0, "add","del","reset","extend","clear", "rename", "create"),500);
+// } catch (CadiException e) {
+// // TODO Auto-generated catch block
+// e.printStackTrace();
+// } catch (APIException e) {
+// // TODO Auto-generated catch block
+// e.printStackTrace();
+// } catch (LocatorException e) {
+// // TODO Auto-generated catch block
+// e.printStackTrace();
+// }
+// }
+
+ @Test
+ public void detailedHelp() {
+ boolean hasNoError = true;
+ try {
+ lsByNS.detailedHelp(1, new StringBuilder("test"));
+ } catch (Exception e) {
+ hasNoError = false;
+ }
+ assertEquals(hasNoError, true);
+ }
}
diff --git a/auth/auth-cmd/src/test/java/org/onap/aaf/auth/cmd/test/role/JU_ListByNameOnly.java b/auth/auth-cmd/src/test/java/org/onap/aaf/auth/cmd/test/role/JU_ListByNameOnly.java
index 49a53d82..1bac5004 100644
--- a/auth/auth-cmd/src/test/java/org/onap/aaf/auth/cmd/test/role/JU_ListByNameOnly.java
+++ b/auth/auth-cmd/src/test/java/org/onap/aaf/auth/cmd/test/role/JU_ListByNameOnly.java
@@ -56,52 +56,52 @@ import org.onap.aaf.misc.env.APIException;
@RunWith(MockitoJUnitRunner.class)
public class JU_ListByNameOnly {
-
- private static ListByNameOnly lsByName;
- PropAccess prop;
- AuthzEnv aEnv;
- Writer wtr;
- Locator<URI> loc;
- HMangr hman;
- AAFcli aafcli;
-
- @Before
- public void setUp () throws NoSuchFieldException, SecurityException, Exception, IllegalAccessException {
- prop = new PropAccess();
- aEnv = new AuthzEnv();
- wtr = mock(Writer.class);
- loc = mock(Locator.class);
- SecuritySetter<HttpURLConnection> secSet = mock(SecuritySetter.class);
- hman = new HMangr(aEnv, loc);
- aafcli = new AAFcli(prop, aEnv, wtr, hman, null, secSet);
- Role role = new Role(aafcli);
- List ls = new List(role);
- lsByName = new ListByNameOnly(ls);
- }
-
- @Test
- public void testExec() throws APIException, LocatorException, CadiException, URISyntaxException {
- Item value = mock(Item.class);
- Locator.Item item = new Locator.Item() {
- };
- when(loc.best()).thenReturn(value);
- URI uri = new URI("http://www.oracle.com/technetwork/java/index.html");
- when(loc.get(value)).thenReturn(uri);
- SecuritySetter<HttpURLConnection> secSet = mock(SecuritySetter.class);
- HRcli hcli = new HRcli(hman, uri, item, secSet);
- String[] strArr = {"add","upd","del","add","upd","del"};
- //lsByName._exec(0, strArr);
-
- }
-
- @Test
- public void detailedHelp() {
- boolean hasNoError = true;
- try {
- lsByName.detailedHelp(1, new StringBuilder("test"));
- } catch (Exception e) {
- hasNoError = false;
- }
- assertEquals(hasNoError, true);
- }
+
+ private static ListByNameOnly lsByName;
+ PropAccess prop;
+ AuthzEnv aEnv;
+ Writer wtr;
+ Locator<URI> loc;
+ HMangr hman;
+ AAFcli aafcli;
+
+ @Before
+ public void setUp () throws NoSuchFieldException, SecurityException, Exception, IllegalAccessException {
+ prop = new PropAccess();
+ aEnv = new AuthzEnv();
+ wtr = mock(Writer.class);
+ loc = mock(Locator.class);
+ SecuritySetter<HttpURLConnection> secSet = mock(SecuritySetter.class);
+ hman = new HMangr(aEnv, loc);
+ aafcli = new AAFcli(prop, aEnv, wtr, hman, null, secSet);
+ Role role = new Role(aafcli);
+ List ls = new List(role);
+ lsByName = new ListByNameOnly(ls);
+ }
+
+ @Test
+ public void testExec() throws APIException, LocatorException, CadiException, URISyntaxException {
+ Item value = mock(Item.class);
+ Locator.Item item = new Locator.Item() {
+ };
+ when(loc.best()).thenReturn(value);
+ URI uri = new URI("http://www.oracle.com/technetwork/java/index.html");
+ when(loc.get(value)).thenReturn(uri);
+ SecuritySetter<HttpURLConnection> secSet = mock(SecuritySetter.class);
+ HRcli hcli = new HRcli(hman, uri, item, secSet);
+ String[] strArr = {"add","upd","del","add","upd","del"};
+ //lsByName._exec(0, strArr);
+
+ }
+
+ @Test
+ public void detailedHelp() {
+ boolean hasNoError = true;
+ try {
+ lsByName.detailedHelp(1, new StringBuilder("test"));
+ } catch (Exception e) {
+ hasNoError = false;
+ }
+ assertEquals(hasNoError, true);
+ }
}
diff --git a/auth/auth-cmd/src/test/java/org/onap/aaf/auth/cmd/test/role/JU_ListByPerm.java b/auth/auth-cmd/src/test/java/org/onap/aaf/auth/cmd/test/role/JU_ListByPerm.java
index 65f2c6f0..cc1a4b75 100644
--- a/auth/auth-cmd/src/test/java/org/onap/aaf/auth/cmd/test/role/JU_ListByPerm.java
+++ b/auth/auth-cmd/src/test/java/org/onap/aaf/auth/cmd/test/role/JU_ListByPerm.java
@@ -40,41 +40,41 @@ import org.onap.aaf.misc.env.APIException;
@RunWith(MockitoJUnitRunner.class)
public class JU_ListByPerm {
-
- private static ListByPerm lsByPerm;
-
- @BeforeClass
- public static void setUp () throws NoSuchFieldException, SecurityException, Exception, IllegalAccessException {
- AAFcli cli = JU_AAFCli.getAAfCli();
- Role role = new Role(cli);
- List ls = new List(role);
- lsByPerm = new ListByPerm(ls);
- }
-
-// @Test
-// public void exec() {
-// try {
-// assertEquals(lsByPerm._exec(0, "add","del","reset","extend","clear", "rename", "create"),500);
-// } catch (CadiException e) {
-// // TODO Auto-generated catch block
-// e.printStackTrace();
-// } catch (APIException e) {
-// // TODO Auto-generated catch block
-// e.printStackTrace();
-// } catch (LocatorException e) {
-// // TODO Auto-generated catch block
-// e.printStackTrace();
-// }
-// }
-
- @Test
- public void detailedHelp() {
- boolean hasNoError = true;
- try {
- lsByPerm.detailedHelp(1, new StringBuilder("test"));
- } catch (Exception e) {
- hasNoError = false;
- }
- assertEquals(hasNoError, true);
- }
+
+ private static ListByPerm lsByPerm;
+
+ @BeforeClass
+ public static void setUp () throws NoSuchFieldException, SecurityException, Exception, IllegalAccessException {
+ AAFcli cli = JU_AAFCli.getAAfCli();
+ Role role = new Role(cli);
+ List ls = new List(role);
+ lsByPerm = new ListByPerm(ls);
+ }
+
+// @Test
+// public void exec() {
+// try {
+// assertEquals(lsByPerm._exec(0, "add","del","reset","extend","clear", "rename", "create"),500);
+// } catch (CadiException e) {
+// // TODO Auto-generated catch block
+// e.printStackTrace();
+// } catch (APIException e) {
+// // TODO Auto-generated catch block
+// e.printStackTrace();
+// } catch (LocatorException e) {
+// // TODO Auto-generated catch block
+// e.printStackTrace();
+// }
+// }
+
+ @Test
+ public void detailedHelp() {
+ boolean hasNoError = true;
+ try {
+ lsByPerm.detailedHelp(1, new StringBuilder("test"));
+ } catch (Exception e) {
+ hasNoError = false;
+ }
+ assertEquals(hasNoError, true);
+ }
}
diff --git a/auth/auth-cmd/src/test/java/org/onap/aaf/auth/cmd/test/role/JU_ListByRole.java b/auth/auth-cmd/src/test/java/org/onap/aaf/auth/cmd/test/role/JU_ListByRole.java
index 37accbbc..064346ab 100644
--- a/auth/auth-cmd/src/test/java/org/onap/aaf/auth/cmd/test/role/JU_ListByRole.java
+++ b/auth/auth-cmd/src/test/java/org/onap/aaf/auth/cmd/test/role/JU_ListByRole.java
@@ -40,42 +40,42 @@ import org.onap.aaf.misc.env.APIException;
@RunWith(MockitoJUnitRunner.class)
public class JU_ListByRole {
-
- private static ListByRole lsByRole;
-
- @BeforeClass
- public static void setUp () throws NoSuchFieldException, SecurityException, Exception, IllegalAccessException {
- AAFcli cli = JU_AAFCli.getAAfCli();
- Role role = new Role(cli);
- List ls = new List(role);
- lsByRole = new ListByRole(ls);
- }
-
-// @Test
-// public void exec() {
-// try {
-// assertEquals(lsByRole._exec(0, "add","del","reset","extend","clear", "rename", "create"),500);
-// } catch (CadiException e) {
-// // TODO Auto-generated catch block
-// e.printStackTrace();
-// } catch (APIException e) {
-// // TODO Auto-generated catch block
-// e.printStackTrace();
-// } catch (LocatorException e) {
-// // TODO Auto-generated catch block
-// e.printStackTrace();
-// }
-// }
-
- @Test
- public void detailedHelp() {
- boolean hasNoError = true;
- try {
- lsByRole.detailedHelp(1, new StringBuilder("test"));
- } catch (Exception e) {
- hasNoError = false;
- }
- assertEquals(hasNoError, true);
- }
-
+
+ private static ListByRole lsByRole;
+
+ @BeforeClass
+ public static void setUp () throws NoSuchFieldException, SecurityException, Exception, IllegalAccessException {
+ AAFcli cli = JU_AAFCli.getAAfCli();
+ Role role = new Role(cli);
+ List ls = new List(role);
+ lsByRole = new ListByRole(ls);
+ }
+
+// @Test
+// public void exec() {
+// try {
+// assertEquals(lsByRole._exec(0, "add","del","reset","extend","clear", "rename", "create"),500);
+// } catch (CadiException e) {
+// // TODO Auto-generated catch block
+// e.printStackTrace();
+// } catch (APIException e) {
+// // TODO Auto-generated catch block
+// e.printStackTrace();
+// } catch (LocatorException e) {
+// // TODO Auto-generated catch block
+// e.printStackTrace();
+// }
+// }
+
+ @Test
+ public void detailedHelp() {
+ boolean hasNoError = true;
+ try {
+ lsByRole.detailedHelp(1, new StringBuilder("test"));
+ } catch (Exception e) {
+ hasNoError = false;
+ }
+ assertEquals(hasNoError, true);
+ }
+
}
diff --git a/auth/auth-cmd/src/test/java/org/onap/aaf/auth/cmd/test/role/JU_ListByUser.java b/auth/auth-cmd/src/test/java/org/onap/aaf/auth/cmd/test/role/JU_ListByUser.java
index 86ce24cc..a6f297ec 100644
--- a/auth/auth-cmd/src/test/java/org/onap/aaf/auth/cmd/test/role/JU_ListByUser.java
+++ b/auth/auth-cmd/src/test/java/org/onap/aaf/auth/cmd/test/role/JU_ListByUser.java
@@ -56,53 +56,53 @@ import org.onap.aaf.misc.env.APIException;
@RunWith(MockitoJUnitRunner.class)
public class JU_ListByUser {
-
- private static ListByUser lsByUser;
- PropAccess prop;
- AuthzEnv aEnv;
- Writer wtr;
- Locator<URI> loc;
- HMangr hman;
- AAFcli aafcli;
-
- @Before
- public void setUp () throws NoSuchFieldException, SecurityException, Exception, IllegalAccessException {
- prop = new PropAccess();
- aEnv = new AuthzEnv();
- wtr = mock(Writer.class);
- loc = mock(Locator.class);
- SecuritySetter<HttpURLConnection> secSet = mock(SecuritySetter.class);
- hman = new HMangr(aEnv, loc);
- aafcli = new AAFcli(prop, aEnv, wtr, hman, null, secSet);
- Role role = new Role(aafcli);
- List ls = new List(role);
- lsByUser = new ListByUser(ls);
- }
-
- @Test
- public void testExec() throws APIException, LocatorException, CadiException, URISyntaxException {
- Item value = mock(Item.class);
- Locator.Item item = new Locator.Item() {
- };
- when(loc.best()).thenReturn(value);
- URI uri = new URI("http://www.oracle.com/technetwork/java/index.html");
- when(loc.get(value)).thenReturn(uri);
- SecuritySetter<HttpURLConnection> secSet = mock(SecuritySetter.class);
- HRcli hcli = new HRcli(hman, uri, item, secSet);
- String[] strArr = {"add","upd","del","add","upd","del"};
- //lsByUser._exec(0, strArr);
-
- }
-
- @Test
- public void detailedHelp() {
- boolean hasNoError = true;
- try {
- lsByUser.detailedHelp(1, new StringBuilder("test"));
- } catch (Exception e) {
- hasNoError = false;
- }
- assertEquals(hasNoError, true);
- }
-
+
+ private static ListByUser lsByUser;
+ PropAccess prop;
+ AuthzEnv aEnv;
+ Writer wtr;
+ Locator<URI> loc;
+ HMangr hman;
+ AAFcli aafcli;
+
+ @Before
+ public void setUp () throws NoSuchFieldException, SecurityException, Exception, IllegalAccessException {
+ prop = new PropAccess();
+ aEnv = new AuthzEnv();
+ wtr = mock(Writer.class);
+ loc = mock(Locator.class);
+ SecuritySetter<HttpURLConnection> secSet = mock(SecuritySetter.class);
+ hman = new HMangr(aEnv, loc);
+ aafcli = new AAFcli(prop, aEnv, wtr, hman, null, secSet);
+ Role role = new Role(aafcli);
+ List ls = new List(role);
+ lsByUser = new ListByUser(ls);
+ }
+
+ @Test
+ public void testExec() throws APIException, LocatorException, CadiException, URISyntaxException {
+ Item value = mock(Item.class);
+ Locator.Item item = new Locator.Item() {
+ };
+ when(loc.best()).thenReturn(value);
+ URI uri = new URI("http://www.oracle.com/technetwork/java/index.html");
+ when(loc.get(value)).thenReturn(uri);
+ SecuritySetter<HttpURLConnection> secSet = mock(SecuritySetter.class);
+ HRcli hcli = new HRcli(hman, uri, item, secSet);
+ String[] strArr = {"add","upd","del","add","upd","del"};
+ //lsByUser._exec(0, strArr);
+
+ }
+
+ @Test
+ public void detailedHelp() {
+ boolean hasNoError = true;
+ try {
+ lsByUser.detailedHelp(1, new StringBuilder("test"));
+ } catch (Exception e) {
+ hasNoError = false;
+ }
+ assertEquals(hasNoError, true);
+ }
+
}
diff --git a/auth/auth-cmd/src/test/java/org/onap/aaf/auth/cmd/test/role/JU_User.java b/auth/auth-cmd/src/test/java/org/onap/aaf/auth/cmd/test/role/JU_User.java
index ead62eb6..530362a8 100644
--- a/auth/auth-cmd/src/test/java/org/onap/aaf/auth/cmd/test/role/JU_User.java
+++ b/auth/auth-cmd/src/test/java/org/onap/aaf/auth/cmd/test/role/JU_User.java
@@ -56,60 +56,60 @@ import org.onap.aaf.misc.env.APIException;
@RunWith(MockitoJUnitRunner.class)
public class JU_User {
-
- private static User user;
- PropAccess prop;
- AuthzEnv aEnv;
- Writer wtr;
- Locator<URI> loc;
- HMangr hman;
- AAFcli aafcli;
-
- @Before
- public void setUp () throws NoSuchFieldException, SecurityException, Exception, IllegalAccessException {
- prop = new PropAccess();
- aEnv = new AuthzEnv();
- wtr = mock(Writer.class);
- loc = mock(Locator.class);
- SecuritySetter<HttpURLConnection> secSet = mock(SecuritySetter.class);
- hman = new HMangr(aEnv, loc);
- aafcli = new AAFcli(prop, aEnv, wtr, hman, null, secSet);
- Role role = new Role(aafcli);
- user = new User(role);
- }
-
- @Test
- public void testExec() throws APIException, LocatorException, CadiException, URISyntaxException {
- Item value = mock(Item.class);
- Locator.Item item = new Locator.Item() {
- };
- when(loc.best()).thenReturn(value);
- URI uri = new URI("http://www.oracle.com/technetwork/java/index.html");
- when(loc.get(value)).thenReturn(uri);
- SecuritySetter<HttpURLConnection> secSet = mock(SecuritySetter.class);
-// HRcli hcli = new HRcli(hman, uri, item, secSet);
-// String[] strArr = {"add","del","setTo","extend","add","del","setTo","extend"};
-// user._exec(0, strArr);
-//
-// String[] strArr1 = {"del","setTo","extend","add","del","setTo","extend"};
-// user._exec(0, strArr1);
-//
-// String[] strArr2 = {"setTo","extend","add","del","setTo","extend"};
-// user._exec(0, strArr2);
-//
-// String[] strArr3 = {"extend","add","del","setTo","extend"};
-// user._exec(0, strArr3);
-
- }
-
- @Test
- public void detailedHelp() {
- boolean hasNoError = true;
- try {
- user.detailedHelp(1, new StringBuilder("test"));
- } catch (Exception e) {
- hasNoError = false;
- }
- assertEquals(hasNoError, true);
- }
+
+ private static User user;
+ PropAccess prop;
+ AuthzEnv aEnv;
+ Writer wtr;
+ Locator<URI> loc;
+ HMangr hman;
+ AAFcli aafcli;
+
+ @Before
+ public void setUp () throws NoSuchFieldException, SecurityException, Exception, IllegalAccessException {
+ prop = new PropAccess();
+ aEnv = new AuthzEnv();
+ wtr = mock(Writer.class);
+ loc = mock(Locator.class);
+ SecuritySetter<HttpURLConnection> secSet = mock(SecuritySetter.class);
+ hman = new HMangr(aEnv, loc);
+ aafcli = new AAFcli(prop, aEnv, wtr, hman, null, secSet);
+ Role role = new Role(aafcli);
+ user = new User(role);
+ }
+
+ @Test
+ public void testExec() throws APIException, LocatorException, CadiException, URISyntaxException {
+ Item value = mock(Item.class);
+ Locator.Item item = new Locator.Item() {
+ };
+ when(loc.best()).thenReturn(value);
+ URI uri = new URI("http://www.oracle.com/technetwork/java/index.html");
+ when(loc.get(value)).thenReturn(uri);
+ SecuritySetter<HttpURLConnection> secSet = mock(SecuritySetter.class);
+// HRcli hcli = new HRcli(hman, uri, item, secSet);
+// String[] strArr = {"add","del","setTo","extend","add","del","setTo","extend"};
+// user._exec(0, strArr);
+//
+// String[] strArr1 = {"del","setTo","extend","add","del","setTo","extend"};
+// user._exec(0, strArr1);
+//
+// String[] strArr2 = {"setTo","extend","add","del","setTo","extend"};
+// user._exec(0, strArr2);
+//
+// String[] strArr3 = {"extend","add","del","setTo","extend"};
+// user._exec(0, strArr3);
+
+ }
+
+ @Test
+ public void detailedHelp() {
+ boolean hasNoError = true;
+ try {
+ user.detailedHelp(1, new StringBuilder("test"));
+ } catch (Exception e) {
+ hasNoError = false;
+ }
+ assertEquals(hasNoError, true);
+ }
}
diff --git a/auth/auth-cmd/src/test/java/org/onap/aaf/auth/cmd/test/user/JU_Cred.java b/auth/auth-cmd/src/test/java/org/onap/aaf/auth/cmd/test/user/JU_Cred.java
index 033aff3f..cca28fd4 100644
--- a/auth/auth-cmd/src/test/java/org/onap/aaf/auth/cmd/test/user/JU_Cred.java
+++ b/auth/auth-cmd/src/test/java/org/onap/aaf/auth/cmd/test/user/JU_Cred.java
@@ -59,56 +59,56 @@ import org.onap.aaf.misc.env.APIException;
@RunWith(MockitoJUnitRunner.class)
public class JU_Cred {
- User user;
- Cred cred;
- PropAccess prop;
- AuthzEnv aEnv;
- Writer wtr;
- Locator<URI> loc;
- HMangr hman;
- AAFcli aafcli;
+ User user;
+ Cred cred;
+ PropAccess prop;
+ AuthzEnv aEnv;
+ Writer wtr;
+ Locator<URI> loc;
+ HMangr hman;
+ AAFcli aafcli;
- @Before
- public void setUp() throws FileNotFoundException, APIException, LocatorException, CadiException {
- prop = new PropAccess();
- aEnv = new AuthzEnv();
- wtr = mock(Writer.class);
- loc = mock(Locator.class);
- SecuritySetter<HttpURLConnection> secSet = mock(SecuritySetter.class);
- hman = new HMangr(aEnv, loc);
- aafcli = new AAFcli(prop, aEnv, wtr, hman, null, secSet);
- user = new User(aafcli);
- cred = new Cred(user);
- }
-
- @Test
- public void testExec() throws APIException, LocatorException, CadiException, URISyntaxException {
- Item value = mock(Item.class);
- Locator.Item item = new Locator.Item() {
- };
- when(loc.best()).thenReturn(value);
- URI uri = new URI("http://www.oracle.com/technetwork/java/index.html");
- when(loc.get(value)).thenReturn(uri);
- SecuritySetter<HttpURLConnection> secSet = mock(SecuritySetter.class);
-// HRcli hcli = new HRcli(hman, uri, item, secSet);
-// String[] strArr = {"add","del","reset","extend"};
-// cred._exec(0, strArr);
-//
-// String[] strArr1 = {"del","reset","extend","add"};
-// cred._exec(0, strArr1);
-//
-// String[] strArr2 = {"reset","extend", "add","del"};
-// cred._exec(0, strArr2);
-//
-// String[] strArr3 = {"extend","add","del","reset"};
-// cred._exec(0, strArr3);
+ @Before
+ public void setUp() throws FileNotFoundException, APIException, LocatorException, CadiException {
+ prop = new PropAccess();
+ aEnv = new AuthzEnv();
+ wtr = mock(Writer.class);
+ loc = mock(Locator.class);
+ SecuritySetter<HttpURLConnection> secSet = mock(SecuritySetter.class);
+ hman = new HMangr(aEnv, loc);
+ aafcli = new AAFcli(prop, aEnv, wtr, hman, null, secSet);
+ user = new User(aafcli);
+ cred = new Cred(user);
+ }
+
+ @Test
+ public void testExec() throws APIException, LocatorException, CadiException, URISyntaxException {
+ Item value = mock(Item.class);
+ Locator.Item item = new Locator.Item() {
+ };
+ when(loc.best()).thenReturn(value);
+ URI uri = new URI("http://www.oracle.com/technetwork/java/index.html");
+ when(loc.get(value)).thenReturn(uri);
+ SecuritySetter<HttpURLConnection> secSet = mock(SecuritySetter.class);
+// HRcli hcli = new HRcli(hman, uri, item, secSet);
+// String[] strArr = {"add","del","reset","extend"};
+// cred._exec(0, strArr);
+//
+// String[] strArr1 = {"del","reset","extend","add"};
+// cred._exec(0, strArr1);
+//
+// String[] strArr2 = {"reset","extend", "add","del"};
+// cred._exec(0, strArr2);
+//
+// String[] strArr3 = {"extend","add","del","reset"};
+// cred._exec(0, strArr3);
- }
-
- @Test
- public void testDetailedHelp() {
- StringBuilder sb = new StringBuilder();
- cred.detailedHelp(0, sb);
- }
+ }
+
+ @Test
+ public void testDetailedHelp() {
+ StringBuilder sb = new StringBuilder();
+ cred.detailedHelp(0, sb);
+ }
}
diff --git a/auth/auth-cmd/src/test/java/org/onap/aaf/auth/cmd/test/user/JU_Delg.java b/auth/auth-cmd/src/test/java/org/onap/aaf/auth/cmd/test/user/JU_Delg.java
index eec11880..03a7cc3e 100644
--- a/auth/auth-cmd/src/test/java/org/onap/aaf/auth/cmd/test/user/JU_Delg.java
+++ b/auth/auth-cmd/src/test/java/org/onap/aaf/auth/cmd/test/user/JU_Delg.java
@@ -56,55 +56,55 @@ import org.onap.aaf.misc.env.APIException;
@RunWith(MockitoJUnitRunner.class)
public class JU_Delg {
-
- private static User testUser;
- private static Delg delg;
- User user;
- PropAccess prop;
- AuthzEnv aEnv;
- Writer wtr;
- Locator<URI> loc;
- HMangr hman;
- AAFcli aafcli;
+
+ private static User testUser;
+ private static Delg delg;
+ User user;
+ PropAccess prop;
+ AuthzEnv aEnv;
+ Writer wtr;
+ Locator<URI> loc;
+ HMangr hman;
+ AAFcli aafcli;
- @Before
- public void setUp() throws FileNotFoundException, APIException, LocatorException, CadiException {
- prop = new PropAccess();
- aEnv = new AuthzEnv();
- wtr = mock(Writer.class);
- loc = mock(Locator.class);
- SecuritySetter<HttpURLConnection> secSet = mock(SecuritySetter.class);
- hman = mock(HMangr.class); //new HMangr(aEnv, loc);
- aafcli = mock(AAFcli.class);//new AAFcli(prop, aEnv, wtr, hman, null, secSet);
-// user = mock(User.class); //new User(aafcli);
-// delg = new Delg(user);
- }
-
- @Test
- public void testExec() throws APIException, LocatorException, CadiException, URISyntaxException {
- Item value = mock(Item.class);
- Locator.Item item = new Locator.Item() {
- };
- when(loc.best()).thenReturn(value);
- URI uri = new URI("http://www.oracle.com/technetwork/java/index.html");
- when(loc.get(value)).thenReturn(uri);
- SecuritySetter<HttpURLConnection> secSet = mock(SecuritySetter.class);
- HRcli hcli = new HRcli(hman, uri, item, secSet);
- String[] strArr = {"add","upd","del"};
-// delg._exec(0, strArr);
-
- String[] strArr1 = {"upd","del","add"};
-// delg._exec(0, strArr1);
-
- String[] strArr2 = {"del","add"};
-// delg._exec(0, strArr2);
+ @Before
+ public void setUp() throws FileNotFoundException, APIException, LocatorException, CadiException {
+ prop = new PropAccess();
+ aEnv = new AuthzEnv();
+ wtr = mock(Writer.class);
+ loc = mock(Locator.class);
+ SecuritySetter<HttpURLConnection> secSet = mock(SecuritySetter.class);
+ hman = mock(HMangr.class); //new HMangr(aEnv, loc);
+ aafcli = mock(AAFcli.class);//new AAFcli(prop, aEnv, wtr, hman, null, secSet);
+// user = mock(User.class); //new User(aafcli);
+// delg = new Delg(user);
+ }
+
+ @Test
+ public void testExec() throws APIException, LocatorException, CadiException, URISyntaxException {
+ Item value = mock(Item.class);
+ Locator.Item item = new Locator.Item() {
+ };
+ when(loc.best()).thenReturn(value);
+ URI uri = new URI("http://www.oracle.com/technetwork/java/index.html");
+ when(loc.get(value)).thenReturn(uri);
+ SecuritySetter<HttpURLConnection> secSet = mock(SecuritySetter.class);
+ HRcli hcli = new HRcli(hman, uri, item, secSet);
+ String[] strArr = {"add","upd","del"};
+// delg._exec(0, strArr);
+
+ String[] strArr1 = {"upd","del","add"};
+// delg._exec(0, strArr1);
+
+ String[] strArr2 = {"del","add"};
+// delg._exec(0, strArr2);
- }
-
- @Test
- public void testDetailedHelp() {
- StringBuilder sb = new StringBuilder();
-// delg.detailedHelp(0, sb);
- }
-
+ }
+
+ @Test
+ public void testDetailedHelp() {
+ StringBuilder sb = new StringBuilder();
+// delg.detailedHelp(0, sb);
+ }
+
}
diff --git a/auth/auth-cmd/src/test/java/org/onap/aaf/auth/cmd/test/user/JU_ListActivity.java b/auth/auth-cmd/src/test/java/org/onap/aaf/auth/cmd/test/user/JU_ListActivity.java
index 11517248..fc1c9aac 100644
--- a/auth/auth-cmd/src/test/java/org/onap/aaf/auth/cmd/test/user/JU_ListActivity.java
+++ b/auth/auth-cmd/src/test/java/org/onap/aaf/auth/cmd/test/user/JU_ListActivity.java
@@ -40,37 +40,37 @@ import org.onap.aaf.misc.env.APIException;
@RunWith(MockitoJUnitRunner.class)
public class JU_ListActivity {
-
- private static ListActivity lsActivity;
-
- @BeforeClass
- public static void setUp () throws NoSuchFieldException, SecurityException, Exception, IllegalAccessException {
- AAFcli cli = JU_AAFCli.getAAfCli();
- User usr = new User(cli);
- List parent = new List(usr);
- lsActivity = new ListActivity(parent);
-
- }
-//
-// @Test
-// public void exec() {
-// try {
-// assertEquals(lsActivity._exec(0, "add","del","reset","extend","clear", "rename", "create"),500);
-// } catch (CadiException e) {
-//
-// e.printStackTrace();
-// } catch (APIException e) {
-//
-// e.printStackTrace();
-// } catch (LocatorException e) {
-//
-// e.printStackTrace();
-// }
-// }
-
- @Test
- public void testDetailedHelp() {
- StringBuilder sb = new StringBuilder();
- lsActivity.detailedHelp(0, sb);
- }
+
+ private static ListActivity lsActivity;
+
+ @BeforeClass
+ public static void setUp () throws NoSuchFieldException, SecurityException, Exception, IllegalAccessException {
+ AAFcli cli = JU_AAFCli.getAAfCli();
+ User usr = new User(cli);
+ List parent = new List(usr);
+ lsActivity = new ListActivity(parent);
+
+ }
+//
+// @Test
+// public void exec() {
+// try {
+// assertEquals(lsActivity._exec(0, "add","del","reset","extend","clear", "rename", "create"),500);
+// } catch (CadiException e) {
+//
+// e.printStackTrace();
+// } catch (APIException e) {
+//
+// e.printStackTrace();
+// } catch (LocatorException e) {
+//
+// e.printStackTrace();
+// }
+// }
+
+ @Test
+ public void testDetailedHelp() {
+ StringBuilder sb = new StringBuilder();
+ lsActivity.detailedHelp(0, sb);
+ }
}
diff --git a/auth/auth-cmd/src/test/java/org/onap/aaf/auth/cmd/test/user/JU_ListApprovals.java b/auth/auth-cmd/src/test/java/org/onap/aaf/auth/cmd/test/user/JU_ListApprovals.java
index 4a9e3aba..457f277c 100644
--- a/auth/auth-cmd/src/test/java/org/onap/aaf/auth/cmd/test/user/JU_ListApprovals.java
+++ b/auth/auth-cmd/src/test/java/org/onap/aaf/auth/cmd/test/user/JU_ListApprovals.java
@@ -58,49 +58,49 @@ import org.onap.aaf.misc.env.APIException;
@RunWith(MockitoJUnitRunner.class)
public class JU_ListApprovals {
-
- private static ListApprovals lsApprovals;
- PropAccess prop;
- AuthzEnv aEnv;
- Writer wtr;
- Locator<URI> loc;
- HMangr hman;
- AAFcli aafcli;
-
- @Before
- public void setUp() throws NoSuchFieldException, SecurityException, Exception, IllegalAccessException {
- prop = new PropAccess();
- aEnv = new AuthzEnv();
- wtr = mock(Writer.class);
- loc = mock(Locator.class);
- SecuritySetter<HttpURLConnection> secSet = mock(SecuritySetter.class);
- hman = new HMangr(aEnv, loc);
- aafcli = new AAFcli(prop, aEnv, wtr, hman, null, secSet);
- User usr = new User(aafcli);
- List parent = new List(usr);
- lsApprovals = new ListApprovals(parent);
- }
-
-
+
+ private static ListApprovals lsApprovals;
+ PropAccess prop;
+ AuthzEnv aEnv;
+ Writer wtr;
+ Locator<URI> loc;
+ HMangr hman;
+ AAFcli aafcli;
+
+ @Before
+ public void setUp() throws NoSuchFieldException, SecurityException, Exception, IllegalAccessException {
+ prop = new PropAccess();
+ aEnv = new AuthzEnv();
+ wtr = mock(Writer.class);
+ loc = mock(Locator.class);
+ SecuritySetter<HttpURLConnection> secSet = mock(SecuritySetter.class);
+ hman = new HMangr(aEnv, loc);
+ aafcli = new AAFcli(prop, aEnv, wtr, hman, null, secSet);
+ User usr = new User(aafcli);
+ List parent = new List(usr);
+ lsApprovals = new ListApprovals(parent);
+ }
+
+
- @Test
- public void testExec() throws APIException, LocatorException, CadiException, URISyntaxException {
- Item value = mock(Item.class);
- Locator.Item item = new Locator.Item() {
- };
- when(loc.best()).thenReturn(value);
- URI uri = new URI("http://www.oracle.com/technetwork/java/index.html");
- when(loc.get(value)).thenReturn(uri);
- SecuritySetter<HttpURLConnection> secSet = mock(SecuritySetter.class);
- HRcli hcli = new HRcli(hman, uri, item, secSet);
- String[] strArr = {"user","approver","ticket"};
- //lsApprovals._exec(0, strArr);
-
- }
-
- @Test
- public void testDetailedHelp() {
- StringBuilder sb = new StringBuilder();
- lsApprovals.detailedHelp(0, sb);
- }
+ @Test
+ public void testExec() throws APIException, LocatorException, CadiException, URISyntaxException {
+ Item value = mock(Item.class);
+ Locator.Item item = new Locator.Item() {
+ };
+ when(loc.best()).thenReturn(value);
+ URI uri = new URI("http://www.oracle.com/technetwork/java/index.html");
+ when(loc.get(value)).thenReturn(uri);
+ SecuritySetter<HttpURLConnection> secSet = mock(SecuritySetter.class);
+ HRcli hcli = new HRcli(hman, uri, item, secSet);
+ String[] strArr = {"user","approver","ticket"};
+ //lsApprovals._exec(0, strArr);
+
+ }
+
+ @Test
+ public void testDetailedHelp() {
+ StringBuilder sb = new StringBuilder();
+ lsApprovals.detailedHelp(0, sb);
+ }
}
diff --git a/auth/auth-cmd/src/test/java/org/onap/aaf/auth/cmd/test/user/JU_ListDelegates.java b/auth/auth-cmd/src/test/java/org/onap/aaf/auth/cmd/test/user/JU_ListDelegates.java
index a1a21ed4..4ddbd337 100644
--- a/auth/auth-cmd/src/test/java/org/onap/aaf/auth/cmd/test/user/JU_ListDelegates.java
+++ b/auth/auth-cmd/src/test/java/org/onap/aaf/auth/cmd/test/user/JU_ListDelegates.java
@@ -40,37 +40,37 @@ import org.onap.aaf.misc.env.APIException;
@RunWith(MockitoJUnitRunner.class)
public class JU_ListDelegates {
-
- private static ListDelegates lsDelegates;
-
- @BeforeClass
- public static void setUp () throws NoSuchFieldException, SecurityException, Exception, IllegalAccessException {
- AAFcli cli = JU_AAFCli.getAAfCli();
- User usr = new User(cli);
- List parent = new List(usr);
- lsDelegates = new ListDelegates(parent);
-
- }
-
-// @Test
-// public void exec() {
-// try {
-// assertEquals(lsDelegates._exec(0, "add","del","reset","extend","clear", "rename", "create"),500);
-// } catch (CadiException e) {
-//
-// e.printStackTrace();
-// } catch (APIException e) {
-//
-// e.printStackTrace();
-// } catch (LocatorException e) {
-//
-// e.printStackTrace();
-// }
-// }
-
- @Test
- public void testDetailedHelp() {
- StringBuilder sb = new StringBuilder();
- lsDelegates.detailedHelp(0, sb);
- }
+
+ private static ListDelegates lsDelegates;
+
+ @BeforeClass
+ public static void setUp () throws NoSuchFieldException, SecurityException, Exception, IllegalAccessException {
+ AAFcli cli = JU_AAFCli.getAAfCli();
+ User usr = new User(cli);
+ List parent = new List(usr);
+ lsDelegates = new ListDelegates(parent);
+
+ }
+
+// @Test
+// public void exec() {
+// try {
+// assertEquals(lsDelegates._exec(0, "add","del","reset","extend","clear", "rename", "create"),500);
+// } catch (CadiException e) {
+//
+// e.printStackTrace();
+// } catch (APIException e) {
+//
+// e.printStackTrace();
+// } catch (LocatorException e) {
+//
+// e.printStackTrace();
+// }
+// }
+
+ @Test
+ public void testDetailedHelp() {
+ StringBuilder sb = new StringBuilder();
+ lsDelegates.detailedHelp(0, sb);
+ }
}
diff --git a/auth/auth-cmd/src/test/java/org/onap/aaf/auth/cmd/test/user/JU_ListForCreds.java b/auth/auth-cmd/src/test/java/org/onap/aaf/auth/cmd/test/user/JU_ListForCreds.java
index 89364b2b..08d5f5c4 100644
--- a/auth/auth-cmd/src/test/java/org/onap/aaf/auth/cmd/test/user/JU_ListForCreds.java
+++ b/auth/auth-cmd/src/test/java/org/onap/aaf/auth/cmd/test/user/JU_ListForCreds.java
@@ -56,49 +56,49 @@ import org.onap.aaf.misc.env.APIException;
@RunWith(MockitoJUnitRunner.class)
public class JU_ListForCreds {
-
- private static ListForCreds lsForCreds;
- User user;
- PropAccess prop;
- AuthzEnv aEnv;
- Writer wtr;
- Locator<URI> loc;
- HMangr hman;
- AAFcli aafcli;
-
- @Before
- public void setUp () throws NoSuchFieldException, SecurityException, Exception, IllegalAccessException {
- prop = new PropAccess();
- aEnv = new AuthzEnv();
- wtr = mock(Writer.class);
- loc = mock(Locator.class);
- SecuritySetter<HttpURLConnection> secSet = mock(SecuritySetter.class);
- hman = new HMangr(aEnv, loc);
- aafcli = new AAFcli(prop, aEnv, wtr, hman, null, secSet);
- User usr = new User(aafcli);
- List parent = new List(usr);
- lsForCreds = new ListForCreds(parent);
-
- }
-
- @Test
- public void testExec() throws APIException, LocatorException, CadiException, URISyntaxException {
- Item value = mock(Item.class);
- Locator.Item item = new Locator.Item() {
- };
- when(loc.best()).thenReturn(value);
- URI uri = new URI("http://www.oracle.com/technetwork/java/index.html");
- when(loc.get(value)).thenReturn(uri);
- SecuritySetter<HttpURLConnection> secSet = mock(SecuritySetter.class);
- HRcli hcli = new HRcli(hman, uri, item, secSet);
- String[] strArr = {"ns","id","ns","id"};
- //lsForCreds._exec(0, strArr);
+
+ private static ListForCreds lsForCreds;
+ User user;
+ PropAccess prop;
+ AuthzEnv aEnv;
+ Writer wtr;
+ Locator<URI> loc;
+ HMangr hman;
+ AAFcli aafcli;
+
+ @Before
+ public void setUp () throws NoSuchFieldException, SecurityException, Exception, IllegalAccessException {
+ prop = new PropAccess();
+ aEnv = new AuthzEnv();
+ wtr = mock(Writer.class);
+ loc = mock(Locator.class);
+ SecuritySetter<HttpURLConnection> secSet = mock(SecuritySetter.class);
+ hman = new HMangr(aEnv, loc);
+ aafcli = new AAFcli(prop, aEnv, wtr, hman, null, secSet);
+ User usr = new User(aafcli);
+ List parent = new List(usr);
+ lsForCreds = new ListForCreds(parent);
+
+ }
+
+ @Test
+ public void testExec() throws APIException, LocatorException, CadiException, URISyntaxException {
+ Item value = mock(Item.class);
+ Locator.Item item = new Locator.Item() {
+ };
+ when(loc.best()).thenReturn(value);
+ URI uri = new URI("http://www.oracle.com/technetwork/java/index.html");
+ when(loc.get(value)).thenReturn(uri);
+ SecuritySetter<HttpURLConnection> secSet = mock(SecuritySetter.class);
+ HRcli hcli = new HRcli(hman, uri, item, secSet);
+ String[] strArr = {"ns","id","ns","id"};
+ //lsForCreds._exec(0, strArr);
- }
-
- @Test
- public void testDetailedHelp() {
- StringBuilder sb = new StringBuilder();
- lsForCreds.detailedHelp(0, sb);
- }
+ }
+
+ @Test
+ public void testDetailedHelp() {
+ StringBuilder sb = new StringBuilder();
+ lsForCreds.detailedHelp(0, sb);
+ }
}
diff --git a/auth/auth-cmd/src/test/java/org/onap/aaf/auth/cmd/test/user/JU_ListForPermission.java b/auth/auth-cmd/src/test/java/org/onap/aaf/auth/cmd/test/user/JU_ListForPermission.java
index bebd7eca..0cc20550 100644
--- a/auth/auth-cmd/src/test/java/org/onap/aaf/auth/cmd/test/user/JU_ListForPermission.java
+++ b/auth/auth-cmd/src/test/java/org/onap/aaf/auth/cmd/test/user/JU_ListForPermission.java
@@ -40,37 +40,37 @@ import org.onap.aaf.misc.env.APIException;
@RunWith(MockitoJUnitRunner.class)
public class JU_ListForPermission {
-
- private static ListForPermission lsForPermission;
-
- @BeforeClass
- public static void setUp () throws NoSuchFieldException, SecurityException, Exception, IllegalAccessException {
- AAFcli cli = JU_AAFCli.getAAfCli();
- User usr = new User(cli);
- List parent = new List(usr);
- lsForPermission = new ListForPermission(parent);
-
- }
-
-// @Test
-// public void exec() {
-// try {
-// assertEquals(lsForPermission._exec(0, "add","del","reset","extend","clear", "rename", "create"),500);
-// } catch (CadiException e) {
-//
-// e.printStackTrace();
-// } catch (APIException e) {
-//
-// e.printStackTrace();
-// } catch (LocatorException e) {
-//
-// e.printStackTrace();
-// }
-// }
-
- @Test
- public void testDetailedHelp() {
- StringBuilder sb = new StringBuilder();
- lsForPermission.detailedHelp(0, sb);
- }
+
+ private static ListForPermission lsForPermission;
+
+ @BeforeClass
+ public static void setUp () throws NoSuchFieldException, SecurityException, Exception, IllegalAccessException {
+ AAFcli cli = JU_AAFCli.getAAfCli();
+ User usr = new User(cli);
+ List parent = new List(usr);
+ lsForPermission = new ListForPermission(parent);
+
+ }
+
+// @Test
+// public void exec() {
+// try {
+// assertEquals(lsForPermission._exec(0, "add","del","reset","extend","clear", "rename", "create"),500);
+// } catch (CadiException e) {
+//
+// e.printStackTrace();
+// } catch (APIException e) {
+//
+// e.printStackTrace();
+// } catch (LocatorException e) {
+//
+// e.printStackTrace();
+// }
+// }
+
+ @Test
+ public void testDetailedHelp() {
+ StringBuilder sb = new StringBuilder();
+ lsForPermission.detailedHelp(0, sb);
+ }
}
diff --git a/auth/auth-cmd/src/test/java/org/onap/aaf/auth/cmd/test/user/JU_ListForRoles.java b/auth/auth-cmd/src/test/java/org/onap/aaf/auth/cmd/test/user/JU_ListForRoles.java
index 457c1987..62b05150 100644
--- a/auth/auth-cmd/src/test/java/org/onap/aaf/auth/cmd/test/user/JU_ListForRoles.java
+++ b/auth/auth-cmd/src/test/java/org/onap/aaf/auth/cmd/test/user/JU_ListForRoles.java
@@ -40,37 +40,37 @@ import org.onap.aaf.misc.env.APIException;
@RunWith(MockitoJUnitRunner.class)
public class JU_ListForRoles {
-
- private static ListForRoles lsForRoles;
-
- @BeforeClass
- public static void setUp () throws NoSuchFieldException, SecurityException, Exception, IllegalAccessException {
- AAFcli cli = JU_AAFCli.getAAfCli();
- User usr = new User(cli);
- List parent = new List(usr);
- lsForRoles = new ListForRoles(parent);
-
- }
-
-// @Test
-// public void exec() {
-// try {
-// assertEquals(lsForRoles._exec(0, "add","del","reset","extend","clear", "rename", "create"),500);
-// } catch (CadiException e) {
-//
-// e.printStackTrace();
-// } catch (APIException e) {
-//
-// e.printStackTrace();
-// } catch (LocatorException e) {
-//
-// e.printStackTrace();
-// }
-// }
-
- @Test
- public void testDetailedHelp() {
- StringBuilder sb = new StringBuilder();
- lsForRoles.detailedHelp(0, sb);
- }
+
+ private static ListForRoles lsForRoles;
+
+ @BeforeClass
+ public static void setUp () throws NoSuchFieldException, SecurityException, Exception, IllegalAccessException {
+ AAFcli cli = JU_AAFCli.getAAfCli();
+ User usr = new User(cli);
+ List parent = new List(usr);
+ lsForRoles = new ListForRoles(parent);
+
+ }
+
+// @Test
+// public void exec() {
+// try {
+// assertEquals(lsForRoles._exec(0, "add","del","reset","extend","clear", "rename", "create"),500);
+// } catch (CadiException e) {
+//
+// e.printStackTrace();
+// } catch (APIException e) {
+//
+// e.printStackTrace();
+// } catch (LocatorException e) {
+//
+// e.printStackTrace();
+// }
+// }
+
+ @Test
+ public void testDetailedHelp() {
+ StringBuilder sb = new StringBuilder();
+ lsForRoles.detailedHelp(0, sb);
+ }
}
diff --git a/auth/auth-cmd/src/test/java/org/onap/aaf/auth/cmd/test/user/JU_Role.java b/auth/auth-cmd/src/test/java/org/onap/aaf/auth/cmd/test/user/JU_Role.java
index 2799f93d..ce490819 100644
--- a/auth/auth-cmd/src/test/java/org/onap/aaf/auth/cmd/test/user/JU_Role.java
+++ b/auth/auth-cmd/src/test/java/org/onap/aaf/auth/cmd/test/user/JU_Role.java
@@ -55,57 +55,57 @@ import org.onap.aaf.misc.env.APIException;
@RunWith(MockitoJUnitRunner.class)
public class JU_Role {
-
- private static Role role;
- User user;
- PropAccess prop;
- AuthzEnv aEnv;
- Writer wtr;
- Locator<URI> loc;
- HMangr hman;
- AAFcli aafcli;
-
- @Before
- public void setUp () throws NoSuchFieldException, SecurityException, Exception, IllegalAccessException {
- prop = new PropAccess();
- aEnv = new AuthzEnv();
- wtr = mock(Writer.class);
- loc = mock(Locator.class);
- SecuritySetter<HttpURLConnection> secSet = mock(SecuritySetter.class);
- hman = new HMangr(aEnv, loc);
- aafcli = new AAFcli(prop, aEnv, wtr, hman, null, secSet);
- User usr = new User(aafcli);
- role = new Role(usr);
-
- }
-
- @Test
- public void testExec() throws APIException, LocatorException, CadiException, URISyntaxException {
- Item value = mock(Item.class);
- Locator.Item item = new Locator.Item() {
- };
- when(loc.best()).thenReturn(value);
- URI uri = new URI("http://www.oracle.com/technetwork/java/index.html");
- when(loc.get(value)).thenReturn(uri);
- SecuritySetter<HttpURLConnection> secSet = mock(SecuritySetter.class);
-// HRcli hcli = new HRcli(hman, uri, item, secSet);
-// String[] strArr = {"add", "del", "setTo","extend", "del", "setTo","extend"};
-// Assert.assertEquals(200, role._exec(0, strArr));
-//
-// String[] strArr1 = { "del", "setTo","extend","add", "del", "setTo","extend"};
-// Assert.assertEquals(501, role._exec(0, strArr1));
-//
-// String[] strArr2 = {"setTo","extend","add", "del", "del", "setTo","extend" };
-// Assert.assertEquals(501, role._exec(0, strArr2));
-//
-// String[] strArr3 = {"extend","add", "del","setTo", "del", "setTo","extend" };
-// Assert.assertEquals(501, role._exec(0, strArr3));
+
+ private static Role role;
+ User user;
+ PropAccess prop;
+ AuthzEnv aEnv;
+ Writer wtr;
+ Locator<URI> loc;
+ HMangr hman;
+ AAFcli aafcli;
+
+ @Before
+ public void setUp () throws NoSuchFieldException, SecurityException, Exception, IllegalAccessException {
+ prop = new PropAccess();
+ aEnv = new AuthzEnv();
+ wtr = mock(Writer.class);
+ loc = mock(Locator.class);
+ SecuritySetter<HttpURLConnection> secSet = mock(SecuritySetter.class);
+ hman = new HMangr(aEnv, loc);
+ aafcli = new AAFcli(prop, aEnv, wtr, hman, null, secSet);
+ User usr = new User(aafcli);
+ role = new Role(usr);
+
+ }
+
+ @Test
+ public void testExec() throws APIException, LocatorException, CadiException, URISyntaxException {
+ Item value = mock(Item.class);
+ Locator.Item item = new Locator.Item() {
+ };
+ when(loc.best()).thenReturn(value);
+ URI uri = new URI("http://www.oracle.com/technetwork/java/index.html");
+ when(loc.get(value)).thenReturn(uri);
+ SecuritySetter<HttpURLConnection> secSet = mock(SecuritySetter.class);
+// HRcli hcli = new HRcli(hman, uri, item, secSet);
+// String[] strArr = {"add", "del", "setTo","extend", "del", "setTo","extend"};
+// Assert.assertEquals(200, role._exec(0, strArr));
+//
+// String[] strArr1 = { "del", "setTo","extend","add", "del", "setTo","extend"};
+// Assert.assertEquals(501, role._exec(0, strArr1));
+//
+// String[] strArr2 = {"setTo","extend","add", "del", "del", "setTo","extend" };
+// Assert.assertEquals(501, role._exec(0, strArr2));
+//
+// String[] strArr3 = {"extend","add", "del","setTo", "del", "setTo","extend" };
+// Assert.assertEquals(501, role._exec(0, strArr3));
- }
-
- @Test
- public void testDetailedHelp() {
- StringBuilder sb = new StringBuilder();
- role.detailedHelp(0, sb);
- }
+ }
+
+ @Test
+ public void testDetailedHelp() {
+ StringBuilder sb = new StringBuilder();
+ role.detailedHelp(0, sb);
+ }
}
diff --git a/auth/auth-core/src/main/java/org/onap/aaf/auth/cache/Cache.java b/auth/auth-core/src/main/java/org/onap/aaf/auth/cache/Cache.java
index 9d48ecbe..13aa04fd 100644
--- a/auth/auth-core/src/main/java/org/onap/aaf/auth/cache/Cache.java
+++ b/auth/auth-core/src/main/java/org/onap/aaf/auth/cache/Cache.java
@@ -45,156 +45,156 @@ import org.onap.aaf.misc.env.Trans;
* @param <DATA>
*/
public class Cache<TRANS extends Trans, DATA> {
- private static Clean clean;
- private static Timer cleanseTimer;
-
- public static final String CACHE_HIGH_COUNT = "CACHE_HIGH_COUNT";
- public static final String CACHE_CLEAN_INTERVAL = "CACHE_CLEAN_INTERVAL";
-
- private static final Map<String,Map<String,Dated>> cacheMap;
-
- static {
- cacheMap = new HashMap<>();
- }
-
- /**
- * Dated Class - store any Data with timestamp
- *
- * @author Jonathan
- *
- */
- public static final class Dated {
- public Date timestamp;
- public List<?> data;
- private long expireIn;
-
- public Dated(List<?> data, long expireIn) {
- timestamp = new Date(System.currentTimeMillis()+expireIn);
- this.data = data;
- this.expireIn = expireIn;
- }
-
- public <T> Dated(T t, long expireIn) {
- timestamp = new Date(System.currentTimeMillis()+expireIn);
- ArrayList<T> al = new ArrayList<>(1);
- al.add(t);
- data = al;
- this.expireIn = expireIn;
- }
-
- public void touch() {
- timestamp = new Date(System.currentTimeMillis()+expireIn);
- }
- }
-
- public static Map<String,Dated> obtain(String key) {
- Map<String, Dated> m = cacheMap.get(key);
- if(m==null) {
- m = new ConcurrentHashMap<>();
- synchronized(cacheMap) {
- cacheMap.put(key, m);
- }
- }
- return m;
- }
-
- /**
- * Clean will examine resources, and remove those that have expired.
- *
- * If "highs" have been exceeded, then we'll expire 10% more the next time. This will adjust after each run
- * without checking contents more than once, making a good average "high" in the minimum speed.
- *
- * @author Jonathan
- *
- */
- private static final class Clean extends TimerTask {
- private final Env env;
- private Set<String> set;
-
- // The idea here is to not be too restrictive on a high, but to Expire more items by
- // shortening the time to expire. This is done by judiciously incrementing "advance"
- // when the "highs" are exceeded. This effectively reduces numbers of cached items quickly.
- private final int high;
- private long advance;
- private final long timeInterval;
-
- public Clean(Env env, long cleanInterval, int highCount) {
- this.env = env;
- high = highCount;
- timeInterval = cleanInterval;
- advance = 0;
- set = new HashSet<>();
- }
-
- public synchronized void add(String key) {
- set.add(key);
- }
-
- public void run() {
- int count = 0;
- int total = 0;
- // look at now. If we need to expire more by increasing "now" by "advance"
- Date now = new Date(System.currentTimeMillis() + advance);
-
-
- for(String name : set) {
- Map<String,Dated> map = cacheMap.get(name);
- if(map==null) {
- continue;
- }
-
- for(Map.Entry<String,Dated> me : map.entrySet()) {
- ++total;
- if (me.getValue().timestamp.before(now)) {
- map.remove(me.getKey());
- ++count;
- }
- }
- }
-
- if(count>0) {
- env.info().log(Level.INFO, "Cache removed",count,"expired Cached Elements out of", total);
- }
-
- // If High (total) is reached during this period, increase the number of expired services removed for next time.
- // There's no point doing it again here, as there should have been cleaned items.
- if(total>high) {
- // advance cleanup by 10%, without getting greater than timeInterval.
- advance = Math.min(timeInterval, advance+(timeInterval/10));
- } else {
- // reduce advance by 10%, without getting lower than 0.
- advance = Math.max(0, advance-(timeInterval/10));
- }
- }
- }
-
- public static synchronized void startCleansing(Env env, String ... keys) {
- if(cleanseTimer==null) {
- cleanseTimer = new Timer("Cache Cleanup Timer");
- int cleanInterval = Integer.parseInt(env.getProperty(CACHE_CLEAN_INTERVAL,"60000")); // 1 minute clean cycles
- int highCount = Integer.parseInt(env.getProperty(CACHE_HIGH_COUNT,"5000"));
- cleanseTimer.schedule(clean = new Clean(env, cleanInterval, highCount), cleanInterval, cleanInterval);
- }
-
- for(String key : keys) {
- clean.add(key);
- }
- }
-
- public static void stopTimer() {
- if(cleanseTimer!=null) {
- cleanseTimer.cancel();
- cleanseTimer = null;
- }
- }
-
- public static void addShutdownHook() {
- Runtime.getRuntime().addShutdownHook(new Thread() {
- @Override
- public void run() {
- Cache.stopTimer();
- }
- });
- }
+ private static Clean clean;
+ private static Timer cleanseTimer;
+
+ public static final String CACHE_HIGH_COUNT = "CACHE_HIGH_COUNT";
+ public static final String CACHE_CLEAN_INTERVAL = "CACHE_CLEAN_INTERVAL";
+
+ private static final Map<String,Map<String,Dated>> cacheMap;
+
+ static {
+ cacheMap = new HashMap<>();
+ }
+
+ /**
+ * Dated Class - store any Data with timestamp
+ *
+ * @author Jonathan
+ *
+ */
+ public static final class Dated {
+ public Date timestamp;
+ public List<?> data;
+ private long expireIn;
+
+ public Dated(List<?> data, long expireIn) {
+ timestamp = new Date(System.currentTimeMillis()+expireIn);
+ this.data = data;
+ this.expireIn = expireIn;
+ }
+
+ public <T> Dated(T t, long expireIn) {
+ timestamp = new Date(System.currentTimeMillis()+expireIn);
+ ArrayList<T> al = new ArrayList<>(1);
+ al.add(t);
+ data = al;
+ this.expireIn = expireIn;
+ }
+
+ public void touch() {
+ timestamp = new Date(System.currentTimeMillis()+expireIn);
+ }
+ }
+
+ public static Map<String,Dated> obtain(String key) {
+ Map<String, Dated> m = cacheMap.get(key);
+ if(m==null) {
+ m = new ConcurrentHashMap<>();
+ synchronized(cacheMap) {
+ cacheMap.put(key, m);
+ }
+ }
+ return m;
+ }
+
+ /**
+ * Clean will examine resources, and remove those that have expired.
+ *
+ * If "highs" have been exceeded, then we'll expire 10% more the next time. This will adjust after each run
+ * without checking contents more than once, making a good average "high" in the minimum speed.
+ *
+ * @author Jonathan
+ *
+ */
+ private static final class Clean extends TimerTask {
+ private final Env env;
+ private Set<String> set;
+
+ // The idea here is to not be too restrictive on a high, but to Expire more items by
+ // shortening the time to expire. This is done by judiciously incrementing "advance"
+ // when the "highs" are exceeded. This effectively reduces numbers of cached items quickly.
+ private final int high;
+ private long advance;
+ private final long timeInterval;
+
+ public Clean(Env env, long cleanInterval, int highCount) {
+ this.env = env;
+ high = highCount;
+ timeInterval = cleanInterval;
+ advance = 0;
+ set = new HashSet<>();
+ }
+
+ public synchronized void add(String key) {
+ set.add(key);
+ }
+
+ public void run() {
+ int count = 0;
+ int total = 0;
+ // look at now. If we need to expire more by increasing "now" by "advance"
+ Date now = new Date(System.currentTimeMillis() + advance);
+
+
+ for(String name : set) {
+ Map<String,Dated> map = cacheMap.get(name);
+ if(map==null) {
+ continue;
+ }
+
+ for(Map.Entry<String,Dated> me : map.entrySet()) {
+ ++total;
+ if (me.getValue().timestamp.before(now)) {
+ map.remove(me.getKey());
+ ++count;
+ }
+ }
+ }
+
+ if(count>0) {
+ env.info().log(Level.INFO, "Cache removed",count,"expired Cached Elements out of", total);
+ }
+
+ // If High (total) is reached during this period, increase the number of expired services removed for next time.
+ // There's no point doing it again here, as there should have been cleaned items.
+ if(total>high) {
+ // advance cleanup by 10%, without getting greater than timeInterval.
+ advance = Math.min(timeInterval, advance+(timeInterval/10));
+ } else {
+ // reduce advance by 10%, without getting lower than 0.
+ advance = Math.max(0, advance-(timeInterval/10));
+ }
+ }
+ }
+
+ public static synchronized void startCleansing(Env env, String ... keys) {
+ if(cleanseTimer==null) {
+ cleanseTimer = new Timer("Cache Cleanup Timer");
+ int cleanInterval = Integer.parseInt(env.getProperty(CACHE_CLEAN_INTERVAL,"60000")); // 1 minute clean cycles
+ int highCount = Integer.parseInt(env.getProperty(CACHE_HIGH_COUNT,"5000"));
+ cleanseTimer.schedule(clean = new Clean(env, cleanInterval, highCount), cleanInterval, cleanInterval);
+ }
+
+ for(String key : keys) {
+ clean.add(key);
+ }
+ }
+
+ public static void stopTimer() {
+ if(cleanseTimer!=null) {
+ cleanseTimer.cancel();
+ cleanseTimer = null;
+ }
+ }
+
+ public static void addShutdownHook() {
+ Runtime.getRuntime().addShutdownHook(new Thread() {
+ @Override
+ public void run() {
+ Cache.stopTimer();
+ }
+ });
+ }
}
diff --git a/auth/auth-core/src/main/java/org/onap/aaf/auth/common/Define.java b/auth/auth-core/src/main/java/org/onap/aaf/auth/common/Define.java
index ce0033cc..606e7735 100644
--- a/auth/auth-core/src/main/java/org/onap/aaf/auth/common/Define.java
+++ b/auth/auth-core/src/main/java/org/onap/aaf/auth/common/Define.java
@@ -29,60 +29,60 @@ import org.onap.aaf.cadi.Access.Level;
import org.onap.aaf.cadi.config.Config;
public class Define {
- private static String ROOT_NS = null;
- private static String ROOT_COMPANY = null;
- private static boolean initialized = false;
+ private static String ROOT_NS = null;
+ private static String ROOT_COMPANY = null;
+ private static boolean initialized = false;
- private final static String MSG = ".set(Access access) must be called before use";
- public static final CharSequence ROOT_NS_TAG = "AAF_NS"; // use for certain Replacements in Location
- private static final String ROOT_NS_TAG_DOT = ROOT_NS_TAG +".";
+ private final static String MSG = ".set(Access access) must be called before use";
+ public static final CharSequence ROOT_NS_TAG = "AAF_NS"; // use for certain Replacements in Location
+ private static final String ROOT_NS_TAG_DOT = ROOT_NS_TAG +".";
- public static String ROOT_NS() {
- if(ROOT_NS==null) {
- throw new RuntimeException(Define.class.getName() + MSG);
- }
- return ROOT_NS;
- }
-
- public static String ROOT_COMPANY() {
- if(ROOT_NS==null) {
- throw new RuntimeException(Define.class.getName() + MSG);
- }
- return ROOT_COMPANY;
- }
-
- public static void set(Access access) throws CadiException {
- ROOT_NS = access.getProperty(Config.AAF_ROOT_NS,"org.osaaf.aaf");
- ROOT_COMPANY = access.getProperty(Config.AAF_ROOT_COMPANY,null);
- if(ROOT_COMPANY==null) {
- int last = ROOT_NS.lastIndexOf('.');
- if(last>=0) {
- ROOT_COMPANY = ROOT_NS.substring(0, last);
- } else {
- throw new CadiException(Config.AAF_ROOT_COMPANY + " or " + Config.AAF_ROOT_NS + " property with 3 positions is required.");
- }
- }
-
- for( Entry<Object, Object> es : access.getProperties().entrySet()) {
- if(es.getKey().toString().startsWith(ROOT_NS_TAG_DOT)) {
- access.getProperties().setProperty(es.getKey().toString(),varReplace(es.getValue().toString()));
- }
- }
+ public static String ROOT_NS() {
+ if(ROOT_NS==null) {
+ throw new RuntimeException(Define.class.getName() + MSG);
+ }
+ return ROOT_NS;
+ }
+
+ public static String ROOT_COMPANY() {
+ if(ROOT_NS==null) {
+ throw new RuntimeException(Define.class.getName() + MSG);
+ }
+ return ROOT_COMPANY;
+ }
+
+ public static void set(Access access) throws CadiException {
+ ROOT_NS = access.getProperty(Config.AAF_ROOT_NS,"org.osaaf.aaf");
+ ROOT_COMPANY = access.getProperty(Config.AAF_ROOT_COMPANY,null);
+ if(ROOT_COMPANY==null) {
+ int last = ROOT_NS.lastIndexOf('.');
+ if(last>=0) {
+ ROOT_COMPANY = ROOT_NS.substring(0, last);
+ } else {
+ throw new CadiException(Config.AAF_ROOT_COMPANY + " or " + Config.AAF_ROOT_NS + " property with 3 positions is required.");
+ }
+ }
+
+ for( Entry<Object, Object> es : access.getProperties().entrySet()) {
+ if(es.getKey().toString().startsWith(ROOT_NS_TAG_DOT)) {
+ access.getProperties().setProperty(es.getKey().toString(),varReplace(es.getValue().toString()));
+ }
+ }
- initialized = true;
- access.printf(Level.INIT,"AAF Root NS is %s, and AAF Company Root is %s",ROOT_NS,ROOT_COMPANY);
- }
+ initialized = true;
+ access.printf(Level.INIT,"AAF Root NS is %s, and AAF Company Root is %s",ROOT_NS,ROOT_COMPANY);
+ }
- public static String varReplace(final String potential) {
- if(potential.startsWith(ROOT_NS_TAG_DOT)) {
- return ROOT_NS + potential.substring(6);
- } else {
- return potential;
- }
- }
+ public static String varReplace(final String potential) {
+ if(potential.startsWith(ROOT_NS_TAG_DOT)) {
+ return ROOT_NS + potential.substring(6);
+ } else {
+ return potential;
+ }
+ }
- public static boolean isInitialized() {
- return initialized;
- }
-
+ public static boolean isInitialized() {
+ return initialized;
+ }
+
}
diff --git a/auth/auth-core/src/main/java/org/onap/aaf/auth/env/AuthzEnv.java b/auth/auth-core/src/main/java/org/onap/aaf/auth/env/AuthzEnv.java
index a396cd98..70cee5c3 100644
--- a/auth/auth-core/src/main/java/org/onap/aaf/auth/env/AuthzEnv.java
+++ b/auth/auth-core/src/main/java/org/onap/aaf/auth/env/AuthzEnv.java
@@ -47,245 +47,245 @@ import org.onap.aaf.misc.rosetta.env.RosettaEnv;
*
*/
public class AuthzEnv extends RosettaEnv implements Access {
- private long[] times = new long[20];
- private int idx = 0;
- private PropAccess access;
+ private long[] times = new long[20];
+ private int idx = 0;
+ private PropAccess access;
- public AuthzEnv() {
- super();
- _init(new PropAccess());
- }
+ public AuthzEnv() {
+ super();
+ _init(new PropAccess());
+ }
- public AuthzEnv(String ... args) {
- super();
- _init(new PropAccess(args));
- }
+ public AuthzEnv(String ... args) {
+ super();
+ _init(new PropAccess(args));
+ }
- public AuthzEnv(Properties props) {
- super();
- _init(new PropAccess(props));
- }
-
+ public AuthzEnv(Properties props) {
+ super();
+ _init(new PropAccess(props));
+ }
+
- public AuthzEnv(PropAccess pa) {
- super();
- _init(pa);
- }
-
- private final void _init(PropAccess pa) {
- access = pa;
- times = new long[20];
- idx = 0;
- fatal = new AccessLogTarget(access, Level.ERROR);
- error = fatal;
- audit = new AccessLogTarget(access, Level.AUDIT);
- init = new AccessLogTarget(access, Level.INIT);
- warn = new AccessLogTarget(access, Level.WARN);
- info = new AccessLogTarget(access, Level.INFO);
- debug = new AccessLogTarget(access, Level.DEBUG);
- trace = new AccessLogTarget(access, Level.TRACE);
- }
-
- private class AccessLogTarget implements LogTarget {
- private final Level level;
- private final Access access;
-
- public AccessLogTarget(final Access access, final Level level) {
- this.level = level;
- this.access = access;
- }
-
- @Override
- public void log(Object... msgs) {
- access.log(level, msgs);
- }
+ public AuthzEnv(PropAccess pa) {
+ super();
+ _init(pa);
+ }
+
+ private final void _init(PropAccess pa) {
+ access = pa;
+ times = new long[20];
+ idx = 0;
+ fatal = new AccessLogTarget(access, Level.ERROR);
+ error = fatal;
+ audit = new AccessLogTarget(access, Level.AUDIT);
+ init = new AccessLogTarget(access, Level.INIT);
+ warn = new AccessLogTarget(access, Level.WARN);
+ info = new AccessLogTarget(access, Level.INFO);
+ debug = new AccessLogTarget(access, Level.DEBUG);
+ trace = new AccessLogTarget(access, Level.TRACE);
+ }
+
+ private class AccessLogTarget implements LogTarget {
+ private final Level level;
+ private final Access access;
+
+ public AccessLogTarget(final Access access, final Level level) {
+ this.level = level;
+ this.access = access;
+ }
+
+ @Override
+ public void log(Object... msgs) {
+ access.log(level, msgs);
+ }
- @Override
- public void log(Throwable e, Object... msgs) {
- access.log(Level.ERROR, msgs);
- }
+ @Override
+ public void log(Throwable e, Object... msgs) {
+ access.log(Level.ERROR, msgs);
+ }
- @Override
- public boolean isLoggable() {
- return access.willLog(level);
- }
+ @Override
+ public boolean isLoggable() {
+ return access.willLog(level);
+ }
- @Override
- public void printf(String fmt, Object... vars) {
- access.printf(level, fmt, vars);
- }
-
- }
- @Override
- public AuthzTransImpl newTrans() {
- synchronized(this) {
- times[idx]=System.currentTimeMillis();
- if(++idx>=times.length)idx=0;
- }
- return new AuthzTransImpl(this);
- }
+ @Override
+ public void printf(String fmt, Object... vars) {
+ access.printf(level, fmt, vars);
+ }
+
+ }
+ @Override
+ public AuthzTransImpl newTrans() {
+ synchronized(this) {
+ times[idx]=System.currentTimeMillis();
+ if(++idx>=times.length)idx=0;
+ }
+ return new AuthzTransImpl(this);
+ }
- /**
- * Create a Trans, but do not include in Weighted Average
- * @return
- */
- public AuthzTrans newTransNoAvg() {
- return new AuthzTransImpl(this);
- }
+ /**
+ * Create a Trans, but do not include in Weighted Average
+ * @return
+ */
+ public AuthzTrans newTransNoAvg() {
+ return new AuthzTransImpl(this);
+ }
- public long transRate() {
- int count = 0;
- long pot = 0;
- long prev = 0;
- for(int i=idx;i<times.length;++i) {
- if(times[i]>0) {
- if(prev>0) {
- ++count;
- pot += times[i]-prev;
- }
- prev = times[i];
- }
- }
- for(int i=0;i<idx;++i) {
- if(times[i]>0) {
- if(prev>0) {
- ++count;
- pot += times[i]-prev;
- }
- prev = times[i];
- }
- }
+ public long transRate() {
+ int count = 0;
+ long pot = 0;
+ long prev = 0;
+ for(int i=idx;i<times.length;++i) {
+ if(times[i]>0) {
+ if(prev>0) {
+ ++count;
+ pot += times[i]-prev;
+ }
+ prev = times[i];
+ }
+ }
+ for(int i=0;i<idx;++i) {
+ if(times[i]>0) {
+ if(prev>0) {
+ ++count;
+ pot += times[i]-prev;
+ }
+ prev = times[i];
+ }
+ }
- return count==0?300000L:pot/count; // Return Weighted Avg, or 5 mins, if none avail.
- }
-
- @Override
- public ClassLoader classLoader() {
- return getClass().getClassLoader();
- }
+ return count==0?300000L:pot/count; // Return Weighted Avg, or 5 mins, if none avail.
+ }
+
+ @Override
+ public ClassLoader classLoader() {
+ return getClass().getClassLoader();
+ }
- @Override
- public void load(InputStream is) throws IOException {
- access.load(is);
- }
+ @Override
+ public void load(InputStream is) throws IOException {
+ access.load(is);
+ }
- @Override
- public void log(Level lvl, Object... msgs) {
- access.log(lvl, msgs);
- }
+ @Override
+ public void log(Level lvl, Object... msgs) {
+ access.log(lvl, msgs);
+ }
- @Override
- public void log(Exception e, Object... msgs) {
- access.log(e,msgs);
- }
+ @Override
+ public void log(Exception e, Object... msgs) {
+ access.log(e,msgs);
+ }
- @Override
- public void printf(Level level, String fmt, Object... elements) {
- access.printf(level, fmt, elements);
- }
+ @Override
+ public void printf(Level level, String fmt, Object... elements) {
+ access.printf(level, fmt, elements);
+ }
- /* (non-Javadoc)
- * @see org.onap.aaf.cadi.Access#willLog(org.onap.aaf.cadi.Access.Level)
- */
- @Override
- public boolean willLog(Level level) {
- return access.willLog(level);
- }
+ /* (non-Javadoc)
+ * @see org.onap.aaf.cadi.Access#willLog(org.onap.aaf.cadi.Access.Level)
+ */
+ @Override
+ public boolean willLog(Level level) {
+ return access.willLog(level);
+ }
- @Override
- public void setLogLevel(Level level) {
- access.setLogLevel(level);
- }
-
- private static final byte[] ENC="enc:".getBytes();
- public String decrypt(String encrypted, final boolean anytext) throws IOException {
- if(encrypted==null) {
- throw new IOException("Password to be decrypted is null");
- }
- if(anytext || encrypted.startsWith("enc:")) {
- if(decryptor.equals(Decryptor.NULL) && getProperty(Config.CADI_KEYFILE)!=null) {
- final Symm s;
- try {
- s = Symm.obtain(this);
- } catch (CadiException e1) {
- throw new IOException(e1);
- }
- decryptor = new Decryptor() {
- private Symm symm = s;
- @Override
- public String decrypt(String encrypted) {
- try {
- return (encrypted!=null && (anytext || encrypted.startsWith(Symm.ENC)))
- ? symm.depass(encrypted)
- : encrypted;
- } catch (IOException e) {
- return "";
- }
- }
- };
- encryptor = new Encryptor() {
- @Override
- public String encrypt(String data) {
- ByteArrayOutputStream baos = new ByteArrayOutputStream();
- try {
- baos.write(ENC);
- return "enc:"+s.enpass(data);
- } catch (IOException e) {
- return "";
- }
- }
-
- };
- }
- return decryptor.decrypt(encrypted);
- } else {
- return encrypted;
- }
- }
+ @Override
+ public void setLogLevel(Level level) {
+ access.setLogLevel(level);
+ }
+
+ private static final byte[] ENC="enc:".getBytes();
+ public String decrypt(String encrypted, final boolean anytext) throws IOException {
+ if(encrypted==null) {
+ throw new IOException("Password to be decrypted is null");
+ }
+ if(anytext || encrypted.startsWith("enc:")) {
+ if(decryptor.equals(Decryptor.NULL) && getProperty(Config.CADI_KEYFILE)!=null) {
+ final Symm s;
+ try {
+ s = Symm.obtain(this);
+ } catch (CadiException e1) {
+ throw new IOException(e1);
+ }
+ decryptor = new Decryptor() {
+ private Symm symm = s;
+ @Override
+ public String decrypt(String encrypted) {
+ try {
+ return (encrypted!=null && (anytext || encrypted.startsWith(Symm.ENC)))
+ ? symm.depass(encrypted)
+ : encrypted;
+ } catch (IOException e) {
+ return "";
+ }
+ }
+ };
+ encryptor = new Encryptor() {
+ @Override
+ public String encrypt(String data) {
+ ByteArrayOutputStream baos = new ByteArrayOutputStream();
+ try {
+ baos.write(ENC);
+ return "enc:"+s.enpass(data);
+ } catch (IOException e) {
+ return "";
+ }
+ }
+
+ };
+ }
+ return decryptor.decrypt(encrypted);
+ } else {
+ return encrypted;
+ }
+ }
- /* (non-Javadoc)
- * @see org.onap.aaf.misc.env.impl.BasicEnv#getProperty(java.lang.String)
- */
- @Override
- public String getProperty(String key) {
- return access.getProperty(key);
- }
+ /* (non-Javadoc)
+ * @see org.onap.aaf.misc.env.impl.BasicEnv#getProperty(java.lang.String)
+ */
+ @Override
+ public String getProperty(String key) {
+ return access.getProperty(key);
+ }
- /* (non-Javadoc)
- * @see org.onap.aaf.misc.env.impl.BasicEnv#getProperties(java.lang.String[])
- */
- @Override
- public Properties getProperties(String... filter) {
- return access.getProperties();
- }
+ /* (non-Javadoc)
+ * @see org.onap.aaf.misc.env.impl.BasicEnv#getProperties(java.lang.String[])
+ */
+ @Override
+ public Properties getProperties(String... filter) {
+ return access.getProperties();
+ }
- /* (non-Javadoc)
- * @see org.onap.aaf.misc.env.impl.BasicEnv#getProperty(java.lang.String, java.lang.String)
- */
- @Override
- public String getProperty(String key, String defaultValue) {
- return access.getProperty(key, defaultValue);
- }
+ /* (non-Javadoc)
+ * @see org.onap.aaf.misc.env.impl.BasicEnv#getProperty(java.lang.String, java.lang.String)
+ */
+ @Override
+ public String getProperty(String key, String defaultValue) {
+ return access.getProperty(key, defaultValue);
+ }
- /* (non-Javadoc)
- * @see org.onap.aaf.misc.env.impl.BasicEnv#setProperty(java.lang.String, java.lang.String)
- */
- @Override
- public String setProperty(String key, String value) {
- access.setProperty(key, value);
- return value;
- }
+ /* (non-Javadoc)
+ * @see org.onap.aaf.misc.env.impl.BasicEnv#setProperty(java.lang.String, java.lang.String)
+ */
+ @Override
+ public String setProperty(String key, String value) {
+ access.setProperty(key, value);
+ return value;
+ }
- public PropAccess access() {
- return access;
- }
+ public PropAccess access() {
+ return access;
+ }
- /* (non-Javadoc)
- * @see org.onap.aaf.cadi.Access#getProperties()
- */
- @Override
- public Properties getProperties() {
- return access.getProperties();
- };
-
+ /* (non-Javadoc)
+ * @see org.onap.aaf.cadi.Access#getProperties()
+ */
+ @Override
+ public Properties getProperties() {
+ return access.getProperties();
+ };
+
}
diff --git a/auth/auth-core/src/main/java/org/onap/aaf/auth/env/AuthzTrans.java b/auth/auth-core/src/main/java/org/onap/aaf/auth/env/AuthzTrans.java
index bd66ff66..5f7fa410 100644
--- a/auth/auth-core/src/main/java/org/onap/aaf/auth/env/AuthzTrans.java
+++ b/auth/auth-core/src/main/java/org/onap/aaf/auth/env/AuthzTrans.java
@@ -33,46 +33,46 @@ import org.onap.aaf.misc.env.LogTarget;
import org.onap.aaf.misc.env.TransStore;
public interface AuthzTrans extends TransStore {
- public enum REQD_TYPE {future(1),force(2),move(4),ns(8);
- public final int bit;
+ public enum REQD_TYPE {future(1),force(2),move(4),ns(8);
+ public final int bit;
- REQD_TYPE(int bit) {
- this.bit = bit;
- }
- };
-
- public abstract AuthzTrans set(HttpServletRequest req);
+ REQD_TYPE(int bit) {
+ this.bit = bit;
+ }
+ };
+
+ public abstract AuthzTrans set(HttpServletRequest req);
- public abstract String user();
+ public abstract String user();
- public abstract void setUser(TaggedPrincipal p);
-
- public abstract TaggedPrincipal getUserPrincipal();
+ public abstract void setUser(TaggedPrincipal p);
+
+ public abstract TaggedPrincipal getUserPrincipal();
- public abstract String ip();
+ public abstract String ip();
- public abstract int port();
+ public abstract int port();
- public abstract String meth();
+ public abstract String meth();
- public abstract String path();
+ public abstract String path();
- public abstract String agent();
-
- public abstract AuthzEnv env();
+ public abstract String agent();
+
+ public abstract AuthzEnv env();
- public abstract void setLur(Lur lur);
+ public abstract void setLur(Lur lur);
- public abstract boolean fish(Permission ... p);
-
- public abstract Organization org();
+ public abstract boolean fish(Permission ... p);
+
+ public abstract Organization org();
- public abstract boolean requested(REQD_TYPE requested);
-
- public void requested(REQD_TYPE requested, boolean b);
-
- public abstract void logAuditTrail(LogTarget lt);
-
- public abstract Date now();
+ public abstract boolean requested(REQD_TYPE requested);
+
+ public void requested(REQD_TYPE requested, boolean b);
+
+ public abstract void logAuditTrail(LogTarget lt);
+
+ public abstract Date now();
} \ No newline at end of file
diff --git a/auth/auth-core/src/main/java/org/onap/aaf/auth/env/AuthzTransFilter.java b/auth/auth-core/src/main/java/org/onap/aaf/auth/env/AuthzTransFilter.java
index 531e40ab..06fd310e 100644
--- a/auth/auth-core/src/main/java/org/onap/aaf/auth/env/AuthzTransFilter.java
+++ b/auth/auth-core/src/main/java/org/onap/aaf/auth/env/AuthzTransFilter.java
@@ -40,144 +40,144 @@ import org.onap.aaf.misc.env.TimeTaken;
import org.onap.aaf.misc.env.Trans.Metric;
public class AuthzTransFilter extends TransFilter<AuthzTrans> {
- private AuthzEnv env;
- public Metric serviceMetric;
- public static Slot transIDslot,specialLogSlot;
+ private AuthzEnv env;
+ public Metric serviceMetric;
+ public static Slot transIDslot,specialLogSlot;
- public static final String TRANS_ID_SLOT = "TRANS_ID_SLOT";
- public static final String SPECIAL_LOG_SLOT = "SPECIAL_LOG_SLOT";
+ public static final String TRANS_ID_SLOT = "TRANS_ID_SLOT";
+ public static final String SPECIAL_LOG_SLOT = "SPECIAL_LOG_SLOT";
- public static final int BUCKETSIZE = 2;
-
- public AuthzTransFilter(AuthzEnv env, Connector con, TrustChecker tc, Object ... additionalTafLurs) throws CadiException, LocatorException {
- super(env.access(),con, tc, additionalTafLurs);
- this.env = env;
- serviceMetric = new Metric();
- serviceMetric.buckets = new float[BUCKETSIZE];
- if(transIDslot==null) {
- transIDslot = env.slot(TRANS_ID_SLOT);
- }
- if(specialLogSlot==null) {
- specialLogSlot = env.slot(SPECIAL_LOG_SLOT);
- }
- }
-
- @Override
- protected AuthzTrans newTrans(HttpServletRequest req) {
- AuthzTrans at = env.newTrans();
- at.setLur(getLur());
- at.set(req);
- return at;
- }
+ public static final int BUCKETSIZE = 2;
+
+ public AuthzTransFilter(AuthzEnv env, Connector con, TrustChecker tc, Object ... additionalTafLurs) throws CadiException, LocatorException {
+ super(env.access(),con, tc, additionalTafLurs);
+ this.env = env;
+ serviceMetric = new Metric();
+ serviceMetric.buckets = new float[BUCKETSIZE];
+ if(transIDslot==null) {
+ transIDslot = env.slot(TRANS_ID_SLOT);
+ }
+ if(specialLogSlot==null) {
+ specialLogSlot = env.slot(SPECIAL_LOG_SLOT);
+ }
+ }
+
+ @Override
+ protected AuthzTrans newTrans(HttpServletRequest req) {
+ AuthzTrans at = env.newTrans();
+ at.setLur(getLur());
+ at.set(req);
+ return at;
+ }
- @Override
- protected TimeTaken start(AuthzTrans trans, ServletRequest request) {
- trans.set((HttpServletRequest)request);
- return trans.start("Trans " + //(context==null?"n/a":context.toString()) +
- " IP: " + trans.ip() +
- " Port: " + trans.port()
- , Env.SUB);
- }
+ @Override
+ protected TimeTaken start(AuthzTrans trans, ServletRequest request) {
+ trans.set((HttpServletRequest)request);
+ return trans.start("Trans " + //(context==null?"n/a":context.toString()) +
+ " IP: " + trans.ip() +
+ " Port: " + trans.port()
+ , Env.SUB);
+ }
- @Override
- protected void authenticated(AuthzTrans trans, Principal p) {
- trans.setUser((TaggedPrincipal)p); // We only work with TaggedPrincipals in Authz
- }
+ @Override
+ protected void authenticated(AuthzTrans trans, Principal p) {
+ trans.setUser((TaggedPrincipal)p); // We only work with TaggedPrincipals in Authz
+ }
- @Override
- protected void tallyHo(AuthzTrans trans) {
- Boolean b = trans.get(specialLogSlot, false);
- LogTarget lt = b?trans.warn():trans.info();
-
- if(lt.isLoggable()) {
- // Transaction is done, now post full Audit Trail
- StringBuilder sb = new StringBuilder("AuditTrail\n");
- // We'll grabAct sub-metrics for Remote Calls and JSON
- // IMPORTANT!!! if you add more entries here, change "BUCKETSIZE"!!!
- Metric m = trans.auditTrail(lt,1, sb, Env.REMOTE,Env.JSON);
+ @Override
+ protected void tallyHo(AuthzTrans trans) {
+ Boolean b = trans.get(specialLogSlot, false);
+ LogTarget lt = b?trans.warn():trans.info();
+
+ if(lt.isLoggable()) {
+ // Transaction is done, now post full Audit Trail
+ StringBuilder sb = new StringBuilder("AuditTrail\n");
+ // We'll grabAct sub-metrics for Remote Calls and JSON
+ // IMPORTANT!!! if you add more entries here, change "BUCKETSIZE"!!!
+ Metric m = trans.auditTrail(lt,1, sb, Env.REMOTE,Env.JSON);
- // Add current Metrics to total metrics
- serviceMetric.total+= m.total;
- for(int i=0;i<serviceMetric.buckets.length;++i) {
- serviceMetric.buckets[i]+=m.buckets[i];
- }
-
- Long tsi;
- if((tsi=trans.get(transIDslot, null))!=null) {
- sb.append(" TraceID=");
- sb.append(Long.toHexString(tsi));
- sb.append('\n');
- }
- // Log current info
- sb.append(" Total: ");
- sb.append(m.total);
- sb.append(" Remote: ");
- sb.append(m.buckets[0]);
- sb.append(" JSON: ");
- sb.append(m.buckets[1]);
- lt.log(sb);
- } else {
- // Single Line entry
- // IMPORTANT!!! if you add more entries here, change "BUCKETSIZE"!!!
- StringBuilder content = new StringBuilder();
- Metric m = trans.auditTrail(lt,1, content, Env.REMOTE,Env.JSON);
- // Add current Metrics to total metrics
- serviceMetric.total+= m.total;
- for(int i=0;i<serviceMetric.buckets.length;++i) {
- serviceMetric.buckets[i]+=m.buckets[i];
- }
-
- StringBuilder sb = new StringBuilder();
- sb.append("user=");
- Principal p = trans.getUserPrincipal();
- if(p==null) {
- sb.append("n/a");
- } else {
- sb.append(p.getName());
- if(p instanceof TrustPrincipal) {
- sb.append('(');
- sb.append(((TrustPrincipal)p).personalName()); // UserChain
- sb.append(')');
- } else {
- sb.append('[');
- if(p instanceof TaggedPrincipal) {
- sb.append(((TaggedPrincipal)p).tag());
- } else {
- sb.append(p.getClass().getSimpleName());
- }
- sb.append(']');
- }
- }
- sb.append(",ip=");
- sb.append(trans.ip());
- sb.append(",port=");
- sb.append(trans.port());
-// Current code won't ever get here... Always does a Full Audit Trail
-// Long tsi;
-// if((tsi=trans.get(transIDslot, null))!=null) {
-// sb.append(",TraceID=");
-// sb.append(Long.toHexString(tsi));
-// }
- sb.append(",ms=");
- sb.append(m.total);
- sb.append(",meth=");
- sb.append(trans.meth());
- sb.append(",path=");
- sb.append(trans.path());
+ // Add current Metrics to total metrics
+ serviceMetric.total+= m.total;
+ for(int i=0;i<serviceMetric.buckets.length;++i) {
+ serviceMetric.buckets[i]+=m.buckets[i];
+ }
+
+ Long tsi;
+ if((tsi=trans.get(transIDslot, null))!=null) {
+ sb.append(" TraceID=");
+ sb.append(Long.toHexString(tsi));
+ sb.append('\n');
+ }
+ // Log current info
+ sb.append(" Total: ");
+ sb.append(m.total);
+ sb.append(" Remote: ");
+ sb.append(m.buckets[0]);
+ sb.append(" JSON: ");
+ sb.append(m.buckets[1]);
+ lt.log(sb);
+ } else {
+ // Single Line entry
+ // IMPORTANT!!! if you add more entries here, change "BUCKETSIZE"!!!
+ StringBuilder content = new StringBuilder();
+ Metric m = trans.auditTrail(lt,1, content, Env.REMOTE,Env.JSON);
+ // Add current Metrics to total metrics
+ serviceMetric.total+= m.total;
+ for(int i=0;i<serviceMetric.buckets.length;++i) {
+ serviceMetric.buckets[i]+=m.buckets[i];
+ }
+
+ StringBuilder sb = new StringBuilder();
+ sb.append("user=");
+ Principal p = trans.getUserPrincipal();
+ if(p==null) {
+ sb.append("n/a");
+ } else {
+ sb.append(p.getName());
+ if(p instanceof TrustPrincipal) {
+ sb.append('(');
+ sb.append(((TrustPrincipal)p).personalName()); // UserChain
+ sb.append(')');
+ } else {
+ sb.append('[');
+ if(p instanceof TaggedPrincipal) {
+ sb.append(((TaggedPrincipal)p).tag());
+ } else {
+ sb.append(p.getClass().getSimpleName());
+ }
+ sb.append(']');
+ }
+ }
+ sb.append(",ip=");
+ sb.append(trans.ip());
+ sb.append(",port=");
+ sb.append(trans.port());
+// Current code won't ever get here... Always does a Full Audit Trail
+// Long tsi;
+// if((tsi=trans.get(transIDslot, null))!=null) {
+// sb.append(",TraceID=");
+// sb.append(Long.toHexString(tsi));
+// }
+ sb.append(",ms=");
+ sb.append(m.total);
+ sb.append(",meth=");
+ sb.append(trans.meth());
+ sb.append(",path=");
+ sb.append(trans.path());
- if(content.length()>0) {
- sb.append(",msg=\"");
- int start = content.lastIndexOf(",msg=\"");
- if(start>=0) {
- sb.append(content,start+6,content.length()-1);
- } else {
- sb.append(content);
- }
- sb.append('"');
- }
-
- trans.warn().log(sb);
- }
- }
+ if(content.length()>0) {
+ sb.append(",msg=\"");
+ int start = content.lastIndexOf(",msg=\"");
+ if(start>=0) {
+ sb.append(content,start+6,content.length()-1);
+ } else {
+ sb.append(content);
+ }
+ sb.append('"');
+ }
+
+ trans.warn().log(sb);
+ }
+ }
}
diff --git a/auth/auth-core/src/main/java/org/onap/aaf/auth/env/AuthzTransImpl.java b/auth/auth-core/src/main/java/org/onap/aaf/auth/env/AuthzTransImpl.java
index ccfd715f..ee90f284 100644
--- a/auth/auth-core/src/main/java/org/onap/aaf/auth/env/AuthzTransImpl.java
+++ b/auth/auth-core/src/main/java/org/onap/aaf/auth/env/AuthzTransImpl.java
@@ -34,183 +34,183 @@ import org.onap.aaf.misc.env.LogTarget;
import org.onap.aaf.misc.env.impl.BasicTrans;
public class AuthzTransImpl extends BasicTrans implements AuthzTrans {
- private TaggedPrincipal user;
- private String ip,agent,meth,path;
- private int port;
- private Lur lur;
- private Organization org;
- private int mask;
- private Date now;
- public AuthzTransImpl(AuthzEnv env) {
- super(env);
- ip="n/a";
- org=null;
- mask=0;
- }
-
- /**
- * @see org.onap.aaf.auth.env.test.AuthTrans#set(javax.servlet.http.HttpServletRequest)
- */
- @Override
- public AuthzTrans set(HttpServletRequest req) {
- user = (TaggedPrincipal)req.getUserPrincipal();
- ip = req.getRemoteAddr();
- port = req.getRemotePort();
- agent = req.getHeader("User-Agent");
- meth = req.getMethod();
- path = req.getPathInfo();
-
- for(REQD_TYPE rt : REQD_TYPE.values()) {
- requested(rt,req);
- }
- // Handle alternate "request" for "future"
- String request = req.getParameter("request");
- if(request!=null) {
- requested(REQD_TYPE.future,(request.length()==0 || "true".equalsIgnoreCase(request)));
- }
-
- org=null;
- return this;
- }
-
- @Override
- public void setUser(TaggedPrincipal p) {
- user = p;
- }
-
- /**
- * @see org.onap.aaf.auth.env.test.AuthTrans#user()
- */
- @Override
- public String user() {
- return user==null?"n/a":user.getName();
- }
-
- /**
- * @see org.onap.aaf.auth.env.test.AuthTrans#getUserPrincipal()
- */
- @Override
- public TaggedPrincipal getUserPrincipal() {
- return user;
- }
-
- /**
- * @see org.onap.aaf.auth.env.test.AuthTrans#ip()
- */
- @Override
- public String ip() {
- return ip;
- }
-
- /**
- * @see org.onap.aaf.auth.env.test.AuthTrans#port()
- */
- @Override
- public int port() {
- return port;
- }
-
-
- /* (non-Javadoc)
- * @see org.onap.aaf.auth.env.test.AuthzTrans#meth()
- */
- @Override
- public String meth() {
- return meth;
- }
-
- /* (non-Javadoc)
- * @see org.onap.aaf.auth.env.test.AuthzTrans#path()
- */
- @Override
- public String path() {
- return path;
- }
-
- /**
- * @see org.onap.aaf.auth.env.test.AuthTrans#agent()
- */
- @Override
- public String agent() {
- return agent;
- }
-
- @Override
- public AuthzEnv env() {
- return (AuthzEnv)delegate;
- }
-
- @Override
- public boolean requested(REQD_TYPE requested) {
- return (mask&requested.bit)==requested.bit;
- }
-
- public void requested(REQD_TYPE requested, boolean b) {
- if(b) {
- mask|=requested.bit;
- } else {
- mask&=~requested.bit;
- }
- }
-
- private void requested(REQD_TYPE reqtype, HttpServletRequest req) {
- String p = req.getParameter(reqtype.name());
- if(p!=null) {
- requested(reqtype,p.length()==0 || "true".equalsIgnoreCase(p));
- }
- }
-
- @Override
- public void setLur(Lur lur) {
- this.lur = lur;
- }
-
- @Override
- public boolean fish(Permission ... pond) {
- if(lur!=null) {
- return lur.fish(user, pond);
- }
- return false;
- }
-
- /* (non-Javadoc)
- * @see org.onap.aaf.auth.env.test.AuthzTrans#org()
- */
- @Override
- public Organization org() {
- if(org==null) {
- try {
- if((org = OrganizationFactory.obtain(env(), user()))==null) {
- org = Organization.NULL;
- }
- } catch (Exception e) {
-
- org = Organization.NULL;
- }
- }
- return org;
- }
-
- /* (non-Javadoc)
- * @see org.onap.aaf.auth.env.test.AuthzTrans#logAuditTrailOnly(com.att.inno.env.LogTarget)
- */
- @Override
- public void logAuditTrail(LogTarget lt) {
- if(lt.isLoggable()) {
- StringBuilder sb = new StringBuilder();
- auditTrail(1, sb);
- lt.log(sb);
- }
- }
-
- /* (non-Javadoc)
- * @see org.onap.aaf.auth.env.test.AuthzTrans#now()
- */
- @Override
- public Date now() {
- if(now==null) {
- now = new Date();
- }
- return now;
- }
+ private TaggedPrincipal user;
+ private String ip,agent,meth,path;
+ private int port;
+ private Lur lur;
+ private Organization org;
+ private int mask;
+ private Date now;
+ public AuthzTransImpl(AuthzEnv env) {
+ super(env);
+ ip="n/a";
+ org=null;
+ mask=0;
+ }
+
+ /**
+ * @see org.onap.aaf.auth.env.test.AuthTrans#set(javax.servlet.http.HttpServletRequest)
+ */
+ @Override
+ public AuthzTrans set(HttpServletRequest req) {
+ user = (TaggedPrincipal)req.getUserPrincipal();
+ ip = req.getRemoteAddr();
+ port = req.getRemotePort();
+ agent = req.getHeader("User-Agent");
+ meth = req.getMethod();
+ path = req.getPathInfo();
+
+ for(REQD_TYPE rt : REQD_TYPE.values()) {
+ requested(rt,req);
+ }
+ // Handle alternate "request" for "future"
+ String request = req.getParameter("request");
+ if(request!=null) {
+ requested(REQD_TYPE.future,(request.length()==0 || "true".equalsIgnoreCase(request)));
+ }
+
+ org=null;
+ return this;
+ }
+
+ @Override
+ public void setUser(TaggedPrincipal p) {
+ user = p;
+ }
+
+ /**
+ * @see org.onap.aaf.auth.env.test.AuthTrans#user()
+ */
+ @Override
+ public String user() {
+ return user==null?"n/a":user.getName();
+ }
+
+ /**
+ * @see org.onap.aaf.auth.env.test.AuthTrans#getUserPrincipal()
+ */
+ @Override
+ public TaggedPrincipal getUserPrincipal() {
+ return user;
+ }
+
+ /**
+ * @see org.onap.aaf.auth.env.test.AuthTrans#ip()
+ */
+ @Override
+ public String ip() {
+ return ip;
+ }
+
+ /**
+ * @see org.onap.aaf.auth.env.test.AuthTrans#port()
+ */
+ @Override
+ public int port() {
+ return port;
+ }
+
+
+ /* (non-Javadoc)
+ * @see org.onap.aaf.auth.env.test.AuthzTrans#meth()
+ */
+ @Override
+ public String meth() {
+ return meth;
+ }
+
+ /* (non-Javadoc)
+ * @see org.onap.aaf.auth.env.test.AuthzTrans#path()
+ */
+ @Override
+ public String path() {
+ return path;
+ }
+
+ /**
+ * @see org.onap.aaf.auth.env.test.AuthTrans#agent()
+ */
+ @Override
+ public String agent() {
+ return agent;
+ }
+
+ @Override
+ public AuthzEnv env() {
+ return (AuthzEnv)delegate;
+ }
+
+ @Override
+ public boolean requested(REQD_TYPE requested) {
+ return (mask&requested.bit)==requested.bit;
+ }
+
+ public void requested(REQD_TYPE requested, boolean b) {
+ if(b) {
+ mask|=requested.bit;
+ } else {
+ mask&=~requested.bit;
+ }
+ }
+
+ private void requested(REQD_TYPE reqtype, HttpServletRequest req) {
+ String p = req.getParameter(reqtype.name());
+ if(p!=null) {
+ requested(reqtype,p.length()==0 || "true".equalsIgnoreCase(p));
+ }
+ }
+
+ @Override
+ public void setLur(Lur lur) {
+ this.lur = lur;
+ }
+
+ @Override
+ public boolean fish(Permission ... pond) {
+ if(lur!=null) {
+ return lur.fish(user, pond);
+ }
+ return false;
+ }
+
+ /* (non-Javadoc)
+ * @see org.onap.aaf.auth.env.test.AuthzTrans#org()
+ */
+ @Override
+ public Organization org() {
+ if(org==null) {
+ try {
+ if((org = OrganizationFactory.obtain(env(), user()))==null) {
+ org = Organization.NULL;
+ }
+ } catch (Exception e) {
+
+ org = Organization.NULL;
+ }
+ }
+ return org;
+ }
+
+ /* (non-Javadoc)
+ * @see org.onap.aaf.auth.env.test.AuthzTrans#logAuditTrailOnly(com.att.inno.env.LogTarget)
+ */
+ @Override
+ public void logAuditTrail(LogTarget lt) {
+ if(lt.isLoggable()) {
+ StringBuilder sb = new StringBuilder();
+ auditTrail(1, sb);
+ lt.log(sb);
+ }
+ }
+
+ /* (non-Javadoc)
+ * @see org.onap.aaf.auth.env.test.AuthzTrans#now()
+ */
+ @Override
+ public Date now() {
+ if(now==null) {
+ now = new Date();
+ }
+ return now;
+ }
}
diff --git a/auth/auth-core/src/main/java/org/onap/aaf/auth/env/AuthzTransOnlyFilter.java b/auth/auth-core/src/main/java/org/onap/aaf/auth/env/AuthzTransOnlyFilter.java
index 2488cc7e..d7b6f1da 100644
--- a/auth/auth-core/src/main/java/org/onap/aaf/auth/env/AuthzTransOnlyFilter.java
+++ b/auth/auth-core/src/main/java/org/onap/aaf/auth/env/AuthzTransOnlyFilter.java
@@ -31,56 +31,56 @@ import org.onap.aaf.misc.env.TimeTaken;
import org.onap.aaf.misc.env.Trans.Metric;
public class AuthzTransOnlyFilter extends TransOnlyFilter<AuthzTrans> {
- private AuthzEnv env;
- public Metric serviceMetric;
+ private AuthzEnv env;
+ public Metric serviceMetric;
- public static final int BUCKETSIZE = 2;
+ public static final int BUCKETSIZE = 2;
- public AuthzTransOnlyFilter(AuthzEnv env) {
- this.env = env;
- serviceMetric = new Metric();
- serviceMetric.buckets = new float[BUCKETSIZE];
- }
-
- @Override
- protected AuthzTrans newTrans() {
- return env.newTrans();
- }
+ public AuthzTransOnlyFilter(AuthzEnv env) {
+ this.env = env;
+ serviceMetric = new Metric();
+ serviceMetric.buckets = new float[BUCKETSIZE];
+ }
+
+ @Override
+ protected AuthzTrans newTrans() {
+ return env.newTrans();
+ }
- @Override
- protected TimeTaken start(AuthzTrans trans, ServletRequest request) {
- trans.set((HttpServletRequest)request);
- return trans.start("Trans " + //(context==null?"n/a":context.toString()) +
- " IP: " + trans.ip() +
- " Port: " + trans.port()
- , Env.SUB);
- }
+ @Override
+ protected TimeTaken start(AuthzTrans trans, ServletRequest request) {
+ trans.set((HttpServletRequest)request);
+ return trans.start("Trans " + //(context==null?"n/a":context.toString()) +
+ " IP: " + trans.ip() +
+ " Port: " + trans.port()
+ , Env.SUB);
+ }
- @Override
- protected void authenticated(AuthzTrans trans, TaggedPrincipal p) {
- trans.setUser(p);
- }
+ @Override
+ protected void authenticated(AuthzTrans trans, TaggedPrincipal p) {
+ trans.setUser(p);
+ }
- @Override
- protected void tallyHo(AuthzTrans trans) {
- // Transaction is done, now post
- StringBuilder sb = new StringBuilder("AuditTrail\n");
- // We'll grab sub-metrics for Remote Calls and JSON
- // IMPORTANT!!! if you add more entries here, change "BUCKETSIZE"!!!
- Metric m = trans.auditTrail(1, sb, Env.REMOTE,Env.JSON);
- // Add current Metrics to total metrics
- serviceMetric.total+= m.total;
- for(int i=0;i<serviceMetric.buckets.length;++i) {
- serviceMetric.buckets[i]+=m.buckets[i];
- }
- // Log current info
- sb.append(" Total: ");
- sb.append(m.total);
- sb.append(" Remote: ");
- sb.append(m.buckets[0]);
- sb.append(" JSON: ");
- sb.append(m.buckets[1]);
- trans.info().log(sb);
- }
+ @Override
+ protected void tallyHo(AuthzTrans trans) {
+ // Transaction is done, now post
+ StringBuilder sb = new StringBuilder("AuditTrail\n");
+ // We'll grab sub-metrics for Remote Calls and JSON
+ // IMPORTANT!!! if you add more entries here, change "BUCKETSIZE"!!!
+ Metric m = trans.auditTrail(1, sb, Env.REMOTE,Env.JSON);
+ // Add current Metrics to total metrics
+ serviceMetric.total+= m.total;
+ for(int i=0;i<serviceMetric.buckets.length;++i) {
+ serviceMetric.buckets[i]+=m.buckets[i];
+ }
+ // Log current info
+ sb.append(" Total: ");
+ sb.append(m.total);
+ sb.append(" Remote: ");
+ sb.append(m.buckets[0]);
+ sb.append(" JSON: ");
+ sb.append(m.buckets[1]);
+ trans.info().log(sb);
+ }
}
diff --git a/auth/auth-core/src/main/java/org/onap/aaf/auth/env/NullTrans.java b/auth/auth-core/src/main/java/org/onap/aaf/auth/env/NullTrans.java
index fb9d628c..3b7ed6f0 100644
--- a/auth/auth-core/src/main/java/org/onap/aaf/auth/env/NullTrans.java
+++ b/auth/auth-core/src/main/java/org/onap/aaf/auth/env/NullTrans.java
@@ -40,195 +40,195 @@ import org.onap.aaf.misc.env.TimeTaken;
* A NULL implementation of AuthzTrans, for use in DirectAAF Taf/Lurs
*/
public class NullTrans implements AuthzTrans {
- private static final AuthzTrans singleton = new NullTrans();
-
- public static final AuthzTrans singleton() {
- return singleton;
- }
-
- private Date now;
-
- public void checkpoint(String text) {}
- public void checkpoint(String text, int additionalFlag) {}
- public Metric auditTrail(int indent, StringBuilder sb, int... flag) {return null;}
-
- @Override
- public Metric auditTrail(LogTarget lt, int indent, StringBuilder sb, int... flag) {
- return null;
- }
-
- public LogTarget fatal() {
- return LogTarget.NULL;
- }
-
- public LogTarget error() {
- return LogTarget.NULL;
- }
-
- public LogTarget audit() {
- return LogTarget.NULL;
- }
-
- /* (non-Javadoc)
- * @see com.att.env.Env#init()
- */
- @Override
- public LogTarget init() {
- return LogTarget.NULL;
- }
-
- public LogTarget warn() {
- return LogTarget.NULL;
- }
-
- public LogTarget info() {
- return LogTarget.NULL;
- }
-
- public LogTarget debug() {
- return LogTarget.NULL;
- }
-
- public LogTarget trace() {
- return LogTarget.NULL;
- }
-
- public TimeTaken start(String name, int flag) {
- return new TimeTaken(name,flag) {
- public void output(StringBuilder sb) {
- sb.append(name);
- sb.append(' ');
- sb.append(millis());
- sb.append("ms");
- }
- };
- }
-
- @Override
- public String setProperty(String tag, String value) {
- return value;
- }
-
- @Override
- public String getProperty(String tag) {
- return tag;
- }
-
- @Override
- public String getProperty(String tag, String deflt) {
- return deflt;
- }
-
- @Override
- public Decryptor decryptor() {
- return null;
- }
-
- @Override
- public Encryptor encryptor() {
- return null;
- }
- @Override
- public AuthzTrans set(HttpServletRequest req) {
- return null;
- }
-
- @Override
- public String user() {
- return null;
- }
-
- @Override
- public TaggedPrincipal getUserPrincipal() {
- return null;
- }
-
- @Override
- public void setUser(TaggedPrincipal p) {
- }
-
- @Override
- public String ip() {
- return null;
- }
-
- @Override
- public int port() {
- return 0;
- }
- @Override
- public String meth() {
- return null;
- }
-
- @Override
- public String path() {
- return null;
- }
-
- @Override
- public void put(Slot slot, Object value) {
- }
- @Override
- public <T> T get(Slot slot, T deflt) {
- return null;
- }
- @Override
- public <T> T get(StaticSlot slot, T dflt) {
- return null;
- }
- @Override
- public Slot slot(String name) {
- return null;
- }
- @Override
- public AuthzEnv env() {
- return null;
- }
- @Override
- public String agent() {
- return null;
- }
-
- @Override
- public void setLur(Lur lur) {
- }
-
- @Override
- public boolean fish(Permission ... p) {
- return false;
- }
-
- @Override
- public Organization org() {
- return Organization.NULL;
- }
-
- @Override
- public void logAuditTrail(LogTarget lt) {
- }
-
- /* (non-Javadoc)
- * @see org.onap.aaf.auth.env.test.AuthzTrans#requested(org.onap.aaf.auth.env.test.AuthzTrans.REQD_TYPE)
- */
- @Override
- public boolean requested(REQD_TYPE requested) {
- return false;
- }
-
- /* (non-Javadoc)
- * @see org.onap.aaf.auth.env.test.AuthzTrans#requested(org.onap.aaf.auth.env.test.AuthzTrans.REQD_TYPE, boolean)
- */
- @Override
- public void requested(REQD_TYPE requested, boolean b) {
- }
-
- @Override
- public Date now() {
- if(now==null) {
- now = new Date();
- }
- return now;
- }
+ private static final AuthzTrans singleton = new NullTrans();
+
+ public static final AuthzTrans singleton() {
+ return singleton;
+ }
+
+ private Date now;
+
+ public void checkpoint(String text) {}
+ public void checkpoint(String text, int additionalFlag) {}
+ public Metric auditTrail(int indent, StringBuilder sb, int... flag) {return null;}
+
+ @Override
+ public Metric auditTrail(LogTarget lt, int indent, StringBuilder sb, int... flag) {
+ return null;
+ }
+
+ public LogTarget fatal() {
+ return LogTarget.NULL;
+ }
+
+ public LogTarget error() {
+ return LogTarget.NULL;
+ }
+
+ public LogTarget audit() {
+ return LogTarget.NULL;
+ }
+
+ /* (non-Javadoc)
+ * @see com.att.env.Env#init()
+ */
+ @Override
+ public LogTarget init() {
+ return LogTarget.NULL;
+ }
+
+ public LogTarget warn() {
+ return LogTarget.NULL;
+ }
+
+ public LogTarget info() {
+ return LogTarget.NULL;
+ }
+
+ public LogTarget debug() {
+ return LogTarget.NULL;
+ }
+
+ public LogTarget trace() {
+ return LogTarget.NULL;
+ }
+
+ public TimeTaken start(String name, int flag) {
+ return new TimeTaken(name,flag) {
+ public void output(StringBuilder sb) {
+ sb.append(name);
+ sb.append(' ');
+ sb.append(millis());
+ sb.append("ms");
+ }
+ };
+ }
+
+ @Override
+ public String setProperty(String tag, String value) {
+ return value;
+ }
+
+ @Override
+ public String getProperty(String tag) {
+ return tag;
+ }
+
+ @Override
+ public String getProperty(String tag, String deflt) {
+ return deflt;
+ }
+
+ @Override
+ public Decryptor decryptor() {
+ return null;
+ }
+
+ @Override
+ public Encryptor encryptor() {
+ return null;
+ }
+ @Override
+ public AuthzTrans set(HttpServletRequest req) {
+ return null;
+ }
+
+ @Override
+ public String user() {
+ return null;
+ }
+
+ @Override
+ public TaggedPrincipal getUserPrincipal() {
+ return null;
+ }
+
+ @Override
+ public void setUser(TaggedPrincipal p) {
+ }
+
+ @Override
+ public String ip() {
+ return null;
+ }
+
+ @Override
+ public int port() {
+ return 0;
+ }
+ @Override
+ public String meth() {
+ return null;
+ }
+
+ @Override
+ public String path() {
+ return null;
+ }
+
+ @Override
+ public void put(Slot slot, Object value) {
+ }
+ @Override
+ public <T> T get(Slot slot, T deflt) {
+ return null;
+ }
+ @Override
+ public <T> T get(StaticSlot slot, T dflt) {
+ return null;
+ }
+ @Override
+ public Slot slot(String name) {
+ return null;
+ }
+ @Override
+ public AuthzEnv env() {
+ return null;
+ }
+ @Override
+ public String agent() {
+ return null;
+ }
+
+ @Override
+ public void setLur(Lur lur) {
+ }
+
+ @Override
+ public boolean fish(Permission ... p) {
+ return false;
+ }
+
+ @Override
+ public Organization org() {
+ return Organization.NULL;
+ }
+
+ @Override
+ public void logAuditTrail(LogTarget lt) {
+ }
+
+ /* (non-Javadoc)
+ * @see org.onap.aaf.auth.env.test.AuthzTrans#requested(org.onap.aaf.auth.env.test.AuthzTrans.REQD_TYPE)
+ */
+ @Override
+ public boolean requested(REQD_TYPE requested) {
+ return false;
+ }
+
+ /* (non-Javadoc)
+ * @see org.onap.aaf.auth.env.test.AuthzTrans#requested(org.onap.aaf.auth.env.test.AuthzTrans.REQD_TYPE, boolean)
+ */
+ @Override
+ public void requested(REQD_TYPE requested, boolean b) {
+ }
+
+ @Override
+ public Date now() {
+ if(now==null) {
+ now = new Date();
+ }
+ return now;
+ }
}
diff --git a/auth/auth-core/src/main/java/org/onap/aaf/auth/layer/FacadeImpl.java b/auth/auth-core/src/main/java/org/onap/aaf/auth/layer/FacadeImpl.java
index 81fc1e26..c81504b6 100644
--- a/auth/auth-core/src/main/java/org/onap/aaf/auth/layer/FacadeImpl.java
+++ b/auth/auth-core/src/main/java/org/onap/aaf/auth/layer/FacadeImpl.java
@@ -29,14 +29,14 @@ import org.onap.aaf.misc.env.Data.TYPE;
public abstract class FacadeImpl {
- protected static final String IN = "in";
+ protected static final String IN = "in";
- protected void setContentType(HttpServletResponse response, TYPE type) {
- response.setContentType(type==Data.TYPE.JSON?"application/json":"text.xml");
- }
-
- protected void setCacheControlOff(HttpServletResponse response) {
- response.setHeader("Cache-Control", "no-store");
- response.setHeader("Pragma", "no-cache");
- }
+ protected void setContentType(HttpServletResponse response, TYPE type) {
+ response.setContentType(type==Data.TYPE.JSON?"application/json":"text.xml");
+ }
+
+ protected void setCacheControlOff(HttpServletResponse response) {
+ response.setHeader("Cache-Control", "no-store");
+ response.setHeader("Pragma", "no-cache");
+ }
}
diff --git a/auth/auth-core/src/main/java/org/onap/aaf/auth/layer/Result.java b/auth/auth-core/src/main/java/org/onap/aaf/auth/layer/Result.java
index e61cf2e8..92a8269a 100644
--- a/auth/auth-core/src/main/java/org/onap/aaf/auth/layer/Result.java
+++ b/auth/auth-core/src/main/java/org/onap/aaf/auth/layer/Result.java
@@ -36,37 +36,37 @@ public class Result<RV> {
private static final String SUCCESS = "Success";
public static final String[] EMPTY_VARS = new String[0];
- public final static int OK=0,
- ERR_Security = 1,
- ERR_Denied = 2,
- ERR_Policy = 3,
- ERR_BadData = 4,
- ERR_NotImplemented = 5,
- ERR_NotFound = 6,
- ERR_ConflictAlreadyExists = 7,
- ERR_ActionNotCompleted = 8,
- ERR_Backend = 9,
- ERR_General = 20;
-
- public final RV value;
- public final int status;
- public final String details;
- public final String[] variables;
-
- protected Result(RV value, int status, String details, String[] variables) {
- this.value = value;
- if(value==null) {
- specialCondition|=EMPTY_LIST;
- }
- this.status = status;
- this.details = details;
- if(variables==null) {
- this.variables = EMPTY_VARS;
- } else {
- this.variables=variables;
- }
- }
-
+ public final static int OK=0,
+ ERR_Security = 1,
+ ERR_Denied = 2,
+ ERR_Policy = 3,
+ ERR_BadData = 4,
+ ERR_NotImplemented = 5,
+ ERR_NotFound = 6,
+ ERR_ConflictAlreadyExists = 7,
+ ERR_ActionNotCompleted = 8,
+ ERR_Backend = 9,
+ ERR_General = 20;
+
+ public final RV value;
+ public final int status;
+ public final String details;
+ public final String[] variables;
+
+ protected Result(RV value, int status, String details, String[] variables) {
+ this.value = value;
+ if(value==null) {
+ specialCondition|=EMPTY_LIST;
+ }
+ this.status = status;
+ this.details = details;
+ if(variables==null) {
+ this.variables = EMPTY_VARS;
+ } else {
+ this.variables=variables;
+ }
+ }
+
/**
* Create a Result class with "OK" status and "Success" for details
*
@@ -77,7 +77,7 @@ public class Result<RV> {
* @return
*/
public static<R> Result<R> ok(R value) {
- return new Result<R>(value,OK,SUCCESS,null);
+ return new Result<R>(value,OK,SUCCESS,null);
}
/**
@@ -86,7 +86,7 @@ public class Result<RV> {
* @return
*/
public static<R> Result<R[]> ok(R value[]) {
- return new Result<R[]>(value,OK,SUCCESS,null).emptyList(value.length==0);
+ return new Result<R[]>(value,OK,SUCCESS,null).emptyList(value.length==0);
}
/**
@@ -95,7 +95,7 @@ public class Result<RV> {
* @return
*/
public static<R> Result<Set<R>> ok(Set<R> value) {
- return new Result<Set<R>>(value,OK,SUCCESS,null).emptyList(value.size()==0);
+ return new Result<Set<R>>(value,OK,SUCCESS,null).emptyList(value.size()==0);
}
/**
@@ -104,7 +104,7 @@ public class Result<RV> {
* @return
*/
public static<R> Result<List<R>> ok(List<R> value) {
- return new Result<List<R>>(value,OK,SUCCESS,null).emptyList(value.size()==0);
+ return new Result<List<R>>(value,OK,SUCCESS,null).emptyList(value.size()==0);
}
/**
@@ -113,7 +113,7 @@ public class Result<RV> {
* @return
*/
public static<R> Result<Collection<R>> ok(Collection<R> value) {
- return new Result<Collection<R>>(value,OK,SUCCESS,null).emptyList(value.size()==0);
+ return new Result<Collection<R>>(value,OK,SUCCESS,null).emptyList(value.size()==0);
}
@@ -122,7 +122,7 @@ public class Result<RV> {
* @return
*/
public static Result<Void> ok() {
- return new Result<Void>(null,OK,SUCCESS,null);
+ return new Result<Void>(null,OK,SUCCESS,null);
}
/**
@@ -133,7 +133,7 @@ public class Result<RV> {
* @return
*/
// public static<R> Result<R> err(int status, String details) {
-// return new Result<R>(null,status,details,null);
+// return new Result<R>(null,status,details,null);
// }
/**
@@ -144,7 +144,7 @@ public class Result<RV> {
* @return
*/
public static<R> Result<R> err(int status, String details, String ... variables) {
- return new Result<R>(null,status,details,variables);
+ return new Result<R>(null,status,details,variables);
}
/**
@@ -153,19 +153,19 @@ public class Result<RV> {
* @return
*/
public static<R> Result<R> err(Result<?> pdr) {
- return new Result<R>(null,pdr.status,pdr.details,pdr.variables);
- }
+ return new Result<R>(null,pdr.status,pdr.details,pdr.variables);
+ }
/**
* Create General Error from Exception
* @param e
* @return
*/
- public static<R> Result<R> err(Exception e) {
- return new Result<R>(null,ERR_General,e.getMessage(),EMPTY_VARS);
- }
+ public static<R> Result<R> err(Exception e) {
+ return new Result<R>(null,ERR_General,e.getMessage(),EMPTY_VARS);
+ }
- /**
+ /**
* Create a Status (usually non OK, with a details statement
* @param value
* @param status
@@ -173,7 +173,7 @@ public class Result<RV> {
* @return
*/
public static<R> Result<R> create(R value, int status, String details, String ... vars) {
- return new Result<R>(value,status,details,vars);
+ return new Result<R>(value,status,details,vars);
}
/**
@@ -184,18 +184,18 @@ public class Result<RV> {
* @return
*/
public static<R> Result<R> create(R value, Result<?> result) {
- return new Result<R>(value,result.status,result.details,result.variables);
+ return new Result<R>(value,result.status,result.details,result.variables);
}
private static final int PARTIAL_CONTENT = 0x001;
private static final int EMPTY_LIST = 0x002;
/**
- * AAF Specific problems, etc
- *
- * @author Jonathan
- *
- */
+ * AAF Specific problems, etc
+ *
+ * @author Jonathan
+ *
+ */
/**
* specialCondition is a bit field to enable multiple conditions, e.g. PARTIAL_CONTENT
@@ -218,10 +218,10 @@ public class Result<RV> {
*/
public Result<RV> partialContent(boolean hasPartialContent) {
if (hasPartialContent) {
- specialCondition |= PARTIAL_CONTENT;
- } else {
- specialCondition &= (~PARTIAL_CONTENT);
- }
+ specialCondition |= PARTIAL_CONTENT;
+ } else {
+ specialCondition &= (~PARTIAL_CONTENT);
+ }
return this;
}
@@ -231,7 +231,7 @@ public class Result<RV> {
* @return
*/
public boolean isEmpty() {
- return (specialCondition & EMPTY_LIST) == EMPTY_LIST;
+ return (specialCondition & EMPTY_LIST) == EMPTY_LIST;
}
/**
@@ -242,11 +242,11 @@ public class Result<RV> {
* @return
*/
public Result<RV> emptyList(boolean emptyList) {
- if (emptyList) {
- specialCondition |= EMPTY_LIST;
- } else {
- specialCondition &= (~EMPTY_LIST);
- }
+ if (emptyList) {
+ specialCondition |= EMPTY_LIST;
+ } else {
+ specialCondition &= (~EMPTY_LIST);
+ }
return this;
}
@@ -257,7 +257,7 @@ public class Result<RV> {
* @return
*/
public boolean isOK() {
- return status == OK;
+ return status == OK;
}
/**
@@ -266,7 +266,7 @@ public class Result<RV> {
* @return
*/
public boolean notOK() {
- return status != OK;
+ return status != OK;
}
/**
@@ -275,7 +275,7 @@ public class Result<RV> {
* @return
*/
public boolean isOKhasData() {
- return status == OK && (specialCondition & EMPTY_LIST) != EMPTY_LIST;
+ return status == OK && (specialCondition & EMPTY_LIST) != EMPTY_LIST;
}
@@ -285,44 +285,44 @@ public class Result<RV> {
* @return
*/
public boolean notOKorIsEmpty() {
- return status != OK || (specialCondition & EMPTY_LIST) == EMPTY_LIST;
+ return status != OK || (specialCondition & EMPTY_LIST) == EMPTY_LIST;
}
@Override
public String toString() {
- if(status==0) {
- return details;
- } else {
- StringBuilder sb = new StringBuilder();
- sb.append(status);
- sb.append(':');
- sb.append(String.format(details,((Object[])variables)));
- if(isEmpty()) {
- sb.append("{empty}");
- }
- if(value!=null) {
- sb.append('-');
- sb.append(value.toString());
- }
- return sb.toString();
- }
+ if(status==0) {
+ return details;
+ } else {
+ StringBuilder sb = new StringBuilder();
+ sb.append(status);
+ sb.append(':');
+ sb.append(String.format(details,((Object[])variables)));
+ if(isEmpty()) {
+ sb.append("{empty}");
+ }
+ if(value!=null) {
+ sb.append('-');
+ sb.append(value.toString());
+ }
+ return sb.toString();
+ }
}
public String errorString() {
- StringBuilder sb = new StringBuilder();
- switch(status) {
- case 1: sb.append("Security"); break;
- case 2: sb.append("Denied"); break;
- case 3: sb.append("Policy"); break;
- case 4: sb.append("BadData"); break;
- case 5: sb.append("NotImplemented"); break;
- case 6: sb.append("NotFound"); break;
- case 7: sb.append("AlreadyExists"); break;
- case 8: sb.append("ActionNotComplete"); break;
- default: sb.append("Error");
- }
- sb.append(" - ");
- sb.append(String.format(details, (Object[])variables));
- return sb.toString();
+ StringBuilder sb = new StringBuilder();
+ switch(status) {
+ case 1: sb.append("Security"); break;
+ case 2: sb.append("Denied"); break;
+ case 3: sb.append("Policy"); break;
+ case 4: sb.append("BadData"); break;
+ case 5: sb.append("NotImplemented"); break;
+ case 6: sb.append("NotFound"); break;
+ case 7: sb.append("AlreadyExists"); break;
+ case 8: sb.append("ActionNotComplete"); break;
+ default: sb.append("Error");
+ }
+ sb.append(" - ");
+ sb.append(String.format(details, (Object[])variables));
+ return sb.toString();
}
}
diff --git a/auth/auth-core/src/main/java/org/onap/aaf/auth/local/AbsData.java b/auth/auth-core/src/main/java/org/onap/aaf/auth/local/AbsData.java
index 17edae42..90857b42 100644
--- a/auth/auth-core/src/main/java/org/onap/aaf/auth/local/AbsData.java
+++ b/auth/auth-core/src/main/java/org/onap/aaf/auth/local/AbsData.java
@@ -35,172 +35,172 @@ import org.onap.aaf.misc.env.Env;
import org.onap.aaf.misc.env.TimeTaken;
public abstract class AbsData implements Iterable<String> {
- protected DataFile data;
- protected TextIndex ti;
- private File dataf,idxf,lockf;
- private String name;
- private char delim;
- private int maxLineSize;
- private int fieldOffset;
- private int skipLines;
-
- public AbsData(File dataf,char sepChar, int maxLineSize, int fieldOffset) {
- File dir = dataf.getParentFile();
- int dot = dataf.getName().lastIndexOf('.');
- name = dataf.getName().substring(0,dot);
-
- this.dataf=dataf;
- this.delim = sepChar;
- this.maxLineSize = maxLineSize;
- this.fieldOffset = fieldOffset;
- idxf = new File(dir,name.concat(".idx"));
- lockf = new File(dir,name.concat(".lock"));
-
-
- data = new DataFile(dataf,"r");
- ti = new TextIndex(idxf);
- skipLines=0;
- }
-
- public void skipLines(int lines) {
- skipLines=lines;
- }
-
- public String name() {
- return name;
- }
-
- public void open(AuthzTrans trans, long timeout) throws IOException {
- TimeTaken tt = trans.start("Open Data File", Env.SUB);
- boolean first = true;
- try {
- if(!dataf.exists()) {
- throw new FileNotFoundException("Data File Missing:" + dataf.getCanonicalPath());
- }
- long begin = System.currentTimeMillis();
- long end = begin+timeout;
- boolean exists;
- while((exists=lockf.exists()) && begin<end) {
- if(first) {
- trans.warn().log("Waiting for",lockf.getCanonicalPath(),"to close");
- first = false;
- }
- try {
- Thread.sleep(200);
- } catch (InterruptedException e) {
- Thread.currentThread().interrupt();
- }
- begin = System.currentTimeMillis();
- }
- if(exists) {
- throw new IOException(lockf.getCanonicalPath() + "exists. May not open Datafile");
- }
- data.open();
- try {
- ensureIdxGood(trans);
- } catch (IOException e) {
- data.close();
- throw e;
- }
- ti.open();
-
- } finally {
- tt.done();
- }
- }
-
- private synchronized void ensureIdxGood(AuthzTrans trans) throws IOException {
- if(!idxf.exists() || idxf.length()==0 || dataf.lastModified()>idxf.lastModified()) {
- trans.warn().log(idxf.getAbsolutePath(),"is missing, empty or out of date, creating");
- RandomAccessFile raf = new RandomAccessFile(lockf, "rw");
- try {
- ti.create(trans, data, maxLineSize, delim, fieldOffset, skipLines);
- if(!idxf.exists() || (idxf.length()==0 && dataf.length()!=0)) {
- throw new IOException("Data Index File did not create correctly");
- }
- } finally {
- raf.close();
- lockf.delete();
- }
- }
- }
-
- public void close(AuthzTrans trans) throws IOException {
- ti.close();
- data.close();
- }
-
- public class Reuse {
- public Token tokenData;
- private Field fieldData;
-
- private Reuse(int size,char delim) {
- tokenData = data.new Token(size);
- fieldData = tokenData.new Field(delim);
- }
-
- public void reset() {
- getFieldData().reset();
- }
-
- public void pos(int rec) {
- getFieldData().reset();
- tokenData.pos(rec);
- }
-
- public String next() {
- return getFieldData().next();
- }
-
- public String at(int field) {
- return getFieldData().at(field);
- }
-
- public String atToEnd(int field) {
- return getFieldData().atToEnd(field);
- }
-
- public Field getFieldData() {
- return fieldData;
- }
- }
-
- public Reuse reuse() {
- return new Reuse(maxLineSize,delim);
- }
-
- public Iter iterator() {
- return new Iter();
- }
-
- public class Iter implements Iterator<String> {
- private Reuse reuse;
- private org.onap.aaf.auth.local.TextIndex.Iter tii;
-
- public Iter() {
- reuse = reuse();
- tii = ti.new Iter();
- }
-
- @Override
- public boolean hasNext() {
- return tii.hasNext();
- }
-
- @Override
- public String next() {
- if(!hasNext()) {
- throw new NoSuchElementException();
- }
- reuse.reset();
- int rec = tii.next();
- reuse.pos(rec);
- return reuse.at(0);
- }
-
- @Override
- public void remove() {
- // read only
- }
- }
+ protected DataFile data;
+ protected TextIndex ti;
+ private File dataf,idxf,lockf;
+ private String name;
+ private char delim;
+ private int maxLineSize;
+ private int fieldOffset;
+ private int skipLines;
+
+ public AbsData(File dataf,char sepChar, int maxLineSize, int fieldOffset) {
+ File dir = dataf.getParentFile();
+ int dot = dataf.getName().lastIndexOf('.');
+ name = dataf.getName().substring(0,dot);
+
+ this.dataf=dataf;
+ this.delim = sepChar;
+ this.maxLineSize = maxLineSize;
+ this.fieldOffset = fieldOffset;
+ idxf = new File(dir,name.concat(".idx"));
+ lockf = new File(dir,name.concat(".lock"));
+
+
+ data = new DataFile(dataf,"r");
+ ti = new TextIndex(idxf);
+ skipLines=0;
+ }
+
+ public void skipLines(int lines) {
+ skipLines=lines;
+ }
+
+ public String name() {
+ return name;
+ }
+
+ public void open(AuthzTrans trans, long timeout) throws IOException {
+ TimeTaken tt = trans.start("Open Data File", Env.SUB);
+ boolean first = true;
+ try {
+ if(!dataf.exists()) {
+ throw new FileNotFoundException("Data File Missing:" + dataf.getCanonicalPath());
+ }
+ long begin = System.currentTimeMillis();
+ long end = begin+timeout;
+ boolean exists;
+ while((exists=lockf.exists()) && begin<end) {
+ if(first) {
+ trans.warn().log("Waiting for",lockf.getCanonicalPath(),"to close");
+ first = false;
+ }
+ try {
+ Thread.sleep(200);
+ } catch (InterruptedException e) {
+ Thread.currentThread().interrupt();
+ }
+ begin = System.currentTimeMillis();
+ }
+ if(exists) {
+ throw new IOException(lockf.getCanonicalPath() + "exists. May not open Datafile");
+ }
+ data.open();
+ try {
+ ensureIdxGood(trans);
+ } catch (IOException e) {
+ data.close();
+ throw e;
+ }
+ ti.open();
+
+ } finally {
+ tt.done();
+ }
+ }
+
+ private synchronized void ensureIdxGood(AuthzTrans trans) throws IOException {
+ if(!idxf.exists() || idxf.length()==0 || dataf.lastModified()>idxf.lastModified()) {
+ trans.warn().log(idxf.getAbsolutePath(),"is missing, empty or out of date, creating");
+ RandomAccessFile raf = new RandomAccessFile(lockf, "rw");
+ try {
+ ti.create(trans, data, maxLineSize, delim, fieldOffset, skipLines);
+ if(!idxf.exists() || (idxf.length()==0 && dataf.length()!=0)) {
+ throw new IOException("Data Index File did not create correctly");
+ }
+ } finally {
+ raf.close();
+ lockf.delete();
+ }
+ }
+ }
+
+ public void close(AuthzTrans trans) throws IOException {
+ ti.close();
+ data.close();
+ }
+
+ public class Reuse {
+ public Token tokenData;
+ private Field fieldData;
+
+ private Reuse(int size,char delim) {
+ tokenData = data.new Token(size);
+ fieldData = tokenData.new Field(delim);
+ }
+
+ public void reset() {
+ getFieldData().reset();
+ }
+
+ public void pos(int rec) {
+ getFieldData().reset();
+ tokenData.pos(rec);
+ }
+
+ public String next() {
+ return getFieldData().next();
+ }
+
+ public String at(int field) {
+ return getFieldData().at(field);
+ }
+
+ public String atToEnd(int field) {
+ return getFieldData().atToEnd(field);
+ }
+
+ public Field getFieldData() {
+ return fieldData;
+ }
+ }
+
+ public Reuse reuse() {
+ return new Reuse(maxLineSize,delim);
+ }
+
+ public Iter iterator() {
+ return new Iter();
+ }
+
+ public class Iter implements Iterator<String> {
+ private Reuse reuse;
+ private org.onap.aaf.auth.local.TextIndex.Iter tii;
+
+ public Iter() {
+ reuse = reuse();
+ tii = ti.new Iter();
+ }
+
+ @Override
+ public boolean hasNext() {
+ return tii.hasNext();
+ }
+
+ @Override
+ public String next() {
+ if(!hasNext()) {
+ throw new NoSuchElementException();
+ }
+ reuse.reset();
+ int rec = tii.next();
+ reuse.pos(rec);
+ return reuse.at(0);
+ }
+
+ @Override
+ public void remove() {
+ // read only
+ }
+ }
}
diff --git a/auth/auth-core/src/main/java/org/onap/aaf/auth/local/DataFile.java b/auth/auth-core/src/main/java/org/onap/aaf/auth/local/DataFile.java
index bb9fb1fd..7e420df4 100644
--- a/auth/auth-core/src/main/java/org/onap/aaf/auth/local/DataFile.java
+++ b/auth/auth-core/src/main/java/org/onap/aaf/auth/local/DataFile.java
@@ -32,159 +32,159 @@ import java.nio.channels.FileChannel;
import java.nio.channels.FileChannel.MapMode;
public class DataFile {
- private RandomAccessFile rafile;
- private FileChannel channel;
- public MappedByteBuffer mapBuff;
- private final File file;
- private final String access;
-
- public DataFile(File file, String access) {
- this.file = file;
- this.access = access;
- }
- public void open() throws IOException {
- if(!file.exists()) throw new FileNotFoundException();
- rafile = new RandomAccessFile(file,access);
- channel = rafile.getChannel();
- mapBuff = channel.map("r".equals(access)?MapMode.READ_ONLY:MapMode.READ_WRITE,0,channel.size());
- }
- public boolean isOpened() {
- return mapBuff!=null;
- }
- public void close() throws IOException {
- if(channel!=null){
- channel.close();
- }
- if(rafile!=null) {
- rafile.close();
- }
- mapBuff = null;
- }
+ private RandomAccessFile rafile;
+ private FileChannel channel;
+ public MappedByteBuffer mapBuff;
+ private final File file;
+ private final String access;
+
+ public DataFile(File file, String access) {
+ this.file = file;
+ this.access = access;
+ }
+ public void open() throws IOException {
+ if(!file.exists()) throw new FileNotFoundException();
+ rafile = new RandomAccessFile(file,access);
+ channel = rafile.getChannel();
+ mapBuff = channel.map("r".equals(access)?MapMode.READ_ONLY:MapMode.READ_WRITE,0,channel.size());
+ }
+ public boolean isOpened() {
+ return mapBuff!=null;
+ }
+ public void close() throws IOException {
+ if(channel!=null){
+ channel.close();
+ }
+ if(rafile!=null) {
+ rafile.close();
+ }
+ mapBuff = null;
+ }
- public long size() throws IOException {
- return channel==null?0:channel.size();
- }
+ public long size() throws IOException {
+ return channel==null?0:channel.size();
+ }
- private synchronized int load(Token t) {
- int len = Math.min(mapBuff.limit()-t.next,t.buff.length);
- if(len>0) {
- mapBuff.position(t.next);
- mapBuff.get(t.buff,0,len);
- }
- return len<0?0:len;
- }
-
- public class Token {
- private byte[] buff;
- int pos, next, end;
-
- public Token(int size) {
- buff = new byte[size];
- pos = next = end = 0;
- }
-
- public boolean pos(int to) {
- pos = next = to;
- return (end=load(this))>0;
- }
-
- public boolean nextLine() {
- end = load(this);
- pos = next;
- for(int i=0;i<end;++i) {
- if(buff[i]=='\n') {
- end = i;
- next += i+1;
- return true;
- }
- }
- return false;
- }
-
- public IntBuffer getIntBuffer() {
- return ByteBuffer.wrap(buff).asIntBuffer();
- }
+ private synchronized int load(Token t) {
+ int len = Math.min(mapBuff.limit()-t.next,t.buff.length);
+ if(len>0) {
+ mapBuff.position(t.next);
+ mapBuff.get(t.buff,0,len);
+ }
+ return len<0?0:len;
+ }
+
+ public class Token {
+ private byte[] buff;
+ int pos, next, end;
+
+ public Token(int size) {
+ buff = new byte[size];
+ pos = next = end = 0;
+ }
+
+ public boolean pos(int to) {
+ pos = next = to;
+ return (end=load(this))>0;
+ }
+
+ public boolean nextLine() {
+ end = load(this);
+ pos = next;
+ for(int i=0;i<end;++i) {
+ if(buff[i]=='\n') {
+ end = i;
+ next += i+1;
+ return true;
+ }
+ }
+ return false;
+ }
+
+ public IntBuffer getIntBuffer() {
+ return ByteBuffer.wrap(buff).asIntBuffer();
+ }
- public String toString() {
- return new String(buff,0,end);
- }
-
- public class Field {
- char delim;
- int idx;
- ByteBuffer bb;
+ public String toString() {
+ return new String(buff,0,end);
+ }
+
+ public class Field {
+ char delim;
+ int idx;
+ ByteBuffer bb;
- public Field(char delimiter) {
- delim = delimiter;
- idx = 0;
- bb = null;
- }
-
- public Field reset() {
- idx = 0;
- return this;
- }
-
- public String next() {
- if(idx>=end)return null;
- int start = idx;
- byte c=0;
- int endStr = -1;
- while(idx<end && idx<buff.length && (c=buff[idx])!=delim && c!='\n') { // for DOS
- if(c=='\r')endStr=idx;
- ++idx;
- }
-
- if(endStr<0) {
- endStr=idx-start;
- } else {
- endStr=endStr-start;
- }
- ++idx;
- return new String(buff,start,endStr);
- }
+ public Field(char delimiter) {
+ delim = delimiter;
+ idx = 0;
+ bb = null;
+ }
+
+ public Field reset() {
+ idx = 0;
+ return this;
+ }
+
+ public String next() {
+ if(idx>=end)return null;
+ int start = idx;
+ byte c=0;
+ int endStr = -1;
+ while(idx<end && idx<buff.length && (c=buff[idx])!=delim && c!='\n') { // for DOS
+ if(c=='\r')endStr=idx;
+ ++idx;
+ }
+
+ if(endStr<0) {
+ endStr=idx-start;
+ } else {
+ endStr=endStr-start;
+ }
+ ++idx;
+ return new String(buff,start,endStr);
+ }
- public String at(int fieldOffset) {
- int start;
- byte c=0;
- for(int count = idx = start = 0; idx<end && idx<buff.length; ++idx) {
- if((c=buff[idx])==delim || c=='\n') {
- if(count++ == fieldOffset) {
- break;
- }
- start = idx+1;
- }
- }
- return new String(buff,start,(idx-start-(c=='\r'?1:0)));
- }
-
- public String atToEnd(int fieldOffset) {
- int start;
- byte c=0;
- for(int count = idx = start = 0; idx<end && idx<buff.length; ++idx) {
- if((c=buff[idx])==delim || c=='\n') {
- if(count++ == fieldOffset) {
- break;
- }
- start = idx+1;
- }
- }
-
- for(; idx<end && idx<buff.length && (c=buff[idx])!='\n'; ++idx) {
- ++idx;
- }
- return new String(buff,start,(idx-start-((c=='\r' || idx>=end)?1:0)));
- }
+ public String at(int fieldOffset) {
+ int start;
+ byte c=0;
+ for(int count = idx = start = 0; idx<end && idx<buff.length; ++idx) {
+ if((c=buff[idx])==delim || c=='\n') {
+ if(count++ == fieldOffset) {
+ break;
+ }
+ start = idx+1;
+ }
+ }
+ return new String(buff,start,(idx-start-(c=='\r'?1:0)));
+ }
+
+ public String atToEnd(int fieldOffset) {
+ int start;
+ byte c=0;
+ for(int count = idx = start = 0; idx<end && idx<buff.length; ++idx) {
+ if((c=buff[idx])==delim || c=='\n') {
+ if(count++ == fieldOffset) {
+ break;
+ }
+ start = idx+1;
+ }
+ }
+
+ for(; idx<end && idx<buff.length && (c=buff[idx])!='\n'; ++idx) {
+ ++idx;
+ }
+ return new String(buff,start,(idx-start-((c=='\r' || idx>=end)?1:0)));
+ }
- }
+ }
- public int pos() {
- return pos;
- }
- }
+ public int pos() {
+ return pos;
+ }
+ }
- public File file() {
- return file;
- }
-
+ public File file() {
+ return file;
+ }
+
}
diff --git a/auth/auth-core/src/main/java/org/onap/aaf/auth/local/TextIndex.java b/auth/auth-core/src/main/java/org/onap/aaf/auth/local/TextIndex.java
index 39225f74..bb1b6117 100644
--- a/auth/auth-core/src/main/java/org/onap/aaf/auth/local/TextIndex.java
+++ b/auth/auth-core/src/main/java/org/onap/aaf/auth/local/TextIndex.java
@@ -39,223 +39,223 @@ import org.onap.aaf.misc.env.TimeTaken;
import org.onap.aaf.misc.env.Trans;
public class TextIndex {
- private static final int REC_SIZE=8;
-
- private File file;
- private DataFile dataFile=null;
-
- public TextIndex(File theFile) {
- file = theFile;
- }
-
- public void open() throws IOException {
- dataFile = new DataFile(file,"r");
- dataFile.open();
- }
-
- public void close() throws IOException {
- if(dataFile!=null) {
- dataFile.close();
- dataFile=null;
- }
- }
+ private static final int REC_SIZE=8;
+
+ private File file;
+ private DataFile dataFile=null;
+
+ public TextIndex(File theFile) {
+ file = theFile;
+ }
+
+ public void open() throws IOException {
+ dataFile = new DataFile(file,"r");
+ dataFile.open();
+ }
+
+ public void close() throws IOException {
+ if(dataFile!=null) {
+ dataFile.close();
+ dataFile=null;
+ }
+ }
- public int find(Object key, AbsData.Reuse reuse, int offset) throws IOException {
- return find(key,reuse.tokenData,reuse.getFieldData(),offset);
- }
-
- public int find(Object key, DataFile.Token dtok, Field df, int offset) throws IOException {
- if(dataFile==null) {
- throw new IOException("File not opened");
- }
- long hash = hashToLong(key.hashCode());
- int min=0, max = (int)(dataFile.size()/REC_SIZE);
- Token ttok = dataFile.new Token(REC_SIZE);
- IntBuffer tib = ttok.getIntBuffer();
- long lhash;
- int curr;
- while((max-min)>100) {
- ttok.pos((curr=(min+(max-min)/2))*REC_SIZE);
- tib.rewind();
- lhash = hashToLong(tib.get());
- if(lhash<hash) {
- min=curr+1;
- } else if(lhash>hash) {
- max=curr-1;
- } else {
- min=curr-40;
- max=curr+40;
- break;
- }
- }
-
- List<Integer> entries = new ArrayList<>();
- for(int i=min;i<=max;++i) {
- ttok.pos(i*REC_SIZE);
- tib.rewind();
- lhash = hashToLong(tib.get());
- if(lhash==hash) {
- entries.add(tib.get());
- } else if(lhash>hash) {
- break;
- }
- }
-
- for(Integer i : entries) {
- dtok.pos(i);
- if(df.at(offset).equals(key)) {
- return i;
- }
- }
- return -1;
- }
-
+ public int find(Object key, AbsData.Reuse reuse, int offset) throws IOException {
+ return find(key,reuse.tokenData,reuse.getFieldData(),offset);
+ }
+
+ public int find(Object key, DataFile.Token dtok, Field df, int offset) throws IOException {
+ if(dataFile==null) {
+ throw new IOException("File not opened");
+ }
+ long hash = hashToLong(key.hashCode());
+ int min=0, max = (int)(dataFile.size()/REC_SIZE);
+ Token ttok = dataFile.new Token(REC_SIZE);
+ IntBuffer tib = ttok.getIntBuffer();
+ long lhash;
+ int curr;
+ while((max-min)>100) {
+ ttok.pos((curr=(min+(max-min)/2))*REC_SIZE);
+ tib.rewind();
+ lhash = hashToLong(tib.get());
+ if(lhash<hash) {
+ min=curr+1;
+ } else if(lhash>hash) {
+ max=curr-1;
+ } else {
+ min=curr-40;
+ max=curr+40;
+ break;
+ }
+ }
+
+ List<Integer> entries = new ArrayList<>();
+ for(int i=min;i<=max;++i) {
+ ttok.pos(i*REC_SIZE);
+ tib.rewind();
+ lhash = hashToLong(tib.get());
+ if(lhash==hash) {
+ entries.add(tib.get());
+ } else if(lhash>hash) {
+ break;
+ }
+ }
+
+ for(Integer i : entries) {
+ dtok.pos(i);
+ if(df.at(offset).equals(key)) {
+ return i;
+ }
+ }
+ return -1;
+ }
+
- /*
- * Have to change Bytes into a Long, to avoid the inevitable signs in the Hash
- */
- private static long hashToLong(int hash) {
- long rv;
- if(hash<0) {
- rv = 0xFFFFFFFFL & hash;
- } else {
- rv = hash;
- }
- return rv;
- }
-
- public void create(final Trans trans,final DataFile data, int maxLine, char delim, int fieldOffset, int skipLines) throws IOException {
- FileChannel fos;
-
- List<Idx> list = new LinkedList<>(); // Some hashcodes will double... DO NOT make a set
- TimeTaken tt2 = trans.start("Open Files", Env.SUB);
- RandomAccessFile raf=null;
- try {
- try {
- raf = new RandomAccessFile(file,"rw");
- raf.setLength(0L);
- fos = raf.getChannel();
- } finally {
- tt2.done();
- }
-
- try {
-
- Token t = data.new Token(maxLine);
- Field f = t.new Field(delim);
-
- int count = 0;
- if(skipLines>0) {
- trans.info().log("Skipping",skipLines,"line"+(skipLines==1?" in":"s in"),data.file().getName());
- }
- for(int i=0;i<skipLines;++i) {
- t.nextLine();
- }
- tt2 = trans.start("Read", Env.SUB);
- try {
- while(t.nextLine()) {
- list.add(new Idx(f.at(fieldOffset),t.pos()));
- ++count;
- }
- } finally {
- tt2.done();
- }
- trans.checkpoint(" Read " + count + " records");
- tt2 = trans.start("Sort List", Env.SUB);
- Collections.sort(list);
- tt2.done();
- tt2 = trans.start("Write Idx", Env.SUB);
- try {
- ByteBuffer bb = ByteBuffer.allocate(8*1024);
- IntBuffer ib = bb.asIntBuffer();
- for(Idx idx : list) {
- if(!ib.hasRemaining()) {
- fos.write(bb);
- ib.clear();
- bb.rewind();
- }
- ib.put(idx.hash);
- ib.put(idx.pos);
- }
- bb.limit(4*ib.position());
- fos.write(bb);
- } finally {
- tt2.done();
- }
- } finally {
- fos.close();
- }
- } finally {
- if(raf!=null) {
- raf.close(); // closed by fos
- }
- }
- }
-
- public class Iter {
- private int idx;
- private Token t;
- private long end;
- private IntBuffer ib;
+ /*
+ * Have to change Bytes into a Long, to avoid the inevitable signs in the Hash
+ */
+ private static long hashToLong(int hash) {
+ long rv;
+ if(hash<0) {
+ rv = 0xFFFFFFFFL & hash;
+ } else {
+ rv = hash;
+ }
+ return rv;
+ }
+
+ public void create(final Trans trans,final DataFile data, int maxLine, char delim, int fieldOffset, int skipLines) throws IOException {
+ FileChannel fos;
+
+ List<Idx> list = new LinkedList<>(); // Some hashcodes will double... DO NOT make a set
+ TimeTaken tt2 = trans.start("Open Files", Env.SUB);
+ RandomAccessFile raf=null;
+ try {
+ try {
+ raf = new RandomAccessFile(file,"rw");
+ raf.setLength(0L);
+ fos = raf.getChannel();
+ } finally {
+ tt2.done();
+ }
+
+ try {
+
+ Token t = data.new Token(maxLine);
+ Field f = t.new Field(delim);
+
+ int count = 0;
+ if(skipLines>0) {
+ trans.info().log("Skipping",skipLines,"line"+(skipLines==1?" in":"s in"),data.file().getName());
+ }
+ for(int i=0;i<skipLines;++i) {
+ t.nextLine();
+ }
+ tt2 = trans.start("Read", Env.SUB);
+ try {
+ while(t.nextLine()) {
+ list.add(new Idx(f.at(fieldOffset),t.pos()));
+ ++count;
+ }
+ } finally {
+ tt2.done();
+ }
+ trans.checkpoint(" Read " + count + " records");
+ tt2 = trans.start("Sort List", Env.SUB);
+ Collections.sort(list);
+ tt2.done();
+ tt2 = trans.start("Write Idx", Env.SUB);
+ try {
+ ByteBuffer bb = ByteBuffer.allocate(8*1024);
+ IntBuffer ib = bb.asIntBuffer();
+ for(Idx idx : list) {
+ if(!ib.hasRemaining()) {
+ fos.write(bb);
+ ib.clear();
+ bb.rewind();
+ }
+ ib.put(idx.hash);
+ ib.put(idx.pos);
+ }
+ bb.limit(4*ib.position());
+ fos.write(bb);
+ } finally {
+ tt2.done();
+ }
+ } finally {
+ fos.close();
+ }
+ } finally {
+ if(raf!=null) {
+ raf.close(); // closed by fos
+ }
+ }
+ }
+
+ public class Iter {
+ private int idx;
+ private Token t;
+ private long end;
+ private IntBuffer ib;
- public Iter() {
- try {
- idx = 0;
- end = dataFile.size();
- t = dataFile.new Token(REC_SIZE);
- ib = t.getIntBuffer();
+ public Iter() {
+ try {
+ idx = 0;
+ end = dataFile.size();
+ t = dataFile.new Token(REC_SIZE);
+ ib = t.getIntBuffer();
- } catch (IOException e) {
- end = -1L;
- }
- }
-
- public int next() {
- t.pos(idx);
- ib.clear();
- ib.get();
- int rec = ib.get();
- idx += REC_SIZE;
- return rec;
- }
+ } catch (IOException e) {
+ end = -1L;
+ }
+ }
+
+ public int next() {
+ t.pos(idx);
+ ib.clear();
+ ib.get();
+ int rec = ib.get();
+ idx += REC_SIZE;
+ return rec;
+ }
- public boolean hasNext() {
- return idx<end;
- }
- }
-
- private static class Idx implements Comparable<Idx> {
- public int hash, pos;
- public Idx(Object obj, int pos) {
- hash = obj.hashCode();
- this.pos = pos;
- }
-
- @Override
- public int compareTo(Idx ib) {
- long a = hashToLong(hash);
- long b = hashToLong(ib.hash);
- return a>b?1:a<b?-1:0;
- }
+ public boolean hasNext() {
+ return idx<end;
+ }
+ }
+
+ private static class Idx implements Comparable<Idx> {
+ public int hash, pos;
+ public Idx(Object obj, int pos) {
+ hash = obj.hashCode();
+ this.pos = pos;
+ }
+
+ @Override
+ public int compareTo(Idx ib) {
+ long a = hashToLong(hash);
+ long b = hashToLong(ib.hash);
+ return a>b?1:a<b?-1:0;
+ }
- /* (non-Javadoc)
- * @see java.lang.Object#equals(java.lang.Object)
- */
- @Override
- public boolean equals(Object o) {
- if(o!=null && o instanceof Idx) {
- return hash == ((Idx)o).hash;
- }
- return false;
- }
+ /* (non-Javadoc)
+ * @see java.lang.Object#equals(java.lang.Object)
+ */
+ @Override
+ public boolean equals(Object o) {
+ if(o!=null && o instanceof Idx) {
+ return hash == ((Idx)o).hash;
+ }
+ return false;
+ }
- /* (non-Javadoc)
- * @see java.lang.Object#hashCode()
- */
- @Override
- public int hashCode() {
- return hash;
- }
- }
+ /* (non-Javadoc)
+ * @see java.lang.Object#hashCode()
+ */
+ @Override
+ public int hashCode() {
+ return hash;
+ }
+ }
}
diff --git a/auth/auth-core/src/main/java/org/onap/aaf/auth/org/Executor.java b/auth/auth-core/src/main/java/org/onap/aaf/auth/org/Executor.java
index a839ae73..48ac9dce 100644
--- a/auth/auth-core/src/main/java/org/onap/aaf/auth/org/Executor.java
+++ b/auth/auth-core/src/main/java/org/onap/aaf/auth/org/Executor.java
@@ -22,13 +22,13 @@
package org.onap.aaf.auth.org;
public interface Executor {
- // remove User from user/Role
- // remove user from Admins
- // if # of Owners > 1, remove User from Owner
- // if # of Owners = 1, changeOwner to X Remove Owner????
- boolean hasPermission(String user, String ns, String type, String instance, String action);
- boolean inRole(String name);
-
- public String namespace() throws Exception;
- public String id();
+ // remove User from user/Role
+ // remove user from Admins
+ // if # of Owners > 1, remove User from Owner
+ // if # of Owners = 1, changeOwner to X Remove Owner????
+ boolean hasPermission(String user, String ns, String type, String instance, String action);
+ boolean inRole(String name);
+
+ public String namespace() throws Exception;
+ public String id();
}
diff --git a/auth/auth-core/src/main/java/org/onap/aaf/auth/org/Mailer.java b/auth/auth-core/src/main/java/org/onap/aaf/auth/org/Mailer.java
index 86875a4a..ff5d24c9 100644
--- a/auth/auth-core/src/main/java/org/onap/aaf/auth/org/Mailer.java
+++ b/auth/auth-core/src/main/java/org/onap/aaf/auth/org/Mailer.java
@@ -25,14 +25,14 @@ import java.util.List;
import org.onap.aaf.auth.env.AuthzTrans;
public interface Mailer {
- public int sendEmail(
- AuthzTrans trans,
- boolean testMode,
- String mailFrom,
- List<String> toList,
- List<String> ccList,
- String subject,
- String body,
- Boolean urgent) throws OrganizationException;
+ public int sendEmail(
+ AuthzTrans trans,
+ boolean testMode,
+ String mailFrom,
+ List<String> toList,
+ List<String> ccList,
+ String subject,
+ String body,
+ Boolean urgent) throws OrganizationException;
}
diff --git a/auth/auth-core/src/main/java/org/onap/aaf/auth/org/Organization.java b/auth/auth-core/src/main/java/org/onap/aaf/auth/org/Organization.java
index bbae00ca..3ade1195 100644
--- a/auth/auth-core/src/main/java/org/onap/aaf/auth/org/Organization.java
+++ b/auth/auth-core/src/main/java/org/onap/aaf/auth/org/Organization.java
@@ -43,258 +43,258 @@ import org.onap.aaf.auth.env.AuthzTrans;
*
*/
public interface Organization {
- public static final String N_A = "n/a";
-
- public interface Identity {
- public String id();
- public String fullID() throws OrganizationException; // Fully Qualified ID (includes Domain of Organization)
- public String type(); // Must be one of "IdentityTypes", see below
- public Identity responsibleTo() throws OrganizationException; // Chain of Command, or Application ID Sponsor
- public List<String> delegate(); // Someone who has authority to act on behalf of Identity
- public String email();
- public String fullName();
- public String firstName();
- /**
- * If Responsible entity, then String returned is "null" meaning "no Objection".
- * If String exists, it is the Policy objection text setup by the entity.
- * @return
- */
- public String mayOwn(); // Is id passed belong to a person suitable to be Responsible for content Management
- public boolean isFound(); // Is Identity found in Identity stores
- public boolean isPerson(); // Whether a Person or a Machine (App)
- public Organization org(); // Organization of Identity
-
- }
-
-
- /**
- * Name of Organization, suitable for Logging
- * @return
- */
- public String getName();
-
- /**
- * Realm, for use in distinguishing IDs from different systems/Companies
- * @return
- */
- public String getRealm();
-
- public boolean supportsRealm(String user);
-
- public void addSupportedRealm(String r);
-
-
-
- String getDomain();
-
- /**
- * Get Identity information based on userID
- *
- * @param id
- * @return
- */
- public Identity getIdentity(AuthzTrans trans, String id) throws OrganizationException;
-
-
- /**
- * Does the ID pass Organization Standards
- *
- * Return a Blank (empty) String if empty, otherwise, return a "\n" separated list of
- * reasons why it fails
- *
- * @param id
- * @return
- */
- public String isValidID(AuthzTrans trans, String id);
-
- /**
- * Return a Blank (empty) String if empty, otherwise, return a "\n" separated list of
- * reasons why it fails
- *
- * Identity is passed in to allow policies regarding passwords that are the same as user ID
- *
- * any entries for "prev" imply a reset
- *
- * @param id
- * @param password
- * @return
- */
- public String isValidPassword(final AuthzTrans trans, final String id, final String password, final String ... prev);
+ public static final String N_A = "n/a";
+
+ public interface Identity {
+ public String id();
+ public String fullID() throws OrganizationException; // Fully Qualified ID (includes Domain of Organization)
+ public String type(); // Must be one of "IdentityTypes", see below
+ public Identity responsibleTo() throws OrganizationException; // Chain of Command, or Application ID Sponsor
+ public List<String> delegate(); // Someone who has authority to act on behalf of Identity
+ public String email();
+ public String fullName();
+ public String firstName();
+ /**
+ * If Responsible entity, then String returned is "null" meaning "no Objection".
+ * If String exists, it is the Policy objection text setup by the entity.
+ * @return
+ */
+ public String mayOwn(); // Is id passed belong to a person suitable to be Responsible for content Management
+ public boolean isFound(); // Is Identity found in Identity stores
+ public boolean isPerson(); // Whether a Person or a Machine (App)
+ public Organization org(); // Organization of Identity
+
+ }
+
+
+ /**
+ * Name of Organization, suitable for Logging
+ * @return
+ */
+ public String getName();
+
+ /**
+ * Realm, for use in distinguishing IDs from different systems/Companies
+ * @return
+ */
+ public String getRealm();
+
+ public boolean supportsRealm(String user);
+
+ public void addSupportedRealm(String r);
+
+
+
+ String getDomain();
+
+ /**
+ * Get Identity information based on userID
+ *
+ * @param id
+ * @return
+ */
+ public Identity getIdentity(AuthzTrans trans, String id) throws OrganizationException;
+
+
+ /**
+ * Does the ID pass Organization Standards
+ *
+ * Return a Blank (empty) String if empty, otherwise, return a "\n" separated list of
+ * reasons why it fails
+ *
+ * @param id
+ * @return
+ */
+ public String isValidID(AuthzTrans trans, String id);
+
+ /**
+ * Return a Blank (empty) String if empty, otherwise, return a "\n" separated list of
+ * reasons why it fails
+ *
+ * Identity is passed in to allow policies regarding passwords that are the same as user ID
+ *
+ * any entries for "prev" imply a reset
+ *
+ * @param id
+ * @param password
+ * @return
+ */
+ public String isValidPassword(final AuthzTrans trans, final String id, final String password, final String ... prev);
+
+ /**
+ * Return a list of Strings denoting Organization Password Rules, suitable for posting on a WebPage with <p>
+ */
+ public String[] getPasswordRules();
+
+ /**
+ *
+ * @param id
+ * @return
+ */
+ public boolean isValidCred(final AuthzTrans trans, final String id);
+
+ /**
+ * If response is Null, then it is valid. Otherwise, the Organization specific reason is returned.
+ *
+ * @param trans
+ * @param policy
+ * @param executor
+ * @param vars
+ * @return
+ * @throws OrganizationException
+ */
+ public String validate(AuthzTrans trans, Policy policy, Executor executor, String ... vars) throws OrganizationException;
/**
- * Return a list of Strings denoting Organization Password Rules, suitable for posting on a WebPage with <p>
- */
- public String[] getPasswordRules();
-
- /**
- *
- * @param id
- * @return
- */
- public boolean isValidCred(final AuthzTrans trans, final String id);
-
- /**
- * If response is Null, then it is valid. Otherwise, the Organization specific reason is returned.
- *
- * @param trans
- * @param policy
- * @param executor
- * @param vars
- * @return
- * @throws OrganizationException
- */
- public String validate(AuthzTrans trans, Policy policy, Executor executor, String ... vars) throws OrganizationException;
-
- /**
- * Does your Company distinguish essential permission structures by kind of Identity?
- * i.e. Employee, Contractor, Vendor
- * @return
- */
- public Set<String> getIdentityTypes();
-
- public enum Notify {
- Approval(1),
- PasswordExpiration(2),
+ * Does your Company distinguish essential permission structures by kind of Identity?
+ * i.e. Employee, Contractor, Vendor
+ * @return
+ */
+ public Set<String> getIdentityTypes();
+
+ public enum Notify {
+ Approval(1),
+ PasswordExpiration(2),
RoleExpiration(3);
- final int id;
- Notify(int id) {this.id = id;}
- public int getValue() {return id;}
- public static Notify from(int type) {
- for(Notify t : Notify.values()) {
- if(t.id==type) {
- return t;
- }
- }
- return null;
- }
- }
-
- public enum Response{
- OK,
- ERR_NotImplemented,
- ERR_UserNotExist,
- ERR_NotificationFailure,
- };
-
- public enum Expiration {
- Password,
- TempPassword,
- Future,
- UserInRole,
- UserDelegate,
- ExtendPassword
- }
-
- public enum Policy {
- CHANGE_JOB,
- LEFT_COMPANY,
- CREATE_MECHID,
- CREATE_MECHID_BY_PERM_ONLY,
- OWNS_MECHID,
- AS_RESPONSIBLE,
- MAY_EXTEND_CRED_EXPIRES,
- MAY_APPLY_DEFAULT_REALM
- }
-
- /**
- * Notify a User of Action or Info
- *
- * @param type
- * @param url
- * @param users (separated by commas)
- * @param ccs (separated by commas)
- * @param summary
- */
+ final int id;
+ Notify(int id) {this.id = id;}
+ public int getValue() {return id;}
+ public static Notify from(int type) {
+ for(Notify t : Notify.values()) {
+ if(t.id==type) {
+ return t;
+ }
+ }
+ return null;
+ }
+ }
+
+ public enum Response{
+ OK,
+ ERR_NotImplemented,
+ ERR_UserNotExist,
+ ERR_NotificationFailure,
+ };
+
+ public enum Expiration {
+ Password,
+ TempPassword,
+ Future,
+ UserInRole,
+ UserDelegate,
+ ExtendPassword
+ }
+
+ public enum Policy {
+ CHANGE_JOB,
+ LEFT_COMPANY,
+ CREATE_MECHID,
+ CREATE_MECHID_BY_PERM_ONLY,
+ OWNS_MECHID,
+ AS_RESPONSIBLE,
+ MAY_EXTEND_CRED_EXPIRES,
+ MAY_APPLY_DEFAULT_REALM
+ }
+
+ /**
+ * Notify a User of Action or Info
+ *
+ * @param type
+ * @param url
+ * @param users (separated by commas)
+ * @param ccs (separated by commas)
+ * @param summary
+ */
public Response notify(AuthzTrans trans, Notify type, String url, String ids[], String ccs[], String summary, Boolean urgent);
- /**
- * (more) generic way to send an email
- *
- * @param toList
- * @param ccList
- * @param subject
- * @param body
- * @param urgent
- */
-
- public int sendEmail(AuthzTrans trans, List<String> toList, List<String> ccList, String subject, String body, Boolean urgent) throws OrganizationException;
-
- /**
- * whenToValidate
- *
- * Authz support services will ask the Organization Object at startup when it should
- * kickoff Validation processes given particular types.
- *
- * This allows the Organization to express Policy
- *
- * Turn off Validation behavior by returning "null"
- *
- */
- public Date whenToValidate(Notify type, Date lastValidated);
-
-
- /**
- * Expiration
- *
- * Given a Calendar item of Start (or now), set the Expiration Date based on the Policy
- * based on type.
- *
- * For instance, "Passwords expire in 3 months"
- *
- * The Extra Parameter is used by certain Orgs.
- *
- * For Password, the extra is UserID, so it can check the User Type
- *
- * @param gc
- * @param exp
- * @return
- */
- public GregorianCalendar expiration(GregorianCalendar gc, Expiration exp, String ... extra);
-
- /**
- * Get Email Warning timing policies
- * @return
- */
- public EmailWarnings emailWarningPolicy();
-
- /**
- *
- * @param trans
- * @param user
- * @return
- */
- public List<Identity> getApprovers(AuthzTrans trans, String user) throws OrganizationException ;
-
- /*
- *
- * @param user
- * @param type
- * @param users
- * @return
- public Response notifyRequest(AuthzTrans trans, String user, Approval type, List<User> approvers);
- */
-
- /**
- *
- * @return
- */
- public String getApproverType();
-
- /*
- * startOfDay - define for company what hour of day business starts (specifically for password and other expiration which
- * were set by Date only.)
- *
- * @return
- */
- public int startOfDay();
+ /**
+ * (more) generic way to send an email
+ *
+ * @param toList
+ * @param ccList
+ * @param subject
+ * @param body
+ * @param urgent
+ */
+
+ public int sendEmail(AuthzTrans trans, List<String> toList, List<String> ccList, String subject, String body, Boolean urgent) throws OrganizationException;
+
+ /**
+ * whenToValidate
+ *
+ * Authz support services will ask the Organization Object at startup when it should
+ * kickoff Validation processes given particular types.
+ *
+ * This allows the Organization to express Policy
+ *
+ * Turn off Validation behavior by returning "null"
+ *
+ */
+ public Date whenToValidate(Notify type, Date lastValidated);
+
+
+ /**
+ * Expiration
+ *
+ * Given a Calendar item of Start (or now), set the Expiration Date based on the Policy
+ * based on type.
+ *
+ * For instance, "Passwords expire in 3 months"
+ *
+ * The Extra Parameter is used by certain Orgs.
+ *
+ * For Password, the extra is UserID, so it can check the User Type
+ *
+ * @param gc
+ * @param exp
+ * @return
+ */
+ public GregorianCalendar expiration(GregorianCalendar gc, Expiration exp, String ... extra);
+
+ /**
+ * Get Email Warning timing policies
+ * @return
+ */
+ public EmailWarnings emailWarningPolicy();
+
+ /**
+ *
+ * @param trans
+ * @param user
+ * @return
+ */
+ public List<Identity> getApprovers(AuthzTrans trans, String user) throws OrganizationException ;
+
+ /*
+ *
+ * @param user
+ * @param type
+ * @param users
+ * @return
+ public Response notifyRequest(AuthzTrans trans, String user, Approval type, List<User> approvers);
+ */
+
+ /**
+ *
+ * @return
+ */
+ public String getApproverType();
+
+ /*
+ * startOfDay - define for company what hour of day business starts (specifically for password and other expiration which
+ * were set by Date only.)
+ *
+ * @return
+ */
+ public int startOfDay();
/**
* implement this method to support any IDs that can have multiple entries in the cred table
* NOTE: the combination of ID/expiration date/(encryption type when implemented) must be unique.
- * Since expiration date is based on startOfDay for your company, you cannot create many
- * creds for the same ID in the same day.
+ * Since expiration date is based on startOfDay for your company, you cannot create many
+ * creds for the same ID in the same day.
* @param id
* @return
*/
@@ -302,228 +302,228 @@ public interface Organization {
boolean isTestEnv();
- public void setTestMode(boolean dryRun);
-
- public static final Organization NULL = new Organization()
- {
- private final GregorianCalendar gc = new GregorianCalendar(1900, 1, 1);
- private final List<Identity> nullList = new ArrayList<>();
- private final Set<String> nullStringSet = new HashSet<>();
- private String[] nullStringArray = new String[0];
- private final Identity nullIdentity = new Identity() {
- List<String> nullUser = new ArrayList<>();
- @Override
- public String type() {
- return N_A;
- }
-
- @Override
- public String mayOwn() {
- return N_A; // negative case
- }
-
- @Override
- public boolean isFound() {
- return false;
- }
-
- @Override
- public String id() {
- return N_A;
- }
-
- @Override
- public String fullID() {
- return N_A;
- }
-
- @Override
- public String email() {
- return N_A;
- }
-
- @Override
- public List<String> delegate() {
- return nullUser;
- }
- @Override
- public String fullName() {
- return N_A;
- }
- @Override
- public Organization org() {
- return NULL;
- }
- @Override
- public String firstName() {
- return N_A;
- }
- @Override
- public boolean isPerson() {
- return false;
- }
-
- @Override
- public Identity responsibleTo() {
- return null;
- }
- };
- @Override
- public String getName() {
- return N_A;
- }
-
- @Override
- public String getRealm() {
- return N_A;
- }
-
- @Override
- public boolean supportsRealm(String r) {
- return false;
- }
-
- @Override
- public void addSupportedRealm(String r) {
- }
-
- @Override
- public String getDomain() {
- return N_A;
- }
-
- @Override
- public Identity getIdentity(AuthzTrans trans, String id) {
- return nullIdentity;
- }
-
- @Override
- public String isValidID(final AuthzTrans trans, String id) {
- return N_A;
- }
-
- @Override
- public String isValidPassword(final AuthzTrans trans, final String user, final String password, final String... prev) {
- return N_A;
- }
-
- @Override
- public Set<String> getIdentityTypes() {
- return nullStringSet;
- }
-
- @Override
- public Response notify(AuthzTrans trans, Notify type, String url,
- String[] users, String[] ccs, String summary, Boolean urgent) {
- return Response.ERR_NotImplemented;
- }
-
- @Override
- public int sendEmail(AuthzTrans trans, List<String> toList, List<String> ccList,
- String subject, String body, Boolean urgent) throws OrganizationException {
- return 0;
- }
-
- @Override
- public Date whenToValidate(Notify type, Date lastValidated) {
- return gc.getTime();
- }
-
- @Override
- public GregorianCalendar expiration(GregorianCalendar gc,
- Expiration exp, String... extra) {
- return gc;
- }
-
- @Override
- public List<Identity> getApprovers(AuthzTrans trans, String user)
- throws OrganizationException {
- return nullList;
- }
-
- @Override
- public String getApproverType() {
- return "";
- }
-
- @Override
- public int startOfDay() {
- return 0;
- }
-
- @Override
- public boolean canHaveMultipleCreds(String id) {
- return false;
- }
-
- @Override
- public boolean isValidCred(final AuthzTrans trans, final String id) {
- return false;
- }
-
- @Override
- public String validate(AuthzTrans trans, Policy policy, Executor executor, String ... vars)
- throws OrganizationException {
- return "Null Organization rejects all Policies";
- }
-
- @Override
- public boolean isTestEnv() {
- return false;
- }
-
- @Override
- public void setTestMode(boolean dryRun) {
- }
-
- @Override
- public EmailWarnings emailWarningPolicy() {
- return new EmailWarnings() {
-
- @Override
- public long credEmailInterval()
- {
- return 604800000L; // 7 days in millis 1000 * 86400 * 7
- }
-
- @Override
- public long roleEmailInterval()
- {
- return 604800000L; // 7 days in millis 1000 * 86400 * 7
- }
-
- @Override
- public long apprEmailInterval() {
- return 259200000L; // 3 days in millis 1000 * 86400 * 3
- }
-
- @Override
- public long credExpirationWarning()
- {
- return( 2592000000L ); // One month, in milliseconds 1000 * 86400 * 30 in milliseconds
- }
-
- @Override
- public long roleExpirationWarning()
- {
- return( 2592000000L ); // One month, in milliseconds 1000 * 86400 * 30 in milliseconds
- }
-
- @Override
- public long emailUrgentWarning()
- {
- return( 1209600000L ); // Two weeks, in milliseconds 1000 * 86400 * 14 in milliseconds
- }
-
- };
- }
-
- @Override
- public String[] getPasswordRules() {
- return nullStringArray;
- }
-
- };
+ public void setTestMode(boolean dryRun);
+
+ public static final Organization NULL = new Organization()
+ {
+ private final GregorianCalendar gc = new GregorianCalendar(1900, 1, 1);
+ private final List<Identity> nullList = new ArrayList<>();
+ private final Set<String> nullStringSet = new HashSet<>();
+ private String[] nullStringArray = new String[0];
+ private final Identity nullIdentity = new Identity() {
+ List<String> nullUser = new ArrayList<>();
+ @Override
+ public String type() {
+ return N_A;
+ }
+
+ @Override
+ public String mayOwn() {
+ return N_A; // negative case
+ }
+
+ @Override
+ public boolean isFound() {
+ return false;
+ }
+
+ @Override
+ public String id() {
+ return N_A;
+ }
+
+ @Override
+ public String fullID() {
+ return N_A;
+ }
+
+ @Override
+ public String email() {
+ return N_A;
+ }
+
+ @Override
+ public List<String> delegate() {
+ return nullUser;
+ }
+ @Override
+ public String fullName() {
+ return N_A;
+ }
+ @Override
+ public Organization org() {
+ return NULL;
+ }
+ @Override
+ public String firstName() {
+ return N_A;
+ }
+ @Override
+ public boolean isPerson() {
+ return false;
+ }
+
+ @Override
+ public Identity responsibleTo() {
+ return null;
+ }
+ };
+ @Override
+ public String getName() {
+ return N_A;
+ }
+
+ @Override
+ public String getRealm() {
+ return N_A;
+ }
+
+ @Override
+ public boolean supportsRealm(String r) {
+ return false;
+ }
+
+ @Override
+ public void addSupportedRealm(String r) {
+ }
+
+ @Override
+ public String getDomain() {
+ return N_A;
+ }
+
+ @Override
+ public Identity getIdentity(AuthzTrans trans, String id) {
+ return nullIdentity;
+ }
+
+ @Override
+ public String isValidID(final AuthzTrans trans, String id) {
+ return N_A;
+ }
+
+ @Override
+ public String isValidPassword(final AuthzTrans trans, final String user, final String password, final String... prev) {
+ return N_A;
+ }
+
+ @Override
+ public Set<String> getIdentityTypes() {
+ return nullStringSet;
+ }
+
+ @Override
+ public Response notify(AuthzTrans trans, Notify type, String url,
+ String[] users, String[] ccs, String summary, Boolean urgent) {
+ return Response.ERR_NotImplemented;
+ }
+
+ @Override
+ public int sendEmail(AuthzTrans trans, List<String> toList, List<String> ccList,
+ String subject, String body, Boolean urgent) throws OrganizationException {
+ return 0;
+ }
+
+ @Override
+ public Date whenToValidate(Notify type, Date lastValidated) {
+ return gc.getTime();
+ }
+
+ @Override
+ public GregorianCalendar expiration(GregorianCalendar gc,
+ Expiration exp, String... extra) {
+ return gc;
+ }
+
+ @Override
+ public List<Identity> getApprovers(AuthzTrans trans, String user)
+ throws OrganizationException {
+ return nullList;
+ }
+
+ @Override
+ public String getApproverType() {
+ return "";
+ }
+
+ @Override
+ public int startOfDay() {
+ return 0;
+ }
+
+ @Override
+ public boolean canHaveMultipleCreds(String id) {
+ return false;
+ }
+
+ @Override
+ public boolean isValidCred(final AuthzTrans trans, final String id) {
+ return false;
+ }
+
+ @Override
+ public String validate(AuthzTrans trans, Policy policy, Executor executor, String ... vars)
+ throws OrganizationException {
+ return "Null Organization rejects all Policies";
+ }
+
+ @Override
+ public boolean isTestEnv() {
+ return false;
+ }
+
+ @Override
+ public void setTestMode(boolean dryRun) {
+ }
+
+ @Override
+ public EmailWarnings emailWarningPolicy() {
+ return new EmailWarnings() {
+
+ @Override
+ public long credEmailInterval()
+ {
+ return 604800000L; // 7 days in millis 1000 * 86400 * 7
+ }
+
+ @Override
+ public long roleEmailInterval()
+ {
+ return 604800000L; // 7 days in millis 1000 * 86400 * 7
+ }
+
+ @Override
+ public long apprEmailInterval() {
+ return 259200000L; // 3 days in millis 1000 * 86400 * 3
+ }
+
+ @Override
+ public long credExpirationWarning()
+ {
+ return( 2592000000L ); // One month, in milliseconds 1000 * 86400 * 30 in milliseconds
+ }
+
+ @Override
+ public long roleExpirationWarning()
+ {
+ return( 2592000000L ); // One month, in milliseconds 1000 * 86400 * 30 in milliseconds
+ }
+
+ @Override
+ public long emailUrgentWarning()
+ {
+ return( 1209600000L ); // Two weeks, in milliseconds 1000 * 86400 * 14 in milliseconds
+ }
+
+ };
+ }
+
+ @Override
+ public String[] getPasswordRules() {
+ return nullStringArray;
+ }
+
+ };
}
diff --git a/auth/auth-core/src/main/java/org/onap/aaf/auth/org/OrganizationException.java b/auth/auth-core/src/main/java/org/onap/aaf/auth/org/OrganizationException.java
index ed1d398b..347e2d35 100644
--- a/auth/auth-core/src/main/java/org/onap/aaf/auth/org/OrganizationException.java
+++ b/auth/auth-core/src/main/java/org/onap/aaf/auth/org/OrganizationException.java
@@ -23,30 +23,30 @@ package org.onap.aaf.auth.org;
public class OrganizationException extends Exception {
- /**
- *
- */
- private static final long serialVersionUID = 1L;
-
- public OrganizationException() {
- super();
- }
-
- public OrganizationException(String message) {
- super(message);
- }
-
- public OrganizationException(Throwable cause) {
- super(cause);
- }
-
- public OrganizationException(String message, Throwable cause) {
- super(message, cause);
- }
-
- public OrganizationException(String message, Throwable cause, boolean enableSuppression,
- boolean writableStackTrace) {
- super(message, cause, enableSuppression, writableStackTrace);
- }
+ /**
+ *
+ */
+ private static final long serialVersionUID = 1L;
+
+ public OrganizationException() {
+ super();
+ }
+
+ public OrganizationException(String message) {
+ super(message);
+ }
+
+ public OrganizationException(Throwable cause) {
+ super(cause);
+ }
+
+ public OrganizationException(String message, Throwable cause) {
+ super(message, cause);
+ }
+
+ public OrganizationException(String message, Throwable cause, boolean enableSuppression,
+ boolean writableStackTrace) {
+ super(message, cause, enableSuppression, writableStackTrace);
+ }
}
diff --git a/auth/auth-core/src/main/java/org/onap/aaf/auth/org/OrganizationFactory.java b/auth/auth-core/src/main/java/org/onap/aaf/auth/org/OrganizationFactory.java
index ffc79169..3b97d6f3 100644
--- a/auth/auth-core/src/main/java/org/onap/aaf/auth/org/OrganizationFactory.java
+++ b/auth/auth-core/src/main/java/org/onap/aaf/auth/org/OrganizationFactory.java
@@ -46,96 +46,96 @@ import org.onap.aaf.misc.env.impl.BasicEnv;
*
*/
public class OrganizationFactory {
- private static final String ORGANIZATION_DOT = "Organization.";
- private static Organization defaultOrg = null;
- private static Map<String,Organization> orgs = new ConcurrentHashMap<>();
- public static Organization init(BasicEnv env) throws OrganizationException {
- int idx = ORGANIZATION_DOT.length();
- Organization org,firstOrg = null;
-
- for(Entry<Object, Object> es : env.getProperties().entrySet()) {
- String key = es.getKey().toString();
- if(key.startsWith(ORGANIZATION_DOT)) {
- org = obtain(env,key.substring(idx));
- if(firstOrg==null) {
- firstOrg = org;
- }
- }
- }
- if(defaultOrg == null) {
- defaultOrg = firstOrg;
- }
- return defaultOrg;
- }
- public static Organization obtain(Env env,final String theNS) throws OrganizationException {
- String orgNS;
- if(theNS.indexOf('@')>=0) {
- orgNS=FQI.reverseDomain(theNS);
- } else {
- orgNS=theNS;
- }
- Organization org = orgs.get(orgNS);
- if(org == null) {
- env.debug().printf("Attempting to instantiate Organization %s\n",orgNS);
+ private static final String ORGANIZATION_DOT = "Organization.";
+ private static Organization defaultOrg = null;
+ private static Map<String,Organization> orgs = new ConcurrentHashMap<>();
+ public static Organization init(BasicEnv env) throws OrganizationException {
+ int idx = ORGANIZATION_DOT.length();
+ Organization org,firstOrg = null;
+
+ for(Entry<Object, Object> es : env.getProperties().entrySet()) {
+ String key = es.getKey().toString();
+ if(key.startsWith(ORGANIZATION_DOT)) {
+ org = obtain(env,key.substring(idx));
+ if(firstOrg==null) {
+ firstOrg = org;
+ }
+ }
+ }
+ if(defaultOrg == null) {
+ defaultOrg = firstOrg;
+ }
+ return defaultOrg;
+ }
+ public static Organization obtain(Env env,final String theNS) throws OrganizationException {
+ String orgNS;
+ if(theNS.indexOf('@')>=0) {
+ orgNS=FQI.reverseDomain(theNS);
+ } else {
+ orgNS=theNS;
+ }
+ Organization org = orgs.get(orgNS);
+ if(org == null) {
+ env.debug().printf("Attempting to instantiate Organization %s\n",orgNS);
- String orgClass = env.getProperty(ORGANIZATION_DOT+orgNS);
- if(orgClass == null) {
- env.warn().log("There is no Organization." + orgNS + " property");
- } else {
- try {
- Class<?> orgCls = Class.forName(orgClass);
- for(Organization o : orgs.values()) {
- if(o.getClass().isAssignableFrom(orgCls)) {
- org = o;
- }
- }
- } catch (ClassNotFoundException e1) {
- env.error().log(e1, orgClass + " is not on the Classpath.");
- throw new OrganizationException(e1);
- }
- if(org==null) {
- try {
- @SuppressWarnings("unchecked")
- Class<Organization> cls = (Class<Organization>) Class.forName(orgClass);
- Constructor<Organization> cnst = cls.getConstructor(Env.class,String.class);
- org = cnst.newInstance(env,orgNS);
- String other_realms = env.getProperty(orgNS+".also_supports");
- if(other_realms!=null) {
- for(String r : Split.splitTrim(',', other_realms)) {
- org.addSupportedRealm(r);
- }
- }
- } catch (ClassNotFoundException | NoSuchMethodException | SecurityException |
- InstantiationException | IllegalAccessException | IllegalArgumentException |
- InvocationTargetException e) {
- env.error().log(e, "Error on Organization Construction");
- throw new OrganizationException(e);
- }
- }
- orgs.put(orgNS, org);
- boolean isDefault;
- if((isDefault="true".equalsIgnoreCase(env.getProperty(orgNS+".default")))) {
- defaultOrg = org;
- }
- env.init().printf("Instantiated %s with %s%s\n",orgNS,orgClass,(isDefault?" as default":""));
- }
- if(org==null) {
- if(defaultOrg!=null) {
- org=defaultOrg;
- orgs.put(orgNS, org);
- }
- }
- }
-
- return org;
- }
+ String orgClass = env.getProperty(ORGANIZATION_DOT+orgNS);
+ if(orgClass == null) {
+ env.warn().log("There is no Organization." + orgNS + " property");
+ } else {
+ try {
+ Class<?> orgCls = Class.forName(orgClass);
+ for(Organization o : orgs.values()) {
+ if(o.getClass().isAssignableFrom(orgCls)) {
+ org = o;
+ }
+ }
+ } catch (ClassNotFoundException e1) {
+ env.error().log(e1, orgClass + " is not on the Classpath.");
+ throw new OrganizationException(e1);
+ }
+ if(org==null) {
+ try {
+ @SuppressWarnings("unchecked")
+ Class<Organization> cls = (Class<Organization>) Class.forName(orgClass);
+ Constructor<Organization> cnst = cls.getConstructor(Env.class,String.class);
+ org = cnst.newInstance(env,orgNS);
+ String other_realms = env.getProperty(orgNS+".also_supports");
+ if(other_realms!=null) {
+ for(String r : Split.splitTrim(',', other_realms)) {
+ org.addSupportedRealm(r);
+ }
+ }
+ } catch (ClassNotFoundException | NoSuchMethodException | SecurityException |
+ InstantiationException | IllegalAccessException | IllegalArgumentException |
+ InvocationTargetException e) {
+ env.error().log(e, "Error on Organization Construction");
+ throw new OrganizationException(e);
+ }
+ }
+ orgs.put(orgNS, org);
+ boolean isDefault;
+ if((isDefault="true".equalsIgnoreCase(env.getProperty(orgNS+".default")))) {
+ defaultOrg = org;
+ }
+ env.init().printf("Instantiated %s with %s%s\n",orgNS,orgClass,(isDefault?" as default":""));
+ }
+ if(org==null) {
+ if(defaultOrg!=null) {
+ org=defaultOrg;
+ orgs.put(orgNS, org);
+ }
+ }
+ }
+
+ return org;
+ }
- public static Organization get(AuthzTrans trans) throws OrganizationException {
- String domain = FQI.reverseDomain(trans.user());
- Organization org = orgs.get(domain);
- if(org==null) {
- org = defaultOrg; // can be null, btw, unless set.
- }
- return org;
- }
+ public static Organization get(AuthzTrans trans) throws OrganizationException {
+ String domain = FQI.reverseDomain(trans.user());
+ Organization org = orgs.get(domain);
+ if(org==null) {
+ org = defaultOrg; // can be null, btw, unless set.
+ }
+ return org;
+ }
}
diff --git a/auth/auth-core/src/main/java/org/onap/aaf/auth/rserv/Acceptor.java b/auth/auth-core/src/main/java/org/onap/aaf/auth/rserv/Acceptor.java
index 82a226ec..30924dd5 100644
--- a/auth/auth-core/src/main/java/org/onap/aaf/auth/rserv/Acceptor.java
+++ b/auth/auth-core/src/main/java/org/onap/aaf/auth/rserv/Acceptor.java
@@ -36,134 +36,134 @@ import org.onap.aaf.misc.env.Trans;
* @param <TRANS>
*/
class Acceptor<TRANS extends Trans> {
- private List<Pair<String, Pair<HttpCode<TRANS,?>, List<Pair<String, Object>>>>> types;
- List<Pair<String, Pair<HttpCode<TRANS,?>, List<Pair<String, Object>>>>> acceptable;
-
- public Acceptor(List<Pair<String, Pair<HttpCode<TRANS,?>, List<Pair<String, Object>>>>> types) {
- this.types = types;
- acceptable = new ArrayList<>();
- }
-
- private boolean eval(HttpCode<TRANS,?> code, String str, List<String> props) {
-// int plus = str.indexOf('+');
-// if(plus<0) {
- boolean ok = false;
- boolean any = false;
- for(Pair<String, Pair<HttpCode<TRANS,?>, List<Pair<String, Object>>>> type : types) {
- ok = true;
- if(type.x.equals(str)) {
- for(Iterator<String> iter = props.iterator();ok && iter.hasNext();) {
- ok = props(type,iter.next(),iter.next());
- }
- if(ok) {
- any = true;
- acceptable.add(type);
- }
- }
- }
-// } else { // Handle Accepts with "+" as in application/xaml+xml
-// int prev = str.indexOf('/')+1;
-// String first = str.substring(0,prev);
-// String nstr;
-// while(prev!=0) {
-// nstr = first + (plus<0?str.substring(prev):str.substring(prev,plus));
-//
-// for(Pair<String, Pair<HttpCode<TRANS,?>, List<Pair<String, Object>>>> type : types) {
-// if(type.x.equals(nstr)) {
-// acceptable.add(type);
-// return type;
-// }
-// }
-// prev = plus+1;
-// plus=str.indexOf('+', prev);
-// };
-// }
- return any;
- }
+ private List<Pair<String, Pair<HttpCode<TRANS,?>, List<Pair<String, Object>>>>> types;
+ List<Pair<String, Pair<HttpCode<TRANS,?>, List<Pair<String, Object>>>>> acceptable;
+
+ public Acceptor(List<Pair<String, Pair<HttpCode<TRANS,?>, List<Pair<String, Object>>>>> types) {
+ this.types = types;
+ acceptable = new ArrayList<>();
+ }
+
+ private boolean eval(HttpCode<TRANS,?> code, String str, List<String> props) {
+// int plus = str.indexOf('+');
+// if(plus<0) {
+ boolean ok = false;
+ boolean any = false;
+ for(Pair<String, Pair<HttpCode<TRANS,?>, List<Pair<String, Object>>>> type : types) {
+ ok = true;
+ if(type.x.equals(str)) {
+ for(Iterator<String> iter = props.iterator();ok && iter.hasNext();) {
+ ok = props(type,iter.next(),iter.next());
+ }
+ if(ok) {
+ any = true;
+ acceptable.add(type);
+ }
+ }
+ }
+// } else { // Handle Accepts with "+" as in application/xaml+xml
+// int prev = str.indexOf('/')+1;
+// String first = str.substring(0,prev);
+// String nstr;
+// while(prev!=0) {
+// nstr = first + (plus<0?str.substring(prev):str.substring(prev,plus));
+//
+// for(Pair<String, Pair<HttpCode<TRANS,?>, List<Pair<String, Object>>>> type : types) {
+// if(type.x.equals(nstr)) {
+// acceptable.add(type);
+// return type;
+// }
+// }
+// prev = plus+1;
+// plus=str.indexOf('+', prev);
+// };
+// }
+ return any;
+ }
- /**
- * Evaluate Properties
- * @param type
- * @param tag
- * @param value
- * @return
- */
- private boolean props(Pair<String, Pair<HttpCode<TRANS,?>, List<Pair<String, Object>>>> type, String tag, String value) {
- boolean rv = false;
- if(type.y!=null) {
- for(Pair<String,Object> prop : type.y.y){
- if(tag.equals(prop.x)) {
- if(tag.equals("charset")) {
- return prop.x==null?false:prop.y.equals(value.toLowerCase()); // return True if Matched
- } else if(tag.equals("version")) {
- return prop.y.equals(new Version(value)); // Note: Version Class knows Minor Version encoding
- } else if(tag.equals(Content.Q)) { // replace Q value
- try {
- type.y.y.get(0).y=Float.parseFloat(value);
- } catch (NumberFormatException e) {
- rv=false; // need to do something to make Sonar happy. But nothing to do.
- }
- return true;
- } else {
- return value.equals(prop.y);
- }
- }
- }
- }
- return rv;
- }
+ /**
+ * Evaluate Properties
+ * @param type
+ * @param tag
+ * @param value
+ * @return
+ */
+ private boolean props(Pair<String, Pair<HttpCode<TRANS,?>, List<Pair<String, Object>>>> type, String tag, String value) {
+ boolean rv = false;
+ if(type.y!=null) {
+ for(Pair<String,Object> prop : type.y.y){
+ if(tag.equals(prop.x)) {
+ if(tag.equals("charset")) {
+ return prop.x==null?false:prop.y.equals(value.toLowerCase()); // return True if Matched
+ } else if(tag.equals("version")) {
+ return prop.y.equals(new Version(value)); // Note: Version Class knows Minor Version encoding
+ } else if(tag.equals(Content.Q)) { // replace Q value
+ try {
+ type.y.y.get(0).y=Float.parseFloat(value);
+ } catch (NumberFormatException e) {
+ rv=false; // need to do something to make Sonar happy. But nothing to do.
+ }
+ return true;
+ } else {
+ return value.equals(prop.y);
+ }
+ }
+ }
+ }
+ return rv;
+ }
- /**
- * parse
- *
- * Note: I'm processing by index to avoid lots of memory creation, which speeds things
- * up for this time critical section of code.
- * @param code
- * @param cntnt
- * @return
- */
- protected boolean parse(HttpCode<TRANS, ?> code, String cntnt) {
- byte bytes[] = cntnt.getBytes();
-
- int cis,cie=-1,cend;
- int sis,sie,send;
- String name;
- ArrayList<String> props = new ArrayList<>();
- do {
- // Clear these in case more than one Semi
- props.clear(); // on loop, do not want mixed properties
- name=null;
-
- cis = cie+1; // find comma start
- while(cis<bytes.length && Character.isSpaceChar(bytes[cis]))++cis;
- cie = cntnt.indexOf(',',cis); // find comma end
- cend = cie<0?bytes.length:cie; // If no comma, set comma end to full length, else cie
- while(cend>cis && Character.isSpaceChar(bytes[cend-1]))--cend;
- // Start SEMIS
- sie=cis-1;
- do {
- sis = sie+1; // semi start is one after previous end
- while(sis<bytes.length && Character.isSpaceChar(bytes[sis]))++sis;
- sie = cntnt.indexOf(';',sis);
- send = sie>cend || sie<0?cend:sie; // if the Semicolon is after the comma, or non-existent, use comma end, else keep
- while(send>sis && Character.isSpaceChar(bytes[send-1]))--send;
- if(name==null) { // first entry in Comma set is the name, not a property
- name = new String(bytes,sis,send-sis);
- } else { // We've looped past the first Semi, now process as properties
- // If there are additional elements (more entities within Semi Colons)
- // apply Properties
- int eq = cntnt.indexOf('=',sis);
- if(eq>sis && eq<send) {
- props.add(new String(bytes,sis,eq-sis));
- props.add(new String(bytes,eq+1,send-(eq+1)));
- }
- }
- // End Property
- } while(sie<=cend && sie>=cis); // End SEMI processing
- // Now evaluate Comma set and return if true
- if(eval(code,name,props))return true; // else loop again to check next comma
- } while(cie>=0); // loop to next comma
- return false; // didn't get even one match
- }
-
+ /**
+ * parse
+ *
+ * Note: I'm processing by index to avoid lots of memory creation, which speeds things
+ * up for this time critical section of code.
+ * @param code
+ * @param cntnt
+ * @return
+ */
+ protected boolean parse(HttpCode<TRANS, ?> code, String cntnt) {
+ byte bytes[] = cntnt.getBytes();
+
+ int cis,cie=-1,cend;
+ int sis,sie,send;
+ String name;
+ ArrayList<String> props = new ArrayList<>();
+ do {
+ // Clear these in case more than one Semi
+ props.clear(); // on loop, do not want mixed properties
+ name=null;
+
+ cis = cie+1; // find comma start
+ while(cis<bytes.length && Character.isSpaceChar(bytes[cis]))++cis;
+ cie = cntnt.indexOf(',',cis); // find comma end
+ cend = cie<0?bytes.length:cie; // If no comma, set comma end to full length, else cie
+ while(cend>cis && Character.isSpaceChar(bytes[cend-1]))--cend;
+ // Start SEMIS
+ sie=cis-1;
+ do {
+ sis = sie+1; // semi start is one after previous end
+ while(sis<bytes.length && Character.isSpaceChar(bytes[sis]))++sis;
+ sie = cntnt.indexOf(';',sis);
+ send = sie>cend || sie<0?cend:sie; // if the Semicolon is after the comma, or non-existent, use comma end, else keep
+ while(send>sis && Character.isSpaceChar(bytes[send-1]))--send;
+ if(name==null) { // first entry in Comma set is the name, not a property
+ name = new String(bytes,sis,send-sis);
+ } else { // We've looped past the first Semi, now process as properties
+ // If there are additional elements (more entities within Semi Colons)
+ // apply Properties
+ int eq = cntnt.indexOf('=',sis);
+ if(eq>sis && eq<send) {
+ props.add(new String(bytes,sis,eq-sis));
+ props.add(new String(bytes,eq+1,send-(eq+1)));
+ }
+ }
+ // End Property
+ } while(sie<=cend && sie>=cis); // End SEMI processing
+ // Now evaluate Comma set and return if true
+ if(eval(code,name,props))return true; // else loop again to check next comma
+ } while(cie>=0); // loop to next comma
+ return false; // didn't get even one match
+ }
+
} \ No newline at end of file
diff --git a/auth/auth-core/src/main/java/org/onap/aaf/auth/rserv/CachingFileAccess.java b/auth/auth-core/src/main/java/org/onap/aaf/auth/rserv/CachingFileAccess.java
index 96349aed..53511b40 100644
--- a/auth/auth-core/src/main/java/org/onap/aaf/auth/rserv/CachingFileAccess.java
+++ b/auth/auth-core/src/main/java/org/onap/aaf/auth/rserv/CachingFileAccess.java
@@ -65,498 +65,498 @@ import org.onap.aaf.misc.env.Trans;
*
*/
public class CachingFileAccess<TRANS extends Trans> extends HttpCode<TRANS, Void> {
- public static void setEnv(Store store, String[] args) {
- for(int i=0;i<args.length-1;i+=2) { // cover two parms required for each
- if(CFA_WEB_PATH.equals(args[i])) {
- store.put(store.staticSlot(CFA_WEB_PATH), args[i+1]);
- } else if(CFA_CACHE_CHECK_INTERVAL.equals(args[i])) {
- store.put(store.staticSlot(CFA_CACHE_CHECK_INTERVAL), Long.parseLong(args[i+1]));
- } else if(CFA_MAX_SIZE.equals(args[i])) {
- store.put(store.staticSlot(CFA_MAX_SIZE), Integer.parseInt(args[i+1]));
- }
- }
- }
-
- private static String MAX_AGE = "max-age=3600"; // 1 hour Caching
- private final Map<String,String> typeMap;
- private final NavigableMap<String,Content> content;
- private final Set<String> attachOnly;
- public final static String CFA_WEB_PATH = "aaf_cfa_web_path";
- // when to re-validate from file
- // Re validating means comparing the Timestamp on the disk, and seeing it has changed. Cache is not marked
- // dirty unless file has changed, but it still makes File IO, which for some kinds of cached data, i.e.
- // deployed GUI elements is unnecessary, and wastes time.
- // This parameter exists to cover the cases where data can be more volatile, so the user can choose how often the
- // File IO will be accessed, based on probability of change. "0", of course, means, check every time.
- private final static String CFA_CACHE_CHECK_INTERVAL = "aaf_cfa_cache_check_interval";
- private final static String CFA_MAX_SIZE = "aaf_cfa_max_size"; // Cache size limit
- private final static String CFA_CLEAR_COMMAND = "aaf_cfa_clear_command";
+ public static void setEnv(Store store, String[] args) {
+ for(int i=0;i<args.length-1;i+=2) { // cover two parms required for each
+ if(CFA_WEB_PATH.equals(args[i])) {
+ store.put(store.staticSlot(CFA_WEB_PATH), args[i+1]);
+ } else if(CFA_CACHE_CHECK_INTERVAL.equals(args[i])) {
+ store.put(store.staticSlot(CFA_CACHE_CHECK_INTERVAL), Long.parseLong(args[i+1]));
+ } else if(CFA_MAX_SIZE.equals(args[i])) {
+ store.put(store.staticSlot(CFA_MAX_SIZE), Integer.parseInt(args[i+1]));
+ }
+ }
+ }
+
+ private static String MAX_AGE = "max-age=3600"; // 1 hour Caching
+ private final Map<String,String> typeMap;
+ private final NavigableMap<String,Content> content;
+ private final Set<String> attachOnly;
+ public final static String CFA_WEB_PATH = "aaf_cfa_web_path";
+ // when to re-validate from file
+ // Re validating means comparing the Timestamp on the disk, and seeing it has changed. Cache is not marked
+ // dirty unless file has changed, but it still makes File IO, which for some kinds of cached data, i.e.
+ // deployed GUI elements is unnecessary, and wastes time.
+ // This parameter exists to cover the cases where data can be more volatile, so the user can choose how often the
+ // File IO will be accessed, based on probability of change. "0", of course, means, check every time.
+ private final static String CFA_CACHE_CHECK_INTERVAL = "aaf_cfa_cache_check_interval";
+ private final static String CFA_MAX_SIZE = "aaf_cfa_max_size"; // Cache size limit
+ private final static String CFA_CLEAR_COMMAND = "aaf_cfa_clear_command";
- // Note: can be null without a problem, but included
- // to tie in with existing Logging.
- public LogTarget logT = null;
- public long checkInterval; // = 600000L; // only check if not hit in 10 mins by default
- public int maxItemSize; // = 512000; // max file 500k
- private Timer timer;
- private String web_path;
- // A command key is set in the Properties, preferably changed on deployment.
- // it is compared at the beginning of the path, and if so, it is assumed to issue certain commands
- // It's purpose is to protect, to some degree the command, even though it is HTTP, allowing
- // local batch files to, for instance, clear caches on resetting of files.
- private String clear_command;
-
- public CachingFileAccess(EnvJAXB env, String ... args) throws IOException {
- super(null,"Caching File Access");
- setEnv(env,args);
- content = new ConcurrentSkipListMap<>(); // multi-thread changes possible
+ // Note: can be null without a problem, but included
+ // to tie in with existing Logging.
+ public LogTarget logT = null;
+ public long checkInterval; // = 600000L; // only check if not hit in 10 mins by default
+ public int maxItemSize; // = 512000; // max file 500k
+ private Timer timer;
+ private String web_path;
+ // A command key is set in the Properties, preferably changed on deployment.
+ // it is compared at the beginning of the path, and if so, it is assumed to issue certain commands
+ // It's purpose is to protect, to some degree the command, even though it is HTTP, allowing
+ // local batch files to, for instance, clear caches on resetting of files.
+ private String clear_command;
+
+ public CachingFileAccess(EnvJAXB env, String ... args) throws IOException {
+ super(null,"Caching File Access");
+ setEnv(env,args);
+ content = new ConcurrentSkipListMap<>(); // multi-thread changes possible
- attachOnly = new HashSet<>(); // short, unchanged
+ attachOnly = new HashSet<>(); // short, unchanged
- typeMap = new TreeMap<>(); // Structure unchanged after Construction
- typeMap.put("ico","image/icon");
- typeMap.put("html","text/html");
- typeMap.put("css","text/css");
- typeMap.put("js","text/javascript");
- typeMap.put("txt","text/plain");
- typeMap.put("xml","text/xml");
- typeMap.put("xsd","text/xml");
- attachOnly.add("xsd");
- typeMap.put("crl", "application/x-pkcs7-crl");
- typeMap.put("appcache","text/cache-manifest");
+ typeMap = new TreeMap<>(); // Structure unchanged after Construction
+ typeMap.put("ico","image/icon");
+ typeMap.put("html","text/html");
+ typeMap.put("css","text/css");
+ typeMap.put("js","text/javascript");
+ typeMap.put("txt","text/plain");
+ typeMap.put("xml","text/xml");
+ typeMap.put("xsd","text/xml");
+ attachOnly.add("xsd");
+ typeMap.put("crl", "application/x-pkcs7-crl");
+ typeMap.put("appcache","text/cache-manifest");
- typeMap.put("json","text/json");
- typeMap.put("ogg", "audio/ogg");
- typeMap.put("jpg","image/jpeg");
- typeMap.put("gif","image/gif");
- typeMap.put("png","image/png");
- typeMap.put("svg","image/svg+xml");
- typeMap.put("jar","application/x-java-applet");
- typeMap.put("jnlp", "application/x-java-jnlp-file");
- typeMap.put("class", "application/java");
- typeMap.put("props", "text/plain");
- typeMap.put("jks", "application/octet-stream");
-
- timer = new Timer("Caching Cleanup",true);
- timer.schedule(new Cleanup(content,500),60000,60000);
-
- // Property params
- web_path = env.get(env.staticSlot(CFA_WEB_PATH));
- env.init().log("CachingFileAccess path: " + new File(web_path).getCanonicalPath());
- Object obj;
- obj = env.get(env.staticSlot(CFA_CACHE_CHECK_INTERVAL),600000L); // Default is 10 mins
- if(obj instanceof Long) {checkInterval=(Long)obj;
- } else {checkInterval=Long.parseLong((String)obj);}
-
- obj = env.get(env.staticSlot(CFA_MAX_SIZE), 512000); // Default is max file 500k
- if(obj instanceof Integer) {maxItemSize=(Integer)obj;
- } else {maxItemSize =Integer.parseInt((String)obj);}
-
- clear_command = env.getProperty(CFA_CLEAR_COMMAND,null);
- }
+ typeMap.put("json","text/json");
+ typeMap.put("ogg", "audio/ogg");
+ typeMap.put("jpg","image/jpeg");
+ typeMap.put("gif","image/gif");
+ typeMap.put("png","image/png");
+ typeMap.put("svg","image/svg+xml");
+ typeMap.put("jar","application/x-java-applet");
+ typeMap.put("jnlp", "application/x-java-jnlp-file");
+ typeMap.put("class", "application/java");
+ typeMap.put("props", "text/plain");
+ typeMap.put("jks", "application/octet-stream");
+
+ timer = new Timer("Caching Cleanup",true);
+ timer.schedule(new Cleanup(content,500),60000,60000);
+
+ // Property params
+ web_path = env.get(env.staticSlot(CFA_WEB_PATH));
+ env.init().log("CachingFileAccess path: " + new File(web_path).getCanonicalPath());
+ Object obj;
+ obj = env.get(env.staticSlot(CFA_CACHE_CHECK_INTERVAL),600000L); // Default is 10 mins
+ if(obj instanceof Long) {checkInterval=(Long)obj;
+ } else {checkInterval=Long.parseLong((String)obj);}
+
+ obj = env.get(env.staticSlot(CFA_MAX_SIZE), 512000); // Default is max file 500k
+ if(obj instanceof Integer) {maxItemSize=(Integer)obj;
+ } else {maxItemSize =Integer.parseInt((String)obj);}
+
+ clear_command = env.getProperty(CFA_CLEAR_COMMAND,null);
+ }
-
+
- @Override
- public void handle(TRANS trans, HttpServletRequest req, HttpServletResponse resp) throws IOException {
- String key = pathParam(req, ":key");
- String cmd = pathParam(req,":cmd");
- if(key.equals(clear_command)) {
- resp.setHeader("Content-Type",typeMap.get("txt"));
- if("clear".equals(cmd)) {
- content.clear();
- resp.setStatus(200/*HttpStatus.OK_200*/);
- } else {
- resp.setStatus(400/*HttpStatus.BAD_REQUEST_400 */);
- }
- return;
- }
- Content c = load(logT , web_path,cmd!=null && cmd.length()>0?key+'/'+cmd:key, null, checkInterval);
- if(c.attachmentOnly) {
- resp.setHeader("Content-disposition", "attachment");
- }
- c.setHeader(resp);
- c.write(resp.getOutputStream());
- trans.checkpoint(req.getPathInfo());
- }
+ @Override
+ public void handle(TRANS trans, HttpServletRequest req, HttpServletResponse resp) throws IOException {
+ String key = pathParam(req, ":key");
+ String cmd = pathParam(req,":cmd");
+ if(key.equals(clear_command)) {
+ resp.setHeader("Content-Type",typeMap.get("txt"));
+ if("clear".equals(cmd)) {
+ content.clear();
+ resp.setStatus(200/*HttpStatus.OK_200*/);
+ } else {
+ resp.setStatus(400/*HttpStatus.BAD_REQUEST_400 */);
+ }
+ return;
+ }
+ Content c = load(logT , web_path,cmd!=null && cmd.length()>0?key+'/'+cmd:key, null, checkInterval);
+ if(c.attachmentOnly) {
+ resp.setHeader("Content-disposition", "attachment");
+ }
+ c.setHeader(resp);
+ c.write(resp.getOutputStream());
+ trans.checkpoint(req.getPathInfo());
+ }
- public String webPath() {
- return web_path;
- }
-
- /**
- * Reset the Cleanup size and interval
- *
- * The size and interval when started are 500 items (memory size unknown) checked every minute in a background thread.
- *
- * @param size
- * @param interval
- */
- public void cleanupParams(int size, long interval) {
- timer.cancel();
- timer = new Timer();
- timer.schedule(new Cleanup(content,size), interval, interval);
- }
-
+ public String webPath() {
+ return web_path;
+ }
+
+ /**
+ * Reset the Cleanup size and interval
+ *
+ * The size and interval when started are 500 items (memory size unknown) checked every minute in a background thread.
+ *
+ * @param size
+ * @param interval
+ */
+ public void cleanupParams(int size, long interval) {
+ timer.cancel();
+ timer = new Timer();
+ timer.schedule(new Cleanup(content,size), interval, interval);
+ }
+
-
- /**
- * Load a file, first checking cache
- *
- *
- * @param logTarget - logTarget can be null (won't log)
- * @param dataRoot - data root storage directory
- * @param key - relative File Path
- * @param mediaType - what kind of file is it. If null, will check via file extension
- * @param timeCheck - "-1" will take system default - Otherwise, will compare "now" + timeCheck(Millis) before looking at File mod
- * @return
- * @throws IOException
- */
- public Content load(LogTarget logTarget, String dataRoot, String key, String mediaType, long _timeCheck) throws IOException {
- long timeCheck = _timeCheck;
- if(timeCheck<0) {
- timeCheck=checkInterval; // if time < 0, then use default
- }
- boolean isRoot;
- String fileName;
- if("-".equals(key)) {
- fileName = dataRoot;
- isRoot = true;
- } else {
- fileName=dataRoot + '/' + key;
- isRoot = false;
- }
- Content c = content.get(key);
- long systime = System.currentTimeMillis();
- File f=null;
- if(c!=null) {
- // Don't check every hit... only after certain time value
- if(c.date < systime + timeCheck) {
- f = new File(fileName);
- if(f.lastModified()>c.date) {
- c=null;
- }
- }
- }
- if(c==null) {
- if(logTarget!=null) {
- logTarget.log("File Read: ",key);
- }
-
- if(f==null){
- f = new File(fileName);
- }
- boolean cacheMe;
- if(f.exists()) {
- if(f.isDirectory()) {
- cacheMe = false;
- c = new DirectoryContent(f,isRoot);
- } else {
- if(f.length() > maxItemSize) {
- c = new DirectFileContent(f);
- cacheMe = false;
- } else {
- c = new CachedContent(f);
- cacheMe = checkInterval>0;
- }
-
- if(mediaType==null) { // determine from file Ending
- int idx = key.lastIndexOf('.');
- String subkey = key.substring(++idx);
- if((c.contentType = idx<0?null:typeMap.get(subkey))==null) {
- // if nothing else, just set to default type...
- c.contentType = "application/octet-stream";
- }
- c.attachmentOnly = attachOnly.contains(subkey);
- } else {
- c.contentType=mediaType;
- c.attachmentOnly = false;
- }
-
- c.date = f.lastModified();
-
- if(cacheMe) {
- content.put(key, c);
- }
- }
- } else {
- c=NULL;
- }
- } else {
- if(logTarget!=null)logTarget.log("Cache Read: ",key);
- }
+
+ /**
+ * Load a file, first checking cache
+ *
+ *
+ * @param logTarget - logTarget can be null (won't log)
+ * @param dataRoot - data root storage directory
+ * @param key - relative File Path
+ * @param mediaType - what kind of file is it. If null, will check via file extension
+ * @param timeCheck - "-1" will take system default - Otherwise, will compare "now" + timeCheck(Millis) before looking at File mod
+ * @return
+ * @throws IOException
+ */
+ public Content load(LogTarget logTarget, String dataRoot, String key, String mediaType, long _timeCheck) throws IOException {
+ long timeCheck = _timeCheck;
+ if(timeCheck<0) {
+ timeCheck=checkInterval; // if time < 0, then use default
+ }
+ boolean isRoot;
+ String fileName;
+ if("-".equals(key)) {
+ fileName = dataRoot;
+ isRoot = true;
+ } else {
+ fileName=dataRoot + '/' + key;
+ isRoot = false;
+ }
+ Content c = content.get(key);
+ long systime = System.currentTimeMillis();
+ File f=null;
+ if(c!=null) {
+ // Don't check every hit... only after certain time value
+ if(c.date < systime + timeCheck) {
+ f = new File(fileName);
+ if(f.lastModified()>c.date) {
+ c=null;
+ }
+ }
+ }
+ if(c==null) {
+ if(logTarget!=null) {
+ logTarget.log("File Read: ",key);
+ }
+
+ if(f==null){
+ f = new File(fileName);
+ }
+ boolean cacheMe;
+ if(f.exists()) {
+ if(f.isDirectory()) {
+ cacheMe = false;
+ c = new DirectoryContent(f,isRoot);
+ } else {
+ if(f.length() > maxItemSize) {
+ c = new DirectFileContent(f);
+ cacheMe = false;
+ } else {
+ c = new CachedContent(f);
+ cacheMe = checkInterval>0;
+ }
+
+ if(mediaType==null) { // determine from file Ending
+ int idx = key.lastIndexOf('.');
+ String subkey = key.substring(++idx);
+ if((c.contentType = idx<0?null:typeMap.get(subkey))==null) {
+ // if nothing else, just set to default type...
+ c.contentType = "application/octet-stream";
+ }
+ c.attachmentOnly = attachOnly.contains(subkey);
+ } else {
+ c.contentType=mediaType;
+ c.attachmentOnly = false;
+ }
+
+ c.date = f.lastModified();
+
+ if(cacheMe) {
+ content.put(key, c);
+ }
+ }
+ } else {
+ c=NULL;
+ }
+ } else {
+ if(logTarget!=null)logTarget.log("Cache Read: ",key);
+ }
- // refresh hit time
- c.access = systime;
- return c;
- }
-
- public Content loadOrDefault(Trans trans, String targetDir, String targetFileName, String sourcePath, String mediaType) throws IOException {
- try {
- return load(trans.info(),targetDir,targetFileName,mediaType,0);
- } catch(FileNotFoundException e) {
- String targetPath = targetDir + '/' + targetFileName;
- TimeTaken tt = trans.start("File doesn't exist; copy " + sourcePath + " to " + targetPath, Env.SUB);
- try {
- FileInputStream sourceFIS = new FileInputStream(sourcePath);
- FileChannel sourceFC = sourceFIS.getChannel();
- File targetFile = new File(targetPath);
- targetFile.getParentFile().mkdirs(); // ensure directory exists
- FileOutputStream targetFOS = new FileOutputStream(targetFile);
- try {
- ByteBuffer bb = ByteBuffer.allocate((int)sourceFC.size());
- sourceFC.read(bb);
- bb.flip(); // ready for reading
- targetFOS.getChannel().write(bb);
- } finally {
- sourceFIS.close();
- targetFOS.close();
- }
- } finally {
- tt.done();
- }
- return load(trans.info(),targetDir,targetFileName,mediaType,0);
- }
- }
+ // refresh hit time
+ c.access = systime;
+ return c;
+ }
+
+ public Content loadOrDefault(Trans trans, String targetDir, String targetFileName, String sourcePath, String mediaType) throws IOException {
+ try {
+ return load(trans.info(),targetDir,targetFileName,mediaType,0);
+ } catch(FileNotFoundException e) {
+ String targetPath = targetDir + '/' + targetFileName;
+ TimeTaken tt = trans.start("File doesn't exist; copy " + sourcePath + " to " + targetPath, Env.SUB);
+ try {
+ FileInputStream sourceFIS = new FileInputStream(sourcePath);
+ FileChannel sourceFC = sourceFIS.getChannel();
+ File targetFile = new File(targetPath);
+ targetFile.getParentFile().mkdirs(); // ensure directory exists
+ FileOutputStream targetFOS = new FileOutputStream(targetFile);
+ try {
+ ByteBuffer bb = ByteBuffer.allocate((int)sourceFC.size());
+ sourceFC.read(bb);
+ bb.flip(); // ready for reading
+ targetFOS.getChannel().write(bb);
+ } finally {
+ sourceFIS.close();
+ targetFOS.close();
+ }
+ } finally {
+ tt.done();
+ }
+ return load(trans.info(),targetDir,targetFileName,mediaType,0);
+ }
+ }
- public void invalidate(String key) {
- content.remove(key);
- }
-
- private static final Content NULL=new Content() {
-
- @Override
- public void setHeader(HttpServletResponse resp) {
- resp.setStatus(404/*NOT_FOUND_404*/);
- resp.setHeader("Content-type","text/plain");
- }
+ public void invalidate(String key) {
+ content.remove(key);
+ }
+
+ private static final Content NULL=new Content() {
+
+ @Override
+ public void setHeader(HttpServletResponse resp) {
+ resp.setStatus(404/*NOT_FOUND_404*/);
+ resp.setHeader("Content-type","text/plain");
+ }
- @Override
- public void write(Writer writer) throws IOException {
- }
+ @Override
+ public void write(Writer writer) throws IOException {
+ }
- @Override
- public void write(OutputStream os) throws IOException {
- }
-
- };
+ @Override
+ public void write(OutputStream os) throws IOException {
+ }
+
+ };
- private static abstract class Content {
- private long date; // date of the actual artifact (i.e. File modified date)
- private long access; // last accessed
-
- protected String contentType;
- protected boolean attachmentOnly;
-
- public void setHeader(HttpServletResponse resp) {
- resp.setStatus(200/*OK_200*/);
- resp.setHeader("Content-Type",contentType);
- resp.setHeader("Cache-Control", MAX_AGE);
- }
-
- public abstract void write(Writer writer) throws IOException;
- public abstract void write(OutputStream os) throws IOException;
+ private static abstract class Content {
+ private long date; // date of the actual artifact (i.e. File modified date)
+ private long access; // last accessed
+
+ protected String contentType;
+ protected boolean attachmentOnly;
+
+ public void setHeader(HttpServletResponse resp) {
+ resp.setStatus(200/*OK_200*/);
+ resp.setHeader("Content-Type",contentType);
+ resp.setHeader("Cache-Control", MAX_AGE);
+ }
+
+ public abstract void write(Writer writer) throws IOException;
+ public abstract void write(OutputStream os) throws IOException;
- }
+ }
- private static class DirectFileContent extends Content {
- private File file;
- public DirectFileContent(File f) {
- file = f;
- }
-
- public String toString() {
- return file.getName();
- }
-
- public void write(Writer writer) throws IOException {
- FileReader fr = new FileReader(file);
- char[] buff = new char[1024];
- try {
- int read;
- while((read = fr.read(buff,0,1024))>=0) {
- writer.write(buff,0,read);
- }
- } finally {
- fr.close();
- }
- }
+ private static class DirectFileContent extends Content {
+ private File file;
+ public DirectFileContent(File f) {
+ file = f;
+ }
+
+ public String toString() {
+ return file.getName();
+ }
+
+ public void write(Writer writer) throws IOException {
+ FileReader fr = new FileReader(file);
+ char[] buff = new char[1024];
+ try {
+ int read;
+ while((read = fr.read(buff,0,1024))>=0) {
+ writer.write(buff,0,read);
+ }
+ } finally {
+ fr.close();
+ }
+ }
- public void write(OutputStream os) throws IOException {
- FileInputStream fis = new FileInputStream(file);
- byte[] buff = new byte[1024];
- try {
- int read;
- while((read = fis.read(buff,0,1024))>=0) {
- os.write(buff,0,read);
- }
- } finally {
- fis.close();
- }
- }
+ public void write(OutputStream os) throws IOException {
+ FileInputStream fis = new FileInputStream(file);
+ byte[] buff = new byte[1024];
+ try {
+ int read;
+ while((read = fis.read(buff,0,1024))>=0) {
+ os.write(buff,0,read);
+ }
+ } finally {
+ fis.close();
+ }
+ }
- }
- private static class DirectoryContent extends Content {
- private static final Pattern A_NUMBER = Pattern.compile("\\d");
- private static final String H1 = "<html><head><title>AAF Fileserver</title></head><body><h1>AAF Fileserver</h1><h2>";
- private static final String H2 = "</h2><ul>\n";
- private static final String F = "\n</ul></body></html>";
- private File[] files;
- private String name;
- private boolean notRoot;
+ }
+ private static class DirectoryContent extends Content {
+ private static final Pattern A_NUMBER = Pattern.compile("\\d");
+ private static final String H1 = "<html><head><title>AAF Fileserver</title></head><body><h1>AAF Fileserver</h1><h2>";
+ private static final String H2 = "</h2><ul>\n";
+ private static final String F = "\n</ul></body></html>";
+ private File[] files;
+ private String name;
+ private boolean notRoot;
- public DirectoryContent(File directory, boolean isRoot) {
- notRoot = !isRoot;
-
- files = directory.listFiles();
- Arrays.sort(files,new Comparator<File>() {
- @Override
- public int compare(File f1, File f2) {
- // See if there are Numbers in the name
- Matcher m1 = A_NUMBER.matcher(f1.getName());
- Matcher m2 = A_NUMBER.matcher(f2.getName());
- if(m1.find() && m2.find()) {
- // if numbers, are the numbers in the same start position
- int i1 = m1.start();
- int i2 = m2.start();
-
- // If same start position and the text is the same, then reverse sort
- if(i1==i2 && f1.getName().startsWith(f2.getName().substring(0,i1))) {
- // reverse sort files that start similarly, but have numbers in them
- return f2.compareTo(f1);
- }
- }
- return f1.compareTo(f2);
- }
-
- });
- name = directory.getName();
- attachmentOnly = false;
- contentType = "text/html";
- }
-
-
- @Override
- public void write(Writer w) throws IOException {
- w.append(H1);
- w.append(name);
- w.append(H2);
- for (File f : files) {
- w.append("<li><a href=\"");
- if(notRoot) {
- w.append(name);
- w.append('/');
- }
- w.append(f.getName());
- w.append("\">");
- w.append(f.getName());
- w.append("</a></li>\n");
- }
- w.append(F);
- w.flush();
- }
-
- @Override
- public void write(OutputStream os) throws IOException {
- write(new OutputStreamWriter(os));
- }
-
- }
+ public DirectoryContent(File directory, boolean isRoot) {
+ notRoot = !isRoot;
+
+ files = directory.listFiles();
+ Arrays.sort(files,new Comparator<File>() {
+ @Override
+ public int compare(File f1, File f2) {
+ // See if there are Numbers in the name
+ Matcher m1 = A_NUMBER.matcher(f1.getName());
+ Matcher m2 = A_NUMBER.matcher(f2.getName());
+ if(m1.find() && m2.find()) {
+ // if numbers, are the numbers in the same start position
+ int i1 = m1.start();
+ int i2 = m2.start();
+
+ // If same start position and the text is the same, then reverse sort
+ if(i1==i2 && f1.getName().startsWith(f2.getName().substring(0,i1))) {
+ // reverse sort files that start similarly, but have numbers in them
+ return f2.compareTo(f1);
+ }
+ }
+ return f1.compareTo(f2);
+ }
+
+ });
+ name = directory.getName();
+ attachmentOnly = false;
+ contentType = "text/html";
+ }
+
+
+ @Override
+ public void write(Writer w) throws IOException {
+ w.append(H1);
+ w.append(name);
+ w.append(H2);
+ for (File f : files) {
+ w.append("<li><a href=\"");
+ if(notRoot) {
+ w.append(name);
+ w.append('/');
+ }
+ w.append(f.getName());
+ w.append("\">");
+ w.append(f.getName());
+ w.append("</a></li>\n");
+ }
+ w.append(F);
+ w.flush();
+ }
+
+ @Override
+ public void write(OutputStream os) throws IOException {
+ write(new OutputStreamWriter(os));
+ }
+
+ }
- private static class CachedContent extends Content {
- private byte[] data;
- private int end;
- private char[] cdata;
-
- public CachedContent(File f) throws IOException {
- // Read and Cache
- ByteBuffer bb = ByteBuffer.allocate((int)f.length());
- FileInputStream fis = new FileInputStream(f);
- try {
- fis.getChannel().read(bb);
- } finally {
- fis.close();
- }
+ private static class CachedContent extends Content {
+ private byte[] data;
+ private int end;
+ private char[] cdata;
+
+ public CachedContent(File f) throws IOException {
+ // Read and Cache
+ ByteBuffer bb = ByteBuffer.allocate((int)f.length());
+ FileInputStream fis = new FileInputStream(f);
+ try {
+ fis.getChannel().read(bb);
+ } finally {
+ fis.close();
+ }
- data = bb.array();
- end = bb.position();
- cdata=null;
- }
-
- public String toString() {
- return Arrays.toString(data);
- }
-
- public void write(Writer writer) throws IOException {
- synchronized(this) {
- // do the String Transformation once, and only if actually used
- if(cdata==null) {
- cdata = new char[end];
- new String(data).getChars(0, end, cdata, 0);
- }
- }
- writer.write(cdata,0,end);
- }
- public void write(OutputStream os) throws IOException {
- os.write(data,0,end);
- }
+ data = bb.array();
+ end = bb.position();
+ cdata=null;
+ }
+
+ public String toString() {
+ return Arrays.toString(data);
+ }
+
+ public void write(Writer writer) throws IOException {
+ synchronized(this) {
+ // do the String Transformation once, and only if actually used
+ if(cdata==null) {
+ cdata = new char[end];
+ new String(data).getChars(0, end, cdata, 0);
+ }
+ }
+ writer.write(cdata,0,end);
+ }
+ public void write(OutputStream os) throws IOException {
+ os.write(data,0,end);
+ }
- }
+ }
- public void setEnv(LogTarget env) {
- logT = env;
- }
+ public void setEnv(LogTarget env) {
+ logT = env;
+ }
- /**
- * Cleanup thread to remove older items if max Cache is reached.
- * @author Jonathan
- *
- */
- private static class Cleanup extends TimerTask {
- private int maxSize;
- private NavigableMap<String, Content> content;
-
- public Cleanup(NavigableMap<String, Content> content, int size) {
- maxSize = size;
- this.content = content;
- }
-
- private class Comp implements Comparable<Comp> {
- public Map.Entry<String, Content> entry;
-
- public Comp(Map.Entry<String, Content> en) {
- entry = en;
- }
-
- @Override
- public int compareTo(Comp o) {
- return (int)(entry.getValue().access-o.entry.getValue().access);
- }
-
- }
- @SuppressWarnings("unchecked")
- @Override
- public void run() {
- int size = content.size();
- if(size>maxSize) {
- ArrayList<Comp> scont = new ArrayList<>(size);
- Object[] entries = content.entrySet().toArray();
- for(int i=0;i<size;++i) {
- scont.add(i, new Comp((Map.Entry<String,Content>)entries[i]));
- }
- Collections.sort(scont);
- int end = size - ((maxSize/4)*3); // reduce to 3/4 of max size
- //System.out.println("------ Cleanup Cycle ------ " + new Date().toString() + " -------");
- for(int i=0;i<end;++i) {
- Entry<String, Content> entry = scont.get(i).entry;
- content.remove(entry.getKey());
- //System.out.println("removed Cache Item " + entry.getKey() + "/" + new Date(entry.getValue().access).toString());
- }
-// for(int i=end;i<size;++i) {
-// Entry<String, Content> entry = scont.get(i).entry;
-// //System.out.println("remaining Cache Item " + entry.getKey() + "/" + new Date(entry.getValue().access).toString());
-// }
- }
- }
- }
+ /**
+ * Cleanup thread to remove older items if max Cache is reached.
+ * @author Jonathan
+ *
+ */
+ private static class Cleanup extends TimerTask {
+ private int maxSize;
+ private NavigableMap<String, Content> content;
+
+ public Cleanup(NavigableMap<String, Content> content, int size) {
+ maxSize = size;
+ this.content = content;
+ }
+
+ private class Comp implements Comparable<Comp> {
+ public Map.Entry<String, Content> entry;
+
+ public Comp(Map.Entry<String, Content> en) {
+ entry = en;
+ }
+
+ @Override
+ public int compareTo(Comp o) {
+ return (int)(entry.getValue().access-o.entry.getValue().access);
+ }
+
+ }
+ @SuppressWarnings("unchecked")
+ @Override
+ public void run() {
+ int size = content.size();
+ if(size>maxSize) {
+ ArrayList<Comp> scont = new ArrayList<>(size);
+ Object[] entries = content.entrySet().toArray();
+ for(int i=0;i<size;++i) {
+ scont.add(i, new Comp((Map.Entry<String,Content>)entries[i]));
+ }
+ Collections.sort(scont);
+ int end = size - ((maxSize/4)*3); // reduce to 3/4 of max size
+ //System.out.println("------ Cleanup Cycle ------ " + new Date().toString() + " -------");
+ for(int i=0;i<end;++i) {
+ Entry<String, Content> entry = scont.get(i).entry;
+ content.remove(entry.getKey());
+ //System.out.println("removed Cache Item " + entry.getKey() + "/" + new Date(entry.getValue().access).toString());
+ }
+// for(int i=end;i<size;++i) {
+// Entry<String, Content> entry = scont.get(i).entry;
+// //System.out.println("remaining Cache Item " + entry.getKey() + "/" + new Date(entry.getValue().access).toString());
+// }
+ }
+ }
+ }
}
diff --git a/auth/auth-core/src/main/java/org/onap/aaf/auth/rserv/CodeSetter.java b/auth/auth-core/src/main/java/org/onap/aaf/auth/rserv/CodeSetter.java
index 6ea8880b..1c171fd7 100644
--- a/auth/auth-core/src/main/java/org/onap/aaf/auth/rserv/CodeSetter.java
+++ b/auth/auth-core/src/main/java/org/onap/aaf/auth/rserv/CodeSetter.java
@@ -31,22 +31,22 @@ import org.onap.aaf.misc.env.Trans;
// Package on purpose. only want between RServlet and Routes
class CodeSetter<TRANS extends Trans> {
- private HttpCode<TRANS,?> code;
- private TRANS trans;
- private HttpServletRequest req;
- private HttpServletResponse resp;
- public CodeSetter(TRANS trans, HttpServletRequest req, HttpServletResponse resp) {
- this.trans = trans;
- this.req = req;
- this.resp = resp;
-
- }
- public boolean matches(Route<TRANS> route) throws IOException, ServletException {
- // Find best Code in Route based on "Accepts (Get) or Content-Type" (if exists)
- return (code = route.getCode(trans, req, resp))!=null;
- }
-
- public HttpCode<TRANS,?> code() {
- return code;
- }
+ private HttpCode<TRANS,?> code;
+ private TRANS trans;
+ private HttpServletRequest req;
+ private HttpServletResponse resp;
+ public CodeSetter(TRANS trans, HttpServletRequest req, HttpServletResponse resp) {
+ this.trans = trans;
+ this.req = req;
+ this.resp = resp;
+
+ }
+ public boolean matches(Route<TRANS> route) throws IOException, ServletException {
+ // Find best Code in Route based on "Accepts (Get) or Content-Type" (if exists)
+ return (code = route.getCode(trans, req, resp))!=null;
+ }
+
+ public HttpCode<TRANS,?> code() {
+ return code;
+ }
} \ No newline at end of file
diff --git a/auth/auth-core/src/main/java/org/onap/aaf/auth/rserv/Content.java b/auth/auth-core/src/main/java/org/onap/aaf/auth/rserv/Content.java
index ae329ce2..f8760ada 100644
--- a/auth/auth-core/src/main/java/org/onap/aaf/auth/rserv/Content.java
+++ b/auth/auth-core/src/main/java/org/onap/aaf/auth/rserv/Content.java
@@ -43,73 +43,73 @@ import org.onap.aaf.misc.env.Trans;
*
*/
public abstract class Content<TRANS extends Trans> {
- public static final String Q = "q";
- protected abstract Pair<String,Pair<HttpCode<TRANS,?>,List<Pair<String,Object>>>> types(HttpCode<TRANS,?> code, String str);
- protected abstract boolean props(Pair<String, Pair<HttpCode<TRANS,?>,List<Pair<String,Object>>>> type, String tag, String value);
+ public static final String Q = "q";
+ protected abstract Pair<String,Pair<HttpCode<TRANS,?>,List<Pair<String,Object>>>> types(HttpCode<TRANS,?> code, String str);
+ protected abstract boolean props(Pair<String, Pair<HttpCode<TRANS,?>,List<Pair<String,Object>>>> type, String tag, String value);
- /**
- * Parse a Content-Type/Accept. As found, call "types" and "props", which do different
- * things depending on if it's a Content-Type or Accepts.
- *
- * For Content-Type, it builds a tree suitable for Comparison
- * For Accepts, it compares against the tree, and builds an acceptable type list
- *
- * Since this parse code is used for every incoming HTTP transaction, I have removed the implementation
- * that uses String.split, and replaced with integers evaluating the Byte array. This results
- * in only the necessary strings created, resulting in 1/3 better speed, and less
- * Garbage collection.
- *
- * @param trans
- * @param code
- * @param cntnt
- * @return
- */
- protected boolean parse(HttpCode<TRANS,?> code, String cntnt) {
- byte bytes[] = cntnt.getBytes();
- boolean contType=false,contProp=true;
- int cis,cie=-1,cend;
- int sis,sie,send;
- do {
- cis = cie+1;
- cie = cntnt.indexOf(',',cis);
- cend = cie<0?bytes.length:cie;
- // Start SEMIS
- sie=cis-1;
- Pair<String, Pair<HttpCode<TRANS,?>, List<Pair<String, Object>>>> me = null;
- do {
- sis = sie+1;
- sie = cntnt.indexOf(';',sis);
- send = sie>cend || sie<0?cend:sie;
- if(me==null) {
- String semi = new String(bytes,sis,send-sis);
- // trans.checkpoint(semi);
- // Look at first entity within comma group
- // Is this an acceptable Type?
- me=types(code, semi);
- if(me==null) {
- sie=-1; // skip the rest of the processing... not a type
- } else {
- contType=true;
- }
- } else { // We've looped past the first Semi, now process as properties
- // If there are additional elements (more entities within Semi Colons)
- // apply Propertys
- int eq = cntnt.indexOf('=',sis);
- if(eq>sis && eq<send) {
- String tag = new String(bytes,sis,eq-sis);
- String value = new String(bytes,eq+1,send-(eq+1));
- // trans.checkpoint(" Prop " + tag + "=" + value);
- boolean bool = props(me,tag,value);
- if(!bool) {
- contProp=false;
- }
- }
- }
- // End Property
- } while(sie<=cend && sie>=cis);
- // End SEMIS
- } while(cie>=0);
- return contType && contProp; // for use in finds, True if a type found AND all props matched
- }
-
+ /**
+ * Parse a Content-Type/Accept. As found, call "types" and "props", which do different
+ * things depending on if it's a Content-Type or Accepts.
+ *
+ * For Content-Type, it builds a tree suitable for Comparison
+ * For Accepts, it compares against the tree, and builds an acceptable type list
+ *
+ * Since this parse code is used for every incoming HTTP transaction, I have removed the implementation
+ * that uses String.split, and replaced with integers evaluating the Byte array. This results
+ * in only the necessary strings created, resulting in 1/3 better speed, and less
+ * Garbage collection.
+ *
+ * @param trans
+ * @param code
+ * @param cntnt
+ * @return
+ */
+ protected boolean parse(HttpCode<TRANS,?> code, String cntnt) {
+ byte bytes[] = cntnt.getBytes();
+ boolean contType=false,contProp=true;
+ int cis,cie=-1,cend;
+ int sis,sie,send;
+ do {
+ cis = cie+1;
+ cie = cntnt.indexOf(',',cis);
+ cend = cie<0?bytes.length:cie;
+ // Start SEMIS
+ sie=cis-1;
+ Pair<String, Pair<HttpCode<TRANS,?>, List<Pair<String, Object>>>> me = null;
+ do {
+ sis = sie+1;
+ sie = cntnt.indexOf(';',sis);
+ send = sie>cend || sie<0?cend:sie;
+ if(me==null) {
+ String semi = new String(bytes,sis,send-sis);
+ // trans.checkpoint(semi);
+ // Look at first entity within comma group
+ // Is this an acceptable Type?
+ me=types(code, semi);
+ if(me==null) {
+ sie=-1; // skip the rest of the processing... not a type
+ } else {
+ contType=true;
+ }
+ } else { // We've looped past the first Semi, now process as properties
+ // If there are additional elements (more entities within Semi Colons)
+ // apply Propertys
+ int eq = cntnt.indexOf('=',sis);
+ if(eq>sis && eq<send) {
+ String tag = new String(bytes,sis,eq-sis);
+ String value = new String(bytes,eq+1,send-(eq+1));
+ // trans.checkpoint(" Prop " + tag + "=" + value);
+ boolean bool = props(me,tag,value);
+ if(!bool) {
+ contProp=false;
+ }
+ }
+ }
+ // End Property
+ } while(sie<=cend && sie>=cis);
+ // End SEMIS
+ } while(cie>=0);
+ return contType && contProp; // for use in finds, True if a type found AND all props matched
+ }
+
}
diff --git a/auth/auth-core/src/main/java/org/onap/aaf/auth/rserv/HttpCode.java b/auth/auth-core/src/main/java/org/onap/aaf/auth/rserv/HttpCode.java
index d209ddcd..c5739e35 100644
--- a/auth/auth-core/src/main/java/org/onap/aaf/auth/rserv/HttpCode.java
+++ b/auth/auth-core/src/main/java/org/onap/aaf/auth/rserv/HttpCode.java
@@ -41,81 +41,81 @@ import org.onap.aaf.misc.env.Trans;
* @param <T>
*/
public abstract class HttpCode<TRANS extends Trans, CONTEXT> {
- protected CONTEXT context;
- private String desc;
- protected String [] roles;
- private boolean all;
-
- // Package by design... Set by Route when linked
- Match match;
-
- public HttpCode(CONTEXT context, String description, String ... roles) {
- this.context = context;
- desc = description;
-
- // Evaluate for "*" once...
- all = false;
- for(String srole : roles) {
- if("*".equals(srole)) {
- all = true;
- break;
- }
- }
- this.roles = all?null:roles;
- }
-
- public abstract void handle(TRANS trans, HttpServletRequest req, HttpServletResponse resp) throws Exception;
-
- public String desc() {
- return desc;
- }
-
- /**
- * Get the variable element out of the Path Parameter, as set by initial Code
- *
- * @param req
- * @param key
- * @return
- */
- public String pathParam(HttpServletRequest req, String key) {
- String rv = req.getParameter(key);
- if(rv==null) {
- rv = match.param(req.getPathInfo(), key);
- if(rv!=null) {
- rv = rv.trim();
- if(rv.endsWith("/")) {
- rv = rv.substring(0, rv.length()-1);
- }
- }
- }
- return rv;
- }
+ protected CONTEXT context;
+ private String desc;
+ protected String [] roles;
+ private boolean all;
+
+ // Package by design... Set by Route when linked
+ Match match;
+
+ public HttpCode(CONTEXT context, String description, String ... roles) {
+ this.context = context;
+ desc = description;
+
+ // Evaluate for "*" once...
+ all = false;
+ for(String srole : roles) {
+ if("*".equals(srole)) {
+ all = true;
+ break;
+ }
+ }
+ this.roles = all?null:roles;
+ }
+
+ public abstract void handle(TRANS trans, HttpServletRequest req, HttpServletResponse resp) throws Exception;
+
+ public String desc() {
+ return desc;
+ }
+
+ /**
+ * Get the variable element out of the Path Parameter, as set by initial Code
+ *
+ * @param req
+ * @param key
+ * @return
+ */
+ public String pathParam(HttpServletRequest req, String key) {
+ String rv = req.getParameter(key);
+ if(rv==null) {
+ rv = match.param(req.getPathInfo(), key);
+ if(rv!=null) {
+ rv = rv.trim();
+ if(rv.endsWith("/")) {
+ rv = rv.substring(0, rv.length()-1);
+ }
+ }
+ }
+ return rv;
+ }
- // Note: get Query Params from Request
-
- /**
- * Check for Authorization when set.
- *
- * If no Roles set, then accepts all users
- *
- * @param req
- * @return
- */
- public boolean isAuthorized(HttpServletRequest req) {
- if(all)return true;
- if(roles!=null) {
- for(String srole : roles) {
- if(req.isUserInRole(srole)) return true;
- }
- }
- return false;
- }
-
- public boolean no_cache() {
- return false;
- }
-
- public String toString() {
- return desc;
- }
+ // Note: get Query Params from Request
+
+ /**
+ * Check for Authorization when set.
+ *
+ * If no Roles set, then accepts all users
+ *
+ * @param req
+ * @return
+ */
+ public boolean isAuthorized(HttpServletRequest req) {
+ if(all)return true;
+ if(roles!=null) {
+ for(String srole : roles) {
+ if(req.isUserInRole(srole)) return true;
+ }
+ }
+ return false;
+ }
+
+ public boolean no_cache() {
+ return false;
+ }
+
+ public String toString() {
+ return desc;
+ }
} \ No newline at end of file
diff --git a/auth/auth-core/src/main/java/org/onap/aaf/auth/rserv/HttpMethods.java b/auth/auth-core/src/main/java/org/onap/aaf/auth/rserv/HttpMethods.java
index 4dbaf17b..3f7f93c7 100644
--- a/auth/auth-core/src/main/java/org/onap/aaf/auth/rserv/HttpMethods.java
+++ b/auth/auth-core/src/main/java/org/onap/aaf/auth/rserv/HttpMethods.java
@@ -22,8 +22,8 @@
package org.onap.aaf.auth.rserv;
public enum HttpMethods {
- POST,
- GET,
- PUT,
- DELETE
+ POST,
+ GET,
+ PUT,
+ DELETE
}
diff --git a/auth/auth-core/src/main/java/org/onap/aaf/auth/rserv/Match.java b/auth/auth-core/src/main/java/org/onap/aaf/auth/rserv/Match.java
index e4eb239d..5a036551 100644
--- a/auth/auth-core/src/main/java/org/onap/aaf/auth/rserv/Match.java
+++ b/auth/auth-core/src/main/java/org/onap/aaf/auth/rserv/Match.java
@@ -34,178 +34,178 @@ import java.util.Set;
*
*/
public class Match {
- private Map<String, Integer> params;
- private byte[] values[];
- private Integer vars[];
- private boolean wildcard;
+ private Map<String, Integer> params;
+ private byte[] values[];
+ private Integer vars[];
+ private boolean wildcard;
-
- /*
- * These two methods are pairs of searching performance for variables Spark Style.
- * setParams evaluates the target path, and sets a HashMap that will return an Integer.
- * the Keys are both :key and key so that there will be no string operations during
- * a transaction
- *
- * For the Integer, if the High Order is 0, then it is just one value. If High Order >0, then it is
- * a multi-field option, i.e. ending with a wild-card.
- */
- public Match(String path) {
- // IF DEBUG: System.out.print("\n[" + path + "]");
- params = new HashMap<>();
- if(path!=null) {
- String[] pa = path.split("/");
- values = new byte[pa.length][];
- vars = new Integer[pa.length];
-
- int val = 0;
- String key;
- for(int i=0;i<pa.length && !wildcard;++i) {
- if(pa[i].startsWith(":")) {
- if(pa[i].endsWith("*")) {
- val = i | pa.length<<16; // load end value in high order bits
- key = pa[i].substring(0, pa[i].length()-1);// remove *
- wildcard = true;
- } else {
- val = i;
- key = pa[i];
- }
- params.put(key,val); //put in :key
- params.put(key.substring(1,key.length()), val); // put in just key, better than adding a missing one, like Spark
- // values[i]=null; // null stands for Variable
- vars[i]=val;
- } else {
- values[i]=pa[i].getBytes();
- if(pa[i].endsWith("*")) {
- wildcard = true;
- if(pa[i].length()>1) {
- /* remove * from value */
- int newlength = values[i].length-1;
- byte[] real = new byte[newlength];
- System.arraycopy(values[i],0,real,0,newlength);
- values[i]=real;
- } else {
- vars[i]=0; // this is actually a variable, if it only contains a "*"
- }
- }
- // vars[i]=null;
- }
- }
- }
- }
+
+ /*
+ * These two methods are pairs of searching performance for variables Spark Style.
+ * setParams evaluates the target path, and sets a HashMap that will return an Integer.
+ * the Keys are both :key and key so that there will be no string operations during
+ * a transaction
+ *
+ * For the Integer, if the High Order is 0, then it is just one value. If High Order >0, then it is
+ * a multi-field option, i.e. ending with a wild-card.
+ */
+ public Match(String path) {
+ // IF DEBUG: System.out.print("\n[" + path + "]");
+ params = new HashMap<>();
+ if(path!=null) {
+ String[] pa = path.split("/");
+ values = new byte[pa.length][];
+ vars = new Integer[pa.length];
+
+ int val = 0;
+ String key;
+ for(int i=0;i<pa.length && !wildcard;++i) {
+ if(pa[i].startsWith(":")) {
+ if(pa[i].endsWith("*")) {
+ val = i | pa.length<<16; // load end value in high order bits
+ key = pa[i].substring(0, pa[i].length()-1);// remove *
+ wildcard = true;
+ } else {
+ val = i;
+ key = pa[i];
+ }
+ params.put(key,val); //put in :key
+ params.put(key.substring(1,key.length()), val); // put in just key, better than adding a missing one, like Spark
+ // values[i]=null; // null stands for Variable
+ vars[i]=val;
+ } else {
+ values[i]=pa[i].getBytes();
+ if(pa[i].endsWith("*")) {
+ wildcard = true;
+ if(pa[i].length()>1) {
+ /* remove * from value */
+ int newlength = values[i].length-1;
+ byte[] real = new byte[newlength];
+ System.arraycopy(values[i],0,real,0,newlength);
+ values[i]=real;
+ } else {
+ vars[i]=0; // this is actually a variable, if it only contains a "*"
+ }
+ }
+ // vars[i]=null;
+ }
+ }
+ }
+ }
- /*
- * This is the second of the param evaluation functions. First, we look up to see if there is
- * any reference by key in the params Map created by the above.
- *
- * The resulting Integer, if not null, is split high/low order into start and end.
- * We evaluate the string for '/', rather than splitting into String[] to avoid the time/mem needed
- * We traverse to the proper field number for slash, evaluate the end (whether wild card or no),
- * and return the substring.
- *
- * The result is something less than .003 milliseconds per evaluation
- *
- */
- public String param(String path,String key) {
- Integer val = params.get(key); // :key or key
- if(val!=null) {
- int start = val & 0xFFFF;
- int end = (val >> 16) & 0xFFFF;
- int idx = -1;
- int i;
- for(i=0;i<start;++i) {
- idx = path.indexOf('/',idx+1);
- if(idx<0)break;
- }
- if(i==start) {
- ++idx;
- if(end==0) {
- end = path.indexOf('/',idx);
- if(end<0)end=path.length();
- } else {
- end=path.length();
- }
- return path.substring(idx,end);
- } else if(i==start-1) { // if last spot was left blank, i.e. :key*
- return "";
- }
- }
- return null;
- }
-
- public boolean match(String path) {
- if(path==null|| path.length()==0 || "/".equals(path) ) {
- if(values==null)return true;
- switch(values.length) {
- case 0: return true;
- case 1: return values[0].length==0;
- default: return false;
- }
- }
- boolean rv = true;
- byte[] pabytes = path.getBytes();
- int field=0;
- int fieldIdx = 0;
+ /*
+ * This is the second of the param evaluation functions. First, we look up to see if there is
+ * any reference by key in the params Map created by the above.
+ *
+ * The resulting Integer, if not null, is split high/low order into start and end.
+ * We evaluate the string for '/', rather than splitting into String[] to avoid the time/mem needed
+ * We traverse to the proper field number for slash, evaluate the end (whether wild card or no),
+ * and return the substring.
+ *
+ * The result is something less than .003 milliseconds per evaluation
+ *
+ */
+ public String param(String path,String key) {
+ Integer val = params.get(key); // :key or key
+ if(val!=null) {
+ int start = val & 0xFFFF;
+ int end = (val >> 16) & 0xFFFF;
+ int idx = -1;
+ int i;
+ for(i=0;i<start;++i) {
+ idx = path.indexOf('/',idx+1);
+ if(idx<0)break;
+ }
+ if(i==start) {
+ ++idx;
+ if(end==0) {
+ end = path.indexOf('/',idx);
+ if(end<0)end=path.length();
+ } else {
+ end=path.length();
+ }
+ return path.substring(idx,end);
+ } else if(i==start-1) { // if last spot was left blank, i.e. :key*
+ return "";
+ }
+ }
+ return null;
+ }
+
+ public boolean match(String path) {
+ if(path==null|| path.length()==0 || "/".equals(path) ) {
+ if(values==null)return true;
+ switch(values.length) {
+ case 0: return true;
+ case 1: return values[0].length==0;
+ default: return false;
+ }
+ }
+ boolean rv = true;
+ byte[] pabytes = path.getBytes();
+ int field=0;
+ int fieldIdx = 0;
- int lastField = values.length;
- int lastByte = pabytes.length;
- boolean fieldMatched = false; // = lastByte>0?(pabytes[0]=='/'):false;
- // IF DEBUG: System.out.println("\n -- " + path + " --");
- for(int i=0;rv && i<lastByte;++i) {
- if(field>=lastField) { // checking here allows there to be a non-functional ending /
- rv = false;
- break;
- }
- if(values[field]==null) { // it's a variable, just look for /s
- if(wildcard && field==lastField-1) return true;// we've made it this far. We accept all remaining characters
- Integer val = vars[field];
- int start = val & 0xFFFF;
- int end = (val >> 16) & 0xFFFF;
- if(end==0)end=start+1;
- int k = i;
- for(int j=start; j<end && k<lastByte; ++k) {
- // IF DEBUG: System.out.print((char)pabytes[k]);
- if(pabytes[k]=='/') {
- ++field;
- ++j;
- }
- }
-
- if(k==lastByte && pabytes[k-1]!='/')++field;
- if(k>i)i=k-1; // if we've incremented, have to accommodate the outer for loop incrementing as well
- fieldMatched = false; // reset
- fieldIdx = 0;
- } else {
- // IF DEBUG: System.out.print((char)pabytes[i]);
- if(pabytes[i]=='/') { // end of field, eval if Field is matched
- // if double slash, check if supposed to be empty
- if(fieldIdx==0 && values[field].length==0) {
- fieldMatched = true;
- }
- rv = fieldMatched && ++field<lastField;
- // reset
- fieldMatched = false;
- fieldIdx = 0;
- } else if(values[field].length==0) {
- // double slash in path, but content in field. We check specially here to avoid
- // Array out of bounds issues.
- rv = false;
- } else {
- if(fieldMatched) {
- rv =false; // field is already matched, now there's too many bytes
- } else {
- rv = pabytes[i]==values[field][fieldIdx++]; // compare expected (pabytes[i]) with value for particular field
- fieldMatched=values[field].length==fieldIdx; // are all the bytes match in the field?
- if(fieldMatched && (i==lastByte-1 || (wildcard && field==lastField-1)))
- return true; // last field info
- }
- }
- }
- }
- if(field!=lastField || pabytes.length!=lastByte) rv = false; // have we matched all the fields and all the bytes?
- return rv;
- }
-
- public Set<String> getParamNames() {
- return params.keySet();
- }
+ int lastField = values.length;
+ int lastByte = pabytes.length;
+ boolean fieldMatched = false; // = lastByte>0?(pabytes[0]=='/'):false;
+ // IF DEBUG: System.out.println("\n -- " + path + " --");
+ for(int i=0;rv && i<lastByte;++i) {
+ if(field>=lastField) { // checking here allows there to be a non-functional ending /
+ rv = false;
+ break;
+ }
+ if(values[field]==null) { // it's a variable, just look for /s
+ if(wildcard && field==lastField-1) return true;// we've made it this far. We accept all remaining characters
+ Integer val = vars[field];
+ int start = val & 0xFFFF;
+ int end = (val >> 16) & 0xFFFF;
+ if(end==0)end=start+1;
+ int k = i;
+ for(int j=start; j<end && k<lastByte; ++k) {
+ // IF DEBUG: System.out.print((char)pabytes[k]);
+ if(pabytes[k]=='/') {
+ ++field;
+ ++j;
+ }
+ }
+
+ if(k==lastByte && pabytes[k-1]!='/')++field;
+ if(k>i)i=k-1; // if we've incremented, have to accommodate the outer for loop incrementing as well
+ fieldMatched = false; // reset
+ fieldIdx = 0;
+ } else {
+ // IF DEBUG: System.out.print((char)pabytes[i]);
+ if(pabytes[i]=='/') { // end of field, eval if Field is matched
+ // if double slash, check if supposed to be empty
+ if(fieldIdx==0 && values[field].length==0) {
+ fieldMatched = true;
+ }
+ rv = fieldMatched && ++field<lastField;
+ // reset
+ fieldMatched = false;
+ fieldIdx = 0;
+ } else if(values[field].length==0) {
+ // double slash in path, but content in field. We check specially here to avoid
+ // Array out of bounds issues.
+ rv = false;
+ } else {
+ if(fieldMatched) {
+ rv =false; // field is already matched, now there's too many bytes
+ } else {
+ rv = pabytes[i]==values[field][fieldIdx++]; // compare expected (pabytes[i]) with value for particular field
+ fieldMatched=values[field].length==fieldIdx; // are all the bytes match in the field?
+ if(fieldMatched && (i==lastByte-1 || (wildcard && field==lastField-1)))
+ return true; // last field info
+ }
+ }
+ }
+ }
+ if(field!=lastField || pabytes.length!=lastByte) rv = false; // have we matched all the fields and all the bytes?
+ return rv;
+ }
+
+ public Set<String> getParamNames() {
+ return params.keySet();
+ }
} \ No newline at end of file
diff --git a/auth/auth-core/src/main/java/org/onap/aaf/auth/rserv/Pair.java b/auth/auth-core/src/main/java/org/onap/aaf/auth/rserv/Pair.java
index 810f9129..f4d1394b 100644
--- a/auth/auth-core/src/main/java/org/onap/aaf/auth/rserv/Pair.java
+++ b/auth/auth-core/src/main/java/org/onap/aaf/auth/rserv/Pair.java
@@ -30,15 +30,15 @@ package org.onap.aaf.auth.rserv;
* @param <Y>
*/
public class Pair<X,Y> {
- public X x;
- public Y y;
-
- public Pair(X x, Y y) {
- this.x = x;
- this.y = y;
- }
-
- public String toString() {
- return "X: " + x.toString() + "-->" + y.toString();
- }
+ public X x;
+ public Y y;
+
+ public Pair(X x, Y y) {
+ this.x = x;
+ this.y = y;
+ }
+
+ public String toString() {
+ return "X: " + x.toString() + "-->" + y.toString();
+ }
}
diff --git a/auth/auth-core/src/main/java/org/onap/aaf/auth/rserv/RServlet.java b/auth/auth-core/src/main/java/org/onap/aaf/auth/rserv/RServlet.java
index 4ae0f882..03264d56 100644
--- a/auth/auth-core/src/main/java/org/onap/aaf/auth/rserv/RServlet.java
+++ b/auth/auth-core/src/main/java/org/onap/aaf/auth/rserv/RServlet.java
@@ -37,118 +37,118 @@ import org.onap.aaf.misc.env.TimeTaken;
import org.onap.aaf.misc.env.Trans;
public abstract class RServlet<TRANS extends Trans> implements Servlet {
- private Routes<TRANS> routes = new Routes<TRANS>();
+ private Routes<TRANS> routes = new Routes<TRANS>();
- private ServletConfig config;
+ private ServletConfig config;
- @Override
- public void init(ServletConfig config) throws ServletException {
- this.config = config;
- }
+ @Override
+ public void init(ServletConfig config) throws ServletException {
+ this.config = config;
+ }
- @Override
- public ServletConfig getServletConfig() {
- return config;
- }
+ @Override
+ public ServletConfig getServletConfig() {
+ return config;
+ }
- public void route(Env env, HttpMethods meth, String path, HttpCode<TRANS, ?> code, String ... moreTypes) {
- Route<TRANS> r = routes.findOrCreate(meth,path);
- r.add(code,moreTypes);
- env.init().log(r.report(code),code);
- }
-
- @Override
- public void service(ServletRequest req, ServletResponse res) throws ServletException, IOException {
- HttpServletRequest request = (HttpServletRequest)req;
- HttpServletResponse response = (HttpServletResponse)res;
-
- @SuppressWarnings("unchecked")
- TRANS trans = (TRANS)req.getAttribute(TransFilter.TRANS_TAG);
- if(trans==null) {
- response.setStatus(404); // Not Found, because it didn't go through TransFilter
- return;
- }
-
- Route<TRANS> route;
- HttpCode<TRANS,?> code=null;
- String ct = req.getContentType();
- TimeTaken tt = trans.start("Resolve to Code", Env.SUB);
- try {
- // routes have multiple code sets. This object picks the best code set
- // based on Accept or Content-Type
- CodeSetter<TRANS> codesetter = new CodeSetter<TRANS>(trans,request,response);
- // Find declared route
- route = routes.derive(request, codesetter);
- if(route==null) {
- String method = request.getMethod();
- trans.checkpoint("No Route matches "+ method + ' ' + request.getPathInfo());
- response.setStatus(404); // Not Found
- } else {
- // Find best Code in Route based on "Accepts (Get) or Content-Type" (if exists)
- code = codesetter.code();// route.getCode(trans, request, response);
- }
- } finally {
- tt.done();
- }
-
- if(route!=null && code!=null) {
- StringBuilder sb = new StringBuilder(72);
- sb.append(route.auditText);
- sb.append(',');
- sb.append(code.desc());
- if(ct!=null) {
- sb.append(", ContentType: ");
- sb.append(ct);
- }
- tt = trans.start(sb.toString(),Env.SUB);
- try {
- /*obj = */
- code.handle(trans, request, response);
- response.flushBuffer();
- } catch (ServletException e) {
- trans.error().log(e);
- throw e;
- } catch (Exception e) {
- trans.error().log(e,request.getMethod(),request.getPathInfo());
- throw new ServletException(e);
- } finally {
- tt.done();
- }
- }
- }
-
- @Override
- public String getServletInfo() {
- return "RServlet for Jetty";
- }
+ public void route(Env env, HttpMethods meth, String path, HttpCode<TRANS, ?> code, String ... moreTypes) {
+ Route<TRANS> r = routes.findOrCreate(meth,path);
+ r.add(code,moreTypes);
+ env.init().log(r.report(code),code);
+ }
+
+ @Override
+ public void service(ServletRequest req, ServletResponse res) throws ServletException, IOException {
+ HttpServletRequest request = (HttpServletRequest)req;
+ HttpServletResponse response = (HttpServletResponse)res;
+
+ @SuppressWarnings("unchecked")
+ TRANS trans = (TRANS)req.getAttribute(TransFilter.TRANS_TAG);
+ if(trans==null) {
+ response.setStatus(404); // Not Found, because it didn't go through TransFilter
+ return;
+ }
+
+ Route<TRANS> route;
+ HttpCode<TRANS,?> code=null;
+ String ct = req.getContentType();
+ TimeTaken tt = trans.start("Resolve to Code", Env.SUB);
+ try {
+ // routes have multiple code sets. This object picks the best code set
+ // based on Accept or Content-Type
+ CodeSetter<TRANS> codesetter = new CodeSetter<TRANS>(trans,request,response);
+ // Find declared route
+ route = routes.derive(request, codesetter);
+ if(route==null) {
+ String method = request.getMethod();
+ trans.checkpoint("No Route matches "+ method + ' ' + request.getPathInfo());
+ response.setStatus(404); // Not Found
+ } else {
+ // Find best Code in Route based on "Accepts (Get) or Content-Type" (if exists)
+ code = codesetter.code();// route.getCode(trans, request, response);
+ }
+ } finally {
+ tt.done();
+ }
+
+ if(route!=null && code!=null) {
+ StringBuilder sb = new StringBuilder(72);
+ sb.append(route.auditText);
+ sb.append(',');
+ sb.append(code.desc());
+ if(ct!=null) {
+ sb.append(", ContentType: ");
+ sb.append(ct);
+ }
+ tt = trans.start(sb.toString(),Env.SUB);
+ try {
+ /*obj = */
+ code.handle(trans, request, response);
+ response.flushBuffer();
+ } catch (ServletException e) {
+ trans.error().log(e);
+ throw e;
+ } catch (Exception e) {
+ trans.error().log(e,request.getMethod(),request.getPathInfo());
+ throw new ServletException(e);
+ } finally {
+ tt.done();
+ }
+ }
+ }
+
+ @Override
+ public String getServletInfo() {
+ return "RServlet for Jetty";
+ }
- @Override
- public void destroy() {
- }
+ @Override
+ public void destroy() {
+ }
- public String applicationJSON(Class<?> cls, String version) {
- StringBuilder sb = new StringBuilder();
- sb.append("application/");
- sb.append(cls.getSimpleName());
- sb.append("+json");
- sb.append(";charset=utf-8");
- sb.append(";version=");
- sb.append(version);
- return sb.toString();
- }
+ public String applicationJSON(Class<?> cls, String version) {
+ StringBuilder sb = new StringBuilder();
+ sb.append("application/");
+ sb.append(cls.getSimpleName());
+ sb.append("+json");
+ sb.append(";charset=utf-8");
+ sb.append(";version=");
+ sb.append(version);
+ return sb.toString();
+ }
- public String applicationXML(Class<?> cls, String version) {
- StringBuilder sb = new StringBuilder();
- sb.append("application/");
- sb.append(cls.getSimpleName());
- sb.append("+xml");
- sb.append(";charset=utf-8");
- sb.append(";version=");
- sb.append(version);
- return sb.toString();
- }
+ public String applicationXML(Class<?> cls, String version) {
+ StringBuilder sb = new StringBuilder();
+ sb.append("application/");
+ sb.append(cls.getSimpleName());
+ sb.append("+xml");
+ sb.append(";charset=utf-8");
+ sb.append(";version=");
+ sb.append(version);
+ return sb.toString();
+ }
- public List<RouteReport> routeReport() {
- return routes.routeReport();
- }
+ public List<RouteReport> routeReport() {
+ return routes.routeReport();
+ }
}
diff --git a/auth/auth-core/src/main/java/org/onap/aaf/auth/rserv/Route.java b/auth/auth-core/src/main/java/org/onap/aaf/auth/rserv/Route.java
index 9ae202a2..81b3d0a2 100644
--- a/auth/auth-core/src/main/java/org/onap/aaf/auth/rserv/Route.java
+++ b/auth/auth-core/src/main/java/org/onap/aaf/auth/rserv/Route.java
@@ -33,109 +33,109 @@ import org.onap.aaf.misc.env.TimeTaken;
import org.onap.aaf.misc.env.Trans;
public class Route<TRANS extends Trans> {
- public final String auditText;
- public final HttpMethods meth;
- public final String path;
-
- private Match match;
- // package on purpose
- private final TypedCode<TRANS> content;
- private final boolean isGet;
-
- public Route(HttpMethods meth, String path) {
- this.path = path;
- auditText = meth.name() + ' ' + path;
- this.meth = meth; // Note: Using Spark def for now.
- isGet = meth.compareTo(HttpMethods.GET) == 0;
- match = new Match(path);
- content = new TypedCode<TRANS>();
- }
-
- public void add(HttpCode<TRANS,?> code, String ... others) {
- code.match = match;
- content.add(code, others);
- }
-
-// public void add(HttpCode<TRANS,?> code, Class<?> cls, String version, String ... others) {
-// code.match = match;
-// content.add(code, cls, version, others);
-// }
+ public final String auditText;
+ public final HttpMethods meth;
+ public final String path;
+
+ private Match match;
+ // package on purpose
+ private final TypedCode<TRANS> content;
+ private final boolean isGet;
+
+ public Route(HttpMethods meth, String path) {
+ this.path = path;
+ auditText = meth.name() + ' ' + path;
+ this.meth = meth; // Note: Using Spark def for now.
+ isGet = meth.compareTo(HttpMethods.GET) == 0;
+ match = new Match(path);
+ content = new TypedCode<TRANS>();
+ }
+
+ public void add(HttpCode<TRANS,?> code, String ... others) {
+ code.match = match;
+ content.add(code, others);
+ }
+
+// public void add(HttpCode<TRANS,?> code, Class<?> cls, String version, String ... others) {
+// code.match = match;
+// content.add(code, cls, version, others);
+// }
//
- public HttpCode<TRANS,?> getCode(TRANS trans, HttpServletRequest req, HttpServletResponse resp) throws IOException, ServletException {
- // Type is associated with Accept for GET (since it is what is being returned
- // We associate the rest with ContentType.
- // FYI, thought about this a long time before implementing this way.
- String compare;
-// String special[]; // todo, expose Charset (in special) to outside
- if(isGet) {
- compare = req.getHeader("Accept"); // Accept is used for read, as we want to agree on what caller is ready to handle
- } else {
- compare = req.getContentType(); // Content type used to declare what data is being created, updated or deleted (might be used for key)
- }
+ public HttpCode<TRANS,?> getCode(TRANS trans, HttpServletRequest req, HttpServletResponse resp) throws IOException, ServletException {
+ // Type is associated with Accept for GET (since it is what is being returned
+ // We associate the rest with ContentType.
+ // FYI, thought about this a long time before implementing this way.
+ String compare;
+// String special[]; // todo, expose Charset (in special) to outside
+ if(isGet) {
+ compare = req.getHeader("Accept"); // Accept is used for read, as we want to agree on what caller is ready to handle
+ } else {
+ compare = req.getContentType(); // Content type used to declare what data is being created, updated or deleted (might be used for key)
+ }
- Pair<String, Pair<HttpCode<TRANS, ?>, List<Pair<String, Object>>>> hl = content.prep(trans, compare);
- if(hl==null) {
- resp.setStatus(406); // NOT_ACCEPTABLE
- } else {
- if(isGet) { // Set Content Type to expected content
- if("*".equals(hl.x) || "*/*".equals(hl.x)) {// if wild-card, then choose first kind of type
- resp.setContentType(content.first());
- } else {
- resp.setContentType(hl.x);
- }
- }
- return hl.y.x;
- }
- return null;
- }
-
- public Route<TRANS> matches(String method, String path) {
- return meth.name().equalsIgnoreCase(method) && match.match(path)?this:null;
- }
-
- public TimeTaken start(Trans trans, String auditText, HttpCode<TRANS,?> code, String type) {
- StringBuilder sb = new StringBuilder(auditText);
- sb.append(", ");
- sb.append(code.desc());
- sb.append(", Content: ");
- sb.append(type);
- return trans.start(sb.toString(), Env.SUB);
- }
+ Pair<String, Pair<HttpCode<TRANS, ?>, List<Pair<String, Object>>>> hl = content.prep(trans, compare);
+ if(hl==null) {
+ resp.setStatus(406); // NOT_ACCEPTABLE
+ } else {
+ if(isGet) { // Set Content Type to expected content
+ if("*".equals(hl.x) || "*/*".equals(hl.x)) {// if wild-card, then choose first kind of type
+ resp.setContentType(content.first());
+ } else {
+ resp.setContentType(hl.x);
+ }
+ }
+ return hl.y.x;
+ }
+ return null;
+ }
+
+ public Route<TRANS> matches(String method, String path) {
+ return meth.name().equalsIgnoreCase(method) && match.match(path)?this:null;
+ }
+
+ public TimeTaken start(Trans trans, String auditText, HttpCode<TRANS,?> code, String type) {
+ StringBuilder sb = new StringBuilder(auditText);
+ sb.append(", ");
+ sb.append(code.desc());
+ sb.append(", Content: ");
+ sb.append(type);
+ return trans.start(sb.toString(), Env.SUB);
+ }
- // Package on purpose.. for "find/Create" routes only
- boolean resolvesTo(HttpMethods hm, String p) {
- return(path.equals(p) && hm.equals(meth));
- }
-
- public String toString() {
- return auditText + ' ' + content;
- }
+ // Package on purpose.. for "find/Create" routes only
+ boolean resolvesTo(HttpMethods hm, String p) {
+ return(path.equals(p) && hm.equals(meth));
+ }
+
+ public String toString() {
+ return auditText + ' ' + content;
+ }
- public String report(HttpCode<TRANS, ?> code) {
- StringBuilder sb = new StringBuilder();
- sb.append(auditText);
- sb.append(' ');
- content.relatedTo(code, sb);
- return sb.toString();
- }
+ public String report(HttpCode<TRANS, ?> code) {
+ StringBuilder sb = new StringBuilder();
+ sb.append(auditText);
+ sb.append(' ');
+ content.relatedTo(code, sb);
+ return sb.toString();
+ }
- public RouteReport api() {
- RouteReport tr = new RouteReport();
- tr.meth = meth;
- tr.path = path;
- content.api(tr);
- return tr;
- }
+ public RouteReport api() {
+ RouteReport tr = new RouteReport();
+ tr.meth = meth;
+ tr.path = path;
+ content.api(tr);
+ return tr;
+ }
- /**
- * contentRelatedTo (For reporting) list routes that will end up at a specific Code
- * @return
- */
- public String contentRelatedTo(HttpCode<TRANS, ?> code) {
- StringBuilder sb = new StringBuilder(path);
- sb.append(' ');
- content.relatedTo(code, sb);
- return sb.toString();
- }
+ /**
+ * contentRelatedTo (For reporting) list routes that will end up at a specific Code
+ * @return
+ */
+ public String contentRelatedTo(HttpCode<TRANS, ?> code) {
+ StringBuilder sb = new StringBuilder(path);
+ sb.append(' ');
+ content.relatedTo(code, sb);
+ return sb.toString();
+ }
}
diff --git a/auth/auth-core/src/main/java/org/onap/aaf/auth/rserv/RouteReport.java b/auth/auth-core/src/main/java/org/onap/aaf/auth/rserv/RouteReport.java
index 1c946e83..cb7c48bc 100644
--- a/auth/auth-core/src/main/java/org/onap/aaf/auth/rserv/RouteReport.java
+++ b/auth/auth-core/src/main/java/org/onap/aaf/auth/rserv/RouteReport.java
@@ -25,9 +25,9 @@ import java.util.ArrayList;
import java.util.List;
public class RouteReport {
- public HttpMethods meth;
- public String path;
- public String desc;
- public final List<String> contextTypes = new ArrayList<>();
+ public HttpMethods meth;
+ public String path;
+ public String desc;
+ public final List<String> contextTypes = new ArrayList<>();
}
diff --git a/auth/auth-core/src/main/java/org/onap/aaf/auth/rserv/Routes.java b/auth/auth-core/src/main/java/org/onap/aaf/auth/rserv/Routes.java
index 7cfadf2b..7c69d9b7 100644
--- a/auth/auth-core/src/main/java/org/onap/aaf/auth/rserv/Routes.java
+++ b/auth/auth-core/src/main/java/org/onap/aaf/auth/rserv/Routes.java
@@ -32,58 +32,58 @@ import org.onap.aaf.misc.env.Trans;
public class Routes<TRANS extends Trans> {
- // Since this must be very, very fast, and only needs one creation, we'll use just an array.
- private Route<TRANS>[] routes;
- private int end;
-
+ // Since this must be very, very fast, and only needs one creation, we'll use just an array.
+ private Route<TRANS>[] routes;
+ private int end;
+
- @SuppressWarnings("unchecked")
- public Routes() {
- routes = new Route[10];
- end = 0;
- }
-
- // This method for setup of Routes only...
- // Package on purpose
- synchronized Route<TRANS> findOrCreate(HttpMethods meth, String path) {
- Route<TRANS> rv = null;
- for(int i=0;i<end;++i) {
- if(routes[i].resolvesTo(meth,path))rv = routes[i];
- }
-
- if(rv==null) {
- if(end>=routes.length) {
- @SuppressWarnings("unchecked")
- Route<TRANS>[] temp = new Route[end+10];
- System.arraycopy(routes, 0, temp, 0, routes.length);
- routes = temp;
- }
-
- routes[end++]=rv=new Route<TRANS>(meth,path);
- }
- return rv;
- }
-
- public Route<TRANS> derive(HttpServletRequest req, CodeSetter<TRANS> codeSetter) throws IOException, ServletException {
- Route<TRANS> rv = null;
- String path = req.getPathInfo();
- String meth = req.getMethod();
- //TODO a TREE would be better
- for(int i=0;rv==null && i<end; ++i) {
- rv = routes[i].matches(meth,path);
- if(rv!=null && !codeSetter.matches(rv)) { // potential match, check if has Code
- rv = null; // not quite, keep going
- }
- }
- //TODO a Default?
- return rv;
- }
-
- public List<RouteReport> routeReport() {
- ArrayList<RouteReport> ltr = new ArrayList<>();
- for(int i=0;i<end;++i) {
- ltr.add(routes[i].api());
- }
- return ltr;
- }
+ @SuppressWarnings("unchecked")
+ public Routes() {
+ routes = new Route[10];
+ end = 0;
+ }
+
+ // This method for setup of Routes only...
+ // Package on purpose
+ synchronized Route<TRANS> findOrCreate(HttpMethods meth, String path) {
+ Route<TRANS> rv = null;
+ for(int i=0;i<end;++i) {
+ if(routes[i].resolvesTo(meth,path))rv = routes[i];
+ }
+
+ if(rv==null) {
+ if(end>=routes.length) {
+ @SuppressWarnings("unchecked")
+ Route<TRANS>[] temp = new Route[end+10];
+ System.arraycopy(routes, 0, temp, 0, routes.length);
+ routes = temp;
+ }
+
+ routes[end++]=rv=new Route<TRANS>(meth,path);
+ }
+ return rv;
+ }
+
+ public Route<TRANS> derive(HttpServletRequest req, CodeSetter<TRANS> codeSetter) throws IOException, ServletException {
+ Route<TRANS> rv = null;
+ String path = req.getPathInfo();
+ String meth = req.getMethod();
+ //TODO a TREE would be better
+ for(int i=0;rv==null && i<end; ++i) {
+ rv = routes[i].matches(meth,path);
+ if(rv!=null && !codeSetter.matches(rv)) { // potential match, check if has Code
+ rv = null; // not quite, keep going
+ }
+ }
+ //TODO a Default?
+ return rv;
+ }
+
+ public List<RouteReport> routeReport() {
+ ArrayList<RouteReport> ltr = new ArrayList<>();
+ for(int i=0;i<end;++i) {
+ ltr.add(routes[i].api());
+ }
+ return ltr;
+ }
}
diff --git a/auth/auth-core/src/main/java/org/onap/aaf/auth/rserv/TransFilter.java b/auth/auth-core/src/main/java/org/onap/aaf/auth/rserv/TransFilter.java
index c286e507..b36fd234 100644
--- a/auth/auth-core/src/main/java/org/onap/aaf/auth/rserv/TransFilter.java
+++ b/auth/auth-core/src/main/java/org/onap/aaf/auth/rserv/TransFilter.java
@@ -61,97 +61,97 @@ import org.onap.aaf.misc.env.util.Split;
*
*/
public abstract class TransFilter<TRANS extends TransStore> implements Filter {
- public static final String TRANS_TAG = "__TRANS__";
-
- private CadiHTTPManip cadi;
+ public static final String TRANS_TAG = "__TRANS__";
+
+ private CadiHTTPManip cadi;
- private final String[] no_authn;
-
- public TransFilter(Access access, Connector con, TrustChecker tc, Object ... additionalTafLurs) throws CadiException, LocatorException {
- cadi = new CadiHTTPManip(access, con, tc, additionalTafLurs);
- String no = access.getProperty(Config.CADI_NOAUTHN, null);
- if(no!=null) {
- no_authn = Split.split(':', no);
- } else {
- no_authn=null;
- }
- }
+ private final String[] no_authn;
+
+ public TransFilter(Access access, Connector con, TrustChecker tc, Object ... additionalTafLurs) throws CadiException, LocatorException {
+ cadi = new CadiHTTPManip(access, con, tc, additionalTafLurs);
+ String no = access.getProperty(Config.CADI_NOAUTHN, null);
+ if(no!=null) {
+ no_authn = Split.split(':', no);
+ } else {
+ no_authn=null;
+ }
+ }
- @Override
- public void init(FilterConfig filterConfig) throws ServletException {
- }
-
- protected Lur getLur() {
- return cadi.getLur();
- }
+ @Override
+ public void init(FilterConfig filterConfig) throws ServletException {
+ }
+
+ protected Lur getLur() {
+ return cadi.getLur();
+ }
- protected abstract TRANS newTrans(HttpServletRequest request);
- protected abstract TimeTaken start(TRANS trans, ServletRequest request);
- protected abstract void authenticated(TRANS trans, Principal p);
- protected abstract void tallyHo(TRANS trans);
-
- @Override
- public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException {
- HttpServletRequest req = (HttpServletRequest)request;
- HttpServletResponse res = (HttpServletResponse)response;
-
- TRANS trans = newTrans(req);
-
- TimeTaken overall = start(trans,request);
- try {
- request.setAttribute(TRANS_TAG, trans);
-
- if(no_authn!=null) {
- for(String prefix : no_authn) {
- if(req.getPathInfo().startsWith(prefix)) {
- chain.doFilter(request, response);
- return;
- }
- }
- }
+ protected abstract TRANS newTrans(HttpServletRequest request);
+ protected abstract TimeTaken start(TRANS trans, ServletRequest request);
+ protected abstract void authenticated(TRANS trans, Principal p);
+ protected abstract void tallyHo(TRANS trans);
+
+ @Override
+ public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException {
+ HttpServletRequest req = (HttpServletRequest)request;
+ HttpServletResponse res = (HttpServletResponse)response;
+
+ TRANS trans = newTrans(req);
+
+ TimeTaken overall = start(trans,request);
+ try {
+ request.setAttribute(TRANS_TAG, trans);
+
+ if(no_authn!=null) {
+ for(String prefix : no_authn) {
+ if(req.getPathInfo().startsWith(prefix)) {
+ chain.doFilter(request, response);
+ return;
+ }
+ }
+ }
- TimeTaken security = trans.start("CADI Security", Env.SUB);
- TafResp resp;
- RESP r;
- CadiWrap cw = null;
- try {
- resp = cadi.validate(req,res,trans);
- switch(r=resp.isAuthenticated()) {
- case IS_AUTHENTICATED:
- cw = new CadiWrap(req,resp,cadi.getLur());
- authenticated(trans, cw.getUserPrincipal());
- break;
- default:
- break;
- }
- } finally {
- security.done();
- }
-
- if(r==RESP.IS_AUTHENTICATED) {
- trans.checkpoint(resp.desc());
- if(cadi.notCadi(cw, res)) {
- chain.doFilter(cw, response);
- }
- } else {
- //TODO this is a good place to check if too many checks recently
- // Would need Cached Counter objects that are cleaned up on
- // use
- trans.checkpoint(resp.desc(),Env.ALWAYS);
- if(resp.isFailedAttempt())
- trans.audit().log(resp.desc());
- }
- } catch(Exception e) {
- trans.error().log(e);
- trans.checkpoint("Error: " + e.getClass().getSimpleName() + ": " + e.getMessage());
- throw new ServletException(e);
- } finally {
- overall.done();
- tallyHo(trans);
- }
- }
+ TimeTaken security = trans.start("CADI Security", Env.SUB);
+ TafResp resp;
+ RESP r;
+ CadiWrap cw = null;
+ try {
+ resp = cadi.validate(req,res,trans);
+ switch(r=resp.isAuthenticated()) {
+ case IS_AUTHENTICATED:
+ cw = new CadiWrap(req,resp,cadi.getLur());
+ authenticated(trans, cw.getUserPrincipal());
+ break;
+ default:
+ break;
+ }
+ } finally {
+ security.done();
+ }
+
+ if(r==RESP.IS_AUTHENTICATED) {
+ trans.checkpoint(resp.desc());
+ if(cadi.notCadi(cw, res)) {
+ chain.doFilter(cw, response);
+ }
+ } else {
+ //TODO this is a good place to check if too many checks recently
+ // Would need Cached Counter objects that are cleaned up on
+ // use
+ trans.checkpoint(resp.desc(),Env.ALWAYS);
+ if(resp.isFailedAttempt())
+ trans.audit().log(resp.desc());
+ }
+ } catch(Exception e) {
+ trans.error().log(e);
+ trans.checkpoint("Error: " + e.getClass().getSimpleName() + ": " + e.getMessage());
+ throw new ServletException(e);
+ } finally {
+ overall.done();
+ tallyHo(trans);
+ }
+ }
- @Override
- public void destroy() {
- };
+ @Override
+ public void destroy() {
+ };
}
diff --git a/auth/auth-core/src/main/java/org/onap/aaf/auth/rserv/TransOnlyFilter.java b/auth/auth-core/src/main/java/org/onap/aaf/auth/rserv/TransOnlyFilter.java
index e0f7512d..c3514b65 100644
--- a/auth/auth-core/src/main/java/org/onap/aaf/auth/rserv/TransOnlyFilter.java
+++ b/auth/auth-core/src/main/java/org/onap/aaf/auth/rserv/TransOnlyFilter.java
@@ -46,32 +46,32 @@ import org.onap.aaf.misc.env.TransStore;
*
*/
public abstract class TransOnlyFilter<TRANS extends TransStore> implements Filter {
- @Override
- public void init(FilterConfig filterConfig) throws ServletException {
- }
-
+ @Override
+ public void init(FilterConfig filterConfig) throws ServletException {
+ }
+
- protected abstract TRANS newTrans();
- protected abstract TimeTaken start(TRANS trans, ServletRequest request);
- protected abstract void authenticated(TRANS trans, TaggedPrincipal p);
- protected abstract void tallyHo(TRANS trans);
-
- @Override
- public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException {
- TRANS trans = newTrans();
-
- TimeTaken overall = start(trans,request);
- try {
- request.setAttribute(TransFilter.TRANS_TAG, trans);
- chain.doFilter(request, response);
- } finally {
- overall.done();
- }
- tallyHo(trans);
- }
+ protected abstract TRANS newTrans();
+ protected abstract TimeTaken start(TRANS trans, ServletRequest request);
+ protected abstract void authenticated(TRANS trans, TaggedPrincipal p);
+ protected abstract void tallyHo(TRANS trans);
+
+ @Override
+ public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException {
+ TRANS trans = newTrans();
+
+ TimeTaken overall = start(trans,request);
+ try {
+ request.setAttribute(TransFilter.TRANS_TAG, trans);
+ chain.doFilter(request, response);
+ } finally {
+ overall.done();
+ }
+ tallyHo(trans);
+ }
- @Override
- public void destroy() {
- };
+ @Override
+ public void destroy() {
+ };
}
diff --git a/auth/auth-core/src/main/java/org/onap/aaf/auth/rserv/TypedCode.java b/auth/auth-core/src/main/java/org/onap/aaf/auth/rserv/TypedCode.java
index 4425886c..8c57838d 100644
--- a/auth/auth-core/src/main/java/org/onap/aaf/auth/rserv/TypedCode.java
+++ b/auth/auth-core/src/main/java/org/onap/aaf/auth/rserv/TypedCode.java
@@ -44,7 +44,7 @@ import org.onap.aaf.misc.env.Trans;
* I created type-safety at each level, which you can't get from a TreeSet, etc.
* 4) Chaining through the Network is simply object dereferencing, which is as fast as Java can go.
* 5) The drawback is that in your code is that all the variables are named "x" and "y", which can be a bit hard to
- * read both in code, and in the debugger. However, TypeSafety allows your IDE (Eclipse) to help you make the
+ * read both in code, and in the debugger. However, TypeSafety allows your IDE (Eclipse) to help you make the
* choices. Also, make sure you have a good "toString()" method on each object so you can see what's happening
* in the IDE Debugger.
*
@@ -56,214 +56,214 @@ import org.onap.aaf.misc.env.Trans;
* @param <TRANS>
*/
public class TypedCode<TRANS extends Trans> extends Content<TRANS> {
- private List<Pair<String, Pair<HttpCode<TRANS,?>,List<Pair<String, Object>>>>> types;
+ private List<Pair<String, Pair<HttpCode<TRANS,?>,List<Pair<String, Object>>>>> types;
- public TypedCode() {
- types = new ArrayList<>();
- }
-
- /**
- * Construct Typed Code based on ContentType parameters passed in
- *
- * @param code
- * @param others
- * @return
- */
- public TypedCode<TRANS> add(HttpCode<TRANS,?> code, String ... others) {
- StringBuilder sb = new StringBuilder();
- boolean first = true;
- for(String str : others) {
- if(first) {
- first = false;
- } else {
- sb.append(',');
- }
- sb.append(str);
- }
- parse(code, sb.toString());
-
- return this;
- }
-
- @Override
- protected Pair<String, Pair<HttpCode<TRANS,?>, List<Pair<String, Object>>>> types(HttpCode<TRANS,?> code, String str) {
- Pair<String, Pair<HttpCode<TRANS,?>,List<Pair<String, Object>>>> type = null;
- ArrayList<Pair<String, Object>> props = new ArrayList<>();
- // Want Q percentage is to be first in the array everytime. If not listed, 1.0 is default
- props.add(new Pair<String,Object>(Q,1f));
- Pair<HttpCode<TRANS,?>, List<Pair<String,Object>>> cl = new Pair<HttpCode<TRANS,?>, List<Pair<String,Object>>>(code, props);
-// // breakup "plus" stuff, i.e. application/xaml+xml
-// int plus = str.indexOf('+');
-// if(plus<0) {
- type = new Pair<String, Pair<HttpCode<TRANS,?>,List<Pair<String,Object>>>>(str, cl);
- types.add(type);
- return type;
-// } else {
-// int prev = str.indexOf('/')+1;
-// String first = str.substring(0,prev);
-// String nstr;
-// while(prev!=0) {
-// nstr = first + (plus>-1?str.substring(prev,plus):str.substring(prev));
-// type = new Pair<String, Pair<HttpCode<TRANS,?>,List<Pair<String,Object>>>>(nstr, cl);
-// types.add(type);
-// prev = plus+1;
-// plus = str.indexOf('+',prev);
-// }
-// return type;
-// }
- }
+ public TypedCode() {
+ types = new ArrayList<>();
+ }
+
+ /**
+ * Construct Typed Code based on ContentType parameters passed in
+ *
+ * @param code
+ * @param others
+ * @return
+ */
+ public TypedCode<TRANS> add(HttpCode<TRANS,?> code, String ... others) {
+ StringBuilder sb = new StringBuilder();
+ boolean first = true;
+ for(String str : others) {
+ if(first) {
+ first = false;
+ } else {
+ sb.append(',');
+ }
+ sb.append(str);
+ }
+ parse(code, sb.toString());
+
+ return this;
+ }
+
+ @Override
+ protected Pair<String, Pair<HttpCode<TRANS,?>, List<Pair<String, Object>>>> types(HttpCode<TRANS,?> code, String str) {
+ Pair<String, Pair<HttpCode<TRANS,?>,List<Pair<String, Object>>>> type = null;
+ ArrayList<Pair<String, Object>> props = new ArrayList<>();
+ // Want Q percentage is to be first in the array everytime. If not listed, 1.0 is default
+ props.add(new Pair<String,Object>(Q,1f));
+ Pair<HttpCode<TRANS,?>, List<Pair<String,Object>>> cl = new Pair<HttpCode<TRANS,?>, List<Pair<String,Object>>>(code, props);
+// // breakup "plus" stuff, i.e. application/xaml+xml
+// int plus = str.indexOf('+');
+// if(plus<0) {
+ type = new Pair<String, Pair<HttpCode<TRANS,?>,List<Pair<String,Object>>>>(str, cl);
+ types.add(type);
+ return type;
+// } else {
+// int prev = str.indexOf('/')+1;
+// String first = str.substring(0,prev);
+// String nstr;
+// while(prev!=0) {
+// nstr = first + (plus>-1?str.substring(prev,plus):str.substring(prev));
+// type = new Pair<String, Pair<HttpCode<TRANS,?>,List<Pair<String,Object>>>>(nstr, cl);
+// types.add(type);
+// prev = plus+1;
+// plus = str.indexOf('+',prev);
+// }
+// return type;
+// }
+ }
- @Override
- protected boolean props(Pair<String, Pair<HttpCode<TRANS,?>, List<Pair<String, Object>>>> type, String tag, String value) {
- if(tag.equals(Q)) { // reset the Q value (first in array)
- boolean rv = true;
- try {
- type.y.y.get(0).y=Float.parseFloat(value);
- return rv;
- } catch (NumberFormatException e) {
- rv=false; // Note: this awkward syntax forced by Sonar, which doesn't like doing nothing with Exception
- // which is what should happen
- }
- }
- return type.y.y.add(new Pair<String,Object>(tag,"version".equals(tag)?new Version(value):value));
- }
-
- public Pair<String, Pair<HttpCode<TRANS, ?>, List<Pair<String, Object>>>> prep(TRANS trans, String compare) throws IOException, ServletException {
- Pair<String, Pair<HttpCode<TRANS,?>, List<Pair<String, Object>>>> c,rv=null;
- if(types.size()==1 && "".equals((c=types.get(0)).x)) { // if there are no checks for type, skip
- rv = c;
- } else {
- if(compare==null || compare.length()==0) {
- rv = types.get(0); // first code is used
- } else {
- Acceptor<TRANS> acc = new Acceptor<TRANS>(types);
- boolean accepted;
- TimeTaken tt = trans.start(compare, Env.SUB);
- try {
- accepted = acc.parse(null, compare);
- } finally {
- tt.done();
- }
- if(accepted) {
- switch(acc.acceptable.size()) {
- case 0:
-// // TODO best Status Code?
-// resp.setStatus(HttpStatus.NOT_ACCEPTABLE_406);
- break;
- case 1:
- rv = acc.acceptable.get(0);
- break;
- default: // compare Q values to get Best Match
- float bestQ = -1.0f;
- Pair<String, Pair<HttpCode<TRANS,?>, List<Pair<String, Object>>>> bestT = null;
- for(Pair<String, Pair<HttpCode<TRANS,?>, List<Pair<String, Object>>>> type : acc.acceptable) {
- Float f = (Float)type.y.y.get(0).y; // first property is always Q
- if(f>bestQ) {
- bestQ=f;
- bestT = type;
- }
- }
- if(bestT!=null) {
- // When it is a GET, the matched type is what is returned, so set ContentType
-// if(isGet)resp.setContentType(bestT.x); // set ContentType of Code<TRANS,?>
-// rv = bestT.y.x;
- rv = bestT;
- }
- }
- } else {
- trans.checkpoint("No Match found for Accept");
- }
- }
- }
- return rv;
- }
-
- /**
- * Print on String Builder content related to specific Code
- *
- * This is for Reporting and Debugging purposes, so the content is not cached.
- *
- * If code is "null", then all content is matched
- *
- * @param code
- * @return
- */
- public StringBuilder relatedTo(HttpCode<TRANS, ?> code, StringBuilder sb) {
- boolean first = true;
- for(Pair<String, Pair<HttpCode<TRANS, ?>, List<Pair<String, Object>>>> pair : types) {
- if(code==null || pair.y.x == code) {
- if(first) {
- first = false;
- } else {
- sb.append(',');
- }
- sb.append(pair.x);
- for(Pair<String,Object> prop : pair.y.y) {
- // Don't print "Q". it's there for internal use, but it is only meaningful for "Accepts"
- if(!prop.x.equals(Q) || !prop.y.equals(1f) ) {
- sb.append(';');
- sb.append(prop.x);
- sb.append('=');
- sb.append(prop.y);
- }
- }
- }
- }
- return sb;
- }
-
- public List<Pair<String, Object>> getContent(HttpCode<TRANS,?> code) {
- for(Pair<String, Pair<HttpCode<TRANS, ?>, List<Pair<String, Object>>>> pair : types) {
- if(pair.y.x == code) {
- return pair.y.y;
- }
- }
- return null;
- }
-
- public String toString() {
- return relatedTo(null,new StringBuilder()).toString();
- }
-
- public void api(RouteReport tr) {
- // Need to build up a map, because Prop entries can be in several places.
- HashMap<HttpCode<?,?>,StringBuilder> psb = new HashMap<>();
- StringBuilder temp;
- tr.desc = null;
-
- // Read through Code/TypeCode trees for all accepted Typecodes
- for(Pair<String, Pair<HttpCode<TRANS, ?>, List<Pair<String, Object>>>> tc : types) {
- // If new, then it's new Code set, create prefix content
- if((temp=psb.get(tc.y.x))==null) {
- psb.put(tc.y.x,temp=new StringBuilder());
- if(tr.desc==null) {
- tr.desc = tc.y.x.desc();
- }
- } else {
- temp.append(',');
- }
- temp.append(tc.x);
+ @Override
+ protected boolean props(Pair<String, Pair<HttpCode<TRANS,?>, List<Pair<String, Object>>>> type, String tag, String value) {
+ if(tag.equals(Q)) { // reset the Q value (first in array)
+ boolean rv = true;
+ try {
+ type.y.y.get(0).y=Float.parseFloat(value);
+ return rv;
+ } catch (NumberFormatException e) {
+ rv=false; // Note: this awkward syntax forced by Sonar, which doesn't like doing nothing with Exception
+ // which is what should happen
+ }
+ }
+ return type.y.y.add(new Pair<String,Object>(tag,"version".equals(tag)?new Version(value):value));
+ }
+
+ public Pair<String, Pair<HttpCode<TRANS, ?>, List<Pair<String, Object>>>> prep(TRANS trans, String compare) throws IOException, ServletException {
+ Pair<String, Pair<HttpCode<TRANS,?>, List<Pair<String, Object>>>> c,rv=null;
+ if(types.size()==1 && "".equals((c=types.get(0)).x)) { // if there are no checks for type, skip
+ rv = c;
+ } else {
+ if(compare==null || compare.length()==0) {
+ rv = types.get(0); // first code is used
+ } else {
+ Acceptor<TRANS> acc = new Acceptor<TRANS>(types);
+ boolean accepted;
+ TimeTaken tt = trans.start(compare, Env.SUB);
+ try {
+ accepted = acc.parse(null, compare);
+ } finally {
+ tt.done();
+ }
+ if(accepted) {
+ switch(acc.acceptable.size()) {
+ case 0:
+// // TODO best Status Code?
+// resp.setStatus(HttpStatus.NOT_ACCEPTABLE_406);
+ break;
+ case 1:
+ rv = acc.acceptable.get(0);
+ break;
+ default: // compare Q values to get Best Match
+ float bestQ = -1.0f;
+ Pair<String, Pair<HttpCode<TRANS,?>, List<Pair<String, Object>>>> bestT = null;
+ for(Pair<String, Pair<HttpCode<TRANS,?>, List<Pair<String, Object>>>> type : acc.acceptable) {
+ Float f = (Float)type.y.y.get(0).y; // first property is always Q
+ if(f>bestQ) {
+ bestQ=f;
+ bestT = type;
+ }
+ }
+ if(bestT!=null) {
+ // When it is a GET, the matched type is what is returned, so set ContentType
+// if(isGet)resp.setContentType(bestT.x); // set ContentType of Code<TRANS,?>
+// rv = bestT.y.x;
+ rv = bestT;
+ }
+ }
+ } else {
+ trans.checkpoint("No Match found for Accept");
+ }
+ }
+ }
+ return rv;
+ }
+
+ /**
+ * Print on String Builder content related to specific Code
+ *
+ * This is for Reporting and Debugging purposes, so the content is not cached.
+ *
+ * If code is "null", then all content is matched
+ *
+ * @param code
+ * @return
+ */
+ public StringBuilder relatedTo(HttpCode<TRANS, ?> code, StringBuilder sb) {
+ boolean first = true;
+ for(Pair<String, Pair<HttpCode<TRANS, ?>, List<Pair<String, Object>>>> pair : types) {
+ if(code==null || pair.y.x == code) {
+ if(first) {
+ first = false;
+ } else {
+ sb.append(',');
+ }
+ sb.append(pair.x);
+ for(Pair<String,Object> prop : pair.y.y) {
+ // Don't print "Q". it's there for internal use, but it is only meaningful for "Accepts"
+ if(!prop.x.equals(Q) || !prop.y.equals(1f) ) {
+ sb.append(';');
+ sb.append(prop.x);
+ sb.append('=');
+ sb.append(prop.y);
+ }
+ }
+ }
+ }
+ return sb;
+ }
+
+ public List<Pair<String, Object>> getContent(HttpCode<TRANS,?> code) {
+ for(Pair<String, Pair<HttpCode<TRANS, ?>, List<Pair<String, Object>>>> pair : types) {
+ if(pair.y.x == code) {
+ return pair.y.y;
+ }
+ }
+ return null;
+ }
+
+ public String toString() {
+ return relatedTo(null,new StringBuilder()).toString();
+ }
+
+ public void api(RouteReport tr) {
+ // Need to build up a map, because Prop entries can be in several places.
+ HashMap<HttpCode<?,?>,StringBuilder> psb = new HashMap<>();
+ StringBuilder temp;
+ tr.desc = null;
+
+ // Read through Code/TypeCode trees for all accepted Typecodes
+ for(Pair<String, Pair<HttpCode<TRANS, ?>, List<Pair<String, Object>>>> tc : types) {
+ // If new, then it's new Code set, create prefix content
+ if((temp=psb.get(tc.y.x))==null) {
+ psb.put(tc.y.x,temp=new StringBuilder());
+ if(tr.desc==null) {
+ tr.desc = tc.y.x.desc();
+ }
+ } else {
+ temp.append(',');
+ }
+ temp.append(tc.x);
- // add all properties
- for(Pair<String, Object> props : tc.y.y) {
- temp.append(';');
- temp.append(props.x);
- temp.append('=');
- temp.append(props.y);
- }
- }
- // Gather all ContentType possibilities for the same code together
-
- for(StringBuilder sb : psb.values()) {
- tr.contextTypes.add(sb.toString());
- }
- }
+ // add all properties
+ for(Pair<String, Object> props : tc.y.y) {
+ temp.append(';');
+ temp.append(props.x);
+ temp.append('=');
+ temp.append(props.y);
+ }
+ }
+ // Gather all ContentType possibilities for the same code together
+
+ for(StringBuilder sb : psb.values()) {
+ tr.contextTypes.add(sb.toString());
+ }
+ }
- public String first() {
- if(types.size()>0) {
- return types.get(0).x;
- }
- return null;
- }
-
- } \ No newline at end of file
+ public String first() {
+ if(types.size()>0) {
+ return types.get(0).x;
+ }
+ return null;
+ }
+
+ } \ No newline at end of file
diff --git a/auth/auth-core/src/main/java/org/onap/aaf/auth/rserv/Version.java b/auth/auth-core/src/main/java/org/onap/aaf/auth/rserv/Version.java
index ce0981fe..f4818579 100644
--- a/auth/auth-core/src/main/java/org/onap/aaf/auth/rserv/Version.java
+++ b/auth/auth-core/src/main/java/org/onap/aaf/auth/rserv/Version.java
@@ -29,65 +29,65 @@ package org.onap.aaf.auth.rserv;
*
*/
public class Version {
- private Object[] parts;
+ private Object[] parts;
- public Version(String v) {
- String sparts[] = v.split("\\.");
- parts = new Object[sparts.length];
- System.arraycopy(sparts, 0, parts, 0, sparts.length);
- if(parts.length>1) { // has at least a minor
- try {
- parts[1]=Integer.decode(sparts[1]); // minor elements need to be converted to Integer for comparison
- } catch (NumberFormatException e) {
- // it's ok, leave it as a string
- parts[1]=sparts[1]; // This useless piece of code forced by Sonar which calls empty Exceptions "Blockers".
- }
- }
- }
+ public Version(String v) {
+ String sparts[] = v.split("\\.");
+ parts = new Object[sparts.length];
+ System.arraycopy(sparts, 0, parts, 0, sparts.length);
+ if(parts.length>1) { // has at least a minor
+ try {
+ parts[1]=Integer.decode(sparts[1]); // minor elements need to be converted to Integer for comparison
+ } catch (NumberFormatException e) {
+ // it's ok, leave it as a string
+ parts[1]=sparts[1]; // This useless piece of code forced by Sonar which calls empty Exceptions "Blockers".
+ }
+ }
+ }
- public boolean equals(Object obj) {
- if(obj instanceof Version) {
- Version ver = (Version)obj;
- int length = Math.min(parts.length, ver.parts.length);
- for(int i=0;i<length;++i) { // match on declared parts
- if(i==1) {
- if(parts[1] instanceof Integer && ver.parts[1] instanceof Integer) {
- // Match on Minor version if this Version is less than Version to be checked
- if(((Integer)parts[1])<((Integer)ver.parts[1])) {
- return false;
- }
- continue; // don't match next line
- }
- }
- if(!parts[i].equals(ver.parts[i])) {
- return false; // other spots exact match
- }
- }
- return true;
- }
- return false;
- }
-
-
- /* (non-Javadoc)
- * @see java.lang.Object#hashCode()
- */
- @Override
- public int hashCode() {
- return super.hashCode();
- }
+ public boolean equals(Object obj) {
+ if(obj instanceof Version) {
+ Version ver = (Version)obj;
+ int length = Math.min(parts.length, ver.parts.length);
+ for(int i=0;i<length;++i) { // match on declared parts
+ if(i==1) {
+ if(parts[1] instanceof Integer && ver.parts[1] instanceof Integer) {
+ // Match on Minor version if this Version is less than Version to be checked
+ if(((Integer)parts[1])<((Integer)ver.parts[1])) {
+ return false;
+ }
+ continue; // don't match next line
+ }
+ }
+ if(!parts[i].equals(ver.parts[i])) {
+ return false; // other spots exact match
+ }
+ }
+ return true;
+ }
+ return false;
+ }
+
+
+ /* (non-Javadoc)
+ * @see java.lang.Object#hashCode()
+ */
+ @Override
+ public int hashCode() {
+ return super.hashCode();
+ }
- public String toString() {
- StringBuilder sb = new StringBuilder();
- boolean first = true;
- for(Object obj : parts) {
- if(first) {
- first = false;
- } else {
- sb.append('.');
- }
- sb.append(obj.toString());
- }
- return sb.toString();
- }
+ public String toString() {
+ StringBuilder sb = new StringBuilder();
+ boolean first = true;
+ for(Object obj : parts) {
+ if(first) {
+ first = false;
+ } else {
+ sb.append('.');
+ }
+ sb.append(obj.toString());
+ }
+ return sb.toString();
+ }
} \ No newline at end of file
diff --git a/auth/auth-core/src/main/java/org/onap/aaf/auth/rserv/doc/ApiDoc.java b/auth/auth-core/src/main/java/org/onap/aaf/auth/rserv/doc/ApiDoc.java
index e2914752..684976b9 100644
--- a/auth/auth-core/src/main/java/org/onap/aaf/auth/rserv/doc/ApiDoc.java
+++ b/auth/auth-core/src/main/java/org/onap/aaf/auth/rserv/doc/ApiDoc.java
@@ -29,12 +29,12 @@ import org.onap.aaf.auth.rserv.HttpMethods;
@Retention(RetentionPolicy.RUNTIME)
@Target({ElementType.METHOD})
public @interface ApiDoc {
- HttpMethods method();
- String path();
- int expectedCode();
- int[] errorCodes();
- String[] text();
- /** Format with name|type|[true|false] */
- String[] params();
-
+ HttpMethods method();
+ String path();
+ int expectedCode();
+ int[] errorCodes();
+ String[] text();
+ /** Format with name|type|[true|false] */
+ String[] params();
+
}
diff --git a/auth/auth-core/src/main/java/org/onap/aaf/auth/server/AbsService.java b/auth/auth-core/src/main/java/org/onap/aaf/auth/server/AbsService.java
index bb6f1986..497860af 100644
--- a/auth/auth-core/src/main/java/org/onap/aaf/auth/server/AbsService.java
+++ b/auth/auth-core/src/main/java/org/onap/aaf/auth/server/AbsService.java
@@ -47,88 +47,88 @@ import org.onap.aaf.misc.env.Trans;
import org.onap.aaf.misc.env.impl.BasicEnv;
public abstract class AbsService<ENV extends BasicEnv, TRANS extends Trans> extends RServlet<TRANS> {
- public final Access access;
- public final ENV env;
- private AAFConHttp aafCon;
+ public final Access access;
+ public final ENV env;
+ private AAFConHttp aafCon;
- public final String app_name;
- public final String app_version;
- public final String app_interface_version;
- public final String ROOT_NS;
+ public final String app_name;
+ public final String app_version;
+ public final String app_interface_version;
+ public final String ROOT_NS;
public AbsService(final Access access, final ENV env) throws CadiException {
- Define.set(access);
- ROOT_NS = Define.ROOT_NS();
- this.access = access;
- this.env = env;
+ Define.set(access);
+ ROOT_NS = Define.ROOT_NS();
+ this.access = access;
+ this.env = env;
- String component = access.getProperty(Config.AAF_COMPONENT, null);
- final String[] locator_deploy;
-
- if(component == null) {
- locator_deploy = null;
- } else {
- locator_deploy = Split.splitTrim(':', component);
- }
-
- if(component == null || locator_deploy==null || locator_deploy.length<2) {
- throw new CadiException("AAF Component must include the " + Config.AAF_COMPONENT + " property, <fully qualified service name>:<full deployed version (i.e. 2.1.3.13)");
- }
- final String[] version = Split.splitTrim('.', locator_deploy[1]);
- if(version==null || version.length<2) {
- throw new CadiException("AAF Component Version must have at least Major.Minor version");
- }
- app_name = Define.varReplace(locator_deploy[0]);
- app_version = locator_deploy[1];
- app_interface_version = version[0]+'.'+version[1];
-
- // Print Cipher Suites Available
- if(access.willLog(Level.DEBUG)) {
- SSLContext context;
- try {
- context = SSLContext.getDefault();
- } catch (NoSuchAlgorithmException e) {
- throw new CadiException("SSLContext issue",e);
- }
- SSLSocketFactory sf = context.getSocketFactory();
- StringBuilder sb = new StringBuilder("Available Cipher Suites: ");
- boolean first = true;
- int count=0;
- for( String cs : sf.getSupportedCipherSuites()) {
- if(first)first = false;
- else sb.append(',');
- sb.append(cs);
- if(++count%4==0){sb.append('\n');}
- }
- access.log(Level.DEBUG,sb);
- }
+ String component = access.getProperty(Config.AAF_COMPONENT, null);
+ final String[] locator_deploy;
+
+ if(component == null) {
+ locator_deploy = null;
+ } else {
+ locator_deploy = Split.splitTrim(':', component);
+ }
+
+ if(component == null || locator_deploy==null || locator_deploy.length<2) {
+ throw new CadiException("AAF Component must include the " + Config.AAF_COMPONENT + " property, <fully qualified service name>:<full deployed version (i.e. 2.1.3.13)");
+ }
+ final String[] version = Split.splitTrim('.', locator_deploy[1]);
+ if(version==null || version.length<2) {
+ throw new CadiException("AAF Component Version must have at least Major.Minor version");
+ }
+ app_name = Define.varReplace(locator_deploy[0]);
+ app_version = locator_deploy[1];
+ app_interface_version = version[0]+'.'+version[1];
+
+ // Print Cipher Suites Available
+ if(access.willLog(Level.DEBUG)) {
+ SSLContext context;
+ try {
+ context = SSLContext.getDefault();
+ } catch (NoSuchAlgorithmException e) {
+ throw new CadiException("SSLContext issue",e);
+ }
+ SSLSocketFactory sf = context.getSocketFactory();
+ StringBuilder sb = new StringBuilder("Available Cipher Suites: ");
+ boolean first = true;
+ int count=0;
+ for( String cs : sf.getSupportedCipherSuites()) {
+ if(first)first = false;
+ else sb.append(',');
+ sb.append(cs);
+ if(++count%4==0){sb.append('\n');}
+ }
+ access.log(Level.DEBUG,sb);
+ }
}
- protected abstract Filter[] _filters(Object ... additionalTafLurs) throws CadiException, LocatorException;
-
- /**
- * Overload this method to add new TAF or LURs
- *
- * @return
- * @throws CadiException
- * @throws LocatorException
- */
- public Filter[] filters() throws CadiException, LocatorException {
- return _filters();
- }
+ protected abstract Filter[] _filters(Object ... additionalTafLurs) throws CadiException, LocatorException;
+
+ /**
+ * Overload this method to add new TAF or LURs
+ *
+ * @return
+ * @throws CadiException
+ * @throws LocatorException
+ */
+ public Filter[] filters() throws CadiException, LocatorException {
+ return _filters();
+ }
public abstract Registrant<ENV>[] registrants(final int port) throws CadiException, LocatorException;
- // Lazy Instantiation
+ // Lazy Instantiation
public synchronized AAFConHttp aafCon() throws CadiException, LocatorException {
- if(aafCon==null) {
- if(access.getProperty(Config.AAF_URL,null)!=null) {
- aafCon = _newAAFConHttp();
- } else {
- throw new CadiException("AAFCon cannot be constructed without " + Config.AAF_URL);
- }
- }
- return aafCon;
+ if(aafCon==null) {
+ if(access.getProperty(Config.AAF_URL,null)!=null) {
+ aafCon = _newAAFConHttp();
+ } else {
+ throw new CadiException("AAFCon cannot be constructed without " + Config.AAF_URL);
+ }
+ }
+ return aafCon;
}
/**
@@ -136,52 +136,52 @@ public abstract class AbsService<ENV extends BasicEnv, TRANS extends Trans> exte
* @return
* @throws LocatorException
*/
- protected synchronized AAFConHttp _newAAFConHttp() throws CadiException, LocatorException {
- if(aafCon==null) {
- aafCon = new AAFConHttp(access);
- }
- return aafCon;
+ protected synchronized AAFConHttp _newAAFConHttp() throws CadiException, LocatorException {
+ if(aafCon==null) {
+ aafCon = new AAFConHttp(access);
+ }
+ return aafCon;
- }
+ }
// This is a method, so we can overload for AAFAPI
public String aaf_url() {
- return access.getProperty(Config.AAF_URL, null);
+ return access.getProperty(Config.AAF_URL, null);
}
- public Rcli<?> client() throws CadiException {
- return aafCon.client(Config.AAF_DEFAULT_VERSION);
- }
+ public Rcli<?> client() throws CadiException {
+ return aafCon.client(Config.AAF_DEFAULT_VERSION);
+ }
- public Rcli<?> clientAsUser(TaggedPrincipal p) throws CadiException {
- return aafCon.client(Config.AAF_DEFAULT_VERSION).forUser(
- new HTransferSS(p,app_name, aafCon.securityInfo()));
- }
+ public Rcli<?> clientAsUser(TaggedPrincipal p) throws CadiException {
+ return aafCon.client(Config.AAF_DEFAULT_VERSION).forUser(
+ new HTransferSS(p,app_name, aafCon.securityInfo()));
+ }
- public<RET> RET clientAsUser(TaggedPrincipal p,Retryable<RET> retryable) throws APIException, LocatorException, CadiException {
- return aafCon.hman().best(new HTransferSS(p,app_name, aafCon.securityInfo()), retryable);
- }
-
- protected static final String loadFromArgOrSystem(final Properties props, final String tag, final String args[], final String def) {
- String tagEQ = tag + '=';
- String value;
- for(String arg : args) {
- if(arg.startsWith(tagEQ)) {
- props.put(tag, value=arg.substring(tagEQ.length()));
- return value;
- }
- }
- // check System.properties
- value = System.getProperty(tag);
- if(value!=null) {
- props.put(tag, value);
- return value;
- }
-
- if(def!=null) {
- props.put(tag,def);
- }
- return def;
- }
+ public<RET> RET clientAsUser(TaggedPrincipal p,Retryable<RET> retryable) throws APIException, LocatorException, CadiException {
+ return aafCon.hman().best(new HTransferSS(p,app_name, aafCon.securityInfo()), retryable);
+ }
+
+ protected static final String loadFromArgOrSystem(final Properties props, final String tag, final String args[], final String def) {
+ String tagEQ = tag + '=';
+ String value;
+ for(String arg : args) {
+ if(arg.startsWith(tagEQ)) {
+ props.put(tag, value=arg.substring(tagEQ.length()));
+ return value;
+ }
+ }
+ // check System.properties
+ value = System.getProperty(tag);
+ if(value!=null) {
+ props.put(tag, value);
+ return value;
+ }
+
+ if(def!=null) {
+ props.put(tag,def);
+ }
+ return def;
+ }
}
diff --git a/auth/auth-core/src/main/java/org/onap/aaf/auth/server/AbsServiceStarter.java b/auth/auth-core/src/main/java/org/onap/aaf/auth/server/AbsServiceStarter.java
index 1a6c54d7..f14d6c32 100644
--- a/auth/auth-core/src/main/java/org/onap/aaf/auth/server/AbsServiceStarter.java
+++ b/auth/auth-core/src/main/java/org/onap/aaf/auth/server/AbsServiceStarter.java
@@ -29,67 +29,67 @@ import org.onap.aaf.misc.env.Trans;
import org.onap.aaf.misc.rosetta.env.RosettaEnv;
public abstract class AbsServiceStarter<ENV extends RosettaEnv, TRANS extends Trans> implements ServiceStarter {
- private Registrar<ENV> registrar;
- private boolean do_register;
- protected AbsService<ENV,TRANS> service;
+ private Registrar<ENV> registrar;
+ private boolean do_register;
+ protected AbsService<ENV,TRANS> service;
- public AbsServiceStarter(final AbsService<ENV,TRANS> service) {
- this.service = service;
- try {
- OrganizationFactory.init(service.env);
- } catch (OrganizationException e) {
- service.access.log(e, "Missing defined Organzation Plugins");
- System.exit(3);
- }
- // do_register - this is used for specialty Debug Situations. Developer can create an Instance for a remote system
- // for Debugging purposes without fear that real clients will start to call your debug instance
- do_register = !"TRUE".equalsIgnoreCase(access().getProperty("aaf_locate_no_register",null));
- _propertyAdjustment();
- }
-
- public abstract void _start(RServlet<TRANS> rserv) throws Exception;
- public abstract void _propertyAdjustment();
-
- public ENV env() {
- return service.env;
- }
-
- public Access access() {
- return service.access;
- }
+ public AbsServiceStarter(final AbsService<ENV,TRANS> service) {
+ this.service = service;
+ try {
+ OrganizationFactory.init(service.env);
+ } catch (OrganizationException e) {
+ service.access.log(e, "Missing defined Organzation Plugins");
+ System.exit(3);
+ }
+ // do_register - this is used for specialty Debug Situations. Developer can create an Instance for a remote system
+ // for Debugging purposes without fear that real clients will start to call your debug instance
+ do_register = !"TRUE".equalsIgnoreCase(access().getProperty("aaf_locate_no_register",null));
+ _propertyAdjustment();
+ }
+
+ public abstract void _start(RServlet<TRANS> rserv) throws Exception;
+ public abstract void _propertyAdjustment();
+
+ public ENV env() {
+ return service.env;
+ }
+
+ public Access access() {
+ return service.access;
+ }
- @Override
- public final void start() throws Exception {
- _start(service);
- Runtime.getRuntime().addShutdownHook(new Thread() {
- @Override
- public void run() {
- shutdown();
- }
- });
- }
+ @Override
+ public final void start() throws Exception {
+ _start(service);
+ Runtime.getRuntime().addShutdownHook(new Thread() {
+ @Override
+ public void run() {
+ shutdown();
+ }
+ });
+ }
- @SafeVarargs
- public final synchronized void register(final Registrant<ENV> ... registrants) {
- if(do_register) {
- if(registrar==null) {
- registrar = new Registrar<ENV>(env(),false);
- }
- for(Registrant<ENV> r : registrants) {
- registrar.register(r);
- }
- }
- }
+ @SafeVarargs
+ public final synchronized void register(final Registrant<ENV> ... registrants) {
+ if(do_register) {
+ if(registrar==null) {
+ registrar = new Registrar<ENV>(env(),false);
+ }
+ for(Registrant<ENV> r : registrants) {
+ registrar.register(r);
+ }
+ }
+ }
- @Override
+ @Override
public void shutdown() {
- if(registrar!=null) {
- registrar.close(env());
- registrar=null;
- }
- if(service!=null) {
- service.destroy();
- }
+ if(registrar!=null) {
+ registrar.close(env());
+ registrar=null;
+ }
+ if(service!=null) {
+ service.destroy();
+ }
}
}
diff --git a/auth/auth-core/src/main/java/org/onap/aaf/auth/server/JettyServiceStarter.java b/auth/auth-core/src/main/java/org/onap/aaf/auth/server/JettyServiceStarter.java
index cefc7a23..a0dafed1 100644
--- a/auth/auth-core/src/main/java/org/onap/aaf/auth/server/JettyServiceStarter.java
+++ b/auth/auth-core/src/main/java/org/onap/aaf/auth/server/JettyServiceStarter.java
@@ -57,213 +57,213 @@ import org.onap.aaf.misc.rosetta.env.RosettaEnv;
public class JettyServiceStarter<ENV extends RosettaEnv, TRANS extends Trans> extends AbsServiceStarter<ENV,TRANS> {
- private boolean secure;
+ private boolean secure;
- public JettyServiceStarter(final AbsService<ENV,TRANS> service) throws OrganizationException {
- super(service);
- secure = true;
- }
-
- /**
- * Specifically set this Service starter to Insecure (HTTP) Mode.
- * @return
- */
- public JettyServiceStarter<ENV,TRANS> insecure() {
- secure = false;
- return this;
- }
+ public JettyServiceStarter(final AbsService<ENV,TRANS> service) throws OrganizationException {
+ super(service);
+ secure = true;
+ }
+
+ /**
+ * Specifically set this Service starter to Insecure (HTTP) Mode.
+ * @return
+ */
+ public JettyServiceStarter<ENV,TRANS> insecure() {
+ secure = false;
+ return this;
+ }
-// @Override
-// public void _propertyAdjustment() {
-// Properties props = access().getProperties();
-// Object temp = null;
-// // Critical - if no Security Protocols set, then set it. We'll just get messed up if not
-// if((temp=props.get(Config.CADI_PROTOCOLS))==null) {
-// if((temp=props.get(Config.HTTPS_PROTOCOLS))==null) {
-// props.put(Config.CADI_PROTOCOLS, SecurityInfo.HTTPS_PROTOCOLS_DEFAULT);
-// } else {
-// props.put(Config.CADI_PROTOCOLS, temp);
-// }
-// }
-//
-// if("1.7".equals(System.getProperty("java.specification.version"))) {
-// System.setProperty(Config.HTTPS_CIPHER_SUITES, Config.HTTPS_CIPHER_SUITES_DEFAULT);
-// }
-// System.setProperty(Config.HTTPS_CIPHER_SUITES, temp.toString());
-// }
+// @Override
+// public void _propertyAdjustment() {
+// Properties props = access().getProperties();
+// Object temp = null;
+// // Critical - if no Security Protocols set, then set it. We'll just get messed up if not
+// if((temp=props.get(Config.CADI_PROTOCOLS))==null) {
+// if((temp=props.get(Config.HTTPS_PROTOCOLS))==null) {
+// props.put(Config.CADI_PROTOCOLS, SecurityInfo.HTTPS_PROTOCOLS_DEFAULT);
+// } else {
+// props.put(Config.CADI_PROTOCOLS, temp);
+// }
+// }
+//
+// if("1.7".equals(System.getProperty("java.specification.version"))) {
+// System.setProperty(Config.HTTPS_CIPHER_SUITES, Config.HTTPS_CIPHER_SUITES_DEFAULT);
+// }
+// System.setProperty(Config.HTTPS_CIPHER_SUITES, temp.toString());
+// }
- @Override
- public void _propertyAdjustment() {
-// System.setProperty("com.sun.management.jmxremote.port", "8081");
- Properties props = access().getProperties();
- Object httpproto = null;
- // Critical - if no Security Protocols set, then set it. We'll just get messed up if not
- if((httpproto=props.get(Config.CADI_PROTOCOLS))==null) {
- if((httpproto=props.get(Config.HTTPS_PROTOCOLS))==null) {
- props.put(Config.CADI_PROTOCOLS, (httpproto=SecurityInfo.HTTPS_PROTOCOLS_DEFAULT));
- } else {
- props.put(Config.CADI_PROTOCOLS, httpproto);
- }
- }
-
- if("1.7".equals(System.getProperty("java.specification.version")) && (httpproto==null || (httpproto instanceof String && ((String)httpproto).contains("TLSv1.2")))) {
- System.setProperty(Config.HTTPS_CIPHER_SUITES, Config.HTTPS_CIPHER_SUITES_DEFAULT);
- }
- }
+ @Override
+ public void _propertyAdjustment() {
+// System.setProperty("com.sun.management.jmxremote.port", "8081");
+ Properties props = access().getProperties();
+ Object httpproto = null;
+ // Critical - if no Security Protocols set, then set it. We'll just get messed up if not
+ if((httpproto=props.get(Config.CADI_PROTOCOLS))==null) {
+ if((httpproto=props.get(Config.HTTPS_PROTOCOLS))==null) {
+ props.put(Config.CADI_PROTOCOLS, (httpproto=SecurityInfo.HTTPS_PROTOCOLS_DEFAULT));
+ } else {
+ props.put(Config.CADI_PROTOCOLS, httpproto);
+ }
+ }
+
+ if("1.7".equals(System.getProperty("java.specification.version")) && (httpproto==null || (httpproto instanceof String && ((String)httpproto).contains("TLSv1.2")))) {
+ System.setProperty(Config.HTTPS_CIPHER_SUITES, Config.HTTPS_CIPHER_SUITES_DEFAULT);
+ }
+ }
- @Override
- public void _start(RServlet<TRANS> rserv) throws Exception {
- String hostname = access().getProperty(Config.HOSTNAME, null);
- if(hostname==null) {
- hostname = Inet4Address.getLocalHost().getHostName();
- }
- final int port = Integer.parseInt(access().getProperty("port","0"));
- final String keystore = access().getProperty(Config.CADI_KEYSTORE, null);
- final int IDLE_TIMEOUT = Integer.parseInt(access().getProperty(Config.AAF_CONN_IDLE_TIMEOUT, Config.AAF_CONN_IDLE_TIMEOUT_DEF));
- Server server = new Server();
-
- ServerConnector conn;
- String protocol;
- if(!secure || keystore==null) {
- conn = new ServerConnector(server);
- protocol = "http";
- } else {
- protocol = "https";
+ @Override
+ public void _start(RServlet<TRANS> rserv) throws Exception {
+ String hostname = access().getProperty(Config.HOSTNAME, null);
+ if(hostname==null) {
+ hostname = Inet4Address.getLocalHost().getHostName();
+ }
+ final int port = Integer.parseInt(access().getProperty("port","0"));
+ final String keystore = access().getProperty(Config.CADI_KEYSTORE, null);
+ final int IDLE_TIMEOUT = Integer.parseInt(access().getProperty(Config.AAF_CONN_IDLE_TIMEOUT, Config.AAF_CONN_IDLE_TIMEOUT_DEF));
+ Server server = new Server();
+
+ ServerConnector conn;
+ String protocol;
+ if(!secure || keystore==null) {
+ conn = new ServerConnector(server);
+ protocol = "http";
+ } else {
+ protocol = "https";
- String keystorePassword = access().getProperty(Config.CADI_KEYSTORE_PASSWORD, null);
- if(keystorePassword==null) {
- throw new CadiException("No Keystore Password configured for " + keystore);
- }
- SslContextFactory sslContextFactory = new SslContextFactory();
- sslContextFactory.setKeyStorePath(keystore);
- String temp;
- sslContextFactory.setKeyStorePassword(temp=access().decrypt(keystorePassword, true)); // don't allow unencrypted
- sslContextFactory.setKeyManagerPassword(temp);
- temp=null; // don't leave lying around
-
- String truststore = access().getProperty(Config.CADI_TRUSTSTORE, null);
- if(truststore!=null) {
- String truststorePassword = access().getProperty(Config.CADI_TRUSTSTORE_PASSWORD, null);
- if(truststorePassword==null) {
- throw new CadiException("No Truststore Password configured for " + truststore);
- }
- sslContextFactory.setTrustStorePath(truststore);
- sslContextFactory.setTrustStorePassword(access().decrypt(truststorePassword, true));
- }
- // Be able to accept only certain protocols, i.e. TLSv1.1+
- final String[] protocols = Split.splitTrim(',', access().getProperty(Config.CADI_PROTOCOLS, SecurityInfo.HTTPS_PROTOCOLS_DEFAULT));
- sslContextFactory.setIncludeProtocols(protocols);
-
- // Want to use Client Certificates, if they exist.
- sslContextFactory.setWantClientAuth(true);
-
- // Optional future checks.
- // sslContextFactory.setValidateCerts(true);
- // sslContextFactory.setValidatePeerCerts(true);
- // sslContextFactory.setEnableCRLDP(false);
- // sslContextFactory.setEnableOCSP(false);
- String certAlias = access().getProperty(Config.CADI_ALIAS, null);
- if(certAlias!=null) {
- sslContextFactory.setCertAlias(certAlias);
- }
-
- HttpConfiguration httpConfig = new HttpConfiguration();
- httpConfig.setSecureScheme(protocol);
- httpConfig.setSecurePort(port);
- httpConfig.addCustomizer(new SecureRequestCustomizer());
- // httpConfig.setOutputBufferSize(32768); Not sure why take this setting
-
- conn = new ServerConnector(server,
- new SslConnectionFactory(sslContextFactory,HttpVersion.HTTP_1_1.asString()),
- new HttpConnectionFactory(httpConfig)
- );
- }
-
- // Setup JMX
- // TODO trying to figure out how to set up/log ports
-// MBeanServer mbeanServer = ManagementFactory.getPlatformMBeanServer();
-// MBeanContainer mbContainer=new MBeanContainer(mbeanServer);
-// server.addEventListener(mbContainer);
-// server.addBean(mbContainer);
-
- // Add loggers MBean to server (will be picked up by MBeanContainer above)
-// server.addBean(Log.getLog());
-
- conn.setHost(hostname);
- conn.setPort(port);
- conn.setIdleTimeout(IDLE_TIMEOUT);
- server.addConnector(conn);
-
- server.setHandler(new AbstractHandler() {
- private FilterChain fc = buildFilterChain(service,new FilterChain() {
- @Override
- public void doFilter(ServletRequest req, ServletResponse resp) throws IOException, ServletException {
- rserv.service(req, resp);
- }
- });
-
- @Override
- public void handle(String target, Request baseRequest, HttpServletRequest hreq, HttpServletResponse hresp) throws IOException, ServletException {
- try {
- fc.doFilter(hreq,hresp);
- } catch (Exception e) {
- service.access.log(e, "Error Processing " + target);
- hresp.setStatus(500 /* Service Error */);
- }
- baseRequest.setHandled(true);
- }
- }
- );
-
- try {
- access().printf(Level.INIT, "Starting service on %s:%d (%s)",hostname,port,InetAddress.getLocalHost().getHostAddress());
- server.start();
- access().log(Level.INIT,server.dump());
- } catch (Exception e) {
- access().log(e,"Error starting " + service.app_name);
- String doExit = access().getProperty("cadi_exitOnFailure", "true");
- if (doExit == "true") {
- System.exit(1);
- } else {
- throw e;
- }
- }
- try {
- register(service.registrants(port));
- access().printf(Level.INIT, "Starting Jetty Service for %s, version %s, on %s://%s:%d", service.app_name,service.app_version,protocol,hostname,port);
- server.join();
- } catch(Exception e) {
- access().log(e,"Error registering " + service.app_name);
- String doExit = access().getProperty("cadi_exitOnFailure", "true");
- if (doExit == "true") {
- System.exit(1);
- } else {
- throw e;
- }
- }
- }
+ String keystorePassword = access().getProperty(Config.CADI_KEYSTORE_PASSWORD, null);
+ if(keystorePassword==null) {
+ throw new CadiException("No Keystore Password configured for " + keystore);
+ }
+ SslContextFactory sslContextFactory = new SslContextFactory();
+ sslContextFactory.setKeyStorePath(keystore);
+ String temp;
+ sslContextFactory.setKeyStorePassword(temp=access().decrypt(keystorePassword, true)); // don't allow unencrypted
+ sslContextFactory.setKeyManagerPassword(temp);
+ temp=null; // don't leave lying around
+
+ String truststore = access().getProperty(Config.CADI_TRUSTSTORE, null);
+ if(truststore!=null) {
+ String truststorePassword = access().getProperty(Config.CADI_TRUSTSTORE_PASSWORD, null);
+ if(truststorePassword==null) {
+ throw new CadiException("No Truststore Password configured for " + truststore);
+ }
+ sslContextFactory.setTrustStorePath(truststore);
+ sslContextFactory.setTrustStorePassword(access().decrypt(truststorePassword, true));
+ }
+ // Be able to accept only certain protocols, i.e. TLSv1.1+
+ final String[] protocols = Split.splitTrim(',', access().getProperty(Config.CADI_PROTOCOLS, SecurityInfo.HTTPS_PROTOCOLS_DEFAULT));
+ sslContextFactory.setIncludeProtocols(protocols);
+
+ // Want to use Client Certificates, if they exist.
+ sslContextFactory.setWantClientAuth(true);
+
+ // Optional future checks.
+ // sslContextFactory.setValidateCerts(true);
+ // sslContextFactory.setValidatePeerCerts(true);
+ // sslContextFactory.setEnableCRLDP(false);
+ // sslContextFactory.setEnableOCSP(false);
+ String certAlias = access().getProperty(Config.CADI_ALIAS, null);
+ if(certAlias!=null) {
+ sslContextFactory.setCertAlias(certAlias);
+ }
+
+ HttpConfiguration httpConfig = new HttpConfiguration();
+ httpConfig.setSecureScheme(protocol);
+ httpConfig.setSecurePort(port);
+ httpConfig.addCustomizer(new SecureRequestCustomizer());
+ // httpConfig.setOutputBufferSize(32768); Not sure why take this setting
+
+ conn = new ServerConnector(server,
+ new SslConnectionFactory(sslContextFactory,HttpVersion.HTTP_1_1.asString()),
+ new HttpConnectionFactory(httpConfig)
+ );
+ }
+
+ // Setup JMX
+ // TODO trying to figure out how to set up/log ports
+// MBeanServer mbeanServer = ManagementFactory.getPlatformMBeanServer();
+// MBeanContainer mbContainer=new MBeanContainer(mbeanServer);
+// server.addEventListener(mbContainer);
+// server.addBean(mbContainer);
+
+ // Add loggers MBean to server (will be picked up by MBeanContainer above)
+// server.addBean(Log.getLog());
+
+ conn.setHost(hostname);
+ conn.setPort(port);
+ conn.setIdleTimeout(IDLE_TIMEOUT);
+ server.addConnector(conn);
+
+ server.setHandler(new AbstractHandler() {
+ private FilterChain fc = buildFilterChain(service,new FilterChain() {
+ @Override
+ public void doFilter(ServletRequest req, ServletResponse resp) throws IOException, ServletException {
+ rserv.service(req, resp);
+ }
+ });
+
+ @Override
+ public void handle(String target, Request baseRequest, HttpServletRequest hreq, HttpServletResponse hresp) throws IOException, ServletException {
+ try {
+ fc.doFilter(hreq,hresp);
+ } catch (Exception e) {
+ service.access.log(e, "Error Processing " + target);
+ hresp.setStatus(500 /* Service Error */);
+ }
+ baseRequest.setHandled(true);
+ }
+ }
+ );
+
+ try {
+ access().printf(Level.INIT, "Starting service on %s:%d (%s)",hostname,port,InetAddress.getLocalHost().getHostAddress());
+ server.start();
+ access().log(Level.INIT,server.dump());
+ } catch (Exception e) {
+ access().log(e,"Error starting " + service.app_name);
+ String doExit = access().getProperty("cadi_exitOnFailure", "true");
+ if (doExit == "true") {
+ System.exit(1);
+ } else {
+ throw e;
+ }
+ }
+ try {
+ register(service.registrants(port));
+ access().printf(Level.INIT, "Starting Jetty Service for %s, version %s, on %s://%s:%d", service.app_name,service.app_version,protocol,hostname,port);
+ server.join();
+ } catch(Exception e) {
+ access().log(e,"Error registering " + service.app_name);
+ String doExit = access().getProperty("cadi_exitOnFailure", "true");
+ if (doExit == "true") {
+ System.exit(1);
+ } else {
+ throw e;
+ }
+ }
+ }
- private FilterChain buildFilterChain(final AbsService<?,?> as, final FilterChain doLast) throws CadiException, LocatorException {
- Filter[] filters = as.filters();
- FilterChain fc = doLast;
- for(int i=filters.length-1;i>=0;--i) {
- fc = new FCImpl(filters[i],fc);
- }
- return fc;
- }
-
- private class FCImpl implements FilterChain {
- private Filter f;
- private FilterChain next;
-
- public FCImpl(final Filter f, final FilterChain fc) {
- this.f=f;
- next = fc;
-
- }
- @Override
- public void doFilter(ServletRequest req, ServletResponse resp) throws IOException, ServletException {
- f.doFilter(req,resp, next);
- }
- }
+ private FilterChain buildFilterChain(final AbsService<?,?> as, final FilterChain doLast) throws CadiException, LocatorException {
+ Filter[] filters = as.filters();
+ FilterChain fc = doLast;
+ for(int i=filters.length-1;i>=0;--i) {
+ fc = new FCImpl(filters[i],fc);
+ }
+ return fc;
+ }
+
+ private class FCImpl implements FilterChain {
+ private Filter f;
+ private FilterChain next;
+
+ public FCImpl(final Filter f, final FilterChain fc) {
+ this.f=f;
+ next = fc;
+
+ }
+ @Override
+ public void doFilter(ServletRequest req, ServletResponse resp) throws IOException, ServletException {
+ f.doFilter(req,resp, next);
+ }
+ }
}
diff --git a/auth/auth-core/src/main/java/org/onap/aaf/auth/server/Log4JLogIt.java b/auth/auth-core/src/main/java/org/onap/aaf/auth/server/Log4JLogIt.java
index 3fb250f9..31b76395 100644
--- a/auth/auth-core/src/main/java/org/onap/aaf/auth/server/Log4JLogIt.java
+++ b/auth/auth-core/src/main/java/org/onap/aaf/auth/server/Log4JLogIt.java
@@ -33,104 +33,104 @@ import org.onap.aaf.misc.env.APIException;
import org.onap.aaf.misc.env.log4j.LogFileNamer;
public class Log4JLogIt implements LogIt {
- protected static final String AAF_LOG4J_PREFIX = "aaf_log4j_prefix";
+ protected static final String AAF_LOG4J_PREFIX = "aaf_log4j_prefix";
- // Sonar says cannot be static... it's ok. not too many PropAccesses created.
- private final SimpleDateFormat iso8601 = new SimpleDateFormat("yyyy-MM-dd'T'HH:mm:ss.SSSZ");
-
- private final String service;
- private final String audit;
- private final String init;
- private final String trace;
+ // Sonar says cannot be static... it's ok. not too many PropAccesses created.
+ private final SimpleDateFormat iso8601 = new SimpleDateFormat("yyyy-MM-dd'T'HH:mm:ss.SSSZ");
+
+ private final String service;
+ private final String audit;
+ private final String init;
+ private final String trace;
- private final Logger lservice;
- private final Logger laudit;
- private final Logger linit;
- private final Logger ltrace;
+ private final Logger lservice;
+ private final Logger laudit;
+ private final Logger linit;
+ private final Logger ltrace;
- public Log4JLogIt(final String[] args, final String root) throws APIException {
- String propsFile = getArgOrVM(AAF_LOG4J_PREFIX, args, "org.osaaf.aaf")+".log4j.props";
- String log_dir = getArgOrVM(Config.CADI_LOGDIR,args,"/opt/app/osaaf/logs");
- String etc_dir = getArgOrVM(Config.CADI_ETCDIR,args,"/opt/app/osaaf/etc");
- String log_level = getArgOrVM(Config.CADI_LOGLEVEL,args,"INFO");
- File logs = new File(log_dir);
- if(!logs.isDirectory()) {
- logs.delete();
- }
- if(!logs.exists()) {
- logs.mkdirs();
- }
+ public Log4JLogIt(final String[] args, final String root) throws APIException {
+ String propsFile = getArgOrVM(AAF_LOG4J_PREFIX, args, "org.osaaf.aaf")+".log4j.props";
+ String log_dir = getArgOrVM(Config.CADI_LOGDIR,args,"/opt/app/osaaf/logs");
+ String etc_dir = getArgOrVM(Config.CADI_ETCDIR,args,"/opt/app/osaaf/etc");
+ String log_level = getArgOrVM(Config.CADI_LOGLEVEL,args,"INFO");
+ File logs = new File(log_dir);
+ if(!logs.isDirectory()) {
+ logs.delete();
+ }
+ if(!logs.exists()) {
+ logs.mkdirs();
+ }
- if(System.getProperty("log4j.configuration")==null) {
- System.setProperty("log4j.configuration", etc_dir+'/'+propsFile);
- }
- LogFileNamer lfn = new LogFileNamer(log_dir,root);
- try {
- service=lfn.setAppender("service"); // when name is split, i.e. authz|service, the Appender is "authz", and "service"
- audit=lfn.setAppender("audit"); // is part of the log-file name
- init=lfn.setAppender("init");
- trace=lfn.setAppender("trace");
+ if(System.getProperty("log4j.configuration")==null) {
+ System.setProperty("log4j.configuration", etc_dir+'/'+propsFile);
+ }
+ LogFileNamer lfn = new LogFileNamer(log_dir,root);
+ try {
+ service=lfn.setAppender("service"); // when name is split, i.e. authz|service, the Appender is "authz", and "service"
+ audit=lfn.setAppender("audit"); // is part of the log-file name
+ init=lfn.setAppender("init");
+ trace=lfn.setAppender("trace");
- lservice = Logger.getLogger(service);
- laudit = Logger.getLogger(audit);
- linit = Logger.getLogger(init);
- ltrace = Logger.getLogger(trace);
-
- lfn.configure(etc_dir,propsFile, log_level);
- } catch (IOException e) {
- throw new APIException(e);
- }
- }
-
- private static final String getArgOrVM(final String tag, final String args[], final String def) {
- String tagEQ = tag + '=';
- String value;
- for(String arg : args) {
- if(arg.startsWith(tagEQ)) {
- return arg.substring(tagEQ.length());
- }
- }
- // check System.properties
- value = System.getProperty(tag);
- if(value!=null) {
- return value;
- }
-
- return def;
- }
+ lservice = Logger.getLogger(service);
+ laudit = Logger.getLogger(audit);
+ linit = Logger.getLogger(init);
+ ltrace = Logger.getLogger(trace);
+
+ lfn.configure(etc_dir,propsFile, log_level);
+ } catch (IOException e) {
+ throw new APIException(e);
+ }
+ }
+
+ private static final String getArgOrVM(final String tag, final String args[], final String def) {
+ String tagEQ = tag + '=';
+ String value;
+ for(String arg : args) {
+ if(arg.startsWith(tagEQ)) {
+ return arg.substring(tagEQ.length());
+ }
+ }
+ // check System.properties
+ value = System.getProperty(tag);
+ if(value!=null) {
+ return value;
+ }
+
+ return def;
+ }
- @Override
- public void push(Level level, Object... elements) {
- switch(level) {
- case AUDIT:
- laudit.warn(PropAccess.buildMsg(audit, iso8601, level, elements));
- break;
- case INIT:
- linit.warn(PropAccess.buildMsg(init, iso8601, level, elements));
- break;
- case ERROR:
- lservice.error(PropAccess.buildMsg(service, iso8601, level, elements));
- break;
- case WARN:
- lservice.warn(PropAccess.buildMsg(service, iso8601, level, elements));
- break;
- case INFO:
- lservice.info(PropAccess.buildMsg(service, iso8601, level, elements));
- break;
- case DEBUG:
- lservice.debug(PropAccess.buildMsg(service, iso8601, level, elements));
- break;
- case TRACE:
- ltrace.trace(PropAccess.buildMsg(service, iso8601, level, elements));
- break;
- case NONE:
- break;
- default:
- lservice.info(PropAccess.buildMsg(service, iso8601, level, elements));
- break;
-
- }
+ @Override
+ public void push(Level level, Object... elements) {
+ switch(level) {
+ case AUDIT:
+ laudit.warn(PropAccess.buildMsg(audit, iso8601, level, elements));
+ break;
+ case INIT:
+ linit.warn(PropAccess.buildMsg(init, iso8601, level, elements));
+ break;
+ case ERROR:
+ lservice.error(PropAccess.buildMsg(service, iso8601, level, elements));
+ break;
+ case WARN:
+ lservice.warn(PropAccess.buildMsg(service, iso8601, level, elements));
+ break;
+ case INFO:
+ lservice.info(PropAccess.buildMsg(service, iso8601, level, elements));
+ break;
+ case DEBUG:
+ lservice.debug(PropAccess.buildMsg(service, iso8601, level, elements));
+ break;
+ case TRACE:
+ ltrace.trace(PropAccess.buildMsg(service, iso8601, level, elements));
+ break;
+ case NONE:
+ break;
+ default:
+ lservice.info(PropAccess.buildMsg(service, iso8601, level, elements));
+ break;
+
+ }
- }
+ }
}
diff --git a/auth/auth-core/src/main/java/org/onap/aaf/auth/server/ServiceStarter.java b/auth/auth-core/src/main/java/org/onap/aaf/auth/server/ServiceStarter.java
index 529d2d35..6f2d4cb9 100644
--- a/auth/auth-core/src/main/java/org/onap/aaf/auth/server/ServiceStarter.java
+++ b/auth/auth-core/src/main/java/org/onap/aaf/auth/server/ServiceStarter.java
@@ -21,6 +21,6 @@
package org.onap.aaf.auth.server;
public interface ServiceStarter {
- public void start() throws Exception;
- public void shutdown();
+ public void start() throws Exception;
+ public void shutdown();
}
diff --git a/auth/auth-core/src/main/java/org/onap/aaf/auth/validation/Validator.java b/auth/auth-core/src/main/java/org/onap/aaf/auth/validation/Validator.java
index 8302e771..eb721285 100644
--- a/auth/auth-core/src/main/java/org/onap/aaf/auth/validation/Validator.java
+++ b/auth/auth-core/src/main/java/org/onap/aaf/auth/validation/Validator.java
@@ -29,182 +29,182 @@ import org.onap.aaf.auth.layer.Result;
public class Validator {
- private static final String ESSENTIAL = "\\x25\\x28\\x29\\x2C-\\x2E\\x30-\\x39\\x3D\\x40-\\x5A\\x5F\\x61-\\x7A";
- private static final Pattern ESSENTIAL_CHARS = Pattern.compile("["+ESSENTIAL+"]+");
- public static final Pattern ACTION_CHARS = Pattern.compile(
- "["+ESSENTIAL+"]+" + // All AlphaNumeric+
- "|\\*" // Just Star
- );
- public static final Pattern INST_CHARS = Pattern.compile(
- "["+ESSENTIAL+"]+[\\*]*" + // All AlphaNumeric+ possibly ending with *
- "|\\*" + // Just Star
- "|(([:/]\\*)|([:/][!]{0,1}["+ESSENTIAL+"]+[\\*]*[:/]*))+" // Key :asdf:*:sdf*:sdk
- );
- public static final Pattern ID_CHARS = Pattern.compile("[\\w.-]+@[\\w.-]+");
- public static final Pattern NAME_CHARS = Pattern.compile("[\\w.-]+");
- public static final Pattern DESC_CHAR = Pattern.compile("["+ESSENTIAL+"\\x20]+");
- protected static List<String> nsKeywords;
- private final Pattern actionChars;
- private final Pattern instChars;
- private StringBuilder msgs;
-
- static {
- nsKeywords = new ArrayList<>();
- nsKeywords.add(".access");
- nsKeywords.add(".owner");
- nsKeywords.add(".admin");
- nsKeywords.add(".member");
- nsKeywords.add(".perm");
- nsKeywords.add(".role");
- nsKeywords.add(".ns");
- nsKeywords.add(".cred");
- }
-
- public Validator() {
- actionChars = ACTION_CHARS;
- instChars = INST_CHARS;
- }
-
- public final String errs() {
- return msgs.toString();
- }
-
- public final Validator nullOrBlank(String name, String str) {
- if(str==null) {
- msg(name + " is null.");
- } else if(str.length()==0) {
- msg(name + " is blank.");
- }
- return this;
- }
-
- public final Validator isNull(String name, Object o) {
- if(o==null) {
- msg(name + " is null.");
- }
- return this;
- }
-
- protected final boolean noMatch(String str, Pattern p) {
- return !p.matcher(str).matches();
- }
- protected final boolean nob(String str, Pattern p) {
- return str==null || !p.matcher(str).matches();
- }
-
- protected final void msg(String ... strs) {
- if(msgs==null) {
- msgs=new StringBuilder();
- }
- for(String str : strs) {
- msgs.append(str);
- }
- msgs.append('\n');
- }
-
- public final boolean err() {
- return msgs!=null;
- }
-
- public final Validator notOK(Result<?> res) {
- if(res==null) {
- msgs.append("Result object is blank");
- } else if(res.notOK()) {
- msgs.append(res.getClass().getSimpleName()).append(" is not OK");
- }
- return this;
- }
-
- protected Validator intRange(String text, int target, int start, int end) {
- if(target<start || target>end) {
- msg(text + " is out of range (" + start + '-' + end + ')');
- }
- return this;
- }
-
- protected Validator floatRange(String text, float target, float start, float end) {
- if(target<start || target>end) {
- msg(text + " is out of range (" + start + '-' + end + ')');
- }
- return this;
- }
-
- protected Validator description(String type, String description) {
- if (description != null && noMatch(description, DESC_CHAR)) {
- msg(type + " Description is invalid.");
- }
- return this;
- }
-
- public final Validator permType(String type) {
- if(nob(type,NAME_CHARS)) {
- msg("Perm Type [" +type + "] is invalid.");
- }
- return this;
- }
-
- public final Validator permType(String type, String ns) {
- if(type==null) {
- msg("Perm Type is null");
- } else if(ns==null) {
- msg("Perm NS is null");
- } else if(nob(type,NAME_CHARS)) {
- msg("Perm Type [" + (ns+(type.length()==0?"":'.')) + type + "] is invalid.");
- }
- return this;
- }
-
- public final Validator permInstance(String instance) {
- if(nob(instance,instChars)) {
- msg("Perm Instance [" + instance + "] is invalid.");
- }
- return this;
- }
-
- public final Validator permAction(String action) {
- // TODO check for correct Splits? Type|Instance|Action ?
- if(nob(action, actionChars)) {
- msg("Perm Action [" + action + "] is invalid.");
- }
- return this;
- }
-
- public final Validator role(String role) {
- if(nob(role, NAME_CHARS)) {
- msg("Role [" + role + "] is invalid.");
- }
- return this;
- }
-
- public final Validator ns(String ns) {
- if(ns==null) {
- msg("NS is null");
- return this;
- } else if(nob(ns,NAME_CHARS)) {
- msg("NS [" + ns + "] is invalid.");
- }
- for(String s : nsKeywords) {
- if(ns.endsWith(s)) {
- msg("NS [" + ns + "] may not be named with NS keywords");
- break;
- }
- }
- return this;
- }
-
- public final Validator key(String key) {
- if(nob(key,NAME_CHARS)) {
- msg("NS Prop Key [" + key + "] is invalid");
- }
- return this;
- }
-
- public final Validator value(String value) {
- if(nob(value,ESSENTIAL_CHARS)) {
- msg("NS Prop value [" + value + "] is invalid");
- }
- return this;
- }
+ private static final String ESSENTIAL = "\\x25\\x28\\x29\\x2C-\\x2E\\x30-\\x39\\x3D\\x40-\\x5A\\x5F\\x61-\\x7A";
+ private static final Pattern ESSENTIAL_CHARS = Pattern.compile("["+ESSENTIAL+"]+");
+ public static final Pattern ACTION_CHARS = Pattern.compile(
+ "["+ESSENTIAL+"]+" + // All AlphaNumeric+
+ "|\\*" // Just Star
+ );
+ public static final Pattern INST_CHARS = Pattern.compile(
+ "["+ESSENTIAL+"]+[\\*]*" + // All AlphaNumeric+ possibly ending with *
+ "|\\*" + // Just Star
+ "|(([:/]\\*)|([:/][!]{0,1}["+ESSENTIAL+"]+[\\*]*[:/]*))+" // Key :asdf:*:sdf*:sdk
+ );
+ public static final Pattern ID_CHARS = Pattern.compile("[\\w.-]+@[\\w.-]+");
+ public static final Pattern NAME_CHARS = Pattern.compile("[\\w.-]+");
+ public static final Pattern DESC_CHAR = Pattern.compile("["+ESSENTIAL+"\\x20]+");
+ protected static List<String> nsKeywords;
+ private final Pattern actionChars;
+ private final Pattern instChars;
+ private StringBuilder msgs;
+
+ static {
+ nsKeywords = new ArrayList<>();
+ nsKeywords.add(".access");
+ nsKeywords.add(".owner");
+ nsKeywords.add(".admin");
+ nsKeywords.add(".member");
+ nsKeywords.add(".perm");
+ nsKeywords.add(".role");
+ nsKeywords.add(".ns");
+ nsKeywords.add(".cred");
+ }
+
+ public Validator() {
+ actionChars = ACTION_CHARS;
+ instChars = INST_CHARS;
+ }
+
+ public final String errs() {
+ return msgs.toString();
+ }
+
+ public final Validator nullOrBlank(String name, String str) {
+ if(str==null) {
+ msg(name + " is null.");
+ } else if(str.length()==0) {
+ msg(name + " is blank.");
+ }
+ return this;
+ }
+
+ public final Validator isNull(String name, Object o) {
+ if(o==null) {
+ msg(name + " is null.");
+ }
+ return this;
+ }
+
+ protected final boolean noMatch(String str, Pattern p) {
+ return !p.matcher(str).matches();
+ }
+ protected final boolean nob(String str, Pattern p) {
+ return str==null || !p.matcher(str).matches();
+ }
+
+ protected final void msg(String ... strs) {
+ if(msgs==null) {
+ msgs=new StringBuilder();
+ }
+ for(String str : strs) {
+ msgs.append(str);
+ }
+ msgs.append('\n');
+ }
+
+ public final boolean err() {
+ return msgs!=null;
+ }
+
+ public final Validator notOK(Result<?> res) {
+ if(res==null) {
+ msgs.append("Result object is blank");
+ } else if(res.notOK()) {
+ msgs.append(res.getClass().getSimpleName()).append(" is not OK");
+ }
+ return this;
+ }
+
+ protected Validator intRange(String text, int target, int start, int end) {
+ if(target<start || target>end) {
+ msg(text + " is out of range (" + start + '-' + end + ')');
+ }
+ return this;
+ }
+
+ protected Validator floatRange(String text, float target, float start, float end) {
+ if(target<start || target>end) {
+ msg(text + " is out of range (" + start + '-' + end + ')');
+ }
+ return this;
+ }
+
+ protected Validator description(String type, String description) {
+ if (description != null && noMatch(description, DESC_CHAR)) {
+ msg(type + " Description is invalid.");
+ }
+ return this;
+ }
+
+ public final Validator permType(String type) {
+ if(nob(type,NAME_CHARS)) {
+ msg("Perm Type [" +type + "] is invalid.");
+ }
+ return this;
+ }
+
+ public final Validator permType(String type, String ns) {
+ if(type==null) {
+ msg("Perm Type is null");
+ } else if(ns==null) {
+ msg("Perm NS is null");
+ } else if(nob(type,NAME_CHARS)) {
+ msg("Perm Type [" + (ns+(type.length()==0?"":'.')) + type + "] is invalid.");
+ }
+ return this;
+ }
+
+ public final Validator permInstance(String instance) {
+ if(nob(instance,instChars)) {
+ msg("Perm Instance [" + instance + "] is invalid.");
+ }
+ return this;
+ }
+
+ public final Validator permAction(String action) {
+ // TODO check for correct Splits? Type|Instance|Action ?
+ if(nob(action, actionChars)) {
+ msg("Perm Action [" + action + "] is invalid.");
+ }
+ return this;
+ }
+
+ public final Validator role(String role) {
+ if(nob(role, NAME_CHARS)) {
+ msg("Role [" + role + "] is invalid.");
+ }
+ return this;
+ }
+
+ public final Validator ns(String ns) {
+ if(ns==null) {
+ msg("NS is null");
+ return this;
+ } else if(nob(ns,NAME_CHARS)) {
+ msg("NS [" + ns + "] is invalid.");
+ }
+ for(String s : nsKeywords) {
+ if(ns.endsWith(s)) {
+ msg("NS [" + ns + "] may not be named with NS keywords");
+ break;
+ }
+ }
+ return this;
+ }
+
+ public final Validator key(String key) {
+ if(nob(key,NAME_CHARS)) {
+ msg("NS Prop Key [" + key + "] is invalid");
+ }
+ return this;
+ }
+
+ public final Validator value(String value) {
+ if(nob(value,ESSENTIAL_CHARS)) {
+ msg("NS Prop value [" + value + "] is invalid");
+ }
+ return this;
+ }
}
diff --git a/auth/auth-core/src/test/java/org/onap/aaf/auth/common/test/JU_Define.java b/auth/auth-core/src/test/java/org/onap/aaf/auth/common/test/JU_Define.java
index 0f986f24..68f359c5 100644
--- a/auth/auth-core/src/test/java/org/onap/aaf/auth/common/test/JU_Define.java
+++ b/auth/auth-core/src/test/java/org/onap/aaf/auth/common/test/JU_Define.java
@@ -37,48 +37,48 @@ import org.powermock.modules.junit4.PowerMockRunner;
@RunWith(PowerMockRunner.class)
public class JU_Define {
- private static final String AAF_NS_DOT = "AAF_NS.";
- public static String ROOT_NS="NS.Not.Set";
- public static String ROOT_COMPANY=ROOT_NS;
- Access acc;
- @Mock
- Env envMock;
+ private static final String AAF_NS_DOT = "AAF_NS.";
+ public static String ROOT_NS="NS.Not.Set";
+ public static String ROOT_COMPANY=ROOT_NS;
+ Access acc;
+ @Mock
+ Env envMock;
- @Before
- public void setUp() throws CadiException{
- acc = mock(Access.class);
- }
-
- @Test
- public void testSet() throws CadiException {
- PropAccess prop = new PropAccess();
- prop.setProperty(AAF_NS_DOT, AAF_NS_DOT);
- prop.setProperty(Config.AAF_ROOT_NS, ".ns_Test");
- prop.setProperty(Config.AAF_ROOT_COMPANY, "company_Test");
- Define.set(prop);
- Define.ROOT_NS();
- Define.ROOT_COMPANY();
-
- PropAccess prop1 = new PropAccess();
- prop1.setProperty(AAF_NS_DOT, AAF_NS_DOT);
- prop1.setProperty(Config.AAF_ROOT_NS, ".ns_Test");
- Define.set(prop1);
- }
+ @Before
+ public void setUp() throws CadiException{
+ acc = mock(Access.class);
+ }
+
+ @Test
+ public void testSet() throws CadiException {
+ PropAccess prop = new PropAccess();
+ prop.setProperty(AAF_NS_DOT, AAF_NS_DOT);
+ prop.setProperty(Config.AAF_ROOT_NS, ".ns_Test");
+ prop.setProperty(Config.AAF_ROOT_COMPANY, "company_Test");
+ Define.set(prop);
+ Define.ROOT_NS();
+ Define.ROOT_COMPANY();
+
+ PropAccess prop1 = new PropAccess();
+ prop1.setProperty(AAF_NS_DOT, AAF_NS_DOT);
+ prop1.setProperty(Config.AAF_ROOT_NS, ".ns_Test");
+ Define.set(prop1);
+ }
-// @Test //TODO: AAF-111 exception fix
-// public void testRootNS() throws RuntimeException{
-// Define.ROOT_NS();
-// }
+// @Test //TODO: AAF-111 exception fix
+// public void testRootNS() throws RuntimeException{
+// Define.ROOT_NS();
+// }
//
-// @Test
-// public void testRootCompany() throws RuntimeException{
-// Define.ROOT_COMPANY();
-// }
+// @Test
+// public void testRootCompany() throws RuntimeException{
+// Define.ROOT_COMPANY();
+// }
- @Test
- public void testVarReplace() {
- Define.varReplace(AAF_NS_DOT);
- Define.varReplace("test");
- }
+ @Test
+ public void testVarReplace() {
+ Define.varReplace(AAF_NS_DOT);
+ Define.varReplace("test");
+ }
}
diff --git a/auth/auth-core/src/test/java/org/onap/aaf/auth/env/test/JU_AuthzEnv.java b/auth/auth-core/src/test/java/org/onap/aaf/auth/env/test/JU_AuthzEnv.java
index b30085fc..b170ae55 100644
--- a/auth/auth-core/src/test/java/org/onap/aaf/auth/env/test/JU_AuthzEnv.java
+++ b/auth/auth-core/src/test/java/org/onap/aaf/auth/env/test/JU_AuthzEnv.java
@@ -41,137 +41,137 @@ import org.onap.aaf.cadi.config.Config;
public class JU_AuthzEnv {
- AuthzEnv authzEnv;
- ByteArrayOutputStream outStream;
- ByteArrayOutputStream errStream;
- enum Level {DEBUG, INFO, AUDIT, INIT, WARN, ERROR};
-
- @Before
- public void setUp() {
- outStream = new ByteArrayOutputStream();
- errStream = new ByteArrayOutputStream();
-
- System.setOut(new PrintStream(outStream));
- System.setErr(new PrintStream(errStream));
-
- authzEnv = new AuthzEnv();
- }
-
- @After
- public void tearDown() {
- System.setOut(System.out);
- System.setErr(System.err);
- }
-
- @Test
- @SuppressWarnings("unused")
- public void testConstructors() {
- AuthzEnv authzEnv1 = new AuthzEnv("Test");
- AuthzEnv authzEnv2 = new AuthzEnv((PropAccess)null);
- AuthzEnv authzEnv3 = new AuthzEnv((Properties)null);
- }
-
- @Test
- public void testTransRate() {
- Long Result = authzEnv.transRate();
- assertNotNull(Result);
- }
-
- @Test
- public void checkNewTransNoAvg() {
- assertNotNull(authzEnv.newTransNoAvg());
- }
-
- @Test
- public void checkNewTrans() {
- assertNotNull(authzEnv.newTrans());
- }
-
- @Test
- public void checkPropAccess() {
- assertNotNull(authzEnv.access());
- }
-
- @Test
- public void checkgetProperties() { //TODO:[GABE]No setter for this, add?
- assertNotNull(authzEnv.getProperties());
- assertNotNull(authzEnv.getProperties("test"));
- }
-
- @Test
- public void checkPropertyGetters(){
- authzEnv.setProperty("key","value");
- assertEquals(authzEnv.getProperty("key"), "value");
- assertEquals(authzEnv.getProperty("key","value"), "value");
- }
-
- @Test
- public void checkPropertySetters(){
- assertEquals(authzEnv.getProperty("key","value"), authzEnv.setProperty("key","value"));
- }
-
- @Test(expected = IOException.class)
- public void testDecryptException() throws IOException{
- authzEnv.setProperty(Config.CADI_KEYFILE, "test/keyfile");
- authzEnv.decrypt(null, false);
- }
-
- @Test
- public void testDecrypt() throws IOException{
- String encrypted = "encrypted";
- String Result = authzEnv.decrypt(encrypted, true);
- assertEquals("encrypted",Result);
- }
-
- @Test
- public void testClassLoader() {
- ClassLoader cLoad = mock(ClassLoader.class);
- cLoad = authzEnv.classLoader();
- assertNotNull(cLoad);
- }
-
- @Test
- public void testLoad() throws IOException {
- InputStream is = mock(InputStream.class);
- authzEnv.load(is);
- }
-
- @Test
- public void testLog() {
- Access.Level lvl = Access.Level.DEBUG;
- Object msgs = null;
- authzEnv.log(lvl, msgs);
- }
-
- @Test
- public void testLog1() {
-
- Exception e = new Exception();
- Object msgs = null;
- authzEnv.log(e, msgs);
- }
-
- @Test
- public void testPrintf() {
- Access.Level lvl = Access.Level.DEBUG;
- Object msgs = null;
- authzEnv.printf(lvl, "Test", msgs);
- }
-
- @Test
- public void testWillLog() {
- Access.Level lvl = Access.Level.DEBUG;
- Access.Level lvl1 = Access.Level.AUDIT;
- boolean test = authzEnv.willLog(lvl);
- assertFalse(test);
- test = authzEnv.willLog(lvl1);
- assertTrue(test);
- }
-
- @Test
- public void testSetLogLevel() {
- Access.Level lvl = Access.Level.DEBUG;
- authzEnv.setLogLevel(lvl);
- }
+ AuthzEnv authzEnv;
+ ByteArrayOutputStream outStream;
+ ByteArrayOutputStream errStream;
+ enum Level {DEBUG, INFO, AUDIT, INIT, WARN, ERROR};
+
+ @Before
+ public void setUp() {
+ outStream = new ByteArrayOutputStream();
+ errStream = new ByteArrayOutputStream();
+
+ System.setOut(new PrintStream(outStream));
+ System.setErr(new PrintStream(errStream));
+
+ authzEnv = new AuthzEnv();
+ }
+
+ @After
+ public void tearDown() {
+ System.setOut(System.out);
+ System.setErr(System.err);
+ }
+
+ @Test
+ @SuppressWarnings("unused")
+ public void testConstructors() {
+ AuthzEnv authzEnv1 = new AuthzEnv("Test");
+ AuthzEnv authzEnv2 = new AuthzEnv((PropAccess)null);
+ AuthzEnv authzEnv3 = new AuthzEnv((Properties)null);
+ }
+
+ @Test
+ public void testTransRate() {
+ Long Result = authzEnv.transRate();
+ assertNotNull(Result);
+ }
+
+ @Test
+ public void checkNewTransNoAvg() {
+ assertNotNull(authzEnv.newTransNoAvg());
+ }
+
+ @Test
+ public void checkNewTrans() {
+ assertNotNull(authzEnv.newTrans());
+ }
+
+ @Test
+ public void checkPropAccess() {
+ assertNotNull(authzEnv.access());
+ }
+
+ @Test
+ public void checkgetProperties() { //TODO:[GABE]No setter for this, add?
+ assertNotNull(authzEnv.getProperties());
+ assertNotNull(authzEnv.getProperties("test"));
+ }
+
+ @Test
+ public void checkPropertyGetters(){
+ authzEnv.setProperty("key","value");
+ assertEquals(authzEnv.getProperty("key"), "value");
+ assertEquals(authzEnv.getProperty("key","value"), "value");
+ }
+
+ @Test
+ public void checkPropertySetters(){
+ assertEquals(authzEnv.getProperty("key","value"), authzEnv.setProperty("key","value"));
+ }
+
+ @Test(expected = IOException.class)
+ public void testDecryptException() throws IOException{
+ authzEnv.setProperty(Config.CADI_KEYFILE, "test/keyfile");
+ authzEnv.decrypt(null, false);
+ }
+
+ @Test
+ public void testDecrypt() throws IOException{
+ String encrypted = "encrypted";
+ String Result = authzEnv.decrypt(encrypted, true);
+ assertEquals("encrypted",Result);
+ }
+
+ @Test
+ public void testClassLoader() {
+ ClassLoader cLoad = mock(ClassLoader.class);
+ cLoad = authzEnv.classLoader();
+ assertNotNull(cLoad);
+ }
+
+ @Test
+ public void testLoad() throws IOException {
+ InputStream is = mock(InputStream.class);
+ authzEnv.load(is);
+ }
+
+ @Test
+ public void testLog() {
+ Access.Level lvl = Access.Level.DEBUG;
+ Object msgs = null;
+ authzEnv.log(lvl, msgs);
+ }
+
+ @Test
+ public void testLog1() {
+
+ Exception e = new Exception();
+ Object msgs = null;
+ authzEnv.log(e, msgs);
+ }
+
+ @Test
+ public void testPrintf() {
+ Access.Level lvl = Access.Level.DEBUG;
+ Object msgs = null;
+ authzEnv.printf(lvl, "Test", msgs);
+ }
+
+ @Test
+ public void testWillLog() {
+ Access.Level lvl = Access.Level.DEBUG;
+ Access.Level lvl1 = Access.Level.AUDIT;
+ boolean test = authzEnv.willLog(lvl);
+ assertFalse(test);
+ test = authzEnv.willLog(lvl1);
+ assertTrue(test);
+ }
+
+ @Test
+ public void testSetLogLevel() {
+ Access.Level lvl = Access.Level.DEBUG;
+ authzEnv.setLogLevel(lvl);
+ }
}
diff --git a/auth/auth-core/src/test/java/org/onap/aaf/auth/env/test/JU_AuthzTransFilter.java b/auth/auth-core/src/test/java/org/onap/aaf/auth/env/test/JU_AuthzTransFilter.java
index ccfb01aa..e5b4209f 100644
--- a/auth/auth-core/src/test/java/org/onap/aaf/auth/env/test/JU_AuthzTransFilter.java
+++ b/auth/auth-core/src/test/java/org/onap/aaf/auth/env/test/JU_AuthzTransFilter.java
@@ -49,62 +49,62 @@ import org.onap.aaf.misc.env.Trans.Metric;
public class JU_AuthzTransFilter {
- @Mock private AuthzEnv envMock;
- @Mock private Connector connectorMock;
- @Mock private TrustChecker tcMock;
- @Mock private AuthzTrans authzTransMock;
- @Mock private Object additionalTafLurs;
-
- private PropAccess access;
+ @Mock private AuthzEnv envMock;
+ @Mock private Connector connectorMock;
+ @Mock private TrustChecker tcMock;
+ @Mock private AuthzTrans authzTransMock;
+ @Mock private Object additionalTafLurs;
+
+ private PropAccess access;
- @Before
- public void setUp() throws CadiException{
- MockitoAnnotations.initMocks(this);
+ @Before
+ public void setUp() throws CadiException{
+ MockitoAnnotations.initMocks(this);
- access = new PropAccess(new PrintStream(new ByteArrayOutputStream()), new String[0]);
+ access = new PropAccess(new PrintStream(new ByteArrayOutputStream()), new String[0]);
- when(envMock.access()).thenReturn(access);
- }
-
- // TODO: These tests only work on the AT&T network. Fix them - Ian
- @Test
- public void testAuthenticated() throws IllegalAccessException, IllegalArgumentException, InvocationTargetException, NoSuchMethodException, SecurityException, CadiException {
-// AuthzTransFilter filter = new AuthzTransFilter(envMock, connectorMock, tcMock);
-// AuthzTransFilter aTF = new AuthzTransFilter(authzEnvMock, connectorMock, trustCheckerMock, (Object)null);
-// Class<?> c = aTF.getClass();
-// Class<?>[] cArg = new Class[2];
-// cArg[0] = AuthzTrans.class;
-// cArg[1] = Principal.class; //Steps to test a protected method
-// Method authenticatedMethod = c.getDeclaredMethod("authenticated", cArg);
-// authenticatedMethod.setAccessible(true);
-// authenticatedMethod.invoke(aTF, authzTransMock, null);
- }
-
- @Test
- public void testTallyHo() throws CadiException, NoSuchMethodException, SecurityException, IllegalAccessException, IllegalArgumentException, InvocationTargetException {
-// Slot specialLogSlot = authzEnvMock.slot("SPECIAL_LOG_SLOT");
-// LogTarget lt = mock(LogTarget.class);
-// AuthzTransFilter aTF = new AuthzTransFilter(authzEnvMock, connectorMock, trustCheckerMock, additionalTafLurs);
-// TaggedPrincipal tPrin = mock(TaggedPrincipal.class);
-// Metric met = new Metric();
-// met.total = 199.33F;
-// met.entries = 15;
-// met.buckets = new float[] {199.33F,99.33F};
-// Class<?> c = aTF.getClass();
-// Class<?>[] cArg = new Class[1];
-// cArg[0] = AuthzTrans.class; //Steps to test a protected method
-// Method tallyHoMethod = c.getDeclaredMethod("tallyHo", cArg);
+ when(envMock.access()).thenReturn(access);
+ }
+
+ // TODO: These tests only work on the AT&T network. Fix them - Ian
+ @Test
+ public void testAuthenticated() throws IllegalAccessException, IllegalArgumentException, InvocationTargetException, NoSuchMethodException, SecurityException, CadiException {
+// AuthzTransFilter filter = new AuthzTransFilter(envMock, connectorMock, tcMock);
+// AuthzTransFilter aTF = new AuthzTransFilter(authzEnvMock, connectorMock, trustCheckerMock, (Object)null);
+// Class<?> c = aTF.getClass();
+// Class<?>[] cArg = new Class[2];
+// cArg[0] = AuthzTrans.class;
+// cArg[1] = Principal.class; //Steps to test a protected method
+// Method authenticatedMethod = c.getDeclaredMethod("authenticated", cArg);
+// authenticatedMethod.setAccessible(true);
+// authenticatedMethod.invoke(aTF, authzTransMock, null);
+ }
+
+ @Test
+ public void testTallyHo() throws CadiException, NoSuchMethodException, SecurityException, IllegalAccessException, IllegalArgumentException, InvocationTargetException {
+// Slot specialLogSlot = authzEnvMock.slot("SPECIAL_LOG_SLOT");
+// LogTarget lt = mock(LogTarget.class);
+// AuthzTransFilter aTF = new AuthzTransFilter(authzEnvMock, connectorMock, trustCheckerMock, additionalTafLurs);
+// TaggedPrincipal tPrin = mock(TaggedPrincipal.class);
+// Metric met = new Metric();
+// met.total = 199.33F;
+// met.entries = 15;
+// met.buckets = new float[] {199.33F,99.33F};
+// Class<?> c = aTF.getClass();
+// Class<?>[] cArg = new Class[1];
+// cArg[0] = AuthzTrans.class; //Steps to test a protected method
+// Method tallyHoMethod = c.getDeclaredMethod("tallyHo", cArg);
//
-// when(authzTransMock.auditTrail(((LogTarget)any()), anyInt(), (StringBuilder)any(), anyInt(), anyInt())).thenReturn(met);
-// tallyHoMethod.setAccessible(true);
+// when(authzTransMock.auditTrail(((LogTarget)any()), anyInt(), (StringBuilder)any(), anyInt(), anyInt())).thenReturn(met);
+// tallyHoMethod.setAccessible(true);
//
-// when(authzTransMock.get(specialLogSlot, false)).thenReturn(false);
-// when(authzTransMock.warn()).thenReturn(lt);
-// when(authzTransMock.info()).thenReturn(lt);
-// tallyHoMethod.invoke(aTF, authzTransMock);
+// when(authzTransMock.get(specialLogSlot, false)).thenReturn(false);
+// when(authzTransMock.warn()).thenReturn(lt);
+// when(authzTransMock.info()).thenReturn(lt);
+// tallyHoMethod.invoke(aTF, authzTransMock);
//
-// when(authzTransMock.getUserPrincipal()).thenReturn(tPrin);
-// tallyHoMethod.invoke(aTF, authzTransMock);
- }
-
+// when(authzTransMock.getUserPrincipal()).thenReturn(tPrin);
+// tallyHoMethod.invoke(aTF, authzTransMock);
+ }
+
}
diff --git a/auth/auth-core/src/test/java/org/onap/aaf/auth/env/test/JU_AuthzTransImpl.java b/auth/auth-core/src/test/java/org/onap/aaf/auth/env/test/JU_AuthzTransImpl.java
index 317fb94a..8e6d5028 100644
--- a/auth/auth-core/src/test/java/org/onap/aaf/auth/env/test/JU_AuthzTransImpl.java
+++ b/auth/auth-core/src/test/java/org/onap/aaf/auth/env/test/JU_AuthzTransImpl.java
@@ -50,120 +50,120 @@ import junit.framework.Assert;
@RunWith(PowerMockRunner.class)
public class JU_AuthzTransImpl {
- AuthzTransImpl authzTransImpl;
- @Mock
- AuthzEnv authzEnvMock;
- AuthzTransImpl trans1;
-
- private Organization org=null;
- private AuthzTransImpl mockAuthzTransImpl;
- private static HttpServletRequest req;
- private static HttpServletResponse res;
- private Lur lur1 = mock(Lur.class);
-
- @Before
- public void setUp(){
- authzTransImpl = new AuthzTransImpl(authzEnvMock);
- req = mock(HttpServletRequest.class);
- authzTransImpl.set(req);
- when(req.getParameter("request")).thenReturn("NotNull");
- authzTransImpl.set(req);
- when(req.getParameter("request")).thenReturn("");
- authzTransImpl.set(req);
- }
-
- @Test
- public void testOrg() {
- Organization result=null;
- result = authzTransImpl.org();
- OrganizationFactory test = mock(OrganizationFactory.class);
- //result = OrganizationFactory.obtain(authzTransImpl.env(), authzTransImpl.user());
- authzTransImpl.org();
- //when(test).thenReturn(null);
- //assertTrue(true);
- }
-
- @Mock
- LogTarget logTargetMock;
-
- @Test
- public void testLogAuditTrail(){
-
- when(logTargetMock.isLoggable()).thenReturn(false);
- authzTransImpl.logAuditTrail(logTargetMock);
- when(logTargetMock.isLoggable()).thenReturn(true);
- Env delegate = mock(Env.class);
- //when(logTargetMock.isLoggable()).thenReturn(true);//TODO: Figure this out
- //authzTransImpl.logAuditTrail(logTargetMock);
- }
-
-// @Test //TODO:Fix this AAF-111
-// public void testSetUser() {
-// Principal user = mock(Principal.class);
-// authzTransImpl.setUser(user);
-// Principal user1 = authzTransImpl.getUserPrincipal();
-// String username = user1.getName();
-// Assert.assertNotNull(user1);
-// }
-
-// @Test //TODO:Fix this AAF-111
-// public void testUser() {
-// Assert.assertEquals("n/a", authzTransImpl.user());
-// Principal user = mock(Principal.class); //Unsure how to modify name
-// when(user.toString()).thenReturn("name");
-// when(user.getName()).thenReturn("name");
-// authzTransImpl.setUser(user);
-// Assert.assertEquals("name", authzTransImpl.user());
-// }
-//
- @Test
- public void testRequested() {
- REQD_TYPE user = REQD_TYPE.move;
- REQD_TYPE user1 = REQD_TYPE.future;
- HttpServletRequest req = mock(HttpServletRequest.class);
- String p = user1.name();
- boolean boolUser = authzTransImpl.requested(user);
- Assert.assertEquals(false, boolUser);
- Assert.assertNotNull(p);
- authzTransImpl.requested(user,true);
- when(authzTransImpl.requested(user)).thenReturn(null);
- Assert.assertEquals(true, authzTransImpl.requested(user));
- /* String p1 = req.getParameter(user1.name()); //unable to access private method call in all instances
- when(req.getParameter(user1.name())).thenReturn("test");
- authzTransImpl.requested(user,false);
- */
-
-
- }
-
- @Test
- public void testFish() {
- mockAuthzTransImpl = mock(AuthzTransImpl.class);
- Permission p = mock(Permission.class);
- authzTransImpl.fish(p);
- String str = "Test";
- lur1.createPerm(str);
- when(p.match(p)).thenReturn(true);
- authzTransImpl.setLur(lur1);
- authzTransImpl.fish(p);
- }
-
- @Test
- public void testSetVariables() { //TODO: refactor this better
- Assert.assertNull(authzTransImpl.agent());
- Assert.assertNull(authzTransImpl.ip());
- Assert.assertNull(authzTransImpl.path());
- Assert.assertNotNull(authzTransImpl.port());
- Assert.assertNull(authzTransImpl.meth());
- Assert.assertNull(authzTransImpl.getUserPrincipal());
- Assert.assertNotNull(authzTransImpl.user());
- }
-
- @Test
- public void testNow() {
- Date date = authzTransImpl.now();
- Assert.assertEquals(date,authzTransImpl.now());
- when(authzTransImpl.now()).thenReturn(null);
- }
-
+ AuthzTransImpl authzTransImpl;
+ @Mock
+ AuthzEnv authzEnvMock;
+ AuthzTransImpl trans1;
+
+ private Organization org=null;
+ private AuthzTransImpl mockAuthzTransImpl;
+ private static HttpServletRequest req;
+ private static HttpServletResponse res;
+ private Lur lur1 = mock(Lur.class);
+
+ @Before
+ public void setUp(){
+ authzTransImpl = new AuthzTransImpl(authzEnvMock);
+ req = mock(HttpServletRequest.class);
+ authzTransImpl.set(req);
+ when(req.getParameter("request")).thenReturn("NotNull");
+ authzTransImpl.set(req);
+ when(req.getParameter("request")).thenReturn("");
+ authzTransImpl.set(req);
+ }
+
+ @Test
+ public void testOrg() {
+ Organization result=null;
+ result = authzTransImpl.org();
+ OrganizationFactory test = mock(OrganizationFactory.class);
+ //result = OrganizationFactory.obtain(authzTransImpl.env(), authzTransImpl.user());
+ authzTransImpl.org();
+ //when(test).thenReturn(null);
+ //assertTrue(true);
+ }
+
+ @Mock
+ LogTarget logTargetMock;
+
+ @Test
+ public void testLogAuditTrail(){
+
+ when(logTargetMock.isLoggable()).thenReturn(false);
+ authzTransImpl.logAuditTrail(logTargetMock);
+ when(logTargetMock.isLoggable()).thenReturn(true);
+ Env delegate = mock(Env.class);
+ //when(logTargetMock.isLoggable()).thenReturn(true);//TODO: Figure this out
+ //authzTransImpl.logAuditTrail(logTargetMock);
+ }
+
+// @Test //TODO:Fix this AAF-111
+// public void testSetUser() {
+// Principal user = mock(Principal.class);
+// authzTransImpl.setUser(user);
+// Principal user1 = authzTransImpl.getUserPrincipal();
+// String username = user1.getName();
+// Assert.assertNotNull(user1);
+// }
+
+// @Test //TODO:Fix this AAF-111
+// public void testUser() {
+// Assert.assertEquals("n/a", authzTransImpl.user());
+// Principal user = mock(Principal.class); //Unsure how to modify name
+// when(user.toString()).thenReturn("name");
+// when(user.getName()).thenReturn("name");
+// authzTransImpl.setUser(user);
+// Assert.assertEquals("name", authzTransImpl.user());
+// }
+//
+ @Test
+ public void testRequested() {
+ REQD_TYPE user = REQD_TYPE.move;
+ REQD_TYPE user1 = REQD_TYPE.future;
+ HttpServletRequest req = mock(HttpServletRequest.class);
+ String p = user1.name();
+ boolean boolUser = authzTransImpl.requested(user);
+ Assert.assertEquals(false, boolUser);
+ Assert.assertNotNull(p);
+ authzTransImpl.requested(user,true);
+ when(authzTransImpl.requested(user)).thenReturn(null);
+ Assert.assertEquals(true, authzTransImpl.requested(user));
+ /* String p1 = req.getParameter(user1.name()); //unable to access private method call in all instances
+ when(req.getParameter(user1.name())).thenReturn("test");
+ authzTransImpl.requested(user,false);
+ */
+
+
+ }
+
+ @Test
+ public void testFish() {
+ mockAuthzTransImpl = mock(AuthzTransImpl.class);
+ Permission p = mock(Permission.class);
+ authzTransImpl.fish(p);
+ String str = "Test";
+ lur1.createPerm(str);
+ when(p.match(p)).thenReturn(true);
+ authzTransImpl.setLur(lur1);
+ authzTransImpl.fish(p);
+ }
+
+ @Test
+ public void testSetVariables() { //TODO: refactor this better
+ Assert.assertNull(authzTransImpl.agent());
+ Assert.assertNull(authzTransImpl.ip());
+ Assert.assertNull(authzTransImpl.path());
+ Assert.assertNotNull(authzTransImpl.port());
+ Assert.assertNull(authzTransImpl.meth());
+ Assert.assertNull(authzTransImpl.getUserPrincipal());
+ Assert.assertNotNull(authzTransImpl.user());
+ }
+
+ @Test
+ public void testNow() {
+ Date date = authzTransImpl.now();
+ Assert.assertEquals(date,authzTransImpl.now());
+ when(authzTransImpl.now()).thenReturn(null);
+ }
+
}
diff --git a/auth/auth-core/src/test/java/org/onap/aaf/auth/env/test/JU_AuthzTransOnlyFilter.java b/auth/auth-core/src/test/java/org/onap/aaf/auth/env/test/JU_AuthzTransOnlyFilter.java
index f1243513..4d233990 100644
--- a/auth/auth-core/src/test/java/org/onap/aaf/auth/env/test/JU_AuthzTransOnlyFilter.java
+++ b/auth/auth-core/src/test/java/org/onap/aaf/auth/env/test/JU_AuthzTransOnlyFilter.java
@@ -49,71 +49,71 @@ import org.onap.aaf.misc.env.Trans.Metric;
@RunWith(MockitoJUnitRunner.class)
public class JU_AuthzTransOnlyFilter {
- AuthzTransFilter authzTransFilter;
- AuthzEnv authzEnvMock = mock(AuthzEnv.class);
- Connector connectorMock = mock(Connector.class);
- TrustChecker trustCheckerMock = mock(TrustChecker.class);
- AuthzTrans authzTransMock = mock(AuthzTrans.class);
- Object additionalTafLurs = mock(Object.class);
- ServletRequest servletRequestMock = mock(ServletRequest.class);
- AuthzTransOnlyFilter authzTransOnlyFilter;
+ AuthzTransFilter authzTransFilter;
+ AuthzEnv authzEnvMock = mock(AuthzEnv.class);
+ Connector connectorMock = mock(Connector.class);
+ TrustChecker trustCheckerMock = mock(TrustChecker.class);
+ AuthzTrans authzTransMock = mock(AuthzTrans.class);
+ Object additionalTafLurs = mock(Object.class);
+ ServletRequest servletRequestMock = mock(ServletRequest.class);
+ AuthzTransOnlyFilter authzTransOnlyFilter;
- @Before
- public void setUp(){
- authzTransOnlyFilter = new AuthzTransOnlyFilter(authzEnvMock);
- }
+ @Before
+ public void setUp(){
+ authzTransOnlyFilter = new AuthzTransOnlyFilter(authzEnvMock);
+ }
- /*@Test
- public void testProtected() throws NoSuchMethodException, SecurityException, IllegalAccessException, IllegalArgumentException, InvocationTargetException {
- Method newTransMethod = AuthzTransFilter.class.getDeclaredMethod("newTrans");
- newTransMethod.setAccessible(true);
+ /*@Test
+ public void testProtected() throws NoSuchMethodException, SecurityException, IllegalAccessException, IllegalArgumentException, InvocationTargetException {
+ Method newTransMethod = AuthzTransFilter.class.getDeclaredMethod("newTrans");
+ newTransMethod.setAccessible(true);
- newTransMethod.invoke(authzTransFilter);
- }*/
+ newTransMethod.invoke(authzTransFilter);
+ }*/
- @Test
- public void testStart() throws NoSuchMethodException, SecurityException, IllegalAccessException, IllegalArgumentException, InvocationTargetException {
- AuthzTransOnlyFilter aTF = new AuthzTransOnlyFilter(authzEnvMock);
- Class c = aTF.getClass();
- Class[] cArg = new Class[2];
- cArg[0] = AuthzTrans.class;
- cArg[1] = ServletRequest.class; //Steps to test a protected method
- Method startMethod = c.getDeclaredMethod("start", cArg);
- startMethod.setAccessible(true);
- //startMethod.invoke(aTF, authzTransMock, servletRequestMock);
- }
+ @Test
+ public void testStart() throws NoSuchMethodException, SecurityException, IllegalAccessException, IllegalArgumentException, InvocationTargetException {
+ AuthzTransOnlyFilter aTF = new AuthzTransOnlyFilter(authzEnvMock);
+ Class c = aTF.getClass();
+ Class[] cArg = new Class[2];
+ cArg[0] = AuthzTrans.class;
+ cArg[1] = ServletRequest.class; //Steps to test a protected method
+ Method startMethod = c.getDeclaredMethod("start", cArg);
+ startMethod.setAccessible(true);
+ //startMethod.invoke(aTF, authzTransMock, servletRequestMock);
+ }
- @Test
- public void testAuthenticated() throws IllegalAccessException, IllegalArgumentException, InvocationTargetException, NoSuchMethodException, SecurityException, CadiException {
- TaggedPrincipal p = mock(TaggedPrincipal.class);
- AuthzTransOnlyFilter aTF = new AuthzTransOnlyFilter(authzEnvMock);
- Class c = aTF.getClass();
- Class[] cArg = new Class[2];
- cArg[0] = AuthzTrans.class;
- cArg[1] = TaggedPrincipal.class; //Steps to test a protected method
- Method authenticatedMethod = c.getDeclaredMethod("authenticated", cArg);
- authenticatedMethod.setAccessible(true);
- authenticatedMethod.invoke(aTF,authzTransMock, null);
- }
+ @Test
+ public void testAuthenticated() throws IllegalAccessException, IllegalArgumentException, InvocationTargetException, NoSuchMethodException, SecurityException, CadiException {
+ TaggedPrincipal p = mock(TaggedPrincipal.class);
+ AuthzTransOnlyFilter aTF = new AuthzTransOnlyFilter(authzEnvMock);
+ Class c = aTF.getClass();
+ Class[] cArg = new Class[2];
+ cArg[0] = AuthzTrans.class;
+ cArg[1] = TaggedPrincipal.class; //Steps to test a protected method
+ Method authenticatedMethod = c.getDeclaredMethod("authenticated", cArg);
+ authenticatedMethod.setAccessible(true);
+ authenticatedMethod.invoke(aTF,authzTransMock, null);
+ }
- @Test
- public void testTallyHo() throws CadiException, NoSuchMethodException, SecurityException, IllegalAccessException, IllegalArgumentException, InvocationTargetException {
- AuthzTransOnlyFilter aTF = new AuthzTransOnlyFilter(authzEnvMock);
- LogTarget log = mock(LogTarget.class);
- Metric met = new Metric();
- met.total = 199.33F;
- met.entries = 15;
- met.buckets = new float[] {199.33F,99.33F};
- Class c = aTF.getClass();
- Class[] cArg = new Class[1];
- cArg[0] = AuthzTrans.class; //Steps to test a protected method
- StringBuilder sb = new StringBuilder("AuditTrail\n");
- when(authzTransMock.auditTrail(anyInt(),(StringBuilder)any(),anyInt(),anyInt())).thenReturn(met);
- when(authzTransMock.info()).thenReturn(log);
- doNothing().when(log).log((StringBuilder)any());
- Method tallyHoMethod = c.getDeclaredMethod("tallyHo", cArg);
- tallyHoMethod.setAccessible(true);
- tallyHoMethod.invoke(aTF,authzTransMock);
- }
+ @Test
+ public void testTallyHo() throws CadiException, NoSuchMethodException, SecurityException, IllegalAccessException, IllegalArgumentException, InvocationTargetException {
+ AuthzTransOnlyFilter aTF = new AuthzTransOnlyFilter(authzEnvMock);
+ LogTarget log = mock(LogTarget.class);
+ Metric met = new Metric();
+ met.total = 199.33F;
+ met.entries = 15;
+ met.buckets = new float[] {199.33F,99.33F};
+ Class c = aTF.getClass();
+ Class[] cArg = new Class[1];
+ cArg[0] = AuthzTrans.class; //Steps to test a protected method
+ StringBuilder sb = new StringBuilder("AuditTrail\n");
+ when(authzTransMock.auditTrail(anyInt(),(StringBuilder)any(),anyInt(),anyInt())).thenReturn(met);
+ when(authzTransMock.info()).thenReturn(log);
+ doNothing().when(log).log((StringBuilder)any());
+ Method tallyHoMethod = c.getDeclaredMethod("tallyHo", cArg);
+ tallyHoMethod.setAccessible(true);
+ tallyHoMethod.invoke(aTF,authzTransMock);
+ }
}
diff --git a/auth/auth-core/src/test/java/org/onap/aaf/auth/env/test/JU_NullTrans.java b/auth/auth-core/src/test/java/org/onap/aaf/auth/env/test/JU_NullTrans.java
index e82aa163..9428bdc6 100644
--- a/auth/auth-core/src/test/java/org/onap/aaf/auth/env/test/JU_NullTrans.java
+++ b/auth/auth-core/src/test/java/org/onap/aaf/auth/env/test/JU_NullTrans.java
@@ -50,224 +50,224 @@ import java.util.Date;
@RunWith(MockitoJUnitRunner.class)
public class JU_NullTrans {
- NullTrans nullTrans;
-
- @Before
- public void setUp(){
- nullTrans = new NullTrans();
- }
-
- @Test
- public void testAuditTrail() {
- Assert.assertNull(nullTrans.auditTrail(0, null, 0));
- }
-
- @Test
- public void testSingleton() {
- AuthzTrans single = nullTrans.singleton();
- Assert.assertTrue(single instanceof AuthzTrans);
- }
-
- @Test
- public void testCheckpoints() {
- nullTrans.checkpoint("Test");
- nullTrans.checkpoint(null, 0);
- }
-
- @Test
- public void testFatal() {
- LogTarget log = nullTrans.fatal();
- Assert.assertEquals(LogTarget.NULL, log);
- }
-
- @Test
- public void testError() {
- LogTarget log = nullTrans.error();
- Assert.assertEquals(LogTarget.NULL, log);
- }
-
- @Test
- public void testAudit() {
- LogTarget log = nullTrans.audit();
- Assert.assertEquals(LogTarget.NULL, log);
- }
-
- @Test
- public void testInit() {
- LogTarget log = nullTrans.init();
- Assert.assertEquals(LogTarget.NULL, log);
- }
-
- @Test
- public void testWarn() {
- LogTarget log = nullTrans.warn();
- Assert.assertEquals(LogTarget.NULL, log);
- }
-
- @Test
- public void testInfo() {
- LogTarget log = nullTrans.info();
- Assert.assertEquals(LogTarget.NULL, log);
- }
-
- @Test
- public void testDebug() {
- LogTarget log = nullTrans.debug();
- Assert.assertEquals(LogTarget.NULL, log);
- }
+ NullTrans nullTrans;
+
+ @Before
+ public void setUp(){
+ nullTrans = new NullTrans();
+ }
+
+ @Test
+ public void testAuditTrail() {
+ Assert.assertNull(nullTrans.auditTrail(0, null, 0));
+ }
+
+ @Test
+ public void testSingleton() {
+ AuthzTrans single = nullTrans.singleton();
+ Assert.assertTrue(single instanceof AuthzTrans);
+ }
+
+ @Test
+ public void testCheckpoints() {
+ nullTrans.checkpoint("Test");
+ nullTrans.checkpoint(null, 0);
+ }
+
+ @Test
+ public void testFatal() {
+ LogTarget log = nullTrans.fatal();
+ Assert.assertEquals(LogTarget.NULL, log);
+ }
+
+ @Test
+ public void testError() {
+ LogTarget log = nullTrans.error();
+ Assert.assertEquals(LogTarget.NULL, log);
+ }
+
+ @Test
+ public void testAudit() {
+ LogTarget log = nullTrans.audit();
+ Assert.assertEquals(LogTarget.NULL, log);
+ }
+
+ @Test
+ public void testInit() {
+ LogTarget log = nullTrans.init();
+ Assert.assertEquals(LogTarget.NULL, log);
+ }
+
+ @Test
+ public void testWarn() {
+ LogTarget log = nullTrans.warn();
+ Assert.assertEquals(LogTarget.NULL, log);
+ }
+
+ @Test
+ public void testInfo() {
+ LogTarget log = nullTrans.info();
+ Assert.assertEquals(LogTarget.NULL, log);
+ }
+
+ @Test
+ public void testDebug() {
+ LogTarget log = nullTrans.debug();
+ Assert.assertEquals(LogTarget.NULL, log);
+ }
- @Test
- public void testTrace() {
- LogTarget log = nullTrans.trace();
- Assert.assertEquals(LogTarget.NULL, log);
- }
-
- @Test
- public void testStart() {
- TimeTaken test = nullTrans.start("test", 1);
- StringBuilder sb = new StringBuilder();
- test.output(sb);
- StringBuilder sb1 = new StringBuilder();
- sb1.append(test);
- String s = sb.toString();
- String s1 = sb1.toString();
- s1 = s1.trim();
- Assert.assertEquals(s,s1);
- }
-
- @Test
- public void testSetProperty() {
- String tag = "tag";
- String value = "value";
- nullTrans.setProperty(tag, value);
- String expected = nullTrans.getProperty(tag, value);
- Assert.assertEquals(expected, value);
- String expectedTag = nullTrans.getProperty(tag);
- Assert.assertEquals(expectedTag, tag);
- }
-
- @Test
- public void testDecryptor() {
- Decryptor decry = nullTrans.decryptor();
- Assert.assertNull(decry);
- }
-
- @Test
- public void testEncryptor() {
- Encryptor encry = nullTrans.encryptor();
- Assert.assertNull(encry);
- }
-
- @Test
- public void testSet() {
- HttpServletRequest req = mock(HttpServletRequest.class);
- AuthzTrans set = nullTrans.set(req);
- Assert.assertNull(set);
- }
-
- @Test
- public void testUser() {
- String user = nullTrans.user();
- Assert.assertNull(user);
- }
-
- @Test
- public void testGetUserPrincipal() {
- Principal principal = nullTrans.getUserPrincipal();
- Assert.assertNull(principal);
- }
-
- @Test
- public void testIp() {
- String ip = nullTrans.ip();
- Assert.assertNull(ip);
- }
-
- @Test
- public void testMeth() {
- String meth = nullTrans.meth();
- Assert.assertNull(meth);
- }
-
- @Test
- public void testPort() {
- int port = nullTrans.port();
- Assert.assertEquals(port,0);
- }
-
- @Test
- public void testPath() {
- String path = nullTrans.path();
- Assert.assertNull(path);
- }
-
- @Test
- public void testPut() {
- nullTrans.put(null, nullTrans);
- }
-
- @Test
- public void testSetUser() {
- Principal principal = mock(Principal.class);
- //nullTrans.setUser(principal);
- }
-
- @Test
- public void testSlot() {
- Slot slot = nullTrans.slot(null);
- Assert.assertNull(slot);
- }
-
- @Test
- public void testEnv() {
- AuthzEnv env = nullTrans.env();
- Assert.assertNull(env);
- }
-
- @Test
- public void testAgent() {
- String agent = nullTrans.agent();
- Assert.assertNull(agent);
- }
-
- @Test
- public void testSetLur() {
- nullTrans.setLur(null);
- }
-
- @Test
- public void testFish() {
- Permission perm = mock(Permission.class);
- Boolean fish = nullTrans.fish(perm);
- Assert.assertFalse(fish);
- }
-
- @Test
- public void testOrg() {
- Organization org = nullTrans.org();
- Assert.assertEquals(Organization.NULL, org);
- }
-
- @Test
- public void testLogAuditTrail() {
- LogTarget lt = mock(LogTarget.class);
- nullTrans.logAuditTrail(lt);
- }
-
- @Test
- public void testRequested() {
- Boolean reqd = nullTrans.requested(null);
- Assert.assertFalse(reqd);
- nullTrans.requested(null, true);
- }
-
- @Test
- public void testNow() {
- Date date = new Date();
- Assert.assertEquals(date,nullTrans.now());
- //when(nullTrans.now()).thenReturn(null);
- }
-
-
-
+ @Test
+ public void testTrace() {
+ LogTarget log = nullTrans.trace();
+ Assert.assertEquals(LogTarget.NULL, log);
+ }
+
+ @Test
+ public void testStart() {
+ TimeTaken test = nullTrans.start("test", 1);
+ StringBuilder sb = new StringBuilder();
+ test.output(sb);
+ StringBuilder sb1 = new StringBuilder();
+ sb1.append(test);
+ String s = sb.toString();
+ String s1 = sb1.toString();
+ s1 = s1.trim();
+ Assert.assertEquals(s,s1);
+ }
+
+ @Test
+ public void testSetProperty() {
+ String tag = "tag";
+ String value = "value";
+ nullTrans.setProperty(tag, value);
+ String expected = nullTrans.getProperty(tag, value);
+ Assert.assertEquals(expected, value);
+ String expectedTag = nullTrans.getProperty(tag);
+ Assert.assertEquals(expectedTag, tag);
+ }
+
+ @Test
+ public void testDecryptor() {
+ Decryptor decry = nullTrans.decryptor();
+ Assert.assertNull(decry);
+ }
+
+ @Test
+ public void testEncryptor() {
+ Encryptor encry = nullTrans.encryptor();
+ Assert.assertNull(encry);
+ }
+
+ @Test
+ public void testSet() {
+ HttpServletRequest req = mock(HttpServletRequest.class);
+ AuthzTrans set = nullTrans.set(req);
+ Assert.assertNull(set);
+ }
+
+ @Test
+ public void testUser() {
+ String user = nullTrans.user();
+ Assert.assertNull(user);
+ }
+
+ @Test
+ public void testGetUserPrincipal() {
+ Principal principal = nullTrans.getUserPrincipal();
+ Assert.assertNull(principal);
+ }
+
+ @Test
+ public void testIp() {
+ String ip = nullTrans.ip();
+ Assert.assertNull(ip);
+ }
+
+ @Test
+ public void testMeth() {
+ String meth = nullTrans.meth();
+ Assert.assertNull(meth);
+ }
+
+ @Test
+ public void testPort() {
+ int port = nullTrans.port();
+ Assert.assertEquals(port,0);
+ }
+
+ @Test
+ public void testPath() {
+ String path = nullTrans.path();
+ Assert.assertNull(path);
+ }
+
+ @Test
+ public void testPut() {
+ nullTrans.put(null, nullTrans);
+ }
+
+ @Test
+ public void testSetUser() {
+ Principal principal = mock(Principal.class);
+ //nullTrans.setUser(principal);
+ }
+
+ @Test
+ public void testSlot() {
+ Slot slot = nullTrans.slot(null);
+ Assert.assertNull(slot);
+ }
+
+ @Test
+ public void testEnv() {
+ AuthzEnv env = nullTrans.env();
+ Assert.assertNull(env);
+ }
+
+ @Test
+ public void testAgent() {
+ String agent = nullTrans.agent();
+ Assert.assertNull(agent);
+ }
+
+ @Test
+ public void testSetLur() {
+ nullTrans.setLur(null);
+ }
+
+ @Test
+ public void testFish() {
+ Permission perm = mock(Permission.class);
+ Boolean fish = nullTrans.fish(perm);
+ Assert.assertFalse(fish);
+ }
+
+ @Test
+ public void testOrg() {
+ Organization org = nullTrans.org();
+ Assert.assertEquals(Organization.NULL, org);
+ }
+
+ @Test
+ public void testLogAuditTrail() {
+ LogTarget lt = mock(LogTarget.class);
+ nullTrans.logAuditTrail(lt);
+ }
+
+ @Test
+ public void testRequested() {
+ Boolean reqd = nullTrans.requested(null);
+ Assert.assertFalse(reqd);
+ nullTrans.requested(null, true);
+ }
+
+ @Test
+ public void testNow() {
+ Date date = new Date();
+ Assert.assertEquals(date,nullTrans.now());
+ //when(nullTrans.now()).thenReturn(null);
+ }
+
+
+
}
diff --git a/auth/auth-core/src/test/java/org/onap/aaf/auth/layer/test/JU_Result.java b/auth/auth-core/src/test/java/org/onap/aaf/auth/layer/test/JU_Result.java
index a172ad26..59483f46 100644
--- a/auth/auth-core/src/test/java/org/onap/aaf/auth/layer/test/JU_Result.java
+++ b/auth/auth-core/src/test/java/org/onap/aaf/auth/layer/test/JU_Result.java
@@ -42,150 +42,150 @@ import org.onap.aaf.auth.layer.Result;
import junit.framework.Assert;
public class JU_Result {
- Result result;
-// @Mock
-// RV value;
- int status=0;
- String details = "details";
- String[] variables;
-
- @SuppressWarnings({ "unchecked", "rawtypes" })
- @Before
- public void setUp(){
- //result = mock(Result.class);
-
- }
-
- @Test
- public void testOk() {
- Object value = null;
- Collection col = new ArrayList();
- List list = mock(List.class);
- Set set = mock(Set.class);
- Integer[] R = new Integer[1];
-
- Assert.assertNotNull(Result.ok());
- Assert.assertNotNull(Result.ok(value));
- Assert.assertNotNull(Result.ok(col));
- Assert.assertNotNull(Result.ok(list));
- Assert.assertNotNull(Result.ok(set));
- Assert.assertNotNull(Result.ok(R));
-
- Collection<String> col1 = new ArrayList();
- List<String> list1 = new ArrayList();
- Set<String> set1 = new HashSet<>();
- Integer[] R1 = new Integer[0];
- set1.add("derp");
- list1.add("test");
- col1.add("TEST");
-
- Assert.assertNotNull(Result.ok(col1));
- Assert.assertNotNull(Result.ok(list1));
- Assert.assertNotNull(Result.ok(set1));
- Assert.assertNotNull(Result.ok(R1));
- }
-
- @Test
- public void testErr() {
- Result result = Result.create(null, 0, null, null);
- Result r = result;
- Exception e = mock(Exception.class);
-
- Assert.assertNotNull(result.err(r)); //Result case
- Assert.assertNotNull(result.err(e)); //Exception case
- Assert.assertNotNull(result.err(0, "test", "test")); //Multiple case
-
- }
-
- @Test
- public void testCreate() {
- Result result = Result.create(null, 0, null, null);
- Assert.assertNotNull(Result.create(null, 0, null, null));
- Assert.assertNotNull(Result.create(null, 0, null, "arg"));
- Assert.assertNotNull(result.create(0, result));
- }
-
- @Test
- public void testOks() {
- Result result = Result.create(null, 0, null, null);
-
- Assert.assertNotNull(result.isOK());
- Assert.assertNotNull(result.notOK());
- Assert.assertNotNull(result.isOKhasData());
- Assert.assertNotNull(result.notOKorIsEmpty());
-
- Result result1 = Result.create(null, 5, "test", "test");
- Assert.assertNotNull(result1.emptyList(true));
- Assert.assertNotNull(result1.isOK());
- Assert.assertNotNull(result1.notOK());
- Assert.assertNotNull(result1.isOKhasData());
- Assert.assertNotNull(result1.notOKorIsEmpty());
-
- Result result2 = Result.create(null, 0, "test", "test");
- Assert.assertNotNull(result2.emptyList(false));
- Assert.assertNotNull(result2.isOKhasData());
- Assert.assertNotNull(result2.notOKorIsEmpty());
- }
-
- @Test
- public void testEmptyList() {
- Result result = Result.create(null, 0, null, null);
-
- Assert.assertNotNull(result.emptyList(true));
- Assert.assertNotNull(result.emptyList(false));
- Assert.assertFalse(result.isEmpty());
- }
-
- @Test
- public void testPartialContent() {
- Result result = Result.create(null, 0, null, null);
-
- Assert.assertNotNull(result.partialContent(true));
- Assert.assertNotNull(result.partialContent(false));
- Assert.assertFalse(result.partialContent());
-
- Result result1 = Result.create(null, 1, "test", null);
- Assert.assertNotNull(result1.partialContent(true));
- Assert.assertNotNull(result1.partialContent());
- }
-
- @Test
- public void testToString() {
- Result result = Result.create(null, 0, null, null);
-
- Assert.assertNull(result.toString() );
-
- Result result1 = Result.create(null, 5, "test", "test");
-
- Assert.assertNotNull(result1.toString());
-
- int value = 1;
- Result result2 = Result.create(value , 5, "test", "test");
-
- Assert.assertNotNull(result2.toString());
- }
-
- @Test
- public void testErrorString() {
- Result result = Result.create(null, 0, "test", "test");
- Assert.assertEquals("Error - test", result.errorString());
- Result result1 = Result.create(null, 1, "test", "test");
- Assert.assertEquals("Security - test",result1.errorString());
- Result result2 = Result.create(null, 2, "test", "test");
- Assert.assertEquals("Denied - test",result2.errorString());
- Result result3 = Result.create(null, 3, "test", "test");
- Assert.assertEquals("Policy - test",result3.errorString());
- Result result4 = Result.create(null, 4, "test", "test");
- Assert.assertEquals("BadData - test",result4.errorString());
- Result result5 = Result.create(null, 5, "test", "test");
- Assert.assertEquals("NotImplemented - test",result5.errorString());
- Result result6 = Result.create(null, 6, "test", "test");
- Assert.assertEquals("NotFound - test",result6.errorString());
- Result result7 = Result.create(null, 7, "test", "test");
- Assert.assertEquals("AlreadyExists - test",result7.errorString());
- Result result8 = Result.create(null, 8, "test", "test");
- Assert.assertEquals("ActionNotComplete - test",result8.errorString());
- }
+ Result result;
+// @Mock
+// RV value;
+ int status=0;
+ String details = "details";
+ String[] variables;
+
+ @SuppressWarnings({ "unchecked", "rawtypes" })
+ @Before
+ public void setUp(){
+ //result = mock(Result.class);
+
+ }
+
+ @Test
+ public void testOk() {
+ Object value = null;
+ Collection col = new ArrayList();
+ List list = mock(List.class);
+ Set set = mock(Set.class);
+ Integer[] R = new Integer[1];
+
+ Assert.assertNotNull(Result.ok());
+ Assert.assertNotNull(Result.ok(value));
+ Assert.assertNotNull(Result.ok(col));
+ Assert.assertNotNull(Result.ok(list));
+ Assert.assertNotNull(Result.ok(set));
+ Assert.assertNotNull(Result.ok(R));
+
+ Collection<String> col1 = new ArrayList();
+ List<String> list1 = new ArrayList();
+ Set<String> set1 = new HashSet<>();
+ Integer[] R1 = new Integer[0];
+ set1.add("derp");
+ list1.add("test");
+ col1.add("TEST");
+
+ Assert.assertNotNull(Result.ok(col1));
+ Assert.assertNotNull(Result.ok(list1));
+ Assert.assertNotNull(Result.ok(set1));
+ Assert.assertNotNull(Result.ok(R1));
+ }
+
+ @Test
+ public void testErr() {
+ Result result = Result.create(null, 0, null, null);
+ Result r = result;
+ Exception e = mock(Exception.class);
+
+ Assert.assertNotNull(result.err(r)); //Result case
+ Assert.assertNotNull(result.err(e)); //Exception case
+ Assert.assertNotNull(result.err(0, "test", "test")); //Multiple case
+
+ }
+
+ @Test
+ public void testCreate() {
+ Result result = Result.create(null, 0, null, null);
+ Assert.assertNotNull(Result.create(null, 0, null, null));
+ Assert.assertNotNull(Result.create(null, 0, null, "arg"));
+ Assert.assertNotNull(result.create(0, result));
+ }
+
+ @Test
+ public void testOks() {
+ Result result = Result.create(null, 0, null, null);
+
+ Assert.assertNotNull(result.isOK());
+ Assert.assertNotNull(result.notOK());
+ Assert.assertNotNull(result.isOKhasData());
+ Assert.assertNotNull(result.notOKorIsEmpty());
+
+ Result result1 = Result.create(null, 5, "test", "test");
+ Assert.assertNotNull(result1.emptyList(true));
+ Assert.assertNotNull(result1.isOK());
+ Assert.assertNotNull(result1.notOK());
+ Assert.assertNotNull(result1.isOKhasData());
+ Assert.assertNotNull(result1.notOKorIsEmpty());
+
+ Result result2 = Result.create(null, 0, "test", "test");
+ Assert.assertNotNull(result2.emptyList(false));
+ Assert.assertNotNull(result2.isOKhasData());
+ Assert.assertNotNull(result2.notOKorIsEmpty());
+ }
+
+ @Test
+ public void testEmptyList() {
+ Result result = Result.create(null, 0, null, null);
+
+ Assert.assertNotNull(result.emptyList(true));
+ Assert.assertNotNull(result.emptyList(false));
+ Assert.assertFalse(result.isEmpty());
+ }
+
+ @Test
+ public void testPartialContent() {
+ Result result = Result.create(null, 0, null, null);
+
+ Assert.assertNotNull(result.partialContent(true));
+ Assert.assertNotNull(result.partialContent(false));
+ Assert.assertFalse(result.partialContent());
+
+ Result result1 = Result.create(null, 1, "test", null);
+ Assert.assertNotNull(result1.partialContent(true));
+ Assert.assertNotNull(result1.partialContent());
+ }
+
+ @Test
+ public void testToString() {
+ Result result = Result.create(null, 0, null, null);
+
+ Assert.assertNull(result.toString() );
+
+ Result result1 = Result.create(null, 5, "test", "test");
+
+ Assert.assertNotNull(result1.toString());
+
+ int value = 1;
+ Result result2 = Result.create(value , 5, "test", "test");
+
+ Assert.assertNotNull(result2.toString());
+ }
+
+ @Test
+ public void testErrorString() {
+ Result result = Result.create(null, 0, "test", "test");
+ Assert.assertEquals("Error - test", result.errorString());
+ Result result1 = Result.create(null, 1, "test", "test");
+ Assert.assertEquals("Security - test",result1.errorString());
+ Result result2 = Result.create(null, 2, "test", "test");
+ Assert.assertEquals("Denied - test",result2.errorString());
+ Result result3 = Result.create(null, 3, "test", "test");
+ Assert.assertEquals("Policy - test",result3.errorString());
+ Result result4 = Result.create(null, 4, "test", "test");
+ Assert.assertEquals("BadData - test",result4.errorString());
+ Result result5 = Result.create(null, 5, "test", "test");
+ Assert.assertEquals("NotImplemented - test",result5.errorString());
+ Result result6 = Result.create(null, 6, "test", "test");
+ Assert.assertEquals("NotFound - test",result6.errorString());
+ Result result7 = Result.create(null, 7, "test", "test");
+ Assert.assertEquals("AlreadyExists - test",result7.errorString());
+ Result result8 = Result.create(null, 8, "test", "test");
+ Assert.assertEquals("ActionNotComplete - test",result8.errorString());
+ }
}
diff --git a/auth/auth-core/src/test/java/org/onap/aaf/auth/local/test/JU_AbsData.java b/auth/auth-core/src/test/java/org/onap/aaf/auth/local/test/JU_AbsData.java
index dc768862..3280482c 100644
--- a/auth/auth-core/src/test/java/org/onap/aaf/auth/local/test/JU_AbsData.java
+++ b/auth/auth-core/src/test/java/org/onap/aaf/auth/local/test/JU_AbsData.java
@@ -49,68 +49,68 @@ import java.lang.reflect.Method;
import java.security.Principal;
public class JU_AbsData {
- char character = 'x';
- String filePath = "test/output_.key";
- File keyfile = new File(filePath);
- AuthzTrans trans = mock(AuthzTrans.class);
-
- private class AbsDataStub extends AbsData {
+ char character = 'x';
+ String filePath = "test/output_.key";
+ File keyfile = new File(filePath);
+ AuthzTrans trans = mock(AuthzTrans.class);
+
+ private class AbsDataStub extends AbsData {
-
- public AbsDataStub(File dataf, char sepChar, int maxLineSize, int fieldOffset) {
- super(dataf, sepChar, maxLineSize, fieldOffset);
- // TODO Auto-generated constructor stub
-
- }
-
- }
+
+ public AbsDataStub(File dataf, char sepChar, int maxLineSize, int fieldOffset) {
+ super(dataf, sepChar, maxLineSize, fieldOffset);
+ // TODO Auto-generated constructor stub
+
+ }
+
+ }
- @Test
- public void testStub() throws IOException {
- char character = 'x';
- String filePath = "test/output_.key";
- File keyfile = new File(filePath);
- FileOutputStream is = new FileOutputStream(keyfile);
+ @Test
+ public void testStub() throws IOException {
+ char character = 'x';
+ String filePath = "test/output_.key";
+ File keyfile = new File(filePath);
+ FileOutputStream is = new FileOutputStream(keyfile);
OutputStreamWriter osw = new OutputStreamWriter(is);
BufferedWriter w = new BufferedWriter(osw);
- for(int i = 0; i< 10; i++) { //Write lines to file
- w.write("a\nsdfasdfxasdf" + i + "\n");
+ for(int i = 0; i< 10; i++) { //Write lines to file
+ w.write("a\nsdfasdfxasdf" + i + "\n");
}
w.close();
- AbsDataStub ads = new AbsDataStub(keyfile, character, 0, 0);
- ads.skipLines(0);
- ads.name();
-
- long lng = 1823286886660L;
- //ads.open(trans, lng);
- keyfile.delete();
- }
-
- @Test
- public void testClose() throws IOException {
- AbsDataStub ads = new AbsDataStub(keyfile, character, 0, 0);
- ads.close(trans);
- }
-
- @Test
- public void testReuse() throws NoSuchMethodException, SecurityException, IllegalAccessException, IllegalArgumentException, InvocationTargetException {
- char character = 'x';
- AbsDataStub ads = new AbsDataStub(keyfile, character, 0, 0);
- Reuse reuse = ads.reuse();
- reuse.reset();
- Assert.assertEquals("", reuse.at(1));
- Assert.assertNull(reuse.next());
- //reuse.atToEnd(0);
- //reuse.pos(10);
- keyfile.delete();
- }
-
- @Test
- public void testIter() throws IOException {
- AbsDataStub ads = new AbsDataStub(keyfile, character, 0, 0);
- TextIndex textIndex = new TextIndex(keyfile);
- //Iter iter = ads.iterator(); //Need actual input to run textIndex.create to have a datafile to read
+ AbsDataStub ads = new AbsDataStub(keyfile, character, 0, 0);
+ ads.skipLines(0);
+ ads.name();
+
+ long lng = 1823286886660L;
+ //ads.open(trans, lng);
+ keyfile.delete();
+ }
+
+ @Test
+ public void testClose() throws IOException {
+ AbsDataStub ads = new AbsDataStub(keyfile, character, 0, 0);
+ ads.close(trans);
+ }
+
+ @Test
+ public void testReuse() throws NoSuchMethodException, SecurityException, IllegalAccessException, IllegalArgumentException, InvocationTargetException {
+ char character = 'x';
+ AbsDataStub ads = new AbsDataStub(keyfile, character, 0, 0);
+ Reuse reuse = ads.reuse();
+ reuse.reset();
+ Assert.assertEquals("", reuse.at(1));
+ Assert.assertNull(reuse.next());
+ //reuse.atToEnd(0);
+ //reuse.pos(10);
+ keyfile.delete();
+ }
+
+ @Test
+ public void testIter() throws IOException {
+ AbsDataStub ads = new AbsDataStub(keyfile, character, 0, 0);
+ TextIndex textIndex = new TextIndex(keyfile);
+ //Iter iter = ads.iterator(); //Need actual input to run textIndex.create to have a datafile to read
- }
+ }
}
diff --git a/auth/auth-core/src/test/java/org/onap/aaf/auth/local/test/JU_DataFile.java b/auth/auth-core/src/test/java/org/onap/aaf/auth/local/test/JU_DataFile.java
index 559b275f..238d36d3 100644
--- a/auth/auth-core/src/test/java/org/onap/aaf/auth/local/test/JU_DataFile.java
+++ b/auth/auth-core/src/test/java/org/onap/aaf/auth/local/test/JU_DataFile.java
@@ -32,39 +32,39 @@ import org.onap.aaf.auth.local.DataFile.Token.Field;
public class JU_DataFile {
- @AfterClass
- public static void tearDownAfterClass() throws Exception {
- }
+ @AfterClass
+ public static void tearDownAfterClass() throws Exception {
+ }
-// @Test
-// public void netYetTested() {
-// fail("Tests not yet implemented");
-// }
-
-// @Test
-// public void test() throws Exception {
-// File file = new File("../authz-batch/data/v1.dat");
-// DataFile df = new DataFile(file,"r");
-// int count = 0;
-// List<String> list = new ArrayList<>();
-// try {
-// df.open();
-// Token tok = df.new Token(1024000);
-// Field fld = tok.new Field('|');
-//
-// while(tok.nextLine()) {
-// ++count;
-// fld.reset();
-// list.add(fld.at(0));
-// }
-//// Collections.sort(list);
-// for(String s: list) {
-// System.out.println(s);
+// @Test
+// public void netYetTested() {
+// fail("Tests not yet implemented");
+// }
+
+// @Test
+// public void test() throws Exception {
+// File file = new File("../authz-batch/data/v1.dat");
+// DataFile df = new DataFile(file,"r");
+// int count = 0;
+// List<String> list = new ArrayList<>();
+// try {
+// df.open();
+// Token tok = df.new Token(1024000);
+// Field fld = tok.new Field('|');
+//
+// while(tok.nextLine()) {
+// ++count;
+// fld.reset();
+// list.add(fld.at(0));
+// }
+//// Collections.sort(list);
+// for(String s: list) {
+// System.out.println(s);
//
-// }
-// } finally {
-// System.out.printf("%15s:%12d\n","Total",count);
-// }
-// }
+// }
+// } finally {
+// System.out.printf("%15s:%12d\n","Total",count);
+// }
+// }
}
diff --git a/auth/auth-core/src/test/java/org/onap/aaf/auth/local/test/JU_TextIndex.java b/auth/auth-core/src/test/java/org/onap/aaf/auth/local/test/JU_TextIndex.java
index 1252a69d..df2d5464 100644
--- a/auth/auth-core/src/test/java/org/onap/aaf/auth/local/test/JU_TextIndex.java
+++ b/auth/auth-core/src/test/java/org/onap/aaf/auth/local/test/JU_TextIndex.java
@@ -56,88 +56,88 @@ import org.onap.aaf.misc.env.Trans;
@RunWith(MockitoJUnitRunner.class)
public class JU_TextIndex {
- TextIndex textIndex;
- Iter iter;
- Trans trans;
- DataFile datafile;
- @Mock
- File file;
-
- private class AbsDataStub extends AbsData {
+ TextIndex textIndex;
+ Iter iter;
+ Trans trans;
+ DataFile datafile;
+ @Mock
+ File file;
+
+ private class AbsDataStub extends AbsData {
-
- public AbsDataStub(File dataf, char sepChar, int maxLineSize, int fieldOffset) {
- super(dataf, sepChar, maxLineSize, fieldOffset);
- // TODO Auto-generated constructor stub
-
- }
-
- }
-
- @Before
- public void setUp() throws IOException{
- char character = 'x';
- String filePath = "test/output_key";
- File keyfile = new File(filePath);
- FileOutputStream is = new FileOutputStream(keyfile);
+
+ public AbsDataStub(File dataf, char sepChar, int maxLineSize, int fieldOffset) {
+ super(dataf, sepChar, maxLineSize, fieldOffset);
+ // TODO Auto-generated constructor stub
+
+ }
+
+ }
+
+ @Before
+ public void setUp() throws IOException{
+ char character = 'x';
+ String filePath = "test/output_key";
+ File keyfile = new File(filePath);
+ FileOutputStream is = new FileOutputStream(keyfile);
OutputStreamWriter osw = new OutputStreamWriter(is);
BufferedWriter w = new BufferedWriter(osw);
- for(int i = 0; i< 10; i++) { //Write lines to file
- w.write("a\nsdfasdfxasdf" + i + "\n");
+ for(int i = 0; i< 10; i++) { //Write lines to file
+ w.write("a\nsdfasdfxasdf" + i + "\n");
}
w.close();
- datafile = new DataFile(keyfile, "r");
- datafile.open();
- datafile = new DataFile(keyfile, "rws");// "S" for synchronized
- datafile.open();
-
- trans = mock(Trans.class);
- TimeTaken ttMock = mock(TimeTaken.class);
- TimeTaken ttMock1 = mock(TimeTaken.class);
- when(trans.start("Open Files", Env.SUB)).thenReturn(ttMock);
- when(trans.start("Read", Env.SUB)).thenReturn(ttMock);
- textIndex = new TextIndex(keyfile);
- textIndex.close();
- textIndex.open();
- //textIndex.create(trans, datafile, 4, character, 2, 0); //TODO: AAF-111 once actual input is aquired
- keyfile.delete();
-
- iter = textIndex.new Iter();
- }
-
- @Test
- public void testClose() throws IOException {
- textIndex.close();
- }
-
- @Test
- public void testFind() throws IOException {
- char character = 'x';
- String filePath = "test/output_.key";
- File keyfile = new File(filePath);
- AbsDataStub ads = new AbsDataStub(keyfile, character, 0, 0);
- Reuse reuse = ads.reuse();
- textIndex.find("a", reuse , 0);
- }
-
- @Test
- public void testIterNext() {
- iter.next();
- iter.hasNext();
- }
-
- @Test
- public void testIdx() throws ClassNotFoundException, InstantiationException, IllegalAccessException, IllegalArgumentException, InvocationTargetException {
- TextIndex outerObject = new TextIndex(file);
+ datafile = new DataFile(keyfile, "r");
+ datafile.open();
+ datafile = new DataFile(keyfile, "rws");// "S" for synchronized
+ datafile.open();
+
+ trans = mock(Trans.class);
+ TimeTaken ttMock = mock(TimeTaken.class);
+ TimeTaken ttMock1 = mock(TimeTaken.class);
+ when(trans.start("Open Files", Env.SUB)).thenReturn(ttMock);
+ when(trans.start("Read", Env.SUB)).thenReturn(ttMock);
+ textIndex = new TextIndex(keyfile);
+ textIndex.close();
+ textIndex.open();
+ //textIndex.create(trans, datafile, 4, character, 2, 0); //TODO: AAF-111 once actual input is aquired
+ keyfile.delete();
+
+ iter = textIndex.new Iter();
+ }
+
+ @Test
+ public void testClose() throws IOException {
+ textIndex.close();
+ }
+
+ @Test
+ public void testFind() throws IOException {
+ char character = 'x';
+ String filePath = "test/output_.key";
+ File keyfile = new File(filePath);
+ AbsDataStub ads = new AbsDataStub(keyfile, character, 0, 0);
+ Reuse reuse = ads.reuse();
+ textIndex.find("a", reuse , 0);
+ }
+
+ @Test
+ public void testIterNext() {
+ iter.next();
+ iter.hasNext();
+ }
+
+ @Test
+ public void testIdx() throws ClassNotFoundException, InstantiationException, IllegalAccessException, IllegalArgumentException, InvocationTargetException {
+ TextIndex outerObject = new TextIndex(file);
Class<?> idxClass = TextIndex.class.getDeclaredClasses()[0];
Constructor<?> idxConstructor = idxClass.getDeclaredConstructors()[0];
Class[] cArg = new Class[2];
- cArg[0] = Object.class;
- cArg[1] = Integer.class;
+ cArg[0] = Object.class;
+ cArg[1] = Integer.class;
idxConstructor.setAccessible(true);
//Object innerObject = idxConstructor.newInstance(outerObject,cArg);
- //idxConstructor.hashCode(); //TODO: AAF-111 access inner private class
- }
+ //idxConstructor.hashCode(); //TODO: AAF-111 access inner private class
+ }
}
diff --git a/auth/auth-core/src/test/java/org/onap/aaf/auth/org/test/JU_Organization.java b/auth/auth-core/src/test/java/org/onap/aaf/auth/org/test/JU_Organization.java
index b898e885..ee95d7c4 100644
--- a/auth/auth-core/src/test/java/org/onap/aaf/auth/org/test/JU_Organization.java
+++ b/auth/auth-core/src/test/java/org/onap/aaf/auth/org/test/JU_Organization.java
@@ -43,46 +43,46 @@ import junit.framework.Assert;
public class JU_Organization {
- AuthzTrans trans;
- GregorianCalendar gc;
- @Before
- public void setUp() {
- gc = new GregorianCalendar(1900, 1, 1);
- trans = mock(AuthzTrans.class);
- }
-
- @Test
- public void test() throws OrganizationException {
- //tests for Org null
- Assert.assertEquals("n/a",Organization.NULL.getName());
- Assert.assertEquals("n/a",Organization.NULL.getDomain());
- Assert.assertEquals("n/a",Organization.NULL.getRealm());
- Assert.assertTrue(Organization.NULL.getIdentity(trans, "test") instanceof Identity);
- Assert.assertEquals("n/a",Organization.NULL.isValidID(trans, null));
- Assert.assertEquals("n/a",Organization.NULL.isValidPassword(trans, null, null, null));
- Assert.assertTrue(Organization.NULL.getIdentityTypes() instanceof HashSet);
- Assert.assertTrue(Organization.NULL.notify(trans, Notify.PasswordExpiration, null, null, null, null, null) instanceof Response);
- Assert.assertEquals(0,Organization.NULL.sendEmail(trans, null, null, null, null, null));
- Assert.assertEquals(gc.getTime(),Organization.NULL.whenToValidate(null, null));
- Assert.assertEquals(gc,Organization.NULL.expiration(gc, Expiration.Password));
- Assert.assertTrue(Organization.NULL.getApprovers(trans, null) instanceof ArrayList);
- Assert.assertEquals("",Organization.NULL.getApproverType());
- Assert.assertEquals(0,Organization.NULL.startOfDay());
- Assert.assertFalse(Organization.NULL.canHaveMultipleCreds(null));
- Assert.assertFalse(Organization.NULL.isValidCred(trans, null));
- Assert.assertEquals("Null Organization rejects all Policies",Organization.NULL.validate(trans, Policy.CHANGE_JOB, null, null));
- Assert.assertFalse(Organization.NULL.isTestEnv());
- Organization.NULL.setTestMode(true);
-
- //tests for org emailWarnings
- Assert.assertTrue(Organization.NULL.emailWarningPolicy() instanceof EmailWarnings);
- Assert.assertEquals(604800000L, Organization.NULL.emailWarningPolicy().credEmailInterval());
- Assert.assertEquals(604800000L, Organization.NULL.emailWarningPolicy().roleEmailInterval());
- Assert.assertEquals(259200000L, Organization.NULL.emailWarningPolicy().apprEmailInterval());
- Assert.assertEquals(2592000000L, Organization.NULL.emailWarningPolicy().credExpirationWarning());
- Assert.assertEquals(2592000000L, Organization.NULL.emailWarningPolicy().roleExpirationWarning());
- Assert.assertEquals(1209600000L, Organization.NULL.emailWarningPolicy().emailUrgentWarning());
- Assert.assertTrue(Organization.NULL.getPasswordRules() instanceof String[]);
+ AuthzTrans trans;
+ GregorianCalendar gc;
+ @Before
+ public void setUp() {
+ gc = new GregorianCalendar(1900, 1, 1);
+ trans = mock(AuthzTrans.class);
+ }
+
+ @Test
+ public void test() throws OrganizationException {
+ //tests for Org null
+ Assert.assertEquals("n/a",Organization.NULL.getName());
+ Assert.assertEquals("n/a",Organization.NULL.getDomain());
+ Assert.assertEquals("n/a",Organization.NULL.getRealm());
+ Assert.assertTrue(Organization.NULL.getIdentity(trans, "test") instanceof Identity);
+ Assert.assertEquals("n/a",Organization.NULL.isValidID(trans, null));
+ Assert.assertEquals("n/a",Organization.NULL.isValidPassword(trans, null, null, null));
+ Assert.assertTrue(Organization.NULL.getIdentityTypes() instanceof HashSet);
+ Assert.assertTrue(Organization.NULL.notify(trans, Notify.PasswordExpiration, null, null, null, null, null) instanceof Response);
+ Assert.assertEquals(0,Organization.NULL.sendEmail(trans, null, null, null, null, null));
+ Assert.assertEquals(gc.getTime(),Organization.NULL.whenToValidate(null, null));
+ Assert.assertEquals(gc,Organization.NULL.expiration(gc, Expiration.Password));
+ Assert.assertTrue(Organization.NULL.getApprovers(trans, null) instanceof ArrayList);
+ Assert.assertEquals("",Organization.NULL.getApproverType());
+ Assert.assertEquals(0,Organization.NULL.startOfDay());
+ Assert.assertFalse(Organization.NULL.canHaveMultipleCreds(null));
+ Assert.assertFalse(Organization.NULL.isValidCred(trans, null));
+ Assert.assertEquals("Null Organization rejects all Policies",Organization.NULL.validate(trans, Policy.CHANGE_JOB, null, null));
+ Assert.assertFalse(Organization.NULL.isTestEnv());
+ Organization.NULL.setTestMode(true);
+
+ //tests for org emailWarnings
+ Assert.assertTrue(Organization.NULL.emailWarningPolicy() instanceof EmailWarnings);
+ Assert.assertEquals(604800000L, Organization.NULL.emailWarningPolicy().credEmailInterval());
+ Assert.assertEquals(604800000L, Organization.NULL.emailWarningPolicy().roleEmailInterval());
+ Assert.assertEquals(259200000L, Organization.NULL.emailWarningPolicy().apprEmailInterval());
+ Assert.assertEquals(2592000000L, Organization.NULL.emailWarningPolicy().credExpirationWarning());
+ Assert.assertEquals(2592000000L, Organization.NULL.emailWarningPolicy().roleExpirationWarning());
+ Assert.assertEquals(1209600000L, Organization.NULL.emailWarningPolicy().emailUrgentWarning());
+ Assert.assertTrue(Organization.NULL.getPasswordRules() instanceof String[]);
- }
+ }
}
diff --git a/auth/auth-core/src/test/java/org/onap/aaf/auth/org/test/JU_OrganizationException.java b/auth/auth-core/src/test/java/org/onap/aaf/auth/org/test/JU_OrganizationException.java
index 79e8a4a1..eaabfd82 100644
--- a/auth/auth-core/src/test/java/org/onap/aaf/auth/org/test/JU_OrganizationException.java
+++ b/auth/auth-core/src/test/java/org/onap/aaf/auth/org/test/JU_OrganizationException.java
@@ -32,20 +32,20 @@ import org.powermock.modules.junit4.PowerMockRunner;
@RunWith(PowerMockRunner.class)
public class JU_OrganizationException {
- OrganizationException organizationException;
- OrganizationException organizationException1;
- OrganizationException organizationException2;
- OrganizationException organizationException3;
- OrganizationException organizationException4;
+ OrganizationException organizationException;
+ OrganizationException organizationException1;
+ OrganizationException organizationException2;
+ OrganizationException organizationException3;
+ OrganizationException organizationException4;
- @Test
- public void testOrganizationException() {
- Throwable thr = new Throwable();
- organizationException = new OrganizationException();
- organizationException1 = new OrganizationException("test");
- organizationException2 = new OrganizationException(thr);
- organizationException3 = new OrganizationException("test", thr);
- organizationException4 = new OrganizationException("test", thr, true, true);
- }
+ @Test
+ public void testOrganizationException() {
+ Throwable thr = new Throwable();
+ organizationException = new OrganizationException();
+ organizationException1 = new OrganizationException("test");
+ organizationException2 = new OrganizationException(thr);
+ organizationException3 = new OrganizationException("test", thr);
+ organizationException4 = new OrganizationException("test", thr, true, true);
+ }
}
diff --git a/auth/auth-core/src/test/java/org/onap/aaf/auth/org/test/JU_OrganizationFactory.java b/auth/auth-core/src/test/java/org/onap/aaf/auth/org/test/JU_OrganizationFactory.java
index 902e94c0..87f65e92 100644
--- a/auth/auth-core/src/test/java/org/onap/aaf/auth/org/test/JU_OrganizationFactory.java
+++ b/auth/auth-core/src/test/java/org/onap/aaf/auth/org/test/JU_OrganizationFactory.java
@@ -37,35 +37,35 @@ import org.powermock.modules.junit4.PowerMockRunner;
@RunWith(PowerMockRunner.class)
public class JU_OrganizationFactory {
- private static final String ORG_SLOT = null;
- OrganizationFactory organizationFactory;
- BasicEnv bEnv;
- @Mock
- AuthzEnv authzEnvMock;
- String orgClass="orgclass";
- String orgNS="orgns";
- @Before
- public void setUp(){
- organizationFactory = new OrganizationFactory();
- bEnv = new BasicEnv();
- }
+ private static final String ORG_SLOT = null;
+ OrganizationFactory organizationFactory;
+ BasicEnv bEnv;
+ @Mock
+ AuthzEnv authzEnvMock;
+ String orgClass="orgclass";
+ String orgNS="orgns";
+ @Before
+ public void setUp(){
+ organizationFactory = new OrganizationFactory();
+ bEnv = new BasicEnv();
+ }
- @SuppressWarnings("static-access")
- @Test
- public void testInit() throws OrganizationException {
- organizationFactory.init(bEnv);
- }
+ @SuppressWarnings("static-access")
+ @Test
+ public void testInit() throws OrganizationException {
+ organizationFactory.init(bEnv);
+ }
- @SuppressWarnings("static-access") //TODO:Fix this once real input is available AAF-111
- @Test
- public void testObtain() throws OrganizationException{
- PowerMockito.when(authzEnvMock.getProperty("Organization."+orgNS)).thenReturn("notnull");
- //organizationFactory.obtain(authzEnvMock, orgNS);
- }
+ @SuppressWarnings("static-access") //TODO:Fix this once real input is available AAF-111
+ @Test
+ public void testObtain() throws OrganizationException{
+ PowerMockito.when(authzEnvMock.getProperty("Organization."+orgNS)).thenReturn("notnull");
+ //organizationFactory.obtain(authzEnvMock, orgNS);
+ }
- @Test
- public void testGet() throws OrganizationException { //TODO: Fix with when then return on fail
- AuthzTrans trans = mock(AuthzTrans.class);
- //organizationFactory.get(trans);
- }
+ @Test
+ public void testGet() throws OrganizationException { //TODO: Fix with when then return on fail
+ AuthzTrans trans = mock(AuthzTrans.class);
+ //organizationFactory.get(trans);
+ }
}
diff --git a/auth/auth-core/src/test/java/org/onap/aaf/auth/request/test/CredCompare.java b/auth/auth-core/src/test/java/org/onap/aaf/auth/request/test/CredCompare.java
index cac26a88..87a86d7c 100644
--- a/auth/auth-core/src/test/java/org/onap/aaf/auth/request/test/CredCompare.java
+++ b/auth/auth-core/src/test/java/org/onap/aaf/auth/request/test/CredCompare.java
@@ -30,35 +30,35 @@ import org.onap.aaf.misc.env.util.Chrono;
import aaf.v2_0.CredRequest;
public class CredCompare extends RosettaCompare<CredRequest> {
- public CredCompare() {
- super(CredRequest.class);
- }
-
- public static CredRequest create() {
- CredRequest rr = new CredRequest();
- String in = instance();
- rr.setId("m888"+ in + "@ns.att.com");
- rr.setPassword("Bogus0"+in);
- rr.setType(200);
- GregorianCalendar gc = new GregorianCalendar();
- rr.setStart(Chrono.timeStamp(gc));
- gc.add(GregorianCalendar.MONTH, 1);
- rr.setEnd(Chrono.timeStamp(gc));
- return rr;
- }
-
- @Override
- public void compare(CredRequest t1, CredRequest t2) {
- assertEquals(t1.getId(),t2.getId());
- assertEquals(t1.getPassword(),t2.getPassword());
- assertEquals(t1.getType(),t2.getType());
- assertEquals(t1.getStart(),t2.getStart());
- assertEquals(t1.getEnd(),t2.getEnd());
- }
+ public CredCompare() {
+ super(CredRequest.class);
+ }
+
+ public static CredRequest create() {
+ CredRequest rr = new CredRequest();
+ String in = instance();
+ rr.setId("m888"+ in + "@ns.att.com");
+ rr.setPassword("Bogus0"+in);
+ rr.setType(200);
+ GregorianCalendar gc = new GregorianCalendar();
+ rr.setStart(Chrono.timeStamp(gc));
+ gc.add(GregorianCalendar.MONTH, 1);
+ rr.setEnd(Chrono.timeStamp(gc));
+ return rr;
+ }
+
+ @Override
+ public void compare(CredRequest t1, CredRequest t2) {
+ assertEquals(t1.getId(),t2.getId());
+ assertEquals(t1.getPassword(),t2.getPassword());
+ assertEquals(t1.getType(),t2.getType());
+ assertEquals(t1.getStart(),t2.getStart());
+ assertEquals(t1.getEnd(),t2.getEnd());
+ }
- @Override
- public CredRequest newOne() {
- return create();
- }
+ @Override
+ public CredRequest newOne() {
+ return create();
+ }
} \ No newline at end of file
diff --git a/auth/auth-core/src/test/java/org/onap/aaf/auth/request/test/JU_RequestCheck.java b/auth/auth-core/src/test/java/org/onap/aaf/auth/request/test/JU_RequestCheck.java
index 38bd51fc..832f5188 100644
--- a/auth/auth-core/src/test/java/org/onap/aaf/auth/request/test/JU_RequestCheck.java
+++ b/auth/auth-core/src/test/java/org/onap/aaf/auth/request/test/JU_RequestCheck.java
@@ -26,17 +26,17 @@ import org.onap.aaf.misc.env.APIException;
import org.onap.aaf.misc.rosetta.env.RosettaEnv;
public class JU_RequestCheck {
-
- @Test
- public void testNSRequest() throws APIException {
- RosettaEnv env = new RosettaEnv();
- new NSCompare().run(env);
- new NSAttribCompare().run(env);
- new RoleCompare().run(env);
- new PermCompare().run(env);
- new CredCompare().run(env);
- new UserRoleCompare().run(env);
- new RolePermCompare().run(env);
- new MultiCompare().run(env);
- };
+
+ @Test
+ public void testNSRequest() throws APIException {
+ RosettaEnv env = new RosettaEnv();
+ new NSCompare().run(env);
+ new NSAttribCompare().run(env);
+ new RoleCompare().run(env);
+ new PermCompare().run(env);
+ new CredCompare().run(env);
+ new UserRoleCompare().run(env);
+ new RolePermCompare().run(env);
+ new MultiCompare().run(env);
+ };
}
diff --git a/auth/auth-core/src/test/java/org/onap/aaf/auth/request/test/MultiCompare.java b/auth/auth-core/src/test/java/org/onap/aaf/auth/request/test/MultiCompare.java
index 5450bf55..024a5237 100644
--- a/auth/auth-core/src/test/java/org/onap/aaf/auth/request/test/MultiCompare.java
+++ b/auth/auth-core/src/test/java/org/onap/aaf/auth/request/test/MultiCompare.java
@@ -30,40 +30,40 @@ import org.onap.aaf.misc.env.util.Chrono;
import aaf.v2_0.MultiRequest;
public class MultiCompare extends RosettaCompare<MultiRequest> {
- public MultiCompare() {
- super(MultiRequest.class);
- }
-
- @Override
- public MultiRequest newOne() {
- MultiRequest multi = new MultiRequest();
- multi.setNsRequest(NSCompare.create());
- multi.getNsAttribRequest().add(NSAttribCompare.create());
- multi.getNsAttribRequest().add(NSAttribCompare.create());
- multi.getRoleRequest().add(RoleCompare.create());
- multi.getRoleRequest().add(RoleCompare.create());
- multi.getPermRequest().add(PermCompare.create());
- multi.getPermRequest().add(PermCompare.create());
- multi.getCredRequest().add(CredCompare.create());
- multi.getCredRequest().add(CredCompare.create());
- multi.getUserRoleRequest().add(UserRoleCompare.create());
- multi.getUserRoleRequest().add(UserRoleCompare.create());
- multi.getRolePermRequest().add(RolePermCompare.create());
- multi.getRolePermRequest().add(RolePermCompare.create());
-
-
- GregorianCalendar gc = new GregorianCalendar();
- multi.setStart(Chrono.timeStamp(gc));
- gc.add(GregorianCalendar.MONTH, 1);
- multi.setEnd(Chrono.timeStamp(gc));
- return multi;
- }
-
- public void compare(MultiRequest t1, MultiRequest t2) {
- new NSCompare().compare(t1.getNsRequest(), t2.getNsRequest());
- // Will have to find by key for others.
-
- assertEquals(t1.getStart(),t2.getStart());
- assertEquals(t1.getEnd(),t2.getEnd());
- }
+ public MultiCompare() {
+ super(MultiRequest.class);
+ }
+
+ @Override
+ public MultiRequest newOne() {
+ MultiRequest multi = new MultiRequest();
+ multi.setNsRequest(NSCompare.create());
+ multi.getNsAttribRequest().add(NSAttribCompare.create());
+ multi.getNsAttribRequest().add(NSAttribCompare.create());
+ multi.getRoleRequest().add(RoleCompare.create());
+ multi.getRoleRequest().add(RoleCompare.create());
+ multi.getPermRequest().add(PermCompare.create());
+ multi.getPermRequest().add(PermCompare.create());
+ multi.getCredRequest().add(CredCompare.create());
+ multi.getCredRequest().add(CredCompare.create());
+ multi.getUserRoleRequest().add(UserRoleCompare.create());
+ multi.getUserRoleRequest().add(UserRoleCompare.create());
+ multi.getRolePermRequest().add(RolePermCompare.create());
+ multi.getRolePermRequest().add(RolePermCompare.create());
+
+
+ GregorianCalendar gc = new GregorianCalendar();
+ multi.setStart(Chrono.timeStamp(gc));
+ gc.add(GregorianCalendar.MONTH, 1);
+ multi.setEnd(Chrono.timeStamp(gc));
+ return multi;
+ }
+
+ public void compare(MultiRequest t1, MultiRequest t2) {
+ new NSCompare().compare(t1.getNsRequest(), t2.getNsRequest());
+ // Will have to find by key for others.
+
+ assertEquals(t1.getStart(),t2.getStart());
+ assertEquals(t1.getEnd(),t2.getEnd());
+ }
} \ No newline at end of file
diff --git a/auth/auth-core/src/test/java/org/onap/aaf/auth/request/test/NSAttribCompare.java b/auth/auth-core/src/test/java/org/onap/aaf/auth/request/test/NSAttribCompare.java
index 9f6ce21e..acbaa9c8 100644
--- a/auth/auth-core/src/test/java/org/onap/aaf/auth/request/test/NSAttribCompare.java
+++ b/auth/auth-core/src/test/java/org/onap/aaf/auth/request/test/NSAttribCompare.java
@@ -32,62 +32,62 @@ import aaf.v2_0.NsAttribRequest;
import aaf.v2_0.NsAttribRequest.Attrib;
public class NSAttribCompare extends RosettaCompare<NsAttribRequest> {
- public NSAttribCompare() {
- super(NsAttribRequest.class);
- }
-
- public static NsAttribRequest create() {
- NsAttribRequest nar = new NsAttribRequest();
- String in = instance();
-
- nar.setNs("org.osaaf.ns"+in);
- Attrib attrib = new Attrib();
- attrib.setKey("swm");
- attrib.setValue("v"+instance());
- nar.getAttrib().add(attrib);
- attrib = new Attrib();
- attrib.setKey("scamp");
- attrib.setValue("v"+instance());
- nar.getAttrib().add(attrib);
- GregorianCalendar gc = new GregorianCalendar();
- nar.setStart(Chrono.timeStamp(gc));
- gc.add(GregorianCalendar.MONTH, 1);
- nar.setEnd(Chrono.timeStamp(gc));
- return nar;
- }
-
- @Override
- public void compare(NsAttribRequest t1, NsAttribRequest t2) {
- assertEquals(t1.getNs(),t2.getNs());
- for(Attrib a1 : t1.getAttrib()) {
- boolean ok = false;
- for(Attrib a2 : t2.getAttrib()) {
- if(a1.getKey().equals(a2.getKey()) &&
- a1.getValue().equals(a2.getValue())) {
- ok = true;
- break;
- }
- }
- assertTrue("a2 Attribs in a1",ok);
- }
- for(Attrib a2 : t2.getAttrib()) {
- boolean ok = false;
- for(Attrib a1 : t1.getAttrib()) {
- if(a1.getKey().equals(a2.getKey()) &&
- a1.getValue().equals(a2.getValue())) {
- ok = true;
- break;
- }
- }
- assertTrue("a2 Attribs in a1",ok);
- }
- assertEquals(t1.getStart(),t2.getStart());
- assertEquals(t1.getEnd(),t2.getEnd());
- }
+ public NSAttribCompare() {
+ super(NsAttribRequest.class);
+ }
+
+ public static NsAttribRequest create() {
+ NsAttribRequest nar = new NsAttribRequest();
+ String in = instance();
+
+ nar.setNs("org.osaaf.ns"+in);
+ Attrib attrib = new Attrib();
+ attrib.setKey("swm");
+ attrib.setValue("v"+instance());
+ nar.getAttrib().add(attrib);
+ attrib = new Attrib();
+ attrib.setKey("scamp");
+ attrib.setValue("v"+instance());
+ nar.getAttrib().add(attrib);
+ GregorianCalendar gc = new GregorianCalendar();
+ nar.setStart(Chrono.timeStamp(gc));
+ gc.add(GregorianCalendar.MONTH, 1);
+ nar.setEnd(Chrono.timeStamp(gc));
+ return nar;
+ }
+
+ @Override
+ public void compare(NsAttribRequest t1, NsAttribRequest t2) {
+ assertEquals(t1.getNs(),t2.getNs());
+ for(Attrib a1 : t1.getAttrib()) {
+ boolean ok = false;
+ for(Attrib a2 : t2.getAttrib()) {
+ if(a1.getKey().equals(a2.getKey()) &&
+ a1.getValue().equals(a2.getValue())) {
+ ok = true;
+ break;
+ }
+ }
+ assertTrue("a2 Attribs in a1",ok);
+ }
+ for(Attrib a2 : t2.getAttrib()) {
+ boolean ok = false;
+ for(Attrib a1 : t1.getAttrib()) {
+ if(a1.getKey().equals(a2.getKey()) &&
+ a1.getValue().equals(a2.getValue())) {
+ ok = true;
+ break;
+ }
+ }
+ assertTrue("a2 Attribs in a1",ok);
+ }
+ assertEquals(t1.getStart(),t2.getStart());
+ assertEquals(t1.getEnd(),t2.getEnd());
+ }
- @Override
- public NsAttribRequest newOne() {
- return create();
- }
+ @Override
+ public NsAttribRequest newOne() {
+ return create();
+ }
} \ No newline at end of file
diff --git a/auth/auth-core/src/test/java/org/onap/aaf/auth/request/test/NSCompare.java b/auth/auth-core/src/test/java/org/onap/aaf/auth/request/test/NSCompare.java
index b7fc28cc..53f78b7c 100644
--- a/auth/auth-core/src/test/java/org/onap/aaf/auth/request/test/NSCompare.java
+++ b/auth/auth-core/src/test/java/org/onap/aaf/auth/request/test/NSCompare.java
@@ -31,45 +31,45 @@ import org.onap.aaf.misc.env.util.Chrono;
import aaf.v2_0.NsRequest;
public class NSCompare extends RosettaCompare<NsRequest> {
- public NSCompare() {
- super(NsRequest.class);
- }
-
- public static NsRequest create() {
- NsRequest nsr = new NsRequest();
- String in = instance();
- nsr.setName("org.osaaf.ns"+in);
- nsr.setDescription("Hello World"+in);
- nsr.getAdmin().add("Fred"+in);
- nsr.getAdmin().add("Barney"+in);
- nsr.getResponsible().add("Wilma"+in);
- nsr.getResponsible().add("Betty"+in);
- nsr.setType("Hello"+in);
- GregorianCalendar gc = new GregorianCalendar();
- nsr.setStart(Chrono.timeStamp(gc));
- gc.add(GregorianCalendar.MONTH, 1);
- nsr.setEnd(Chrono.timeStamp(gc));
- return nsr;
- }
-
- @Override
- public void compare(NsRequest t1, NsRequest t2) {
- assertEquals(t1.getName(),t2.getName());
- assertEquals(t1.getDescription(),t2.getDescription());
- for(String s : t1.getAdmin()) {
- assertTrue(t2.getAdmin().contains(s));
- }
- for(String s : t2.getAdmin()) {
- assertTrue(t1.getAdmin().contains(s));
- }
- assertEquals(t1.getType(),t2.getType());
- assertEquals(t1.getStart(),t2.getStart());
- assertEquals(t1.getEnd(),t2.getEnd());
- }
+ public NSCompare() {
+ super(NsRequest.class);
+ }
+
+ public static NsRequest create() {
+ NsRequest nsr = new NsRequest();
+ String in = instance();
+ nsr.setName("org.osaaf.ns"+in);
+ nsr.setDescription("Hello World"+in);
+ nsr.getAdmin().add("Fred"+in);
+ nsr.getAdmin().add("Barney"+in);
+ nsr.getResponsible().add("Wilma"+in);
+ nsr.getResponsible().add("Betty"+in);
+ nsr.setType("Hello"+in);
+ GregorianCalendar gc = new GregorianCalendar();
+ nsr.setStart(Chrono.timeStamp(gc));
+ gc.add(GregorianCalendar.MONTH, 1);
+ nsr.setEnd(Chrono.timeStamp(gc));
+ return nsr;
+ }
+
+ @Override
+ public void compare(NsRequest t1, NsRequest t2) {
+ assertEquals(t1.getName(),t2.getName());
+ assertEquals(t1.getDescription(),t2.getDescription());
+ for(String s : t1.getAdmin()) {
+ assertTrue(t2.getAdmin().contains(s));
+ }
+ for(String s : t2.getAdmin()) {
+ assertTrue(t1.getAdmin().contains(s));
+ }
+ assertEquals(t1.getType(),t2.getType());
+ assertEquals(t1.getStart(),t2.getStart());
+ assertEquals(t1.getEnd(),t2.getEnd());
+ }
- @Override
- public NsRequest newOne() {
- return create();
- }
+ @Override
+ public NsRequest newOne() {
+ return create();
+ }
} \ No newline at end of file
diff --git a/auth/auth-core/src/test/java/org/onap/aaf/auth/request/test/PermCompare.java b/auth/auth-core/src/test/java/org/onap/aaf/auth/request/test/PermCompare.java
index 3d9a9fdb..92e07655 100644
--- a/auth/auth-core/src/test/java/org/onap/aaf/auth/request/test/PermCompare.java
+++ b/auth/auth-core/src/test/java/org/onap/aaf/auth/request/test/PermCompare.java
@@ -30,37 +30,37 @@ import org.onap.aaf.misc.env.util.Chrono;
import aaf.v2_0.PermRequest;
public class PermCompare extends RosettaCompare<PermRequest> {
- public PermCompare() {
- super(PermRequest.class);
- }
-
- public static PermRequest create() {
- PermRequest pr = new PermRequest();
- String in = instance();
- pr.setType("org.osaaf.ns.perm"+in);
- pr.setInstance("instance"+in);
- pr.setAction("read");
- pr.setDescription("Hello World, Perm"+in);
- GregorianCalendar gc = new GregorianCalendar();
- pr.setStart(Chrono.timeStamp(gc));
- gc.add(GregorianCalendar.MONTH, 1);
- pr.setEnd(Chrono.timeStamp(gc));
- return pr;
- }
-
- @Override
- public void compare(PermRequest t1, PermRequest t2) {
- assertEquals(t1.getType(),t2.getType());
- assertEquals(t1.getInstance(),t2.getInstance());
- assertEquals(t1.getAction(),t2.getAction());
- assertEquals(t1.getDescription(),t2.getDescription());
- assertEquals(t1.getStart(),t2.getStart());
- assertEquals(t1.getEnd(),t2.getEnd());
- }
+ public PermCompare() {
+ super(PermRequest.class);
+ }
+
+ public static PermRequest create() {
+ PermRequest pr = new PermRequest();
+ String in = instance();
+ pr.setType("org.osaaf.ns.perm"+in);
+ pr.setInstance("instance"+in);
+ pr.setAction("read");
+ pr.setDescription("Hello World, Perm"+in);
+ GregorianCalendar gc = new GregorianCalendar();
+ pr.setStart(Chrono.timeStamp(gc));
+ gc.add(GregorianCalendar.MONTH, 1);
+ pr.setEnd(Chrono.timeStamp(gc));
+ return pr;
+ }
+
+ @Override
+ public void compare(PermRequest t1, PermRequest t2) {
+ assertEquals(t1.getType(),t2.getType());
+ assertEquals(t1.getInstance(),t2.getInstance());
+ assertEquals(t1.getAction(),t2.getAction());
+ assertEquals(t1.getDescription(),t2.getDescription());
+ assertEquals(t1.getStart(),t2.getStart());
+ assertEquals(t1.getEnd(),t2.getEnd());
+ }
- @Override
- public PermRequest newOne() {
- return create();
- }
+ @Override
+ public PermRequest newOne() {
+ return create();
+ }
} \ No newline at end of file
diff --git a/auth/auth-core/src/test/java/org/onap/aaf/auth/request/test/RoleCompare.java b/auth/auth-core/src/test/java/org/onap/aaf/auth/request/test/RoleCompare.java
index 35bd3370..0a3a164c 100644
--- a/auth/auth-core/src/test/java/org/onap/aaf/auth/request/test/RoleCompare.java
+++ b/auth/auth-core/src/test/java/org/onap/aaf/auth/request/test/RoleCompare.java
@@ -30,33 +30,33 @@ import org.onap.aaf.misc.env.util.Chrono;
import aaf.v2_0.RoleRequest;
public class RoleCompare extends RosettaCompare<RoleRequest> {
- public RoleCompare() {
- super(RoleRequest.class);
- }
-
- public static RoleRequest create() {
- RoleRequest rr = new RoleRequest();
- String in = instance();
- rr.setName("org.osaaf.ns.role"+in);
- rr.setDescription("Hello World, Role"+in);
- GregorianCalendar gc = new GregorianCalendar();
- rr.setStart(Chrono.timeStamp(gc));
- gc.add(GregorianCalendar.MONTH, 1);
- rr.setEnd(Chrono.timeStamp(gc));
- return rr;
- }
-
- @Override
- public void compare(RoleRequest t1, RoleRequest t2) {
- assertEquals(t1.getName(),t2.getName());
- assertEquals(t1.getDescription(),t2.getDescription());
- assertEquals(t1.getStart(),t2.getStart());
- assertEquals(t1.getEnd(),t2.getEnd());
- }
-
-
- @Override
- public RoleRequest newOne() {
- return create();
- }
+ public RoleCompare() {
+ super(RoleRequest.class);
+ }
+
+ public static RoleRequest create() {
+ RoleRequest rr = new RoleRequest();
+ String in = instance();
+ rr.setName("org.osaaf.ns.role"+in);
+ rr.setDescription("Hello World, Role"+in);
+ GregorianCalendar gc = new GregorianCalendar();
+ rr.setStart(Chrono.timeStamp(gc));
+ gc.add(GregorianCalendar.MONTH, 1);
+ rr.setEnd(Chrono.timeStamp(gc));
+ return rr;
+ }
+
+ @Override
+ public void compare(RoleRequest t1, RoleRequest t2) {
+ assertEquals(t1.getName(),t2.getName());
+ assertEquals(t1.getDescription(),t2.getDescription());
+ assertEquals(t1.getStart(),t2.getStart());
+ assertEquals(t1.getEnd(),t2.getEnd());
+ }
+
+
+ @Override
+ public RoleRequest newOne() {
+ return create();
+ }
} \ No newline at end of file
diff --git a/auth/auth-core/src/test/java/org/onap/aaf/auth/request/test/RolePermCompare.java b/auth/auth-core/src/test/java/org/onap/aaf/auth/request/test/RolePermCompare.java
index d6ea98b9..24a84b53 100644
--- a/auth/auth-core/src/test/java/org/onap/aaf/auth/request/test/RolePermCompare.java
+++ b/auth/auth-core/src/test/java/org/onap/aaf/auth/request/test/RolePermCompare.java
@@ -31,39 +31,39 @@ import aaf.v2_0.Pkey;
import aaf.v2_0.RolePermRequest;
public class RolePermCompare extends RosettaCompare<RolePermRequest> {
- public RolePermCompare() {
- super(RolePermRequest.class);
- }
-
- public static RolePermRequest create() {
- RolePermRequest urr = new RolePermRequest();
- String in = instance();
- urr.setRole("org.osaaf.ns.role"+in);
- Pkey pkey = new Pkey();
- pkey.setType("org.osaaf.ns.myType"+in);
- pkey.setInstance("myInstance"+in);
- pkey.setAction("myAction"+in);
- urr.setPerm(pkey);
- GregorianCalendar gc = new GregorianCalendar();
- urr.setStart(Chrono.timeStamp(gc));
- gc.add(GregorianCalendar.MONTH, 1);
- urr.setEnd(Chrono.timeStamp(gc));
- return urr;
- }
-
- @Override
- public void compare(RolePermRequest t1, RolePermRequest t2) {
- assertEquals(t1.getRole(),t2.getRole());
- assertEquals(t1.getPerm().getType(),t1.getPerm().getType());
- assertEquals(t1.getPerm().getInstance(),t1.getPerm().getInstance());
- assertEquals(t1.getPerm().getAction(),t1.getPerm().getAction());
- assertEquals(t1.getStart(),t2.getStart());
- assertEquals(t1.getEnd(),t2.getEnd());
- }
+ public RolePermCompare() {
+ super(RolePermRequest.class);
+ }
+
+ public static RolePermRequest create() {
+ RolePermRequest urr = new RolePermRequest();
+ String in = instance();
+ urr.setRole("org.osaaf.ns.role"+in);
+ Pkey pkey = new Pkey();
+ pkey.setType("org.osaaf.ns.myType"+in);
+ pkey.setInstance("myInstance"+in);
+ pkey.setAction("myAction"+in);
+ urr.setPerm(pkey);
+ GregorianCalendar gc = new GregorianCalendar();
+ urr.setStart(Chrono.timeStamp(gc));
+ gc.add(GregorianCalendar.MONTH, 1);
+ urr.setEnd(Chrono.timeStamp(gc));
+ return urr;
+ }
+
+ @Override
+ public void compare(RolePermRequest t1, RolePermRequest t2) {
+ assertEquals(t1.getRole(),t2.getRole());
+ assertEquals(t1.getPerm().getType(),t1.getPerm().getType());
+ assertEquals(t1.getPerm().getInstance(),t1.getPerm().getInstance());
+ assertEquals(t1.getPerm().getAction(),t1.getPerm().getAction());
+ assertEquals(t1.getStart(),t2.getStart());
+ assertEquals(t1.getEnd(),t2.getEnd());
+ }
- @Override
- public RolePermRequest newOne() {
- return create();
- }
+ @Override
+ public RolePermRequest newOne() {
+ return create();
+ }
} \ No newline at end of file
diff --git a/auth/auth-core/src/test/java/org/onap/aaf/auth/request/test/RosettaCompare.java b/auth/auth-core/src/test/java/org/onap/aaf/auth/request/test/RosettaCompare.java
index 8935cc9d..43703d29 100644
--- a/auth/auth-core/src/test/java/org/onap/aaf/auth/request/test/RosettaCompare.java
+++ b/auth/auth-core/src/test/java/org/onap/aaf/auth/request/test/RosettaCompare.java
@@ -29,38 +29,38 @@ import org.onap.aaf.misc.rosetta.env.RosettaData;
import org.onap.aaf.misc.rosetta.env.RosettaEnv;
public abstract class RosettaCompare<T> {
- protected Class<T> cls;
- private static int count = 0;
-
- public RosettaCompare(Class<T> cls) {
- this.cls = cls;
- }
-
- public void run(RosettaEnv env) throws APIException {
- RosettaDF<T> nsrDF = env.newDataFactory(cls);
- compare(nsrDF.newData().option(Data.PRETTY),newOne(),this);
- }
-
- private void compare(RosettaData<T> rdt, T t, RosettaCompare<T> comp) throws APIException {
- //System.out.println("########### Testing " + cls.getName() + " ##############");
- String s = rdt.load(t).out(TYPE.JSON).asString();
- //System.out.println(s);
- T t2 = rdt.in(TYPE.JSON).load(s).asObject();
- comp.compare(t, t2);
-
- //System.out.println();
-
- s = rdt.load(t).out(TYPE.XML).asString();
- //System.out.println(s);
- t2 = rdt.in(TYPE.XML).load(s).asObject();
- comp.compare(t, t2);
- }
-
- public synchronized static String instance() {
- return "_"+ ++count;
- }
-
- public abstract void compare(T t1, T t2);
- public abstract T newOne();
-
+ protected Class<T> cls;
+ private static int count = 0;
+
+ public RosettaCompare(Class<T> cls) {
+ this.cls = cls;
+ }
+
+ public void run(RosettaEnv env) throws APIException {
+ RosettaDF<T> nsrDF = env.newDataFactory(cls);
+ compare(nsrDF.newData().option(Data.PRETTY),newOne(),this);
+ }
+
+ private void compare(RosettaData<T> rdt, T t, RosettaCompare<T> comp) throws APIException {
+ //System.out.println("########### Testing " + cls.getName() + " ##############");
+ String s = rdt.load(t).out(TYPE.JSON).asString();
+ //System.out.println(s);
+ T t2 = rdt.in(TYPE.JSON).load(s).asObject();
+ comp.compare(t, t2);
+
+ //System.out.println();
+
+ s = rdt.load(t).out(TYPE.XML).asString();
+ //System.out.println(s);
+ t2 = rdt.in(TYPE.XML).load(s).asObject();
+ comp.compare(t, t2);
+ }
+
+ public synchronized static String instance() {
+ return "_"+ ++count;
+ }
+
+ public abstract void compare(T t1, T t2);
+ public abstract T newOne();
+
} \ No newline at end of file
diff --git a/auth/auth-core/src/test/java/org/onap/aaf/auth/request/test/UserRoleCompare.java b/auth/auth-core/src/test/java/org/onap/aaf/auth/request/test/UserRoleCompare.java
index 542ddeb7..af61e639 100644
--- a/auth/auth-core/src/test/java/org/onap/aaf/auth/request/test/UserRoleCompare.java
+++ b/auth/auth-core/src/test/java/org/onap/aaf/auth/request/test/UserRoleCompare.java
@@ -30,33 +30,33 @@ import org.onap.aaf.misc.env.util.Chrono;
import aaf.v2_0.UserRoleRequest;
public class UserRoleCompare extends RosettaCompare<UserRoleRequest> {
- public UserRoleCompare() {
- super(UserRoleRequest.class);
- }
-
- public static UserRoleRequest create() {
- UserRoleRequest urr = new UserRoleRequest();
- String in = instance();
- urr.setUser("m125"+in + "@ns.att.com");
- urr.setRole("org.osaaf.ns.role"+in);
- GregorianCalendar gc = new GregorianCalendar();
- urr.setStart(Chrono.timeStamp(gc));
- gc.add(GregorianCalendar.MONTH, 1);
- urr.setEnd(Chrono.timeStamp(gc));
- return urr;
- }
-
- @Override
- public void compare(UserRoleRequest t1, UserRoleRequest t2) {
- assertEquals(t1.getUser(),t2.getUser());
- assertEquals(t1.getRole(),t2.getRole());
- assertEquals(t1.getStart(),t2.getStart());
- assertEquals(t1.getEnd(),t2.getEnd());
- }
-
-
- @Override
- public UserRoleRequest newOne() {
- return create();
- }
+ public UserRoleCompare() {
+ super(UserRoleRequest.class);
+ }
+
+ public static UserRoleRequest create() {
+ UserRoleRequest urr = new UserRoleRequest();
+ String in = instance();
+ urr.setUser("m125"+in + "@ns.att.com");
+ urr.setRole("org.osaaf.ns.role"+in);
+ GregorianCalendar gc = new GregorianCalendar();
+ urr.setStart(Chrono.timeStamp(gc));
+ gc.add(GregorianCalendar.MONTH, 1);
+ urr.setEnd(Chrono.timeStamp(gc));
+ return urr;
+ }
+
+ @Override
+ public void compare(UserRoleRequest t1, UserRoleRequest t2) {
+ assertEquals(t1.getUser(),t2.getUser());
+ assertEquals(t1.getRole(),t2.getRole());
+ assertEquals(t1.getStart(),t2.getStart());
+ assertEquals(t1.getEnd(),t2.getEnd());
+ }
+
+
+ @Override
+ public UserRoleRequest newOne() {
+ return create();
+ }
} \ No newline at end of file
diff --git a/auth/auth-core/src/test/java/org/onap/aaf/auth/rserv/test/JU_BetterMatch.java b/auth/auth-core/src/test/java/org/onap/aaf/auth/rserv/test/JU_BetterMatch.java
index 7d3f057a..159c05a2 100644
--- a/auth/auth-core/src/test/java/org/onap/aaf/auth/rserv/test/JU_BetterMatch.java
+++ b/auth/auth-core/src/test/java/org/onap/aaf/auth/rserv/test/JU_BetterMatch.java
@@ -38,136 +38,136 @@ import org.onap.aaf.misc.env.impl.EnvFactory;
public class JU_BetterMatch {
- @Test
- public void test() {
- Trans trans = EnvFactory.newTrans();
- // Bad Match
- Match bm = new Match("/req/1.0.0/:var");
+ @Test
+ public void test() {
+ Trans trans = EnvFactory.newTrans();
+ // Bad Match
+ Match bm = new Match("/req/1.0.0/:var");
- assertTrue(bm.match("/req/1.0.0/fred"));
- assertTrue(bm.match("/req/1.0.0/wilma"));
- assertTrue(bm.match("/req/1.0.0/wilma/"));
- assertFalse(bm.match("/req/1.0.0/wilma/bambam"));
- assertFalse(bm.match("/not/valid/234"));
- assertFalse(bm.match(""));
-
- TimeTaken tt = trans.start("A", Env.SUB);
- TimeTaken tt2;
- int i = 0;
- try {
- bm = new Match(null);
- tt2 = trans.start(Integer.toString(++i), Env.SUB);
- assertTrue(bm.match(""));
- tt2.done();
- tt2 = trans.start(Integer.toString(++i), Env.SUB);
- assertTrue(bm.match(null));
- tt2.done();
- } finally {
- tt.done();
- }
-
-
- tt = trans.start("B", Env.SUB);
- i = 0;
- try {
- bm = new Match("/req/1.0.0/:urn/:ref");
- tt2 = trans.start(Integer.toString(++i), Env.SUB);
- assertTrue(bm.match("/req/1.0.0/urn:fsdb,1.0,req,newreq/0x12345"));
- tt2.done();
- tt2 = trans.start(Integer.toString(++i), Env.SUB);
- assertFalse(bm.match("/req/1.0.0/urn"));
- tt2.done();
- tt2 = trans.start(Integer.toString(++i), Env.SUB);
- assertTrue(bm.match("/req/1.0.0/urn:fsdb,1.0,req,newreq/0x12345/"));
- tt2.done();
- tt2 = trans.start(Integer.toString(++i), Env.SUB);
- assertFalse(bm.match("/req/1.0.0/urn:fsdb,1.0,req,newreq/0x12345/x"));
- tt2.done();
- tt2 = trans.start(Integer.toString(++i), Env.SUB);
- assertFalse(bm.match("/req/1.0.0/urn:fsdb,1.0,req,newreq/0x12345/xyx"));
- } finally {
- tt2.done();
- tt.done();
- }
-
- tt = trans.start("C", Env.SUB);
- i = 0;
- try {
- String url = "/req/1.0.0/";
- bm = new Match(url+":urn*");
- tt2 = trans.start(Integer.toString(++i), Env.SUB);
- String value = "urn:fsdb,1.0,req,newreq/0x12345";
-
- assertTrue(bm.match(url+value));
- assertEquals("urn:fsdb,1.0,req,newreq/0x12345",bm.param(url+value, ":urn"));
- } finally {
- tt2.done();
- tt.done();
- }
+ assertTrue(bm.match("/req/1.0.0/fred"));
+ assertTrue(bm.match("/req/1.0.0/wilma"));
+ assertTrue(bm.match("/req/1.0.0/wilma/"));
+ assertFalse(bm.match("/req/1.0.0/wilma/bambam"));
+ assertFalse(bm.match("/not/valid/234"));
+ assertFalse(bm.match(""));
+
+ TimeTaken tt = trans.start("A", Env.SUB);
+ TimeTaken tt2;
+ int i = 0;
+ try {
+ bm = new Match(null);
+ tt2 = trans.start(Integer.toString(++i), Env.SUB);
+ assertTrue(bm.match(""));
+ tt2.done();
+ tt2 = trans.start(Integer.toString(++i), Env.SUB);
+ assertTrue(bm.match(null));
+ tt2.done();
+ } finally {
+ tt.done();
+ }
+
+
+ tt = trans.start("B", Env.SUB);
+ i = 0;
+ try {
+ bm = new Match("/req/1.0.0/:urn/:ref");
+ tt2 = trans.start(Integer.toString(++i), Env.SUB);
+ assertTrue(bm.match("/req/1.0.0/urn:fsdb,1.0,req,newreq/0x12345"));
+ tt2.done();
+ tt2 = trans.start(Integer.toString(++i), Env.SUB);
+ assertFalse(bm.match("/req/1.0.0/urn"));
+ tt2.done();
+ tt2 = trans.start(Integer.toString(++i), Env.SUB);
+ assertTrue(bm.match("/req/1.0.0/urn:fsdb,1.0,req,newreq/0x12345/"));
+ tt2.done();
+ tt2 = trans.start(Integer.toString(++i), Env.SUB);
+ assertFalse(bm.match("/req/1.0.0/urn:fsdb,1.0,req,newreq/0x12345/x"));
+ tt2.done();
+ tt2 = trans.start(Integer.toString(++i), Env.SUB);
+ assertFalse(bm.match("/req/1.0.0/urn:fsdb,1.0,req,newreq/0x12345/xyx"));
+ } finally {
+ tt2.done();
+ tt.done();
+ }
+
+ tt = trans.start("C", Env.SUB);
+ i = 0;
+ try {
+ String url = "/req/1.0.0/";
+ bm = new Match(url+":urn*");
+ tt2 = trans.start(Integer.toString(++i), Env.SUB);
+ String value = "urn:fsdb,1.0,req,newreq/0x12345";
+
+ assertTrue(bm.match(url+value));
+ assertEquals("urn:fsdb,1.0,req,newreq/0x12345",bm.param(url+value, ":urn"));
+ } finally {
+ tt2.done();
+ tt.done();
+ }
- tt = trans.start("D", Env.SUB);
- i = 0;
- try {
- bm = new Match("/req/1.0.0/:urn/:ref*");
- tt2 = trans.start(Integer.toString(++i), Env.SUB);
- assertTrue(bm.match("/req/1.0.0/urn:fsdb,1.0,req,newreq/0x12345"));
- tt2.done();
- tt2 = trans.start(Integer.toString(++i), Env.SUB);
- assertFalse(bm.match("/req/1.0.0/urn:fsdb,1.0,req,newreq/"));
- } finally {
- tt2.done();
- tt.done();
- }
+ tt = trans.start("D", Env.SUB);
+ i = 0;
+ try {
+ bm = new Match("/req/1.0.0/:urn/:ref*");
+ tt2 = trans.start(Integer.toString(++i), Env.SUB);
+ assertTrue(bm.match("/req/1.0.0/urn:fsdb,1.0,req,newreq/0x12345"));
+ tt2.done();
+ tt2 = trans.start(Integer.toString(++i), Env.SUB);
+ assertFalse(bm.match("/req/1.0.0/urn:fsdb,1.0,req,newreq/"));
+ } finally {
+ tt2.done();
+ tt.done();
+ }
- tt = trans.start("E", Env.SUB);
- i = 0;
- try {
- bm = new Match("this*");
- tt2 = trans.start(Integer.toString(++i), Env.SUB);
- assertTrue(bm.match("this"));
- tt2.done();
- tt2 = trans.start(Integer.toString(++i), Env.SUB);
- assertTrue(bm.match("thisandthat"));
- tt2.done();
- tt2 = trans.start(Integer.toString(++i), Env.SUB);
- assertTrue(bm.match("this/1.0.0/urn:fsdb,1.0,req,newreq/0x12345/"));
- } finally {
- tt2.done();
- tt.done();
- }
+ tt = trans.start("E", Env.SUB);
+ i = 0;
+ try {
+ bm = new Match("this*");
+ tt2 = trans.start(Integer.toString(++i), Env.SUB);
+ assertTrue(bm.match("this"));
+ tt2.done();
+ tt2 = trans.start(Integer.toString(++i), Env.SUB);
+ assertTrue(bm.match("thisandthat"));
+ tt2.done();
+ tt2 = trans.start(Integer.toString(++i), Env.SUB);
+ assertTrue(bm.match("this/1.0.0/urn:fsdb,1.0,req,newreq/0x12345/"));
+ } finally {
+ tt2.done();
+ tt.done();
+ }
- tt = trans.start("F", Env.SUB);
- i = 0;
- try {
- bm = new Match("*");
- tt2 = trans.start(Integer.toString(++i), Env.SUB);
- assertTrue(bm.match("<pass>/this"));
- } finally {
- tt2.done();
- tt.done();
- }
-
- StringBuilder sb = new StringBuilder();
- trans.auditTrail(0, sb);
- //System.out.println(sb);
-
- }
-
- @Test
- public void specialTest() {
- Match match = new Match("/sample");
- assertTrue(match.match("/sample"));
-
- match = new Match("/lpeer//lpeer/:key/:item*");
- assertTrue(match.match("/lpeer//lpeer/x/y"));
- assertFalse(match.match("/lpeer/x/lpeer/x/y"));
+ tt = trans.start("F", Env.SUB);
+ i = 0;
+ try {
+ bm = new Match("*");
+ tt2 = trans.start(Integer.toString(++i), Env.SUB);
+ assertTrue(bm.match("<pass>/this"));
+ } finally {
+ tt2.done();
+ tt.done();
+ }
+
+ StringBuilder sb = new StringBuilder();
+ trans.auditTrail(0, sb);
+ //System.out.println(sb);
+
+ }
+
+ @Test
+ public void specialTest() {
+ Match match = new Match("/sample");
+ assertTrue(match.match("/sample"));
+
+ match = new Match("/lpeer//lpeer/:key/:item*");
+ assertTrue(match.match("/lpeer//lpeer/x/y"));
+ assertFalse(match.match("/lpeer/x/lpeer/x/y"));
- }
+ }
- @Test
- public void testGetParamNames() {
- Match bm = new Match("/req/1.0.0/:var");
- Set s = bm.getParamNames();
- Assert.assertNotNull(s);
- }
+ @Test
+ public void testGetParamNames() {
+ Match bm = new Match("/req/1.0.0/:var");
+ Set s = bm.getParamNames();
+ Assert.assertNotNull(s);
+ }
}
diff --git a/auth/auth-core/src/test/java/org/onap/aaf/auth/rserv/test/JU_BetterMatch1.java b/auth/auth-core/src/test/java/org/onap/aaf/auth/rserv/test/JU_BetterMatch1.java
index 7fa996d3..2287889b 100644
--- a/auth/auth-core/src/test/java/org/onap/aaf/auth/rserv/test/JU_BetterMatch1.java
+++ b/auth/auth-core/src/test/java/org/onap/aaf/auth/rserv/test/JU_BetterMatch1.java
@@ -35,130 +35,130 @@ import org.onap.aaf.misc.env.impl.EnvFactory;
public class JU_BetterMatch1 {
- @Test
- public void test() {
- Trans trans = EnvFactory.newTrans();
- // Bad Match
- Match bm = new Match("/req/1.0.0/:var");
+ @Test
+ public void test() {
+ Trans trans = EnvFactory.newTrans();
+ // Bad Match
+ Match bm = new Match("/req/1.0.0/:var");
- assertTrue(bm.match("/req/1.0.0/fred"));
- assertTrue(bm.match("/req/1.0.0/wilma"));
- assertTrue(bm.match("/req/1.0.0/wilma/"));
- assertFalse(bm.match("/req/1.0.0/wilma/bambam"));
- assertFalse(bm.match("/not/valid/234"));
- assertFalse(bm.match(""));
-
- TimeTaken tt = trans.start("A", Env.SUB);
- TimeTaken tt2;
- int i = 0;
- try {
- bm = new Match(null);
- tt2 = trans.start(Integer.toString(++i), Env.SUB);
- assertTrue(bm.match(""));
- tt2.done();
- tt2 = trans.start(Integer.toString(++i), Env.SUB);
- assertTrue(bm.match(null));
- tt2.done();
- } finally {
- tt.done();
- }
-
-
- tt = trans.start("B", Env.SUB);
- i = 0;
- try {
- bm = new Match("/req/1.0.0/:urn/:ref");
- tt2 = trans.start(Integer.toString(++i), Env.SUB);
- assertTrue(bm.match("/req/1.0.0/urn:fsdb,1.0,req,newreq/0x12345"));
- tt2.done();
- tt2 = trans.start(Integer.toString(++i), Env.SUB);
- assertFalse(bm.match("/req/1.0.0/urn"));
- tt2.done();
- tt2 = trans.start(Integer.toString(++i), Env.SUB);
- assertTrue(bm.match("/req/1.0.0/urn:fsdb,1.0,req,newreq/0x12345/"));
- tt2.done();
- tt2 = trans.start(Integer.toString(++i), Env.SUB);
- assertFalse(bm.match("/req/1.0.0/urn:fsdb,1.0,req,newreq/0x12345/x"));
- tt2.done();
- tt2 = trans.start(Integer.toString(++i), Env.SUB);
- assertFalse(bm.match("/req/1.0.0/urn:fsdb,1.0,req,newreq/0x12345/xyx"));
- } finally {
- tt2.done();
- tt.done();
- }
-
- tt = trans.start("C", Env.SUB);
- i = 0;
- try {
- String url = "/req/1.0.0/";
- bm = new Match(url+":urn*");
- tt2 = trans.start(Integer.toString(++i), Env.SUB);
- String value = "urn:fsdb,1.0,req,newreq/0x12345";
-
- assertTrue(bm.match(url+value));
- assertEquals("urn:fsdb,1.0,req,newreq/0x12345",bm.param(url+value, ":urn"));
- } finally {
- tt2.done();
- tt.done();
- }
+ assertTrue(bm.match("/req/1.0.0/fred"));
+ assertTrue(bm.match("/req/1.0.0/wilma"));
+ assertTrue(bm.match("/req/1.0.0/wilma/"));
+ assertFalse(bm.match("/req/1.0.0/wilma/bambam"));
+ assertFalse(bm.match("/not/valid/234"));
+ assertFalse(bm.match(""));
+
+ TimeTaken tt = trans.start("A", Env.SUB);
+ TimeTaken tt2;
+ int i = 0;
+ try {
+ bm = new Match(null);
+ tt2 = trans.start(Integer.toString(++i), Env.SUB);
+ assertTrue(bm.match(""));
+ tt2.done();
+ tt2 = trans.start(Integer.toString(++i), Env.SUB);
+ assertTrue(bm.match(null));
+ tt2.done();
+ } finally {
+ tt.done();
+ }
+
+
+ tt = trans.start("B", Env.SUB);
+ i = 0;
+ try {
+ bm = new Match("/req/1.0.0/:urn/:ref");
+ tt2 = trans.start(Integer.toString(++i), Env.SUB);
+ assertTrue(bm.match("/req/1.0.0/urn:fsdb,1.0,req,newreq/0x12345"));
+ tt2.done();
+ tt2 = trans.start(Integer.toString(++i), Env.SUB);
+ assertFalse(bm.match("/req/1.0.0/urn"));
+ tt2.done();
+ tt2 = trans.start(Integer.toString(++i), Env.SUB);
+ assertTrue(bm.match("/req/1.0.0/urn:fsdb,1.0,req,newreq/0x12345/"));
+ tt2.done();
+ tt2 = trans.start(Integer.toString(++i), Env.SUB);
+ assertFalse(bm.match("/req/1.0.0/urn:fsdb,1.0,req,newreq/0x12345/x"));
+ tt2.done();
+ tt2 = trans.start(Integer.toString(++i), Env.SUB);
+ assertFalse(bm.match("/req/1.0.0/urn:fsdb,1.0,req,newreq/0x12345/xyx"));
+ } finally {
+ tt2.done();
+ tt.done();
+ }
+
+ tt = trans.start("C", Env.SUB);
+ i = 0;
+ try {
+ String url = "/req/1.0.0/";
+ bm = new Match(url+":urn*");
+ tt2 = trans.start(Integer.toString(++i), Env.SUB);
+ String value = "urn:fsdb,1.0,req,newreq/0x12345";
+
+ assertTrue(bm.match(url+value));
+ assertEquals("urn:fsdb,1.0,req,newreq/0x12345",bm.param(url+value, ":urn"));
+ } finally {
+ tt2.done();
+ tt.done();
+ }
- tt = trans.start("D", Env.SUB);
- i = 0;
- try {
- bm = new Match("/req/1.0.0/:urn/:ref*");
- tt2 = trans.start(Integer.toString(++i), Env.SUB);
- assertTrue(bm.match("/req/1.0.0/urn:fsdb,1.0,req,newreq/0x12345"));
- tt2.done();
- tt2 = trans.start(Integer.toString(++i), Env.SUB);
- assertFalse(bm.match("/req/1.0.0/urn:fsdb,1.0,req,newreq/"));
- } finally {
- tt2.done();
- tt.done();
- }
+ tt = trans.start("D", Env.SUB);
+ i = 0;
+ try {
+ bm = new Match("/req/1.0.0/:urn/:ref*");
+ tt2 = trans.start(Integer.toString(++i), Env.SUB);
+ assertTrue(bm.match("/req/1.0.0/urn:fsdb,1.0,req,newreq/0x12345"));
+ tt2.done();
+ tt2 = trans.start(Integer.toString(++i), Env.SUB);
+ assertFalse(bm.match("/req/1.0.0/urn:fsdb,1.0,req,newreq/"));
+ } finally {
+ tt2.done();
+ tt.done();
+ }
- tt = trans.start("E", Env.SUB);
- i = 0;
- try {
- bm = new Match("this*");
- tt2 = trans.start(Integer.toString(++i), Env.SUB);
- assertTrue(bm.match("this"));
- tt2.done();
- tt2 = trans.start(Integer.toString(++i), Env.SUB);
- assertTrue(bm.match("thisandthat"));
- tt2.done();
- tt2 = trans.start(Integer.toString(++i), Env.SUB);
- assertTrue(bm.match("this/1.0.0/urn:fsdb,1.0,req,newreq/0x12345/"));
- } finally {
- tt2.done();
- tt.done();
- }
+ tt = trans.start("E", Env.SUB);
+ i = 0;
+ try {
+ bm = new Match("this*");
+ tt2 = trans.start(Integer.toString(++i), Env.SUB);
+ assertTrue(bm.match("this"));
+ tt2.done();
+ tt2 = trans.start(Integer.toString(++i), Env.SUB);
+ assertTrue(bm.match("thisandthat"));
+ tt2.done();
+ tt2 = trans.start(Integer.toString(++i), Env.SUB);
+ assertTrue(bm.match("this/1.0.0/urn:fsdb,1.0,req,newreq/0x12345/"));
+ } finally {
+ tt2.done();
+ tt.done();
+ }
- tt = trans.start("F", Env.SUB);
- i = 0;
- try {
- bm = new Match("*");
- tt2 = trans.start(Integer.toString(++i), Env.SUB);
- assertTrue(bm.match("whatever/this"));
- } finally {
- tt2.done();
- tt.done();
- }
-
- StringBuilder sb = new StringBuilder();
- trans.auditTrail(0, sb);
- //System.out.println(sb);
-
- }
-
- @Test
- public void specialTest() {
- Match match = new Match("/sample");
- assertTrue(match.match("/sample"));
-
- match = new Match("/lpeer//lpeer/:key/:item*");
- assertTrue(match.match("/lpeer//lpeer/x/y"));
- assertFalse(match.match("/lpeer/x/lpeer/x/y"));
+ tt = trans.start("F", Env.SUB);
+ i = 0;
+ try {
+ bm = new Match("*");
+ tt2 = trans.start(Integer.toString(++i), Env.SUB);
+ assertTrue(bm.match("whatever/this"));
+ } finally {
+ tt2.done();
+ tt.done();
+ }
+
+ StringBuilder sb = new StringBuilder();
+ trans.auditTrail(0, sb);
+ //System.out.println(sb);
+
+ }
+
+ @Test
+ public void specialTest() {
+ Match match = new Match("/sample");
+ assertTrue(match.match("/sample"));
+
+ match = new Match("/lpeer//lpeer/:key/:item*");
+ assertTrue(match.match("/lpeer//lpeer/x/y"));
+ assertFalse(match.match("/lpeer/x/lpeer/x/y"));
- }
+ }
}
diff --git a/auth/auth-core/src/test/java/org/onap/aaf/auth/rserv/test/JU_BetterRoute.java b/auth/auth-core/src/test/java/org/onap/aaf/auth/rserv/test/JU_BetterRoute.java
index d98cf5ce..2fa6b5f8 100644
--- a/auth/auth-core/src/test/java/org/onap/aaf/auth/rserv/test/JU_BetterRoute.java
+++ b/auth/auth-core/src/test/java/org/onap/aaf/auth/rserv/test/JU_BetterRoute.java
@@ -25,9 +25,9 @@ import org.junit.Test;
public class JU_BetterRoute {
- @Test
- public void test() {
-
- }
+ @Test
+ public void test() {
+
+ }
}
diff --git a/auth/auth-core/src/test/java/org/onap/aaf/auth/rserv/test/JU_CachingFileAccess.java b/auth/auth-core/src/test/java/org/onap/aaf/auth/rserv/test/JU_CachingFileAccess.java
index 3d1f0062..207afc70 100644
--- a/auth/auth-core/src/test/java/org/onap/aaf/auth/rserv/test/JU_CachingFileAccess.java
+++ b/auth/auth-core/src/test/java/org/onap/aaf/auth/rserv/test/JU_CachingFileAccess.java
@@ -58,122 +58,122 @@ import junit.framework.Assert;
@RunWith(PowerMockRunner.class)
public class JU_CachingFileAccess {
- CachingFileAccess cachingFileAccess;
- HttpCode httpCode;
- EnvJAXB envJ;
- Trans trans;
-
-
- @Before
- public void setUp() throws IOException{
- trans = mock(Trans.class);
- HttpCode hCode = mock(HttpCode.class);
- envJ = mock(EnvJAXB.class);
- LogTarget log = mock(LogTarget.class);
- Long lng = (long) 1234134;
- when(envJ.get(envJ.staticSlot("aaf_cfa_cache_check_interval"),600000L)).thenReturn(lng);
- when(envJ.get(envJ.staticSlot("aaf_cfa_max_size"), 512000)).thenReturn(512000);
- when(envJ.get(envJ.staticSlot("aaf_cfa_web_path"))).thenReturn("TEST");
- when(envJ.getProperty("aaf_cfa_clear_command",null)).thenReturn("null");
- when(envJ.init()).thenReturn(log);
- doNothing().when(log).log((String)any());
- cachingFileAccess = new CachingFileAccess(envJ,"test");
-
-
-
- }
-
- @Test
- public void testSetEnv() {
- Store store = mock(Store.class);
- Store store1 = mock(Store.class);
- Store store2 = mock(Store.class);
- String test[] = {"aaf_cfa_web_path","aaf_cfa_cache_check_interval","aaf_cfa_max_size"};
- String test1[] = {"aaf_cfa_cache_check_interval"};
- String test2[] = {"aaf_cfa_max_size"};
- cachingFileAccess.setEnv(store, test);
- cachingFileAccess.setEnv(store1, test1); //These don't reach all the branches for some reason
- cachingFileAccess.setEnv(store2, test2);
- }
-
- @Test
- public void testHandle() throws IOException, NoSuchFieldException, SecurityException, IllegalArgumentException, IllegalAccessException {
- HttpServletRequest req = mock(HttpServletRequest.class);
- Trans trans = mock(Trans.class);
- HttpServletResponse resp = mock(HttpServletResponse.class);
- when(req.getPathInfo()).thenReturn("path/to/file");
-
- Field matchField = HttpCode.class.getDeclaredField("match");
- matchField.setAccessible(true);
- Match match = mock(Match.class);
- when(match.param(anyString(), anyString())).thenReturn("null/");
- matchField.set(cachingFileAccess, match);
- cachingFileAccess.handle(trans, req, resp);
- when(match.param(anyString(), anyString())).thenReturn("clear");
- cachingFileAccess.handle(trans, req, resp);
- }
-
- @Test
- public void testWebPath() {
- EnvJAXB envJ = mock(EnvJAXB.class);
- String web_path_test = "TEST";
- Assert.assertEquals(web_path_test, cachingFileAccess.webPath());
- }
-
- @Test
- public void testCleanupParams() {
- NavigableMap<String,org.onap.aaf.auth.rserv.Content> content = new ConcurrentSkipListMap<>();
- cachingFileAccess.cleanupParams(50, 500); //TODO: find right input
- }
-
- @Test
- public void testLoad() throws IOException {
- cachingFileAccess.load(null, null, "1220227200L/1220227200L", null, 1320227200L );
- String filePath = "test/output_key";
- File keyfile = new File(filePath);
- RandomAccessFile randFile = new RandomAccessFile (keyfile,"rw");
-
- String dPath = "test/";
- File directoryPath = new File(dPath);
- directoryPath.mkdir();
- cachingFileAccess.load(null, dPath, "-", null, -1);
- randFile.setLength(1024 * 1024 * 8);
- cachingFileAccess.load(null, filePath, "-", null, -1);
- keyfile.delete();
- directoryPath.delete();
- String filePath1 = "test/output_key";
- File keyfile1 = new File(filePath1);
- keyfile1.createNewFile();
- cachingFileAccess.load(null, filePath1, "-", "test", -1);
- keyfile1.delete();
- }
-
- @Test
- public void testLoadOrDefault() throws IOException, NoSuchFieldException, SecurityException, IllegalArgumentException, IllegalAccessException, ClassNotFoundException, InstantiationException {
- String filePath = "test/output_key";
- File keyfile = new File(filePath);
- cachingFileAccess.loadOrDefault(trans, filePath, "-", null, null);
- keyfile.delete();
-
- Trans trans = mock(Trans.class);
-
- String filePath1 = "test/output_key.txt";
- //File keyfile1 = new File(filePath1);
- doAnswer(new Answer<Void>() {
- public Void answer(InvocationOnMock invocation) throws FileNotFoundException {
- throw new FileNotFoundException();
- }
- }).when(trans).info();
- //cachingFileAccess.loadOrDefault(trans, "bs", "also bs", "test", null); //TODO: Needs more testing AAF-111
- //keyfile1.delete();
- }
-
- @Test
- public void testInvalidate() {
- //NavigableMap<String,org.onap.aaf.auth.rserv.Content> content = new ConcurrentSkipListMap<>();
- //Content con = mock(Content.class);
- //content.put("hello", con);
- cachingFileAccess.invalidate("hello");
- }
+ CachingFileAccess cachingFileAccess;
+ HttpCode httpCode;
+ EnvJAXB envJ;
+ Trans trans;
+
+
+ @Before
+ public void setUp() throws IOException{
+ trans = mock(Trans.class);
+ HttpCode hCode = mock(HttpCode.class);
+ envJ = mock(EnvJAXB.class);
+ LogTarget log = mock(LogTarget.class);
+ Long lng = (long) 1234134;
+ when(envJ.get(envJ.staticSlot("aaf_cfa_cache_check_interval"),600000L)).thenReturn(lng);
+ when(envJ.get(envJ.staticSlot("aaf_cfa_max_size"), 512000)).thenReturn(512000);
+ when(envJ.get(envJ.staticSlot("aaf_cfa_web_path"))).thenReturn("TEST");
+ when(envJ.getProperty("aaf_cfa_clear_command",null)).thenReturn("null");
+ when(envJ.init()).thenReturn(log);
+ doNothing().when(log).log((String)any());
+ cachingFileAccess = new CachingFileAccess(envJ,"test");
+
+
+
+ }
+
+ @Test
+ public void testSetEnv() {
+ Store store = mock(Store.class);
+ Store store1 = mock(Store.class);
+ Store store2 = mock(Store.class);
+ String test[] = {"aaf_cfa_web_path","aaf_cfa_cache_check_interval","aaf_cfa_max_size"};
+ String test1[] = {"aaf_cfa_cache_check_interval"};
+ String test2[] = {"aaf_cfa_max_size"};
+ cachingFileAccess.setEnv(store, test);
+ cachingFileAccess.setEnv(store1, test1); //These don't reach all the branches for some reason
+ cachingFileAccess.setEnv(store2, test2);
+ }
+
+ @Test
+ public void testHandle() throws IOException, NoSuchFieldException, SecurityException, IllegalArgumentException, IllegalAccessException {
+ HttpServletRequest req = mock(HttpServletRequest.class);
+ Trans trans = mock(Trans.class);
+ HttpServletResponse resp = mock(HttpServletResponse.class);
+ when(req.getPathInfo()).thenReturn("path/to/file");
+
+ Field matchField = HttpCode.class.getDeclaredField("match");
+ matchField.setAccessible(true);
+ Match match = mock(Match.class);
+ when(match.param(anyString(), anyString())).thenReturn("null/");
+ matchField.set(cachingFileAccess, match);
+ cachingFileAccess.handle(trans, req, resp);
+ when(match.param(anyString(), anyString())).thenReturn("clear");
+ cachingFileAccess.handle(trans, req, resp);
+ }
+
+ @Test
+ public void testWebPath() {
+ EnvJAXB envJ = mock(EnvJAXB.class);
+ String web_path_test = "TEST";
+ Assert.assertEquals(web_path_test, cachingFileAccess.webPath());
+ }
+
+ @Test
+ public void testCleanupParams() {
+ NavigableMap<String,org.onap.aaf.auth.rserv.Content> content = new ConcurrentSkipListMap<>();
+ cachingFileAccess.cleanupParams(50, 500); //TODO: find right input
+ }
+
+ @Test
+ public void testLoad() throws IOException {
+ cachingFileAccess.load(null, null, "1220227200L/1220227200L", null, 1320227200L );
+ String filePath = "test/output_key";
+ File keyfile = new File(filePath);
+ RandomAccessFile randFile = new RandomAccessFile (keyfile,"rw");
+
+ String dPath = "test/";
+ File directoryPath = new File(dPath);
+ directoryPath.mkdir();
+ cachingFileAccess.load(null, dPath, "-", null, -1);
+ randFile.setLength(1024 * 1024 * 8);
+ cachingFileAccess.load(null, filePath, "-", null, -1);
+ keyfile.delete();
+ directoryPath.delete();
+ String filePath1 = "test/output_key";
+ File keyfile1 = new File(filePath1);
+ keyfile1.createNewFile();
+ cachingFileAccess.load(null, filePath1, "-", "test", -1);
+ keyfile1.delete();
+ }
+
+ @Test
+ public void testLoadOrDefault() throws IOException, NoSuchFieldException, SecurityException, IllegalArgumentException, IllegalAccessException, ClassNotFoundException, InstantiationException {
+ String filePath = "test/output_key";
+ File keyfile = new File(filePath);
+ cachingFileAccess.loadOrDefault(trans, filePath, "-", null, null);
+ keyfile.delete();
+
+ Trans trans = mock(Trans.class);
+
+ String filePath1 = "test/output_key.txt";
+ //File keyfile1 = new File(filePath1);
+ doAnswer(new Answer<Void>() {
+ public Void answer(InvocationOnMock invocation) throws FileNotFoundException {
+ throw new FileNotFoundException();
+ }
+ }).when(trans).info();
+ //cachingFileAccess.loadOrDefault(trans, "bs", "also bs", "test", null); //TODO: Needs more testing AAF-111
+ //keyfile1.delete();
+ }
+
+ @Test
+ public void testInvalidate() {
+ //NavigableMap<String,org.onap.aaf.auth.rserv.Content> content = new ConcurrentSkipListMap<>();
+ //Content con = mock(Content.class);
+ //content.put("hello", con);
+ cachingFileAccess.invalidate("hello");
+ }
}
diff --git a/auth/auth-core/src/test/java/org/onap/aaf/auth/rserv/test/JU_Content.java b/auth/auth-core/src/test/java/org/onap/aaf/auth/rserv/test/JU_Content.java
index 146473c7..65cf9bc9 100644
--- a/auth/auth-core/src/test/java/org/onap/aaf/auth/rserv/test/JU_Content.java
+++ b/auth/auth-core/src/test/java/org/onap/aaf/auth/rserv/test/JU_Content.java
@@ -41,621 +41,621 @@ import org.onap.aaf.misc.env.impl.EnvFactory;
* Test the functioning of the "Content" class, which holds, and routes to the right code based on Accept values
*/
public class JU_Content {
-
+
- @Test
- public void test() throws Exception {
- final String BOOL = "Boolean";
- final String XML = "XML";
- TransJAXB trans = EnvFactory.newTrans();
- try {
- HttpCode<TransJAXB, String> cBool = new HttpCode<TransJAXB,String>(BOOL,"Standard String") {
- @Override
- public void handle(TransJAXB trans, HttpServletRequest req, HttpServletResponse resp) {
- try {
- resp.getOutputStream().write(context.getBytes());
- } catch (IOException e) {
- }
- }
- };
+ @Test
+ public void test() throws Exception {
+ final String BOOL = "Boolean";
+ final String XML = "XML";
+ TransJAXB trans = EnvFactory.newTrans();
+ try {
+ HttpCode<TransJAXB, String> cBool = new HttpCode<TransJAXB,String>(BOOL,"Standard String") {
+ @Override
+ public void handle(TransJAXB trans, HttpServletRequest req, HttpServletResponse resp) {
+ try {
+ resp.getOutputStream().write(context.getBytes());
+ } catch (IOException e) {
+ }
+ }
+ };
- HttpCode<TransJAXB,String> cXML = new HttpCode<TransJAXB,String>(XML, "Standard String") {
- @Override
- public void handle(TransJAXB trans, HttpServletRequest req, HttpServletResponse resp) {
- try {
- resp.getOutputStream().write(context.getBytes());
- } catch (IOException e) {
- }
- }
- };
+ HttpCode<TransJAXB,String> cXML = new HttpCode<TransJAXB,String>(XML, "Standard String") {
+ @Override
+ public void handle(TransJAXB trans, HttpServletRequest req, HttpServletResponse resp) {
+ try {
+ resp.getOutputStream().write(context.getBytes());
+ } catch (IOException e) {
+ }
+ }
+ };
- TypedCode<TransJAXB> ct = new TypedCode<TransJAXB>()
- .add(cBool,"application/" + Boolean.class.getName()+"+xml;charset=utf8;version=1.1")
- .add(cXML,"application/xml;q=.9");
- String expected = "application/java.lang.Boolean+xml;charset=utf8;version=1.1,application/xml;q=0.9";
- assertEquals(expected,ct.toString());
+ TypedCode<TransJAXB> ct = new TypedCode<TransJAXB>()
+ .add(cBool,"application/" + Boolean.class.getName()+"+xml;charset=utf8;version=1.1")
+ .add(cXML,"application/xml;q=.9");
+ String expected = "application/java.lang.Boolean+xml;charset=utf8;version=1.1,application/xml;q=0.9";
+ assertEquals(expected,ct.toString());
- //BogusReq req = new BogusReq();
- //expected = (expected);
- //HttpServletResponse resp = new BogusResp();
-
- assertNotNull("Same Content String and Accept String",ct.prep(trans,expected));
+ //BogusReq req = new BogusReq();
+ //expected = (expected);
+ //HttpServletResponse resp = new BogusResp();
+
+ assertNotNull("Same Content String and Accept String",ct.prep(trans,expected));
- //expects Null (not run)
- // A Boolean xml that must have charset utf8 and match version 1.2 or greater
- expected = ("application/java.lang.Boolean+xml;charset=utf8;version=1.2");
- assertNull("Accept Minor Version greater than Content Minor Version",ct.prep(trans,expected));
+ //expects Null (not run)
+ // A Boolean xml that must have charset utf8 and match version 1.2 or greater
+ expected = ("application/java.lang.Boolean+xml;charset=utf8;version=1.2");
+ assertNull("Accept Minor Version greater than Content Minor Version",ct.prep(trans,expected));
- // Same with (too many) spaces
- expected = (" application/java.lang.Boolean+xml ; charset = utf8 ; version = 1.2 ");
- assertNull("Accept Minor Version greater than Content Minor Version",ct.prep(trans,expected));
+ // Same with (too many) spaces
+ expected = (" application/java.lang.Boolean+xml ; charset = utf8 ; version = 1.2 ");
+ assertNull("Accept Minor Version greater than Content Minor Version",ct.prep(trans,expected));
- //expects Null (not run)
- expected = ("application/java.lang.Boolean+xml;charset=utf8;version=2.1");
- assertNull("Major Versions not the same",ct.prep(trans,expected));
+ //expects Null (not run)
+ expected = ("application/java.lang.Boolean+xml;charset=utf8;version=2.1");
+ assertNull("Major Versions not the same",ct.prep(trans,expected));
- expected = ("application/java.lang.Boolean+xml;charset=utf8;version=1.0");
- assertNotNull("Content Minor Version is greater than Accept Minor Version",ct.prep(trans,expected));
+ expected = ("application/java.lang.Boolean+xml;charset=utf8;version=1.0");
+ assertNotNull("Content Minor Version is greater than Accept Minor Version",ct.prep(trans,expected));
- expected = "application/java.lang.Squid+xml;charset=utf8;version=1.0,application/xml;q=.9";
- assertNotNull("2nd one will have to do...",ct.prep(trans,expected));
+ expected = "application/java.lang.Squid+xml;charset=utf8;version=1.0,application/xml;q=.9";
+ assertNotNull("2nd one will have to do...",ct.prep(trans,expected));
- expected = "application/java.lang.Boolean+xml;charset=UTF8;version=1.0";
- assertNotNull("Minor Charset in Caps acceptable",ct.prep(trans,expected));
+ expected = "application/java.lang.Boolean+xml;charset=UTF8;version=1.0";
+ assertNotNull("Minor Charset in Caps acceptable",ct.prep(trans,expected));
- // expects no run
- expected="application/java.lang.Boolean+xml;charset=MyType;version=1.0";
- assertNull("Unknown Minor Charset",ct.prep(trans,expected));
+ // expects no run
+ expected="application/java.lang.Boolean+xml;charset=MyType;version=1.0";
+ assertNull("Unknown Minor Charset",ct.prep(trans,expected));
- expected="";
- assertNotNull("Blank Acceptance",ct.prep(trans,expected));
-
- expected=null;
- assertNotNull("Null Acceptance",ct.prep(trans,expected));
+ expected="";
+ assertNotNull("Blank Acceptance",ct.prep(trans,expected));
+
+ expected=null;
+ assertNotNull("Null Acceptance",ct.prep(trans,expected));
- expected = ("text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8");
- assertNotNull("Matches application/xml, and other content not known",ct.prep(trans,expected));
-
- // No SemiColon
- expected = ("i/am/bogus,application/xml");
- assertNotNull("Match second entry, with no Semis",ct.prep(trans,expected));
+ expected = ("text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8");
+ assertNotNull("Matches application/xml, and other content not known",ct.prep(trans,expected));
+
+ // No SemiColon
+ expected = ("i/am/bogus,application/xml");
+ assertNotNull("Match second entry, with no Semis",ct.prep(trans,expected));
- } finally {
- StringBuilder sb = new StringBuilder();
- trans.auditTrail(0, sb);
- //System.out.println(sb);
- }
- }
-//
-// Original API used HTTPServletRequest and HTTPServletResponse. Due to the fact that sometimes we use Accept, and others Content-TYpe
-// I changed it to simply accept a string
-//
-// Jonathan 3/8/2013
-//
-// @SuppressWarnings("rawtypes")
-// class BogusReq implements HttpServletRequest {
-// private String accept;
-//
-// public void accept(String accept) {
-// this.accept = accept;
-// }
-//
-// @Override
-// public Object getAttribute(String name) {
-// return accept;
-// }
-//
-//
-// @Override
-// public Enumeration getAttributeNames() {
-// return null;
-// }
-//
-// @Override
-// public String getCharacterEncoding() {
-// return null;
-// }
-//
-// @Override
-// public void setCharacterEncoding(String env)
-// throws UnsupportedEncodingException {
-//
-//
-// }
-//
-// @Override
-// public int getContentLength() {
-//
-// return 0;
-// }
-//
-// @Override
-// public String getContentType() {
-//
-// return null;
-// }
-//
-// @Override
-// public ServletInputStream getInputStream() throws IOException {
-//
-// return null;
-// }
-//
-// @Override
-// public String getParameter(String name) {
-//
-// return null;
-// }
-//
-// @Override
-// public Enumeration getParameterNames() {
-//
-// return null;
-// }
-//
-// @Override
-// public String[] getParameterValues(String name) {
-//
-// return null;
-// }
-//
-// @Override
-// public Map getParameterMap() {
-//
-// return null;
-// }
-//
-// @Override
-// public String getProtocol() {
-//
-// return null;
-// }
-//
-// @Override
-// public String getScheme() {
-//
-// return null;
-// }
-//
-// @Override
-// public String getServerName() {
-//
-// return null;
-// }
-//
-// @Override
-// public int getServerPort() {
-//
-// return 0;
-// }
-//
-// @Override
-// public BufferedReader getReader() throws IOException {
-//
-// return null;
-// }
-//
-// @Override
-// public String getRemoteAddr() {
-//
-// return null;
-// }
-//
-// @Override
-// public String getRemoteHost() {
-//
-// return null;
-// }
-//
-// @Override
-// public void setAttribute(String name, Object o) {
-//
-//
-// }
-//
-// @Override
-// public void removeAttribute(String name) {
-//
-//
-// }
-//
-// @Override
-// public Locale getLocale() {
-//
-// return null;
-// }
-//
-// @Override
-// public Enumeration getLocales() {
-//
-// return null;
-// }
-//
-// @Override
-// public boolean isSecure() {
-//
-// return false;
-// }
-//
-// @Override
-// public RequestDispatcher getRequestDispatcher(String path) {
-//
-// return null;
-// }
-//
-// @Override
-// public String getRealPath(String path) {
-//
-// return null;
-// }
-//
-// @Override
-// public int getRemotePort() {
-//
-// return 0;
-// }
-//
-// @Override
-// public String getLocalName() {
-//
-// return null;
-// }
-//
-// @Override
-// public String getLocalAddr() {
-//
-// return null;
-// }
-//
-// @Override
-// public int getLocalPort() {
-//
-// return 0;
-// }
-//
-// @Override
-// public String getAuthType() {
-//
-// return null;
-// }
-//
-// @Override
-// public Cookie[] getCookies() {
-//
-// return null;
-// }
-//
-// @Override
-// public long getDateHeader(String name) {
-//
-// return 0;
-// }
-//
-// @Override
-// public String getHeader(String name) {
-// return accept;
-// }
-//
-// @Override
-// public Enumeration getHeaders(String name) {
-//
-// return null;
-// }
-//
-// @Override
-// public Enumeration getHeaderNames() {
-//
-// return null;
-// }
-//
-// @Override
-// public int getIntHeader(String name) {
-//
-// return 0;
-// }
-//
-// @Override
-// public String getMethod() {
-//
-// return null;
-// }
-//
-// @Override
-// public String getPathInfo() {
-//
-// return null;
-// }
-//
-// @Override
-// public String getPathTranslated() {
-//
-// return null;
-// }
-//
-// @Override
-// public String getContextPath() {
-//
-// return null;
-// }
-//
-// @Override
-// public String getQueryString() {
-//
-// return null;
-// }
-//
-// @Override
-// public String getRemoteUser() {
-//
-// return null;
-// }
-//
-// @Override
-// public boolean isUserInRole(String role) {
-//
-// return false;
-// }
-//
-// @Override
-// public Principal getUserPrincipal() {
-//
-// return null;
-// }
-//
-// @Override
-// public String getRequestedSessionId() {
-//
-// return null;
-// }
-//
-// @Override
-// public String getRequestURI() {
-//
-// return null;
-// }
-//
-// @Override
-// public StringBuffer getRequestURL() {
-//
-// return null;
-// }
-//
-// @Override
-// public String getServletPath() {
-//
-// return null;
-// }
-//
-// @Override
-// public HttpSession getSession(boolean create) {
-//
-// return null;
-// }
-//
-// @Override
-// public HttpSession getSession() {
-//
-// return null;
-// }
-//
-// @Override
-// public boolean isRequestedSessionIdValid() {
-//
-// return false;
-// }
-//
-// @Override
-// public boolean isRequestedSessionIdFromCookie() {
-//
-// return false;
-// }
-//
-// @Override
-// public boolean isRequestedSessionIdFromURL() {
-//
-// return false;
-// }
-//
-// @Override
-// public boolean isRequestedSessionIdFromUrl() {
-//
-// return false;
-// }
-// }
-//
-// public class BogusResp implements HttpServletResponse {
-// public String contentType;
-//
-// @Override
-// public String getCharacterEncoding() {
-//
-// return null;
-// }
-//
-// @Override
-// public String getContentType() {
-// return contentType;
-// }
-//
-// @Override
-// public ServletOutputStream getOutputStream() throws IOException {
-//
-// return null;
-// }
-//
-// @Override
-// public PrintWriter getWriter() throws IOException {
-//
-// return null;
-// }
-//
-// @Override
-// public void setCharacterEncoding(String charset) {
-//
-//
-// }
-//
-// @Override
-// public void setContentLength(int len) {
-//
-//
-// }
-//
-// @Override
-// public void setContentType(String type) {
-// contentType = type;
-// }
-//
-// @Override
-// public void setBufferSize(int size) {
-//
-//
-// }
-//
-// @Override
-// public int getBufferSize() {
-//
-// return 0;
-// }
-//
-// @Override
-// public void flushBuffer() throws IOException {
-//
-//
-// }
-//
-// @Override
-// public void resetBuffer() {
-//
-//
-// }
-//
-// @Override
-// public boolean isCommitted() {
-//
-// return false;
-// }
-//
-// @Override
-// public void reset() {
-//
-//
-// }
-//
-// @Override
-// public void setLocale(Locale loc) {
-//
-//
-// }
-//
-// @Override
-// public Locale getLocale() {
-//
-// return null;
-// }
-//
-// @Override
-// public void addCookie(Cookie cookie) {
-//
-//
-// }
-//
-// @Override
-// public boolean containsHeader(String name) {
-//
-// return false;
-// }
-//
-// @Override
-// public String encodeURL(String url) {
-//
-// return null;
-// }
-//
-// @Override
-// public String encodeRedirectURL(String url) {
-//
-// return null;
-// }
-//
-// @Override
-// public String encodeUrl(String url) {
-//
-// return null;
-// }
-//
-// @Override
-// public String encodeRedirectUrl(String url) {
-//
-// return null;
-// }
-//
-// @Override
-// public void sendError(int sc, String msg) throws IOException {
-//
-//
-// }
-//
-// @Override
-// public void sendError(int sc) throws IOException {
-//
-//
-// }
-//
-// @Override
-// public void sendRedirect(String location) throws IOException {
-//
-//
-// }
-//
-// @Override
-// public void setDateHeader(String name, long date) {
-//
-//
-// }
-//
-// @Override
-// public void addDateHeader(String name, long date) {
-//
-//
-// }
-//
-// @Override
-// public void setHeader(String name, String value) {
-//
-//
-// }
-//
-// @Override
-// public void addHeader(String name, String value) {
-//
-//
-// }
-//
-// @Override
-// public void setIntHeader(String name, int value) {
-//
-//
-// }
-//
-// @Override
-// public void addIntHeader(String name, int value) {
-//
-//
-// }
-//
-// @Override
-// public void setStatus(int sc) {
-//
-//
-// }
-//
-// @Override
-// public void setStatus(int sc, String sm) {
-//
-//
-// }
-//
-// }
+ } finally {
+ StringBuilder sb = new StringBuilder();
+ trans.auditTrail(0, sb);
+ //System.out.println(sb);
+ }
+ }
+//
+// Original API used HTTPServletRequest and HTTPServletResponse. Due to the fact that sometimes we use Accept, and others Content-TYpe
+// I changed it to simply accept a string
+//
+// Jonathan 3/8/2013
+//
+// @SuppressWarnings("rawtypes")
+// class BogusReq implements HttpServletRequest {
+// private String accept;
+//
+// public void accept(String accept) {
+// this.accept = accept;
+// }
+//
+// @Override
+// public Object getAttribute(String name) {
+// return accept;
+// }
+//
+//
+// @Override
+// public Enumeration getAttributeNames() {
+// return null;
+// }
+//
+// @Override
+// public String getCharacterEncoding() {
+// return null;
+// }
+//
+// @Override
+// public void setCharacterEncoding(String env)
+// throws UnsupportedEncodingException {
+//
+//
+// }
+//
+// @Override
+// public int getContentLength() {
+//
+// return 0;
+// }
+//
+// @Override
+// public String getContentType() {
+//
+// return null;
+// }
+//
+// @Override
+// public ServletInputStream getInputStream() throws IOException {
+//
+// return null;
+// }
+//
+// @Override
+// public String getParameter(String name) {
+//
+// return null;
+// }
+//
+// @Override
+// public Enumeration getParameterNames() {
+//
+// return null;
+// }
+//
+// @Override
+// public String[] getParameterValues(String name) {
+//
+// return null;
+// }
+//
+// @Override
+// public Map getParameterMap() {
+//
+// return null;
+// }
+//
+// @Override
+// public String getProtocol() {
+//
+// return null;
+// }
+//
+// @Override
+// public String getScheme() {
+//
+// return null;
+// }
+//
+// @Override
+// public String getServerName() {
+//
+// return null;
+// }
+//
+// @Override
+// public int getServerPort() {
+//
+// return 0;
+// }
+//
+// @Override
+// public BufferedReader getReader() throws IOException {
+//
+// return null;
+// }
+//
+// @Override
+// public String getRemoteAddr() {
+//
+// return null;
+// }
+//
+// @Override
+// public String getRemoteHost() {
+//
+// return null;
+// }
+//
+// @Override
+// public void setAttribute(String name, Object o) {
+//
+//
+// }
+//
+// @Override
+// public void removeAttribute(String name) {
+//
+//
+// }
+//
+// @Override
+// public Locale getLocale() {
+//
+// return null;
+// }
+//
+// @Override
+// public Enumeration getLocales() {
+//
+// return null;
+// }
+//
+// @Override
+// public boolean isSecure() {
+//
+// return false;
+// }
+//
+// @Override
+// public RequestDispatcher getRequestDispatcher(String path) {
+//
+// return null;
+// }
+//
+// @Override
+// public String getRealPath(String path) {
+//
+// return null;
+// }
+//
+// @Override
+// public int getRemotePort() {
+//
+// return 0;
+// }
+//
+// @Override
+// public String getLocalName() {
+//
+// return null;
+// }
+//
+// @Override
+// public String getLocalAddr() {
+//
+// return null;
+// }
+//
+// @Override
+// public int getLocalPort() {
+//
+// return 0;
+// }
+//
+// @Override
+// public String getAuthType() {
+//
+// return null;
+// }
+//
+// @Override
+// public Cookie[] getCookies() {
+//
+// return null;
+// }
+//
+// @Override
+// public long getDateHeader(String name) {
+//
+// return 0;
+// }
+//
+// @Override
+// public String getHeader(String name) {
+// return accept;
+// }
+//
+// @Override
+// public Enumeration getHeaders(String name) {
+//
+// return null;
+// }
+//
+// @Override
+// public Enumeration getHeaderNames() {
+//
+// return null;
+// }
+//
+// @Override
+// public int getIntHeader(String name) {
+//
+// return 0;
+// }
+//
+// @Override
+// public String getMethod() {
+//
+// return null;
+// }
+//
+// @Override
+// public String getPathInfo() {
+//
+// return null;
+// }
+//
+// @Override
+// public String getPathTranslated() {
+//
+// return null;
+// }
+//
+// @Override
+// public String getContextPath() {
+//
+// return null;
+// }
+//
+// @Override
+// public String getQueryString() {
+//
+// return null;
+// }
+//
+// @Override
+// public String getRemoteUser() {
+//
+// return null;
+// }
+//
+// @Override
+// public boolean isUserInRole(String role) {
+//
+// return false;
+// }
+//
+// @Override
+// public Principal getUserPrincipal() {
+//
+// return null;
+// }
+//
+// @Override
+// public String getRequestedSessionId() {
+//
+// return null;
+// }
+//
+// @Override
+// public String getRequestURI() {
+//
+// return null;
+// }
+//
+// @Override
+// public StringBuffer getRequestURL() {
+//
+// return null;
+// }
+//
+// @Override
+// public String getServletPath() {
+//
+// return null;
+// }
+//
+// @Override
+// public HttpSession getSession(boolean create) {
+//
+// return null;
+// }
+//
+// @Override
+// public HttpSession getSession() {
+//
+// return null;
+// }
+//
+// @Override
+// public boolean isRequestedSessionIdValid() {
+//
+// return false;
+// }
+//
+// @Override
+// public boolean isRequestedSessionIdFromCookie() {
+//
+// return false;
+// }
+//
+// @Override
+// public boolean isRequestedSessionIdFromURL() {
+//
+// return false;
+// }
+//
+// @Override
+// public boolean isRequestedSessionIdFromUrl() {
+//
+// return false;
+// }
+// }
+//
+// public class BogusResp implements HttpServletResponse {
+// public String contentType;
+//
+// @Override
+// public String getCharacterEncoding() {
+//
+// return null;
+// }
+//
+// @Override
+// public String getContentType() {
+// return contentType;
+// }
+//
+// @Override
+// public ServletOutputStream getOutputStream() throws IOException {
+//
+// return null;
+// }
+//
+// @Override
+// public PrintWriter getWriter() throws IOException {
+//
+// return null;
+// }
+//
+// @Override
+// public void setCharacterEncoding(String charset) {
+//
+//
+// }
+//
+// @Override
+// public void setContentLength(int len) {
+//
+//
+// }
+//
+// @Override
+// public void setContentType(String type) {
+// contentType = type;
+// }
+//
+// @Override
+// public void setBufferSize(int size) {
+//
+//
+// }
+//
+// @Override
+// public int getBufferSize() {
+//
+// return 0;
+// }
+//
+// @Override
+// public void flushBuffer() throws IOException {
+//
+//
+// }
+//
+// @Override
+// public void resetBuffer() {
+//
+//
+// }
+//
+// @Override
+// public boolean isCommitted() {
+//
+// return false;
+// }
+//
+// @Override
+// public void reset() {
+//
+//
+// }
+//
+// @Override
+// public void setLocale(Locale loc) {
+//
+//
+// }
+//
+// @Override
+// public Locale getLocale() {
+//
+// return null;
+// }
+//
+// @Override
+// public void addCookie(Cookie cookie) {
+//
+//
+// }
+//
+// @Override
+// public boolean containsHeader(String name) {
+//
+// return false;
+// }
+//
+// @Override
+// public String encodeURL(String url) {
+//
+// return null;
+// }
+//
+// @Override
+// public String encodeRedirectURL(String url) {
+//
+// return null;
+// }
+//
+// @Override
+// public String encodeUrl(String url) {
+//
+// return null;
+// }
+//
+// @Override
+// public String encodeRedirectUrl(String url) {
+//
+// return null;
+// }
+//
+// @Override
+// public void sendError(int sc, String msg) throws IOException {
+//
+//
+// }
+//
+// @Override
+// public void sendError(int sc) throws IOException {
+//
+//
+// }
+//
+// @Override
+// public void sendRedirect(String location) throws IOException {
+//
+//
+// }
+//
+// @Override
+// public void setDateHeader(String name, long date) {
+//
+//
+// }
+//
+// @Override
+// public void addDateHeader(String name, long date) {
+//
+//
+// }
+//
+// @Override
+// public void setHeader(String name, String value) {
+//
+//
+// }
+//
+// @Override
+// public void addHeader(String name, String value) {
+//
+//
+// }
+//
+// @Override
+// public void setIntHeader(String name, int value) {
+//
+//
+// }
+//
+// @Override
+// public void addIntHeader(String name, int value) {
+//
+//
+// }
+//
+// @Override
+// public void setStatus(int sc) {
+//
+//
+// }
+//
+// @Override
+// public void setStatus(int sc, String sm) {
+//
+//
+// }
+//
+// }
//
}
diff --git a/auth/auth-core/src/test/java/org/onap/aaf/auth/rserv/test/JU_Content1.java b/auth/auth-core/src/test/java/org/onap/aaf/auth/rserv/test/JU_Content1.java
index 18723962..0c35eaf0 100644
--- a/auth/auth-core/src/test/java/org/onap/aaf/auth/rserv/test/JU_Content1.java
+++ b/auth/auth-core/src/test/java/org/onap/aaf/auth/rserv/test/JU_Content1.java
@@ -41,90 +41,90 @@ import org.onap.aaf.misc.env.impl.EnvFactory;
* Test the functioning of the "Content" class, which holds, and routes to the right code based on Accept values
*/
public class JU_Content1 {
-
-
- @Test
- public void test() throws Exception {
- final String BOOL = "Boolean";
- final String XML = "XML";
- TransJAXB trans = EnvFactory.newTrans();
- try {
- HttpCode<TransJAXB, String> cBool = new HttpCode<TransJAXB,String>(BOOL,"Standard String") {
- @Override
- public void handle(TransJAXB trans, HttpServletRequest req, HttpServletResponse resp) {
- try {
- resp.getOutputStream().write(context.getBytes());
- } catch (IOException e) {
- }
- }
- };
-
- HttpCode<TransJAXB,String> cXML = new HttpCode<TransJAXB,String>(XML, "Standard String") {
- @Override
- public void handle(TransJAXB trans, HttpServletRequest req, HttpServletResponse resp) {
- try {
- resp.getOutputStream().write(context.getBytes());
- } catch (IOException e) {
- }
- }
- };
-
- TypedCode<TransJAXB> ct = new TypedCode<TransJAXB>()
- .add(cBool,"application/" + Boolean.class.getName()+"+xml;charset=utf8;version=1.1")
- .add(cXML,"application/xml;q=.9");
- String expected = "application/java.lang.Boolean+xml;charset=utf8;version=1.1,application/xml;q=0.9";
- assertEquals(expected,ct.toString());
-
- //BogusReq req = new BogusReq();
- //expected = (expected);
- //HttpServletResponse resp = new BogusResp();
-
- assertNotNull("Same Content String and Accept String",ct.prep(trans,expected));
-
- //expects Null (not run)
- // A Boolean xml that must have charset utf8 and match version 1.2 or greater
- expected = ("application/java.lang.Boolean+xml;charset=utf8;version=1.2");
- assertNull("Accept Minor Version greater than Content Minor Version",ct.prep(trans,expected));
-
- // Same with (too many) spaces
- expected = (" application/java.lang.Boolean+xml ; charset = utf8 ; version = 1.2 ");
- assertNull("Accept Minor Version greater than Content Minor Version",ct.prep(trans,expected));
-
- //expects Null (not run)
- expected = ("application/java.lang.Boolean+xml;charset=utf8;version=2.1");
- assertNull("Major Versions not the same",ct.prep(trans,expected));
-
- expected = ("application/java.lang.Boolean+xml;charset=utf8;version=1.0");
- assertNotNull("Content Minor Version is greater than Accept Minor Version",ct.prep(trans,expected));
-
- expected = "application/java.lang.Squid+xml;charset=utf8;version=1.0,application/xml;q=.9";
- assertNotNull("2nd one will have to do...",ct.prep(trans,expected));
-
- expected = "application/java.lang.Boolean+xml;charset=UTF8;version=1.0";
- assertNotNull("Minor Charset in Caps acceptable",ct.prep(trans,expected));
-
- // expects no run
- expected="application/java.lang.Boolean+xml;charset=MyType;version=1.0";
- assertNull("Unknown Minor Charset",ct.prep(trans,expected));
-
- expected="";
- assertNotNull("Blank Acceptance",ct.prep(trans,expected));
-
- expected=null;
- assertNotNull("Null Acceptance",ct.prep(trans,expected));
-
- expected = ("text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8");
- assertNotNull("Matches application/xml, and other content not known",ct.prep(trans,expected));
-
- // No SemiColon
- expected = ("i/am/bogus,application/xml");
- assertNotNull("Match second entry, with no Semis",ct.prep(trans,expected));
-
- } finally {
- StringBuilder sb = new StringBuilder();
- trans.auditTrail(0, sb);
- //System.out.println(sb);
- }
- }
+
+
+ @Test
+ public void test() throws Exception {
+ final String BOOL = "Boolean";
+ final String XML = "XML";
+ TransJAXB trans = EnvFactory.newTrans();
+ try {
+ HttpCode<TransJAXB, String> cBool = new HttpCode<TransJAXB,String>(BOOL,"Standard String") {
+ @Override
+ public void handle(TransJAXB trans, HttpServletRequest req, HttpServletResponse resp) {
+ try {
+ resp.getOutputStream().write(context.getBytes());
+ } catch (IOException e) {
+ }
+ }
+ };
+
+ HttpCode<TransJAXB,String> cXML = new HttpCode<TransJAXB,String>(XML, "Standard String") {
+ @Override
+ public void handle(TransJAXB trans, HttpServletRequest req, HttpServletResponse resp) {
+ try {
+ resp.getOutputStream().write(context.getBytes());
+ } catch (IOException e) {
+ }
+ }
+ };
+
+ TypedCode<TransJAXB> ct = new TypedCode<TransJAXB>()
+ .add(cBool,"application/" + Boolean.class.getName()+"+xml;charset=utf8;version=1.1")
+ .add(cXML,"application/xml;q=.9");
+ String expected = "application/java.lang.Boolean+xml;charset=utf8;version=1.1,application/xml;q=0.9";
+ assertEquals(expected,ct.toString());
+
+ //BogusReq req = new BogusReq();
+ //expected = (expected);
+ //HttpServletResponse resp = new BogusResp();
+
+ assertNotNull("Same Content String and Accept String",ct.prep(trans,expected));
+
+ //expects Null (not run)
+ // A Boolean xml that must have charset utf8 and match version 1.2 or greater
+ expected = ("application/java.lang.Boolean+xml;charset=utf8;version=1.2");
+ assertNull("Accept Minor Version greater than Content Minor Version",ct.prep(trans,expected));
+
+ // Same with (too many) spaces
+ expected = (" application/java.lang.Boolean+xml ; charset = utf8 ; version = 1.2 ");
+ assertNull("Accept Minor Version greater than Content Minor Version",ct.prep(trans,expected));
+
+ //expects Null (not run)
+ expected = ("application/java.lang.Boolean+xml;charset=utf8;version=2.1");
+ assertNull("Major Versions not the same",ct.prep(trans,expected));
+
+ expected = ("application/java.lang.Boolean+xml;charset=utf8;version=1.0");
+ assertNotNull("Content Minor Version is greater than Accept Minor Version",ct.prep(trans,expected));
+
+ expected = "application/java.lang.Squid+xml;charset=utf8;version=1.0,application/xml;q=.9";
+ assertNotNull("2nd one will have to do...",ct.prep(trans,expected));
+
+ expected = "application/java.lang.Boolean+xml;charset=UTF8;version=1.0";
+ assertNotNull("Minor Charset in Caps acceptable",ct.prep(trans,expected));
+
+ // expects no run
+ expected="application/java.lang.Boolean+xml;charset=MyType;version=1.0";
+ assertNull("Unknown Minor Charset",ct.prep(trans,expected));
+
+ expected="";
+ assertNotNull("Blank Acceptance",ct.prep(trans,expected));
+
+ expected=null;
+ assertNotNull("Null Acceptance",ct.prep(trans,expected));
+
+ expected = ("text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8");
+ assertNotNull("Matches application/xml, and other content not known",ct.prep(trans,expected));
+
+ // No SemiColon
+ expected = ("i/am/bogus,application/xml");
+ assertNotNull("Match second entry, with no Semis",ct.prep(trans,expected));
+
+ } finally {
+ StringBuilder sb = new StringBuilder();
+ trans.auditTrail(0, sb);
+ //System.out.println(sb);
+ }
+ }
}
diff --git a/auth/auth-core/src/test/java/org/onap/aaf/auth/rserv/test/JU_Pair.java b/auth/auth-core/src/test/java/org/onap/aaf/auth/rserv/test/JU_Pair.java
index 557c7ec5..7b44fd78 100644
--- a/auth/auth-core/src/test/java/org/onap/aaf/auth/rserv/test/JU_Pair.java
+++ b/auth/auth-core/src/test/java/org/onap/aaf/auth/rserv/test/JU_Pair.java
@@ -30,18 +30,18 @@ import org.onap.aaf.auth.rserv.Pair;
import junit.framework.Assert;
public class JU_Pair {
- Pair<Integer, Integer> pair;
- Integer x;
- Integer y;
-
- @Before
- public void setUp(){
- pair = new Pair<Integer, Integer>(1, 2);
- }
+ Pair<Integer, Integer> pair;
+ Integer x;
+ Integer y;
+
+ @Before
+ public void setUp(){
+ pair = new Pair<Integer, Integer>(1, 2);
+ }
- @Test
- public void testToString() {
- String result = pair.toString();
- Assert.assertEquals("X: " + pair.x.toString() + "-->" + pair.y.toString(), result);
- }
+ @Test
+ public void testToString() {
+ String result = pair.toString();
+ Assert.assertEquals("X: " + pair.x.toString() + "-->" + pair.y.toString(), result);
+ }
}
diff --git a/auth/auth-core/src/test/java/org/onap/aaf/auth/rserv/test/JU_Route.java b/auth/auth-core/src/test/java/org/onap/aaf/auth/rserv/test/JU_Route.java
index 4448a0bb..c83bf254 100644
--- a/auth/auth-core/src/test/java/org/onap/aaf/auth/rserv/test/JU_Route.java
+++ b/auth/auth-core/src/test/java/org/onap/aaf/auth/rserv/test/JU_Route.java
@@ -32,28 +32,28 @@ import org.onap.aaf.misc.env.Trans;
import org.onap.aaf.auth.rserv.*;
public class JU_Route {
- Route route;
- HttpCode httpCode;
- HttpMethods httpMethod;
- Trans trans;
-
- @Before
- public void setUp() { //TODO: AAF-111 complete when actual input is provided
- //httpMethod = Matchers.any(HttpMethods.class);
- //when(httpMethod.name()).thenReturn("test");
- // route = new Route(null,"path/to/place");
- }
-
-
- @Test
- public void testAdd() {
- // route.add(httpCode, "path/to/place");
- }
-
- @Test
- public void testStart() {
- // trans = mock(Trans.class);
- // route.start(trans, "test", httpCode, "test");
- }
+ Route route;
+ HttpCode httpCode;
+ HttpMethods httpMethod;
+ Trans trans;
+
+ @Before
+ public void setUp() { //TODO: AAF-111 complete when actual input is provided
+ //httpMethod = Matchers.any(HttpMethods.class);
+ //when(httpMethod.name()).thenReturn("test");
+ // route = new Route(null,"path/to/place");
+ }
+
+
+ @Test
+ public void testAdd() {
+ // route.add(httpCode, "path/to/place");
+ }
+
+ @Test
+ public void testStart() {
+ // trans = mock(Trans.class);
+ // route.start(trans, "test", httpCode, "test");
+ }
}
diff --git a/auth/auth-core/src/test/java/org/onap/aaf/auth/rserv/test/JU_RouteReport.java b/auth/auth-core/src/test/java/org/onap/aaf/auth/rserv/test/JU_RouteReport.java
index a9fdff60..5c7ca8dd 100644
--- a/auth/auth-core/src/test/java/org/onap/aaf/auth/rserv/test/JU_RouteReport.java
+++ b/auth/auth-core/src/test/java/org/onap/aaf/auth/rserv/test/JU_RouteReport.java
@@ -30,11 +30,11 @@ import org.junit.Test;
public class JU_RouteReport {
- @Test
- public void test() {
- RouteReport report;
- report = new RouteReport();
- Assert.assertNotNull(report);
- }
+ @Test
+ public void test() {
+ RouteReport report;
+ report = new RouteReport();
+ Assert.assertNotNull(report);
+ }
}
diff --git a/auth/auth-core/src/test/java/org/onap/aaf/auth/rserv/test/JU_Routes.java b/auth/auth-core/src/test/java/org/onap/aaf/auth/rserv/test/JU_Routes.java
index 2ed08841..c98922b4 100644
--- a/auth/auth-core/src/test/java/org/onap/aaf/auth/rserv/test/JU_Routes.java
+++ b/auth/auth-core/src/test/java/org/onap/aaf/auth/rserv/test/JU_Routes.java
@@ -42,31 +42,31 @@ import org.powermock.modules.junit4.PowerMockRunner;
@RunWith(PowerMockRunner.class)
public class JU_Routes {
- Routes routes;
- @Mock
- HttpServletRequest reqMock;
- //TODO: Gabe [JUnit] Not visible to junit
- //CodeSetter<Trans> codeSetterMock;
- Route<Trans> routeObj;
-
- @Before
- public void setUp(){
- routes = new Routes();
- }
-
- @Test
- public void testRouteReport(){
- List listVal = routes.routeReport();
- assertNotNull(listVal);
- }
-
- @Test
- public void testDerive() throws IOException, ServletException{
- routeObj = routes.derive(reqMock, null);
-
- }
-
-
-
+ Routes routes;
+ @Mock
+ HttpServletRequest reqMock;
+ //TODO: Gabe [JUnit] Not visible to junit
+ //CodeSetter<Trans> codeSetterMock;
+ Route<Trans> routeObj;
+
+ @Before
+ public void setUp(){
+ routes = new Routes();
+ }
+
+ @Test
+ public void testRouteReport(){
+ List listVal = routes.routeReport();
+ assertNotNull(listVal);
+ }
+
+ @Test
+ public void testDerive() throws IOException, ServletException{
+ routeObj = routes.derive(reqMock, null);
+
+ }
+
+
+
}
diff --git a/auth/auth-core/src/test/java/org/onap/aaf/auth/rserv/test/JU_TypedCode.java b/auth/auth-core/src/test/java/org/onap/aaf/auth/rserv/test/JU_TypedCode.java
index d5b57de0..0c117deb 100644
--- a/auth/auth-core/src/test/java/org/onap/aaf/auth/rserv/test/JU_TypedCode.java
+++ b/auth/auth-core/src/test/java/org/onap/aaf/auth/rserv/test/JU_TypedCode.java
@@ -46,61 +46,61 @@ import org.powermock.modules.junit4.PowerMockRunner;
@RunWith(PowerMockRunner.class)
public class JU_TypedCode {
- TypedCode typedCode;
- @Mock
- RouteReport routeReportMock;
-
- @Before
- public void setUp(){
- typedCode = new TypedCode();
- }
-
- @Test
- public void testFirst(){
- String returnVal = typedCode.first();
- assertNull(returnVal);
- }
-
- @Test
- public void testAdd() {
- HttpCode<?, ?> code = mock(HttpCode.class);
- typedCode.add(code , "test", "test1", "test2");
- }
-
- @Test
- public void testPrep() throws IOException, ServletException, ClassNotFoundException {
- Trans trans = mock(Trans.class);
- TimeTaken time = new TimeTaken("yell", 2) {
- @Override
- public void output(StringBuilder sb) {
- // TODO Auto-generated method stub
- }
- };
- when(trans.start(";na=me;,prop", 8)).thenReturn(time);
- HttpCode<?, ?> code = mock(HttpCode.class);
- code.pathParam(null, null);
- code.isAuthorized(null); //Testing httpcode, currently not working
- code.no_cache();
- code.toString();
-
- typedCode.add(code , "");
- typedCode.prep(null , "q");
-
- typedCode.add(code , "t");
- typedCode.prep(trans , null);
-
- typedCode.add(code , "t");
- typedCode.prep(trans , "");
-
- typedCode.add(code, "POST /authn/validate application/CredRequest+json;charset=utf-8;version=2.0,application/json;version=2.0,*/*");
- //typedCode.prep(trans , "POST /authn/validate application/CredRequest+json;charset=utf-8;version=2.0,application/json;version=2.0,*/*");
- }
-
- @Test
- public void testRelatedTo() {
- HttpCode<?, ?> code = mock(HttpCode.class);
- StringBuilder sb = new StringBuilder();
- typedCode.relatedTo(code, sb);
- }
+ TypedCode typedCode;
+ @Mock
+ RouteReport routeReportMock;
+
+ @Before
+ public void setUp(){
+ typedCode = new TypedCode();
+ }
+
+ @Test
+ public void testFirst(){
+ String returnVal = typedCode.first();
+ assertNull(returnVal);
+ }
+
+ @Test
+ public void testAdd() {
+ HttpCode<?, ?> code = mock(HttpCode.class);
+ typedCode.add(code , "test", "test1", "test2");
+ }
+
+ @Test
+ public void testPrep() throws IOException, ServletException, ClassNotFoundException {
+ Trans trans = mock(Trans.class);
+ TimeTaken time = new TimeTaken("yell", 2) {
+ @Override
+ public void output(StringBuilder sb) {
+ // TODO Auto-generated method stub
+ }
+ };
+ when(trans.start(";na=me;,prop", 8)).thenReturn(time);
+ HttpCode<?, ?> code = mock(HttpCode.class);
+ code.pathParam(null, null);
+ code.isAuthorized(null); //Testing httpcode, currently not working
+ code.no_cache();
+ code.toString();
+
+ typedCode.add(code , "");
+ typedCode.prep(null , "q");
+
+ typedCode.add(code , "t");
+ typedCode.prep(trans , null);
+
+ typedCode.add(code , "t");
+ typedCode.prep(trans , "");
+
+ typedCode.add(code, "POST /authn/validate application/CredRequest+json;charset=utf-8;version=2.0,application/json;version=2.0,*/*");
+ //typedCode.prep(trans , "POST /authn/validate application/CredRequest+json;charset=utf-8;version=2.0,application/json;version=2.0,*/*");
+ }
+
+ @Test
+ public void testRelatedTo() {
+ HttpCode<?, ?> code = mock(HttpCode.class);
+ StringBuilder sb = new StringBuilder();
+ typedCode.relatedTo(code, sb);
+ }
}
diff --git a/auth/auth-core/src/test/java/org/onap/aaf/auth/rserv/test/JU_Version.java b/auth/auth-core/src/test/java/org/onap/aaf/auth/rserv/test/JU_Version.java
index 617fa259..7698e220 100644
--- a/auth/auth-core/src/test/java/org/onap/aaf/auth/rserv/test/JU_Version.java
+++ b/auth/auth-core/src/test/java/org/onap/aaf/auth/rserv/test/JU_Version.java
@@ -34,37 +34,37 @@ import org.powermock.modules.junit4.PowerMockRunner;
@RunWith(PowerMockRunner.class)
public class JU_Version {
- Version version;
- Version versionTest;
+ Version version;
+ Version versionTest;
-
- @Before
- public void setUp(){
- version = new Version("first\\.123");
- versionTest = new Version("first\\.124");
- }
+
+ @Before
+ public void setUp(){
+ version = new Version("first\\.123");
+ versionTest = new Version("first\\.124");
+ }
- @Test
- public void testEquals(){
- version.equals(versionTest);
- versionTest.equals(version);
- versionTest = new Version("fail\\.124");
- version.equals(versionTest);
- version.equals("This is not an object of version");
- versionTest = new Version("NoVersion\\.number");
- version.equals(versionTest);
-
-
- }
-
- @Test
- public void testToString(){
- String strVal = version.toString();
- assertNotNull(strVal);
- }
-
- @Test
- public void testHashCode() {
- Assert.assertNotNull(version.hashCode());
- }
+ @Test
+ public void testEquals(){
+ version.equals(versionTest);
+ versionTest.equals(version);
+ versionTest = new Version("fail\\.124");
+ version.equals(versionTest);
+ version.equals("This is not an object of version");
+ versionTest = new Version("NoVersion\\.number");
+ version.equals(versionTest);
+
+
+ }
+
+ @Test
+ public void testToString(){
+ String strVal = version.toString();
+ assertNotNull(strVal);
+ }
+
+ @Test
+ public void testHashCode() {
+ Assert.assertNotNull(version.hashCode());
+ }
}
diff --git a/auth/auth-core/src/test/java/org/onap/aaf/auth/server/test/JU_AbsService.java b/auth/auth-core/src/test/java/org/onap/aaf/auth/server/test/JU_AbsService.java
index cd73e862..3373acab 100644
--- a/auth/auth-core/src/test/java/org/onap/aaf/auth/server/test/JU_AbsService.java
+++ b/auth/auth-core/src/test/java/org/onap/aaf/auth/server/test/JU_AbsService.java
@@ -62,51 +62,51 @@ import java.security.Principal;
import javax.servlet.Filter;
public class JU_AbsService {
-
- ByteArrayOutputStream outStream;
-
- private class AbsServiceStub extends AbsService {
+
+ ByteArrayOutputStream outStream;
+
+ private class AbsServiceStub extends AbsService {
- public AbsServiceStub(Access access, BasicEnv env) throws CadiException {
- super(access, env);
- // TODO Auto-generated constructor stub
- }
+ public AbsServiceStub(Access access, BasicEnv env) throws CadiException {
+ super(access, env);
+ // TODO Auto-generated constructor stub
+ }
- @Override
- public Filter[] _filters(Object ... additionalTafLurs) throws CadiException, LocatorException {
- // TODO Auto-generated method stub
- return null;
- }
+ @Override
+ public Filter[] _filters(Object ... additionalTafLurs) throws CadiException, LocatorException {
+ // TODO Auto-generated method stub
+ return null;
+ }
- @Override
- public Registrant[] registrants(int port) throws CadiException, LocatorException {
- // TODO Auto-generated method stub
- return null;
- }
-
- }
-
- @Before
- public void setUp() {
- outStream = new ByteArrayOutputStream();
- System.setOut(new PrintStream(outStream));
- }
-
- @After
- public void tearDown() {
- System.setOut(System.out);
- }
-
- @Test
- public void testStub() throws CadiException {
- BasicEnv bEnv = new BasicEnv();
- PropAccess prop = new PropAccess();
-
- prop.setProperty(Config.AAF_COMPONENT, "te.st:te.st");
- prop.setLogLevel(Level.DEBUG);
- AbsServiceStub absServiceStub = new AbsServiceStub(prop, bEnv); //Testing other branches requires "fails" due to exception handling, will leave that off for now.
- }
-
+ @Override
+ public Registrant[] registrants(int port) throws CadiException, LocatorException {
+ // TODO Auto-generated method stub
+ return null;
+ }
+
+ }
+
+ @Before
+ public void setUp() {
+ outStream = new ByteArrayOutputStream();
+ System.setOut(new PrintStream(outStream));
+ }
+
+ @After
+ public void tearDown() {
+ System.setOut(System.out);
+ }
+
+ @Test
+ public void testStub() throws CadiException {
+ BasicEnv bEnv = new BasicEnv();
+ PropAccess prop = new PropAccess();
+
+ prop.setProperty(Config.AAF_COMPONENT, "te.st:te.st");
+ prop.setLogLevel(Level.DEBUG);
+ AbsServiceStub absServiceStub = new AbsServiceStub(prop, bEnv); //Testing other branches requires "fails" due to exception handling, will leave that off for now.
+ }
+
}
diff --git a/auth/auth-core/src/test/java/org/onap/aaf/auth/server/test/JU_AbsServiceStarter.java b/auth/auth-core/src/test/java/org/onap/aaf/auth/server/test/JU_AbsServiceStarter.java
index 1a3f4417..7ba49dfa 100644
--- a/auth/auth-core/src/test/java/org/onap/aaf/auth/server/test/JU_AbsServiceStarter.java
+++ b/auth/auth-core/src/test/java/org/onap/aaf/auth/server/test/JU_AbsServiceStarter.java
@@ -67,82 +67,82 @@ import java.security.Principal;
import javax.servlet.Filter;
public class JU_AbsServiceStarter {
-
- ByteArrayOutputStream outStream;
- AbsServiceStub absServiceStub;
- AbsServiceStarterStub absServiceStarterStub;
-
- private class AbsServiceStarterStub extends AbsServiceStarter {
-
- public AbsServiceStarterStub(AbsService service) {
- super(service);
- // TODO Auto-generated constructor stub
- }
-
- @Override
- public void _start(RServlet rserv) throws Exception {
- // TODO Auto-generated method stub
-
- }
-
- @Override
- public void _propertyAdjustment() {
- // TODO Auto-generated method stub
-
- }
- }
-
- private class AbsServiceStub extends AbsService {
-
- public AbsServiceStub(Access access, BasicEnv env) throws CadiException {
- super(access, env);
- // TODO Auto-generated constructor stub
- }
-
- @Override
- public Filter[] _filters(Object ... additionalTafLurs) throws CadiException, LocatorException {
- // TODO Auto-generated method stub
- return null;
- }
-
- @Override
- public Registrant[] registrants(int port) throws CadiException, LocatorException {
- // TODO Auto-generated method stub
- return null;
- }
-
- }
-
- @Before
- public void setUp() {
- outStream = new ByteArrayOutputStream();
- System.setOut(new PrintStream(outStream));
- }
-
- @After
- public void tearDown() {
- System.setOut(System.out);
- }
-
-
- @Test
- public void testStub() throws CadiException {
- BasicEnv bEnv = new BasicEnv();
- PropAccess prop = new PropAccess();
-
- prop.setProperty(Config.AAF_COMPONENT, "te.st:te.st");
- prop.setLogLevel(Level.DEBUG);
- absServiceStub = new AbsServiceStub(prop, bEnv);
-
- absServiceStarterStub = new AbsServiceStarterStub(absServiceStub);
- }
-
-// @Test
-// public void testStart() throws Exception {
-// absServiceStarterStub.env();
-// absServiceStarterStub.start();
-// }
-
+
+ ByteArrayOutputStream outStream;
+ AbsServiceStub absServiceStub;
+ AbsServiceStarterStub absServiceStarterStub;
+
+ private class AbsServiceStarterStub extends AbsServiceStarter {
+
+ public AbsServiceStarterStub(AbsService service) {
+ super(service);
+ // TODO Auto-generated constructor stub
+ }
+
+ @Override
+ public void _start(RServlet rserv) throws Exception {
+ // TODO Auto-generated method stub
+
+ }
+
+ @Override
+ public void _propertyAdjustment() {
+ // TODO Auto-generated method stub
+
+ }
+ }
+
+ private class AbsServiceStub extends AbsService {
+
+ public AbsServiceStub(Access access, BasicEnv env) throws CadiException {
+ super(access, env);
+ // TODO Auto-generated constructor stub
+ }
+
+ @Override
+ public Filter[] _filters(Object ... additionalTafLurs) throws CadiException, LocatorException {
+ // TODO Auto-generated method stub
+ return null;
+ }
+
+ @Override
+ public Registrant[] registrants(int port) throws CadiException, LocatorException {
+ // TODO Auto-generated method stub
+ return null;
+ }
+
+ }
+
+ @Before
+ public void setUp() {
+ outStream = new ByteArrayOutputStream();
+ System.setOut(new PrintStream(outStream));
+ }
+
+ @After
+ public void tearDown() {
+ System.setOut(System.out);
+ }
+
+
+ @Test
+ public void testStub() throws CadiException {
+ BasicEnv bEnv = new BasicEnv();
+ PropAccess prop = new PropAccess();
+
+ prop.setProperty(Config.AAF_COMPONENT, "te.st:te.st");
+ prop.setLogLevel(Level.DEBUG);
+ absServiceStub = new AbsServiceStub(prop, bEnv);
+
+ absServiceStarterStub = new AbsServiceStarterStub(absServiceStub);
+ }
+
+// @Test
+// public void testStart() throws Exception {
+// absServiceStarterStub.env();
+// absServiceStarterStub.start();
+// }
+
}
diff --git a/auth/auth-core/src/test/java/org/onap/aaf/auth/server/test/JU_JettyServiceStarter.java b/auth/auth-core/src/test/java/org/onap/aaf/auth/server/test/JU_JettyServiceStarter.java
index 13bac174..ae7fd9d7 100644
--- a/auth/auth-core/src/test/java/org/onap/aaf/auth/server/test/JU_JettyServiceStarter.java
+++ b/auth/auth-core/src/test/java/org/onap/aaf/auth/server/test/JU_JettyServiceStarter.java
@@ -49,47 +49,47 @@ import org.junit.runner.RunWith;
import org.mockito.Mock;
public class JU_JettyServiceStarter {
- private PropAccess propAccess = new PropAccess();
- private JettyServiceStarter<AuthzEnv,AuthzTrans> jss;
- class TestService extends AbsService<AuthzEnv,AuthzTrans>{
+ private PropAccess propAccess = new PropAccess();
+ private JettyServiceStarter<AuthzEnv,AuthzTrans> jss;
+ class TestService extends AbsService<AuthzEnv,AuthzTrans>{
- public TestService(Access access, AuthzEnv env) throws CadiException {
- super(access, env);
- // TODO Auto-generated constructor stub
- }
+ public TestService(Access access, AuthzEnv env) throws CadiException {
+ super(access, env);
+ // TODO Auto-generated constructor stub
+ }
- @Override
- public Filter[] _filters(Object ... additionalTafLurs) throws CadiException, LocatorException {
- // TODO Auto-generated method stub
- return null;
- }
+ @Override
+ public Filter[] _filters(Object ... additionalTafLurs) throws CadiException, LocatorException {
+ // TODO Auto-generated method stub
+ return null;
+ }
- @Override
- public Registrant<AuthzEnv>[] registrants(int port) throws CadiException, LocatorException {
- // TODO Auto-generated method stub
- return null;
- }
+ @Override
+ public Registrant<AuthzEnv>[] registrants(int port) throws CadiException, LocatorException {
+ // TODO Auto-generated method stub
+ return null;
+ }
- }
- @SuppressWarnings("unchecked")
- @Before
- public void setUp() throws OrganizationException, CadiException {
- Access access = mock(Access.class);
-
- BasicEnv bEnv = mock(BasicEnv.class);
- Trans trans = mock(Trans.class); //TODO: Fix this once Gabe has services running to see correct output without mock
- //TestService testService = new TestService(access, bEnv);
- //jss = new JettyServiceStarter<AuthzEnv,AuthzTrans>(testService);
- }
-
-// @Test
-// public void netYetTested() {
-// fail("Tests not yet implemented");
-// }
-
- @Test
- public void testPropertyAdjustment() {
- //jss._propertyAdjustment();
- }
+ }
+ @SuppressWarnings("unchecked")
+ @Before
+ public void setUp() throws OrganizationException, CadiException {
+ Access access = mock(Access.class);
+
+ BasicEnv bEnv = mock(BasicEnv.class);
+ Trans trans = mock(Trans.class); //TODO: Fix this once Gabe has services running to see correct output without mock
+ //TestService testService = new TestService(access, bEnv);
+ //jss = new JettyServiceStarter<AuthzEnv,AuthzTrans>(testService);
+ }
+
+// @Test
+// public void netYetTested() {
+// fail("Tests not yet implemented");
+// }
+
+ @Test
+ public void testPropertyAdjustment() {
+ //jss._propertyAdjustment();
+ }
}
diff --git a/auth/auth-core/src/test/java/org/onap/aaf/auth/util/test/JU_Mask.java b/auth/auth-core/src/test/java/org/onap/aaf/auth/util/test/JU_Mask.java
index e276f8db..5bc1b68d 100644
--- a/auth/auth-core/src/test/java/org/onap/aaf/auth/util/test/JU_Mask.java
+++ b/auth/auth-core/src/test/java/org/onap/aaf/auth/util/test/JU_Mask.java
@@ -34,39 +34,39 @@ import junit.framework.Assert;
public class JU_Mask {
- @Test
- public void test() throws Exception {
-// InetAddress ia = InetAddress.getLocalHost();
- InetAddress ia = InetAddress.getByName("192.168.0.0");
- NetMask mask = new NetMask(ia.getAddress());
- assertTrue(mask.isInNet(ia.getAddress()));
-
- mask = new NetMask("192.168.1/24");
- assertTrue(mask.isInNet("192.168.1.20"));
- assertTrue(mask.isInNet("192.168.1.255"));
- assertFalse(mask.isInNet("192.168.2.20"));
-
- mask = new NetMask("192.168.1/31");
- assertFalse(mask.isInNet("192.168.2.20"));
- assertFalse(mask.isInNet("192.168.1.20"));
- assertTrue(mask.isInNet("192.168.1.1"));
- assertFalse(mask.isInNet("192.168.1.2"));
+ @Test
+ public void test() throws Exception {
+// InetAddress ia = InetAddress.getLocalHost();
+ InetAddress ia = InetAddress.getByName("192.168.0.0");
+ NetMask mask = new NetMask(ia.getAddress());
+ assertTrue(mask.isInNet(ia.getAddress()));
+
+ mask = new NetMask("192.168.1/24");
+ assertTrue(mask.isInNet("192.168.1.20"));
+ assertTrue(mask.isInNet("192.168.1.255"));
+ assertFalse(mask.isInNet("192.168.2.20"));
+
+ mask = new NetMask("192.168.1/31");
+ assertFalse(mask.isInNet("192.168.2.20"));
+ assertFalse(mask.isInNet("192.168.1.20"));
+ assertTrue(mask.isInNet("192.168.1.1"));
+ assertFalse(mask.isInNet("192.168.1.2"));
- mask = new NetMask("192/8");
- assertTrue(mask.isInNet("192.168.1.1"));
- assertTrue(mask.isInNet("192.1.1.1"));
- assertFalse(mask.isInNet("193.168.1.1"));
-
- mask = new NetMask("/0");
- assertTrue(mask.isInNet("193.168.1.1"));
-
- String msg = "Should throw " + MaskFormatException.class.getSimpleName();
- try {
- mask = new NetMask("256.256.256.256");
- Assert.assertTrue(msg,false);
- } catch (MaskFormatException e) {
- Assert.assertTrue(msg,true);
- }
- }
+ mask = new NetMask("192/8");
+ assertTrue(mask.isInNet("192.168.1.1"));
+ assertTrue(mask.isInNet("192.1.1.1"));
+ assertFalse(mask.isInNet("193.168.1.1"));
+
+ mask = new NetMask("/0");
+ assertTrue(mask.isInNet("193.168.1.1"));
+
+ String msg = "Should throw " + MaskFormatException.class.getSimpleName();
+ try {
+ mask = new NetMask("256.256.256.256");
+ Assert.assertTrue(msg,false);
+ } catch (MaskFormatException e) {
+ Assert.assertTrue(msg,true);
+ }
+ }
}
diff --git a/auth/auth-core/src/test/java/org/onap/aaf/auth/validation/test/JU_Validator.java b/auth/auth-core/src/test/java/org/onap/aaf/auth/validation/test/JU_Validator.java
index 11aaa424..20e8f72f 100644
--- a/auth/auth-core/src/test/java/org/onap/aaf/auth/validation/test/JU_Validator.java
+++ b/auth/auth-core/src/test/java/org/onap/aaf/auth/validation/test/JU_Validator.java
@@ -44,280 +44,280 @@ import junit.framework.Assert;
public class JU_Validator {
- Validator validator;
- String base = "\\x25\\x28\\x29\\x2C-\\x2E\\x30-\\x39\\x3D\\x40-\\x5A\\x5F\\x61-\\x7A";
-
- @Before
- public void setUp() {
- validator = new Validator();
- }
-
- @Test
- public void testNullOrBlank() {
- validator.nullOrBlank(null, "str");
- validator.nullOrBlank("test", "");
- validator.nullOrBlank("test", null);
- }
-
- @Test
- public void testIsNull() {
- Object o = new Object();
- validator.isNull(null, null);
- validator.isNull(null, o);
- }
-
- @Test
- public void testDescription() throws NoSuchMethodException, SecurityException, IllegalAccessException, IllegalArgumentException, InvocationTargetException {
- Class c = validator.getClass();
- Class[] cArg = new Class[2];
- cArg[0] = String.class;
- cArg[1] = String.class; //Steps to test a protected method
- Method descriptionMethod = c.getDeclaredMethod("description", cArg);
- descriptionMethod.setAccessible(true);
- descriptionMethod.invoke(validator,"test", "test1");
- descriptionMethod.invoke(validator,null, null);
- descriptionMethod.invoke(validator,null, "[\\\\x25\\\\x28\\\\x29\\\\x2C-\\\\x2E\\\\x30-\\\\x39\\\\x3D\\\\x40-\\\\x5A\\\\x5F\\\\x61-\\\\x7A\\\\x20]+");
-
-
- }
-
- @Test
- public void testPermType() {
- Assert.assertNotNull(validator.permType("[\\\\w.-]+"));
- Assert.assertNotNull(validator.permType(null));
- Assert.assertNotNull(validator.permType(""));
- Assert.assertNotNull(validator.permType("aewfew"));
- }
-
- @Test
- public void testPermType1() {
- Assert.assertNotNull(validator.permType("[\\\\w.-]+",null));
- Assert.assertNotNull(validator.permType(null,null));
- Assert.assertNotNull(validator.permType("","test"));
- Assert.assertNotNull(validator.permType("aewfew","test"));
- }
-
- @Test
- public void testPermInstance() {
-
- String middle = "]+[\\\\*]*|\\\\*|(([:/]\\\\*)|([:/][!]{0,1}[";
- Assert.assertNotNull(validator.permInstance("[" + base + middle + base + "]+[\\\\*]*[:/]*))+"));
- Assert.assertNotNull(validator.permInstance(null));
- Assert.assertNotNull(validator.permInstance(""));
- Assert.assertNotNull(validator.permInstance("test"));
- }
-
- @Test
- public void testErr() {
- Assert.assertFalse(validator.err());
- validator.isNull("test", null);
- Assert.assertTrue(validator.err());
- }
-
- @Test
- public void testErrs() {
- validator.isNull("test", null);
- Assert.assertNotNull(validator.errs());
- }
-
- @Test
- public void testPermAction() {
- Assert.assertNotNull(validator.permAction("[" + base + "]+" + "|\\\\*"));
- Assert.assertNotNull(validator.permAction("test"));
- }
-
- @Test
- public void testRole() {
- Assert.assertNotNull(validator.role("[\\\\w.-]+"));
- Assert.assertNotNull(validator.role(null));
- Assert.assertNotNull(validator.role(""));
- Assert.assertNotNull(validator.role("aewfew"));
- }
-
- @Test
- public void testNs() {
- Assert.assertNotNull(validator.ns("[\\\\w.-]+"));
- Assert.assertNotNull(validator.ns(""));
- Assert.assertNotNull(validator.ns(".access"));
- }
-
- @Test
- public void testKey() {
- Assert.assertNotNull(validator.key("[\\\\w.-]+"));
- Assert.assertNotNull(validator.key(""));
- Assert.assertNotNull(validator.key(".access"));
- }
-
- @Test
- public void testValue() {
- Assert.assertNotNull(validator.value(base));
- Assert.assertNotNull(validator.value(""));
- Assert.assertNotNull(validator.value(".access"));
- }
-
- @Test
- public void testNotOK() {
- Result<?> test = mock(Result.class);
- validator.isNull("test", null);
- when(test.notOK()).thenReturn(true);
- Assert.assertNotNull(validator.notOK(null));
- Assert.assertNotNull(validator.notOK(test));
- }
-
- @Test
- public void testIntRange() throws NoSuchMethodException, SecurityException, IllegalAccessException, IllegalArgumentException, InvocationTargetException {
- Class c = validator.getClass();
- Class[] cArg = new Class[4];
- cArg[0] = String.class;
- cArg[1] = int.class;
- cArg[2] = int.class;
- cArg[3] = int.class; //Steps to test a protected method
- Method intRangeMethod = c.getDeclaredMethod("intRange", cArg);
- intRangeMethod.setAccessible(true);
- intRangeMethod.invoke(validator,"Test",5,1,10);
- intRangeMethod.invoke(validator,"Test",1,5,10);
- intRangeMethod.invoke(validator,"Test",11,5,10);
- intRangeMethod.invoke(validator,"Test",5,6,4);
- }
-
- @Test
- public void testFloatRange() throws NoSuchMethodException, SecurityException, IllegalAccessException, IllegalArgumentException, InvocationTargetException {
- Class c = validator.getClass();
- Class[] cArg = new Class[4];
- cArg[0] = String.class;
- cArg[1] = float.class;
- cArg[2] = float.class;
- cArg[3] = float.class; //Steps to test a protected method
- Method floatRangeMethod = c.getDeclaredMethod("floatRange", cArg);
- floatRangeMethod.setAccessible(true);
- floatRangeMethod.invoke(validator,"Test",5f,1f,10f);
- floatRangeMethod.invoke(validator,"Test",1f,5f,10f);
- floatRangeMethod.invoke(validator,"Test",11f,5f,10f);
- floatRangeMethod.invoke(validator,"Test",5f,6f,4f);
- }
-
- @Test
- public void test() {
- assertTrue(Validator.ACTION_CHARS.matcher("HowdyDoody").matches());
- assertFalse(Validator.ACTION_CHARS.matcher("Howd?yDoody").matches());
- assertTrue(Validator.ACTION_CHARS.matcher("_HowdyDoody").matches());
- assertTrue(Validator.INST_CHARS.matcher("HowdyDoody").matches());
- assertFalse(Validator.INST_CHARS.matcher("Howd?yDoody").matches());
- assertTrue(Validator.INST_CHARS.matcher("_HowdyDoody").matches());
-
- //
- assertTrue(Validator.ACTION_CHARS.matcher("*").matches());
- assertTrue(Validator.INST_CHARS.matcher("*").matches());
- assertFalse(Validator.ACTION_CHARS.matcher(":*").matches());
- assertTrue(Validator.INST_CHARS.matcher(":*").matches());
- assertFalse(Validator.ACTION_CHARS.matcher(":*:*").matches());
- assertTrue(Validator.INST_CHARS.matcher(":*:*").matches());
-
- assertFalse(Validator.ACTION_CHARS.matcher(":hello").matches());
- assertTrue(Validator.INST_CHARS.matcher(":hello").matches());
- assertFalse(Validator.INST_CHARS.matcher("hello:").matches());
- assertFalse(Validator.INST_CHARS.matcher("hello:d").matches());
-
- assertFalse(Validator.ACTION_CHARS.matcher(":hello:*").matches());
- assertTrue(Validator.INST_CHARS.matcher(":hello:*").matches());
- assertFalse(Validator.ACTION_CHARS.matcher(":hello:d*:*").matches());
- assertFalse(Validator.INST_CHARS.matcher(":hello:d*d:*").matches());
- assertTrue(Validator.INST_CHARS.matcher(":hello:d*:*").matches());
- assertFalse(Validator.ACTION_CHARS.matcher("HowdyDoody*").matches());
- assertFalse(Validator.INST_CHARS.matcher("Howdy*Doody").matches());
- assertTrue(Validator.INST_CHARS.matcher("HowdyDoody*").matches());
- assertFalse(Validator.ACTION_CHARS.matcher("*HowdyDoody").matches());
- assertFalse(Validator.INST_CHARS.matcher("*HowdyDoody").matches());
- assertFalse(Validator.ACTION_CHARS.matcher(":h*").matches());
- assertFalse(Validator.INST_CHARS.matcher(":h*h*").matches());
- assertTrue(Validator.INST_CHARS.matcher(":h*").matches());
- assertFalse(Validator.ACTION_CHARS.matcher(":h:h*:*").matches());
- assertTrue(Validator.INST_CHARS.matcher(":h:h*:*").matches());
- assertFalse(Validator.INST_CHARS.matcher(":h:h*h:*").matches());
- assertFalse(Validator.INST_CHARS.matcher(":h:h*h*:*").matches());
- assertFalse(Validator.ACTION_CHARS.matcher(":h:*:*h").matches());
- assertFalse(Validator.INST_CHARS.matcher(":h:*:*h").matches());
- assertTrue(Validator.INST_CHARS.matcher(":com.test.*:ns:*").matches());
-
-
- assertFalse(Validator.ACTION_CHARS.matcher("1234+235gd").matches());
- assertTrue(Validator.ACTION_CHARS.matcher("1234-235gd").matches());
- assertTrue(Validator.ACTION_CHARS.matcher("1234-23_5gd").matches());
- assertTrue(Validator.ACTION_CHARS.matcher("1234-235g,d").matches());
- assertTrue(Validator.ACTION_CHARS.matcher("1234-235gd(Version12)").matches());
- assertFalse(Validator.ACTION_CHARS.matcher("123#4-23@5g:d").matches());
- assertFalse(Validator.ACTION_CHARS.matcher("123#4-23@5g:d").matches());
- assertFalse(Validator.ACTION_CHARS.matcher("1234-23 5gd").matches());
- assertFalse(Validator.ACTION_CHARS.matcher("1234-235gd ").matches());
- assertFalse(Validator.ACTION_CHARS.matcher(" 1234-235gd").matches());
- assertFalse(Validator.ACTION_CHARS.matcher("").matches());
- assertFalse(Validator.ACTION_CHARS.matcher(" ").matches());
-
- // Allow % and = (Needed for Escaping & Base64 usages) jg
- assertTrue(Validator.ACTION_CHARS.matcher("1234%235g=d").matches());
- assertFalse(Validator.ACTION_CHARS.matcher(":1234%235g=d").matches());
- assertTrue(Validator.INST_CHARS.matcher("1234%235g=d").matches());
- assertTrue(Validator.INST_CHARS.matcher(":1234%235g=d").matches());
- assertTrue(Validator.INST_CHARS.matcher(":1234%235g=d:%20==").matches());
- assertTrue(Validator.INST_CHARS.matcher(":1234%235g=d:==%20:=%23").matches());
- assertTrue(Validator.INST_CHARS.matcher(":1234%235g=d:*:=%23").matches());
- assertTrue(Validator.INST_CHARS.matcher(":1234%235g=d:==%20:*").matches());
- assertTrue(Validator.INST_CHARS.matcher(":*:==%20:*").matches());
-
- // Allow / instead of : (more natural instance expression) jg
- assertFalse(Validator.INST_CHARS.matcher("1234/a").matches());
- assertTrue(Validator.INST_CHARS.matcher("/1234/a").matches());
- assertTrue(Validator.INST_CHARS.matcher("/1234/*/a/").matches());
- assertTrue(Validator.INST_CHARS.matcher("/1234//a").matches());
- assertFalse(Validator.ACTION_CHARS.matcher("1234/a").matches());
- assertFalse(Validator.ACTION_CHARS.matcher("/1234/*/a/").matches());
- assertFalse(Validator.ACTION_CHARS.matcher("1234//a").matches());
-
-
- assertFalse(Validator.INST_CHARS.matcher("1234+235gd").matches());
- assertTrue(Validator.INST_CHARS.matcher("1234-235gd").matches());
- assertTrue(Validator.INST_CHARS.matcher("1234-23_5gd").matches());
- assertTrue(Validator.INST_CHARS.matcher("1234-235g,d").matches());
- assertTrue(Validator.INST_CHARS.matcher("m1234@shb.dd.com").matches());
- assertTrue(Validator.INST_CHARS.matcher("1234-235gd(Version12)").matches());
- assertFalse(Validator.INST_CHARS.matcher("123#4-23@5g:d").matches());
- assertFalse(Validator.INST_CHARS.matcher("123#4-23@5g:d").matches());
- assertFalse(Validator.INST_CHARS.matcher("").matches());
-
-
- for( char c=0x20;c<0x7F;++c) {
- boolean b;
- switch(c) {
- case '?':
- case '|':
- case '*':
- continue; // test separately
- case '~':
- case ',':
- b = false;
- break;
- default:
- b=true;
- }
- }
-
- assertFalse(Validator.ID_CHARS.matcher("abc").matches());
- assertFalse(Validator.ID_CHARS.matcher("").matches());
- assertTrue(Validator.ID_CHARS.matcher("abc@att.com").matches());
- assertTrue(Validator.ID_CHARS.matcher("ab-me@att.com").matches());
- assertTrue(Validator.ID_CHARS.matcher("ab-me_.x@att._-com").matches());
-
- assertFalse(Validator.NAME_CHARS.matcher("ab-me_.x@att._-com").matches());
- assertTrue(Validator.NAME_CHARS.matcher("ab-me").matches());
- assertTrue(Validator.NAME_CHARS.matcher("ab-me_.xatt._-com").matches());
-
-
- // 7/22/2016
- assertTrue(Validator.INST_CHARS.matcher(
- "/!com.att.*/role/write").matches());
- assertTrue(Validator.INST_CHARS.matcher(
- ":!com.att.*:role:write").matches());
-
- }
+ Validator validator;
+ String base = "\\x25\\x28\\x29\\x2C-\\x2E\\x30-\\x39\\x3D\\x40-\\x5A\\x5F\\x61-\\x7A";
+
+ @Before
+ public void setUp() {
+ validator = new Validator();
+ }
+
+ @Test
+ public void testNullOrBlank() {
+ validator.nullOrBlank(null, "str");
+ validator.nullOrBlank("test", "");
+ validator.nullOrBlank("test", null);
+ }
+
+ @Test
+ public void testIsNull() {
+ Object o = new Object();
+ validator.isNull(null, null);
+ validator.isNull(null, o);
+ }
+
+ @Test
+ public void testDescription() throws NoSuchMethodException, SecurityException, IllegalAccessException, IllegalArgumentException, InvocationTargetException {
+ Class c = validator.getClass();
+ Class[] cArg = new Class[2];
+ cArg[0] = String.class;
+ cArg[1] = String.class; //Steps to test a protected method
+ Method descriptionMethod = c.getDeclaredMethod("description", cArg);
+ descriptionMethod.setAccessible(true);
+ descriptionMethod.invoke(validator,"test", "test1");
+ descriptionMethod.invoke(validator,null, null);
+ descriptionMethod.invoke(validator,null, "[\\\\x25\\\\x28\\\\x29\\\\x2C-\\\\x2E\\\\x30-\\\\x39\\\\x3D\\\\x40-\\\\x5A\\\\x5F\\\\x61-\\\\x7A\\\\x20]+");
+
+
+ }
+
+ @Test
+ public void testPermType() {
+ Assert.assertNotNull(validator.permType("[\\\\w.-]+"));
+ Assert.assertNotNull(validator.permType(null));
+ Assert.assertNotNull(validator.permType(""));
+ Assert.assertNotNull(validator.permType("aewfew"));
+ }
+
+ @Test
+ public void testPermType1() {
+ Assert.assertNotNull(validator.permType("[\\\\w.-]+",null));
+ Assert.assertNotNull(validator.permType(null,null));
+ Assert.assertNotNull(validator.permType("","test"));
+ Assert.assertNotNull(validator.permType("aewfew","test"));
+ }
+
+ @Test
+ public void testPermInstance() {
+
+ String middle = "]+[\\\\*]*|\\\\*|(([:/]\\\\*)|([:/][!]{0,1}[";
+ Assert.assertNotNull(validator.permInstance("[" + base + middle + base + "]+[\\\\*]*[:/]*))+"));
+ Assert.assertNotNull(validator.permInstance(null));
+ Assert.assertNotNull(validator.permInstance(""));
+ Assert.assertNotNull(validator.permInstance("test"));
+ }
+
+ @Test
+ public void testErr() {
+ Assert.assertFalse(validator.err());
+ validator.isNull("test", null);
+ Assert.assertTrue(validator.err());
+ }
+
+ @Test
+ public void testErrs() {
+ validator.isNull("test", null);
+ Assert.assertNotNull(validator.errs());
+ }
+
+ @Test
+ public void testPermAction() {
+ Assert.assertNotNull(validator.permAction("[" + base + "]+" + "|\\\\*"));
+ Assert.assertNotNull(validator.permAction("test"));
+ }
+
+ @Test
+ public void testRole() {
+ Assert.assertNotNull(validator.role("[\\\\w.-]+"));
+ Assert.assertNotNull(validator.role(null));
+ Assert.assertNotNull(validator.role(""));
+ Assert.assertNotNull(validator.role("aewfew"));
+ }
+
+ @Test
+ public void testNs() {
+ Assert.assertNotNull(validator.ns("[\\\\w.-]+"));
+ Assert.assertNotNull(validator.ns(""));
+ Assert.assertNotNull(validator.ns(".access"));
+ }
+
+ @Test
+ public void testKey() {
+ Assert.assertNotNull(validator.key("[\\\\w.-]+"));
+ Assert.assertNotNull(validator.key(""));
+ Assert.assertNotNull(validator.key(".access"));
+ }
+
+ @Test
+ public void testValue() {
+ Assert.assertNotNull(validator.value(base));
+ Assert.assertNotNull(validator.value(""));
+ Assert.assertNotNull(validator.value(".access"));
+ }
+
+ @Test
+ public void testNotOK() {
+ Result<?> test = mock(Result.class);
+ validator.isNull("test", null);
+ when(test.notOK()).thenReturn(true);
+ Assert.assertNotNull(validator.notOK(null));
+ Assert.assertNotNull(validator.notOK(test));
+ }
+
+ @Test
+ public void testIntRange() throws NoSuchMethodException, SecurityException, IllegalAccessException, IllegalArgumentException, InvocationTargetException {
+ Class c = validator.getClass();
+ Class[] cArg = new Class[4];
+ cArg[0] = String.class;
+ cArg[1] = int.class;
+ cArg[2] = int.class;
+ cArg[3] = int.class; //Steps to test a protected method
+ Method intRangeMethod = c.getDeclaredMethod("intRange", cArg);
+ intRangeMethod.setAccessible(true);
+ intRangeMethod.invoke(validator,"Test",5,1,10);
+ intRangeMethod.invoke(validator,"Test",1,5,10);
+ intRangeMethod.invoke(validator,"Test",11,5,10);
+ intRangeMethod.invoke(validator,"Test",5,6,4);
+ }
+
+ @Test
+ public void testFloatRange() throws NoSuchMethodException, SecurityException, IllegalAccessException, IllegalArgumentException, InvocationTargetException {
+ Class c = validator.getClass();
+ Class[] cArg = new Class[4];
+ cArg[0] = String.class;
+ cArg[1] = float.class;
+ cArg[2] = float.class;
+ cArg[3] = float.class; //Steps to test a protected method
+ Method floatRangeMethod = c.getDeclaredMethod("floatRange", cArg);
+ floatRangeMethod.setAccessible(true);
+ floatRangeMethod.invoke(validator,"Test",5f,1f,10f);
+ floatRangeMethod.invoke(validator,"Test",1f,5f,10f);
+ floatRangeMethod.invoke(validator,"Test",11f,5f,10f);
+ floatRangeMethod.invoke(validator,"Test",5f,6f,4f);
+ }
+
+ @Test
+ public void test() {
+ assertTrue(Validator.ACTION_CHARS.matcher("HowdyDoody").matches());
+ assertFalse(Validator.ACTION_CHARS.matcher("Howd?yDoody").matches());
+ assertTrue(Validator.ACTION_CHARS.matcher("_HowdyDoody").matches());
+ assertTrue(Validator.INST_CHARS.matcher("HowdyDoody").matches());
+ assertFalse(Validator.INST_CHARS.matcher("Howd?yDoody").matches());
+ assertTrue(Validator.INST_CHARS.matcher("_HowdyDoody").matches());
+
+ //
+ assertTrue(Validator.ACTION_CHARS.matcher("*").matches());
+ assertTrue(Validator.INST_CHARS.matcher("*").matches());
+ assertFalse(Validator.ACTION_CHARS.matcher(":*").matches());
+ assertTrue(Validator.INST_CHARS.matcher(":*").matches());
+ assertFalse(Validator.ACTION_CHARS.matcher(":*:*").matches());
+ assertTrue(Validator.INST_CHARS.matcher(":*:*").matches());
+
+ assertFalse(Validator.ACTION_CHARS.matcher(":hello").matches());
+ assertTrue(Validator.INST_CHARS.matcher(":hello").matches());
+ assertFalse(Validator.INST_CHARS.matcher("hello:").matches());
+ assertFalse(Validator.INST_CHARS.matcher("hello:d").matches());
+
+ assertFalse(Validator.ACTION_CHARS.matcher(":hello:*").matches());
+ assertTrue(Validator.INST_CHARS.matcher(":hello:*").matches());
+ assertFalse(Validator.ACTION_CHARS.matcher(":hello:d*:*").matches());
+ assertFalse(Validator.INST_CHARS.matcher(":hello:d*d:*").matches());
+ assertTrue(Validator.INST_CHARS.matcher(":hello:d*:*").matches());
+ assertFalse(Validator.ACTION_CHARS.matcher("HowdyDoody*").matches());
+ assertFalse(Validator.INST_CHARS.matcher("Howdy*Doody").matches());
+ assertTrue(Validator.INST_CHARS.matcher("HowdyDoody*").matches());
+ assertFalse(Validator.ACTION_CHARS.matcher("*HowdyDoody").matches());
+ assertFalse(Validator.INST_CHARS.matcher("*HowdyDoody").matches());
+ assertFalse(Validator.ACTION_CHARS.matcher(":h*").matches());
+ assertFalse(Validator.INST_CHARS.matcher(":h*h*").matches());
+ assertTrue(Validator.INST_CHARS.matcher(":h*").matches());
+ assertFalse(Validator.ACTION_CHARS.matcher(":h:h*:*").matches());
+ assertTrue(Validator.INST_CHARS.matcher(":h:h*:*").matches());
+ assertFalse(Validator.INST_CHARS.matcher(":h:h*h:*").matches());
+ assertFalse(Validator.INST_CHARS.matcher(":h:h*h*:*").matches());
+ assertFalse(Validator.ACTION_CHARS.matcher(":h:*:*h").matches());
+ assertFalse(Validator.INST_CHARS.matcher(":h:*:*h").matches());
+ assertTrue(Validator.INST_CHARS.matcher(":com.test.*:ns:*").matches());
+
+
+ assertFalse(Validator.ACTION_CHARS.matcher("1234+235gd").matches());
+ assertTrue(Validator.ACTION_CHARS.matcher("1234-235gd").matches());
+ assertTrue(Validator.ACTION_CHARS.matcher("1234-23_5gd").matches());
+ assertTrue(Validator.ACTION_CHARS.matcher("1234-235g,d").matches());
+ assertTrue(Validator.ACTION_CHARS.matcher("1234-235gd(Version12)").matches());
+ assertFalse(Validator.ACTION_CHARS.matcher("123#4-23@5g:d").matches());
+ assertFalse(Validator.ACTION_CHARS.matcher("123#4-23@5g:d").matches());
+ assertFalse(Validator.ACTION_CHARS.matcher("1234-23 5gd").matches());
+ assertFalse(Validator.ACTION_CHARS.matcher("1234-235gd ").matches());
+ assertFalse(Validator.ACTION_CHARS.matcher(" 1234-235gd").matches());
+ assertFalse(Validator.ACTION_CHARS.matcher("").matches());
+ assertFalse(Validator.ACTION_CHARS.matcher(" ").matches());
+
+ // Allow % and = (Needed for Escaping & Base64 usages) jg
+ assertTrue(Validator.ACTION_CHARS.matcher("1234%235g=d").matches());
+ assertFalse(Validator.ACTION_CHARS.matcher(":1234%235g=d").matches());
+ assertTrue(Validator.INST_CHARS.matcher("1234%235g=d").matches());
+ assertTrue(Validator.INST_CHARS.matcher(":1234%235g=d").matches());
+ assertTrue(Validator.INST_CHARS.matcher(":1234%235g=d:%20==").matches());
+ assertTrue(Validator.INST_CHARS.matcher(":1234%235g=d:==%20:=%23").matches());
+ assertTrue(Validator.INST_CHARS.matcher(":1234%235g=d:*:=%23").matches());
+ assertTrue(Validator.INST_CHARS.matcher(":1234%235g=d:==%20:*").matches());
+ assertTrue(Validator.INST_CHARS.matcher(":*:==%20:*").matches());
+
+ // Allow / instead of : (more natural instance expression) jg
+ assertFalse(Validator.INST_CHARS.matcher("1234/a").matches());
+ assertTrue(Validator.INST_CHARS.matcher("/1234/a").matches());
+ assertTrue(Validator.INST_CHARS.matcher("/1234/*/a/").matches());
+ assertTrue(Validator.INST_CHARS.matcher("/1234//a").matches());
+ assertFalse(Validator.ACTION_CHARS.matcher("1234/a").matches());
+ assertFalse(Validator.ACTION_CHARS.matcher("/1234/*/a/").matches());
+ assertFalse(Validator.ACTION_CHARS.matcher("1234//a").matches());
+
+
+ assertFalse(Validator.INST_CHARS.matcher("1234+235gd").matches());
+ assertTrue(Validator.INST_CHARS.matcher("1234-235gd").matches());
+ assertTrue(Validator.INST_CHARS.matcher("1234-23_5gd").matches());
+ assertTrue(Validator.INST_CHARS.matcher("1234-235g,d").matches());
+ assertTrue(Validator.INST_CHARS.matcher("m1234@shb.dd.com").matches());
+ assertTrue(Validator.INST_CHARS.matcher("1234-235gd(Version12)").matches());
+ assertFalse(Validator.INST_CHARS.matcher("123#4-23@5g:d").matches());
+ assertFalse(Validator.INST_CHARS.matcher("123#4-23@5g:d").matches());
+ assertFalse(Validator.INST_CHARS.matcher("").matches());
+
+
+ for( char c=0x20;c<0x7F;++c) {
+ boolean b;
+ switch(c) {
+ case '?':
+ case '|':
+ case '*':
+ continue; // test separately
+ case '~':
+ case ',':
+ b = false;
+ break;
+ default:
+ b=true;
+ }
+ }
+
+ assertFalse(Validator.ID_CHARS.matcher("abc").matches());
+ assertFalse(Validator.ID_CHARS.matcher("").matches());
+ assertTrue(Validator.ID_CHARS.matcher("abc@att.com").matches());
+ assertTrue(Validator.ID_CHARS.matcher("ab-me@att.com").matches());
+ assertTrue(Validator.ID_CHARS.matcher("ab-me_.x@att._-com").matches());
+
+ assertFalse(Validator.NAME_CHARS.matcher("ab-me_.x@att._-com").matches());
+ assertTrue(Validator.NAME_CHARS.matcher("ab-me").matches());
+ assertTrue(Validator.NAME_CHARS.matcher("ab-me_.xatt._-com").matches());
+
+
+ // 7/22/2016
+ assertTrue(Validator.INST_CHARS.matcher(
+ "/!com.att.*/role/write").matches());
+ assertTrue(Validator.INST_CHARS.matcher(
+ ":!com.att.*:role:write").matches());
+
+ }
}
diff --git a/auth/auth-deforg/src/main/java/org/onap/aaf/org/DefaultOrg.java b/auth/auth-deforg/src/main/java/org/onap/aaf/org/DefaultOrg.java
index 0bfe7e2d..d9336d4e 100644
--- a/auth/auth-deforg/src/main/java/org/onap/aaf/org/DefaultOrg.java
+++ b/auth/auth-deforg/src/main/java/org/onap/aaf/org/DefaultOrg.java
@@ -41,583 +41,583 @@ import org.onap.aaf.cadi.util.FQI;
import org.onap.aaf.misc.env.Env;
public class DefaultOrg implements Organization {
- private static final String AAF_DATA_DIR = "aaf_data_dir";
- private static final String PROPERTY_IS_REQUIRED = " property is Required";
- // Package on Purpose
- final String domain;
- final String atDomain;
- final String realm;
-
- private final String NAME,mailHost,mailFrom;
- private final Set<String> supportedRealms;
-
-
- public DefaultOrg(Env env, String realm) throws OrganizationException {
-
- this.realm = realm;
- supportedRealms=new HashSet<>();
- supportedRealms.add(realm);
- domain=FQI.reverseDomain(realm);
- atDomain = '@'+domain;
- String s;
- NAME=env.getProperty(realm + ".name","Default Organization");
- mailHost = env.getProperty(s=(realm + ".mailHost"), null);
- if(mailHost==null) {
- throw new OrganizationException(s + PROPERTY_IS_REQUIRED);
- }
- mailFrom = env.getProperty(s=(realm + ".mailFrom"), null);
- if(mailFrom==null) {
- throw new OrganizationException(s + PROPERTY_IS_REQUIRED);
- }
-
- // Note: This code is to avoid including javax.mail into ONAP, because there are security/licence
- // exceptions
- try {
- Class.forName("javax.mail.Session"); // ensure package is loaded
- @SuppressWarnings("unchecked")
- Class<Mailer> minst = (Class<Mailer>)Class.forName("org.onap.aaf.org.JavaxMailer");
- mailer = minst.newInstance();
- } catch (ClassNotFoundException | InstantiationException | IllegalAccessException e1) {
- env.warn().log("JavaxMailer not loaded. Mailing disabled");
- }
-
- System.getProperties().setProperty("mail.smtp.host",mailHost);
- System.getProperties().setProperty("mail.user", mailFrom);
-
- try {
- String defFile;
- String temp=env.getProperty(defFile = (getClass().getName()+".file"));
- File fIdentities=null;
- if(temp==null) {
- temp = env.getProperty(AAF_DATA_DIR);
- if(temp!=null) {
- env.warn().log(defFile, " is not defined. Using default: ",temp+"/identities.dat");
- File dir = new File(temp);
- fIdentities=new File(dir,"identities.dat");
-
- if(!fIdentities.exists()) {
- env.warn().log("No",fIdentities.getCanonicalPath(),"exists. Creating.");
- if(!dir.exists()) {
- dir.mkdirs();
- }
- fIdentities.createNewFile();
- }
- }
- } else {
- fIdentities = new File(temp);
- if(!fIdentities.exists()) {
- String dataDir = env.getProperty(AAF_DATA_DIR);
- if(dataDir!=null) {
- fIdentities = new File(dataDir,temp);
- }
- }
- }
-
- if(fIdentities!=null && fIdentities.exists()) {
- identities = new Identities(fIdentities);
- } else {
- if(fIdentities==null) {
- throw new OrganizationException("No Identities");
- } else {
- throw new OrganizationException(fIdentities.getCanonicalPath() + " does not exist.");
- }
- }
- } catch (IOException e) {
- throw new OrganizationException(e);
- }
- }
-
- // Implement your own Delegation System
- static final List<String> NULL_DELEGATES = new ArrayList<>();
-
- public Identities identities;
- private boolean dryRun;
- private Mailer mailer;
- public enum Types {Employee, Contractor, Application, NotActive};
- private final static Set<String> typeSet;
-
- static {
- typeSet = new HashSet<>();
- for(Types t : Types.values()) {
- typeSet.add(t.name());
- }
- }
-
- private static final EmailWarnings emailWarnings = new DefaultOrgWarnings();
-
- @Override
- public String getName() {
- return NAME;
- }
-
- @Override
- public String getRealm() {
- return realm;
- }
-
- @Override
- public String getDomain() {
- return domain;
- }
-
- @Override
- public DefaultOrgIdentity getIdentity(AuthzTrans trans, String id) throws OrganizationException {
- int at = id.indexOf('@');
- return new DefaultOrgIdentity(trans,at<0?id:id.substring(0, at),this);
- }
-
- // Note: Return a null if found; return a String Message explaining why not found.
- @Override
- public String isValidID(final AuthzTrans trans, final String id) {
- try {
- DefaultOrgIdentity u = getIdentity(trans,id);
- return (u==null||!u.isFound())?id + "is not an Identity in " + getName():null;
- } catch (OrganizationException e) {
- return getName() + " could not lookup " + id + ": " + e.getLocalizedMessage();
- }
- }
- // Possible ID Pattern
- // private static final Pattern ID_PATTERN=Pattern.compile("([\\w.-]+@[\\w.-]+).{4-13}");
- // Another one: ID_PATTERN = "(a-z[a-z0-9]{5-8}@.*).{4-13}";
-
- @Override
- public boolean isValidCred(final AuthzTrans trans, final String id) {
- // have domain?
- int at = id.indexOf('@');
- String sid;
- if(at > 0) {
- // Use this to prevent passwords to any but THIS domain.
-// if(!id.regionMatches(at+1, domain, 0, id.length()-at-1)) {
-// return false;
-// }
- sid = id.substring(0,at);
- } else {
- sid = id;
- }
- // We'll validate that it exists, rather than check patterns.
-
- return isValidID(trans, sid)==null;
- // Check Pattern (if checking existing is too long)
- // if(id.endsWith(SUFFIX) && ID_PATTERN.matcher(id).matches()) {
- // return true;
- // }
- // return false;
- }
-
- private static final String SPEC_CHARS = "!@#$%^*-+?/,:;.";
- private static final Pattern PASS_PATTERN=Pattern.compile("(((?=.*[a-z,A-Z])(((?=.*\\d))|(?=.*[" + SPEC_CHARS +"]))).{6,20})");
- /**
- * ( # Start of group
- * (?=.*[a-z,A-Z]) # must contain one character
- *
- * (?=.*\d) # must contain one digit from 0-9
- * OR
- * (?=.*[@#$%]) # must contain one special symbols in the list SPEC_CHARS
- *
- * . # match anything with previous condition checking
- * {6,20} # length at least 6 characters and maximum of 20
- * ) # End of group
- *
- * Another example, more stringent pattern
- private static final Pattern PASS_PATTERN=Pattern.compile("((?=.*\\d)(?=.*[a-z])(?=.*[A-Z])(?=.*[" + SPEC_CHARS +"]).{6,20})");
- * Attribution: from mkyong.com
- * ( # Start of group
- * (?=.*\d) # must contain one digit from 0-9
- * (?=.*[a-z]) # must contain one lowercase characters
- * (?=.*[A-Z]) # must contain one uppercase characters
- * (?=.*[@#$%]) # must contain one special symbols in the list SPEC_CHARS
- * . # match anything with previous condition checking
- * {6,20} # length at least 6 characters and maximum of 20
- * ) # End of group
- */
- @Override
- public String isValidPassword(final AuthzTrans trans, final String user, final String password, final String... prev) {
- for(String p : prev) {
- if(password.contains(p)) { // A more sophisticated algorithm might be better.
- return "Password too similar to previous passwords";
- }
- }
- // If you have an Organization user/Password scheme, replace the following
- if(PASS_PATTERN.matcher(password).matches()) {
- return "";
- }
- return "Password does not match " + NAME + " Password Standards";
- }
-
- private static final String[] rules = new String[] {
- "Passwords must contain letters",
- "Passwords must contain one of the following:",
- " Number",
- " One special symbols in the list \""+ SPEC_CHARS + '"',
- "Passwords must be between 6 and 20 chars in length",
- };
-
- @Override
- public String[] getPasswordRules() {
- return rules;
- }
-
- @Override
- public Set<String> getIdentityTypes() {
- return typeSet;
- }
-
- @Override
- public Response notify(AuthzTrans trans, Notify type, String url, String[] identities, String[] ccs, String summary, Boolean urgent) {
- String system = trans.getProperty("CASS_ENV", "");
-
- ArrayList<String> toList = new ArrayList<>();
- Identity identity;
- if (identities != null) {
- for (String user : identities) {
- try {
- identity = getIdentity(trans, user);
- if (identity == null) {
- trans.error().log(
- "Failure to obtain User " + user + " for "
- + getName());
- } else {
- toList.add(identity.email());
- }
- } catch (Exception e) {
- trans.error().log(
- e,
- "Failure to obtain User " + user + " for "
- + getName());
- }
- }
- }
-
- if (toList.isEmpty()) {
- trans.error().log("No Users listed to email");
- return Response.ERR_NotificationFailure;
- }
-
- ArrayList<String> ccList = new ArrayList<>();
-
- // If we're sending an urgent email, CC the user's supervisor
- //
- if (urgent) {
- trans.info().log("urgent msg for: " + identities[0]);
- try {
- List<Identity> supervisors = getApprovers(trans, identities[0]);
- for (Identity us : supervisors) {
- trans.info().log("supervisor: " + us.email());
- ccList.add(us.email());
- }
- } catch (Exception e) {
- trans.error().log(e,
- "Failed to find supervisor for " + identities[0]);
- }
- }
-
- if (ccs != null) {
- for (String user : ccs) {
- try {
- identity = getIdentity(trans, user);
- ccList.add(identity.email());
- } catch (Exception e) {
- trans.error().log(
- e,
- "Failure to obtain User " + user + " for "
- + getName());
- }
- }
- }
-
- if (summary == null) {
- summary = "";
- }
-
- switch (type) {
- case Approval:
- try {
- sendEmail(trans, toList, ccList,
- "AAF Approval Notification "
- + (system.length() == 0 ? "" : "(ENV: "
- + system + ")"),
- "AAF is the "
- + NAME
- + "System for Fine-Grained Authorizations. You are being asked to Approve"
- + (system.length() == 0 ? "" : " in the "
- + system + " environment")
- + " before AAF Actions can be taken.\n\n"
- + "Please follow this link: \n\n\t" + url
- + "\n\n" + summary, urgent);
- } catch (Exception e) {
-
- trans.error().log(e, "Failure to send Email");
- return Response.ERR_NotificationFailure;
- }
- break;
- case PasswordExpiration:
- try {
- sendEmail(trans,
- toList,
- ccList,
- "AAF Password Expiration Warning "
- + (system.length() == 0 ? "" : "(ENV: "
- + system + ")"),
- "AAF is the "
- + NAME
- + " System for Authorizations.\n\nOne or more passwords will expire soon or have expired"
- + (system.length() == 0 ? "" : " in the "
- + system + " environment")
- + ".\n\nPasswords expired for more than 30 days without action are subject to deletion.\n\n"
- + "Please follow each link to add a New Password with Expiration Date. Either are valid until expiration. "
- + "Use this time to change the passwords on your system. If issues, reply to this email.\n\n"
- + summary, urgent);
- } catch (Exception e) {
- trans.error().log(e, "Failure to send Email");
- return Response.ERR_NotificationFailure;
- }
- break;
-
- case RoleExpiration:
- try {
- sendEmail(
- trans,
- toList,
- ccList,
- "AAF Role Expiration Warning "
- + (system.length() == 0 ? "" : "(ENV: "
- + system + ")"),
- "AAF is the "
- + NAME
- + " System for Authorizations. One or more roles will expire soon"
- + (system.length() == 0 ? "" : " in the "
- + system + " environment")
- + ".\n\nRoles expired for more than 30 days are subject to deletion."
- + "Please follow this link the GUI Command line, and either 'extend' or 'del' the user in the role.\n"
- + "If issues, reply to this email.\n\n\t" + url
- + "\n\n" + summary, urgent);
- } catch (Exception e) {
- trans.error().log(e, "Failure to send Email");
- return Response.ERR_NotificationFailure;
- }
- break;
- default:
- return Response.ERR_NotImplemented;
- }
- return Response.OK;
- }
-
-
- /**
- * Default Policy is to set to 6 Months for Notification Types.
- * add others/change as required
- */
- @Override
- public Date whenToValidate(Notify type, Date lastValidated) {
- switch(type) {
- case Approval:
- case PasswordExpiration:
- return null;
- default:
- GregorianCalendar gc = new GregorianCalendar();
- gc.setTime(lastValidated);
- gc.add(GregorianCalendar.MONTH, 6); // 6 month policy
- return gc.getTime();
- }
- }
-
- @Override
- public GregorianCalendar expiration(GregorianCalendar gc, Expiration exp, String... extra) {
- GregorianCalendar now = new GregorianCalendar();
- GregorianCalendar rv = gc==null?now:(GregorianCalendar)gc.clone();
- switch (exp) {
- case ExtendPassword:
- // Extending Password give 5 extra days, max 8 days from now
- rv.add(GregorianCalendar.DATE, 5);
- now.add(GregorianCalendar.DATE, 8);
- if(rv.after(now)) {
- rv = now;
- }
- break;
- case Future:
- // Future requests last 15 days.
- now.add(GregorianCalendar.DATE, 15);
- rv = now;
- break;
- case Password:
- // Passwords expire in 90 days
- now.add(GregorianCalendar.DATE, 90);
- rv = now;
- break;
- case TempPassword:
- // Temporary Passwords last for 12 hours.
- now.add(GregorianCalendar.DATE, 90);
- rv = now;
- break;
- case UserDelegate:
- // Delegations expire max in 2 months, renewable to 3
- rv.add(GregorianCalendar.MONTH, 2);
- now.add(GregorianCalendar.MONTH, 3);
- if(rv.after(now)) {
- rv = now;
- }
- break;
- case UserInRole:
- // Roles expire in 6 months
- now.add(GregorianCalendar.MONTH, 6);
- rv = now;
- break;
- default:
- // Unless other wise set, 6 months is default
- now.add(GregorianCalendar.MONTH, 6);
- rv = now;
- break;
- }
- return rv;
- }
-
- @Override
- public EmailWarnings emailWarningPolicy() {
- return emailWarnings;
- }
-
- /**
- * Assume the Supervisor is the Approver.
- */
- @Override
- public List<Identity> getApprovers(AuthzTrans trans, String user) throws OrganizationException {
- Identity orgIdentity = getIdentity(trans, user);
- List<Identity> orgIdentitys = new ArrayList<>();
- if(orgIdentity!=null) {
- Identity supervisor = orgIdentity.responsibleTo();
- if(supervisor!=null) {
- orgIdentitys.add(supervisor);
- }
- }
- return orgIdentitys;
- }
-
- @Override
- public String getApproverType() {
- return "supervisor";
- }
-
- @Override
- public int startOfDay() {
- // TODO Auto-generated method stub
- return 0;
- }
-
- @Override
- public boolean canHaveMultipleCreds(String id) {
- // External entities are likely mono-password... if you change it, it is a global change.
- // This is great for people, but horrible for Applications.
- //
- // AAF's Password can have multiple Passwords, each with their own Expiration Date.
- // For Default Org, we'll assume true for all, but when you add your external
- // Identity stores, you need to return "false" if they cannot support multiple Passwords like AAF
- return true;
- }
-
- @Override
- public String validate(AuthzTrans trans, Policy policy, Executor executor, String... vars) throws OrganizationException {
- switch(policy) {
- case OWNS_MECHID:
- case CREATE_MECHID:
- if(vars.length>0) {
- DefaultOrgIdentity thisID = getIdentity(trans,vars[0]);
- if("a".equals(thisID.identity.status)) { // MechID
- DefaultOrgIdentity requestor = getIdentity(trans, trans.user());
- if(requestor!=null) {
- Identity mechid = getIdentity(trans, vars[0]);
- if(mechid!=null) {
- Identity sponsor = mechid.responsibleTo();
- if(sponsor!=null && requestor.fullID().equals(sponsor.fullID())) {
- return null;
- } else {
- return trans.user() + " is not the Sponsor of MechID " + vars[0];
- }
- }
- }
- }
- }
- return null;
-
- case CREATE_MECHID_BY_PERM_ONLY:
- return getName() + " only allows sponsors to create MechIDs";
-
- default:
- return policy.name() + " is unsupported at " + getName();
- }
- }
-
- @Override
- public boolean isTestEnv() {
- return false;
- }
-
- @Override
- public void setTestMode(boolean dryRun) {
- this.dryRun = dryRun;
- }
-
- private String extractRealm(final String r) {
- int at;
- if((at=r.indexOf('@'))>=0) {
- return FQI.reverseDomain(r.substring(at+1));
- }
- return r;
- }
- @Override
- public boolean supportsRealm(final String r) {
- if(r.endsWith(realm)) {
- return true;
- } else {
- String erealm = extractRealm(r);
- for(String sr : supportedRealms) {
- if(erealm.startsWith(sr)) {
- return true;
- }
- }
- }
- return false;
- }
-
- @Override
- public synchronized void addSupportedRealm(final String r) {
- supportedRealms.add(extractRealm(r));
- }
-
- @Override
- public int sendEmail(AuthzTrans trans, List<String> toList, List<String> ccList, String subject, String body,
- Boolean urgent) throws OrganizationException {
- if (mailer!=null) {
- List<String> to = new ArrayList<>();
- for(String em : toList) {
- if(em.indexOf('@')<0) {
- to.add(new DefaultOrgIdentity(trans, em, this).email());
- } else {
- to.add(em);
- }
- }
-
- List<String> cc = new ArrayList<>();
- if(ccList!=null) {
- if(!ccList.isEmpty()) {
-
- for(String em : ccList) {
- if(em.indexOf('@')<0) {
- cc.add(new DefaultOrgIdentity(trans, em, this).email());
- } else {
- cc.add(em);
- }
- }
- }
-
- // for now, I want all emails so we can see what goes out. Remove later
- if (!ccList.contains(mailFrom)) {
- ccList.add(mailFrom);
- }
- }
-
- return mailer.sendEmail(trans,dryRun,mailFrom,to,cc,subject,body,urgent);
- } else {
- return 0;
- }
- }
+ private static final String AAF_DATA_DIR = "aaf_data_dir";
+ private static final String PROPERTY_IS_REQUIRED = " property is Required";
+ // Package on Purpose
+ final String domain;
+ final String atDomain;
+ final String realm;
+
+ private final String NAME,mailHost,mailFrom;
+ private final Set<String> supportedRealms;
+
+
+ public DefaultOrg(Env env, String realm) throws OrganizationException {
+
+ this.realm = realm;
+ supportedRealms=new HashSet<>();
+ supportedRealms.add(realm);
+ domain=FQI.reverseDomain(realm);
+ atDomain = '@'+domain;
+ String s;
+ NAME=env.getProperty(realm + ".name","Default Organization");
+ mailHost = env.getProperty(s=(realm + ".mailHost"), null);
+ if(mailHost==null) {
+ throw new OrganizationException(s + PROPERTY_IS_REQUIRED);
+ }
+ mailFrom = env.getProperty(s=(realm + ".mailFrom"), null);
+ if(mailFrom==null) {
+ throw new OrganizationException(s + PROPERTY_IS_REQUIRED);
+ }
+
+ // Note: This code is to avoid including javax.mail into ONAP, because there are security/licence
+ // exceptions
+ try {
+ Class.forName("javax.mail.Session"); // ensure package is loaded
+ @SuppressWarnings("unchecked")
+ Class<Mailer> minst = (Class<Mailer>)Class.forName("org.onap.aaf.org.JavaxMailer");
+ mailer = minst.newInstance();
+ } catch (ClassNotFoundException | InstantiationException | IllegalAccessException e1) {
+ env.warn().log("JavaxMailer not loaded. Mailing disabled");
+ }
+
+ System.getProperties().setProperty("mail.smtp.host",mailHost);
+ System.getProperties().setProperty("mail.user", mailFrom);
+
+ try {
+ String defFile;
+ String temp=env.getProperty(defFile = (getClass().getName()+".file"));
+ File fIdentities=null;
+ if(temp==null) {
+ temp = env.getProperty(AAF_DATA_DIR);
+ if(temp!=null) {
+ env.warn().log(defFile, " is not defined. Using default: ",temp+"/identities.dat");
+ File dir = new File(temp);
+ fIdentities=new File(dir,"identities.dat");
+
+ if(!fIdentities.exists()) {
+ env.warn().log("No",fIdentities.getCanonicalPath(),"exists. Creating.");
+ if(!dir.exists()) {
+ dir.mkdirs();
+ }
+ fIdentities.createNewFile();
+ }
+ }
+ } else {
+ fIdentities = new File(temp);
+ if(!fIdentities.exists()) {
+ String dataDir = env.getProperty(AAF_DATA_DIR);
+ if(dataDir!=null) {
+ fIdentities = new File(dataDir,temp);
+ }
+ }
+ }
+
+ if(fIdentities!=null && fIdentities.exists()) {
+ identities = new Identities(fIdentities);
+ } else {
+ if(fIdentities==null) {
+ throw new OrganizationException("No Identities");
+ } else {
+ throw new OrganizationException(fIdentities.getCanonicalPath() + " does not exist.");
+ }
+ }
+ } catch (IOException e) {
+ throw new OrganizationException(e);
+ }
+ }
+
+ // Implement your own Delegation System
+ static final List<String> NULL_DELEGATES = new ArrayList<>();
+
+ public Identities identities;
+ private boolean dryRun;
+ private Mailer mailer;
+ public enum Types {Employee, Contractor, Application, NotActive};
+ private final static Set<String> typeSet;
+
+ static {
+ typeSet = new HashSet<>();
+ for(Types t : Types.values()) {
+ typeSet.add(t.name());
+ }
+ }
+
+ private static final EmailWarnings emailWarnings = new DefaultOrgWarnings();
+
+ @Override
+ public String getName() {
+ return NAME;
+ }
+
+ @Override
+ public String getRealm() {
+ return realm;
+ }
+
+ @Override
+ public String getDomain() {
+ return domain;
+ }
+
+ @Override
+ public DefaultOrgIdentity getIdentity(AuthzTrans trans, String id) throws OrganizationException {
+ int at = id.indexOf('@');
+ return new DefaultOrgIdentity(trans,at<0?id:id.substring(0, at),this);
+ }
+
+ // Note: Return a null if found; return a String Message explaining why not found.
+ @Override
+ public String isValidID(final AuthzTrans trans, final String id) {
+ try {
+ DefaultOrgIdentity u = getIdentity(trans,id);
+ return (u==null||!u.isFound())?id + "is not an Identity in " + getName():null;
+ } catch (OrganizationException e) {
+ return getName() + " could not lookup " + id + ": " + e.getLocalizedMessage();
+ }
+ }
+ // Possible ID Pattern
+ // private static final Pattern ID_PATTERN=Pattern.compile("([\\w.-]+@[\\w.-]+).{4-13}");
+ // Another one: ID_PATTERN = "(a-z[a-z0-9]{5-8}@.*).{4-13}";
+
+ @Override
+ public boolean isValidCred(final AuthzTrans trans, final String id) {
+ // have domain?
+ int at = id.indexOf('@');
+ String sid;
+ if(at > 0) {
+ // Use this to prevent passwords to any but THIS domain.
+// if(!id.regionMatches(at+1, domain, 0, id.length()-at-1)) {
+// return false;
+// }
+ sid = id.substring(0,at);
+ } else {
+ sid = id;
+ }
+ // We'll validate that it exists, rather than check patterns.
+
+ return isValidID(trans, sid)==null;
+ // Check Pattern (if checking existing is too long)
+ // if(id.endsWith(SUFFIX) && ID_PATTERN.matcher(id).matches()) {
+ // return true;
+ // }
+ // return false;
+ }
+
+ private static final String SPEC_CHARS = "!@#$%^*-+?/,:;.";
+ private static final Pattern PASS_PATTERN=Pattern.compile("(((?=.*[a-z,A-Z])(((?=.*\\d))|(?=.*[" + SPEC_CHARS +"]))).{6,20})");
+ /**
+ * ( # Start of group
+ * (?=.*[a-z,A-Z]) # must contain one character
+ *
+ * (?=.*\d) # must contain one digit from 0-9
+ * OR
+ * (?=.*[@#$%]) # must contain one special symbols in the list SPEC_CHARS
+ *
+ * . # match anything with previous condition checking
+ * {6,20} # length at least 6 characters and maximum of 20
+ * ) # End of group
+ *
+ * Another example, more stringent pattern
+ private static final Pattern PASS_PATTERN=Pattern.compile("((?=.*\\d)(?=.*[a-z])(?=.*[A-Z])(?=.*[" + SPEC_CHARS +"]).{6,20})");
+ * Attribution: from mkyong.com
+ * ( # Start of group
+ * (?=.*\d) # must contain one digit from 0-9
+ * (?=.*[a-z]) # must contain one lowercase characters
+ * (?=.*[A-Z]) # must contain one uppercase characters
+ * (?=.*[@#$%]) # must contain one special symbols in the list SPEC_CHARS
+ * . # match anything with previous condition checking
+ * {6,20} # length at least 6 characters and maximum of 20
+ * ) # End of group
+ */
+ @Override
+ public String isValidPassword(final AuthzTrans trans, final String user, final String password, final String... prev) {
+ for(String p : prev) {
+ if(password.contains(p)) { // A more sophisticated algorithm might be better.
+ return "Password too similar to previous passwords";
+ }
+ }
+ // If you have an Organization user/Password scheme, replace the following
+ if(PASS_PATTERN.matcher(password).matches()) {
+ return "";
+ }
+ return "Password does not match " + NAME + " Password Standards";
+ }
+
+ private static final String[] rules = new String[] {
+ "Passwords must contain letters",
+ "Passwords must contain one of the following:",
+ " Number",
+ " One special symbols in the list \""+ SPEC_CHARS + '"',
+ "Passwords must be between 6 and 20 chars in length",
+ };
+
+ @Override
+ public String[] getPasswordRules() {
+ return rules;
+ }
+
+ @Override
+ public Set<String> getIdentityTypes() {
+ return typeSet;
+ }
+
+ @Override
+ public Response notify(AuthzTrans trans, Notify type, String url, String[] identities, String[] ccs, String summary, Boolean urgent) {
+ String system = trans.getProperty("CASS_ENV", "");
+
+ ArrayList<String> toList = new ArrayList<>();
+ Identity identity;
+ if (identities != null) {
+ for (String user : identities) {
+ try {
+ identity = getIdentity(trans, user);
+ if (identity == null) {
+ trans.error().log(
+ "Failure to obtain User " + user + " for "
+ + getName());
+ } else {
+ toList.add(identity.email());
+ }
+ } catch (Exception e) {
+ trans.error().log(
+ e,
+ "Failure to obtain User " + user + " for "
+ + getName());
+ }
+ }
+ }
+
+ if (toList.isEmpty()) {
+ trans.error().log("No Users listed to email");
+ return Response.ERR_NotificationFailure;
+ }
+
+ ArrayList<String> ccList = new ArrayList<>();
+
+ // If we're sending an urgent email, CC the user's supervisor
+ //
+ if (urgent) {
+ trans.info().log("urgent msg for: " + identities[0]);
+ try {
+ List<Identity> supervisors = getApprovers(trans, identities[0]);
+ for (Identity us : supervisors) {
+ trans.info().log("supervisor: " + us.email());
+ ccList.add(us.email());
+ }
+ } catch (Exception e) {
+ trans.error().log(e,
+ "Failed to find supervisor for " + identities[0]);
+ }
+ }
+
+ if (ccs != null) {
+ for (String user : ccs) {
+ try {
+ identity = getIdentity(trans, user);
+ ccList.add(identity.email());
+ } catch (Exception e) {
+ trans.error().log(
+ e,
+ "Failure to obtain User " + user + " for "
+ + getName());
+ }
+ }
+ }
+
+ if (summary == null) {
+ summary = "";
+ }
+
+ switch (type) {
+ case Approval:
+ try {
+ sendEmail(trans, toList, ccList,
+ "AAF Approval Notification "
+ + (system.length() == 0 ? "" : "(ENV: "
+ + system + ")"),
+ "AAF is the "
+ + NAME
+ + "System for Fine-Grained Authorizations. You are being asked to Approve"
+ + (system.length() == 0 ? "" : " in the "
+ + system + " environment")
+ + " before AAF Actions can be taken.\n\n"
+ + "Please follow this link: \n\n\t" + url
+ + "\n\n" + summary, urgent);
+ } catch (Exception e) {
+
+ trans.error().log(e, "Failure to send Email");
+ return Response.ERR_NotificationFailure;
+ }
+ break;
+ case PasswordExpiration:
+ try {
+ sendEmail(trans,
+ toList,
+ ccList,
+ "AAF Password Expiration Warning "
+ + (system.length() == 0 ? "" : "(ENV: "
+ + system + ")"),
+ "AAF is the "
+ + NAME
+ + " System for Authorizations.\n\nOne or more passwords will expire soon or have expired"
+ + (system.length() == 0 ? "" : " in the "
+ + system + " environment")
+ + ".\n\nPasswords expired for more than 30 days without action are subject to deletion.\n\n"
+ + "Please follow each link to add a New Password with Expiration Date. Either are valid until expiration. "
+ + "Use this time to change the passwords on your system. If issues, reply to this email.\n\n"
+ + summary, urgent);
+ } catch (Exception e) {
+ trans.error().log(e, "Failure to send Email");
+ return Response.ERR_NotificationFailure;
+ }
+ break;
+
+ case RoleExpiration:
+ try {
+ sendEmail(
+ trans,
+ toList,
+ ccList,
+ "AAF Role Expiration Warning "
+ + (system.length() == 0 ? "" : "(ENV: "
+ + system + ")"),
+ "AAF is the "
+ + NAME
+ + " System for Authorizations. One or more roles will expire soon"
+ + (system.length() == 0 ? "" : " in the "
+ + system + " environment")
+ + ".\n\nRoles expired for more than 30 days are subject to deletion."
+ + "Please follow this link the GUI Command line, and either 'extend' or 'del' the user in the role.\n"
+ + "If issues, reply to this email.\n\n\t" + url
+ + "\n\n" + summary, urgent);
+ } catch (Exception e) {
+ trans.error().log(e, "Failure to send Email");
+ return Response.ERR_NotificationFailure;
+ }
+ break;
+ default:
+ return Response.ERR_NotImplemented;
+ }
+ return Response.OK;
+ }
+
+
+ /**
+ * Default Policy is to set to 6 Months for Notification Types.
+ * add others/change as required
+ */
+ @Override
+ public Date whenToValidate(Notify type, Date lastValidated) {
+ switch(type) {
+ case Approval:
+ case PasswordExpiration:
+ return null;
+ default:
+ GregorianCalendar gc = new GregorianCalendar();
+ gc.setTime(lastValidated);
+ gc.add(GregorianCalendar.MONTH, 6); // 6 month policy
+ return gc.getTime();
+ }
+ }
+
+ @Override
+ public GregorianCalendar expiration(GregorianCalendar gc, Expiration exp, String... extra) {
+ GregorianCalendar now = new GregorianCalendar();
+ GregorianCalendar rv = gc==null?now:(GregorianCalendar)gc.clone();
+ switch (exp) {
+ case ExtendPassword:
+ // Extending Password give 5 extra days, max 8 days from now
+ rv.add(GregorianCalendar.DATE, 5);
+ now.add(GregorianCalendar.DATE, 8);
+ if(rv.after(now)) {
+ rv = now;
+ }
+ break;
+ case Future:
+ // Future requests last 15 days.
+ now.add(GregorianCalendar.DATE, 15);
+ rv = now;
+ break;
+ case Password:
+ // Passwords expire in 90 days
+ now.add(GregorianCalendar.DATE, 90);
+ rv = now;
+ break;
+ case TempPassword:
+ // Temporary Passwords last for 12 hours.
+ now.add(GregorianCalendar.DATE, 90);
+ rv = now;
+ break;
+ case UserDelegate:
+ // Delegations expire max in 2 months, renewable to 3
+ rv.add(GregorianCalendar.MONTH, 2);
+ now.add(GregorianCalendar.MONTH, 3);
+ if(rv.after(now)) {
+ rv = now;
+ }
+ break;
+ case UserInRole:
+ // Roles expire in 6 months
+ now.add(GregorianCalendar.MONTH, 6);
+ rv = now;
+ break;
+ default:
+ // Unless other wise set, 6 months is default
+ now.add(GregorianCalendar.MONTH, 6);
+ rv = now;
+ break;
+ }
+ return rv;
+ }
+
+ @Override
+ public EmailWarnings emailWarningPolicy() {
+ return emailWarnings;
+ }
+
+ /**
+ * Assume the Supervisor is the Approver.
+ */
+ @Override
+ public List<Identity> getApprovers(AuthzTrans trans, String user) throws OrganizationException {
+ Identity orgIdentity = getIdentity(trans, user);
+ List<Identity> orgIdentitys = new ArrayList<>();
+ if(orgIdentity!=null) {
+ Identity supervisor = orgIdentity.responsibleTo();
+ if(supervisor!=null) {
+ orgIdentitys.add(supervisor);
+ }
+ }
+ return orgIdentitys;
+ }
+
+ @Override
+ public String getApproverType() {
+ return "supervisor";
+ }
+
+ @Override
+ public int startOfDay() {
+ // TODO Auto-generated method stub
+ return 0;
+ }
+
+ @Override
+ public boolean canHaveMultipleCreds(String id) {
+ // External entities are likely mono-password... if you change it, it is a global change.
+ // This is great for people, but horrible for Applications.
+ //
+ // AAF's Password can have multiple Passwords, each with their own Expiration Date.
+ // For Default Org, we'll assume true for all, but when you add your external
+ // Identity stores, you need to return "false" if they cannot support multiple Passwords like AAF
+ return true;
+ }
+
+ @Override
+ public String validate(AuthzTrans trans, Policy policy, Executor executor, String... vars) throws OrganizationException {
+ switch(policy) {
+ case OWNS_MECHID:
+ case CREATE_MECHID:
+ if(vars.length>0) {
+ DefaultOrgIdentity thisID = getIdentity(trans,vars[0]);
+ if("a".equals(thisID.identity.status)) { // MechID
+ DefaultOrgIdentity requestor = getIdentity(trans, trans.user());
+ if(requestor!=null) {
+ Identity mechid = getIdentity(trans, vars[0]);
+ if(mechid!=null) {
+ Identity sponsor = mechid.responsibleTo();
+ if(sponsor!=null && requestor.fullID().equals(sponsor.fullID())) {
+ return null;
+ } else {
+ return trans.user() + " is not the Sponsor of MechID " + vars[0];
+ }
+ }
+ }
+ }
+ }
+ return null;
+
+ case CREATE_MECHID_BY_PERM_ONLY:
+ return getName() + " only allows sponsors to create MechIDs";
+
+ default:
+ return policy.name() + " is unsupported at " + getName();
+ }
+ }
+
+ @Override
+ public boolean isTestEnv() {
+ return false;
+ }
+
+ @Override
+ public void setTestMode(boolean dryRun) {
+ this.dryRun = dryRun;
+ }
+
+ private String extractRealm(final String r) {
+ int at;
+ if((at=r.indexOf('@'))>=0) {
+ return FQI.reverseDomain(r.substring(at+1));
+ }
+ return r;
+ }
+ @Override
+ public boolean supportsRealm(final String r) {
+ if(r.endsWith(realm)) {
+ return true;
+ } else {
+ String erealm = extractRealm(r);
+ for(String sr : supportedRealms) {
+ if(erealm.startsWith(sr)) {
+ return true;
+ }
+ }
+ }
+ return false;
+ }
+
+ @Override
+ public synchronized void addSupportedRealm(final String r) {
+ supportedRealms.add(extractRealm(r));
+ }
+
+ @Override
+ public int sendEmail(AuthzTrans trans, List<String> toList, List<String> ccList, String subject, String body,
+ Boolean urgent) throws OrganizationException {
+ if (mailer!=null) {
+ List<String> to = new ArrayList<>();
+ for(String em : toList) {
+ if(em.indexOf('@')<0) {
+ to.add(new DefaultOrgIdentity(trans, em, this).email());
+ } else {
+ to.add(em);
+ }
+ }
+
+ List<String> cc = new ArrayList<>();
+ if(ccList!=null) {
+ if(!ccList.isEmpty()) {
+
+ for(String em : ccList) {
+ if(em.indexOf('@')<0) {
+ cc.add(new DefaultOrgIdentity(trans, em, this).email());
+ } else {
+ cc.add(em);
+ }
+ }
+ }
+
+ // for now, I want all emails so we can see what goes out. Remove later
+ if (!ccList.contains(mailFrom)) {
+ ccList.add(mailFrom);
+ }
+ }
+
+ return mailer.sendEmail(trans,dryRun,mailFrom,to,cc,subject,body,urgent);
+ } else {
+ return 0;
+ }
+ }
}
diff --git a/auth/auth-deforg/src/main/java/org/onap/aaf/org/DefaultOrgIdentity.java b/auth/auth-deforg/src/main/java/org/onap/aaf/org/DefaultOrgIdentity.java
index 7aa57fd7..25832620 100644
--- a/auth/auth-deforg/src/main/java/org/onap/aaf/org/DefaultOrgIdentity.java
+++ b/auth/auth-deforg/src/main/java/org/onap/aaf/org/DefaultOrgIdentity.java
@@ -40,140 +40,140 @@ import org.onap.aaf.org.Identities.Data;
*
*/
public class DefaultOrgIdentity implements Identity {
- private static final String CONTRACTOR = "c";
- private static final String EMPLOYEE = "e";
- private static final String APPLICATION = "a";
- private static final String NON_ACTIVE = "n";
-
- private final static int TIMEOUT = Integer.parseInt(Config.AAF_CONN_TIMEOUT_DEF);
-
- private DefaultOrg org;
- //package on purpose
- Data identity;
- private AuthzTrans trans;
-
- public DefaultOrgIdentity(AuthzTrans trans, String key, DefaultOrg dorg) throws OrganizationException {
- this.trans = trans;
- org = dorg;
- identity=null;
- try {
- org.identities.open(trans, TIMEOUT);
- try {
- Reuse r = org.identities.reuse();
- int at = key.indexOf(dorg.getDomain());
- String search;
- if(at>=0) {
- search = key.substring(0,at);
- } else {
- search = key;
- }
- identity = org.identities.find(search, r);
-
-
-
- if(identity==null) {
- identity = Identities.NO_DATA;
- }
- } finally {
- org.identities.close(trans);
- }
- } catch (IOException e) {
- throw new OrganizationException(e);
- }
- }
-
- @Override
- public boolean equals(Object b) {
- if(b instanceof DefaultOrgIdentity) {
- return identity.id.equals(((DefaultOrgIdentity)b).identity.id);
- }
- return false;
- }
-
-
- @Override
- public int hashCode() {
- return identity.hashCode();
- }
-
- @Override
- public String id() {
- return identity.id;
- }
-
- @Override
- public String fullID() {
- return identity.id+'@'+org.getDomain();
- }
-
- @Override
- public String type() {
- switch(identity.status) {
- case EMPLOYEE: return DefaultOrg.Types.Employee.name();
- case CONTRACTOR: return DefaultOrg.Types.Contractor.name();
- case APPLICATION: return DefaultOrg.Types.Application.name();
- case NON_ACTIVE: return DefaultOrg.Types.NotActive.name();
- default:
- return "Unknown";
- }
- }
-
- @Override
- public Identity responsibleTo() throws OrganizationException {
- if("".equals(identity.responsibleTo) && isFound()) { // cover the situation of Top Dog... reports to no-one.
- return this;
- } else {
- return org.getIdentity(trans, identity.responsibleTo);
- }
- }
-
- @Override
- public List<String> delegate() {
- //NOTE: implement Delegate system, if desired
- return DefaultOrg.NULL_DELEGATES;
- }
-
- @Override
- public String email() {
- return identity.email;
- }
-
- @Override
- public String fullName() {
- return identity.name;
- }
-
- @Override
- public String firstName() {
- return identity.fname;
- }
-
- @Override
- public String mayOwn() {
- // Assume only Employees are responsible for Resources.
- if(identity.status==null|| identity.status.length()==0) {
- return "Identity must have valid status";
- } else if(EMPLOYEE.equals(identity.status)) {
- return null; // This is "Yes, is Responsible"
- } else {
- return "Reponsible Party must be an Employee";
- }
- }
-
- @Override
- public boolean isFound() {
- return identity!=Identities.NO_DATA; // yes, object comparison intended
- }
-
- @Override
- public boolean isPerson() {
- return !identity.status.equals(APPLICATION);
- }
-
- @Override
- public Organization org() {
- return org;
- }
+ private static final String CONTRACTOR = "c";
+ private static final String EMPLOYEE = "e";
+ private static final String APPLICATION = "a";
+ private static final String NON_ACTIVE = "n";
+
+ private final static int TIMEOUT = Integer.parseInt(Config.AAF_CONN_TIMEOUT_DEF);
+
+ private DefaultOrg org;
+ //package on purpose
+ Data identity;
+ private AuthzTrans trans;
+
+ public DefaultOrgIdentity(AuthzTrans trans, String key, DefaultOrg dorg) throws OrganizationException {
+ this.trans = trans;
+ org = dorg;
+ identity=null;
+ try {
+ org.identities.open(trans, TIMEOUT);
+ try {
+ Reuse r = org.identities.reuse();
+ int at = key.indexOf(dorg.getDomain());
+ String search;
+ if(at>=0) {
+ search = key.substring(0,at);
+ } else {
+ search = key;
+ }
+ identity = org.identities.find(search, r);
+
+
+
+ if(identity==null) {
+ identity = Identities.NO_DATA;
+ }
+ } finally {
+ org.identities.close(trans);
+ }
+ } catch (IOException e) {
+ throw new OrganizationException(e);
+ }
+ }
+
+ @Override
+ public boolean equals(Object b) {
+ if(b instanceof DefaultOrgIdentity) {
+ return identity.id.equals(((DefaultOrgIdentity)b).identity.id);
+ }
+ return false;
+ }
+
+
+ @Override
+ public int hashCode() {
+ return identity.hashCode();
+ }
+
+ @Override
+ public String id() {
+ return identity.id;
+ }
+
+ @Override
+ public String fullID() {
+ return identity.id+'@'+org.getDomain();
+ }
+
+ @Override
+ public String type() {
+ switch(identity.status) {
+ case EMPLOYEE: return DefaultOrg.Types.Employee.name();
+ case CONTRACTOR: return DefaultOrg.Types.Contractor.name();
+ case APPLICATION: return DefaultOrg.Types.Application.name();
+ case NON_ACTIVE: return DefaultOrg.Types.NotActive.name();
+ default:
+ return "Unknown";
+ }
+ }
+
+ @Override
+ public Identity responsibleTo() throws OrganizationException {
+ if("".equals(identity.responsibleTo) && isFound()) { // cover the situation of Top Dog... reports to no-one.
+ return this;
+ } else {
+ return org.getIdentity(trans, identity.responsibleTo);
+ }
+ }
+
+ @Override
+ public List<String> delegate() {
+ //NOTE: implement Delegate system, if desired
+ return DefaultOrg.NULL_DELEGATES;
+ }
+
+ @Override
+ public String email() {
+ return identity.email;
+ }
+
+ @Override
+ public String fullName() {
+ return identity.name;
+ }
+
+ @Override
+ public String firstName() {
+ return identity.fname;
+ }
+
+ @Override
+ public String mayOwn() {
+ // Assume only Employees are responsible for Resources.
+ if(identity.status==null|| identity.status.length()==0) {
+ return "Identity must have valid status";
+ } else if(EMPLOYEE.equals(identity.status)) {
+ return null; // This is "Yes, is Responsible"
+ } else {
+ return "Reponsible Party must be an Employee";
+ }
+ }
+
+ @Override
+ public boolean isFound() {
+ return identity!=Identities.NO_DATA; // yes, object comparison intended
+ }
+
+ @Override
+ public boolean isPerson() {
+ return !identity.status.equals(APPLICATION);
+ }
+
+ @Override
+ public Organization org() {
+ return org;
+ }
}
diff --git a/auth/auth-deforg/src/main/java/org/onap/aaf/org/DefaultOrgWarnings.java b/auth/auth-deforg/src/main/java/org/onap/aaf/org/DefaultOrgWarnings.java
index 97d0cef2..d544b709 100644
--- a/auth/auth-deforg/src/main/java/org/onap/aaf/org/DefaultOrgWarnings.java
+++ b/auth/auth-deforg/src/main/java/org/onap/aaf/org/DefaultOrgWarnings.java
@@ -25,39 +25,39 @@ import org.onap.aaf.auth.org.EmailWarnings;
public class DefaultOrgWarnings implements EmailWarnings {
- @Override
- public long credEmailInterval()
- {
- return 604800000L; // 7 days in millis 1000 * 86400 * 7
- }
-
- @Override
- public long roleEmailInterval()
- {
- return 604800000L; // 7 days in millis 1000 * 86400 * 7
- }
-
- @Override
- public long apprEmailInterval() {
- return 259200000L; // 3 days in millis 1000 * 86400 * 3
- }
-
- @Override
- public long credExpirationWarning()
- {
- return( 2592000000L ); // One month, in milliseconds 1000 * 86400 * 30 in milliseconds
- }
-
- @Override
- public long roleExpirationWarning()
- {
- return( 2592000000L ); // One month, in milliseconds 1000 * 86400 * 30 in milliseconds
- }
-
- @Override
- public long emailUrgentWarning()
- {
- return( 1209600000L ); // Two weeks, in milliseconds 1000 * 86400 * 14 in milliseconds
- }
+ @Override
+ public long credEmailInterval()
+ {
+ return 604800000L; // 7 days in millis 1000 * 86400 * 7
+ }
+
+ @Override
+ public long roleEmailInterval()
+ {
+ return 604800000L; // 7 days in millis 1000 * 86400 * 7
+ }
+
+ @Override
+ public long apprEmailInterval() {
+ return 259200000L; // 3 days in millis 1000 * 86400 * 3
+ }
+
+ @Override
+ public long credExpirationWarning()
+ {
+ return( 2592000000L ); // One month, in milliseconds 1000 * 86400 * 30 in milliseconds
+ }
+
+ @Override
+ public long roleExpirationWarning()
+ {
+ return( 2592000000L ); // One month, in milliseconds 1000 * 86400 * 30 in milliseconds
+ }
+
+ @Override
+ public long emailUrgentWarning()
+ {
+ return( 1209600000L ); // Two weeks, in milliseconds 1000 * 86400 * 14 in milliseconds
+ }
}
diff --git a/auth/auth-deforg/src/main/java/org/onap/aaf/org/Identities.java b/auth/auth-deforg/src/main/java/org/onap/aaf/org/Identities.java
index 344d0552..345e6e82 100644
--- a/auth/auth-deforg/src/main/java/org/onap/aaf/org/Identities.java
+++ b/auth/auth-deforg/src/main/java/org/onap/aaf/org/Identities.java
@@ -31,113 +31,113 @@ import org.onap.aaf.auth.local.DataFile.Token.Field;
* Example User Data file, which can be modified for many different kinds of Data Feeds.
*
* Note: This has shown to be extremely effective in AT&T, an acknowledged very large organizations,
- * because there is no need to synchronize records. AAF simply receives a Data Feed in Organization
- * defined intervals. (You might want to check for validity, such as size, etc), then is copied into
- * Data Directory. You will want to do so first creating a "lock" file. Assuming the File name is "users.dat",
- * the Lock File is "users.lock".
+ * because there is no need to synchronize records. AAF simply receives a Data Feed in Organization
+ * defined intervals. (You might want to check for validity, such as size, etc), then is copied into
+ * Data Directory. You will want to do so first creating a "lock" file. Assuming the File name is "users.dat",
+ * the Lock File is "users.lock".
*
- * After the movement of the Datafile into place, it is best to remove the Index File, then remove the lock file.
+ * After the movement of the Datafile into place, it is best to remove the Index File, then remove the lock file.
*
- * Note, Any AAF Programs needing this data WILL wait on the Lock file, so you should get fresh Data files
+ * Note, Any AAF Programs needing this data WILL wait on the Lock file, so you should get fresh Data files
* in a "stage" directory, from WEB, or wherever, and then, after it is correct, do the following as fast as feasible.
*
- * a) lock
+ * a) lock
* b) copy from stage
* c) remove idx
* d) unlock
*
- * If the Index File is either non-existent or out of date from the Data File, it will be reindexed, which
- * has proven to be a very quick function, even with large numbers of entries.
+ * If the Index File is either non-existent or out of date from the Data File, it will be reindexed, which
+ * has proven to be a very quick function, even with large numbers of entries.
*
* This Sample Feed is set for a file with delimiter of "|". 512 is maximum expected line length. The "0" is the
* field offset for the "key" to the record, which, for user, should be the unique Organization Identity.
*
*/
public class Identities extends AbsData {
- public final static Data NO_DATA = new Data();
+ public final static Data NO_DATA = new Data();
- public Identities(File users) throws IOException {
- super(users,'|',512,0);
- }
+ public Identities(File users) throws IOException {
+ super(users,'|',512,0);
+ }
- /*
- * Example Field Layout. note, in this example, Application IDs and People IDs are mixed. You may want to split
- * out AppIDs, choose your own status indicators, or whatever you use.
- * 0 - unique ID
- * 1 - full name
- * 2 - first name
- * 3 - last name
- * 4 - phone
- * 5 - official email
- * 6 - employment status e=employee, c=contractor, a=application, n=no longer with company
- * 7 - responsible to (i.e Supervisor for People, or AppOwner, if it's an App ID)
- */
- public static class Data {
- public final String id;
- public final String name;
- public final String fname;
- public final String lname;
- public final String phone;
- public final String email;
- public final String status;
- public final String responsibleTo;
+ /*
+ * Example Field Layout. note, in this example, Application IDs and People IDs are mixed. You may want to split
+ * out AppIDs, choose your own status indicators, or whatever you use.
+ * 0 - unique ID
+ * 1 - full name
+ * 2 - first name
+ * 3 - last name
+ * 4 - phone
+ * 5 - official email
+ * 6 - employment status e=employee, c=contractor, a=application, n=no longer with company
+ * 7 - responsible to (i.e Supervisor for People, or AppOwner, if it's an App ID)
+ */
+ public static class Data {
+ public final String id;
+ public final String name;
+ public final String fname;
+ public final String lname;
+ public final String phone;
+ public final String email;
+ public final String status;
+ public final String responsibleTo;
- private Data(Field f) {
- f.reset();
- id=f.next();
- name=f.next();
- fname=f.next();
- lname=f.next();
- phone=f.next();
- email=f.next();
- status=f.next();
- responsibleTo =f.next();
- }
+ private Data(Field f) {
+ f.reset();
+ id=f.next();
+ name=f.next();
+ fname=f.next();
+ lname=f.next();
+ phone=f.next();
+ email=f.next();
+ status=f.next();
+ responsibleTo =f.next();
+ }
- private Data() {
- id = name = fname = lname =
- phone = email = status = responsibleTo
- = "";
- }
+ private Data() {
+ id = name = fname = lname =
+ phone = email = status = responsibleTo
+ = "";
+ }
- public String toString() {
- return id + '|' +
- name + '|' +
- lname + '|' +
- fname + '|' +
- phone + '|' +
- email + '|' +
- status + '|' +
- responsibleTo;
- }
+ public String toString() {
+ return id + '|' +
+ name + '|' +
+ lname + '|' +
+ fname + '|' +
+ phone + '|' +
+ email + '|' +
+ status + '|' +
+ responsibleTo;
+ }
- // Here, make up your own Methods which help you easily determine your Organization's structure
- // in your Organization Object
- public boolean hasStatus(String possible) {
- return possible.contains(status);
- }
+ // Here, make up your own Methods which help you easily determine your Organization's structure
+ // in your Organization Object
+ public boolean hasStatus(String possible) {
+ return possible.contains(status);
+ }
- public boolean isEmployee() {
- return "e".equals(status);
- }
+ public boolean isEmployee() {
+ return "e".equals(status);
+ }
- public boolean isContractor() {
- return "c".equals(status);
- }
+ public boolean isContractor() {
+ return "c".equals(status);
+ }
- public boolean isApplication() {
- return "a".equals(status);
- }
- }
+ public boolean isApplication() {
+ return "a".equals(status);
+ }
+ }
- public Data find(Object key,Reuse r) throws IOException {
- r.reset();
- // These are new, to allow for Thread Safety
- int rec = ti.find(key,r,0);
- if(rec<0) {
- return null;
- }
- r.pos(rec);
- return new Data(r.getFieldData());
- }
+ public Data find(Object key,Reuse r) throws IOException {
+ r.reset();
+ // These are new, to allow for Thread Safety
+ int rec = ti.find(key,r,0);
+ if(rec<0) {
+ return null;
+ }
+ r.pos(rec);
+ return new Data(r.getFieldData());
+ }
}
diff --git a/auth/auth-deforg/src/test/java/org/onap/aaf/org/test/JU_DefaultOrg.java b/auth/auth-deforg/src/test/java/org/onap/aaf/org/test/JU_DefaultOrg.java
index b0ade8c0..e52f3cca 100644
--- a/auth/auth-deforg/src/test/java/org/onap/aaf/org/test/JU_DefaultOrg.java
+++ b/auth/auth-deforg/src/test/java/org/onap/aaf/org/test/JU_DefaultOrg.java
@@ -53,219 +53,219 @@ import org.powermock.modules.junit4.PowerMockRunner;
public class JU_DefaultOrg {
- private DefaultOrg defaultOrg;
+ private DefaultOrg defaultOrg;
- Identities.Data data;
+ Identities.Data data;
- @Mock
- Env envMock;
+ @Mock
+ Env envMock;
- @Mock
- AuthzTrans authzTransMock;
+ @Mock
+ AuthzTrans authzTransMock;
- @Mock
- TimeTaken ttMock;
+ @Mock
+ TimeTaken ttMock;
- @Mock
- LogTarget logTargetMock;
+ @Mock
+ LogTarget logTargetMock;
- private static final String PROPERTY_IS_REQUIRED = " property is Required";
- private static final String DOMAIN = "osaaf.com";
- private static final String REALM = "com.osaaf";
- private static final String NAME = "Default Organization";
- private static final String NO_PASS = NAME + " does not support Passwords. Use AAF";
+ private static final String PROPERTY_IS_REQUIRED = " property is Required";
+ private static final String DOMAIN = "osaaf.com";
+ private static final String REALM = "com.osaaf";
+ private static final String NAME = "Default Organization";
+ private static final String NO_PASS = NAME + " does not support Passwords. Use AAF";
- private static final String URL = "www.deforg.com";
- private static final String IDENT = "ccontra|iowna";
- private static final String CCS = "mmanager|bdevl";
- String mailHost,mailFromUserId,summary,supportAddress;
+ private static final String URL = "www.deforg.com";
+ private static final String IDENT = "ccontra|iowna";
+ private static final String CCS = "mmanager|bdevl";
+ String mailHost,mailFromUserId,summary,supportAddress;
- private final static int TIMEOUT = Integer.parseInt(Config.AAF_CONN_TIMEOUT_DEF);
+ private final static int TIMEOUT = Integer.parseInt(Config.AAF_CONN_TIMEOUT_DEF);
- @Before
- public void setUp() throws OrganizationException{
+ @Before
+ public void setUp() throws OrganizationException{
- mailFromUserId = "frommail";
- mailHost = "hostmail";
- File file = new File("src/test/resources/");
- when(envMock.getProperty(REALM + ".name","Default Organization")).thenReturn(NAME);
- when(envMock.getProperty(REALM + ".mailHost",null)).thenReturn(mailHost);
- when(envMock.getProperty(REALM + ".mailFrom",null)).thenReturn(mailFromUserId);
- when(envMock.getProperty("aaf_data_dir")).thenReturn(file.getAbsolutePath());
- when(envMock.warn()).thenReturn(logTargetMock);
- when(authzTransMock.warn()).thenReturn(logTargetMock);
- when(authzTransMock.start(any(String.class),any(Integer.class))).thenReturn(ttMock);
- when(authzTransMock.error()).thenReturn(logTargetMock);
- when(authzTransMock.getProperty("CASS_ENV", "")).thenReturn("Cassandra env");
+ mailFromUserId = "frommail";
+ mailHost = "hostmail";
+ File file = new File("src/test/resources/");
+ when(envMock.getProperty(REALM + ".name","Default Organization")).thenReturn(NAME);
+ when(envMock.getProperty(REALM + ".mailHost",null)).thenReturn(mailHost);
+ when(envMock.getProperty(REALM + ".mailFrom",null)).thenReturn(mailFromUserId);
+ when(envMock.getProperty("aaf_data_dir")).thenReturn(file.getAbsolutePath());
+ when(envMock.warn()).thenReturn(logTargetMock);
+ when(authzTransMock.warn()).thenReturn(logTargetMock);
+ when(authzTransMock.start(any(String.class),any(Integer.class))).thenReturn(ttMock);
+ when(authzTransMock.error()).thenReturn(logTargetMock);
+ when(authzTransMock.getProperty("CASS_ENV", "")).thenReturn("Cassandra env");
- defaultOrg = new DefaultOrg(envMock, REALM);
+ defaultOrg = new DefaultOrg(envMock, REALM);
- }
+ }
- @Test
- public void testDefOrg_returnDataIdentityNotNull() throws OrganizationException {
+ @Test
+ public void testDefOrg_returnDataIdentityNotNull() throws OrganizationException {
- try {
- defaultOrg.identities.open(authzTransMock, TIMEOUT);
- try {
- Reuse r = defaultOrg.identities.reuse();
- data = defaultOrg.identities.find("iowna", defaultOrg.identities.reuse());
- System.out.println("here is identities data: "+ data.toString());
+ try {
+ defaultOrg.identities.open(authzTransMock, TIMEOUT);
+ try {
+ Reuse r = defaultOrg.identities.reuse();
+ data = defaultOrg.identities.find("iowna", defaultOrg.identities.reuse());
+ System.out.println("here is identities data: "+ data.toString());
- } finally {
- defaultOrg.identities.close(authzTransMock);
- }
- } catch (IOException e) {
- throw new OrganizationException(e);
- }
+ } finally {
+ defaultOrg.identities.close(authzTransMock);
+ }
+ } catch (IOException e) {
+ throw new OrganizationException(e);
+ }
- assertTrue(data.toString() != null);
+ assertTrue(data.toString() != null);
- }
+ }
- @Test
- public void testDefOrg_returnDefOrgEntity() {
+ @Test
+ public void testDefOrg_returnDefOrgEntity() {
- assertTrue(defaultOrg != null);
+ assertTrue(defaultOrg != null);
- }
+ }
- @Test
- public void testDefOrgNotifyApproval_returnResponseOK() {
+ @Test
+ public void testDefOrgNotifyApproval_returnResponseOK() {
- summary = "Approval";
- Boolean urgent = false;
- DefaultOrg.Response response = defaultOrg.notify(authzTransMock, DefaultOrg.Notify.Approval, URL, IDENT.split("\\|"), CCS.split("\\|"), summary, urgent);
- assertEquals(response.name(), "OK");
+ summary = "Approval";
+ Boolean urgent = false;
+ DefaultOrg.Response response = defaultOrg.notify(authzTransMock, DefaultOrg.Notify.Approval, URL, IDENT.split("\\|"), CCS.split("\\|"), summary, urgent);
+ assertEquals(response.name(), "OK");
- }
-
- @Test
- public void testDefOrgPasswords() {
- assertEquals(defaultOrg.isValidPassword(authzTransMock, null, "new2You!", "Pilgrim"),"");
- assertEquals(defaultOrg.isValidPassword(authzTransMock, null, "new2you!", "Pilgrim"),"");
- assertNotSame(defaultOrg.isValidPassword(authzTransMock, null, "newtoyou", "Pilgrim"),"");
- }
+ }
+
+ @Test
+ public void testDefOrgPasswords() {
+ assertEquals(defaultOrg.isValidPassword(authzTransMock, null, "new2You!", "Pilgrim"),"");
+ assertEquals(defaultOrg.isValidPassword(authzTransMock, null, "new2you!", "Pilgrim"),"");
+ assertNotSame(defaultOrg.isValidPassword(authzTransMock, null, "newtoyou", "Pilgrim"),"");
+ }
- @Test
- public void testDefOrgNotifyPasswordExpiration_returnResponseOK() {
+ @Test
+ public void testDefOrgNotifyPasswordExpiration_returnResponseOK() {
- summary = "PasswordExpiration";
- Boolean urgent = false;
- DefaultOrg.Response response = defaultOrg.notify(authzTransMock, DefaultOrg.Notify.PasswordExpiration, URL, IDENT.split("\\|"), CCS.split("\\|"), summary, urgent);
- assertEquals(response.name(), "OK");
+ summary = "PasswordExpiration";
+ Boolean urgent = false;
+ DefaultOrg.Response response = defaultOrg.notify(authzTransMock, DefaultOrg.Notify.PasswordExpiration, URL, IDENT.split("\\|"), CCS.split("\\|"), summary, urgent);
+ assertEquals(response.name(), "OK");
- }
+ }
- @Test
- public void testDefOrgNotifyRoleExpiration_returnResponseOK() {
+ @Test
+ public void testDefOrgNotifyRoleExpiration_returnResponseOK() {
- summary = "RoleExpiration";
- Boolean urgent = false;
- DefaultOrg.Response response = defaultOrg.notify(authzTransMock, DefaultOrg.Notify.RoleExpiration, URL, IDENT.split("\\|"), CCS.split("\\|"), summary, urgent);
- assertEquals(response.name(), "OK");
- }
+ summary = "RoleExpiration";
+ Boolean urgent = false;
+ DefaultOrg.Response response = defaultOrg.notify(authzTransMock, DefaultOrg.Notify.RoleExpiration, URL, IDENT.split("\\|"), CCS.split("\\|"), summary, urgent);
+ assertEquals(response.name(), "OK");
+ }
- @Test
- public void testDefOrgNotifyRoleExpirationUrgent_returnResponseOK() {
+ @Test
+ public void testDefOrgNotifyRoleExpirationUrgent_returnResponseOK() {
- summary = "RoleExpirationUrgent";
- Boolean urgent = true;
- when(authzTransMock.info()).thenReturn(logTargetMock);
- DefaultOrg.Response response = defaultOrg.notify(authzTransMock, DefaultOrg.Notify.RoleExpiration, URL, IDENT.split("\\|"), CCS.split("\\|"), summary, urgent);
- assertEquals(response.name(), "OK");
+ summary = "RoleExpirationUrgent";
+ Boolean urgent = true;
+ when(authzTransMock.info()).thenReturn(logTargetMock);
+ DefaultOrg.Response response = defaultOrg.notify(authzTransMock, DefaultOrg.Notify.RoleExpiration, URL, IDENT.split("\\|"), CCS.split("\\|"), summary, urgent);
+ assertEquals(response.name(), "OK");
- }
-
- @Test
- public void testDefOrgNotifyModeTest_returnResponseOK() {
-
- summary = "ModeTest";
- Boolean urgent = false;
- when(authzTransMock.info()).thenReturn(logTargetMock);
- defaultOrg.setTestMode(true);
- DefaultOrg.Response response = defaultOrg.notify(authzTransMock, DefaultOrg.Notify.RoleExpiration, URL, IDENT.split("\\|"), CCS.split("\\|"), summary, urgent);
- assertEquals(response.name(), "OK");
+ }
+
+ @Test
+ public void testDefOrgNotifyModeTest_returnResponseOK() {
+
+ summary = "ModeTest";
+ Boolean urgent = false;
+ when(authzTransMock.info()).thenReturn(logTargetMock);
+ defaultOrg.setTestMode(true);
+ DefaultOrg.Response response = defaultOrg.notify(authzTransMock, DefaultOrg.Notify.RoleExpiration, URL, IDENT.split("\\|"), CCS.split("\\|"), summary, urgent);
+ assertEquals(response.name(), "OK");
- }
+ }
- //@Test //(expected=OrganizationException.class)
- public void testMultipleCreds() throws OrganizationException{
- String id = "test";
- boolean canHaveMultipleCreds;
- canHaveMultipleCreds = defaultOrg.canHaveMultipleCreds(id );
- System.out.println("value of canHaveMultipleCreds: " + canHaveMultipleCreds);
- assertTrue(canHaveMultipleCreds);
- }
-
+ //@Test //(expected=OrganizationException.class)
+ public void testMultipleCreds() throws OrganizationException{
+ String id = "test";
+ boolean canHaveMultipleCreds;
+ canHaveMultipleCreds = defaultOrg.canHaveMultipleCreds(id );
+ System.out.println("value of canHaveMultipleCreds: " + canHaveMultipleCreds);
+ assertTrue(canHaveMultipleCreds);
+ }
+
- //@Test
- public void testGetIdentityTypes() throws OrganizationException{
- Set<String> identityTypes = defaultOrg.getIdentityTypes();
- System.out.println("value of IdentityTypes: " + identityTypes);
- assertTrue(identityTypes.size() == 4);
- }
+ //@Test
+ public void testGetIdentityTypes() throws OrganizationException{
+ Set<String> identityTypes = defaultOrg.getIdentityTypes();
+ System.out.println("value of IdentityTypes: " + identityTypes);
+ assertTrue(identityTypes.size() == 4);
+ }
- //@Test
- public void testGetRealm() throws OrganizationException{
- String realmTest = defaultOrg.getRealm();
- System.out.println("value of realm: " + realmTest);
- assertTrue(realmTest == REALM);
- }
-
- public void supportsRealm() {
- String otherRealm = "org.ossaf.something";
- defaultOrg.addSupportedRealm(otherRealm);
- assertTrue(defaultOrg.supportsRealm(otherRealm));
- }
- //@Test
- public void testGetName() throws OrganizationException{
- String testName = defaultOrg.getName();
- System.out.println("value of name: " + testName);
- assertTrue(testName == NAME);
- }
-
-
- //@Test
- public void testGetDomain() throws OrganizationException{
- String testDomain = defaultOrg.getDomain();
- System.out.println("value of domain: " + testDomain);
- assertTrue(testDomain == DOMAIN);
- }
-
- // @Test
- // public void testIsValidID(){
- // String Result = defaultOrg.isValidID(Matchers.anyString());
- // System.out.println("value of res " +Result);
- // assertNotNull(Result);
- // }
-
- @Test
- public void testResponsible() throws OrganizationException {
- Identity id = defaultOrg.getIdentity(authzTransMock, "osaaf");
- Identity rt = id.responsibleTo();
- assertTrue(rt.id().equals("bdevl"));
-
- }
-
- //@Test
- public void notYetImplemented() {
- fail("Tests in this file should not be trusted");
- }
+ //@Test
+ public void testGetRealm() throws OrganizationException{
+ String realmTest = defaultOrg.getRealm();
+ System.out.println("value of realm: " + realmTest);
+ assertTrue(realmTest == REALM);
+ }
+
+ public void supportsRealm() {
+ String otherRealm = "org.ossaf.something";
+ defaultOrg.addSupportedRealm(otherRealm);
+ assertTrue(defaultOrg.supportsRealm(otherRealm));
+ }
+ //@Test
+ public void testGetName() throws OrganizationException{
+ String testName = defaultOrg.getName();
+ System.out.println("value of name: " + testName);
+ assertTrue(testName == NAME);
+ }
+
+
+ //@Test
+ public void testGetDomain() throws OrganizationException{
+ String testDomain = defaultOrg.getDomain();
+ System.out.println("value of domain: " + testDomain);
+ assertTrue(testDomain == DOMAIN);
+ }
+
+ // @Test
+ // public void testIsValidID(){
+ // String Result = defaultOrg.isValidID(Matchers.anyString());
+ // System.out.println("value of res " +Result);
+ // assertNotNull(Result);
+ // }
+
+ @Test
+ public void testResponsible() throws OrganizationException {
+ Identity id = defaultOrg.getIdentity(authzTransMock, "osaaf");
+ Identity rt = id.responsibleTo();
+ assertTrue(rt.id().equals("bdevl"));
+
+ }
+
+ //@Test
+ public void notYetImplemented() {
+ fail("Tests in this file should not be trusted");
+ }
}
diff --git a/auth/auth-deforg/src/test/java/org/onap/aaf/org/test/JU_DefaultOrgIdentity.java b/auth/auth-deforg/src/test/java/org/onap/aaf/org/test/JU_DefaultOrgIdentity.java
index 3e5c74b5..d0d08075 100644
--- a/auth/auth-deforg/src/test/java/org/onap/aaf/org/test/JU_DefaultOrgIdentity.java
+++ b/auth/auth-deforg/src/test/java/org/onap/aaf/org/test/JU_DefaultOrgIdentity.java
@@ -44,120 +44,120 @@ import java.io.IOException;
@RunWith(PowerMockRunner.class)
public class JU_DefaultOrgIdentity {
- private DefaultOrg defaultOrgMock;
+ private DefaultOrg defaultOrgMock;
- @Mock
- private Reuse rMock;
+ @Mock
+ private Reuse rMock;
- @Mock
- AuthzTrans authzTransMock;
+ @Mock
+ AuthzTrans authzTransMock;
- @Mock
- private Data dataMock;
+ @Mock
+ private Data dataMock;
- @Mock
- private DefaultOrgIdentity defaultOrgIdentity;
+ @Mock
+ private DefaultOrgIdentity defaultOrgIdentity;
- static String key = "iowna@deforg";
- static String orgDomain = "@deforg";
+ static String key = "iowna@deforg";
+ static String orgDomain = "@deforg";
- @Before
- public void setUp() throws IOException, OrganizationException {
- MockitoAnnotations.initMocks(this);
- defaultOrgMock = PowerMockito.mock(DefaultOrg.class);
- defaultOrgMock.identities = mock(Identities.class);
+ @Before
+ public void setUp() throws IOException, OrganizationException {
+ MockitoAnnotations.initMocks(this);
+ defaultOrgMock = PowerMockito.mock(DefaultOrg.class);
+ defaultOrgMock.identities = mock(Identities.class);
- authzTransMock = PowerMockito.mock(AuthzTrans.class);
+ authzTransMock = PowerMockito.mock(AuthzTrans.class);
- when(defaultOrgMock.getDomain()).thenReturn(orgDomain);
- when(defaultOrgMock.identities.reuse()).thenReturn(rMock);
- when(defaultOrgMock.identities.find(eq(key),any(Reuse.class))).thenReturn(dataMock);
+ when(defaultOrgMock.getDomain()).thenReturn(orgDomain);
+ when(defaultOrgMock.identities.reuse()).thenReturn(rMock);
+ when(defaultOrgMock.identities.find(eq(key),any(Reuse.class))).thenReturn(dataMock);
- defaultOrgIdentity = new DefaultOrgIdentity(authzTransMock, key, defaultOrgMock);
+ defaultOrgIdentity = new DefaultOrgIdentity(authzTransMock, key, defaultOrgMock);
- }
+ }
- @Test
- public void testIdentify_returnIdentifiedEntity() {
+ @Test
+ public void testIdentify_returnIdentifiedEntity() {
- assertTrue(defaultOrgIdentity.id() != null);
+ assertTrue(defaultOrgIdentity.id() != null);
- }
+ }
- @Test
- public void testIdentify_returnIdentifiedEntityWithDataNull() throws IOException, OrganizationException {
+ @Test
+ public void testIdentify_returnIdentifiedEntityWithDataNull() throws IOException, OrganizationException {
- when(defaultOrgMock.identities.find(eq(key),any(Reuse.class))).thenReturn(null);
+ when(defaultOrgMock.identities.find(eq(key),any(Reuse.class))).thenReturn(null);
- DefaultOrgIdentity defaultOrgIdentityDataNull = new DefaultOrgIdentity(authzTransMock, key, defaultOrgMock);
- assertTrue(defaultOrgIdentityDataNull.id() != null);
+ DefaultOrgIdentity defaultOrgIdentityDataNull = new DefaultOrgIdentity(authzTransMock, key, defaultOrgMock);
+ assertTrue(defaultOrgIdentityDataNull.id() != null);
- }
+ }
- @Test(expected = OrganizationException.class)
- public void testIdentify_returnThrowIOException() throws OrganizationException {
+ @Test(expected = OrganizationException.class)
+ public void testIdentify_returnThrowIOException() throws OrganizationException {
- when(defaultOrgMock.getDomain()).thenReturn(orgDomain);
- when(defaultOrgMock.identities.reuse()).thenThrow(IOException.class);
- DefaultOrgIdentity defaultOrgIdentityException = new DefaultOrgIdentity(authzTransMock, key, defaultOrgMock);
+ when(defaultOrgMock.getDomain()).thenReturn(orgDomain);
+ when(defaultOrgMock.identities.reuse()).thenThrow(IOException.class);
+ DefaultOrgIdentity defaultOrgIdentityException = new DefaultOrgIdentity(authzTransMock, key, defaultOrgMock);
- }
+ }
- @Test
- public void testEquals_returnTrue() {
+ @Test
+ public void testEquals_returnTrue() {
- Object b = defaultOrgIdentity;
- assertTrue(defaultOrgIdentity.equals(b) == true );
- }
+ Object b = defaultOrgIdentity;
+ assertTrue(defaultOrgIdentity.equals(b) == true );
+ }
- @Test
- public void testStatus_returnUnknown() {
+ @Test
+ public void testStatus_returnUnknown() {
- assertEquals(defaultOrgIdentity.type(), "Unknown");
+ assertEquals(defaultOrgIdentity.type(), "Unknown");
- }
+ }
- @Test
- public void testHash_returnHashCode() {
+ @Test
+ public void testHash_returnHashCode() {
- assertTrue(defaultOrgIdentity.hashCode() != 0 );
+ assertTrue(defaultOrgIdentity.hashCode() != 0 );
- }
+ }
- @Test
- public void testFullId_returnFullId() throws IOException, OrganizationException{
- String key="toto@deforg";
- String orgDomain="@deforg";
- when(defaultOrgMock.getDomain()).thenReturn(orgDomain);
- when(defaultOrgMock.identities.reuse()).thenReturn(rMock);
- when(defaultOrgMock.identities.find(eq(key),any(Reuse.class))).thenReturn(dataMock);
- defaultOrgIdentity = new DefaultOrgIdentity(authzTransMock, key, defaultOrgMock);
+ @Test
+ public void testFullId_returnFullId() throws IOException, OrganizationException{
+ String key="toto@deforg";
+ String orgDomain="@deforg";
+ when(defaultOrgMock.getDomain()).thenReturn(orgDomain);
+ when(defaultOrgMock.identities.reuse()).thenReturn(rMock);
+ when(defaultOrgMock.identities.find(eq(key),any(Reuse.class))).thenReturn(dataMock);
+ defaultOrgIdentity = new DefaultOrgIdentity(authzTransMock, key, defaultOrgMock);
- assertTrue(defaultOrgIdentity.fullID().contains("@") );
- }
+ assertTrue(defaultOrgIdentity.fullID().contains("@") );
+ }
- @Test
- public void testEmail_returnEmail() {
+ @Test
+ public void testEmail_returnEmail() {
- assertTrue(defaultOrgIdentity.email() != null );
- }
+ assertTrue(defaultOrgIdentity.email() != null );
+ }
- @Test
- public void testFullName_returnFullName() {
+ @Test
+ public void testFullName_returnFullName() {
- assertTrue(defaultOrgIdentity.fullName() != null );
- }
+ assertTrue(defaultOrgIdentity.fullName() != null );
+ }
- @Test
- public void testFirstName_returnFirstName() {
+ @Test
+ public void testFirstName_returnFirstName() {
- assertTrue(defaultOrgIdentity.firstName() != null );
- }
+ assertTrue(defaultOrgIdentity.firstName() != null );
+ }
diff --git a/auth/auth-deforg/src/test/java/org/onap/aaf/org/test/JU_DefaultOrgWarnings.java b/auth/auth-deforg/src/test/java/org/onap/aaf/org/test/JU_DefaultOrgWarnings.java
index 2692d608..ad92c3e1 100644
--- a/auth/auth-deforg/src/test/java/org/onap/aaf/org/test/JU_DefaultOrgWarnings.java
+++ b/auth/auth-deforg/src/test/java/org/onap/aaf/org/test/JU_DefaultOrgWarnings.java
@@ -34,50 +34,50 @@ import org.powermock.modules.junit4.PowerMockRunner;
@RunWith(PowerMockRunner.class)
public class JU_DefaultOrgWarnings {
- private DefaultOrgWarnings defaultOrgWarningsMock;
- private DefaultOrgWarnings defaultOrgWarnings;
+ private DefaultOrgWarnings defaultOrgWarningsMock;
+ private DefaultOrgWarnings defaultOrgWarnings;
- @Before
- public void setUp(){
- MockitoAnnotations.initMocks(this);
+ @Before
+ public void setUp(){
+ MockitoAnnotations.initMocks(this);
- defaultOrgWarningsMock = PowerMockito.mock(DefaultOrgWarnings.class);
+ defaultOrgWarningsMock = PowerMockito.mock(DefaultOrgWarnings.class);
- defaultOrgWarnings = new DefaultOrgWarnings();
- }
+ defaultOrgWarnings = new DefaultOrgWarnings();
+ }
- @Test
- public void testApprEmailInterval() {
+ @Test
+ public void testApprEmailInterval() {
- assertEquals(259200000, defaultOrgWarnings.apprEmailInterval() );
- }
+ assertEquals(259200000, defaultOrgWarnings.apprEmailInterval() );
+ }
- @Test
- public void testCredEmailInterval() {
- assertEquals(604800000, defaultOrgWarnings.credEmailInterval());
+ @Test
+ public void testCredEmailInterval() {
+ assertEquals(604800000, defaultOrgWarnings.credEmailInterval());
- }
+ }
- @Test
- public void testCredExpirationWarning() {
- assertEquals(2592000000L, defaultOrgWarnings.credExpirationWarning());
- }
+ @Test
+ public void testCredExpirationWarning() {
+ assertEquals(2592000000L, defaultOrgWarnings.credExpirationWarning());
+ }
- @Test
- public void testEmailUrgentWarning() {
- assertEquals(1209600000L, defaultOrgWarnings.emailUrgentWarning());
- }
+ @Test
+ public void testEmailUrgentWarning() {
+ assertEquals(1209600000L, defaultOrgWarnings.emailUrgentWarning());
+ }
- @Test
- public void testRoleEmailInterval() {
- assertEquals(604800000L, defaultOrgWarnings.roleEmailInterval());
- }
+ @Test
+ public void testRoleEmailInterval() {
+ assertEquals(604800000L, defaultOrgWarnings.roleEmailInterval());
+ }
- @Test
- public void testRoleExpirationWarning() {
- assertEquals(2592000000L, defaultOrgWarnings.roleExpirationWarning());
- }
+ @Test
+ public void testRoleExpirationWarning() {
+ assertEquals(2592000000L, defaultOrgWarnings.roleExpirationWarning());
+ }
}
diff --git a/auth/auth-deforg/src/test/java/org/onap/aaf/org/test/JU_Identities.java b/auth/auth-deforg/src/test/java/org/onap/aaf/org/test/JU_Identities.java
index 458d3b25..6fa7a347 100644
--- a/auth/auth-deforg/src/test/java/org/onap/aaf/org/test/JU_Identities.java
+++ b/auth/auth-deforg/src/test/java/org/onap/aaf/org/test/JU_Identities.java
@@ -44,67 +44,67 @@ import org.onap.aaf.org.Identities.Data;
*/
public class JU_Identities {
//
-// private static final String DATA_IDENTITIES = "/opt/app/onap/data/identities.dat";
-// private static File fids;
-// private static Identities ids;
-// private static AuthzEnv env;
+// private static final String DATA_IDENTITIES = "/opt/app/onap/data/identities.dat";
+// private static File fids;
+// private static Identities ids;
+// private static AuthzEnv env;
//
-// /**
-// * @throws java.lang.Exception
-// */
-// @BeforeClass
-// public static void setUpBeforeClass() throws Exception {
-// env = new AuthzEnv();
-// AuthzTrans trans = env.newTransNoAvg();
-// // Note: utilize TimeTaken, from trans.start if you want to time.
-// fids = new File(DATA_IDENTITIES);
-// if(fids.exists()) {
-// ids = new Identities(fids);
-// ids.open(trans, 5000);
-// } else {
-//
-// throw new Exception("Data File for Tests, \"" + DATA_IDENTITIES
-// + "\" must exist before test can run. (Current dir is " + System.getProperty("user.dir") + ")");
-// }
-// }
+// /**
+// * @throws java.lang.Exception
+// */
+// @BeforeClass
+// public static void setUpBeforeClass() throws Exception {
+// env = new AuthzEnv();
+// AuthzTrans trans = env.newTransNoAvg();
+// // Note: utilize TimeTaken, from trans.start if you want to time.
+// fids = new File(DATA_IDENTITIES);
+// if(fids.exists()) {
+// ids = new Identities(fids);
+// ids.open(trans, 5000);
+// } else {
+//
+// throw new Exception("Data File for Tests, \"" + DATA_IDENTITIES
+// + "\" must exist before test can run. (Current dir is " + System.getProperty("user.dir") + ")");
+// }
+// }
//
-// /**
-// * @throws java.lang.Exception
-// */
-// @AfterClass
-// public static void tearDownAfterClass() throws Exception {
-// AuthzTrans trans = env.newTransNoAvg();
-// if(ids!=null) {
-// ids.close(trans);
-// }
-// }
+// /**
+// * @throws java.lang.Exception
+// */
+// @AfterClass
+// public static void tearDownAfterClass() throws Exception {
+// AuthzTrans trans = env.newTransNoAvg();
+// if(ids!=null) {
+// ids.close(trans);
+// }
+// }
//
-// /**
-// * @throws java.lang.Exception
-// */
-// @Before
-// public void setUp() throws Exception {
-// }
+// /**
+// * @throws java.lang.Exception
+// */
+// @Before
+// public void setUp() throws Exception {
+// }
//
-// /**
-// * @throws java.lang.Exception
-// */
-// @After
-// public void tearDown() throws Exception {
-// }
+// /**
+// * @throws java.lang.Exception
+// */
+// @After
+// public void tearDown() throws Exception {
+// }
//
-// @Test
-// public void test() throws IOException {
-// Reuse reuse = ids.reuse(); // this object can be reused within the same thread.
-// Data id = ids.find("osaaf",reuse);
-// Assert.assertNotNull(id);
-// System.out.println(id);
+// @Test
+// public void test() throws IOException {
+// Reuse reuse = ids.reuse(); // this object can be reused within the same thread.
+// Data id = ids.find("osaaf",reuse);
+// Assert.assertNotNull(id);
+// System.out.println(id);
//
-// id = ids.find("mmanager",reuse);
-// Assert.assertNotNull(id);
-// System.out.println(id);
+// id = ids.find("mmanager",reuse);
+// Assert.assertNotNull(id);
+// System.out.println(id);
//
-// //TODO Fill out JUnit with Tests of all Methods in "Data id"
-// }
+// //TODO Fill out JUnit with Tests of all Methods in "Data id"
+// }
}
diff --git a/auth/auth-deforg/src/test/java/org/onap/aaf/org/test/JU_Passwords.java b/auth/auth-deforg/src/test/java/org/onap/aaf/org/test/JU_Passwords.java
index 72e4ff87..847e59f1 100644
--- a/auth/auth-deforg/src/test/java/org/onap/aaf/org/test/JU_Passwords.java
+++ b/auth/auth-deforg/src/test/java/org/onap/aaf/org/test/JU_Passwords.java
@@ -46,80 +46,80 @@ import org.powermock.modules.junit4.PowerMockRunner;
public class JU_Passwords {
- private DefaultOrg defaultOrg;
+ private DefaultOrg defaultOrg;
- Identities.Data data;
+ Identities.Data data;
- @Mock
- Env envMock;
+ @Mock
+ Env envMock;
- @Mock
- AuthzTrans authzTransMock;
+ @Mock
+ AuthzTrans authzTransMock;
- @Mock
- TimeTaken ttMock;
+ @Mock
+ TimeTaken ttMock;
- @Mock
- LogTarget logTargetMock;
+ @Mock
+ LogTarget logTargetMock;
- private static final String REALM = "org.osaaf";
- private static final String NAME = "Default Organization";
+ private static final String REALM = "org.osaaf";
+ private static final String NAME = "Default Organization";
- String mailHost,mailFromUserId,summary,supportAddress;
+ String mailHost,mailFromUserId,summary,supportAddress;
- @Before
- public void setUp() throws OrganizationException{
+ @Before
+ public void setUp() throws OrganizationException{
- mailFromUserId = "frommail";
- mailHost = "hostmail";
- File file = new File("src/test/resources/");
- when(envMock.getProperty(REALM + ".name","Default Organization")).thenReturn(NAME);
- when(envMock.getProperty(REALM + ".mailHost",null)).thenReturn(mailHost);
- when(envMock.getProperty(REALM + ".mailFrom",null)).thenReturn(mailFromUserId);
- when(envMock.getProperty("aaf_data_dir")).thenReturn(file.getAbsolutePath());
- when(envMock.warn()).thenReturn(logTargetMock);
- when(authzTransMock.warn()).thenReturn(logTargetMock);
- when(authzTransMock.start(any(String.class),any(Integer.class))).thenReturn(ttMock);
- when(authzTransMock.error()).thenReturn(logTargetMock);
- when(authzTransMock.getProperty("CASS_ENV", "")).thenReturn("Cassandra env");
+ mailFromUserId = "frommail";
+ mailHost = "hostmail";
+ File file = new File("src/test/resources/");
+ when(envMock.getProperty(REALM + ".name","Default Organization")).thenReturn(NAME);
+ when(envMock.getProperty(REALM + ".mailHost",null)).thenReturn(mailHost);
+ when(envMock.getProperty(REALM + ".mailFrom",null)).thenReturn(mailFromUserId);
+ when(envMock.getProperty("aaf_data_dir")).thenReturn(file.getAbsolutePath());
+ when(envMock.warn()).thenReturn(logTargetMock);
+ when(authzTransMock.warn()).thenReturn(logTargetMock);
+ when(authzTransMock.start(any(String.class),any(Integer.class))).thenReturn(ttMock);
+ when(authzTransMock.error()).thenReturn(logTargetMock);
+ when(authzTransMock.getProperty("CASS_ENV", "")).thenReturn("Cassandra env");
- defaultOrg = new DefaultOrg(envMock, REALM);
+ defaultOrg = new DefaultOrg(envMock, REALM);
- }
+ }
- @Test
- public void testDefOrgPasswords() {
- // Accepts letters and one of (number, Special Char, Upper)
- assertEquals(defaultOrg.isValidPassword(authzTransMock, null, "newyou2", "Pilgrim"),"");
- assertEquals(defaultOrg.isValidPassword(authzTransMock, null, "newyou!", "Pilgrim"),"");
- assertEquals(defaultOrg.isValidPassword(authzTransMock, null, "newyou!", "Pilgrim"),"");
-
- // Don't accept just letters, Numbers or Special Chars, or without ANY letters
- assertNotSame(defaultOrg.isValidPassword(authzTransMock, null, "newyouA", "Pilgrim"),"");
- assertNotSame(defaultOrg.isValidPassword(authzTransMock, null, "NEWYOU", "Pilgrim"),"");
- assertNotSame(defaultOrg.isValidPassword(authzTransMock, null, "newyou", "Pilgrim"),"");
- assertNotSame(defaultOrg.isValidPassword(authzTransMock, null, "125343", "Pilgrim"),"");
- assertNotSame(defaultOrg.isValidPassword(authzTransMock, null, "#$@*^#", "Pilgrim"),"");
- assertNotSame(defaultOrg.isValidPassword(authzTransMock, null, "#$3333", "Pilgrim"),"");
+ @Test
+ public void testDefOrgPasswords() {
+ // Accepts letters and one of (number, Special Char, Upper)
+ assertEquals(defaultOrg.isValidPassword(authzTransMock, null, "newyou2", "Pilgrim"),"");
+ assertEquals(defaultOrg.isValidPassword(authzTransMock, null, "newyou!", "Pilgrim"),"");
+ assertEquals(defaultOrg.isValidPassword(authzTransMock, null, "newyou!", "Pilgrim"),"");
+
+ // Don't accept just letters, Numbers or Special Chars, or without ANY letters
+ assertNotSame(defaultOrg.isValidPassword(authzTransMock, null, "newyouA", "Pilgrim"),"");
+ assertNotSame(defaultOrg.isValidPassword(authzTransMock, null, "NEWYOU", "Pilgrim"),"");
+ assertNotSame(defaultOrg.isValidPassword(authzTransMock, null, "newyou", "Pilgrim"),"");
+ assertNotSame(defaultOrg.isValidPassword(authzTransMock, null, "125343", "Pilgrim"),"");
+ assertNotSame(defaultOrg.isValidPassword(authzTransMock, null, "#$@*^#", "Pilgrim"),"");
+ assertNotSame(defaultOrg.isValidPassword(authzTransMock, null, "#$3333", "Pilgrim"),"");
- // Length
- assertNotSame(defaultOrg.isValidPassword(authzTransMock, null, "w2Yu!", "Pilgrim"),"");
- assertNotSame(defaultOrg.isValidPassword(authzTransMock, null, "", "Pilgrim"),"");
- assertNotSame(defaultOrg.isValidPassword(authzTransMock, null, "moreThan20somethingCharacters, even though good", "Pilgrim"),"");
+ // Length
+ assertNotSame(defaultOrg.isValidPassword(authzTransMock, null, "w2Yu!", "Pilgrim"),"");
+ assertNotSame(defaultOrg.isValidPassword(authzTransMock, null, "", "Pilgrim"),"");
+ assertNotSame(defaultOrg.isValidPassword(authzTransMock, null, "moreThan20somethingCharacters, even though good", "Pilgrim"),"");
- // May not contain ID
- assertNotSame(defaultOrg.isValidPassword(authzTransMock, null, "Pilgrim", "Pilgrim"),"");
- assertNotSame(defaultOrg.isValidPassword(authzTransMock, null, "Pilgrim1", "Pilgrim"),"");
- assertNotSame(defaultOrg.isValidPassword(authzTransMock, null, "Pilgrim#", "Pilgrim"),"");
- assertNotSame(defaultOrg.isValidPassword(authzTransMock, null, "aPilgrim1", "Pilgrim"),"");
+ // May not contain ID
+ assertNotSame(defaultOrg.isValidPassword(authzTransMock, null, "Pilgrim", "Pilgrim"),"");
+ assertNotSame(defaultOrg.isValidPassword(authzTransMock, null, "Pilgrim1", "Pilgrim"),"");
+ assertNotSame(defaultOrg.isValidPassword(authzTransMock, null, "Pilgrim#", "Pilgrim"),"");
+ assertNotSame(defaultOrg.isValidPassword(authzTransMock, null, "aPilgrim1", "Pilgrim"),"");
- // Solid
- assertEquals(defaultOrg.isValidPassword(authzTransMock, null, "new2You!", "Pilgrim"),"");
+ // Solid
+ assertEquals(defaultOrg.isValidPassword(authzTransMock, null, "new2You!", "Pilgrim"),"");
-
- }
+
+ }
}
diff --git a/auth/auth-fs/src/main/java/org/onap/aaf/auth/fs/AAF_FS.java b/auth/auth-fs/src/main/java/org/onap/aaf/auth/fs/AAF_FS.java
index ec507338..128c1f9b 100644
--- a/auth/auth-fs/src/main/java/org/onap/aaf/auth/fs/AAF_FS.java
+++ b/auth/auth-fs/src/main/java/org/onap/aaf/auth/fs/AAF_FS.java
@@ -49,70 +49,70 @@ import org.onap.aaf.misc.env.APIException;
public class AAF_FS extends AbsService<AuthzEnv, AuthzTrans> {
- public AAF_FS(final AuthzEnv env) throws APIException, IOException, CadiException {
- super(env.access(),env);
- try {
- ///////////////////////
- // File Server
- ///////////////////////
- // creates StaticSlot, needed for CachingFileAccess, and sets to public Dir
- env.staticSlot(CachingFileAccess.CFA_WEB_PATH,"aaf_public_dir");
+ public AAF_FS(final AuthzEnv env) throws APIException, IOException, CadiException {
+ super(env.access(),env);
+ try {
+ ///////////////////////
+ // File Server
+ ///////////////////////
+ // creates StaticSlot, needed for CachingFileAccess, and sets to public Dir
+ env.staticSlot(CachingFileAccess.CFA_WEB_PATH,"aaf_public_dir");
- CachingFileAccess<AuthzTrans> cfa = new CachingFileAccess<AuthzTrans>(env);
- route(env,GET,"/:key", cfa);
- route(env,GET,"/:key/:cmd", cfa);
- final String aaf_locate_url = access.getProperty(Config.AAF_LOCATE_URL, null);
- if(aaf_locate_url == null) {
- access.printf(Level.WARN, "Redirection requires property %s",Config.AAF_LOCATE_URL);
- } else {
- route(env,GET,"/", new Redirect(this,aaf_locate_url));
- }
- } catch (Exception e) {
- e.printStackTrace();
- }
- }
-
- private static class Redirect extends HttpCode<AuthzTrans, AAF_FS> {
- private final String url;
+ CachingFileAccess<AuthzTrans> cfa = new CachingFileAccess<AuthzTrans>(env);
+ route(env,GET,"/:key", cfa);
+ route(env,GET,"/:key/:cmd", cfa);
+ final String aaf_locate_url = access.getProperty(Config.AAF_LOCATE_URL, null);
+ if(aaf_locate_url == null) {
+ access.printf(Level.WARN, "Redirection requires property %s",Config.AAF_LOCATE_URL);
+ } else {
+ route(env,GET,"/", new Redirect(this,aaf_locate_url));
+ }
+ } catch (Exception e) {
+ e.printStackTrace();
+ }
+ }
+
+ private static class Redirect extends HttpCode<AuthzTrans, AAF_FS> {
+ private final String url;
- public Redirect(AAF_FS context,String url) {
- super(context, "Redirect to HTTP/S");
- this.url = url;
- }
+ public Redirect(AAF_FS context,String url) {
+ super(context, "Redirect to HTTP/S");
+ this.url = url;
+ }
- @Override
- public void handle(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp) throws Exception {
- trans.info().printf("Redirecting %s to HTTP/S %s", req.getRemoteAddr(), req.getLocalAddr());
- resp.sendRedirect(url);
- }
- };
-
- @Override
- public Filter[] _filters(Object ... additionalTafLurs) throws CadiException, LocatorException {
- // Note: No TAFs and Lurs on FileServer
- return new Filter[] {
- new AuthzTransOnlyFilter(env)
- };
- }
+ @Override
+ public void handle(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp) throws Exception {
+ trans.info().printf("Redirecting %s to HTTP/S %s", req.getRemoteAddr(), req.getLocalAddr());
+ resp.sendRedirect(url);
+ }
+ };
+
+ @Override
+ public Filter[] _filters(Object ... additionalTafLurs) throws CadiException, LocatorException {
+ // Note: No TAFs and Lurs on FileServer
+ return new Filter[] {
+ new AuthzTransOnlyFilter(env)
+ };
+ }
- @SuppressWarnings("unchecked")
- @Override
- public Registrant<AuthzEnv>[] registrants(final int port) throws CadiException, LocatorException {
- return new Registrant[] {
- new RemoteRegistrant<AuthzEnv>(aafCon(),app_name,app_version,port)
- };
- }
-
- public static void main(final String[] args) {
- try {
- Log4JLogIt logIt = new Log4JLogIt(args, "fs");
- PropAccess propAccess = new PropAccess(logIt,args);
+ @SuppressWarnings("unchecked")
+ @Override
+ public Registrant<AuthzEnv>[] registrants(final int port) throws CadiException, LocatorException {
+ return new Registrant[] {
+ new RemoteRegistrant<AuthzEnv>(aafCon(),app_name,app_version,port)
+ };
+ }
+
+ public static void main(final String[] args) {
+ try {
+ Log4JLogIt logIt = new Log4JLogIt(args, "fs");
+ PropAccess propAccess = new PropAccess(logIt,args);
- AAF_FS service = new AAF_FS(new AuthzEnv(propAccess));
- JettyServiceStarter<AuthzEnv,AuthzTrans> jss = new JettyServiceStarter<AuthzEnv,AuthzTrans>(service);
- jss.insecure().start();
- } catch (Exception e) {
- e.printStackTrace();
- }
- }
+ AAF_FS service = new AAF_FS(new AuthzEnv(propAccess));
+ JettyServiceStarter<AuthzEnv,AuthzTrans> jss = new JettyServiceStarter<AuthzEnv,AuthzTrans>(service);
+ jss.insecure().start();
+ } catch (Exception e) {
+ e.printStackTrace();
+ }
+ }
}
diff --git a/auth/auth-fs/src/test/java/org/onap/aaf/auth/fs/test/JU_AAF_FS.java b/auth/auth-fs/src/test/java/org/onap/aaf/auth/fs/test/JU_AAF_FS.java
index 3c68f61d..9915082b 100644
--- a/auth/auth-fs/src/test/java/org/onap/aaf/auth/fs/test/JU_AAF_FS.java
+++ b/auth/auth-fs/src/test/java/org/onap/aaf/auth/fs/test/JU_AAF_FS.java
@@ -49,82 +49,82 @@ import java.io.IOException;
import java.io.PrintStream;
public class JU_AAF_FS {
- AuthzEnv aEnv;
- AAF_FS aafFs;
- File fService;
- File fEtc;
- String value;
- File d;
- private static final String testDir = "src/test/resources/logs";
- private ByteArrayOutputStream outStream;
- private ByteArrayOutputStream errStream;
-
-
- @Before
- public void setUp() throws APIException, IOException, CadiException {
- outStream = new ByteArrayOutputStream();
- errStream = new ByteArrayOutputStream();
- System.setOut(new PrintStream(outStream));
- System.setErr(new PrintStream(errStream));
- value = System.setProperty(Config.CADI_LOGDIR, testDir);
- System.setProperty(Config.CADI_ETCDIR, testDir);
- System.out.println(ClassLoader.getSystemResource("org.osaaf.aaf.log4j.props"));
- d = new File(testDir);
- d.mkdirs();
- fService = new File(d +"/fs-serviceTEST.log");
- fService.createNewFile();
- fEtc = new File(d + "/org.osaaf.aaf.log4j.props");
- fEtc.createNewFile();
-
- aEnv = new AuthzEnv();
- aEnv.staticSlot("test");
- aEnv.access().setProperty("aaf_public_dir", "test");
- aEnv.access().setProperty(Config.AAF_COMPONENT, "aaf_com:1.1");
- Server serverMock = mock(Server.class);
- JettyServiceStarter<AuthzEnv,AuthzTrans> jssMock = mock(JettyServiceStarter.class);
- aafFs = new AAF_FS(aEnv);
- aEnv.access().setProperty(Config.AAF_LOCATE_URL, "aaf_loc:ate.url");
- aafFs = new AAF_FS(aEnv);
- }
-
- @Test
- public void testRegistrants() throws CadiException, LocatorException {
- int port = 8008;
- aEnv.access().setProperty(Config.AAF_URL, "www.google.com");
- aEnv.access().setProperty(Config.CADI_LATITUDE, "38.550674");
- aEnv.access().setProperty(Config.CADI_LONGITUDE, "-90.146942");
- aEnv.access().setProperty(Config.AAF_LOCATE_URL, "testLocateUrl");
- aEnv.access().setProperty(Config.HOSTNAME, "testHost");
-
- // Doesn't work within Jenkins
- // aafFs.registrants(port);
- }
-
- @Test
- public void testFilters() throws CadiException, LocatorException {
- aafFs.filters();
- }
-
- @Test
- public void testMain() {
- System.setProperty("cadi_exitOnFailure", "false");
+ AuthzEnv aEnv;
+ AAF_FS aafFs;
+ File fService;
+ File fEtc;
+ String value;
+ File d;
+ private static final String testDir = "src/test/resources/logs";
+ private ByteArrayOutputStream outStream;
+ private ByteArrayOutputStream errStream;
+
+
+ @Before
+ public void setUp() throws APIException, IOException, CadiException {
+ outStream = new ByteArrayOutputStream();
+ errStream = new ByteArrayOutputStream();
+ System.setOut(new PrintStream(outStream));
+ System.setErr(new PrintStream(errStream));
+ value = System.setProperty(Config.CADI_LOGDIR, testDir);
+ System.setProperty(Config.CADI_ETCDIR, testDir);
+ System.out.println(ClassLoader.getSystemResource("org.osaaf.aaf.log4j.props"));
+ d = new File(testDir);
+ d.mkdirs();
+ fService = new File(d +"/fs-serviceTEST.log");
+ fService.createNewFile();
+ fEtc = new File(d + "/org.osaaf.aaf.log4j.props");
+ fEtc.createNewFile();
+
+ aEnv = new AuthzEnv();
+ aEnv.staticSlot("test");
+ aEnv.access().setProperty("aaf_public_dir", "test");
+ aEnv.access().setProperty(Config.AAF_COMPONENT, "aaf_com:1.1");
+ Server serverMock = mock(Server.class);
+ JettyServiceStarter<AuthzEnv,AuthzTrans> jssMock = mock(JettyServiceStarter.class);
+ aafFs = new AAF_FS(aEnv);
+ aEnv.access().setProperty(Config.AAF_LOCATE_URL, "aaf_loc:ate.url");
+ aafFs = new AAF_FS(aEnv);
+ }
+
+ @Test
+ public void testRegistrants() throws CadiException, LocatorException {
+ int port = 8008;
+ aEnv.access().setProperty(Config.AAF_URL, "www.google.com");
+ aEnv.access().setProperty(Config.CADI_LATITUDE, "38.550674");
+ aEnv.access().setProperty(Config.CADI_LONGITUDE, "-90.146942");
+ aEnv.access().setProperty(Config.AAF_LOCATE_URL, "testLocateUrl");
+ aEnv.access().setProperty(Config.HOSTNAME, "testHost");
+
+ // Doesn't work within Jenkins
+ // aafFs.registrants(port);
+ }
+
+ @Test
+ public void testFilters() throws CadiException, LocatorException {
+ aafFs.filters();
+ }
+
+ @Test
+ public void testMain() {
+ System.setProperty("cadi_exitOnFailure", "false");
- String[] strArr = {"aaf_component=aaf_com:po.nent"};
- try {
- //AAF_FS.main(strArr); //Timeout caused in Jenkins but not in local
- } catch(Exception e) {
- //Failure expected until we understand how code is.
- }
- }
-
- @After
- public void cleanUp() {
- for(File f : d.listFiles()) {
- f.delete();
- }
- d.delete();
- System.setErr(System.err);
- System.setOut(System.out);
- }
+ String[] strArr = {"aaf_component=aaf_com:po.nent"};
+ try {
+ //AAF_FS.main(strArr); //Timeout caused in Jenkins but not in local
+ } catch(Exception e) {
+ //Failure expected until we understand how code is.
+ }
+ }
+
+ @After
+ public void cleanUp() {
+ for(File f : d.listFiles()) {
+ f.delete();
+ }
+ d.delete();
+ System.setErr(System.err);
+ System.setOut(System.out);
+ }
}
diff --git a/auth/auth-gui/src/main/java/org/onap/aaf/auth/cui/CUI.java b/auth/auth-gui/src/main/java/org/onap/aaf/auth/cui/CUI.java
index 29e36505..ecbd0a25 100644
--- a/auth/auth-gui/src/main/java/org/onap/aaf/auth/cui/CUI.java
+++ b/auth/auth-gui/src/main/java/org/onap/aaf/auth/cui/CUI.java
@@ -38,56 +38,56 @@ import org.onap.aaf.misc.env.Env;
import org.onap.aaf.misc.env.TimeTaken;
public class CUI extends HttpCode<AuthzTrans, Void> {
- private final AAF_GUI gui;
- public CUI(AAF_GUI gui) {
- super(null,"Command Line");
- this.gui = gui;
- }
+ private final AAF_GUI gui;
+ public CUI(AAF_GUI gui) {
+ super(null,"Command Line");
+ this.gui = gui;
+ }
- @Override
- public void handle(AuthzTrans trans, HttpServletRequest req,HttpServletResponse resp) throws Exception {
- ServletInputStream isr = req.getInputStream();
- PrintWriter pw = resp.getWriter();
- int c;
- StringBuilder cmd = new StringBuilder();
+ @Override
+ public void handle(AuthzTrans trans, HttpServletRequest req,HttpServletResponse resp) throws Exception {
+ ServletInputStream isr = req.getInputStream();
+ PrintWriter pw = resp.getWriter();
+ int c;
+ StringBuilder cmd = new StringBuilder();
- while((c=isr.read())>=0) {
- cmd.append((char)c);
- }
+ while((c=isr.read())>=0) {
+ cmd.append((char)c);
+ }
- TimeTaken tt = trans.start("Execute AAFCLI", Env.REMOTE);
- try {
- TaggedPrincipal p = trans.getUserPrincipal();
- // Access needs to be set after overall construction. Thus, the lazy create.
- AAFcli aafcli;
- AAFConHttp aafcon = gui.aafCon();
- aafcli= new AAFcli(gui.access,gui.env, pw,
- aafcon.hman(),
- aafcon.securityInfo(),
- new HTransferSS(p,AAF_GUI.app,
- aafcon.securityInfo()));
- aafcli.verbose(false);
- aafcli.gui(true);
+ TimeTaken tt = trans.start("Execute AAFCLI", Env.REMOTE);
+ try {
+ TaggedPrincipal p = trans.getUserPrincipal();
+ // Access needs to be set after overall construction. Thus, the lazy create.
+ AAFcli aafcli;
+ AAFConHttp aafcon = gui.aafCon();
+ aafcli= new AAFcli(gui.access,gui.env, pw,
+ aafcon.hman(),
+ aafcon.securityInfo(),
+ new HTransferSS(p,AAF_GUI.app,
+ aafcon.securityInfo()));
+ aafcli.verbose(false);
+ aafcli.gui(true);
- String cmdStr = cmd.toString();
- if (!cmdStr.contains("--help")) {
- cmdStr = cmdStr.replaceAll("help", "--help");
- }
- if (!cmdStr.contains("--version")) {
- cmdStr = cmdStr.replaceAll("version", "--version");
- }
- try {
- aafcli.eval(cmdStr);
- pw.flush();
- } catch (Exception e) {
- pw.flush();
- pw.println(e.getMessage());
- } finally {
- aafcli.close();
- }
- } finally {
- tt.done();
- }
-
- }
+ String cmdStr = cmd.toString();
+ if (!cmdStr.contains("--help")) {
+ cmdStr = cmdStr.replaceAll("help", "--help");
+ }
+ if (!cmdStr.contains("--version")) {
+ cmdStr = cmdStr.replaceAll("version", "--version");
+ }
+ try {
+ aafcli.eval(cmdStr);
+ pw.flush();
+ } catch (Exception e) {
+ pw.flush();
+ pw.println(e.getMessage());
+ } finally {
+ aafcli.close();
+ }
+ } finally {
+ tt.done();
+ }
+
+ }
}
diff --git a/auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/AAF_GUI.java b/auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/AAF_GUI.java
index 3f26badb..84ad1b1f 100644
--- a/auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/AAF_GUI.java
+++ b/auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/AAF_GUI.java
@@ -95,175 +95,175 @@ import certman.v1_0.Artifacts;
import certman.v1_0.CertInfo;
public class AAF_GUI extends AbsService<AuthzEnv, AuthzTrans> implements State<Env>{
- private static final String AAF_GUI_THEME = "aaf_gui_theme";
- public static final String AAF_GUI_COPYRIGHT = "aaf_gui_copyright";
- public static final String HTTP_SERVLET_REQUEST = "HTTP_SERVLET_REQUEST";
- public static final int TIMEOUT = 60000;
- public static final String app = "AAF GUI";
-
- // AAF API
-
- // Certificate manager API
- public RosettaDF<Artifacts> artifactsDF;
- public RosettaDF<CertInfo> certInfoDF;
+ private static final String AAF_GUI_THEME = "aaf_gui_theme";
+ public static final String AAF_GUI_COPYRIGHT = "aaf_gui_copyright";
+ public static final String HTTP_SERVLET_REQUEST = "HTTP_SERVLET_REQUEST";
+ public static final int TIMEOUT = 60000;
+ public static final String app = "AAF GUI";
+
+ // AAF API
+
+ // Certificate manager API
+ public RosettaDF<Artifacts> artifactsDF;
+ public RosettaDF<CertInfo> certInfoDF;
- private final AAFConHttp cmCon;
- public final AAFConHttp aafCon;
- public final AAFLurPerm lur;
-
- public final Slot slot_httpServletRequest;
- protected final String deployedVersion;
- private StaticSlot sTheme;
- public final String theme;
+ private final AAFConHttp cmCon;
+ public final AAFConHttp aafCon;
+ public final AAFLurPerm lur;
+
+ public final Slot slot_httpServletRequest;
+ protected final String deployedVersion;
+ private StaticSlot sTheme;
+ public final String theme;
- public AAF_GUI(final AuthzEnv env) throws Exception {
- super(env.access(), env);
- sTheme = env.staticSlot(CachingFileAccess.CFA_WEB_PATH,access.getProperty(CachingFileAccess.CFA_WEB_PATH,null)==null?AAF_GUI_THEME:CachingFileAccess.CFA_WEB_PATH);
- theme = env.getProperty(AAF_GUI_THEME);
+ public AAF_GUI(final AuthzEnv env) throws Exception {
+ super(env.access(), env);
+ sTheme = env.staticSlot(CachingFileAccess.CFA_WEB_PATH,access.getProperty(CachingFileAccess.CFA_WEB_PATH,null)==null?AAF_GUI_THEME:CachingFileAccess.CFA_WEB_PATH);
+ theme = env.getProperty(AAF_GUI_THEME);
- slot_httpServletRequest = env.slot(HTTP_SERVLET_REQUEST);
- String[] component = Split.split(':', access.getProperty(Config.AAF_COMPONENT, "N/A:2.x"));
- if(component.length>1) {
- deployedVersion =component[1];
- } else {
- deployedVersion = "2.x";
- }
+ slot_httpServletRequest = env.slot(HTTP_SERVLET_REQUEST);
+ String[] component = Split.split(':', access.getProperty(Config.AAF_COMPONENT, "N/A:2.x"));
+ if(component.length>1) {
+ deployedVersion =component[1];
+ } else {
+ deployedVersion = "2.x";
+ }
- // Certificate Manager
- cmCon = new AAFConHttp(env.access(),Config.CM_URL);
- artifactsDF = env.newDataFactory(Artifacts.class);
- certInfoDF = env.newDataFactory(CertInfo.class);
-
+ // Certificate Manager
+ cmCon = new AAFConHttp(env.access(),Config.CM_URL);
+ artifactsDF = env.newDataFactory(Artifacts.class);
+ certInfoDF = env.newDataFactory(CertInfo.class);
+
- /////////////////////////
- // Screens
- /////////////////////////
- // Start Screen
- final Page start = new Display(this, GET, new Home(this)).page();
+ /////////////////////////
+ // Screens
+ /////////////////////////
+ // Start Screen
+ final Page start = new Display(this, GET, new Home(this)).page();
- // MyPerms Screens
- final Page myPerms = new Display(this, GET, new PermsShow(this, start)).page();
- Page permDetail = new Display(this, GET, new PermDetail(this, start, myPerms)).page();
- new Display(this, GET, new PermHistory(this,start,myPerms,permDetail));
+ // MyPerms Screens
+ final Page myPerms = new Display(this, GET, new PermsShow(this, start)).page();
+ Page permDetail = new Display(this, GET, new PermDetail(this, start, myPerms)).page();
+ new Display(this, GET, new PermHistory(this,start,myPerms,permDetail));
- // MyRoles Screens
- final Page myRoles = new Display(this, GET, new RolesShow(this, start)).page();
- Page roleDetail = new Display(this, GET, new RoleDetail(this, start, myRoles)).page();
- new Display(this, POST, new RoleDetailAction(this,start,myRoles,roleDetail));
- new Display(this, GET, new RoleHistory(this,start,myRoles,roleDetail));
-
- // MyNameSpace
- final Page myNamespaces = new Display(this, GET, new NssShow(this, start)).page();
- Page nsDetail = new Display(this, GET, new NsDetail(this, start, myNamespaces)).page();
- new Display(this, GET, new NsHistory(this, start,myNamespaces,nsDetail));
- Page crdDetail = new Display(this, GET, new CredDetail(this, start, myNamespaces, nsDetail)).page();
- Page artiShow = new Display(this, GET, new CMArtifactShow(this, start, myNamespaces, nsDetail, crdDetail)).page();
- Page artiCForm = new Display(this, GET, new CMArtiChangeForm(this, start, myNamespaces, nsDetail, crdDetail,artiShow)).page();
- new Display(this, POST, new CMArtiChangeAction(this, start,artiShow,artiCForm));
-
- // Password Change Screens
- final Page pwc = new Display(this, GET, new PassChangeForm(this, start,crdDetail)).page();
- new Display(this, POST, new PassChangeAction(this, start, pwc));
-
- // Password Delete Screen
- new Display(this, GET, new PassDeleteAction(this, start,crdDetail));
+ // MyRoles Screens
+ final Page myRoles = new Display(this, GET, new RolesShow(this, start)).page();
+ Page roleDetail = new Display(this, GET, new RoleDetail(this, start, myRoles)).page();
+ new Display(this, POST, new RoleDetailAction(this,start,myRoles,roleDetail));
+ new Display(this, GET, new RoleHistory(this,start,myRoles,roleDetail));
+
+ // MyNameSpace
+ final Page myNamespaces = new Display(this, GET, new NssShow(this, start)).page();
+ Page nsDetail = new Display(this, GET, new NsDetail(this, start, myNamespaces)).page();
+ new Display(this, GET, new NsHistory(this, start,myNamespaces,nsDetail));
+ Page crdDetail = new Display(this, GET, new CredDetail(this, start, myNamespaces, nsDetail)).page();
+ Page artiShow = new Display(this, GET, new CMArtifactShow(this, start, myNamespaces, nsDetail, crdDetail)).page();
+ Page artiCForm = new Display(this, GET, new CMArtiChangeForm(this, start, myNamespaces, nsDetail, crdDetail,artiShow)).page();
+ new Display(this, POST, new CMArtiChangeAction(this, start,artiShow,artiCForm));
+
+ // Password Change Screens
+ final Page pwc = new Display(this, GET, new PassChangeForm(this, start,crdDetail)).page();
+ new Display(this, POST, new PassChangeAction(this, start, pwc));
+
+ // Password Delete Screen
+ new Display(this, GET, new PassDeleteAction(this, start,crdDetail));
- // Validation Change Screens
- final Page validate = new Display(this, GET, new ApprovalForm(this, start)).page();
- new Display(this, POST, new ApprovalAction(this, start, validate));
-
- // Onboard, Detailed Edit Screens
- final Page onb = new Display(this, GET, new NsInfoForm(this, start)).page();
- new Display(this, POST, new NsInfoAction(this, start, onb));
+ // Validation Change Screens
+ final Page validate = new Display(this, GET, new ApprovalForm(this, start)).page();
+ new Display(this, POST, new ApprovalAction(this, start, validate));
+
+ // Onboard, Detailed Edit Screens
+ final Page onb = new Display(this, GET, new NsInfoForm(this, start)).page();
+ new Display(this, POST, new NsInfoAction(this, start, onb));
- // Web Command Screens
- /* final Page webCommand =*/ new Display(this, GET, new WebCommand(this, start)).page();
-
- // API Docs
- final Page apidocs = new Display(this, GET, new ApiDocs(this, start)).page();
- new Display(this, GET, new ApiExample(this,start, apidocs)).page();
-
- // Permission Grant Page
- final Page permGrant = new Display(this, GET, new PermGrantForm(this, start)).page();
- new Display(this, POST, new PermGrantAction(this, start, permGrant)).page();
-
- // Login Landing if no credentials detected
- final Page loginLanding = new Display(this, GET, new LoginLanding(this, start)).page();
- new Display(this, POST, new LoginLandingAction(this, start, loginLanding));
-
- // User Role Request Extend and Remove
- new Display(this, GET, new UserRoleExtend(this, start,myRoles)).page();
- new Display(this, GET, new UserRoleRemove(this, start,myRoles)).page();
-
- // See my Pending Requests
- final Page requestsShow = new Display(this, GET, new PendingRequestsShow(this, start)).page();
- new Display(this, GET, new RequestDetail(this, start, requestsShow));
-
- // Command line Mechanism
- route(env, PUT, "/gui/cui", new CUI(this),"text/plain;charset=utf-8","*/*");
-
- ///////////////////////
- // WebContent Handler
- ///////////////////////
- route(env,GET,"/"+env.get(sTheme)+"/:key", new CachingFileAccess<AuthzTrans>(env));
- ///////////////////////
- aafCon = aafCon();
- lur = aafCon.newLur();
- }
-
- public<T> RosettaDF<T> getDF(Class<T> cls) throws APIException {
- return Cmd.getDF(env,cls);
- }
-
- public void writeError(AuthzTrans trans, Future<?> fp, HTMLGen hgen, int indent) {
- if(hgen!=null) {
- String msg = aafCon.readableErrMsg(fp);
- hgen.incr(HTMLGen.P,"style=text-indent:"+indent*10+"px")
- .text("<font color=\"red\"><i>Error</i>:</font> ")
- .text(msg)
- .end();
- trans.checkpoint(msg);
- }
- }
+ // Web Command Screens
+ /* final Page webCommand =*/ new Display(this, GET, new WebCommand(this, start)).page();
+
+ // API Docs
+ final Page apidocs = new Display(this, GET, new ApiDocs(this, start)).page();
+ new Display(this, GET, new ApiExample(this,start, apidocs)).page();
+
+ // Permission Grant Page
+ final Page permGrant = new Display(this, GET, new PermGrantForm(this, start)).page();
+ new Display(this, POST, new PermGrantAction(this, start, permGrant)).page();
+
+ // Login Landing if no credentials detected
+ final Page loginLanding = new Display(this, GET, new LoginLanding(this, start)).page();
+ new Display(this, POST, new LoginLandingAction(this, start, loginLanding));
+
+ // User Role Request Extend and Remove
+ new Display(this, GET, new UserRoleExtend(this, start,myRoles)).page();
+ new Display(this, GET, new UserRoleRemove(this, start,myRoles)).page();
+
+ // See my Pending Requests
+ final Page requestsShow = new Display(this, GET, new PendingRequestsShow(this, start)).page();
+ new Display(this, GET, new RequestDetail(this, start, requestsShow));
+
+ // Command line Mechanism
+ route(env, PUT, "/gui/cui", new CUI(this),"text/plain;charset=utf-8","*/*");
+
+ ///////////////////////
+ // WebContent Handler
+ ///////////////////////
+ route(env,GET,"/"+env.get(sTheme)+"/:key", new CachingFileAccess<AuthzTrans>(env));
+ ///////////////////////
+ aafCon = aafCon();
+ lur = aafCon.newLur();
+ }
+
+ public<T> RosettaDF<T> getDF(Class<T> cls) throws APIException {
+ return Cmd.getDF(env,cls);
+ }
+
+ public void writeError(AuthzTrans trans, Future<?> fp, HTMLGen hgen, int indent) {
+ if(hgen!=null) {
+ String msg = aafCon.readableErrMsg(fp);
+ hgen.incr(HTMLGen.P,"style=text-indent:"+indent*10+"px")
+ .text("<font color=\"red\"><i>Error</i>:</font> ")
+ .text(msg)
+ .end();
+ trans.checkpoint(msg);
+ }
+ }
- public<RET> RET cmClientAsUser(TaggedPrincipal p,Retryable<RET> retryable) throws APIException, LocatorException, CadiException {
- return cmCon.hman().best(new HTransferSS(p,app, aafCon.securityInfo()), retryable);
- }
-
- @Override
- public Filter[] _filters(Object ... additionalTafLurs) throws CadiException, LocatorException {
- try {
- return new Filter[] {
- new XFrameFilter(XFrameFilter.TYPE.none),
- new AuthzTransFilter(env,aafCon(),
- new AAFTrustChecker((Env)env),
- additionalTafLurs),
- new OrgLookupFilter()
- };
- } catch (NumberFormatException e) {
- throw new CadiException("Invalid Property information", e);
- }
- }
+ public<RET> RET cmClientAsUser(TaggedPrincipal p,Retryable<RET> retryable) throws APIException, LocatorException, CadiException {
+ return cmCon.hman().best(new HTransferSS(p,app, aafCon.securityInfo()), retryable);
+ }
+
+ @Override
+ public Filter[] _filters(Object ... additionalTafLurs) throws CadiException, LocatorException {
+ try {
+ return new Filter[] {
+ new XFrameFilter(XFrameFilter.TYPE.none),
+ new AuthzTransFilter(env,aafCon(),
+ new AAFTrustChecker((Env)env),
+ additionalTafLurs),
+ new OrgLookupFilter()
+ };
+ } catch (NumberFormatException e) {
+ throw new CadiException("Invalid Property information", e);
+ }
+ }
- @SuppressWarnings("unchecked")
- @Override
- public Registrant<AuthzEnv>[] registrants(final int port) throws CadiException, LocatorException {
- return new Registrant[] {
- new RemoteRegistrant<AuthzEnv>(aafCon(),app_name,app_version,port)
- };
- }
+ @SuppressWarnings("unchecked")
+ @Override
+ public Registrant<AuthzEnv>[] registrants(final int port) throws CadiException, LocatorException {
+ return new Registrant[] {
+ new RemoteRegistrant<AuthzEnv>(aafCon(),app_name,app_version,port)
+ };
+ }
- public static void main(final String[] args) {
- try {
- Log4JLogIt logIt = new Log4JLogIt(args, "gui");
- PropAccess propAccess = new PropAccess(logIt,args);
+ public static void main(final String[] args) {
+ try {
+ Log4JLogIt logIt = new Log4JLogIt(args, "gui");
+ PropAccess propAccess = new PropAccess(logIt,args);
- AAF_GUI service = new AAF_GUI(new AuthzEnv(propAccess));
- JettyServiceStarter<AuthzEnv,AuthzTrans> jss = new JettyServiceStarter<AuthzEnv,AuthzTrans>(service);
- jss.start();
- } catch (Exception e) {
- e.printStackTrace();
- }
- }
+ AAF_GUI service = new AAF_GUI(new AuthzEnv(propAccess));
+ JettyServiceStarter<AuthzEnv,AuthzTrans> jss = new JettyServiceStarter<AuthzEnv,AuthzTrans>(service);
+ jss.start();
+ } catch (Exception e) {
+ e.printStackTrace();
+ }
+ }
}
diff --git a/auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/BreadCrumbs.java b/auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/BreadCrumbs.java
index 4602184f..c5c14d3f 100644
--- a/auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/BreadCrumbs.java
+++ b/auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/BreadCrumbs.java
@@ -37,54 +37,54 @@ import org.onap.aaf.misc.xgen.Mark;
import org.onap.aaf.misc.xgen.html.HTMLGen;
public class BreadCrumbs extends NamedCode {
- private Page[] breadcrumbs;
+ private Page[] breadcrumbs;
- public BreadCrumbs(Page ... pages) {
- super(false,"breadcrumbs");
- breadcrumbs = pages;
- }
-
- @Override
- public void code(final Cache<HTMLGen> cache, final HTMLGen hgen) throws APIException, IOException {
- // BreadCrumbs
- Mark mark = new Mark();
- hgen.incr(mark, UL);
- cache.dynamic(hgen, new DynamicCode<HTMLGen, AAF_GUI, TransStore>() {
- @Override
- public void code(AAF_GUI gui, TransStore trans, final Cache<HTMLGen> cache, final HTMLGen hgen) throws APIException, IOException {
- HttpServletRequest req = trans.get(gui.slot_httpServletRequest, null);
- StringBuilder key = new StringBuilder();
- String value, hidden;
- for(Page p : breadcrumbs) {
- hidden="";
- // Add keys for page from commandline, where possible.
- if(p.fields().length>0) {
- boolean first = true;
- key.setLength(0);
- for(String field : p.fields()) {
- if((value=req.getParameter(field))==null) {
- hidden="style=display:none;";
- break;
- }
- if(first) {
- first = false;
- key.append('?');
- } else {
- key.append("&amp;");
- }
- key.append(field);
- key.append('=');
- key.append(value);
- }
- hgen.incr(LI,true,hidden);
- hgen.leaf(A,"href="+p.url()+key.toString(),hidden).text(p.name()).end(2);
- } else {
- hgen.incr(LI,true);
- hgen.leaf(A,"href="+p.url(),hidden).text(p.name()).end(2);
- }
- }
- }
- });
- hgen.end(mark);
- }
+ public BreadCrumbs(Page ... pages) {
+ super(false,"breadcrumbs");
+ breadcrumbs = pages;
+ }
+
+ @Override
+ public void code(final Cache<HTMLGen> cache, final HTMLGen hgen) throws APIException, IOException {
+ // BreadCrumbs
+ Mark mark = new Mark();
+ hgen.incr(mark, UL);
+ cache.dynamic(hgen, new DynamicCode<HTMLGen, AAF_GUI, TransStore>() {
+ @Override
+ public void code(AAF_GUI gui, TransStore trans, final Cache<HTMLGen> cache, final HTMLGen hgen) throws APIException, IOException {
+ HttpServletRequest req = trans.get(gui.slot_httpServletRequest, null);
+ StringBuilder key = new StringBuilder();
+ String value, hidden;
+ for(Page p : breadcrumbs) {
+ hidden="";
+ // Add keys for page from commandline, where possible.
+ if(p.fields().length>0) {
+ boolean first = true;
+ key.setLength(0);
+ for(String field : p.fields()) {
+ if((value=req.getParameter(field))==null) {
+ hidden="style=display:none;";
+ break;
+ }
+ if(first) {
+ first = false;
+ key.append('?');
+ } else {
+ key.append("&amp;");
+ }
+ key.append(field);
+ key.append('=');
+ key.append(value);
+ }
+ hgen.incr(LI,true,hidden);
+ hgen.leaf(A,"href="+p.url()+key.toString(),hidden).text(p.name()).end(2);
+ } else {
+ hgen.incr(LI,true);
+ hgen.leaf(A,"href="+p.url(),hidden).text(p.name()).end(2);
+ }
+ }
+ }
+ });
+ hgen.end(mark);
+ }
}
diff --git a/auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/ContentCode.java b/auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/ContentCode.java
index d3c24dc2..175236df 100644
--- a/auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/ContentCode.java
+++ b/auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/ContentCode.java
@@ -30,7 +30,7 @@ import org.onap.aaf.misc.xgen.html.HTMLGen;
*
*/
public interface ContentCode extends Code<HTMLGen> {
- public String[] idattrs();
- public void addAttr(boolean first, String attr);
- public boolean no_cache();
+ public String[] idattrs();
+ public void addAttr(boolean first, String attr);
+ public boolean no_cache();
}
diff --git a/auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/Controls.java b/auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/Controls.java
index 5b582f38..76cb18ac 100644
--- a/auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/Controls.java
+++ b/auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/Controls.java
@@ -28,18 +28,18 @@ import org.onap.aaf.misc.xgen.Cache;
import org.onap.aaf.misc.xgen.html.HTMLGen;
public class Controls extends NamedCode {
- public Controls() {
- super(false,"controls");
- }
-
- @Override
- public void code(final Cache<HTMLGen> cache, final HTMLGen hgen) throws APIException, IOException {
- hgen.incr("form","method=post")
- .incr("input", true, "type=checkbox", "name=vehicle", "value=Bike").text("I have a bike").end()
- .text("Password: ")
- .incr("input", true, "type=password", "id=password1").end()
- .tagOnly("input", "type=submit", "value=Submit")
- .end();
- }
+ public Controls() {
+ super(false,"controls");
+ }
+
+ @Override
+ public void code(final Cache<HTMLGen> cache, final HTMLGen hgen) throws APIException, IOException {
+ hgen.incr("form","method=post")
+ .incr("input", true, "type=checkbox", "name=vehicle", "value=Bike").text("I have a bike").end()
+ .text("Password: ")
+ .incr("input", true, "type=password", "id=password1").end()
+ .tagOnly("input", "type=submit", "value=Submit")
+ .end();
+ }
}
diff --git a/auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/Display.java b/auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/Display.java
index ad43d3fb..d1817531 100644
--- a/auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/Display.java
+++ b/auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/Display.java
@@ -32,109 +32,109 @@ import org.onap.aaf.auth.rserv.HttpMethods;
import org.onap.aaf.misc.env.Slot;
public class Display {
- private final Page get;
- public Display(final AAF_GUI gui, final HttpMethods meth, final Page page) {
- get = page;
- final String[] fields = page.fields();
- final Slot slots[] = new Slot[fields.length];
- String prefix = page.name() + '.';
- for(int i=0;i<slots.length;++i) {
- slots[i] = gui.env.slot(prefix + fields[i]);
- }
+ private final Page get;
+ public Display(final AAF_GUI gui, final HttpMethods meth, final Page page) {
+ get = page;
+ final String[] fields = page.fields();
+ final Slot slots[] = new Slot[fields.length];
+ String prefix = page.name() + '.';
+ for(int i=0;i<slots.length;++i) {
+ slots[i] = gui.env.slot(prefix + fields[i]);
+ }
- /*
- * We handle all the "Form POST" calls here with a naming convention that allows us to create arrays from strings.
- *
- * On the HTTP side, elements concatenate their name with their Index number (if multiple). In this code,
- * we turn such names into arrays with same index number. Then, we place them in the Transaction "Properties" so that
- * it can be transferred to subclasses easily.
- */
- if(meth.equals(HttpMethods.POST)) {
- // Here, we'll expect FORM URL Encoded Data, which we need to get from the body
- gui.route(gui.env, meth, page.url(),
- new HttpCode<AuthzTrans,AAF_GUI>(gui,page.name()) {
- @Override
- public void handle(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp) throws Exception {
- trans.put(gui.slot_httpServletRequest, req);
- for(int i=0; i<fields.length;++i) {
- int idx = fields[i].indexOf("[]");
- if(idx<0) { // single value
- trans.put(slots[i], req.getParameter(fields[i])); // assume first value
- } else { // multi value - Expect Values to be set with Field root name "field.<int>" corresponding to an array of types
- String field=fields[i].substring(0, idx)+'.';
- String[] array = new String[16];
- for(Enumeration<String> names = req.getParameterNames(); names.hasMoreElements();) {
- String key = names.nextElement();
- if(key.startsWith(field)) {
- try {
- int x = Integer.parseInt(key.substring(field.length()));
- if(x>=array.length) {
- String[] temp = new String[x+10];
- System.arraycopy(temp, 0, temp, 0, array.length);
- array = temp;
- }
- array[x]=req.getParameter(key);
- } catch (NumberFormatException e) {
- trans.debug().log(e);
- }
- }
- }
- trans.put(slots[i], array);
- }
- }
- page.replay(context,trans,resp.getOutputStream(),"general");
- }
- }, "application/x-www-form-urlencoded","*/*");
+ /*
+ * We handle all the "Form POST" calls here with a naming convention that allows us to create arrays from strings.
+ *
+ * On the HTTP side, elements concatenate their name with their Index number (if multiple). In this code,
+ * we turn such names into arrays with same index number. Then, we place them in the Transaction "Properties" so that
+ * it can be transferred to subclasses easily.
+ */
+ if(meth.equals(HttpMethods.POST)) {
+ // Here, we'll expect FORM URL Encoded Data, which we need to get from the body
+ gui.route(gui.env, meth, page.url(),
+ new HttpCode<AuthzTrans,AAF_GUI>(gui,page.name()) {
+ @Override
+ public void handle(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp) throws Exception {
+ trans.put(gui.slot_httpServletRequest, req);
+ for(int i=0; i<fields.length;++i) {
+ int idx = fields[i].indexOf("[]");
+ if(idx<0) { // single value
+ trans.put(slots[i], req.getParameter(fields[i])); // assume first value
+ } else { // multi value - Expect Values to be set with Field root name "field.<int>" corresponding to an array of types
+ String field=fields[i].substring(0, idx)+'.';
+ String[] array = new String[16];
+ for(Enumeration<String> names = req.getParameterNames(); names.hasMoreElements();) {
+ String key = names.nextElement();
+ if(key.startsWith(field)) {
+ try {
+ int x = Integer.parseInt(key.substring(field.length()));
+ if(x>=array.length) {
+ String[] temp = new String[x+10];
+ System.arraycopy(temp, 0, temp, 0, array.length);
+ array = temp;
+ }
+ array[x]=req.getParameter(key);
+ } catch (NumberFormatException e) {
+ trans.debug().log(e);
+ }
+ }
+ }
+ trans.put(slots[i], array);
+ }
+ }
+ page.replay(context,trans,resp.getOutputStream(),"general");
+ }
+ }, "application/x-www-form-urlencoded","*/*");
- } else {
- // Transfer whether Page shouldn't be cached to local Final var.
- final boolean no_cache = page.no_cache;
-
- gui.route(gui.env, meth, page.url(),
- new HttpCode<AuthzTrans,AAF_GUI>(gui,page.name()) {
- @Override
- public void handle(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp) throws Exception {
- trans.put(gui.slot_httpServletRequest, req);
- for(int i=0; i<slots.length;++i) {
- int idx = fields[i].indexOf("[]");
- if(idx<0) { // single value
- trans.put(slots[i], req.getParameter(fields[i]));
- } else { // multi value
- String[] array = new String[30];
- String field=fields[i].substring(0, idx);
-
- for(Enumeration<String> mm = req.getParameterNames();mm.hasMoreElements();) {
- String key = mm.nextElement();
- if(key.startsWith(field)) {
- try {
- int x = Integer.parseInt(key.substring(field.length()));
- if(x>=array.length) {
- String[] temp = new String[x+10];
- System.arraycopy(temp, 0, temp, 0, array.length);
- array = temp;
- }
- array[x]=req.getParameter(key);
- } catch (NumberFormatException e) {
- trans.debug().log(e);
- }
- }
- }
- trans.put(slots[i], array);
- }
- }
- page.replay(context,trans,resp.getOutputStream(),"general");
- }
-
- @Override
- public boolean no_cache() {
- return no_cache;
- }
- }, "text/html","*/*");
- }
+ } else {
+ // Transfer whether Page shouldn't be cached to local Final var.
+ final boolean no_cache = page.no_cache;
+
+ gui.route(gui.env, meth, page.url(),
+ new HttpCode<AuthzTrans,AAF_GUI>(gui,page.name()) {
+ @Override
+ public void handle(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp) throws Exception {
+ trans.put(gui.slot_httpServletRequest, req);
+ for(int i=0; i<slots.length;++i) {
+ int idx = fields[i].indexOf("[]");
+ if(idx<0) { // single value
+ trans.put(slots[i], req.getParameter(fields[i]));
+ } else { // multi value
+ String[] array = new String[30];
+ String field=fields[i].substring(0, idx);
+
+ for(Enumeration<String> mm = req.getParameterNames();mm.hasMoreElements();) {
+ String key = mm.nextElement();
+ if(key.startsWith(field)) {
+ try {
+ int x = Integer.parseInt(key.substring(field.length()));
+ if(x>=array.length) {
+ String[] temp = new String[x+10];
+ System.arraycopy(temp, 0, temp, 0, array.length);
+ array = temp;
+ }
+ array[x]=req.getParameter(key);
+ } catch (NumberFormatException e) {
+ trans.debug().log(e);
+ }
+ }
+ }
+ trans.put(slots[i], array);
+ }
+ }
+ page.replay(context,trans,resp.getOutputStream(),"general");
+ }
+
+ @Override
+ public boolean no_cache() {
+ return no_cache;
+ }
+ }, "text/html","*/*");
+ }
- }
-
- public Page page() {
- return get;
- }
+ }
+
+ public Page page() {
+ return get;
+ }
} \ No newline at end of file
diff --git a/auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/Form.java b/auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/Form.java
index 7011395c..cc51983b 100644
--- a/auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/Form.java
+++ b/auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/Form.java
@@ -28,41 +28,41 @@ import org.onap.aaf.misc.xgen.Cache;
import org.onap.aaf.misc.xgen.html.HTMLGen;
public class Form extends NamedCode {
- private String preamble;
- private NamedCode content;
-
- public Form(boolean no_cache, NamedCode content) {
- super(no_cache,content);
- this.content = content;
- preamble=null;
- }
-
- public Form preamble(String preamble) {
- this.preamble = preamble;
- return this;
- }
-
+ private String preamble;
+ private NamedCode content;
+
+ public Form(boolean no_cache, NamedCode content) {
+ super(no_cache,content);
+ this.content = content;
+ preamble=null;
+ }
+
+ public Form preamble(String preamble) {
+ this.preamble = preamble;
+ return this;
+ }
+
- @Override
- public void code(final Cache<HTMLGen> cache, final HTMLGen hgen) throws APIException, IOException {
- if(preamble!=null) {
- hgen.incr("p","class=preamble").text(preamble).end();
- }
- hgen.incr("form","method=post");
-
- content.code(cache, hgen);
-
- hgen.tagOnly("input", "type=submit", "value=Submit")
- .tagOnly("input", "type=reset", "value=Reset")
- .end();
- }
+ @Override
+ public void code(final Cache<HTMLGen> cache, final HTMLGen hgen) throws APIException, IOException {
+ if(preamble!=null) {
+ hgen.incr("p","class=preamble").text(preamble).end();
+ }
+ hgen.incr("form","method=post");
+
+ content.code(cache, hgen);
+
+ hgen.tagOnly("input", "type=submit", "value=Submit")
+ .tagOnly("input", "type=reset", "value=Reset")
+ .end();
+ }
- /* (non-Javadoc)
- * @see org.onap.aaf.auth.gui.NamedCode#idattrs()
- */
- @Override
- public String[] idattrs() {
- return content.idattrs();
- }
+ /* (non-Javadoc)
+ * @see org.onap.aaf.auth.gui.NamedCode#idattrs()
+ */
+ @Override
+ public String[] idattrs() {
+ return content.idattrs();
+ }
}
diff --git a/auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/NamedCode.java b/auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/NamedCode.java
index e4bd6c7d..37576008 100644
--- a/auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/NamedCode.java
+++ b/auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/NamedCode.java
@@ -22,46 +22,46 @@
package org.onap.aaf.auth.gui;
public abstract class NamedCode implements ContentCode {
- private final boolean no_cache;
- private String name;
- private String[] idattrs;
-
- /*
- * Mark whether this code should not be cached, and any attributes
- */
- public NamedCode(final boolean no_cache, final String name) {
- this.name = name;
- idattrs = new String[] {name};
- this.no_cache = no_cache;
- }
-
- public NamedCode(boolean no_cache, NamedCode content) {
- this.no_cache = no_cache;
- name=content.name;
- idattrs = content.idattrs;
- }
+ private final boolean no_cache;
+ private String name;
+ private String[] idattrs;
+
+ /*
+ * Mark whether this code should not be cached, and any attributes
+ */
+ public NamedCode(final boolean no_cache, final String name) {
+ this.name = name;
+ idattrs = new String[] {name};
+ this.no_cache = no_cache;
+ }
+
+ public NamedCode(boolean no_cache, NamedCode content) {
+ this.no_cache = no_cache;
+ name=content.name;
+ idattrs = content.idattrs;
+ }
- /**
- * Return ID and Any Attributes needed to create a "div" section of this code
- * @return
- */
- public String[] idattrs() {
- return idattrs;
- }
-
- public void addAttr(boolean first, String attr) {
- String[] temp = new String[idattrs.length+1];
- if(first) {
- temp[0] = attr;
- System.arraycopy(idattrs, 0, temp, 1, idattrs.length);
- } else {
- temp[idattrs.length] = attr;
- System.arraycopy(idattrs, 0, temp, 0, idattrs.length);
- }
- idattrs = temp;
- }
+ /**
+ * Return ID and Any Attributes needed to create a "div" section of this code
+ * @return
+ */
+ public String[] idattrs() {
+ return idattrs;
+ }
+
+ public void addAttr(boolean first, String attr) {
+ String[] temp = new String[idattrs.length+1];
+ if(first) {
+ temp[0] = attr;
+ System.arraycopy(idattrs, 0, temp, 1, idattrs.length);
+ } else {
+ temp[idattrs.length] = attr;
+ System.arraycopy(idattrs, 0, temp, 0, idattrs.length);
+ }
+ idattrs = temp;
+ }
- public boolean no_cache() {
- return no_cache;
- }
+ public boolean no_cache() {
+ return no_cache;
+ }
}
diff --git a/auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/OrgLookupFilter.java b/auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/OrgLookupFilter.java
index 52673431..6010dd8b 100644
--- a/auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/OrgLookupFilter.java
+++ b/auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/OrgLookupFilter.java
@@ -40,40 +40,40 @@ import org.onap.aaf.cadi.CadiException;
import org.onap.aaf.cadi.principal.TaggedPrincipal;
public class OrgLookupFilter implements Filter {
-
- @Override
- public void init(FilterConfig arg0) throws ServletException {
- }
+
+ @Override
+ public void init(FilterConfig arg0) throws ServletException {
+ }
- @Override
- public void doFilter(ServletRequest req, ServletResponse resp, FilterChain fc) throws IOException, ServletException {
- final AuthzTrans trans = (AuthzTrans) req.getAttribute(TransFilter.TRANS_TAG);
- if(req instanceof HttpServletRequest) {
- Principal p = ((HttpServletRequest)req).getUserPrincipal();
- if(p instanceof TaggedPrincipal) {
- ((TaggedPrincipal)p).setTagLookup(new TaggedPrincipal.TagLookup() {
- @Override
- public String lookup() throws CadiException {
- Identity id;
- try {
- id = trans.org().getIdentity(trans, p.getName());
- if(id!=null && id.isFound()) {
- return id.firstName();
- }
- } catch (OrganizationException e) {
- throw new CadiException(e);
- }
- return p.getName();
- }
- });
- }
- fc.doFilter(req, resp);
- }
-
- }
+ @Override
+ public void doFilter(ServletRequest req, ServletResponse resp, FilterChain fc) throws IOException, ServletException {
+ final AuthzTrans trans = (AuthzTrans) req.getAttribute(TransFilter.TRANS_TAG);
+ if(req instanceof HttpServletRequest) {
+ Principal p = ((HttpServletRequest)req).getUserPrincipal();
+ if(p instanceof TaggedPrincipal) {
+ ((TaggedPrincipal)p).setTagLookup(new TaggedPrincipal.TagLookup() {
+ @Override
+ public String lookup() throws CadiException {
+ Identity id;
+ try {
+ id = trans.org().getIdentity(trans, p.getName());
+ if(id!=null && id.isFound()) {
+ return id.firstName();
+ }
+ } catch (OrganizationException e) {
+ throw new CadiException(e);
+ }
+ return p.getName();
+ }
+ });
+ }
+ fc.doFilter(req, resp);
+ }
+
+ }
- @Override
- public void destroy() {
- }
+ @Override
+ public void destroy() {
+ }
}
diff --git a/auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/Page.java b/auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/Page.java
index eb34a62c..a44a4846 100644
--- a/auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/Page.java
+++ b/auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/Page.java
@@ -61,342 +61,342 @@ import org.onap.aaf.misc.xgen.html.Imports;
*
*/
public class Page extends HTMLCacheGen {
- public static final String AAFURL_TOOLS = "aaf_url.tools";
- public static final String AAF_URL_TOOL_DOT = "aaf_url.tool.";
- public static final String AAF_URL_CUIGUI = "aaf_url.cuigui"; // link to help
- public static final String AAF_URL_GUI_ONBOARD = "aaf_url.gui_onboard";
- public static final String AAF_URL_AAF_HELP = "aaf_url.aaf_help";
- public static final String AAF_URL_CADI_HELP = "aaf_url.cadi_help";
- public static final String PERM_CA_TYPE = "certman";
- public static final String PERM_NS = Define.ROOT_NS();
+ public static final String AAFURL_TOOLS = "aaf_url.tools";
+ public static final String AAF_URL_TOOL_DOT = "aaf_url.tool.";
+ public static final String AAF_URL_CUIGUI = "aaf_url.cuigui"; // link to help
+ public static final String AAF_URL_GUI_ONBOARD = "aaf_url.gui_onboard";
+ public static final String AAF_URL_AAF_HELP = "aaf_url.aaf_help";
+ public static final String AAF_URL_CADI_HELP = "aaf_url.cadi_help";
+ public static final String PERM_CA_TYPE = "certman";
+ public static final String PERM_NS = Define.ROOT_NS();
- public static enum BROWSER {iPhone,html5,ie,ieOld};
-
- public static final int MAX_LINE=20;
+ public static enum BROWSER {iPhone,html5,ie,ieOld};
+
+ public static final int MAX_LINE=20;
- protected static final String[] NO_FIELDS = new String[0];
+ protected static final String[] NO_FIELDS = new String[0];
- private static final String BROWSER_TYPE = "BROWSER_TYPE";
+ private static final String BROWSER_TYPE = "BROWSER_TYPE";
- private final String bcName, bcUrl;
- private final String[] fields;
+ private final String bcName, bcUrl;
+ private final String[] fields;
- public final boolean no_cache;
+ public final boolean no_cache;
- // Note: Only access is synchronized in "getPerm"
- private final static Map<String,Map<String,Permission>> perms = new HashMap<>();
+ // Note: Only access is synchronized in "getPerm"
+ private final static Map<String,Map<String,Permission>> perms = new HashMap<>();
- public String name() {
- return bcName;
- }
-
- public String url() {
- return bcUrl;
- }
-
- public String[] fields() {
- return fields;
- }
-
- public Page(AuthzEnv env, String name, String url, Enum<?>[] en, final NamedCode ...content) throws APIException, IOException {
- super(CacheGen.PRETTY, new PageCode(env, 1, content));
- fields = new String[en.length];
- int i=-1;
- for(Enum<?> p : en) {
- fields[++i]=p.name();
- }
+ public String name() {
+ return bcName;
+ }
+
+ public String url() {
+ return bcUrl;
+ }
+
+ public String[] fields() {
+ return fields;
+ }
+
+ public Page(AuthzEnv env, String name, String url, Enum<?>[] en, final NamedCode ...content) throws APIException, IOException {
+ super(CacheGen.PRETTY, new PageCode(env, 1, content));
+ fields = new String[en.length];
+ int i=-1;
+ for(Enum<?> p : en) {
+ fields[++i]=p.name();
+ }
- bcName = name;
- bcUrl = url;
- // Mark which fields must be "no_cache"
- boolean no_cacheTemp=false;
- for(NamedCode nc : content) {
- if(nc.no_cache()) {
- no_cacheTemp=true;
- break;
- }
- }
- no_cache=no_cacheTemp;
- }
- public Page(AuthzEnv env, String name, String url, String [] fields, final NamedCode ... content) throws APIException,IOException {
- this(env,name,url,1,fields,content);
- }
-
- public Page(AuthzEnv env, String name, String url, int backdots, String [] fields, final NamedCode ... content) throws APIException,IOException {
- super(CacheGen.PRETTY, new PageCode(env, backdots, content));
- if(fields==null) {
- this.fields = new String[0];
- } else {
- this.fields = fields;
- }
- bcName = name;
- bcUrl = url;
- // Mark which fields must be "no_cache"
- boolean no_cacheTemp=false;
- for(NamedCode nc : content) {
- if(nc.no_cache()) {
- no_cacheTemp=true;
- break;
- }
- }
- no_cache=no_cacheTemp;
- }
-
-
- private static class PageCode implements Code<HTMLGen> {
- private static final String AAF_GUI_TITLE = "aaf_gui_title";
-
- private final ContentCode[] content;
- private final Slot browserSlot;
- private final int backdots;
- protected AuthzEnv env;
- private StaticSlot sTheme;
+ bcName = name;
+ bcUrl = url;
+ // Mark which fields must be "no_cache"
+ boolean no_cacheTemp=false;
+ for(NamedCode nc : content) {
+ if(nc.no_cache()) {
+ no_cacheTemp=true;
+ break;
+ }
+ }
+ no_cache=no_cacheTemp;
+ }
+ public Page(AuthzEnv env, String name, String url, String [] fields, final NamedCode ... content) throws APIException,IOException {
+ this(env,name,url,1,fields,content);
+ }
+
+ public Page(AuthzEnv env, String name, String url, int backdots, String [] fields, final NamedCode ... content) throws APIException,IOException {
+ super(CacheGen.PRETTY, new PageCode(env, backdots, content));
+ if(fields==null) {
+ this.fields = new String[0];
+ } else {
+ this.fields = fields;
+ }
+ bcName = name;
+ bcUrl = url;
+ // Mark which fields must be "no_cache"
+ boolean no_cacheTemp=false;
+ for(NamedCode nc : content) {
+ if(nc.no_cache()) {
+ no_cacheTemp=true;
+ break;
+ }
+ }
+ no_cache=no_cacheTemp;
+ }
+
+
+ private static class PageCode implements Code<HTMLGen> {
+ private static final String AAF_GUI_TITLE = "aaf_gui_title";
+
+ private final ContentCode[] content;
+ private final Slot browserSlot;
+ private final int backdots;
+ protected AuthzEnv env;
+ private StaticSlot sTheme;
- public PageCode(AuthzEnv env, int backdots, final ContentCode[] content) {
- this.content = content;
- this.backdots = backdots;
- browserSlot = env.slot(BROWSER_TYPE);
- sTheme = env.staticSlot(CachingFileAccess.CFA_WEB_PATH);
- this.env = env;
- }
-
- @Override
- public void code(final Cache<HTMLGen> cache, final HTMLGen hgen) throws APIException, IOException {
- // Note: I found that App Storage saves everything about the page, or not. Thus, if you declare the page uncacheable, none of the
- // Artifacts, like JPGs are stored, which makes this feature useless for Server driven elements
- cache.dynamic(hgen, new DynamicCode<HTMLGen,AAF_GUI,AuthzTrans>() {
- @Override
- public void code(AAF_GUI state, AuthzTrans trans, final Cache<HTMLGen> cache, final HTMLGen hgen) throws APIException, IOException {
- switch(browser(trans,browserSlot)) {
- case ieOld:
- case ie:
- hgen.directive("!DOCTYPE html");
- hgen.directive("meta", "http-equiv=X-UA-Compatible","content=IE=11");
- default:
- }
- }
- });
- hgen.html();
- final String title = env.getProperty(AAF_GUI_TITLE,"Authentication/Authorization Framework");
- final String theme = env.get(sTheme);
- Mark head = hgen.head();
- hgen.leaf(TITLE).text(title).end();
- hgen.imports(new Imports(backdots).css(theme + "/aaf5.css")
- .js(theme + "/comm.js")
- .js(theme + "/console.js")
- .js(theme + "/common.js"));
- cache.dynamic(hgen, new DynamicCode<HTMLGen,AAF_GUI,AuthzTrans>() {
- @Override
- public void code(AAF_GUI state, AuthzTrans trans, final Cache<HTMLGen> cache, final HTMLGen hgen) throws APIException, IOException {
- switch(browser(trans,browserSlot)) {
- case iPhone:
- hgen.imports(new Imports(backdots).css(theme + "/aaf5iPhone.css"));
- break;
- case ie:
- case ieOld:
- hgen.js().text("document.createElement('header');")
- .text("document.createElement('nav');")
- .done();
- case html5:
- hgen.imports(new Imports(backdots).css(theme + "/aaf5Desktop.css"));
- break;
- }
- }
- });
- hgen.end(head);
-
- Mark body = hgen.body();
- Mark header = hgen.header();
- cache.dynamic(hgen, new DynamicCode<HTMLGen,AAF_GUI,AuthzTrans>() {
- @Override
- public void code(AAF_GUI state, AuthzTrans trans,Cache<HTMLGen> cache, HTMLGen xgen)
- throws APIException, IOException {
- // Obtain Server Info, and print
- // AT&T Only
- String env = trans.getProperty(Config.AAF_ENV,"N/A");
- xgen.leaf(H1).text(title + " on " + env).end();
- xgen.leaf("p","id=version").text("AAF Version: " + state.deployedVersion).end();
-
- // Obtain User Info, and print
- TaggedPrincipal p = trans.getUserPrincipal();
- String user,secured;
- if(p==null) {
- user = "please choose a Login Authority";
- secured = "NOT Secure!";
- } else {
- user = p.personalName();
- secured = p.tag();
- }
- xgen.leaf("p","id=welcome").text("Welcome, ")
- .text(user)
- .text("<sup>")
- .text(secured)
- .text("</sup>").end();
-
- switch(browser(trans,browserSlot)) {
- case ieOld:
- case ie:
- xgen.incr("h5").text("This app is Mobile First HTML5. Internet Explorer "
- + " does not support all HTML5 standards. Old, non TSS-Standard versions may not function correctly.").br()
- .text(" For best results, use a highly compliant HTML5 browser like Firefox.")
- .end();
- break;
- default:
- }
- }
- });
-
- hgen.hr();
-
- int cIdx;
- ContentCode nc;
- // If BreadCrumbs, put here
- if(content.length>0 && content[0] instanceof BreadCrumbs) {
- nc = content[0];
- Mark ctnt = hgen.divID(nc.idattrs());
- nc.code(cache, hgen);
- hgen.end(ctnt);
- cIdx = 1;
- } else {
- cIdx = 0;
- }
-
- hgen.end(header);
-
- Mark inner = hgen.divID("inner");
- // Content
- for(int i=cIdx;i<content.length;++i) {
- nc = content[i];
- Mark ctnt = hgen.divID(nc.idattrs());
- nc.code(cache, hgen);
- hgen.end(ctnt);
- }
+ public PageCode(AuthzEnv env, int backdots, final ContentCode[] content) {
+ this.content = content;
+ this.backdots = backdots;
+ browserSlot = env.slot(BROWSER_TYPE);
+ sTheme = env.staticSlot(CachingFileAccess.CFA_WEB_PATH);
+ this.env = env;
+ }
+
+ @Override
+ public void code(final Cache<HTMLGen> cache, final HTMLGen hgen) throws APIException, IOException {
+ // Note: I found that App Storage saves everything about the page, or not. Thus, if you declare the page uncacheable, none of the
+ // Artifacts, like JPGs are stored, which makes this feature useless for Server driven elements
+ cache.dynamic(hgen, new DynamicCode<HTMLGen,AAF_GUI,AuthzTrans>() {
+ @Override
+ public void code(AAF_GUI state, AuthzTrans trans, final Cache<HTMLGen> cache, final HTMLGen hgen) throws APIException, IOException {
+ switch(browser(trans,browserSlot)) {
+ case ieOld:
+ case ie:
+ hgen.directive("!DOCTYPE html");
+ hgen.directive("meta", "http-equiv=X-UA-Compatible","content=IE=11");
+ default:
+ }
+ }
+ });
+ hgen.html();
+ final String title = env.getProperty(AAF_GUI_TITLE,"Authentication/Authorization Framework");
+ final String theme = env.get(sTheme);
+ Mark head = hgen.head();
+ hgen.leaf(TITLE).text(title).end();
+ hgen.imports(new Imports(backdots).css(theme + "/aaf5.css")
+ .js(theme + "/comm.js")
+ .js(theme + "/console.js")
+ .js(theme + "/common.js"));
+ cache.dynamic(hgen, new DynamicCode<HTMLGen,AAF_GUI,AuthzTrans>() {
+ @Override
+ public void code(AAF_GUI state, AuthzTrans trans, final Cache<HTMLGen> cache, final HTMLGen hgen) throws APIException, IOException {
+ switch(browser(trans,browserSlot)) {
+ case iPhone:
+ hgen.imports(new Imports(backdots).css(theme + "/aaf5iPhone.css"));
+ break;
+ case ie:
+ case ieOld:
+ hgen.js().text("document.createElement('header');")
+ .text("document.createElement('nav');")
+ .done();
+ case html5:
+ hgen.imports(new Imports(backdots).css(theme + "/aaf5Desktop.css"));
+ break;
+ }
+ }
+ });
+ hgen.end(head);
+
+ Mark body = hgen.body();
+ Mark header = hgen.header();
+ cache.dynamic(hgen, new DynamicCode<HTMLGen,AAF_GUI,AuthzTrans>() {
+ @Override
+ public void code(AAF_GUI state, AuthzTrans trans,Cache<HTMLGen> cache, HTMLGen xgen)
+ throws APIException, IOException {
+ // Obtain Server Info, and print
+ // AT&T Only
+ String env = trans.getProperty(Config.AAF_ENV,"N/A");
+ xgen.leaf(H1).text(title + " on " + env).end();
+ xgen.leaf("p","id=version").text("AAF Version: " + state.deployedVersion).end();
+
+ // Obtain User Info, and print
+ TaggedPrincipal p = trans.getUserPrincipal();
+ String user,secured;
+ if(p==null) {
+ user = "please choose a Login Authority";
+ secured = "NOT Secure!";
+ } else {
+ user = p.personalName();
+ secured = p.tag();
+ }
+ xgen.leaf("p","id=welcome").text("Welcome, ")
+ .text(user)
+ .text("<sup>")
+ .text(secured)
+ .text("</sup>").end();
+
+ switch(browser(trans,browserSlot)) {
+ case ieOld:
+ case ie:
+ xgen.incr("h5").text("This app is Mobile First HTML5. Internet Explorer "
+ + " does not support all HTML5 standards. Old, non TSS-Standard versions may not function correctly.").br()
+ .text(" For best results, use a highly compliant HTML5 browser like Firefox.")
+ .end();
+ break;
+ default:
+ }
+ }
+ });
+
+ hgen.hr();
+
+ int cIdx;
+ ContentCode nc;
+ // If BreadCrumbs, put here
+ if(content.length>0 && content[0] instanceof BreadCrumbs) {
+ nc = content[0];
+ Mark ctnt = hgen.divID(nc.idattrs());
+ nc.code(cache, hgen);
+ hgen.end(ctnt);
+ cIdx = 1;
+ } else {
+ cIdx = 0;
+ }
+
+ hgen.end(header);
+
+ Mark inner = hgen.divID("inner");
+ // Content
+ for(int i=cIdx;i<content.length;++i) {
+ nc = content[i];
+ Mark ctnt = hgen.divID(nc.idattrs());
+ nc.code(cache, hgen);
+ hgen.end(ctnt);
+ }
- hgen.end(inner);
-
- // Navigation - Using older Nav to work with decrepit IE versions
-
- Mark nav = hgen.divID("nav");
- hgen.incr("h2").text("Related Links").end();
- hgen.incr(UL);
- String aaf_help = env.getProperty(AAF_URL_AAF_HELP,null);
- if(aaf_help!=null) {
- hgen.leaf(LI).leaf(A,"href="+env.getProperty(AAF_URL_AAF_HELP),"target=_blank").text("AAF WIKI").end(2);
- String sub = env.getProperty(AAF_URL_AAF_HELP+".sub");
- if(sub!=null) {
- hgen.incr(UL,"style=margin-left:5%");
- for(String s : Split.splitTrim(',', sub)) {
- hgen.leaf(LI).leaf(A,"href="+env.getProperty(AAF_URL_AAF_HELP+".sub."+s),"target=_blank").text(s.replace('+', ' ')).end(2);
- }
- hgen.end();
- }
- }
- aaf_help = env.getProperty(AAF_URL_CADI_HELP,null);
- if(aaf_help!=null) {
- hgen.leaf(LI).leaf(A,"href="+aaf_help,"target=_blank").text("CADI WIKI").end(2);
- }
- String tools = env.getProperty(AAFURL_TOOLS);
- if(tools!=null) {
- hgen.hr()
- .incr(HTMLGen.UL,"style=margin-left:5%")
- .leaf(HTMLGen.H3).text("Related Tools").end();
+ hgen.end(inner);
+
+ // Navigation - Using older Nav to work with decrepit IE versions
+
+ Mark nav = hgen.divID("nav");
+ hgen.incr("h2").text("Related Links").end();
+ hgen.incr(UL);
+ String aaf_help = env.getProperty(AAF_URL_AAF_HELP,null);
+ if(aaf_help!=null) {
+ hgen.leaf(LI).leaf(A,"href="+env.getProperty(AAF_URL_AAF_HELP),"target=_blank").text("AAF WIKI").end(2);
+ String sub = env.getProperty(AAF_URL_AAF_HELP+".sub");
+ if(sub!=null) {
+ hgen.incr(UL,"style=margin-left:5%");
+ for(String s : Split.splitTrim(',', sub)) {
+ hgen.leaf(LI).leaf(A,"href="+env.getProperty(AAF_URL_AAF_HELP+".sub."+s),"target=_blank").text(s.replace('+', ' ')).end(2);
+ }
+ hgen.end();
+ }
+ }
+ aaf_help = env.getProperty(AAF_URL_CADI_HELP,null);
+ if(aaf_help!=null) {
+ hgen.leaf(LI).leaf(A,"href="+aaf_help,"target=_blank").text("CADI WIKI").end(2);
+ }
+ String tools = env.getProperty(AAFURL_TOOLS);
+ if(tools!=null) {
+ hgen.hr()
+ .incr(HTMLGen.UL,"style=margin-left:5%")
+ .leaf(HTMLGen.H3).text("Related Tools").end();
- for(String tool : Split.splitTrim(',',tools)) {
- hgen.leaf(LI).leaf(A,"href="+env.getProperty(AAF_URL_TOOL_DOT+tool),"target=_blank").text(tool.replace('+', ' ')).end(2);
- }
- hgen.end();
- }
- hgen.end();
-
- hgen.hr();
-
- hgen.end(nav);
- // Footer - Using older Footer to work with decrepit IE versions
- Mark footer = hgen.divID("footer");
- hgen.textCR(1, env.getProperty(AAF_GUI.AAF_GUI_COPYRIGHT))
- .end(footer);
-
- hgen.end(body);
- hgen.endAll();
- }
- }
+ for(String tool : Split.splitTrim(',',tools)) {
+ hgen.leaf(LI).leaf(A,"href="+env.getProperty(AAF_URL_TOOL_DOT+tool),"target=_blank").text(tool.replace('+', ' ')).end(2);
+ }
+ hgen.end();
+ }
+ hgen.end();
+
+ hgen.hr();
+
+ hgen.end(nav);
+ // Footer - Using older Footer to work with decrepit IE versions
+ Mark footer = hgen.divID("footer");
+ hgen.textCR(1, env.getProperty(AAF_GUI.AAF_GUI_COPYRIGHT))
+ .end(footer);
+
+ hgen.end(body);
+ hgen.endAll();
+ }
+ }
- public static String getBrowserType() {
- return BROWSER_TYPE;
- }
-
- /**
- * It's IE if int >=0
- *
- * Use int found in "ieVersion"
- *
- * Official IE 7
- * Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; .NET CLR 1.1.4322;
- * .NET CLR 2.0.50727; .NET CLR 3.0.4506.2152; .NET CLR 3.5.30729)
- * Official IE 8
- * Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2;
- * .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E; ATT)
- *
- * IE 11 Compatibility
- * Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; SLCC2; .NET CLR 2.0.50727;
- * .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET CLR 1.1.4322; .NET4.0C; .NET4.0E; InfoPath.3; HVD; ATT)
- *
- * IE 11 (not Compatiblity)
- * Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; SLCC2; .NET CLR 2.0.50727;
- * .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET CLR 1.1.4322; .NET4.0C; .NET4.0E; InfoPath.3; HVD; ATT)
- *
- * @param trans
- * @return
- */
- public static BROWSER browser(AuthzTrans trans, Slot slot) {
- BROWSER br = trans.get(slot, null);
- if(br==null) {
- String agent = trans.agent();
- int msie;
- if(agent.contains("iPhone") /* other phones? */) {
- br=BROWSER.iPhone;
- } else if ((msie = agent.indexOf("MSIE"))>=0) {
- msie+=5;
- int end = agent.indexOf(";",msie);
- float ver;
- try {
- ver = Float.valueOf(agent.substring(msie,end));
- br = ver<8f?BROWSER.ieOld:BROWSER.ie;
- } catch (Exception e) {
- br = BROWSER.ie;
- }
- } else {
- br = BROWSER.html5;
- }
- trans.put(slot,br);
- }
- return br;
- }
-
- /*
- * Get, rather than create each time, permissions for validations
- */
- protected static synchronized Permission getPerm(String instance, String action) {
- Map<String,Permission> msp = perms.get(instance);
- Permission p;
- if(msp==null) {
- msp = new HashMap<>();
- perms.put(instance, msp);
- p=null;
- } else {
- p = msp.get(instance);
- }
- if(p==null) {
- p=new AAFPermission(PERM_NS, PERM_CA_TYPE,instance,action);
- msp.put(action, p);
- }
- return p;
- }
+ public static String getBrowserType() {
+ return BROWSER_TYPE;
+ }
+
+ /**
+ * It's IE if int >=0
+ *
+ * Use int found in "ieVersion"
+ *
+ * Official IE 7
+ * Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; .NET CLR 1.1.4322;
+ * .NET CLR 2.0.50727; .NET CLR 3.0.4506.2152; .NET CLR 3.5.30729)
+ * Official IE 8
+ * Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2;
+ * .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E; ATT)
+ *
+ * IE 11 Compatibility
+ * Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; SLCC2; .NET CLR 2.0.50727;
+ * .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET CLR 1.1.4322; .NET4.0C; .NET4.0E; InfoPath.3; HVD; ATT)
+ *
+ * IE 11 (not Compatiblity)
+ * Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; SLCC2; .NET CLR 2.0.50727;
+ * .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET CLR 1.1.4322; .NET4.0C; .NET4.0E; InfoPath.3; HVD; ATT)
+ *
+ * @param trans
+ * @return
+ */
+ public static BROWSER browser(AuthzTrans trans, Slot slot) {
+ BROWSER br = trans.get(slot, null);
+ if(br==null) {
+ String agent = trans.agent();
+ int msie;
+ if(agent.contains("iPhone") /* other phones? */) {
+ br=BROWSER.iPhone;
+ } else if ((msie = agent.indexOf("MSIE"))>=0) {
+ msie+=5;
+ int end = agent.indexOf(";",msie);
+ float ver;
+ try {
+ ver = Float.valueOf(agent.substring(msie,end));
+ br = ver<8f?BROWSER.ieOld:BROWSER.ie;
+ } catch (Exception e) {
+ br = BROWSER.ie;
+ }
+ } else {
+ br = BROWSER.html5;
+ }
+ trans.put(slot,br);
+ }
+ return br;
+ }
+
+ /*
+ * Get, rather than create each time, permissions for validations
+ */
+ protected static synchronized Permission getPerm(String instance, String action) {
+ Map<String,Permission> msp = perms.get(instance);
+ Permission p;
+ if(msp==null) {
+ msp = new HashMap<>();
+ perms.put(instance, msp);
+ p=null;
+ } else {
+ p = msp.get(instance);
+ }
+ if(p==null) {
+ p=new AAFPermission(PERM_NS, PERM_CA_TYPE,instance,action);
+ msp.put(action, p);
+ }
+ return p;
+ }
- protected static String getSingleParam(HttpServletRequest req, String tag) {
- String values[] = req.getParameterValues(tag);
- return values.length<1?null:values[0];
- }
+ protected static String getSingleParam(HttpServletRequest req, String tag) {
+ String values[] = req.getParameterValues(tag);
+ return values.length<1?null:values[0];
+ }
}
diff --git a/auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/SlotCode.java b/auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/SlotCode.java
index b457fc9b..844270ed 100644
--- a/auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/SlotCode.java
+++ b/auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/SlotCode.java
@@ -26,24 +26,24 @@ import org.onap.aaf.misc.env.Slot;
import org.onap.aaf.misc.env.TransStore;
public abstract class SlotCode<TRANS extends TransStore> extends NamedCode {
- private Slot[] slots;
+ private Slot[] slots;
- public SlotCode(boolean no_cache,EnvStore<?> env, String root, Enum<?> ... params) {
- super(no_cache,root);
- slots = new Slot[params.length];
- for(int i=0;i<params.length;++i) {
- slots[i] = env.slot(root + '.' + params[i].name());
- }
- }
+ public SlotCode(boolean no_cache,EnvStore<?> env, String root, Enum<?> ... params) {
+ super(no_cache,root);
+ slots = new Slot[params.length];
+ for(int i=0;i<params.length;++i) {
+ slots[i] = env.slot(root + '.' + params[i].name());
+ }
+ }
- public<T> T get(TRANS trans,Enum<?> en, T dflt) {
- return get(trans,en.ordinal(),dflt);
- }
-
- public<T> T get(TRANS trans,int idx, T dflt) {
- if(idx>slots.length) {
- return dflt;
- }
- return trans.get(slots[idx],dflt);
- }
+ public<T> T get(TRANS trans,Enum<?> en, T dflt) {
+ return get(trans,en.ordinal(),dflt);
+ }
+
+ public<T> T get(TRANS trans,int idx, T dflt) {
+ if(idx>slots.length) {
+ return dflt;
+ }
+ return trans.get(slots[idx],dflt);
+ }
}
diff --git a/auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/Table.java b/auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/Table.java
index 6839a9ab..079593c9 100644
--- a/auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/Table.java
+++ b/auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/Table.java
@@ -42,188 +42,188 @@ import org.onap.aaf.misc.xgen.html.HTMLGen;
import org.onap.aaf.misc.xgen.html.State;
public class Table<S extends State<Env>, TRANS extends TransStore> extends NamedCode {
- private final Slot ROW_MSG_SLOT, EMPTY_TABLE_SLOT;
- private final String title;
- private final String[] columns;
- private final Rows rows;
- private Code<HTMLGen> other;
-// private DynamicCode<HTMLGen, AuthGUI, AuthzTrans> prefix,postfix;
+ private final Slot ROW_MSG_SLOT, EMPTY_TABLE_SLOT;
+ private final String title;
+ private final String[] columns;
+ private final Rows rows;
+ private Code<HTMLGen> other;
+// private DynamicCode<HTMLGen, AuthGUI, AuthzTrans> prefix,postfix;
- public Table(String title, TRANS trans, Data<S,TRANS> data, Code<HTMLGen> other, String name, String ... attrs) {
- this(title,trans,data,name, attrs);
- this.other = other;
- }
-
- public Table(String title, TRANS trans, Data<S,TRANS> data, String name, String ... attrs) {
- super(true,name);
-// prefix=postfix=null;
- for(String a : attrs) {
- addAttr(false, a);
- }
- ROW_MSG_SLOT=trans.slot("TABLE_ROW_MSG");
- EMPTY_TABLE_SLOT=trans.slot("TABLE_EMPTY");
- this.columns = data.headers();
- boolean alt = false;
- for(String s : attrs) {
- if("class=std".equals(s) || "class=stdform".equals(s)) {
- alt=true;
- }
- }
- rows = new Rows(data,alt?1:0);
- this.title = title;
- // Derive an ID from title (from no spaces, etc), and prepend to IDAttributes (Protected from NamedCode)
- addAttr(true,title(trans).replaceAll("\\s",""));
-
- other = null;
- }
+ public Table(String title, TRANS trans, Data<S,TRANS> data, Code<HTMLGen> other, String name, String ... attrs) {
+ this(title,trans,data,name, attrs);
+ this.other = other;
+ }
+
+ public Table(String title, TRANS trans, Data<S,TRANS> data, String name, String ... attrs) {
+ super(true,name);
+// prefix=postfix=null;
+ for(String a : attrs) {
+ addAttr(false, a);
+ }
+ ROW_MSG_SLOT=trans.slot("TABLE_ROW_MSG");
+ EMPTY_TABLE_SLOT=trans.slot("TABLE_EMPTY");
+ this.columns = data.headers();
+ boolean alt = false;
+ for(String s : attrs) {
+ if("class=std".equals(s) || "class=stdform".equals(s)) {
+ alt=true;
+ }
+ }
+ rows = new Rows(data,alt?1:0);
+ this.title = title;
+ // Derive an ID from title (from no spaces, etc), and prepend to IDAttributes (Protected from NamedCode)
+ addAttr(true,title(trans).replaceAll("\\s",""));
+
+ other = null;
+ }
- @Override
- public void code(final Cache<HTMLGen> cache, final HTMLGen hgen) throws APIException, IOException {
- cache.dynamic(hgen, new DynamicCode<HTMLGen,S,TRANS>() {
- @Override
- public void code(S state, TRANS trans, Cache<HTMLGen> cache, HTMLGen xgen) throws APIException, IOException {
- rows.data.prefix(state, trans, cache, xgen);
- }
- });
- Mark table = new Mark();
- Mark tr = new Mark();
-
- hgen.incr(table,TABLE);
- if(title==null) {
- cache.dynamic(hgen, new DynamicCode<HTMLGen,S,TRANS>() {
- @Override
- public void code(S state, TRANS trans, final Cache<HTMLGen> cache, final HTMLGen hgen) throws APIException, IOException {
- hgen.leaf("caption", "class=title").text(title(trans)).end();
- }
- });
- } else {
- hgen.leaf("caption", "class=title").text(title).end();
- }
- hgen.incr(tr,TR);
- for(String column : columns) {
- hgen.leaf("th").text(column).end();
- }
- hgen.end(tr);
-
- // Load Rows Dynamically
- cache.dynamic(hgen, rows);
- // End Table
- hgen.end(table);
-
- if(other!=null) {
- other.code(cache,hgen);
- }
-
- // Print Message from Row Gathering, if available
- cache.dynamic(hgen, new DynamicCode<HTMLGen,S,TRANS>() {
- @Override
- public void code(S state, TRANS trans, final Cache<HTMLGen> cache, final HTMLGen hgen) throws APIException, IOException {
- String msg;
- if((msg = trans.get(EMPTY_TABLE_SLOT, null))!=null) {
- hgen.incr("style").text("#inner tr,caption,input,p.preamble {display: none;}#inner p.notfound {margin: 0px 0px 0px 20px}").end();
- hgen.incr(HTMLGen.P,"class=notfound").text(msg).end().br();
- } else if((msg=trans.get(ROW_MSG_SLOT,null))!=null) {
- hgen.p(msg).br();
- }
- }
- });
- cache.dynamic(hgen, new DynamicCode<HTMLGen,S,TRANS>() {
- @Override
- public void code(S state, TRANS trans, Cache<HTMLGen> cache, HTMLGen xgen) throws APIException, IOException {
- rows.data.postfix(state, trans, cache, xgen);
- }
- });
+ @Override
+ public void code(final Cache<HTMLGen> cache, final HTMLGen hgen) throws APIException, IOException {
+ cache.dynamic(hgen, new DynamicCode<HTMLGen,S,TRANS>() {
+ @Override
+ public void code(S state, TRANS trans, Cache<HTMLGen> cache, HTMLGen xgen) throws APIException, IOException {
+ rows.data.prefix(state, trans, cache, xgen);
+ }
+ });
+ Mark table = new Mark();
+ Mark tr = new Mark();
+
+ hgen.incr(table,TABLE);
+ if(title==null) {
+ cache.dynamic(hgen, new DynamicCode<HTMLGen,S,TRANS>() {
+ @Override
+ public void code(S state, TRANS trans, final Cache<HTMLGen> cache, final HTMLGen hgen) throws APIException, IOException {
+ hgen.leaf("caption", "class=title").text(title(trans)).end();
+ }
+ });
+ } else {
+ hgen.leaf("caption", "class=title").text(title).end();
+ }
+ hgen.incr(tr,TR);
+ for(String column : columns) {
+ hgen.leaf("th").text(column).end();
+ }
+ hgen.end(tr);
+
+ // Load Rows Dynamically
+ cache.dynamic(hgen, rows);
+ // End Table
+ hgen.end(table);
+
+ if(other!=null) {
+ other.code(cache,hgen);
+ }
+
+ // Print Message from Row Gathering, if available
+ cache.dynamic(hgen, new DynamicCode<HTMLGen,S,TRANS>() {
+ @Override
+ public void code(S state, TRANS trans, final Cache<HTMLGen> cache, final HTMLGen hgen) throws APIException, IOException {
+ String msg;
+ if((msg = trans.get(EMPTY_TABLE_SLOT, null))!=null) {
+ hgen.incr("style").text("#inner tr,caption,input,p.preamble {display: none;}#inner p.notfound {margin: 0px 0px 0px 20px}").end();
+ hgen.incr(HTMLGen.P,"class=notfound").text(msg).end().br();
+ } else if((msg=trans.get(ROW_MSG_SLOT,null))!=null) {
+ hgen.p(msg).br();
+ }
+ }
+ });
+ cache.dynamic(hgen, new DynamicCode<HTMLGen,S,TRANS>() {
+ @Override
+ public void code(S state, TRANS trans, Cache<HTMLGen> cache, HTMLGen xgen) throws APIException, IOException {
+ rows.data.postfix(state, trans, cache, xgen);
+ }
+ });
- }
+ }
- protected String title(TRANS trans) {
- return title;
- }
+ protected String title(TRANS trans) {
+ return title;
+ }
- public static class Cells {
- public static final Cells EMPTY = new Cells();
- private Cells() {
- cells = new AbsCell[0][0];
- msg = "No Data Found";
- }
-
- public Cells(ArrayList<AbsCell[]> arrayCells, String msg) {
- cells = new AbsCell[arrayCells.size()][];
- arrayCells.toArray(cells);
- this.msg = msg;
- }
- public AbsCell[][] cells;
- public String msg;
-
- }
-
- public interface Data<S extends State<Env>, TRANS extends Trans> {
- // Note: Trans is not first to avoid Method Name Collision
- public void prefix(S state, TRANS trans, final Cache<HTMLGen> cache, final HTMLGen hgen);
- public Cells get(TRANS trans,S state);
- public void postfix(S state, TRANS trans, final Cache<HTMLGen> cache, final HTMLGen hgen);
- public String[] headers();
- }
+ public static class Cells {
+ public static final Cells EMPTY = new Cells();
+ private Cells() {
+ cells = new AbsCell[0][0];
+ msg = "No Data Found";
+ }
+
+ public Cells(ArrayList<AbsCell[]> arrayCells, String msg) {
+ cells = new AbsCell[arrayCells.size()][];
+ arrayCells.toArray(cells);
+ this.msg = msg;
+ }
+ public AbsCell[][] cells;
+ public String msg;
+
+ }
+
+ public interface Data<S extends State<Env>, TRANS extends Trans> {
+ // Note: Trans is not first to avoid Method Name Collision
+ public void prefix(S state, TRANS trans, final Cache<HTMLGen> cache, final HTMLGen hgen);
+ public Cells get(TRANS trans,S state);
+ public void postfix(S state, TRANS trans, final Cache<HTMLGen> cache, final HTMLGen hgen);
+ public String[] headers();
+ }
- private class Rows extends DynamicCode<HTMLGen,S,TRANS> {
- private Data<S,TRANS> data;
- private int alt;
-
- public Rows(Data<S,TRANS> data, int alt) {
- this.data = data;
- this.alt = alt;
- }
-
- @Override
- public void code(final S state, final TRANS trans, final Cache<HTMLGen> cache, final HTMLGen hgen) throws APIException, IOException {
- Mark tr = new Mark();
- Mark td = new Mark();
-
- int alt = this.alt;
- Cells cells = data.get(trans,state);
- if(cells.cells.length>0) {
- for(AbsCell[] row : cells.cells) {
- if(row.length==0) {
- hgen.text("</table>")
- .hr()
- .text("<table>");
- } else {
- switch(alt) {
- case 1:
- alt=2;
- case 0:
- hgen.incr(tr,TR);
- break;
- default:
- alt=1;
- hgen.incr(tr,TR,"class=alt");
- }
- for(AbsCell cell :row) {
- hgen.leaf(td, TD,cell.attrs());
- cell.write(hgen);
- hgen.end(td);
- }
- hgen.end(tr);
- }
- }
- // Pass Msg back to Table code, in order to place after Table Complete
- if(cells.msg!=null) {
- trans.put(ROW_MSG_SLOT,cells.msg);
- }
- } else {
- trans.put(EMPTY_TABLE_SLOT,cells.msg);
- }
- }
- }
+ private class Rows extends DynamicCode<HTMLGen,S,TRANS> {
+ private Data<S,TRANS> data;
+ private int alt;
+
+ public Rows(Data<S,TRANS> data, int alt) {
+ this.data = data;
+ this.alt = alt;
+ }
+
+ @Override
+ public void code(final S state, final TRANS trans, final Cache<HTMLGen> cache, final HTMLGen hgen) throws APIException, IOException {
+ Mark tr = new Mark();
+ Mark td = new Mark();
+
+ int alt = this.alt;
+ Cells cells = data.get(trans,state);
+ if(cells.cells.length>0) {
+ for(AbsCell[] row : cells.cells) {
+ if(row.length==0) {
+ hgen.text("</table>")
+ .hr()
+ .text("<table>");
+ } else {
+ switch(alt) {
+ case 1:
+ alt=2;
+ case 0:
+ hgen.incr(tr,TR);
+ break;
+ default:
+ alt=1;
+ hgen.incr(tr,TR,"class=alt");
+ }
+ for(AbsCell cell :row) {
+ hgen.leaf(td, TD,cell.attrs());
+ cell.write(hgen);
+ hgen.end(td);
+ }
+ hgen.end(tr);
+ }
+ }
+ // Pass Msg back to Table code, in order to place after Table Complete
+ if(cells.msg!=null) {
+ trans.put(ROW_MSG_SLOT,cells.msg);
+ }
+ } else {
+ trans.put(EMPTY_TABLE_SLOT,cells.msg);
+ }
+ }
+ }
-// public Table<S,TRANS> setPrefix(DynamicCode<HTMLGen, AuthGUI, AuthzTrans> dynamicCode) {
-// prefix = dynamicCode;
-// return this;
-// }
-//
-// public Table<S,TRANS> setPostfix(DynamicCode<HTMLGen, AuthGUI, AuthzTrans> dynamicCode) {
-// postfix = dynamicCode;
-// return this;
-// }
+// public Table<S,TRANS> setPrefix(DynamicCode<HTMLGen, AuthGUI, AuthzTrans> dynamicCode) {
+// prefix = dynamicCode;
+// return this;
+// }
+//
+// public Table<S,TRANS> setPostfix(DynamicCode<HTMLGen, AuthGUI, AuthzTrans> dynamicCode) {
+// postfix = dynamicCode;
+// return this;
+// }
}
diff --git a/auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/XFrameFilter.java b/auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/XFrameFilter.java
index ae71d5bf..f362418e 100644
--- a/auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/XFrameFilter.java
+++ b/auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/XFrameFilter.java
@@ -31,43 +31,43 @@ import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletResponse;
public class XFrameFilter implements Filter {
- enum TYPE {none,self};
- // Note: Content-Security Params need to be worked out for GUI before activating.
- private final String xframe;//,csp;
-
- public XFrameFilter(TYPE type) {
- switch(type) {
- case self:
- xframe="SAMEORIGIN";
-// csp="default-src 'self'";
- break;
- case none:
- default:
- xframe="DENY";
-// csp="default-src 'none'";
- break;
-
- }
- }
-
- @Override
- public void doFilter(ServletRequest req, ServletResponse resp, FilterChain fc) throws IOException, ServletException {
- if(resp instanceof HttpServletResponse) {
- @SuppressWarnings("unused")
- HttpServletResponse hresp = (HttpServletResponse)resp;
- ((HttpServletResponse)resp).addHeader("X-Frame-Options", xframe);
-// ((HttpServletResponse)resp).addHeader("Content-Security-Policy",csp);
- }
- fc.doFilter(req, resp);
- }
+ enum TYPE {none,self};
+ // Note: Content-Security Params need to be worked out for GUI before activating.
+ private final String xframe;//,csp;
+
+ public XFrameFilter(TYPE type) {
+ switch(type) {
+ case self:
+ xframe="SAMEORIGIN";
+// csp="default-src 'self'";
+ break;
+ case none:
+ default:
+ xframe="DENY";
+// csp="default-src 'none'";
+ break;
+
+ }
+ }
+
+ @Override
+ public void doFilter(ServletRequest req, ServletResponse resp, FilterChain fc) throws IOException, ServletException {
+ if(resp instanceof HttpServletResponse) {
+ @SuppressWarnings("unused")
+ HttpServletResponse hresp = (HttpServletResponse)resp;
+ ((HttpServletResponse)resp).addHeader("X-Frame-Options", xframe);
+// ((HttpServletResponse)resp).addHeader("Content-Security-Policy",csp);
+ }
+ fc.doFilter(req, resp);
+ }
- @Override
- public void init(FilterConfig fc) throws ServletException {
- }
+ @Override
+ public void init(FilterConfig fc) throws ServletException {
+ }
- @Override
- public void destroy() {
- }
+ @Override
+ public void destroy() {
+ }
}
diff --git a/auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/pages/ApiDocs.java b/auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/pages/ApiDocs.java
index 95aa0525..235683d5 100644
--- a/auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/pages/ApiDocs.java
+++ b/auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/pages/ApiDocs.java
@@ -53,279 +53,279 @@ import aaf.v2_0.Api;
import aaf.v2_0.Api.Route;
public class ApiDocs extends Page {
- // Package on purpose
- private static final String HREF = "/gui/api";
- private static final String NAME = "AAF RESTful API";
- private static final String fields[] = {};
- private static final String ERROR_LINK = "<a href=\"./example/"
- + "YXBwbGljYXRpb24vRXJyb3IranNvbg=="
-// + Symm.base64noSplit().encode("application/Error+json")
- + "\">JSON</a> "
- + "<a href=\"./example/"
- + "YXBwbGljYXRpb24vRXJyb3IreG1s"
-// + Symm.base64noSplit().encode("application/Error+xml")
- + "\">XML</a> ";
+ // Package on purpose
+ private static final String HREF = "/gui/api";
+ private static final String NAME = "AAF RESTful API";
+ private static final String fields[] = {};
+ private static final String ERROR_LINK = "<a href=\"./example/"
+ + "YXBwbGljYXRpb24vRXJyb3IranNvbg=="
+// + Symm.base64noSplit().encode("application/Error+json")
+ + "\">JSON</a> "
+ + "<a href=\"./example/"
+ + "YXBwbGljYXRpb24vRXJyb3IreG1s"
+// + Symm.base64noSplit().encode("application/Error+xml")
+ + "\">XML</a> ";
-
- public ApiDocs(final AAF_GUI gui, final Page ... breadcrumbs) throws APIException, IOException {
- super(gui.env,NAME,HREF, fields,
- new BreadCrumbs(breadcrumbs),
- new Preamble(gui),
- new Table<AAF_GUI,AuthzTrans>("AAF API Reference",gui.env.newTransNoAvg(),new Model(), "class=std")
- );
- }
-
- private static class Preamble extends NamedCode {
+
+ public ApiDocs(final AAF_GUI gui, final Page ... breadcrumbs) throws APIException, IOException {
+ super(gui.env,NAME,HREF, fields,
+ new BreadCrumbs(breadcrumbs),
+ new Preamble(gui),
+ new Table<AAF_GUI,AuthzTrans>("AAF API Reference",gui.env.newTransNoAvg(),new Model(), "class=std")
+ );
+ }
+
+ private static class Preamble extends NamedCode {
- private static final String I = "i";
- private final String fs_url;
+ private static final String I = "i";
+ private final String fs_url;
- public Preamble(AAF_GUI gui) {
- super(false, "preamble");
- fs_url = gui.access.getProperty("fs_url", "");
- }
+ public Preamble(AAF_GUI gui) {
+ super(false, "preamble");
+ fs_url = gui.access.getProperty("fs_url", "");
+ }
- @Override
- public void code(Cache<HTMLGen> cache, HTMLGen xgen) throws APIException, IOException {
- xgen.leaf(HTMLGen.H1).text("AAF 2.0 RESTful interface").end()
- .hr();
- xgen.leaf(HTMLGen.H2).text("Accessing RESTful").end();
- xgen.incr(HTMLGen.UL)
- .leaf(HTMLGen.LI).text("AAF RESTful service is secured by the following:").end()
- .incr(HTMLGen.UL)
- .leaf(HTMLGen.LI).text("The Client must utilize HTTP/S. Non Secure HTTP is not acceptable").end()
- .leaf(HTMLGen.LI).text("The Client MUST supply an Identity validated by one of the following mechanisms").end()
- .incr(HTMLGen.UL)
- .leaf(HTMLGen.LI).text("BASIC AUTH protocol using Organization Registered AppID, provisioned in AAF").end()
- .leaf(HTMLGen.LI).text("(Near Future) Application level Certificate").end()
- .end()
- .end()
- .leaf(HTMLGen.LI).text("Responses").end()
- .incr(HTMLGen.UL)
- .leaf(HTMLGen.LI).text("Each API Entity listed shows what structure will be accepted by service (ContentType) "
- + "or responded with by service (Accept). Therefore, use these in making your call. Critical for PUT/POST.").end()
- .leaf(HTMLGen.LI).text("Each API call may respond with JSON or XML. Choose the ContentType/Accept that has "
- + "+json after the type for JSON or +xml after the Type for XML").end()
- .leaf(HTMLGen.LI).text("XSDs for Versions").end()
- .incr(HTMLGen.UL)
- .leaf(HTMLGen.LI).leaf(HTMLGen.A,"href=" + fs_url + "/aaf_2_0.xsd").text("API 2.0").end().end()
- .end()
- .leaf(HTMLGen.LI).text("AAF can support multiple Versions of the API. Choose the ContentType/Accept that has "
- + "the appropriate version=?.?").end()
- .leaf(HTMLGen.LI).text("All Errors coming from AAF return AT&T Standard Error Message as a String: " + ERROR_LINK
- + " (does not apply to errors from Container)").end()
- .end()
- .leaf(HTMLGen.LI).text("Character Restrictions").end()
- .incr(HTMLGen.UL)
- .leaf(HTMLGen.LI).text("Character Restrictions must depend on the Enforcement Point used").end()
- .leaf(HTMLGen.LI).text("Most AAF usage will be AAF Enforcement Point Characters for Instance and Action are:")
- .br().br().leaf(I).text("a-zA-Z0-9,.()_-=%").end()
- .br().br().text("For Instance, you may declare a multi-dimensional key with : (colon) separator, example:").end()
- .br().leaf(I).text(":myCluster:myKeyspace").end()
- .br().br().text("The * (asterix) may be used as a wild-card by itself or within the multi-dimensional key, example:")
- .br().leaf(I).text(":myCluster:*").end()
- .br().br().text("The % (percent) character can be used as an Escape Character. Applications can use % followed by 2 hexadecimal "
- + "digits to cover odd keys. It is their code, however, which must translate.")
- .br().br().text("The = (equals) is allowed so that Applications can pass Base64 encodations of binary keys").end()
- .leaf(HTMLGen.LI).text("Ask for a Consultation on how these are typically used, or, if your tool is the only Enforcement Point, if set may be expanded").end()
- .end()
- .end();
- /*
-
- The Content is defined in the AAF XSD - TODO Add aaf.xsd”;
- Character Restrictions
+ @Override
+ public void code(Cache<HTMLGen> cache, HTMLGen xgen) throws APIException, IOException {
+ xgen.leaf(HTMLGen.H1).text("AAF 2.0 RESTful interface").end()
+ .hr();
+ xgen.leaf(HTMLGen.H2).text("Accessing RESTful").end();
+ xgen.incr(HTMLGen.UL)
+ .leaf(HTMLGen.LI).text("AAF RESTful service is secured by the following:").end()
+ .incr(HTMLGen.UL)
+ .leaf(HTMLGen.LI).text("The Client must utilize HTTP/S. Non Secure HTTP is not acceptable").end()
+ .leaf(HTMLGen.LI).text("The Client MUST supply an Identity validated by one of the following mechanisms").end()
+ .incr(HTMLGen.UL)
+ .leaf(HTMLGen.LI).text("BASIC AUTH protocol using Organization Registered AppID, provisioned in AAF").end()
+ .leaf(HTMLGen.LI).text("(Near Future) Application level Certificate").end()
+ .end()
+ .end()
+ .leaf(HTMLGen.LI).text("Responses").end()
+ .incr(HTMLGen.UL)
+ .leaf(HTMLGen.LI).text("Each API Entity listed shows what structure will be accepted by service (ContentType) "
+ + "or responded with by service (Accept). Therefore, use these in making your call. Critical for PUT/POST.").end()
+ .leaf(HTMLGen.LI).text("Each API call may respond with JSON or XML. Choose the ContentType/Accept that has "
+ + "+json after the type for JSON or +xml after the Type for XML").end()
+ .leaf(HTMLGen.LI).text("XSDs for Versions").end()
+ .incr(HTMLGen.UL)
+ .leaf(HTMLGen.LI).leaf(HTMLGen.A,"href=" + fs_url + "/aaf_2_0.xsd").text("API 2.0").end().end()
+ .end()
+ .leaf(HTMLGen.LI).text("AAF can support multiple Versions of the API. Choose the ContentType/Accept that has "
+ + "the appropriate version=?.?").end()
+ .leaf(HTMLGen.LI).text("All Errors coming from AAF return AT&T Standard Error Message as a String: " + ERROR_LINK
+ + " (does not apply to errors from Container)").end()
+ .end()
+ .leaf(HTMLGen.LI).text("Character Restrictions").end()
+ .incr(HTMLGen.UL)
+ .leaf(HTMLGen.LI).text("Character Restrictions must depend on the Enforcement Point used").end()
+ .leaf(HTMLGen.LI).text("Most AAF usage will be AAF Enforcement Point Characters for Instance and Action are:")
+ .br().br().leaf(I).text("a-zA-Z0-9,.()_-=%").end()
+ .br().br().text("For Instance, you may declare a multi-dimensional key with : (colon) separator, example:").end()
+ .br().leaf(I).text(":myCluster:myKeyspace").end()
+ .br().br().text("The * (asterix) may be used as a wild-card by itself or within the multi-dimensional key, example:")
+ .br().leaf(I).text(":myCluster:*").end()
+ .br().br().text("The % (percent) character can be used as an Escape Character. Applications can use % followed by 2 hexadecimal "
+ + "digits to cover odd keys. It is their code, however, which must translate.")
+ .br().br().text("The = (equals) is allowed so that Applications can pass Base64 encodations of binary keys").end()
+ .leaf(HTMLGen.LI).text("Ask for a Consultation on how these are typically used, or, if your tool is the only Enforcement Point, if set may be expanded").end()
+ .end()
+ .end();
+ /*
+
+ The Content is defined in the AAF XSD - TODO Add aaf.xsd”;
+ Character Restrictions
- URLs impose restrictions on characters which have specific meanings. This means you cannot have these characters in the Field Content you send
- “#” is a “Fragment URL”, or anchor. Content after this Character is not sent. AAF cannot do anything about this… don’t use it.
- “?=&”. These are used to delineate Parameters.
- “/“ is used to separate fields
- */
- }
-
- };
- /**
- * Implement the Table Content for Permissions by User
- *
- * @author Jonathan
- *
- */
- private static class Model extends TableData<AAF_GUI,AuthzTrans> {
- public static final String[] HEADERS = new String[] {"Entity","Method","Path Info","Description"};
- private static final TextCell BLANK = new TextCell("");
-
- @Override
- public String[] headers() {
- return HEADERS;
- }
-
-
- @Override
- public Cells get(final AuthzTrans trans, final AAF_GUI gui) {
- final ArrayList<AbsCell[]> ns = new ArrayList<>();
- final ArrayList<AbsCell[]> perms = new ArrayList<>();
- final ArrayList<AbsCell[]> roles = new ArrayList<>();
- final ArrayList<AbsCell[]> user = new ArrayList<>();
- final ArrayList<AbsCell[]> aafOnly = new ArrayList<>();
- final ArrayList<AbsCell[]> rv = new ArrayList<>();
-
-
- final TimeTaken tt = trans.start("AAF APIs",Env.REMOTE);
- try {
- gui.clientAsUser(trans.getUserPrincipal(), new Retryable<Void>() {
- @SuppressWarnings("unchecked")
- @Override
- public Void code(Rcli<?> client) throws CadiException, ConnectException, APIException {
- Future<Api> fa = client.read("/api",gui.getDF(Api.class));
- if(fa.get(5000)) {
- tt.done();
- TimeTaken tt2 = trans.start("Load Data", Env.SUB);
- try {
- if(fa.value!=null)for(Route r : fa.value.getRoute()) {
- String path = r.getPath();
- // Build info
- StringBuilder desc = new StringBuilder();
-
- desc.append("<p class=double>");
- desc.append(r.getDesc());
-
- if(r.getComments().size()>0) {
- for(String ct : r.getComments()) {
- desc.append("</p><p class=api_comment>");
- desc.append(ct);
- }
- }
-
- if(r.getParam().size()>0) {
- desc.append("<hr><p class=api_label>Parameters</p>");
-
- for(String params : r.getParam()) {
- String param[] = params.split("\\s*\\|\\s*");
- desc.append("</p><p class=api_contentType>");
- desc.append(param[0]);
- desc.append(" : ");
- desc.append(param[1]);
- if("true".equalsIgnoreCase(param[2])) {
- desc.append(" (Required)");
- }
- }
- }
-
-
- if(r.getExpected()!=0) {
- desc.append("</p><p class=api_label>Expected HTTP Code</p><p class=api_comment>");
- desc.append(r.getExpected());
- }
-
- if(r.getExplicitErr().size()!=0) {
- desc.append("</p><p class=api_label>Explicit HTTP Error Codes</p><p class=api_comment>");
- boolean first = true;
- for(int ee : r.getExplicitErr()) {
- if(first) {
- first = false;
- } else {
- desc.append(", ");
- }
- desc.append(ee);
- }
- }
-
- desc.append("</p><p class=api_label>");
- desc.append("GET".equals(r.getMeth())?"Accept:":"ContentType:");
- Collections.sort(r.getContentType());
- if(r.getPath().startsWith("/authn/basicAuth")) {
- desc.append("</p><p class=api_contentType>text/plain");
- }
- for(String ct : r.getContentType()) {
- if(ct.contains("version=2")) {
- desc.append("</p><p class=api_contentType><a href=\"./example/");
- try {
- desc.append(Symm.base64noSplit.encode(ct));
- } catch (IOException e) {
- throw new CadiException(e);
- }
- desc.append("\"/>");
- desc.append(ct);
- desc.append("</a>");
- }
- }
- desc.append("</p>");
-
-
- AbsCell[] sa = new AbsCell[] {
- null,
- new TextCell(r.getMeth(),"class=right"),
- new TextCell(r.getPath()),
- new TextCell(desc.toString()),
- };
-
- if(path.startsWith("/authz/perm")) {
- sa[0] = perms.size()==0?new TextCell("PERMISSION"):BLANK;
- perms.add(sa);
- } else if(path.startsWith("/authz/role") || path.startsWith("/authz/userRole")) {
- sa[0] = roles.size()==0?new TextCell("ROLE"):BLANK;
- roles.add(sa);
- } else if(path.startsWith("/authz/ns")) {
- sa[0] = ns.size()==0?new TextCell("NAMESPACE"):BLANK;
- ns.add(sa);
- } else if(path.startsWith("/authn/basicAuth")
- || path.startsWith("/authn/validate")
- || path.startsWith("/authz/user")) {
- sa[0] = user.size()==0?new TextCell("USER"):BLANK;
- user.add(sa);
- } else {
- sa[0] = aafOnly.size()==0?new TextCell("AAF ONLY"):BLANK;
- aafOnly.add(sa);
- }
- }
- //TODO if(trans.fish(p))
- prepare(rv, perms,roles,ns,user);
- } finally {
- tt2.done();
- }
- } else {
- gui.writeError(trans, fa, null, 0);
- }
- return null;
- }
- });
- } catch (Exception e) {
- trans.error().log(e.getMessage());
- } finally {
- tt.done();
- }
-
- return new Cells(rv,null);
- }
+ URLs impose restrictions on characters which have specific meanings. This means you cannot have these characters in the Field Content you send
+ “#” is a “Fragment URL”, or anchor. Content after this Character is not sent. AAF cannot do anything about this… don’t use it.
+ “?=&”. These are used to delineate Parameters.
+ “/“ is used to separate fields
+ */
+ }
+
+ };
+ /**
+ * Implement the Table Content for Permissions by User
+ *
+ * @author Jonathan
+ *
+ */
+ private static class Model extends TableData<AAF_GUI,AuthzTrans> {
+ public static final String[] HEADERS = new String[] {"Entity","Method","Path Info","Description"};
+ private static final TextCell BLANK = new TextCell("");
+
+ @Override
+ public String[] headers() {
+ return HEADERS;
+ }
+
+
+ @Override
+ public Cells get(final AuthzTrans trans, final AAF_GUI gui) {
+ final ArrayList<AbsCell[]> ns = new ArrayList<>();
+ final ArrayList<AbsCell[]> perms = new ArrayList<>();
+ final ArrayList<AbsCell[]> roles = new ArrayList<>();
+ final ArrayList<AbsCell[]> user = new ArrayList<>();
+ final ArrayList<AbsCell[]> aafOnly = new ArrayList<>();
+ final ArrayList<AbsCell[]> rv = new ArrayList<>();
+
+
+ final TimeTaken tt = trans.start("AAF APIs",Env.REMOTE);
+ try {
+ gui.clientAsUser(trans.getUserPrincipal(), new Retryable<Void>() {
+ @SuppressWarnings("unchecked")
+ @Override
+ public Void code(Rcli<?> client) throws CadiException, ConnectException, APIException {
+ Future<Api> fa = client.read("/api",gui.getDF(Api.class));
+ if(fa.get(5000)) {
+ tt.done();
+ TimeTaken tt2 = trans.start("Load Data", Env.SUB);
+ try {
+ if(fa.value!=null)for(Route r : fa.value.getRoute()) {
+ String path = r.getPath();
+ // Build info
+ StringBuilder desc = new StringBuilder();
+
+ desc.append("<p class=double>");
+ desc.append(r.getDesc());
+
+ if(r.getComments().size()>0) {
+ for(String ct : r.getComments()) {
+ desc.append("</p><p class=api_comment>");
+ desc.append(ct);
+ }
+ }
+
+ if(r.getParam().size()>0) {
+ desc.append("<hr><p class=api_label>Parameters</p>");
+
+ for(String params : r.getParam()) {
+ String param[] = params.split("\\s*\\|\\s*");
+ desc.append("</p><p class=api_contentType>");
+ desc.append(param[0]);
+ desc.append(" : ");
+ desc.append(param[1]);
+ if("true".equalsIgnoreCase(param[2])) {
+ desc.append(" (Required)");
+ }
+ }
+ }
+
+
+ if(r.getExpected()!=0) {
+ desc.append("</p><p class=api_label>Expected HTTP Code</p><p class=api_comment>");
+ desc.append(r.getExpected());
+ }
+
+ if(r.getExplicitErr().size()!=0) {
+ desc.append("</p><p class=api_label>Explicit HTTP Error Codes</p><p class=api_comment>");
+ boolean first = true;
+ for(int ee : r.getExplicitErr()) {
+ if(first) {
+ first = false;
+ } else {
+ desc.append(", ");
+ }
+ desc.append(ee);
+ }
+ }
+
+ desc.append("</p><p class=api_label>");
+ desc.append("GET".equals(r.getMeth())?"Accept:":"ContentType:");
+ Collections.sort(r.getContentType());
+ if(r.getPath().startsWith("/authn/basicAuth")) {
+ desc.append("</p><p class=api_contentType>text/plain");
+ }
+ for(String ct : r.getContentType()) {
+ if(ct.contains("version=2")) {
+ desc.append("</p><p class=api_contentType><a href=\"./example/");
+ try {
+ desc.append(Symm.base64noSplit.encode(ct));
+ } catch (IOException e) {
+ throw new CadiException(e);
+ }
+ desc.append("\"/>");
+ desc.append(ct);
+ desc.append("</a>");
+ }
+ }
+ desc.append("</p>");
+
+
+ AbsCell[] sa = new AbsCell[] {
+ null,
+ new TextCell(r.getMeth(),"class=right"),
+ new TextCell(r.getPath()),
+ new TextCell(desc.toString()),
+ };
+
+ if(path.startsWith("/authz/perm")) {
+ sa[0] = perms.size()==0?new TextCell("PERMISSION"):BLANK;
+ perms.add(sa);
+ } else if(path.startsWith("/authz/role") || path.startsWith("/authz/userRole")) {
+ sa[0] = roles.size()==0?new TextCell("ROLE"):BLANK;
+ roles.add(sa);
+ } else if(path.startsWith("/authz/ns")) {
+ sa[0] = ns.size()==0?new TextCell("NAMESPACE"):BLANK;
+ ns.add(sa);
+ } else if(path.startsWith("/authn/basicAuth")
+ || path.startsWith("/authn/validate")
+ || path.startsWith("/authz/user")) {
+ sa[0] = user.size()==0?new TextCell("USER"):BLANK;
+ user.add(sa);
+ } else {
+ sa[0] = aafOnly.size()==0?new TextCell("AAF ONLY"):BLANK;
+ aafOnly.add(sa);
+ }
+ }
+ //TODO if(trans.fish(p))
+ prepare(rv, perms,roles,ns,user);
+ } finally {
+ tt2.done();
+ }
+ } else {
+ gui.writeError(trans, fa, null, 0);
+ }
+ return null;
+ }
+ });
+ } catch (Exception e) {
+ trans.error().log(e.getMessage());
+ } finally {
+ tt.done();
+ }
+
+ return new Cells(rv,null);
+ }
- @SuppressWarnings("unchecked")
- private void prepare(ArrayList<AbsCell[]> rv, ArrayList<AbsCell[]> ... all) {
- AbsCell lead;
- AbsCell[] row;
- for(ArrayList<AbsCell[]> al : all) {
- if(al.size()>1) {
- row = al.get(0);
- lead = row[0];
- row[0]=BLANK;
- al.get(0).clone()[0]=BLANK;
- Collections.sort(al, new Comparator<AbsCell[]>() {
- @Override
- public int compare(AbsCell[] ca1, AbsCell[] ca2) {
- int meth = ((TextCell)ca1[2]).name.compareTo(
- ((TextCell)ca2[2]).name);
- if(meth == 0) {
- return (HttpMethods.valueOf(((TextCell)ca1[1]).name).compareTo(
- HttpMethods.valueOf(((TextCell)ca2[1]).name)));
- } else {
- return meth;
- }
- }
- });
- // set new first row
- al.get(0)[0]=lead;
+ @SuppressWarnings("unchecked")
+ private void prepare(ArrayList<AbsCell[]> rv, ArrayList<AbsCell[]> ... all) {
+ AbsCell lead;
+ AbsCell[] row;
+ for(ArrayList<AbsCell[]> al : all) {
+ if(al.size()>1) {
+ row = al.get(0);
+ lead = row[0];
+ row[0]=BLANK;
+ al.get(0).clone()[0]=BLANK;
+ Collections.sort(al, new Comparator<AbsCell[]>() {
+ @Override
+ public int compare(AbsCell[] ca1, AbsCell[] ca2) {
+ int meth = ((TextCell)ca1[2]).name.compareTo(
+ ((TextCell)ca2[2]).name);
+ if(meth == 0) {
+ return (HttpMethods.valueOf(((TextCell)ca1[1]).name).compareTo(
+ HttpMethods.valueOf(((TextCell)ca2[1]).name)));
+ } else {
+ return meth;
+ }
+ }
+ });
+ // set new first row
+ al.get(0)[0]=lead;
- rv.addAll(al);
- }
- }
- }
- }
+ rv.addAll(al);
+ }
+ }
+ }
+ }
}
diff --git a/auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/pages/ApiExample.java b/auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/pages/ApiExample.java
index a98a16ca..3beed563 100644
--- a/auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/pages/ApiExample.java
+++ b/auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/pages/ApiExample.java
@@ -45,89 +45,89 @@ import org.onap.aaf.misc.xgen.html.HTMLGen;
*
*/
public class ApiExample extends Page {
- public static final String HREF = "/gui/example/:tc";
- public static final String NAME = "APIExample";
+ public static final String HREF = "/gui/example/:tc";
+ public static final String NAME = "APIExample";
- public ApiExample(final AAF_GUI gui, Page ... breadcrumbs) throws APIException, IOException {
- super(gui.env, NAME, HREF, 2/*backdots*/, new String[] {"API Code Example"},
- new BreadCrumbs(breadcrumbs),
- new Model(NAME)
- );
- }
-
- private static class Model extends NamedCode {
- private static final String WITH_OPTIONAL_PARAMETERS = "\n\n////////////\n Data with Optional Parameters \n////////////\n\n";
+ public ApiExample(final AAF_GUI gui, Page ... breadcrumbs) throws APIException, IOException {
+ super(gui.env, NAME, HREF, 2/*backdots*/, new String[] {"API Code Example"},
+ new BreadCrumbs(breadcrumbs),
+ new Model(NAME)
+ );
+ }
+
+ private static class Model extends NamedCode {
+ private static final String WITH_OPTIONAL_PARAMETERS = "\n\n////////////\n Data with Optional Parameters \n////////////\n\n";
- public Model(String name) {
- super(false,name);
- }
+ public Model(String name) {
+ super(false,name);
+ }
- @Override
- public void code(Cache<HTMLGen> cache, HTMLGen xgen) throws APIException, IOException {
- Mark inner = xgen.divID("inner");
- xgen.divID("example","class=std");
- cache.dynamic(xgen, new DynamicCode<HTMLGen,AAF_GUI,AuthzTrans>() {
- @Override
- public void code(final AAF_GUI gui, final AuthzTrans trans, Cache<HTMLGen> cache, HTMLGen xgen) throws APIException, IOException {
- TimeTaken tt = trans.start("Code Example",Env.REMOTE);
- try {
- final String typecode;
- int prefix = trans.path().lastIndexOf('/')+1;
- String encoded = trans.path().substring(prefix);
- typecode = Symm.base64noSplit.decode(encoded);
- Future<String> fp = gui.client().read("/api/example/" + encoded,
- "application/Void+json"
- );
- Future<String> fs2;
- if(typecode.contains("Request+")) {
- fs2 = gui.client().read("/api/example/" + encoded+"?optional=true",
- "application/Void+json"
- );
- } else {
- fs2=null;
- }
-
-
- if(fp.get(5000)) {
- xgen.incr(HTMLGen.H1).text("Sample Code").end()
- .incr(HTMLGen.H5).text(typecode).end();
- xgen.incr("pre");
- if(typecode.contains("+xml")) {
- xgen.xml(fp.body());
- if(fs2!=null && fs2.get(5000)) {
- xgen.text(WITH_OPTIONAL_PARAMETERS);
- xgen.xml(fs2.body());
- }
- } else {
- xgen.text(fp.body());
- if(fs2!=null && fs2.get(5000)) {
- xgen.text(WITH_OPTIONAL_PARAMETERS);
- xgen.text(fs2.body());
- }
- }
- xgen.end();
- } else {
- xgen.incr(HTMLGen.H3)
- .textCR(2,"Error from AAF Service")
- .end();
- gui.writeError(trans, fp, xgen, 0);
- }
+ @Override
+ public void code(Cache<HTMLGen> cache, HTMLGen xgen) throws APIException, IOException {
+ Mark inner = xgen.divID("inner");
+ xgen.divID("example","class=std");
+ cache.dynamic(xgen, new DynamicCode<HTMLGen,AAF_GUI,AuthzTrans>() {
+ @Override
+ public void code(final AAF_GUI gui, final AuthzTrans trans, Cache<HTMLGen> cache, HTMLGen xgen) throws APIException, IOException {
+ TimeTaken tt = trans.start("Code Example",Env.REMOTE);
+ try {
+ final String typecode;
+ int prefix = trans.path().lastIndexOf('/')+1;
+ String encoded = trans.path().substring(prefix);
+ typecode = Symm.base64noSplit.decode(encoded);
+ Future<String> fp = gui.client().read("/api/example/" + encoded,
+ "application/Void+json"
+ );
+ Future<String> fs2;
+ if(typecode.contains("Request+")) {
+ fs2 = gui.client().read("/api/example/" + encoded+"?optional=true",
+ "application/Void+json"
+ );
+ } else {
+ fs2=null;
+ }
+
+
+ if(fp.get(5000)) {
+ xgen.incr(HTMLGen.H1).text("Sample Code").end()
+ .incr(HTMLGen.H5).text(typecode).end();
+ xgen.incr("pre");
+ if(typecode.contains("+xml")) {
+ xgen.xml(fp.body());
+ if(fs2!=null && fs2.get(5000)) {
+ xgen.text(WITH_OPTIONAL_PARAMETERS);
+ xgen.xml(fs2.body());
+ }
+ } else {
+ xgen.text(fp.body());
+ if(fs2!=null && fs2.get(5000)) {
+ xgen.text(WITH_OPTIONAL_PARAMETERS);
+ xgen.text(fs2.body());
+ }
+ }
+ xgen.end();
+ } else {
+ xgen.incr(HTMLGen.H3)
+ .textCR(2,"Error from AAF Service")
+ .end();
+ gui.writeError(trans, fp, xgen, 0);
+ }
- } catch (APIException e) {
- throw e;
- } catch (IOException e) {
- throw e;
- } catch (Exception e) {
- throw new APIException(e);
- }finally {
- tt.done();
- }
- }
-
- });
- xgen.end(inner);
- }
- }
+ } catch (APIException e) {
+ throw e;
+ } catch (IOException e) {
+ throw e;
+ } catch (Exception e) {
+ throw new APIException(e);
+ }finally {
+ tt.done();
+ }
+ }
+
+ });
+ xgen.end(inner);
+ }
+ }
-}
- \ No newline at end of file
+}
+ \ No newline at end of file
diff --git a/auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/pages/ApprovalAction.java b/auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/pages/ApprovalAction.java
index 2797cd66..507cb21a 100644
--- a/auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/pages/ApprovalAction.java
+++ b/auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/pages/ApprovalAction.java
@@ -44,78 +44,78 @@ import aaf.v2_0.Approval;
import aaf.v2_0.Approvals;
public class ApprovalAction extends Page {
- public ApprovalAction(final AAF_GUI gui, final Page ... breadcrumbs) throws APIException, IOException {
- super(gui.env,"Approvals",ApprovalForm.HREF, ApprovalForm.FIELDS,
- new BreadCrumbs(breadcrumbs),
- new NamedCode(true,"content") {
- final Slot sAppr = gui.env.slot(ApprovalForm.NAME+'.'+ApprovalForm.FIELDS[0]);
- final Slot sUser = gui.env.slot(ApprovalForm.NAME+'.'+ApprovalForm.FIELDS[1]);
-
- @Override
- public void code(final Cache<HTMLGen> cache, final HTMLGen hgen) throws APIException, IOException {
- cache.dynamic(hgen, new DynamicCode<HTMLGen,AAF_GUI, AuthzTrans>() {
- @Override
- public void code(final AAF_GUI gui, final AuthzTrans trans,final Cache<HTMLGen> cache, final HTMLGen hgen) throws APIException, IOException {
- String[] appr = trans.get(sAppr,null);
- String user = trans.get(sUser,null);
- String lastPage = ApprovalForm.HREF;
- if (user != null) {
- lastPage += "?user="+user;
- }
-
- if(appr==null) {
- hgen.p("No Approvals have been selected.");
- } else {
- Approval app;
- final Approvals apps = new Approvals();
- int count = 0;
- for(String a : appr) {
- if(a!=null) {
- int idx = a.indexOf('|');
- if(idx>=0) {
- app = new Approval();
- app.setStatus(a.substring(0,idx));
- app.setTicket(a.substring(++idx));
- app.setApprover(trans.getUserPrincipal().getName());
- apps.getApprovals().add(app);
- ++count;
- }
- }
- }
- if(apps.getApprovals().isEmpty()) {
- hgen.p("No Approvals have been sent.");
- } else {
- TimeTaken tt = trans.start("AAF Update Approvals",Env.REMOTE);
- try {
- final int total = count;
- gui.clientAsUser(trans.getUserPrincipal(), new Retryable<Boolean>() {
- @Override
- public Boolean code(Rcli<?> client) throws APIException, CadiException {
- boolean fail2 = true;
- Future<Approvals> fa = client.update("/authz/approval",gui.getDF(Approvals.class),apps);
- if(fa.get(AAF_GUI.TIMEOUT)) {
- // Do Remote Call
- fail2 = false;
- hgen.p(total + (total==1?" Approval has":" Approvals have") + " been Saved");
- } else {
- gui.writeError(trans, fa, hgen, 0);
- }
- return fail2;
- }
- });
- } catch (Exception e) {
- e.printStackTrace();
- } finally {
- tt.done();
- }
- }
+ public ApprovalAction(final AAF_GUI gui, final Page ... breadcrumbs) throws APIException, IOException {
+ super(gui.env,"Approvals",ApprovalForm.HREF, ApprovalForm.FIELDS,
+ new BreadCrumbs(breadcrumbs),
+ new NamedCode(true,"content") {
+ final Slot sAppr = gui.env.slot(ApprovalForm.NAME+'.'+ApprovalForm.FIELDS[0]);
+ final Slot sUser = gui.env.slot(ApprovalForm.NAME+'.'+ApprovalForm.FIELDS[1]);
+
+ @Override
+ public void code(final Cache<HTMLGen> cache, final HTMLGen hgen) throws APIException, IOException {
+ cache.dynamic(hgen, new DynamicCode<HTMLGen,AAF_GUI, AuthzTrans>() {
+ @Override
+ public void code(final AAF_GUI gui, final AuthzTrans trans,final Cache<HTMLGen> cache, final HTMLGen hgen) throws APIException, IOException {
+ String[] appr = trans.get(sAppr,null);
+ String user = trans.get(sUser,null);
+ String lastPage = ApprovalForm.HREF;
+ if (user != null) {
+ lastPage += "?user="+user;
+ }
+
+ if(appr==null) {
+ hgen.p("No Approvals have been selected.");
+ } else {
+ Approval app;
+ final Approvals apps = new Approvals();
+ int count = 0;
+ for(String a : appr) {
+ if(a!=null) {
+ int idx = a.indexOf('|');
+ if(idx>=0) {
+ app = new Approval();
+ app.setStatus(a.substring(0,idx));
+ app.setTicket(a.substring(++idx));
+ app.setApprover(trans.getUserPrincipal().getName());
+ apps.getApprovals().add(app);
+ ++count;
+ }
+ }
+ }
+ if(apps.getApprovals().isEmpty()) {
+ hgen.p("No Approvals have been sent.");
+ } else {
+ TimeTaken tt = trans.start("AAF Update Approvals",Env.REMOTE);
+ try {
+ final int total = count;
+ gui.clientAsUser(trans.getUserPrincipal(), new Retryable<Boolean>() {
+ @Override
+ public Boolean code(Rcli<?> client) throws APIException, CadiException {
+ boolean fail2 = true;
+ Future<Approvals> fa = client.update("/authz/approval",gui.getDF(Approvals.class),apps);
+ if(fa.get(AAF_GUI.TIMEOUT)) {
+ // Do Remote Call
+ fail2 = false;
+ hgen.p(total + (total==1?" Approval has":" Approvals have") + " been Saved");
+ } else {
+ gui.writeError(trans, fa, hgen, 0);
+ }
+ return fail2;
+ }
+ });
+ } catch (Exception e) {
+ e.printStackTrace();
+ } finally {
+ tt.done();
+ }
+ }
- hgen.br();
- hgen.incr("a",true,"class=greenbutton","href="+lastPage).text("Back").end();
- }
- }
- });
- }
- });
- }
+ hgen.br();
+ hgen.incr("a",true,"class=greenbutton","href="+lastPage).text("Back").end();
+ }
+ }
+ });
+ }
+ });
+ }
}
diff --git a/auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/pages/ApprovalForm.java b/auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/pages/ApprovalForm.java
index bc9811ba..14d434cb 100644
--- a/auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/pages/ApprovalForm.java
+++ b/auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/pages/ApprovalForm.java
@@ -64,235 +64,235 @@ import aaf.v2_0.Approval;
import aaf.v2_0.Approvals;
public class ApprovalForm extends Page {
- // Package on purpose
- static final String NAME="Approvals";
- static final String HREF = "/gui/approve";
- static final String[] FIELDS = new String[] {"line[]","user"};
-
-
- public ApprovalForm(final AAF_GUI gui, final Page ... breadcrumbs) throws APIException, IOException {
- super(gui.env,NAME,HREF, FIELDS,
+ // Package on purpose
+ static final String NAME="Approvals";
+ static final String HREF = "/gui/approve";
+ static final String[] FIELDS = new String[] {"line[]","user"};
+
+
+ public ApprovalForm(final AAF_GUI gui, final Page ... breadcrumbs) throws APIException, IOException {
+ super(gui.env,NAME,HREF, FIELDS,
- new BreadCrumbs(breadcrumbs),
- new NamedCode(false, "filterByUser") {
- @Override
- public void code(final Cache<HTMLGen> cache, final HTMLGen hgen) throws APIException, IOException {
- cache.dynamic(hgen, new DynamicCode<HTMLGen, AAF_GUI, AuthzTrans>() {
- @Override
- public void code(final AAF_GUI gui, final AuthzTrans trans, final Cache<HTMLGen> cache, final HTMLGen hgen) throws APIException, IOException {
- String user = trans.get(trans.env().slot(NAME+".user"),"");
- hgen.incr("p", "class=userFilter")
- .text("Filter by User:")
- .tagOnly("input", "type=text", "value="+user, "id=userTextBox")
- .tagOnly("input", "type=button", "onclick=userFilter('"+HREF+"');", "value=Go!")
- .end();
- }
- });
- }
- },
- new Form(true,new Table<AAF_GUI,AuthzTrans>("Approval Requests", gui.env.newTransNoAvg(),new Model(gui.env),"class=stdform"))
- .preamble("The following requires your Approval to proceed in the AAF System.</p><p class=subtext>Hover on Identity for Name; click for WebPhone; If Deny is the only option, User is no longer valid."),
- new NamedCode(false, "selectAlljs") {
- @Override
- public void code(final Cache<HTMLGen> cache, final HTMLGen hgen) throws APIException, IOException {
- Mark jsStart = new Mark();
- hgen.js(jsStart);
- hgen.text("function selectAll(radioClass) {");
- hgen.text("var radios = document.querySelectorAll(\".\"+radioClass);");
- hgen.text("for (i = 0; i < radios.length; i++) {");
- hgen.text("radios[i].checked = true;");
- hgen.text("}");
- hgen.text("}");
- hgen.end(jsStart);
- }
- });
-
- }
-
- /**
- * Implement the Table Content for Approvals
- *
- * @author Jonathan
- *
- */
- private static class Model extends TableData<AAF_GUI,AuthzTrans> {
- //TODO come up with a generic way to do ILM Info (people page)
- private static final String TODO_ILM_INFO = "TODO: ILM Info";
- private static final String DOMAIN_OF_USER = "@DOMAIN";
-
- private static final String[] headers = new String[] {"Identity","Request","Approve","Deny"};
- private Slot sUser;
-
- public Model(AuthzEnv env) {
- sUser = env.slot(NAME+".user");
- }
-
- @Override
- public String[] headers() {
- return headers;
- }
-
- @Override
- public Cells get(final AuthzTrans trans, final AAF_GUI gui) {
- final String userParam = trans.get(sUser, null);
- ArrayList<AbsCell[]> rv = new ArrayList<>();
- String msg = null;
- TimeTaken tt = trans.start("AAF Get Approvals for Approver",Env.REMOTE);
- try {
- final List<Approval> pendingApprovals = new ArrayList<>();
- final List<Integer> beginIndicesPerApprover = new ArrayList<>();
- int numLeft = gui.clientAsUser(trans.getUserPrincipal(), new Retryable<Integer>() {
- @Override
- public Integer code(Rcli<?> client) throws CadiException, ConnectException, APIException {
- Future<Approvals> fa = client.read("/authz/approval/approver/"+trans.user(),gui.getDF(Approvals.class));
- int numLeft = 0;
- if(fa.get(AAF_GUI.TIMEOUT)) {
-
- if(fa.value!=null) {
- for (Approval appr : fa.value.getApprovals()) {
- if ("pending".equals(appr.getStatus())) {
- if (userParam!=null && !appr.getUser().equalsIgnoreCase(userParam)) {
- numLeft++;
- continue;
- }
- pendingApprovals.add(appr);
- }
- }
- }
-
- String prevApprover = null;
- int overallIndex = 0;
-
- for (Approval appr : pendingApprovals) {
- String currApprover = appr.getApprover();
- if (!currApprover.equals(prevApprover)) {
- prevApprover = currApprover;
- beginIndicesPerApprover.add(overallIndex);
- }
- overallIndex++;
- }
- }
- return numLeft;
- }
- });
-
- if (!pendingApprovals.isEmpty()) {
- // Only add select all links if we have approvals
- AbsCell[] selectAllRow = new AbsCell[] {
- AbsCell.Null,
- AbsCell.Null,
- new ButtonCell("all", "onclick=selectAll('approve')", "class=selectAllButton"),
- new ButtonCell("all", "onclick=selectAll('deny')", "class=selectAllButton")
- };
- rv.add(selectAllRow);
- }
-
- int line=-1;
-
- while (!beginIndicesPerApprover.isEmpty()) {
- int beginIndex = beginIndicesPerApprover.remove(0);
- int endIndex = (beginIndicesPerApprover.isEmpty()?pendingApprovals.size():beginIndicesPerApprover.get(0));
- List<Approval> currApproverList = pendingApprovals.subList(beginIndex, endIndex);
-
- String currApproverFull = currApproverList.get(0).getApprover();
- String currApproverShort = currApproverFull.substring(0,currApproverFull.indexOf('@'));
- String currApprover = (trans.user().indexOf('@')<0?currApproverShort:currApproverFull);
- if (!currApprover.equals(trans.user())) {
- AbsCell[] approverHeader;
- if (currApproverFull.substring(currApproverFull.indexOf('@')).equals(DOMAIN_OF_USER)) {
- approverHeader = new AbsCell[] {
- new TextAndRefCell("Approvals Delegated to Me by ", currApprover,
- TODO_ILM_INFO + currApproverShort,
- true,
- new String[] {"colspan=4", "class=head"})
- };
- } else {
- approverHeader = new AbsCell[] {
- new TextCell("Approvals Delegated to Me by " + currApprover,
- new String[] {"colspan=4", "class=head"})
- };
- }
- rv.add(approverHeader);
- }
-
- // Sort by User Requesting
- Collections.sort(currApproverList, new Comparator<Approval>() {
- @Override
- public int compare(Approval a1, Approval a2) {
- return a1.getUser().compareTo(a2.getUser());
- }
- });
-
- String prevUser = null;
- boolean userOK=true;
+ new BreadCrumbs(breadcrumbs),
+ new NamedCode(false, "filterByUser") {
+ @Override
+ public void code(final Cache<HTMLGen> cache, final HTMLGen hgen) throws APIException, IOException {
+ cache.dynamic(hgen, new DynamicCode<HTMLGen, AAF_GUI, AuthzTrans>() {
+ @Override
+ public void code(final AAF_GUI gui, final AuthzTrans trans, final Cache<HTMLGen> cache, final HTMLGen hgen) throws APIException, IOException {
+ String user = trans.get(trans.env().slot(NAME+".user"),"");
+ hgen.incr("p", "class=userFilter")
+ .text("Filter by User:")
+ .tagOnly("input", "type=text", "value="+user, "id=userTextBox")
+ .tagOnly("input", "type=button", "onclick=userFilter('"+HREF+"');", "value=Go!")
+ .end();
+ }
+ });
+ }
+ },
+ new Form(true,new Table<AAF_GUI,AuthzTrans>("Approval Requests", gui.env.newTransNoAvg(),new Model(gui.env),"class=stdform"))
+ .preamble("The following requires your Approval to proceed in the AAF System.</p><p class=subtext>Hover on Identity for Name; click for WebPhone; If Deny is the only option, User is no longer valid."),
+ new NamedCode(false, "selectAlljs") {
+ @Override
+ public void code(final Cache<HTMLGen> cache, final HTMLGen hgen) throws APIException, IOException {
+ Mark jsStart = new Mark();
+ hgen.js(jsStart);
+ hgen.text("function selectAll(radioClass) {");
+ hgen.text("var radios = document.querySelectorAll(\".\"+radioClass);");
+ hgen.text("for (i = 0; i < radios.length; i++) {");
+ hgen.text("radios[i].checked = true;");
+ hgen.text("}");
+ hgen.text("}");
+ hgen.end(jsStart);
+ }
+ });
+
+ }
+
+ /**
+ * Implement the Table Content for Approvals
+ *
+ * @author Jonathan
+ *
+ */
+ private static class Model extends TableData<AAF_GUI,AuthzTrans> {
+ //TODO come up with a generic way to do ILM Info (people page)
+ private static final String TODO_ILM_INFO = "TODO: ILM Info";
+ private static final String DOMAIN_OF_USER = "@DOMAIN";
+
+ private static final String[] headers = new String[] {"Identity","Request","Approve","Deny"};
+ private Slot sUser;
+
+ public Model(AuthzEnv env) {
+ sUser = env.slot(NAME+".user");
+ }
+
+ @Override
+ public String[] headers() {
+ return headers;
+ }
+
+ @Override
+ public Cells get(final AuthzTrans trans, final AAF_GUI gui) {
+ final String userParam = trans.get(sUser, null);
+ ArrayList<AbsCell[]> rv = new ArrayList<>();
+ String msg = null;
+ TimeTaken tt = trans.start("AAF Get Approvals for Approver",Env.REMOTE);
+ try {
+ final List<Approval> pendingApprovals = new ArrayList<>();
+ final List<Integer> beginIndicesPerApprover = new ArrayList<>();
+ int numLeft = gui.clientAsUser(trans.getUserPrincipal(), new Retryable<Integer>() {
+ @Override
+ public Integer code(Rcli<?> client) throws CadiException, ConnectException, APIException {
+ Future<Approvals> fa = client.read("/authz/approval/approver/"+trans.user(),gui.getDF(Approvals.class));
+ int numLeft = 0;
+ if(fa.get(AAF_GUI.TIMEOUT)) {
+
+ if(fa.value!=null) {
+ for (Approval appr : fa.value.getApprovals()) {
+ if ("pending".equals(appr.getStatus())) {
+ if (userParam!=null && !appr.getUser().equalsIgnoreCase(userParam)) {
+ numLeft++;
+ continue;
+ }
+ pendingApprovals.add(appr);
+ }
+ }
+ }
+
+ String prevApprover = null;
+ int overallIndex = 0;
+
+ for (Approval appr : pendingApprovals) {
+ String currApprover = appr.getApprover();
+ if (!currApprover.equals(prevApprover)) {
+ prevApprover = currApprover;
+ beginIndicesPerApprover.add(overallIndex);
+ }
+ overallIndex++;
+ }
+ }
+ return numLeft;
+ }
+ });
+
+ if (!pendingApprovals.isEmpty()) {
+ // Only add select all links if we have approvals
+ AbsCell[] selectAllRow = new AbsCell[] {
+ AbsCell.Null,
+ AbsCell.Null,
+ new ButtonCell("all", "onclick=selectAll('approve')", "class=selectAllButton"),
+ new ButtonCell("all", "onclick=selectAll('deny')", "class=selectAllButton")
+ };
+ rv.add(selectAllRow);
+ }
+
+ int line=-1;
+
+ while (!beginIndicesPerApprover.isEmpty()) {
+ int beginIndex = beginIndicesPerApprover.remove(0);
+ int endIndex = (beginIndicesPerApprover.isEmpty()?pendingApprovals.size():beginIndicesPerApprover.get(0));
+ List<Approval> currApproverList = pendingApprovals.subList(beginIndex, endIndex);
+
+ String currApproverFull = currApproverList.get(0).getApprover();
+ String currApproverShort = currApproverFull.substring(0,currApproverFull.indexOf('@'));
+ String currApprover = (trans.user().indexOf('@')<0?currApproverShort:currApproverFull);
+ if (!currApprover.equals(trans.user())) {
+ AbsCell[] approverHeader;
+ if (currApproverFull.substring(currApproverFull.indexOf('@')).equals(DOMAIN_OF_USER)) {
+ approverHeader = new AbsCell[] {
+ new TextAndRefCell("Approvals Delegated to Me by ", currApprover,
+ TODO_ILM_INFO + currApproverShort,
+ true,
+ new String[] {"colspan=4", "class=head"})
+ };
+ } else {
+ approverHeader = new AbsCell[] {
+ new TextCell("Approvals Delegated to Me by " + currApprover,
+ new String[] {"colspan=4", "class=head"})
+ };
+ }
+ rv.add(approverHeader);
+ }
+
+ // Sort by User Requesting
+ Collections.sort(currApproverList, new Comparator<Approval>() {
+ @Override
+ public int compare(Approval a1, Approval a2) {
+ return a1.getUser().compareTo(a2.getUser());
+ }
+ });
+
+ String prevUser = null;
+ boolean userOK=true;
- for (Approval appr : currApproverList) {
- if(++line<MAX_LINE) { // limit number displayed at one time.
- AbsCell userCell;
- String user = appr.getUser();
- if(user.equals(prevUser)) {
- userCell = AbsCell.Null;
- } else if (user.endsWith(DOMAIN_OF_USER)){
- userOK=true;
- String title;
- Organization org = OrganizationFactory.obtain(trans.env(), user);
- if(org==null) {
- title="";
- } else {
- Identity au = org.getIdentity(trans, user);
- if(au!=null) {
- if("MECHID".equals(au.type())) {
- Identity managedBy = au.responsibleTo();
- if(managedBy==null) {
- title ="title=" + au.type();
- } else {
- title="title=Sponsor is " + managedBy.fullName();
- }
- } else {
- title="title=" + au.fullName();
- }
- } else {
- userOK=false;
- title="title=Not a User at " + org.getName();
- }
- }
- prevUser=user;
- userCell = new RefCell(prevUser,
- TODO_ILM_INFO+user.substring(0, user.length()-DOMAIN_OF_USER.length()),
- true,
- title);
- } else {
- userCell = new TextCell(prevUser);
- }
- AbsCell[] sa = new AbsCell[] {
- userCell,
- new TextCell(appr.getMemo()),
- userOK?new RadioCell("line."+ line,"approve", "approved|"+appr.getTicket()):new TextCell(""),
- new RadioCell("line."+ line,"deny", "denied|"+appr.getTicket())
- };
- rv.add(sa);
- } else {
- ++numLeft;
- }
- }
- }
- if(numLeft>0) {
- msg = "After these, there will be " + numLeft + " approvals left to process";
- }
- if(rv.isEmpty()) {
- if (numLeft>0) {
- msg = "No Approvals to process at this time for user " + userParam +". You have "
- + numLeft + " other approvals to process.";
- } else {
- msg = "No Approvals to process at this time";
- }
- }
- } catch (Exception e) {
- trans.error().log(e);
- } finally {
- tt.done();
- }
- return new Cells(rv,msg);
- }
- }
+ for (Approval appr : currApproverList) {
+ if(++line<MAX_LINE) { // limit number displayed at one time.
+ AbsCell userCell;
+ String user = appr.getUser();
+ if(user.equals(prevUser)) {
+ userCell = AbsCell.Null;
+ } else if (user.endsWith(DOMAIN_OF_USER)){
+ userOK=true;
+ String title;
+ Organization org = OrganizationFactory.obtain(trans.env(), user);
+ if(org==null) {
+ title="";
+ } else {
+ Identity au = org.getIdentity(trans, user);
+ if(au!=null) {
+ if("MECHID".equals(au.type())) {
+ Identity managedBy = au.responsibleTo();
+ if(managedBy==null) {
+ title ="title=" + au.type();
+ } else {
+ title="title=Sponsor is " + managedBy.fullName();
+ }
+ } else {
+ title="title=" + au.fullName();
+ }
+ } else {
+ userOK=false;
+ title="title=Not a User at " + org.getName();
+ }
+ }
+ prevUser=user;
+ userCell = new RefCell(prevUser,
+ TODO_ILM_INFO+user.substring(0, user.length()-DOMAIN_OF_USER.length()),
+ true,
+ title);
+ } else {
+ userCell = new TextCell(prevUser);
+ }
+ AbsCell[] sa = new AbsCell[] {
+ userCell,
+ new TextCell(appr.getMemo()),
+ userOK?new RadioCell("line."+ line,"approve", "approved|"+appr.getTicket()):new TextCell(""),
+ new RadioCell("line."+ line,"deny", "denied|"+appr.getTicket())
+ };
+ rv.add(sa);
+ } else {
+ ++numLeft;
+ }
+ }
+ }
+ if(numLeft>0) {
+ msg = "After these, there will be " + numLeft + " approvals left to process";
+ }
+ if(rv.isEmpty()) {
+ if (numLeft>0) {
+ msg = "No Approvals to process at this time for user " + userParam +". You have "
+ + numLeft + " other approvals to process.";
+ } else {
+ msg = "No Approvals to process at this time";
+ }
+ }
+ } catch (Exception e) {
+ trans.error().log(e);
+ } finally {
+ tt.done();
+ }
+ return new Cells(rv,msg);
+ }
+ }
}
diff --git a/auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/pages/CMArtiChangeAction.java b/auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/pages/CMArtiChangeAction.java
index 1bf0ed76..8088a700 100644
--- a/auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/pages/CMArtiChangeAction.java
+++ b/auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/pages/CMArtiChangeAction.java
@@ -50,170 +50,170 @@ import certman.v1_0.Artifacts;
import certman.v1_0.Artifacts.Artifact;
public class CMArtiChangeAction extends Page {
- public CMArtiChangeAction(final AAF_GUI gui, final Page ... breadcrumbs) throws APIException, IOException {
- super(gui.env,CMArtiChangeForm.NAME,CMArtiChangeForm.HREF, CMArtiChangeForm.fields,
- new BreadCrumbs(breadcrumbs),
- new NamedCode(true,"content") {
- final Slot sID = gui.env.slot(CMArtiChangeForm.NAME+'.'+CMArtiChangeForm.fields[0]);
- final Slot sMachine = gui.env.slot(CMArtiChangeForm.NAME+'.'+CMArtiChangeForm.fields[1]);
- final Slot sNS = gui.env.slot(CMArtiChangeForm.NAME+'.'+CMArtiChangeForm.fields[2]);
- final Slot sDirectory = gui.env.slot(CMArtiChangeForm.NAME+'.'+CMArtiChangeForm.fields[3]);
- final Slot sCA = gui.env.slot(CMArtiChangeForm.NAME+'.'+CMArtiChangeForm.fields[4]);
- final Slot sOSUser = gui.env.slot(CMArtiChangeForm.NAME+'.'+CMArtiChangeForm.fields[5]);
- final Slot sRenewal = gui.env.slot(CMArtiChangeForm.NAME+'.'+CMArtiChangeForm.fields[6]);
- final Slot sNotify = gui.env.slot(CMArtiChangeForm.NAME+'.'+CMArtiChangeForm.fields[7]);
- final Slot sCmd = gui.env.slot(CMArtiChangeForm.NAME+'.'+CMArtiChangeForm.fields[8]);
- final Slot sOther = gui.env.slot(CMArtiChangeForm.NAME+'.'+CMArtiChangeForm.fields[9]);
- final Slot sType = gui.env.slot(CMArtiChangeForm.NAME+'.'+CMArtiChangeForm.fields[10]);
- final Slot sSans = gui.env.slot(CMArtiChangeForm.NAME+'.'+CMArtiChangeForm.fields[11]);
-
- @Override
- public void code(final Cache<HTMLGen> cache, final HTMLGen hgen) throws APIException, IOException {
- cache.dynamic(hgen, new DynamicCode<HTMLGen,AAF_GUI, AuthzTrans>() {
- @Override
- public void code(final AAF_GUI gui, final AuthzTrans trans,final Cache<HTMLGen> cache, final HTMLGen hgen) throws APIException, IOException {
+ public CMArtiChangeAction(final AAF_GUI gui, final Page ... breadcrumbs) throws APIException, IOException {
+ super(gui.env,CMArtiChangeForm.NAME,CMArtiChangeForm.HREF, CMArtiChangeForm.fields,
+ new BreadCrumbs(breadcrumbs),
+ new NamedCode(true,"content") {
+ final Slot sID = gui.env.slot(CMArtiChangeForm.NAME+'.'+CMArtiChangeForm.fields[0]);
+ final Slot sMachine = gui.env.slot(CMArtiChangeForm.NAME+'.'+CMArtiChangeForm.fields[1]);
+ final Slot sNS = gui.env.slot(CMArtiChangeForm.NAME+'.'+CMArtiChangeForm.fields[2]);
+ final Slot sDirectory = gui.env.slot(CMArtiChangeForm.NAME+'.'+CMArtiChangeForm.fields[3]);
+ final Slot sCA = gui.env.slot(CMArtiChangeForm.NAME+'.'+CMArtiChangeForm.fields[4]);
+ final Slot sOSUser = gui.env.slot(CMArtiChangeForm.NAME+'.'+CMArtiChangeForm.fields[5]);
+ final Slot sRenewal = gui.env.slot(CMArtiChangeForm.NAME+'.'+CMArtiChangeForm.fields[6]);
+ final Slot sNotify = gui.env.slot(CMArtiChangeForm.NAME+'.'+CMArtiChangeForm.fields[7]);
+ final Slot sCmd = gui.env.slot(CMArtiChangeForm.NAME+'.'+CMArtiChangeForm.fields[8]);
+ final Slot sOther = gui.env.slot(CMArtiChangeForm.NAME+'.'+CMArtiChangeForm.fields[9]);
+ final Slot sType = gui.env.slot(CMArtiChangeForm.NAME+'.'+CMArtiChangeForm.fields[10]);
+ final Slot sSans = gui.env.slot(CMArtiChangeForm.NAME+'.'+CMArtiChangeForm.fields[11]);
+
+ @Override
+ public void code(final Cache<HTMLGen> cache, final HTMLGen hgen) throws APIException, IOException {
+ cache.dynamic(hgen, new DynamicCode<HTMLGen,AAF_GUI, AuthzTrans>() {
+ @Override
+ public void code(final AAF_GUI gui, final AuthzTrans trans,final Cache<HTMLGen> cache, final HTMLGen hgen) throws APIException, IOException {
trans.info().log("Step 1");
- final Artifact arti = new Artifact();
- final String machine = trans.get(sMachine,null);
- final String ca = trans.get(sCA, null);
- final String sans = ((String)trans.get(sSans,null));
- if(sans!=null) {
- for(String s: Split.splitTrim(',', sans)) {
- arti.getSans().add(s);
- }
- }
- // Disallow IP entries, except by special Permission
- if(!trans.fish(getPerm(ca,"ip"))) {
- boolean ok=true;
- if(IPValidator.ip(machine)) {
- ok=false;
- }
- if(ok) {
- for(String s: arti.getSans()) {
- if(IPValidator.ip(s)) {
- ok=false;
- break;
- }
- }
- }
- if(!ok) {
- hgen.p("Policy Failure: IPs in certificates are only allowed by Exception.");
- return;
- }
- }
-
- // Disallow Domain based Definitions without exception
- if(machine.startsWith("*")) { // Domain set
- if(!trans.fish(getPerm(ca, "domain"))) {
- hgen.p("Policy Failure: Domain Artifact Declarations are only allowed by Exception.");
- return;
- }
- }
-
- arti.setMechid((String)trans.get(sID,null));
- arti.setMachine(machine);
- arti.setNs((String)trans.get(sNS,null));
- arti.setDir((String)trans.get(sDirectory,null));
- arti.setCa(ca);
- arti.setOsUser((String)trans.get(sOSUser, null));
- arti.setRenewDays(Integer.parseInt((String)trans.get(sRenewal, null)));
- arti.setNotification((String)trans.get(sNotify, null));
- String[] checkbox = trans.get(sType,null);
- for(int i=0;i<CMArtiChangeForm.types.length;++i) {
- if("on".equals(checkbox[i])) {
- arti.getType().add(CMArtiChangeForm.types[i]);
- }
- }
+ final Artifact arti = new Artifact();
+ final String machine = trans.get(sMachine,null);
+ final String ca = trans.get(sCA, null);
+ final String sans = ((String)trans.get(sSans,null));
+ if(sans!=null) {
+ for(String s: Split.splitTrim(',', sans)) {
+ arti.getSans().add(s);
+ }
+ }
+ // Disallow IP entries, except by special Permission
+ if(!trans.fish(getPerm(ca,"ip"))) {
+ boolean ok=true;
+ if(IPValidator.ip(machine)) {
+ ok=false;
+ }
+ if(ok) {
+ for(String s: arti.getSans()) {
+ if(IPValidator.ip(s)) {
+ ok=false;
+ break;
+ }
+ }
+ }
+ if(!ok) {
+ hgen.p("Policy Failure: IPs in certificates are only allowed by Exception.");
+ return;
+ }
+ }
+
+ // Disallow Domain based Definitions without exception
+ if(machine.startsWith("*")) { // Domain set
+ if(!trans.fish(getPerm(ca, "domain"))) {
+ hgen.p("Policy Failure: Domain Artifact Declarations are only allowed by Exception.");
+ return;
+ }
+ }
+
+ arti.setMechid((String)trans.get(sID,null));
+ arti.setMachine(machine);
+ arti.setNs((String)trans.get(sNS,null));
+ arti.setDir((String)trans.get(sDirectory,null));
+ arti.setCa(ca);
+ arti.setOsUser((String)trans.get(sOSUser, null));
+ arti.setRenewDays(Integer.parseInt((String)trans.get(sRenewal, null)));
+ arti.setNotification((String)trans.get(sNotify, null));
+ String[] checkbox = trans.get(sType,null);
+ for(int i=0;i<CMArtiChangeForm.types.length;++i) {
+ if("on".equals(checkbox[i])) {
+ arti.getType().add(CMArtiChangeForm.types[i]);
+ }
+ }
- // Run Validations
- if (arti.getMechid()==null || arti.getMechid().indexOf('@')<=0) {
- hgen.p("Data Entry Failure: Please enter a valid ID, including domain.");
- // VALIDATE OTHERS?
- } else { // everything else is checked by Server
-
- try {
- final Artifacts artifacts = new Artifacts();
- artifacts.getArtifact().add(arti);
- final Holder<Boolean> ok = new Holder<Boolean>(false);
- final Holder<Boolean> deleted = new Holder<Boolean>(false);
- Future<?> f = gui.cmClientAsUser(trans.getUserPrincipal(), new Retryable<Future<?>>() {
- @Override
- public Future<?> code(Rcli<?> client)throws CadiException, ConnectException, APIException {
- Future<?> rv = null;
- switch((String)trans.get(sCmd, "")) {
- case CMArtiChangeForm.CREATE:
- Future<Artifacts> fc;
- rv = fc = client.create("/cert/artifacts", gui.artifactsDF, artifacts);
- if(fc.get(AAFcli.timeout())) {
- hgen.p("Created Artifact " + arti.getMechid() + " on " + arti.getMachine());
- ok.set(true);
- }
- break;
- case CMArtiChangeForm.UPDATE:
- Future<Artifacts> fu = client.update("/cert/artifacts", gui.artifactsDF, artifacts);
- if((rv=fu).get(AAFcli.timeout())) {
- hgen.p("Artifact " + arti.getMechid() + " on " + arti.getMachine() + " is updated");
- ok.set(true);
- }
- break;
- case CMArtiChangeForm.COPY:
- Future<Artifacts> future = client.read("/cert/artifacts/"+arti.getMechid()+'/'+arti.getMachine(), gui.artifactsDF);
- rv = future;
- if(future.get(AAFcli.timeout())) {
- for(Artifact a : future.value.getArtifact()) { // only one, because these two are key
- for(String newMachine :Split.split(',', trans.get(sOther, ""))) {
- a.setMachine(newMachine);
- Future<Artifacts> fup = client.update("/cert/artifacts", gui.artifactsDF, future.value);
- if(fup.get(AAFcli.timeout())) {
- hgen.p("Copied to " + newMachine);
- ok.set(true);
- }
- }
- }
- }
- break;
- case CMArtiChangeForm.DELETE:
- Future<Void> fv;
- rv = fv = client.delete("/cert/artifacts/"+arti.getMechid()+"/"+arti.getMachine(),"application/json");
- if(fv.get(AAFcli.timeout())) {
- hgen.p("Deleted " + arti.getMechid() + " on " + arti.getMachine());
- ok.set(true);
- deleted.set(true);
- }
- break;
- }
- return rv;
- }
- });
- if(!ok.get()) {
- if(f==null) {
- hgen.p("Unknown Command");
- } else {
- if(f.body().contains("%")) {
- Error err = gui.getDF(Error.class).newData().in(TYPE.JSON).load(f.body()).asObject();
- hgen.p(Vars.convert(err.getText(),err.getVariables()));
- } else {
- hgen.p(arti.getMechid() + " on " + arti.getMachine() + ": " + f.body());
- }
- }
- }
- hgen.br().leaf(HTMLGen.A,"class=greenbutton","href="+(deleted.get()?CMArtifactShow.HREF:CMArtiChangeForm.HREF)+
- "?id="+arti.getMechid()+
- "&amp;machine="+arti.getMachine() +
- "&amp;ns="+arti.getNs())
- .text("Back")
- .end();
+ // Run Validations
+ if (arti.getMechid()==null || arti.getMechid().indexOf('@')<=0) {
+ hgen.p("Data Entry Failure: Please enter a valid ID, including domain.");
+ // VALIDATE OTHERS?
+ } else { // everything else is checked by Server
+
+ try {
+ final Artifacts artifacts = new Artifacts();
+ artifacts.getArtifact().add(arti);
+ final Holder<Boolean> ok = new Holder<Boolean>(false);
+ final Holder<Boolean> deleted = new Holder<Boolean>(false);
+ Future<?> f = gui.cmClientAsUser(trans.getUserPrincipal(), new Retryable<Future<?>>() {
+ @Override
+ public Future<?> code(Rcli<?> client)throws CadiException, ConnectException, APIException {
+ Future<?> rv = null;
+ switch((String)trans.get(sCmd, "")) {
+ case CMArtiChangeForm.CREATE:
+ Future<Artifacts> fc;
+ rv = fc = client.create("/cert/artifacts", gui.artifactsDF, artifacts);
+ if(fc.get(AAFcli.timeout())) {
+ hgen.p("Created Artifact " + arti.getMechid() + " on " + arti.getMachine());
+ ok.set(true);
+ }
+ break;
+ case CMArtiChangeForm.UPDATE:
+ Future<Artifacts> fu = client.update("/cert/artifacts", gui.artifactsDF, artifacts);
+ if((rv=fu).get(AAFcli.timeout())) {
+ hgen.p("Artifact " + arti.getMechid() + " on " + arti.getMachine() + " is updated");
+ ok.set(true);
+ }
+ break;
+ case CMArtiChangeForm.COPY:
+ Future<Artifacts> future = client.read("/cert/artifacts/"+arti.getMechid()+'/'+arti.getMachine(), gui.artifactsDF);
+ rv = future;
+ if(future.get(AAFcli.timeout())) {
+ for(Artifact a : future.value.getArtifact()) { // only one, because these two are key
+ for(String newMachine :Split.split(',', trans.get(sOther, ""))) {
+ a.setMachine(newMachine);
+ Future<Artifacts> fup = client.update("/cert/artifacts", gui.artifactsDF, future.value);
+ if(fup.get(AAFcli.timeout())) {
+ hgen.p("Copied to " + newMachine);
+ ok.set(true);
+ }
+ }
+ }
+ }
+ break;
+ case CMArtiChangeForm.DELETE:
+ Future<Void> fv;
+ rv = fv = client.delete("/cert/artifacts/"+arti.getMechid()+"/"+arti.getMachine(),"application/json");
+ if(fv.get(AAFcli.timeout())) {
+ hgen.p("Deleted " + arti.getMechid() + " on " + arti.getMachine());
+ ok.set(true);
+ deleted.set(true);
+ }
+ break;
+ }
+ return rv;
+ }
+ });
+ if(!ok.get()) {
+ if(f==null) {
+ hgen.p("Unknown Command");
+ } else {
+ if(f.body().contains("%")) {
+ Error err = gui.getDF(Error.class).newData().in(TYPE.JSON).load(f.body()).asObject();
+ hgen.p(Vars.convert(err.getText(),err.getVariables()));
+ } else {
+ hgen.p(arti.getMechid() + " on " + arti.getMachine() + ": " + f.body());
+ }
+ }
+ }
+ hgen.br().leaf(HTMLGen.A,"class=greenbutton","href="+(deleted.get()?CMArtifactShow.HREF:CMArtiChangeForm.HREF)+
+ "?id="+arti.getMechid()+
+ "&amp;machine="+arti.getMachine() +
+ "&amp;ns="+arti.getNs())
+ .text("Back")
+ .end();
- } catch (Exception e) {
- hgen.p("Unknown Error");
- e.printStackTrace();
- }
-
- }
- hgen.br();
- }
- });
- }
- });
- }
+ } catch (Exception e) {
+ hgen.p("Unknown Error");
+ e.printStackTrace();
+ }
+
+ }
+ hgen.br();
+ }
+ });
+ }
+ });
+ }
}
diff --git a/auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/pages/CMArtiChangeForm.java b/auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/pages/CMArtiChangeForm.java
index a96b08b9..0268f498 100644
--- a/auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/pages/CMArtiChangeForm.java
+++ b/auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/pages/CMArtiChangeForm.java
@@ -53,194 +53,194 @@ import certman.v1_0.Artifacts;
import certman.v1_0.Artifacts.Artifact;
public class CMArtiChangeForm extends Page {
- private static final String COPY_ARTIFACT = "copyArtifact";
- private static final String DELETE_ARTIFACT = "deleteArtifact";
-
- // Package on purpose
- static final String HREF = "/gui/artichange";
- static final String NAME = "ArtifactChange";
- static final String fields[] = {"id","machine","ns","directory","ca","osuser","renewal","notify","cmd","others","types[]","sans"};
-
- static final String types[] = {"pkcs12","jks","file","script"};
- static final String UPDATE = "Update";
- static final String CREATE = "Create";
- static final String COPY = "Copy";
- static final String DELETE = "Delete";
-
- public CMArtiChangeForm(final AAF_GUI gui, final Page ... breadcrumbs) throws APIException, IOException {
- super(gui.env,NAME,HREF, fields,
- new BreadCrumbs(breadcrumbs),
- new NamedCode(true,"content") {
- private final Slot sID = gui.env.slot(CMArtiChangeForm.NAME+'.'+CMArtiChangeForm.fields[0]);
- private final Slot sMach = gui.env.slot(CMArtiChangeForm.NAME+'.'+CMArtiChangeForm.fields[1]);
- private final Slot sNS = gui.env.slot(CMArtiChangeForm.NAME+'.'+CMArtiChangeForm.fields[2]);
-
- @Override
- public void code(final Cache<HTMLGen> cache, final HTMLGen hgen) throws APIException, IOException {
- Mark js = new Mark();
- Mark fn = new Mark();
- hgen.js(js).function(fn,COPY_ARTIFACT)
- .text("f=document.getElementById('"+fields[9]+"')")
- .text("s=document.getElementById('theButton')")
- .text("cmd=document.getElementById('"+fields[8]+"')")
- .text("ins=document.getElementById('instruct')")
- .text("c=document.getElementById('cbcopy')")
- .text("trd=document.getElementById('trdelete')")
- .li("if (c.checked==true) {" ,
- "f.style.display=ins.style.display='block'",
- "trd.style.display='none'",
- "s.orig=s.value;",
- "s.value='Copy'",
- "cmd.setAttribute('value',s.value)",
- "} else {",
- "f.style.display=ins.style.display='none';",
- "trd.style.display='block'",
- "s.value=s.orig",
- "cmd.setAttribute('value',s.orig)",
- "}"
- )
- .end(fn)
- .function(fn, DELETE_ARTIFACT)
- .text("d=document.getElementById('cbdelete')")
- .text("trc=document.getElementById('trcopy')")
- .text("s=document.getElementById('theButton')")
- .text("cmd=document.getElementById('"+fields[8]+"')")
- .li("if (d.checked==true) {",
- "s.orig=s.value;",
- "s.value='Delete';",
- "trc.style.display='none';",
- "cmd.setAttribute('value',s.value);",
- "} else {",
- "s.value=s.orig;",
- "trc.style.display='block';",
- "cmd.setAttribute('value',s.orig);",
- "}"
- )
- .end(js);
+ private static final String COPY_ARTIFACT = "copyArtifact";
+ private static final String DELETE_ARTIFACT = "deleteArtifact";
+
+ // Package on purpose
+ static final String HREF = "/gui/artichange";
+ static final String NAME = "ArtifactChange";
+ static final String fields[] = {"id","machine","ns","directory","ca","osuser","renewal","notify","cmd","others","types[]","sans"};
+
+ static final String types[] = {"pkcs12","jks","file","script"};
+ static final String UPDATE = "Update";
+ static final String CREATE = "Create";
+ static final String COPY = "Copy";
+ static final String DELETE = "Delete";
+
+ public CMArtiChangeForm(final AAF_GUI gui, final Page ... breadcrumbs) throws APIException, IOException {
+ super(gui.env,NAME,HREF, fields,
+ new BreadCrumbs(breadcrumbs),
+ new NamedCode(true,"content") {
+ private final Slot sID = gui.env.slot(CMArtiChangeForm.NAME+'.'+CMArtiChangeForm.fields[0]);
+ private final Slot sMach = gui.env.slot(CMArtiChangeForm.NAME+'.'+CMArtiChangeForm.fields[1]);
+ private final Slot sNS = gui.env.slot(CMArtiChangeForm.NAME+'.'+CMArtiChangeForm.fields[2]);
+
+ @Override
+ public void code(final Cache<HTMLGen> cache, final HTMLGen hgen) throws APIException, IOException {
+ Mark js = new Mark();
+ Mark fn = new Mark();
+ hgen.js(js).function(fn,COPY_ARTIFACT)
+ .text("f=document.getElementById('"+fields[9]+"')")
+ .text("s=document.getElementById('theButton')")
+ .text("cmd=document.getElementById('"+fields[8]+"')")
+ .text("ins=document.getElementById('instruct')")
+ .text("c=document.getElementById('cbcopy')")
+ .text("trd=document.getElementById('trdelete')")
+ .li("if (c.checked==true) {" ,
+ "f.style.display=ins.style.display='block'",
+ "trd.style.display='none'",
+ "s.orig=s.value;",
+ "s.value='Copy'",
+ "cmd.setAttribute('value',s.value)",
+ "} else {",
+ "f.style.display=ins.style.display='none';",
+ "trd.style.display='block'",
+ "s.value=s.orig",
+ "cmd.setAttribute('value',s.orig)",
+ "}"
+ )
+ .end(fn)
+ .function(fn, DELETE_ARTIFACT)
+ .text("d=document.getElementById('cbdelete')")
+ .text("trc=document.getElementById('trcopy')")
+ .text("s=document.getElementById('theButton')")
+ .text("cmd=document.getElementById('"+fields[8]+"')")
+ .li("if (d.checked==true) {",
+ "s.orig=s.value;",
+ "s.value='Delete';",
+ "trc.style.display='none';",
+ "cmd.setAttribute('value',s.value);",
+ "} else {",
+ "s.value=s.orig;",
+ "trc.style.display='block';",
+ "cmd.setAttribute('value',s.orig);",
+ "}"
+ )
+ .end(js);
- hgen.leaf(HTMLGen.TITLE).text("Certificate Artifact Form").end();
- Mark form = new Mark();
- hgen.incr(form, "form","action="+HREF,"method=post");
-
- cache.dynamic(hgen, new DynamicCode<HTMLGen, AAF_GUI, AuthzTrans>() {
- @Override
- public void code(final AAF_GUI gui, final AuthzTrans trans, final Cache<HTMLGen> cache, final HTMLGen hgen) throws APIException, IOException {
+ hgen.leaf(HTMLGen.TITLE).text("Certificate Artifact Form").end();
+ Mark form = new Mark();
+ hgen.incr(form, "form","action="+HREF,"method=post");
+
+ cache.dynamic(hgen, new DynamicCode<HTMLGen, AAF_GUI, AuthzTrans>() {
+ @Override
+ public void code(final AAF_GUI gui, final AuthzTrans trans, final Cache<HTMLGen> cache, final HTMLGen hgen) throws APIException, IOException {
- final String incomingMach = trans.get(sMach,"");
- String incomingNS = trans.get(sNS,"");
- String id= trans.get(sID, "");
- final String incomingID = id.indexOf('@')>=0?id:id+'@'+FQI.reverseDomain(incomingNS);
+ final String incomingMach = trans.get(sMach,"");
+ String incomingNS = trans.get(sNS,"");
+ String id= trans.get(sID, "");
+ final String incomingID = id.indexOf('@')>=0?id:id+'@'+FQI.reverseDomain(incomingNS);
- String submitText=UPDATE;
- boolean delete=true;
- try {
- Artifact arti =gui.cmClientAsUser(trans.getUserPrincipal(), new Retryable<Artifact>() {
- @Override
- public Artifact code(Rcli<?> client) throws CadiException, ConnectException, APIException {
- Future<Artifacts> fa = client.read("/cert/artifacts/"+incomingID+'/'+incomingMach, gui.artifactsDF);
- if(fa.get(AAFcli.timeout())) {
- for(Artifact arti : fa.value.getArtifact()) {
- return arti; // just need the first one
- }
- }
- return null;
- }
- });
- if(arti==null) {
- Organization org = OrganizationFactory.get(trans);
- Identity user = org.getIdentity(trans, incomingID);
- if(user==null) {
- hgen.p("The mechID you typed, \"" + incomingID + "\", is not a valid " + org.getName() + " ID");
- return;
- }
- arti = new Artifact();
- arti.setMechid(incomingID);
- Identity managedBy = user.responsibleTo();
- if(managedBy == null) {
- arti.setSponsor("Unknown Sponsor");
- } else {
- arti.setSponsor(managedBy.fullID());
- }
- arti.setMachine(incomingMach);
- arti.setNs(incomingNS);
- arti.setDir("");
- arti.setCa("aaf");
- arti.setOsUser("");
- arti.setRenewDays(30);
- arti.setNotification("mailto:"+user.email());
- arti.getType().add(types[0]);
- arti.getType().add(types[3]);
- submitText = CREATE;
- delete = false;
- } else {
- if(arti.getNotification()==null) {
- Organization org = OrganizationFactory.get(trans);
- Identity user = org.getIdentity(trans, incomingID);
- arti.setNotification("mailto:"+user.email());
- }
- }
- Mark table = new Mark(TABLE);
- hgen.incr(table)
- .input(fields[0],"AppID*",true,"value="+arti.getMechid())
- .input("sponsor", "Sponsor",false,"value="+arti.getSponsor(),"readonly","style=border:none;background-color:white;")
- .input(fields[1],"FQDN*",true,"value="+arti.getMachine(),"style=width:130%;");
-// if(maySans) {
- hgen.incr(HTMLGen.TR).incr(HTMLGen.TD).end()
- .incr(HTMLGen.TD,"class=subtext").text("Use Fully Qualified Domain Names (that will be in DNS), ");
- if(!trans.fish(getPerm(arti.getCa(),"ip"))) {
- hgen.text("NO ");
- }
- StringBuilder sb = null;
- for(String s: arti.getSans()) {
- if(sb==null) {
- sb = new StringBuilder();
- } else {
- sb.append(", ");
- }
- sb.append(s);
- }
-
- hgen.text("IPs allowed, separated by commas.").end()
- .input(fields[11], "SANs", false, "value="+(sb==null?"":sb.toString()),"style=width:130%;");
-// }
- hgen.input(fields[2],"Namespace",true,"value="+arti.getNs(),"style=width:130%;")
- .input(fields[3],"Directory", true, "value="+arti.getDir(),"style=width:130%;")
- .input(fields[4],"Certificate Authority",true,"value="+arti.getCa(),"style=width:130%;")
- .input(fields[5],"O/S User",true,"value="+arti.getOsUser())
- .input(fields[6],"Renewal Days before Expiration", true, "value="+arti.getRenewDays(),"style=width:20%;")
- .input(fields[7],"Notification",true,"value="+arti.getNotification())
- .incr(HTMLGen.TR)
- .incr(HTMLGen.TD).leaf("label","for=types","required").text("Artifact Types").end(2)
- .incr(HTMLGen.TD);
- for(int i=0;i<types.length;++i) {
- hgen.leaf("input","type=checkbox","name=types."+i,arti.getType().contains(types[i])?"checked":"").text(types[i]).end().br();
- }
-
- Mark tr = new Mark();
- hgen.incr(tr,HTMLGen.TR).incr(HTMLGen.TD,"id=trcopy")
- .leaf("input","id=cbcopy","type=checkbox","onclick="+COPY_ARTIFACT+"()").text("Copy Artifact").end(2)
- .incr(HTMLGen.TD,"id=tdcopy","style:display:none;")
- .incr("label","id=instruct","style=font-style:italic;font-size:80%;display:none;")
- .text("Add full machine names, separated by commas.").end()
- .tagOnly("input","id="+fields[9],"name="+fields[9],"style=display:none;width:150%;").end(2)
- .end(tr);
- hgen.incr(tr,HTMLGen.TR,"id=trdelete").incr(HTMLGen.TD,"id=tddelete")
- .leaf("input","id=cbdelete","type=checkbox","onclick="+DELETE_ARTIFACT+"()",delete?"style:display:none;":"").text("Delete Artifact").end(2)
- .end(tr);
- hgen.end(table);
-
- hgen.tagOnly("input","id="+fields[8],"name="+fields[8],"value="+submitText,"style=display:none;");
- hgen.tagOnly("input","id=theButton","type=submit", "orig="+submitText,"value="+submitText);
-
- } catch(CadiException | LocatorException | OrganizationException e) {
- throw new APIException(e);
- }
- }
+ String submitText=UPDATE;
+ boolean delete=true;
+ try {
+ Artifact arti =gui.cmClientAsUser(trans.getUserPrincipal(), new Retryable<Artifact>() {
+ @Override
+ public Artifact code(Rcli<?> client) throws CadiException, ConnectException, APIException {
+ Future<Artifacts> fa = client.read("/cert/artifacts/"+incomingID+'/'+incomingMach, gui.artifactsDF);
+ if(fa.get(AAFcli.timeout())) {
+ for(Artifact arti : fa.value.getArtifact()) {
+ return arti; // just need the first one
+ }
+ }
+ return null;
+ }
+ });
+ if(arti==null) {
+ Organization org = OrganizationFactory.get(trans);
+ Identity user = org.getIdentity(trans, incomingID);
+ if(user==null) {
+ hgen.p("The mechID you typed, \"" + incomingID + "\", is not a valid " + org.getName() + " ID");
+ return;
+ }
+ arti = new Artifact();
+ arti.setMechid(incomingID);
+ Identity managedBy = user.responsibleTo();
+ if(managedBy == null) {
+ arti.setSponsor("Unknown Sponsor");
+ } else {
+ arti.setSponsor(managedBy.fullID());
+ }
+ arti.setMachine(incomingMach);
+ arti.setNs(incomingNS);
+ arti.setDir("");
+ arti.setCa("aaf");
+ arti.setOsUser("");
+ arti.setRenewDays(30);
+ arti.setNotification("mailto:"+user.email());
+ arti.getType().add(types[0]);
+ arti.getType().add(types[3]);
+ submitText = CREATE;
+ delete = false;
+ } else {
+ if(arti.getNotification()==null) {
+ Organization org = OrganizationFactory.get(trans);
+ Identity user = org.getIdentity(trans, incomingID);
+ arti.setNotification("mailto:"+user.email());
+ }
+ }
+ Mark table = new Mark(TABLE);
+ hgen.incr(table)
+ .input(fields[0],"AppID*",true,"value="+arti.getMechid())
+ .input("sponsor", "Sponsor",false,"value="+arti.getSponsor(),"readonly","style=border:none;background-color:white;")
+ .input(fields[1],"FQDN*",true,"value="+arti.getMachine(),"style=width:130%;");
+// if(maySans) {
+ hgen.incr(HTMLGen.TR).incr(HTMLGen.TD).end()
+ .incr(HTMLGen.TD,"class=subtext").text("Use Fully Qualified Domain Names (that will be in DNS), ");
+ if(!trans.fish(getPerm(arti.getCa(),"ip"))) {
+ hgen.text("NO ");
+ }
+ StringBuilder sb = null;
+ for(String s: arti.getSans()) {
+ if(sb==null) {
+ sb = new StringBuilder();
+ } else {
+ sb.append(", ");
+ }
+ sb.append(s);
+ }
+
+ hgen.text("IPs allowed, separated by commas.").end()
+ .input(fields[11], "SANs", false, "value="+(sb==null?"":sb.toString()),"style=width:130%;");
+// }
+ hgen.input(fields[2],"Namespace",true,"value="+arti.getNs(),"style=width:130%;")
+ .input(fields[3],"Directory", true, "value="+arti.getDir(),"style=width:130%;")
+ .input(fields[4],"Certificate Authority",true,"value="+arti.getCa(),"style=width:130%;")
+ .input(fields[5],"O/S User",true,"value="+arti.getOsUser())
+ .input(fields[6],"Renewal Days before Expiration", true, "value="+arti.getRenewDays(),"style=width:20%;")
+ .input(fields[7],"Notification",true,"value="+arti.getNotification())
+ .incr(HTMLGen.TR)
+ .incr(HTMLGen.TD).leaf("label","for=types","required").text("Artifact Types").end(2)
+ .incr(HTMLGen.TD);
+ for(int i=0;i<types.length;++i) {
+ hgen.leaf("input","type=checkbox","name=types."+i,arti.getType().contains(types[i])?"checked":"").text(types[i]).end().br();
+ }
+
+ Mark tr = new Mark();
+ hgen.incr(tr,HTMLGen.TR).incr(HTMLGen.TD,"id=trcopy")
+ .leaf("input","id=cbcopy","type=checkbox","onclick="+COPY_ARTIFACT+"()").text("Copy Artifact").end(2)
+ .incr(HTMLGen.TD,"id=tdcopy","style:display:none;")
+ .incr("label","id=instruct","style=font-style:italic;font-size:80%;display:none;")
+ .text("Add full machine names, separated by commas.").end()
+ .tagOnly("input","id="+fields[9],"name="+fields[9],"style=display:none;width:150%;").end(2)
+ .end(tr);
+ hgen.incr(tr,HTMLGen.TR,"id=trdelete").incr(HTMLGen.TD,"id=tddelete")
+ .leaf("input","id=cbdelete","type=checkbox","onclick="+DELETE_ARTIFACT+"()",delete?"style:display:none;":"").text("Delete Artifact").end(2)
+ .end(tr);
+ hgen.end(table);
+
+ hgen.tagOnly("input","id="+fields[8],"name="+fields[8],"value="+submitText,"style=display:none;");
+ hgen.tagOnly("input","id=theButton","type=submit", "orig="+submitText,"value="+submitText);
+
+ } catch(CadiException | LocatorException | OrganizationException e) {
+ throw new APIException(e);
+ }
+ }
- });
- hgen.end(form);
- }
- });
-
- }
+ });
+ hgen.end(form);
+ }
+ });
+
+ }
}
diff --git a/auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/pages/CMArtifactShow.java b/auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/pages/CMArtifactShow.java
index 6d4e167a..0992ad3d 100644
--- a/auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/pages/CMArtifactShow.java
+++ b/auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/pages/CMArtifactShow.java
@@ -63,189 +63,189 @@ import certman.v1_0.Artifacts.Artifact;
import certman.v1_0.CertInfo;
public class CMArtifactShow extends Page {
-
- public static final String HREF = "/gui/cmarti";
- public static final String NAME = "ArtifactsShow";
- private static ArtiTable arti;
- public static SlotCode<AuthzTrans> slotCode;
- private enum Params{id,ns};
+
+ public static final String HREF = "/gui/cmarti";
+ public static final String NAME = "ArtifactsShow";
+ private static ArtiTable arti;
+ public static SlotCode<AuthzTrans> slotCode;
+ private enum Params{id,ns};
- public CMArtifactShow(final AAF_GUI gui, Page ... breadcrumbs) throws APIException, IOException {
- super(gui.env, NAME, HREF, Params.values() ,
- new BreadCrumbs(breadcrumbs),
- arti = new ArtiTable(gui.env)
- );
- // Setting so we can get access to HTMLGen clone and Slots
- arti.set(this,slotCode);
- }
-
- private static class ArtiTable extends Table<AAF_GUI, AuthzTrans> {
- private static Model model;
- private SlotCode<AuthzTrans> sc;
- enum Params {id,ns};
- public ArtiTable(AuthzEnv env) {
- super((String)null,env.newTransNoAvg(),model = new Model(),
- slotCode = new SlotCode<AuthzTrans>(false,env,NAME,Params.values()) {
- @Override
- public void code(final Cache<HTMLGen> cache, final HTMLGen hgen) throws APIException, IOException {
- cache.dynamic(hgen, new DynamicCode<HTMLGen,AAF_GUI,AuthzTrans>() {
- @Override
- public void code(AAF_GUI state, AuthzTrans trans, final Cache<HTMLGen> cache, final HTMLGen hgen) throws APIException, IOException {
- Mark js = new Mark();
- hgen.js(js).function("newArtifact")
- .text("machine=document.getElementById('machine');")
- .text("window.open('"
- +CMArtiChangeForm.HREF+
- "?id="+get(trans, Params.id,"")+
- "&ns="+get(trans, Params.ns,"")+
- "&machine='+machine.value,'_self');"
- ).end(js);
- hgen.leaf("input","id=machine","style=margin:1em 1em 1em 1em;width:30%").end();
- hgen.leaf(HTMLGen.A,"class=greenbutton","href=javascript:newArtifact()","style=color:white;").text("New FQDN").end();
- }
- });
- }
- },"class=std");
- }
-
+ public CMArtifactShow(final AAF_GUI gui, Page ... breadcrumbs) throws APIException, IOException {
+ super(gui.env, NAME, HREF, Params.values() ,
+ new BreadCrumbs(breadcrumbs),
+ arti = new ArtiTable(gui.env)
+ );
+ // Setting so we can get access to HTMLGen clone and Slots
+ arti.set(this,slotCode);
+ }
+
+ private static class ArtiTable extends Table<AAF_GUI, AuthzTrans> {
+ private static Model model;
+ private SlotCode<AuthzTrans> sc;
+ enum Params {id,ns};
+ public ArtiTable(AuthzEnv env) {
+ super((String)null,env.newTransNoAvg(),model = new Model(),
+ slotCode = new SlotCode<AuthzTrans>(false,env,NAME,Params.values()) {
+ @Override
+ public void code(final Cache<HTMLGen> cache, final HTMLGen hgen) throws APIException, IOException {
+ cache.dynamic(hgen, new DynamicCode<HTMLGen,AAF_GUI,AuthzTrans>() {
+ @Override
+ public void code(AAF_GUI state, AuthzTrans trans, final Cache<HTMLGen> cache, final HTMLGen hgen) throws APIException, IOException {
+ Mark js = new Mark();
+ hgen.js(js).function("newArtifact")
+ .text("machine=document.getElementById('machine');")
+ .text("window.open('"
+ +CMArtiChangeForm.HREF+
+ "?id="+get(trans, Params.id,"")+
+ "&ns="+get(trans, Params.ns,"")+
+ "&machine='+machine.value,'_self');"
+ ).end(js);
+ hgen.leaf("input","id=machine","style=margin:1em 1em 1em 1em;width:30%").end();
+ hgen.leaf(HTMLGen.A,"class=greenbutton","href=javascript:newArtifact()","style=color:white;").text("New FQDN").end();
+ }
+ });
+ }
+ },"class=std");
+ }
+
- public void set(CMArtifactShow cmArtifactShow, SlotCode<AuthzTrans> sc) {
- this.sc = sc;
- model.set(cmArtifactShow,sc);
- }
-
- @Override
- protected String title(AuthzTrans trans) {
- StringBuilder sb = new StringBuilder("X509 Certificates");
- if(sc!=null) { // initialized
- sb.append(" for ");
- String id = sc.get(trans,Params.id,"");
- sb.append(id);
- if(id.indexOf('@')<0) {
- sb.append('@');
- sb.append(FQI.reverseDomain(sc.get(trans, Params.ns,"missingDomain")));
- }
- }
- return sb.toString();
- }
- }
- /**
- * Implement the table content for Cred Detail
- *
- * @author Jeremiah
- *
- */
- private static class Model implements Table.Data<AAF_GUI,AuthzTrans> {
- private CMArtifactShow cas;
- private SlotCode<AuthzTrans> sc;
+ public void set(CMArtifactShow cmArtifactShow, SlotCode<AuthzTrans> sc) {
+ this.sc = sc;
+ model.set(cmArtifactShow,sc);
+ }
+
+ @Override
+ protected String title(AuthzTrans trans) {
+ StringBuilder sb = new StringBuilder("X509 Certificates");
+ if(sc!=null) { // initialized
+ sb.append(" for ");
+ String id = sc.get(trans,Params.id,"");
+ sb.append(id);
+ if(id.indexOf('@')<0) {
+ sb.append('@');
+ sb.append(FQI.reverseDomain(sc.get(trans, Params.ns,"missingDomain")));
+ }
+ }
+ return sb.toString();
+ }
+ }
+ /**
+ * Implement the table content for Cred Detail
+ *
+ * @author Jeremiah
+ *
+ */
+ private static class Model implements Table.Data<AAF_GUI,AuthzTrans> {
+ private CMArtifactShow cas;
+ private SlotCode<AuthzTrans> sc;
- // Covering for Constructor Order
- private void set(CMArtifactShow cas, SlotCode<AuthzTrans> sc) {
- this.cas = cas;
- this.sc = sc;
- }
+ // Covering for Constructor Order
+ private void set(CMArtifactShow cas, SlotCode<AuthzTrans> sc) {
+ this.cas = cas;
+ this.sc = sc;
+ }
- private static final String[] headers = new String[]{"FQDN","Directory","CA","Renews","Expires",""};
- @Override
- public String[] headers() {
- return headers;
- }
-
- @Override
- public Cells get(final AuthzTrans trans, final AAF_GUI gui) {
- String str = sc.get(trans,Params.id, null);
- if(str==null) {
- return Cells.EMPTY;
- }
- final String id = str.indexOf('@')>=0?str:str + '@' + FQI.reverseDomain(sc.get(trans,Params.ns, ""));
- final ArrayList<AbsCell[]> rv = new ArrayList<>();
- final TimeTaken tt = trans.start("AAF X509 Details",Env.REMOTE);
- try {
- gui.cmClientAsUser(trans.getUserPrincipal(),new Retryable<Void>() {
- @Override
- public Void code(Rcli<?> client) throws CadiException, ConnectException, APIException {
- Future<CertInfo> fuCI = client.read("/cert/id/"+id,gui.certInfoDF);
- Future<Artifacts> fuArt = client.read("/cert/artifacts?mechid="+id, gui.artifactsDF);
-
- X509Certificate[] lc;
- if(fuCI.get(AAFcli.timeout())) {
- TimeTaken tt1 = trans.start("x509Certificate", Env.SUB);
- try {
- Collection<? extends Certificate> xcs = Factory.toX509Certificate(fuCI.value.getCerts());
- lc = new X509Certificate[xcs.size()];
- xcs.toArray(lc);
- } catch (CertificateException e) {
- trans.error().log(e,"Bad Certificate entry");
- throw new CadiException(e);
- } finally {
- tt1.done();
- }
- } else {
- lc = null;
- trans.error().log("Cannot retrieve Certificates for " + id);
- }
- if(fuArt.get(AAFcli.timeout())) {
- for(Artifact arti : fuArt.value.getArtifact()) {
- StringWriter sw = new StringWriter();
- HTMLGen hgen = cas.clone(sw);
- Mark mark = new Mark();
- hgen.leaf(HTMLGen.A,"class=button",
- "href="+CMArtiChangeForm.HREF+"?id="+arti.getMechid() +"&machine="+arti.getMachine()+"&ns="+arti.getNs())
- .text("Details")
- .end(mark);
- Date last = null;
- if(lc!=null) {
- for(X509Certificate xc : lc) {
- if(xc.getSubjectDN().getName().contains("CN="+arti.getMachine())) {
- if(last==null || last.before(xc.getNotAfter())) {
- last = xc.getNotAfter();
- }
- }
- }
- }
- GregorianCalendar renew;
- if(last!=null) {
- renew = new GregorianCalendar();
- renew.setTime(last);
- renew.add(GregorianCalendar.DAY_OF_MONTH,arti.getRenewDays()*-1);
- } else {
- renew = null;
- }
+ private static final String[] headers = new String[]{"FQDN","Directory","CA","Renews","Expires",""};
+ @Override
+ public String[] headers() {
+ return headers;
+ }
+
+ @Override
+ public Cells get(final AuthzTrans trans, final AAF_GUI gui) {
+ String str = sc.get(trans,Params.id, null);
+ if(str==null) {
+ return Cells.EMPTY;
+ }
+ final String id = str.indexOf('@')>=0?str:str + '@' + FQI.reverseDomain(sc.get(trans,Params.ns, ""));
+ final ArrayList<AbsCell[]> rv = new ArrayList<>();
+ final TimeTaken tt = trans.start("AAF X509 Details",Env.REMOTE);
+ try {
+ gui.cmClientAsUser(trans.getUserPrincipal(),new Retryable<Void>() {
+ @Override
+ public Void code(Rcli<?> client) throws CadiException, ConnectException, APIException {
+ Future<CertInfo> fuCI = client.read("/cert/id/"+id,gui.certInfoDF);
+ Future<Artifacts> fuArt = client.read("/cert/artifacts?mechid="+id, gui.artifactsDF);
+
+ X509Certificate[] lc;
+ if(fuCI.get(AAFcli.timeout())) {
+ TimeTaken tt1 = trans.start("x509Certificate", Env.SUB);
+ try {
+ Collection<? extends Certificate> xcs = Factory.toX509Certificate(fuCI.value.getCerts());
+ lc = new X509Certificate[xcs.size()];
+ xcs.toArray(lc);
+ } catch (CertificateException e) {
+ trans.error().log(e,"Bad Certificate entry");
+ throw new CadiException(e);
+ } finally {
+ tt1.done();
+ }
+ } else {
+ lc = null;
+ trans.error().log("Cannot retrieve Certificates for " + id);
+ }
+ if(fuArt.get(AAFcli.timeout())) {
+ for(Artifact arti : fuArt.value.getArtifact()) {
+ StringWriter sw = new StringWriter();
+ HTMLGen hgen = cas.clone(sw);
+ Mark mark = new Mark();
+ hgen.leaf(HTMLGen.A,"class=button",
+ "href="+CMArtiChangeForm.HREF+"?id="+arti.getMechid() +"&machine="+arti.getMachine()+"&ns="+arti.getNs())
+ .text("Details")
+ .end(mark);
+ Date last = null;
+ if(lc!=null) {
+ for(X509Certificate xc : lc) {
+ if(xc.getSubjectDN().getName().contains("CN="+arti.getMachine())) {
+ if(last==null || last.before(xc.getNotAfter())) {
+ last = xc.getNotAfter();
+ }
+ }
+ }
+ }
+ GregorianCalendar renew;
+ if(last!=null) {
+ renew = new GregorianCalendar();
+ renew.setTime(last);
+ renew.add(GregorianCalendar.DAY_OF_MONTH,arti.getRenewDays()*-1);
+ } else {
+ renew = null;
+ }
- rv.add(new AbsCell[] {
- new TextCell(arti.getMachine(),"style=width:20%;"),
- new TextCell(arti.getDir(),"style=width:25%;"),
- new TextCell(arti.getCa(),"style=width:2%;text-align:center;"),
- new TextCell(renew==null?
- arti.getRenewDays().toString() + " days before Exp":
- Chrono.dateOnlyStamp(renew),"style=width:6%;text-align:center;"),
- new TextCell(last==null?"None Deployed":Chrono.dateOnlyStamp(last),"style=width:5%;text-align:center;"),
- new TextCell(sw.toString(),"style=width:10%;text-align:center;")
- });
- }
- } else {
- rv.add(new AbsCell[] {new TextCell("*** Data Unavailable ***")});
- }
- return null;
- }
- });
- } catch (Exception e) {
- e.printStackTrace();
- } finally {
- tt.done();
- }
- return new Cells(rv,null);
- }
+ rv.add(new AbsCell[] {
+ new TextCell(arti.getMachine(),"style=width:20%;"),
+ new TextCell(arti.getDir(),"style=width:25%;"),
+ new TextCell(arti.getCa(),"style=width:2%;text-align:center;"),
+ new TextCell(renew==null?
+ arti.getRenewDays().toString() + " days before Exp":
+ Chrono.dateOnlyStamp(renew),"style=width:6%;text-align:center;"),
+ new TextCell(last==null?"None Deployed":Chrono.dateOnlyStamp(last),"style=width:5%;text-align:center;"),
+ new TextCell(sw.toString(),"style=width:10%;text-align:center;")
+ });
+ }
+ } else {
+ rv.add(new AbsCell[] {new TextCell("*** Data Unavailable ***")});
+ }
+ return null;
+ }
+ });
+ } catch (Exception e) {
+ e.printStackTrace();
+ } finally {
+ tt.done();
+ }
+ return new Cells(rv,null);
+ }
- @Override
- public void prefix(AAF_GUI state, AuthzTrans trans, final Cache<HTMLGen> cache, final HTMLGen hgen) {
- }
+ @Override
+ public void prefix(AAF_GUI state, AuthzTrans trans, final Cache<HTMLGen> cache, final HTMLGen hgen) {
+ }
- @Override
- public void postfix(AAF_GUI state, AuthzTrans trans, final Cache<HTMLGen> cache, final HTMLGen hgen) {
- }
+ @Override
+ public void postfix(AAF_GUI state, AuthzTrans trans, final Cache<HTMLGen> cache, final HTMLGen hgen) {
+ }
- }
-
+ }
+
}
diff --git a/auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/pages/CredDetail.java b/auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/pages/CredDetail.java
index 208c750e..7daee3dd 100644
--- a/auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/pages/CredDetail.java
+++ b/auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/pages/CredDetail.java
@@ -67,286 +67,286 @@ import certman.v1_0.Artifacts;
import certman.v1_0.Artifacts.Artifact;
public class CredDetail extends Page {
-
- public static final String HREF = "/gui/creddetail";
- public static final String NAME = "CredDetail";
- private static Model model;
- private static SlotCode<AuthzTrans> slotCode;
- enum Params {id,ns};
+
+ public static final String HREF = "/gui/creddetail";
+ public static final String NAME = "CredDetail";
+ private static Model model;
+ private static SlotCode<AuthzTrans> slotCode;
+ enum Params {id,ns};
- public CredDetail(final AAF_GUI gui, Page ... breadcrumbs) throws APIException, IOException {
- super(gui.env, NAME, HREF, Params.values(),
- new BreadCrumbs(breadcrumbs),
- new Table<AAF_GUI,AuthzTrans>("Cred Details",gui.env.newTransNoAvg(),model = new Model(),
- slotCode = new SlotCode<AuthzTrans>(false,gui.env,NAME,Params.values()) {
- @Override
- public void code(final Cache<HTMLGen> cache, final HTMLGen hgen) throws APIException, IOException {
- cache.dynamic(hgen, new DynamicCode<HTMLGen,AAF_GUI,AuthzTrans>() {
- @Override
- public void code(AAF_GUI state, AuthzTrans trans, final Cache<HTMLGen> cache, final HTMLGen hgen) throws APIException, IOException {
- String ns = get(trans, Params.ns,"");
- String domain = FQI.reverseDomain(ns);
- Mark js = new Mark(), fn=new Mark();
- hgen.js(js).function(fn,"newArtifact")
- .text("id=document.getElementById('id');")
- .text("if(id.value=='') {alert('Enter the id in box');} else {")
- .text("window.open('"+CMArtiChangeForm.HREF+"?id='+id.value+'&ns="+ns+"','_self');}"
- )
- .end(fn)
- .function("newPassword")
- .text("id=document.getElementById('id');")
- .text("if(id.value=='') {alert('Enter the id in box');} else {")
- .text("window.open('"+PassChangeForm.HREF+"?id='+id.value+'@"+domain+"&ns="+ns+"','_self');}"
- )
- .end(js);
- hgen.leaf("i","style=margin:1em 0em 1em 1em;").text("ID:").end()
- .leaf("input","id=id","style=width:10%;").end().text("@").text(domain).br()
- .leaf(HTMLGen.A,"class=greenbutton","href=javascript:newArtifact()","style=color:white;margin:1.2em 0em 1em 1em;").text("As Cert Artifact").end()
- .leaf(HTMLGen.A,"class=greenbutton","href=javascript:newPassword()","style=color:white;margin:1.2em 0em 1em 1em;").text("w/Password").end()
- ;
- }
- });
- }
- },"class=std")
-
- );
- // Setting so we can get access to HTMLGen clone
- model.set(this,slotCode);
- }
+ public CredDetail(final AAF_GUI gui, Page ... breadcrumbs) throws APIException, IOException {
+ super(gui.env, NAME, HREF, Params.values(),
+ new BreadCrumbs(breadcrumbs),
+ new Table<AAF_GUI,AuthzTrans>("Cred Details",gui.env.newTransNoAvg(),model = new Model(),
+ slotCode = new SlotCode<AuthzTrans>(false,gui.env,NAME,Params.values()) {
+ @Override
+ public void code(final Cache<HTMLGen> cache, final HTMLGen hgen) throws APIException, IOException {
+ cache.dynamic(hgen, new DynamicCode<HTMLGen,AAF_GUI,AuthzTrans>() {
+ @Override
+ public void code(AAF_GUI state, AuthzTrans trans, final Cache<HTMLGen> cache, final HTMLGen hgen) throws APIException, IOException {
+ String ns = get(trans, Params.ns,"");
+ String domain = FQI.reverseDomain(ns);
+ Mark js = new Mark(), fn=new Mark();
+ hgen.js(js).function(fn,"newArtifact")
+ .text("id=document.getElementById('id');")
+ .text("if(id.value=='') {alert('Enter the id in box');} else {")
+ .text("window.open('"+CMArtiChangeForm.HREF+"?id='+id.value+'&ns="+ns+"','_self');}"
+ )
+ .end(fn)
+ .function("newPassword")
+ .text("id=document.getElementById('id');")
+ .text("if(id.value=='') {alert('Enter the id in box');} else {")
+ .text("window.open('"+PassChangeForm.HREF+"?id='+id.value+'@"+domain+"&ns="+ns+"','_self');}"
+ )
+ .end(js);
+ hgen.leaf("i","style=margin:1em 0em 1em 1em;").text("ID:").end()
+ .leaf("input","id=id","style=width:10%;").end().text("@").text(domain).br()
+ .leaf(HTMLGen.A,"class=greenbutton","href=javascript:newArtifact()","style=color:white;margin:1.2em 0em 1em 1em;").text("As Cert Artifact").end()
+ .leaf(HTMLGen.A,"class=greenbutton","href=javascript:newPassword()","style=color:white;margin:1.2em 0em 1em 1em;").text("w/Password").end()
+ ;
+ }
+ });
+ }
+ },"class=std")
+
+ );
+ // Setting so we can get access to HTMLGen clone
+ model.set(this,slotCode);
+ }
- /**
- * Implement the table content for Cred Detail
- *
- * @author Jeremiah
- *
- */
- private static class Model extends TableData<AAF_GUI,AuthzTrans> {
- private static final String STYLE_WIDTH_5 = "style=width:5%;";
- private static final String STYLE_WIDTH_10 = "style=width:10%;";
- private static final String STYLE_WIDTH_15 = "style=width:15%;";
- private static final String STYLE_WIDTH_20 = "style=width:20%;";
- private static final String STYLE_WIDTH_70 = "style=width:70%;";
- private SlotCode<AuthzTrans> sc;
- private CredDetail cd;
- // Covering for Constructor Order
- private void set(CredDetail credDetail, SlotCode<AuthzTrans> slotCode) {
- cd = credDetail;
- sc = slotCode;
- }
-
- @Override
- public void prefix(AAF_GUI state, AuthzTrans trans, final Cache<HTMLGen> cache, final HTMLGen hgen) {
- }
+ /**
+ * Implement the table content for Cred Detail
+ *
+ * @author Jeremiah
+ *
+ */
+ private static class Model extends TableData<AAF_GUI,AuthzTrans> {
+ private static final String STYLE_WIDTH_5 = "style=width:5%;";
+ private static final String STYLE_WIDTH_10 = "style=width:10%;";
+ private static final String STYLE_WIDTH_15 = "style=width:15%;";
+ private static final String STYLE_WIDTH_20 = "style=width:20%;";
+ private static final String STYLE_WIDTH_70 = "style=width:70%;";
+ private SlotCode<AuthzTrans> sc;
+ private CredDetail cd;
+ // Covering for Constructor Order
+ private void set(CredDetail credDetail, SlotCode<AuthzTrans> slotCode) {
+ cd = credDetail;
+ sc = slotCode;
+ }
+
+ @Override
+ public void prefix(AAF_GUI state, AuthzTrans trans, final Cache<HTMLGen> cache, final HTMLGen hgen) {
+ }
- @Override
- public Cells get(final AuthzTrans trans, final AAF_GUI gui) {
- final String ns = sc.get(trans, Params.ns, "");
- final String id = sc.get(trans, Params.id, "");
- if(ns==null) {
- return Cells.EMPTY;
- }
- final ArrayList<AbsCell[]> rv = new ArrayList<>();
- final TimeTaken tt = trans.start("AAF Cred Details",Env.REMOTE);
- List<Artifact> la;
- try {
- la = gui.cmClientAsUser(trans.getUserPrincipal(), new Retryable<List<Artifact>>() {
- @Override
- public List<Artifact> code(Rcli<?> client)throws CadiException, ConnectException, APIException {
- Future<Artifacts> fa = client.read("/cert/artifacts?ns="+ns,gui.artifactsDF);
- if(fa.get(AAFcli.timeout())) {
- return fa.value.getArtifact();
- } else {
- return null;
- }
- }
+ @Override
+ public Cells get(final AuthzTrans trans, final AAF_GUI gui) {
+ final String ns = sc.get(trans, Params.ns, "");
+ final String id = sc.get(trans, Params.id, "");
+ if(ns==null) {
+ return Cells.EMPTY;
+ }
+ final ArrayList<AbsCell[]> rv = new ArrayList<>();
+ final TimeTaken tt = trans.start("AAF Cred Details",Env.REMOTE);
+ List<Artifact> la;
+ try {
+ la = gui.cmClientAsUser(trans.getUserPrincipal(), new Retryable<List<Artifact>>() {
+ @Override
+ public List<Artifact> code(Rcli<?> client)throws CadiException, ConnectException, APIException {
+ Future<Artifacts> fa = client.read("/cert/artifacts?ns="+ns,gui.artifactsDF);
+ if(fa.get(AAFcli.timeout())) {
+ return fa.value.getArtifact();
+ } else {
+ return null;
+ }
+ }
- });
- final Set<String> lns = new HashSet<>();
- if(la!=null) {
- for(Artifact a : la){
- lns.add(a.getMechid());
- }
- }
- gui.clientAsUser(trans.getUserPrincipal(),new Retryable<Void>() {
- @Override
- public Void code(Rcli<?> client) throws CadiException, ConnectException, APIException {
- Future<Users> fu = client.read("/authn/creds/ns/"+ns,gui.getDF(Users.class));
- if(fu.get(AAFcli.timeout())) {
- // Organize User entries
- Map<String,List<Map<Integer,List<User>>>> users = new HashMap<>();
-
- List<Map<Integer,List<User>>> lmu=null;
- Map<Integer, List<User>> mu = null;
- List<User> lu = null;
-
- for (User u : fu.value.getUser()) {
- if(u.getType() == 200) {
- lns.remove(u.getId());
- }
- lmu = users.get(u.getId());
- if(lmu==null) {
- users.put(u.getId(),lmu=new ArrayList<>());
- }
- mu=null;
- for(Map<Integer,List<User>> xmu : lmu) {
- if(xmu.containsKey(u.getType())) {
- mu = xmu;
- }
- }
-
- if(mu==null) {
- lmu.add(mu=new HashMap<>());
- }
-
- lu = mu.get(u.getType());
- if(lu==null) {
- mu.put(u.getType(),lu = new ArrayList<>());
- }
- lu.add(u);
- }
+ });
+ final Set<String> lns = new HashSet<>();
+ if(la!=null) {
+ for(Artifact a : la){
+ lns.add(a.getMechid());
+ }
+ }
+ gui.clientAsUser(trans.getUserPrincipal(),new Retryable<Void>() {
+ @Override
+ public Void code(Rcli<?> client) throws CadiException, ConnectException, APIException {
+ Future<Users> fu = client.read("/authn/creds/ns/"+ns,gui.getDF(Users.class));
+ if(fu.get(AAFcli.timeout())) {
+ // Organize User entries
+ Map<String,List<Map<Integer,List<User>>>> users = new HashMap<>();
+
+ List<Map<Integer,List<User>>> lmu=null;
+ Map<Integer, List<User>> mu = null;
+ List<User> lu = null;
+
+ for (User u : fu.value.getUser()) {
+ if(u.getType() == 200) {
+ lns.remove(u.getId());
+ }
+ lmu = users.get(u.getId());
+ if(lmu==null) {
+ users.put(u.getId(),lmu=new ArrayList<>());
+ }
+ mu=null;
+ for(Map<Integer,List<User>> xmu : lmu) {
+ if(xmu.containsKey(u.getType())) {
+ mu = xmu;
+ }
+ }
+
+ if(mu==null) {
+ lmu.add(mu=new HashMap<>());
+ }
+
+ lu = mu.get(u.getType());
+ if(lu==null) {
+ mu.put(u.getType(),lu = new ArrayList<>());
+ }
+ lu.add(u);
+ }
- int count=0;
- for (Entry<String, List<Map<Integer, List<User>>>> ulm : users.entrySet()) {
- String key = "cred_"+count++;
- StringWriter buttons = new StringWriter();
- HTMLGen hgen = cd.clone(buttons);
- hgen.leaf("button","onclick=divVisibility('"+key+"');","class=button").text("Expand").end();
-
- StringWriter creds = new StringWriter();
- hgen = cd.clone(creds);
- Mark div = hgen.divID(key,ulm.getKey().equals(id)?"":"style=display:none;");
- for(Map<Integer, List<User>> miu : ulm.getValue()) {
- Mark utable = new Mark();
- hgen.leaf(utable,HTMLGen.TABLE);
+ int count=0;
+ for (Entry<String, List<Map<Integer, List<User>>>> ulm : users.entrySet()) {
+ String key = "cred_"+count++;
+ StringWriter buttons = new StringWriter();
+ HTMLGen hgen = cd.clone(buttons);
+ hgen.leaf("button","onclick=divVisibility('"+key+"');","class=button").text("Expand").end();
+
+ StringWriter creds = new StringWriter();
+ hgen = cd.clone(creds);
+ Mark div = hgen.divID(key,ulm.getKey().equals(id)?"":"style=display:none;");
+ for(Map<Integer, List<User>> miu : ulm.getValue()) {
+ Mark utable = new Mark();
+ hgen.leaf(utable,HTMLGen.TABLE);
- Mark uRow = new Mark();
- String cls;
- boolean first = true;
-
- for( Entry<Integer, List<User>> es : miu.entrySet()) {
- Collections.sort(es.getValue(),new Comparator<User>() {
- @Override
- public int compare(User u1, User u2) {
- int rv = u1.getType().compareTo(u2.getType());
- return rv==0?u2.getExpires().compare(u1.getExpires()):rv;
- }
- });
- int xcnt = 0;
- XMLGregorianCalendar oldest=null, newest=null;
- String id = null;
- for(User u: es.getValue()) {
- if(id==null) {
- id = u.getId();
- }
- // Need to compile entries for Certificates on this screen
- if(es.getKey()==200) {
- ++xcnt;
- if(oldest==null || oldest.compare(u.getExpires())<0) {
- oldest = u.getExpires();
- }
- if(newest==null || newest.compare(u.getExpires())<0) {
- newest = u.getExpires();
- }
- } else {
- hgen.leaf(uRow,HTMLGen.TR);
- if(first) {
- hgen.leaf(HTMLGen.TD,cls="class=detailFirst",STYLE_WIDTH_10);
- switch(es.getKey()) {
- case 1:
- case 2: hgen.text("Password");
- break;
- case 10: hgen.text("Certificate"); break;
- }
- } else {
- hgen.leaf(HTMLGen.TD,cls="class=detail",STYLE_WIDTH_10+"text-align:center;").text("\"");
- }
- hgen.end();
- hgen.incr(HTMLGen.TD,cls,STYLE_WIDTH_20);
-
- hgen.leaf(HTMLGen.A,
- "class=button",
- "href="+PassDeleteAction.HREF+
- "?id="+id+
- "&amp;ns="+ns+
- "&amp;date="+u.getExpires().toXMLFormat() +
- "&amp;type="+u.getType())
- .text("Delete").end();
- if(first && es.getKey()<10) { // Change Password Screen
- hgen.leaf(HTMLGen.A,"class=button","href="+PassChangeForm.HREF+"?id="+id+"&amp;ns="+ns)
- .text("Add")
- .end();
- }
- first=false;
- hgen.end().leaf(HTMLGen.TD,cls,STYLE_WIDTH_70)
- .text(Chrono.niceDateStamp(u.getExpires()))
- .end();
-
- hgen.end(uRow);
- }
- }
- if(xcnt>0) { // print compilations, if any, of Certificate
- hgen.leaf(uRow,HTMLGen.TR)
- .leaf(HTMLGen.TD,cls="class=detailFirst",STYLE_WIDTH_10).text("x509").end()
- .leaf(HTMLGen.TD, cls,STYLE_WIDTH_20)
- .leaf(HTMLGen.A,"class=button","href="+CMArtifactShow.HREF+"?id="+id+"&amp;ns="+ns)
- .text("View All")
- .end(2)
- .leaf(HTMLGen.TD, cls,STYLE_WIDTH_70).text(String.format(
- xcnt>0?"%d Certificate%s, ranging from %s to %s"
- :"%d Certificate%s",
- xcnt,
- xcnt==1?"":"s",
- Chrono.niceDateStamp(oldest),
- Chrono.niceDateStamp(newest)))
- .end(uRow);
-
- }
- }
- hgen.end(utable);
- }
-
- hgen.end(div);
+ Mark uRow = new Mark();
+ String cls;
+ boolean first = true;
+
+ for( Entry<Integer, List<User>> es : miu.entrySet()) {
+ Collections.sort(es.getValue(),new Comparator<User>() {
+ @Override
+ public int compare(User u1, User u2) {
+ int rv = u1.getType().compareTo(u2.getType());
+ return rv==0?u2.getExpires().compare(u1.getExpires()):rv;
+ }
+ });
+ int xcnt = 0;
+ XMLGregorianCalendar oldest=null, newest=null;
+ String id = null;
+ for(User u: es.getValue()) {
+ if(id==null) {
+ id = u.getId();
+ }
+ // Need to compile entries for Certificates on this screen
+ if(es.getKey()==200) {
+ ++xcnt;
+ if(oldest==null || oldest.compare(u.getExpires())<0) {
+ oldest = u.getExpires();
+ }
+ if(newest==null || newest.compare(u.getExpires())<0) {
+ newest = u.getExpires();
+ }
+ } else {
+ hgen.leaf(uRow,HTMLGen.TR);
+ if(first) {
+ hgen.leaf(HTMLGen.TD,cls="class=detailFirst",STYLE_WIDTH_10);
+ switch(es.getKey()) {
+ case 1:
+ case 2: hgen.text("Password");
+ break;
+ case 10: hgen.text("Certificate"); break;
+ }
+ } else {
+ hgen.leaf(HTMLGen.TD,cls="class=detail",STYLE_WIDTH_10+"text-align:center;").text("\"");
+ }
+ hgen.end();
+ hgen.incr(HTMLGen.TD,cls,STYLE_WIDTH_20);
+
+ hgen.leaf(HTMLGen.A,
+ "class=button",
+ "href="+PassDeleteAction.HREF+
+ "?id="+id+
+ "&amp;ns="+ns+
+ "&amp;date="+u.getExpires().toXMLFormat() +
+ "&amp;type="+u.getType())
+ .text("Delete").end();
+ if(first && es.getKey()<10) { // Change Password Screen
+ hgen.leaf(HTMLGen.A,"class=button","href="+PassChangeForm.HREF+"?id="+id+"&amp;ns="+ns)
+ .text("Add")
+ .end();
+ }
+ first=false;
+ hgen.end().leaf(HTMLGen.TD,cls,STYLE_WIDTH_70)
+ .text(Chrono.niceDateStamp(u.getExpires()))
+ .end();
+
+ hgen.end(uRow);
+ }
+ }
+ if(xcnt>0) { // print compilations, if any, of Certificate
+ hgen.leaf(uRow,HTMLGen.TR)
+ .leaf(HTMLGen.TD,cls="class=detailFirst",STYLE_WIDTH_10).text("x509").end()
+ .leaf(HTMLGen.TD, cls,STYLE_WIDTH_20)
+ .leaf(HTMLGen.A,"class=button","href="+CMArtifactShow.HREF+"?id="+id+"&amp;ns="+ns)
+ .text("View All")
+ .end(2)
+ .leaf(HTMLGen.TD, cls,STYLE_WIDTH_70).text(String.format(
+ xcnt>0?"%d Certificate%s, ranging from %s to %s"
+ :"%d Certificate%s",
+ xcnt,
+ xcnt==1?"":"s",
+ Chrono.niceDateStamp(oldest),
+ Chrono.niceDateStamp(newest)))
+ .end(uRow);
+
+ }
+ }
+ hgen.end(utable);
+ }
+
+ hgen.end(div);
- rv.add(new AbsCell[] {
- new TextCell(ulm.getKey(),STYLE_WIDTH_15),
- new TextCell(buttons.toString(),STYLE_WIDTH_5),
- new TextCell(creds.toString(),STYLE_WIDTH_70)
- });
- }
- for(String missing : lns) {
- StringWriter buttons = new StringWriter();
- HTMLGen hgen = cd.clone(buttons);
- hgen.leaf(HTMLGen.A,"class=button","href="+CMArtifactShow.HREF+"?id="+missing+"&amp;ns="+ns)
- .text("View All")
- .end(2);
- rv.add(new AbsCell[] {
- new TextCell(missing,STYLE_WIDTH_15),
- new TextCell(buttons.toString(),STYLE_WIDTH_5),
- new TextCell("No X509 Credential Instantiated")
- });
- }
+ rv.add(new AbsCell[] {
+ new TextCell(ulm.getKey(),STYLE_WIDTH_15),
+ new TextCell(buttons.toString(),STYLE_WIDTH_5),
+ new TextCell(creds.toString(),STYLE_WIDTH_70)
+ });
+ }
+ for(String missing : lns) {
+ StringWriter buttons = new StringWriter();
+ HTMLGen hgen = cd.clone(buttons);
+ hgen.leaf(HTMLGen.A,"class=button","href="+CMArtifactShow.HREF+"?id="+missing+"&amp;ns="+ns)
+ .text("View All")
+ .end(2);
+ rv.add(new AbsCell[] {
+ new TextCell(missing,STYLE_WIDTH_15),
+ new TextCell(buttons.toString(),STYLE_WIDTH_5),
+ new TextCell("No X509 Credential Instantiated")
+ });
+ }
- } else {
- rv.add(new AbsCell[] {new TextCell("*** Data Unavailable ***")});
- }
- return null;
- }
- });
- } catch (Exception e) {
- e.printStackTrace();
- } finally {
- tt.done();
- }
- return new Cells(rv,null);
- }
+ } else {
+ rv.add(new AbsCell[] {new TextCell("*** Data Unavailable ***")});
+ }
+ return null;
+ }
+ });
+ } catch (Exception e) {
+ e.printStackTrace();
+ } finally {
+ tt.done();
+ }
+ return new Cells(rv,null);
+ }
- @Override
- public void postfix(AAF_GUI state, AuthzTrans trans, final Cache<HTMLGen> cache, final HTMLGen hgen) {
- }
+ @Override
+ public void postfix(AAF_GUI state, AuthzTrans trans, final Cache<HTMLGen> cache, final HTMLGen hgen) {
+ }
- }
+ }
}
diff --git a/auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/pages/Home.java b/auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/pages/Home.java
index caad42b5..e0a73dca 100644
--- a/auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/pages/Home.java
+++ b/auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/pages/Home.java
@@ -36,42 +36,42 @@ import org.onap.aaf.misc.xgen.html.HTMLGen;
public class Home extends Page {
- public static final String HREF = "/gui/home";
- public Home(final AAF_GUI gui) throws APIException, IOException {
- super(gui.env,"Home",HREF, NO_FIELDS, new NamedCode(false,"content") {
- @Override
- public void code(final Cache<HTMLGen> cache, final HTMLGen xgen) throws APIException, IOException {
-// // TEMP
-// JSGen jsg = xgen.js();
-// jsg.function("httpPost","sURL","sParam")
-// .text("var oURL = new java.net.URL(sURL)")
-// .text("var oConn = oURL.openConnection();")
-// .text("oConn.setDoInput(true);")
-// .text("oConn.setDoOutpu(true);")
-// .text("oConn.setUseCaches(false);")
-// .text("oConn.setRequestProperty(\"Content-Type\",\"application/x-www-form-urlencoded\");")
-// .text(text)
-// jsg.done();
- // TEMP
- final Mark pages = xgen.divID("Pages");
- xgen.leaf(H3).text("Choose from the following:").end()
- .leaf(A,"href=myperms").text("My Permissions").end()
- .leaf(A,"href=myroles").text("My Roles").end()
- // TODO: uncomment when on cassandra 2.1.2 for MyNamespace GUI page
- .leaf(A,"href=ns").text("My Namespaces").end()
- .leaf(A,"href=approve").text("My Approvals").end()
- .leaf(A, "href=myrequests").text("My Pending Requests").end()
- // Enable later
-// .leaf(A, "href=onboard").text("Onboarding").end()
- // Password Change. If logged in as CSP/GSO, go to their page
- .leaf(A,"href=passwd").text("Password Management").end()
- .leaf(A,"href=cui").text("Command Prompt").end()
- .leaf(A,"href=api").text("AAF API").end()
- ;
-
- xgen.end(pages);
- }
- });
- }
+ public static final String HREF = "/gui/home";
+ public Home(final AAF_GUI gui) throws APIException, IOException {
+ super(gui.env,"Home",HREF, NO_FIELDS, new NamedCode(false,"content") {
+ @Override
+ public void code(final Cache<HTMLGen> cache, final HTMLGen xgen) throws APIException, IOException {
+// // TEMP
+// JSGen jsg = xgen.js();
+// jsg.function("httpPost","sURL","sParam")
+// .text("var oURL = new java.net.URL(sURL)")
+// .text("var oConn = oURL.openConnection();")
+// .text("oConn.setDoInput(true);")
+// .text("oConn.setDoOutpu(true);")
+// .text("oConn.setUseCaches(false);")
+// .text("oConn.setRequestProperty(\"Content-Type\",\"application/x-www-form-urlencoded\");")
+// .text(text)
+// jsg.done();
+ // TEMP
+ final Mark pages = xgen.divID("Pages");
+ xgen.leaf(H3).text("Choose from the following:").end()
+ .leaf(A,"href=myperms").text("My Permissions").end()
+ .leaf(A,"href=myroles").text("My Roles").end()
+ // TODO: uncomment when on cassandra 2.1.2 for MyNamespace GUI page
+ .leaf(A,"href=ns").text("My Namespaces").end()
+ .leaf(A,"href=approve").text("My Approvals").end()
+ .leaf(A, "href=myrequests").text("My Pending Requests").end()
+ // Enable later
+// .leaf(A, "href=onboard").text("Onboarding").end()
+ // Password Change. If logged in as CSP/GSO, go to their page
+ .leaf(A,"href=passwd").text("Password Management").end()
+ .leaf(A,"href=cui").text("Command Prompt").end()
+ .leaf(A,"href=api").text("AAF API").end()
+ ;
+
+ xgen.end(pages);
+ }
+ });
+ }
}
diff --git a/auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/pages/LoginLanding.java b/auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/pages/LoginLanding.java
index 7dcc65aa..5b614edc 100644
--- a/auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/pages/LoginLanding.java
+++ b/auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/pages/LoginLanding.java
@@ -38,78 +38,78 @@ import org.onap.aaf.misc.xgen.Mark;
import org.onap.aaf.misc.xgen.html.HTMLGen;
public class LoginLanding extends Page {
- public static final String HREF = "/login";
- static final String NAME = "Login";
- static final String fields[] = {"id","password","environment"};
- static final String envs[] = {"DEV","TEST","PROD"};
-
- public LoginLanding(final AAF_GUI gui, final Page ... breadcrumbs) throws APIException, IOException {
- super(gui.env, NAME,HREF, fields, new NamedCode(true, "content") {
- @Override
- public void code(final Cache<HTMLGen> cache, final HTMLGen hgen) throws APIException, IOException {
- hgen.leaf("p").text("No login credentials are found in your current session. " +
- "Choose your preferred login option to continue.").end();
-
- Mark loginPaths = hgen.divID("Pages");
-
- cache.dynamic(hgen, new DynamicCode<HTMLGen, AAF_GUI, AuthzTrans>() {
- @Override
- public void code(AAF_GUI authGUI, AuthzTrans trans, Cache<HTMLGen> cache, HTMLGen xgen) throws APIException, IOException {
- HttpServletRequest req = trans.get(gui.slot_httpServletRequest, null);
- if(req!=null) {
- String query = req.getQueryString();
- if(query!=null) {
- for(String qs : query.split("&")) {
- int equals = qs.indexOf('=');
- xgen.leaf(HTMLGen.A, "href="+URLDecoder.decode(qs.substring(equals+1),Config.UTF_8)).text(qs.substring(0,equals).replace('_', ' ')).end();
- }
- }
- }
- xgen.leaf(HTMLGen.A, "href=gui/home?Authentication=BasicAuth").text("AAF Basic Auth").end();
- }
- });
-// hgen.leaf("a", "href=#","onclick=divVisibility('cso');").text("Global Login").end()
-// .incr("p", "id=cso","style=display:none").text("this will redirect to global login").end()
-// .leaf("a", "href=#","onclick=divVisibility('tguard');").text("tGuard").end()
-// .incr("p", "id=tguard","style=display:none").text("this will redirect to tGuard login").end()
-// hgen.leaf("a", "href=#","onclick=divVisibility('basicauth');").text("AAF Basic Auth").end();
- hgen.end(loginPaths);
-
-// hgen.incr("form","method=post","style=display:none","id=basicauth","gui/home?Authentication=BasicAuth");
-// Mark table = new Mark(TABLE);
-// hgen.incr(table);
-// cache.dynamic(hgen, new DynamicCode<HTMLGen, AuthGUI, AuthzTrans>() {
-// @Override
-// public void code(final AuthGUI gui, final AuthzTrans trans, final Cache<HTMLGen> cache, final HTMLGen hgen)
-// throws APIException, IOException {
-// hgen
-// .input(fields[0],"Username",true)
-// .input(fields[1],"Password",true, "type=password");
-// Mark selectRow = new Mark();
-// hgen
-// .incr(selectRow, "tr")
-// .incr("td")
-// .incr("label", "for=envs", "required").text("Environment").end()
-// .end()
-// .incr("td")
-// .incr("select", "name=envs", "id=envs", "required")
-// .incr("option", "value=").text("Select Environment").end();
-// for (String env : envs) {
-// hgen.incr("option", "value="+env).text(env).end();
-// }
-// hgen
-// .end(selectRow)
-
-// hgen.end();
-// }
-// });
-// hgen.end();
-// hgen.tagOnly("input", "type=submit", "value=Submit")
-// .tagOnly("input", "type=reset", "value=Reset")
-// .end();
-
+ public static final String HREF = "/login";
+ static final String NAME = "Login";
+ static final String fields[] = {"id","password","environment"};
+ static final String envs[] = {"DEV","TEST","PROD"};
+
+ public LoginLanding(final AAF_GUI gui, final Page ... breadcrumbs) throws APIException, IOException {
+ super(gui.env, NAME,HREF, fields, new NamedCode(true, "content") {
+ @Override
+ public void code(final Cache<HTMLGen> cache, final HTMLGen hgen) throws APIException, IOException {
+ hgen.leaf("p").text("No login credentials are found in your current session. " +
+ "Choose your preferred login option to continue.").end();
+
+ Mark loginPaths = hgen.divID("Pages");
+
+ cache.dynamic(hgen, new DynamicCode<HTMLGen, AAF_GUI, AuthzTrans>() {
+ @Override
+ public void code(AAF_GUI authGUI, AuthzTrans trans, Cache<HTMLGen> cache, HTMLGen xgen) throws APIException, IOException {
+ HttpServletRequest req = trans.get(gui.slot_httpServletRequest, null);
+ if(req!=null) {
+ String query = req.getQueryString();
+ if(query!=null) {
+ for(String qs : query.split("&")) {
+ int equals = qs.indexOf('=');
+ xgen.leaf(HTMLGen.A, "href="+URLDecoder.decode(qs.substring(equals+1),Config.UTF_8)).text(qs.substring(0,equals).replace('_', ' ')).end();
+ }
+ }
+ }
+ xgen.leaf(HTMLGen.A, "href=gui/home?Authentication=BasicAuth").text("AAF Basic Auth").end();
+ }
+ });
+// hgen.leaf("a", "href=#","onclick=divVisibility('cso');").text("Global Login").end()
+// .incr("p", "id=cso","style=display:none").text("this will redirect to global login").end()
+// .leaf("a", "href=#","onclick=divVisibility('tguard');").text("tGuard").end()
+// .incr("p", "id=tguard","style=display:none").text("this will redirect to tGuard login").end()
+// hgen.leaf("a", "href=#","onclick=divVisibility('basicauth');").text("AAF Basic Auth").end();
+ hgen.end(loginPaths);
+
+// hgen.incr("form","method=post","style=display:none","id=basicauth","gui/home?Authentication=BasicAuth");
+// Mark table = new Mark(TABLE);
+// hgen.incr(table);
+// cache.dynamic(hgen, new DynamicCode<HTMLGen, AuthGUI, AuthzTrans>() {
+// @Override
+// public void code(final AuthGUI gui, final AuthzTrans trans, final Cache<HTMLGen> cache, final HTMLGen hgen)
+// throws APIException, IOException {
+// hgen
+// .input(fields[0],"Username",true)
+// .input(fields[1],"Password",true, "type=password");
+// Mark selectRow = new Mark();
+// hgen
+// .incr(selectRow, "tr")
+// .incr("td")
+// .incr("label", "for=envs", "required").text("Environment").end()
+// .end()
+// .incr("td")
+// .incr("select", "name=envs", "id=envs", "required")
+// .incr("option", "value=").text("Select Environment").end();
+// for (String env : envs) {
+// hgen.incr("option", "value="+env).text(env).end();
+// }
+// hgen
+// .end(selectRow)
+
+// hgen.end();
+// }
+// });
+// hgen.end();
+// hgen.tagOnly("input", "type=submit", "value=Submit")
+// .tagOnly("input", "type=reset", "value=Reset")
+// .end();
+
- }
- });
- }
+ }
+ });
+ }
}
diff --git a/auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/pages/LoginLandingAction.java b/auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/pages/LoginLandingAction.java
index 9ab3fa71..f20caebb 100644
--- a/auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/pages/LoginLandingAction.java
+++ b/auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/pages/LoginLandingAction.java
@@ -35,31 +35,31 @@ import org.onap.aaf.misc.xgen.DynamicCode;
import org.onap.aaf.misc.xgen.html.HTMLGen;
public class LoginLandingAction extends Page {
- public LoginLandingAction(final AAF_GUI gui, final Page ... breadcrumbs) throws APIException, IOException {
- super(gui.env,"Login",LoginLanding.HREF, LoginLanding.fields,
- new BreadCrumbs(breadcrumbs),
- new NamedCode(true,"content") {
- final Slot sID = gui.env.slot(LoginLanding.NAME+'.'+LoginLanding.fields[0]);
-// final Slot sPassword = gui.env.slot(LoginLanding.NAME+'.'+LoginLanding.fields[1]);
-
- @Override
- public void code(final Cache<HTMLGen> cache, final HTMLGen hgen) throws APIException, IOException {
- cache.dynamic(hgen, new DynamicCode<HTMLGen,AAF_GUI, AuthzTrans>() {
- @Override
- public void code(final AAF_GUI gui, final AuthzTrans trans,final Cache<HTMLGen> cache, final HTMLGen hgen) throws APIException, IOException {
- String username = trans.get(sID,null);
-// String password = trans.get(sPassword,null);
+ public LoginLandingAction(final AAF_GUI gui, final Page ... breadcrumbs) throws APIException, IOException {
+ super(gui.env,"Login",LoginLanding.HREF, LoginLanding.fields,
+ new BreadCrumbs(breadcrumbs),
+ new NamedCode(true,"content") {
+ final Slot sID = gui.env.slot(LoginLanding.NAME+'.'+LoginLanding.fields[0]);
+// final Slot sPassword = gui.env.slot(LoginLanding.NAME+'.'+LoginLanding.fields[1]);
+
+ @Override
+ public void code(final Cache<HTMLGen> cache, final HTMLGen hgen) throws APIException, IOException {
+ cache.dynamic(hgen, new DynamicCode<HTMLGen,AAF_GUI, AuthzTrans>() {
+ @Override
+ public void code(final AAF_GUI gui, final AuthzTrans trans,final Cache<HTMLGen> cache, final HTMLGen hgen) throws APIException, IOException {
+ String username = trans.get(sID,null);
+// String password = trans.get(sPassword,null);
- hgen.p("User: "+username);
- hgen.p("Pass: ********");
-
- // TODO: clarification from JG
- // put in request header?
- // then pass through authn/basicAuth call?
-
- }
- });
- }
- });
- }
+ hgen.p("User: "+username);
+ hgen.p("Pass: ********");
+
+ // TODO: clarification from JG
+ // put in request header?
+ // then pass through authn/basicAuth call?
+
+ }
+ });
+ }
+ });
+ }
}
diff --git a/auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/pages/NsDetail.java b/auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/pages/NsDetail.java
index 0a74d607..faf657e7 100644
--- a/auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/pages/NsDetail.java
+++ b/auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/pages/NsDetail.java
@@ -58,187 +58,187 @@ import aaf.v2_0.Role;
import aaf.v2_0.Roles;
public class NsDetail extends Page {
-
- public static final String HREF = "/gui/nsdetail";
- public static final String NAME = "NsDetail";
- public static enum NS_FIELD { OWNERS, ADMINS, ROLES, PERMISSIONS, CREDS};
- private static final String BLANK = "";
- private static Slot keySlot;
- private static Model model;
- private static String gw_url;
-
-
- public NsDetail(final AAF_GUI gui, Page ... breadcrumbs) throws APIException, IOException {
- super(gui.env, NAME, HREF, new String[] {"ns"},
- new BreadCrumbs(breadcrumbs),
- new Table<AAF_GUI,AuthzTrans>("Namespace Details",gui.env.newTransNoAvg(),model=new Model(),"class=detail")
- );
- model.set(this);
- keySlot = gui.env.slot(NAME+".ns");
- gw_url = gui.env.getProperty(Config.GW_URL);
- if(gw_url==null) {
- gw_url="";
- } else {
- gw_url+="/aaf/2.0";
- }
- }
-
- /**
- * Implement the table content for Namespace Detail
- *
- * @author Jeremiah
- *
- */
- private static class Model extends TableData<AAF_GUI,AuthzTrans> {
- private NsDetail nd;
-
- public void set(NsDetail nsDetail) {
- nd=nsDetail;
- }
-
- @Override
- public Cells get(final AuthzTrans trans, final AAF_GUI gui) {
- final String nsName = trans.get(keySlot, null);
- Validator v = new Validator();
- v.ns(nsName);
- if(v.err()) {
- trans.warn().printf("Error in NsDetail Request: %s", v.errs());
- return Cells.EMPTY;
- }
-
- if(nsName==null) {
- return Cells.EMPTY;
- }
- final ArrayList<AbsCell[]> rv = new ArrayList<>();
- rv.add(new AbsCell[]{new TextCell("Name:"),new TextCell(nsName)});
-
- final TimeTaken tt = trans.start("AAF Namespace Details",Env.REMOTE);
- try {
- gui.clientAsUser(trans.getUserPrincipal(),new Retryable<Void>() {
- @Override
- public Void code(Rcli<?> client) throws CadiException, ConnectException, APIException {
- Future<Nss> fn = client.read("/authz/nss/"+nsName,gui.getDF(Nss.class));
-
- if(fn.get(AAF_GUI.TIMEOUT)) {
- tt.done();
- try {
-// TimeTaken tt = trans.start("Load Data", Env.SUB);
-
- for(Ns n : fn.value.getNs()) {
- String desc = (n.getDescription()!=null?n.getDescription():BLANK);
- rv.add(new AbsCell[]{new TextCell("Description:"),new TextCell(desc)});
-
- addField(trans, nsName, rv, n.getAdmin(), NS_FIELD.ADMINS);
- addField(trans, nsName, rv, n.getResponsible(), NS_FIELD.OWNERS);
-
- StringWriter sw = new StringWriter();
- HTMLGen hgen = nd.clone(sw);
- hgen.leaf(HTMLGen.A, "class=greenbutton","href="+CredDetail.HREF+"?ns="+nsName).text("Cred Details").end();
- rv.add(new AbsCell[] {
- new TextCell("Credentials"),
- new TextCell(sw.toString())
- });
-
-
- Future<Roles> fr = client.read(
- "/authz/roles/ns/"+nsName,
- gui.getDF(Roles.class)
- );
- List<String> roles = new ArrayList<>();
- if(fr.get(AAFcli.timeout())) {
- for (Role r : fr.value.getRole()) {
- roles.add(r.getName());
- }
- }
- addField(trans, nsName, rv, roles, NS_FIELD.ROLES);
-
-
- Future<Perms> fp = client.read(
- "/authz/perms/ns/"+nsName,
- gui.getDF(Perms.class)
- );
- List<String> perms = new ArrayList<>();
-
- if(fp.get(AAFcli.timeout())) {
- for (Perm p : fp.value.getPerm()) {
- perms.add(p.getType() + "|" + p.getInstance() + "|" + p.getAction());
- }
- }
- addField(trans, nsName, rv, perms, NS_FIELD.PERMISSIONS);
- }
- String historyLink = NsHistory.HREF
- + "?name=" + nsName;
- rv.add(new AbsCell[] {new RefCell("See History",historyLink,false)});
- } finally {
- tt.done();
- }
- } else {
- rv.add(new AbsCell[] {new TextCell("*** Data Unavailable ***")});
- }
- return null;
- }
- });
- } catch (Exception e) {
- e.printStackTrace();
- } finally {
- tt.done();
- }
- return new Cells(rv,null);
- }
-
- private void addField(AuthzTrans trans, String ns, List<AbsCell[]> rv, List<String> values, NS_FIELD field) {
- if (!values.isEmpty()) {
- switch(field) {
- case OWNERS:
- case ADMINS:
- case CREDS:
- for (int i=0; i< values.size(); i++) {
- AbsCell label = (i==0?new TextCell(sentenceCase(field)+":"):AbsCell.Null);
- String user = values.get(i);
- AbsCell userCell = (new TextCell(user));
- rv.add(new AbsCell[] {
- label,
- userCell
- });
- }
- break;
- case ROLES:
- for (int i=0; i< values.size(); i++) {
- String role = values.get(i);
- AbsCell label = (i==0?new TextCell(sentenceCase(field)+":"):AbsCell.Null);
- rv.add(new AbsCell[] {
- label,
- new RefCell(role,RoleDetail.HREF+"?role="+role+"&ns="+ns,false)
- });
- }
- break;
- case PERMISSIONS:
- for (int i=0; i< values.size(); i++) {
- AbsCell label = (i==0?new TextCell(sentenceCase(field)+":","style=width:20%"):AbsCell.Null);
- String perm = values.get(i);
- String[] fields = perm.split("\\|");
- String grantLink = gw_url
- + PermGrantForm.HREF
- + "?type=" + fields[0].trim()
- + "&amp;instance=" + fields[1].trim()
- + "&amp;action=" + fields[2].trim();
-
- rv.add(new AbsCell[] {
- label,
- new TextCell(perm,"style=width:60%;"),
- new RefCell("Grant", grantLink,false,"class=button","style=width:20%;")
- });
- }
- break;
- }
-
- }
- }
-
- private String sentenceCase(NS_FIELD field) {
- String sField = field.toString();
- return sField.substring(0, 1).toUpperCase() + sField.substring(1).toLowerCase();
- }
-
- }
+
+ public static final String HREF = "/gui/nsdetail";
+ public static final String NAME = "NsDetail";
+ public static enum NS_FIELD { OWNERS, ADMINS, ROLES, PERMISSIONS, CREDS};
+ private static final String BLANK = "";
+ private static Slot keySlot;
+ private static Model model;
+ private static String gw_url;
+
+
+ public NsDetail(final AAF_GUI gui, Page ... breadcrumbs) throws APIException, IOException {
+ super(gui.env, NAME, HREF, new String[] {"ns"},
+ new BreadCrumbs(breadcrumbs),
+ new Table<AAF_GUI,AuthzTrans>("Namespace Details",gui.env.newTransNoAvg(),model=new Model(),"class=detail")
+ );
+ model.set(this);
+ keySlot = gui.env.slot(NAME+".ns");
+ gw_url = gui.env.getProperty(Config.GW_URL);
+ if(gw_url==null) {
+ gw_url="";
+ } else {
+ gw_url+="/aaf/2.0";
+ }
+ }
+
+ /**
+ * Implement the table content for Namespace Detail
+ *
+ * @author Jeremiah
+ *
+ */
+ private static class Model extends TableData<AAF_GUI,AuthzTrans> {
+ private NsDetail nd;
+
+ public void set(NsDetail nsDetail) {
+ nd=nsDetail;
+ }
+
+ @Override
+ public Cells get(final AuthzTrans trans, final AAF_GUI gui) {
+ final String nsName = trans.get(keySlot, null);
+ Validator v = new Validator();
+ v.ns(nsName);
+ if(v.err()) {
+ trans.warn().printf("Error in NsDetail Request: %s", v.errs());
+ return Cells.EMPTY;
+ }
+
+ if(nsName==null) {
+ return Cells.EMPTY;
+ }
+ final ArrayList<AbsCell[]> rv = new ArrayList<>();
+ rv.add(new AbsCell[]{new TextCell("Name:"),new TextCell(nsName)});
+
+ final TimeTaken tt = trans.start("AAF Namespace Details",Env.REMOTE);
+ try {
+ gui.clientAsUser(trans.getUserPrincipal(),new Retryable<Void>() {
+ @Override
+ public Void code(Rcli<?> client) throws CadiException, ConnectException, APIException {
+ Future<Nss> fn = client.read("/authz/nss/"+nsName,gui.getDF(Nss.class));
+
+ if(fn.get(AAF_GUI.TIMEOUT)) {
+ tt.done();
+ try {
+// TimeTaken tt = trans.start("Load Data", Env.SUB);
+
+ for(Ns n : fn.value.getNs()) {
+ String desc = (n.getDescription()!=null?n.getDescription():BLANK);
+ rv.add(new AbsCell[]{new TextCell("Description:"),new TextCell(desc)});
+
+ addField(trans, nsName, rv, n.getAdmin(), NS_FIELD.ADMINS);
+ addField(trans, nsName, rv, n.getResponsible(), NS_FIELD.OWNERS);
+
+ StringWriter sw = new StringWriter();
+ HTMLGen hgen = nd.clone(sw);
+ hgen.leaf(HTMLGen.A, "class=greenbutton","href="+CredDetail.HREF+"?ns="+nsName).text("Cred Details").end();
+ rv.add(new AbsCell[] {
+ new TextCell("Credentials"),
+ new TextCell(sw.toString())
+ });
+
+
+ Future<Roles> fr = client.read(
+ "/authz/roles/ns/"+nsName,
+ gui.getDF(Roles.class)
+ );
+ List<String> roles = new ArrayList<>();
+ if(fr.get(AAFcli.timeout())) {
+ for (Role r : fr.value.getRole()) {
+ roles.add(r.getName());
+ }
+ }
+ addField(trans, nsName, rv, roles, NS_FIELD.ROLES);
+
+
+ Future<Perms> fp = client.read(
+ "/authz/perms/ns/"+nsName,
+ gui.getDF(Perms.class)
+ );
+ List<String> perms = new ArrayList<>();
+
+ if(fp.get(AAFcli.timeout())) {
+ for (Perm p : fp.value.getPerm()) {
+ perms.add(p.getType() + "|" + p.getInstance() + "|" + p.getAction());
+ }
+ }
+ addField(trans, nsName, rv, perms, NS_FIELD.PERMISSIONS);
+ }
+ String historyLink = NsHistory.HREF
+ + "?name=" + nsName;
+ rv.add(new AbsCell[] {new RefCell("See History",historyLink,false)});
+ } finally {
+ tt.done();
+ }
+ } else {
+ rv.add(new AbsCell[] {new TextCell("*** Data Unavailable ***")});
+ }
+ return null;
+ }
+ });
+ } catch (Exception e) {
+ e.printStackTrace();
+ } finally {
+ tt.done();
+ }
+ return new Cells(rv,null);
+ }
+
+ private void addField(AuthzTrans trans, String ns, List<AbsCell[]> rv, List<String> values, NS_FIELD field) {
+ if (!values.isEmpty()) {
+ switch(field) {
+ case OWNERS:
+ case ADMINS:
+ case CREDS:
+ for (int i=0; i< values.size(); i++) {
+ AbsCell label = (i==0?new TextCell(sentenceCase(field)+":"):AbsCell.Null);
+ String user = values.get(i);
+ AbsCell userCell = (new TextCell(user));
+ rv.add(new AbsCell[] {
+ label,
+ userCell
+ });
+ }
+ break;
+ case ROLES:
+ for (int i=0; i< values.size(); i++) {
+ String role = values.get(i);
+ AbsCell label = (i==0?new TextCell(sentenceCase(field)+":"):AbsCell.Null);
+ rv.add(new AbsCell[] {
+ label,
+ new RefCell(role,RoleDetail.HREF+"?role="+role+"&ns="+ns,false)
+ });
+ }
+ break;
+ case PERMISSIONS:
+ for (int i=0; i< values.size(); i++) {
+ AbsCell label = (i==0?new TextCell(sentenceCase(field)+":","style=width:20%"):AbsCell.Null);
+ String perm = values.get(i);
+ String[] fields = perm.split("\\|");
+ String grantLink = gw_url
+ + PermGrantForm.HREF
+ + "?type=" + fields[0].trim()
+ + "&amp;instance=" + fields[1].trim()
+ + "&amp;action=" + fields[2].trim();
+
+ rv.add(new AbsCell[] {
+ label,
+ new TextCell(perm,"style=width:60%;"),
+ new RefCell("Grant", grantLink,false,"class=button","style=width:20%;")
+ });
+ }
+ break;
+ }
+
+ }
+ }
+
+ private String sentenceCase(NS_FIELD field) {
+ String sField = field.toString();
+ return sField.substring(0, 1).toUpperCase() + sField.substring(1).toLowerCase();
+ }
+
+ }
}
diff --git a/auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/pages/NsHistory.java b/auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/pages/NsHistory.java
index 6d55858b..7d11e66f 100644
--- a/auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/pages/NsHistory.java
+++ b/auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/pages/NsHistory.java
@@ -55,174 +55,174 @@ import aaf.v2_0.History;
import aaf.v2_0.History.Item;
public class NsHistory extends Page {
- static final String NAME="NsHistory";
- static final String HREF = "/gui/nsHistory";
- static final String FIELDS[] = {"name","dates"};
- static final String WEBPHONE = "http://webphone.att.com/cgi-bin/webphones.pl?id=";
- static enum Month { JANUARY, FEBRUARY, MARCH, APRIL, MAY, JUNE, JULY,
- AUGUST, SEPTEMBER, OCTOBER, NOVEMBER, DECEMBER };
-
- public NsHistory(final AAF_GUI gui, final Page ... breadcrumbs) throws APIException, IOException {
- super(gui.env,NAME,HREF, FIELDS,
- new BreadCrumbs(breadcrumbs),
- new Table<AAF_GUI,AuthzTrans>("History", gui.env.newTransNoAvg(),new Model(gui.env),"class=std"),
- new NamedCode(true, "content") {
- @Override
- public void code(final Cache<HTMLGen> cache, final HTMLGen hgen) throws APIException, IOException {
- final Slot name = gui.env.slot(NAME+".name");
- cache.dynamic(hgen, new DynamicCode<HTMLGen, AAF_GUI, AuthzTrans>() {
- @Override
- public void code(final AAF_GUI gui, final AuthzTrans trans, final Cache<HTMLGen> cache, final HTMLGen hgen) throws APIException, IOException {
- String obName = trans.get(name, null);
-
- // Use Javascript to make the table title more descriptive
- hgen.js()
- .text("var caption = document.querySelector(\".title\");")
- .text("caption.innerHTML='History for Namespace [ " + obName + " ]';")
- .done();
-
- // Use Javascript to change Link Target to our last visited Detail page
- String lastPage = NsDetail.HREF + "?name=" + obName;
- hgen.js()
- .text("alterLink('nsdetail', '"+lastPage + "');")
- .done();
-
- hgen.br();
- hgen.leaf("a","href=#advanced_search","onclick=divVisibility('advanced_search');").text("Advanced Search").end()
- .divID("advanced_search", "style=display:none");
- hgen.incr("table");
-
- addDateRow(hgen,"Start Date");
- addDateRow(hgen,"End Date");
- hgen.incr("tr").incr("td");
- hgen.tagOnly("input", "type=button","value=Get History",
- "onclick=datesURL('"+HREF+"?name=" + obName+"');");
- hgen.end().end();
- hgen.end();
- hgen.end();
-
- }
- });
- }
- }
+ static final String NAME="NsHistory";
+ static final String HREF = "/gui/nsHistory";
+ static final String FIELDS[] = {"name","dates"};
+ static final String WEBPHONE = "http://webphone.att.com/cgi-bin/webphones.pl?id=";
+ static enum Month { JANUARY, FEBRUARY, MARCH, APRIL, MAY, JUNE, JULY,
+ AUGUST, SEPTEMBER, OCTOBER, NOVEMBER, DECEMBER };
+
+ public NsHistory(final AAF_GUI gui, final Page ... breadcrumbs) throws APIException, IOException {
+ super(gui.env,NAME,HREF, FIELDS,
+ new BreadCrumbs(breadcrumbs),
+ new Table<AAF_GUI,AuthzTrans>("History", gui.env.newTransNoAvg(),new Model(gui.env),"class=std"),
+ new NamedCode(true, "content") {
+ @Override
+ public void code(final Cache<HTMLGen> cache, final HTMLGen hgen) throws APIException, IOException {
+ final Slot name = gui.env.slot(NAME+".name");
+ cache.dynamic(hgen, new DynamicCode<HTMLGen, AAF_GUI, AuthzTrans>() {
+ @Override
+ public void code(final AAF_GUI gui, final AuthzTrans trans, final Cache<HTMLGen> cache, final HTMLGen hgen) throws APIException, IOException {
+ String obName = trans.get(name, null);
+
+ // Use Javascript to make the table title more descriptive
+ hgen.js()
+ .text("var caption = document.querySelector(\".title\");")
+ .text("caption.innerHTML='History for Namespace [ " + obName + " ]';")
+ .done();
+
+ // Use Javascript to change Link Target to our last visited Detail page
+ String lastPage = NsDetail.HREF + "?name=" + obName;
+ hgen.js()
+ .text("alterLink('nsdetail', '"+lastPage + "');")
+ .done();
+
+ hgen.br();
+ hgen.leaf("a","href=#advanced_search","onclick=divVisibility('advanced_search');").text("Advanced Search").end()
+ .divID("advanced_search", "style=display:none");
+ hgen.incr("table");
+
+ addDateRow(hgen,"Start Date");
+ addDateRow(hgen,"End Date");
+ hgen.incr("tr").incr("td");
+ hgen.tagOnly("input", "type=button","value=Get History",
+ "onclick=datesURL('"+HREF+"?name=" + obName+"');");
+ hgen.end().end();
+ hgen.end();
+ hgen.end();
+
+ }
+ });
+ }
+ }
- );
- }
+ );
+ }
- private static void addDateRow(HTMLGen hgen, String s) {
- hgen
- .incr("tr")
- .incr("td")
- .incr("label", "for=month", "required").text(s+"*").end()
- .end()
- .incr("td")
- .incr("select", "name=month"+s.substring(0, s.indexOf(' ')), "id=month"+s.substring(0, s.indexOf(' ')), "required")
- .incr("option", "value=").text("Month").end();
- for (Month m : Month.values()) {
- if (Calendar.getInstance().get(Calendar.MONTH) == m.ordinal()) {
- hgen.incr("option", "selected", "value="+(m.ordinal()+1)).text(m.name()).end();
- } else {
- hgen.incr("option", "value="+(m.ordinal()+1)).text(m.name()).end();
- }
- }
- hgen.end()
- .end()
- .incr("td")
- .tagOnly("input","type=number","id=year"+s.substring(0, s.indexOf(' ')),"required",
- "value="+Calendar.getInstance().get(Calendar.YEAR), "min=1900",
- "max="+Calendar.getInstance().get(Calendar.YEAR),
- "placeholder=Year").end()
- .end();
- }
-
+ private static void addDateRow(HTMLGen hgen, String s) {
+ hgen
+ .incr("tr")
+ .incr("td")
+ .incr("label", "for=month", "required").text(s+"*").end()
+ .end()
+ .incr("td")
+ .incr("select", "name=month"+s.substring(0, s.indexOf(' ')), "id=month"+s.substring(0, s.indexOf(' ')), "required")
+ .incr("option", "value=").text("Month").end();
+ for (Month m : Month.values()) {
+ if (Calendar.getInstance().get(Calendar.MONTH) == m.ordinal()) {
+ hgen.incr("option", "selected", "value="+(m.ordinal()+1)).text(m.name()).end();
+ } else {
+ hgen.incr("option", "value="+(m.ordinal()+1)).text(m.name()).end();
+ }
+ }
+ hgen.end()
+ .end()
+ .incr("td")
+ .tagOnly("input","type=number","id=year"+s.substring(0, s.indexOf(' ')),"required",
+ "value="+Calendar.getInstance().get(Calendar.YEAR), "min=1900",
+ "max="+Calendar.getInstance().get(Calendar.YEAR),
+ "placeholder=Year").end()
+ .end();
+ }
+
-
-
- /**
- * Implement the Table Content for History
- *
- * @author Jeremiah
- *
- */
- private static class Model extends TableData<AAF_GUI,AuthzTrans> {
- private static final String[] headers = new String[] {"Date","User","Memo"};
- private Slot name;
- private Slot dates;
-
- public Model(AuthzEnv env) {
- name = env.slot(NAME+".name");
- dates = env.slot(NAME+".dates");
- }
-
- @Override
- public String[] headers() {
- return headers;
- }
-
- @Override
- public Cells get(final AuthzTrans trans, final AAF_GUI gui) {
- final String oName = trans.get(name,null);
- final String oDates = trans.get(dates,null);
-
- if(oName==null) {
- return Cells.EMPTY;
- }
-
- final ArrayList<AbsCell[]> rv = new ArrayList<>();
- String msg = null;
- final TimeTaken tt = trans.start("AAF Get History for Namespace ["+oName+"]",Env.REMOTE);
- try {
- gui.clientAsUser(trans.getUserPrincipal(), new Retryable<Void>() {
- @Override
- public Void code(Rcli<?> client) throws CadiException, ConnectException, APIException {
- if (oDates != null) {
- client.setQueryParams("yyyymm="+oDates);
- }
- Future<History> fh = client.read("/authz/hist/ns/"+oName,gui.getDF(History.class));
- if (fh.get(AAF_GUI.TIMEOUT)) {
- tt.done();
- TimeTaken tt2 = trans.start("Load History Data", Env.SUB);
- try {
- List<Item> histItems = fh.value.getItem();
-
- java.util.Collections.sort(histItems, new Comparator<Item>() {
- @Override
- public int compare(Item o1, Item o2) {
- return o2.getTimestamp().compare(o1.getTimestamp());
- }
- });
-
- for (Item i : histItems) {
- String user = i.getUser();
- AbsCell userCell = new TextCell(user);
-
- String memo = i.getMemo().replace("<script>", "&lt;script&gt;").replace("</script>", "&lt;/script&gt;");
- rv.add(new AbsCell[] {
- new TextCell(i.getTimestamp().toGregorianCalendar().getTime().toString()),
- userCell,
- new TextCell(memo)
- });
- }
- } finally {
- tt2.done();
- }
- } else {
- if (fh.code()==403) {
- rv.add(new AbsCell[] {new TextCell("You may not view History of Namespace [" + oName + "]", "colspan = 3", "class=center")});
- } else {
- rv.add(new AbsCell[] {new TextCell("*** Data Unavailable ***", "colspan = 3", "class=center")});
- }
- }
- return null;
- }
- });
- } catch (Exception e) {
- trans.error().log(e);
- } finally {
- tt.done();
- }
- return new Cells(rv,msg);
- }
- }
+
+
+ /**
+ * Implement the Table Content for History
+ *
+ * @author Jeremiah
+ *
+ */
+ private static class Model extends TableData<AAF_GUI,AuthzTrans> {
+ private static final String[] headers = new String[] {"Date","User","Memo"};
+ private Slot name;
+ private Slot dates;
+
+ public Model(AuthzEnv env) {
+ name = env.slot(NAME+".name");
+ dates = env.slot(NAME+".dates");
+ }
+
+ @Override
+ public String[] headers() {
+ return headers;
+ }
+
+ @Override
+ public Cells get(final AuthzTrans trans, final AAF_GUI gui) {
+ final String oName = trans.get(name,null);
+ final String oDates = trans.get(dates,null);
+
+ if(oName==null) {
+ return Cells.EMPTY;
+ }
+
+ final ArrayList<AbsCell[]> rv = new ArrayList<>();
+ String msg = null;
+ final TimeTaken tt = trans.start("AAF Get History for Namespace ["+oName+"]",Env.REMOTE);
+ try {
+ gui.clientAsUser(trans.getUserPrincipal(), new Retryable<Void>() {
+ @Override
+ public Void code(Rcli<?> client) throws CadiException, ConnectException, APIException {
+ if (oDates != null) {
+ client.setQueryParams("yyyymm="+oDates);
+ }
+ Future<History> fh = client.read("/authz/hist/ns/"+oName,gui.getDF(History.class));
+ if (fh.get(AAF_GUI.TIMEOUT)) {
+ tt.done();
+ TimeTaken tt2 = trans.start("Load History Data", Env.SUB);
+ try {
+ List<Item> histItems = fh.value.getItem();
+
+ java.util.Collections.sort(histItems, new Comparator<Item>() {
+ @Override
+ public int compare(Item o1, Item o2) {
+ return o2.getTimestamp().compare(o1.getTimestamp());
+ }
+ });
+
+ for (Item i : histItems) {
+ String user = i.getUser();
+ AbsCell userCell = new TextCell(user);
+
+ String memo = i.getMemo().replace("<script>", "&lt;script&gt;").replace("</script>", "&lt;/script&gt;");
+ rv.add(new AbsCell[] {
+ new TextCell(i.getTimestamp().toGregorianCalendar().getTime().toString()),
+ userCell,
+ new TextCell(memo)
+ });
+ }
+ } finally {
+ tt2.done();
+ }
+ } else {
+ if (fh.code()==403) {
+ rv.add(new AbsCell[] {new TextCell("You may not view History of Namespace [" + oName + "]", "colspan = 3", "class=center")});
+ } else {
+ rv.add(new AbsCell[] {new TextCell("*** Data Unavailable ***", "colspan = 3", "class=center")});
+ }
+ }
+ return null;
+ }
+ });
+ } catch (Exception e) {
+ trans.error().log(e);
+ } finally {
+ tt.done();
+ }
+ return new Cells(rv,msg);
+ }
+ }
}
diff --git a/auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/pages/NsInfoAction.java b/auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/pages/NsInfoAction.java
index 4328653e..8a2da3d3 100644
--- a/auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/pages/NsInfoAction.java
+++ b/auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/pages/NsInfoAction.java
@@ -46,113 +46,113 @@ import org.onap.aaf.misc.xgen.html.HTMLGen;
import aaf.v2_0.CredRequest;
public class NsInfoAction extends Page {
- public NsInfoAction(final AAF_GUI gui, final Page ... breadcrumbs) throws APIException, IOException {
- super(gui.env,"Onboard",PassChangeForm.HREF, PassChangeForm.fields,
- new BreadCrumbs(breadcrumbs),
- new NamedCode(true,"content") {
- final Slot sID = gui.env.slot(PassChangeForm.NAME+'.'+PassChangeForm.fields[0]);
- final Slot sCurrPass = gui.env.slot(PassChangeForm.NAME+'.'+PassChangeForm.fields[1]);
- final Slot sPassword = gui.env.slot(PassChangeForm.NAME+'.'+PassChangeForm.fields[2]);
- final Slot sPassword2 = gui.env.slot(PassChangeForm.NAME+'.'+PassChangeForm.fields[3]);
- final Slot startDate = gui.env.slot(PassChangeForm.NAME+'.'+PassChangeForm.fields[4]);
-
- @Override
- public void code(final Cache<HTMLGen> cache, final HTMLGen hgen) throws APIException, IOException {
- cache.dynamic(hgen, new DynamicCode<HTMLGen,AAF_GUI, AuthzTrans>() {
- @Override
- public void code(final AAF_GUI gui, final AuthzTrans trans,final Cache<HTMLGen> cache, final HTMLGen hgen) throws APIException, IOException {
- String id = trans.get(sID,null);
- String currPass = trans.get(sCurrPass,null);
- final String password = trans.get(sPassword,null);
- String password2 = trans.get(sPassword2,null);
-
- // Run Validations
- boolean fail = true;
-
- if (id==null || id.indexOf('@')<=0) {
- hgen.p("Data Entry Failure: Please enter a valid ID, including domain.");
- } else if(password == null || password2 == null || currPass == null) {
- hgen.p("Data Entry Failure: Both Password Fields need entries.");
- } else if(!password.equals(password2)) {
- hgen.p("Data Entry Failure: Passwords do not match.");
- } else { // everything else is checked by Server
- final CredRequest cred = new CredRequest();
- cred.setId(id);
- cred.setPassword(currPass);
- try {
- fail = gui.clientAsUser(trans.getUserPrincipal(), new Retryable<Boolean>() {
- @Override
- public Boolean code(Rcli<?> client)throws CadiException, ConnectException, APIException {
- TimeTaken tt = trans.start("Check Current Password",Env.REMOTE);
- try {
- Future<CredRequest> fcr = client.create( // Note: Need "Post", because of hiding password in SSL Data
- "/authn/validate",
- gui.getDF(CredRequest.class),
- cred
- );
- boolean go;
- boolean fail = true;
- fcr.get(5000);
- if(fcr.code() == 200) {
- hgen.p("Current Password validated");
- go = true;
- } else {
- hgen.p(String.format("Invalid Current Password: %d %s",fcr.code(),fcr.body()));
- go = false;
- }
- if(go) {
- tt.done();
- tt = trans.start("AAF Change Password",Env.REMOTE);
- try {
- // Change over Cred to reset mode
- cred.setPassword(password);
- String start = trans.get(startDate, null);
- if(start!=null) {
- try {
- cred.setStart(Chrono.timeStamp(Chrono.dateOnlyFmt.parse(start)));
- } catch (ParseException e) {
- throw new CadiException(e);
- }
- }
-
- fcr = client.create(
- "/authn/cred",
- gui.getDF(CredRequest.class),
- cred
- );
-
- if(fcr.get(5000)) {
- // Do Remote Call
- hgen.p("New Password has been added.");
- fail = false;
- } else {
- gui.writeError(trans, fcr, hgen, 0);
- }
- } finally {
- tt.done();
- }
- }
- return fail;
- } finally {
- tt.done();
- }
- }
- });
+ public NsInfoAction(final AAF_GUI gui, final Page ... breadcrumbs) throws APIException, IOException {
+ super(gui.env,"Onboard",PassChangeForm.HREF, PassChangeForm.fields,
+ new BreadCrumbs(breadcrumbs),
+ new NamedCode(true,"content") {
+ final Slot sID = gui.env.slot(PassChangeForm.NAME+'.'+PassChangeForm.fields[0]);
+ final Slot sCurrPass = gui.env.slot(PassChangeForm.NAME+'.'+PassChangeForm.fields[1]);
+ final Slot sPassword = gui.env.slot(PassChangeForm.NAME+'.'+PassChangeForm.fields[2]);
+ final Slot sPassword2 = gui.env.slot(PassChangeForm.NAME+'.'+PassChangeForm.fields[3]);
+ final Slot startDate = gui.env.slot(PassChangeForm.NAME+'.'+PassChangeForm.fields[4]);
+
+ @Override
+ public void code(final Cache<HTMLGen> cache, final HTMLGen hgen) throws APIException, IOException {
+ cache.dynamic(hgen, new DynamicCode<HTMLGen,AAF_GUI, AuthzTrans>() {
+ @Override
+ public void code(final AAF_GUI gui, final AuthzTrans trans,final Cache<HTMLGen> cache, final HTMLGen hgen) throws APIException, IOException {
+ String id = trans.get(sID,null);
+ String currPass = trans.get(sCurrPass,null);
+ final String password = trans.get(sPassword,null);
+ String password2 = trans.get(sPassword2,null);
+
+ // Run Validations
+ boolean fail = true;
+
+ if (id==null || id.indexOf('@')<=0) {
+ hgen.p("Data Entry Failure: Please enter a valid ID, including domain.");
+ } else if(password == null || password2 == null || currPass == null) {
+ hgen.p("Data Entry Failure: Both Password Fields need entries.");
+ } else if(!password.equals(password2)) {
+ hgen.p("Data Entry Failure: Passwords do not match.");
+ } else { // everything else is checked by Server
+ final CredRequest cred = new CredRequest();
+ cred.setId(id);
+ cred.setPassword(currPass);
+ try {
+ fail = gui.clientAsUser(trans.getUserPrincipal(), new Retryable<Boolean>() {
+ @Override
+ public Boolean code(Rcli<?> client)throws CadiException, ConnectException, APIException {
+ TimeTaken tt = trans.start("Check Current Password",Env.REMOTE);
+ try {
+ Future<CredRequest> fcr = client.create( // Note: Need "Post", because of hiding password in SSL Data
+ "/authn/validate",
+ gui.getDF(CredRequest.class),
+ cred
+ );
+ boolean go;
+ boolean fail = true;
+ fcr.get(5000);
+ if(fcr.code() == 200) {
+ hgen.p("Current Password validated");
+ go = true;
+ } else {
+ hgen.p(String.format("Invalid Current Password: %d %s",fcr.code(),fcr.body()));
+ go = false;
+ }
+ if(go) {
+ tt.done();
+ tt = trans.start("AAF Change Password",Env.REMOTE);
+ try {
+ // Change over Cred to reset mode
+ cred.setPassword(password);
+ String start = trans.get(startDate, null);
+ if(start!=null) {
+ try {
+ cred.setStart(Chrono.timeStamp(Chrono.dateOnlyFmt.parse(start)));
+ } catch (ParseException e) {
+ throw new CadiException(e);
+ }
+ }
+
+ fcr = client.create(
+ "/authn/cred",
+ gui.getDF(CredRequest.class),
+ cred
+ );
+
+ if(fcr.get(5000)) {
+ // Do Remote Call
+ hgen.p("New Password has been added.");
+ fail = false;
+ } else {
+ gui.writeError(trans, fcr, hgen, 0);
+ }
+ } finally {
+ tt.done();
+ }
+ }
+ return fail;
+ } finally {
+ tt.done();
+ }
+ }
+ });
- } catch (Exception e) {
- hgen.p("Unknown Error");
- e.printStackTrace();
- }
- }
- hgen.br();
- if(fail) {
- hgen.incr("a",true,"href="+PassChangeForm.HREF+"?id="+id).text("Try again").end();
- } else {
- hgen.incr("a",true,"href="+Home.HREF).text("Home").end();
- }
- }
- });
- }
- });
- }
+ } catch (Exception e) {
+ hgen.p("Unknown Error");
+ e.printStackTrace();
+ }
+ }
+ hgen.br();
+ if(fail) {
+ hgen.incr("a",true,"href="+PassChangeForm.HREF+"?id="+id).text("Try again").end();
+ } else {
+ hgen.incr("a",true,"href="+Home.HREF).text("Home").end();
+ }
+ }
+ });
+ }
+ });
+ }
}
diff --git a/auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/pages/NsInfoForm.java b/auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/pages/NsInfoForm.java
index 173b9500..2447c98b 100644
--- a/auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/pages/NsInfoForm.java
+++ b/auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/pages/NsInfoForm.java
@@ -51,112 +51,112 @@ import aaf.v2_0.Nss.Ns;
public class NsInfoForm extends Page {
- // Package on purpose
- static final String HREF = "/gui/onboard";
- static final String NAME = "Onboarding";
- static final String fields[] = {"ns","description","mots","owners","admins"};
-
- public NsInfoForm(final AAF_GUI gui, final Page ... breadcrumbs) throws APIException, IOException {
- super(gui.env,NAME,HREF, fields,
- new BreadCrumbs(breadcrumbs),
- new NamedCode(true,"content") {
+ // Package on purpose
+ static final String HREF = "/gui/onboard";
+ static final String NAME = "Onboarding";
+ static final String fields[] = {"ns","description","mots","owners","admins"};
+
+ public NsInfoForm(final AAF_GUI gui, final Page ... breadcrumbs) throws APIException, IOException {
+ super(gui.env,NAME,HREF, fields,
+ new BreadCrumbs(breadcrumbs),
+ new NamedCode(true,"content") {
- private final Slot sID = gui.env.slot(NsInfoForm.NAME+'.'+NsInfoForm.fields[0]);
- @Override
- public void code(final Cache<HTMLGen> cache, final HTMLGen hgen) throws APIException, IOException {
- // p tags not closing right using .p() - causes issues in IE8 password form - so using leaf for the moment
- hgen.leaf(HTMLGen.H2).text("Namespace Info").end()
- .leaf("p").text("Hover over Fields for Tool Tips, or click ")
- .leaf(A,"href="+gui.env.getProperty(AAF_URL_GUI_ONBOARD,"")).text("Here").end()
- .text(" for more information")
- .end()
- .incr("form","method=post");
- Mark table = new Mark(TABLE);
- hgen.incr(table);
- cache.dynamic(hgen, new DynamicCode<HTMLGen, AAF_GUI, AuthzTrans>() {
- @SuppressWarnings("unchecked")
- @Override
- public void code(final AAF_GUI gui, final AuthzTrans trans, final Cache<HTMLGen> cache, final HTMLGen hgen) throws APIException, IOException {
- final String incomingID= trans.get(sID, "");
- final String[] info = new String[fields.length];
- final Object own_adm[] = new Object[2];
- for(int i=0;i<info.length;++i) {
- info[i]="";
- }
- if(incomingID.length()>0) {
- TimeTaken tt = trans.start("AAF Namespace Info",Env.REMOTE);
- try {
- gui.clientAsUser(trans.getUserPrincipal(), new Retryable<Void>() {
- @Override
- public Void code(Rcli<?> client) throws CadiException, ConnectException, APIException {
- Future<Nss> fn = client.read("/authz/nss/"+incomingID,gui.getDF(Nss.class));
- if(fn.get(AAF_GUI.TIMEOUT)) {
- for(Ns ns : fn.value.getNs()) {
- info[0]=ns.getName();
- info[1]=ns.getDescription();
- for(Ns.Attrib attr: ns.getAttrib()) {
- switch(attr.getKey()) {
- case "mots":
- info[2]=attr.getValue();
- default:
- }
- }
- own_adm[0]=ns.getResponsible();
- own_adm[1]=ns.getAdmin();
- }
- } else {
- trans.error().log(fn.body());
- }
- return null;
- }
- });
- } catch (Exception e) {
- trans.error().log("Unable to access AAF for NS Info",incomingID);
- e.printStackTrace();
- } finally {
- tt.done();
- }
- }
- hgen.input(fields[0],"Namespace",false,"value="+info[0],"title=AAF Namespace")
- .input(fields[1],"Description*",true,"value="+info[1],"title=Full Application Name, Tool Name or Group")
- .input(fields[2],"MOTS ID",false,"value="+info[2],"title=MOTS ID if this is an Application, and has MOTS");
- Mark endTD = new Mark(),endTR=new Mark();
- // Owners
- hgen.incr(endTR,HTMLGen.TR)
- .incr(endTD,HTMLGen.TD)
- .leaf("label","for="+fields[3]).text("Responsible Party")
- .end(endTD)
- .incr(endTD,HTMLGen.TD)
- .tagOnly("input","id="+fields[3],"title=Owner of App, must be an Non-Bargained Employee");
- if(own_adm[0]!=null) {
- for(String s : (List<String>)own_adm[0]) {
- hgen.incr("label",true).text(s).end();
- }
- }
- hgen.end(endTR);
+ private final Slot sID = gui.env.slot(NsInfoForm.NAME+'.'+NsInfoForm.fields[0]);
+ @Override
+ public void code(final Cache<HTMLGen> cache, final HTMLGen hgen) throws APIException, IOException {
+ // p tags not closing right using .p() - causes issues in IE8 password form - so using leaf for the moment
+ hgen.leaf(HTMLGen.H2).text("Namespace Info").end()
+ .leaf("p").text("Hover over Fields for Tool Tips, or click ")
+ .leaf(A,"href="+gui.env.getProperty(AAF_URL_GUI_ONBOARD,"")).text("Here").end()
+ .text(" for more information")
+ .end()
+ .incr("form","method=post");
+ Mark table = new Mark(TABLE);
+ hgen.incr(table);
+ cache.dynamic(hgen, new DynamicCode<HTMLGen, AAF_GUI, AuthzTrans>() {
+ @SuppressWarnings("unchecked")
+ @Override
+ public void code(final AAF_GUI gui, final AuthzTrans trans, final Cache<HTMLGen> cache, final HTMLGen hgen) throws APIException, IOException {
+ final String incomingID= trans.get(sID, "");
+ final String[] info = new String[fields.length];
+ final Object own_adm[] = new Object[2];
+ for(int i=0;i<info.length;++i) {
+ info[i]="";
+ }
+ if(incomingID.length()>0) {
+ TimeTaken tt = trans.start("AAF Namespace Info",Env.REMOTE);
+ try {
+ gui.clientAsUser(trans.getUserPrincipal(), new Retryable<Void>() {
+ @Override
+ public Void code(Rcli<?> client) throws CadiException, ConnectException, APIException {
+ Future<Nss> fn = client.read("/authz/nss/"+incomingID,gui.getDF(Nss.class));
+ if(fn.get(AAF_GUI.TIMEOUT)) {
+ for(Ns ns : fn.value.getNs()) {
+ info[0]=ns.getName();
+ info[1]=ns.getDescription();
+ for(Ns.Attrib attr: ns.getAttrib()) {
+ switch(attr.getKey()) {
+ case "mots":
+ info[2]=attr.getValue();
+ default:
+ }
+ }
+ own_adm[0]=ns.getResponsible();
+ own_adm[1]=ns.getAdmin();
+ }
+ } else {
+ trans.error().log(fn.body());
+ }
+ return null;
+ }
+ });
+ } catch (Exception e) {
+ trans.error().log("Unable to access AAF for NS Info",incomingID);
+ e.printStackTrace();
+ } finally {
+ tt.done();
+ }
+ }
+ hgen.input(fields[0],"Namespace",false,"value="+info[0],"title=AAF Namespace")
+ .input(fields[1],"Description*",true,"value="+info[1],"title=Full Application Name, Tool Name or Group")
+ .input(fields[2],"MOTS ID",false,"value="+info[2],"title=MOTS ID if this is an Application, and has MOTS");
+ Mark endTD = new Mark(),endTR=new Mark();
+ // Owners
+ hgen.incr(endTR,HTMLGen.TR)
+ .incr(endTD,HTMLGen.TD)
+ .leaf("label","for="+fields[3]).text("Responsible Party")
+ .end(endTD)
+ .incr(endTD,HTMLGen.TD)
+ .tagOnly("input","id="+fields[3],"title=Owner of App, must be an Non-Bargained Employee");
+ if(own_adm[0]!=null) {
+ for(String s : (List<String>)own_adm[0]) {
+ hgen.incr("label",true).text(s).end();
+ }
+ }
+ hgen.end(endTR);
- // Admins
- hgen.incr(endTR,HTMLGen.TR)
- .incr(endTD,HTMLGen.TD)
- .leaf("label","for="+fields[4]).text("Administrators")
- .end(endTD)
- .incr(endTD,HTMLGen.TD)
- .tagOnly("input","id="+fields[4],"title=Admins may be employees, contractors or mechIDs");
- if(own_adm[1]!=null) {
- for(String s : (List<String>)own_adm[1]) {
- hgen.incr(HTMLGen.P,true).text(s).end();
- }
- }
- hgen.end(endTR)
- .end();
- }
- });
- hgen.end();
- hgen.tagOnly("input", "type=submit", "value=Submit")
- .end();
+ // Admins
+ hgen.incr(endTR,HTMLGen.TR)
+ .incr(endTD,HTMLGen.TD)
+ .leaf("label","for="+fields[4]).text("Administrators")
+ .end(endTD)
+ .incr(endTD,HTMLGen.TD)
+ .tagOnly("input","id="+fields[4],"title=Admins may be employees, contractors or mechIDs");
+ if(own_adm[1]!=null) {
+ for(String s : (List<String>)own_adm[1]) {
+ hgen.incr(HTMLGen.P,true).text(s).end();
+ }
+ }
+ hgen.end(endTR)
+ .end();
+ }
+ });
+ hgen.end();
+ hgen.tagOnly("input", "type=submit", "value=Submit")
+ .end();
- }
- });
- }
+ }
+ });
+ }
}
diff --git a/auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/pages/NssShow.java b/auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/pages/NssShow.java
index fecd2326..b2a6e368 100644
--- a/auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/pages/NssShow.java
+++ b/auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/pages/NssShow.java
@@ -51,92 +51,92 @@ import aaf.v2_0.Nss;
import aaf.v2_0.Nss.Ns;
public class NssShow extends Page {
- public static final String HREF = "/gui/ns";
+ public static final String HREF = "/gui/ns";
- public NssShow(final AAF_GUI gui, final Page ... breadcrumbs) throws APIException, IOException {
- super(gui.env, "MyNamespaces",HREF, NO_FIELDS,
- new BreadCrumbs(breadcrumbs),
- new Table<AAF_GUI,AuthzTrans>("Namespaces I administer",gui.env.newTransNoAvg(),new Model(true,"Administrator",gui.env),
- "class=std", "style=display: inline-block; width: 45%; margin: 10px;"),
- new Table<AAF_GUI,AuthzTrans>("Namespaces I own",gui.env.newTransNoAvg(),new Model(false,"Owner",gui.env),
- "class=std", "style=display: inline-block; width: 45%; margin: 10px;"));
- }
-
- private static class Model extends TableData<AAF_GUI,AuthzTrans> {
- private String[] headers;
- private String privilege = null;
- public final Slot sNssByUser;
- private boolean isAdmin;
+ public NssShow(final AAF_GUI gui, final Page ... breadcrumbs) throws APIException, IOException {
+ super(gui.env, "MyNamespaces",HREF, NO_FIELDS,
+ new BreadCrumbs(breadcrumbs),
+ new Table<AAF_GUI,AuthzTrans>("Namespaces I administer",gui.env.newTransNoAvg(),new Model(true,"Administrator",gui.env),
+ "class=std", "style=display: inline-block; width: 45%; margin: 10px;"),
+ new Table<AAF_GUI,AuthzTrans>("Namespaces I own",gui.env.newTransNoAvg(),new Model(false,"Owner",gui.env),
+ "class=std", "style=display: inline-block; width: 45%; margin: 10px;"));
+ }
+
+ private static class Model extends TableData<AAF_GUI,AuthzTrans> {
+ private String[] headers;
+ private String privilege = null;
+ public final Slot sNssByUser;
+ private boolean isAdmin;
- public Model(boolean admin, String privilege,AuthzEnv env) {
- super();
- headers = new String[] {privilege};
- this.privilege = privilege;
- isAdmin = admin;
- sNssByUser = env.slot("NSS_SHOW_MODEL_DATA");
- }
+ public Model(boolean admin, String privilege,AuthzEnv env) {
+ super();
+ headers = new String[] {privilege};
+ this.privilege = privilege;
+ isAdmin = admin;
+ sNssByUser = env.slot("NSS_SHOW_MODEL_DATA");
+ }
- @Override
- public String[] headers() {
- return headers;
- }
-
- @Override
- public Cells get(final AuthzTrans trans, final AAF_GUI gui) {
- ArrayList<AbsCell[]> rv = new ArrayList<>();
- List<Ns> nss = trans.get(sNssByUser, null);
- if(nss==null) {
- TimeTaken tt = trans.start("AAF Nss by User for " + privilege,Env.REMOTE);
- try {
- nss = gui.clientAsUser(trans.getUserPrincipal(), new Retryable<List<Ns>>() {
- @Override
- public List<Ns> code(Rcli<?> client) throws CadiException, ConnectException, APIException {
- List<Ns> nss = null;
- Future<Nss> fp = client.read("/authz/nss/either/" + trans.user(),gui.getDF(Nss.class));
- if(fp.get(AAF_GUI.TIMEOUT)) {
- TimeTaken tt = trans.start("Load Data for " + privilege, Env.SUB);
- try {
- if(fp.value!=null) {
- nss = fp.value.getNs();
- Collections.sort(nss, new Comparator<Ns>() {
- public int compare(Ns ns1, Ns ns2) {
- return ns1.getName().compareToIgnoreCase(ns2.getName());
- }
- });
- trans.put(sNssByUser,nss);
- }
- } finally {
- tt.done();
- }
- }else {
- gui.writeError(trans, fp, null,0);
- }
- return nss;
- }
- });
- } catch (Exception e) {
- trans.error().log(e);
- } finally {
- tt.done();
- }
- }
-
- if(nss!=null) {
- for(Ns n : nss) {
- if((isAdmin && !n.getAdmin().isEmpty())
- || (!isAdmin && !n.getResponsible().isEmpty())) {
- AbsCell[] sa = new AbsCell[] {
- new RefCell(n.getName(),NsDetail.HREF
- +"?ns="+n.getName(),false),
- };
- rv.add(sa);
- }
- }
- }
+ @Override
+ public String[] headers() {
+ return headers;
+ }
+
+ @Override
+ public Cells get(final AuthzTrans trans, final AAF_GUI gui) {
+ ArrayList<AbsCell[]> rv = new ArrayList<>();
+ List<Ns> nss = trans.get(sNssByUser, null);
+ if(nss==null) {
+ TimeTaken tt = trans.start("AAF Nss by User for " + privilege,Env.REMOTE);
+ try {
+ nss = gui.clientAsUser(trans.getUserPrincipal(), new Retryable<List<Ns>>() {
+ @Override
+ public List<Ns> code(Rcli<?> client) throws CadiException, ConnectException, APIException {
+ List<Ns> nss = null;
+ Future<Nss> fp = client.read("/authz/nss/either/" + trans.user(),gui.getDF(Nss.class));
+ if(fp.get(AAF_GUI.TIMEOUT)) {
+ TimeTaken tt = trans.start("Load Data for " + privilege, Env.SUB);
+ try {
+ if(fp.value!=null) {
+ nss = fp.value.getNs();
+ Collections.sort(nss, new Comparator<Ns>() {
+ public int compare(Ns ns1, Ns ns2) {
+ return ns1.getName().compareToIgnoreCase(ns2.getName());
+ }
+ });
+ trans.put(sNssByUser,nss);
+ }
+ } finally {
+ tt.done();
+ }
+ }else {
+ gui.writeError(trans, fp, null,0);
+ }
+ return nss;
+ }
+ });
+ } catch (Exception e) {
+ trans.error().log(e);
+ } finally {
+ tt.done();
+ }
+ }
+
+ if(nss!=null) {
+ for(Ns n : nss) {
+ if((isAdmin && !n.getAdmin().isEmpty())
+ || (!isAdmin && !n.getResponsible().isEmpty())) {
+ AbsCell[] sa = new AbsCell[] {
+ new RefCell(n.getName(),NsDetail.HREF
+ +"?ns="+n.getName(),false),
+ };
+ rv.add(sa);
+ }
+ }
+ }
- return new Cells(rv,null);
- }
- }
-
+ return new Cells(rv,null);
+ }
+ }
+
}
diff --git a/auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/pages/PassChangeAction.java b/auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/pages/PassChangeAction.java
index d0d03a7a..aafd0c96 100644
--- a/auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/pages/PassChangeAction.java
+++ b/auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/pages/PassChangeAction.java
@@ -55,157 +55,157 @@ import aaf.v2_0.Users;
public class PassChangeAction extends Page {
- public PassChangeAction(final AAF_GUI gui, final Page ... breadcrumbs) throws APIException, IOException {
- super(gui.env,PassChangeForm.NAME,PassChangeForm.HREF, PassChangeForm.fields,
- new BreadCrumbs(breadcrumbs),
- new NamedCode(true,"content") {
- final Slot sID = gui.env.slot(PassChangeForm.NAME+'.'+PassChangeForm.fields[0]);
- final Slot sCurrPass = gui.env.slot(PassChangeForm.NAME+'.'+PassChangeForm.fields[1]);
- final Slot sPassword = gui.env.slot(PassChangeForm.NAME+'.'+PassChangeForm.fields[2]);
- final Slot sPassword2 = gui.env.slot(PassChangeForm.NAME+'.'+PassChangeForm.fields[3]);
- final Slot startDate = gui.env.slot(PassChangeForm.NAME+'.'+PassChangeForm.fields[4]);
- final Slot sNS = gui.env.slot(PassChangeForm.NAME+'.'+PassChangeForm.fields[5]);
-
- @Override
- public void code(final Cache<HTMLGen> cache, final HTMLGen hgen) throws APIException, IOException {
- cache.dynamic(hgen, new DynamicCode<HTMLGen,AAF_GUI, AuthzTrans>() {
- @Override
- public void code(final AAF_GUI gui, final AuthzTrans trans,final Cache<HTMLGen> cache, final HTMLGen hgen) throws APIException, IOException {
- final String id = trans.get(sID,null);
- final String currPass = trans.get(sCurrPass,null);
- final String password = trans.get(sPassword,null);
- final String password2 = trans.get(sPassword2,null);
- final String ns = trans.get(sNS, null);
-
- // Run Validations
- boolean fail = true;
-
- if (id==null || id.indexOf('@')<=0) {
- hgen.p("Data Entry Failure: Please enter a valid ID, including domain.");
- } else if(password == null || password2 == null) {
- hgen.p("Data Entry Failure: Both Password Fields need entries.");
- } else if(!password.equals(password2)) {
- hgen.p("Data Entry Failure: Passwords do not match.");
- } else { // everything else is checked by Server
- final CredRequest cred = new CredRequest();
- cred.setId(id);
- cred.setPassword("".equals(currPass)?null:currPass);
- try {
- fail = gui.clientAsUser(trans.getUserPrincipal(), new Retryable<Boolean>() {
- @Override
- public Boolean code(Rcli<?> client)throws CadiException, ConnectException, APIException {
- boolean fail = true;
- boolean go = false;
- try {
- Organization org = OrganizationFactory.obtain(trans.env(), id);
- if(org!=null) {
- go = PassChangeForm.skipCurrent(trans, org.getIdentity(trans, id));
- }
- } catch(OrganizationException e) {
- trans.error().log(e);
- }
+ public PassChangeAction(final AAF_GUI gui, final Page ... breadcrumbs) throws APIException, IOException {
+ super(gui.env,PassChangeForm.NAME,PassChangeForm.HREF, PassChangeForm.fields,
+ new BreadCrumbs(breadcrumbs),
+ new NamedCode(true,"content") {
+ final Slot sID = gui.env.slot(PassChangeForm.NAME+'.'+PassChangeForm.fields[0]);
+ final Slot sCurrPass = gui.env.slot(PassChangeForm.NAME+'.'+PassChangeForm.fields[1]);
+ final Slot sPassword = gui.env.slot(PassChangeForm.NAME+'.'+PassChangeForm.fields[2]);
+ final Slot sPassword2 = gui.env.slot(PassChangeForm.NAME+'.'+PassChangeForm.fields[3]);
+ final Slot startDate = gui.env.slot(PassChangeForm.NAME+'.'+PassChangeForm.fields[4]);
+ final Slot sNS = gui.env.slot(PassChangeForm.NAME+'.'+PassChangeForm.fields[5]);
+
+ @Override
+ public void code(final Cache<HTMLGen> cache, final HTMLGen hgen) throws APIException, IOException {
+ cache.dynamic(hgen, new DynamicCode<HTMLGen,AAF_GUI, AuthzTrans>() {
+ @Override
+ public void code(final AAF_GUI gui, final AuthzTrans trans,final Cache<HTMLGen> cache, final HTMLGen hgen) throws APIException, IOException {
+ final String id = trans.get(sID,null);
+ final String currPass = trans.get(sCurrPass,null);
+ final String password = trans.get(sPassword,null);
+ final String password2 = trans.get(sPassword2,null);
+ final String ns = trans.get(sNS, null);
+
+ // Run Validations
+ boolean fail = true;
+
+ if (id==null || id.indexOf('@')<=0) {
+ hgen.p("Data Entry Failure: Please enter a valid ID, including domain.");
+ } else if(password == null || password2 == null) {
+ hgen.p("Data Entry Failure: Both Password Fields need entries.");
+ } else if(!password.equals(password2)) {
+ hgen.p("Data Entry Failure: Passwords do not match.");
+ } else { // everything else is checked by Server
+ final CredRequest cred = new CredRequest();
+ cred.setId(id);
+ cred.setPassword("".equals(currPass)?null:currPass);
+ try {
+ fail = gui.clientAsUser(trans.getUserPrincipal(), new Retryable<Boolean>() {
+ @Override
+ public Boolean code(Rcli<?> client)throws CadiException, ConnectException, APIException {
+ boolean fail = true;
+ boolean go = false;
+ try {
+ Organization org = OrganizationFactory.obtain(trans.env(), id);
+ if(org!=null) {
+ go = PassChangeForm.skipCurrent(trans, org.getIdentity(trans, id));
+ }
+ } catch(OrganizationException e) {
+ trans.error().log(e);
+ }
- if(cred.getPassword()==null) {
- try {
- if(!go) {
- go=gui.clientAsUser(trans.getUserPrincipal(), new Retryable<Boolean>() {
- @Override
- public Boolean code(Rcli<?> client) throws CadiException, ConnectException, APIException {
- Future<Users> fc = client.read("/authn/creds/id/"+id,gui.getDF(Users.class));
- if(fc.get(AAFcli.timeout())) {
- GregorianCalendar now = new GregorianCalendar();
- for(aaf.v2_0.Users.User u : fc.value.getUser()) {
- if(u.getType()<10 && u.getExpires().toGregorianCalendar().after(now)) {
- return false; // an existing, non expired, password type exists
- }
- }
- return true; // no existing, no expired password
- } else {
- if(fc.code()==404) { // not found...
- return true;
- } else {
- trans.error().log(gui.aafCon.readableErrMsg(fc));
- }
- }
- return false;
- }
- });
- }
- if(!go) {
- hgen.p("Current Password required").br();
- }
- } catch (LocatorException e) {
- trans.error().log(e);
- }
+ if(cred.getPassword()==null) {
+ try {
+ if(!go) {
+ go=gui.clientAsUser(trans.getUserPrincipal(), new Retryable<Boolean>() {
+ @Override
+ public Boolean code(Rcli<?> client) throws CadiException, ConnectException, APIException {
+ Future<Users> fc = client.read("/authn/creds/id/"+id,gui.getDF(Users.class));
+ if(fc.get(AAFcli.timeout())) {
+ GregorianCalendar now = new GregorianCalendar();
+ for(aaf.v2_0.Users.User u : fc.value.getUser()) {
+ if(u.getType()<10 && u.getExpires().toGregorianCalendar().after(now)) {
+ return false; // an existing, non expired, password type exists
+ }
+ }
+ return true; // no existing, no expired password
+ } else {
+ if(fc.code()==404) { // not found...
+ return true;
+ } else {
+ trans.error().log(gui.aafCon.readableErrMsg(fc));
+ }
+ }
+ return false;
+ }
+ });
+ }
+ if(!go) {
+ hgen.p("Current Password required").br();
+ }
+ } catch (LocatorException e) {
+ trans.error().log(e);
+ }
- } else {
- TimeTaken tt = trans.start("Check Current Password",Env.REMOTE);
- try {
- // Note: Need "Post", because of hiding password in SSL Data
- Future<CredRequest> fcr = client.create("/authn/validate",gui.getDF(CredRequest.class),cred);
- fcr.get(5000);
- if(fcr.code() == 200) {
- hgen.p("Current Password validated").br();
- go = true;
- } else {
- hgen.p(Cred.ATTEMPT_FAILED_SPECIFICS_WITHELD).br();
- trans.info().log("Failed Validation",fcr.code(),fcr.body());
- go = false;
- }
- } finally {
- tt.done();
- }
- }
- if(go) {
- TimeTaken tt = trans.start("AAF Change Password",Env.REMOTE);
- try {
- // Change over Cred to reset mode
- cred.setPassword(password);
- String start = trans.get(startDate, null);
- if(start!=null) {
- try {
- cred.setStart(Chrono.timeStamp(Chrono.dateOnlyFmt.parse(start)));
- } catch (ParseException e) {
- throw new CadiException(e);
- }
- }
-
- Future<CredRequest> fcr = gui.clientAsUser(trans.getUserPrincipal()).create("/authn/cred",gui.getDF(CredRequest.class),cred);
- if(fcr.get(AAFcli.timeout())) {
- // Do Remote Call
- hgen.p("New Password has been added. The previous one is still valid until Expiration.");
- fail = false;
- } else {
- hgen.p(Cred.ATTEMPT_FAILED_SPECIFICS_WITHELD).br();
- trans.info().log("Failed Validation",fcr.code(),fcr.body());
- }
- } finally {
- tt.done();
- }
- }
- return fail;
- }
-
- });
- } catch (Exception e) {
- hgen.p("Unknown Error");
- e.printStackTrace();
- }
-
- }
- hgen.br();
- if(fail) {
- hgen.incr(HTMLGen.A,true,"class=greenbutton","href="+PassChangeForm.HREF+"?id="+id).text("Try again").end();
- } else {
- if(ns==null) {
- hgen.incr(HTMLGen.A,true,"class=greenbutton","href="+Home.HREF).text("Back").end();
- } else {
- hgen.incr(HTMLGen.A,true,"class=greenbutton","href="+CredDetail.HREF+"?id="+id+"&ns="+ns).text("Back").end();
- }
- }
- }
- });
- }
- });
- }
+ } else {
+ TimeTaken tt = trans.start("Check Current Password",Env.REMOTE);
+ try {
+ // Note: Need "Post", because of hiding password in SSL Data
+ Future<CredRequest> fcr = client.create("/authn/validate",gui.getDF(CredRequest.class),cred);
+ fcr.get(5000);
+ if(fcr.code() == 200) {
+ hgen.p("Current Password validated").br();
+ go = true;
+ } else {
+ hgen.p(Cred.ATTEMPT_FAILED_SPECIFICS_WITHELD).br();
+ trans.info().log("Failed Validation",fcr.code(),fcr.body());
+ go = false;
+ }
+ } finally {
+ tt.done();
+ }
+ }
+ if(go) {
+ TimeTaken tt = trans.start("AAF Change Password",Env.REMOTE);
+ try {
+ // Change over Cred to reset mode
+ cred.setPassword(password);
+ String start = trans.get(startDate, null);
+ if(start!=null) {
+ try {
+ cred.setStart(Chrono.timeStamp(Chrono.dateOnlyFmt.parse(start)));
+ } catch (ParseException e) {
+ throw new CadiException(e);
+ }
+ }
+
+ Future<CredRequest> fcr = gui.clientAsUser(trans.getUserPrincipal()).create("/authn/cred",gui.getDF(CredRequest.class),cred);
+ if(fcr.get(AAFcli.timeout())) {
+ // Do Remote Call
+ hgen.p("New Password has been added. The previous one is still valid until Expiration.");
+ fail = false;
+ } else {
+ hgen.p(Cred.ATTEMPT_FAILED_SPECIFICS_WITHELD).br();
+ trans.info().log("Failed Validation",fcr.code(),fcr.body());
+ }
+ } finally {
+ tt.done();
+ }
+ }
+ return fail;
+ }
+
+ });
+ } catch (Exception e) {
+ hgen.p("Unknown Error");
+ e.printStackTrace();
+ }
+
+ }
+ hgen.br();
+ if(fail) {
+ hgen.incr(HTMLGen.A,true,"class=greenbutton","href="+PassChangeForm.HREF+"?id="+id).text("Try again").end();
+ } else {
+ if(ns==null) {
+ hgen.incr(HTMLGen.A,true,"class=greenbutton","href="+Home.HREF).text("Back").end();
+ } else {
+ hgen.incr(HTMLGen.A,true,"class=greenbutton","href="+CredDetail.HREF+"?id="+id+"&ns="+ns).text("Back").end();
+ }
+ }
+ }
+ });
+ }
+ });
+ }
}
diff --git a/auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/pages/PassChangeForm.java b/auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/pages/PassChangeForm.java
index 897796d6..dcaed047 100644
--- a/auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/pages/PassChangeForm.java
+++ b/auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/pages/PassChangeForm.java
@@ -52,154 +52,154 @@ import org.onap.aaf.misc.xgen.html.HTMLGen;
import aaf.v2_0.Users;
public class PassChangeForm extends Page {
- // Package on purpose
- static final String HREF = "/gui/passwd";
- static final String NAME = "PassChange";
- static final String fields[] = {"id","current","password","password2","startDate","ns"};
-
- public PassChangeForm(final AAF_GUI gui, final Page ... breadcrumbs) throws APIException, IOException {
- super(gui.env,NAME,HREF, fields,
- new BreadCrumbs(breadcrumbs),
- new NamedCode(true,NAME) {
- private final Slot sID = gui.env.slot(PassChangeForm.NAME+'.'+PassChangeForm.fields[0]);
- @Override
- public void code(final Cache<HTMLGen> cache, final HTMLGen hgen) throws APIException, IOException {
-
- // p tags not closing right using .p() - causes issues in IE8 password form - so using leaf for the moment
- hgen.incr(HTMLGen.H4,true,"style=margin: 0em 0em .4em 0em")
- .text("You are <i>adding</i> a New Password in the AAF System.")
- .end();
+ // Package on purpose
+ static final String HREF = "/gui/passwd";
+ static final String NAME = "PassChange";
+ static final String fields[] = {"id","current","password","password2","startDate","ns"};
+
+ public PassChangeForm(final AAF_GUI gui, final Page ... breadcrumbs) throws APIException, IOException {
+ super(gui.env,NAME,HREF, fields,
+ new BreadCrumbs(breadcrumbs),
+ new NamedCode(true,NAME) {
+ private final Slot sID = gui.env.slot(PassChangeForm.NAME+'.'+PassChangeForm.fields[0]);
+ @Override
+ public void code(final Cache<HTMLGen> cache, final HTMLGen hgen) throws APIException, IOException {
+
+ // p tags not closing right using .p() - causes issues in IE8 password form - so using leaf for the moment
+ hgen.incr(HTMLGen.H4,true,"style=margin: 0em 0em .4em 0em")
+ .text("You are <i>adding</i> a New Password in the AAF System.")
+ .end();
- Mark form = new Mark();
- hgen.incr(form,"form","method=post");
-
- Mark table = new Mark(TABLE);
- hgen.incr(table);
+ Mark form = new Mark();
+ hgen.incr(form,"form","method=post");
+
+ Mark table = new Mark(TABLE);
+ hgen.incr(table);
- cache.dynamic(hgen, new DynamicCode<HTMLGen, AAF_GUI, AuthzTrans>() {
- @Override
- public void code(final AAF_GUI gui, final AuthzTrans trans, final Cache<HTMLGen> cache, final HTMLGen hgen) throws APIException, IOException {
- String incomingID= trans.get(sID, "");
- boolean skipCurrent = false;
- if(incomingID.length()>0) {
- try {
- Organization org = OrganizationFactory.obtain(trans.env(), incomingID);
- if(org==null) {
- hgen.incr(HTMLGen.H4,"style=color:red;").text("Error: There is no supported company for ").text(incomingID).end();
- } else {
- Identity user = org.getIdentity(trans, incomingID);
- if(user==null) {
- int at = incomingID.indexOf('@');
- hgen.incr(HTMLGen.H4,"style=color:red;").text("Error: You are not the sponsor of '").text(at<0?incomingID:incomingID.substring(0,at))
- .text("' defined at ").text(org.getName()).end();
- incomingID = "";
- } else {
- // Owners/or the IDs themselves are allowed to reset password without previous one
- skipCurrent=skipCurrent(trans, user);
-
- if(!skipCurrent) {
- final String id = incomingID;
- try {
- skipCurrent=gui.clientAsUser(trans.getUserPrincipal(), new Retryable<Boolean>() {
- @Override
- public Boolean code(Rcli<?> client) throws CadiException, ConnectException, APIException {
- Future<Users> fc = client.read("/authn/creds/id/"+id,gui.getDF(Users.class));
- if(fc.get(AAFcli.timeout())) {
- GregorianCalendar now = new GregorianCalendar();
- for(aaf.v2_0.Users.User u : fc.value.getUser()) {
- if(u.getType()<10 && u.getType()>=1 && u.getExpires().toGregorianCalendar().after(now)) {
- return false; // an existing, non expired, password type exists
- }
- }
- return true; // no existing, no expired password
- } else {
- if(fc.code()==404) { // not found...
- return true;
- } else {
- trans.error().log(gui.aafCon.readableErrMsg(fc));
- }
- }
- return false;
- }
- });
- } catch (LocatorException | CadiException e) {
- trans.error().log(e);
- }
- }
- }
- }
- } catch (OrganizationException e) {
- hgen.incr(HTMLGen.H4,"style=color:red;").text("Error: ")
- .text(e.getMessage()).end();
- }
- }
-
- hgen.input(fields[0],"ID*",true,"value="+incomingID,(incomingID.length()==0?"":"readonly"));
- if(!skipCurrent) {
- hgen.input(fields[1],"Current Password*",true,"type=password");
- }
- if(skipCurrent) {
- hgen.input(fields[1],"",false,"type=hidden", "value=").end();
- }
+ cache.dynamic(hgen, new DynamicCode<HTMLGen, AAF_GUI, AuthzTrans>() {
+ @Override
+ public void code(final AAF_GUI gui, final AuthzTrans trans, final Cache<HTMLGen> cache, final HTMLGen hgen) throws APIException, IOException {
+ String incomingID= trans.get(sID, "");
+ boolean skipCurrent = false;
+ if(incomingID.length()>0) {
+ try {
+ Organization org = OrganizationFactory.obtain(trans.env(), incomingID);
+ if(org==null) {
+ hgen.incr(HTMLGen.H4,"style=color:red;").text("Error: There is no supported company for ").text(incomingID).end();
+ } else {
+ Identity user = org.getIdentity(trans, incomingID);
+ if(user==null) {
+ int at = incomingID.indexOf('@');
+ hgen.incr(HTMLGen.H4,"style=color:red;").text("Error: You are not the sponsor of '").text(at<0?incomingID:incomingID.substring(0,at))
+ .text("' defined at ").text(org.getName()).end();
+ incomingID = "";
+ } else {
+ // Owners/or the IDs themselves are allowed to reset password without previous one
+ skipCurrent=skipCurrent(trans, user);
+
+ if(!skipCurrent) {
+ final String id = incomingID;
+ try {
+ skipCurrent=gui.clientAsUser(trans.getUserPrincipal(), new Retryable<Boolean>() {
+ @Override
+ public Boolean code(Rcli<?> client) throws CadiException, ConnectException, APIException {
+ Future<Users> fc = client.read("/authn/creds/id/"+id,gui.getDF(Users.class));
+ if(fc.get(AAFcli.timeout())) {
+ GregorianCalendar now = new GregorianCalendar();
+ for(aaf.v2_0.Users.User u : fc.value.getUser()) {
+ if(u.getType()<10 && u.getType()>=1 && u.getExpires().toGregorianCalendar().after(now)) {
+ return false; // an existing, non expired, password type exists
+ }
+ }
+ return true; // no existing, no expired password
+ } else {
+ if(fc.code()==404) { // not found...
+ return true;
+ } else {
+ trans.error().log(gui.aafCon.readableErrMsg(fc));
+ }
+ }
+ return false;
+ }
+ });
+ } catch (LocatorException | CadiException e) {
+ trans.error().log(e);
+ }
+ }
+ }
+ }
+ } catch (OrganizationException e) {
+ hgen.incr(HTMLGen.H4,"style=color:red;").text("Error: ")
+ .text(e.getMessage()).end();
+ }
+ }
+
+ hgen.input(fields[0],"ID*",true,"value="+incomingID,(incomingID.length()==0?"":"readonly"));
+ if(!skipCurrent) {
+ hgen.input(fields[1],"Current Password*",true,"type=password");
+ }
+ if(skipCurrent) {
+ hgen.input(fields[1],"",false,"type=hidden", "value=").end();
+ }
- hgen.input(fields[2],"New Password*",true, "type=password")
- .input(fields[3], "Reenter New Password*",true, "type=password")
- // .input(fields[3],"Start Date",false,"type=date", "value="+
- // Chrono.dateOnlyFmt.format(new Date(System.currentTimeMillis()))
- // )
- .end(table);
+ hgen.input(fields[2],"New Password*",true, "type=password")
+ .input(fields[3], "Reenter New Password*",true, "type=password")
+ // .input(fields[3],"Start Date",false,"type=date", "value="+
+ // Chrono.dateOnlyFmt.format(new Date(System.currentTimeMillis()))
+ // )
+ .end(table);
- }
+ }
- });
- hgen.tagOnly("input", "type=submit", "value=Submit")
- .end(form)
- .br()
- .p("All AAF Passwords continue to be valid until their listed expiration dates. ",
- "This allows you to migrate services to this new password until the old ones expire.").br().br()
- .p("Note: You must be an Admin of the Namespace where the MechID is defined.").br()
- ;
-
- Mark div = hgen.divID("passwordRules");
- cache.dynamic(hgen, new DynamicCode<HTMLGen, AAF_GUI, AuthzTrans>() {
- @Override
- public void code(final AAF_GUI gui, final AuthzTrans trans, final Cache<HTMLGen> cache, final HTMLGen hgen) throws APIException, IOException {
- try {
- Organization org = OrganizationFactory.obtain(trans.env(),trans.getUserPrincipal().getName());
- if(org!=null) {
- hgen.incr(HTMLGen.H4).text("Password Rules for ").text(org.getName()).end()
- .incr(HTMLGen.UL);
- for(String line : org.getPasswordRules()) {
- hgen.leaf(HTMLGen.LI).text(line).end();
- }
- hgen.end();
- }
- } catch (OrganizationException e) {
- hgen.p("No Password Rules can be found for company of ID ",trans.getUserPrincipal().getName()).br();
- }
- }
- });
- hgen.end(div);
- }
- }
- );
- }
+ });
+ hgen.tagOnly("input", "type=submit", "value=Submit")
+ .end(form)
+ .br()
+ .p("All AAF Passwords continue to be valid until their listed expiration dates. ",
+ "This allows you to migrate services to this new password until the old ones expire.").br().br()
+ .p("Note: You must be an Admin of the Namespace where the MechID is defined.").br()
+ ;
+
+ Mark div = hgen.divID("passwordRules");
+ cache.dynamic(hgen, new DynamicCode<HTMLGen, AAF_GUI, AuthzTrans>() {
+ @Override
+ public void code(final AAF_GUI gui, final AuthzTrans trans, final Cache<HTMLGen> cache, final HTMLGen hgen) throws APIException, IOException {
+ try {
+ Organization org = OrganizationFactory.obtain(trans.env(),trans.getUserPrincipal().getName());
+ if(org!=null) {
+ hgen.incr(HTMLGen.H4).text("Password Rules for ").text(org.getName()).end()
+ .incr(HTMLGen.UL);
+ for(String line : org.getPasswordRules()) {
+ hgen.leaf(HTMLGen.LI).text(line).end();
+ }
+ hgen.end();
+ }
+ } catch (OrganizationException e) {
+ hgen.p("No Password Rules can be found for company of ID ",trans.getUserPrincipal().getName()).br();
+ }
+ }
+ });
+ hgen.end(div);
+ }
+ }
+ );
+ }
- // Package on Purpose
- static boolean skipCurrent(AuthzTrans trans, Identity user) throws OrganizationException {
- if(user!=null) {
- // Should this be an abstractable Policy?
- String tuser = trans.user();
- if(user.fullID().equals(trans.user())) {
- return true;
- } else {
- Identity manager = user.responsibleTo();
- if(tuser.equals(user.fullID()) || manager.isFound()) {
- return true;
- }
- }
- }
- return false;
- }
+ // Package on Purpose
+ static boolean skipCurrent(AuthzTrans trans, Identity user) throws OrganizationException {
+ if(user!=null) {
+ // Should this be an abstractable Policy?
+ String tuser = trans.user();
+ if(user.fullID().equals(trans.user())) {
+ return true;
+ } else {
+ Identity manager = user.responsibleTo();
+ if(tuser.equals(user.fullID()) || manager.isFound()) {
+ return true;
+ }
+ }
+ }
+ return false;
+ }
}
diff --git a/auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/pages/PassDeleteAction.java b/auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/pages/PassDeleteAction.java
index 49daf022..2ad7ca5e 100644
--- a/auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/pages/PassDeleteAction.java
+++ b/auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/pages/PassDeleteAction.java
@@ -43,46 +43,46 @@ import org.onap.aaf.misc.xgen.html.HTMLGen;
import aaf.v2_0.CredRequest;
public class PassDeleteAction extends Page {
- public static final String NAME = "PassDeleteAction";
- public static final String HREF = "/gui/passdelete";
- private static enum Params{id,date,ns,type};
-
- public PassDeleteAction(final AAF_GUI gui, final Page ... breadcrumbs) throws APIException, IOException {
- super(gui.env,NAME,HREF,Params.values(),
- new BreadCrumbs(breadcrumbs),
- new SlotCode<AuthzTrans>(true,gui.env,NAME,Params.values()) {
- @Override
- public void code(final Cache<HTMLGen> cache, final HTMLGen hgen) throws APIException, IOException {
- cache.dynamic(hgen, new DynamicCode<HTMLGen,AAF_GUI, AuthzTrans>() {
- @Override
- public void code(final AAF_GUI gui, final AuthzTrans trans,final Cache<HTMLGen> cache, final HTMLGen hgen) throws APIException, IOException {
- final CredRequest cr = new CredRequest();
- cr.setId(get(trans,Params.id, ""));
- cr.setType(Integer.parseInt(get(trans,Params.type, "0")));
- cr.setEntry(get(trans,Params.date,"1960-01-01"));
- try {
- String err = gui.clientAsUser(trans.getUserPrincipal(), new Retryable<String>() {
- @Override
- public String code(Rcli<?> client) throws CadiException, ConnectException, APIException {
- Future<CredRequest> fcr = client.delete("/authn/cred", gui.getDF(CredRequest.class),cr);
- if(!fcr.get(AAFcli.timeout())) {
- return gui.aafCon.readableErrMsg(fcr);
- }
- return null;
- }
- });
- if(err==null) {
- hgen.p("Password " + cr.getId() + ", " + cr.getEntry() + " is Deleted");
- } else {
- hgen.p(err);
- }
- } catch (LocatorException | CadiException e) {
- throw new APIException(e);
- }
- }
- });
- }
- }
- );
- }
+ public static final String NAME = "PassDeleteAction";
+ public static final String HREF = "/gui/passdelete";
+ private static enum Params{id,date,ns,type};
+
+ public PassDeleteAction(final AAF_GUI gui, final Page ... breadcrumbs) throws APIException, IOException {
+ super(gui.env,NAME,HREF,Params.values(),
+ new BreadCrumbs(breadcrumbs),
+ new SlotCode<AuthzTrans>(true,gui.env,NAME,Params.values()) {
+ @Override
+ public void code(final Cache<HTMLGen> cache, final HTMLGen hgen) throws APIException, IOException {
+ cache.dynamic(hgen, new DynamicCode<HTMLGen,AAF_GUI, AuthzTrans>() {
+ @Override
+ public void code(final AAF_GUI gui, final AuthzTrans trans,final Cache<HTMLGen> cache, final HTMLGen hgen) throws APIException, IOException {
+ final CredRequest cr = new CredRequest();
+ cr.setId(get(trans,Params.id, ""));
+ cr.setType(Integer.parseInt(get(trans,Params.type, "0")));
+ cr.setEntry(get(trans,Params.date,"1960-01-01"));
+ try {
+ String err = gui.clientAsUser(trans.getUserPrincipal(), new Retryable<String>() {
+ @Override
+ public String code(Rcli<?> client) throws CadiException, ConnectException, APIException {
+ Future<CredRequest> fcr = client.delete("/authn/cred", gui.getDF(CredRequest.class),cr);
+ if(!fcr.get(AAFcli.timeout())) {
+ return gui.aafCon.readableErrMsg(fcr);
+ }
+ return null;
+ }
+ });
+ if(err==null) {
+ hgen.p("Password " + cr.getId() + ", " + cr.getEntry() + " is Deleted");
+ } else {
+ hgen.p(err);
+ }
+ } catch (LocatorException | CadiException e) {
+ throw new APIException(e);
+ }
+ }
+ });
+ }
+ }
+ );
+ }
}
diff --git a/auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/pages/PendingRequestsShow.java b/auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/pages/PendingRequestsShow.java
index 6e7081bc..a4970e3c 100644
--- a/auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/pages/PendingRequestsShow.java
+++ b/auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/pages/PendingRequestsShow.java
@@ -56,131 +56,131 @@ import aaf.v2_0.Approval;
import aaf.v2_0.Approvals;
public class PendingRequestsShow extends Page {
- public static final String HREF = "/gui/myrequests";
- public static final String NAME = "MyRequests";
- static final String WEBPHONE = "http://webphone.att.com/cgi-bin/webphones.pl?id=";
-
- public PendingRequestsShow(final AAF_GUI gui, final Page ... breadcrumbs) throws APIException, IOException {
- super(gui.env, NAME,HREF, NO_FIELDS,
- new BreadCrumbs(breadcrumbs),
- new NamedCode(true,"expedite") {
- @Override
- public void code(final Cache<HTMLGen> cache, final HTMLGen hgen) throws APIException, IOException {
- cache.dynamic(hgen, new DynamicCode<HTMLGen, AAF_GUI, AuthzTrans>() {
- @Override
- public void code(final AAF_GUI gui, final AuthzTrans trans, final Cache<HTMLGen> cache, final HTMLGen hgen) throws APIException, IOException {
- hgen
- .leaf("p", "class=expedite_request").text("These are your submitted Requests that are awaiting Approval. ")
- .br()
- .text("To Expedite a Request: ")
- .leaf("a","href=#expedite_directions","onclick=divVisibility('expedite_directions');")
- .text("Click Here").end()
- .divID("expedite_directions", "style=display:none");
- hgen
- .incr(HTMLGen.OL)
- .incr(HTMLGen.LI)
- .leaf("a","href="+ApprovalForm.HREF+"?user="+trans.user(), "id=userApprove")
- .text("Copy This Link")
- .end()
- .end()
- .incr(HTMLGen.LI)
- .text("Send it to the Approver Listed")
- .end()
- .end()
- .text("NOTE: Using this link, the Approver will only see your requests. You only need to send this link once!")
- .end()
- .end();
- }
- });
- }
- },
- new Table<AAF_GUI,AuthzTrans>("Pending Requests",gui.env.newTransNoAvg(),new Model(), "class=std")
- );
-
+ public static final String HREF = "/gui/myrequests";
+ public static final String NAME = "MyRequests";
+ static final String WEBPHONE = "http://webphone.att.com/cgi-bin/webphones.pl?id=";
+
+ public PendingRequestsShow(final AAF_GUI gui, final Page ... breadcrumbs) throws APIException, IOException {
+ super(gui.env, NAME,HREF, NO_FIELDS,
+ new BreadCrumbs(breadcrumbs),
+ new NamedCode(true,"expedite") {
+ @Override
+ public void code(final Cache<HTMLGen> cache, final HTMLGen hgen) throws APIException, IOException {
+ cache.dynamic(hgen, new DynamicCode<HTMLGen, AAF_GUI, AuthzTrans>() {
+ @Override
+ public void code(final AAF_GUI gui, final AuthzTrans trans, final Cache<HTMLGen> cache, final HTMLGen hgen) throws APIException, IOException {
+ hgen
+ .leaf("p", "class=expedite_request").text("These are your submitted Requests that are awaiting Approval. ")
+ .br()
+ .text("To Expedite a Request: ")
+ .leaf("a","href=#expedite_directions","onclick=divVisibility('expedite_directions');")
+ .text("Click Here").end()
+ .divID("expedite_directions", "style=display:none");
+ hgen
+ .incr(HTMLGen.OL)
+ .incr(HTMLGen.LI)
+ .leaf("a","href="+ApprovalForm.HREF+"?user="+trans.user(), "id=userApprove")
+ .text("Copy This Link")
+ .end()
+ .end()
+ .incr(HTMLGen.LI)
+ .text("Send it to the Approver Listed")
+ .end()
+ .end()
+ .text("NOTE: Using this link, the Approver will only see your requests. You only need to send this link once!")
+ .end()
+ .end();
+ }
+ });
+ }
+ },
+ new Table<AAF_GUI,AuthzTrans>("Pending Requests",gui.env.newTransNoAvg(),new Model(), "class=std")
+ );
+
- }
+ }
- /**
- * Implement the Table Content for Requests by User
- *
- * @author Jeremiah
- *
- */
- private static class Model extends TableData<AAF_GUI,AuthzTrans> {
- final long NUM_100NS_INTERVALS_SINCE_UUID_EPOCH = 0x01b21dd213814000L;
- private static final String[] headers = new String[] {"Request Date","Status","Memo","Approver"};
+ /**
+ * Implement the Table Content for Requests by User
+ *
+ * @author Jeremiah
+ *
+ */
+ private static class Model extends TableData<AAF_GUI,AuthzTrans> {
+ final long NUM_100NS_INTERVALS_SINCE_UUID_EPOCH = 0x01b21dd213814000L;
+ private static final String[] headers = new String[] {"Request Date","Status","Memo","Approver"};
- @Override
- public String[] headers() {
- return headers;
- }
-
- @Override
- public Cells get(final AuthzTrans trans, final AAF_GUI gui) {
- final ArrayList<AbsCell[]> rv = new ArrayList<>();
- try {
- gui.clientAsUser(trans.getUserPrincipal(), new Retryable<Void>() {
- @Override
- public Void code(Rcli<?> client)throws CadiException, ConnectException, APIException {
- TimeTaken tt = trans.start("AAF Get Approvals by User",Env.REMOTE);
- try {
- Future<Approvals> fa = client.read("/authz/approval/user/"+trans.user(),gui.getDF(Approvals.class));
- if(fa.get(5000)) {
- tt.done();
- tt = trans.start("Load Data", Env.SUB);
- if(fa.value!=null) {
- List<Approval> approvals = fa.value.getApprovals();
- Collections.sort(approvals, new Comparator<Approval>() {
- @Override
- public int compare(Approval a1, Approval a2) {
- UUID id1 = UUID.fromString(a1.getId());
- UUID id2 = UUID.fromString(a2.getId());
- return id1.timestamp()<=id2.timestamp()?1:-1;
- }
- });
-
- String prevTicket = null;
- for(Approval a : approvals) {
- String approver = a.getApprover();
- String approverShort = approver.substring(0,approver.indexOf('@'));
-
- AbsCell tsCell = null;
- String ticket = a.getTicket();
- if (ticket==null || ticket.equals(prevTicket)) {
- tsCell = AbsCell.Null;
- } else {
- UUID id = UUID.fromString(a.getId());
- // Sonar says SimpleDate should not be static
- tsCell = new RefCell(new SimpleDateFormat("yyyy-MM-dd").format((id.timestamp() - NUM_100NS_INTERVALS_SINCE_UUID_EPOCH)/10000),
- RequestDetail.HREF + "?ticket=" + ticket,false);
- prevTicket = ticket;
- }
-
- AbsCell approverCell = new TextCell(approver);
- AbsCell[] sa = new AbsCell[] {
- tsCell,
- new TextCell(a.getStatus()),
- new TextCell(a.getMemo()),
- approverCell
- };
- rv.add(sa);
- }
- }
- } else {
- gui.writeError(trans, fa, null, 0);
- }
- } finally {
- tt.done();
- }
+ @Override
+ public String[] headers() {
+ return headers;
+ }
+
+ @Override
+ public Cells get(final AuthzTrans trans, final AAF_GUI gui) {
+ final ArrayList<AbsCell[]> rv = new ArrayList<>();
+ try {
+ gui.clientAsUser(trans.getUserPrincipal(), new Retryable<Void>() {
+ @Override
+ public Void code(Rcli<?> client)throws CadiException, ConnectException, APIException {
+ TimeTaken tt = trans.start("AAF Get Approvals by User",Env.REMOTE);
+ try {
+ Future<Approvals> fa = client.read("/authz/approval/user/"+trans.user(),gui.getDF(Approvals.class));
+ if(fa.get(5000)) {
+ tt.done();
+ tt = trans.start("Load Data", Env.SUB);
+ if(fa.value!=null) {
+ List<Approval> approvals = fa.value.getApprovals();
+ Collections.sort(approvals, new Comparator<Approval>() {
+ @Override
+ public int compare(Approval a1, Approval a2) {
+ UUID id1 = UUID.fromString(a1.getId());
+ UUID id2 = UUID.fromString(a2.getId());
+ return id1.timestamp()<=id2.timestamp()?1:-1;
+ }
+ });
+
+ String prevTicket = null;
+ for(Approval a : approvals) {
+ String approver = a.getApprover();
+ String approverShort = approver.substring(0,approver.indexOf('@'));
+
+ AbsCell tsCell = null;
+ String ticket = a.getTicket();
+ if (ticket==null || ticket.equals(prevTicket)) {
+ tsCell = AbsCell.Null;
+ } else {
+ UUID id = UUID.fromString(a.getId());
+ // Sonar says SimpleDate should not be static
+ tsCell = new RefCell(new SimpleDateFormat("yyyy-MM-dd").format((id.timestamp() - NUM_100NS_INTERVALS_SINCE_UUID_EPOCH)/10000),
+ RequestDetail.HREF + "?ticket=" + ticket,false);
+ prevTicket = ticket;
+ }
+
+ AbsCell approverCell = new TextCell(approver);
+ AbsCell[] sa = new AbsCell[] {
+ tsCell,
+ new TextCell(a.getStatus()),
+ new TextCell(a.getMemo()),
+ approverCell
+ };
+ rv.add(sa);
+ }
+ }
+ } else {
+ gui.writeError(trans, fa, null, 0);
+ }
+ } finally {
+ tt.done();
+ }
- return null;
- }
- });
- } catch (Exception e) {
- trans.error().log(e);
- }
- return new Cells(rv,null);
- }
- }
+ return null;
+ }
+ });
+ } catch (Exception e) {
+ trans.error().log(e);
+ }
+ return new Cells(rv,null);
+ }
+ }
}
diff --git a/auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/pages/PermDetail.java b/auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/pages/PermDetail.java
index 01c96a62..750f725f 100644
--- a/auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/pages/PermDetail.java
+++ b/auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/pages/PermDetail.java
@@ -58,103 +58,103 @@ import aaf.v2_0.Perms;
*
*/
public class PermDetail extends Page {
- public static final String HREF = "/gui/permdetail";
- public static final String NAME = "PermDetail";
- private static final String BLANK = "";
+ public static final String HREF = "/gui/permdetail";
+ public static final String NAME = "PermDetail";
+ private static final String BLANK = "";
- public PermDetail(final AAF_GUI gui, Page ... breadcrumbs) throws APIException, IOException {
- super(gui.env, NAME, HREF, new String[] {"type","instance","action"},
- new BreadCrumbs(breadcrumbs),
- new Table<AAF_GUI,AuthzTrans>("Permission Details",gui.env.newTransNoAvg(),new Model(gui.env),"class=detail")
- );
- }
+ public PermDetail(final AAF_GUI gui, Page ... breadcrumbs) throws APIException, IOException {
+ super(gui.env, NAME, HREF, new String[] {"type","instance","action"},
+ new BreadCrumbs(breadcrumbs),
+ new Table<AAF_GUI,AuthzTrans>("Permission Details",gui.env.newTransNoAvg(),new Model(gui.env),"class=detail")
+ );
+ }
- /**
- * Implement the table content for Permissions Detail
- *
- * @author Jonathan
- *
- */
- private static class Model extends TableData<AAF_GUI,AuthzTrans> {
- private Slot type, instance, action;
- public Model(AuthzEnv env) {
- type = env.slot(NAME+".type");
- instance = env.slot(NAME+".instance");
- action = env.slot(NAME+".action");
- }
+ /**
+ * Implement the table content for Permissions Detail
+ *
+ * @author Jonathan
+ *
+ */
+ private static class Model extends TableData<AAF_GUI,AuthzTrans> {
+ private Slot type, instance, action;
+ public Model(AuthzEnv env) {
+ type = env.slot(NAME+".type");
+ instance = env.slot(NAME+".instance");
+ action = env.slot(NAME+".action");
+ }
- public Cells get(final AuthzTrans trans, final AAF_GUI gui) {
- final String pType = trans.get(type, null);
- final String pInstance = trans.get(instance, null);
- final String pAction = trans.get(action, null);
- Validator v = new Validator();
- v.permType(pType)
- .permInstance(pInstance)
- .permAction(pAction);
-
- if(v.err()) {
- trans.warn().printf("Error in PermDetail Request: %s", v.errs());
- return Cells.EMPTY;
- }
- final ArrayList<AbsCell[]> rv = new ArrayList<>();
- rv.add(new AbsCell[]{new TextCell("Type:"),new TextCell(pType)});
- rv.add(new AbsCell[]{new TextCell("Instance:"),new TextCell(pInstance)});
- rv.add(new AbsCell[]{new TextCell("Action:"),new TextCell(pAction)});
- try {
- gui.clientAsUser(trans.getUserPrincipal(), new Retryable<Void>() {
- @Override
- public Void code(Rcli<?> client)throws CadiException, ConnectException, APIException {
- TimeTaken tt = trans.start("AAF Perm Details",Env.REMOTE);
- try {
- Future<Perms> fp= client.read("/authz/perms/"+pType + '/' + pInstance + '/' + pAction,gui.getDF(Perms.class));
-
- if(fp.get(AAF_GUI.TIMEOUT)) {
- tt.done();
- tt = trans.start("Load Data", Env.SUB);
- List<Perm> ps = fp.value.getPerm();
- if(!ps.isEmpty()) {
- Perm perm = fp.value.getPerm().get(0);
- String desc = (perm.getDescription()!=null?perm.getDescription():BLANK);
- rv.add(new AbsCell[]{new TextCell("Description:"),new TextCell(desc)});
- boolean first=true;
- for(String r : perm.getRoles()) {
- if(first){
- first=false;
- rv.add(new AbsCell[] {
- new TextCell("Associated Roles:"),
- new TextCell(r)
- });
- } else {
- rv.add(new AbsCell[] {
- AbsCell.Null,
- new TextCell(r)
- });
- }
- }
- }
- String historyLink = PermHistory.HREF
- + "?type=" + pType + "&instance=" + pInstance + "&action=" + pAction;
-
- rv.add(new AbsCell[] {new RefCell("See History",historyLink,false)});
- } else {
- rv.add(new AbsCell[] {new TextCell(
- fp.code()==HttpStatus.NOT_FOUND_404?
- "*** Implicit Permission ***":
- "*** Data Unavailable ***"
- )});
- }
- } finally {
- tt.done();
- }
+ public Cells get(final AuthzTrans trans, final AAF_GUI gui) {
+ final String pType = trans.get(type, null);
+ final String pInstance = trans.get(instance, null);
+ final String pAction = trans.get(action, null);
+ Validator v = new Validator();
+ v.permType(pType)
+ .permInstance(pInstance)
+ .permAction(pAction);
+
+ if(v.err()) {
+ trans.warn().printf("Error in PermDetail Request: %s", v.errs());
+ return Cells.EMPTY;
+ }
+ final ArrayList<AbsCell[]> rv = new ArrayList<>();
+ rv.add(new AbsCell[]{new TextCell("Type:"),new TextCell(pType)});
+ rv.add(new AbsCell[]{new TextCell("Instance:"),new TextCell(pInstance)});
+ rv.add(new AbsCell[]{new TextCell("Action:"),new TextCell(pAction)});
+ try {
+ gui.clientAsUser(trans.getUserPrincipal(), new Retryable<Void>() {
+ @Override
+ public Void code(Rcli<?> client)throws CadiException, ConnectException, APIException {
+ TimeTaken tt = trans.start("AAF Perm Details",Env.REMOTE);
+ try {
+ Future<Perms> fp= client.read("/authz/perms/"+pType + '/' + pInstance + '/' + pAction,gui.getDF(Perms.class));
+
+ if(fp.get(AAF_GUI.TIMEOUT)) {
+ tt.done();
+ tt = trans.start("Load Data", Env.SUB);
+ List<Perm> ps = fp.value.getPerm();
+ if(!ps.isEmpty()) {
+ Perm perm = fp.value.getPerm().get(0);
+ String desc = (perm.getDescription()!=null?perm.getDescription():BLANK);
+ rv.add(new AbsCell[]{new TextCell("Description:"),new TextCell(desc)});
+ boolean first=true;
+ for(String r : perm.getRoles()) {
+ if(first){
+ first=false;
+ rv.add(new AbsCell[] {
+ new TextCell("Associated Roles:"),
+ new TextCell(r)
+ });
+ } else {
+ rv.add(new AbsCell[] {
+ AbsCell.Null,
+ new TextCell(r)
+ });
+ }
+ }
+ }
+ String historyLink = PermHistory.HREF
+ + "?type=" + pType + "&instance=" + pInstance + "&action=" + pAction;
+
+ rv.add(new AbsCell[] {new RefCell("See History",historyLink,false)});
+ } else {
+ rv.add(new AbsCell[] {new TextCell(
+ fp.code()==HttpStatus.NOT_FOUND_404?
+ "*** Implicit Permission ***":
+ "*** Data Unavailable ***"
+ )});
+ }
+ } finally {
+ tt.done();
+ }
- return null;
- }
- });
- } catch (Exception e) {
- e.printStackTrace();
- }
- return new Cells(rv,null);
- }
- }
-}
- \ No newline at end of file
+ return null;
+ }
+ });
+ } catch (Exception e) {
+ e.printStackTrace();
+ }
+ return new Cells(rv,null);
+ }
+ }
+}
+ \ No newline at end of file
diff --git a/auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/pages/PermGrantAction.java b/auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/pages/PermGrantAction.java
index dd854660..8839ed81 100644
--- a/auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/pages/PermGrantAction.java
+++ b/auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/pages/PermGrantAction.java
@@ -45,91 +45,91 @@ import aaf.v2_0.Pkey;
import aaf.v2_0.RolePermRequest;
public class PermGrantAction extends Page {
-
-
- public PermGrantAction(final AAF_GUI gui, final Page ... breadcrumbs) throws APIException, IOException {
- super(gui.env,PermGrantForm.NAME, PermGrantForm.HREF, PermGrantForm.fields,
- new BreadCrumbs(breadcrumbs),
- new NamedCode(true,"content") {
- final Slot sType = gui.env.slot(PermGrantForm.NAME+'.'+PermGrantForm.fields[0]);
- final Slot sInstance = gui.env.slot(PermGrantForm.NAME+'.'+PermGrantForm.fields[1]);
- final Slot sAction = gui.env.slot(PermGrantForm.NAME+'.'+PermGrantForm.fields[2]);
- final Slot sRole = gui.env.slot(PermGrantForm.NAME+'.'+PermGrantForm.fields[3]);
-
- @Override
- public void code(final Cache<HTMLGen> cache, final HTMLGen hgen) throws APIException, IOException {
- cache.dynamic(hgen, new DynamicCode<HTMLGen,AAF_GUI, AuthzTrans>() {
- @Override
- public void code(final AAF_GUI gui, final AuthzTrans trans,final Cache<HTMLGen> cache, final HTMLGen hgen) throws APIException, IOException {
+
+
+ public PermGrantAction(final AAF_GUI gui, final Page ... breadcrumbs) throws APIException, IOException {
+ super(gui.env,PermGrantForm.NAME, PermGrantForm.HREF, PermGrantForm.fields,
+ new BreadCrumbs(breadcrumbs),
+ new NamedCode(true,"content") {
+ final Slot sType = gui.env.slot(PermGrantForm.NAME+'.'+PermGrantForm.fields[0]);
+ final Slot sInstance = gui.env.slot(PermGrantForm.NAME+'.'+PermGrantForm.fields[1]);
+ final Slot sAction = gui.env.slot(PermGrantForm.NAME+'.'+PermGrantForm.fields[2]);
+ final Slot sRole = gui.env.slot(PermGrantForm.NAME+'.'+PermGrantForm.fields[3]);
+
+ @Override
+ public void code(final Cache<HTMLGen> cache, final HTMLGen hgen) throws APIException, IOException {
+ cache.dynamic(hgen, new DynamicCode<HTMLGen,AAF_GUI, AuthzTrans>() {
+ @Override
+ public void code(final AAF_GUI gui, final AuthzTrans trans,final Cache<HTMLGen> cache, final HTMLGen hgen) throws APIException, IOException {
- String type = trans.get(sType,null);
- String instance = trans.get(sInstance,null);
- String action = trans.get(sAction,null);
- String role = trans.get(sRole,null);
-
- String lastPage = PermGrantForm.HREF
- + "?type=" + type + "&instance=" + instance + "&action=" + action;
-
- // Run Validations
- boolean fail = true;
-
- TimeTaken tt = trans.start("AAF Grant Permission to Role",Env.REMOTE);
- try {
-
- final RolePermRequest grantReq = new RolePermRequest();
- Pkey pkey = new Pkey();
- pkey.setType(type);
- pkey.setInstance(instance);
- pkey.setAction(action);
- grantReq.setPerm(pkey);
- grantReq.setRole(role);
-
- fail = gui.clientAsUser(trans.getUserPrincipal(), new Retryable<Boolean>() {
- @Override
- public Boolean code(Rcli<?> client) throws CadiException, ConnectException, APIException {
- boolean fail = true;
- Future<RolePermRequest> fgrant = client.create(
- "/authz/role/perm",
- gui.getDF(RolePermRequest.class),
- grantReq
- );
+ String type = trans.get(sType,null);
+ String instance = trans.get(sInstance,null);
+ String action = trans.get(sAction,null);
+ String role = trans.get(sRole,null);
+
+ String lastPage = PermGrantForm.HREF
+ + "?type=" + type + "&instance=" + instance + "&action=" + action;
+
+ // Run Validations
+ boolean fail = true;
+
+ TimeTaken tt = trans.start("AAF Grant Permission to Role",Env.REMOTE);
+ try {
+
+ final RolePermRequest grantReq = new RolePermRequest();
+ Pkey pkey = new Pkey();
+ pkey.setType(type);
+ pkey.setInstance(instance);
+ pkey.setAction(action);
+ grantReq.setPerm(pkey);
+ grantReq.setRole(role);
+
+ fail = gui.clientAsUser(trans.getUserPrincipal(), new Retryable<Boolean>() {
+ @Override
+ public Boolean code(Rcli<?> client) throws CadiException, ConnectException, APIException {
+ boolean fail = true;
+ Future<RolePermRequest> fgrant = client.create(
+ "/authz/role/perm",
+ gui.getDF(RolePermRequest.class),
+ grantReq
+ );
- if(fgrant.get(5000)) {
- hgen.p("Permission has been granted to role.");
- fail = false;
- } else {
- if (202==fgrant.code()) {
- hgen.p("Permission Grant Request sent, but must be Approved before actualizing");
- fail = false;
- } else {
- gui.writeError(trans, fgrant, hgen, 0);
- }
- }
- return fail;
- }
- });
- } catch (Exception e) {
- hgen.p("Unknown Error");
- e.printStackTrace();
- } finally {
- tt.done();
- }
-
- hgen.br();
- hgen.incr("a",true,"href="+lastPage);
- if (fail) {
- hgen.text("Try again");
- } else {
- hgen.text("Grant this Permission to Another Role");
- }
- hgen.end();
- hgen.js()
- .text("alterLink('permgrant', '"+lastPage + "');")
- .done();
+ if(fgrant.get(5000)) {
+ hgen.p("Permission has been granted to role.");
+ fail = false;
+ } else {
+ if (202==fgrant.code()) {
+ hgen.p("Permission Grant Request sent, but must be Approved before actualizing");
+ fail = false;
+ } else {
+ gui.writeError(trans, fgrant, hgen, 0);
+ }
+ }
+ return fail;
+ }
+ });
+ } catch (Exception e) {
+ hgen.p("Unknown Error");
+ e.printStackTrace();
+ } finally {
+ tt.done();
+ }
+
+ hgen.br();
+ hgen.incr("a",true,"href="+lastPage);
+ if (fail) {
+ hgen.text("Try again");
+ } else {
+ hgen.text("Grant this Permission to Another Role");
+ }
+ hgen.end();
+ hgen.js()
+ .text("alterLink('permgrant', '"+lastPage + "');")
+ .done();
- }
- });
- }
- });
- }
+ }
+ });
+ }
+ });
+ }
}
diff --git a/auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/pages/PermGrantForm.java b/auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/pages/PermGrantForm.java
index db3d741b..1ecf3d30 100644
--- a/auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/pages/PermGrantForm.java
+++ b/auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/pages/PermGrantForm.java
@@ -50,108 +50,108 @@ import aaf.v2_0.Role;
import aaf.v2_0.Roles;
public class PermGrantForm extends Page {
- static final String HREF = "/gui/permgrant";
- static final String NAME = "Permission Grant";
- static final String fields[] = {"type","instance","action","role"};
-
- public PermGrantForm(final AAF_GUI gui, final Page ... breadcrumbs) throws APIException, IOException {
- super(gui.env,NAME,HREF, fields,
- new BreadCrumbs(breadcrumbs),
- new NamedCode(true,"content") {
- @Override
- public void code(final Cache<HTMLGen> cache, final HTMLGen hgen) throws APIException, IOException {
- final Slot type = gui.env.slot(NAME+".type");
- final Slot instance = gui.env.slot(NAME+".instance");
- final Slot action = gui.env.slot(NAME+".action");
- final Slot role = gui.env.slot(NAME+".role");
- // p tags not closing right using .p() - causes issues in IE8 password form - so using leaf for the moment
- hgen.leaf("p").text("Choose a role to grant to this permission").end()
- .incr("form","method=post");
- Mark table = new Mark(TABLE);
- hgen.incr(table);
- cache.dynamic(hgen, new DynamicCode<HTMLGen, AAF_GUI, AuthzTrans>() {
- @Override
- public void code(final AAF_GUI gui, final AuthzTrans trans, final Cache<HTMLGen> cache, final HTMLGen hgen) throws APIException, IOException {
-
- Mark copyRoleJS = new Mark();
- hgen.js(copyRoleJS);
- hgen.text("function copyRole(role) {");
- hgen.text("var txtRole = document.querySelector(\"#role\");");
-// hgen.text("if (role==;");
- hgen.text("txtRole.value=role;");
- hgen.text("}");
- hgen.end(copyRoleJS);
-
- String typeValue = trans.get(type, "");
- String instanceValue = trans.get(instance, "");
- String actionValue = trans.get(action, "");
- String roleValue = trans.get(role,null);
- List<String> myRoles = getMyRoles(gui, trans);
- hgen
- .input(fields[0],"Perm Type",true,"value="+typeValue,"disabled")
- .input(fields[1],"Perm Instance",true,"value="+instanceValue,"disabled")
- .input(fields[2],"Perm Action",true,"value="+actionValue,"disabled");
-
- // select & options are not an input type, so we must create table row & cell tags
- Mark selectRow = new Mark();
- hgen
- .incr(selectRow, "tr")
- .incr("td")
- .incr("label", "for=myroles", "required").text("My Roles").end()
- .end()
- .incr("td")
- .incr("select", "name=myroles", "id=myroles", "onchange=copyRole(this.value)")
- .incr("option", "value=").text("Select one of my roles").end();
- for (String role : myRoles) {
- hgen.incr("option", "value="+role).text(role).end();
- }
- hgen
- .incr("option", "value=").text("Other").end()
- .end(selectRow);
- if(roleValue==null) {
- hgen.input(fields[3],"Role", true, "placeholder=or type a role here");
- } else {
- hgen.input(fields[3],"Role",true, "value="+roleValue);
- }
- hgen.end();
- }
- });
- hgen.end();
- hgen.tagOnly("input", "type=submit", "value=Submit")
- .end();
+ static final String HREF = "/gui/permgrant";
+ static final String NAME = "Permission Grant";
+ static final String fields[] = {"type","instance","action","role"};
+
+ public PermGrantForm(final AAF_GUI gui, final Page ... breadcrumbs) throws APIException, IOException {
+ super(gui.env,NAME,HREF, fields,
+ new BreadCrumbs(breadcrumbs),
+ new NamedCode(true,"content") {
+ @Override
+ public void code(final Cache<HTMLGen> cache, final HTMLGen hgen) throws APIException, IOException {
+ final Slot type = gui.env.slot(NAME+".type");
+ final Slot instance = gui.env.slot(NAME+".instance");
+ final Slot action = gui.env.slot(NAME+".action");
+ final Slot role = gui.env.slot(NAME+".role");
+ // p tags not closing right using .p() - causes issues in IE8 password form - so using leaf for the moment
+ hgen.leaf("p").text("Choose a role to grant to this permission").end()
+ .incr("form","method=post");
+ Mark table = new Mark(TABLE);
+ hgen.incr(table);
+ cache.dynamic(hgen, new DynamicCode<HTMLGen, AAF_GUI, AuthzTrans>() {
+ @Override
+ public void code(final AAF_GUI gui, final AuthzTrans trans, final Cache<HTMLGen> cache, final HTMLGen hgen) throws APIException, IOException {
+
+ Mark copyRoleJS = new Mark();
+ hgen.js(copyRoleJS);
+ hgen.text("function copyRole(role) {");
+ hgen.text("var txtRole = document.querySelector(\"#role\");");
+// hgen.text("if (role==;");
+ hgen.text("txtRole.value=role;");
+ hgen.text("}");
+ hgen.end(copyRoleJS);
+
+ String typeValue = trans.get(type, "");
+ String instanceValue = trans.get(instance, "");
+ String actionValue = trans.get(action, "");
+ String roleValue = trans.get(role,null);
+ List<String> myRoles = getMyRoles(gui, trans);
+ hgen
+ .input(fields[0],"Perm Type",true,"value="+typeValue,"disabled")
+ .input(fields[1],"Perm Instance",true,"value="+instanceValue,"disabled")
+ .input(fields[2],"Perm Action",true,"value="+actionValue,"disabled");
+
+ // select & options are not an input type, so we must create table row & cell tags
+ Mark selectRow = new Mark();
+ hgen
+ .incr(selectRow, "tr")
+ .incr("td")
+ .incr("label", "for=myroles", "required").text("My Roles").end()
+ .end()
+ .incr("td")
+ .incr("select", "name=myroles", "id=myroles", "onchange=copyRole(this.value)")
+ .incr("option", "value=").text("Select one of my roles").end();
+ for (String role : myRoles) {
+ hgen.incr("option", "value="+role).text(role).end();
+ }
+ hgen
+ .incr("option", "value=").text("Other").end()
+ .end(selectRow);
+ if(roleValue==null) {
+ hgen.input(fields[3],"Role", true, "placeholder=or type a role here");
+ } else {
+ hgen.input(fields[3],"Role",true, "value="+roleValue);
+ }
+ hgen.end();
+ }
+ });
+ hgen.end();
+ hgen.tagOnly("input", "type=submit", "value=Submit")
+ .end();
- }
- });
- }
-
- private static List<String> getMyRoles(final AAF_GUI gui, final AuthzTrans trans) {
- final List<String> myRoles = new ArrayList<>();
- try {
- gui.clientAsUser(trans.getUserPrincipal(), new Retryable<Void>() {
- @Override
- public Void code(Rcli<?> client) throws CadiException, ConnectException, APIException {
- TimeTaken tt = trans.start("AAF get my roles",Env.REMOTE);
- try {
- Future<Roles> fr = client.read("/authz/roles/user/"+trans.user(),gui.getDF(Roles.class));
- if(fr.get(5000)) {
- tt.done();
- tt = trans.start("Load Data", Env.SUB);
- if (fr.value != null) for (Role r : fr.value.getRole()) {
- myRoles.add(r.getName());
- }
- } else {
- gui.writeError(trans, fr, null, 0);
- }
- } finally {
- tt.done();
- }
- return null;
- }
- });
- } catch (Exception e) {
- e.printStackTrace();
- }
+ }
+ });
+ }
+
+ private static List<String> getMyRoles(final AAF_GUI gui, final AuthzTrans trans) {
+ final List<String> myRoles = new ArrayList<>();
+ try {
+ gui.clientAsUser(trans.getUserPrincipal(), new Retryable<Void>() {
+ @Override
+ public Void code(Rcli<?> client) throws CadiException, ConnectException, APIException {
+ TimeTaken tt = trans.start("AAF get my roles",Env.REMOTE);
+ try {
+ Future<Roles> fr = client.read("/authz/roles/user/"+trans.user(),gui.getDF(Roles.class));
+ if(fr.get(5000)) {
+ tt.done();
+ tt = trans.start("Load Data", Env.SUB);
+ if (fr.value != null) for (Role r : fr.value.getRole()) {
+ myRoles.add(r.getName());
+ }
+ } else {
+ gui.writeError(trans, fr, null, 0);
+ }
+ } finally {
+ tt.done();
+ }
+ return null;
+ }
+ });
+ } catch (Exception e) {
+ e.printStackTrace();
+ }
- return myRoles;
- }
+ return myRoles;
+ }
}
diff --git a/auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/pages/PermHistory.java b/auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/pages/PermHistory.java
index 37a2c22d..f3464bf9 100644
--- a/auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/pages/PermHistory.java
+++ b/auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/pages/PermHistory.java
@@ -57,184 +57,184 @@ import aaf.v2_0.History.Item;
public class PermHistory extends Page {
- static final String NAME="PermHistory";
- static final String HREF = "/gui/permHistory";
- static final String FIELDS[] = {"type","instance","action","dates"};
- static final String WEBPHONE = "http://webphone.att.com/cgi-bin/webphones.pl?id=";
- static enum Month { JANUARY, FEBRUARY, MARCH, APRIL, MAY, JUNE, JULY,
- AUGUST, SEPTEMBER, OCTOBER, NOVEMBER, DECEMBER };
-
- public PermHistory(final AAF_GUI gui, final Page ... breadcrumbs) throws APIException, IOException {
- super(gui.env,NAME,HREF, FIELDS,
- new BreadCrumbs(breadcrumbs),
- new Table<AAF_GUI,AuthzTrans>("History", gui.env.newTransNoAvg(),new Model(gui.env),"class=std"),
- new NamedCode(true, "content") {
- @Override
- public void code(final Cache<HTMLGen> cache, final HTMLGen hgen) throws APIException, IOException {
- final Slot sType = gui.env.slot(NAME+".type");
- final Slot sInstance = gui.env.slot(NAME+".instance");
- final Slot sAction = gui.env.slot(NAME+".action");
- cache.dynamic(hgen, new DynamicCode<HTMLGen, AAF_GUI, AuthzTrans>() {
- @Override
- public void code(final AAF_GUI gui, final AuthzTrans trans, final Cache<HTMLGen> cache, final HTMLGen hgen) throws APIException, IOException {
- String type = trans.get(sType, null);
- String instance = trans.get(sInstance,null);
- String action = trans.get(sAction,null);
-
- // Use Javascript to make the table title more descriptive
- hgen.js()
- .text("var caption = document.querySelector(\".title\");")
- .text("caption.innerHTML='History for Permission [ " + type + " ]';")
- .done();
-
- // Use Javascript to change Link Target to our last visited Detail page
- String lastPage = PermDetail.HREF + "?type=" + type
- + "&instance=" + instance
- + "&action=" + action;
- hgen.js()
- .text("alterLink('permdetail', '"+lastPage + "');")
- .done();
-
- hgen.br();
- hgen.leaf("a", "href=#advanced_search", "onclick=divVisibility('advanced_search');").text("Advanced Search").end()
- .divID("advanced_search", "style=display:none");
- hgen.incr("table");
-
- addDateRow(hgen,"Start Date");
- addDateRow(hgen,"End Date");
- hgen.incr("tr").incr("td");
- hgen.tagOnly("input", "type=button","value=Get History",
- "onclick=datesURL('"+HREF+"?type=" + type
- + "&instance=" + instance
- + "&action=" + action+"');");
- hgen.end().end();
- hgen.end();
- hgen.end();
- }
- });
- }
- }
+ static final String NAME="PermHistory";
+ static final String HREF = "/gui/permHistory";
+ static final String FIELDS[] = {"type","instance","action","dates"};
+ static final String WEBPHONE = "http://webphone.att.com/cgi-bin/webphones.pl?id=";
+ static enum Month { JANUARY, FEBRUARY, MARCH, APRIL, MAY, JUNE, JULY,
+ AUGUST, SEPTEMBER, OCTOBER, NOVEMBER, DECEMBER };
+
+ public PermHistory(final AAF_GUI gui, final Page ... breadcrumbs) throws APIException, IOException {
+ super(gui.env,NAME,HREF, FIELDS,
+ new BreadCrumbs(breadcrumbs),
+ new Table<AAF_GUI,AuthzTrans>("History", gui.env.newTransNoAvg(),new Model(gui.env),"class=std"),
+ new NamedCode(true, "content") {
+ @Override
+ public void code(final Cache<HTMLGen> cache, final HTMLGen hgen) throws APIException, IOException {
+ final Slot sType = gui.env.slot(NAME+".type");
+ final Slot sInstance = gui.env.slot(NAME+".instance");
+ final Slot sAction = gui.env.slot(NAME+".action");
+ cache.dynamic(hgen, new DynamicCode<HTMLGen, AAF_GUI, AuthzTrans>() {
+ @Override
+ public void code(final AAF_GUI gui, final AuthzTrans trans, final Cache<HTMLGen> cache, final HTMLGen hgen) throws APIException, IOException {
+ String type = trans.get(sType, null);
+ String instance = trans.get(sInstance,null);
+ String action = trans.get(sAction,null);
+
+ // Use Javascript to make the table title more descriptive
+ hgen.js()
+ .text("var caption = document.querySelector(\".title\");")
+ .text("caption.innerHTML='History for Permission [ " + type + " ]';")
+ .done();
+
+ // Use Javascript to change Link Target to our last visited Detail page
+ String lastPage = PermDetail.HREF + "?type=" + type
+ + "&instance=" + instance
+ + "&action=" + action;
+ hgen.js()
+ .text("alterLink('permdetail', '"+lastPage + "');")
+ .done();
+
+ hgen.br();
+ hgen.leaf("a", "href=#advanced_search", "onclick=divVisibility('advanced_search');").text("Advanced Search").end()
+ .divID("advanced_search", "style=display:none");
+ hgen.incr("table");
+
+ addDateRow(hgen,"Start Date");
+ addDateRow(hgen,"End Date");
+ hgen.incr("tr").incr("td");
+ hgen.tagOnly("input", "type=button","value=Get History",
+ "onclick=datesURL('"+HREF+"?type=" + type
+ + "&instance=" + instance
+ + "&action=" + action+"');");
+ hgen.end().end();
+ hgen.end();
+ hgen.end();
+ }
+ });
+ }
+ }
- );
-
- }
-
- private static void addDateRow(HTMLGen hgen, String s) {
- hgen
- .incr("tr")
- .incr("td")
- .incr("label", "for=month", "required").text(s+"*").end()
- .end()
- .incr("td")
- .incr("select", "name=month"+s.substring(0, s.indexOf(' ')), "id=month"+s.substring(0, s.indexOf(' ')), "required")
- .incr("option", "value=").text("Month").end();
- for (Month m : Month.values()) {
- if (Calendar.getInstance().get(Calendar.MONTH) == m.ordinal()) {
- hgen.incr("option", "selected", "value="+(m.ordinal()+1)).text(m.name()).end();
- } else {
- hgen.incr("option", "value="+(m.ordinal()+1)).text(m.name()).end();
- }
- }
- hgen.end()
- .end()
- .incr("td")
- .tagOnly("input","type=number","id=year"+s.substring(0, s.indexOf(' ')),"required",
- "value="+Calendar.getInstance().get(Calendar.YEAR), "min=1900",
- "max="+Calendar.getInstance().get(Calendar.YEAR),
- "placeholder=Year").end()
- .end();
- }
-
- /**
- * Implement the Table Content for History
- *
- * @author Jeremiah
- *
- */
- private static class Model extends TableData<AAF_GUI,AuthzTrans> {
- private static final String[] headers = new String[] {"Date","User","Memo"};
- private Slot sType;
- private Slot sDates;
-
- public Model(AuthzEnv env) {
- sType = env.slot(NAME+".type");
- sDates = env.slot(NAME+".dates");
- }
-
- @Override
- public String[] headers() {
- return headers;
- }
-
- @Override
- public Cells get(final AuthzTrans trans, final AAF_GUI gui) {
- final String oName = trans.get(sType,null);
- final String oDates = trans.get(sDates,null);
-
- if(oName==null) {
- return Cells.EMPTY;
- }
-
- final ArrayList<AbsCell[]> rv = new ArrayList<>();
- String msg = null;
- try {
- gui.clientAsUser(trans.getUserPrincipal(), new Retryable<Void>() {
- @Override
- public Void code(Rcli<?> client) throws CadiException, ConnectException, APIException {
- TimeTaken tt = trans.start("AAF Get History for Permission ["+oName+"]",Env.REMOTE);
- try {
- if (oDates != null) {
- client.setQueryParams("yyyymm="+oDates);
- }
- Future<History> fh = client.read(
- "/authz/hist/perm/"+oName,
- gui.getDF(History.class)
- );
-
-
- if (fh.get(AAF_GUI.TIMEOUT)) {
- tt.done();
- tt = trans.start("Load History Data", Env.SUB);
- List<Item> histItems = fh.value.getItem();
-
- java.util.Collections.sort(histItems, new Comparator<Item>() {
- @Override
- public int compare(Item o1, Item o2) {
- return o2.getTimestamp().compare(o1.getTimestamp());
- }
- });
-
- for (Item i : histItems) {
- String user = i.getUser();
- AbsCell userCell = new TextCell(user);
- String memo = i.getMemo().replace("<script>", "&lt;script&gt;").replace("</script>", "&lt;/script&gt;");
- rv.add(new AbsCell[] {
- new TextCell(i.getTimestamp().toGregorianCalendar().getTime().toString()),
- userCell,
- new TextCell(memo)
- });
- }
-
- } else {
- if (fh.code()==403) {
- rv.add(new AbsCell[] {new TextCell("You may not view History of Permission [" + oName + "]", "colspan = 3", "class=center")});
- } else {
- rv.add(new AbsCell[] {new TextCell("*** Data Unavailable ***", "colspan = 3", "class=center")});
- }
- }
- } finally {
- tt.done();
- }
+ );
+
+ }
+
+ private static void addDateRow(HTMLGen hgen, String s) {
+ hgen
+ .incr("tr")
+ .incr("td")
+ .incr("label", "for=month", "required").text(s+"*").end()
+ .end()
+ .incr("td")
+ .incr("select", "name=month"+s.substring(0, s.indexOf(' ')), "id=month"+s.substring(0, s.indexOf(' ')), "required")
+ .incr("option", "value=").text("Month").end();
+ for (Month m : Month.values()) {
+ if (Calendar.getInstance().get(Calendar.MONTH) == m.ordinal()) {
+ hgen.incr("option", "selected", "value="+(m.ordinal()+1)).text(m.name()).end();
+ } else {
+ hgen.incr("option", "value="+(m.ordinal()+1)).text(m.name()).end();
+ }
+ }
+ hgen.end()
+ .end()
+ .incr("td")
+ .tagOnly("input","type=number","id=year"+s.substring(0, s.indexOf(' ')),"required",
+ "value="+Calendar.getInstance().get(Calendar.YEAR), "min=1900",
+ "max="+Calendar.getInstance().get(Calendar.YEAR),
+ "placeholder=Year").end()
+ .end();
+ }
+
+ /**
+ * Implement the Table Content for History
+ *
+ * @author Jeremiah
+ *
+ */
+ private static class Model extends TableData<AAF_GUI,AuthzTrans> {
+ private static final String[] headers = new String[] {"Date","User","Memo"};
+ private Slot sType;
+ private Slot sDates;
+
+ public Model(AuthzEnv env) {
+ sType = env.slot(NAME+".type");
+ sDates = env.slot(NAME+".dates");
+ }
+
+ @Override
+ public String[] headers() {
+ return headers;
+ }
+
+ @Override
+ public Cells get(final AuthzTrans trans, final AAF_GUI gui) {
+ final String oName = trans.get(sType,null);
+ final String oDates = trans.get(sDates,null);
+
+ if(oName==null) {
+ return Cells.EMPTY;
+ }
+
+ final ArrayList<AbsCell[]> rv = new ArrayList<>();
+ String msg = null;
+ try {
+ gui.clientAsUser(trans.getUserPrincipal(), new Retryable<Void>() {
+ @Override
+ public Void code(Rcli<?> client) throws CadiException, ConnectException, APIException {
+ TimeTaken tt = trans.start("AAF Get History for Permission ["+oName+"]",Env.REMOTE);
+ try {
+ if (oDates != null) {
+ client.setQueryParams("yyyymm="+oDates);
+ }
+ Future<History> fh = client.read(
+ "/authz/hist/perm/"+oName,
+ gui.getDF(History.class)
+ );
+
+
+ if (fh.get(AAF_GUI.TIMEOUT)) {
+ tt.done();
+ tt = trans.start("Load History Data", Env.SUB);
+ List<Item> histItems = fh.value.getItem();
+
+ java.util.Collections.sort(histItems, new Comparator<Item>() {
+ @Override
+ public int compare(Item o1, Item o2) {
+ return o2.getTimestamp().compare(o1.getTimestamp());
+ }
+ });
+
+ for (Item i : histItems) {
+ String user = i.getUser();
+ AbsCell userCell = new TextCell(user);
+ String memo = i.getMemo().replace("<script>", "&lt;script&gt;").replace("</script>", "&lt;/script&gt;");
+ rv.add(new AbsCell[] {
+ new TextCell(i.getTimestamp().toGregorianCalendar().getTime().toString()),
+ userCell,
+ new TextCell(memo)
+ });
+ }
+
+ } else {
+ if (fh.code()==403) {
+ rv.add(new AbsCell[] {new TextCell("You may not view History of Permission [" + oName + "]", "colspan = 3", "class=center")});
+ } else {
+ rv.add(new AbsCell[] {new TextCell("*** Data Unavailable ***", "colspan = 3", "class=center")});
+ }
+ }
+ } finally {
+ tt.done();
+ }
- return null;
- }
- });
-
- } catch (Exception e) {
- trans.error().log(e);
- }
- return new Cells(rv,msg);
- }
- }
+ return null;
+ }
+ });
+
+ } catch (Exception e) {
+ trans.error().log(e);
+ }
+ return new Cells(rv,msg);
+ }
+ }
}
diff --git a/auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/pages/PermsShow.java b/auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/pages/PermsShow.java
index 9b39945d..22ba95b9 100644
--- a/auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/pages/PermsShow.java
+++ b/auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/pages/PermsShow.java
@@ -53,69 +53,69 @@ import aaf.v2_0.Perms;
*
*/
public class PermsShow extends Page {
- public static final String HREF = "/gui/myperms";
-
- public PermsShow(final AAF_GUI gui, final Page ... breadcrumbs) throws APIException, IOException {
- super(gui.env, "MyPerms",HREF, NO_FIELDS,
- new BreadCrumbs(breadcrumbs),
- new Table<AAF_GUI,AuthzTrans>("Permissions",gui.env.newTransNoAvg(),new Model(), "class=std"));
- }
+ public static final String HREF = "/gui/myperms";
+
+ public PermsShow(final AAF_GUI gui, final Page ... breadcrumbs) throws APIException, IOException {
+ super(gui.env, "MyPerms",HREF, NO_FIELDS,
+ new BreadCrumbs(breadcrumbs),
+ new Table<AAF_GUI,AuthzTrans>("Permissions",gui.env.newTransNoAvg(),new Model(), "class=std"));
+ }
- /**
- * Implement the Table Content for Permissions by User
- *
- * @author Jonathan
- *
- */
- private static class Model extends TableData<AAF_GUI,AuthzTrans> {
- private static final String[] headers = new String[] {"Type","Instance","Action"};
+ /**
+ * Implement the Table Content for Permissions by User
+ *
+ * @author Jonathan
+ *
+ */
+ private static class Model extends TableData<AAF_GUI,AuthzTrans> {
+ private static final String[] headers = new String[] {"Type","Instance","Action"};
- @Override
- public String[] headers() {
- return headers;
- }
-
- @Override
- public Cells get(final AuthzTrans trans, final AAF_GUI gui) {
- final ArrayList<AbsCell[]> rv = new ArrayList<>();
- TimeTaken tt = trans.start("AAF Perms by User",Env.REMOTE);
- try {
- gui.clientAsUser(trans.getUserPrincipal(), new Retryable<Void>() {
- @Override
- public Void code(Rcli<?> client) throws CadiException, ConnectException, APIException {
- Future<Perms> fp = client.read("/authz/perms/user/"+trans.user(), gui.getDF(Perms.class));
- if(fp.get(5000)) {
- TimeTaken ttld = trans.start("Load Data", Env.SUB);
- try {
- if(fp.value!=null) {
- for(Perm p : fp.value.getPerm()) {
- AbsCell[] sa = new AbsCell[] {
- new RefCell(p.getType(),PermDetail.HREF
- +"?type="+p.getType()
- +"&amp;instance="+p.getInstance()
- +"&amp;action="+p.getAction(),
- false),
- new TextCell(p.getInstance()),
- new TextCell(p.getAction())
- };
- rv.add(sa);
- }
- } else {
- gui.writeError(trans, fp, null,0);
- }
- } finally {
- ttld.done();
- }
- }
- return null;
- }
- });
- } catch (Exception e) {
- trans.error().log(e);
- } finally {
- tt.done();
- }
- return new Cells(rv,null);
- }
- }
+ @Override
+ public String[] headers() {
+ return headers;
+ }
+
+ @Override
+ public Cells get(final AuthzTrans trans, final AAF_GUI gui) {
+ final ArrayList<AbsCell[]> rv = new ArrayList<>();
+ TimeTaken tt = trans.start("AAF Perms by User",Env.REMOTE);
+ try {
+ gui.clientAsUser(trans.getUserPrincipal(), new Retryable<Void>() {
+ @Override
+ public Void code(Rcli<?> client) throws CadiException, ConnectException, APIException {
+ Future<Perms> fp = client.read("/authz/perms/user/"+trans.user(), gui.getDF(Perms.class));
+ if(fp.get(5000)) {
+ TimeTaken ttld = trans.start("Load Data", Env.SUB);
+ try {
+ if(fp.value!=null) {
+ for(Perm p : fp.value.getPerm()) {
+ AbsCell[] sa = new AbsCell[] {
+ new RefCell(p.getType(),PermDetail.HREF
+ +"?type="+p.getType()
+ +"&amp;instance="+p.getInstance()
+ +"&amp;action="+p.getAction(),
+ false),
+ new TextCell(p.getInstance()),
+ new TextCell(p.getAction())
+ };
+ rv.add(sa);
+ }
+ } else {
+ gui.writeError(trans, fp, null,0);
+ }
+ } finally {
+ ttld.done();
+ }
+ }
+ return null;
+ }
+ });
+ } catch (Exception e) {
+ trans.error().log(e);
+ } finally {
+ tt.done();
+ }
+ return new Cells(rv,null);
+ }
+ }
}
diff --git a/auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/pages/RequestDetail.java b/auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/pages/RequestDetail.java
index 3e959ef5..0d0d03ad 100644
--- a/auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/pages/RequestDetail.java
+++ b/auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/pages/RequestDetail.java
@@ -51,124 +51,124 @@ import aaf.v2_0.Approval;
import aaf.v2_0.Approvals;
public class RequestDetail extends Page {
- public static final String HREF = "/gui/requestdetail";
- public static final String NAME = "RequestDetail";
- private static final String DATE_TIME_FORMAT = "yyyy-MM-dd HH:mm:ss";
- public static final String[] FIELDS = {"ticket"};
+ public static final String HREF = "/gui/requestdetail";
+ public static final String NAME = "RequestDetail";
+ private static final String DATE_TIME_FORMAT = "yyyy-MM-dd HH:mm:ss";
+ public static final String[] FIELDS = {"ticket"};
- public RequestDetail(final AAF_GUI gui, Page ... breadcrumbs) throws APIException, IOException {
- super(gui.env, NAME, HREF, FIELDS,
- new BreadCrumbs(breadcrumbs),
- new Table<AAF_GUI,AuthzTrans>("Request Details",gui.env.newTransNoAvg(),new Model(gui.env),"class=detail")
- );
- }
+ public RequestDetail(final AAF_GUI gui, Page ... breadcrumbs) throws APIException, IOException {
+ super(gui.env, NAME, HREF, FIELDS,
+ new BreadCrumbs(breadcrumbs),
+ new Table<AAF_GUI,AuthzTrans>("Request Details",gui.env.newTransNoAvg(),new Model(gui.env),"class=detail")
+ );
+ }
- /**
- * Implement the table content for Request Detail
- *
- * @author Jeremiah
- *
- */
- private static class Model extends TableData<AAF_GUI,AuthzTrans> {
- final long NUM_100NS_INTERVALS_SINCE_UUID_EPOCH = 0x01b21dd213814000L;
- private Slot sTicket;
- public Model(AuthzEnv env) {
- sTicket = env.slot(NAME+".ticket");
- }
+ /**
+ * Implement the table content for Request Detail
+ *
+ * @author Jeremiah
+ *
+ */
+ private static class Model extends TableData<AAF_GUI,AuthzTrans> {
+ final long NUM_100NS_INTERVALS_SINCE_UUID_EPOCH = 0x01b21dd213814000L;
+ private Slot sTicket;
+ public Model(AuthzEnv env) {
+ sTicket = env.slot(NAME+".ticket");
+ }
- @Override
- public Cells get(final AuthzTrans trans, final AAF_GUI gui) {
- Cells rv=Cells.EMPTY;
- final String ticket = trans.get(sTicket, null);
- if(ticket!=null) {
- try {
- rv = gui.clientAsUser(trans.getUserPrincipal(), new Retryable<Cells>() {
- @Override
- public Cells code(Rcli<?> client) throws CadiException, ConnectException, APIException {
- TimeTaken tt = trans.start("AAF Approval Details",Env.REMOTE);
- ArrayList<AbsCell[]> rv = new ArrayList<>();
- try {
- Future<Approvals> fa = client.read(
- "/authz/approval/ticket/"+ticket,
- gui.getDF(Approvals.class)
- );
-
- if(fa.get(AAF_GUI.TIMEOUT)) {
- if (!trans.user().equals(fa.value.getApprovals().get(0).getUser())) {
- return Cells.EMPTY;
- }
- tt.done();
- tt = trans.start("Load Data", Env.SUB);
- boolean first = true;
- for ( Approval approval : fa.value.getApprovals()) {
- AbsCell[] approverLine = new AbsCell[4];
- // only print common elements once
- if (first) {
- DateFormat createdDF = new SimpleDateFormat(DATE_TIME_FORMAT);
- UUID id = UUID.fromString(approval.getId());
-
- rv.add(new AbsCell[]{new TextCell("Ticket ID:"),new TextCell(approval.getTicket(),"colspan=3")});
- rv.add(new AbsCell[]{new TextCell("Memo:"),new TextCell(approval.getMemo(),"colspan=3")});
- rv.add(new AbsCell[]{new TextCell("Requested On:"),
- new TextCell(createdDF.format((id.timestamp() - NUM_100NS_INTERVALS_SINCE_UUID_EPOCH)/10000),"colspan=3")
- });
- rv.add(new AbsCell[]{new TextCell("Operation:"),new TextCell(decodeOp(approval.getOperation()),"colspan=3")});
- String user = approval.getUser();
- rv.add(new AbsCell[]{new TextCell("User:"),new TextCell(user,"colspan=3")});
-
- // headers for listing each approver
- rv.add(new AbsCell[]{new TextCell(" ","colspan=4","class=blank_line")});
- rv.add(new AbsCell[]{AbsCell.Null,
- new TextCell("Approver","class=bold"),
- new TextCell("Type","class=bold"),
- new TextCell("Status","class=bold")});
- approverLine[0] = new TextCell("Approvals:");
-
- first = false;
- } else {
- approverLine[0] = AbsCell.Null;
- }
-
- approverLine[1] = new TextCell(approval.getApprover());
- String type = approval.getType();
- if ("owner".equalsIgnoreCase(type)) {
- type = "resource owner";
- }
-
- approverLine[2] = new TextCell(type);
- approverLine[3] = new TextCell(approval.getStatus());
- rv.add(approverLine);
-
- }
- } else {
- rv.add(new AbsCell[] {new TextCell("*** Data Unavailable ***")});
- }
- } finally {
- tt.done();
- }
- return new Cells(rv,null);
- }
- });
- } catch (Exception e) {
- trans.error().log(e);
- }
- }
- return rv;
- }
+ @Override
+ public Cells get(final AuthzTrans trans, final AAF_GUI gui) {
+ Cells rv=Cells.EMPTY;
+ final String ticket = trans.get(sTicket, null);
+ if(ticket!=null) {
+ try {
+ rv = gui.clientAsUser(trans.getUserPrincipal(), new Retryable<Cells>() {
+ @Override
+ public Cells code(Rcli<?> client) throws CadiException, ConnectException, APIException {
+ TimeTaken tt = trans.start("AAF Approval Details",Env.REMOTE);
+ ArrayList<AbsCell[]> rv = new ArrayList<>();
+ try {
+ Future<Approvals> fa = client.read(
+ "/authz/approval/ticket/"+ticket,
+ gui.getDF(Approvals.class)
+ );
+
+ if(fa.get(AAF_GUI.TIMEOUT)) {
+ if (!trans.user().equals(fa.value.getApprovals().get(0).getUser())) {
+ return Cells.EMPTY;
+ }
+ tt.done();
+ tt = trans.start("Load Data", Env.SUB);
+ boolean first = true;
+ for ( Approval approval : fa.value.getApprovals()) {
+ AbsCell[] approverLine = new AbsCell[4];
+ // only print common elements once
+ if (first) {
+ DateFormat createdDF = new SimpleDateFormat(DATE_TIME_FORMAT);
+ UUID id = UUID.fromString(approval.getId());
+
+ rv.add(new AbsCell[]{new TextCell("Ticket ID:"),new TextCell(approval.getTicket(),"colspan=3")});
+ rv.add(new AbsCell[]{new TextCell("Memo:"),new TextCell(approval.getMemo(),"colspan=3")});
+ rv.add(new AbsCell[]{new TextCell("Requested On:"),
+ new TextCell(createdDF.format((id.timestamp() - NUM_100NS_INTERVALS_SINCE_UUID_EPOCH)/10000),"colspan=3")
+ });
+ rv.add(new AbsCell[]{new TextCell("Operation:"),new TextCell(decodeOp(approval.getOperation()),"colspan=3")});
+ String user = approval.getUser();
+ rv.add(new AbsCell[]{new TextCell("User:"),new TextCell(user,"colspan=3")});
+
+ // headers for listing each approver
+ rv.add(new AbsCell[]{new TextCell(" ","colspan=4","class=blank_line")});
+ rv.add(new AbsCell[]{AbsCell.Null,
+ new TextCell("Approver","class=bold"),
+ new TextCell("Type","class=bold"),
+ new TextCell("Status","class=bold")});
+ approverLine[0] = new TextCell("Approvals:");
+
+ first = false;
+ } else {
+ approverLine[0] = AbsCell.Null;
+ }
+
+ approverLine[1] = new TextCell(approval.getApprover());
+ String type = approval.getType();
+ if ("owner".equalsIgnoreCase(type)) {
+ type = "resource owner";
+ }
+
+ approverLine[2] = new TextCell(type);
+ approverLine[3] = new TextCell(approval.getStatus());
+ rv.add(approverLine);
+
+ }
+ } else {
+ rv.add(new AbsCell[] {new TextCell("*** Data Unavailable ***")});
+ }
+ } finally {
+ tt.done();
+ }
+ return new Cells(rv,null);
+ }
+ });
+ } catch (Exception e) {
+ trans.error().log(e);
+ }
+ }
+ return rv;
+ }
- private String decodeOp(String operation) {
- if ("C".equalsIgnoreCase(operation)) {
- return "Create";
- } else if ("D".equalsIgnoreCase(operation)) {
- return "Delete";
- } else if ("U".equalsIgnoreCase(operation)) {
- return "Update";
- } else if ("G".equalsIgnoreCase(operation)) {
- return "Grant";
- } else if ("UG".equalsIgnoreCase(operation)) {
- return "Un-Grant";
- }
- return operation;
- }
- }
+ private String decodeOp(String operation) {
+ if ("C".equalsIgnoreCase(operation)) {
+ return "Create";
+ } else if ("D".equalsIgnoreCase(operation)) {
+ return "Delete";
+ } else if ("U".equalsIgnoreCase(operation)) {
+ return "Update";
+ } else if ("G".equalsIgnoreCase(operation)) {
+ return "Grant";
+ } else if ("UG".equalsIgnoreCase(operation)) {
+ return "Un-Grant";
+ }
+ return operation;
+ }
+ }
}
diff --git a/auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/pages/RoleDetail.java b/auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/pages/RoleDetail.java
index d7b0da0f..d5a89c2c 100644
--- a/auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/pages/RoleDetail.java
+++ b/auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/pages/RoleDetail.java
@@ -68,232 +68,232 @@ import aaf.v2_0.UserRoles;
*
*/
public class RoleDetail extends Page {
- public static final String HREF = "/gui/roledetail";
- public static final String NAME = "RoleDetail";
- private static final String BLANK = "";
+ public static final String HREF = "/gui/roledetail";
+ public static final String NAME = "RoleDetail";
+ private static final String BLANK = "";
- public RoleDetail(final AAF_GUI gui, Page ... breadcrumbs) throws APIException, IOException {
- super(gui.env, NAME, HREF, new String[] {"role","ns"},
- new BreadCrumbs(breadcrumbs),
- new Table<AAF_GUI,AuthzTrans>("Role Details",gui.env.newTransNoAvg(),
- new Model(gui.env),"class=detail")
- );
- }
+ public RoleDetail(final AAF_GUI gui, Page ... breadcrumbs) throws APIException, IOException {
+ super(gui.env, NAME, HREF, new String[] {"role","ns"},
+ new BreadCrumbs(breadcrumbs),
+ new Table<AAF_GUI,AuthzTrans>("Role Details",gui.env.newTransNoAvg(),
+ new Model(gui.env),"class=detail")
+ );
+ }
- /**
- * Implement the table content for Permissions Detail
- *
- * @author Jonathan
- *
- */
- private static class Model extends TableData<AAF_GUI,AuthzTrans> {
- private static final String ACCESS = "access";
- private Slot sRoleName,sRole,sUserRole,sMayWrite,sMayApprove,sMark,sNS;
- public Model(AuthzEnv env) {
- sRoleName = env.slot(NAME+".role");
- sRole = env.slot(NAME+".data.role");
- sUserRole = env.slot(NAME+".data.userrole");
- sMayWrite = env.slot(NAME+"mayWrite");
- sMayApprove = env.slot(NAME+"mayApprove");
- sMark = env.slot(NAME+"mark");
- sNS = env.slot(NAME+".ns");
- }
+ /**
+ * Implement the table content for Permissions Detail
+ *
+ * @author Jonathan
+ *
+ */
+ private static class Model extends TableData<AAF_GUI,AuthzTrans> {
+ private static final String ACCESS = "access";
+ private Slot sRoleName,sRole,sUserRole,sMayWrite,sMayApprove,sMark,sNS;
+ public Model(AuthzEnv env) {
+ sRoleName = env.slot(NAME+".role");
+ sRole = env.slot(NAME+".data.role");
+ sUserRole = env.slot(NAME+".data.userrole");
+ sMayWrite = env.slot(NAME+"mayWrite");
+ sMayApprove = env.slot(NAME+"mayApprove");
+ sMark = env.slot(NAME+"mark");
+ sNS = env.slot(NAME+".ns");
+ }
- /* (non-Javadoc)
- * @see org.onap.aaf.auth.gui.table.TableData#prefix(org.onap.aaf.misc.xgen.html.State, com.att.inno.env.Trans, org.onap.aaf.misc.xgen.Cache, org.onap.aaf.misc.xgen.html.HTMLGen)
- */
- @Override
- public void prefix(final AAF_GUI gui, final AuthzTrans trans, final Cache<HTMLGen> cache, final HTMLGen hgen) {
- final String pRole = trans.get(sRoleName, null);
- Validator v = new Validator();
- v.role(pRole);
- if(v.err()) {
- trans.warn().printf("Error in PermDetail Request: %s", v.errs());
- return;
- }
+ /* (non-Javadoc)
+ * @see org.onap.aaf.auth.gui.table.TableData#prefix(org.onap.aaf.misc.xgen.html.State, com.att.inno.env.Trans, org.onap.aaf.misc.xgen.Cache, org.onap.aaf.misc.xgen.html.HTMLGen)
+ */
+ @Override
+ public void prefix(final AAF_GUI gui, final AuthzTrans trans, final Cache<HTMLGen> cache, final HTMLGen hgen) {
+ final String pRole = trans.get(sRoleName, null);
+ Validator v = new Validator();
+ v.role(pRole);
+ if(v.err()) {
+ trans.warn().printf("Error in PermDetail Request: %s", v.errs());
+ return;
+ }
-
- try {
- gui.clientAsUser(trans.getUserPrincipal(), new Retryable<Boolean>() {
- @Override
- public Boolean code(Rcli<?> client) throws CadiException, ConnectException, APIException {
- TimeTaken tt = trans.start("AAF Role Details",Env.REMOTE);
- try {
- Future<Roles> fr = client.read("/authz/roles/"+pRole+"?ns",gui.getDF(Roles.class));
- Future<UserRoles> fur = client.read("/authz/userRoles/role/"+pRole,gui.getDF(UserRoles.class));
- if(fr.get(AAF_GUI.TIMEOUT)) {
- List<Role> roles = fr.value.getRole();
- if(!roles.isEmpty()) {
- Role role = fr.value.getRole().get(0);
- trans.put(sRole, role);
- Boolean mayWrite = trans.fish(new AAFPermission(role.getNs(),ACCESS,":role:"+role.getName(),"write"));
- trans.put(sMayWrite,mayWrite);
- Boolean mayApprove = trans.fish(new AAFPermission(role.getNs(),ACCESS,":role:"+role.getName(),"approve"));
- trans.put(sMayApprove, mayApprove);
-
- if(mayWrite || mayApprove) {
- Mark js = new Mark();
- Mark fn = new Mark();
- hgen.js(js)
- .function(fn,"touchedDesc")
- .li("d=document.getElementById('descText');",
- "if (d.orig == undefined ) {",
- " d.orig = d.value;",
- " d.addEventListener('keyup',changedDesc);",
- " d.removeEventListener('keypress',touchedDesc);",
- "}").end(fn)
- .function(fn,"changedDesc")
- .li(
- "dcb=document.getElementById('descCB');",
- "d=document.getElementById('descText');",
- "dcb.checked= (d.orig != d.value)"
- ).end(fn)
- .end(js);
-
- Mark mark = new Mark();
- hgen.incr(mark,"form","method=post");
- trans.put(sMark, mark);
- }
- }
- } else {
- trans.error().printf("Error calling AAF for Roles in GUI, Role Detail %d: %s",fr.code(),fr.body());
- return false;
- }
-
- if(fur.get(AAF_GUI.TIMEOUT)) {
- trans.put(sUserRole, fur.value.getUserRole());
- } else {
- trans.error().printf("Error calling AAF for UserRoles in GUI, Role Detail %d: %s",fr.code(),fr.body());
- return false;
- }
+
+ try {
+ gui.clientAsUser(trans.getUserPrincipal(), new Retryable<Boolean>() {
+ @Override
+ public Boolean code(Rcli<?> client) throws CadiException, ConnectException, APIException {
+ TimeTaken tt = trans.start("AAF Role Details",Env.REMOTE);
+ try {
+ Future<Roles> fr = client.read("/authz/roles/"+pRole+"?ns",gui.getDF(Roles.class));
+ Future<UserRoles> fur = client.read("/authz/userRoles/role/"+pRole,gui.getDF(UserRoles.class));
+ if(fr.get(AAF_GUI.TIMEOUT)) {
+ List<Role> roles = fr.value.getRole();
+ if(!roles.isEmpty()) {
+ Role role = fr.value.getRole().get(0);
+ trans.put(sRole, role);
+ Boolean mayWrite = trans.fish(new AAFPermission(role.getNs(),ACCESS,":role:"+role.getName(),"write"));
+ trans.put(sMayWrite,mayWrite);
+ Boolean mayApprove = trans.fish(new AAFPermission(role.getNs(),ACCESS,":role:"+role.getName(),"approve"));
+ trans.put(sMayApprove, mayApprove);
+
+ if(mayWrite || mayApprove) {
+ Mark js = new Mark();
+ Mark fn = new Mark();
+ hgen.js(js)
+ .function(fn,"touchedDesc")
+ .li("d=document.getElementById('descText');",
+ "if (d.orig == undefined ) {",
+ " d.orig = d.value;",
+ " d.addEventListener('keyup',changedDesc);",
+ " d.removeEventListener('keypress',touchedDesc);",
+ "}").end(fn)
+ .function(fn,"changedDesc")
+ .li(
+ "dcb=document.getElementById('descCB');",
+ "d=document.getElementById('descText');",
+ "dcb.checked= (d.orig != d.value)"
+ ).end(fn)
+ .end(js);
+
+ Mark mark = new Mark();
+ hgen.incr(mark,"form","method=post");
+ trans.put(sMark, mark);
+ }
+ }
+ } else {
+ trans.error().printf("Error calling AAF for Roles in GUI, Role Detail %d: %s",fr.code(),fr.body());
+ return false;
+ }
+
+ if(fur.get(AAF_GUI.TIMEOUT)) {
+ trans.put(sUserRole, fur.value.getUserRole());
+ } else {
+ trans.error().printf("Error calling AAF for UserRoles in GUI, Role Detail %d: %s",fr.code(),fr.body());
+ return false;
+ }
- return true;
- } finally {
- tt.done();
- }
- }
- });
- } catch (Exception e) {
- trans.error().log(e);
- }
- }
+ return true;
+ } finally {
+ tt.done();
+ }
+ }
+ });
+ } catch (Exception e) {
+ trans.error().log(e);
+ }
+ }
- @Override
- public Cells get(final AuthzTrans trans, final AAF_GUI gui) {
- final String pRole = trans.get(sRoleName, null);
- final Role role = trans.get(sRole,null);
- ArrayList<AbsCell[]> rv = new ArrayList<>();
-
- if(role!=null) {
- boolean mayWrite = trans.get(sMayWrite, false);
- boolean mayApprove = trans.get(sMayApprove, false);
+ @Override
+ public Cells get(final AuthzTrans trans, final AAF_GUI gui) {
+ final String pRole = trans.get(sRoleName, null);
+ final Role role = trans.get(sRole,null);
+ ArrayList<AbsCell[]> rv = new ArrayList<>();
+
+ if(role!=null) {
+ boolean mayWrite = trans.get(sMayWrite, false);
+ boolean mayApprove = trans.get(sMayApprove, false);
- String desc = (role.getDescription()!=null?role.getDescription():BLANK);
- rv.add(new AbsCell[]{
- new TextCell("Role:","width=45%"),
- new TextCell(pRole)});
- if(mayWrite) {
- rv.add(new AbsCell[]{
- new TextCell("Description:","width=45%"),
- new TextInputCell("description","textInput",desc,"id=descText","onkeypress=touchedDesc()"),
- new CheckBoxCell("desc",ALIGN.left, "changed","id=descCB", "style=visibility: hidden"),
- });
- rv.add(AbsCell.HLINE);
- rv.add(new AbsCell[] {
- new TextCell("Associated Permissions:","width=25%"),
- new TextCell("UnGrant","width=10%"),
- });
- } else {
- rv.add(new AbsCell[]{
- new TextCell("Description:","width=45%"),
- new TextCell(desc)});
- }
- boolean protectedRole = role.getName().endsWith(".owner") ||
- role.getName().endsWith(".admin");
- boolean first = true;
- for(Pkey r : role.getPerms()) {
- String key=r.getType() + '|' + r.getInstance() + '|' + r.getAction();
- if(mayWrite) {
- rv.add(new AbsCell[] {
- AbsCell.Null,
- protectedRole && r.getType().endsWith(".access")
- ?new TextCell("protected","class=protected") // Do not allow ungranting of basic NS perms
- :new CheckBoxCell("perm.ungrant",key),
- new TextCell("","width=10%"),
- new TextCell(key)
- });
- } else {
- if(first) {
- rv.add(new AbsCell[] {
- new TextCell("Associated Permissions:","width=45%"),
- new TextCell(key)
- });
- first=false;
- } else {
- rv.add(new AbsCell[] {
- AbsCell.Null,
- new TextCell(key)
- });
- }
- }
- }
-
- if(mayApprove) {
- rv.add(AbsCell.HLINE);
+ String desc = (role.getDescription()!=null?role.getDescription():BLANK);
+ rv.add(new AbsCell[]{
+ new TextCell("Role:","width=45%"),
+ new TextCell(pRole)});
+ if(mayWrite) {
+ rv.add(new AbsCell[]{
+ new TextCell("Description:","width=45%"),
+ new TextInputCell("description","textInput",desc,"id=descText","onkeypress=touchedDesc()"),
+ new CheckBoxCell("desc",ALIGN.left, "changed","id=descCB", "style=visibility: hidden"),
+ });
+ rv.add(AbsCell.HLINE);
+ rv.add(new AbsCell[] {
+ new TextCell("Associated Permissions:","width=25%"),
+ new TextCell("UnGrant","width=10%"),
+ });
+ } else {
+ rv.add(new AbsCell[]{
+ new TextCell("Description:","width=45%"),
+ new TextCell(desc)});
+ }
+ boolean protectedRole = role.getName().endsWith(".owner") ||
+ role.getName().endsWith(".admin");
+ boolean first = true;
+ for(Pkey r : role.getPerms()) {
+ String key=r.getType() + '|' + r.getInstance() + '|' + r.getAction();
+ if(mayWrite) {
+ rv.add(new AbsCell[] {
+ AbsCell.Null,
+ protectedRole && r.getType().endsWith(".access")
+ ?new TextCell("protected","class=protected") // Do not allow ungranting of basic NS perms
+ :new CheckBoxCell("perm.ungrant",key),
+ new TextCell("","width=10%"),
+ new TextCell(key)
+ });
+ } else {
+ if(first) {
+ rv.add(new AbsCell[] {
+ new TextCell("Associated Permissions:","width=45%"),
+ new TextCell(key)
+ });
+ first=false;
+ } else {
+ rv.add(new AbsCell[] {
+ AbsCell.Null,
+ new TextCell(key)
+ });
+ }
+ }
+ }
+
+ if(mayApprove) {
+ rv.add(AbsCell.HLINE);
- //
- rv.add(new AbsCell[] {
- new TextCell("Users in Role:","width=25%"),
- new TextCell("Delete","width=10%"),
- new TextCell("Extend","width=10%")
- });
+ //
+ rv.add(new AbsCell[] {
+ new TextCell("Users in Role:","width=25%"),
+ new TextCell("Delete","width=10%"),
+ new TextCell("Extend","width=10%")
+ });
- List<UserRole> userroles = trans.get(sUserRole,null);
- if(userroles!=null) {
- for(UserRole ur : userroles) {
- String tag = "userrole";
-
- rv.add(new AbsCell[] {
- AbsCell.Null,
- new CheckBoxCell(tag+".delete", ur.getUser()),
- new CheckBoxCell(tag+".extend", ur.getUser()),
- new TextCell(ur.getUser()),
- new TextCell(Chrono.dateOnlyStamp(ur.getExpires())
- )});
- }
- }
- }
-
- // History
- rv.add(new AbsCell[] {
- new RefCell("See History",RoleHistory.HREF + "?role=" + pRole,false)
- });
- } else {
- rv.add(new AbsCell[]{
- new TextCell("Role:"),
- new TextCell(pRole)});
+ List<UserRole> userroles = trans.get(sUserRole,null);
+ if(userroles!=null) {
+ for(UserRole ur : userroles) {
+ String tag = "userrole";
+
+ rv.add(new AbsCell[] {
+ AbsCell.Null,
+ new CheckBoxCell(tag+".delete", ur.getUser()),
+ new CheckBoxCell(tag+".extend", ur.getUser()),
+ new TextCell(ur.getUser()),
+ new TextCell(Chrono.dateOnlyStamp(ur.getExpires())
+ )});
+ }
+ }
+ }
+
+ // History
+ rv.add(new AbsCell[] {
+ new RefCell("See History",RoleHistory.HREF + "?role=" + pRole,false)
+ });
+ } else {
+ rv.add(new AbsCell[]{
+ new TextCell("Role:"),
+ new TextCell(pRole)});
- rv.add(new AbsCell[] {new TextCell("*** Data Unavailable ***")});
- }
- return new Cells(rv, null);
- }
+ rv.add(new AbsCell[] {new TextCell("*** Data Unavailable ***")});
+ }
+ return new Cells(rv, null);
+ }
- /* (non-Javadoc)
- * @see org.onap.aaf.auth.gui.table.TableData#postfix(org.onap.aaf.misc.xgen.html.State, com.att.inno.env.Trans, org.onap.aaf.misc.xgen.Cache, org.onap.aaf.misc.xgen.html.HTMLGen)
- */
- @Override
- public void postfix(AAF_GUI state, AuthzTrans trans, final Cache<HTMLGen> cache, final HTMLGen hgen) {
- final Mark mark = trans.get(sMark, null);
- if(mark!=null) {
- hgen.tagOnly("input", "type=submit", "value=Submit");
- final String pNS = trans.get(sNS, null);
- if(pNS!=null && pNS.length()>0) {
- hgen.leaf(mark,HTMLGen.A,"href="+NsDetail.HREF+"?ns="+pNS,"class=greenbutton").text("Back").end(mark);
- }
- hgen.end(mark);
- }
+ /* (non-Javadoc)
+ * @see org.onap.aaf.auth.gui.table.TableData#postfix(org.onap.aaf.misc.xgen.html.State, com.att.inno.env.Trans, org.onap.aaf.misc.xgen.Cache, org.onap.aaf.misc.xgen.html.HTMLGen)
+ */
+ @Override
+ public void postfix(AAF_GUI state, AuthzTrans trans, final Cache<HTMLGen> cache, final HTMLGen hgen) {
+ final Mark mark = trans.get(sMark, null);
+ if(mark!=null) {
+ hgen.tagOnly("input", "type=submit", "value=Submit");
+ final String pNS = trans.get(sNS, null);
+ if(pNS!=null && pNS.length()>0) {
+ hgen.leaf(mark,HTMLGen.A,"href="+NsDetail.HREF+"?ns="+pNS,"class=greenbutton").text("Back").end(mark);
+ }
+ hgen.end(mark);
+ }
- }
- }
-}
- \ No newline at end of file
+ }
+ }
+}
+ \ No newline at end of file
diff --git a/auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/pages/RoleDetailAction.java b/auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/pages/RoleDetailAction.java
index f9f919a2..1f00d955 100644
--- a/auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/pages/RoleDetailAction.java
+++ b/auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/pages/RoleDetailAction.java
@@ -54,135 +54,135 @@ import aaf.v2_0.RolePermRequest;
import aaf.v2_0.RoleRequest;
public class RoleDetailAction extends Page {
- public RoleDetailAction(final AAF_GUI gui, final Page ... breadcrumbs) throws APIException, IOException {
- super(gui.env,RoleDetail.NAME, RoleDetail.HREF, TableData.headers,
- new BreadCrumbs(breadcrumbs),
- new NamedCode(true,"content") {
- final Slot sReq = gui.env.slot(AAF_GUI.HTTP_SERVLET_REQUEST);
-
- @Override
- public void code(final Cache<HTMLGen> cache, final HTMLGen hgen) throws APIException, IOException {
- cache.dynamic(hgen, new DynamicCode<HTMLGen,AAF_GUI, AuthzTrans>() {
- @Override
- public void code(final AAF_GUI gui, final AuthzTrans trans,final Cache<HTMLGen> cache, final HTMLGen hgen) throws APIException, IOException {
- final HttpServletRequest req = trans.get(sReq, null);
- final String role = getSingleParam(req,"role");
- if(role==null) {
- hgen.text("Parameter 'role' is required").end();
- } else {
- // Run Validations
-// boolean fail;
- try {
- /*fail =*/ gui.clientAsUser(trans.getUserPrincipal(), new Retryable<Boolean>() {
- @Override
- public Boolean code(Rcli<?> client) throws CadiException, ConnectException, APIException {
- List<TypedFuture> ltf = new ArrayList<>();
- String text;
- Map<String, String[]> pm = (Map<String, String[]>)req.getParameterMap();
- for(final Entry<String, String[]> es : pm.entrySet()) {
- for(final String v : es.getValue()) {
- TimeTaken tt = null;
- try {
- switch(es.getKey()) {
- case "desc": // Check box set
- String desc = getSingleParam(req, "description");
- if(desc!=null) {
- text = "Setting Description on " + role + " to " + desc;
- tt = trans.start(text, Env.REMOTE);
- RoleRequest rr = new RoleRequest();
- rr.setName(role);
- rr.setDescription(desc);
- ltf.add(new TypedFuture(ActionType.desc, text,
- client.update("/authz/role",
- gui.getDF(RoleRequest.class),rr
- )));
- }
- break;
- case "perm.ungrant":
- text = "Ungranting Permission '" + v + "' from '" + role + '\'';
- tt = trans.start(text, Env.REMOTE);
- String[] pf = Split.splitTrim('|', v);
- if(pf.length==3) {
- Pkey perm = new Pkey();
- perm.setType(pf[0]);
- perm.setInstance(pf[1]);
- perm.setAction(pf[2]);
- RolePermRequest rpr = new RolePermRequest();
- rpr.setPerm(perm);
- rpr.setRole(role);
- ltf.add(new TypedFuture(ActionType.ungrant,text,
- client.delete("/authz/role/" + role + "/perm",
- gui.getDF(RolePermRequest.class),rpr
- )));
- } else {
- hgen.p(v + " is not a valid Perm for ungranting");
- }
- break;
- case "userrole.extend":
- text = "Extending " + v + " in " + role;
- tt = trans.start(text, Env.REMOTE);
- ltf.add(new TypedFuture(ActionType.extendUR,text,
- client.update("/authz/userRole/extend/" + v + '/' + role)));
- break;
- case "userrole.delete":
- text = "Deleting " + v + " from " + role;
- tt = trans.start(text, Env.REMOTE);
- ltf.add(new TypedFuture(ActionType.deleteUR,text,
- client.delete("/authz/userRole/" + v + '/' + role, Void.class)));
- break;
+ public RoleDetailAction(final AAF_GUI gui, final Page ... breadcrumbs) throws APIException, IOException {
+ super(gui.env,RoleDetail.NAME, RoleDetail.HREF, TableData.headers,
+ new BreadCrumbs(breadcrumbs),
+ new NamedCode(true,"content") {
+ final Slot sReq = gui.env.slot(AAF_GUI.HTTP_SERVLET_REQUEST);
+
+ @Override
+ public void code(final Cache<HTMLGen> cache, final HTMLGen hgen) throws APIException, IOException {
+ cache.dynamic(hgen, new DynamicCode<HTMLGen,AAF_GUI, AuthzTrans>() {
+ @Override
+ public void code(final AAF_GUI gui, final AuthzTrans trans,final Cache<HTMLGen> cache, final HTMLGen hgen) throws APIException, IOException {
+ final HttpServletRequest req = trans.get(sReq, null);
+ final String role = getSingleParam(req,"role");
+ if(role==null) {
+ hgen.text("Parameter 'role' is required").end();
+ } else {
+ // Run Validations
+// boolean fail;
+ try {
+ /*fail =*/ gui.clientAsUser(trans.getUserPrincipal(), new Retryable<Boolean>() {
+ @Override
+ public Boolean code(Rcli<?> client) throws CadiException, ConnectException, APIException {
+ List<TypedFuture> ltf = new ArrayList<>();
+ String text;
+ Map<String, String[]> pm = (Map<String, String[]>)req.getParameterMap();
+ for(final Entry<String, String[]> es : pm.entrySet()) {
+ for(final String v : es.getValue()) {
+ TimeTaken tt = null;
+ try {
+ switch(es.getKey()) {
+ case "desc": // Check box set
+ String desc = getSingleParam(req, "description");
+ if(desc!=null) {
+ text = "Setting Description on " + role + " to " + desc;
+ tt = trans.start(text, Env.REMOTE);
+ RoleRequest rr = new RoleRequest();
+ rr.setName(role);
+ rr.setDescription(desc);
+ ltf.add(new TypedFuture(ActionType.desc, text,
+ client.update("/authz/role",
+ gui.getDF(RoleRequest.class),rr
+ )));
+ }
+ break;
+ case "perm.ungrant":
+ text = "Ungranting Permission '" + v + "' from '" + role + '\'';
+ tt = trans.start(text, Env.REMOTE);
+ String[] pf = Split.splitTrim('|', v);
+ if(pf.length==3) {
+ Pkey perm = new Pkey();
+ perm.setType(pf[0]);
+ perm.setInstance(pf[1]);
+ perm.setAction(pf[2]);
+ RolePermRequest rpr = new RolePermRequest();
+ rpr.setPerm(perm);
+ rpr.setRole(role);
+ ltf.add(new TypedFuture(ActionType.ungrant,text,
+ client.delete("/authz/role/" + role + "/perm",
+ gui.getDF(RolePermRequest.class),rpr
+ )));
+ } else {
+ hgen.p(v + " is not a valid Perm for ungranting");
+ }
+ break;
+ case "userrole.extend":
+ text = "Extending " + v + " in " + role;
+ tt = trans.start(text, Env.REMOTE);
+ ltf.add(new TypedFuture(ActionType.extendUR,text,
+ client.update("/authz/userRole/extend/" + v + '/' + role)));
+ break;
+ case "userrole.delete":
+ text = "Deleting " + v + " from " + role;
+ tt = trans.start(text, Env.REMOTE);
+ ltf.add(new TypedFuture(ActionType.deleteUR,text,
+ client.delete("/authz/userRole/" + v + '/' + role, Void.class)));
+ break;
- default:
-// System.out.println(es.getKey() + "=" + v);
- }
- } finally {
- if(tt!=null) {
- tt.done();
- tt=null;
- }
- }
- }
- }
-
- if(ltf.isEmpty()) {
- hgen.p("No Changes");
- } else {
- for(TypedFuture tf : ltf) {
- if(tf.future.get(5000)) {
- hgen.p("<font color=\"green\"><i>Success</i>:</font> " + tf.text);
- } else {
- // Note: if handling of special Error codes is required, use
- // switch(tf.type) {
- // }
- hgen.p(tf.text);
- gui.writeError(trans, tf.future, hgen,4);
- }
- }
- }
- return true;
- }
- });
- } catch (Exception e) {
- hgen.p("Unknown Error");
- e.printStackTrace();
- }
- }
- }
+ default:
+// System.out.println(es.getKey() + "=" + v);
+ }
+ } finally {
+ if(tt!=null) {
+ tt.done();
+ tt=null;
+ }
+ }
+ }
+ }
+
+ if(ltf.isEmpty()) {
+ hgen.p("No Changes");
+ } else {
+ for(TypedFuture tf : ltf) {
+ if(tf.future.get(5000)) {
+ hgen.p("<font color=\"green\"><i>Success</i>:</font> " + tf.text);
+ } else {
+ // Note: if handling of special Error codes is required, use
+ // switch(tf.type) {
+ // }
+ hgen.p(tf.text);
+ gui.writeError(trans, tf.future, hgen,4);
+ }
+ }
+ }
+ return true;
+ }
+ });
+ } catch (Exception e) {
+ hgen.p("Unknown Error");
+ e.printStackTrace();
+ }
+ }
+ }
- });
- }
- });
- }
-
- enum ActionType {desc, ungrant, deleteUR, extendUR};
- private static class TypedFuture {
-// public final ActionType type;
- public final Future<?> future;
- public final String text;
-
- public TypedFuture(ActionType type, String text, Future<?> future) {
-// this.type = type;
- this.future = future;
- this.text = text;
- }
- }
+ });
+ }
+ });
+ }
+
+ enum ActionType {desc, ungrant, deleteUR, extendUR};
+ private static class TypedFuture {
+// public final ActionType type;
+ public final Future<?> future;
+ public final String text;
+
+ public TypedFuture(ActionType type, String text, Future<?> future) {
+// this.type = type;
+ this.future = future;
+ this.text = text;
+ }
+ }
}
diff --git a/auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/pages/RoleHistory.java b/auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/pages/RoleHistory.java
index 4a9bd362..234b82c2 100644
--- a/auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/pages/RoleHistory.java
+++ b/auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/pages/RoleHistory.java
@@ -57,170 +57,170 @@ import aaf.v2_0.History.Item;
public class RoleHistory extends Page {
- static final String NAME="RoleHistory";
- static final String HREF = "/gui/roleHistory";
- static final String FIELDS[] = {"role","dates"};
- static final String WEBPHONE = "http://webphone.att.com/cgi-bin/webphones.pl?id=";
- static enum Month { JANUARY, FEBRUARY, MARCH, APRIL, MAY, JUNE, JULY,
- AUGUST, SEPTEMBER, OCTOBER, NOVEMBER, DECEMBER };
-
- public RoleHistory(final AAF_GUI gui, final Page ... breadcrumbs) throws APIException, IOException {
- super(gui.env,NAME,HREF, FIELDS,
- new BreadCrumbs(breadcrumbs),
- new Table<AAF_GUI,AuthzTrans>("History", gui.env.newTransNoAvg(),new Model(gui.env),"class=std"),
- new NamedCode(true, "content") {
- @Override
- public void code(final Cache<HTMLGen> cache, final HTMLGen hgen) throws APIException, IOException {
- final Slot role = gui.env.slot(NAME+".role");
- cache.dynamic(hgen, new DynamicCode<HTMLGen, AAF_GUI, AuthzTrans>() {
- @Override
- public void code(final AAF_GUI gui, final AuthzTrans trans, final Cache<HTMLGen> cache, final HTMLGen hgen) throws APIException, IOException {
- String obRole = trans.get(role, null);
-
- // Use Javascript to make the table title more descriptive
- hgen.js()
- .text("var caption = document.querySelector(\".title\");")
- .text("caption.innerHTML='History for Role [ " + obRole + " ]';")
- .done();
-
- // Use Javascript to change Link Target to our last visited Detail page
- String lastPage = RoleDetail.HREF + "?role=" + obRole;
- hgen.js()
- .text("alterLink('roledetail', '"+lastPage + "');")
- .done();
-
- hgen.br();
- hgen.leaf("a", "href=#advanced_search","onclick=divVisibility('advanced_search');").text("Advanced Search").end()
- .divID("advanced_search", "style=display:none");
- hgen.incr("table");
-
- addDateRow(hgen,"Start Date");
- addDateRow(hgen,"End Date");
- hgen.incr("tr").incr("td");
- hgen.tagOnly("input", "type=button","value=Get History",
- "onclick=datesURL('"+HREF+"?role=" + obRole+"');");
- hgen.end().end();
- hgen.end();
- hgen.end();
- }
- });
- }
- }
+ static final String NAME="RoleHistory";
+ static final String HREF = "/gui/roleHistory";
+ static final String FIELDS[] = {"role","dates"};
+ static final String WEBPHONE = "http://webphone.att.com/cgi-bin/webphones.pl?id=";
+ static enum Month { JANUARY, FEBRUARY, MARCH, APRIL, MAY, JUNE, JULY,
+ AUGUST, SEPTEMBER, OCTOBER, NOVEMBER, DECEMBER };
+
+ public RoleHistory(final AAF_GUI gui, final Page ... breadcrumbs) throws APIException, IOException {
+ super(gui.env,NAME,HREF, FIELDS,
+ new BreadCrumbs(breadcrumbs),
+ new Table<AAF_GUI,AuthzTrans>("History", gui.env.newTransNoAvg(),new Model(gui.env),"class=std"),
+ new NamedCode(true, "content") {
+ @Override
+ public void code(final Cache<HTMLGen> cache, final HTMLGen hgen) throws APIException, IOException {
+ final Slot role = gui.env.slot(NAME+".role");
+ cache.dynamic(hgen, new DynamicCode<HTMLGen, AAF_GUI, AuthzTrans>() {
+ @Override
+ public void code(final AAF_GUI gui, final AuthzTrans trans, final Cache<HTMLGen> cache, final HTMLGen hgen) throws APIException, IOException {
+ String obRole = trans.get(role, null);
+
+ // Use Javascript to make the table title more descriptive
+ hgen.js()
+ .text("var caption = document.querySelector(\".title\");")
+ .text("caption.innerHTML='History for Role [ " + obRole + " ]';")
+ .done();
+
+ // Use Javascript to change Link Target to our last visited Detail page
+ String lastPage = RoleDetail.HREF + "?role=" + obRole;
+ hgen.js()
+ .text("alterLink('roledetail', '"+lastPage + "');")
+ .done();
+
+ hgen.br();
+ hgen.leaf("a", "href=#advanced_search","onclick=divVisibility('advanced_search');").text("Advanced Search").end()
+ .divID("advanced_search", "style=display:none");
+ hgen.incr("table");
+
+ addDateRow(hgen,"Start Date");
+ addDateRow(hgen,"End Date");
+ hgen.incr("tr").incr("td");
+ hgen.tagOnly("input", "type=button","value=Get History",
+ "onclick=datesURL('"+HREF+"?role=" + obRole+"');");
+ hgen.end().end();
+ hgen.end();
+ hgen.end();
+ }
+ });
+ }
+ }
- );
-
- }
-
- private static void addDateRow(HTMLGen hgen, String s) {
- hgen
- .incr("tr")
- .incr("td")
- .incr("label", "for=month", "required").text(s+"*").end()
- .end()
- .incr("td")
- .incr("select", "name=month"+s.substring(0, s.indexOf(' ')), "id=month"+s.substring(0, s.indexOf(' ')), "required")
- .incr("option", "value=").text("Month").end();
- for (Month m : Month.values()) {
- if (Calendar.getInstance().get(Calendar.MONTH) == m.ordinal()) {
- hgen.incr("option", "selected", "value="+(m.ordinal()+1)).text(m.name()).end();
- } else {
- hgen.incr("option", "value="+(m.ordinal()+1)).text(m.name()).end();
- }
- }
- hgen.end()
- .end()
- .incr("td")
- .tagOnly("input","type=number","id=year"+s.substring(0, s.indexOf(' ')),"required",
- "value="+Calendar.getInstance().get(Calendar.YEAR), "min=1900",
- "max="+Calendar.getInstance().get(Calendar.YEAR),
- "placeholder=Year").end()
- .end();
- }
-
-
- /**
- * Implement the Table Content for History
- *
- * @author Jeremiah
- *
- */
- private static class Model extends TableData<AAF_GUI,AuthzTrans> {
- private static final String[] headers = new String[] {"Date","User","Memo"};
- private Slot role;
- private Slot dates;
-
- public Model(AuthzEnv env) {
- role = env.slot(NAME+".role");
- dates = env.slot(NAME+".dates");
- }
-
- @Override
- public String[] headers() {
- return headers;
- }
-
- @Override
- public Cells get(final AuthzTrans trans, final AAF_GUI gui) {
- final String oName = trans.get(role,null);
- final String oDates = trans.get(dates,null);
-
- Cells rv = Cells.EMPTY;
- if(oName!=null) {
-
- try {
- rv = gui.clientAsUser(trans.getUserPrincipal(), new Retryable<Cells>() {
- @Override
- public Cells code(Rcli<?> client) throws CadiException, ConnectException, APIException {
- ArrayList<AbsCell[]> rv = new ArrayList<>();
- TimeTaken tt = trans.start("AAF Get History for Namespace ["+oName+"]",Env.REMOTE);
- String msg = null;
- try {
- if (oDates != null) {
- client.setQueryParams("yyyymm="+oDates);
- }
- Future<History> fh = client.read("/authz/hist/role/"+oName,gui.getDF(History.class));
- if (fh.get(AAF_GUI.TIMEOUT)) {
- tt.done();
- tt = trans.start("Load History Data", Env.SUB);
- List<Item> histItems = fh.value.getItem();
-
- java.util.Collections.sort(histItems, new Comparator<Item>() {
- @Override
- public int compare(Item o1, Item o2) {
- return o2.getTimestamp().compare(o1.getTimestamp());
- }
- });
-
- for (Item i : histItems) {
- String user = i.getUser();
- AbsCell userCell = new TextCell(user);
+ );
+
+ }
+
+ private static void addDateRow(HTMLGen hgen, String s) {
+ hgen
+ .incr("tr")
+ .incr("td")
+ .incr("label", "for=month", "required").text(s+"*").end()
+ .end()
+ .incr("td")
+ .incr("select", "name=month"+s.substring(0, s.indexOf(' ')), "id=month"+s.substring(0, s.indexOf(' ')), "required")
+ .incr("option", "value=").text("Month").end();
+ for (Month m : Month.values()) {
+ if (Calendar.getInstance().get(Calendar.MONTH) == m.ordinal()) {
+ hgen.incr("option", "selected", "value="+(m.ordinal()+1)).text(m.name()).end();
+ } else {
+ hgen.incr("option", "value="+(m.ordinal()+1)).text(m.name()).end();
+ }
+ }
+ hgen.end()
+ .end()
+ .incr("td")
+ .tagOnly("input","type=number","id=year"+s.substring(0, s.indexOf(' ')),"required",
+ "value="+Calendar.getInstance().get(Calendar.YEAR), "min=1900",
+ "max="+Calendar.getInstance().get(Calendar.YEAR),
+ "placeholder=Year").end()
+ .end();
+ }
+
+
+ /**
+ * Implement the Table Content for History
+ *
+ * @author Jeremiah
+ *
+ */
+ private static class Model extends TableData<AAF_GUI,AuthzTrans> {
+ private static final String[] headers = new String[] {"Date","User","Memo"};
+ private Slot role;
+ private Slot dates;
+
+ public Model(AuthzEnv env) {
+ role = env.slot(NAME+".role");
+ dates = env.slot(NAME+".dates");
+ }
+
+ @Override
+ public String[] headers() {
+ return headers;
+ }
+
+ @Override
+ public Cells get(final AuthzTrans trans, final AAF_GUI gui) {
+ final String oName = trans.get(role,null);
+ final String oDates = trans.get(dates,null);
+
+ Cells rv = Cells.EMPTY;
+ if(oName!=null) {
+
+ try {
+ rv = gui.clientAsUser(trans.getUserPrincipal(), new Retryable<Cells>() {
+ @Override
+ public Cells code(Rcli<?> client) throws CadiException, ConnectException, APIException {
+ ArrayList<AbsCell[]> rv = new ArrayList<>();
+ TimeTaken tt = trans.start("AAF Get History for Namespace ["+oName+"]",Env.REMOTE);
+ String msg = null;
+ try {
+ if (oDates != null) {
+ client.setQueryParams("yyyymm="+oDates);
+ }
+ Future<History> fh = client.read("/authz/hist/role/"+oName,gui.getDF(History.class));
+ if (fh.get(AAF_GUI.TIMEOUT)) {
+ tt.done();
+ tt = trans.start("Load History Data", Env.SUB);
+ List<Item> histItems = fh.value.getItem();
+
+ java.util.Collections.sort(histItems, new Comparator<Item>() {
+ @Override
+ public int compare(Item o1, Item o2) {
+ return o2.getTimestamp().compare(o1.getTimestamp());
+ }
+ });
+
+ for (Item i : histItems) {
+ String user = i.getUser();
+ AbsCell userCell = new TextCell(user);
- String memo = i.getMemo().replace("<script>", "&lt;script&gt;").replace("</script>", "&lt;/script&gt;");
- rv.add(new AbsCell[] {
- new TextCell(i.getTimestamp().toGregorianCalendar().getTime().toString()),
- userCell,
- new TextCell(memo)
- });
- }
- } else {
- if (fh.code()==403) {
- rv.add(new AbsCell[] {new TextCell("You may not view History of Permission [" + oName + "]", "colspan = 3", "class=center")});
- } else {
- rv.add(new AbsCell[] {new TextCell("*** Data Unavailable ***", "colspan = 3", "class=center")});
- }
- }
- } finally {
- tt.done();
- }
- return new Cells(rv,msg);
- }
- });
- } catch (Exception e) {
- trans.error().log(e);
- }
- }
- return rv;
- }
- }
+ String memo = i.getMemo().replace("<script>", "&lt;script&gt;").replace("</script>", "&lt;/script&gt;");
+ rv.add(new AbsCell[] {
+ new TextCell(i.getTimestamp().toGregorianCalendar().getTime().toString()),
+ userCell,
+ new TextCell(memo)
+ });
+ }
+ } else {
+ if (fh.code()==403) {
+ rv.add(new AbsCell[] {new TextCell("You may not view History of Permission [" + oName + "]", "colspan = 3", "class=center")});
+ } else {
+ rv.add(new AbsCell[] {new TextCell("*** Data Unavailable ***", "colspan = 3", "class=center")});
+ }
+ }
+ } finally {
+ tt.done();
+ }
+ return new Cells(rv,msg);
+ }
+ });
+ } catch (Exception e) {
+ trans.error().log(e);
+ }
+ }
+ return rv;
+ }
+ }
}
diff --git a/auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/pages/RolesShow.java b/auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/pages/RolesShow.java
index 80ff9409..ffa8e3c2 100644
--- a/auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/pages/RolesShow.java
+++ b/auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/pages/RolesShow.java
@@ -56,85 +56,85 @@ import aaf.v2_0.UserRoles;
*
*/
public class RolesShow extends Page {
- public static final String HREF = "/gui/myroles";
- private static final String DATE_TIME_FORMAT = "yyyy-MM-dd";
-
- public RolesShow(final AAF_GUI gui, final Page ... breadcrumbs) throws APIException, IOException {
- super(gui.env, "MyRoles",HREF, NO_FIELDS,
- new BreadCrumbs(breadcrumbs),
- new Table<AAF_GUI,AuthzTrans>("Roles",gui.env.newTransNoAvg(),new Model(), "class=std"));
- }
+ public static final String HREF = "/gui/myroles";
+ private static final String DATE_TIME_FORMAT = "yyyy-MM-dd";
+
+ public RolesShow(final AAF_GUI gui, final Page ... breadcrumbs) throws APIException, IOException {
+ super(gui.env, "MyRoles",HREF, NO_FIELDS,
+ new BreadCrumbs(breadcrumbs),
+ new Table<AAF_GUI,AuthzTrans>("Roles",gui.env.newTransNoAvg(),new Model(), "class=std"));
+ }
- /**
- * Implement the Table Content for Permissions by User
- *
- * @author Jonathan
- *
- */
- private static class Model extends TableData<AAF_GUI,AuthzTrans> {
- private static final String[] headers = new String[] {"Role","Expires","Remediation","Actions"};
- private static final String ROLE = "&role=";
- private static final String USER = "?user=";
- private static final String CLASS_EXPIRED = "class=expired";
+ /**
+ * Implement the Table Content for Permissions by User
+ *
+ * @author Jonathan
+ *
+ */
+ private static class Model extends TableData<AAF_GUI,AuthzTrans> {
+ private static final String[] headers = new String[] {"Role","Expires","Remediation","Actions"};
+ private static final String ROLE = "&role=";
+ private static final String USER = "?user=";
+ private static final String CLASS_EXPIRED = "class=expired";
- @Override
- public String[] headers() {
- return headers;
- }
-
- @Override
- public Cells get(final AuthzTrans trans, final AAF_GUI gui) {
- Cells rv = Cells.EMPTY;
+ @Override
+ public String[] headers() {
+ return headers;
+ }
+
+ @Override
+ public Cells get(final AuthzTrans trans, final AAF_GUI gui) {
+ Cells rv = Cells.EMPTY;
- try {
- rv = gui.clientAsUser(trans.getUserPrincipal(), new Retryable<Cells>() {
- @Override
- public Cells code(Rcli<?> client) throws CadiException, ConnectException, APIException {
- ArrayList<AbsCell[]> rv = new ArrayList<>();
- TimeTaken tt = trans.start("AAF Roles by User",Env.REMOTE);
- try {
- Future<UserRoles> fur = client.read("/authz/userRoles/user/"+trans.user(),gui.getDF(UserRoles.class));
- if (fur.get(5000) && fur.value != null) for (UserRole u : fur.value.getUserRole()) {
- if(u.getExpires().compare(Chrono.timeStamp()) < 0) {
- AbsCell[] sa = new AbsCell[] {
- new TextCell(u.getRole() + "*", CLASS_EXPIRED),
- new TextCell(new SimpleDateFormat(DATE_TIME_FORMAT).format(u.getExpires().toGregorianCalendar().getTime()),CLASS_EXPIRED),
- new RefCell("Extend",
- UserRoleExtend.HREF+USER+trans.user()+ROLE+u.getRole(),
- false,
- new String[]{CLASS_EXPIRED}),
- new RefCell("Remove",
- UserRoleRemove.HREF+USER +trans.user()+ROLE+u.getRole(),
- false,
- new String[]{CLASS_EXPIRED})
-
- };
- rv.add(sa);
- } else {
- AbsCell[] sa = new AbsCell[] {
- new RefCell(u.getRole(),
- RoleDetail.HREF+"?role="+u.getRole(),
- false),
- new TextCell(new SimpleDateFormat(DATE_TIME_FORMAT).format(u.getExpires().toGregorianCalendar().getTime())),
- AbsCell.Null,
- new RefCell("Remove",
- UserRoleRemove.HREF+USER+trans.user()+ROLE+u.getRole(),
- false)
- };
- rv.add(sa);
- }
- }
-
- } finally {
- tt.done();
- }
- return new Cells(rv,null);
- }
- });
- } catch (Exception e) {
- trans.error().log(e);
- }
- return rv;
- }
- }
+ try {
+ rv = gui.clientAsUser(trans.getUserPrincipal(), new Retryable<Cells>() {
+ @Override
+ public Cells code(Rcli<?> client) throws CadiException, ConnectException, APIException {
+ ArrayList<AbsCell[]> rv = new ArrayList<>();
+ TimeTaken tt = trans.start("AAF Roles by User",Env.REMOTE);
+ try {
+ Future<UserRoles> fur = client.read("/authz/userRoles/user/"+trans.user(),gui.getDF(UserRoles.class));
+ if (fur.get(5000) && fur.value != null) for (UserRole u : fur.value.getUserRole()) {
+ if(u.getExpires().compare(Chrono.timeStamp()) < 0) {
+ AbsCell[] sa = new AbsCell[] {
+ new TextCell(u.getRole() + "*", CLASS_EXPIRED),
+ new TextCell(new SimpleDateFormat(DATE_TIME_FORMAT).format(u.getExpires().toGregorianCalendar().getTime()),CLASS_EXPIRED),
+ new RefCell("Extend",
+ UserRoleExtend.HREF+USER+trans.user()+ROLE+u.getRole(),
+ false,
+ new String[]{CLASS_EXPIRED}),
+ new RefCell("Remove",
+ UserRoleRemove.HREF+USER +trans.user()+ROLE+u.getRole(),
+ false,
+ new String[]{CLASS_EXPIRED})
+
+ };
+ rv.add(sa);
+ } else {
+ AbsCell[] sa = new AbsCell[] {
+ new RefCell(u.getRole(),
+ RoleDetail.HREF+"?role="+u.getRole(),
+ false),
+ new TextCell(new SimpleDateFormat(DATE_TIME_FORMAT).format(u.getExpires().toGregorianCalendar().getTime())),
+ AbsCell.Null,
+ new RefCell("Remove",
+ UserRoleRemove.HREF+USER+trans.user()+ROLE+u.getRole(),
+ false)
+ };
+ rv.add(sa);
+ }
+ }
+
+ } finally {
+ tt.done();
+ }
+ return new Cells(rv,null);
+ }
+ });
+ } catch (Exception e) {
+ trans.error().log(e);
+ }
+ return rv;
+ }
+ }
}
diff --git a/auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/pages/UserRoleExtend.java b/auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/pages/UserRoleExtend.java
index 8a78fd74..04e0e845 100644
--- a/auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/pages/UserRoleExtend.java
+++ b/auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/pages/UserRoleExtend.java
@@ -42,58 +42,58 @@ import org.onap.aaf.misc.xgen.DynamicCode;
import org.onap.aaf.misc.xgen.html.HTMLGen;
public class UserRoleExtend extends Page {
- public static final String HREF = "/gui/urExtend";
- static final String NAME = "Extend User Role";
- static final String fields[] = {"user","role"};
+ public static final String HREF = "/gui/urExtend";
+ static final String NAME = "Extend User Role";
+ static final String fields[] = {"user","role"};
- public UserRoleExtend(final AAF_GUI gui, final Page ... breadcrumbs) throws APIException, IOException {
- super(gui.env,NAME, HREF, fields,
- new BreadCrumbs(breadcrumbs),
- new NamedCode(true, "content") {
- @Override
- public void code(final Cache<HTMLGen> cache, final HTMLGen hgen) throws APIException, IOException {
- final Slot sUser = gui.env.slot(NAME+".user");
- final Slot sRole = gui.env.slot(NAME+".role");
-
-
- cache.dynamic(hgen, new DynamicCode<HTMLGen, AAF_GUI, AuthzTrans>() {
- @Override
- public void code(final AAF_GUI gui, final AuthzTrans trans, final Cache<HTMLGen> cache, final HTMLGen hgen) throws APIException, IOException {
- final String user = trans.get(sUser, "");
- final String role = trans.get(sRole, "");
+ public UserRoleExtend(final AAF_GUI gui, final Page ... breadcrumbs) throws APIException, IOException {
+ super(gui.env,NAME, HREF, fields,
+ new BreadCrumbs(breadcrumbs),
+ new NamedCode(true, "content") {
+ @Override
+ public void code(final Cache<HTMLGen> cache, final HTMLGen hgen) throws APIException, IOException {
+ final Slot sUser = gui.env.slot(NAME+".user");
+ final Slot sRole = gui.env.slot(NAME+".role");
+
+
+ cache.dynamic(hgen, new DynamicCode<HTMLGen, AAF_GUI, AuthzTrans>() {
+ @Override
+ public void code(final AAF_GUI gui, final AuthzTrans trans, final Cache<HTMLGen> cache, final HTMLGen hgen) throws APIException, IOException {
+ final String user = trans.get(sUser, "");
+ final String role = trans.get(sRole, "");
- TimeTaken tt = trans.start("Request to extend user role",Env.REMOTE);
- try {
- gui.clientAsUser(trans.getUserPrincipal(), new Retryable<Void>() {
- @Override
- public Void code(Rcli<?> client)throws CadiException, ConnectException, APIException {
- Future<Void> fv = client.update("/authz/userRole/extend/"+user+"/"+role+"?request=true");
- if(fv.get(5000)) {
- // not sure if we'll ever hit this
- hgen.p("Extended User ["+ user+"] in Role [" +role+"]");
- } else {
- if (fv.code() == 202 ) {
- hgen.p("User ["+ user+"] in Role [" +role+"] Extension sent for Approval");
- } else {
- gui.writeError(trans, fv, hgen,0);
- }
- }
- return null;
- }
- });
- } catch (Exception e) {
- trans.error().log(e);
- e.printStackTrace();
- } finally {
- tt.done();
- }
-
-
- }
- });
- }
-
- });
- }
+ TimeTaken tt = trans.start("Request to extend user role",Env.REMOTE);
+ try {
+ gui.clientAsUser(trans.getUserPrincipal(), new Retryable<Void>() {
+ @Override
+ public Void code(Rcli<?> client)throws CadiException, ConnectException, APIException {
+ Future<Void> fv = client.update("/authz/userRole/extend/"+user+"/"+role+"?request=true");
+ if(fv.get(5000)) {
+ // not sure if we'll ever hit this
+ hgen.p("Extended User ["+ user+"] in Role [" +role+"]");
+ } else {
+ if (fv.code() == 202 ) {
+ hgen.p("User ["+ user+"] in Role [" +role+"] Extension sent for Approval");
+ } else {
+ gui.writeError(trans, fv, hgen,0);
+ }
+ }
+ return null;
+ }
+ });
+ } catch (Exception e) {
+ trans.error().log(e);
+ e.printStackTrace();
+ } finally {
+ tt.done();
+ }
+
+
+ }
+ });
+ }
+
+ });
+ }
}
diff --git a/auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/pages/UserRoleRemove.java b/auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/pages/UserRoleRemove.java
index 84f3640d..73aa3e9f 100644
--- a/auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/pages/UserRoleRemove.java
+++ b/auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/pages/UserRoleRemove.java
@@ -42,56 +42,56 @@ import org.onap.aaf.misc.xgen.DynamicCode;
import org.onap.aaf.misc.xgen.html.HTMLGen;
public class UserRoleRemove extends Page {
- public static final String HREF = "/gui/urRemove";
- static final String NAME = "Remove User Role";
- static final String fields[] = {"user","role"};
+ public static final String HREF = "/gui/urRemove";
+ static final String NAME = "Remove User Role";
+ static final String fields[] = {"user","role"};
- public UserRoleRemove(final AAF_GUI gui, final Page ... breadcrumbs) throws APIException, IOException {
- super(gui.env,NAME, HREF, fields,
- new BreadCrumbs(breadcrumbs),
- new NamedCode(true, "content") {
- @Override
- public void code(final Cache<HTMLGen> cache, final HTMLGen hgen) throws APIException, IOException {
- final Slot sUser = gui.env.slot(NAME+".user");
- final Slot sRole = gui.env.slot(NAME+".role");
-
-
- cache.dynamic(hgen, new DynamicCode<HTMLGen, AAF_GUI, AuthzTrans>() {
- @Override
- public void code(final AAF_GUI gui, final AuthzTrans trans, final Cache<HTMLGen> cache, final HTMLGen hgen) throws APIException, IOException {
- final String user = trans.get(sUser, "");
- final String role = trans.get(sRole, "");
+ public UserRoleRemove(final AAF_GUI gui, final Page ... breadcrumbs) throws APIException, IOException {
+ super(gui.env,NAME, HREF, fields,
+ new BreadCrumbs(breadcrumbs),
+ new NamedCode(true, "content") {
+ @Override
+ public void code(final Cache<HTMLGen> cache, final HTMLGen hgen) throws APIException, IOException {
+ final Slot sUser = gui.env.slot(NAME+".user");
+ final Slot sRole = gui.env.slot(NAME+".role");
+
+
+ cache.dynamic(hgen, new DynamicCode<HTMLGen, AAF_GUI, AuthzTrans>() {
+ @Override
+ public void code(final AAF_GUI gui, final AuthzTrans trans, final Cache<HTMLGen> cache, final HTMLGen hgen) throws APIException, IOException {
+ final String user = trans.get(sUser, "");
+ final String role = trans.get(sRole, "");
- TimeTaken tt = trans.start("Request a user role delete",Env.REMOTE);
- try {
- gui.clientAsUser(trans.getUserPrincipal(), new Retryable<Void>() {
- @Override
- public Void code(Rcli<?> client) throws CadiException, ConnectException, APIException {
- Future<Void> fv = client.delete(
- "/authz/userRole/"+user+"/"+role+"?request=true",Void.class);
-
- if(fv.get(5000)) {
- // not sure if we'll ever hit this
- hgen.p("User ["+ user+"] Removed from Role [" +role+"]");
- } else {
- if (fv.code() == 202 ) {
- hgen.p("User ["+ user+"] Removal from Role [" +role+"] sent for Approval");
- } else {
- gui.writeError(trans, fv, hgen, 0);
- }
- }
- return null;
- }
- });
- } catch (Exception e) {
- e.printStackTrace();
- } finally {
- tt.done();
- }
- }
- });
- }
-
- });
- }
+ TimeTaken tt = trans.start("Request a user role delete",Env.REMOTE);
+ try {
+ gui.clientAsUser(trans.getUserPrincipal(), new Retryable<Void>() {
+ @Override
+ public Void code(Rcli<?> client) throws CadiException, ConnectException, APIException {
+ Future<Void> fv = client.delete(
+ "/authz/userRole/"+user+"/"+role+"?request=true",Void.class);
+
+ if(fv.get(5000)) {
+ // not sure if we'll ever hit this
+ hgen.p("User ["+ user+"] Removed from Role [" +role+"]");
+ } else {
+ if (fv.code() == 202 ) {
+ hgen.p("User ["+ user+"] Removal from Role [" +role+"] sent for Approval");
+ } else {
+ gui.writeError(trans, fv, hgen, 0);
+ }
+ }
+ return null;
+ }
+ });
+ } catch (Exception e) {
+ e.printStackTrace();
+ } finally {
+ tt.done();
+ }
+ }
+ });
+ }
+
+ });
+ }
}
diff --git a/auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/pages/WebCommand.java b/auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/pages/WebCommand.java
index f9c57d0f..6ad95e51 100644
--- a/auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/pages/WebCommand.java
+++ b/auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/pages/WebCommand.java
@@ -35,84 +35,84 @@ import org.onap.aaf.misc.xgen.Mark;
import org.onap.aaf.misc.xgen.html.HTMLGen;
public class WebCommand extends Page {
- public static final String HREF = "/gui/cui";
-
- public WebCommand(final AAF_GUI gui, final Page ... breadcrumbs) throws APIException, IOException {
- super(gui.env, "Web Command Client",HREF, NO_FIELDS,
- new BreadCrumbs(breadcrumbs),
- new NamedCode(true, "content") {
- @Override
- public void code(final Cache<HTMLGen> cache, final HTMLGen hgen) throws APIException, IOException {
- hgen.leaf("p","id=help_msg")
- .text("Questions about this page? ")
- .leaf("a", "href="+gui.env.getProperty(AAF_URL_CUIGUI,""), "target=_blank")
- .text("Click here")
- .end()
- .text(". Type 'help' below for a list of AAF commands")
- .end()
-
- .divID("console_and_options");
- hgen.divID("console_area");
- hgen.end(); //console_area
-
- hgen.divID("options_link", "class=closed");
- hgen.img("src=../../"+gui.theme + "/options_down.png", "onclick=handleDivHiding('options',this);",
- "id=options_img", "alt=Options", "title=Options")
- .end(); //options_link
-
- hgen.divID("options");
- cache.dynamic(hgen, new DynamicCode<HTMLGen,AAF_GUI,AuthzTrans>() {
- @Override
- public void code(AAF_GUI state, AuthzTrans trans, Cache<HTMLGen> cache, HTMLGen xgen)
- throws APIException, IOException {
- switch(browser(trans,trans.env().slot(getBrowserType()))) {
- case ie:
- case ieOld:
- // IE doesn't support file save
- break;
- default:
- xgen.img("src=../../"+gui.theme+"/AAFdownload.png", "onclick=saveToFile();",
- "alt=Save log to file", "title=Save log to file");
- }
-// xgen.img("src=../../"+gui.theme+"/AAFemail.png", "onclick=emailLog();",
-// "alt=Email log to me", "title=Email log to me");
- xgen.img("src=../../"+gui.theme+"/AAF_font_size.png", "onclick=handleDivHiding('text_slider',this);",
- "id=fontsize_img", "alt=Change text size", "title=Change text size");
- xgen.img("src=../../"+gui.theme+"/AAF_details.png", "onclick=selectOption(this,0);",
- "id=details_img", "alt=Turn on/off details mode", "title=Turn on/off details mode");
- xgen.img("src=../../"+gui.theme+"/AAF_maximize.png", "onclick=maximizeConsole(this);",
- "id=maximize_img", "alt=Maximize Console Window", "title=Maximize Console Window");
- }
- });
- hgen.divID("text_slider");
- hgen.tagOnly("input", "type=button", "class=change_font", "onclick=buttonChangeFontSize('dec')", "value=-")
- .tagOnly("input", "id=text_size_slider", "type=range", "min=75", "max=200", "value=100",
- "oninput=changeFontSize(this.value)", "onchange=changeFontSize(this.value)", "title=Change Text Size")
- .tagOnly("input", "type=button", "class=change_font", "onclick=buttonChangeFontSize('inc')", "value=+")
- .end(); //text_slider
+ public static final String HREF = "/gui/cui";
+
+ public WebCommand(final AAF_GUI gui, final Page ... breadcrumbs) throws APIException, IOException {
+ super(gui.env, "Web Command Client",HREF, NO_FIELDS,
+ new BreadCrumbs(breadcrumbs),
+ new NamedCode(true, "content") {
+ @Override
+ public void code(final Cache<HTMLGen> cache, final HTMLGen hgen) throws APIException, IOException {
+ hgen.leaf("p","id=help_msg")
+ .text("Questions about this page? ")
+ .leaf("a", "href="+gui.env.getProperty(AAF_URL_CUIGUI,""), "target=_blank")
+ .text("Click here")
+ .end()
+ .text(". Type 'help' below for a list of AAF commands")
+ .end()
+
+ .divID("console_and_options");
+ hgen.divID("console_area");
+ hgen.end(); //console_area
+
+ hgen.divID("options_link", "class=closed");
+ hgen.img("src=../../"+gui.theme + "/options_down.png", "onclick=handleDivHiding('options',this);",
+ "id=options_img", "alt=Options", "title=Options")
+ .end(); //options_link
+
+ hgen.divID("options");
+ cache.dynamic(hgen, new DynamicCode<HTMLGen,AAF_GUI,AuthzTrans>() {
+ @Override
+ public void code(AAF_GUI state, AuthzTrans trans, Cache<HTMLGen> cache, HTMLGen xgen)
+ throws APIException, IOException {
+ switch(browser(trans,trans.env().slot(getBrowserType()))) {
+ case ie:
+ case ieOld:
+ // IE doesn't support file save
+ break;
+ default:
+ xgen.img("src=../../"+gui.theme+"/AAFdownload.png", "onclick=saveToFile();",
+ "alt=Save log to file", "title=Save log to file");
+ }
+// xgen.img("src=../../"+gui.theme+"/AAFemail.png", "onclick=emailLog();",
+// "alt=Email log to me", "title=Email log to me");
+ xgen.img("src=../../"+gui.theme+"/AAF_font_size.png", "onclick=handleDivHiding('text_slider',this);",
+ "id=fontsize_img", "alt=Change text size", "title=Change text size");
+ xgen.img("src=../../"+gui.theme+"/AAF_details.png", "onclick=selectOption(this,0);",
+ "id=details_img", "alt=Turn on/off details mode", "title=Turn on/off details mode");
+ xgen.img("src=../../"+gui.theme+"/AAF_maximize.png", "onclick=maximizeConsole(this);",
+ "id=maximize_img", "alt=Maximize Console Window", "title=Maximize Console Window");
+ }
+ });
+ hgen.divID("text_slider");
+ hgen.tagOnly("input", "type=button", "class=change_font", "onclick=buttonChangeFontSize('dec')", "value=-")
+ .tagOnly("input", "id=text_size_slider", "type=range", "min=75", "max=200", "value=100",
+ "oninput=changeFontSize(this.value)", "onchange=changeFontSize(this.value)", "title=Change Text Size")
+ .tagOnly("input", "type=button", "class=change_font", "onclick=buttonChangeFontSize('inc')", "value=+")
+ .end(); //text_slider
- hgen.end(); //options
- hgen.end(); //console_and_options
-
- hgen.divID("input_area");
- hgen.tagOnly("input", "type=text", "id=command_field",
- "autocomplete=off", "autocorrect=off", "autocapitalize=off", "spellcheck=false",
- "onkeypress=keyPressed()", "placeholder=Type your AAFCLI commands here", "autofocus")
- .tagOnly("input", "id=submit", "type=button", "value=Submit",
- "onclick=http('put','../../gui/cui',getCommand(),callCUI);")
- .end();
+ hgen.end(); //options
+ hgen.end(); //console_and_options
+
+ hgen.divID("input_area");
+ hgen.tagOnly("input", "type=text", "id=command_field",
+ "autocomplete=off", "autocorrect=off", "autocapitalize=off", "spellcheck=false",
+ "onkeypress=keyPressed()", "placeholder=Type your AAFCLI commands here", "autofocus")
+ .tagOnly("input", "id=submit", "type=button", "value=Submit",
+ "onclick=http('put','../../gui/cui',getCommand(),callCUI);")
+ .end();
- Mark callCUI = new Mark();
- hgen.js(callCUI);
- hgen.text("function callCUI(resp) {")
- .text("moveCommandToDiv();")
- .text("printResponse(resp);")
- .text("}");
- hgen.end(callCUI);
-
- }
- });
+ Mark callCUI = new Mark();
+ hgen.js(callCUI);
+ hgen.text("function callCUI(resp) {")
+ .text("moveCommandToDiv();")
+ .text("printResponse(resp);")
+ .text("}");
+ hgen.end(callCUI);
+
+ }
+ });
- }
+ }
}
diff --git a/auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/table/AbsCell.java b/auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/table/AbsCell.java
index 6d95d7d8..e461cf54 100644
--- a/auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/table/AbsCell.java
+++ b/auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/table/AbsCell.java
@@ -24,25 +24,25 @@ package org.onap.aaf.auth.gui.table;
import org.onap.aaf.misc.xgen.html.HTMLGen;
public abstract class AbsCell {
- public static final AbsCell[] HLINE = new AbsCell[0];
- private static final String[] NONE = new String[0];
- protected static final String[] CENTER = new String[]{"class=center"};
- protected static final String[] LEFT = new String[]{"class=left"};
- protected static final String[] RIGHT = new String[]{"class=right"};
+ public static final AbsCell[] HLINE = new AbsCell[0];
+ private static final String[] NONE = new String[0];
+ protected static final String[] CENTER = new String[]{"class=center"};
+ protected static final String[] LEFT = new String[]{"class=left"};
+ protected static final String[] RIGHT = new String[]{"class=right"};
- /**
- * Write Cell Data with HTMLGen generator
- * @param hgen
- */
- public abstract void write(HTMLGen hgen);
-
- public final static AbsCell Null = new AbsCell() {
- @Override
- public void write(final HTMLGen hgen) {
- }
- };
-
- public String[] attrs() {
- return NONE;
- }
+ /**
+ * Write Cell Data with HTMLGen generator
+ * @param hgen
+ */
+ public abstract void write(HTMLGen hgen);
+
+ public final static AbsCell Null = new AbsCell() {
+ @Override
+ public void write(final HTMLGen hgen) {
+ }
+ };
+
+ public String[] attrs() {
+ return NONE;
+ }
}
diff --git a/auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/table/ButtonCell.java b/auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/table/ButtonCell.java
index 986c90af..2443eb98 100644
--- a/auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/table/ButtonCell.java
+++ b/auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/table/ButtonCell.java
@@ -24,22 +24,22 @@ package org.onap.aaf.auth.gui.table;
import org.onap.aaf.misc.xgen.html.HTMLGen;
public class ButtonCell extends AbsCell {
- private String[] attrs;
-
- public ButtonCell(String value, String ... attributes) {
- attrs = new String[2+attributes.length];
- attrs[0]="type=button";
- attrs[1]="value="+value;
- System.arraycopy(attributes, 0, attrs, 2, attributes.length);
- }
- @Override
- public void write(HTMLGen hgen) {
- hgen.incr("input",true,attrs).end();
+ private String[] attrs;
+
+ public ButtonCell(String value, String ... attributes) {
+ attrs = new String[2+attributes.length];
+ attrs[0]="type=button";
+ attrs[1]="value="+value;
+ System.arraycopy(attributes, 0, attrs, 2, attributes.length);
+ }
+ @Override
+ public void write(HTMLGen hgen) {
+ hgen.incr("input",true,attrs).end();
- }
-
- @Override
- public String[] attrs() {
- return AbsCell.CENTER;
- }
+ }
+
+ @Override
+ public String[] attrs() {
+ return AbsCell.CENTER;
+ }
}
diff --git a/auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/table/CheckBoxCell.java b/auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/table/CheckBoxCell.java
index 4c723d4a..91abfa42 100644
--- a/auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/table/CheckBoxCell.java
+++ b/auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/table/CheckBoxCell.java
@@ -24,43 +24,43 @@ package org.onap.aaf.auth.gui.table;
import org.onap.aaf.misc.xgen.html.HTMLGen;
public class CheckBoxCell extends AbsCell {
- public enum ALIGN{ left, right, center };
- private String[] attrs;
- private ALIGN align;
-
- public CheckBoxCell(String name, ALIGN align, String value, String ... attributes) {
- this.align = align;
- attrs = new String[3 + attributes.length];
- attrs[0]="type=checkbox";
- attrs[1]="name="+name;
- attrs[2]="value="+value;
- System.arraycopy(attributes, 0, attrs, 3, attributes.length);
- }
+ public enum ALIGN{ left, right, center };
+ private String[] attrs;
+ private ALIGN align;
+
+ public CheckBoxCell(String name, ALIGN align, String value, String ... attributes) {
+ this.align = align;
+ attrs = new String[3 + attributes.length];
+ attrs[0]="type=checkbox";
+ attrs[1]="name="+name;
+ attrs[2]="value="+value;
+ System.arraycopy(attributes, 0, attrs, 3, attributes.length);
+ }
- public CheckBoxCell(String name, String value, String ... attributes) {
- this.align = ALIGN.center;
- attrs = new String[3 + attributes.length];
- attrs[0]="type=checkbox";
- attrs[1]="name="+name;
- attrs[2]="value="+value;
- System.arraycopy(attributes, 0, attrs, 3, attributes.length);
- }
+ public CheckBoxCell(String name, String value, String ... attributes) {
+ this.align = ALIGN.center;
+ attrs = new String[3 + attributes.length];
+ attrs[0]="type=checkbox";
+ attrs[1]="name="+name;
+ attrs[2]="value="+value;
+ System.arraycopy(attributes, 0, attrs, 3, attributes.length);
+ }
- @Override
- public void write(HTMLGen hgen) {
- hgen.tagOnly("input",attrs);
- }
+ @Override
+ public void write(HTMLGen hgen) {
+ hgen.tagOnly("input",attrs);
+ }
- @Override
- public String[] attrs() {
- switch(align) {
- case left:
- return AbsCell.LEFT;
- case right:
- return AbsCell.RIGHT;
- case center:
- default:
- return AbsCell.CENTER;
- }
- }
+ @Override
+ public String[] attrs() {
+ switch(align) {
+ case left:
+ return AbsCell.LEFT;
+ case right:
+ return AbsCell.RIGHT;
+ case center:
+ default:
+ return AbsCell.CENTER;
+ }
+ }
}
diff --git a/auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/table/RadioCell.java b/auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/table/RadioCell.java
index 9f092105..9f21fac8 100644
--- a/auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/table/RadioCell.java
+++ b/auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/table/RadioCell.java
@@ -24,25 +24,25 @@ package org.onap.aaf.auth.gui.table;
import org.onap.aaf.misc.xgen.html.HTMLGen;
public class RadioCell extends AbsCell {
- private String[] attrs;
-
- public RadioCell(String name, String radioClass, String value, String ... attributes) {
- attrs = new String[4 + attributes.length];
- attrs[0]="type=radio";
- attrs[1]="name="+name;
- attrs[2]="class="+radioClass;
- attrs[3]="value="+value;
- System.arraycopy(attributes, 0, attrs, 4, attributes.length);
+ private String[] attrs;
+
+ public RadioCell(String name, String radioClass, String value, String ... attributes) {
+ attrs = new String[4 + attributes.length];
+ attrs[0]="type=radio";
+ attrs[1]="name="+name;
+ attrs[2]="class="+radioClass;
+ attrs[3]="value="+value;
+ System.arraycopy(attributes, 0, attrs, 4, attributes.length);
- }
-
- @Override
- public void write(HTMLGen hgen) {
- hgen.tagOnly("input",attrs);
- }
+ }
+
+ @Override
+ public void write(HTMLGen hgen) {
+ hgen.tagOnly("input",attrs);
+ }
- @Override
- public String[] attrs() {
- return AbsCell.CENTER;
- }
+ @Override
+ public String[] attrs() {
+ return AbsCell.CENTER;
+ }
}
diff --git a/auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/table/RefCell.java b/auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/table/RefCell.java
index 7dc14c81..5fc82140 100644
--- a/auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/table/RefCell.java
+++ b/auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/table/RefCell.java
@@ -31,24 +31,24 @@ import org.onap.aaf.misc.xgen.html.HTMLGen;
*
*/
public class RefCell extends AbsCell {
- public final String name;
- public final String[] str;
-
- public RefCell(String name, String href, boolean newWindow, String... attributes) {
- this.name = name;
- if(newWindow) {
- str = new String[attributes.length+2];
- str[attributes.length]="target=_blank";
- } else {
- str = new String[attributes.length+1];
- }
- str[0]="href="+href;
- System.arraycopy(attributes, 0, str, 1, attributes.length);
+ public final String name;
+ public final String[] str;
+
+ public RefCell(String name, String href, boolean newWindow, String... attributes) {
+ this.name = name;
+ if(newWindow) {
+ str = new String[attributes.length+2];
+ str[attributes.length]="target=_blank";
+ } else {
+ str = new String[attributes.length+1];
+ }
+ str[0]="href="+href;
+ System.arraycopy(attributes, 0, str, 1, attributes.length);
- }
-
- @Override
- public void write(HTMLGen hgen) {
- hgen.leaf(A,str).text(name);
- }
+ }
+
+ @Override
+ public void write(HTMLGen hgen) {
+ hgen.leaf(A,str).text(name);
+ }
}
diff --git a/auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/table/TableData.java b/auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/table/TableData.java
index 731d425e..d202ffa0 100644
--- a/auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/table/TableData.java
+++ b/auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/table/TableData.java
@@ -29,28 +29,28 @@ import org.onap.aaf.misc.xgen.html.HTMLGen;
import org.onap.aaf.misc.xgen.html.State;
public abstract class TableData<S extends State<Env>, TRANS extends Trans> implements Table.Data<S,TRANS>{
- public static final String[] headers = new String[0];
+ public static final String[] headers = new String[0];
- /* (non-Javadoc)
- * @see org.onap.aaf.auth.gui.Table.Data#prefix(org.onap.aaf.misc.xgen.html.State, com.att.inno.env.Trans, org.onap.aaf.misc.xgen.Cache, org.onap.aaf.misc.xgen.html.HTMLGen)
- */
- @Override
- public void prefix(final S state, final TRANS trans, final Cache<HTMLGen> cache, final HTMLGen hgen) {
- }
+ /* (non-Javadoc)
+ * @see org.onap.aaf.auth.gui.Table.Data#prefix(org.onap.aaf.misc.xgen.html.State, com.att.inno.env.Trans, org.onap.aaf.misc.xgen.Cache, org.onap.aaf.misc.xgen.html.HTMLGen)
+ */
+ @Override
+ public void prefix(final S state, final TRANS trans, final Cache<HTMLGen> cache, final HTMLGen hgen) {
+ }
- /* (non-Javadoc)
- * @see org.onap.aaf.auth.gui.Table.Data#postfix(org.onap.aaf.misc.xgen.html.State, com.att.inno.env.Trans, org.onap.aaf.misc.xgen.Cache, org.onap.aaf.misc.xgen.html.HTMLGen)
- */
- @Override
- public void postfix(final S state, final TRANS trans, final Cache<HTMLGen> cache, final HTMLGen hgen) {
- }
+ /* (non-Javadoc)
+ * @see org.onap.aaf.auth.gui.Table.Data#postfix(org.onap.aaf.misc.xgen.html.State, com.att.inno.env.Trans, org.onap.aaf.misc.xgen.Cache, org.onap.aaf.misc.xgen.html.HTMLGen)
+ */
+ @Override
+ public void postfix(final S state, final TRANS trans, final Cache<HTMLGen> cache, final HTMLGen hgen) {
+ }
- /* (non-Javadoc)
- * @see org.onap.aaf.auth.gui.Table.Data#headers()
- */
- @Override
- public String[] headers() {
- return headers;
- }
+ /* (non-Javadoc)
+ * @see org.onap.aaf.auth.gui.Table.Data#headers()
+ */
+ @Override
+ public String[] headers() {
+ return headers;
+ }
}
diff --git a/auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/table/TextAndRefCell.java b/auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/table/TextAndRefCell.java
index 036c8b7f..aefb3a46 100644
--- a/auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/table/TextAndRefCell.java
+++ b/auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/table/TextAndRefCell.java
@@ -27,17 +27,17 @@ import org.onap.aaf.misc.xgen.html.HTMLGen;
public class TextAndRefCell extends RefCell {
- private String text;
-
- public TextAndRefCell(String text, String name, String href, boolean newWindow, String[] attributes) {
- super(name, href, newWindow, attributes);
- this.text = text;
- }
+ private String text;
+
+ public TextAndRefCell(String text, String name, String href, boolean newWindow, String[] attributes) {
+ super(name, href, newWindow, attributes);
+ this.text = text;
+ }
- @Override
- public void write(HTMLGen hgen) {
- hgen.text(text);
- hgen.leaf(A,str).text(name);
- }
+ @Override
+ public void write(HTMLGen hgen) {
+ hgen.text(text);
+ hgen.leaf(A,str).text(name);
+ }
}
diff --git a/auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/table/TextCell.java b/auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/table/TextCell.java
index e20367a7..5d2a7262 100644
--- a/auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/table/TextCell.java
+++ b/auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/table/TextCell.java
@@ -29,21 +29,21 @@ import org.onap.aaf.misc.xgen.html.HTMLGen;
*
*/
public class TextCell extends AbsCell {
- public final String name;
- private String[] attrs;
-
- public TextCell(String name, String... attributes) {
- attrs = attributes;
- this.name = name;
- }
-
- @Override
- public void write(HTMLGen hgen) {
- hgen.text(name);
- }
-
- @Override
- public String[] attrs() {
- return attrs;
- }
+ public final String name;
+ private String[] attrs;
+
+ public TextCell(String name, String... attributes) {
+ attrs = attributes;
+ this.name = name;
+ }
+
+ @Override
+ public void write(HTMLGen hgen) {
+ hgen.text(name);
+ }
+
+ @Override
+ public String[] attrs() {
+ return attrs;
+ }
}
diff --git a/auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/table/TextInputCell.java b/auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/table/TextInputCell.java
index 4a4f757c..c55759ea 100644
--- a/auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/table/TextInputCell.java
+++ b/auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/table/TextInputCell.java
@@ -29,26 +29,26 @@ import org.onap.aaf.misc.xgen.html.HTMLGen;
*
*/
public class TextInputCell extends AbsCell {
- private static final String[] NULL_ATTRS=new String[0];
- private String[] attrs;
-
- public TextInputCell(String name, String textClass, String value, String ... attributes) {
- attrs = new String[5 + attributes.length];
- attrs[0]="type=text";
- attrs[1]="name="+name;
- attrs[2]="class="+textClass;
- attrs[3]="value="+value;
- attrs[4]="style=font-size:100%;";
- System.arraycopy(attributes, 0, attrs, 5, attributes.length);
- }
-
- @Override
- public void write(HTMLGen hgen) {
- hgen.tagOnly("input",attrs);
- }
-
- @Override
- public String[] attrs() {
- return NULL_ATTRS;
- }
+ private static final String[] NULL_ATTRS=new String[0];
+ private String[] attrs;
+
+ public TextInputCell(String name, String textClass, String value, String ... attributes) {
+ attrs = new String[5 + attributes.length];
+ attrs[0]="type=text";
+ attrs[1]="name="+name;
+ attrs[2]="class="+textClass;
+ attrs[3]="value="+value;
+ attrs[4]="style=font-size:100%;";
+ System.arraycopy(attributes, 0, attrs, 5, attributes.length);
+ }
+
+ @Override
+ public void write(HTMLGen hgen) {
+ hgen.tagOnly("input",attrs);
+ }
+
+ @Override
+ public String[] attrs() {
+ return NULL_ATTRS;
+ }
}
diff --git a/auth/auth-hello/src/main/java/org/onap/aaf/auth/hello/AAF_Hello.java b/auth/auth-hello/src/main/java/org/onap/aaf/auth/hello/AAF_Hello.java
index 9617f191..34371a1f 100644
--- a/auth/auth-hello/src/main/java/org/onap/aaf/auth/hello/AAF_Hello.java
+++ b/auth/auth-hello/src/main/java/org/onap/aaf/auth/hello/AAF_Hello.java
@@ -48,85 +48,85 @@ import org.onap.aaf.misc.env.APIException;
import org.onap.aaf.misc.env.Env;
public class AAF_Hello extends AbsService<AuthzEnv,AuthzTrans> {
- public enum API{TOKEN_REQ, TOKEN,INTROSPECT, ERROR,VOID};
- public Map<String, Dated> cacheUser;
- public AAFAuthn<?> aafAuthn;
- public AAFLurPerm aafLurPerm;
-
- /**
- * Construct AuthzAPI with all the Context Supporting Routes that Authz needs
- *
- * @param env
- * @param si
- * @param dm
- * @param decryptor
- * @throws APIException
- */
- public AAF_Hello(final AuthzEnv env) throws Exception {
- super(env.access(), env);
-
- aafLurPerm = aafCon().newLur();
- // Note: If you need both Authn and Authz construct the following:
- aafAuthn = aafCon().newAuthn(aafLurPerm);
+ public enum API{TOKEN_REQ, TOKEN,INTROSPECT, ERROR,VOID};
+ public Map<String, Dated> cacheUser;
+ public AAFAuthn<?> aafAuthn;
+ public AAFLurPerm aafLurPerm;
+
+ /**
+ * Construct AuthzAPI with all the Context Supporting Routes that Authz needs
+ *
+ * @param env
+ * @param si
+ * @param dm
+ * @param decryptor
+ * @throws APIException
+ */
+ public AAF_Hello(final AuthzEnv env) throws Exception {
+ super(env.access(), env);
+
+ aafLurPerm = aafCon().newLur();
+ // Note: If you need both Authn and Authz construct the following:
+ aafAuthn = aafCon().newAuthn(aafLurPerm);
- String aaf_env = env.getProperty(Config.AAF_ENV);
- if(aaf_env==null) {
- throw new APIException("aaf_env needs to be set");
- }
-
- // Initialize Facade for all uses
- AuthzTrans trans = env.newTrans();
- StringBuilder sb = new StringBuilder();
- trans.auditTrail(2, sb);
- trans.init().log(sb);
-
- API_Hello.init(this);
+ String aaf_env = env.getProperty(Config.AAF_ENV);
+ if(aaf_env==null) {
+ throw new APIException("aaf_env needs to be set");
+ }
+
+ // Initialize Facade for all uses
+ AuthzTrans trans = env.newTrans();
+ StringBuilder sb = new StringBuilder();
+ trans.auditTrail(2, sb);
+ trans.init().log(sb);
+
+ API_Hello.init(this);
}
-
- /**
- * Setup XML and JSON implementations for each supported Version type
- *
- * We do this by taking the Code passed in and creating clones of these with the appropriate Facades and properties
- * to do Versions and Content switches
- *
- */
- public void route(HttpMethods meth, String path, API api, HttpCode<AuthzTrans, AAF_Hello> code) throws Exception {
- String version = "1.0";
- // Get Correct API Class from Mapper
- route(env,meth,path,code,"text/plain;version="+version,"*/*");
- }
-
- @Override
- public Filter[] _filters(Object ... additionalTafLurs) throws CadiException, LocatorException {
- try {
- return new Filter[] {
- new AuthzTransFilter(env,aafCon(),
- new AAFTrustChecker((Env)env),
- additionalTafLurs)
- };
- } catch (NumberFormatException e) {
- throw new CadiException("Invalid Property information", e);
- }
- }
+
+ /**
+ * Setup XML and JSON implementations for each supported Version type
+ *
+ * We do this by taking the Code passed in and creating clones of these with the appropriate Facades and properties
+ * to do Versions and Content switches
+ *
+ */
+ public void route(HttpMethods meth, String path, API api, HttpCode<AuthzTrans, AAF_Hello> code) throws Exception {
+ String version = "1.0";
+ // Get Correct API Class from Mapper
+ route(env,meth,path,code,"text/plain;version="+version,"*/*");
+ }
+
+ @Override
+ public Filter[] _filters(Object ... additionalTafLurs) throws CadiException, LocatorException {
+ try {
+ return new Filter[] {
+ new AuthzTransFilter(env,aafCon(),
+ new AAFTrustChecker((Env)env),
+ additionalTafLurs)
+ };
+ } catch (NumberFormatException e) {
+ throw new CadiException("Invalid Property information", e);
+ }
+ }
- @SuppressWarnings("unchecked")
- @Override
- public Registrant<AuthzEnv>[] registrants(final int port) throws CadiException, LocatorException {
- return new Registrant[] {
- new RemoteRegistrant<AuthzEnv>(aafCon(),app_name,app_version,port)
- };
- }
+ @SuppressWarnings("unchecked")
+ @Override
+ public Registrant<AuthzEnv>[] registrants(final int port) throws CadiException, LocatorException {
+ return new Registrant[] {
+ new RemoteRegistrant<AuthzEnv>(aafCon(),app_name,app_version,port)
+ };
+ }
- public static void main(final String[] args) {
- try {
- Log4JLogIt logIt = new Log4JLogIt(args, "hello");
- PropAccess propAccess = new PropAccess(logIt,args);
+ public static void main(final String[] args) {
+ try {
+ Log4JLogIt logIt = new Log4JLogIt(args, "hello");
+ PropAccess propAccess = new PropAccess(logIt,args);
- AAF_Hello service = new AAF_Hello(new AuthzEnv(propAccess));
- JettyServiceStarter<AuthzEnv,AuthzTrans> jss = new JettyServiceStarter<AuthzEnv,AuthzTrans>(service);
- jss.start();
- } catch (Exception e) {
- e.printStackTrace();
- }
- }
+ AAF_Hello service = new AAF_Hello(new AuthzEnv(propAccess));
+ JettyServiceStarter<AuthzEnv,AuthzTrans> jss = new JettyServiceStarter<AuthzEnv,AuthzTrans>(service);
+ jss.start();
+ } catch (Exception e) {
+ e.printStackTrace();
+ }
+ }
}
diff --git a/auth/auth-hello/src/main/java/org/onap/aaf/auth/hello/API_Hello.java b/auth/auth-hello/src/main/java/org/onap/aaf/auth/hello/API_Hello.java
index 97727abd..234dfe14 100644
--- a/auth/auth-hello/src/main/java/org/onap/aaf/auth/hello/API_Hello.java
+++ b/auth/auth-hello/src/main/java/org/onap/aaf/auth/hello/API_Hello.java
@@ -43,146 +43,146 @@ import org.onap.aaf.misc.env.TimeTaken;
public class API_Hello {
- private static final String APPLICATION_JSON = "application/json";
- protected static final byte[] NOT_JSON = "Data does not look like JSON".getBytes();
+ private static final String APPLICATION_JSON = "application/json";
+ protected static final byte[] NOT_JSON = "Data does not look like JSON".getBytes();
- // Hide Public Constructor
- private API_Hello() {}
-
- /**
- * Normal Init level APIs
- *
- * @param oauthHello
- * @param facade
- * @throws Exception
- */
- public static void init(final AAF_Hello oauthHello) throws Exception {
- ////////
- // Simple "GET" API
- ///////
-
- oauthHello.route(HttpMethods.GET,"/hello/:perm*",API.TOKEN,new HttpCode<AuthzTrans, AAF_Hello>(oauthHello,"Hello OAuth"){
- @Override
- public void handle(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp) throws Exception {
- resp.setStatus(200 /* OK */);
- ServletOutputStream os = resp.getOutputStream();
- os.print("Hello AAF ");
- String perm = pathParam(req, "perm");
- if(perm!=null && perm.length()>0) {
- os.print('(');
- os.print(req.getUserPrincipal().getName());
- TimeTaken tt = trans.start("Authorize perm", Env.REMOTE);
- try {
- if(req.isUserInRole(perm)) {
- os.print(" has ");
- } else {
- os.print(" does not have ");
- }
- } finally {
- tt.done();
- }
- os.print("Permission: ");
- os.print(perm);
- os.print(')');
- }
- os.println();
-
- trans.info().printf("Said 'Hello' to %s, Authentication type: %s",trans.getUserPrincipal().getName(),trans.getUserPrincipal().getClass().getSimpleName());
- }
- });
+ // Hide Public Constructor
+ private API_Hello() {}
+
+ /**
+ * Normal Init level APIs
+ *
+ * @param oauthHello
+ * @param facade
+ * @throws Exception
+ */
+ public static void init(final AAF_Hello oauthHello) throws Exception {
+ ////////
+ // Simple "GET" API
+ ///////
+
+ oauthHello.route(HttpMethods.GET,"/hello/:perm*",API.TOKEN,new HttpCode<AuthzTrans, AAF_Hello>(oauthHello,"Hello OAuth"){
+ @Override
+ public void handle(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp) throws Exception {
+ resp.setStatus(200 /* OK */);
+ ServletOutputStream os = resp.getOutputStream();
+ os.print("Hello AAF ");
+ String perm = pathParam(req, "perm");
+ if(perm!=null && perm.length()>0) {
+ os.print('(');
+ os.print(req.getUserPrincipal().getName());
+ TimeTaken tt = trans.start("Authorize perm", Env.REMOTE);
+ try {
+ if(req.isUserInRole(perm)) {
+ os.print(" has ");
+ } else {
+ os.print(" does not have ");
+ }
+ } finally {
+ tt.done();
+ }
+ os.print("Permission: ");
+ os.print(perm);
+ os.print(')');
+ }
+ os.println();
+
+ trans.info().printf("Said 'Hello' to %s, Authentication type: %s",trans.getUserPrincipal().getName(),trans.getUserPrincipal().getClass().getSimpleName());
+ }
+ });
////////////////
// REST APIs
////////////////
- ////////////////
- // CREATE/POST
- ////////////////
- oauthHello.route(oauthHello.env,HttpMethods.POST,"/resthello/:id",new HttpCode<AuthzTrans, AAF_Hello>(oauthHello,"REST Hello Create") {
- @Override
- public void handle(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp) throws Exception {
- BufferedReader br = new BufferedReader(new InputStreamReader(req.getInputStream()));
- StringBuilder sb = new StringBuilder();
- while(br.ready()) {
- sb.append(br.readLine());
- }
- String content = sb.toString();
- trans.info().printf("Content from %s: %s\n", pathParam(req, ":id"),content);
- if(content.startsWith("{") && content.endsWith("}")) {
- resp.setStatus(201 /* OK */);
- } else {
- resp.getOutputStream().write(NOT_JSON);
- resp.setStatus(406);
- }
- }
- },APPLICATION_JSON);
+ ////////////////
+ // CREATE/POST
+ ////////////////
+ oauthHello.route(oauthHello.env,HttpMethods.POST,"/resthello/:id",new HttpCode<AuthzTrans, AAF_Hello>(oauthHello,"REST Hello Create") {
+ @Override
+ public void handle(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp) throws Exception {
+ BufferedReader br = new BufferedReader(new InputStreamReader(req.getInputStream()));
+ StringBuilder sb = new StringBuilder();
+ while(br.ready()) {
+ sb.append(br.readLine());
+ }
+ String content = sb.toString();
+ trans.info().printf("Content from %s: %s\n", pathParam(req, ":id"),content);
+ if(content.startsWith("{") && content.endsWith("}")) {
+ resp.setStatus(201 /* OK */);
+ } else {
+ resp.getOutputStream().write(NOT_JSON);
+ resp.setStatus(406);
+ }
+ }
+ },APPLICATION_JSON);
- ////////////////
- // READ/GET
- ////////////////
- oauthHello.route(oauthHello.env,HttpMethods.GET,"/resthello/:id",new HttpCode<AuthzTrans, AAF_Hello>(oauthHello,"REST Hello Read") {
- @Override
- public void handle(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp) throws Exception {
- resp.setStatus(200 /* OK */);
- StringBuilder sb = new StringBuilder("{\"resp\": \"Hello REST AAF\",\"principal\": \"");
- sb.append(req.getUserPrincipal().getName());
- sb.append('"');
- String perm = pathParam(req, "perm");
- trans.info().printf("Read request from %s: %s\n", pathParam(req, ":id"),perm);
- if(perm!=null && perm.length()>0) {
- TimeTaken tt = trans.start("Authorize perm", Env.REMOTE);
- try {
- sb.append(",\"validation\": { \"permission\" : \"");
- sb.append(perm);
- sb.append("\",\"has\" : \"");
- sb.append(req.isUserInRole(perm));
- sb.append("\"}");
- } finally {
- tt.done();
- }
- }
- sb.append("}");
- ServletOutputStream os = resp.getOutputStream();
- os.println(sb.toString());
- trans.info().printf("Said 'RESTful Hello' to %s, Authentication type: %s",trans.getUserPrincipal().getName(),trans.getUserPrincipal().getClass().getSimpleName());
- }
- },APPLICATION_JSON);
-
- ////////////////
- // UPDATE/PUT
- ////////////////
- oauthHello.route(oauthHello.env,HttpMethods.PUT,"/resthello/:id",new HttpCode<AuthzTrans, AAF_Hello>(oauthHello,"REST Hello Update") {
- @Override
- public void handle(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp) throws Exception {
- BufferedReader br = new BufferedReader(new InputStreamReader(req.getInputStream()));
- StringBuilder sb = new StringBuilder();
- while(br.ready()) {
- sb.append(br.readLine());
- }
- String content = sb.toString();
- trans.info().printf("Content from %s: %s\n", pathParam(req, ":id"),content);
- if(content.startsWith("{") && content.endsWith("}")) {
- resp.setStatus(200 /* OK */);
- resp.getOutputStream().print(content);
- } else {
- resp.getOutputStream().write(NOT_JSON);
- resp.setStatus(406);
- }
- }
- },APPLICATION_JSON);
+ ////////////////
+ // READ/GET
+ ////////////////
+ oauthHello.route(oauthHello.env,HttpMethods.GET,"/resthello/:id",new HttpCode<AuthzTrans, AAF_Hello>(oauthHello,"REST Hello Read") {
+ @Override
+ public void handle(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp) throws Exception {
+ resp.setStatus(200 /* OK */);
+ StringBuilder sb = new StringBuilder("{\"resp\": \"Hello REST AAF\",\"principal\": \"");
+ sb.append(req.getUserPrincipal().getName());
+ sb.append('"');
+ String perm = pathParam(req, "perm");
+ trans.info().printf("Read request from %s: %s\n", pathParam(req, ":id"),perm);
+ if(perm!=null && perm.length()>0) {
+ TimeTaken tt = trans.start("Authorize perm", Env.REMOTE);
+ try {
+ sb.append(",\"validation\": { \"permission\" : \"");
+ sb.append(perm);
+ sb.append("\",\"has\" : \"");
+ sb.append(req.isUserInRole(perm));
+ sb.append("\"}");
+ } finally {
+ tt.done();
+ }
+ }
+ sb.append("}");
+ ServletOutputStream os = resp.getOutputStream();
+ os.println(sb.toString());
+ trans.info().printf("Said 'RESTful Hello' to %s, Authentication type: %s",trans.getUserPrincipal().getName(),trans.getUserPrincipal().getClass().getSimpleName());
+ }
+ },APPLICATION_JSON);
+
+ ////////////////
+ // UPDATE/PUT
+ ////////////////
+ oauthHello.route(oauthHello.env,HttpMethods.PUT,"/resthello/:id",new HttpCode<AuthzTrans, AAF_Hello>(oauthHello,"REST Hello Update") {
+ @Override
+ public void handle(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp) throws Exception {
+ BufferedReader br = new BufferedReader(new InputStreamReader(req.getInputStream()));
+ StringBuilder sb = new StringBuilder();
+ while(br.ready()) {
+ sb.append(br.readLine());
+ }
+ String content = sb.toString();
+ trans.info().printf("Content from %s: %s\n", pathParam(req, ":id"),content);
+ if(content.startsWith("{") && content.endsWith("}")) {
+ resp.setStatus(200 /* OK */);
+ resp.getOutputStream().print(content);
+ } else {
+ resp.getOutputStream().write(NOT_JSON);
+ resp.setStatus(406);
+ }
+ }
+ },APPLICATION_JSON);
- ////////////////
- // DELETE
- ////////////////
- oauthHello.route(oauthHello.env,HttpMethods.DELETE,"/resthello/:id",new HttpCode<AuthzTrans, AAF_Hello>(oauthHello,"REST Hello Delete") {
- @Override
- public void handle(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp) throws Exception {
- trans.info().printf("Delete requested on %s\n", pathParam(req, ":id"));
- resp.setStatus(200 /* OK */);
- }
- },APPLICATION_JSON);
+ ////////////////
+ // DELETE
+ ////////////////
+ oauthHello.route(oauthHello.env,HttpMethods.DELETE,"/resthello/:id",new HttpCode<AuthzTrans, AAF_Hello>(oauthHello,"REST Hello Delete") {
+ @Override
+ public void handle(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp) throws Exception {
+ trans.info().printf("Delete requested on %s\n", pathParam(req, ":id"));
+ resp.setStatus(200 /* OK */);
+ }
+ },APPLICATION_JSON);
- }
+ }
}
diff --git a/auth/auth-hello/src/test/java/org/onap/aaf/auth/hello/test/HelloTester.java b/auth/auth-hello/src/test/java/org/onap/aaf/auth/hello/test/HelloTester.java
index 84625281..f41826d9 100644
--- a/auth/auth-hello/src/test/java/org/onap/aaf/auth/hello/test/HelloTester.java
+++ b/auth/auth-hello/src/test/java/org/onap/aaf/auth/hello/test/HelloTester.java
@@ -40,42 +40,42 @@ import org.onap.aaf.misc.env.APIException;
public class HelloTester {
- public static void main(String[] args) {
- // Do Once and ONLY once
- PropAccess access = new PropAccess(args);
- try {
- Define.set(access);
- String uriPrefix = access.getProperty("locatorURI","https://aaftest.test.att.com");
-
- SecurityInfoC<HttpURLConnection> si = SecurityInfoC.instance(access, HttpURLConnection.class);
- AAFLocator loc = new AAFLocator(si,new URI(uriPrefix+"/locate/"+Define.ROOT_NS()+".hello:1.0"));
- AAFConHttp aafcon = new AAFConHttp(access,loc,si);
-
- //
- String pathinfo = "/hello";
- final int iterations = Integer.parseInt(access.getProperty("iterations","5"));
- System.out.println("Calling " + loc + " with Path " + pathinfo + ' ' + iterations + " time" + (iterations==1?"":"s"));
- for(int i=0;i<iterations;++i) {
- aafcon.best(new Retryable<Void> () {
- @Override
- public Void code(Rcli<?> client) throws CadiException, ConnectException, APIException {
- Future<String> fs = client.read("/hello","text/plain");
- if(fs.get(5000)) {
- System.out.print(fs.body());
- } else {
- System.err.println("Ooops, missed one: " + fs.code() + ": " + fs.body());
- }
- return null;
-
- }
- });
- Thread.sleep(500L);
- }
- } catch (CadiException | LocatorException | URISyntaxException | APIException | InterruptedException e) {
- e.printStackTrace();
- }
-
-
- }
-
+ public static void main(String[] args) {
+ // Do Once and ONLY once
+ PropAccess access = new PropAccess(args);
+ try {
+ Define.set(access);
+ String uriPrefix = access.getProperty("locatorURI",null);
+ if(uriPrefix==null) {
+ System.out.println("You must add \"locatorURI=<uri>\" to the command line or VM_Args");
+ } else {
+ SecurityInfoC<HttpURLConnection> si = SecurityInfoC.instance(access, HttpURLConnection.class);
+ AAFLocator loc = new AAFLocator(si,new URI(uriPrefix+"/locate/"+Define.ROOT_NS()+".hello:1.0"));
+ AAFConHttp aafcon = new AAFConHttp(access,loc,si);
+
+ //
+ String pathinfo = "/hello";
+ final int iterations = Integer.parseInt(access.getProperty("iterations","5"));
+ System.out.println("Calling " + loc + " with Path " + pathinfo + ' ' + iterations + " time" + (iterations==1?"":"s"));
+ for(int i=0;i<iterations;++i) {
+ aafcon.best(new Retryable<Void> () {
+ @Override
+ public Void code(Rcli<?> client) throws CadiException, ConnectException, APIException {
+ Future<String> fs = client.read("/hello","text/plain");
+ if(fs.get(5000)) {
+ System.out.print(fs.body());
+ } else {
+ System.err.println("Ooops, missed one: " + fs.code() + ": " + fs.body());
+ }
+ return null;
+
+ }
+ });
+ Thread.sleep(500L);
+ }
+ }
+ } catch (CadiException | LocatorException | URISyntaxException | APIException | InterruptedException e) {
+ e.printStackTrace();
+ }
+ }
}
diff --git a/auth/auth-locate/src/main/java/org/onap/aaf/auth/locate/AAF_Locate.java b/auth/auth-locate/src/main/java/org/onap/aaf/auth/locate/AAF_Locate.java
index 9f25eab7..545b6b47 100644
--- a/auth/auth-locate/src/main/java/org/onap/aaf/auth/locate/AAF_Locate.java
+++ b/auth/auth-locate/src/main/java/org/onap/aaf/auth/locate/AAF_Locate.java
@@ -67,183 +67,183 @@ import org.onap.aaf.misc.rosetta.env.RosettaEnv;
import com.datastax.driver.core.Cluster;
public class AAF_Locate extends AbsService<AuthzEnv, AuthzTrans> {
- private static final String DOT_LOCATOR = ".locator";
-
- private static final String USER_PERMS = "userPerms";
- private LocateFacade_1_1 facade; // this is the default Facade
- private LocateFacade_1_1 facade_1_1_XML;
- public Map<String, Dated> cacheUser;
- public final AAFAuthn<?> aafAuthn;
- public final AAFLurPerm aafLurPerm;
- private Locator<URI> gui_locator;
- public final long expireIn;
- private final Cluster cluster;
- public final LocateDAO locateDAO;
- public final ConfigDAO configDAO;
- private Locator<URI> dal;
- private final String aaf_service_name;
- private final String aaf_gui_name;
-
-
- /**
- * Construct AuthzAPI with all the Context Supporting Routes that Authz needs
- *
- * @param env
- * @param si
- * @param dm
- * @param decryptor
- * @throws APIException
- */
- public AAF_Locate(final AuthzEnv env) throws Exception {
- super(env.access(), env);
- aaf_service_name = app_name.replace(DOT_LOCATOR, ".service");
- aaf_gui_name = app_name.replace(DOT_LOCATOR, ".gui");
-
- expireIn = Long.parseLong(env.getProperty(Config.AAF_USER_EXPIRES, Config.AAF_USER_EXPIRES_DEF));
-
- // Initialize Facade for all uses
- AuthzTrans trans = env.newTransNoAvg();
-
- cluster = org.onap.aaf.auth.dao.CassAccess.cluster(env,null);
- locateDAO = new LocateDAO(trans,cluster,CassAccess.KEYSPACE);
- configDAO = new ConfigDAO(trans,locateDAO); // same stuff
-
- // Have AAFLocator object Create DirectLocators for Location needs
- AbsAAFLocator.setCreator(new DirectLocatorCreator(env, locateDAO));
-
- aafLurPerm = aafCon().newLur();
- // Note: If you need both Authn and Authz construct the following:
- aafAuthn = aafCon().newAuthn(aafLurPerm);
-
-
- facade = LocateFacadeFactory.v1_1(env,this,trans,Data.TYPE.JSON); // Default Facade
- facade_1_1_XML = LocateFacadeFactory.v1_1(env,this,trans,Data.TYPE.XML);
-
- synchronized(env) {
- if(cacheUser == null) {
- cacheUser = Cache.obtain(USER_PERMS);
- Cache.startCleansing(env, USER_PERMS);
- }
- }
-
-
- ////////////////////////////////////////////////////////////////////////////
- // Time Critical
- // These will always be evaluated first
- ////////////////////////////////////////////////////////////////////////
- API_AAFAccess.init(this,facade);
- API_Find.init(this, facade);
- API_Proxy.init(this, facade);
-
- ////////////////////////////////////////////////////////////////////////
- // Management APIs
- ////////////////////////////////////////////////////////////////////////
- // There are several APIs around each concept, and it gets a bit too
- // long in this class to create. The initialization of these Management
- // APIs have therefore been pushed to StandAlone Classes with static
- // init functions
- API_Api.init(this, facade);
-
- ////////////////////////////////////////////////////////////////////////
- // Default Function
- ////////////////////////////////////////////////////////////////////////
- API_AAFAccess.initDefault(this,facade);
-
- }
-
-
- /**
- * Setup XML and JSON implementations for each supported Version type
- *
- * We do this by taking the Code passed in and creating clones of these with the appropriate Facades and properties
- * to do Versions and Content switches
- *
- */
- public void route(HttpMethods meth, String path, API api, LocateCode code) throws Exception {
- String version = "1.0";
- // Get Correct API Class from Mapper
- Class<?> respCls = facade.mapper().getClass(api);
- if(respCls==null) throw new Exception("Unknown class associated with " + api.getClass().getName() + ' ' + api.name());
- // setup Application API HTML ContentTypes for JSON and Route
- String application = applicationJSON(respCls, version);
- route(env,meth,path,code,application,"application/json;version="+version,"*/*","*");
-
- // setup Application API HTML ContentTypes for XML and Route
- application = applicationXML(respCls, version);
- route(env,meth,path,code.clone(facade_1_1_XML,false),application,"text/xml;version="+version);
-
- // Add other Supported APIs here as created
- }
-
- public void routeAll(HttpMethods meth, String path, API api, LocateCode code) throws Exception {
- route(env,meth,path,code,""); // this will always match
- }
-
-
- /* (non-Javadoc)
- * @see org.onap.aaf.auth.server.AbsServer#_newAAFConHttp()
- */
- @Override
- protected AAFConHttp _newAAFConHttp() throws CadiException {
- try {
- if(dal==null) {
- dal = AbsAAFLocator.create(aaf_service_name,Config.AAF_DEFAULT_VERSION);
- }
- // utilize pre-constructed DirectAAFLocator
- return new AAFConHttp(env.access(),dal);
- } catch (LocatorException e) {
- throw new CadiException(e);
- }
- }
-
- public Locator<URI> getGUILocator() throws LocatorException {
- if(gui_locator==null) {
- gui_locator = AbsAAFLocator.create(aaf_gui_name,Config.AAF_DEFAULT_VERSION);
- }
- return gui_locator;
- }
-
-
- @Override
- public Filter[] _filters(Object ... additionalTafLurs) throws CadiException, LocatorException {
- try {
- return new Filter[] {
- new AuthzTransFilter(env, aafCon(),
- new AAFTrustChecker((Env)env)
- ,additionalTafLurs
- )};
- } catch (NumberFormatException e) {
- throw new CadiException("Invalid Property information", e);
- }
- }
-
- @SuppressWarnings("unchecked")
- @Override
- public Registrant<AuthzEnv>[] registrants(final int port) throws CadiException {
- return new Registrant[] {
- new DirectRegistrar(access,locateDAO,app_name,app_version,port)
- };
- }
-
- @Override
- public void destroy() {
- Cache.stopTimer();
- if(cluster!=null) {
- cluster.close();
- }
- super.destroy();
- }
-
- public static void main(final String[] args) {
- try {
- Log4JLogIt logIt = new Log4JLogIt(args, "locate");
- PropAccess propAccess = new PropAccess(logIt,args);
-
- AAF_Locate service = new AAF_Locate(new AuthzEnv(propAccess));
- JettyServiceStarter<AuthzEnv,AuthzTrans> jss = new JettyServiceStarter<AuthzEnv,AuthzTrans>(service);
- jss.start();
- } catch (Exception e) {
- e.printStackTrace();
- }
- }
+ private static final String DOT_LOCATOR = ".locator";
+
+ private static final String USER_PERMS = "userPerms";
+ private LocateFacade_1_1 facade; // this is the default Facade
+ private LocateFacade_1_1 facade_1_1_XML;
+ public Map<String, Dated> cacheUser;
+ public final AAFAuthn<?> aafAuthn;
+ public final AAFLurPerm aafLurPerm;
+ private Locator<URI> gui_locator;
+ public final long expireIn;
+ private final Cluster cluster;
+ public final LocateDAO locateDAO;
+ public final ConfigDAO configDAO;
+ private Locator<URI> dal;
+ private final String aaf_service_name;
+ private final String aaf_gui_name;
+
+
+ /**
+ * Construct AuthzAPI with all the Context Supporting Routes that Authz needs
+ *
+ * @param env
+ * @param si
+ * @param dm
+ * @param decryptor
+ * @throws APIException
+ */
+ public AAF_Locate(final AuthzEnv env) throws Exception {
+ super(env.access(), env);
+ aaf_service_name = app_name.replace(DOT_LOCATOR, ".service");
+ aaf_gui_name = app_name.replace(DOT_LOCATOR, ".gui");
+
+ expireIn = Long.parseLong(env.getProperty(Config.AAF_USER_EXPIRES, Config.AAF_USER_EXPIRES_DEF));
+
+ // Initialize Facade for all uses
+ AuthzTrans trans = env.newTransNoAvg();
+
+ cluster = org.onap.aaf.auth.dao.CassAccess.cluster(env,null);
+ locateDAO = new LocateDAO(trans,cluster,CassAccess.KEYSPACE);
+ configDAO = new ConfigDAO(trans,locateDAO); // same stuff
+
+ // Have AAFLocator object Create DirectLocators for Location needs
+ AbsAAFLocator.setCreator(new DirectLocatorCreator(env, locateDAO));
+
+ aafLurPerm = aafCon().newLur();
+ // Note: If you need both Authn and Authz construct the following:
+ aafAuthn = aafCon().newAuthn(aafLurPerm);
+
+
+ facade = LocateFacadeFactory.v1_1(env,this,trans,Data.TYPE.JSON); // Default Facade
+ facade_1_1_XML = LocateFacadeFactory.v1_1(env,this,trans,Data.TYPE.XML);
+
+ synchronized(env) {
+ if(cacheUser == null) {
+ cacheUser = Cache.obtain(USER_PERMS);
+ Cache.startCleansing(env, USER_PERMS);
+ }
+ }
+
+
+ ////////////////////////////////////////////////////////////////////////////
+ // Time Critical
+ // These will always be evaluated first
+ ////////////////////////////////////////////////////////////////////////
+ API_AAFAccess.init(this,facade);
+ API_Find.init(this, facade);
+ API_Proxy.init(this, facade);
+
+ ////////////////////////////////////////////////////////////////////////
+ // Management APIs
+ ////////////////////////////////////////////////////////////////////////
+ // There are several APIs around each concept, and it gets a bit too
+ // long in this class to create. The initialization of these Management
+ // APIs have therefore been pushed to StandAlone Classes with static
+ // init functions
+ API_Api.init(this, facade);
+
+ ////////////////////////////////////////////////////////////////////////
+ // Default Function
+ ////////////////////////////////////////////////////////////////////////
+ API_AAFAccess.initDefault(this,facade);
+
+ }
+
+
+ /**
+ * Setup XML and JSON implementations for each supported Version type
+ *
+ * We do this by taking the Code passed in and creating clones of these with the appropriate Facades and properties
+ * to do Versions and Content switches
+ *
+ */
+ public void route(HttpMethods meth, String path, API api, LocateCode code) throws Exception {
+ String version = "1.0";
+ // Get Correct API Class from Mapper
+ Class<?> respCls = facade.mapper().getClass(api);
+ if(respCls==null) throw new Exception("Unknown class associated with " + api.getClass().getName() + ' ' + api.name());
+ // setup Application API HTML ContentTypes for JSON and Route
+ String application = applicationJSON(respCls, version);
+ route(env,meth,path,code,application,"application/json;version="+version,"*/*","*");
+
+ // setup Application API HTML ContentTypes for XML and Route
+ application = applicationXML(respCls, version);
+ route(env,meth,path,code.clone(facade_1_1_XML,false),application,"text/xml;version="+version);
+
+ // Add other Supported APIs here as created
+ }
+
+ public void routeAll(HttpMethods meth, String path, API api, LocateCode code) throws Exception {
+ route(env,meth,path,code,""); // this will always match
+ }
+
+
+ /* (non-Javadoc)
+ * @see org.onap.aaf.auth.server.AbsServer#_newAAFConHttp()
+ */
+ @Override
+ protected AAFConHttp _newAAFConHttp() throws CadiException {
+ try {
+ if(dal==null) {
+ dal = AbsAAFLocator.create(aaf_service_name,Config.AAF_DEFAULT_VERSION);
+ }
+ // utilize pre-constructed DirectAAFLocator
+ return new AAFConHttp(env.access(),dal);
+ } catch (LocatorException e) {
+ throw new CadiException(e);
+ }
+ }
+
+ public Locator<URI> getGUILocator() throws LocatorException {
+ if(gui_locator==null) {
+ gui_locator = AbsAAFLocator.create(aaf_gui_name,Config.AAF_DEFAULT_VERSION);
+ }
+ return gui_locator;
+ }
+
+
+ @Override
+ public Filter[] _filters(Object ... additionalTafLurs) throws CadiException, LocatorException {
+ try {
+ return new Filter[] {
+ new AuthzTransFilter(env, aafCon(),
+ new AAFTrustChecker((Env)env)
+ ,additionalTafLurs
+ )};
+ } catch (NumberFormatException e) {
+ throw new CadiException("Invalid Property information", e);
+ }
+ }
+
+ @SuppressWarnings("unchecked")
+ @Override
+ public Registrant<AuthzEnv>[] registrants(final int port) throws CadiException {
+ return new Registrant[] {
+ new DirectRegistrar(access,locateDAO,app_name,app_version,port)
+ };
+ }
+
+ @Override
+ public void destroy() {
+ Cache.stopTimer();
+ if(cluster!=null) {
+ cluster.close();
+ }
+ super.destroy();
+ }
+
+ public static void main(final String[] args) {
+ try {
+ Log4JLogIt logIt = new Log4JLogIt(args, "locate");
+ PropAccess propAccess = new PropAccess(logIt,args);
+
+ AAF_Locate service = new AAF_Locate(new AuthzEnv(propAccess));
+ JettyServiceStarter<AuthzEnv,AuthzTrans> jss = new JettyServiceStarter<AuthzEnv,AuthzTrans>(service);
+ jss.start();
+ } catch (Exception e) {
+ e.printStackTrace();
+ }
+ }
}
diff --git a/auth/auth-locate/src/main/java/org/onap/aaf/auth/locate/BasicAuthCode.java b/auth/auth-locate/src/main/java/org/onap/aaf/auth/locate/BasicAuthCode.java
index ac348f3f..c5239a5a 100644
--- a/auth/auth-locate/src/main/java/org/onap/aaf/auth/locate/BasicAuthCode.java
+++ b/auth/auth-locate/src/main/java/org/onap/aaf/auth/locate/BasicAuthCode.java
@@ -35,43 +35,43 @@ import org.onap.aaf.cadi.principal.BasicPrincipal;
import org.onap.aaf.cadi.principal.X509Principal;
public class BasicAuthCode extends LocateCode {
- private AAFAuthn<?> authn;
+ private AAFAuthn<?> authn;
- public BasicAuthCode(AAFAuthn<?> authn, LocateFacade facade) {
- super(facade, "AAF Basic Auth",true);
- this.authn = authn;
- }
+ public BasicAuthCode(AAFAuthn<?> authn, LocateFacade facade) {
+ super(facade, "AAF Basic Auth",true);
+ this.authn = authn;
+ }
- @Override
- public void handle(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp) throws Exception {
- Principal p = trans.getUserPrincipal();
- if(p == null) {
- trans.error().log("Transaction not Authenticated... no Principal");
- } else if (p instanceof BasicPrincipal) {
- // the idea is that if call is made with this credential, and it's a BasicPrincipal, it's ok
- // otherwise, it wouldn't have gotten here.
- resp.setStatus(HttpStatus.OK_200);
- return;
- } else if (p instanceof X509Principal) {
- // Since X509Principal has priority, BasicAuth Info might be there, but not validated.
- String ba;
- if((ba=req.getHeader("Authorization"))!=null && ba.startsWith("Basic ")) {
- ba = Symm.base64noSplit.decode(ba.substring(6));
- int colon = ba.indexOf(':');
- if(colon>=0) {
- String err;
- if((err=authn.validate(ba.substring(0, colon), ba.substring(colon+1),trans))==null) {
- resp.setStatus(HttpStatus.OK_200);
- } else {
- trans.audit().log(ba.substring(0,colon),": ",err);
- resp.setStatus(HttpStatus.UNAUTHORIZED_401);
- }
- return;
- }
- }
- }
- trans.checkpoint("Basic Auth Check Failed: This wasn't a Basic Auth Trans");
- // For Auth Security questions, we don't give any info to client on why failed
- resp.setStatus(HttpStatus.FORBIDDEN_403);
- }
+ @Override
+ public void handle(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp) throws Exception {
+ Principal p = trans.getUserPrincipal();
+ if(p == null) {
+ trans.error().log("Transaction not Authenticated... no Principal");
+ } else if (p instanceof BasicPrincipal) {
+ // the idea is that if call is made with this credential, and it's a BasicPrincipal, it's ok
+ // otherwise, it wouldn't have gotten here.
+ resp.setStatus(HttpStatus.OK_200);
+ return;
+ } else if (p instanceof X509Principal) {
+ // Since X509Principal has priority, BasicAuth Info might be there, but not validated.
+ String ba;
+ if((ba=req.getHeader("Authorization"))!=null && ba.startsWith("Basic ")) {
+ ba = Symm.base64noSplit.decode(ba.substring(6));
+ int colon = ba.indexOf(':');
+ if(colon>=0) {
+ String err;
+ if((err=authn.validate(ba.substring(0, colon), ba.substring(colon+1),trans))==null) {
+ resp.setStatus(HttpStatus.OK_200);
+ } else {
+ trans.audit().log(ba.substring(0,colon),": ",err);
+ resp.setStatus(HttpStatus.UNAUTHORIZED_401);
+ }
+ return;
+ }
+ }
+ }
+ trans.checkpoint("Basic Auth Check Failed: This wasn't a Basic Auth Trans");
+ // For Auth Security questions, we don't give any info to client on why failed
+ resp.setStatus(HttpStatus.FORBIDDEN_403);
+ }
}
diff --git a/auth/auth-locate/src/main/java/org/onap/aaf/auth/locate/LocateCode.java b/auth/auth-locate/src/main/java/org/onap/aaf/auth/locate/LocateCode.java
index b1aa23cc..214c9d80 100644
--- a/auth/auth-locate/src/main/java/org/onap/aaf/auth/locate/LocateCode.java
+++ b/auth/auth-locate/src/main/java/org/onap/aaf/auth/locate/LocateCode.java
@@ -26,19 +26,19 @@ import org.onap.aaf.auth.locate.facade.LocateFacade;
import org.onap.aaf.auth.rserv.HttpCode;
public abstract class LocateCode extends HttpCode<AuthzTrans, LocateFacade> implements Cloneable {
- public boolean useJSON;
+ public boolean useJSON;
- public LocateCode(LocateFacade facade, String description, boolean useJSON, String ... roles) {
- super(facade, description, roles);
- this.useJSON = useJSON;
- }
-
- public <D extends LocateCode> D clone(LocateFacade facade, boolean useJSON) throws Exception {
- @SuppressWarnings("unchecked")
- D d = (D)clone();
- d.useJSON = useJSON;
- d.context = facade;
- return d;
- }
-
+ public LocateCode(LocateFacade facade, String description, boolean useJSON, String ... roles) {
+ super(facade, description, roles);
+ this.useJSON = useJSON;
+ }
+
+ public <D extends LocateCode> D clone(LocateFacade facade, boolean useJSON) throws Exception {
+ @SuppressWarnings("unchecked")
+ D d = (D)clone();
+ d.useJSON = useJSON;
+ d.context = facade;
+ return d;
+ }
+
} \ No newline at end of file
diff --git a/auth/auth-locate/src/main/java/org/onap/aaf/auth/locate/api/API_AAFAccess.java b/auth/auth-locate/src/main/java/org/onap/aaf/auth/locate/api/API_AAFAccess.java
index 802c1b55..85cee82f 100644
--- a/auth/auth-locate/src/main/java/org/onap/aaf/auth/locate/api/API_AAFAccess.java
+++ b/auth/auth-locate/src/main/java/org/onap/aaf/auth/locate/api/API_AAFAccess.java
@@ -55,237 +55,237 @@ import org.onap.aaf.misc.env.Env;
import org.onap.aaf.misc.env.TimeTaken;
public class API_AAFAccess {
-// private static String service, version, envContext;
+// private static String service, version, envContext;
- private static final String GET_PERMS_BY_USER = "Get Perms by User";
- private static final String USER_HAS_PERM ="User Has Perm";
-// private static final String USER_IN_ROLE ="User Has Role";
-
- /**
- * Normal Init level APIs
- *
- * @param gwAPI
- * @param facade
- * @throws Exception
- */
- public static void init(final AAF_Locate gwAPI, LocateFacade facade) throws Exception {
-
-
- gwAPI.route(HttpMethods.GET,"/authz/perms/user/:user",API.VOID,new LocateCode(facade,GET_PERMS_BY_USER, true) {
- @Override
- public void handle(final AuthzTrans trans, final HttpServletRequest req, final HttpServletResponse resp) throws Exception {
- TimeTaken tt = trans.start(GET_PERMS_BY_USER, Env.SUB);
- try {
- final String accept = req.getHeader("ACCEPT");
- final String user = pathParam(req,":user");
- if(!user.contains("@")) {
- context.error(trans,resp,Result.ERR_BadData,"User [%s] must be fully qualified with domain",user);
- return;
- }
- final String key = trans.user() + user + (accept!=null&&accept.contains("xml")?"-xml":"-json");
- TimeTaken tt2 = trans.start("Cache Lookup",Env.SUB);
- Dated d;
- try {
- d = gwAPI.cacheUser.get(key);
- } finally {
- tt2.done();
- }
-
- if(d==null || d.data.isEmpty()) {
- tt2 = trans.start("AAF Service Call",Env.REMOTE);
- try {
- gwAPI.clientAsUser(trans.getUserPrincipal(), new Retryable<Void>() {
- @Override
- public Void code(Rcli<?> client) throws CadiException, ConnectException, APIException {
- Future<String> fp = client.read("/authz/perms/user/"+user,accept);
- if(fp.get(5000)) {
- gwAPI.cacheUser.put(key, new Dated(new User(fp.code(),fp.body()),gwAPI.expireIn));
- resp.setStatus(HttpStatus.OK_200);
- ServletOutputStream sos;
- try {
- sos = resp.getOutputStream();
- sos.print(fp.value);
- } catch (IOException e) {
- throw new CadiException(e);
- }
- } else {
- gwAPI.cacheUser.put(key, new Dated(new User(fp.code(),fp.body()),gwAPI.expireIn));
- context.error(trans,resp,fp.code(),fp.body());
- }
- return null;
- }
- });
- } finally {
- tt2.done();
- }
- } else {
- User u = (User)d.data.get(0);
- resp.setStatus(u.code);
- ServletOutputStream sos = resp.getOutputStream();
- sos.print(u.resp);
- }
- } finally {
- tt.done();
- }
- }
- });
+ private static final String GET_PERMS_BY_USER = "Get Perms by User";
+ private static final String USER_HAS_PERM ="User Has Perm";
+// private static final String USER_IN_ROLE ="User Has Role";
+
+ /**
+ * Normal Init level APIs
+ *
+ * @param gwAPI
+ * @param facade
+ * @throws Exception
+ */
+ public static void init(final AAF_Locate gwAPI, LocateFacade facade) throws Exception {
+
+
+ gwAPI.route(HttpMethods.GET,"/authz/perms/user/:user",API.VOID,new LocateCode(facade,GET_PERMS_BY_USER, true) {
+ @Override
+ public void handle(final AuthzTrans trans, final HttpServletRequest req, final HttpServletResponse resp) throws Exception {
+ TimeTaken tt = trans.start(GET_PERMS_BY_USER, Env.SUB);
+ try {
+ final String accept = req.getHeader("ACCEPT");
+ final String user = pathParam(req,":user");
+ if(!user.contains("@")) {
+ context.error(trans,resp,Result.ERR_BadData,"User [%s] must be fully qualified with domain",user);
+ return;
+ }
+ final String key = trans.user() + user + (accept!=null&&accept.contains("xml")?"-xml":"-json");
+ TimeTaken tt2 = trans.start("Cache Lookup",Env.SUB);
+ Dated d;
+ try {
+ d = gwAPI.cacheUser.get(key);
+ } finally {
+ tt2.done();
+ }
+
+ if(d==null || d.data.isEmpty()) {
+ tt2 = trans.start("AAF Service Call",Env.REMOTE);
+ try {
+ gwAPI.clientAsUser(trans.getUserPrincipal(), new Retryable<Void>() {
+ @Override
+ public Void code(Rcli<?> client) throws CadiException, ConnectException, APIException {
+ Future<String> fp = client.read("/authz/perms/user/"+user,accept);
+ if(fp.get(5000)) {
+ gwAPI.cacheUser.put(key, new Dated(new User(fp.code(),fp.body()),gwAPI.expireIn));
+ resp.setStatus(HttpStatus.OK_200);
+ ServletOutputStream sos;
+ try {
+ sos = resp.getOutputStream();
+ sos.print(fp.value);
+ } catch (IOException e) {
+ throw new CadiException(e);
+ }
+ } else {
+ gwAPI.cacheUser.put(key, new Dated(new User(fp.code(),fp.body()),gwAPI.expireIn));
+ context.error(trans,resp,fp.code(),fp.body());
+ }
+ return null;
+ }
+ });
+ } finally {
+ tt2.done();
+ }
+ } else {
+ User u = (User)d.data.get(0);
+ resp.setStatus(u.code);
+ ServletOutputStream sos = resp.getOutputStream();
+ sos.print(u.resp);
+ }
+ } finally {
+ tt.done();
+ }
+ }
+ });
- gwAPI.route(gwAPI.env,HttpMethods.GET,"/authn/basicAuth",new BasicAuthCode(gwAPI.aafAuthn,facade)
- ,"text/plain","*/*","*");
+ gwAPI.route(gwAPI.env,HttpMethods.GET,"/authn/basicAuth",new BasicAuthCode(gwAPI.aafAuthn,facade)
+ ,"text/plain","*/*","*");
- /**
- * Query User Has Perm is DEPRECATED
- *
- * Need to move towards NS declaration... is this even being used?
- * @deprecated
- */
- gwAPI.route(HttpMethods.GET,"/ask/:user/has/:type/:instance/:action",API.VOID,new LocateCode(facade,USER_HAS_PERM, true) {
- @Override
- public void handle(final AuthzTrans trans, final HttpServletRequest req, HttpServletResponse resp) throws Exception {
- try {
- String type = pathParam(req,":type");
- int idx = type.lastIndexOf('.');
- String ns = type.substring(0,idx);
- type = type.substring(idx+1);
- resp.getOutputStream().print(
- gwAPI.aafLurPerm.fish(new Principal() {
- public String getName() {
- return pathParam(req,":user");
- };
- }, new AAFPermission(
- ns,
- type,
- pathParam(req,":instance"),
- pathParam(req,":action"))));
- resp.setStatus(HttpStatus.OK_200);
- } catch(Exception e) {
- context.error(trans, resp, Result.ERR_General, e.getMessage());
- }
- }
- });
+ /**
+ * Query User Has Perm is DEPRECATED
+ *
+ * Need to move towards NS declaration... is this even being used?
+ * @deprecated
+ */
+ gwAPI.route(HttpMethods.GET,"/ask/:user/has/:type/:instance/:action",API.VOID,new LocateCode(facade,USER_HAS_PERM, true) {
+ @Override
+ public void handle(final AuthzTrans trans, final HttpServletRequest req, HttpServletResponse resp) throws Exception {
+ try {
+ String type = pathParam(req,":type");
+ int idx = type.lastIndexOf('.');
+ String ns = type.substring(0,idx);
+ type = type.substring(idx+1);
+ resp.getOutputStream().print(
+ gwAPI.aafLurPerm.fish(new Principal() {
+ public String getName() {
+ return pathParam(req,":user");
+ };
+ }, new AAFPermission(
+ ns,
+ type,
+ pathParam(req,":instance"),
+ pathParam(req,":action"))));
+ resp.setStatus(HttpStatus.OK_200);
+ } catch(Exception e) {
+ context.error(trans, resp, Result.ERR_General, e.getMessage());
+ }
+ }
+ });
- gwAPI.route(HttpMethods.GET,"/gui/:path*",API.VOID,new LocateCode(facade,"Short Access PROD GUI for AAF", true) {
- @Override
- public void handle(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp) throws Exception {
- try {
- redirect(trans, req, resp, context,
- gwAPI.getGUILocator(),
- "gui/"+pathParam(req,":path"));
- } catch (LocatorException e) {
- context.error(trans, resp, Result.ERR_BadData, e.getMessage());
- } catch (Exception e) {
- context.error(trans, resp, Result.ERR_General, e.getMessage());
- }
- }
- });
+ gwAPI.route(HttpMethods.GET,"/gui/:path*",API.VOID,new LocateCode(facade,"Short Access PROD GUI for AAF", true) {
+ @Override
+ public void handle(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp) throws Exception {
+ try {
+ redirect(trans, req, resp, context,
+ gwAPI.getGUILocator(),
+ "gui/"+pathParam(req,":path"));
+ } catch (LocatorException e) {
+ context.error(trans, resp, Result.ERR_BadData, e.getMessage());
+ } catch (Exception e) {
+ context.error(trans, resp, Result.ERR_General, e.getMessage());
+ }
+ }
+ });
- gwAPI.route(HttpMethods.GET,"/aaf/:version/:path*",API.VOID,new LocateCode(facade,"Access PROD GUI for AAF", true) {
- @Override
- public void handle(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp) throws Exception {
- try {
- redirect(trans, req, resp, context,
- gwAPI.getGUILocator(),
- pathParam(req,":path"));
- } catch (LocatorException e) {
- context.error(trans, resp, Result.ERR_BadData, e.getMessage());
- } catch (Exception e) {
- context.error(trans, resp, Result.ERR_General, e.getMessage());
- }
- }
- });
- }
-
- public static void initDefault(final AAF_Locate gwAPI, LocateFacade facade) throws Exception {
+ gwAPI.route(HttpMethods.GET,"/aaf/:version/:path*",API.VOID,new LocateCode(facade,"Access PROD GUI for AAF", true) {
+ @Override
+ public void handle(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp) throws Exception {
+ try {
+ redirect(trans, req, resp, context,
+ gwAPI.getGUILocator(),
+ pathParam(req,":path"));
+ } catch (LocatorException e) {
+ context.error(trans, resp, Result.ERR_BadData, e.getMessage());
+ } catch (Exception e) {
+ context.error(trans, resp, Result.ERR_General, e.getMessage());
+ }
+ }
+ });
+ }
+
+ public static void initDefault(final AAF_Locate gwAPI, LocateFacade facade) throws Exception {
- /**
- * "login" url
- */
- gwAPI.route(HttpMethods.GET,"/login",API.VOID,new LocateCode(facade,"Access Login GUI for AAF", true) {
- @Override
- public void handle(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp) throws Exception {
- try {
- redirect(trans, req, resp, context,
- gwAPI.getGUILocator(),
- "login");
- } catch (LocatorException e) {
- context.error(trans, resp, Result.ERR_BadData, e.getMessage());
- } catch (Exception e) {
- context.error(trans, resp, Result.ERR_General, e.getMessage());
- }
- }
- });
+ /**
+ * "login" url
+ */
+ gwAPI.route(HttpMethods.GET,"/login",API.VOID,new LocateCode(facade,"Access Login GUI for AAF", true) {
+ @Override
+ public void handle(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp) throws Exception {
+ try {
+ redirect(trans, req, resp, context,
+ gwAPI.getGUILocator(),
+ "login");
+ } catch (LocatorException e) {
+ context.error(trans, resp, Result.ERR_BadData, e.getMessage());
+ } catch (Exception e) {
+ context.error(trans, resp, Result.ERR_General, e.getMessage());
+ }
+ }
+ });
-
- /**
- * Default URL
- */
- gwAPI.route(HttpMethods.GET,"/",API.VOID,new LocateCode(facade,"Access GUI for AAF", true) {
- @Override
- public void handle(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp) throws Exception {
- try {
- redirect(trans, req, resp, context,
- gwAPI.getGUILocator(),
- "gui/home");
- } catch (Exception e) {
- context.error(trans, resp, Result.ERR_General, e.getMessage());
- }
- }
- });
-
- /**
- * Configuration
- */
- gwAPI.route(HttpMethods.GET,"/configure/:id/:type",API.CONFIG,new LocateCode(facade,"Deliver Configuration Properties to AAF", true) {
- @Override
- public void handle(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp) throws Exception {
- try {
- Result<Void> r = facade.getConfig(trans, req, resp, pathParam(req, ":id"),pathParam(req,":type"));
- switch(r.status) {
- case OK:
- resp.setStatus(HttpStatus.OK_200);
- break;
- default:
- context.error(trans,resp,r);
- }
+
+ /**
+ * Default URL
+ */
+ gwAPI.route(HttpMethods.GET,"/",API.VOID,new LocateCode(facade,"Access GUI for AAF", true) {
+ @Override
+ public void handle(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp) throws Exception {
+ try {
+ redirect(trans, req, resp, context,
+ gwAPI.getGUILocator(),
+ "gui/home");
+ } catch (Exception e) {
+ context.error(trans, resp, Result.ERR_General, e.getMessage());
+ }
+ }
+ });
+
+ /**
+ * Configuration
+ */
+ gwAPI.route(HttpMethods.GET,"/configure/:id/:type",API.CONFIG,new LocateCode(facade,"Deliver Configuration Properties to AAF", true) {
+ @Override
+ public void handle(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp) throws Exception {
+ try {
+ Result<Void> r = facade.getConfig(trans, req, resp, pathParam(req, ":id"),pathParam(req,":type"));
+ switch(r.status) {
+ case OK:
+ resp.setStatus(HttpStatus.OK_200);
+ break;
+ default:
+ context.error(trans,resp,r);
+ }
- } catch (Exception e) {
- context.error(trans, resp, Result.ERR_General, e.getMessage());
- }
- }
- });
- }
+ } catch (Exception e) {
+ context.error(trans, resp, Result.ERR_General, e.getMessage());
+ }
+ }
+ });
+ }
- private static void redirect(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp, LocateFacade context, Locator<URI> loc, String path) throws IOException {
- try {
- if(loc.hasItems()) {
- Item item = loc.best();
- URI uri = loc.get(item);
- StringBuilder redirectURL = new StringBuilder(uri.toString());
- redirectURL.append('/');
- redirectURL.append(path);
- String str = req.getQueryString();
- if(str!=null) {
- redirectURL.append('?');
- redirectURL.append(str);
- }
- trans.info().log("Redirect to",redirectURL);
- resp.sendRedirect(redirectURL.toString());
- } else {
- context.error(trans, resp, Result.err(Result.ERR_NotFound,"No Locations found for redirection"));
- }
- } catch (LocatorException e) {
- context.error(trans, resp, Result.err(Result.ERR_NotFound,"No Endpoints found for %s",req.getPathInfo()));
- }
- }
+ private static void redirect(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp, LocateFacade context, Locator<URI> loc, String path) throws IOException {
+ try {
+ if(loc.hasItems()) {
+ Item item = loc.best();
+ URI uri = loc.get(item);
+ StringBuilder redirectURL = new StringBuilder(uri.toString());
+ redirectURL.append('/');
+ redirectURL.append(path);
+ String str = req.getQueryString();
+ if(str!=null) {
+ redirectURL.append('?');
+ redirectURL.append(str);
+ }
+ trans.info().log("Redirect to",redirectURL);
+ resp.sendRedirect(redirectURL.toString());
+ } else {
+ context.error(trans, resp, Result.err(Result.ERR_NotFound,"No Locations found for redirection"));
+ }
+ } catch (LocatorException e) {
+ context.error(trans, resp, Result.err(Result.ERR_NotFound,"No Endpoints found for %s",req.getPathInfo()));
+ }
+ }
- private static class User {
- public final int code;
- public final String resp;
-
- public User(int code, String resp) {
- this.code = code;
- this.resp = resp;
- }
- }
+ private static class User {
+ public final int code;
+ public final String resp;
+
+ public User(int code, String resp) {
+ this.code = code;
+ this.resp = resp;
+ }
+ }
}
diff --git a/auth/auth-locate/src/main/java/org/onap/aaf/auth/locate/api/API_Api.java b/auth/auth-locate/src/main/java/org/onap/aaf/auth/locate/api/API_Api.java
index 8e3fab56..1e60e796 100644
--- a/auth/auth-locate/src/main/java/org/onap/aaf/auth/locate/api/API_Api.java
+++ b/auth/auth-locate/src/main/java/org/onap/aaf/auth/locate/api/API_Api.java
@@ -42,56 +42,56 @@ import org.onap.aaf.cadi.Symm;
*
*/
public class API_Api {
- /**
- * Normal Init level APIs
- *
- * @param gwAPI
- * @param facade
- * @throws Exception
- */
- public static void init(final AAF_Locate gwAPI, LocateFacade facade) throws Exception {
- ////////
- // Overall APIs
- ///////
- gwAPI.route(HttpMethods.GET,"/api",API.VOID,new LocateCode(facade,"Document API", true) {
- @Override
- public void handle(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp) throws Exception {
- Result<Void> r = context.getAPI(trans,resp,gwAPI);
- switch(r.status) {
- case OK:
- resp.setStatus(HttpStatus.OK_200);
- break;
- default:
- context.error(trans,resp,r);
- }
+ /**
+ * Normal Init level APIs
+ *
+ * @param gwAPI
+ * @param facade
+ * @throws Exception
+ */
+ public static void init(final AAF_Locate gwAPI, LocateFacade facade) throws Exception {
+ ////////
+ // Overall APIs
+ ///////
+ gwAPI.route(HttpMethods.GET,"/api",API.VOID,new LocateCode(facade,"Document API", true) {
+ @Override
+ public void handle(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp) throws Exception {
+ Result<Void> r = context.getAPI(trans,resp,gwAPI);
+ switch(r.status) {
+ case OK:
+ resp.setStatus(HttpStatus.OK_200);
+ break;
+ default:
+ context.error(trans,resp,r);
+ }
- }
- });
+ }
+ });
- ////////
- // Overall Examples
- ///////
- gwAPI.route(HttpMethods.GET,"/api/example/*",API.VOID,new LocateCode(facade,"Document API", true) {
- @Override
- public void handle(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp) throws Exception {
- String pathInfo = req.getPathInfo();
- int question = pathInfo.lastIndexOf('?');
-
- pathInfo = pathInfo.substring(13, question<0?pathInfo.length():question);// IMPORTANT, this is size of "/api/example/"
- String nameOrContextType=Symm.base64noSplit.decode(pathInfo);
-// String param = req.getParameter("optional");
- Result<Void> r = context.getAPIExample(trans,resp,nameOrContextType,
- question>=0 && "optional=true".equalsIgnoreCase(req.getPathInfo().substring(question+1))
- );
- switch(r.status) {
- case OK:
- resp.setStatus(HttpStatus.OK_200);
- break;
- default:
- context.error(trans,resp,r);
- }
- }
- });
+ ////////
+ // Overall Examples
+ ///////
+ gwAPI.route(HttpMethods.GET,"/api/example/*",API.VOID,new LocateCode(facade,"Document API", true) {
+ @Override
+ public void handle(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp) throws Exception {
+ String pathInfo = req.getPathInfo();
+ int question = pathInfo.lastIndexOf('?');
+
+ pathInfo = pathInfo.substring(13, question<0?pathInfo.length():question);// IMPORTANT, this is size of "/api/example/"
+ String nameOrContextType=Symm.base64noSplit.decode(pathInfo);
+// String param = req.getParameter("optional");
+ Result<Void> r = context.getAPIExample(trans,resp,nameOrContextType,
+ question>=0 && "optional=true".equalsIgnoreCase(req.getPathInfo().substring(question+1))
+ );
+ switch(r.status) {
+ case OK:
+ resp.setStatus(HttpStatus.OK_200);
+ break;
+ default:
+ context.error(trans,resp,r);
+ }
+ }
+ });
- }
+ }
}
diff --git a/auth/auth-locate/src/main/java/org/onap/aaf/auth/locate/api/API_Find.java b/auth/auth-locate/src/main/java/org/onap/aaf/auth/locate/api/API_Find.java
index 27bd8c3a..7ff1fceb 100644
--- a/auth/auth-locate/src/main/java/org/onap/aaf/auth/locate/api/API_Find.java
+++ b/auth/auth-locate/src/main/java/org/onap/aaf/auth/locate/api/API_Find.java
@@ -44,89 +44,89 @@ import org.onap.aaf.misc.env.util.Split;
*
*/
public class API_Find {
- /**
- * Normal Init level APIs
- *
- * @param gwAPI
- * @param facade
- * @throws Exception
- */
- public static void init(final AAF_Locate gwAPI, LocateFacade facade) throws Exception {
- ////////
- // Overall APIs
- ///////
-
- final LocateCode locationInfo = new LocateCode(facade,"Location Information", true) {
- @Override
- public void handle(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp) throws Exception {
- String service = pathParam(req, ":service");
- String version = pathParam(req, ":version");
- String other = pathParam(req, ":other");
- if(service.indexOf(':')>=0) {
- String split[] = Split.split(':', service);
- switch(split.length) {
- case 3:
- other=split[2];
- case 2:
- version = split[1];
- service = split[0];
- }
- }
- service=Define.varReplace(service);
- Result<Void> r = context.getEndpoints(trans,resp,
- req.getPathInfo(), // use as Key
- service,version,other
- );
- switch(r.status) {
- case OK:
- resp.setStatus(HttpStatus.OK_200);
- break;
- default:
- context.error(trans,resp,r);
- }
- }
- };
+ /**
+ * Normal Init level APIs
+ *
+ * @param gwAPI
+ * @param facade
+ * @throws Exception
+ */
+ public static void init(final AAF_Locate gwAPI, LocateFacade facade) throws Exception {
+ ////////
+ // Overall APIs
+ ///////
+
+ final LocateCode locationInfo = new LocateCode(facade,"Location Information", true) {
+ @Override
+ public void handle(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp) throws Exception {
+ String service = pathParam(req, ":service");
+ String version = pathParam(req, ":version");
+ String other = pathParam(req, ":other");
+ if(service.indexOf(':')>=0) {
+ String split[] = Split.split(':', service);
+ switch(split.length) {
+ case 3:
+ other=split[2];
+ case 2:
+ version = split[1];
+ service = split[0];
+ }
+ }
+ service=Define.varReplace(service);
+ Result<Void> r = context.getEndpoints(trans,resp,
+ req.getPathInfo(), // use as Key
+ service,version,other
+ );
+ switch(r.status) {
+ case OK:
+ resp.setStatus(HttpStatus.OK_200);
+ break;
+ default:
+ context.error(trans,resp,r);
+ }
+ }
+ };
- gwAPI.route(HttpMethods.GET,"/locate/:service/:version",API.ENDPOINTS,locationInfo);
- gwAPI.route(HttpMethods.GET,"/locate/:service/:version/:other",API.ENDPOINTS,locationInfo);
- gwAPI.route(HttpMethods.GET,"/locate/:service",API.ENDPOINTS,locationInfo);
-
-
- gwAPI.route(HttpMethods.GET,"/download/agent", API.VOID, new LocateCode(facade,"Redirect to latest Agent",false) {
- @Override
- public void handle(AuthzTrans arg0, HttpServletRequest arg1, HttpServletResponse arg2) throws Exception {
- }
- });
+ gwAPI.route(HttpMethods.GET,"/locate/:service/:version",API.ENDPOINTS,locationInfo);
+ gwAPI.route(HttpMethods.GET,"/locate/:service/:version/:other",API.ENDPOINTS,locationInfo);
+ gwAPI.route(HttpMethods.GET,"/locate/:service",API.ENDPOINTS,locationInfo);
+
+
+ gwAPI.route(HttpMethods.GET,"/download/agent", API.VOID, new LocateCode(facade,"Redirect to latest Agent",false) {
+ @Override
+ public void handle(AuthzTrans arg0, HttpServletRequest arg1, HttpServletResponse arg2) throws Exception {
+ }
+ });
- gwAPI.route(HttpMethods.PUT,"/registration",API.MGMT_ENDPOINTS,new LocateCode(facade,"Put Location Information", true) {
- @Override
- public void handle(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp) throws Exception {
- Result<Void> r = context.putMgmtEndpoints(trans,req,resp);
- switch(r.status) {
- case OK:
- resp.setStatus(HttpStatus.OK_200);
- break;
- default:
- context.error(trans,resp,r);
- }
+ gwAPI.route(HttpMethods.PUT,"/registration",API.MGMT_ENDPOINTS,new LocateCode(facade,"Put Location Information", true) {
+ @Override
+ public void handle(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp) throws Exception {
+ Result<Void> r = context.putMgmtEndpoints(trans,req,resp);
+ switch(r.status) {
+ case OK:
+ resp.setStatus(HttpStatus.OK_200);
+ break;
+ default:
+ context.error(trans,resp,r);
+ }
- }
- });
+ }
+ });
- gwAPI.route(HttpMethods.DELETE,"/registration",API.MGMT_ENDPOINTS,new LocateCode(facade,"Remove Location Information", true) {
- @Override
- public void handle(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp) throws Exception {
- Result<Void> r = context.removeMgmtEndpoints(trans,req,resp);
- switch(r.status) {
- case OK:
- resp.setStatus(HttpStatus.OK_200);
- break;
- default:
- context.error(trans,resp,r);
- }
+ gwAPI.route(HttpMethods.DELETE,"/registration",API.MGMT_ENDPOINTS,new LocateCode(facade,"Remove Location Information", true) {
+ @Override
+ public void handle(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp) throws Exception {
+ Result<Void> r = context.removeMgmtEndpoints(trans,req,resp);
+ switch(r.status) {
+ case OK:
+ resp.setStatus(HttpStatus.OK_200);
+ break;
+ default:
+ context.error(trans,resp,r);
+ }
- }
- });
+ }
+ });
- }
+ }
}
diff --git a/auth/auth-locate/src/main/java/org/onap/aaf/auth/locate/api/API_Proxy.java b/auth/auth-locate/src/main/java/org/onap/aaf/auth/locate/api/API_Proxy.java
index d2e4583c..8bdf479f 100644
--- a/auth/auth-locate/src/main/java/org/onap/aaf/auth/locate/api/API_Proxy.java
+++ b/auth/auth-locate/src/main/java/org/onap/aaf/auth/locate/api/API_Proxy.java
@@ -52,112 +52,112 @@ import org.onap.aaf.misc.env.TimeTaken;
*/
public class API_Proxy {
- /**
- * Normal Init level APIs
- *
- * @param gwAPI
- * @param facade
- * @throws Exception
- */
- public static void init(final AAF_Locate gwAPI, LocateFacade facade) throws Exception {
-
- String aafurl = gwAPI.access.getProperty(Config.AAF_URL,null);
- if(aafurl==null) {
- } else {
- ////////
- // Transferring APIs
- // But DO NOT transfer BasicAuth case... wastes resources.
- ///////
- final BasicAuthCode bac = new BasicAuthCode(gwAPI.aafAuthn,facade);
-
- gwAPI.routeAll(HttpMethods.GET,"/proxy/:path*",API.VOID,new LocateCode(facade,"Proxy GET", true) {
- @Override
- public void handle(final AuthzTrans trans, final HttpServletRequest req, final HttpServletResponse resp) throws Exception {
- if("/proxy/authn/basicAuth".equals(req.getPathInfo()) && !(req.getUserPrincipal() instanceof OAuth2Principal)) {
- bac.handle(trans, req, resp);
- } else {
- TimeTaken tt = trans.start("Forward to AAF Service", Env.REMOTE);
- try {
- gwAPI.clientAsUser(trans.getUserPrincipal(), new Retryable<Void>() {
- @Override
- public Void code(Rcli<?> client) throws CadiException, ConnectException, APIException {
- Future<Void> ft = client.transfer(req,resp,pathParam(req, ":path"),HttpStatus.OK_200);
- ft.get(10000); // Covers return codes and err messages
- return null;
- }
- });
-
- } catch (CadiException | APIException e) {
- trans.error().log(e);
- } finally {
- tt.done();
- }
- }
- }
- });
-
- gwAPI.routeAll(HttpMethods.POST,"/proxy/:path*",API.VOID,new LocateCode(facade,"Proxy POST", true) {
- @Override
- public void handle(final AuthzTrans trans, final HttpServletRequest req, final HttpServletResponse resp) throws Exception {
- TimeTaken tt = trans.start("Forward to AAF Service", Env.REMOTE);
- try {
- gwAPI.clientAsUser(trans.getUserPrincipal(), new Retryable<Void>() {
- @Override
- public Void code(Rcli<?> client) throws CadiException, ConnectException, APIException {
- Future<Void> ft = client.transfer(req,resp,pathParam(req, ":path"),HttpStatus.CREATED_201);
- ft.get(10000); // Covers return codes and err messages
- return null;
- }
- });
- } catch (CadiException | APIException e) {
- trans.error().log(e);
- } finally {
- tt.done();
- }
- }
- });
-
- gwAPI.routeAll(HttpMethods.PUT,"/proxy/:path*",API.VOID,new LocateCode(facade,"Proxy PUT", true) {
- @Override
- public void handle(final AuthzTrans trans, final HttpServletRequest req, final HttpServletResponse resp) throws Exception {
- TimeTaken tt = trans.start("Forward to AAF Service", Env.REMOTE);
- try {
- gwAPI.clientAsUser(trans.getUserPrincipal(), new Retryable<Void>() {
- @Override
- public Void code(Rcli<?> client) throws CadiException, ConnectException, APIException {
- Future<Void> ft = client.transfer(req,resp,pathParam(req, ":path"),HttpStatus.OK_200);
- ft.get(10000); // Covers return codes and err messages
- return null;
- }
- });
- } catch (CadiException | APIException e) {
- trans.error().log(e);
- } finally {
- tt.done();
- }
- }
- });
-
- gwAPI.routeAll(HttpMethods.DELETE,"/proxy/:path*",API.VOID,new LocateCode(facade,"Proxy DELETE", true) {
- @Override
- public void handle(final AuthzTrans trans, final HttpServletRequest req, final HttpServletResponse resp) throws Exception {
- TimeTaken tt = trans.start("Forward to AAF Service", Env.REMOTE);
- try {
- gwAPI.clientAsUser(trans.getUserPrincipal(), new Retryable<Void>() {
- @Override
- public Void code(Rcli<?> client) throws CadiException, ConnectException, APIException {
- Future<Void> ft = client.transfer(req,resp,pathParam(req, ":path"),HttpStatus.OK_200);
- ft.get(10000); // Covers return codes and err messages
- return null;
- }
- });
- } catch (CadiException | APIException e) {
- trans.error().log(e);
- } finally {
- tt.done();
- }
- }
- });
- }
- }
+ /**
+ * Normal Init level APIs
+ *
+ * @param gwAPI
+ * @param facade
+ * @throws Exception
+ */
+ public static void init(final AAF_Locate gwAPI, LocateFacade facade) throws Exception {
+
+ String aafurl = gwAPI.access.getProperty(Config.AAF_URL,null);
+ if(aafurl==null) {
+ } else {
+ ////////
+ // Transferring APIs
+ // But DO NOT transfer BasicAuth case... wastes resources.
+ ///////
+ final BasicAuthCode bac = new BasicAuthCode(gwAPI.aafAuthn,facade);
+
+ gwAPI.routeAll(HttpMethods.GET,"/proxy/:path*",API.VOID,new LocateCode(facade,"Proxy GET", true) {
+ @Override
+ public void handle(final AuthzTrans trans, final HttpServletRequest req, final HttpServletResponse resp) throws Exception {
+ if("/proxy/authn/basicAuth".equals(req.getPathInfo()) && !(req.getUserPrincipal() instanceof OAuth2Principal)) {
+ bac.handle(trans, req, resp);
+ } else {
+ TimeTaken tt = trans.start("Forward to AAF Service", Env.REMOTE);
+ try {
+ gwAPI.clientAsUser(trans.getUserPrincipal(), new Retryable<Void>() {
+ @Override
+ public Void code(Rcli<?> client) throws CadiException, ConnectException, APIException {
+ Future<Void> ft = client.transfer(req,resp,pathParam(req, ":path"),HttpStatus.OK_200);
+ ft.get(10000); // Covers return codes and err messages
+ return null;
+ }
+ });
+
+ } catch (CadiException | APIException e) {
+ trans.error().log(e);
+ } finally {
+ tt.done();
+ }
+ }
+ }
+ });
+
+ gwAPI.routeAll(HttpMethods.POST,"/proxy/:path*",API.VOID,new LocateCode(facade,"Proxy POST", true) {
+ @Override
+ public void handle(final AuthzTrans trans, final HttpServletRequest req, final HttpServletResponse resp) throws Exception {
+ TimeTaken tt = trans.start("Forward to AAF Service", Env.REMOTE);
+ try {
+ gwAPI.clientAsUser(trans.getUserPrincipal(), new Retryable<Void>() {
+ @Override
+ public Void code(Rcli<?> client) throws CadiException, ConnectException, APIException {
+ Future<Void> ft = client.transfer(req,resp,pathParam(req, ":path"),HttpStatus.CREATED_201);
+ ft.get(10000); // Covers return codes and err messages
+ return null;
+ }
+ });
+ } catch (CadiException | APIException e) {
+ trans.error().log(e);
+ } finally {
+ tt.done();
+ }
+ }
+ });
+
+ gwAPI.routeAll(HttpMethods.PUT,"/proxy/:path*",API.VOID,new LocateCode(facade,"Proxy PUT", true) {
+ @Override
+ public void handle(final AuthzTrans trans, final HttpServletRequest req, final HttpServletResponse resp) throws Exception {
+ TimeTaken tt = trans.start("Forward to AAF Service", Env.REMOTE);
+ try {
+ gwAPI.clientAsUser(trans.getUserPrincipal(), new Retryable<Void>() {
+ @Override
+ public Void code(Rcli<?> client) throws CadiException, ConnectException, APIException {
+ Future<Void> ft = client.transfer(req,resp,pathParam(req, ":path"),HttpStatus.OK_200);
+ ft.get(10000); // Covers return codes and err messages
+ return null;
+ }
+ });
+ } catch (CadiException | APIException e) {
+ trans.error().log(e);
+ } finally {
+ tt.done();
+ }
+ }
+ });
+
+ gwAPI.routeAll(HttpMethods.DELETE,"/proxy/:path*",API.VOID,new LocateCode(facade,"Proxy DELETE", true) {
+ @Override
+ public void handle(final AuthzTrans trans, final HttpServletRequest req, final HttpServletResponse resp) throws Exception {
+ TimeTaken tt = trans.start("Forward to AAF Service", Env.REMOTE);
+ try {
+ gwAPI.clientAsUser(trans.getUserPrincipal(), new Retryable<Void>() {
+ @Override
+ public Void code(Rcli<?> client) throws CadiException, ConnectException, APIException {
+ Future<Void> ft = client.transfer(req,resp,pathParam(req, ":path"),HttpStatus.OK_200);
+ ft.get(10000); // Covers return codes and err messages
+ return null;
+ }
+ });
+ } catch (CadiException | APIException e) {
+ trans.error().log(e);
+ } finally {
+ tt.done();
+ }
+ }
+ });
+ }
+ }
}
diff --git a/auth/auth-locate/src/main/java/org/onap/aaf/auth/locate/facade/LocateFacade.java b/auth/auth-locate/src/main/java/org/onap/aaf/auth/locate/facade/LocateFacade.java
index 8fb719fe..4a2afa58 100644
--- a/auth/auth-locate/src/main/java/org/onap/aaf/auth/locate/facade/LocateFacade.java
+++ b/auth/auth-locate/src/main/java/org/onap/aaf/auth/locate/facade/LocateFacade.java
@@ -37,79 +37,79 @@ import org.onap.aaf.auth.rserv.RServlet;
public interface LocateFacade {
///////////////////// STANDARD ELEMENTS //////////////////
- /**
- * @param trans
- * @param response
- * @param result
- */
- void error(AuthzTrans trans, HttpServletResponse response, Result<?> result);
+ /**
+ * @param trans
+ * @param response
+ * @param result
+ */
+ void error(AuthzTrans trans, HttpServletResponse response, Result<?> result);
- /**
- *
- * @param trans
- * @param response
- * @param status
- */
- void error(AuthzTrans trans, HttpServletResponse response, int status, String msg, String ... detail);
+ /**
+ *
+ * @param trans
+ * @param response
+ * @param status
+ */
+ void error(AuthzTrans trans, HttpServletResponse response, int status, String msg, String ... detail);
- /**
- *
- * @param trans
- * @param resp
- * @param rservlet
- * @return
- */
- public Result<Void> getAPI(AuthzTrans trans, HttpServletResponse resp, RServlet<AuthzTrans> rservlet);
+ /**
+ *
+ * @param trans
+ * @param resp
+ * @param rservlet
+ * @return
+ */
+ public Result<Void> getAPI(AuthzTrans trans, HttpServletResponse resp, RServlet<AuthzTrans> rservlet);
- /**
- *
- * @param trans
- * @param resp
- * @param typeCode
- * @param optional
- * @return
- */
- public abstract Result<Void> getAPIExample(AuthzTrans trans, HttpServletResponse resp, String typeCode, boolean optional);
+ /**
+ *
+ * @param trans
+ * @param resp
+ * @param typeCode
+ * @param optional
+ * @return
+ */
+ public abstract Result<Void> getAPIExample(AuthzTrans trans, HttpServletResponse resp, String typeCode, boolean optional);
- /**
- *
- * @param trans
- * @param resp
- * @param service
- * @param version
- * @param other
- * @param string
- * @return
- */
- public abstract Result<Void> getEndpoints(AuthzTrans trans, HttpServletResponse resp, String key,
- String service, String version, String other);
+ /**
+ *
+ * @param trans
+ * @param resp
+ * @param service
+ * @param version
+ * @param other
+ * @param string
+ * @return
+ */
+ public abstract Result<Void> getEndpoints(AuthzTrans trans, HttpServletResponse resp, String key,
+ String service, String version, String other);
- /**
- *
- * @param trans
- * @param req
- * @param resp
- * @return
- */
- public abstract Result<Void> putMgmtEndpoints(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp);
+ /**
+ *
+ * @param trans
+ * @param req
+ * @param resp
+ * @return
+ */
+ public abstract Result<Void> putMgmtEndpoints(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp);
- /**
- *
- * @param trans
- * @param req
- * @param resp
- * @return
- */
- public abstract Result<Void> removeMgmtEndpoints(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp);
+ /**
+ *
+ * @param trans
+ * @param req
+ * @param resp
+ * @return
+ */
+ public abstract Result<Void> removeMgmtEndpoints(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp);
- /**
- *
- * @param trans
- * @param req
- * @param resp
- * @return
- */
- public Result<Void> getConfig(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp, String id, String type);
+ /**
+ *
+ * @param trans
+ * @param req
+ * @param resp
+ * @return
+ */
+ public Result<Void> getConfig(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp, String id, String type);
} \ No newline at end of file
diff --git a/auth/auth-locate/src/main/java/org/onap/aaf/auth/locate/facade/LocateFacadeFactory.java b/auth/auth-locate/src/main/java/org/onap/aaf/auth/locate/facade/LocateFacadeFactory.java
index 84fc20a5..0bb9fbdb 100644
--- a/auth/auth-locate/src/main/java/org/onap/aaf/auth/locate/facade/LocateFacadeFactory.java
+++ b/auth/auth-locate/src/main/java/org/onap/aaf/auth/locate/facade/LocateFacadeFactory.java
@@ -36,14 +36,14 @@ import locate_local.v1_0.Error;;
public class LocateFacadeFactory {
- public static LocateFacade_1_1 v1_1(AuthzEnv env, AAF_Locate locate, AuthzTrans trans, Data.TYPE type) throws APIException {
- return new LocateFacade_1_1(
- env,
- new LocateServiceImpl<
- InRequest,
- Out,
- Error>(trans,locate,new Mapper_1_1()),
- type);
- }
+ public static LocateFacade_1_1 v1_1(AuthzEnv env, AAF_Locate locate, AuthzTrans trans, Data.TYPE type) throws APIException {
+ return new LocateFacade_1_1(
+ env,
+ new LocateServiceImpl<
+ InRequest,
+ Out,
+ Error>(trans,locate,new Mapper_1_1()),
+ type);
+ }
}
diff --git a/auth/auth-locate/src/main/java/org/onap/aaf/auth/locate/facade/LocateFacadeImpl.java b/auth/auth-locate/src/main/java/org/onap/aaf/auth/locate/facade/LocateFacadeImpl.java
index f655657b..f41fcd91 100644
--- a/auth/auth-locate/src/main/java/org/onap/aaf/auth/locate/facade/LocateFacadeImpl.java
+++ b/auth/auth-locate/src/main/java/org/onap/aaf/auth/locate/facade/LocateFacadeImpl.java
@@ -73,7 +73,7 @@ import locate_local.v1_0.Api;
* 1) Interact with the Service Implementation (which might be supported by various kinds of Backend Storage)
* 2) Validate incoming data (if applicable)
* 3) Convert the Service response into the right Format, and mark the Content Type
- * a) In the future, we may support multiple Response Formats, aka JSON or XML, based on User Request.
+ * a) In the future, we may support multiple Response Formats, aka JSON or XML, based on User Request.
* 4) Log Service info, warnings and exceptions as necessary
* 5) When asked by the API layer, this will create and write Error content to the OutputStream
*
@@ -84,336 +84,336 @@ import locate_local.v1_0.Api;
*
*/
public abstract class LocateFacadeImpl<IN,OUT,ENDPOINTS,MGMT_ENDPOINTS,CONFIGURATION,ERROR> extends FacadeImpl implements LocateFacade
- {
- private LocateService<IN,OUT,ENDPOINTS,MGMT_ENDPOINTS,CONFIGURATION,ERROR> service;
+ {
+ private LocateService<IN,OUT,ENDPOINTS,MGMT_ENDPOINTS,CONFIGURATION,ERROR> service;
- private final RosettaDF<ERROR> errDF;
- private final RosettaDF<Api> apiDF;
- private final RosettaDF<ENDPOINTS> epDF;
- private final RosettaDF<MGMT_ENDPOINTS> mepDF;
- private final RosettaDF<CONFIGURATION> confDF;
+ private final RosettaDF<ERROR> errDF;
+ private final RosettaDF<Api> apiDF;
+ private final RosettaDF<ENDPOINTS> epDF;
+ private final RosettaDF<MGMT_ENDPOINTS> mepDF;
+ private final RosettaDF<CONFIGURATION> confDF;
- private static long cacheClear = 0L, emptyCheck=0L;
- private final static Map<String,String> epsCache = new HashMap<>(); // protected manually, in getEndpoints
+ private static long cacheClear = 0L, emptyCheck=0L;
+ private final static Map<String,String> epsCache = new HashMap<>(); // protected manually, in getEndpoints
- public LocateFacadeImpl(AuthzEnv env, LocateService<IN,OUT,ENDPOINTS,MGMT_ENDPOINTS,CONFIGURATION,ERROR> service, Data.TYPE dataType) throws APIException {
- this.service = service;
- (errDF = env.newDataFactory(mapper().getClass(API.ERROR))).in(dataType).out(dataType);
- (apiDF = env.newDataFactory(Api.class)).in(dataType).out(dataType);
- (epDF = env.newDataFactory(mapper().getClass(API.ENDPOINTS))).in(dataType).out(dataType);
- (mepDF = env.newDataFactory(mapper().getClass(API.MGMT_ENDPOINTS))).in(dataType).out(dataType);
- (confDF = env.newDataFactory(mapper().getClass(API.CONFIG))).in(dataType).out(dataType);
- }
-
- public Mapper<IN,OUT,ENDPOINTS,MGMT_ENDPOINTS,CONFIGURATION,ERROR> mapper() {
- return service.mapper();
- }
-
- /* (non-Javadoc)
- * @see com.att.authz.facade.AuthzFacade#error(org.onap.aaf.auth.env.test.AuthzTrans, javax.servlet.http.HttpServletResponse, int)
- *
- * Note: Conforms to AT&T TSS RESTful Error Structure
- */
- @Override
- public void error(AuthzTrans trans, HttpServletResponse response, Result<?> result) {
- String msg = result.details==null?"":result.details.trim();
- String[] detail;
- if(result.variables==null) {
- detail = new String[1];
- } else {
- int l = result.variables.length;
- detail=new String[l+1];
- System.arraycopy(result.variables, 0, detail, 1, l);
- }
- error(trans, response, result.status,msg,detail);
- }
-
- @Override
- public void error(AuthzTrans trans, HttpServletResponse response, int status, String msg, String ... _detail) {
- String[] detail = _detail;
- if(detail.length==0) {
- detail=new String[1];
- }
- boolean hidemsg = false;
- String msgId;
- switch(status) {
- case 202:
- case ERR_ActionNotCompleted:
- msgId = "SVC1202";
- detail[0] = "Accepted, Action not complete";
- response.setStatus(/*httpstatus=*/202);
- break;
+ public LocateFacadeImpl(AuthzEnv env, LocateService<IN,OUT,ENDPOINTS,MGMT_ENDPOINTS,CONFIGURATION,ERROR> service, Data.TYPE dataType) throws APIException {
+ this.service = service;
+ (errDF = env.newDataFactory(mapper().getClass(API.ERROR))).in(dataType).out(dataType);
+ (apiDF = env.newDataFactory(Api.class)).in(dataType).out(dataType);
+ (epDF = env.newDataFactory(mapper().getClass(API.ENDPOINTS))).in(dataType).out(dataType);
+ (mepDF = env.newDataFactory(mapper().getClass(API.MGMT_ENDPOINTS))).in(dataType).out(dataType);
+ (confDF = env.newDataFactory(mapper().getClass(API.CONFIG))).in(dataType).out(dataType);
+ }
+
+ public Mapper<IN,OUT,ENDPOINTS,MGMT_ENDPOINTS,CONFIGURATION,ERROR> mapper() {
+ return service.mapper();
+ }
+
+ /* (non-Javadoc)
+ * @see com.att.authz.facade.AuthzFacade#error(org.onap.aaf.auth.env.test.AuthzTrans, javax.servlet.http.HttpServletResponse, int)
+ *
+ * Note: Conforms to AT&T TSS RESTful Error Structure
+ */
+ @Override
+ public void error(AuthzTrans trans, HttpServletResponse response, Result<?> result) {
+ String msg = result.details==null?"":result.details.trim();
+ String[] detail;
+ if(result.variables==null) {
+ detail = new String[1];
+ } else {
+ int l = result.variables.length;
+ detail=new String[l+1];
+ System.arraycopy(result.variables, 0, detail, 1, l);
+ }
+ error(trans, response, result.status,msg,detail);
+ }
+
+ @Override
+ public void error(AuthzTrans trans, HttpServletResponse response, int status, String msg, String ... _detail) {
+ String[] detail = _detail;
+ if(detail.length==0) {
+ detail=new String[1];
+ }
+ boolean hidemsg = false;
+ String msgId;
+ switch(status) {
+ case 202:
+ case ERR_ActionNotCompleted:
+ msgId = "SVC1202";
+ detail[0] = "Accepted, Action not complete";
+ response.setStatus(/*httpstatus=*/202);
+ break;
- case 403:
- case ERR_Policy:
- case ERR_Security:
- case ERR_Denied:
- msgId = "SVC1403";
- detail[0] = "Forbidden";
- response.setStatus(/*httpstatus=*/403);
- break;
-
- case 404:
- case ERR_NotFound:
- msgId = "SVC1404";
- detail[0] = "Not Found";
- response.setStatus(/*httpstatus=*/404);
- break;
+ case 403:
+ case ERR_Policy:
+ case ERR_Security:
+ case ERR_Denied:
+ msgId = "SVC1403";
+ detail[0] = "Forbidden";
+ response.setStatus(/*httpstatus=*/403);
+ break;
+
+ case 404:
+ case ERR_NotFound:
+ msgId = "SVC1404";
+ detail[0] = "Not Found";
+ response.setStatus(/*httpstatus=*/404);
+ break;
- case 406:
- case ERR_BadData:
- msgId="SVC1406";
- detail[0] = "Not Acceptable";
- response.setStatus(/*httpstatus=*/406);
- break;
-
- case 409:
- case ERR_ConflictAlreadyExists:
- msgId = "SVC1409";
- detail[0] = "Conflict Already Exists";
- response.setStatus(/*httpstatus=*/409);
- break;
-
- case 501:
- case ERR_NotImplemented:
- msgId = "SVC1501";
- detail[0] = "Not Implemented";
- response.setStatus(/*httpstatus=*/501);
- break;
-
- default:
- msgId = "SVC1500";
- detail[0] = "General Service Error";
- response.setStatus(/*httpstatus=*/500);
- hidemsg = true;
- break;
- }
+ case 406:
+ case ERR_BadData:
+ msgId="SVC1406";
+ detail[0] = "Not Acceptable";
+ response.setStatus(/*httpstatus=*/406);
+ break;
+
+ case 409:
+ case ERR_ConflictAlreadyExists:
+ msgId = "SVC1409";
+ detail[0] = "Conflict Already Exists";
+ response.setStatus(/*httpstatus=*/409);
+ break;
+
+ case 501:
+ case ERR_NotImplemented:
+ msgId = "SVC1501";
+ detail[0] = "Not Implemented";
+ response.setStatus(/*httpstatus=*/501);
+ break;
+
+ default:
+ msgId = "SVC1500";
+ detail[0] = "General Service Error";
+ response.setStatus(/*httpstatus=*/500);
+ hidemsg = true;
+ break;
+ }
- try {
- StringBuilder holder = new StringBuilder();
- ERROR em = mapper().errorFromMessage(holder,msgId,msg,detail);
- trans.checkpoint(
- "ErrResp [" +
- msgId +
- "] " +
- holder.toString(),
- Env.ALWAYS);
- if(hidemsg) {
- holder.setLength(0);
- em = mapper().errorFromMessage(holder, msgId, "Server had an issue processing this request");
- }
- errDF.newData(trans).load(em).to(response.getOutputStream());
-
- } catch (Exception e) {
- trans.error().log(e,"unable to send response for",msg);
- }
- }
-
- /* (non-Javadoc)
- * @see com.att.authz.facade.AuthzFacade#getAPI(org.onap.aaf.auth.env.test.AuthzTrans, javax.servlet.http.HttpServletResponse)
- */
- public final static String API_REPORT = "apiReport";
- @Override
- public Result<Void> getAPI(AuthzTrans trans, HttpServletResponse resp, RServlet<AuthzTrans> rservlet) {
- TimeTaken tt = trans.start(API_REPORT, Env.SUB);
- try {
- Api api = new Api();
- Api.Route ar;
- Method[] meths = LocateServiceImpl.class.getDeclaredMethods();
- for(RouteReport rr : rservlet.routeReport()) {
- api.getRoute().add(ar = new Api.Route());
- ar.setMeth(rr.meth.name());
- ar.setPath(rr.path);
- ar.setDesc(rr.desc);
- ar.getContentType().addAll(rr.contextTypes);
- for(Method m : meths) {
- ApiDoc ad;
- if((ad = m.getAnnotation(ApiDoc.class))!=null &&
- rr.meth.equals(ad.method()) &&
- rr.path.equals(ad.path())) {
- for(String param : ad.params()) {
- ar.getParam().add(param);
- }
- for(String text : ad.text()) {
- ar.getComments().add(text);
- }
- ar.setExpected(ad.expectedCode());
- for(int ec : ad.errorCodes()) {
- ar.getExplicitErr().add(ec);
- }
- }
- }
- }
- apiDF.newData(trans).load(api).to(resp.getOutputStream());
- setContentType(resp,apiDF.getOutType());
- return Result.ok();
+ try {
+ StringBuilder holder = new StringBuilder();
+ ERROR em = mapper().errorFromMessage(holder,msgId,msg,detail);
+ trans.checkpoint(
+ "ErrResp [" +
+ msgId +
+ "] " +
+ holder.toString(),
+ Env.ALWAYS);
+ if(hidemsg) {
+ holder.setLength(0);
+ em = mapper().errorFromMessage(holder, msgId, "Server had an issue processing this request");
+ }
+ errDF.newData(trans).load(em).to(response.getOutputStream());
+
+ } catch (Exception e) {
+ trans.error().log(e,"unable to send response for",msg);
+ }
+ }
+
+ /* (non-Javadoc)
+ * @see com.att.authz.facade.AuthzFacade#getAPI(org.onap.aaf.auth.env.test.AuthzTrans, javax.servlet.http.HttpServletResponse)
+ */
+ public final static String API_REPORT = "apiReport";
+ @Override
+ public Result<Void> getAPI(AuthzTrans trans, HttpServletResponse resp, RServlet<AuthzTrans> rservlet) {
+ TimeTaken tt = trans.start(API_REPORT, Env.SUB);
+ try {
+ Api api = new Api();
+ Api.Route ar;
+ Method[] meths = LocateServiceImpl.class.getDeclaredMethods();
+ for(RouteReport rr : rservlet.routeReport()) {
+ api.getRoute().add(ar = new Api.Route());
+ ar.setMeth(rr.meth.name());
+ ar.setPath(rr.path);
+ ar.setDesc(rr.desc);
+ ar.getContentType().addAll(rr.contextTypes);
+ for(Method m : meths) {
+ ApiDoc ad;
+ if((ad = m.getAnnotation(ApiDoc.class))!=null &&
+ rr.meth.equals(ad.method()) &&
+ rr.path.equals(ad.path())) {
+ for(String param : ad.params()) {
+ ar.getParam().add(param);
+ }
+ for(String text : ad.text()) {
+ ar.getComments().add(text);
+ }
+ ar.setExpected(ad.expectedCode());
+ for(int ec : ad.errorCodes()) {
+ ar.getExplicitErr().add(ec);
+ }
+ }
+ }
+ }
+ apiDF.newData(trans).load(api).to(resp.getOutputStream());
+ setContentType(resp,apiDF.getOutType());
+ return Result.ok();
- } catch (Exception e) {
- trans.error().log(e,IN,API_REPORT);
- return Result.err(e);
- } finally {
- tt.done();
- }
- }
-
- public final static String API_EXAMPLE = "apiExample";
- /* (non-Javadoc)
- * @see com.att.authz.facade.AuthzFacade#getAPIExample(org.onap.aaf.auth.env.test.AuthzTrans, javax.servlet.http.HttpServletResponse, java.lang.String)
- */
- @Override
- public Result<Void> getAPIExample(AuthzTrans trans, HttpServletResponse resp, String nameOrContentType, boolean optional) {
- TimeTaken tt = trans.start(API_EXAMPLE, Env.SUB);
- try {
- String content =Examples.print(apiDF.getEnv(), nameOrContentType, optional);
- resp.getOutputStream().print(content);
- setContentType(resp,content.contains("<?xml")?TYPE.XML:TYPE.JSON);
- return Result.ok();
- } catch (Exception e) {
- trans.error().log(e,IN,API_EXAMPLE);
- return Result.err(Result.ERR_NotImplemented,e.getMessage());
- } finally {
- tt.done();
- }
- }
+ } catch (Exception e) {
+ trans.error().log(e,IN,API_REPORT);
+ return Result.err(e);
+ } finally {
+ tt.done();
+ }
+ }
+
+ public final static String API_EXAMPLE = "apiExample";
+ /* (non-Javadoc)
+ * @see com.att.authz.facade.AuthzFacade#getAPIExample(org.onap.aaf.auth.env.test.AuthzTrans, javax.servlet.http.HttpServletResponse, java.lang.String)
+ */
+ @Override
+ public Result<Void> getAPIExample(AuthzTrans trans, HttpServletResponse resp, String nameOrContentType, boolean optional) {
+ TimeTaken tt = trans.start(API_EXAMPLE, Env.SUB);
+ try {
+ String content =Examples.print(apiDF.getEnv(), nameOrContentType, optional);
+ resp.getOutputStream().print(content);
+ setContentType(resp,content.contains("<?xml")?TYPE.XML:TYPE.JSON);
+ return Result.ok();
+ } catch (Exception e) {
+ trans.error().log(e,IN,API_EXAMPLE);
+ return Result.err(Result.ERR_NotImplemented,e.getMessage());
+ } finally {
+ tt.done();
+ }
+ }
- public final static String GET_ENDPOINTS = "getEndpoints";
- private final static Object LOCK = new Object();
- /* (non-Javadoc)
- * @see org.onap.aaf.auth.locate.facade.GwFacade#getEndpoints(org.onap.aaf.auth.env.test.AuthzTrans, javax.servlet.http.HttpServletResponse, java.lang.String, java.lang.String, java.lang.String)
- */
- @Override
- public Result<Void> getEndpoints(AuthzTrans trans, HttpServletResponse resp, String key, String service, String version, String other) {
- TimeTaken tt = trans.start(GET_ENDPOINTS, Env.SUB);
- try {
- String output=null;
- long temp=System.currentTimeMillis();
- synchronized(LOCK) {
- if(cacheClear<temp) {
- epsCache.clear();
- cacheClear = temp+1000*60*2; // 2 mins standard cache clear
- } else {
- output = epsCache.get(key);
- if("{}".equals(output) && emptyCheck<temp) {
- output = null;
- emptyCheck = temp+5000; // 5 second check
- }
- }
- }
- if(output==null) {
- Result<ENDPOINTS> reps = this.service.getEndPoints(trans,service,version,other);
- if(reps.notOK()) {
- return Result.err(reps);
- } else {
- output = epDF.newData(trans).load(reps.value).asString();
- synchronized(LOCK) {
- epsCache.put(key, output);
- }
- }
- }
- resp.getOutputStream().println(output);
- setContentType(resp,epDF.getOutType());
- return Result.ok();
- } catch (Exception e) {
- trans.error().log(e,IN,API_EXAMPLE);
- return Result.err(Result.ERR_NotImplemented,e.getMessage());
- } finally {
- tt.done();
- }
- }
+ public final static String GET_ENDPOINTS = "getEndpoints";
+ private final static Object LOCK = new Object();
+ /* (non-Javadoc)
+ * @see org.onap.aaf.auth.locate.facade.GwFacade#getEndpoints(org.onap.aaf.auth.env.test.AuthzTrans, javax.servlet.http.HttpServletResponse, java.lang.String, java.lang.String, java.lang.String)
+ */
+ @Override
+ public Result<Void> getEndpoints(AuthzTrans trans, HttpServletResponse resp, String key, String service, String version, String other) {
+ TimeTaken tt = trans.start(GET_ENDPOINTS, Env.SUB);
+ try {
+ String output=null;
+ long temp=System.currentTimeMillis();
+ synchronized(LOCK) {
+ if(cacheClear<temp) {
+ epsCache.clear();
+ cacheClear = temp+1000*60*2; // 2 mins standard cache clear
+ } else {
+ output = epsCache.get(key);
+ if("{}".equals(output) && emptyCheck<temp) {
+ output = null;
+ emptyCheck = temp+5000; // 5 second check
+ }
+ }
+ }
+ if(output==null) {
+ Result<ENDPOINTS> reps = this.service.getEndPoints(trans,service,version,other);
+ if(reps.notOK()) {
+ return Result.err(reps);
+ } else {
+ output = epDF.newData(trans).load(reps.value).asString();
+ synchronized(LOCK) {
+ epsCache.put(key, output);
+ }
+ }
+ }
+ resp.getOutputStream().println(output);
+ setContentType(resp,epDF.getOutType());
+ return Result.ok();
+ } catch (Exception e) {
+ trans.error().log(e,IN,API_EXAMPLE);
+ return Result.err(Result.ERR_NotImplemented,e.getMessage());
+ } finally {
+ tt.done();
+ }
+ }
- private static final String PUT_MGMT_ENDPOINTS = "Put Mgmt Endpoints";
- /* (non-Javadoc)
- * @see org.onap.aaf.auth.locate.facade.GwFacade#putMgmtEndpoints(org.onap.aaf.auth.env.test.AuthzTrans, javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse)
- */
- @Override
- public Result<Void> putMgmtEndpoints(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp) {
- TimeTaken tt = trans.start(PUT_MGMT_ENDPOINTS, Env.SUB|Env.ALWAYS);
- try {
- MGMT_ENDPOINTS rreq;
- try {
- RosettaData<MGMT_ENDPOINTS> data = mepDF.newData().load(req.getInputStream());
- rreq = data.asObject();
- } catch(APIException e) {
- trans.error().log("Invalid Input",IN,PUT_MGMT_ENDPOINTS);
- return Result.err(Status.ERR_BadData,"Invalid Input");
+ private static final String PUT_MGMT_ENDPOINTS = "Put Mgmt Endpoints";
+ /* (non-Javadoc)
+ * @see org.onap.aaf.auth.locate.facade.GwFacade#putMgmtEndpoints(org.onap.aaf.auth.env.test.AuthzTrans, javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse)
+ */
+ @Override
+ public Result<Void> putMgmtEndpoints(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp) {
+ TimeTaken tt = trans.start(PUT_MGMT_ENDPOINTS, Env.SUB|Env.ALWAYS);
+ try {
+ MGMT_ENDPOINTS rreq;
+ try {
+ RosettaData<MGMT_ENDPOINTS> data = mepDF.newData().load(req.getInputStream());
+ rreq = data.asObject();
+ } catch(APIException e) {
+ trans.error().log("Invalid Input",IN,PUT_MGMT_ENDPOINTS);
+ return Result.err(Status.ERR_BadData,"Invalid Input");
- }
- Result<Void> rp = service.putMgmtEndPoints(trans, rreq);
- switch(rp.status) {
- case OK:
- synchronized(LOCK) {
- cacheClear = 0L;
- }
- setContentType(resp,mepDF.getOutType());
- return Result.ok();
- default:
- return rp;
- }
- } catch (Exception e) {
- trans.error().log(e,IN,PUT_MGMT_ENDPOINTS);
- return Result.err(e);
- } finally {
- tt.done();
- }
- }
+ }
+ Result<Void> rp = service.putMgmtEndPoints(trans, rreq);
+ switch(rp.status) {
+ case OK:
+ synchronized(LOCK) {
+ cacheClear = 0L;
+ }
+ setContentType(resp,mepDF.getOutType());
+ return Result.ok();
+ default:
+ return rp;
+ }
+ } catch (Exception e) {
+ trans.error().log(e,IN,PUT_MGMT_ENDPOINTS);
+ return Result.err(e);
+ } finally {
+ tt.done();
+ }
+ }
- private static final String DELETE_MGMT_ENDPOINTS = "Delete Mgmt Endpoints";
- /* (non-Javadoc)
- * @see org.onap.aaf.auth.locate.facade.GwFacade#removeMgmtEndpoints(org.onap.aaf.auth.env.test.AuthzTrans, javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse)
- */
- @Override
- public Result<Void> removeMgmtEndpoints(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp) {
- TimeTaken tt = trans.start(DELETE_MGMT_ENDPOINTS, Env.SUB|Env.ALWAYS);
- try {
- MGMT_ENDPOINTS rreq;
- try {
- RosettaData<MGMT_ENDPOINTS> data = mepDF.newData().load(req.getInputStream());
- rreq = data.asObject();
- } catch(APIException e) {
- trans.error().log("Invalid Input",IN,DELETE_MGMT_ENDPOINTS);
- return Result.err(Status.ERR_BadData,"Invalid Input");
+ private static final String DELETE_MGMT_ENDPOINTS = "Delete Mgmt Endpoints";
+ /* (non-Javadoc)
+ * @see org.onap.aaf.auth.locate.facade.GwFacade#removeMgmtEndpoints(org.onap.aaf.auth.env.test.AuthzTrans, javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse)
+ */
+ @Override
+ public Result<Void> removeMgmtEndpoints(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp) {
+ TimeTaken tt = trans.start(DELETE_MGMT_ENDPOINTS, Env.SUB|Env.ALWAYS);
+ try {
+ MGMT_ENDPOINTS rreq;
+ try {
+ RosettaData<MGMT_ENDPOINTS> data = mepDF.newData().load(req.getInputStream());
+ rreq = data.asObject();
+ } catch(APIException e) {
+ trans.error().log("Invalid Input",IN,DELETE_MGMT_ENDPOINTS);
+ return Result.err(Status.ERR_BadData,"Invalid Input");
- }
- Result<Void> rp = service.removeMgmtEndPoints(trans, rreq);
- switch(rp.status) {
- case OK:
- synchronized(LOCK) {
- cacheClear = 0L;
- }
- setContentType(resp,mepDF.getOutType());
- return Result.ok();
- default:
- return rp;
- }
- } catch (Exception e) {
- trans.error().log(e,IN,DELETE_MGMT_ENDPOINTS);
- return Result.err(e);
- } finally {
- tt.done();
- }
- }
+ }
+ Result<Void> rp = service.removeMgmtEndPoints(trans, rreq);
+ switch(rp.status) {
+ case OK:
+ synchronized(LOCK) {
+ cacheClear = 0L;
+ }
+ setContentType(resp,mepDF.getOutType());
+ return Result.ok();
+ default:
+ return rp;
+ }
+ } catch (Exception e) {
+ trans.error().log(e,IN,DELETE_MGMT_ENDPOINTS);
+ return Result.err(e);
+ } finally {
+ tt.done();
+ }
+ }
- private static final String GET_CONFIG = "Get Configuration";
- @Override
- public Result<Void> getConfig(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp, final String id, final String type) {
- TimeTaken tt = trans.start(GET_CONFIG, Env.SUB|Env.ALWAYS);
- try {
- Result<CONFIGURATION> rp = service.getConfig(trans, id, type);
- switch(rp.status) {
- case OK:
- setContentType(resp,mepDF.getOutType());
- confDF.newData(trans).load(rp.value).to(resp.getOutputStream());
- return Result.ok();
- default:
- return Result.err(rp);
- }
- } catch (Exception e) {
- trans.error().log(e,IN,GET_CONFIG);
- return Result.err(e);
- } finally {
- tt.done();
- }
- }
-
+ private static final String GET_CONFIG = "Get Configuration";
+ @Override
+ public Result<Void> getConfig(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp, final String id, final String type) {
+ TimeTaken tt = trans.start(GET_CONFIG, Env.SUB|Env.ALWAYS);
+ try {
+ Result<CONFIGURATION> rp = service.getConfig(trans, id, type);
+ switch(rp.status) {
+ case OK:
+ setContentType(resp,mepDF.getOutType());
+ confDF.newData(trans).load(rp.value).to(resp.getOutputStream());
+ return Result.ok();
+ default:
+ return Result.err(rp);
+ }
+ } catch (Exception e) {
+ trans.error().log(e,IN,GET_CONFIG);
+ return Result.err(e);
+ } finally {
+ tt.done();
+ }
+ }
+
} \ No newline at end of file
diff --git a/auth/auth-locate/src/main/java/org/onap/aaf/auth/locate/facade/LocateFacade_1_1.java b/auth/auth-locate/src/main/java/org/onap/aaf/auth/locate/facade/LocateFacade_1_1.java
index 87d98361..8f45058f 100644
--- a/auth/auth-locate/src/main/java/org/onap/aaf/auth/locate/facade/LocateFacade_1_1.java
+++ b/auth/auth-locate/src/main/java/org/onap/aaf/auth/locate/facade/LocateFacade_1_1.java
@@ -36,7 +36,7 @@ import locate_local.v1_0.Error;
public class LocateFacade_1_1 extends LocateFacadeImpl<InRequest,Out,Endpoints,MgmtEndpoints,Configuration,Error>
{
- public LocateFacade_1_1(AuthzEnv env, LocateService<InRequest,Out,Endpoints,MgmtEndpoints,Configuration,Error> service, Data.TYPE type) throws APIException {
- super(env, service, type);
- }
+ public LocateFacade_1_1(AuthzEnv env, LocateService<InRequest,Out,Endpoints,MgmtEndpoints,Configuration,Error> service, Data.TYPE type) throws APIException {
+ super(env, service, type);
+ }
}
diff --git a/auth/auth-locate/src/main/java/org/onap/aaf/auth/locate/mapper/Mapper.java b/auth/auth-locate/src/main/java/org/onap/aaf/auth/locate/mapper/Mapper.java
index 7e012f2d..e2cd4bce 100644
--- a/auth/auth-locate/src/main/java/org/onap/aaf/auth/locate/mapper/Mapper.java
+++ b/auth/auth-locate/src/main/java/org/onap/aaf/auth/locate/mapper/Mapper.java
@@ -30,12 +30,12 @@ import locate.v1_0.MgmtEndpoint;
public interface Mapper<IN,OUT,ENDPOINTS,MGMT_ENDPOINTS,CONFIG,ERROR>
{
- public enum API{IN_REQ,OUT,ENDPOINTS,MGMT_ENDPOINTS,CONFIG,ERROR,VOID};
- public Class<?> getClass(API api);
- public<A> A newInstance(API api);
+ public enum API{IN_REQ,OUT,ENDPOINTS,MGMT_ENDPOINTS,CONFIG,ERROR,VOID};
+ public Class<?> getClass(API api);
+ public<A> A newInstance(API api);
- public ERROR errorFromMessage(StringBuilder holder, String msgID, String text, String... detail);
- public Result<ENDPOINTS> endpoints(Result<List<Data>> resultDB, String version, String other);
- public Data locateData(MgmtEndpoint me);
+ public ERROR errorFromMessage(StringBuilder holder, String msgID, String text, String... detail);
+ public Result<ENDPOINTS> endpoints(Result<List<Data>> resultDB, String version, String other);
+ public Data locateData(MgmtEndpoint me);
}
diff --git a/auth/auth-locate/src/main/java/org/onap/aaf/auth/locate/mapper/Mapper_1_1.java b/auth/auth-locate/src/main/java/org/onap/aaf/auth/locate/mapper/Mapper_1_1.java
index 2edb54f9..d2eeb632 100644
--- a/auth/auth-locate/src/main/java/org/onap/aaf/auth/locate/mapper/Mapper_1_1.java
+++ b/auth/auth-locate/src/main/java/org/onap/aaf/auth/locate/mapper/Mapper_1_1.java
@@ -38,116 +38,116 @@ import locate_local.v1_0.InRequest;
import locate_local.v1_0.Out;
public class Mapper_1_1 implements Mapper<InRequest,Out,Endpoints,MgmtEndpoints,Configuration,Error> {
-
- @Override
- public Class<?> getClass(API api) {
- switch(api) {
- case IN_REQ: return InRequest.class;
- case OUT: return Out.class;
- case ERROR: return Error.class;
- case VOID: return Void.class;
- case ENDPOINTS: return Endpoints.class;
- case MGMT_ENDPOINTS: return MgmtEndpoints.class;
- case CONFIG: return Configuration.class;
- }
- return null;
- }
+
+ @Override
+ public Class<?> getClass(API api) {
+ switch(api) {
+ case IN_REQ: return InRequest.class;
+ case OUT: return Out.class;
+ case ERROR: return Error.class;
+ case VOID: return Void.class;
+ case ENDPOINTS: return Endpoints.class;
+ case MGMT_ENDPOINTS: return MgmtEndpoints.class;
+ case CONFIG: return Configuration.class;
+ }
+ return null;
+ }
- @SuppressWarnings("unchecked")
- @Override
- public <A> A newInstance(API api) {
- switch(api) {
- case IN_REQ: return (A) new InRequest();
- case OUT: return (A) new Out();
- case ERROR: return (A)new Error();
- case ENDPOINTS: return (A) new Endpoints();
- case MGMT_ENDPOINTS: return (A) new MgmtEndpoints();
- case CONFIG: return (A) new Configuration();
- case VOID: return null;
- }
- return null;
- }
+ @SuppressWarnings("unchecked")
+ @Override
+ public <A> A newInstance(API api) {
+ switch(api) {
+ case IN_REQ: return (A) new InRequest();
+ case OUT: return (A) new Out();
+ case ERROR: return (A)new Error();
+ case ENDPOINTS: return (A) new Endpoints();
+ case MGMT_ENDPOINTS: return (A) new MgmtEndpoints();
+ case CONFIG: return (A) new Configuration();
+ case VOID: return null;
+ }
+ return null;
+ }
- ////////////// Mapping Functions /////////////
- @Override
- public locate_local.v1_0.Error errorFromMessage(StringBuilder holder, String msgID, String text,String... var) {
- Error err = new Error();
- err.setMessageId(msgID);
- // AT&T Restful Error Format requires numbers "%" placements
- err.setText(Vars.convert(holder, text, var));
- for(String s : var) {
- err.getVariables().add(s);
- }
- return err;
- }
+ ////////////// Mapping Functions /////////////
+ @Override
+ public locate_local.v1_0.Error errorFromMessage(StringBuilder holder, String msgID, String text,String... var) {
+ Error err = new Error();
+ err.setMessageId(msgID);
+ // AT&T Restful Error Format requires numbers "%" placements
+ err.setText(Vars.convert(holder, text, var));
+ for(String s : var) {
+ err.getVariables().add(s);
+ }
+ return err;
+ }
- /* (non-Javadoc)
- * @see org.onap.aaf.auth.locate.mapper.Mapper#endpoints(org.onap.aaf.auth.layer.test.Result, java.lang.String, java.lang.String)
- */
- @Override
- public Result<Endpoints> endpoints(Result<List<Data>> resultDB, String version, String other) {
- if(resultDB.notOK()) {
- return Result.err(resultDB);
- }
- int major=-1, minor=-1, patch=-1, pkg=-1;
- if(version!=null) {
- try {
- String[] v = Split.split('.',version);
- if(v.length>0) {major = Integer.parseInt(v[0]);}
- if(v.length>1) {minor = Integer.parseInt(v[1]);}
- if(v.length>2) {patch = Integer.parseInt(v[2]);}
- if(v.length>3) {pkg = Integer.parseInt(v[3]);}
- } catch (NumberFormatException e) {
- return Result.err(Result.ERR_BadData,"Invalid Version String " + version);
- }
- }
- Endpoints eps = new Endpoints();
- List<Endpoint> leps = eps.getEndpoint();
- for(Data d : resultDB.value) {
- if((major<0 || major==d.major) &&
- (minor<0 || minor<=d.minor) &&
- (patch<0 || patch==d.patch) &&
- (pkg<0 || pkg ==d.pkg)) {
- Endpoint ep = new Endpoint();
- ep.setName(d.name);
- ep.setHostname(d.hostname);
- ep.setPort(d.port);
- ep.setMajor(d.major);
- ep.setMinor(d.minor);
- ep.setPatch(d.patch);
- ep.setPkg(d.pkg);
- ep.setLatitude(d.latitude);
- ep.setLongitude(d.longitude);
- ep.setProtocol(d.protocol);
- for(String s : d.subprotocol(false)) {
- ep.getSubprotocol().add(s);
- }
- leps.add(ep);
- }
- }
- return Result.ok(eps);
- }
+ /* (non-Javadoc)
+ * @see org.onap.aaf.auth.locate.mapper.Mapper#endpoints(org.onap.aaf.auth.layer.test.Result, java.lang.String, java.lang.String)
+ */
+ @Override
+ public Result<Endpoints> endpoints(Result<List<Data>> resultDB, String version, String other) {
+ if(resultDB.notOK()) {
+ return Result.err(resultDB);
+ }
+ int major=-1, minor=-1, patch=-1, pkg=-1;
+ if(version!=null) {
+ try {
+ String[] v = Split.split('.',version);
+ if(v.length>0) {major = Integer.parseInt(v[0]);}
+ if(v.length>1) {minor = Integer.parseInt(v[1]);}
+ if(v.length>2) {patch = Integer.parseInt(v[2]);}
+ if(v.length>3) {pkg = Integer.parseInt(v[3]);}
+ } catch (NumberFormatException e) {
+ return Result.err(Result.ERR_BadData,"Invalid Version String " + version);
+ }
+ }
+ Endpoints eps = new Endpoints();
+ List<Endpoint> leps = eps.getEndpoint();
+ for(Data d : resultDB.value) {
+ if((major<0 || major==d.major) &&
+ (minor<0 || minor<=d.minor) &&
+ (patch<0 || patch==d.patch) &&
+ (pkg<0 || pkg ==d.pkg)) {
+ Endpoint ep = new Endpoint();
+ ep.setName(d.name);
+ ep.setHostname(d.hostname);
+ ep.setPort(d.port);
+ ep.setMajor(d.major);
+ ep.setMinor(d.minor);
+ ep.setPatch(d.patch);
+ ep.setPkg(d.pkg);
+ ep.setLatitude(d.latitude);
+ ep.setLongitude(d.longitude);
+ ep.setProtocol(d.protocol);
+ for(String s : d.subprotocol(false)) {
+ ep.getSubprotocol().add(s);
+ }
+ leps.add(ep);
+ }
+ }
+ return Result.ok(eps);
+ }
- /* (non-Javadoc)
- * @see org.onap.aaf.auth.locate.mapper.Mapper#locateData(locate.v1_0.MgmtEndpoint)
- */
- @Override
- public Data locateData(MgmtEndpoint me) {
- Data data = new Data();
- data.name = me.getName();
- data.port = me.getPort();
- data.hostname = me.getHostname();
- data.major = me.getMajor();
- data.minor = me.getMinor();
- data.patch = me.getPatch();
- data.pkg = me.getPkg();
- data.latitude = me.getLatitude();
- data.longitude = me.getLongitude();
- data.protocol = me.getProtocol();
- for(String s : me.getSubprotocol()) {
- data.subprotocol(true).add(s);
- }
- return data;
- }
+ /* (non-Javadoc)
+ * @see org.onap.aaf.auth.locate.mapper.Mapper#locateData(locate.v1_0.MgmtEndpoint)
+ */
+ @Override
+ public Data locateData(MgmtEndpoint me) {
+ Data data = new Data();
+ data.name = me.getName();
+ data.port = me.getPort();
+ data.hostname = me.getHostname();
+ data.major = me.getMajor();
+ data.minor = me.getMinor();
+ data.patch = me.getPatch();
+ data.pkg = me.getPkg();
+ data.latitude = me.getLatitude();
+ data.longitude = me.getLongitude();
+ data.protocol = me.getProtocol();
+ for(String s : me.getSubprotocol()) {
+ data.subprotocol(true).add(s);
+ }
+ return data;
+ }
} \ No newline at end of file
diff --git a/auth/auth-locate/src/main/java/org/onap/aaf/auth/locate/service/LocateService.java b/auth/auth-locate/src/main/java/org/onap/aaf/auth/locate/service/LocateService.java
index ac2e3c46..47f3b984 100644
--- a/auth/auth-locate/src/main/java/org/onap/aaf/auth/locate/service/LocateService.java
+++ b/auth/auth-locate/src/main/java/org/onap/aaf/auth/locate/service/LocateService.java
@@ -26,9 +26,9 @@ import org.onap.aaf.auth.layer.Result;
import org.onap.aaf.auth.locate.mapper.Mapper;
public interface LocateService<IN,OUT,ENDPOINTS,MGMT_ENDPOINTS,CONFIG,ERROR> {
- public Mapper<IN,OUT,ENDPOINTS,MGMT_ENDPOINTS,CONFIG,ERROR> mapper();
- public Result<ENDPOINTS> getEndPoints(AuthzTrans trans, String service, String version, String other);
- public Result<Void> putMgmtEndPoints(AuthzTrans trans, MGMT_ENDPOINTS meps);
- public Result<Void> removeMgmtEndPoints(AuthzTrans trans, MGMT_ENDPOINTS meps);
- public Result<CONFIG> getConfig(AuthzTrans trans, String id, String type);
+ public Mapper<IN,OUT,ENDPOINTS,MGMT_ENDPOINTS,CONFIG,ERROR> mapper();
+ public Result<ENDPOINTS> getEndPoints(AuthzTrans trans, String service, String version, String other);
+ public Result<Void> putMgmtEndPoints(AuthzTrans trans, MGMT_ENDPOINTS meps);
+ public Result<Void> removeMgmtEndPoints(AuthzTrans trans, MGMT_ENDPOINTS meps);
+ public Result<CONFIG> getConfig(AuthzTrans trans, String id, String type);
}
diff --git a/auth/auth-locate/src/main/java/org/onap/aaf/auth/locate/service/LocateServiceImpl.java b/auth/auth-locate/src/main/java/org/onap/aaf/auth/locate/service/LocateServiceImpl.java
index b2cdfab6..d0aae466 100644
--- a/auth/auth-locate/src/main/java/org/onap/aaf/auth/locate/service/LocateServiceImpl.java
+++ b/auth/auth-locate/src/main/java/org/onap/aaf/auth/locate/service/LocateServiceImpl.java
@@ -42,111 +42,111 @@ import locate.v1_1.Configuration;
import locate.v1_1.Configuration.Props;
public class LocateServiceImpl<IN,OUT,ERROR>
- implements LocateService<IN,OUT,Endpoints,MgmtEndpoints,Configuration,ERROR> {
- private Mapper<IN,OUT,Endpoints,MgmtEndpoints,Configuration,ERROR> mapper;
- protected LocateDAO locateDAO;
- private ConfigDAO configDAO;
- private boolean permToRegister;
-
- public LocateServiceImpl(AuthzTrans trans, AAF_Locate locate, Mapper<IN,OUT,Endpoints,MgmtEndpoints,Configuration,ERROR> mapper) throws APIException {
- this.mapper = mapper;
- this.locateDAO = locate.locateDAO;
- this.configDAO = locate.configDAO;
- permToRegister = false; //TODO Setup a Configuration for this
- }
-
- public Mapper<IN,OUT,Endpoints,MgmtEndpoints,Configuration,ERROR> mapper() {return mapper;}
+ implements LocateService<IN,OUT,Endpoints,MgmtEndpoints,Configuration,ERROR> {
+ private Mapper<IN,OUT,Endpoints,MgmtEndpoints,Configuration,ERROR> mapper;
+ protected LocateDAO locateDAO;
+ private ConfigDAO configDAO;
+ private boolean permToRegister;
+
+ public LocateServiceImpl(AuthzTrans trans, AAF_Locate locate, Mapper<IN,OUT,Endpoints,MgmtEndpoints,Configuration,ERROR> mapper) throws APIException {
+ this.mapper = mapper;
+ this.locateDAO = locate.locateDAO;
+ this.configDAO = locate.configDAO;
+ permToRegister = false; //TODO Setup a Configuration for this
+ }
+
+ public Mapper<IN,OUT,Endpoints,MgmtEndpoints,Configuration,ERROR> mapper() {return mapper;}
- @Override
- public Result<Endpoints> getEndPoints(AuthzTrans trans, String service, String version, String other) {
- return mapper.endpoints(locateDAO.readByName(trans, service), version, other);
- }
+ @Override
+ public Result<Endpoints> getEndPoints(AuthzTrans trans, String service, String version, String other) {
+ return mapper.endpoints(locateDAO.readByName(trans, service), version, other);
+ }
- /* (non-Javadoc)
- * @see org.onap.aaf.auth.locate.service.GwService#putMgmtEndPoints(org.onap.aaf.auth.env.test.AuthzTrans, java.lang.Object)
- */
- @Override
- public Result<Void> putMgmtEndPoints(AuthzTrans trans, MgmtEndpoints meps) {
- LocateValidator v = new LocateValidator().mgmt_endpoints(meps, false);
- if(v.err()) {
- return Result.err(Result.ERR_BadData,v.errs());
- }
- int count = 0;
- for(MgmtEndpoint me : meps.getMgmtEndpoint()) {
- if(permToRegister) {
- int dot = me.getName().lastIndexOf('.'); // Note: Validator checks for NS for getName()
- AAFPermission p = new AAFPermission(me.getName().substring(0,dot),"locator",me.getName(),"write");
- if(trans.fish(p)) {
- LocateDAO.Data data = mapper.locateData(me);
- locateDAO.update(trans, data, true);
- ++count;
- } else {
- return Result.err(Result.ERR_Denied,"May not register service (needs " + p.getKey() + ')');
- }
- } else { //TODO if(MechID is part of Namespace) {
- LocateDAO.Data data = mapper.locateData(me);
- locateDAO.update(trans, data, true);
- ++count;
- }
- }
- if(count>0) {
- return Result.ok();
- } else {
- return Result.err(Result.ERR_NotFound, "No endpoints found");
- }
- }
+ /* (non-Javadoc)
+ * @see org.onap.aaf.auth.locate.service.GwService#putMgmtEndPoints(org.onap.aaf.auth.env.test.AuthzTrans, java.lang.Object)
+ */
+ @Override
+ public Result<Void> putMgmtEndPoints(AuthzTrans trans, MgmtEndpoints meps) {
+ LocateValidator v = new LocateValidator().mgmt_endpoints(meps, false);
+ if(v.err()) {
+ return Result.err(Result.ERR_BadData,v.errs());
+ }
+ int count = 0;
+ for(MgmtEndpoint me : meps.getMgmtEndpoint()) {
+ if(permToRegister) {
+ int dot = me.getName().lastIndexOf('.'); // Note: Validator checks for NS for getName()
+ AAFPermission p = new AAFPermission(me.getName().substring(0,dot),"locator",me.getName(),"write");
+ if(trans.fish(p)) {
+ LocateDAO.Data data = mapper.locateData(me);
+ locateDAO.update(trans, data, true);
+ ++count;
+ } else {
+ return Result.err(Result.ERR_Denied,"May not register service (needs " + p.getKey() + ')');
+ }
+ } else { //TODO if(MechID is part of Namespace) {
+ LocateDAO.Data data = mapper.locateData(me);
+ locateDAO.update(trans, data, true);
+ ++count;
+ }
+ }
+ if(count>0) {
+ return Result.ok();
+ } else {
+ return Result.err(Result.ERR_NotFound, "No endpoints found");
+ }
+ }
- /* (non-Javadoc)
- * @see org.onap.aaf.auth.locate.service.GwService#removeMgmtEndPoints(org.onap.aaf.auth.env.test.AuthzTrans, java.lang.Object)
- */
- @Override
- public Result<Void> removeMgmtEndPoints(AuthzTrans trans, MgmtEndpoints meps) {
- LocateValidator v = new LocateValidator().mgmt_endpoint_key(meps);
- if(v.err()) {
- return Result.err(Result.ERR_BadData,v.errs());
- }
- int count = 0;
- for(MgmtEndpoint me : meps.getMgmtEndpoint()) {
- int dot = me.getName().lastIndexOf('.'); // Note: Validator checks for NS for getName()
- AAFPermission p = new AAFPermission(me.getName().substring(0,dot),"locator",me.getHostname(),"write");
- if(trans.fish(p)) {
- LocateDAO.Data data = mapper.locateData(me);
- data.port_key = UUID.randomUUID();
- locateDAO.delete(trans, data, false);
- ++count;
- } else {
- return Result.err(Result.ERR_Denied,"May not register service (needs " + p.getKey() + ')');
- }
- }
- if(count>0) {
- return Result.ok();
- } else {
- return Result.err(Result.ERR_NotFound, "No endpoints found");
- }
- }
+ /* (non-Javadoc)
+ * @see org.onap.aaf.auth.locate.service.GwService#removeMgmtEndPoints(org.onap.aaf.auth.env.test.AuthzTrans, java.lang.Object)
+ */
+ @Override
+ public Result<Void> removeMgmtEndPoints(AuthzTrans trans, MgmtEndpoints meps) {
+ LocateValidator v = new LocateValidator().mgmt_endpoint_key(meps);
+ if(v.err()) {
+ return Result.err(Result.ERR_BadData,v.errs());
+ }
+ int count = 0;
+ for(MgmtEndpoint me : meps.getMgmtEndpoint()) {
+ int dot = me.getName().lastIndexOf('.'); // Note: Validator checks for NS for getName()
+ AAFPermission p = new AAFPermission(me.getName().substring(0,dot),"locator",me.getHostname(),"write");
+ if(trans.fish(p)) {
+ LocateDAO.Data data = mapper.locateData(me);
+ data.port_key = UUID.randomUUID();
+ locateDAO.delete(trans, data, false);
+ ++count;
+ } else {
+ return Result.err(Result.ERR_Denied,"May not register service (needs " + p.getKey() + ')');
+ }
+ }
+ if(count>0) {
+ return Result.ok();
+ } else {
+ return Result.err(Result.ERR_NotFound, "No endpoints found");
+ }
+ }
- ///// ADDED v1_1
- /* (non-Javadoc)
- * @see org.onap.aaf.auth.locate.service.LocateService#getConfig(org.onap.aaf.auth.env.AuthzTrans, java.lang.String, java.lang.String)
- */
- @Override
- public Result<Configuration> getConfig(AuthzTrans trans, String id, String type) {
- Result<List<Data>> dr = configDAO.readName(trans, type);
- Configuration c = new Configuration();
- c.setName(type);
- Props p;
-
- if(dr.isOKhasData()) {
- for(ConfigDAO.Data data : dr.value) {
- p = new Props();
- p.setTag(data.tag);
- p.setValue(data.value);
- c.getProps().add(p);
- }
- }
- return Result.ok(c);
- //return Result.err(Result.ERR_NotImplemented,"not done yet");
- }
+ ///// ADDED v1_1
+ /* (non-Javadoc)
+ * @see org.onap.aaf.auth.locate.service.LocateService#getConfig(org.onap.aaf.auth.env.AuthzTrans, java.lang.String, java.lang.String)
+ */
+ @Override
+ public Result<Configuration> getConfig(AuthzTrans trans, String id, String type) {
+ Result<List<Data>> dr = configDAO.readName(trans, type);
+ Configuration c = new Configuration();
+ c.setName(type);
+ Props p;
+
+ if(dr.isOKhasData()) {
+ for(ConfigDAO.Data data : dr.value) {
+ p = new Props();
+ p.setTag(data.tag);
+ p.setValue(data.value);
+ c.getProps().add(p);
+ }
+ }
+ return Result.ok(c);
+ //return Result.err(Result.ERR_NotImplemented,"not done yet");
+ }
//////////////// APIs ///////////////////
diff --git a/auth/auth-locate/src/main/java/org/onap/aaf/auth/locate/validation/LocateValidator.java b/auth/auth-locate/src/main/java/org/onap/aaf/auth/locate/validation/LocateValidator.java
index 89157826..6dd3d92a 100644
--- a/auth/auth-locate/src/main/java/org/onap/aaf/auth/locate/validation/LocateValidator.java
+++ b/auth/auth-locate/src/main/java/org/onap/aaf/auth/locate/validation/LocateValidator.java
@@ -39,103 +39,103 @@ import locate.v1_0.MgmtEndpoints;
*
*/
public class LocateValidator extends Validator {
- private LocateValidator endpoint_key(Endpoint e) {
- if(e==null) {
- msg("Endpoint Data is null.");
- } else {
- nullOrBlank("Endpoint Name", e.getName());
- if(e.getName()!=null) {
- int idx = e.getName().indexOf('.');
- if(idx<=0) {
- msg("Endpoint Name must prefixed by Namespace");
- }
- }
- nullOrBlank("Endpoint Hostname", e.getHostname());
- intRange("Endpoint Port",e.getPort(),0,1000000);
- }
- return this;
- }
+ private LocateValidator endpoint_key(Endpoint e) {
+ if(e==null) {
+ msg("Endpoint Data is null.");
+ } else {
+ nullOrBlank("Endpoint Name", e.getName());
+ if(e.getName()!=null) {
+ int idx = e.getName().indexOf('.');
+ if(idx<=0) {
+ msg("Endpoint Name must prefixed by Namespace");
+ }
+ }
+ nullOrBlank("Endpoint Hostname", e.getHostname());
+ intRange("Endpoint Port",e.getPort(),0,1000000);
+ }
+ return this;
+ }
- public LocateValidator endpoint(Endpoint e) {
- endpoint_key(e);
- if(e!=null) {
- intRange("Endpoint Major Version",e.getMajor(),0,2000);
- intRange("Endpoint Minor Version",e.getMinor(),0,2000);
- intRange("Endpoint Patch Version",e.getPatch(),0,2000);
- intRange("Endpoint Pkg Version",e.getPkg(),0,2000);
- floatRange("Endpoint Latitude",e.getLatitude(),-90f,90f);
- floatRange("Endpoint Longitude",e.getLongitude(),-180f,180f);
- nullOrBlank("Endpoint Protocol", e.getProtocol());
- for(String s : e.getSubprotocol()) {
- nullOrBlank("Endpoint Subprotocol", s);
- }
- }
- return this;
- }
-
- public LocateValidator endpoints(Endpoints e, boolean emptyNotOK) {
- if(e==null) {
- msg("Endpoints Data is null.");
- } else {
- if(emptyNotOK && e.getEndpoint().size()==0) {
- msg("Endpoints contains no endpoints");
- } else {
- for(Endpoint ep : e.getEndpoint()) {
- endpoint(ep);
- }
- }
- }
- return this;
- }
+ public LocateValidator endpoint(Endpoint e) {
+ endpoint_key(e);
+ if(e!=null) {
+ intRange("Endpoint Major Version",e.getMajor(),0,2000);
+ intRange("Endpoint Minor Version",e.getMinor(),0,2000);
+ intRange("Endpoint Patch Version",e.getPatch(),0,2000);
+ intRange("Endpoint Pkg Version",e.getPkg(),0,2000);
+ floatRange("Endpoint Latitude",e.getLatitude(),-90f,90f);
+ floatRange("Endpoint Longitude",e.getLongitude(),-180f,180f);
+ nullOrBlank("Endpoint Protocol", e.getProtocol());
+ for(String s : e.getSubprotocol()) {
+ nullOrBlank("Endpoint Subprotocol", s);
+ }
+ }
+ return this;
+ }
+
+ public LocateValidator endpoints(Endpoints e, boolean emptyNotOK) {
+ if(e==null) {
+ msg("Endpoints Data is null.");
+ } else {
+ if(emptyNotOK && e.getEndpoint().size()==0) {
+ msg("Endpoints contains no endpoints");
+ } else {
+ for(Endpoint ep : e.getEndpoint()) {
+ endpoint(ep);
+ }
+ }
+ }
+ return this;
+ }
- public LocateValidator mgmt_endpoint_key(MgmtEndpoints meps) {
- if(meps==null) {
- msg("MgmtEndpoints Data is null.");
- } else {
- for(MgmtEndpoint ep : meps.getMgmtEndpoint()) {
- endpoint_key(ep);
- }
- }
- return this;
- }
+ public LocateValidator mgmt_endpoint_key(MgmtEndpoints meps) {
+ if(meps==null) {
+ msg("MgmtEndpoints Data is null.");
+ } else {
+ for(MgmtEndpoint ep : meps.getMgmtEndpoint()) {
+ endpoint_key(ep);
+ }
+ }
+ return this;
+ }
- public LocateValidator mgmt_endpoints(MgmtEndpoints me, boolean emptyOK) {
- if(me==null) {
- msg("MgmtEndpoints Data is null.");
- } else {
- if(!emptyOK && me.getMgmtEndpoint().size()==0) {
- msg("MgmtEndpoints contains no data");
- } else {
- for(MgmtEndpoint ep : me.getMgmtEndpoint()) {
- mgmt_endpoint(ep);
- }
- }
- }
- return this;
- }
+ public LocateValidator mgmt_endpoints(MgmtEndpoints me, boolean emptyOK) {
+ if(me==null) {
+ msg("MgmtEndpoints Data is null.");
+ } else {
+ if(!emptyOK && me.getMgmtEndpoint().size()==0) {
+ msg("MgmtEndpoints contains no data");
+ } else {
+ for(MgmtEndpoint ep : me.getMgmtEndpoint()) {
+ mgmt_endpoint(ep);
+ }
+ }
+ }
+ return this;
+ }
- private LocateValidator mgmt_endpoint(MgmtEndpoint ep) {
- endpoint(ep);
- for(SpecialPorts sp : ep.getSpecialPorts()) {
- specialPorts(sp);
- }
- return this;
- }
+ private LocateValidator mgmt_endpoint(MgmtEndpoint ep) {
+ endpoint(ep);
+ for(SpecialPorts sp : ep.getSpecialPorts()) {
+ specialPorts(sp);
+ }
+ return this;
+ }
- private LocateValidator specialPorts(SpecialPorts sp) {
- if(sp==null) {
- msg("Special Ports is null.");
- } else {
- nullOrBlank("Special Port Name",sp.getName());
- nullOrBlank("Special Port Protocol",sp.getProtocol());
- intRange("Special Port",sp.getPort(),0,1000000);
-
- for(String s : sp.getProtocolVersions()) {
- nullOrBlank("Special Port Protocol Version", s);
- }
- }
- return this;
- }
+ private LocateValidator specialPorts(SpecialPorts sp) {
+ if(sp==null) {
+ msg("Special Ports is null.");
+ } else {
+ nullOrBlank("Special Port Name",sp.getName());
+ nullOrBlank("Special Port Protocol",sp.getProtocol());
+ intRange("Special Port",sp.getPort(),0,1000000);
+
+ for(String s : sp.getProtocolVersions()) {
+ nullOrBlank("Special Port Protocol Version", s);
+ }
+ }
+ return this;
+ }
}
diff --git a/auth/auth-locate/src/test/java/org/onap/aaf/auth/locate/JU_BasicAuthCodeTest.java b/auth/auth-locate/src/test/java/org/onap/aaf/auth/locate/JU_BasicAuthCodeTest.java
index eea60eb0..cdae121a 100644
--- a/auth/auth-locate/src/test/java/org/onap/aaf/auth/locate/JU_BasicAuthCodeTest.java
+++ b/auth/auth-locate/src/test/java/org/onap/aaf/auth/locate/JU_BasicAuthCodeTest.java
@@ -42,74 +42,74 @@ import org.onap.aaf.misc.env.LogTarget;
public class JU_BasicAuthCodeTest {
- @Mock
- AAFAuthn authn;
+ @Mock
+ AAFAuthn authn;
- @Mock(answer = Answers.RETURNS_DEEP_STUBS)
- AuthzTrans trans;
+ @Mock(answer = Answers.RETURNS_DEEP_STUBS)
+ AuthzTrans trans;
- @Mock
- HttpServletRequest req;
+ @Mock
+ HttpServletRequest req;
- @Mock
- HttpServletResponse resp;
+ @Mock
+ HttpServletResponse resp;
- @Mock
- LogTarget error;
+ @Mock
+ LogTarget error;
- @Mock
- LocateFacade facade;
+ @Mock
+ LocateFacade facade;
- @Mock
- BasicPrincipal basicPrincipal;
- @Mock
- X509Principal x509Principal;
+ @Mock
+ BasicPrincipal basicPrincipal;
+ @Mock
+ X509Principal x509Principal;
- @Before
- public void setUp() throws Exception {
- initMocks(this);
- }
+ @Before
+ public void setUp() throws Exception {
+ initMocks(this);
+ }
- @Test
- public void testWithNullUserPrincipal() throws Exception {
- BasicAuthCode basicAuthCode = new BasicAuthCode(authn, facade);
- LocateCode locateCode = basicAuthCode.clone(facade, false);
+ @Test
+ public void testWithNullUserPrincipal() throws Exception {
+ BasicAuthCode basicAuthCode = new BasicAuthCode(authn, facade);
+ LocateCode locateCode = basicAuthCode.clone(facade, false);
- assertEquals(locateCode.desc(), basicAuthCode.desc());
+ assertEquals(locateCode.desc(), basicAuthCode.desc());
- when(trans.getUserPrincipal()).thenReturn(null);
- when(trans.error()).thenReturn(error);
+ when(trans.getUserPrincipal()).thenReturn(null);
+ when(trans.error()).thenReturn(error);
- basicAuthCode.handle(trans, req, resp);
- }
+ basicAuthCode.handle(trans, req, resp);
+ }
- @Test
- public void testWithBasicUserPrincipal() throws Exception {
- BasicAuthCode basicAuthCode = new BasicAuthCode(authn, facade);
- LocateCode locateCode = basicAuthCode.clone(facade, false);
+ @Test
+ public void testWithBasicUserPrincipal() throws Exception {
+ BasicAuthCode basicAuthCode = new BasicAuthCode(authn, facade);
+ LocateCode locateCode = basicAuthCode.clone(facade, false);
- assertEquals(locateCode.desc(), basicAuthCode.desc());
+ assertEquals(locateCode.desc(), basicAuthCode.desc());
- when(trans.getUserPrincipal()).thenReturn(basicPrincipal);
+ when(trans.getUserPrincipal()).thenReturn(basicPrincipal);
- basicAuthCode.handle(trans, req, resp);
+ basicAuthCode.handle(trans, req, resp);
- verify(resp).setStatus(HttpStatus.OK_200);
- }
+ verify(resp).setStatus(HttpStatus.OK_200);
+ }
- @Test
- public void testWithX509UserPrincipal() throws Exception {
- BasicAuthCode basicAuthCode = new BasicAuthCode(authn, facade);
- LocateCode locateCode = basicAuthCode.clone(facade, false);
+ @Test
+ public void testWithX509UserPrincipal() throws Exception {
+ BasicAuthCode basicAuthCode = new BasicAuthCode(authn, facade);
+ LocateCode locateCode = basicAuthCode.clone(facade, false);
- assertEquals(locateCode.desc(), basicAuthCode.desc());
+ assertEquals(locateCode.desc(), basicAuthCode.desc());
- when(trans.getUserPrincipal()).thenReturn(x509Principal);
- when(req.getHeader("Authorization")).thenReturn("Basic 76//76");
+ when(trans.getUserPrincipal()).thenReturn(x509Principal);
+ when(req.getHeader("Authorization")).thenReturn("Basic 76//76");
- basicAuthCode.handle(trans, req, resp);
+ basicAuthCode.handle(trans, req, resp);
- verify(resp).setStatus(HttpStatus.FORBIDDEN_403);
- }
+ verify(resp).setStatus(HttpStatus.FORBIDDEN_403);
+ }
}
diff --git a/auth/auth-locate/src/test/java/org/onap/aaf/auth/locate/mapper/JU_Mapper_1_0Test.java b/auth/auth-locate/src/test/java/org/onap/aaf/auth/locate/mapper/JU_Mapper_1_0Test.java
index 26bea940..5422117c 100644
--- a/auth/auth-locate/src/test/java/org/onap/aaf/auth/locate/mapper/JU_Mapper_1_0Test.java
+++ b/auth/auth-locate/src/test/java/org/onap/aaf/auth/locate/mapper/JU_Mapper_1_0Test.java
@@ -35,31 +35,31 @@ import locate_local.v1_0.Out;
public class JU_Mapper_1_0Test {
- @Before
- public void setUp() throws Exception {
+ @Before
+ public void setUp() throws Exception {
- }
+ }
- @Test
- public void testGetClasses() {
- Mapper_1_1 mapper = new Mapper_1_1();
- assertEquals(InRequest.class, mapper.getClass(API.IN_REQ));
- assertEquals(Out.class, mapper.getClass(API.OUT));
- assertEquals(Error.class, mapper.getClass(API.ERROR));
- assertEquals(Void.class, mapper.getClass(API.VOID));
- assertEquals(Endpoints.class, mapper.getClass(API.ENDPOINTS));
- assertEquals(MgmtEndpoints.class, mapper.getClass(API.MGMT_ENDPOINTS));
- }
+ @Test
+ public void testGetClasses() {
+ Mapper_1_1 mapper = new Mapper_1_1();
+ assertEquals(InRequest.class, mapper.getClass(API.IN_REQ));
+ assertEquals(Out.class, mapper.getClass(API.OUT));
+ assertEquals(Error.class, mapper.getClass(API.ERROR));
+ assertEquals(Void.class, mapper.getClass(API.VOID));
+ assertEquals(Endpoints.class, mapper.getClass(API.ENDPOINTS));
+ assertEquals(MgmtEndpoints.class, mapper.getClass(API.MGMT_ENDPOINTS));
+ }
- @Test
- public void testNewInstance() {
- Mapper_1_1 mapper = new Mapper_1_1();
- assertTrue(mapper.newInstance(API.IN_REQ) instanceof InRequest);
- assertTrue(mapper.newInstance(API.OUT) instanceof Out);
- assertTrue(mapper.newInstance(API.ERROR) instanceof Error);
- assertTrue(mapper.newInstance(API.ENDPOINTS) instanceof Endpoints);
- assertTrue(mapper.newInstance(API.MGMT_ENDPOINTS) instanceof MgmtEndpoints);
- assertEquals(null, mapper.newInstance(API.VOID));
- }
+ @Test
+ public void testNewInstance() {
+ Mapper_1_1 mapper = new Mapper_1_1();
+ assertTrue(mapper.newInstance(API.IN_REQ) instanceof InRequest);
+ assertTrue(mapper.newInstance(API.OUT) instanceof Out);
+ assertTrue(mapper.newInstance(API.ERROR) instanceof Error);
+ assertTrue(mapper.newInstance(API.ENDPOINTS) instanceof Endpoints);
+ assertTrue(mapper.newInstance(API.MGMT_ENDPOINTS) instanceof MgmtEndpoints);
+ assertEquals(null, mapper.newInstance(API.VOID));
+ }
}
diff --git a/auth/auth-locate/src/test/java/org/onap/aaf/auth/locate/service/JU_LocateServiceImplTest.java b/auth/auth-locate/src/test/java/org/onap/aaf/auth/locate/service/JU_LocateServiceImplTest.java
index c66de60b..e3a74720 100644
--- a/auth/auth-locate/src/test/java/org/onap/aaf/auth/locate/service/JU_LocateServiceImplTest.java
+++ b/auth/auth-locate/src/test/java/org/onap/aaf/auth/locate/service/JU_LocateServiceImplTest.java
@@ -44,71 +44,71 @@ import locate.v1_0.MgmtEndpoints;
public class JU_LocateServiceImplTest {
- // Extend, because I don't want a "setter" in the original. Compromised with a protected...
- private final class LocateServiceImplExtension extends LocateServiceImpl {
- private LocateServiceImplExtension(AuthzTrans trans, AAF_Locate locate, Mapper mapper) throws APIException {
- super(trans, locate, mapper);
- }
- public void set(LocateDAO ld) {
- locateDAO=ld;
- }
- }
-
- @Mock
- private AuthzTrans trans;
- @Mock
- private AAF_Locate aaf_locate;
- @Mock
- private LocateDAO locateDAO;
- @Mock
- private Mapper mapper;
- @Mock
- private Result<List<Data>> result;
- @Mock
- private Result endPointResult;
- @Mock
- private MgmtEndpoints meps;
- @Mock
- private MgmtEndpoint mgmtEndPoint;
-
- @Before
- public void setup() {
- MockitoAnnotations.initMocks(this);
- }
-
- @Test
- public void test() throws APIException {
- LocateServiceImplExtension locateServiceImpl = new LocateServiceImplExtension(trans, aaf_locate, mapper);
- locateServiceImpl.set(locateDAO);
-
- assertEquals(mapper, locateServiceImpl.mapper());
-
- when(locateDAO.readByName(trans, "http")).thenReturn(result);
- when(mapper.endpoints(result, "1.0", "other")).thenReturn(endPointResult);
-
- Result output = locateServiceImpl.getEndPoints(trans, "http", "1.0", "other");
-
- assertEquals(endPointResult, output);
-
- List<MgmtEndpoint> mgmtEndPoints = new ArrayList<>();
- mgmtEndPoints.add(mgmtEndPoint);
-
- when(mgmtEndPoint.getName()).thenReturn("http.Endpoint1");
- when(mgmtEndPoint.getHostname()).thenReturn("HOST1");
- when(mgmtEndPoint.getPort()).thenReturn(9090);
- when(mgmtEndPoint.getProtocol()).thenReturn("HTTP");
-
- when(meps.getMgmtEndpoint()).thenReturn(mgmtEndPoints);
- output = locateServiceImpl.putMgmtEndPoints(trans, meps);
-
- assertEquals(output.toString(), Result.ok().toString());
-
- when(trans.fish(any())).thenReturn(true);
- Data data = new LocateDAO.Data();
- when(mapper.locateData(mgmtEndPoint)).thenReturn(data);
- output = locateServiceImpl.removeMgmtEndPoints(trans, meps);
-
- assertEquals(output.toString(), Result.ok().toString());
- }
+ // Extend, because I don't want a "setter" in the original. Compromised with a protected...
+ private final class LocateServiceImplExtension extends LocateServiceImpl {
+ private LocateServiceImplExtension(AuthzTrans trans, AAF_Locate locate, Mapper mapper) throws APIException {
+ super(trans, locate, mapper);
+ }
+ public void set(LocateDAO ld) {
+ locateDAO=ld;
+ }
+ }
+
+ @Mock
+ private AuthzTrans trans;
+ @Mock
+ private AAF_Locate aaf_locate;
+ @Mock
+ private LocateDAO locateDAO;
+ @Mock
+ private Mapper mapper;
+ @Mock
+ private Result<List<Data>> result;
+ @Mock
+ private Result endPointResult;
+ @Mock
+ private MgmtEndpoints meps;
+ @Mock
+ private MgmtEndpoint mgmtEndPoint;
+
+ @Before
+ public void setup() {
+ MockitoAnnotations.initMocks(this);
+ }
+
+ @Test
+ public void test() throws APIException {
+ LocateServiceImplExtension locateServiceImpl = new LocateServiceImplExtension(trans, aaf_locate, mapper);
+ locateServiceImpl.set(locateDAO);
+
+ assertEquals(mapper, locateServiceImpl.mapper());
+
+ when(locateDAO.readByName(trans, "http")).thenReturn(result);
+ when(mapper.endpoints(result, "1.0", "other")).thenReturn(endPointResult);
+
+ Result output = locateServiceImpl.getEndPoints(trans, "http", "1.0", "other");
+
+ assertEquals(endPointResult, output);
+
+ List<MgmtEndpoint> mgmtEndPoints = new ArrayList<>();
+ mgmtEndPoints.add(mgmtEndPoint);
+
+ when(mgmtEndPoint.getName()).thenReturn("http.Endpoint1");
+ when(mgmtEndPoint.getHostname()).thenReturn("HOST1");
+ when(mgmtEndPoint.getPort()).thenReturn(9090);
+ when(mgmtEndPoint.getProtocol()).thenReturn("HTTP");
+
+ when(meps.getMgmtEndpoint()).thenReturn(mgmtEndPoints);
+ output = locateServiceImpl.putMgmtEndPoints(trans, meps);
+
+ assertEquals(output.toString(), Result.ok().toString());
+
+ when(trans.fish(any())).thenReturn(true);
+ Data data = new LocateDAO.Data();
+ when(mapper.locateData(mgmtEndPoint)).thenReturn(data);
+ output = locateServiceImpl.removeMgmtEndPoints(trans, meps);
+
+ assertEquals(output.toString(), Result.ok().toString());
+ }
}
diff --git a/auth/auth-oauth/src/main/java/org/onap/aaf/auth/oauth/AAF_OAuth.java b/auth/auth-oauth/src/main/java/org/onap/aaf/auth/oauth/AAF_OAuth.java
index d73c3be3..3ae80e3c 100644
--- a/auth/auth-oauth/src/main/java/org/onap/aaf/auth/oauth/AAF_OAuth.java
+++ b/auth/auth-oauth/src/main/java/org/onap/aaf/auth/oauth/AAF_OAuth.java
@@ -66,140 +66,140 @@ import com.datastax.driver.core.Cluster;
import aafoauth.v2_0.Introspect;
public class AAF_OAuth extends AbsService<AuthzEnv,AuthzTrans> {
- private static final String DOT_OAUTH = ".oauth";
- public Map<String, Dated> cacheUser;
- public AAFAuthn<?> aafAuthn;
- public AAFLurPerm aafLurPerm;
- private final OAuthService service;
- private OAFacade1_0 facade1_0;
- private final Question question;
- private TokenPermLoader tpLoader;
- private final Cluster cluster;
-
- /**
- * Construct AuthzAPI with all the Context Supporting Routes that Authz needs
- *
- * @param env
- * @param si
- * @param dm
- * @param decryptor
- * @throws APIException
- */
- public AAF_OAuth(final AuthzEnv env) throws Exception {
- super(env.access(),env);
-
- String aaf_env = env.getProperty(Config.AAF_ENV);
- if(aaf_env==null) {
- throw new APIException("aaf_env needs to be set");
- }
-
- // Initialize Facade for all uses
- AuthzTrans trans = env.newTrans();
- cluster = org.onap.aaf.auth.dao.CassAccess.cluster(env,null);
-
- aafLurPerm = aafCon().newLur();
- // Note: If you need both Authn and Authz construct the following:
- aafAuthn = aafCon().newAuthn(aafLurPerm);
-
- // Start Background Processing
- // Question question =
- question = new Question(trans, cluster, CassAccess.KEYSPACE, true);
-
- // Have AAFLocator object Create DirectLocators for Location needs
- AbsAAFLocator.setCreator(new DirectLocatorCreator(env, question.locateDAO));
-
-
- service = new OAuthService(env.access(),trans,question);
- facade1_0 = OAFacadeFactory.v1_0(this, trans, service, TYPE.JSON);
- StringBuilder sb = new StringBuilder();
- trans.auditTrail(2, sb);
- trans.init().log(sb);
-
- API_Token.init(this, facade1_0);
- }
-
- /**
- * Setup XML and JSON implementations for each supported Version type
- *
- * We do this by taking the Code passed in and creating clones of these with the appropriate Facades and properties
- * to do Versions and Content switches
- *
- */
- public void route(HttpMethods meth, String path, API api, HttpCode<AuthzTrans, OAFacade<Introspect>> code) throws Exception {
- String version = "1.0";
- // Get Correct API Class from Mapper
- Class<?> respCls = facade1_0.mapper().getClass(api);
- if(respCls==null) throw new Exception("Unknown class associated with " + api.getClass().getName() + ' ' + api.name());
- // setup Application API HTML ContentTypes for JSON and Route
- String application = applicationJSON(respCls, version);
- if(meth.equals(HttpMethods.POST)) {
- route(env,meth,path,code,application,"application/json;version="+version,"application/x-www-form-urlencoded","*/*");
- } else {
- route(env,meth,path,code,application,"application/json;version="+version,"*/*");
- }
- }
-
- @Override
- public Filter[] _filters(Object ... additionalTafLurs) throws CadiException, LocatorException {
- try {
- DirectOAuthTAF doat = new DirectOAuthTAF(env,question,facade1_0);
- Object[] atl=new Object[additionalTafLurs.length+2];
- atl[0] = doat;
- atl[1] = doat.directUserPass();
-
- if(additionalTafLurs.length>0) {
- System.arraycopy(additionalTafLurs, 0, atl, 2, additionalTafLurs.length);
- }
-
- return new Filter[] {
- new AuthzTransFilter(env,aafCon(),
- new AAFTrustChecker((Env)env),
- atl
- )};
- } catch (NumberFormatException | APIException e) {
- throw new CadiException("Invalid Property information", e);
- }
- }
-
- @SuppressWarnings("unchecked")
- @Override
- public Registrant<AuthzEnv>[] registrants(final int port) throws CadiException {
- return new Registrant[] {
- new DirectRegistrar(access,question.locateDAO,app_name,app_version,port),
- new DirectRegistrar(access,question.locateDAO,app_name.replace(DOT_OAUTH, ".token"),app_version,port),
- new DirectRegistrar(access,question.locateDAO,app_name.replace(DOT_OAUTH, ".introspect"),app_version,port)
-
- };
- }
-
-
- @Override
- public void destroy() {
- Cache.stopTimer();
- if(service!=null) {
- service.close();
- }
- if(cluster!=null) {
- cluster.close();
- }
- super.destroy();
- }
-
- // For use in CADI ONLY
- public TokenMgr.TokenPermLoader tpLoader() {
- return tpLoader;
- }
-
- public static void main(final String[] args) {
- try {
- Log4JLogIt logIt = new Log4JLogIt(args, "oauth");
- PropAccess propAccess = new PropAccess(logIt,args);
-
- AAF_OAuth service = new AAF_OAuth(new AuthzEnv(propAccess));
- JettyServiceStarter<AuthzEnv,AuthzTrans> jss = new JettyServiceStarter<AuthzEnv,AuthzTrans>(service);
- jss.start();
- } catch (Exception e) {
- e.printStackTrace();
- }
- }
+ private static final String DOT_OAUTH = ".oauth";
+ public Map<String, Dated> cacheUser;
+ public AAFAuthn<?> aafAuthn;
+ public AAFLurPerm aafLurPerm;
+ private final OAuthService service;
+ private OAFacade1_0 facade1_0;
+ private final Question question;
+ private TokenPermLoader tpLoader;
+ private final Cluster cluster;
+
+ /**
+ * Construct AuthzAPI with all the Context Supporting Routes that Authz needs
+ *
+ * @param env
+ * @param si
+ * @param dm
+ * @param decryptor
+ * @throws APIException
+ */
+ public AAF_OAuth(final AuthzEnv env) throws Exception {
+ super(env.access(),env);
+
+ String aaf_env = env.getProperty(Config.AAF_ENV);
+ if(aaf_env==null) {
+ throw new APIException("aaf_env needs to be set");
+ }
+
+ // Initialize Facade for all uses
+ AuthzTrans trans = env.newTrans();
+ cluster = org.onap.aaf.auth.dao.CassAccess.cluster(env,null);
+
+ aafLurPerm = aafCon().newLur();
+ // Note: If you need both Authn and Authz construct the following:
+ aafAuthn = aafCon().newAuthn(aafLurPerm);
+
+ // Start Background Processing
+ // Question question =
+ question = new Question(trans, cluster, CassAccess.KEYSPACE, true);
+
+ // Have AAFLocator object Create DirectLocators for Location needs
+ AbsAAFLocator.setCreator(new DirectLocatorCreator(env, question.locateDAO));
+
+
+ service = new OAuthService(env.access(),trans,question);
+ facade1_0 = OAFacadeFactory.v1_0(this, trans, service, TYPE.JSON);
+ StringBuilder sb = new StringBuilder();
+ trans.auditTrail(2, sb);
+ trans.init().log(sb);
+
+ API_Token.init(this, facade1_0);
+ }
+
+ /**
+ * Setup XML and JSON implementations for each supported Version type
+ *
+ * We do this by taking the Code passed in and creating clones of these with the appropriate Facades and properties
+ * to do Versions and Content switches
+ *
+ */
+ public void route(HttpMethods meth, String path, API api, HttpCode<AuthzTrans, OAFacade<Introspect>> code) throws Exception {
+ String version = "1.0";
+ // Get Correct API Class from Mapper
+ Class<?> respCls = facade1_0.mapper().getClass(api);
+ if(respCls==null) throw new Exception("Unknown class associated with " + api.getClass().getName() + ' ' + api.name());
+ // setup Application API HTML ContentTypes for JSON and Route
+ String application = applicationJSON(respCls, version);
+ if(meth.equals(HttpMethods.POST)) {
+ route(env,meth,path,code,application,"application/json;version="+version,"application/x-www-form-urlencoded","*/*");
+ } else {
+ route(env,meth,path,code,application,"application/json;version="+version,"*/*");
+ }
+ }
+
+ @Override
+ public Filter[] _filters(Object ... additionalTafLurs) throws CadiException, LocatorException {
+ try {
+ DirectOAuthTAF doat = new DirectOAuthTAF(env,question,facade1_0);
+ Object[] atl=new Object[additionalTafLurs.length+2];
+ atl[0] = doat;
+ atl[1] = doat.directUserPass();
+
+ if(additionalTafLurs.length>0) {
+ System.arraycopy(additionalTafLurs, 0, atl, 2, additionalTafLurs.length);
+ }
+
+ return new Filter[] {
+ new AuthzTransFilter(env,aafCon(),
+ new AAFTrustChecker((Env)env),
+ atl
+ )};
+ } catch (NumberFormatException | APIException e) {
+ throw new CadiException("Invalid Property information", e);
+ }
+ }
+
+ @SuppressWarnings("unchecked")
+ @Override
+ public Registrant<AuthzEnv>[] registrants(final int port) throws CadiException {
+ return new Registrant[] {
+ new DirectRegistrar(access,question.locateDAO,app_name,app_version,port),
+ new DirectRegistrar(access,question.locateDAO,app_name.replace(DOT_OAUTH, ".token"),app_version,port),
+ new DirectRegistrar(access,question.locateDAO,app_name.replace(DOT_OAUTH, ".introspect"),app_version,port)
+
+ };
+ }
+
+
+ @Override
+ public void destroy() {
+ Cache.stopTimer();
+ if(service!=null) {
+ service.close();
+ }
+ if(cluster!=null) {
+ cluster.close();
+ }
+ super.destroy();
+ }
+
+ // For use in CADI ONLY
+ public TokenMgr.TokenPermLoader tpLoader() {
+ return tpLoader;
+ }
+
+ public static void main(final String[] args) {
+ try {
+ Log4JLogIt logIt = new Log4JLogIt(args, "oauth");
+ PropAccess propAccess = new PropAccess(logIt,args);
+
+ AAF_OAuth service = new AAF_OAuth(new AuthzEnv(propAccess));
+ JettyServiceStarter<AuthzEnv,AuthzTrans> jss = new JettyServiceStarter<AuthzEnv,AuthzTrans>(service);
+ jss.start();
+ } catch (Exception e) {
+ e.printStackTrace();
+ }
+ }
}
diff --git a/auth/auth-oauth/src/main/java/org/onap/aaf/auth/oauth/DirectOAuthTAF.java b/auth/auth-oauth/src/main/java/org/onap/aaf/auth/oauth/DirectOAuthTAF.java
index e602e863..bb882367 100644
--- a/auth/auth-oauth/src/main/java/org/onap/aaf/auth/oauth/DirectOAuthTAF.java
+++ b/auth/auth-oauth/src/main/java/org/onap/aaf/auth/oauth/DirectOAuthTAF.java
@@ -62,163 +62,163 @@ import org.onap.aaf.misc.env.APIException;
import aafoauth.v2_0.Introspect;
public class DirectOAuthTAF implements HttpTaf {
- private PropAccess access;
- private DirectIntrospect<Introspect> oaFacade;
- private TokenMgr tkMgr;
- private final DirectAAFUserPass directUserPass;
- private TokenClient altIntrospectClient;
-
- public DirectOAuthTAF(AuthzEnv env, Question q, DirectIntrospect<Introspect> facade) throws APIException, CadiException {
- access = env.access();
- oaFacade = facade;
- tkMgr = TokenMgr.getInstance(access,"dbToken","dbIntrospect");
- String alt_url = access.getProperty(Config.AAF_ALT_OAUTH2_INTROSPECT_URL,null);
- TokenClientFactory tcf;
- if(alt_url!=null) {
- try {
- tcf = TokenClientFactory.instance(access);
- String[] split = Split.split(',', alt_url);
- int timeout = split.length>1?Integer.parseInt(split[1]):3000;
- altIntrospectClient = tcf.newClient(split[0], timeout);
- altIntrospectClient.client_creds(access.getProperty(Config.AAF_ALT_CLIENT_ID,null),
- access.getProperty(Config.AAF_ALT_CLIENT_SECRET,null));
- } catch (GeneralSecurityException | IOException | LocatorException e) {
- throw new CadiException(e);
- }
- }
-
- directUserPass = new DirectAAFUserPass(env,q);
- }
-
- @Override
- public TafResp validate(LifeForm reading, HttpServletRequest req, HttpServletResponse resp) {
- String value;
- String token;
- if((value=req.getHeader("Authorization"))!=null && value.startsWith("Bearer ")) {
- token = value.substring(7);
- } else {
- token = null;
- }
-
- if("application/x-www-form-urlencoded".equals(req.getContentType())) {
- Map<String, String[]> map = req.getParameterMap();
- String client_id=null,client_secret=null,username=null,password=null;
- for(Map.Entry<String, String[]> es : map.entrySet()) {
- switch(es.getKey()) {
- case "client_id":
- for(String s : es.getValue()) {
- client_id=s;
- }
- break;
- case "client_secret":
- for(String s : es.getValue()) {
- client_secret=s;
- }
- break;
- case "username":
- for(String s : es.getValue()) {
- username=s;
- }
- break;
- case "password":
- for(String s : es.getValue()) {
- password=s;
- }
- break;
- case "token":
- if(token!=null) { // Defined as both Bearer and Form Encoded - Error
- return new OAuth2HttpTafResp(access, null, "Token Info found as both Bearer Token and Form Info", RESP.FAIL, resp, true);
- }
- for(String s : es.getValue()) {
- token=s;
- }
- break;
- // Ignore others
- }
- }
-
- if(client_id==null || client_secret==null) {
- return new OAuth2HttpTafResp(access, null, "client_id and client_secret required", RESP.TRY_ANOTHER_TAF, resp, false);
- }
-
- if(token==null) { // No Token to work with, use only Client_ID and Client_Secret
- AuthzTrans trans = (AuthzTrans)req.getAttribute(TransFilter.TRANS_TAG);
-
- if(directUserPass.validate(client_id, Type.PASSWORD, client_secret.getBytes(), trans)) {
- // Client_ID is valid
- if(username==null) { // Validating just the Client_ID
- return new OAuth2FormHttpTafResp(access,new OAuth2FormPrincipal(client_id,client_id),"OAuth client_id authenticated",RESP.IS_AUTHENTICATED,resp,false);
- } else {
- //TODO - Does a clientID need specific Authorization to pair authentication with user name? At the moment, no.
- // username is ok.
- if(password!=null) {
- if(directUserPass.validate(username, Type.PASSWORD, password.getBytes(), trans)) {
- return new OAuth2FormHttpTafResp(access,new OAuth2FormPrincipal(client_id, username),"OAuth username authenticated",RESP.IS_AUTHENTICATED,resp,false);
- } else {
- return new OAuth2HttpTafResp(access,null,"OAuth username " + username + " not authenticated ",RESP.FAIL,resp,true);
- }
- } else { // no Password
- //TODO Check for Trust Permission, which requires looking up Perms?
- return new OAuth2HttpTafResp(access,null,"OAuth username " + username + " not authenticated ",RESP.FAIL,resp,true);
- }
- }
- } else {
- return new OAuth2HttpTafResp(access,null,"OAuth client_id " + client_id + " not authenticated ",RESP.FAIL,resp,true);
- }
- }
- }
-
- // OK, have only a Token to validate
- if(token!=null) {
- AuthzTrans trans = (AuthzTrans)req.getAttribute(TransFilter.TRANS_TAG);
-
- try {
- Result<Introspect> ri = oaFacade.mappedIntrospect(trans, token);
- if(ri.isOK()) {
- TokenPerm tp = tkMgr.putIntrospect(ri.value, Hash.hashSHA256(token.getBytes()));
- if(tp==null) {
- return new OAuth2HttpTafResp(access, null, "TokenPerm persistence failure", RESP.FAIL, resp, false);
- } else {
- return new OAuth2HttpTafResp(access,new OAuth2Principal(tp,Hash.hashSHA256(token.getBytes())),"Token Authenticated",RESP.IS_AUTHENTICATED,resp,false);
- }
- } else {
- return new OAuth2HttpTafResp(access, null, ri.errorString(), RESP.FAIL, resp, false);
- }
- } catch (APIException e) {
- trans.error().log(e,"Error getting token");
- return new OAuth2HttpTafResp(access, null, "Error getting token: " + e.getMessage(), RESP.TRY_ANOTHER_TAF, resp, false);
- } catch (NoSuchAlgorithmException e) {
- return new OAuth2HttpTafResp(access, null, "Error in security algorithm: " + e.getMessage(), RESP.TRY_ANOTHER_TAF, resp, false);
- }
- }
- return new OAuth2HttpTafResp(access, null, "No OAuth2 Credentials in OAuthForm", RESP.TRY_ANOTHER_TAF, resp, false);
- }
-
- @Override
- public Resp revalidate(CachedPrincipal prin, Object state) {
- // TODO Auto-generated method stub
- return null;
- }
-
- class ServiceTPL implements TokenPermLoader {
- private final AuthzTrans trans;
- public ServiceTPL(AuthzTrans atrans) {
- trans = atrans;
- }
-
- @Override
- public org.onap.aaf.cadi.client.Result<TokenPerm> load(String accessToken, byte[] cred) throws APIException, CadiException, LocatorException {
- Result<Introspect> ri = oaFacade.mappedIntrospect(trans, accessToken);
- if(ri.notOK()) {
- //TODO what should the status mapping be?
- return org.onap.aaf.cadi.client.Result.err(ri.status,ri.errorString());
- }
- return org.onap.aaf.cadi.client.Result.ok(200,tkMgr.putIntrospect(ri.value, cred));
- }
- }
-
- public DirectAAFUserPass directUserPass() {
- return directUserPass;
- }
+ private PropAccess access;
+ private DirectIntrospect<Introspect> oaFacade;
+ private TokenMgr tkMgr;
+ private final DirectAAFUserPass directUserPass;
+ private TokenClient altIntrospectClient;
+
+ public DirectOAuthTAF(AuthzEnv env, Question q, DirectIntrospect<Introspect> facade) throws APIException, CadiException {
+ access = env.access();
+ oaFacade = facade;
+ tkMgr = TokenMgr.getInstance(access,"dbToken","dbIntrospect");
+ String alt_url = access.getProperty(Config.AAF_ALT_OAUTH2_INTROSPECT_URL,null);
+ TokenClientFactory tcf;
+ if(alt_url!=null) {
+ try {
+ tcf = TokenClientFactory.instance(access);
+ String[] split = Split.split(',', alt_url);
+ int timeout = split.length>1?Integer.parseInt(split[1]):3000;
+ altIntrospectClient = tcf.newClient(split[0], timeout);
+ altIntrospectClient.client_creds(access.getProperty(Config.AAF_ALT_CLIENT_ID,null),
+ access.getProperty(Config.AAF_ALT_CLIENT_SECRET,null));
+ } catch (GeneralSecurityException | IOException | LocatorException e) {
+ throw new CadiException(e);
+ }
+ }
+
+ directUserPass = new DirectAAFUserPass(env,q);
+ }
+
+ @Override
+ public TafResp validate(LifeForm reading, HttpServletRequest req, HttpServletResponse resp) {
+ String value;
+ String token;
+ if((value=req.getHeader("Authorization"))!=null && value.startsWith("Bearer ")) {
+ token = value.substring(7);
+ } else {
+ token = null;
+ }
+
+ if("application/x-www-form-urlencoded".equals(req.getContentType())) {
+ Map<String, String[]> map = req.getParameterMap();
+ String client_id=null,client_secret=null,username=null,password=null;
+ for(Map.Entry<String, String[]> es : map.entrySet()) {
+ switch(es.getKey()) {
+ case "client_id":
+ for(String s : es.getValue()) {
+ client_id=s;
+ }
+ break;
+ case "client_secret":
+ for(String s : es.getValue()) {
+ client_secret=s;
+ }
+ break;
+ case "username":
+ for(String s : es.getValue()) {
+ username=s;
+ }
+ break;
+ case "password":
+ for(String s : es.getValue()) {
+ password=s;
+ }
+ break;
+ case "token":
+ if(token!=null) { // Defined as both Bearer and Form Encoded - Error
+ return new OAuth2HttpTafResp(access, null, "Token Info found as both Bearer Token and Form Info", RESP.FAIL, resp, true);
+ }
+ for(String s : es.getValue()) {
+ token=s;
+ }
+ break;
+ // Ignore others
+ }
+ }
+
+ if(client_id==null || client_secret==null) {
+ return new OAuth2HttpTafResp(access, null, "client_id and client_secret required", RESP.TRY_ANOTHER_TAF, resp, false);
+ }
+
+ if(token==null) { // No Token to work with, use only Client_ID and Client_Secret
+ AuthzTrans trans = (AuthzTrans)req.getAttribute(TransFilter.TRANS_TAG);
+
+ if(directUserPass.validate(client_id, Type.PASSWORD, client_secret.getBytes(), trans)) {
+ // Client_ID is valid
+ if(username==null) { // Validating just the Client_ID
+ return new OAuth2FormHttpTafResp(access,new OAuth2FormPrincipal(client_id,client_id),"OAuth client_id authenticated",RESP.IS_AUTHENTICATED,resp,false);
+ } else {
+ //TODO - Does a clientID need specific Authorization to pair authentication with user name? At the moment, no.
+ // username is ok.
+ if(password!=null) {
+ if(directUserPass.validate(username, Type.PASSWORD, password.getBytes(), trans)) {
+ return new OAuth2FormHttpTafResp(access,new OAuth2FormPrincipal(client_id, username),"OAuth username authenticated",RESP.IS_AUTHENTICATED,resp,false);
+ } else {
+ return new OAuth2HttpTafResp(access,null,"OAuth username " + username + " not authenticated ",RESP.FAIL,resp,true);
+ }
+ } else { // no Password
+ //TODO Check for Trust Permission, which requires looking up Perms?
+ return new OAuth2HttpTafResp(access,null,"OAuth username " + username + " not authenticated ",RESP.FAIL,resp,true);
+ }
+ }
+ } else {
+ return new OAuth2HttpTafResp(access,null,"OAuth client_id " + client_id + " not authenticated ",RESP.FAIL,resp,true);
+ }
+ }
+ }
+
+ // OK, have only a Token to validate
+ if(token!=null) {
+ AuthzTrans trans = (AuthzTrans)req.getAttribute(TransFilter.TRANS_TAG);
+
+ try {
+ Result<Introspect> ri = oaFacade.mappedIntrospect(trans, token);
+ if(ri.isOK()) {
+ TokenPerm tp = tkMgr.putIntrospect(ri.value, Hash.hashSHA256(token.getBytes()));
+ if(tp==null) {
+ return new OAuth2HttpTafResp(access, null, "TokenPerm persistence failure", RESP.FAIL, resp, false);
+ } else {
+ return new OAuth2HttpTafResp(access,new OAuth2Principal(tp,Hash.hashSHA256(token.getBytes())),"Token Authenticated",RESP.IS_AUTHENTICATED,resp,false);
+ }
+ } else {
+ return new OAuth2HttpTafResp(access, null, ri.errorString(), RESP.FAIL, resp, false);
+ }
+ } catch (APIException e) {
+ trans.error().log(e,"Error getting token");
+ return new OAuth2HttpTafResp(access, null, "Error getting token: " + e.getMessage(), RESP.TRY_ANOTHER_TAF, resp, false);
+ } catch (NoSuchAlgorithmException e) {
+ return new OAuth2HttpTafResp(access, null, "Error in security algorithm: " + e.getMessage(), RESP.TRY_ANOTHER_TAF, resp, false);
+ }
+ }
+ return new OAuth2HttpTafResp(access, null, "No OAuth2 Credentials in OAuthForm", RESP.TRY_ANOTHER_TAF, resp, false);
+ }
+
+ @Override
+ public Resp revalidate(CachedPrincipal prin, Object state) {
+ // TODO Auto-generated method stub
+ return null;
+ }
+
+ class ServiceTPL implements TokenPermLoader {
+ private final AuthzTrans trans;
+ public ServiceTPL(AuthzTrans atrans) {
+ trans = atrans;
+ }
+
+ @Override
+ public org.onap.aaf.cadi.client.Result<TokenPerm> load(String accessToken, byte[] cred) throws APIException, CadiException, LocatorException {
+ Result<Introspect> ri = oaFacade.mappedIntrospect(trans, accessToken);
+ if(ri.notOK()) {
+ //TODO what should the status mapping be?
+ return org.onap.aaf.cadi.client.Result.err(ri.status,ri.errorString());
+ }
+ return org.onap.aaf.cadi.client.Result.ok(200,tkMgr.putIntrospect(ri.value, cred));
+ }
+ }
+
+ public DirectAAFUserPass directUserPass() {
+ return directUserPass;
+ }
}
diff --git a/auth/auth-oauth/src/main/java/org/onap/aaf/auth/oauth/OACode.java b/auth/auth-oauth/src/main/java/org/onap/aaf/auth/oauth/OACode.java
index f60c689b..a0381c3e 100644
--- a/auth/auth-oauth/src/main/java/org/onap/aaf/auth/oauth/OACode.java
+++ b/auth/auth-oauth/src/main/java/org/onap/aaf/auth/oauth/OACode.java
@@ -27,19 +27,19 @@ import org.onap.aaf.auth.rserv.HttpCode;
import aafoauth.v2_0.Introspect;
public abstract class OACode extends HttpCode<AuthzTrans, OAFacade<Introspect>> implements Cloneable {
- public boolean useJSON;
+ public boolean useJSON;
- public OACode(OAFacade<Introspect> facade, String description, boolean useJSON, String ... roles) {
- super(facade, description, roles);
- this.useJSON = useJSON;
- }
-
- public <D extends OACode> D clone(OAFacade<Introspect> facade, boolean useJSON) throws Exception {
- @SuppressWarnings("unchecked")
- D d = (D)clone();
- d.useJSON = useJSON;
- d.context = facade;
- return d;
- }
-
+ public OACode(OAFacade<Introspect> facade, String description, boolean useJSON, String ... roles) {
+ super(facade, description, roles);
+ this.useJSON = useJSON;
+ }
+
+ public <D extends OACode> D clone(OAFacade<Introspect> facade, boolean useJSON) throws Exception {
+ @SuppressWarnings("unchecked")
+ D d = (D)clone();
+ d.useJSON = useJSON;
+ d.context = facade;
+ return d;
+ }
+
} \ No newline at end of file
diff --git a/auth/auth-oauth/src/main/java/org/onap/aaf/auth/oauth/OAuth2Filter.java b/auth/auth-oauth/src/main/java/org/onap/aaf/auth/oauth/OAuth2Filter.java
index 4442e36f..161f6095 100644
--- a/auth/auth-oauth/src/main/java/org/onap/aaf/auth/oauth/OAuth2Filter.java
+++ b/auth/auth-oauth/src/main/java/org/onap/aaf/auth/oauth/OAuth2Filter.java
@@ -37,28 +37,28 @@ import org.onap.aaf.cadi.util.Split;
public class OAuth2Filter implements Filter {
- @Override
- public void init(FilterConfig filterConfig) throws ServletException {
- }
+ @Override
+ public void init(FilterConfig filterConfig) throws ServletException {
+ }
- @Override
- public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException {
- HttpServletRequest hreq = (HttpServletRequest)request;
- Principal p = hreq.getUserPrincipal();
- if(request.getContentType().equals("application/x-www-form-urlencoded")) {
-
- } else if(p instanceof BearerPrincipal) {
- for(String authz : Split.splitTrim(';', hreq.getHeader("Authorization"))) {
- if(authz.startsWith("Bearer ")) {
- ((BearerPrincipal)p).setBearer(authz.substring(7));
- }
- }
- }
- chain.doFilter(request, response);
- }
+ @Override
+ public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException {
+ HttpServletRequest hreq = (HttpServletRequest)request;
+ Principal p = hreq.getUserPrincipal();
+ if(request.getContentType().equals("application/x-www-form-urlencoded")) {
+
+ } else if(p instanceof BearerPrincipal) {
+ for(String authz : Split.splitTrim(';', hreq.getHeader("Authorization"))) {
+ if(authz.startsWith("Bearer ")) {
+ ((BearerPrincipal)p).setBearer(authz.substring(7));
+ }
+ }
+ }
+ chain.doFilter(request, response);
+ }
- @Override
- public void destroy() {
- }
+ @Override
+ public void destroy() {
+ }
}
diff --git a/auth/auth-oauth/src/main/java/org/onap/aaf/auth/oauth/OAuth2FormHttpTafResp.java b/auth/auth-oauth/src/main/java/org/onap/aaf/auth/oauth/OAuth2FormHttpTafResp.java
index 6adb4641..f63daf89 100644
--- a/auth/auth-oauth/src/main/java/org/onap/aaf/auth/oauth/OAuth2FormHttpTafResp.java
+++ b/auth/auth-oauth/src/main/java/org/onap/aaf/auth/oauth/OAuth2FormHttpTafResp.java
@@ -32,36 +32,36 @@ import org.onap.aaf.cadi.taf.AbsTafResp;
import org.onap.aaf.cadi.taf.TafResp;
public class OAuth2FormHttpTafResp extends AbsTafResp implements TafResp {
- private static final String tafName = DirectOAuthTAF.class.getSimpleName();
- private HttpServletResponse httpResp;
- private RESP status;
- private final boolean wasFailed;
-
- public OAuth2FormHttpTafResp(Access access, OAuth2FormPrincipal principal, String desc, RESP status, HttpServletResponse resp, boolean wasFailed) {
- super(access,tafName,principal, desc);
- httpResp = resp;
- this.status = status;
- this.wasFailed = wasFailed;
- }
+ private static final String tafName = DirectOAuthTAF.class.getSimpleName();
+ private HttpServletResponse httpResp;
+ private RESP status;
+ private final boolean wasFailed;
+
+ public OAuth2FormHttpTafResp(Access access, OAuth2FormPrincipal principal, String desc, RESP status, HttpServletResponse resp, boolean wasFailed) {
+ super(access,tafName,principal, desc);
+ httpResp = resp;
+ this.status = status;
+ this.wasFailed = wasFailed;
+ }
- public OAuth2FormHttpTafResp(Access access, TrustPrincipal principal, String desc, RESP status,HttpServletResponse resp) {
- super(access,tafName,principal, desc);
- httpResp = resp;
- this.status = status;
- wasFailed = true; // if Trust Principal added, must be good
- }
+ public OAuth2FormHttpTafResp(Access access, TrustPrincipal principal, String desc, RESP status,HttpServletResponse resp) {
+ super(access,tafName,principal, desc);
+ httpResp = resp;
+ this.status = status;
+ wasFailed = true; // if Trust Principal added, must be good
+ }
- public RESP authenticate() throws IOException {
- httpResp.setStatus(401); // Unauthorized
- return RESP.HTTP_REDIRECT_INVOKED;
- }
+ public RESP authenticate() throws IOException {
+ httpResp.setStatus(401); // Unauthorized
+ return RESP.HTTP_REDIRECT_INVOKED;
+ }
- public RESP isAuthenticated() {
- return status;
- }
+ public RESP isAuthenticated() {
+ return status;
+ }
- public boolean isFailedAttempt() {
- return wasFailed;
- }
+ public boolean isFailedAttempt() {
+ return wasFailed;
+ }
}
diff --git a/auth/auth-oauth/src/main/java/org/onap/aaf/auth/oauth/api/API_Token.java b/auth/auth-oauth/src/main/java/org/onap/aaf/auth/oauth/api/API_Token.java
index f2836a7b..f795dfd3 100644
--- a/auth/auth-oauth/src/main/java/org/onap/aaf/auth/oauth/api/API_Token.java
+++ b/auth/auth-oauth/src/main/java/org/onap/aaf/auth/oauth/api/API_Token.java
@@ -40,43 +40,43 @@ import aafoauth.v2_0.Introspect;
*
*/
public class API_Token {
- // Hide Public Constructor
- private API_Token() {}
-
- /**
- * Normal Init level APIs
- *
- * @param authzAPI
- * @param facade
- * @throws Exception
- */
- public static void init(final AAF_OAuth authzAPI, OAFacade<Introspect> facade) throws Exception {
- ////////
- // Overall APIs
- ///////
- authzAPI.route(HttpMethods.POST,"/token",API.TOKEN,new OACode(facade,"OAuth Token", true) {
- @Override
- public void handle(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp) throws Exception {
- Result<Void> r = context.createBearerToken(trans,req, resp);
- if(r.isOK()) {
- resp.setStatus(201/*HttpStatus.CREATED_201*/);
- } else {
- context.error(trans,resp,r);
- }
- }
- });
-
- authzAPI.route(HttpMethods.POST,"/introspect",API.INTROSPECT,new OACode(facade,"AAF Token Information", true) {
- @Override
- public void handle(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp) throws Exception {
- Result<Void> r = context.introspect(trans,req, resp);
- if(r.isOK()) {
- resp.setStatus(200 /*HttpStatus.OK_200*/);
- } else {
- context.error(trans,resp,r);
- }
- }
- });
+ // Hide Public Constructor
+ private API_Token() {}
+
+ /**
+ * Normal Init level APIs
+ *
+ * @param authzAPI
+ * @param facade
+ * @throws Exception
+ */
+ public static void init(final AAF_OAuth authzAPI, OAFacade<Introspect> facade) throws Exception {
+ ////////
+ // Overall APIs
+ ///////
+ authzAPI.route(HttpMethods.POST,"/token",API.TOKEN,new OACode(facade,"OAuth Token", true) {
+ @Override
+ public void handle(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp) throws Exception {
+ Result<Void> r = context.createBearerToken(trans,req, resp);
+ if(r.isOK()) {
+ resp.setStatus(201/*HttpStatus.CREATED_201*/);
+ } else {
+ context.error(trans,resp,r);
+ }
+ }
+ });
+
+ authzAPI.route(HttpMethods.POST,"/introspect",API.INTROSPECT,new OACode(facade,"AAF Token Information", true) {
+ @Override
+ public void handle(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp) throws Exception {
+ Result<Void> r = context.introspect(trans,req, resp);
+ if(r.isOK()) {
+ resp.setStatus(200 /*HttpStatus.OK_200*/);
+ } else {
+ context.error(trans,resp,r);
+ }
+ }
+ });
- }
+ }
}
diff --git a/auth/auth-oauth/src/main/java/org/onap/aaf/auth/oauth/facade/DirectIntrospect.java b/auth/auth-oauth/src/main/java/org/onap/aaf/auth/oauth/facade/DirectIntrospect.java
index 91423cef..6aec5feb 100644
--- a/auth/auth-oauth/src/main/java/org/onap/aaf/auth/oauth/facade/DirectIntrospect.java
+++ b/auth/auth-oauth/src/main/java/org/onap/aaf/auth/oauth/facade/DirectIntrospect.java
@@ -25,5 +25,5 @@ import org.onap.aaf.auth.env.AuthzTrans;
import org.onap.aaf.auth.layer.Result;
public interface DirectIntrospect<INTROSPECT> {
- Result<INTROSPECT> mappedIntrospect(AuthzTrans trans, String token);
+ Result<INTROSPECT> mappedIntrospect(AuthzTrans trans, String token);
}
diff --git a/auth/auth-oauth/src/main/java/org/onap/aaf/auth/oauth/facade/DirectIntrospectImpl.java b/auth/auth-oauth/src/main/java/org/onap/aaf/auth/oauth/facade/DirectIntrospectImpl.java
index 91431c34..2935ea3d 100644
--- a/auth/auth-oauth/src/main/java/org/onap/aaf/auth/oauth/facade/DirectIntrospectImpl.java
+++ b/auth/auth-oauth/src/main/java/org/onap/aaf/auth/oauth/facade/DirectIntrospectImpl.java
@@ -29,29 +29,29 @@ import org.onap.aaf.auth.oauth.mapper.MapperIntrospect;
import org.onap.aaf.auth.oauth.service.OAuthService;
public class DirectIntrospectImpl<INTROSPECT> extends FacadeImpl implements DirectIntrospect<INTROSPECT> {
- protected OAuthService service;
- private MapperIntrospect<INTROSPECT> mapper;
+ protected OAuthService service;
+ private MapperIntrospect<INTROSPECT> mapper;
- public DirectIntrospectImpl(OAuthService service, MapperIntrospect<INTROSPECT> mapper) {
- this.service = service;
- this.mapper = mapper;
- }
+ public DirectIntrospectImpl(OAuthService service, MapperIntrospect<INTROSPECT> mapper) {
+ this.service = service;
+ this.mapper = mapper;
+ }
- /* (non-Javadoc)
- * @see org.onap.aaf.auth.oauth.facade.OAFacade#mappedIntrospect(org.onap.aaf.auth.env.test.AuthzTrans, java.lang.String)
- */
- @Override
- public Result<INTROSPECT> mappedIntrospect(AuthzTrans trans, String token) {
- Result<INTROSPECT> rti;
- Result<OAuthTokenDAO.Data> rs = service.introspect(trans,token);
- if(rs.notOK()) {
- rti = Result.err(rs);
- } else if(rs.isEmpty()) {
- rti = Result.err(Result.ERR_NotFound,"No Token %s found",token);
- } else {
- rti = mapper.introspect(rs);
- }
- return rti;
- }
+ /* (non-Javadoc)
+ * @see org.onap.aaf.auth.oauth.facade.OAFacade#mappedIntrospect(org.onap.aaf.auth.env.test.AuthzTrans, java.lang.String)
+ */
+ @Override
+ public Result<INTROSPECT> mappedIntrospect(AuthzTrans trans, String token) {
+ Result<INTROSPECT> rti;
+ Result<OAuthTokenDAO.Data> rs = service.introspect(trans,token);
+ if(rs.notOK()) {
+ rti = Result.err(rs);
+ } else if(rs.isEmpty()) {
+ rti = Result.err(Result.ERR_NotFound,"No Token %s found",token);
+ } else {
+ rti = mapper.introspect(rs);
+ }
+ return rti;
+ }
}
diff --git a/auth/auth-oauth/src/main/java/org/onap/aaf/auth/oauth/facade/OAFacade.java b/auth/auth-oauth/src/main/java/org/onap/aaf/auth/oauth/facade/OAFacade.java
index 52ff38b7..c0bb8e7e 100644
--- a/auth/auth-oauth/src/main/java/org/onap/aaf/auth/oauth/facade/OAFacade.java
+++ b/auth/auth-oauth/src/main/java/org/onap/aaf/auth/oauth/facade/OAFacade.java
@@ -37,27 +37,27 @@ import org.onap.aaf.auth.oauth.service.OAuthService;
public interface OAFacade<INTROSPECT> {
///////////////////// STANDARD ELEMENTS //////////////////
- /**
- * @param trans
- * @param response
- * @param result
- */
- public void error(AuthzTrans trans, HttpServletResponse response, Result<?> result);
+ /**
+ * @param trans
+ * @param response
+ * @param result
+ */
+ public void error(AuthzTrans trans, HttpServletResponse response, Result<?> result);
- /**
- *
- * @param trans
- * @param response
- * @param status
- */
- public void error(AuthzTrans trans, HttpServletResponse response, int status, String msg, String ... detail);
+ /**
+ *
+ * @param trans
+ * @param response
+ * @param status
+ */
+ public void error(AuthzTrans trans, HttpServletResponse response, int status, String msg, String ... detail);
- public Result<Void> createBearerToken(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp);
+ public Result<Void> createBearerToken(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp);
- public Result<Void> introspect(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp);
+ public Result<Void> introspect(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp);
- public OAuthService service();
-
+ public OAuthService service();
+
///////////////////// STANDARD ELEMENTS //////////////////
diff --git a/auth/auth-oauth/src/main/java/org/onap/aaf/auth/oauth/facade/OAFacade1_0.java b/auth/auth-oauth/src/main/java/org/onap/aaf/auth/oauth/facade/OAFacade1_0.java
index 204a104a..b0776d94 100644
--- a/auth/auth-oauth/src/main/java/org/onap/aaf/auth/oauth/facade/OAFacade1_0.java
+++ b/auth/auth-oauth/src/main/java/org/onap/aaf/auth/oauth/facade/OAFacade1_0.java
@@ -37,11 +37,11 @@ import aafoauth.v2_0.TokenRequest;
*
*/
public class OAFacade1_0 extends OAFacadeImpl<TokenRequest,Token,Introspect,Error> {
- public OAFacade1_0(AAF_OAuth api,
- OAuthService service,
- Mapper<TokenRequest,Token,Introspect,Error> mapper,
- Data.TYPE type) throws APIException {
- super(api, service, mapper, type);
- }
+ public OAFacade1_0(AAF_OAuth api,
+ OAuthService service,
+ Mapper<TokenRequest,Token,Introspect,Error> mapper,
+ Data.TYPE type) throws APIException {
+ super(api, service, mapper, type);
+ }
}
diff --git a/auth/auth-oauth/src/main/java/org/onap/aaf/auth/oauth/facade/OAFacadeFactory.java b/auth/auth-oauth/src/main/java/org/onap/aaf/auth/oauth/facade/OAFacadeFactory.java
index ff586007..11b7217e 100644
--- a/auth/auth-oauth/src/main/java/org/onap/aaf/auth/oauth/facade/OAFacadeFactory.java
+++ b/auth/auth-oauth/src/main/java/org/onap/aaf/auth/oauth/facade/OAFacadeFactory.java
@@ -33,15 +33,15 @@ import aafoauth.v2_0.Introspect;
public class OAFacadeFactory {
- public static OAFacade1_0 v1_0(AAF_OAuth certman, AuthzTrans trans, OAuthService service, Data.TYPE type) throws APIException {
- return new OAFacade1_0(
- certman,
- service,
- new Mapper1_0(),
- type);
- }
+ public static OAFacade1_0 v1_0(AAF_OAuth certman, AuthzTrans trans, OAuthService service, Data.TYPE type) throws APIException {
+ return new OAFacade1_0(
+ certman,
+ service,
+ new Mapper1_0(),
+ type);
+ }
- public static DirectIntrospect<Introspect> directV1_0(OAuthService service) {
- return new DirectIntrospectImpl<Introspect>(service, new MapperIntrospect1_0());
- }
+ public static DirectIntrospect<Introspect> directV1_0(OAuthService service) {
+ return new DirectIntrospectImpl<Introspect>(service, new MapperIntrospect1_0());
+ }
}
diff --git a/auth/auth-oauth/src/main/java/org/onap/aaf/auth/oauth/facade/OAFacadeImpl.java b/auth/auth-oauth/src/main/java/org/onap/aaf/auth/oauth/facade/OAFacadeImpl.java
index ee35b8bf..cd1d7df1 100644
--- a/auth/auth-oauth/src/main/java/org/onap/aaf/auth/oauth/facade/OAFacadeImpl.java
+++ b/auth/auth-oauth/src/main/java/org/onap/aaf/auth/oauth/facade/OAFacadeImpl.java
@@ -69,7 +69,7 @@ import aaf.v2_0.Perms;
* 1) Interact with the Service Implementation (which might be supported by various kinds of Backend Storage)
* 2) Validate incoming data (if applicable)
* 3) Convert the Service response into the right Format, and mark the Content Type
- * a) In the future, we may support multiple Response Formats, aka JSON or XML, based on User Request.
+ * a) In the future, we may support multiple Response Formats, aka JSON or XML, based on User Request.
* 4) Log Service info, warnings and exceptions as necessary
* 5) When asked by the API layer, this will create and write Error content to the OutputStream
*
@@ -80,254 +80,254 @@ import aaf.v2_0.Perms;
*
*/
public abstract class OAFacadeImpl<TOKEN_REQ,TOKEN,INTROSPECT,ERROR>
- extends DirectIntrospectImpl<INTROSPECT> implements OAFacade<INTROSPECT> {
- private static final String INVALID_INPUT = "Invalid Input";
- private final RosettaDF<TOKEN> tokenDF;
- private final RosettaDF<TOKEN_REQ> tokenReqDF;
- private final RosettaDF<INTROSPECT> introspectDF;
- private final RosettaDF<ERROR> errDF;
- public final RosettaDF<Perms> permsDF;
- private final Mapper<TOKEN_REQ, TOKEN, INTROSPECT, ERROR> mapper;
-
- public OAFacadeImpl(AAF_OAuth api,
- OAuthService service,
- Mapper<TOKEN_REQ,TOKEN,INTROSPECT,ERROR> mapper,
- Data.TYPE dataType) throws APIException {
- super(service, mapper);
- this.mapper = mapper;
- AuthzEnv env = api.env;
- (tokenReqDF = env.newDataFactory(mapper.getClass(API.TOKEN_REQ))).in(dataType).out(dataType);
- (tokenDF = env.newDataFactory(mapper.getClass(API.TOKEN))).in(dataType).out(dataType);
- (introspectDF = env.newDataFactory(mapper.getClass(API.INTROSPECT))).in(dataType).out(dataType);
- (permsDF = env.newDataFactory(Perms.class)).in(dataType).out(dataType);
- (errDF = env.newDataFactory(mapper.getClass(API.ERROR))).in(dataType).out(dataType);
- }
-
- ///////////////////////////
- // Tokens
- ///////////////////////////
- public static final String CREATE_TOKEN = "createToken";
- public static final String INTROSPECT = "introspect";
-
- /* (non-Javadoc)
- * @see org.onap.aaf.auth.oauth.facade.OAFacade#getToken(org.onap.aaf.auth.env.test.AuthzTrans, javax.servlet.http.HttpServletResponse, org.onap.aaf.auth.oauth.service.OAuthAPI)
- */
- @Override
- public Result<Void> createBearerToken(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp) {
- TimeTaken tt = trans.start(CREATE_TOKEN, Env.SUB|Env.ALWAYS);
- try {
- TOKEN_REQ request;
- try {
- request = mapper.tokenReqFromParams(req);
- if(request==null) {
- Data<TOKEN_REQ> rd = tokenReqDF.newData().load(req.getInputStream());
- if(Question.willSpecialLog(trans, trans.user())) {
- Question.logEncryptTrace(trans,rd.asString());
- }
- request = rd.asObject();
- }
- } catch(APIException e) {
- trans.error().log(INVALID_INPUT,IN,CREATE_TOKEN);
- return Result.err(Status.ERR_BadData,INVALID_INPUT);
- }
+ extends DirectIntrospectImpl<INTROSPECT> implements OAFacade<INTROSPECT> {
+ private static final String INVALID_INPUT = "Invalid Input";
+ private final RosettaDF<TOKEN> tokenDF;
+ private final RosettaDF<TOKEN_REQ> tokenReqDF;
+ private final RosettaDF<INTROSPECT> introspectDF;
+ private final RosettaDF<ERROR> errDF;
+ public final RosettaDF<Perms> permsDF;
+ private final Mapper<TOKEN_REQ, TOKEN, INTROSPECT, ERROR> mapper;
+
+ public OAFacadeImpl(AAF_OAuth api,
+ OAuthService service,
+ Mapper<TOKEN_REQ,TOKEN,INTROSPECT,ERROR> mapper,
+ Data.TYPE dataType) throws APIException {
+ super(service, mapper);
+ this.mapper = mapper;
+ AuthzEnv env = api.env;
+ (tokenReqDF = env.newDataFactory(mapper.getClass(API.TOKEN_REQ))).in(dataType).out(dataType);
+ (tokenDF = env.newDataFactory(mapper.getClass(API.TOKEN))).in(dataType).out(dataType);
+ (introspectDF = env.newDataFactory(mapper.getClass(API.INTROSPECT))).in(dataType).out(dataType);
+ (permsDF = env.newDataFactory(Perms.class)).in(dataType).out(dataType);
+ (errDF = env.newDataFactory(mapper.getClass(API.ERROR))).in(dataType).out(dataType);
+ }
+
+ ///////////////////////////
+ // Tokens
+ ///////////////////////////
+ public static final String CREATE_TOKEN = "createToken";
+ public static final String INTROSPECT = "introspect";
+
+ /* (non-Javadoc)
+ * @see org.onap.aaf.auth.oauth.facade.OAFacade#getToken(org.onap.aaf.auth.env.test.AuthzTrans, javax.servlet.http.HttpServletResponse, org.onap.aaf.auth.oauth.service.OAuthAPI)
+ */
+ @Override
+ public Result<Void> createBearerToken(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp) {
+ TimeTaken tt = trans.start(CREATE_TOKEN, Env.SUB|Env.ALWAYS);
+ try {
+ TOKEN_REQ request;
+ try {
+ request = mapper.tokenReqFromParams(req);
+ if(request==null) {
+ Data<TOKEN_REQ> rd = tokenReqDF.newData().load(req.getInputStream());
+ if(Question.willSpecialLog(trans, trans.user())) {
+ Question.logEncryptTrace(trans,rd.asString());
+ }
+ request = rd.asObject();
+ }
+ } catch(APIException e) {
+ trans.error().log(INVALID_INPUT,IN,CREATE_TOKEN);
+ return Result.err(Status.ERR_BadData,INVALID_INPUT);
+ }
- // Already validated for Oauth2FormPrincipal
-// Result<Void> rv = service.validate(trans,mapper.credsFromReq(request));
-// if(rv.notOK()) {
-// return rv;
-// }
- Holder<GRANT_TYPE> hgt = new Holder<GRANT_TYPE>(GRANT_TYPE.unknown);
- Result<OAuthTokenDAO.Data> rs = service.createToken(trans,req,mapper.clientTokenReq(request,hgt),hgt);
- Result<TOKEN> rp;
- if(rs.isOKhasData()) {
- rp = mapper.tokenFromData(rs);
- } else {
- rp = Result.err(rs);
- }
- switch(rp.status) {
- case OK:
- RosettaData<TOKEN> data = tokenDF.newData(trans).load(rp.value);
- if(Question.willSpecialLog(trans, trans.user())) {
- Question.logEncryptTrace(trans,data.asString());
- }
- data.to(resp.getOutputStream());
- resp.getOutputStream().print('\n');
- setContentType(resp,tokenDF.getOutType());
- return Result.ok();
- default:
- return Result.err(rp);
- }
- } catch (Exception e) {
- trans.error().log(e,IN,CREATE_TOKEN);
- return Result.err(e);
- } finally {
- tt.done();
- }
+ // Already validated for Oauth2FormPrincipal
+// Result<Void> rv = service.validate(trans,mapper.credsFromReq(request));
+// if(rv.notOK()) {
+// return rv;
+// }
+ Holder<GRANT_TYPE> hgt = new Holder<GRANT_TYPE>(GRANT_TYPE.unknown);
+ Result<OAuthTokenDAO.Data> rs = service.createToken(trans,req,mapper.clientTokenReq(request,hgt),hgt);
+ Result<TOKEN> rp;
+ if(rs.isOKhasData()) {
+ rp = mapper.tokenFromData(rs);
+ } else {
+ rp = Result.err(rs);
+ }
+ switch(rp.status) {
+ case OK:
+ RosettaData<TOKEN> data = tokenDF.newData(trans).load(rp.value);
+ if(Question.willSpecialLog(trans, trans.user())) {
+ Question.logEncryptTrace(trans,data.asString());
+ }
+ data.to(resp.getOutputStream());
+ resp.getOutputStream().print('\n');
+ setContentType(resp,tokenDF.getOutType());
+ return Result.ok();
+ default:
+ return Result.err(rp);
+ }
+ } catch (Exception e) {
+ trans.error().log(e,IN,CREATE_TOKEN);
+ return Result.err(e);
+ } finally {
+ tt.done();
+ }
- }
+ }
/* (non-Javadoc)
- * @see org.onap.aaf.auth.oauth.facade.OAFacade#Introspect(org.onap.aaf.auth.env.test.AuthzTrans, javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse)
- */
- @Override
- public Result<Void> introspect(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp) {
- TimeTaken tt = trans.start(INTROSPECT, Env.SUB|Env.ALWAYS);
- try {
- Principal p = req.getUserPrincipal();
- String token=null;
- if(p != null) {
- if(p instanceof OAuth2Principal) {
- RosettaData<INTROSPECT> data = introspectDF.newData(trans).load(mapper.fromPrincipal((OAuth2Principal)p));
- if(Question.willSpecialLog(trans, trans.user())) {
- Question.logEncryptTrace(trans,data.asString());
- }
- data.to(resp.getOutputStream());
- resp.getOutputStream().print('\n');
- setContentType(resp,tokenDF.getOutType());
- return Result.ok();
- } else if(p instanceof OAuth2FormPrincipal) {
- token = req.getParameter("token");
- }
- }
-
- if(token==null) {
- token = req.getParameter("access_token");
- if(token==null || token.isEmpty()) {
- token = req.getHeader("Authorization");
- if(token != null && token.startsWith("Bearer ")) {
- token = token.substring(7);
- } else {
- token = req.getParameter("token");
- if(token==null) {
- return Result.err(Result.ERR_Security,"token is required");
- }
- }
- }
- }
+ * @see org.onap.aaf.auth.oauth.facade.OAFacade#Introspect(org.onap.aaf.auth.env.test.AuthzTrans, javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse)
+ */
+ @Override
+ public Result<Void> introspect(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp) {
+ TimeTaken tt = trans.start(INTROSPECT, Env.SUB|Env.ALWAYS);
+ try {
+ Principal p = req.getUserPrincipal();
+ String token=null;
+ if(p != null) {
+ if(p instanceof OAuth2Principal) {
+ RosettaData<INTROSPECT> data = introspectDF.newData(trans).load(mapper.fromPrincipal((OAuth2Principal)p));
+ if(Question.willSpecialLog(trans, trans.user())) {
+ Question.logEncryptTrace(trans,data.asString());
+ }
+ data.to(resp.getOutputStream());
+ resp.getOutputStream().print('\n');
+ setContentType(resp,tokenDF.getOutType());
+ return Result.ok();
+ } else if(p instanceof OAuth2FormPrincipal) {
+ token = req.getParameter("token");
+ }
+ }
+
+ if(token==null) {
+ token = req.getParameter("access_token");
+ if(token==null || token.isEmpty()) {
+ token = req.getHeader("Authorization");
+ if(token != null && token.startsWith("Bearer ")) {
+ token = token.substring(7);
+ } else {
+ token = req.getParameter("token");
+ if(token==null) {
+ return Result.err(Result.ERR_Security,"token is required");
+ }
+ }
+ }
+ }
- Result<INTROSPECT> rti = mappedIntrospect(trans,token);
- switch(rti.status) {
- case OK:
- RosettaData<INTROSPECT> data = introspectDF.newData(trans).load(rti.value);
- if(Question.willSpecialLog(trans, trans.user())) {
- Question.logEncryptTrace(trans,data.asString());
- }
- data.to(resp.getOutputStream());
- resp.getOutputStream().print('\n');
- setContentType(resp,tokenDF.getOutType());
- return Result.ok();
- default:
- return Result.err(rti);
- }
- } catch (Exception e) {
- trans.error().log(e,IN,INTROSPECT);
- return Result.err(e);
- } finally {
- tt.done();
- }
- }
-
+ Result<INTROSPECT> rti = mappedIntrospect(trans,token);
+ switch(rti.status) {
+ case OK:
+ RosettaData<INTROSPECT> data = introspectDF.newData(trans).load(rti.value);
+ if(Question.willSpecialLog(trans, trans.user())) {
+ Question.logEncryptTrace(trans,data.asString());
+ }
+ data.to(resp.getOutputStream());
+ resp.getOutputStream().print('\n');
+ setContentType(resp,tokenDF.getOutType());
+ return Result.ok();
+ default:
+ return Result.err(rti);
+ }
+ } catch (Exception e) {
+ trans.error().log(e,IN,INTROSPECT);
+ return Result.err(e);
+ } finally {
+ tt.done();
+ }
+ }
+
- /* (non-Javadoc)
- * @see com.att.authz.facade.AuthzFacade#error(org.onap.aaf.auth.env.test.AuthzTrans, javax.servlet.http.HttpServletResponse, int)
- *
- * Note: Conforms to AT&T TSS RESTful Error Structure
- */
- @Override
- public void error(AuthzTrans trans, HttpServletResponse response, Result<?> result) {
- error(trans, response, result.status,
- result.details==null?"":result.details.trim(),
- result.variables==null?new String[0]:result.variables);
- }
-
- @Override
- public void error(AuthzTrans trans, HttpServletResponse response, int status, final String _msg, final String ... _detail) {
- String msgId;
- String prefix;
- boolean hidemsg=false;
- switch(status) {
- case 202:
- case ERR_ActionNotCompleted:
- msgId = "SVC1202";
- prefix = "Accepted, Action not complete";
- response.setStatus(/*httpstatus=*/202);
- break;
+ /* (non-Javadoc)
+ * @see com.att.authz.facade.AuthzFacade#error(org.onap.aaf.auth.env.test.AuthzTrans, javax.servlet.http.HttpServletResponse, int)
+ *
+ * Note: Conforms to AT&T TSS RESTful Error Structure
+ */
+ @Override
+ public void error(AuthzTrans trans, HttpServletResponse response, Result<?> result) {
+ error(trans, response, result.status,
+ result.details==null?"":result.details.trim(),
+ result.variables==null?new String[0]:result.variables);
+ }
+
+ @Override
+ public void error(AuthzTrans trans, HttpServletResponse response, int status, final String _msg, final String ... _detail) {
+ String msgId;
+ String prefix;
+ boolean hidemsg=false;
+ switch(status) {
+ case 202:
+ case ERR_ActionNotCompleted:
+ msgId = "SVC1202";
+ prefix = "Accepted, Action not complete";
+ response.setStatus(/*httpstatus=*/202);
+ break;
- case 403:
- case ERR_Policy:
- case ERR_Security:
- case ERR_Denied:
- msgId = "SVC1403";
- prefix = "Forbidden";
- response.setStatus(/*httpstatus=*/403);
- break;
-
- case 404:
- case ERR_NotFound:
- msgId = "SVC1404";
- prefix = "Not Found";
- response.setStatus(/*httpstatus=*/404);
- break;
+ case 403:
+ case ERR_Policy:
+ case ERR_Security:
+ case ERR_Denied:
+ msgId = "SVC1403";
+ prefix = "Forbidden";
+ response.setStatus(/*httpstatus=*/403);
+ break;
+
+ case 404:
+ case ERR_NotFound:
+ msgId = "SVC1404";
+ prefix = "Not Found";
+ response.setStatus(/*httpstatus=*/404);
+ break;
- case 406:
- case ERR_BadData:
- msgId="SVC1406";
- prefix = "Not Acceptable";
- response.setStatus(/*httpstatus=*/406);
- break;
-
- case 409:
- case ERR_ConflictAlreadyExists:
- msgId = "SVC1409";
- prefix = "Conflict Already Exists";
- response.setStatus(/*httpstatus=*/409);
- break;
-
- case 501:
- case ERR_NotImplemented:
- msgId = "SVC1501";
- prefix = "Not Implemented";
- response.setStatus(/*httpstatus=*/501);
- break;
-
+ case 406:
+ case ERR_BadData:
+ msgId="SVC1406";
+ prefix = "Not Acceptable";
+ response.setStatus(/*httpstatus=*/406);
+ break;
+
+ case 409:
+ case ERR_ConflictAlreadyExists:
+ msgId = "SVC1409";
+ prefix = "Conflict Already Exists";
+ response.setStatus(/*httpstatus=*/409);
+ break;
+
+ case 501:
+ case ERR_NotImplemented:
+ msgId = "SVC1501";
+ prefix = "Not Implemented";
+ response.setStatus(/*httpstatus=*/501);
+ break;
+
- default:
- msgId = "SVC1500";
- prefix = "General Service Error";
- response.setStatus(/*httpstatus=*/500);
- hidemsg=true;
- break;
- }
+ default:
+ msgId = "SVC1500";
+ prefix = "General Service Error";
+ response.setStatus(/*httpstatus=*/500);
+ hidemsg=true;
+ break;
+ }
- try {
- StringBuilder holder = new StringBuilder();
- ERROR em = mapper.errorFromMessage(holder, msgId,prefix + ": " + _msg,_detail);
- trans.checkpoint(
- "ErrResp [" +
- msgId +
- "] " +
- holder.toString(),
- Env.ALWAYS);
- if(hidemsg) {
- holder.setLength(0);
- em = mapper.errorFromMessage(holder, msgId, "Server had an issue processing this request");
- }
- errDF.newData(trans).load(em).to(response.getOutputStream());
-
- } catch (Exception e) {
- trans.error().log(e,"unable to send response for",_msg);
- }
- }
-
- public Mapper<TOKEN_REQ,TOKEN,INTROSPECT,ERROR> mapper() {
- return mapper;
- }
-
- /* (non-Javadoc)
- * @see org.onap.aaf.auth.oauth.facade.OAFacade#service()
- */
- @Override
- public OAuthService service() {
- return service;
- }
+ try {
+ StringBuilder holder = new StringBuilder();
+ ERROR em = mapper.errorFromMessage(holder, msgId,prefix + ": " + _msg,_detail);
+ trans.checkpoint(
+ "ErrResp [" +
+ msgId +
+ "] " +
+ holder.toString(),
+ Env.ALWAYS);
+ if(hidemsg) {
+ holder.setLength(0);
+ em = mapper.errorFromMessage(holder, msgId, "Server had an issue processing this request");
+ }
+ errDF.newData(trans).load(em).to(response.getOutputStream());
+
+ } catch (Exception e) {
+ trans.error().log(e,"unable to send response for",_msg);
+ }
+ }
+
+ public Mapper<TOKEN_REQ,TOKEN,INTROSPECT,ERROR> mapper() {
+ return mapper;
+ }
+
+ /* (non-Javadoc)
+ * @see org.onap.aaf.auth.oauth.facade.OAFacade#service()
+ */
+ @Override
+ public OAuthService service() {
+ return service;
+ }
} \ No newline at end of file
diff --git a/auth/auth-oauth/src/main/java/org/onap/aaf/auth/oauth/mapper/Mapper.java b/auth/auth-oauth/src/main/java/org/onap/aaf/auth/oauth/mapper/Mapper.java
index 55100e21..8e1c52e6 100644
--- a/auth/auth-oauth/src/main/java/org/onap/aaf/auth/oauth/mapper/Mapper.java
+++ b/auth/auth-oauth/src/main/java/org/onap/aaf/auth/oauth/mapper/Mapper.java
@@ -31,17 +31,17 @@ import org.onap.aaf.cadi.client.Holder;
import org.onap.aaf.cadi.oauth.OAuth2Principal;
public interface Mapper<TOKEN_REQ,TOKEN,INTROSPECT,ERROR> extends MapperIntrospect<INTROSPECT>
-{
- public enum API{TOKEN_REQ, TOKEN,INTROSPECT, ERROR,VOID};
-
- public Class<?> getClass(API api);
- public<A> A newInstance(API api);
+{
+ public enum API{TOKEN_REQ, TOKEN,INTROSPECT, ERROR,VOID};
+
+ public Class<?> getClass(API api);
+ public<A> A newInstance(API api);
- public ERROR errorFromMessage(StringBuilder holder, String msgID, String text, String... detail);
- public TOKEN_REQ tokenReqFromParams(HttpServletRequest req);
- public OCreds credsFromReq(TOKEN_REQ tokReq);
-
- public OAuthTokenDAO.Data clientTokenReq(TOKEN_REQ tokReq, Holder<GRANT_TYPE> hgt);
- public Result<TOKEN> tokenFromData(Result<OAuthTokenDAO.Data> rs);
- public INTROSPECT fromPrincipal(OAuth2Principal p);
+ public ERROR errorFromMessage(StringBuilder holder, String msgID, String text, String... detail);
+ public TOKEN_REQ tokenReqFromParams(HttpServletRequest req);
+ public OCreds credsFromReq(TOKEN_REQ tokReq);
+
+ public OAuthTokenDAO.Data clientTokenReq(TOKEN_REQ tokReq, Holder<GRANT_TYPE> hgt);
+ public Result<TOKEN> tokenFromData(Result<OAuthTokenDAO.Data> rs);
+ public INTROSPECT fromPrincipal(OAuth2Principal p);
}
diff --git a/auth/auth-oauth/src/main/java/org/onap/aaf/auth/oauth/mapper/Mapper1_0.java b/auth/auth-oauth/src/main/java/org/onap/aaf/auth/oauth/mapper/Mapper1_0.java
index 688a03ce..4be079e4 100644
--- a/auth/auth-oauth/src/main/java/org/onap/aaf/auth/oauth/mapper/Mapper1_0.java
+++ b/auth/auth-oauth/src/main/java/org/onap/aaf/auth/oauth/mapper/Mapper1_0.java
@@ -46,179 +46,179 @@ import aafoauth.v2_0.TokenRequest;
public class Mapper1_0 extends MapperIntrospect1_0 implements Mapper<TokenRequest,Token,Introspect,Error> {
- @Override
- public Class<?> getClass(API api) {
- switch(api) {
- case TOKEN_REQ: return TokenRequest.class;
- case TOKEN: return Token.class;
- case INTROSPECT: return Introspect.class;
- case ERROR: return Error.class;
- case VOID: return Void.class;
- }
- return null;
- }
-
- @SuppressWarnings("unchecked")
- @Override
- public <A> A newInstance(API api) {
- switch(api) {
- case TOKEN_REQ: return (A)new TokenRequest();
- case TOKEN: return (A)new Token();
- case INTROSPECT: return (A)new Introspect();
- case ERROR: return (A)new Error();
- case VOID: return null;
- }
- return null;
- }
-
- ////////////// Mapping Functions /////////////
- @Override
- public Error errorFromMessage(StringBuilder holder, String msgID, String text, String... var) {
- Error err = new Error();
- err.setMessageId(msgID);
- // AT&T Restful Error Format requires numbers "%" placements
- err.setText(Vars.convert(holder, text, var));
- for(String s : var) {
- err.getVariables().add(s);
- }
- return err;
- }
-
- @Override
- public TokenRequest tokenReqFromParams(HttpServletRequest req) {
- TokenRequest tr = new TokenRequest();
- boolean data = false;
- Map<String, String[]> map = req.getParameterMap();
- for(Entry<String, String[]> es : map.entrySet()) {
- switch(es.getKey()) {
- case "client_id":
- if(es.getValue().length==1) {
- tr.setClientId(es.getValue()[0]);
- data = true;
- }
- break;
- case "client_secret":
- if(es.getValue().length==1) {
- tr.setClientSecret(es.getValue()[0]);
- data = true;
- }
- break;
- case "username":
- if(es.getValue().length==1) {
- tr.setUsername(es.getValue()[0]);
- data = true;
- }
- break;
- case "password":
- if(es.getValue().length==1) {
- tr.setPassword(es.getValue()[0]);
- data = true;
- }
- break;
- case "scope":
- if(es.getValue().length==1) {
- tr.setScope(es.getValue()[0]);
- data = true;
- }
- break;
- case "grant_type":
- if(es.getValue().length==1) {
- tr.setGrantType(es.getValue()[0]);
- data = true;
- }
- break;
- case "refresh_token":
- if(es.getValue().length==1) {
- tr.setRefreshToken(es.getValue()[0]);
- data = true;
- }
- break;
-
- }
- }
- return data?tr:null;
- }
-
-
-
- /* (non-Javadoc)
- * @see org.onap.aaf.auth.oauth.mapper.Mapper#credsFromReq(javax.servlet.http.HttpServletRequest)
- */
- @Override
- public OCreds credsFromReq(TokenRequest tokReq) {
- return new OCreds(tokReq.getClientId(),tokReq.getClientSecret(),
- tokReq.getUsername(),tokReq.getPassword());
- }
-
- /* (non-Javadoc)
- * @see org.onap.aaf.auth.oauth.mapper.Mapper#tokenReq(java.lang.Object)
- */
- @Override
- public Data clientTokenReq(TokenRequest tokReq, Holder<GRANT_TYPE> hgt) {
- OAuthTokenDAO.Data tdd = new OAuthTokenDAO.Data();
- tdd.client_id = tokReq.getClientId();
- tdd.user = tokReq.getUsername();
- if(tokReq.getRefreshToken()!=null) {
- tdd.refresh=tokReq.getRefreshToken();
- }
-
- for(GRANT_TYPE ttt : GRANT_TYPE.values()) {
- if(ttt.name().equals(tokReq.getGrantType())) {
- hgt.set(ttt);
- break;
- }
- }
-
- switch(hgt.get()) {
- case client_credentials:
- case password:
- case refresh_token:
- tdd.type = CLIENT_TYPE.confidential.ordinal();
- break;
- default:
- tdd.type = CLIENT_TYPE.unknown.ordinal();
- break;
- }
- String scopes=tokReq.getScope();
- if(scopes!=null) {
- Set<String> ss = tdd.scopes(true);
- for(String s: Split.split(' ', tokReq.getScope())) {
- ss.add(s);
- }
- }
-
- tdd.state = tokReq.getState();
- return tdd;
- }
-
- @Override
- public Result<Token> tokenFromData(Result<Data> rd) {
- if(rd.notOK()) {
- return Result.err(rd);
- }
- Data d = rd.value;
- Token token = new Token();
- if(OAuthService.TOKEN_TYPE.values().length>d.type) {
- token.setTokenType(OAuthService.TOKEN_TYPE.values()[d.type].name());
- } else {
- token.setTokenType("Invalid");
- }
- token.setAccessToken(d.id);
- token.setRefreshToken(d.refresh);
- token.setExpiresIn((int)(d.exp_sec-(System.currentTimeMillis())/1000));
- token.setScope(getScopes(d.scopes(false)));
- token.setState(d.state);
- return Result.ok(token);
- }
-
-
-
- /* (non-Javadoc)
- * @see org.onap.aaf.auth.oauth.mapper.Mapper#fromPrincipal(org.onap.aaf.cadi.oauth.OAuth2Principal)
- */
- @Override
- public Introspect fromPrincipal(OAuth2Principal p) {
- return p.tokenPerm().getIntrospect();
- }
+ @Override
+ public Class<?> getClass(API api) {
+ switch(api) {
+ case TOKEN_REQ: return TokenRequest.class;
+ case TOKEN: return Token.class;
+ case INTROSPECT: return Introspect.class;
+ case ERROR: return Error.class;
+ case VOID: return Void.class;
+ }
+ return null;
+ }
+
+ @SuppressWarnings("unchecked")
+ @Override
+ public <A> A newInstance(API api) {
+ switch(api) {
+ case TOKEN_REQ: return (A)new TokenRequest();
+ case TOKEN: return (A)new Token();
+ case INTROSPECT: return (A)new Introspect();
+ case ERROR: return (A)new Error();
+ case VOID: return null;
+ }
+ return null;
+ }
+
+ ////////////// Mapping Functions /////////////
+ @Override
+ public Error errorFromMessage(StringBuilder holder, String msgID, String text, String... var) {
+ Error err = new Error();
+ err.setMessageId(msgID);
+ // AT&T Restful Error Format requires numbers "%" placements
+ err.setText(Vars.convert(holder, text, var));
+ for(String s : var) {
+ err.getVariables().add(s);
+ }
+ return err;
+ }
+
+ @Override
+ public TokenRequest tokenReqFromParams(HttpServletRequest req) {
+ TokenRequest tr = new TokenRequest();
+ boolean data = false;
+ Map<String, String[]> map = req.getParameterMap();
+ for(Entry<String, String[]> es : map.entrySet()) {
+ switch(es.getKey()) {
+ case "client_id":
+ if(es.getValue().length==1) {
+ tr.setClientId(es.getValue()[0]);
+ data = true;
+ }
+ break;
+ case "client_secret":
+ if(es.getValue().length==1) {
+ tr.setClientSecret(es.getValue()[0]);
+ data = true;
+ }
+ break;
+ case "username":
+ if(es.getValue().length==1) {
+ tr.setUsername(es.getValue()[0]);
+ data = true;
+ }
+ break;
+ case "password":
+ if(es.getValue().length==1) {
+ tr.setPassword(es.getValue()[0]);
+ data = true;
+ }
+ break;
+ case "scope":
+ if(es.getValue().length==1) {
+ tr.setScope(es.getValue()[0]);
+ data = true;
+ }
+ break;
+ case "grant_type":
+ if(es.getValue().length==1) {
+ tr.setGrantType(es.getValue()[0]);
+ data = true;
+ }
+ break;
+ case "refresh_token":
+ if(es.getValue().length==1) {
+ tr.setRefreshToken(es.getValue()[0]);
+ data = true;
+ }
+ break;
+
+ }
+ }
+ return data?tr:null;
+ }
+
+
+
+ /* (non-Javadoc)
+ * @see org.onap.aaf.auth.oauth.mapper.Mapper#credsFromReq(javax.servlet.http.HttpServletRequest)
+ */
+ @Override
+ public OCreds credsFromReq(TokenRequest tokReq) {
+ return new OCreds(tokReq.getClientId(),tokReq.getClientSecret(),
+ tokReq.getUsername(),tokReq.getPassword());
+ }
+
+ /* (non-Javadoc)
+ * @see org.onap.aaf.auth.oauth.mapper.Mapper#tokenReq(java.lang.Object)
+ */
+ @Override
+ public Data clientTokenReq(TokenRequest tokReq, Holder<GRANT_TYPE> hgt) {
+ OAuthTokenDAO.Data tdd = new OAuthTokenDAO.Data();
+ tdd.client_id = tokReq.getClientId();
+ tdd.user = tokReq.getUsername();
+ if(tokReq.getRefreshToken()!=null) {
+ tdd.refresh=tokReq.getRefreshToken();
+ }
+
+ for(GRANT_TYPE ttt : GRANT_TYPE.values()) {
+ if(ttt.name().equals(tokReq.getGrantType())) {
+ hgt.set(ttt);
+ break;
+ }
+ }
+
+ switch(hgt.get()) {
+ case client_credentials:
+ case password:
+ case refresh_token:
+ tdd.type = CLIENT_TYPE.confidential.ordinal();
+ break;
+ default:
+ tdd.type = CLIENT_TYPE.unknown.ordinal();
+ break;
+ }
+ String scopes=tokReq.getScope();
+ if(scopes!=null) {
+ Set<String> ss = tdd.scopes(true);
+ for(String s: Split.split(' ', tokReq.getScope())) {
+ ss.add(s);
+ }
+ }
+
+ tdd.state = tokReq.getState();
+ return tdd;
+ }
+
+ @Override
+ public Result<Token> tokenFromData(Result<Data> rd) {
+ if(rd.notOK()) {
+ return Result.err(rd);
+ }
+ Data d = rd.value;
+ Token token = new Token();
+ if(OAuthService.TOKEN_TYPE.values().length>d.type) {
+ token.setTokenType(OAuthService.TOKEN_TYPE.values()[d.type].name());
+ } else {
+ token.setTokenType("Invalid");
+ }
+ token.setAccessToken(d.id);
+ token.setRefreshToken(d.refresh);
+ token.setExpiresIn((int)(d.exp_sec-(System.currentTimeMillis())/1000));
+ token.setScope(getScopes(d.scopes(false)));
+ token.setState(d.state);
+ return Result.ok(token);
+ }
+
+
+
+ /* (non-Javadoc)
+ * @see org.onap.aaf.auth.oauth.mapper.Mapper#fromPrincipal(org.onap.aaf.cadi.oauth.OAuth2Principal)
+ */
+ @Override
+ public Introspect fromPrincipal(OAuth2Principal p) {
+ return p.tokenPerm().getIntrospect();
+ }
} \ No newline at end of file
diff --git a/auth/auth-oauth/src/main/java/org/onap/aaf/auth/oauth/mapper/MapperIntrospect.java b/auth/auth-oauth/src/main/java/org/onap/aaf/auth/oauth/mapper/MapperIntrospect.java
index bf558799..27f40ecf 100644
--- a/auth/auth-oauth/src/main/java/org/onap/aaf/auth/oauth/mapper/MapperIntrospect.java
+++ b/auth/auth-oauth/src/main/java/org/onap/aaf/auth/oauth/mapper/MapperIntrospect.java
@@ -25,5 +25,5 @@ import org.onap.aaf.auth.dao.cass.OAuthTokenDAO;
import org.onap.aaf.auth.layer.Result;
public interface MapperIntrospect<INTROSPECT> {
- public Result<INTROSPECT> introspect(Result<OAuthTokenDAO.Data> rs);
+ public Result<INTROSPECT> introspect(Result<OAuthTokenDAO.Data> rs);
}
diff --git a/auth/auth-oauth/src/main/java/org/onap/aaf/auth/oauth/mapper/MapperIntrospect1_0.java b/auth/auth-oauth/src/main/java/org/onap/aaf/auth/oauth/mapper/MapperIntrospect1_0.java
index 00a94fdf..ac015c81 100644
--- a/auth/auth-oauth/src/main/java/org/onap/aaf/auth/oauth/mapper/MapperIntrospect1_0.java
+++ b/auth/auth-oauth/src/main/java/org/onap/aaf/auth/oauth/mapper/MapperIntrospect1_0.java
@@ -31,44 +31,44 @@ import aafoauth.v2_0.Introspect;
public class MapperIntrospect1_0 implements MapperIntrospect<Introspect> {
- public Result<Introspect> introspect(Result<Data> rs) {
- if(rs.isOKhasData()) {
- Data data = rs.value;
- Introspect ti = new Introspect();
- ti.setAccessToken(data.id);
- ti.setActive(data.active);
- ti.setClientId(data.client_id);
- for(CLIENT_TYPE ct : CLIENT_TYPE.values()) {
- if(data.type==ct.ordinal()) {
- ti.setClientType(ct.name());
- break;
- }
- }
- if(ti.getClientType()==null) {
- ti.setClientType(CLIENT_TYPE.unknown.name());
- }
- ti.setActive(data.active);
- ti.setScope(getScopes(data.scopes(false)));
- ti.setContent(data.content);
- ti.setUsername(data.user);
- ti.setExp(data.exp_sec); // want seconds from Jan 1, 1970
- return Result.ok(ti);
- }
- return Result.err(rs);
- }
-
- protected static String getScopes(Set<String> scopes) {
- StringBuilder sb = new StringBuilder();
- boolean start = true;
- for(String s : scopes) {
- if(start) {
- start = false;
- } else {
- sb.append(' ');
- }
- sb.append(s);
- }
- return sb.toString();
- }
+ public Result<Introspect> introspect(Result<Data> rs) {
+ if(rs.isOKhasData()) {
+ Data data = rs.value;
+ Introspect ti = new Introspect();
+ ti.setAccessToken(data.id);
+ ti.setActive(data.active);
+ ti.setClientId(data.client_id);
+ for(CLIENT_TYPE ct : CLIENT_TYPE.values()) {
+ if(data.type==ct.ordinal()) {
+ ti.setClientType(ct.name());
+ break;
+ }
+ }
+ if(ti.getClientType()==null) {
+ ti.setClientType(CLIENT_TYPE.unknown.name());
+ }
+ ti.setActive(data.active);
+ ti.setScope(getScopes(data.scopes(false)));
+ ti.setContent(data.content);
+ ti.setUsername(data.user);
+ ti.setExp(data.exp_sec); // want seconds from Jan 1, 1970
+ return Result.ok(ti);
+ }
+ return Result.err(rs);
+ }
+
+ protected static String getScopes(Set<String> scopes) {
+ StringBuilder sb = new StringBuilder();
+ boolean start = true;
+ for(String s : scopes) {
+ if(start) {
+ start = false;
+ } else {
+ sb.append(' ');
+ }
+ sb.append(s);
+ }
+ return sb.toString();
+ }
}
diff --git a/auth/auth-oauth/src/main/java/org/onap/aaf/auth/oauth/service/JSONPermLoader.java b/auth/auth-oauth/src/main/java/org/onap/aaf/auth/oauth/service/JSONPermLoader.java
index bf04472b..51120870 100644
--- a/auth/auth-oauth/src/main/java/org/onap/aaf/auth/oauth/service/JSONPermLoader.java
+++ b/auth/auth-oauth/src/main/java/org/onap/aaf/auth/oauth/service/JSONPermLoader.java
@@ -29,6 +29,6 @@ import org.onap.aaf.cadi.CadiException;
import org.onap.aaf.misc.env.APIException;
public interface JSONPermLoader {
- public Result<String> loadJSONPerms(AuthzTrans trans, String user, Set<String> scopes) throws APIException, CadiException;
+ public Result<String> loadJSONPerms(AuthzTrans trans, String user, Set<String> scopes) throws APIException, CadiException;
}
diff --git a/auth/auth-oauth/src/main/java/org/onap/aaf/auth/oauth/service/JSONPermLoaderFactory.java b/auth/auth-oauth/src/main/java/org/onap/aaf/auth/oauth/service/JSONPermLoaderFactory.java
index f4400869..886b06c5 100644
--- a/auth/auth-oauth/src/main/java/org/onap/aaf/auth/oauth/service/JSONPermLoaderFactory.java
+++ b/auth/auth-oauth/src/main/java/org/onap/aaf/auth/oauth/service/JSONPermLoaderFactory.java
@@ -38,82 +38,82 @@ import org.onap.aaf.misc.env.Env;
import org.onap.aaf.misc.env.TimeTaken;
public class JSONPermLoaderFactory {
- /**
- * Load JSON Perms from AAF Service (Remotely)
- * @param aafcon
- * @param timeout
- * @return
- */
- public static JSONPermLoader remote(final AAFCon<?> aafcon, final int timeout) {
- return new JSONPermLoader() {
- public Result<String> loadJSONPerms(AuthzTrans trans, String user, Set<String> scopes) throws APIException, CadiException {
- Rcli<?> c = aafcon.clientAs(Config.AAF_DEFAULT_VERSION,trans.getUserPrincipal());
- StringBuilder pathinfo = new StringBuilder("/authz/perms/user/");
- pathinfo.append(user);
- pathinfo.append("?scopes=");
- boolean first = true;
- for(String s : scopes) {
- if(first) {
- first = false;
- } else {
- pathinfo.append(':');
- }
- pathinfo.append(s);
- }
- TimeTaken tt = trans.start("Call AAF Service", Env.REMOTE);
- try {
- Future<String> fs = c.read(pathinfo.toString(), "application/Perms+json;charset=utf-8;version=2.0");
- if(fs.get(timeout)) {
- return Result.ok(fs.body());
- } else if(fs.code()==404) {
- return Result.err(Result.ERR_NotFound,fs.body());
- } else {
- return Result.err(Result.ERR_Backend,"Error accessing AAF %s: %s",Integer.toString(fs.code()),fs.body());
- }
- } finally {
- tt.done();
- }
- }
- };
- }
- public static JSONPermLoader direct(final Question question) {
- return new JSONPermLoader() {
- public Result<String> loadJSONPerms(AuthzTrans trans, String user, Set<String> scopes) throws APIException, CadiException {
- TimeTaken tt = trans.start("Cached DB Perm lookup", Env.SUB);
- Result<List<PermDAO.Data>> pd;
- try {
- pd = question.getPermsByUser(trans, user, false);
- } finally {
- tt.done();
- }
- if(pd.notOK()) {
- return Result.err(pd);
- }
- // Since we know it is
- StringBuilder sb = new StringBuilder("{\"perm\":[");
- boolean first = true;
- for(PermDAO.Data d : pd.value) {
- if(scopes.contains(d.ns)) {
- if(first) {
- first = false;
- } else {
- sb.append(',');
- }
- sb.append("{\"ns\":\"");
- sb.append(d.ns);
- sb.append("\",\"type\":\"");
- sb.append(d.type);
- sb.append("\",\"instance\":\"");
- sb.append(d.instance);
- sb.append("\",\"action\":\"");
- sb.append(d.action);
- sb.append("\"}");
- }
- }
- sb.append("]}");
- return Result.ok(sb.toString());
- }
- };
- }
+ /**
+ * Load JSON Perms from AAF Service (Remotely)
+ * @param aafcon
+ * @param timeout
+ * @return
+ */
+ public static JSONPermLoader remote(final AAFCon<?> aafcon, final int timeout) {
+ return new JSONPermLoader() {
+ public Result<String> loadJSONPerms(AuthzTrans trans, String user, Set<String> scopes) throws APIException, CadiException {
+ Rcli<?> c = aafcon.clientAs(Config.AAF_DEFAULT_VERSION,trans.getUserPrincipal());
+ StringBuilder pathinfo = new StringBuilder("/authz/perms/user/");
+ pathinfo.append(user);
+ pathinfo.append("?scopes=");
+ boolean first = true;
+ for(String s : scopes) {
+ if(first) {
+ first = false;
+ } else {
+ pathinfo.append(':');
+ }
+ pathinfo.append(s);
+ }
+ TimeTaken tt = trans.start("Call AAF Service", Env.REMOTE);
+ try {
+ Future<String> fs = c.read(pathinfo.toString(), "application/Perms+json;charset=utf-8;version=2.0");
+ if(fs.get(timeout)) {
+ return Result.ok(fs.body());
+ } else if(fs.code()==404) {
+ return Result.err(Result.ERR_NotFound,fs.body());
+ } else {
+ return Result.err(Result.ERR_Backend,"Error accessing AAF %s: %s",Integer.toString(fs.code()),fs.body());
+ }
+ } finally {
+ tt.done();
+ }
+ }
+ };
+ }
+ public static JSONPermLoader direct(final Question question) {
+ return new JSONPermLoader() {
+ public Result<String> loadJSONPerms(AuthzTrans trans, String user, Set<String> scopes) throws APIException, CadiException {
+ TimeTaken tt = trans.start("Cached DB Perm lookup", Env.SUB);
+ Result<List<PermDAO.Data>> pd;
+ try {
+ pd = question.getPermsByUser(trans, user, false);
+ } finally {
+ tt.done();
+ }
+ if(pd.notOK()) {
+ return Result.err(pd);
+ }
+ // Since we know it is
+ StringBuilder sb = new StringBuilder("{\"perm\":[");
+ boolean first = true;
+ for(PermDAO.Data d : pd.value) {
+ if(scopes.contains(d.ns)) {
+ if(first) {
+ first = false;
+ } else {
+ sb.append(',');
+ }
+ sb.append("{\"ns\":\"");
+ sb.append(d.ns);
+ sb.append("\",\"type\":\"");
+ sb.append(d.type);
+ sb.append("\",\"instance\":\"");
+ sb.append(d.instance);
+ sb.append("\",\"action\":\"");
+ sb.append(d.action);
+ sb.append("\"}");
+ }
+ }
+ sb.append("]}");
+ return Result.ok(sb.toString());
+ }
+ };
+ }
}
diff --git a/auth/auth-oauth/src/main/java/org/onap/aaf/auth/oauth/service/OAuthService.java b/auth/auth-oauth/src/main/java/org/onap/aaf/auth/oauth/service/OAuthService.java
index 0064e224..1d926a74 100644
--- a/auth/auth-oauth/src/main/java/org/onap/aaf/auth/oauth/service/OAuthService.java
+++ b/auth/auth-oauth/src/main/java/org/onap/aaf/auth/oauth/service/OAuthService.java
@@ -54,248 +54,248 @@ import org.onap.aaf.misc.env.APIException;
import aafoauth.v2_0.Introspect;
public class OAuthService {
-
- private static final int TOK_EXP = 60*60*1000; // 1 hour, millis.
+
+ private static final int TOK_EXP = 60*60*1000; // 1 hour, millis.
- public enum TOKEN_TYPE {unknown,bearer,refresh}
- public enum GRANT_TYPE {unknown,password,client_credentials,refresh_token};
- public enum CLIENT_TYPE {unknown,confidential};
-
- // Additional Expires
- private final DAO<AuthzTrans, ?>[] daos;
- public final OAuthTokenDAO tokenDAO;
- private final DirectAAFUserPass directUserPass;
- private final TokenClientFactory tcf;
- private TokenClient altIntrospectClient;
- private String altDomain;
- private final JSONPermLoader permLoader;
+ public enum TOKEN_TYPE {unknown,bearer,refresh}
+ public enum GRANT_TYPE {unknown,password,client_credentials,refresh_token};
+ public enum CLIENT_TYPE {unknown,confidential};
+
+ // Additional Expires
+ private final DAO<AuthzTrans, ?>[] daos;
+ public final OAuthTokenDAO tokenDAO;
+ private final DirectAAFUserPass directUserPass;
+ private final TokenClientFactory tcf;
+ private TokenClient altIntrospectClient;
+ private String altDomain;
+ private final JSONPermLoader permLoader;
- // If we add more CAs, may want to parameterize
+ // If we add more CAs, may want to parameterize
- @SuppressWarnings("unchecked")
- public OAuthService(final Access access, final AuthzTrans trans, final Question q) throws APIException, IOException {
- permLoader = JSONPermLoaderFactory.direct(q);
- tokenDAO = new OAuthTokenDAO(trans, q.historyDAO);
- daos =(DAO<AuthzTrans, ?>[]) new DAO<?,?>[] {
- tokenDAO
- };
- try {
- String alt_url = access.getProperty(Config.AAF_ALT_OAUTH2_INTROSPECT_URL,null);
- if(alt_url!=null) {
- tcf = TokenClientFactory.instance(access);
- String[] split = Split.split(',', alt_url);
- int timeout = split.length>1?Integer.parseInt(split[1]):3000;
- altIntrospectClient = tcf.newClient(split[0], timeout);
- altIntrospectClient.client_creds(access.getProperty(Config.AAF_ALT_CLIENT_ID,null),
- access.getProperty(Config.AAF_ALT_CLIENT_SECRET,null));
- altDomain = '@'+access.getProperty(Config.AAF_ALT_OAUTH2_DOMAIN,null);
- } else {
- tcf = null;
- }
- directUserPass = new DirectAAFUserPass(trans.env(), q);
- } catch (GeneralSecurityException | CadiException | LocatorException e) {
- throw new APIException("Could not construct TokenClientFactory",e);
- }
-
- }
+ @SuppressWarnings("unchecked")
+ public OAuthService(final Access access, final AuthzTrans trans, final Question q) throws APIException, IOException {
+ permLoader = JSONPermLoaderFactory.direct(q);
+ tokenDAO = new OAuthTokenDAO(trans, q.historyDAO);
+ daos =(DAO<AuthzTrans, ?>[]) new DAO<?,?>[] {
+ tokenDAO
+ };
+ try {
+ String alt_url = access.getProperty(Config.AAF_ALT_OAUTH2_INTROSPECT_URL,null);
+ if(alt_url!=null) {
+ tcf = TokenClientFactory.instance(access);
+ String[] split = Split.split(',', alt_url);
+ int timeout = split.length>1?Integer.parseInt(split[1]):3000;
+ altIntrospectClient = tcf.newClient(split[0], timeout);
+ altIntrospectClient.client_creds(access.getProperty(Config.AAF_ALT_CLIENT_ID,null),
+ access.getProperty(Config.AAF_ALT_CLIENT_SECRET,null));
+ altDomain = '@'+access.getProperty(Config.AAF_ALT_OAUTH2_DOMAIN,null);
+ } else {
+ tcf = null;
+ }
+ directUserPass = new DirectAAFUserPass(trans.env(), q);
+ } catch (GeneralSecurityException | CadiException | LocatorException e) {
+ throw new APIException("Could not construct TokenClientFactory",e);
+ }
+
+ }
- public Result<Void> validate(AuthzTrans trans, OCreds creds) {
- if(directUserPass.validate(creds.username, Type.PASSWORD, creds.password, trans)) {
- return Result.ok();
- } else {
- return Result.err(Result.ERR_Security, "Invalid Credential for ",creds.username);
- }
- }
+ public Result<Void> validate(AuthzTrans trans, OCreds creds) {
+ if(directUserPass.validate(creds.username, Type.PASSWORD, creds.password, trans)) {
+ return Result.ok();
+ } else {
+ return Result.err(Result.ERR_Security, "Invalid Credential for ",creds.username);
+ }
+ }
- public Result<Data> createToken(AuthzTrans trans, HttpServletRequest req, OAuthTokenDAO.Data odd, Holder<GRANT_TYPE> hgt) {
- switch(hgt.get()) {
- case client_credentials:
- case password:
- return createBearerToken(trans, odd);
- case refresh_token:
- return refreshBearerToken(trans, odd);
- default:
- return Result.err(Result.ERR_BadData, "Unknown Grant Type");
- }
- }
-
- private Result<Data> createBearerToken(AuthzTrans trans, OAuthTokenDAO.Data odd) {
- if(odd.user==null) {
- odd.user = trans.user();
- }
- odd.id = AAFToken.toToken(UUID.randomUUID());
- odd.refresh = AAFToken.toToken(UUID.randomUUID());
- odd.active = true;
- long exp;
- odd.expires = new Date(exp=(System.currentTimeMillis()+TOK_EXP));
- odd.exp_sec = exp/1000;
- odd.req_ip = trans.ip();
-
- try {
- Result<Data> rd = loadToken(trans, odd);
- if(rd.notOK()) {
- return rd;
- }
- } catch (APIException | CadiException e) {
- return Result.err(e);
- }
- return tokenDAO.create(trans, odd);
- }
-
- private Result<Data> loadToken(AuthzTrans trans, Data odd) throws APIException, CadiException {
- Result<String> rs = permLoader.loadJSONPerms(trans,odd.user,odd.scopes(false));
- if(rs.isOK()) {
- odd.content = rs.value;
- odd.type = TOKEN_TYPE.bearer.ordinal();
- return Result.ok(odd);
- } else if(rs.status == Result.ERR_NotFound || rs.status==Status.ERR_UserRoleNotFound) {
- odd.type = TOKEN_TYPE.bearer.ordinal();
- return Result.ok(odd);
- } else {
- return Result.err(Result.ERR_Backend,"Error accessing AAF Info: %s",rs.errorString());
- }
- }
-
-
+ public Result<Data> createToken(AuthzTrans trans, HttpServletRequest req, OAuthTokenDAO.Data odd, Holder<GRANT_TYPE> hgt) {
+ switch(hgt.get()) {
+ case client_credentials:
+ case password:
+ return createBearerToken(trans, odd);
+ case refresh_token:
+ return refreshBearerToken(trans, odd);
+ default:
+ return Result.err(Result.ERR_BadData, "Unknown Grant Type");
+ }
+ }
+
+ private Result<Data> createBearerToken(AuthzTrans trans, OAuthTokenDAO.Data odd) {
+ if(odd.user==null) {
+ odd.user = trans.user();
+ }
+ odd.id = AAFToken.toToken(UUID.randomUUID());
+ odd.refresh = AAFToken.toToken(UUID.randomUUID());
+ odd.active = true;
+ long exp;
+ odd.expires = new Date(exp=(System.currentTimeMillis()+TOK_EXP));
+ odd.exp_sec = exp/1000;
+ odd.req_ip = trans.ip();
+
+ try {
+ Result<Data> rd = loadToken(trans, odd);
+ if(rd.notOK()) {
+ return rd;
+ }
+ } catch (APIException | CadiException e) {
+ return Result.err(e);
+ }
+ return tokenDAO.create(trans, odd);
+ }
+
+ private Result<Data> loadToken(AuthzTrans trans, Data odd) throws APIException, CadiException {
+ Result<String> rs = permLoader.loadJSONPerms(trans,odd.user,odd.scopes(false));
+ if(rs.isOK()) {
+ odd.content = rs.value;
+ odd.type = TOKEN_TYPE.bearer.ordinal();
+ return Result.ok(odd);
+ } else if(rs.status == Result.ERR_NotFound || rs.status==Status.ERR_UserRoleNotFound) {
+ odd.type = TOKEN_TYPE.bearer.ordinal();
+ return Result.ok(odd);
+ } else {
+ return Result.err(Result.ERR_Backend,"Error accessing AAF Info: %s",rs.errorString());
+ }
+ }
+
+
- private Result<Data> refreshBearerToken(AuthzTrans trans, Data odd) {
- Result<List<Data>> rld = tokenDAO.readByUser(trans, trans.user());
- if(rld.notOK()) {
- return Result.err(rld);
- }
- if(rld.isEmpty()) {
- return Result.err(Result.ERR_NotFound,"Data not Found for %1 %2",trans.user(),odd.refresh==null?"":odd.refresh.toString());
- }
- Data token = null;
- for(Data d : rld.value) {
- if(d.refresh.equals(odd.refresh)) {
- token = d;
- boolean scopesNE = false;
- Set<String> scopes = odd.scopes(false);
- if(scopes.size()>0) { // only check if Scopes listed, RFC 6749, Section 6
- if(scopesNE=!(scopes.size() == d.scopes(false).size())) {
- for(String s : odd.scopes(false)) {
- if(!d.scopes(false).contains(s)) {
- scopesNE=true;
- break;
- }
- }
- }
- if(scopesNE) {
- return Result.err(Result.ERR_BadData,"Requested Scopes do not match existing Token");
- }
- }
- break;
- }
- }
-
- if(token==null) {
- trans.audit().printf("Duplicate Refresh Token (%s) attempted for %s. Possible Replay Attack",odd.refresh.toString(),trans.user());
- return Result.err(Result.ERR_Security,"Invalid Refresh Token");
- } else {
- // Got the Result
- Data deleteMe = new Data();
- deleteMe.id = token.id;
- token.id = AAFToken.toToken(UUID.randomUUID());
- token.client_id = trans.user();
- token.refresh = AAFToken.toToken(UUID.randomUUID());
- long exp;
- token.expires = new Date(exp=(System.currentTimeMillis()+TOK_EXP));
- token.exp_sec = exp/1000;
- token.req_ip = trans.ip();
- Result<Data> rd = tokenDAO.create(trans, token);
- if(rd.notOK()) {
- return Result.err(rd);
- }
- Result<Void> rv = tokenDAO.delete(trans, deleteMe,false);
- if(rv.notOK()) {
- trans.error().log("Unable to delete token", token);
- }
- }
- return Result.ok(token);
- }
+ private Result<Data> refreshBearerToken(AuthzTrans trans, Data odd) {
+ Result<List<Data>> rld = tokenDAO.readByUser(trans, trans.user());
+ if(rld.notOK()) {
+ return Result.err(rld);
+ }
+ if(rld.isEmpty()) {
+ return Result.err(Result.ERR_NotFound,"Data not Found for %1 %2",trans.user(),odd.refresh==null?"":odd.refresh.toString());
+ }
+ Data token = null;
+ for(Data d : rld.value) {
+ if(d.refresh.equals(odd.refresh)) {
+ token = d;
+ boolean scopesNE = false;
+ Set<String> scopes = odd.scopes(false);
+ if(scopes.size()>0) { // only check if Scopes listed, RFC 6749, Section 6
+ if(scopesNE=!(scopes.size() == d.scopes(false).size())) {
+ for(String s : odd.scopes(false)) {
+ if(!d.scopes(false).contains(s)) {
+ scopesNE=true;
+ break;
+ }
+ }
+ }
+ if(scopesNE) {
+ return Result.err(Result.ERR_BadData,"Requested Scopes do not match existing Token");
+ }
+ }
+ break;
+ }
+ }
+
+ if(token==null) {
+ trans.audit().printf("Duplicate Refresh Token (%s) attempted for %s. Possible Replay Attack",odd.refresh.toString(),trans.user());
+ return Result.err(Result.ERR_Security,"Invalid Refresh Token");
+ } else {
+ // Got the Result
+ Data deleteMe = new Data();
+ deleteMe.id = token.id;
+ token.id = AAFToken.toToken(UUID.randomUUID());
+ token.client_id = trans.user();
+ token.refresh = AAFToken.toToken(UUID.randomUUID());
+ long exp;
+ token.expires = new Date(exp=(System.currentTimeMillis()+TOK_EXP));
+ token.exp_sec = exp/1000;
+ token.req_ip = trans.ip();
+ Result<Data> rd = tokenDAO.create(trans, token);
+ if(rd.notOK()) {
+ return Result.err(rd);
+ }
+ Result<Void> rv = tokenDAO.delete(trans, deleteMe,false);
+ if(rv.notOK()) {
+ trans.error().log("Unable to delete token", token);
+ }
+ }
+ return Result.ok(token);
+ }
- public Result<OAuthTokenDAO.Data> introspect(AuthzTrans trans, String token) {
- Result<List<Data>> rld;
- try {
- UUID uuid = AAFToken.fromToken(token);
- if(uuid==null) { // not an AAF Token
- // Attempt to get Alternative Token
- if(altIntrospectClient!=null) {
- org.onap.aaf.cadi.client.Result<Introspect> rai = altIntrospectClient.introspect(token);
- if(rai.isOK()) {
- Introspect in = rai.value;
- if(in.getExp()==null) {
- trans.audit().printf("Alt OAuth sent back inactive, empty token: requesting_id,%s,access_token=%s,ip=%s\n",trans.user(),token,trans.ip());
- }
- long expires = in.getExp()*1000;
- if(in.isActive() && expires>System.currentTimeMillis()) {
- // We have a good Token, modify to be Fully Qualified
- String fqid = in.getUsername()+altDomain;
- // read contents
- rld = tokenDAO.read(trans, token);
- if(rld.isOKhasData()) {
- Data td = rld.value.get(0);
- in.setContent(td.content);
- } else {
- Data td = new Data();
- td.id = token;
- td.client_id = in.getClientId();
- td.user = fqid;
- td.active=true;
- td.type = TOKEN_TYPE.bearer.ordinal();
- td.expires = new Date(expires);
- td.exp_sec = in.getExp();
- Set<String> scopes = td.scopes(true);
- if(in.getScope()!=null) {
- for(String s : Split.split(' ', in.getScope())) {
- scopes.add(s);
- }
- }
- // td.state = nothing to add at this point
- td.req_ip = trans.ip();
- trans.checkpoint(td.user + ':' + td.client_id + ", " + td.id);
- return loadToken(trans, td);
- }
- }
-// System.out.println(rai.value.getClientId());
- } else {
- trans.audit().printf("Alt OAuth rejects: requesting_id,%s,access_token=%s,ip=%s,code=%d,error=%s\n",trans.user(),token,trans.ip(),rai.code,rai.error);
- }
- } else {
- trans.audit().printf("Bad Token: requesting_id,%s,access_token=%s,ip=%s\n",trans.user(),token,trans.ip());
- }
- return Result.err(Result.ERR_Denied,"Bad Token");
- } else {
- return dbIntrospect(trans,token);
- }
- } catch (CadiException | APIException | LocatorException e) {
- return Result.err(e);
- }
- }
+ public Result<OAuthTokenDAO.Data> introspect(AuthzTrans trans, String token) {
+ Result<List<Data>> rld;
+ try {
+ UUID uuid = AAFToken.fromToken(token);
+ if(uuid==null) { // not an AAF Token
+ // Attempt to get Alternative Token
+ if(altIntrospectClient!=null) {
+ org.onap.aaf.cadi.client.Result<Introspect> rai = altIntrospectClient.introspect(token);
+ if(rai.isOK()) {
+ Introspect in = rai.value;
+ if(in.getExp()==null) {
+ trans.audit().printf("Alt OAuth sent back inactive, empty token: requesting_id,%s,access_token=%s,ip=%s\n",trans.user(),token,trans.ip());
+ }
+ long expires = in.getExp()*1000;
+ if(in.isActive() && expires>System.currentTimeMillis()) {
+ // We have a good Token, modify to be Fully Qualified
+ String fqid = in.getUsername()+altDomain;
+ // read contents
+ rld = tokenDAO.read(trans, token);
+ if(rld.isOKhasData()) {
+ Data td = rld.value.get(0);
+ in.setContent(td.content);
+ } else {
+ Data td = new Data();
+ td.id = token;
+ td.client_id = in.getClientId();
+ td.user = fqid;
+ td.active=true;
+ td.type = TOKEN_TYPE.bearer.ordinal();
+ td.expires = new Date(expires);
+ td.exp_sec = in.getExp();
+ Set<String> scopes = td.scopes(true);
+ if(in.getScope()!=null) {
+ for(String s : Split.split(' ', in.getScope())) {
+ scopes.add(s);
+ }
+ }
+ // td.state = nothing to add at this point
+ td.req_ip = trans.ip();
+ trans.checkpoint(td.user + ':' + td.client_id + ", " + td.id);
+ return loadToken(trans, td);
+ }
+ }
+// System.out.println(rai.value.getClientId());
+ } else {
+ trans.audit().printf("Alt OAuth rejects: requesting_id,%s,access_token=%s,ip=%s,code=%d,error=%s\n",trans.user(),token,trans.ip(),rai.code,rai.error);
+ }
+ } else {
+ trans.audit().printf("Bad Token: requesting_id,%s,access_token=%s,ip=%s\n",trans.user(),token,trans.ip());
+ }
+ return Result.err(Result.ERR_Denied,"Bad Token");
+ } else {
+ return dbIntrospect(trans,token);
+ }
+ } catch (CadiException | APIException | LocatorException e) {
+ return Result.err(e);
+ }
+ }
- public Result<Data> dbIntrospect(final AuthzTrans trans, final String token) {
- Result<List<Data>> rld = tokenDAO.read(trans, token);
- if(rld.notOKorIsEmpty()) {
- return Result.err(rld);
- }
- OAuthTokenDAO.Data odd = rld.value.get(0);
- trans.checkpoint(odd.user + ':' + odd.client_id + ", " + odd.id);
- if(odd.active) {
- if(odd.expires.before(trans.now())) {
- return Result.err(Result.ERR_Policy,"Token %1 has expired",token);
- }
- return Result.ok(rld.value.get(0)); // ok keyed on id/token.
- } else {
- return Result.err(Result.ERR_Denied,"Token %1 is inactive",token);
- }
- }
+ public Result<Data> dbIntrospect(final AuthzTrans trans, final String token) {
+ Result<List<Data>> rld = tokenDAO.read(trans, token);
+ if(rld.notOKorIsEmpty()) {
+ return Result.err(rld);
+ }
+ OAuthTokenDAO.Data odd = rld.value.get(0);
+ trans.checkpoint(odd.user + ':' + odd.client_id + ", " + odd.id);
+ if(odd.active) {
+ if(odd.expires.before(trans.now())) {
+ return Result.err(Result.ERR_Policy,"Token %1 has expired",token);
+ }
+ return Result.ok(rld.value.get(0)); // ok keyed on id/token.
+ } else {
+ return Result.err(Result.ERR_Denied,"Token %1 is inactive",token);
+ }
+ }
- public void close() {
- for(DAO<AuthzTrans,?> dao : daos) {
- dao.close(NullTrans.singleton());
- }
- }
+ public void close() {
+ for(DAO<AuthzTrans,?> dao : daos) {
+ dao.close(NullTrans.singleton());
+ }
+ }
}
diff --git a/auth/auth-oauth/src/main/java/org/onap/aaf/auth/oauth/service/OCreds.java b/auth/auth-oauth/src/main/java/org/onap/aaf/auth/oauth/service/OCreds.java
index becb746a..af15d4c2 100644
--- a/auth/auth-oauth/src/main/java/org/onap/aaf/auth/oauth/service/OCreds.java
+++ b/auth/auth-oauth/src/main/java/org/onap/aaf/auth/oauth/service/OCreds.java
@@ -22,12 +22,12 @@
package org.onap.aaf.auth.oauth.service;
public class OCreds {
- public final String client_id, username;
- public final byte[] client_secret, password;
- public OCreds(String client_id, String client_secret, String username, String password) {
- this.client_id = client_id;
- this.client_secret = client_secret==null?null:client_secret.getBytes();
- this.username = username;
- this.password = password==null?null:password.getBytes();
- }
+ public final String client_id, username;
+ public final byte[] client_secret, password;
+ public OCreds(String client_id, String client_secret, String username, String password) {
+ this.client_id = client_id;
+ this.client_secret = client_secret==null?null:client_secret.getBytes();
+ this.username = username;
+ this.password = password==null?null:password.getBytes();
+ }
}
diff --git a/auth/auth-oauth/src/test/java/org/onap/aaf/auth/oauth/JU_DirectOAuthTAF.java b/auth/auth-oauth/src/test/java/org/onap/aaf/auth/oauth/JU_DirectOAuthTAF.java
index ed80b10c..61608a17 100644
--- a/auth/auth-oauth/src/test/java/org/onap/aaf/auth/oauth/JU_DirectOAuthTAF.java
+++ b/auth/auth-oauth/src/test/java/org/onap/aaf/auth/oauth/JU_DirectOAuthTAF.java
@@ -50,78 +50,78 @@ import aafoauth.v2_0.Introspect;
public class JU_DirectOAuthTAF {
- @Mock
- private AuthzEnv env;
-
- @Mock
- private PropAccess access;
-
- private Properties props = new Properties();
-
- @Mock
- private HttpServletRequest req;
-
- private Map<String, String[]> parameterMap;
- @Mock
- private DirectIntrospect<Introspect> facade;
- @Mock
- private AuthzTrans trans;
- @Mock
- private Result<Introspect> ri;
-
- @Before
- public void setup() {
- initMocks(this);
- parameterMap = new TreeMap<String, String[]>();
-
- }
-
- @Test
- public void testValidateWithoutSecret() throws APIException, CadiException {
- parameterMap.put("client_id", new String[] { "Client1" });
- // parameterMap.put("client_secret", new String[] { "Secret1" });
- parameterMap.put("username", new String[] { "User1" });
- parameterMap.put("password", new String[] { "Pass1" });
- parameterMap.put("token", new String[] { "token1" });
- when(env.access()).thenReturn(access);
- when(access.getProperties()).thenReturn(props);
- when(req.getContentType()).thenReturn("application/x-www-form-urlencoded");
- when(req.getParameterMap()).thenReturn(parameterMap);
-
- DirectOAuthTAF oAuthTaf = new DirectOAuthTAF(env, null, null);
-
- TafResp validate = oAuthTaf.validate(null, req, null);
-
- assertNotNull(validate);
- assertEquals(validate.getAccess(), access);
- assertEquals(validate.desc(), "client_id and client_secret required");
- }
-
- @Test
- public void testValidateWithSecret() throws APIException, CadiException {
- parameterMap.put("client_id", new String[] { "Client1" });
- parameterMap.put("client_secret", new String[] { "Secret1" });
- parameterMap.put("username", new String[] { "User1" });
- parameterMap.put("password", new String[] { "Pass1" });
- parameterMap.put("token", new String[] { "token1" });
-
- when(env.access()).thenReturn(access);
- when(access.getProperties()).thenReturn(props);
- when(req.getContentType()).thenReturn("application/x-www-form-urlencoded");
- when(req.getParameterMap()).thenReturn(parameterMap);
- when(req.getAttribute(TransFilter.TRANS_TAG)).thenReturn(trans);
- when(facade.mappedIntrospect(trans, "token1")).thenReturn(ri);
-
- DirectOAuthTAF oAuthTaf = new DirectOAuthTAF(env, null, facade);
-
- TafResp validate = oAuthTaf.validate(null, req, null);
-
- assertNotNull(validate);
- assertEquals(validate.getAccess(), access);
- assertEquals(validate.desc(), ri.errorString());
-
- assertNull(oAuthTaf.revalidate(null, null));
- assertNotNull(oAuthTaf.directUserPass());
- }
+ @Mock
+ private AuthzEnv env;
+
+ @Mock
+ private PropAccess access;
+
+ private Properties props = new Properties();
+
+ @Mock
+ private HttpServletRequest req;
+
+ private Map<String, String[]> parameterMap;
+ @Mock
+ private DirectIntrospect<Introspect> facade;
+ @Mock
+ private AuthzTrans trans;
+ @Mock
+ private Result<Introspect> ri;
+
+ @Before
+ public void setup() {
+ initMocks(this);
+ parameterMap = new TreeMap<String, String[]>();
+
+ }
+
+ @Test
+ public void testValidateWithoutSecret() throws APIException, CadiException {
+ parameterMap.put("client_id", new String[] { "Client1" });
+ // parameterMap.put("client_secret", new String[] { "Secret1" });
+ parameterMap.put("username", new String[] { "User1" });
+ parameterMap.put("password", new String[] { "Pass1" });
+ parameterMap.put("token", new String[] { "token1" });
+ when(env.access()).thenReturn(access);
+ when(access.getProperties()).thenReturn(props);
+ when(req.getContentType()).thenReturn("application/x-www-form-urlencoded");
+ when(req.getParameterMap()).thenReturn(parameterMap);
+
+ DirectOAuthTAF oAuthTaf = new DirectOAuthTAF(env, null, null);
+
+ TafResp validate = oAuthTaf.validate(null, req, null);
+
+ assertNotNull(validate);
+ assertEquals(validate.getAccess(), access);
+ assertEquals(validate.desc(), "client_id and client_secret required");
+ }
+
+ @Test
+ public void testValidateWithSecret() throws APIException, CadiException {
+ parameterMap.put("client_id", new String[] { "Client1" });
+ parameterMap.put("client_secret", new String[] { "Secret1" });
+ parameterMap.put("username", new String[] { "User1" });
+ parameterMap.put("password", new String[] { "Pass1" });
+ parameterMap.put("token", new String[] { "token1" });
+
+ when(env.access()).thenReturn(access);
+ when(access.getProperties()).thenReturn(props);
+ when(req.getContentType()).thenReturn("application/x-www-form-urlencoded");
+ when(req.getParameterMap()).thenReturn(parameterMap);
+ when(req.getAttribute(TransFilter.TRANS_TAG)).thenReturn(trans);
+ when(facade.mappedIntrospect(trans, "token1")).thenReturn(ri);
+
+ DirectOAuthTAF oAuthTaf = new DirectOAuthTAF(env, null, facade);
+
+ TafResp validate = oAuthTaf.validate(null, req, null);
+
+ assertNotNull(validate);
+ assertEquals(validate.getAccess(), access);
+ assertEquals(validate.desc(), ri.errorString());
+
+ assertNull(oAuthTaf.revalidate(null, null));
+ assertNotNull(oAuthTaf.directUserPass());
+ }
}
diff --git a/auth/auth-oauth/src/test/java/org/onap/aaf/auth/oauth/JU_OACodeTest.java b/auth/auth-oauth/src/test/java/org/onap/aaf/auth/oauth/JU_OACodeTest.java
index 9ae7a012..22958736 100644
--- a/auth/auth-oauth/src/test/java/org/onap/aaf/auth/oauth/JU_OACodeTest.java
+++ b/auth/auth-oauth/src/test/java/org/onap/aaf/auth/oauth/JU_OACodeTest.java
@@ -39,33 +39,33 @@ import aafoauth.v2_0.Introspect;
public class JU_OACodeTest {
- @Mock
- private OAFacade<Introspect> facade;
+ @Mock
+ private OAFacade<Introspect> facade;
- @Mock
- private OAFacade<Introspect> facade1;
+ @Mock
+ private OAFacade<Introspect> facade1;
- @Before
- public void setup() {
- initMocks(this);
- }
+ @Before
+ public void setup() {
+ initMocks(this);
+ }
- @Test
- public void testOACodeDefaultMethod() throws Exception {
- OACode code = new OACode(facade, "Original Description", true, "role1") {
+ @Test
+ public void testOACodeDefaultMethod() throws Exception {
+ OACode code = new OACode(facade, "Original Description", true, "role1") {
- @Override
- public void handle(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp) throws Exception {
- // Blank implementation to test abstract OACode class.
- }
- };
+ @Override
+ public void handle(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp) throws Exception {
+ // Blank implementation to test abstract OACode class.
+ }
+ };
- OACode clone = code.clone(facade1, false);
+ OACode clone = code.clone(facade1, false);
- assertNotSame(code, clone);
+ assertNotSame(code, clone);
- assertTrue(code.useJSON);
- assertFalse(clone.useJSON);
+ assertTrue(code.useJSON);
+ assertFalse(clone.useJSON);
- }
+ }
}
diff --git a/auth/auth-oauth/src/test/java/org/onap/aaf/auth/oauth/JU_OAuth2FilterTest.java b/auth/auth-oauth/src/test/java/org/onap/aaf/auth/oauth/JU_OAuth2FilterTest.java
index 56dc669d..56eba95b 100644
--- a/auth/auth-oauth/src/test/java/org/onap/aaf/auth/oauth/JU_OAuth2FilterTest.java
+++ b/auth/auth-oauth/src/test/java/org/onap/aaf/auth/oauth/JU_OAuth2FilterTest.java
@@ -38,51 +38,51 @@ import org.onap.aaf.cadi.principal.BearerPrincipal;
public class JU_OAuth2FilterTest {
- @Mock
- private HttpServletRequest request;
- @Mock
- private FilterChain chain;
- @Mock
- private BearerPrincipal principal;
-
- @Before
- public void setup() {
- initMocks(this);
- }
-
- @Test
- public void testDoFilterWithContentType() throws IOException, ServletException {
- when(request.getContentType()).thenReturn("application/x-www-form-urlencoded");
-
- OAuth2Filter filter = new OAuth2Filter();
- filter.doFilter(request, null, chain);
-
- verify(chain, only()).doFilter(request, null);
- }
-
- @Test
- public void testDoFilter() throws IOException, ServletException {
- when(request.getContentType()).thenReturn("somethingElse");
- when(request.getUserPrincipal()).thenReturn(principal);
- when(request.getHeader("Authorization")).thenReturn("Bearer 1;Bearer2");
-
- OAuth2Filter filter = new OAuth2Filter();
- filter.init(null);
- filter.destroy();
- filter.doFilter(request, null, chain);
-
- verify(chain, only()).doFilter(request, null);
- verify(principal, only()).setBearer("1");
- }
-
- @Test
- public void testDoFilterWithoutBearerPrincipal() throws IOException, ServletException {
- when(request.getContentType()).thenReturn("somethingElse");
- when(request.getHeader("Authorization")).thenReturn("Bearer 1;Bearer2");
-
- OAuth2Filter filter = new OAuth2Filter();
- filter.doFilter(request, null, chain);
-
- verify(chain, only()).doFilter(request, null);
- }
+ @Mock
+ private HttpServletRequest request;
+ @Mock
+ private FilterChain chain;
+ @Mock
+ private BearerPrincipal principal;
+
+ @Before
+ public void setup() {
+ initMocks(this);
+ }
+
+ @Test
+ public void testDoFilterWithContentType() throws IOException, ServletException {
+ when(request.getContentType()).thenReturn("application/x-www-form-urlencoded");
+
+ OAuth2Filter filter = new OAuth2Filter();
+ filter.doFilter(request, null, chain);
+
+ verify(chain, only()).doFilter(request, null);
+ }
+
+ @Test
+ public void testDoFilter() throws IOException, ServletException {
+ when(request.getContentType()).thenReturn("somethingElse");
+ when(request.getUserPrincipal()).thenReturn(principal);
+ when(request.getHeader("Authorization")).thenReturn("Bearer 1;Bearer2");
+
+ OAuth2Filter filter = new OAuth2Filter();
+ filter.init(null);
+ filter.destroy();
+ filter.doFilter(request, null, chain);
+
+ verify(chain, only()).doFilter(request, null);
+ verify(principal, only()).setBearer("1");
+ }
+
+ @Test
+ public void testDoFilterWithoutBearerPrincipal() throws IOException, ServletException {
+ when(request.getContentType()).thenReturn("somethingElse");
+ when(request.getHeader("Authorization")).thenReturn("Bearer 1;Bearer2");
+
+ OAuth2Filter filter = new OAuth2Filter();
+ filter.doFilter(request, null, chain);
+
+ verify(chain, only()).doFilter(request, null);
+ }
}
diff --git a/auth/auth-oauth/src/test/java/org/onap/aaf/auth/oauth/JU_OAuth2FormHttpTafRespTest.java b/auth/auth-oauth/src/test/java/org/onap/aaf/auth/oauth/JU_OAuth2FormHttpTafRespTest.java
index 7a332fa3..8913cceb 100644
--- a/auth/auth-oauth/src/test/java/org/onap/aaf/auth/oauth/JU_OAuth2FormHttpTafRespTest.java
+++ b/auth/auth-oauth/src/test/java/org/onap/aaf/auth/oauth/JU_OAuth2FormHttpTafRespTest.java
@@ -37,28 +37,28 @@ import org.onap.aaf.cadi.taf.TafResp.RESP;
public class JU_OAuth2FormHttpTafRespTest {
- @Mock
- private HttpServletResponse resp;
+ @Mock
+ private HttpServletResponse resp;
- @Before
- public void setup() {
- initMocks(this);
- }
+ @Before
+ public void setup() {
+ initMocks(this);
+ }
- @Test
- public void testAuthenticated() throws IOException {
- OAuth2FormHttpTafResp oAuth2 = new OAuth2FormHttpTafResp(null, null, null, null, resp);
+ @Test
+ public void testAuthenticated() throws IOException {
+ OAuth2FormHttpTafResp oAuth2 = new OAuth2FormHttpTafResp(null, null, null, null, resp);
- assertEquals(oAuth2.authenticate(), RESP.HTTP_REDIRECT_INVOKED);
+ assertEquals(oAuth2.authenticate(), RESP.HTTP_REDIRECT_INVOKED);
- verify(resp, only()).setStatus(401);
- }
+ verify(resp, only()).setStatus(401);
+ }
- @Test
- public void testIsAuthenticated() throws IOException {
- OAuth2FormHttpTafResp oAuth2 = new OAuth2FormHttpTafResp(null, null, null, RESP.HAS_PROCESSED, null, false);
+ @Test
+ public void testIsAuthenticated() throws IOException {
+ OAuth2FormHttpTafResp oAuth2 = new OAuth2FormHttpTafResp(null, null, null, RESP.HAS_PROCESSED, null, false);
- assertEquals(oAuth2.isAuthenticated(), RESP.HAS_PROCESSED);
- assertFalse(oAuth2.isFailedAttempt());
- }
+ assertEquals(oAuth2.isAuthenticated(), RESP.HAS_PROCESSED);
+ assertFalse(oAuth2.isFailedAttempt());
+ }
}
diff --git a/auth/auth-oauth/src/test/java/org/onap/aaf/auth/oauth/facade/JU_DirectOAFacadeImplTest.java b/auth/auth-oauth/src/test/java/org/onap/aaf/auth/oauth/facade/JU_DirectOAFacadeImplTest.java
index 1393f291..6e6722f9 100644
--- a/auth/auth-oauth/src/test/java/org/onap/aaf/auth/oauth/facade/JU_DirectOAFacadeImplTest.java
+++ b/auth/auth-oauth/src/test/java/org/onap/aaf/auth/oauth/facade/JU_DirectOAFacadeImplTest.java
@@ -27,10 +27,10 @@ import org.junit.Test;
public class JU_DirectOAFacadeImplTest {
- @Test
- public void test() {
- DirectOAFacadeImpl oAFacade = new DirectOAFacadeImpl();
- assertNotNull(oAFacade);
- }
+ @Test
+ public void test() {
+ DirectOAFacadeImpl oAFacade = new DirectOAFacadeImpl();
+ assertNotNull(oAFacade);
+ }
}
diff --git a/auth/auth-oauth/src/test/java/org/onap/aaf/auth/oauth/facade/JU_OAFacadeFactory.java b/auth/auth-oauth/src/test/java/org/onap/aaf/auth/oauth/facade/JU_OAFacadeFactory.java
index bf9cbdd6..3c7b2970 100644
--- a/auth/auth-oauth/src/test/java/org/onap/aaf/auth/oauth/facade/JU_OAFacadeFactory.java
+++ b/auth/auth-oauth/src/test/java/org/onap/aaf/auth/oauth/facade/JU_OAFacadeFactory.java
@@ -37,51 +37,51 @@ import aafoauth.v2_0.Introspect;
public class JU_OAFacadeFactory {
- @Mock
- private OAuthService service;
+ @Mock
+ private OAuthService service;
- private String token;
+ private String token;
- private AuthzTrans trans;
- @Mock
- private Result<Data> rs;
+ private AuthzTrans trans;
+ @Mock
+ private Result<Data> rs;
- @Before
- public void setUp() throws Exception {
- initMocks(this);
- }
+ @Before
+ public void setUp() throws Exception {
+ initMocks(this);
+ }
- @Test
- public void testStatusNotOk() throws APIException {
- when(service.introspect(trans, token)).thenReturn(rs);
- when(rs.notOK()).thenReturn(true);
+ @Test
+ public void testStatusNotOk() throws APIException {
+ when(service.introspect(trans, token)).thenReturn(rs);
+ when(rs.notOK()).thenReturn(true);
- DirectIntrospect<Introspect> direct = OAFacadeFactory.directV1_0(service);
- Result<Introspect> rti = direct.mappedIntrospect(trans, token);
+ DirectIntrospect<Introspect> direct = OAFacadeFactory.directV1_0(service);
+ Result<Introspect> rti = direct.mappedIntrospect(trans, token);
- assertEquals(rti.status, 0);
- }
+ assertEquals(rti.status, 0);
+ }
- @Test
- public void testStatusOk() throws APIException {
- when(service.introspect(trans, token)).thenReturn(rs);
- when(rs.notOK()).thenReturn(false);
+ @Test
+ public void testStatusOk() throws APIException {
+ when(service.introspect(trans, token)).thenReturn(rs);
+ when(rs.notOK()).thenReturn(false);
- DirectIntrospect<Introspect> directV1_0 = OAFacadeFactory.directV1_0(service);
- Result<Introspect> rti = directV1_0.mappedIntrospect(trans, token);
+ DirectIntrospect<Introspect> directV1_0 = OAFacadeFactory.directV1_0(service);
+ Result<Introspect> rti = directV1_0.mappedIntrospect(trans, token);
- assertEquals(rti.status, 0);
- }
+ assertEquals(rti.status, 0);
+ }
- @Test
- public void testStatusOkWithResultSetEmpty() throws APIException {
- when(service.introspect(trans, token)).thenReturn(rs);
- when(rs.isEmpty()).thenReturn(true);
- when(rs.notOK()).thenReturn(false);
+ @Test
+ public void testStatusOkWithResultSetEmpty() throws APIException {
+ when(service.introspect(trans, token)).thenReturn(rs);
+ when(rs.isEmpty()).thenReturn(true);
+ when(rs.notOK()).thenReturn(false);
- DirectIntrospect<Introspect> directV1_0 = OAFacadeFactory.directV1_0(service);
- Result<Introspect> rti = directV1_0.mappedIntrospect(trans, token);
+ DirectIntrospect<Introspect> directV1_0 = OAFacadeFactory.directV1_0(service);
+ Result<Introspect> rti = directV1_0.mappedIntrospect(trans, token);
- assertEquals(rti.status, Result.ERR_NotFound);
- }
+ assertEquals(rti.status, Result.ERR_NotFound);
+ }
}
diff --git a/auth/auth-oauth/src/test/java/org/onap/aaf/auth/oauth/mapper/JU_Mapper1_0Test.java b/auth/auth-oauth/src/test/java/org/onap/aaf/auth/oauth/mapper/JU_Mapper1_0Test.java
index c872cb8e..3a0a40d9 100644
--- a/auth/auth-oauth/src/test/java/org/onap/aaf/auth/oauth/mapper/JU_Mapper1_0Test.java
+++ b/auth/auth-oauth/src/test/java/org/onap/aaf/auth/oauth/mapper/JU_Mapper1_0Test.java
@@ -49,178 +49,178 @@ import aafoauth.v2_0.Token;
import aafoauth.v2_0.TokenRequest;
public class JU_Mapper1_0Test {
- @Mock
- private HttpServletRequest req;
-
- @Mock
- private TokenRequest tokenRequest;
-
- @Mock
- private Holder<GRANT_TYPE> hgt;
-
- @Mock(answer = Answers.RETURNS_DEEP_STUBS)
- private OAuth2Principal p;
-
- private Data data;
-
- @Before
- public void setup() {
- initMocks(this);
- data = new Data();
- data.id = "id";
- }
-
- @Test
- public void testMapper() {
- Mapper<TokenRequest, Token, Introspect, Error> mapper = new Mapper1_0();
- assertEquals(TokenRequest.class, mapper.getClass(API.TOKEN_REQ));
- assertEquals(Token.class, mapper.getClass(API.TOKEN));
- assertEquals(Introspect.class, mapper.getClass(API.INTROSPECT));
- assertEquals(Error.class, mapper.getClass(API.ERROR));
- assertEquals(Void.class, mapper.getClass(API.VOID));
-
- assertTrue(mapper.newInstance(API.TOKEN_REQ) instanceof TokenRequest);
- assertTrue(mapper.newInstance(API.TOKEN) instanceof Token);
- assertTrue(mapper.newInstance(API.INTROSPECT) instanceof Introspect);
- assertTrue(mapper.newInstance(API.ERROR) instanceof Error);
- assertEquals(null, mapper.newInstance(API.VOID));
+ @Mock
+ private HttpServletRequest req;
+
+ @Mock
+ private TokenRequest tokenRequest;
+
+ @Mock
+ private Holder<GRANT_TYPE> hgt;
+
+ @Mock(answer = Answers.RETURNS_DEEP_STUBS)
+ private OAuth2Principal p;
+
+ private Data data;
+
+ @Before
+ public void setup() {
+ initMocks(this);
+ data = new Data();
+ data.id = "id";
+ }
+
+ @Test
+ public void testMapper() {
+ Mapper<TokenRequest, Token, Introspect, Error> mapper = new Mapper1_0();
+ assertEquals(TokenRequest.class, mapper.getClass(API.TOKEN_REQ));
+ assertEquals(Token.class, mapper.getClass(API.TOKEN));
+ assertEquals(Introspect.class, mapper.getClass(API.INTROSPECT));
+ assertEquals(Error.class, mapper.getClass(API.ERROR));
+ assertEquals(Void.class, mapper.getClass(API.VOID));
+
+ assertTrue(mapper.newInstance(API.TOKEN_REQ) instanceof TokenRequest);
+ assertTrue(mapper.newInstance(API.TOKEN) instanceof Token);
+ assertTrue(mapper.newInstance(API.INTROSPECT) instanceof Introspect);
+ assertTrue(mapper.newInstance(API.ERROR) instanceof Error);
+ assertEquals(null, mapper.newInstance(API.VOID));
- Error error = mapper.errorFromMessage(null, null, "text", "var1", "var2");
- assertEquals("text", error.getText());
+ Error error = mapper.errorFromMessage(null, null, "text", "var1", "var2");
+ assertEquals("text", error.getText());
- Object tokenReqFromParams = mapper.tokenReqFromParams(req);
- assertNull(tokenReqFromParams);
- }
+ Object tokenReqFromParams = mapper.tokenReqFromParams(req);
+ assertNull(tokenReqFromParams);
+ }
- @Test
- public void testTokeReqFromParams() {
- Map<String, String[]> parameterMap = new TreeMap<String, String[]>();
- parameterMap.put("client_id", new String[] { "ClientId1" });
- parameterMap.put("client_secret", new String[] { "client_secret" });
- parameterMap.put("username", new String[] { "username" });
- parameterMap.put("password", new String[] { "password" });
- parameterMap.put("scope", new String[] { "scope" });
- parameterMap.put("grant_type", new String[] { "grant_type" });
- parameterMap.put("refresh_token", new String[] { "refresh_token" });
- parameterMap.put("etc", new String[] { "etc" });
- when(req.getParameterMap()).thenReturn(parameterMap);
+ @Test
+ public void testTokeReqFromParams() {
+ Map<String, String[]> parameterMap = new TreeMap<String, String[]>();
+ parameterMap.put("client_id", new String[] { "ClientId1" });
+ parameterMap.put("client_secret", new String[] { "client_secret" });
+ parameterMap.put("username", new String[] { "username" });
+ parameterMap.put("password", new String[] { "password" });
+ parameterMap.put("scope", new String[] { "scope" });
+ parameterMap.put("grant_type", new String[] { "grant_type" });
+ parameterMap.put("refresh_token", new String[] { "refresh_token" });
+ parameterMap.put("etc", new String[] { "etc" });
+ when(req.getParameterMap()).thenReturn(parameterMap);
- Mapper<TokenRequest, Token, Introspect, Error> mapper = new Mapper1_0();
+ Mapper<TokenRequest, Token, Introspect, Error> mapper = new Mapper1_0();
- TokenRequest param = mapper.tokenReqFromParams(req);
+ TokenRequest param = mapper.tokenReqFromParams(req);
- assertEquals("ClientId1", param.getClientId());
- assertEquals("client_secret", param.getClientSecret());
- assertEquals("username", param.getUsername());
- assertEquals("password", param.getPassword());
- assertEquals("scope", param.getScope());
- assertEquals("grant_type", param.getGrantType());
- assertEquals("refresh_token", param.getRefreshToken());
+ assertEquals("ClientId1", param.getClientId());
+ assertEquals("client_secret", param.getClientSecret());
+ assertEquals("username", param.getUsername());
+ assertEquals("password", param.getPassword());
+ assertEquals("scope", param.getScope());
+ assertEquals("grant_type", param.getGrantType());
+ assertEquals("refresh_token", param.getRefreshToken());
- OCreds credsFromReq = mapper.credsFromReq(param);
- assertEquals("ClientId1", credsFromReq.client_id);
- assertEquals("username", credsFromReq.username);
+ OCreds credsFromReq = mapper.credsFromReq(param);
+ assertEquals("ClientId1", credsFromReq.client_id);
+ assertEquals("username", credsFromReq.username);
- }
+ }
- @Test
- public void testTokeReqFromParamsWithNoValues() {
- Map<String, String[]> parameterMap = new TreeMap<String, String[]>();
- parameterMap.put("client_id", new String[] {});
- parameterMap.put("client_secret", new String[] {});
- parameterMap.put("username", new String[] {});
- parameterMap.put("password", new String[] {});
- parameterMap.put("scope", new String[] {});
- parameterMap.put("grant_type", new String[] {});
- parameterMap.put("refresh_token", new String[] {});
- parameterMap.put("etc", new String[] {});
- when(req.getParameterMap()).thenReturn(parameterMap);
+ @Test
+ public void testTokeReqFromParamsWithNoValues() {
+ Map<String, String[]> parameterMap = new TreeMap<String, String[]>();
+ parameterMap.put("client_id", new String[] {});
+ parameterMap.put("client_secret", new String[] {});
+ parameterMap.put("username", new String[] {});
+ parameterMap.put("password", new String[] {});
+ parameterMap.put("scope", new String[] {});
+ parameterMap.put("grant_type", new String[] {});
+ parameterMap.put("refresh_token", new String[] {});
+ parameterMap.put("etc", new String[] {});
+ when(req.getParameterMap()).thenReturn(parameterMap);
- Mapper<TokenRequest, Token, Introspect, Error> mapper = new Mapper1_0();
+ Mapper<TokenRequest, Token, Introspect, Error> mapper = new Mapper1_0();
- Object param = mapper.tokenReqFromParams(req);
+ Object param = mapper.tokenReqFromParams(req);
- assertNull(param);
+ assertNull(param);
- }
+ }
- @Test
- public void testClientTokenReqWithClientCred() {
- when(hgt.get()).thenReturn(GRANT_TYPE.client_credentials);
- when(tokenRequest.getState()).thenReturn("State");
- when(tokenRequest.getGrantType()).thenReturn("client_credentials");
- when(tokenRequest.getScope()).thenReturn("Scope");
+ @Test
+ public void testClientTokenReqWithClientCred() {
+ when(hgt.get()).thenReturn(GRANT_TYPE.client_credentials);
+ when(tokenRequest.getState()).thenReturn("State");
+ when(tokenRequest.getGrantType()).thenReturn("client_credentials");
+ when(tokenRequest.getScope()).thenReturn("Scope");
- Mapper<TokenRequest, Token, Introspect, Error> mapper = new Mapper1_0();
+ Mapper<TokenRequest, Token, Introspect, Error> mapper = new Mapper1_0();
- Data clientTokenReq = mapper.clientTokenReq(tokenRequest, hgt);
+ Data clientTokenReq = mapper.clientTokenReq(tokenRequest, hgt);
- assertEquals("State", clientTokenReq.state);
- assertTrue(clientTokenReq.scopes.contains("Scope"));
+ assertEquals("State", clientTokenReq.state);
+ assertTrue(clientTokenReq.scopes.contains("Scope"));
- }
+ }
- @Test
- public void testClientTokenReqWithPassword() {
- when(hgt.get()).thenReturn(GRANT_TYPE.unknown);
- when(tokenRequest.getState()).thenReturn("State");
- when(tokenRequest.getRefreshToken()).thenReturn("UnKnown");
+ @Test
+ public void testClientTokenReqWithPassword() {
+ when(hgt.get()).thenReturn(GRANT_TYPE.unknown);
+ when(tokenRequest.getState()).thenReturn("State");
+ when(tokenRequest.getRefreshToken()).thenReturn("UnKnown");
- Mapper<TokenRequest, Token, Introspect, Error> mapper = new Mapper1_0();
+ Mapper<TokenRequest, Token, Introspect, Error> mapper = new Mapper1_0();
- Data clientTokenReq = mapper.clientTokenReq(tokenRequest, hgt);
+ Data clientTokenReq = mapper.clientTokenReq(tokenRequest, hgt);
- assertEquals("State", clientTokenReq.state);
- assertEquals(clientTokenReq.type, 0);
- }
+ assertEquals("State", clientTokenReq.state);
+ assertEquals(clientTokenReq.type, 0);
+ }
- @Test
- public void testTokenFromDataWithNotOk() {
- Result<Data> dataResult = Result.create(null, 1, "detail", "var");
+ @Test
+ public void testTokenFromDataWithNotOk() {
+ Result<Data> dataResult = Result.create(null, 1, "detail", "var");
- Mapper<TokenRequest, Token, Introspect, Error> mapper = new Mapper1_0();
+ Mapper<TokenRequest, Token, Introspect, Error> mapper = new Mapper1_0();
- Result<Token> clientTokenReq = mapper.tokenFromData(dataResult);
+ Result<Token> clientTokenReq = mapper.tokenFromData(dataResult);
- assertEquals(null, clientTokenReq.value);
- }
+ assertEquals(null, clientTokenReq.value);
+ }
- @Test
- public void testTokenFromData() {
+ @Test
+ public void testTokenFromData() {
- Result<Data> dataResult = Result.create(data, 0, "detail", "var");
+ Result<Data> dataResult = Result.create(data, 0, "detail", "var");
- Mapper<TokenRequest, Token, Introspect, Error> mapper = new Mapper1_0();
+ Mapper<TokenRequest, Token, Introspect, Error> mapper = new Mapper1_0();
- Result<Token> clientTokenReq = mapper.tokenFromData(dataResult);
+ Result<Token> clientTokenReq = mapper.tokenFromData(dataResult);
- assertEquals(clientTokenReq.value.getAccessToken(), data.id);
- }
+ assertEquals(clientTokenReq.value.getAccessToken(), data.id);
+ }
- @Test
- public void testTokenFromDataWithNoTokenType() {
- data.type = 20;
+ @Test
+ public void testTokenFromDataWithNoTokenType() {
+ data.type = 20;
- Result<Data> dataResult = Result.create(data, 0, "detail", "var");
+ Result<Data> dataResult = Result.create(data, 0, "detail", "var");
- Mapper<TokenRequest, Token, Introspect, Error> mapper = new Mapper1_0();
+ Mapper<TokenRequest, Token, Introspect, Error> mapper = new Mapper1_0();
- Result<Token> clientTokenReq = mapper.tokenFromData(dataResult);
+ Result<Token> clientTokenReq = mapper.tokenFromData(dataResult);
- assertEquals(clientTokenReq.value.getAccessToken(), data.id);
- assertEquals(clientTokenReq.value.getTokenType(), "Invalid");
- }
+ assertEquals(clientTokenReq.value.getAccessToken(), data.id);
+ assertEquals(clientTokenReq.value.getTokenType(), "Invalid");
+ }
- @Test
- public void testFromPrincipal() {
+ @Test
+ public void testFromPrincipal() {
- Introspect introspect = new Introspect();
- when(p.tokenPerm().getIntrospect()).thenReturn(introspect);
+ Introspect introspect = new Introspect();
+ when(p.tokenPerm().getIntrospect()).thenReturn(introspect);
- Mapper<TokenRequest, Token, Introspect, Error> mapper = new Mapper1_0();
+ Mapper<TokenRequest, Token, Introspect, Error> mapper = new Mapper1_0();
- Introspect intro = mapper.fromPrincipal(p);
+ Introspect intro = mapper.fromPrincipal(p);
- assertEquals(introspect, intro);
- }
+ assertEquals(introspect, intro);
+ }
}
diff --git a/auth/auth-oauth/src/test/java/org/onap/aaf/auth/oauth/mapper/JU_MapperIntrospect1_0Test.java b/auth/auth-oauth/src/test/java/org/onap/aaf/auth/oauth/mapper/JU_MapperIntrospect1_0Test.java
index d303755f..f5e50d5e 100644
--- a/auth/auth-oauth/src/test/java/org/onap/aaf/auth/oauth/mapper/JU_MapperIntrospect1_0Test.java
+++ b/auth/auth-oauth/src/test/java/org/onap/aaf/auth/oauth/mapper/JU_MapperIntrospect1_0Test.java
@@ -37,58 +37,58 @@ import org.onap.aaf.auth.layer.Result;
import aafoauth.v2_0.Introspect;
public class JU_MapperIntrospect1_0Test {
- @Mock
- private HttpServletRequest req;
+ @Mock
+ private HttpServletRequest req;
- Data data;
+ Data data;
- @Before
- public void setup() {
- initMocks(this);
- data = new Data();
- }
+ @Before
+ public void setup() {
+ initMocks(this);
+ data = new Data();
+ }
- @Test
- public void testIntrospect() {
- data.type = 1;
+ @Test
+ public void testIntrospect() {
+ data.type = 1;
- Result<Data> dataResult = Result.create(data, 0, "detail", "var");
+ Result<Data> dataResult = Result.create(data, 0, "detail", "var");
- MapperIntrospect<Introspect> mapper = new MapperIntrospect1_0();
+ MapperIntrospect<Introspect> mapper = new MapperIntrospect1_0();
- Result<Introspect> intro = mapper.introspect(dataResult);
+ Result<Introspect> intro = mapper.introspect(dataResult);
- assertEquals(intro.value.getClientType(), "confidential");
- }
+ assertEquals(intro.value.getClientType(), "confidential");
+ }
- @Test
- public void testIntrospectWithUnknowType() {
- data.type = 5;
- data.scopes = new HashSet<String>();
+ @Test
+ public void testIntrospectWithUnknowType() {
+ data.type = 5;
+ data.scopes = new HashSet<String>();
- data.scopes.add(Scope.APPLICATION.toString());
- data.scopes.add(Scope.HANDLER.toString());
+ data.scopes.add(Scope.APPLICATION.toString());
+ data.scopes.add(Scope.HANDLER.toString());
- Result<Data> dataResult = Result.create(data, 0, "detail", "var");
+ Result<Data> dataResult = Result.create(data, 0, "detail", "var");
- MapperIntrospect<Introspect> mapper = new MapperIntrospect1_0();
+ MapperIntrospect<Introspect> mapper = new MapperIntrospect1_0();
- Result<Introspect> intro = mapper.introspect(dataResult);
+ Result<Introspect> intro = mapper.introspect(dataResult);
- assertEquals(intro.value.getClientType(), "unknown");
- }
+ assertEquals(intro.value.getClientType(), "unknown");
+ }
- @Test
- public void testIntrospectWithNotOk() {
- data.type = 5;
+ @Test
+ public void testIntrospectWithNotOk() {
+ data.type = 5;
- Result<Data> dataResult = Result.create(data, 1, "detail", "var");
+ Result<Data> dataResult = Result.create(data, 1, "detail", "var");
- MapperIntrospect<Introspect> mapper = new MapperIntrospect1_0();
+ MapperIntrospect<Introspect> mapper = new MapperIntrospect1_0();
- Result<Introspect> intro = mapper.introspect(dataResult);
+ Result<Introspect> intro = mapper.introspect(dataResult);
- assertEquals(intro.value, null);
- }
+ assertEquals(intro.value, null);
+ }
} \ No newline at end of file
diff --git a/auth/auth-oauth/src/test/java/org/onap/aaf/auth/oauth/service/JU_JSONPermLoaderFactoryTest.java b/auth/auth-oauth/src/test/java/org/onap/aaf/auth/oauth/service/JU_JSONPermLoaderFactoryTest.java
index 1a13580f..4a26da7d 100644
--- a/auth/auth-oauth/src/test/java/org/onap/aaf/auth/oauth/service/JU_JSONPermLoaderFactoryTest.java
+++ b/auth/auth-oauth/src/test/java/org/onap/aaf/auth/oauth/service/JU_JSONPermLoaderFactoryTest.java
@@ -54,147 +54,147 @@ import org.onap.aaf.misc.env.Env;
import org.onap.aaf.misc.env.TimeTaken;
public class JU_JSONPermLoaderFactoryTest {
- @Mock
- private AAFCon<?> aafcon;
- @Mock
- private AuthzTrans trans;
- @Mock
- private TimeTaken tt;
- @Mock
- Rcli c;
- @Mock
- private Future fs;
- @Mock
- private Question question;
- @Mock
- private Result<NsSplit> rdns;
- private NsSplit nss;
+ @Mock
+ private AAFCon<?> aafcon;
+ @Mock
+ private AuthzTrans trans;
+ @Mock
+ private TimeTaken tt;
+ @Mock
+ Rcli c;
+ @Mock
+ private Future fs;
+ @Mock
+ private Question question;
+ @Mock
+ private Result<NsSplit> rdns;
+ private NsSplit nss;
- private Access access;
+ private Access access;
- @Before
- public void setup() throws CadiException {
- access = new AuthzEnv();
- Define.set(access);
- initMocks(this);
- nss = new NsSplit("APPLICATION", "APPLICATION");
- }
+ @Before
+ public void setup() throws CadiException {
+ access = new AuthzEnv();
+ Define.set(access);
+ initMocks(this);
+ nss = new NsSplit("APPLICATION", "APPLICATION");
+ }
- @Test
- public void testRemoteWithTimeOut() throws APIException, CadiException {
- when(trans.start("Call AAF Service", Env.REMOTE)).thenReturn(tt);
- when(aafcon.clientAs(Config.AAF_DEFAULT_VERSION, trans.getUserPrincipal())).thenReturn(c);
- when(c.read("/authz/perms/user/null?scopes=APPLICATION:HANDLER",
- "application/Perms+json;charset=utf-8;version=2.0")).thenReturn(fs);
- when(fs.get(0)).thenReturn(true);
+ @Test
+ public void testRemoteWithTimeOut() throws APIException, CadiException {
+ when(trans.start("Call AAF Service", Env.REMOTE)).thenReturn(tt);
+ when(aafcon.clientAs(Config.AAF_DEFAULT_VERSION, trans.getUserPrincipal())).thenReturn(c);
+ when(c.read("/authz/perms/user/null?scopes=APPLICATION:HANDLER",
+ "application/Perms+json;charset=utf-8;version=2.0")).thenReturn(fs);
+ when(fs.get(0)).thenReturn(true);
- Set<String> scopes = new HashSet<String>();
- scopes.add(Scope.APPLICATION.toString());
- scopes.add(Scope.HANDLER.toString());
+ Set<String> scopes = new HashSet<String>();
+ scopes.add(Scope.APPLICATION.toString());
+ scopes.add(Scope.HANDLER.toString());
- JSONPermLoader factory = JSONPermLoaderFactory.remote(aafcon, 0);
+ JSONPermLoader factory = JSONPermLoaderFactory.remote(aafcon, 0);
- Result<String> loadJSONPerms = factory.loadJSONPerms(trans, null, scopes);
+ Result<String> loadJSONPerms = factory.loadJSONPerms(trans, null, scopes);
- assertEquals(0, loadJSONPerms.status);
+ assertEquals(0, loadJSONPerms.status);
- verify(tt, only()).done();
- }
+ verify(tt, only()).done();
+ }
- @Test
- public void testRemoteWith404() throws APIException, CadiException {
- when(trans.start("Call AAF Service", Env.REMOTE)).thenReturn(tt);
- when(aafcon.clientAs(Config.AAF_DEFAULT_VERSION, trans.getUserPrincipal())).thenReturn(c);
- when(c.read("/authz/perms/user/null?scopes=APPLICATION:HANDLER",
- "application/Perms+json;charset=utf-8;version=2.0")).thenReturn(fs);
- when(fs.get(0)).thenReturn(false);
- when(fs.code()).thenReturn(404);
+ @Test
+ public void testRemoteWith404() throws APIException, CadiException {
+ when(trans.start("Call AAF Service", Env.REMOTE)).thenReturn(tt);
+ when(aafcon.clientAs(Config.AAF_DEFAULT_VERSION, trans.getUserPrincipal())).thenReturn(c);
+ when(c.read("/authz/perms/user/null?scopes=APPLICATION:HANDLER",
+ "application/Perms+json;charset=utf-8;version=2.0")).thenReturn(fs);
+ when(fs.get(0)).thenReturn(false);
+ when(fs.code()).thenReturn(404);
- Set<String> scopes = new HashSet<String>();
- scopes.add(Scope.APPLICATION.toString());
- scopes.add(Scope.HANDLER.toString());
+ Set<String> scopes = new HashSet<String>();
+ scopes.add(Scope.APPLICATION.toString());
+ scopes.add(Scope.HANDLER.toString());
- JSONPermLoader factory = JSONPermLoaderFactory.remote(aafcon, 0);
+ JSONPermLoader factory = JSONPermLoaderFactory.remote(aafcon, 0);
- Result<String> loadJSONPerms = factory.loadJSONPerms(trans, null, scopes);
+ Result<String> loadJSONPerms = factory.loadJSONPerms(trans, null, scopes);
- assertEquals(Result.ERR_NotFound, loadJSONPerms.status);
+ assertEquals(Result.ERR_NotFound, loadJSONPerms.status);
- verify(tt, only()).done();
- }
+ verify(tt, only()).done();
+ }
- @Test
- public void testRemote() throws APIException, CadiException {
- when(trans.start("Call AAF Service", Env.REMOTE)).thenReturn(tt);
- when(aafcon.clientAs(Config.AAF_DEFAULT_VERSION, trans.getUserPrincipal())).thenReturn(c);
- when(c.read("/authz/perms/user/null?scopes=APPLICATION:HANDLER",
- "application/Perms+json;charset=utf-8;version=2.0")).thenReturn(fs);
- when(fs.get(0)).thenReturn(false);
+ @Test
+ public void testRemote() throws APIException, CadiException {
+ when(trans.start("Call AAF Service", Env.REMOTE)).thenReturn(tt);
+ when(aafcon.clientAs(Config.AAF_DEFAULT_VERSION, trans.getUserPrincipal())).thenReturn(c);
+ when(c.read("/authz/perms/user/null?scopes=APPLICATION:HANDLER",
+ "application/Perms+json;charset=utf-8;version=2.0")).thenReturn(fs);
+ when(fs.get(0)).thenReturn(false);
- Set<String> scopes = new HashSet<String>();
- scopes.add(Scope.APPLICATION.toString());
- scopes.add(Scope.HANDLER.toString());
+ Set<String> scopes = new HashSet<String>();
+ scopes.add(Scope.APPLICATION.toString());
+ scopes.add(Scope.HANDLER.toString());
- JSONPermLoader factory = JSONPermLoaderFactory.remote(aafcon, 0);
+ JSONPermLoader factory = JSONPermLoaderFactory.remote(aafcon, 0);
- Result<String> loadJSONPerms = factory.loadJSONPerms(trans, null, scopes);
+ Result<String> loadJSONPerms = factory.loadJSONPerms(trans, null, scopes);
- assertEquals(Result.ERR_Backend, loadJSONPerms.status);
+ assertEquals(Result.ERR_Backend, loadJSONPerms.status);
- verify(tt, only()).done();
- }
+ verify(tt, only()).done();
+ }
- @Test
- public void testDirectWhenPdNotOk() throws APIException, CadiException {
+ @Test
+ public void testDirectWhenPdNotOk() throws APIException, CadiException {
- Result<List<PermDAO.Data>> pd = Result.create(null, Result.ERR_Backend, "details", "vars");
+ Result<List<PermDAO.Data>> pd = Result.create(null, Result.ERR_Backend, "details", "vars");
- when(question.getPermsByUser(trans, "user", false)).thenReturn(pd);
- when(trans.start("Cached DB Perm lookup", Env.SUB)).thenReturn(tt);
+ when(question.getPermsByUser(trans, "user", false)).thenReturn(pd);
+ when(trans.start("Cached DB Perm lookup", Env.SUB)).thenReturn(tt);
- Set<String> scopes = new HashSet<String>();
- scopes.add(Scope.APPLICATION.toString());
- scopes.add(Scope.HANDLER.toString());
+ Set<String> scopes = new HashSet<String>();
+ scopes.add(Scope.APPLICATION.toString());
+ scopes.add(Scope.HANDLER.toString());
- JSONPermLoader factory = JSONPermLoaderFactory.direct(question);
+ JSONPermLoader factory = JSONPermLoaderFactory.direct(question);
- Result<String> loadJSONPerms = factory.loadJSONPerms(trans, "user", scopes);
+ Result<String> loadJSONPerms = factory.loadJSONPerms(trans, "user", scopes);
- assertEquals(Result.ERR_Backend, loadJSONPerms.status);
+ assertEquals(Result.ERR_Backend, loadJSONPerms.status);
- verify(tt, only()).done();
- }
+ verify(tt, only()).done();
+ }
- @Test
- public void testDirectWhenPdOk() throws APIException, CadiException {
+ @Test
+ public void testDirectWhenPdOk() throws APIException, CadiException {
- when(trans.start("Cached DB Perm lookup", Env.SUB)).thenReturn(tt);
- when(question.deriveNsSplit(trans, "name")).thenReturn(rdns);
- when(rdns.isOKhasData()).thenReturn(false);
+ when(trans.start("Cached DB Perm lookup", Env.SUB)).thenReturn(tt);
+ when(question.deriveNsSplit(trans, "name")).thenReturn(rdns);
+ when(rdns.isOKhasData()).thenReturn(false);
- List<PermDAO.Data> list = new ArrayList<PermDAO.Data>();
- list.add(new PermDAO.Data(nss, "instance", "action"));
- list.add(new PermDAO.Data(nss, "instance", "action"));
+ List<PermDAO.Data> list = new ArrayList<PermDAO.Data>();
+ list.add(new PermDAO.Data(nss, "instance", "action"));
+ list.add(new PermDAO.Data(nss, "instance", "action"));
- Result<List<PermDAO.Data>> pd = Result.create(list, Result.OK, "details", "vars");
+ Result<List<PermDAO.Data>> pd = Result.create(list, Result.OK, "details", "vars");
- when(question.getPermsByUser(trans, "user", false)).thenReturn(pd);
+ when(question.getPermsByUser(trans, "user", false)).thenReturn(pd);
- Set<String> scopes = new HashSet<String>();
- scopes.add(Scope.APPLICATION.toString());
- scopes.add(Scope.HANDLER.toString());
+ Set<String> scopes = new HashSet<String>();
+ scopes.add(Scope.APPLICATION.toString());
+ scopes.add(Scope.HANDLER.toString());
- JSONPermLoader factory = JSONPermLoaderFactory.direct(question);
+ JSONPermLoader factory = JSONPermLoaderFactory.direct(question);
- Result<String> loadJSONPerms = factory.loadJSONPerms(trans, "user", scopes);
+ Result<String> loadJSONPerms = factory.loadJSONPerms(trans, "user", scopes);
- assertEquals(Result.OK, loadJSONPerms.status);
- assertEquals("Success", loadJSONPerms.details);
- assertEquals(
- "{\"perm\":[{\"ns\":\"APPLICATION\",\"type\":\"APPLICATION\",\"instance\":\"instance\",\"action\":\"action\"},{\"ns\":\"APPLICATION\",\"type\":\"APPLICATION\",\"instance\":\"instance\",\"action\":\"action\"}]}",
- loadJSONPerms.value);
+ assertEquals(Result.OK, loadJSONPerms.status);
+ assertEquals("Success", loadJSONPerms.details);
+ assertEquals(
+ "{\"perm\":[{\"ns\":\"APPLICATION\",\"type\":\"APPLICATION\",\"instance\":\"instance\",\"action\":\"action\"},{\"ns\":\"APPLICATION\",\"type\":\"APPLICATION\",\"instance\":\"instance\",\"action\":\"action\"}]}",
+ loadJSONPerms.value);
- verify(tt, only()).done();
- }
+ verify(tt, only()).done();
+ }
}
diff --git a/auth/auth-oauth/src/test/java/org/onap/aaf/auth/oauth/service/JU_OCredsTest.java b/auth/auth-oauth/src/test/java/org/onap/aaf/auth/oauth/service/JU_OCredsTest.java
index 1c16772b..51ea07a3 100644
--- a/auth/auth-oauth/src/test/java/org/onap/aaf/auth/oauth/service/JU_OCredsTest.java
+++ b/auth/auth-oauth/src/test/java/org/onap/aaf/auth/oauth/service/JU_OCredsTest.java
@@ -26,24 +26,24 @@ import org.junit.Test;
public class JU_OCredsTest {
- @Test
- public void test() {
- OCreds cred = new OCreds("client_id", "client_secret", "username", "password");
-
- assertEquals(cred.client_id, "client_id");
- assertEquals(cred.username, "username");
- assertEquals(new String(cred.client_secret), "client_secret");
- assertEquals(new String(cred.password), "password");
- }
-
- @Test
- public void testWithNullValues() {
- OCreds cred = new OCreds("client_id", null, "username", null);
-
- assertEquals(cred.client_id, "client_id");
- assertEquals(cred.username, "username");
- assertEquals(cred.client_secret, null);
- assertEquals(cred.password, null);
- }
+ @Test
+ public void test() {
+ OCreds cred = new OCreds("client_id", "client_secret", "username", "password");
+
+ assertEquals(cred.client_id, "client_id");
+ assertEquals(cred.username, "username");
+ assertEquals(new String(cred.client_secret), "client_secret");
+ assertEquals(new String(cred.password), "password");
+ }
+
+ @Test
+ public void testWithNullValues() {
+ OCreds cred = new OCreds("client_id", null, "username", null);
+
+ assertEquals(cred.client_id, "client_id");
+ assertEquals(cred.username, "username");
+ assertEquals(cred.client_secret, null);
+ assertEquals(cred.password, null);
+ }
}
diff --git a/auth/auth-service/src/main/java/org/onap/aaf/auth/service/AAF_Service.java b/auth/auth-service/src/main/java/org/onap/aaf/auth/service/AAF_Service.java
index 40640007..69cde411 100644
--- a/auth/auth-service/src/main/java/org/onap/aaf/auth/service/AAF_Service.java
+++ b/auth/auth-service/src/main/java/org/onap/aaf/auth/service/AAF_Service.java
@@ -70,168 +70,168 @@ import com.datastax.driver.core.Cluster;
public class AAF_Service extends AbsService<AuthzEnv,AuthzTrans> {
- private static final String ORGANIZATION = "Organization.";
-
- public final Question question;
- private AuthzFacade_2_0 facade;
- private AuthzFacade_2_0 facade_XML;
- private DirectAAFUserPass directAAFUserPass;
- private final Cluster cluster;
- //private final OAuthService oauthService;
-
- /**
- * Construct AuthzAPI with all the Context Supporting Routes that Authz needs
- *
- * @param env
- * @param decryptor
- * @throws APIException
- */
- public AAF_Service( final AuthzEnv env) throws Exception {
- super(env.access(), env);
-
- // Initialize Facade for all uses
- AuthzTrans trans = env.newTrans();
-
- cluster = org.onap.aaf.auth.dao.CassAccess.cluster(env,null);
-
- // Need Question for Security purposes (direct User/Authz Query in Filter)
- // Start Background Processing
- question = new Question(trans, cluster, CassAccess.KEYSPACE, true);
- DirectCertIdentity.set(question.certDAO);
-
- // Have AAFLocator object Create DirectLocators for Location needs
- AbsAAFLocator.setCreator(new DirectLocatorCreator(env, question.locateDAO));
-
- // Initialize Organizations... otherwise, first pass may miss
- int org_size = ORGANIZATION.length();
- for(String n : env.existingStaticSlotNames()) {
- if(n.startsWith(ORGANIZATION)) {
- OrganizationFactory.obtain(env, n.substring(org_size));
- }
- }
-
-
- // For direct Introspection needs.
- //oauthService = new OAuthService(trans, question);
-
- facade = AuthzFacadeFactory.v2_0(env,trans,Data.TYPE.JSON,question);
- facade_XML = AuthzFacadeFactory.v2_0(env,trans,Data.TYPE.XML,question);
-
- directAAFUserPass = new DirectAAFUserPass(trans.env(),question);
-
- // Print results and cleanup
- StringBuilder sb = new StringBuilder();
- trans.auditTrail(0, sb);
- if(sb.length()>0)env.init().log(sb);
- trans = null;
- sb = null;
-
- ////////////////////////////////////////////////////////////////////////////
- // Time Critical
- // These will always be evaluated first
- ////////////////////////////////////////////////////////////////////////
- API_Creds.timeSensitiveInit(env, this, facade,directAAFUserPass);
- API_Perms.timeSensitiveInit(this, facade);
- ////////////////////////////////////////////////////////////////////////
- // Service APIs
- ////////////////////////////////////////////////////////////////////////
- API_Creds.init(this, facade);
- API_UserRole.init(this, facade);
- API_Roles.init(this, facade);
- API_Perms.init(this, facade);
- API_NS.init(this, facade);
- API_User.init(this, facade);
- API_Delegate.init(this,facade);
- API_Approval.init(this, facade);
- API_History.init(this, facade);
-
- ////////////////////////////////////////////////////////////////////////
- // Management APIs
- ////////////////////////////////////////////////////////////////////////
- // There are several APIs around each concept, and it gets a bit too
- // long in this class to create. The initialization of these Management
- // APIs have therefore been pushed to StandAlone Classes with static
- // init functions
- API_Mgmt.init(this, facade);
- API_Api.init(this, facade);
-
- }
-
- @Override
- public Filter[] _filters(Object ... additionalTafLurs) throws CadiException, LocatorException {
- final String domain = FQI.reverseDomain(access.getProperty(Config.AAF_ROOT_NS,Config.AAF_ROOT_NS_DEF));
- try {
- Object[] atl=new Object[additionalTafLurs.length+2];
- atl[0]=new DirectAAFLur(env,question); // Note, this will be assigned by AuthzTransFilter to TrustChecker
- atl[1]= new BasicHttpTaf(env, directAAFUserPass,
- domain,Long.parseLong(env.getProperty(Config.AAF_CLEAN_INTERVAL, Config.AAF_CLEAN_INTERVAL_DEF)),
- false);
-
- if(additionalTafLurs.length>0) {
- System.arraycopy(additionalTafLurs, 0, atl, 2, additionalTafLurs.length);
- }
-
- return new Filter[] {
- new AuthzTransFilter(env,aafCon(),
- new AAFTrustChecker((Env)env),
- atl
- )};
- } catch (NumberFormatException e) {
- throw new CadiException("Invalid Property information", e);
- }
- }
-
-
-
- @SuppressWarnings("unchecked")
- @Override
- public Registrant<AuthzEnv>[] registrants(final int port) throws CadiException {
- return new Registrant[] {
- new DirectRegistrar(access,question.locateDAO,app_name,app_interface_version,port)
- };
- }
-
- @Override
- public void destroy() {
- Cache.stopTimer();
- if(cluster!=null) {
- cluster.close();
- }
- super.destroy();
- }
-
-
- /**
- * Setup XML and JSON implementations for each supported Version type
- *
- * We do this by taking the Code passed in and creating clones of these with the appropriate Facades and properties
- * to do Versions and Content switches
- *
- */
- public void route(HttpMethods meth, String path, API api, Code code) throws Exception {
- String version = "2.0";
- Class<?> respCls = facade.mapper().getClass(api);
- if(respCls==null) throw new Exception("Unknown class associated with " + api.getClass().getName() + ' ' + api.name());
- String application = applicationJSON(respCls, version);
-
- route(env,meth,path,code,application,"application/json;version=2.0","*/*");
- application = applicationXML(respCls, version);
- route(env,meth,path,code.clone(facade_XML,false),application,"text/xml;version=2.0");
- }
-
- /**
- * Start up AAF_Service as Jetty Service
- */
- public static void main(final String[] args) {
- try {
- Log4JLogIt logIt = new Log4JLogIt(args, "authz");
- PropAccess propAccess = new PropAccess(logIt,args);
-
- AbsService<AuthzEnv, AuthzTrans> service = new AAF_Service(new AuthzEnv(propAccess));
- JettyServiceStarter<AuthzEnv,AuthzTrans> jss = new JettyServiceStarter<AuthzEnv,AuthzTrans>(service);
- jss.start();
- } catch (Exception e) {
- e.printStackTrace();
- }
- }
+ private static final String ORGANIZATION = "Organization.";
+
+ public final Question question;
+ private AuthzFacade_2_0 facade;
+ private AuthzFacade_2_0 facade_XML;
+ private DirectAAFUserPass directAAFUserPass;
+ private final Cluster cluster;
+ //private final OAuthService oauthService;
+
+ /**
+ * Construct AuthzAPI with all the Context Supporting Routes that Authz needs
+ *
+ * @param env
+ * @param decryptor
+ * @throws APIException
+ */
+ public AAF_Service( final AuthzEnv env) throws Exception {
+ super(env.access(), env);
+
+ // Initialize Facade for all uses
+ AuthzTrans trans = env.newTrans();
+
+ cluster = org.onap.aaf.auth.dao.CassAccess.cluster(env,null);
+
+ // Need Question for Security purposes (direct User/Authz Query in Filter)
+ // Start Background Processing
+ question = new Question(trans, cluster, CassAccess.KEYSPACE, true);
+ DirectCertIdentity.set(question.certDAO);
+
+ // Have AAFLocator object Create DirectLocators for Location needs
+ AbsAAFLocator.setCreator(new DirectLocatorCreator(env, question.locateDAO));
+
+ // Initialize Organizations... otherwise, first pass may miss
+ int org_size = ORGANIZATION.length();
+ for(String n : env.existingStaticSlotNames()) {
+ if(n.startsWith(ORGANIZATION)) {
+ OrganizationFactory.obtain(env, n.substring(org_size));
+ }
+ }
+
+
+ // For direct Introspection needs.
+ //oauthService = new OAuthService(trans, question);
+
+ facade = AuthzFacadeFactory.v2_0(env,trans,Data.TYPE.JSON,question);
+ facade_XML = AuthzFacadeFactory.v2_0(env,trans,Data.TYPE.XML,question);
+
+ directAAFUserPass = new DirectAAFUserPass(trans.env(),question);
+
+ // Print results and cleanup
+ StringBuilder sb = new StringBuilder();
+ trans.auditTrail(0, sb);
+ if(sb.length()>0)env.init().log(sb);
+ trans = null;
+ sb = null;
+
+ ////////////////////////////////////////////////////////////////////////////
+ // Time Critical
+ // These will always be evaluated first
+ ////////////////////////////////////////////////////////////////////////
+ API_Creds.timeSensitiveInit(env, this, facade,directAAFUserPass);
+ API_Perms.timeSensitiveInit(this, facade);
+ ////////////////////////////////////////////////////////////////////////
+ // Service APIs
+ ////////////////////////////////////////////////////////////////////////
+ API_Creds.init(this, facade);
+ API_UserRole.init(this, facade);
+ API_Roles.init(this, facade);
+ API_Perms.init(this, facade);
+ API_NS.init(this, facade);
+ API_User.init(this, facade);
+ API_Delegate.init(this,facade);
+ API_Approval.init(this, facade);
+ API_History.init(this, facade);
+
+ ////////////////////////////////////////////////////////////////////////
+ // Management APIs
+ ////////////////////////////////////////////////////////////////////////
+ // There are several APIs around each concept, and it gets a bit too
+ // long in this class to create. The initialization of these Management
+ // APIs have therefore been pushed to StandAlone Classes with static
+ // init functions
+ API_Mgmt.init(this, facade);
+ API_Api.init(this, facade);
+
+ }
+
+ @Override
+ public Filter[] _filters(Object ... additionalTafLurs) throws CadiException, LocatorException {
+ final String domain = FQI.reverseDomain(access.getProperty(Config.AAF_ROOT_NS,Config.AAF_ROOT_NS_DEF));
+ try {
+ Object[] atl=new Object[additionalTafLurs.length+2];
+ atl[0]=new DirectAAFLur(env,question); // Note, this will be assigned by AuthzTransFilter to TrustChecker
+ atl[1]= new BasicHttpTaf(env, directAAFUserPass,
+ domain,Long.parseLong(env.getProperty(Config.AAF_CLEAN_INTERVAL, Config.AAF_CLEAN_INTERVAL_DEF)),
+ false);
+
+ if(additionalTafLurs.length>0) {
+ System.arraycopy(additionalTafLurs, 0, atl, 2, additionalTafLurs.length);
+ }
+
+ return new Filter[] {
+ new AuthzTransFilter(env,aafCon(),
+ new AAFTrustChecker((Env)env),
+ atl
+ )};
+ } catch (NumberFormatException e) {
+ throw new CadiException("Invalid Property information", e);
+ }
+ }
+
+
+
+ @SuppressWarnings("unchecked")
+ @Override
+ public Registrant<AuthzEnv>[] registrants(final int port) throws CadiException {
+ return new Registrant[] {
+ new DirectRegistrar(access,question.locateDAO,app_name,app_interface_version,port)
+ };
+ }
+
+ @Override
+ public void destroy() {
+ Cache.stopTimer();
+ if(cluster!=null) {
+ cluster.close();
+ }
+ super.destroy();
+ }
+
+
+ /**
+ * Setup XML and JSON implementations for each supported Version type
+ *
+ * We do this by taking the Code passed in and creating clones of these with the appropriate Facades and properties
+ * to do Versions and Content switches
+ *
+ */
+ public void route(HttpMethods meth, String path, API api, Code code) throws Exception {
+ String version = "2.0";
+ Class<?> respCls = facade.mapper().getClass(api);
+ if(respCls==null) throw new Exception("Unknown class associated with " + api.getClass().getName() + ' ' + api.name());
+ String application = applicationJSON(respCls, version);
+
+ route(env,meth,path,code,application,"application/json;version=2.0","*/*");
+ application = applicationXML(respCls, version);
+ route(env,meth,path,code.clone(facade_XML,false),application,"text/xml;version=2.0");
+ }
+
+ /**
+ * Start up AAF_Service as Jetty Service
+ */
+ public static void main(final String[] args) {
+ try {
+ Log4JLogIt logIt = new Log4JLogIt(args, "authz");
+ PropAccess propAccess = new PropAccess(logIt,args);
+
+ AbsService<AuthzEnv, AuthzTrans> service = new AAF_Service(new AuthzEnv(propAccess));
+ JettyServiceStarter<AuthzEnv,AuthzTrans> jss = new JettyServiceStarter<AuthzEnv,AuthzTrans>(service);
+ jss.start();
+ } catch (Exception e) {
+ e.printStackTrace();
+ }
+ }
}
diff --git a/auth/auth-service/src/main/java/org/onap/aaf/auth/service/AuthzCassServiceImpl.java b/auth/auth-service/src/main/java/org/onap/aaf/auth/service/AuthzCassServiceImpl.java
index 668d482c..c3e92df4 100644
--- a/auth/auth-service/src/main/java/org/onap/aaf/auth/service/AuthzCassServiceImpl.java
+++ b/auth/auth-service/src/main/java/org/onap/aaf/auth/service/AuthzCassServiceImpl.java
@@ -107,1160 +107,1160 @@ import aaf.v2_0.CredRequest;
* @param <ERR>
* @param <APPROVALS>
*/
-public class AuthzCassServiceImpl <NSS,PERMS,PERMKEY,ROLES,USERS,USERROLES,DELGS,CERTS,KEYS,REQUEST,HISTORY,ERR,APPROVALS>
- implements AuthzService <NSS,PERMS,PERMKEY,ROLES,USERS,USERROLES,DELGS,CERTS,KEYS,REQUEST,HISTORY,ERR,APPROVALS> {
-
- private Mapper <NSS,PERMS,PERMKEY,ROLES,USERS,USERROLES,DELGS,CERTS,KEYS,REQUEST,HISTORY,ERR,APPROVALS> mapper;
- @Override
- public Mapper <NSS,PERMS,PERMKEY,ROLES,USERS,USERROLES,DELGS,CERTS,KEYS,REQUEST,HISTORY,ERR,APPROVALS> mapper() {return mapper;}
-
- private static final String ASTERIX = "*";
- private static final String CACHE = "cache";
- private static final String ROOT_NS = Define.ROOT_NS();
- private static final String ROOT_COMPANY = Define.ROOT_COMPANY();
-
- private final Question ques;
- private final Function func;
-
- public AuthzCassServiceImpl(AuthzTrans trans, Mapper<NSS,PERMS,PERMKEY,ROLES,USERS,USERROLES,DELGS,CERTS,KEYS,REQUEST,HISTORY,ERR,APPROVALS> mapper,Question question) {
- this.ques = question;
- func = new Function(trans, question);
- this.mapper = mapper;
-
- }
+public class AuthzCassServiceImpl <NSS,PERMS,PERMKEY,ROLES,USERS,USERROLES,DELGS,CERTS,KEYS,REQUEST,HISTORY,ERR,APPROVALS>
+ implements AuthzService <NSS,PERMS,PERMKEY,ROLES,USERS,USERROLES,DELGS,CERTS,KEYS,REQUEST,HISTORY,ERR,APPROVALS> {
+
+ private Mapper <NSS,PERMS,PERMKEY,ROLES,USERS,USERROLES,DELGS,CERTS,KEYS,REQUEST,HISTORY,ERR,APPROVALS> mapper;
+ @Override
+ public Mapper <NSS,PERMS,PERMKEY,ROLES,USERS,USERROLES,DELGS,CERTS,KEYS,REQUEST,HISTORY,ERR,APPROVALS> mapper() {return mapper;}
+
+ private static final String ASTERIX = "*";
+ private static final String CACHE = "cache";
+ private static final String ROOT_NS = Define.ROOT_NS();
+ private static final String ROOT_COMPANY = Define.ROOT_COMPANY();
+
+ private final Question ques;
+ private final Function func;
+
+ public AuthzCassServiceImpl(AuthzTrans trans, Mapper<NSS,PERMS,PERMKEY,ROLES,USERS,USERROLES,DELGS,CERTS,KEYS,REQUEST,HISTORY,ERR,APPROVALS> mapper,Question question) {
+ this.ques = question;
+ func = new Function(trans, question);
+ this.mapper = mapper;
+
+ }
/***********************************
* NAMESPACE
***********************************/
- /**
- * createNS
- * @throws DAOException
- * @see org.onap.aaf.auth.service.AuthzService#createNS(org.onap.aaf.auth.env.test.AuthzTrans, java.lang.String, java.lang.String)
- */
- @ApiDoc(
- method = POST,
- path = "/authz/ns",
- params = {},
- expectedCode = 201,
- errorCodes = { 403,404,406,409 },
- text = { "Namespace consists of: ",
- "<ul><li>name - What you want to call this Namespace</li>",
- "<li>responsible(s) - Person(s) who receive Notifications and approves Requests ",
- "regarding this Namespace. Companies have Policies as to who may take on ",
- "this Responsibility. Separate multiple identities with commas</li>",
- "<li>admin(s) - Person(s) who are allowed to make changes on the namespace, ",
- "including creating Roles, Permissions and Credentials. Separate multiple ",
- "identities with commas</li></ul>",
- "Note: Namespaces are dot-delimited (i.e. com.myCompany.myApp) and must be ",
- "created with parent credentials (i.e. To create com.myCompany.myApp, you must ",
- "be an admin of com.myCompany or com"
- }
- )
- @Override
- public Result<Void> createNS(final AuthzTrans trans, REQUEST from, NsType type) {
- final Result<Namespace> rnamespace = mapper.ns(trans, from);
- final ServiceValidator v = new ServiceValidator();
- if(v.ns(rnamespace).err()) {
- return Result.err(Status.ERR_BadData,v.errs());
- }
- final Namespace namespace = rnamespace.value;
- final Result<NsDAO.Data> parentNs = ques.deriveNs(trans,namespace.name);
- if(parentNs.notOK()) {
- return Result.err(parentNs);
- }
-
- if(namespace.name.lastIndexOf('.')<0) { // Root Namespace... Function will check if allowed
- return func.createNS(trans, namespace, false);
- }
-
- Result<FutureDAO.Data> fd = mapper.future(trans, NsDAO.TABLE,from,namespace,true,
- new Mapper.Memo() {
- @Override
- public String get() {
- return "Create Namespace [" + namespace.name + ']';
- }
- },
- new MayChange() {
- private Result<NsDAO.Data> rnd;
- @Override
- public Result<?> mayChange() {
- if(rnd==null) {
- rnd = ques.mayUser(trans, trans.user(), parentNs.value,Access.write);
- }
- return rnd;
- }
- });
- switch(fd.status) {
- case OK:
- Result<String> rfc = func.createFuture(trans, fd.value, namespace.name, trans.user(),parentNs.value, FUTURE_OP.C);
- if(rfc.isOK()) {
- return Result.err(Status.ACC_Future, "NS [%s] is saved for future processing",namespace.name);
- } else {
- return Result.err(rfc);
- }
- case Status.ACC_Now:
- return func.createNS(trans, namespace, false);
- default:
- return Result.err(fd);
- }
- }
-
- @ApiDoc(
- method = POST,
- path = "/authz/ns/:ns/admin/:id",
- params = { "ns|string|true",
- "id|string|true"
- },
- expectedCode = 201,
- errorCodes = { 403,404,406,409 },
- text = { "Add an Identity :id to the list of Admins for the Namespace :ns",
- "Note: :id must be fully qualified (i.e. ab1234@people.osaaf.org)" }
- )
- @Override
- public Result<Void> addAdminNS(AuthzTrans trans, String ns, String id) {
- return func.addUserRole(trans, id, ns,Question.ADMIN);
- }
-
- @ApiDoc(
- method = DELETE,
- path = "/authz/ns/:ns/admin/:id",
- params = { "ns|string|true",
- "id|string|true"
- },
- expectedCode = 200,
- errorCodes = { 403,404 },
- text = { "Remove an Identity :id from the list of Admins for the Namespace :ns",
- "Note: :id must be fully qualified (i.e. ab1234@people.osaaf.org)" }
- )
- @Override
- public Result<Void> delAdminNS(AuthzTrans trans, String ns, String id) {
- return func.delAdmin(trans,ns,id);
- }
-
- @ApiDoc(
- method = POST,
- path = "/authz/ns/:ns/responsible/:id",
- params = { "ns|string|true",
- "id|string|true"
- },
- expectedCode = 201,
- errorCodes = { 403,404,406,409 },
- text = { "Add an Identity :id to the list of Responsibles for the Namespace :ns",
- "Note: :id must be fully qualified (i.e. ab1234@people.osaaf.org)" }
- )
- @Override
- public Result<Void> addResponsibleNS(AuthzTrans trans, String ns, String id) {
- return func.addUserRole(trans,id,ns,Question.OWNER);
- }
-
- @ApiDoc(
- method = DELETE,
- path = "/authz/ns/:ns/responsible/:id",
- params = { "ns|string|true",
- "id|string|true"
- },
- expectedCode = 200,
- errorCodes = { 403,404 },
- text = { "Remove an Identity :id to the list of Responsibles for the Namespace :ns",
- "Note: :id must be fully qualified (i.e. ab1234@people.osaaf.org)",
- "Note: A namespace must have at least 1 responsible party"
- }
- )
- @Override
- public Result<Void> delResponsibleNS(AuthzTrans trans, String ns, String id) {
- return func.delOwner(trans,ns,id);
- }
-
- /* (non-Javadoc)
- * @see org.onap.aaf.auth.service.AuthzService#applyModel(org.onap.aaf.auth.env.test.AuthzTrans, java.lang.Object)
- */
- @ApiDoc(
- method = POST,
- path = "/authz/ns/:ns/attrib/:key/:value",
- params = { "ns|string|true",
- "key|string|true",
- "value|string|true"},
- expectedCode = 201,
- errorCodes = { 403,404,406,409 },
- text = {
- "Create an attribute in the Namespace",
- "You must be given direct permission for key by AAF"
- }
- )
- @Override
- public Result<Void> createNsAttrib(AuthzTrans trans, String ns, String key, String value) {
- TimeTaken tt = trans.start("Create NsAttrib " + ns + ':' + key + ':' + value, Env.SUB);
- try {
- // Check inputs
- final Validator v = new ServiceValidator();
- if(v.ns(ns).err() ||
- v.key(key).err() ||
- v.value(value).err()) {
- return Result.err(Status.ERR_BadData,v.errs());
- }
-
- // Check if exists already
- Result<List<Data>> rlnsd = ques.nsDAO.read(trans, ns);
- if(rlnsd.notOKorIsEmpty()) {
- return Result.err(rlnsd);
- }
- NsDAO.Data nsd = rlnsd.value.get(0);
-
- // Check for Existence
- if(nsd.attrib.get(key)!=null) {
- return Result.err(Status.ERR_ConflictAlreadyExists, "NS Property %s:%s exists", ns, key);
- }
-
- // Check if User may put
- if(!ques.isGranted(trans, trans.user(), ROOT_NS, Question.ATTRIB,
- ":"+trans.org().getDomain()+".*:"+key, Access.write.name())) {
- return Result.err(Status.ERR_Denied, "%s may not create NS Attrib [%s:%s]", trans.user(),ns, key);
- }
-
- // Add Attrib
- nsd.attrib.put(key, value);
- ques.nsDAO.dao().attribAdd(trans,ns,key,value);
- return Result.ok();
- } finally {
- tt.done();
- }
- }
-
- @ApiDoc(
- method = GET,
- path = "/authz/ns/attrib/:key",
- params = { "key|string|true" },
- expectedCode = 200,
- errorCodes = { 403,404 },
- text = {
- "Read Attributes for Namespace"
- }
- )
- @Override
- public Result<KEYS> readNsByAttrib(AuthzTrans trans, String key) {
- // Check inputs
- final Validator v = new ServiceValidator();
- if(v.nullOrBlank("Key",key).err()) {
- return Result.err(Status.ERR_BadData,v.errs());
- }
-
- // May Read
- if(!ques.isGranted(trans, trans.user(), ROOT_NS, Question.ATTRIB,
- ":"+trans.org().getDomain()+".*:"+key, Question.READ)) {
- return Result.err(Status.ERR_Denied,"%s may not read NS by Attrib '%s'",trans.user(),key);
- }
-
- Result<Set<String>> rsd = ques.nsDAO.dao().readNsByAttrib(trans, key);
- if(rsd.notOK()) {
- return Result.err(rsd);
- }
- return mapper().keys(rsd.value);
- }
-
-
- @ApiDoc(
- method = PUT,
- path = "/authz/ns/:ns/attrib/:key/:value",
- params = { "ns|string|true",
- "key|string|true"},
- expectedCode = 200,
- errorCodes = { 403,404 },
- text = {
- "Update Value on an existing attribute in the Namespace",
- "You must be given direct permission for key by AAF"
- }
- )
- @Override
- public Result<?> updateNsAttrib(AuthzTrans trans, String ns, String key, String value) {
- TimeTaken tt = trans.start("Update NsAttrib " + ns + ':' + key + ':' + value, Env.SUB);
- try {
- // Check inputs
- final Validator v = new ServiceValidator();
- if(v.ns(ns).err() ||
- v.key(key).err() ||
- v.value(value).err()) {
- return Result.err(Status.ERR_BadData,v.errs());
- }
-
- // Check if exists already (NS must exist)
- Result<List<Data>> rlnsd = ques.nsDAO.read(trans, ns);
- if(rlnsd.notOKorIsEmpty()) {
- return Result.err(rlnsd);
- }
- NsDAO.Data nsd = rlnsd.value.get(0);
-
- // Check for Existence
- if(nsd.attrib.get(key)==null) {
- return Result.err(Status.ERR_NotFound, "NS Property %s:%s exists", ns, key);
- }
-
- // Check if User may put
- if(!ques.isGranted(trans, trans.user(), ROOT_NS, Question.ATTRIB,
- ":"+trans.org().getDomain()+".*:"+key, Access.write.name())) {
- return Result.err(Status.ERR_Denied, "%s may not create NS Attrib [%s:%s]", trans.user(),ns, key);
- }
-
- // Add Attrib
- nsd.attrib.put(key, value);
-
- return ques.nsDAO.update(trans,nsd);
+ /**
+ * createNS
+ * @throws DAOException
+ * @see org.onap.aaf.auth.service.AuthzService#createNS(org.onap.aaf.auth.env.test.AuthzTrans, java.lang.String, java.lang.String)
+ */
+ @ApiDoc(
+ method = POST,
+ path = "/authz/ns",
+ params = {},
+ expectedCode = 201,
+ errorCodes = { 403,404,406,409 },
+ text = { "Namespace consists of: ",
+ "<ul><li>name - What you want to call this Namespace</li>",
+ "<li>responsible(s) - Person(s) who receive Notifications and approves Requests ",
+ "regarding this Namespace. Companies have Policies as to who may take on ",
+ "this Responsibility. Separate multiple identities with commas</li>",
+ "<li>admin(s) - Person(s) who are allowed to make changes on the namespace, ",
+ "including creating Roles, Permissions and Credentials. Separate multiple ",
+ "identities with commas</li></ul>",
+ "Note: Namespaces are dot-delimited (i.e. com.myCompany.myApp) and must be ",
+ "created with parent credentials (i.e. To create com.myCompany.myApp, you must ",
+ "be an admin of com.myCompany or com"
+ }
+ )
+ @Override
+ public Result<Void> createNS(final AuthzTrans trans, REQUEST from, NsType type) {
+ final Result<Namespace> rnamespace = mapper.ns(trans, from);
+ final ServiceValidator v = new ServiceValidator();
+ if(v.ns(rnamespace).err()) {
+ return Result.err(Status.ERR_BadData,v.errs());
+ }
+ final Namespace namespace = rnamespace.value;
+ final Result<NsDAO.Data> parentNs = ques.deriveNs(trans,namespace.name);
+ if(parentNs.notOK()) {
+ return Result.err(parentNs);
+ }
+
+ if(namespace.name.lastIndexOf('.')<0) { // Root Namespace... Function will check if allowed
+ return func.createNS(trans, namespace, false);
+ }
+
+ Result<FutureDAO.Data> fd = mapper.future(trans, NsDAO.TABLE,from,namespace,true,
+ new Mapper.Memo() {
+ @Override
+ public String get() {
+ return "Create Namespace [" + namespace.name + ']';
+ }
+ },
+ new MayChange() {
+ private Result<NsDAO.Data> rnd;
+ @Override
+ public Result<?> mayChange() {
+ if(rnd==null) {
+ rnd = ques.mayUser(trans, trans.user(), parentNs.value,Access.write);
+ }
+ return rnd;
+ }
+ });
+ switch(fd.status) {
+ case OK:
+ Result<String> rfc = func.createFuture(trans, fd.value, namespace.name, trans.user(),parentNs.value, FUTURE_OP.C);
+ if(rfc.isOK()) {
+ return Result.err(Status.ACC_Future, "NS [%s] is saved for future processing",namespace.name);
+ } else {
+ return Result.err(rfc);
+ }
+ case Status.ACC_Now:
+ return func.createNS(trans, namespace, false);
+ default:
+ return Result.err(fd);
+ }
+ }
+
+ @ApiDoc(
+ method = POST,
+ path = "/authz/ns/:ns/admin/:id",
+ params = { "ns|string|true",
+ "id|string|true"
+ },
+ expectedCode = 201,
+ errorCodes = { 403,404,406,409 },
+ text = { "Add an Identity :id to the list of Admins for the Namespace :ns",
+ "Note: :id must be fully qualified (i.e. ab1234@people.osaaf.org)" }
+ )
+ @Override
+ public Result<Void> addAdminNS(AuthzTrans trans, String ns, String id) {
+ return func.addUserRole(trans, id, ns,Question.ADMIN);
+ }
+
+ @ApiDoc(
+ method = DELETE,
+ path = "/authz/ns/:ns/admin/:id",
+ params = { "ns|string|true",
+ "id|string|true"
+ },
+ expectedCode = 200,
+ errorCodes = { 403,404 },
+ text = { "Remove an Identity :id from the list of Admins for the Namespace :ns",
+ "Note: :id must be fully qualified (i.e. ab1234@people.osaaf.org)" }
+ )
+ @Override
+ public Result<Void> delAdminNS(AuthzTrans trans, String ns, String id) {
+ return func.delAdmin(trans,ns,id);
+ }
+
+ @ApiDoc(
+ method = POST,
+ path = "/authz/ns/:ns/responsible/:id",
+ params = { "ns|string|true",
+ "id|string|true"
+ },
+ expectedCode = 201,
+ errorCodes = { 403,404,406,409 },
+ text = { "Add an Identity :id to the list of Responsibles for the Namespace :ns",
+ "Note: :id must be fully qualified (i.e. ab1234@people.osaaf.org)" }
+ )
+ @Override
+ public Result<Void> addResponsibleNS(AuthzTrans trans, String ns, String id) {
+ return func.addUserRole(trans,id,ns,Question.OWNER);
+ }
+
+ @ApiDoc(
+ method = DELETE,
+ path = "/authz/ns/:ns/responsible/:id",
+ params = { "ns|string|true",
+ "id|string|true"
+ },
+ expectedCode = 200,
+ errorCodes = { 403,404 },
+ text = { "Remove an Identity :id to the list of Responsibles for the Namespace :ns",
+ "Note: :id must be fully qualified (i.e. ab1234@people.osaaf.org)",
+ "Note: A namespace must have at least 1 responsible party"
+ }
+ )
+ @Override
+ public Result<Void> delResponsibleNS(AuthzTrans trans, String ns, String id) {
+ return func.delOwner(trans,ns,id);
+ }
+
+ /* (non-Javadoc)
+ * @see org.onap.aaf.auth.service.AuthzService#applyModel(org.onap.aaf.auth.env.test.AuthzTrans, java.lang.Object)
+ */
+ @ApiDoc(
+ method = POST,
+ path = "/authz/ns/:ns/attrib/:key/:value",
+ params = { "ns|string|true",
+ "key|string|true",
+ "value|string|true"},
+ expectedCode = 201,
+ errorCodes = { 403,404,406,409 },
+ text = {
+ "Create an attribute in the Namespace",
+ "You must be given direct permission for key by AAF"
+ }
+ )
+ @Override
+ public Result<Void> createNsAttrib(AuthzTrans trans, String ns, String key, String value) {
+ TimeTaken tt = trans.start("Create NsAttrib " + ns + ':' + key + ':' + value, Env.SUB);
+ try {
+ // Check inputs
+ final Validator v = new ServiceValidator();
+ if(v.ns(ns).err() ||
+ v.key(key).err() ||
+ v.value(value).err()) {
+ return Result.err(Status.ERR_BadData,v.errs());
+ }
+
+ // Check if exists already
+ Result<List<Data>> rlnsd = ques.nsDAO.read(trans, ns);
+ if(rlnsd.notOKorIsEmpty()) {
+ return Result.err(rlnsd);
+ }
+ NsDAO.Data nsd = rlnsd.value.get(0);
+
+ // Check for Existence
+ if(nsd.attrib.get(key)!=null) {
+ return Result.err(Status.ERR_ConflictAlreadyExists, "NS Property %s:%s exists", ns, key);
+ }
+
+ // Check if User may put
+ if(!ques.isGranted(trans, trans.user(), ROOT_NS, Question.ATTRIB,
+ ":"+trans.org().getDomain()+".*:"+key, Access.write.name())) {
+ return Result.err(Status.ERR_Denied, "%s may not create NS Attrib [%s:%s]", trans.user(),ns, key);
+ }
+
+ // Add Attrib
+ nsd.attrib.put(key, value);
+ ques.nsDAO.dao().attribAdd(trans,ns,key,value);
+ return Result.ok();
+ } finally {
+ tt.done();
+ }
+ }
+
+ @ApiDoc(
+ method = GET,
+ path = "/authz/ns/attrib/:key",
+ params = { "key|string|true" },
+ expectedCode = 200,
+ errorCodes = { 403,404 },
+ text = {
+ "Read Attributes for Namespace"
+ }
+ )
+ @Override
+ public Result<KEYS> readNsByAttrib(AuthzTrans trans, String key) {
+ // Check inputs
+ final Validator v = new ServiceValidator();
+ if(v.nullOrBlank("Key",key).err()) {
+ return Result.err(Status.ERR_BadData,v.errs());
+ }
+
+ // May Read
+ if(!ques.isGranted(trans, trans.user(), ROOT_NS, Question.ATTRIB,
+ ":"+trans.org().getDomain()+".*:"+key, Question.READ)) {
+ return Result.err(Status.ERR_Denied,"%s may not read NS by Attrib '%s'",trans.user(),key);
+ }
+
+ Result<Set<String>> rsd = ques.nsDAO.dao().readNsByAttrib(trans, key);
+ if(rsd.notOK()) {
+ return Result.err(rsd);
+ }
+ return mapper().keys(rsd.value);
+ }
+
+
+ @ApiDoc(
+ method = PUT,
+ path = "/authz/ns/:ns/attrib/:key/:value",
+ params = { "ns|string|true",
+ "key|string|true"},
+ expectedCode = 200,
+ errorCodes = { 403,404 },
+ text = {
+ "Update Value on an existing attribute in the Namespace",
+ "You must be given direct permission for key by AAF"
+ }
+ )
+ @Override
+ public Result<?> updateNsAttrib(AuthzTrans trans, String ns, String key, String value) {
+ TimeTaken tt = trans.start("Update NsAttrib " + ns + ':' + key + ':' + value, Env.SUB);
+ try {
+ // Check inputs
+ final Validator v = new ServiceValidator();
+ if(v.ns(ns).err() ||
+ v.key(key).err() ||
+ v.value(value).err()) {
+ return Result.err(Status.ERR_BadData,v.errs());
+ }
+
+ // Check if exists already (NS must exist)
+ Result<List<Data>> rlnsd = ques.nsDAO.read(trans, ns);
+ if(rlnsd.notOKorIsEmpty()) {
+ return Result.err(rlnsd);
+ }
+ NsDAO.Data nsd = rlnsd.value.get(0);
+
+ // Check for Existence
+ if(nsd.attrib.get(key)==null) {
+ return Result.err(Status.ERR_NotFound, "NS Property %s:%s exists", ns, key);
+ }
+
+ // Check if User may put
+ if(!ques.isGranted(trans, trans.user(), ROOT_NS, Question.ATTRIB,
+ ":"+trans.org().getDomain()+".*:"+key, Access.write.name())) {
+ return Result.err(Status.ERR_Denied, "%s may not create NS Attrib [%s:%s]", trans.user(),ns, key);
+ }
+
+ // Add Attrib
+ nsd.attrib.put(key, value);
+
+ return ques.nsDAO.update(trans,nsd);
- } finally {
- tt.done();
- }
- }
-
- @ApiDoc(
- method = DELETE,
- path = "/authz/ns/:ns/attrib/:key",
- params = { "ns|string|true",
- "key|string|true"},
- expectedCode = 200,
- errorCodes = { 403,404 },
- text = {
- "Delete an attribute in the Namespace",
- "You must be given direct permission for key by AAF"
- }
- )
- @Override
- public Result<Void> deleteNsAttrib(AuthzTrans trans, String ns, String key) {
- TimeTaken tt = trans.start("Delete NsAttrib " + ns + ':' + key, Env.SUB);
- try {
- // Check inputs
- final Validator v = new ServiceValidator();
- if(v.nullOrBlank("NS",ns).err() ||
- v.nullOrBlank("Key",key).err()) {
- return Result.err(Status.ERR_BadData,v.errs());
- }
-
- // Check if exists already
- Result<List<Data>> rlnsd = ques.nsDAO.read(trans, ns);
- if(rlnsd.notOKorIsEmpty()) {
- return Result.err(rlnsd);
- }
- NsDAO.Data nsd = rlnsd.value.get(0);
-
- // Check for Existence
- if(nsd.attrib.get(key)==null) {
- return Result.err(Status.ERR_NotFound, "NS Property [%s:%s] does not exist", ns, key);
- }
-
- // Check if User may del
- if(!ques.isGranted(trans, trans.user(), ROOT_NS, "attrib", ":" + ROOT_COMPANY + ".*:"+key, Access.write.name())) {
- return Result.err(Status.ERR_Denied, "%s may not delete NS Attrib [%s:%s]", trans.user(),ns, key);
- }
-
- // Add Attrib
- nsd.attrib.remove(key);
- ques.nsDAO.dao().attribRemove(trans,ns,key);
- return Result.ok();
- } finally {
- tt.done();
- }
- }
-
- @ApiDoc(
- method = GET,
- path = "/authz/nss/:id",
- params = { "id|string|true" },
- expectedCode = 200,
- errorCodes = { 404,406 },
- text = {
- "Lists the Admin(s), Responsible Party(s), Role(s), Permission(s)",
- "Credential(s) and Expiration of Credential(s) in Namespace :id",
- }
- )
- @Override
- public Result<NSS> getNSbyName(AuthzTrans trans, String ns) {
- final Validator v = new ServiceValidator();
- if(v.nullOrBlank("NS", ns).err()) {
- return Result.err(Status.ERR_BadData,v.errs());
- }
-
- Result<List<NsDAO.Data>> rlnd = ques.nsDAO.read(trans, ns);
- if(rlnd.isOK()) {
- if(rlnd.isEmpty()) {
- return Result.err(Status.ERR_NotFound, "No data found for %s",ns);
- }
- Result<NsDAO.Data> rnd = ques.mayUser(trans, trans.user(), rlnd.value.get(0), Access.read);
- if(rnd.notOK()) {
- return Result.err(rnd);
- }
-
-
- Namespace namespace = new Namespace(rnd.value);
- Result<List<String>> rd = func.getOwners(trans, namespace.name, false);
- if(rd.isOK()) {
- namespace.owner = rd.value;
- }
- rd = func.getAdmins(trans, namespace.name, false);
- if(rd.isOK()) {
- namespace.admin = rd.value;
- }
-
- NSS nss = mapper.newInstance(API.NSS);
- return mapper.nss(trans, namespace, nss);
- } else {
- return Result.err(rlnd);
- }
- }
-
- @ApiDoc(
- method = GET,
- path = "/authz/nss/admin/:id",
- params = { "id|string|true" },
- expectedCode = 200,
- errorCodes = { 403,404 },
- text = { "Lists all Namespaces where Identity :id is an Admin",
- "Note: :id must be fully qualified (i.e. ab1234@people.osaaf.org)"
- }
- )
- @Override
- public Result<NSS> getNSbyAdmin(AuthzTrans trans, String user, boolean full) {
- final Validator v = new ServiceValidator();
- if (v.nullOrBlank("User", user).err()) {
- return Result.err(Status.ERR_BadData, v.errs());
- }
-
- Result<Collection<Namespace>> rn = loadNamepace(trans, user, ".admin", full);
- if(rn.notOK()) {
- return Result.err(rn);
- }
- if (rn.isEmpty()) {
- return Result.err(Status.ERR_NotFound, "[%s] is not an admin for any namespaces",user);
- }
- NSS nss = mapper.newInstance(API.NSS);
- // Note: "loadNamespace" already validates view of Namespace
- return mapper.nss(trans, rn.value, nss);
- }
-
- @ApiDoc(
- method = GET,
- path = "/authz/nss/either/:id",
- params = { "id|string|true" },
- expectedCode = 200,
- errorCodes = { 403,404 },
- text = { "Lists all Namespaces where Identity :id is either an Admin or an Owner",
- "Note: :id must be fully qualified (i.e. ab1234@people.osaaf.org)"
- }
- )
- @Override
- public Result<NSS> getNSbyEither(AuthzTrans trans, String user, boolean full) {
- final Validator v = new ServiceValidator();
- if (v.nullOrBlank("User", user).err()) {
- return Result.err(Status.ERR_BadData, v.errs());
- }
-
- Result<Collection<Namespace>> rn = loadNamepace(trans, user, null, full);
- if(rn.notOK()) {
- return Result.err(rn);
- }
- if (rn.isEmpty()) {
- return Result.err(Status.ERR_NotFound, "[%s] is not an admin or owner for any namespaces",user);
- }
- NSS nss = mapper.newInstance(API.NSS);
- // Note: "loadNamespace" already validates view of Namespace
- return mapper.nss(trans, rn.value, nss);
- }
-
- private Result<Collection<Namespace>> loadNamepace(AuthzTrans trans, String user, String endsWith, boolean full) {
- Result<List<UserRoleDAO.Data>> urd = ques.userRoleDAO.readByUser(trans, user);
- if(urd.notOKorIsEmpty()) {
- return Result.err(urd);
- }
- Map<String, Namespace> lm = new HashMap<>();
- Map<String, Namespace> other = full || endsWith==null?null:new TreeMap<>();
- for(UserRoleDAO.Data urdd : urd.value) {
- if(full) {
- if(endsWith==null || urdd.role.endsWith(endsWith)) {
- RoleDAO.Data rd = RoleDAO.Data.decode(urdd);
- Result<NsDAO.Data> nsd = ques.mayUser(trans, user, rd, Access.read);
- if(nsd.isOK()) {
- Namespace namespace = lm.get(nsd.value.name);
- if(namespace==null) {
- namespace = new Namespace(nsd.value);
- lm.put(namespace.name,namespace);
- }
- Result<List<String>> rls = func.getAdmins(trans, namespace.name, false);
- if(rls.isOK()) {
- namespace.admin=rls.value;
- }
-
- rls = func.getOwners(trans, namespace.name, false);
- if(rls.isOK()) {
- namespace.owner=rls.value;
- }
- }
- }
- } else { // Shortened version. Only Namespace Info available from Role.
- if(Question.ADMIN.equals(urdd.rname) || Question.OWNER.equals(urdd.rname)) {
- RoleDAO.Data rd = RoleDAO.Data.decode(urdd);
- Result<NsDAO.Data> nsd = ques.mayUser(trans, user, rd, Access.read);
- if(nsd.isOK()) {
- Namespace namespace = lm.get(nsd.value.name);
- if(namespace==null) {
- if(other!=null) {
- namespace = other.remove(nsd.value.name);
- }
- if(namespace==null) {
- namespace = new Namespace(nsd.value);
- namespace.admin=new ArrayList<>();
- namespace.owner=new ArrayList<>();
- }
- if(endsWith==null || urdd.role.endsWith(endsWith)) {
- lm.put(namespace.name,namespace);
- } else {
- other.put(namespace.name,namespace);
- }
- }
- if(Question.OWNER.equals(urdd.rname)) {
- namespace.owner.add(urdd.user);
- } else {
- namespace.admin.add(urdd.user);
- }
- }
- }
- }
- }
- return Result.ok(lm.values());
- }
-
- @ApiDoc(
- method = GET,
- path = "/authz/nss/responsible/:id",
- params = { "id|string|true" },
- expectedCode = 200,
- errorCodes = { 403,404 },
- text = { "Lists all Namespaces where Identity :id is a Responsible Party",
- "Note: :id must be fully qualified (i.e. ab1234@people.osaaf.org)"
- }
- )
- @Override
- public Result<NSS> getNSbyResponsible(AuthzTrans trans, String user, boolean full) {
- final Validator v = new ServiceValidator();
- if (v.nullOrBlank("User", user).err()) {
- return Result.err(Status.ERR_BadData, v.errs());
- }
- Result<Collection<Namespace>> rn = loadNamepace(trans, user, ".owner",full);
- if(rn.notOK()) {
- return Result.err(rn);
- }
- if (rn.isEmpty()) {
- return Result.err(Status.ERR_NotFound, "[%s] is not an owner for any namespaces",user);
- }
- NSS nss = mapper.newInstance(API.NSS);
- // Note: "loadNamespace" prevalidates
- return mapper.nss(trans, rn.value, nss);
- }
-
- @ApiDoc(
- method = GET,
- path = "/authz/nss/children/:id",
- params = { "id|string|true" },
- expectedCode = 200,
- errorCodes = { 403,404 },
- text = { "Lists all Child Namespaces of Namespace :id",
- "Note: This is not a cached read"
- }
- )
- @Override
- public Result<NSS> getNSsChildren(AuthzTrans trans, String parent) {
- final Validator v = new ServiceValidator();
- if(v.nullOrBlank("NS", parent).err()) {
- return Result.err(Status.ERR_BadData,v.errs());
- }
-
- Result<NsDAO.Data> rnd = ques.deriveNs(trans, parent);
- if(rnd.notOK()) {
- return Result.err(rnd);
- }
- rnd = ques.mayUser(trans, trans.user(), rnd.value, Access.read);
- if(rnd.notOK()) {
- return Result.err(rnd);
- }
-
- Set<Namespace> lm = new HashSet<>();
- Result<List<NsDAO.Data>> rlnd = ques.nsDAO.dao().getChildren(trans, parent);
- if(rlnd.isOK()) {
- if(rlnd.isEmpty()) {
- return Result.err(Status.ERR_NotFound, "No data found for %s",parent);
- }
- for(NsDAO.Data ndd : rlnd.value) {
- Namespace namespace = new Namespace(ndd);
- Result<List<String>> rls = func.getAdmins(trans, namespace.name, false);
- if(rls.isOK()) {
- namespace.admin=rls.value;
- }
-
- rls = func.getOwners(trans, namespace.name, false);
- if(rls.isOK()) {
- namespace.owner=rls.value;
- }
-
- lm.add(namespace);
- }
- NSS nss = mapper.newInstance(API.NSS);
- return mapper.nss(trans,lm, nss);
- } else {
- return Result.err(rlnd);
- }
- }
-
-
- @ApiDoc(
- method = PUT,
- path = "/authz/ns",
- params = {},
- expectedCode = 200,
- errorCodes = { 403,404,406 },
- text = { "Replace the Current Description of a Namespace with a new one"
- }
- )
- @Override
- public Result<Void> updateNsDescription(AuthzTrans trans, REQUEST from) {
- final Result<Namespace> nsd = mapper.ns(trans, from);
- final ServiceValidator v = new ServiceValidator();
- if(v.ns(nsd).err()) {
- return Result.err(Status.ERR_BadData,v.errs());
- }
- if(v.nullOrBlank("description", nsd.value.description).err()) {
- return Result.err(Status.ERR_BadData,v.errs());
- }
-
- Namespace namespace = nsd.value;
- Result<List<NsDAO.Data>> rlnd = ques.nsDAO.read(trans, namespace.name);
-
- if(rlnd.notOKorIsEmpty()) {
- return Result.err(Status.ERR_NotFound, "Namespace [%s] does not exist",namespace.name);
- }
-
- if (ques.mayUser(trans, trans.user(), rlnd.value.get(0), Access.write).notOK()) {
- return Result.err(Status.ERR_Denied, "You do not have approval to change %s",namespace.name);
- }
-
- Result<Void> rdr = ques.nsDAO.dao().addDescription(trans, namespace.name, namespace.description);
- if(rdr.isOK()) {
- return Result.ok();
- } else {
- return Result.err(rdr);
- }
- }
-
- /**
- * deleteNS
- * @throws DAOException
- * @see org.onap.aaf.auth.service.AuthzService#deleteNS(org.onap.aaf.auth.env.test.AuthzTrans, java.lang.String, java.lang.String)
- */
- @ApiDoc(
- method = DELETE,
- path = "/authz/ns/:ns",
- params = { "ns|string|true" },
- expectedCode = 200,
- errorCodes = { 403,404,424 },
- text = { "Delete the Namespace :ns. Namespaces cannot normally be deleted when there ",
- "are still credentials associated with them, but they can be deleted by setting ",
- "the \"force\" property. To do this: Add 'force=true' as a query parameter",
- "<p>WARNING: Using force will delete all credentials attached to this namespace. Use with care.</p>"
- + "if the \"force\" property is set to 'force=move', then Permissions and Roles are not deleted,"
- + "but are retained, and assigned to the Parent Namespace. 'force=move' is not permitted "
- + "at or below Application Scope"
- }
- )
- @Override
- public Result<Void> deleteNS(AuthzTrans trans, String ns) {
- return func.deleteNS(trans, ns);
- }
+ } finally {
+ tt.done();
+ }
+ }
+
+ @ApiDoc(
+ method = DELETE,
+ path = "/authz/ns/:ns/attrib/:key",
+ params = { "ns|string|true",
+ "key|string|true"},
+ expectedCode = 200,
+ errorCodes = { 403,404 },
+ text = {
+ "Delete an attribute in the Namespace",
+ "You must be given direct permission for key by AAF"
+ }
+ )
+ @Override
+ public Result<Void> deleteNsAttrib(AuthzTrans trans, String ns, String key) {
+ TimeTaken tt = trans.start("Delete NsAttrib " + ns + ':' + key, Env.SUB);
+ try {
+ // Check inputs
+ final Validator v = new ServiceValidator();
+ if(v.nullOrBlank("NS",ns).err() ||
+ v.nullOrBlank("Key",key).err()) {
+ return Result.err(Status.ERR_BadData,v.errs());
+ }
+
+ // Check if exists already
+ Result<List<Data>> rlnsd = ques.nsDAO.read(trans, ns);
+ if(rlnsd.notOKorIsEmpty()) {
+ return Result.err(rlnsd);
+ }
+ NsDAO.Data nsd = rlnsd.value.get(0);
+
+ // Check for Existence
+ if(nsd.attrib.get(key)==null) {
+ return Result.err(Status.ERR_NotFound, "NS Property [%s:%s] does not exist", ns, key);
+ }
+
+ // Check if User may del
+ if(!ques.isGranted(trans, trans.user(), ROOT_NS, "attrib", ":" + ROOT_COMPANY + ".*:"+key, Access.write.name())) {
+ return Result.err(Status.ERR_Denied, "%s may not delete NS Attrib [%s:%s]", trans.user(),ns, key);
+ }
+
+ // Add Attrib
+ nsd.attrib.remove(key);
+ ques.nsDAO.dao().attribRemove(trans,ns,key);
+ return Result.ok();
+ } finally {
+ tt.done();
+ }
+ }
+
+ @ApiDoc(
+ method = GET,
+ path = "/authz/nss/:id",
+ params = { "id|string|true" },
+ expectedCode = 200,
+ errorCodes = { 404,406 },
+ text = {
+ "Lists the Admin(s), Responsible Party(s), Role(s), Permission(s)",
+ "Credential(s) and Expiration of Credential(s) in Namespace :id",
+ }
+ )
+ @Override
+ public Result<NSS> getNSbyName(AuthzTrans trans, String ns) {
+ final Validator v = new ServiceValidator();
+ if(v.nullOrBlank("NS", ns).err()) {
+ return Result.err(Status.ERR_BadData,v.errs());
+ }
+
+ Result<List<NsDAO.Data>> rlnd = ques.nsDAO.read(trans, ns);
+ if(rlnd.isOK()) {
+ if(rlnd.isEmpty()) {
+ return Result.err(Status.ERR_NotFound, "No data found for %s",ns);
+ }
+ Result<NsDAO.Data> rnd = ques.mayUser(trans, trans.user(), rlnd.value.get(0), Access.read);
+ if(rnd.notOK()) {
+ return Result.err(rnd);
+ }
+
+
+ Namespace namespace = new Namespace(rnd.value);
+ Result<List<String>> rd = func.getOwners(trans, namespace.name, false);
+ if(rd.isOK()) {
+ namespace.owner = rd.value;
+ }
+ rd = func.getAdmins(trans, namespace.name, false);
+ if(rd.isOK()) {
+ namespace.admin = rd.value;
+ }
+
+ NSS nss = mapper.newInstance(API.NSS);
+ return mapper.nss(trans, namespace, nss);
+ } else {
+ return Result.err(rlnd);
+ }
+ }
+
+ @ApiDoc(
+ method = GET,
+ path = "/authz/nss/admin/:id",
+ params = { "id|string|true" },
+ expectedCode = 200,
+ errorCodes = { 403,404 },
+ text = { "Lists all Namespaces where Identity :id is an Admin",
+ "Note: :id must be fully qualified (i.e. ab1234@people.osaaf.org)"
+ }
+ )
+ @Override
+ public Result<NSS> getNSbyAdmin(AuthzTrans trans, String user, boolean full) {
+ final Validator v = new ServiceValidator();
+ if (v.nullOrBlank("User", user).err()) {
+ return Result.err(Status.ERR_BadData, v.errs());
+ }
+
+ Result<Collection<Namespace>> rn = loadNamepace(trans, user, ".admin", full);
+ if(rn.notOK()) {
+ return Result.err(rn);
+ }
+ if (rn.isEmpty()) {
+ return Result.err(Status.ERR_NotFound, "[%s] is not an admin for any namespaces",user);
+ }
+ NSS nss = mapper.newInstance(API.NSS);
+ // Note: "loadNamespace" already validates view of Namespace
+ return mapper.nss(trans, rn.value, nss);
+ }
+
+ @ApiDoc(
+ method = GET,
+ path = "/authz/nss/either/:id",
+ params = { "id|string|true" },
+ expectedCode = 200,
+ errorCodes = { 403,404 },
+ text = { "Lists all Namespaces where Identity :id is either an Admin or an Owner",
+ "Note: :id must be fully qualified (i.e. ab1234@people.osaaf.org)"
+ }
+ )
+ @Override
+ public Result<NSS> getNSbyEither(AuthzTrans trans, String user, boolean full) {
+ final Validator v = new ServiceValidator();
+ if (v.nullOrBlank("User", user).err()) {
+ return Result.err(Status.ERR_BadData, v.errs());
+ }
+
+ Result<Collection<Namespace>> rn = loadNamepace(trans, user, null, full);
+ if(rn.notOK()) {
+ return Result.err(rn);
+ }
+ if (rn.isEmpty()) {
+ return Result.err(Status.ERR_NotFound, "[%s] is not an admin or owner for any namespaces",user);
+ }
+ NSS nss = mapper.newInstance(API.NSS);
+ // Note: "loadNamespace" already validates view of Namespace
+ return mapper.nss(trans, rn.value, nss);
+ }
+
+ private Result<Collection<Namespace>> loadNamepace(AuthzTrans trans, String user, String endsWith, boolean full) {
+ Result<List<UserRoleDAO.Data>> urd = ques.userRoleDAO.readByUser(trans, user);
+ if(urd.notOKorIsEmpty()) {
+ return Result.err(urd);
+ }
+ Map<String, Namespace> lm = new HashMap<>();
+ Map<String, Namespace> other = full || endsWith==null?null:new TreeMap<>();
+ for(UserRoleDAO.Data urdd : urd.value) {
+ if(full) {
+ if(endsWith==null || urdd.role.endsWith(endsWith)) {
+ RoleDAO.Data rd = RoleDAO.Data.decode(urdd);
+ Result<NsDAO.Data> nsd = ques.mayUser(trans, user, rd, Access.read);
+ if(nsd.isOK()) {
+ Namespace namespace = lm.get(nsd.value.name);
+ if(namespace==null) {
+ namespace = new Namespace(nsd.value);
+ lm.put(namespace.name,namespace);
+ }
+ Result<List<String>> rls = func.getAdmins(trans, namespace.name, false);
+ if(rls.isOK()) {
+ namespace.admin=rls.value;
+ }
+
+ rls = func.getOwners(trans, namespace.name, false);
+ if(rls.isOK()) {
+ namespace.owner=rls.value;
+ }
+ }
+ }
+ } else { // Shortened version. Only Namespace Info available from Role.
+ if(Question.ADMIN.equals(urdd.rname) || Question.OWNER.equals(urdd.rname)) {
+ RoleDAO.Data rd = RoleDAO.Data.decode(urdd);
+ Result<NsDAO.Data> nsd = ques.mayUser(trans, user, rd, Access.read);
+ if(nsd.isOK()) {
+ Namespace namespace = lm.get(nsd.value.name);
+ if(namespace==null) {
+ if(other!=null) {
+ namespace = other.remove(nsd.value.name);
+ }
+ if(namespace==null) {
+ namespace = new Namespace(nsd.value);
+ namespace.admin=new ArrayList<>();
+ namespace.owner=new ArrayList<>();
+ }
+ if(endsWith==null || urdd.role.endsWith(endsWith)) {
+ lm.put(namespace.name,namespace);
+ } else {
+ other.put(namespace.name,namespace);
+ }
+ }
+ if(Question.OWNER.equals(urdd.rname)) {
+ namespace.owner.add(urdd.user);
+ } else {
+ namespace.admin.add(urdd.user);
+ }
+ }
+ }
+ }
+ }
+ return Result.ok(lm.values());
+ }
+
+ @ApiDoc(
+ method = GET,
+ path = "/authz/nss/responsible/:id",
+ params = { "id|string|true" },
+ expectedCode = 200,
+ errorCodes = { 403,404 },
+ text = { "Lists all Namespaces where Identity :id is a Responsible Party",
+ "Note: :id must be fully qualified (i.e. ab1234@people.osaaf.org)"
+ }
+ )
+ @Override
+ public Result<NSS> getNSbyResponsible(AuthzTrans trans, String user, boolean full) {
+ final Validator v = new ServiceValidator();
+ if (v.nullOrBlank("User", user).err()) {
+ return Result.err(Status.ERR_BadData, v.errs());
+ }
+ Result<Collection<Namespace>> rn = loadNamepace(trans, user, ".owner",full);
+ if(rn.notOK()) {
+ return Result.err(rn);
+ }
+ if (rn.isEmpty()) {
+ return Result.err(Status.ERR_NotFound, "[%s] is not an owner for any namespaces",user);
+ }
+ NSS nss = mapper.newInstance(API.NSS);
+ // Note: "loadNamespace" prevalidates
+ return mapper.nss(trans, rn.value, nss);
+ }
+
+ @ApiDoc(
+ method = GET,
+ path = "/authz/nss/children/:id",
+ params = { "id|string|true" },
+ expectedCode = 200,
+ errorCodes = { 403,404 },
+ text = { "Lists all Child Namespaces of Namespace :id",
+ "Note: This is not a cached read"
+ }
+ )
+ @Override
+ public Result<NSS> getNSsChildren(AuthzTrans trans, String parent) {
+ final Validator v = new ServiceValidator();
+ if(v.nullOrBlank("NS", parent).err()) {
+ return Result.err(Status.ERR_BadData,v.errs());
+ }
+
+ Result<NsDAO.Data> rnd = ques.deriveNs(trans, parent);
+ if(rnd.notOK()) {
+ return Result.err(rnd);
+ }
+ rnd = ques.mayUser(trans, trans.user(), rnd.value, Access.read);
+ if(rnd.notOK()) {
+ return Result.err(rnd);
+ }
+
+ Set<Namespace> lm = new HashSet<>();
+ Result<List<NsDAO.Data>> rlnd = ques.nsDAO.dao().getChildren(trans, parent);
+ if(rlnd.isOK()) {
+ if(rlnd.isEmpty()) {
+ return Result.err(Status.ERR_NotFound, "No data found for %s",parent);
+ }
+ for(NsDAO.Data ndd : rlnd.value) {
+ Namespace namespace = new Namespace(ndd);
+ Result<List<String>> rls = func.getAdmins(trans, namespace.name, false);
+ if(rls.isOK()) {
+ namespace.admin=rls.value;
+ }
+
+ rls = func.getOwners(trans, namespace.name, false);
+ if(rls.isOK()) {
+ namespace.owner=rls.value;
+ }
+
+ lm.add(namespace);
+ }
+ NSS nss = mapper.newInstance(API.NSS);
+ return mapper.nss(trans,lm, nss);
+ } else {
+ return Result.err(rlnd);
+ }
+ }
+
+
+ @ApiDoc(
+ method = PUT,
+ path = "/authz/ns",
+ params = {},
+ expectedCode = 200,
+ errorCodes = { 403,404,406 },
+ text = { "Replace the Current Description of a Namespace with a new one"
+ }
+ )
+ @Override
+ public Result<Void> updateNsDescription(AuthzTrans trans, REQUEST from) {
+ final Result<Namespace> nsd = mapper.ns(trans, from);
+ final ServiceValidator v = new ServiceValidator();
+ if(v.ns(nsd).err()) {
+ return Result.err(Status.ERR_BadData,v.errs());
+ }
+ if(v.nullOrBlank("description", nsd.value.description).err()) {
+ return Result.err(Status.ERR_BadData,v.errs());
+ }
+
+ Namespace namespace = nsd.value;
+ Result<List<NsDAO.Data>> rlnd = ques.nsDAO.read(trans, namespace.name);
+
+ if(rlnd.notOKorIsEmpty()) {
+ return Result.err(Status.ERR_NotFound, "Namespace [%s] does not exist",namespace.name);
+ }
+
+ if (ques.mayUser(trans, trans.user(), rlnd.value.get(0), Access.write).notOK()) {
+ return Result.err(Status.ERR_Denied, "You do not have approval to change %s",namespace.name);
+ }
+
+ Result<Void> rdr = ques.nsDAO.dao().addDescription(trans, namespace.name, namespace.description);
+ if(rdr.isOK()) {
+ return Result.ok();
+ } else {
+ return Result.err(rdr);
+ }
+ }
+
+ /**
+ * deleteNS
+ * @throws DAOException
+ * @see org.onap.aaf.auth.service.AuthzService#deleteNS(org.onap.aaf.auth.env.test.AuthzTrans, java.lang.String, java.lang.String)
+ */
+ @ApiDoc(
+ method = DELETE,
+ path = "/authz/ns/:ns",
+ params = { "ns|string|true" },
+ expectedCode = 200,
+ errorCodes = { 403,404,424 },
+ text = { "Delete the Namespace :ns. Namespaces cannot normally be deleted when there ",
+ "are still credentials associated with them, but they can be deleted by setting ",
+ "the \"force\" property. To do this: Add 'force=true' as a query parameter",
+ "<p>WARNING: Using force will delete all credentials attached to this namespace. Use with care.</p>"
+ + "if the \"force\" property is set to 'force=move', then Permissions and Roles are not deleted,"
+ + "but are retained, and assigned to the Parent Namespace. 'force=move' is not permitted "
+ + "at or below Application Scope"
+ }
+ )
+ @Override
+ public Result<Void> deleteNS(AuthzTrans trans, String ns) {
+ return func.deleteNS(trans, ns);
+ }
/***********************************
* PERM
***********************************/
- /*
- * (non-Javadoc)
- * @see org.onap.aaf.auth.service.AuthzService#createOrUpdatePerm(org.onap.aaf.auth.env.test.AuthzTrans, java.lang.Object, boolean, java.lang.String, java.lang.String, java.lang.String, java.util.List, java.util.List)
- */
- @ApiDoc(
- method = POST,
- path = "/authz/perm",
- params = {},
- expectedCode = 201,
- errorCodes = {403,404,406,409},
- text = { "Permission consists of:",
- "<ul><li>type - a Namespace qualified identifier specifying what kind of resource "
- + "is being protected</li>",
- "<li>instance - a key, possibly multi-dimensional, that identifies a specific "
- + " instance of the type</li>",
- "<li>action - what kind of action is allowed</li></ul>",
- "Note: instance and action can be an *"
- }
- )
- @Override
- public Result<Void> createPerm(final AuthzTrans trans,REQUEST rreq) {
- final Result<PermDAO.Data> newPd = mapper.perm(trans, rreq);
- final ServiceValidator v = new ServiceValidator();
- if(v.perm(newPd).err()) {
- return Result.err(Status.ERR_BadData,v.errs());
- }
-
- Result<FutureDAO.Data> fd = mapper.future(trans, PermDAO.TABLE, rreq, newPd.value,false,
- new Mapper.Memo() {
- @Override
- public String get() {
- return "Create Permission [" +
- newPd.value.fullType() + '|' +
- newPd.value.instance + '|' +
- newPd.value.action + ']';
- }
- },
- new MayChange() {
- private Result<NsDAO.Data> nsd;
- @Override
- public Result<?> mayChange() {
- if(nsd==null) {
- nsd = ques.mayUser(trans, trans.user(), newPd.value, Access.write);
- }
- return nsd;
- }
- });
- Result<List<NsDAO.Data>> nsr = ques.nsDAO.read(trans, newPd.value.ns);
- if(nsr.notOKorIsEmpty()) {
- return Result.err(nsr);
- }
- switch(fd.status) {
- case OK:
- Result<String> rfc = func.createFuture(trans,fd.value,
- newPd.value.fullType() + '|' + newPd.value.instance + '|' + newPd.value.action,
- trans.user(),
- nsr.value.get(0),
- FUTURE_OP.C);
- if(rfc.isOK()) {
- return Result.err(Status.ACC_Future, "Perm [%s.%s|%s|%s] is saved for future processing",
- newPd.value.ns,
- newPd.value.type,
- newPd.value.instance,
- newPd.value.action);
- } else {
- return Result.err(rfc);
- }
- case Status.ACC_Now:
- return func.createPerm(trans, newPd.value, true);
- default:
- return Result.err(fd);
- }
- }
-
- @ApiDoc(
- method = GET,
- path = "/authz/perms/:type",
- params = {"type|string|true"},
- expectedCode = 200,
- errorCodes = { 404,406 },
- text = { "List All Permissions that match the :type element of the key" }
- )
- @Override
- public Result<PERMS> getPermsByType(AuthzTrans trans, final String permType) {
- final Validator v = new ServiceValidator();
- if(v.nullOrBlank("PermType", permType).err()) {
- return Result.err(Status.ERR_BadData,v.errs());
- }
-
- Result<List<PermDAO.Data>> rlpd = ques.getPermsByType(trans, permType);
- if(rlpd.notOK()) {
- return Result.err(rlpd);
- }
-
-// We don't have instance & action for mayUserView... do we want to loop through all returned here as well as in mapper?
-// Result<NsDAO.Data> r;
-// if((r = ques.mayUserViewPerm(trans, trans.user(), permType)).notOK())return Result.err(r);
-
- PERMS perms = mapper.newInstance(API.PERMS);
- if(!rlpd.isEmpty()) {
- // Note: Mapper will restrict what can be viewed
- return mapper.perms(trans, rlpd.value, perms, true);
- }
- return Result.ok(perms);
- }
-
- @ApiDoc(
- method = GET,
- path = "/authz/perms/:type/:instance/:action",
- params = {"type|string|true",
- "instance|string|true",
- "action|string|true"},
- expectedCode = 200,
- errorCodes = { 404,406 },
- text = { "List Permissions that match key; :type, :instance and :action" }
- )
- @Override
- public Result<PERMS> getPermsByName(AuthzTrans trans, String type, String instance, String action) {
- final Validator v = new ServiceValidator();
- if(v.nullOrBlank("PermType", type).err()
- || v.nullOrBlank("PermInstance", instance).err()
- || v.nullOrBlank("PermAction", action).err()) {
- return Result.err(Status.ERR_BadData,v.errs());
- }
-
- Result<List<PermDAO.Data>> rlpd = ques.getPermsByName(trans, type, instance, action);
- if(rlpd.notOK()) {
- return Result.err(rlpd);
- }
-
- PERMS perms = mapper.newInstance(API.PERMS);
- if(!rlpd.isEmpty()) {
- // Note: Mapper will restrict what can be viewed
- return mapper.perms(trans, rlpd.value, perms, true);
- }
- return Result.ok(perms);
- }
-
- @ApiDoc(
- method = GET,
- path = "/authz/perms/user/:user",
- params = {"user|string|true"},
- expectedCode = 200,
- errorCodes = { 404,406 },
- text = { "List All Permissions that match user :user",
- "<p>'user' must be expressed as full identity (ex: id@full.domain.com)</p>"}
- )
- @Override
- public Result<PERMS> getPermsByUser(AuthzTrans trans, String user) {
- final Validator v = new ServiceValidator();
- if(v.nullOrBlank("User", user).err()) {
- return Result.err(Status.ERR_BadData,v.errs());
- }
-
- Result<List<PermDAO.Data>> rlpd = ques.getPermsByUser(trans, user,
- trans.requested(force));
- if(rlpd.notOK()) {
- return Result.err(rlpd);
- }
-
- PERMS perms = mapper.newInstance(API.PERMS);
-
- if(rlpd.isEmpty()) {
- return Result.ok(perms);
- }
- // Note: Mapper will restrict what can be viewed
- // if user is the same as that which is looked up, no filtering is required
- return mapper.perms(trans, rlpd.value,
- perms,
- !user.equals(trans.user()));
- }
-
- @ApiDoc(
- method = GET,
- path = "/authz/perms/user/:user/scope/:scope",
- params = {"user|string|true","scope|string|true"},
- expectedCode = 200,
- errorCodes = { 404,406 },
- text = { "List All Permissions that match user :user, filtered by NS (Scope)",
- "<p>'user' must be expressed as full identity (ex: id@full.domain.com)</p>",
- "<p>'scope' must be expressed as NSs separated by ':'</p>"
- }
- )
- @Override
- public Result<PERMS> getPermsByUserScope(AuthzTrans trans, String user, String[] scopes) {
- final Validator v = new ServiceValidator();
- if(v.nullOrBlank("User", user).err()) {
- return Result.err(Status.ERR_BadData,v.errs());
- }
-
- Result<List<PermDAO.Data>> rlpd = ques.getPermsByUser(trans, user, trans.requested(force));
- if(rlpd.notOK()) {
- return Result.err(rlpd);
- }
-
- PERMS perms = mapper.newInstance(API.PERMS);
-
- if(rlpd.isEmpty()) {
- return Result.ok(perms);
- }
- // Note: Mapper will restrict what can be viewed
- // if user is the same as that which is looked up, no filtering is required
- return mapper.perms(trans, rlpd.value,
- perms,
- scopes,
- !user.equals(trans.user()));
- }
-
- @ApiDoc(
- method = POST,
- path = "/authz/perms/user/:user",
- params = {"user|string|true"},
- expectedCode = 200,
- errorCodes = { 404,406 },
- text = { "List All Permissions that match user :user",
- "<p>'user' must be expressed as full identity (ex: id@full.domain.com)</p>",
- "",
- "Present Queries as one or more Permissions (see ContentType Links below for format).",
- "",
- "If the Caller is Granted this specific Permission, and the Permission is valid",
- " for the User, it will be included in response Permissions, along with",
- " all the normal permissions on the 'GET' version of this call. If it is not",
- " valid, or Caller does not have permission to see, it will be removed from the list",
- "",
- " *Note: This design allows you to make one call for all expected permissions",
- " The permission to be included MUST be:",
- " <user namespace>.access|:<ns|role|perm>[:key]|<create|read|write>",
- " examples:",
- " com.att.myns.access|:ns|write",
- " com.att.myns.access|:role:myrole|create",
- " com.att.myns.access|:perm:mytype:myinstance:myaction|read",
- ""
- }
- )
- @Override
- public Result<PERMS> getPermsByUser(AuthzTrans trans, PERMS _perms, String user) {
- PERMS perms = _perms;
- final Validator v = new ServiceValidator();
- if(v.nullOrBlank("User", user).err()) {
- return Result.err(Status.ERR_BadData,v.errs());
- }
-
- //////////////
- Result<List<PermDAO.Data>> rlpd = ques.getPermsByUser(trans, user,trans.requested(force));
- if(rlpd.notOK()) {
- return Result.err(rlpd);
- }
-
- /*//TODO
- 1) See if allowed to query
- 2) See if User is allowed
- */
- Result<List<PermDAO.Data>> in = mapper.perms(trans, perms);
- if(in.isOKhasData()) {
- List<PermDAO.Data> out = rlpd.value;
- boolean ok;
- for(PermDAO.Data pdd : in.value) {
- ok = false;
- if("access".equals(pdd.type)) {
- Access access = Access.valueOf(pdd.action);
- String[] mdkey = Split.splitTrim(':',pdd.instance);
- if(mdkey.length>1) {
- String type = mdkey[1];
- if("role".equals(type)) {
- if(mdkey.length>2) {
- RoleDAO.Data rdd = new RoleDAO.Data();
- rdd.ns=pdd.ns;
- rdd.name=mdkey[2];
- ok = ques.mayUser(trans, trans.user(), rdd, Access.read).isOK() && ques.mayUser(trans, user, rdd , access).isOK();
- }
- } else if("perm".equals(type)) {
- if(mdkey.length>4) { // also need instance/action
- PermDAO.Data p = new PermDAO.Data();
- p.ns=pdd.ns;
- p.type=mdkey[2];
- p.instance=mdkey[3];
- p.action=mdkey[4];
- ok = ques.mayUser(trans, trans.user(), p, Access.read).isOK() && ques.mayUser(trans, user, p , access).isOK();
- }
- } else if("ns".equals(type)) {
- NsDAO.Data ndd = new NsDAO.Data();
- ndd.name=pdd.ns;
- ok = ques.mayUser(trans, trans.user(), ndd, Access.read).isOK() && ques.mayUser(trans, user, ndd , access).isOK();
- }
- }
- }
- if(ok) {
- out.add(pdd);
- }
- }
- }
-
- perms = mapper.newInstance(API.PERMS);
- if(rlpd.isEmpty()) {
- return Result.ok(perms);
- }
- // Note: Mapper will restrict what can be viewed
- // if user is the same as that which is looked up, no filtering is required
- return mapper.perms(trans, rlpd.value,
- perms,
- !user.equals(trans.user()));
- }
-
- @ApiDoc(
- method = GET,
- path = "/authz/perms/role/:role",
- params = {"role|string|true"},
- expectedCode = 200,
- errorCodes = { 404,406 },
- text = { "List All Permissions that are granted to :role" }
- )
- @Override
- public Result<PERMS> getPermsByRole(AuthzTrans trans,String role) {
- final Validator v = new ServiceValidator();
- if(v.nullOrBlank("Role", role).err()) {
- return Result.err(Status.ERR_BadData,v.errs());
- }
-
- Result<RoleDAO.Data> rrdd = RoleDAO.Data.decode(trans, ques,role);
- if(rrdd.notOK()) {
- return Result.err(rrdd);
- }
-
- Result<NsDAO.Data> r = ques.mayUser(trans, trans.user(), rrdd.value, Access.read);
- if(r.notOK()) {
- return Result.err(r);
- }
-
- PERMS perms = mapper.newInstance(API.PERMS);
-
- Result<List<PermDAO.Data>> rlpd = ques.getPermsByRole(trans, role, trans.requested(force));
- if(rlpd.isOKhasData()) {
- // Note: Mapper will restrict what can be viewed
- return mapper.perms(trans, rlpd.value, perms, true);
- }
- return Result.ok(perms);
- }
-
- @ApiDoc(
- method = GET,
- path = "/authz/perms/ns/:ns",
- params = {"ns|string|true"},
- expectedCode = 200,
- errorCodes = { 404,406 },
- text = { "List All Permissions that are in Namespace :ns" }
- )
- @Override
- public Result<PERMS> getPermsByNS(AuthzTrans trans,String ns) {
- final Validator v = new ServiceValidator();
- if(v.nullOrBlank("NS", ns).err()) {
- return Result.err(Status.ERR_BadData,v.errs());
- }
-
- Result<NsDAO.Data> rnd = ques.deriveNs(trans, ns);
- if(rnd.notOK()) {
- return Result.err(rnd);
- }
-
- rnd = ques.mayUser(trans, trans.user(), rnd.value, Access.read);
- if(rnd.notOK()) {
- return Result.err(rnd);
- }
-
- Result<List<PermDAO.Data>> rlpd = ques.permDAO.readNS(trans, ns);
- if(rlpd.notOK()) {
- return Result.err(rlpd);
- }
-
- PERMS perms = mapper.newInstance(API.PERMS);
- if(!rlpd.isEmpty()) {
- // Note: Mapper will restrict what can be viewed
- return mapper.perms(trans, rlpd.value,perms, true);
- }
- return Result.ok(perms);
- }
-
- @ApiDoc(
- method = PUT,
- path = "/authz/perm/:type/:instance/:action",
- params = {"type|string|true",
- "instance|string|true",
- "action|string|true"},
- expectedCode = 200,
- errorCodes = { 404,406, 409 },
- text = { "Rename the Permission referenced by :type :instance :action, and "
- + "rename (copy/delete) to the Permission described in PermRequest" }
- )
- @Override
- public Result<Void> renamePerm(final AuthzTrans trans,REQUEST rreq, String origType, String origInstance, String origAction) {
- final Result<PermDAO.Data> newPd = mapper.perm(trans, rreq);
- final ServiceValidator v = new ServiceValidator();
- if(v.perm(newPd).err()) {
- return Result.err(Status.ERR_BadData,v.errs());
- }
-
- if (ques.mayUser(trans, trans.user(), newPd.value,Access.write).notOK()) {
- return Result.err(Status.ERR_Denied, "You do not have approval to change Permission [%s.%s|%s|%s]",
- newPd.value.ns,newPd.value.type,newPd.value.instance,newPd.value.action);
- }
-
- Result<NsSplit> nss = ques.deriveNsSplit(trans, origType);
- Result<List<PermDAO.Data>> origRlpd = ques.permDAO.read(trans, nss.value.ns, nss.value.name, origInstance, origAction);
-
- if(origRlpd.notOKorIsEmpty()) {
- return Result.err(Status.ERR_PermissionNotFound,
- "Permission [%s|%s|%s] does not exist",
- origType,origInstance,origAction);
- }
-
- PermDAO.Data origPd = origRlpd.value.get(0);
-
- if (!origPd.ns.equals(newPd.value.ns)) {
- return Result.err(Status.ERR_Denied, "Cannot change namespace with rename command. " +
- "<new type> must start with [" + origPd.ns + "]");
- }
-
- if ( origPd.type.equals(newPd.value.type) &&
- origPd.action.equals(newPd.value.action) &&
- origPd.instance.equals(newPd.value.instance) ) {
- return Result.err(Status.ERR_ConflictAlreadyExists, "New Permission must be different than original permission");
- }
-
- Set<String> origRoles = origPd.roles(false);
- if (!origRoles.isEmpty()) {
- Set<String> roles = newPd.value.roles(true);
- for (String role : origPd.roles) {
- roles.add(role);
- }
- }
-
- newPd.value.description = origPd.description;
-
- Result<Void> rv = null;
-
- rv = func.createPerm(trans, newPd.value, false);
- if (rv.isOK()) {
- rv = func.deletePerm(trans, origPd, true, false);
- }
- return rv;
- }
-
- @ApiDoc(
- method = PUT,
- path = "/authz/perm",
- params = {},
- expectedCode = 200,
- errorCodes = { 404,406 },
- text = { "Add Description Data to Perm" }
- )
- @Override
- public Result<Void> updatePermDescription(AuthzTrans trans, REQUEST from) {
- final Result<PermDAO.Data> pd = mapper.perm(trans, from);
- final ServiceValidator v = new ServiceValidator();
- if(v.perm(pd).err()) {
- return Result.err(Status.ERR_BadData,v.errs());
- }
- if(v.nullOrBlank("description", pd.value.description).err()) {
- return Result.err(Status.ERR_BadData,v.errs());
- }
- final PermDAO.Data perm = pd.value;
- if(ques.permDAO.read(trans, perm.ns, perm.type, perm.instance,perm.action).notOKorIsEmpty()) {
- return Result.err(Status.ERR_NotFound, "Permission [%s.%s|%s|%s] does not exist",
- perm.ns,perm.type,perm.instance,perm.action);
- }
-
- if (ques.mayUser(trans, trans.user(), perm, Access.write).notOK()) {
- return Result.err(Status.ERR_Denied, "You do not have approval to change Permission [%s.%s|%s|%s]",
- perm.ns,perm.type,perm.instance,perm.action);
- }
-
- Result<List<NsDAO.Data>> nsr = ques.nsDAO.read(trans, pd.value.ns);
- if(nsr.notOKorIsEmpty()) {
- return Result.err(nsr);
- }
-
- Result<Void> rdr = ques.permDAO.addDescription(trans, perm.ns, perm.type, perm.instance,
- perm.action, perm.description);
- if(rdr.isOK()) {
- return Result.ok();
- } else {
- return Result.err(rdr);
- }
-
- }
-
+ /*
+ * (non-Javadoc)
+ * @see org.onap.aaf.auth.service.AuthzService#createOrUpdatePerm(org.onap.aaf.auth.env.test.AuthzTrans, java.lang.Object, boolean, java.lang.String, java.lang.String, java.lang.String, java.util.List, java.util.List)
+ */
+ @ApiDoc(
+ method = POST,
+ path = "/authz/perm",
+ params = {},
+ expectedCode = 201,
+ errorCodes = {403,404,406,409},
+ text = { "Permission consists of:",
+ "<ul><li>type - a Namespace qualified identifier specifying what kind of resource "
+ + "is being protected</li>",
+ "<li>instance - a key, possibly multi-dimensional, that identifies a specific "
+ + " instance of the type</li>",
+ "<li>action - what kind of action is allowed</li></ul>",
+ "Note: instance and action can be an *"
+ }
+ )
+ @Override
+ public Result<Void> createPerm(final AuthzTrans trans,REQUEST rreq) {
+ final Result<PermDAO.Data> newPd = mapper.perm(trans, rreq);
+ final ServiceValidator v = new ServiceValidator();
+ if(v.perm(newPd).err()) {
+ return Result.err(Status.ERR_BadData,v.errs());
+ }
+
+ Result<FutureDAO.Data> fd = mapper.future(trans, PermDAO.TABLE, rreq, newPd.value,false,
+ new Mapper.Memo() {
+ @Override
+ public String get() {
+ return "Create Permission [" +
+ newPd.value.fullType() + '|' +
+ newPd.value.instance + '|' +
+ newPd.value.action + ']';
+ }
+ },
+ new MayChange() {
+ private Result<NsDAO.Data> nsd;
+ @Override
+ public Result<?> mayChange() {
+ if(nsd==null) {
+ nsd = ques.mayUser(trans, trans.user(), newPd.value, Access.write);
+ }
+ return nsd;
+ }
+ });
+ Result<List<NsDAO.Data>> nsr = ques.nsDAO.read(trans, newPd.value.ns);
+ if(nsr.notOKorIsEmpty()) {
+ return Result.err(nsr);
+ }
+ switch(fd.status) {
+ case OK:
+ Result<String> rfc = func.createFuture(trans,fd.value,
+ newPd.value.fullType() + '|' + newPd.value.instance + '|' + newPd.value.action,
+ trans.user(),
+ nsr.value.get(0),
+ FUTURE_OP.C);
+ if(rfc.isOK()) {
+ return Result.err(Status.ACC_Future, "Perm [%s.%s|%s|%s] is saved for future processing",
+ newPd.value.ns,
+ newPd.value.type,
+ newPd.value.instance,
+ newPd.value.action);
+ } else {
+ return Result.err(rfc);
+ }
+ case Status.ACC_Now:
+ return func.createPerm(trans, newPd.value, true);
+ default:
+ return Result.err(fd);
+ }
+ }
+
+ @ApiDoc(
+ method = GET,
+ path = "/authz/perms/:type",
+ params = {"type|string|true"},
+ expectedCode = 200,
+ errorCodes = { 404,406 },
+ text = { "List All Permissions that match the :type element of the key" }
+ )
+ @Override
+ public Result<PERMS> getPermsByType(AuthzTrans trans, final String permType) {
+ final Validator v = new ServiceValidator();
+ if(v.nullOrBlank("PermType", permType).err()) {
+ return Result.err(Status.ERR_BadData,v.errs());
+ }
+
+ Result<List<PermDAO.Data>> rlpd = ques.getPermsByType(trans, permType);
+ if(rlpd.notOK()) {
+ return Result.err(rlpd);
+ }
+
+// We don't have instance & action for mayUserView... do we want to loop through all returned here as well as in mapper?
+// Result<NsDAO.Data> r;
+// if((r = ques.mayUserViewPerm(trans, trans.user(), permType)).notOK())return Result.err(r);
+
+ PERMS perms = mapper.newInstance(API.PERMS);
+ if(!rlpd.isEmpty()) {
+ // Note: Mapper will restrict what can be viewed
+ return mapper.perms(trans, rlpd.value, perms, true);
+ }
+ return Result.ok(perms);
+ }
+
+ @ApiDoc(
+ method = GET,
+ path = "/authz/perms/:type/:instance/:action",
+ params = {"type|string|true",
+ "instance|string|true",
+ "action|string|true"},
+ expectedCode = 200,
+ errorCodes = { 404,406 },
+ text = { "List Permissions that match key; :type, :instance and :action" }
+ )
+ @Override
+ public Result<PERMS> getPermsByName(AuthzTrans trans, String type, String instance, String action) {
+ final Validator v = new ServiceValidator();
+ if(v.nullOrBlank("PermType", type).err()
+ || v.nullOrBlank("PermInstance", instance).err()
+ || v.nullOrBlank("PermAction", action).err()) {
+ return Result.err(Status.ERR_BadData,v.errs());
+ }
+
+ Result<List<PermDAO.Data>> rlpd = ques.getPermsByName(trans, type, instance, action);
+ if(rlpd.notOK()) {
+ return Result.err(rlpd);
+ }
+
+ PERMS perms = mapper.newInstance(API.PERMS);
+ if(!rlpd.isEmpty()) {
+ // Note: Mapper will restrict what can be viewed
+ return mapper.perms(trans, rlpd.value, perms, true);
+ }
+ return Result.ok(perms);
+ }
+
+ @ApiDoc(
+ method = GET,
+ path = "/authz/perms/user/:user",
+ params = {"user|string|true"},
+ expectedCode = 200,
+ errorCodes = { 404,406 },
+ text = { "List All Permissions that match user :user",
+ "<p>'user' must be expressed as full identity (ex: id@full.domain.com)</p>"}
+ )
+ @Override
+ public Result<PERMS> getPermsByUser(AuthzTrans trans, String user) {
+ final Validator v = new ServiceValidator();
+ if(v.nullOrBlank("User", user).err()) {
+ return Result.err(Status.ERR_BadData,v.errs());
+ }
+
+ Result<List<PermDAO.Data>> rlpd = ques.getPermsByUser(trans, user,
+ trans.requested(force));
+ if(rlpd.notOK()) {
+ return Result.err(rlpd);
+ }
+
+ PERMS perms = mapper.newInstance(API.PERMS);
+
+ if(rlpd.isEmpty()) {
+ return Result.ok(perms);
+ }
+ // Note: Mapper will restrict what can be viewed
+ // if user is the same as that which is looked up, no filtering is required
+ return mapper.perms(trans, rlpd.value,
+ perms,
+ !user.equals(trans.user()));
+ }
+
+ @ApiDoc(
+ method = GET,
+ path = "/authz/perms/user/:user/scope/:scope",
+ params = {"user|string|true","scope|string|true"},
+ expectedCode = 200,
+ errorCodes = { 404,406 },
+ text = { "List All Permissions that match user :user, filtered by NS (Scope)",
+ "<p>'user' must be expressed as full identity (ex: id@full.domain.com)</p>",
+ "<p>'scope' must be expressed as NSs separated by ':'</p>"
+ }
+ )
+ @Override
+ public Result<PERMS> getPermsByUserScope(AuthzTrans trans, String user, String[] scopes) {
+ final Validator v = new ServiceValidator();
+ if(v.nullOrBlank("User", user).err()) {
+ return Result.err(Status.ERR_BadData,v.errs());
+ }
+
+ Result<List<PermDAO.Data>> rlpd = ques.getPermsByUser(trans, user, trans.requested(force));
+ if(rlpd.notOK()) {
+ return Result.err(rlpd);
+ }
+
+ PERMS perms = mapper.newInstance(API.PERMS);
+
+ if(rlpd.isEmpty()) {
+ return Result.ok(perms);
+ }
+ // Note: Mapper will restrict what can be viewed
+ // if user is the same as that which is looked up, no filtering is required
+ return mapper.perms(trans, rlpd.value,
+ perms,
+ scopes,
+ !user.equals(trans.user()));
+ }
+
+ @ApiDoc(
+ method = POST,
+ path = "/authz/perms/user/:user",
+ params = {"user|string|true"},
+ expectedCode = 200,
+ errorCodes = { 404,406 },
+ text = { "List All Permissions that match user :user",
+ "<p>'user' must be expressed as full identity (ex: id@full.domain.com)</p>",
+ "",
+ "Present Queries as one or more Permissions (see ContentType Links below for format).",
+ "",
+ "If the Caller is Granted this specific Permission, and the Permission is valid",
+ " for the User, it will be included in response Permissions, along with",
+ " all the normal permissions on the 'GET' version of this call. If it is not",
+ " valid, or Caller does not have permission to see, it will be removed from the list",
+ "",
+ " *Note: This design allows you to make one call for all expected permissions",
+ " The permission to be included MUST be:",
+ " <user namespace>.access|:<ns|role|perm>[:key]|<create|read|write>",
+ " examples:",
+ " com.att.myns.access|:ns|write",
+ " com.att.myns.access|:role:myrole|create",
+ " com.att.myns.access|:perm:mytype:myinstance:myaction|read",
+ ""
+ }
+ )
+ @Override
+ public Result<PERMS> getPermsByUser(AuthzTrans trans, PERMS _perms, String user) {
+ PERMS perms = _perms;
+ final Validator v = new ServiceValidator();
+ if(v.nullOrBlank("User", user).err()) {
+ return Result.err(Status.ERR_BadData,v.errs());
+ }
+
+ //////////////
+ Result<List<PermDAO.Data>> rlpd = ques.getPermsByUser(trans, user,trans.requested(force));
+ if(rlpd.notOK()) {
+ return Result.err(rlpd);
+ }
+
+ /*//TODO
+ 1) See if allowed to query
+ 2) See if User is allowed
+ */
+ Result<List<PermDAO.Data>> in = mapper.perms(trans, perms);
+ if(in.isOKhasData()) {
+ List<PermDAO.Data> out = rlpd.value;
+ boolean ok;
+ for(PermDAO.Data pdd : in.value) {
+ ok = false;
+ if("access".equals(pdd.type)) {
+ Access access = Access.valueOf(pdd.action);
+ String[] mdkey = Split.splitTrim(':',pdd.instance);
+ if(mdkey.length>1) {
+ String type = mdkey[1];
+ if("role".equals(type)) {
+ if(mdkey.length>2) {
+ RoleDAO.Data rdd = new RoleDAO.Data();
+ rdd.ns=pdd.ns;
+ rdd.name=mdkey[2];
+ ok = ques.mayUser(trans, trans.user(), rdd, Access.read).isOK() && ques.mayUser(trans, user, rdd , access).isOK();
+ }
+ } else if("perm".equals(type)) {
+ if(mdkey.length>4) { // also need instance/action
+ PermDAO.Data p = new PermDAO.Data();
+ p.ns=pdd.ns;
+ p.type=mdkey[2];
+ p.instance=mdkey[3];
+ p.action=mdkey[4];
+ ok = ques.mayUser(trans, trans.user(), p, Access.read).isOK() && ques.mayUser(trans, user, p , access).isOK();
+ }
+ } else if("ns".equals(type)) {
+ NsDAO.Data ndd = new NsDAO.Data();
+ ndd.name=pdd.ns;
+ ok = ques.mayUser(trans, trans.user(), ndd, Access.read).isOK() && ques.mayUser(trans, user, ndd , access).isOK();
+ }
+ }
+ }
+ if(ok) {
+ out.add(pdd);
+ }
+ }
+ }
+
+ perms = mapper.newInstance(API.PERMS);
+ if(rlpd.isEmpty()) {
+ return Result.ok(perms);
+ }
+ // Note: Mapper will restrict what can be viewed
+ // if user is the same as that which is looked up, no filtering is required
+ return mapper.perms(trans, rlpd.value,
+ perms,
+ !user.equals(trans.user()));
+ }
+
+ @ApiDoc(
+ method = GET,
+ path = "/authz/perms/role/:role",
+ params = {"role|string|true"},
+ expectedCode = 200,
+ errorCodes = { 404,406 },
+ text = { "List All Permissions that are granted to :role" }
+ )
+ @Override
+ public Result<PERMS> getPermsByRole(AuthzTrans trans,String role) {
+ final Validator v = new ServiceValidator();
+ if(v.nullOrBlank("Role", role).err()) {
+ return Result.err(Status.ERR_BadData,v.errs());
+ }
+
+ Result<RoleDAO.Data> rrdd = RoleDAO.Data.decode(trans, ques,role);
+ if(rrdd.notOK()) {
+ return Result.err(rrdd);
+ }
+
+ Result<NsDAO.Data> r = ques.mayUser(trans, trans.user(), rrdd.value, Access.read);
+ if(r.notOK()) {
+ return Result.err(r);
+ }
+
+ PERMS perms = mapper.newInstance(API.PERMS);
+
+ Result<List<PermDAO.Data>> rlpd = ques.getPermsByRole(trans, role, trans.requested(force));
+ if(rlpd.isOKhasData()) {
+ // Note: Mapper will restrict what can be viewed
+ return mapper.perms(trans, rlpd.value, perms, true);
+ }
+ return Result.ok(perms);
+ }
+
+ @ApiDoc(
+ method = GET,
+ path = "/authz/perms/ns/:ns",
+ params = {"ns|string|true"},
+ expectedCode = 200,
+ errorCodes = { 404,406 },
+ text = { "List All Permissions that are in Namespace :ns" }
+ )
+ @Override
+ public Result<PERMS> getPermsByNS(AuthzTrans trans,String ns) {
+ final Validator v = new ServiceValidator();
+ if(v.nullOrBlank("NS", ns).err()) {
+ return Result.err(Status.ERR_BadData,v.errs());
+ }
+
+ Result<NsDAO.Data> rnd = ques.deriveNs(trans, ns);
+ if(rnd.notOK()) {
+ return Result.err(rnd);
+ }
+
+ rnd = ques.mayUser(trans, trans.user(), rnd.value, Access.read);
+ if(rnd.notOK()) {
+ return Result.err(rnd);
+ }
+
+ Result<List<PermDAO.Data>> rlpd = ques.permDAO.readNS(trans, ns);
+ if(rlpd.notOK()) {
+ return Result.err(rlpd);
+ }
+
+ PERMS perms = mapper.newInstance(API.PERMS);
+ if(!rlpd.isEmpty()) {
+ // Note: Mapper will restrict what can be viewed
+ return mapper.perms(trans, rlpd.value,perms, true);
+ }
+ return Result.ok(perms);
+ }
+
+ @ApiDoc(
+ method = PUT,
+ path = "/authz/perm/:type/:instance/:action",
+ params = {"type|string|true",
+ "instance|string|true",
+ "action|string|true"},
+ expectedCode = 200,
+ errorCodes = { 404,406, 409 },
+ text = { "Rename the Permission referenced by :type :instance :action, and "
+ + "rename (copy/delete) to the Permission described in PermRequest" }
+ )
+ @Override
+ public Result<Void> renamePerm(final AuthzTrans trans,REQUEST rreq, String origType, String origInstance, String origAction) {
+ final Result<PermDAO.Data> newPd = mapper.perm(trans, rreq);
+ final ServiceValidator v = new ServiceValidator();
+ if(v.perm(newPd).err()) {
+ return Result.err(Status.ERR_BadData,v.errs());
+ }
+
+ if (ques.mayUser(trans, trans.user(), newPd.value,Access.write).notOK()) {
+ return Result.err(Status.ERR_Denied, "You do not have approval to change Permission [%s.%s|%s|%s]",
+ newPd.value.ns,newPd.value.type,newPd.value.instance,newPd.value.action);
+ }
+
+ Result<NsSplit> nss = ques.deriveNsSplit(trans, origType);
+ Result<List<PermDAO.Data>> origRlpd = ques.permDAO.read(trans, nss.value.ns, nss.value.name, origInstance, origAction);
+
+ if(origRlpd.notOKorIsEmpty()) {
+ return Result.err(Status.ERR_PermissionNotFound,
+ "Permission [%s|%s|%s] does not exist",
+ origType,origInstance,origAction);
+ }
+
+ PermDAO.Data origPd = origRlpd.value.get(0);
+
+ if (!origPd.ns.equals(newPd.value.ns)) {
+ return Result.err(Status.ERR_Denied, "Cannot change namespace with rename command. " +
+ "<new type> must start with [" + origPd.ns + "]");
+ }
+
+ if ( origPd.type.equals(newPd.value.type) &&
+ origPd.action.equals(newPd.value.action) &&
+ origPd.instance.equals(newPd.value.instance) ) {
+ return Result.err(Status.ERR_ConflictAlreadyExists, "New Permission must be different than original permission");
+ }
+
+ Set<String> origRoles = origPd.roles(false);
+ if (!origRoles.isEmpty()) {
+ Set<String> roles = newPd.value.roles(true);
+ for (String role : origPd.roles) {
+ roles.add(role);
+ }
+ }
+
+ newPd.value.description = origPd.description;
+
+ Result<Void> rv = null;
+
+ rv = func.createPerm(trans, newPd.value, false);
+ if (rv.isOK()) {
+ rv = func.deletePerm(trans, origPd, true, false);
+ }
+ return rv;
+ }
+
+ @ApiDoc(
+ method = PUT,
+ path = "/authz/perm",
+ params = {},
+ expectedCode = 200,
+ errorCodes = { 404,406 },
+ text = { "Add Description Data to Perm" }
+ )
+ @Override
+ public Result<Void> updatePermDescription(AuthzTrans trans, REQUEST from) {
+ final Result<PermDAO.Data> pd = mapper.perm(trans, from);
+ final ServiceValidator v = new ServiceValidator();
+ if(v.perm(pd).err()) {
+ return Result.err(Status.ERR_BadData,v.errs());
+ }
+ if(v.nullOrBlank("description", pd.value.description).err()) {
+ return Result.err(Status.ERR_BadData,v.errs());
+ }
+ final PermDAO.Data perm = pd.value;
+ if(ques.permDAO.read(trans, perm.ns, perm.type, perm.instance,perm.action).notOKorIsEmpty()) {
+ return Result.err(Status.ERR_NotFound, "Permission [%s.%s|%s|%s] does not exist",
+ perm.ns,perm.type,perm.instance,perm.action);
+ }
+
+ if (ques.mayUser(trans, trans.user(), perm, Access.write).notOK()) {
+ return Result.err(Status.ERR_Denied, "You do not have approval to change Permission [%s.%s|%s|%s]",
+ perm.ns,perm.type,perm.instance,perm.action);
+ }
+
+ Result<List<NsDAO.Data>> nsr = ques.nsDAO.read(trans, pd.value.ns);
+ if(nsr.notOKorIsEmpty()) {
+ return Result.err(nsr);
+ }
+
+ Result<Void> rdr = ques.permDAO.addDescription(trans, perm.ns, perm.type, perm.instance,
+ perm.action, perm.description);
+ if(rdr.isOK()) {
+ return Result.ok();
+ } else {
+ return Result.err(rdr);
+ }
+
+ }
+
@ApiDoc(
method = PUT,
path = "/authz/role/perm",
@@ -1270,192 +1270,192 @@ public class AuthzCassServiceImpl <NSS,PERMS,PERMKEY,ROLES,USERS,USERROLES,DELGS
text = { "Set a permission's roles to roles given" }
)
- @Override
- public Result<Void> resetPermRoles(final AuthzTrans trans, REQUEST rreq) {
- final Result<PermDAO.Data> updt = mapper.permFromRPRequest(trans, rreq);
- if(updt.notOKorIsEmpty()) {
- return Result.err(updt);
- }
-
- final ServiceValidator v = new ServiceValidator();
- if(v.perm(updt).err()) {
- return Result.err(Status.ERR_BadData,v.errs());
- }
-
- Result<NsDAO.Data> nsd = ques.mayUser(trans, trans.user(), updt.value, Access.write);
- if (nsd.notOK()) {
- return Result.err(nsd);
- }
-
- // Read full set to get CURRENT values
- Result<List<PermDAO.Data>> rcurr = ques.permDAO.read(trans,
- updt.value.ns,
- updt.value.type,
- updt.value.instance,
- updt.value.action);
-
- if(rcurr.notOKorIsEmpty()) {
- return Result.err(Status.ERR_PermissionNotFound,
- "Permission [%s.%s|%s|%s] does not exist",
- updt.value.ns,updt.value.type,updt.value.instance,updt.value.action);
- }
-
- // Create a set of Update Roles, which are in Internal Format
- Set<String> updtRoles = new HashSet<>();
- Result<NsSplit> nss;
- for(String role : updt.value.roles(false)) {
- nss = ques.deriveNsSplit(trans, role);
- if(nss.isOK()) {
- updtRoles.add(nss.value.ns + '|' + nss.value.name);
- } else {
- trans.error().log(nss.errorString());
- }
- }
-
- Result<Void> rv = null;
-
- for(PermDAO.Data curr : rcurr.value) {
- Set<String> currRoles = curr.roles(false);
- // must add roles to this perm, and add this perm to each role
- // in the update, but not in the current
- for (String role : updtRoles) {
- if (!currRoles.contains(role)) {
- Result<RoleDAO.Data> key = RoleDAO.Data.decode(trans, ques, role);
- if(key.isOKhasData()) {
- Result<List<RoleDAO.Data>> rrd = ques.roleDAO.read(trans, key.value);
- if(rrd.isOKhasData()) {
- for(RoleDAO.Data r : rrd.value) {
- rv = func.addPermToRole(trans, r, curr, false);
- if (rv.notOK() && rv.status!=Result.ERR_ConflictAlreadyExists) {
- return Result.err(rv);
- }
- }
- } else {
- return Result.err(rrd);
- }
- }
- }
- }
- // similarly, must delete roles from this perm, and delete this perm from each role
- // in the update, but not in the current
- for (String role : currRoles) {
- if (!updtRoles.contains(role)) {
- Result<RoleDAO.Data> key = RoleDAO.Data.decode(trans, ques, role);
- if(key.isOKhasData()) {
- Result<List<RoleDAO.Data>> rdd = ques.roleDAO.read(trans, key.value);
- if(rdd.isOKhasData()) {
- for(RoleDAO.Data r : rdd.value) {
- rv = func.delPermFromRole(trans, r, curr, true);
- if (rv.notOK() && rv.status!=Status.ERR_PermissionNotFound) {
- return Result.err(rv);
- }
- }
- }
- }
- }
- }
- }
- return rv==null?Result.ok():rv;
- }
-
- @ApiDoc(
- method = DELETE,
- path = "/authz/perm",
- params = {},
- expectedCode = 200,
- errorCodes = { 404,406 },
- text = { "Delete the Permission referenced by PermKey.",
- "You cannot normally delete a permission which is still granted to roles,",
- "however the \"force\" property allows you to do just that. To do this: Add",
- "'force=true' as a query parameter.",
- "<p>WARNING: Using force will ungrant this permission from all roles. Use with care.</p>" }
- )
- @Override
- public Result<Void> deletePerm(final AuthzTrans trans, REQUEST from) {
- Result<PermDAO.Data> pd = mapper.perm(trans, from);
- if(pd.notOK()) {
- return Result.err(pd);
- }
- final ServiceValidator v = new ServiceValidator();
- if(v.nullOrBlank(pd.value).err()) {
- return Result.err(Status.ERR_BadData,v.errs());
- }
- final PermDAO.Data perm = pd.value;
- if (ques.permDAO.read(trans, perm).notOKorIsEmpty()) {
- return Result.err(Status.ERR_PermissionNotFound, "Permission [%s.%s|%s|%s] does not exist",
- perm.ns,perm.type,perm.instance,perm.action );
- }
-
- Result<FutureDAO.Data> fd = mapper.future(trans,PermDAO.TABLE,from,perm,false,
- new Mapper.Memo() {
- @Override
- public String get() {
- return "Delete Permission [" + perm.fullPerm() + ']';
- }
- },
- new MayChange() {
- private Result<NsDAO.Data> nsd;
- @Override
- public Result<?> mayChange() {
- if(nsd==null) {
- nsd = ques.mayUser(trans, trans.user(), perm, Access.write);
- }
- return nsd;
- }
- });
-
- switch(fd.status) {
- case OK:
- Result<List<NsDAO.Data>> nsr = ques.nsDAO.read(trans, perm.ns);
- if(nsr.notOKorIsEmpty()) {
- return Result.err(nsr);
- }
-
- Result<String> rfc = func.createFuture(trans, fd.value,
- perm.encode(), trans.user(),nsr.value.get(0),FUTURE_OP.D);
- if(rfc.isOK()) {
- return Result.err(Status.ACC_Future, "Perm Deletion [%s] is saved for future processing",perm.encode());
- } else {
- return Result.err(rfc);
- }
- case Status.ACC_Now:
- return func.deletePerm(trans,perm,trans.requested(force), false);
- default:
- return Result.err(fd);
- }
- }
-
- @ApiDoc(
- method = DELETE,
- path = "/authz/perm/:name/:type/:action",
- params = {"type|string|true",
- "instance|string|true",
- "action|string|true"},
- expectedCode = 200,
- errorCodes = { 404,406 },
- text = { "Delete the Permission referenced by :type :instance :action",
- "You cannot normally delete a permission which is still granted to roles,",
- "however the \"force\" property allows you to do just that. To do this: Add",
- "'force=true' as a query parameter",
- "<p>WARNING: Using force will ungrant this permission from all roles. Use with care.</p>"}
- )
- @Override
- public Result<Void> deletePerm(AuthzTrans trans, String type, String instance, String action) {
- final Validator v = new ServiceValidator();
- if(v.nullOrBlank("Type",type)
- .nullOrBlank("Instance",instance)
- .nullOrBlank("Action",action)
- .err()) {
- return Result.err(Status.ERR_BadData,v.errs());
- }
-
- Result<PermDAO.Data> pd = ques.permFrom(trans, type, instance, action);
- if(pd.isOK()) {
- return func.deletePerm(trans, pd.value, trans.requested(force), false);
- } else {
- return Result.err(pd);
- }
- }
+ @Override
+ public Result<Void> resetPermRoles(final AuthzTrans trans, REQUEST rreq) {
+ final Result<PermDAO.Data> updt = mapper.permFromRPRequest(trans, rreq);
+ if(updt.notOKorIsEmpty()) {
+ return Result.err(updt);
+ }
+
+ final ServiceValidator v = new ServiceValidator();
+ if(v.perm(updt).err()) {
+ return Result.err(Status.ERR_BadData,v.errs());
+ }
+
+ Result<NsDAO.Data> nsd = ques.mayUser(trans, trans.user(), updt.value, Access.write);
+ if (nsd.notOK()) {
+ return Result.err(nsd);
+ }
+
+ // Read full set to get CURRENT values
+ Result<List<PermDAO.Data>> rcurr = ques.permDAO.read(trans,
+ updt.value.ns,
+ updt.value.type,
+ updt.value.instance,
+ updt.value.action);
+
+ if(rcurr.notOKorIsEmpty()) {
+ return Result.err(Status.ERR_PermissionNotFound,
+ "Permission [%s.%s|%s|%s] does not exist",
+ updt.value.ns,updt.value.type,updt.value.instance,updt.value.action);
+ }
+
+ // Create a set of Update Roles, which are in Internal Format
+ Set<String> updtRoles = new HashSet<>();
+ Result<NsSplit> nss;
+ for(String role : updt.value.roles(false)) {
+ nss = ques.deriveNsSplit(trans, role);
+ if(nss.isOK()) {
+ updtRoles.add(nss.value.ns + '|' + nss.value.name);
+ } else {
+ trans.error().log(nss.errorString());
+ }
+ }
+
+ Result<Void> rv = null;
+
+ for(PermDAO.Data curr : rcurr.value) {
+ Set<String> currRoles = curr.roles(false);
+ // must add roles to this perm, and add this perm to each role
+ // in the update, but not in the current
+ for (String role : updtRoles) {
+ if (!currRoles.contains(role)) {
+ Result<RoleDAO.Data> key = RoleDAO.Data.decode(trans, ques, role);
+ if(key.isOKhasData()) {
+ Result<List<RoleDAO.Data>> rrd = ques.roleDAO.read(trans, key.value);
+ if(rrd.isOKhasData()) {
+ for(RoleDAO.Data r : rrd.value) {
+ rv = func.addPermToRole(trans, r, curr, false);
+ if (rv.notOK() && rv.status!=Result.ERR_ConflictAlreadyExists) {
+ return Result.err(rv);
+ }
+ }
+ } else {
+ return Result.err(rrd);
+ }
+ }
+ }
+ }
+ // similarly, must delete roles from this perm, and delete this perm from each role
+ // in the update, but not in the current
+ for (String role : currRoles) {
+ if (!updtRoles.contains(role)) {
+ Result<RoleDAO.Data> key = RoleDAO.Data.decode(trans, ques, role);
+ if(key.isOKhasData()) {
+ Result<List<RoleDAO.Data>> rdd = ques.roleDAO.read(trans, key.value);
+ if(rdd.isOKhasData()) {
+ for(RoleDAO.Data r : rdd.value) {
+ rv = func.delPermFromRole(trans, r, curr, true);
+ if (rv.notOK() && rv.status!=Status.ERR_PermissionNotFound) {
+ return Result.err(rv);
+ }
+ }
+ }
+ }
+ }
+ }
+ }
+ return rv==null?Result.ok():rv;
+ }
+
+ @ApiDoc(
+ method = DELETE,
+ path = "/authz/perm",
+ params = {},
+ expectedCode = 200,
+ errorCodes = { 404,406 },
+ text = { "Delete the Permission referenced by PermKey.",
+ "You cannot normally delete a permission which is still granted to roles,",
+ "however the \"force\" property allows you to do just that. To do this: Add",
+ "'force=true' as a query parameter.",
+ "<p>WARNING: Using force will ungrant this permission from all roles. Use with care.</p>" }
+ )
+ @Override
+ public Result<Void> deletePerm(final AuthzTrans trans, REQUEST from) {
+ Result<PermDAO.Data> pd = mapper.perm(trans, from);
+ if(pd.notOK()) {
+ return Result.err(pd);
+ }
+ final ServiceValidator v = new ServiceValidator();
+ if(v.nullOrBlank(pd.value).err()) {
+ return Result.err(Status.ERR_BadData,v.errs());
+ }
+ final PermDAO.Data perm = pd.value;
+ if (ques.permDAO.read(trans, perm).notOKorIsEmpty()) {
+ return Result.err(Status.ERR_PermissionNotFound, "Permission [%s.%s|%s|%s] does not exist",
+ perm.ns,perm.type,perm.instance,perm.action );
+ }
+
+ Result<FutureDAO.Data> fd = mapper.future(trans,PermDAO.TABLE,from,perm,false,
+ new Mapper.Memo() {
+ @Override
+ public String get() {
+ return "Delete Permission [" + perm.fullPerm() + ']';
+ }
+ },
+ new MayChange() {
+ private Result<NsDAO.Data> nsd;
+ @Override
+ public Result<?> mayChange() {
+ if(nsd==null) {
+ nsd = ques.mayUser(trans, trans.user(), perm, Access.write);
+ }
+ return nsd;
+ }
+ });
+
+ switch(fd.status) {
+ case OK:
+ Result<List<NsDAO.Data>> nsr = ques.nsDAO.read(trans, perm.ns);
+ if(nsr.notOKorIsEmpty()) {
+ return Result.err(nsr);
+ }
+
+ Result<String> rfc = func.createFuture(trans, fd.value,
+ perm.encode(), trans.user(),nsr.value.get(0),FUTURE_OP.D);
+ if(rfc.isOK()) {
+ return Result.err(Status.ACC_Future, "Perm Deletion [%s] is saved for future processing",perm.encode());
+ } else {
+ return Result.err(rfc);
+ }
+ case Status.ACC_Now:
+ return func.deletePerm(trans,perm,trans.requested(force), false);
+ default:
+ return Result.err(fd);
+ }
+ }
+
+ @ApiDoc(
+ method = DELETE,
+ path = "/authz/perm/:name/:type/:action",
+ params = {"type|string|true",
+ "instance|string|true",
+ "action|string|true"},
+ expectedCode = 200,
+ errorCodes = { 404,406 },
+ text = { "Delete the Permission referenced by :type :instance :action",
+ "You cannot normally delete a permission which is still granted to roles,",
+ "however the \"force\" property allows you to do just that. To do this: Add",
+ "'force=true' as a query parameter",
+ "<p>WARNING: Using force will ungrant this permission from all roles. Use with care.</p>"}
+ )
+ @Override
+ public Result<Void> deletePerm(AuthzTrans trans, String type, String instance, String action) {
+ final Validator v = new ServiceValidator();
+ if(v.nullOrBlank("Type",type)
+ .nullOrBlank("Instance",instance)
+ .nullOrBlank("Action",action)
+ .err()) {
+ return Result.err(Status.ERR_BadData,v.errs());
+ }
+
+ Result<PermDAO.Data> pd = ques.permFrom(trans, type, instance, action);
+ if(pd.isOK()) {
+ return func.deletePerm(trans, pd.value, trans.requested(force), false);
+ } else {
+ return Result.err(pd);
+ }
+ }
/***********************************
* ROLE
@@ -1481,69 +1481,69 @@ public class AuthzCassServiceImpl <NSS,PERMS,PERMKEY,ROLES,USERS,USERROLES,DELGS
"<li>'Does this person perform this Job Function?'</li></ul>" }
)
- @Override
- public Result<Void> createRole(final AuthzTrans trans, REQUEST from) {
- final Result<RoleDAO.Data> rd = mapper.role(trans, from);
- final ServiceValidator v = new ServiceValidator();
- if(v.role(rd).err()) {
- return Result.err(Status.ERR_BadData,v.errs());
- }
- final RoleDAO.Data role = rd.value;
- if(ques.roleDAO.read(trans, role.ns, role.name).isOKhasData()) {
- return Result.err(Status.ERR_ConflictAlreadyExists, "Role [" + role.fullName() + "] already exists");
- }
-
- Result<FutureDAO.Data> fd = mapper.future(trans,RoleDAO.TABLE,from,role,false,
- new Mapper.Memo() {
- @Override
- public String get() {
- return "Create Role [" +
- rd.value.fullName() +
- ']';
- }
- },
- new MayChange() {
- private Result<NsDAO.Data> nsd;
- @Override
- public Result<?> mayChange() {
- if(nsd==null) {
- nsd = ques.mayUser(trans, trans.user(), role, Access.write);
- }
- return nsd;
- }
- });
-
- Result<List<NsDAO.Data>> nsr = ques.nsDAO.read(trans, rd.value.ns);
- if(nsr.notOKorIsEmpty()) {
- return Result.err(nsr);
- }
-
- switch(fd.status) {
- case OK:
- Result<String> rfc = func.createFuture(trans, fd.value,
- role.encode(), trans.user(),nsr.value.get(0),FUTURE_OP.C);
- if(rfc.isOK()) {
- return Result.err(Status.ACC_Future, "Role [%s.%s] is saved for future processing",
- rd.value.ns,
- rd.value.name);
- } else {
- return Result.err(rfc);
- }
- case Status.ACC_Now:
- Result<RoleDAO.Data> rdr = ques.roleDAO.create(trans, role);
- if(rdr.isOK()) {
- return Result.ok();
- } else {
- return Result.err(rdr);
- }
- default:
- return Result.err(fd);
- }
- }
-
- /* (non-Javadoc)
- * @see org.onap.aaf.auth.service.AuthzService#getRolesByName(org.onap.aaf.auth.env.test.AuthzTrans, java.lang.String)
- */
+ @Override
+ public Result<Void> createRole(final AuthzTrans trans, REQUEST from) {
+ final Result<RoleDAO.Data> rd = mapper.role(trans, from);
+ final ServiceValidator v = new ServiceValidator();
+ if(v.role(rd).err()) {
+ return Result.err(Status.ERR_BadData,v.errs());
+ }
+ final RoleDAO.Data role = rd.value;
+ if(ques.roleDAO.read(trans, role.ns, role.name).isOKhasData()) {
+ return Result.err(Status.ERR_ConflictAlreadyExists, "Role [" + role.fullName() + "] already exists");
+ }
+
+ Result<FutureDAO.Data> fd = mapper.future(trans,RoleDAO.TABLE,from,role,false,
+ new Mapper.Memo() {
+ @Override
+ public String get() {
+ return "Create Role [" +
+ rd.value.fullName() +
+ ']';
+ }
+ },
+ new MayChange() {
+ private Result<NsDAO.Data> nsd;
+ @Override
+ public Result<?> mayChange() {
+ if(nsd==null) {
+ nsd = ques.mayUser(trans, trans.user(), role, Access.write);
+ }
+ return nsd;
+ }
+ });
+
+ Result<List<NsDAO.Data>> nsr = ques.nsDAO.read(trans, rd.value.ns);
+ if(nsr.notOKorIsEmpty()) {
+ return Result.err(nsr);
+ }
+
+ switch(fd.status) {
+ case OK:
+ Result<String> rfc = func.createFuture(trans, fd.value,
+ role.encode(), trans.user(),nsr.value.get(0),FUTURE_OP.C);
+ if(rfc.isOK()) {
+ return Result.err(Status.ACC_Future, "Role [%s.%s] is saved for future processing",
+ rd.value.ns,
+ rd.value.name);
+ } else {
+ return Result.err(rfc);
+ }
+ case Status.ACC_Now:
+ Result<RoleDAO.Data> rdr = ques.roleDAO.create(trans, role);
+ if(rdr.isOK()) {
+ return Result.ok();
+ } else {
+ return Result.err(rdr);
+ }
+ default:
+ return Result.err(fd);
+ }
+ }
+
+ /* (non-Javadoc)
+ * @see org.onap.aaf.auth.service.AuthzService#getRolesByName(org.onap.aaf.auth.env.test.AuthzTrans, java.lang.String)
+ */
@ApiDoc(
method = GET,
path = "/authz/roles/:role",
@@ -1551,42 +1551,42 @@ public class AuthzCassServiceImpl <NSS,PERMS,PERMKEY,ROLES,USERS,USERROLES,DELGS
expectedCode = 200,
errorCodes = {404,406},
text = { "List Roles that match :role",
- "Note: You must have permission to see any given role"
- }
+ "Note: You must have permission to see any given role"
+ }
)
- @Override
- public Result<ROLES> getRolesByName(AuthzTrans trans, String role) {
- final Validator v = new ServiceValidator();
- if(v.nullOrBlank("Role", role).err()) {
- return Result.err(Status.ERR_BadData,v.errs());
- }
-
- // Determine if User can ask this question
- Result<RoleDAO.Data> rrdd = RoleDAO.Data.decode(trans, ques, role);
- if(rrdd.isOKhasData()) {
- Result<NsDAO.Data> r;
- if((r = ques.mayUser(trans, trans.user(), rrdd.value, Access.read)).notOK()) {
- return Result.err(r);
- }
- } else {
- return Result.err(rrdd);
- }
-
- // Look up data
- int query = role.indexOf('?');
- Result<List<RoleDAO.Data>> rlrd = ques.getRolesByName(trans, query<0?role:role.substring(0, query));
- if(rlrd.isOK()) {
- // Note: Mapper will restrict what can be viewed
- ROLES roles = mapper.newInstance(API.ROLES);
- return mapper.roles(trans, rlrd.value, roles, true);
- } else {
- return Result.err(rlrd);
- }
- }
-
- /* (non-Javadoc)
- * @see org.onap.aaf.auth.service.AuthzService#getRolesByUser(org.onap.aaf.auth.env.test.AuthzTrans, java.lang.String)
- */
+ @Override
+ public Result<ROLES> getRolesByName(AuthzTrans trans, String role) {
+ final Validator v = new ServiceValidator();
+ if(v.nullOrBlank("Role", role).err()) {
+ return Result.err(Status.ERR_BadData,v.errs());
+ }
+
+ // Determine if User can ask this question
+ Result<RoleDAO.Data> rrdd = RoleDAO.Data.decode(trans, ques, role);
+ if(rrdd.isOKhasData()) {
+ Result<NsDAO.Data> r;
+ if((r = ques.mayUser(trans, trans.user(), rrdd.value, Access.read)).notOK()) {
+ return Result.err(r);
+ }
+ } else {
+ return Result.err(rrdd);
+ }
+
+ // Look up data
+ int query = role.indexOf('?');
+ Result<List<RoleDAO.Data>> rlrd = ques.getRolesByName(trans, query<0?role:role.substring(0, query));
+ if(rlrd.isOK()) {
+ // Note: Mapper will restrict what can be viewed
+ ROLES roles = mapper.newInstance(API.ROLES);
+ return mapper.roles(trans, rlrd.value, roles, true);
+ } else {
+ return Result.err(rlrd);
+ }
+ }
+
+ /* (non-Javadoc)
+ * @see org.onap.aaf.auth.service.AuthzService#getRolesByUser(org.onap.aaf.auth.env.test.AuthzTrans, java.lang.String)
+ */
@ApiDoc(
method = GET,
path = "/authz/roles/user/:name",
@@ -1594,39 +1594,39 @@ public class AuthzCassServiceImpl <NSS,PERMS,PERMKEY,ROLES,USERS,USERROLES,DELGS
expectedCode = 200,
errorCodes = {404,406},
text = { "List all Roles that match user :name",
- "'user' must be expressed as full identity (ex: id@full.domain.com)",
- "Note: You must have permission to see any given role"
+ "'user' must be expressed as full identity (ex: id@full.domain.com)",
+ "Note: You must have permission to see any given role"
}
)
- @Override
- public Result<ROLES> getRolesByUser(AuthzTrans trans, String user) {
- final Validator v = new ServiceValidator();
- if(v.nullOrBlank("User", user).err()) {
- return Result.err(Status.ERR_BadData,v.errs());
- }
-
- ROLES roles = mapper.newInstance(API.ROLES);
- // Get list of roles per user, then add to Roles as we go
- Result<List<RoleDAO.Data>> rlrd;
- Result<List<UserRoleDAO.Data>> rlurd = ques.userRoleDAO.readByUser(trans, user);
- if(rlurd.isOKhasData()) {
- for(UserRoleDAO.Data urd : rlurd.value ) {
- rlrd = ques.roleDAO.read(trans, urd.ns,urd.rname);
- // Note: Mapper will restrict what can be viewed
- // if user is the same as that which is looked up, no filtering is required
- if(rlrd.isOKhasData()) {
- mapper.roles(trans, rlrd.value,roles, !user.equals(trans.user()));
- }
- }
- }
- return Result.ok(roles);
- }
-
- /*
- * (non-Javadoc)
- * @see org.onap.aaf.auth.service.AuthzService#getRolesByNS(org.onap.aaf.auth.env.test.AuthzTrans, java.lang.String)
- */
+ @Override
+ public Result<ROLES> getRolesByUser(AuthzTrans trans, String user) {
+ final Validator v = new ServiceValidator();
+ if(v.nullOrBlank("User", user).err()) {
+ return Result.err(Status.ERR_BadData,v.errs());
+ }
+
+ ROLES roles = mapper.newInstance(API.ROLES);
+ // Get list of roles per user, then add to Roles as we go
+ Result<List<RoleDAO.Data>> rlrd;
+ Result<List<UserRoleDAO.Data>> rlurd = ques.userRoleDAO.readByUser(trans, user);
+ if(rlurd.isOKhasData()) {
+ for(UserRoleDAO.Data urd : rlurd.value ) {
+ rlrd = ques.roleDAO.read(trans, urd.ns,urd.rname);
+ // Note: Mapper will restrict what can be viewed
+ // if user is the same as that which is looked up, no filtering is required
+ if(rlrd.isOKhasData()) {
+ mapper.roles(trans, rlrd.value,roles, !user.equals(trans.user()));
+ }
+ }
+ }
+ return Result.ok(roles);
+ }
+
+ /*
+ * (non-Javadoc)
+ * @see org.onap.aaf.auth.service.AuthzService#getRolesByNS(org.onap.aaf.auth.env.test.AuthzTrans, java.lang.String)
+ */
@ApiDoc(
method = GET,
path = "/authz/roles/ns/:ns",
@@ -1634,50 +1634,50 @@ public class AuthzCassServiceImpl <NSS,PERMS,PERMKEY,ROLES,USERS,USERROLES,DELGS
expectedCode = 200,
errorCodes = {404,406},
text = { "List all Roles for the Namespace :ns",
- "Note: You must have permission to see any given role"
+ "Note: You must have permission to see any given role"
}
)
- @Override
- public Result<ROLES> getRolesByNS(AuthzTrans trans, String ns) {
- final Validator v = new ServiceValidator();
- if(v.nullOrBlank("NS", ns).err()) {
- return Result.err(Status.ERR_BadData,v.errs());
- }
-
- // check if user is allowed to view NS
- Result<NsDAO.Data> rnsd = ques.deriveNs(trans, ns);
- if(rnsd.notOK()) {
- return Result.err(rnsd);
- }
- rnsd = ques.mayUser(trans, trans.user(), rnsd.value, Access.read);
- if(rnsd.notOK()) {
- return Result.err(rnsd);
- }
-
- TimeTaken tt = trans.start("MAP Roles by NS to Roles", Env.SUB);
- try {
- ROLES roles = mapper.newInstance(API.ROLES);
- // Get list of roles per user, then add to Roles as we go
- Result<List<RoleDAO.Data>> rlrd = ques.roleDAO.readNS(trans, ns);
- if(rlrd.isOK()) {
- if(!rlrd.isEmpty()) {
- // Note: Mapper doesn't need to restrict what can be viewed, because we did it already.
- mapper.roles(trans,rlrd.value,roles,false);
- }
- return Result.ok(roles);
- } else {
- return Result.err(rlrd);
- }
- } finally {
- tt.done();
- }
- }
-
- /*
- * (non-Javadoc)
- * @see org.onap.aaf.auth.service.AuthzService#getRolesByNS(org.onap.aaf.auth.env.test.AuthzTrans, java.lang.String)
- */
+ @Override
+ public Result<ROLES> getRolesByNS(AuthzTrans trans, String ns) {
+ final Validator v = new ServiceValidator();
+ if(v.nullOrBlank("NS", ns).err()) {
+ return Result.err(Status.ERR_BadData,v.errs());
+ }
+
+ // check if user is allowed to view NS
+ Result<NsDAO.Data> rnsd = ques.deriveNs(trans, ns);
+ if(rnsd.notOK()) {
+ return Result.err(rnsd);
+ }
+ rnsd = ques.mayUser(trans, trans.user(), rnsd.value, Access.read);
+ if(rnsd.notOK()) {
+ return Result.err(rnsd);
+ }
+
+ TimeTaken tt = trans.start("MAP Roles by NS to Roles", Env.SUB);
+ try {
+ ROLES roles = mapper.newInstance(API.ROLES);
+ // Get list of roles per user, then add to Roles as we go
+ Result<List<RoleDAO.Data>> rlrd = ques.roleDAO.readNS(trans, ns);
+ if(rlrd.isOK()) {
+ if(!rlrd.isEmpty()) {
+ // Note: Mapper doesn't need to restrict what can be viewed, because we did it already.
+ mapper.roles(trans,rlrd.value,roles,false);
+ }
+ return Result.ok(roles);
+ } else {
+ return Result.err(rlrd);
+ }
+ } finally {
+ tt.done();
+ }
+ }
+
+ /*
+ * (non-Javadoc)
+ * @see org.onap.aaf.auth.service.AuthzService#getRolesByNS(org.onap.aaf.auth.env.test.AuthzTrans, java.lang.String)
+ */
@ApiDoc(
method = GET,
path = "/authz/roles/name/:name",
@@ -1685,36 +1685,36 @@ public class AuthzCassServiceImpl <NSS,PERMS,PERMKEY,ROLES,USERS,USERROLES,DELGS
expectedCode = 200,
errorCodes = {404,406},
text = { "List all Roles for only the Name of Role (without Namespace)",
- "Note: You must have permission to see any given role"
+ "Note: You must have permission to see any given role"
}
)
- @Override
- public Result<ROLES> getRolesByNameOnly(AuthzTrans trans, String name) {
- final Validator v = new ServiceValidator();
- if(v.nullOrBlank("Name", name).err()) {
- return Result.err(Status.ERR_BadData,v.errs());
- }
-
- // User Mapper to make sure user is allowed to view NS
-
- TimeTaken tt = trans.start("MAP Roles by Name to Roles", Env.SUB);
- try {
- ROLES roles = mapper.newInstance(API.ROLES);
- // Get list of roles per user, then add to Roles as we go
- Result<List<RoleDAO.Data>> rlrd = ques.roleDAO.readName(trans, name);
- if(rlrd.isOK()) {
- if(!rlrd.isEmpty()) {
- // Note: Mapper will restrict what can be viewed
- mapper.roles(trans,rlrd.value,roles,true);
- }
- return Result.ok(roles);
- } else {
- return Result.err(rlrd);
- }
- } finally {
- tt.done();
- }
- }
+ @Override
+ public Result<ROLES> getRolesByNameOnly(AuthzTrans trans, String name) {
+ final Validator v = new ServiceValidator();
+ if(v.nullOrBlank("Name", name).err()) {
+ return Result.err(Status.ERR_BadData,v.errs());
+ }
+
+ // User Mapper to make sure user is allowed to view NS
+
+ TimeTaken tt = trans.start("MAP Roles by Name to Roles", Env.SUB);
+ try {
+ ROLES roles = mapper.newInstance(API.ROLES);
+ // Get list of roles per user, then add to Roles as we go
+ Result<List<RoleDAO.Data>> rlrd = ques.roleDAO.readName(trans, name);
+ if(rlrd.isOK()) {
+ if(!rlrd.isEmpty()) {
+ // Note: Mapper will restrict what can be viewed
+ mapper.roles(trans,rlrd.value,roles,true);
+ }
+ return Result.ok(roles);
+ } else {
+ return Result.err(rlrd);
+ }
+ } finally {
+ tt.done();
+ }
+ }
@ApiDoc(
method = GET,
@@ -1732,52 +1732,52 @@ public class AuthzCassServiceImpl <NSS,PERMS,PERMKEY,ROLES,USERS,USERROLES,DELGS
+ " instance of the type</li>",
"<li>action - what kind of action is allowed</li></ul>",
"Notes: instance and action can be an *",
- " You must have permission to see any given role"
+ " You must have permission to see any given role"
}
)
- @Override
- public Result<ROLES> getRolesByPerm(AuthzTrans trans, String type, String instance, String action) {
- final Validator v = new ServiceValidator();
- if(v.permType(type)
- .permInstance(instance)
- .permAction(action)
- .err()) {
- return Result.err(Status.ERR_BadData,v.errs());
- }
-
- TimeTaken tt = trans.start("Map Perm Roles Roles", Env.SUB);
- try {
- ROLES roles = mapper.newInstance(API.ROLES);
- // Get list of roles per user, then add to Roles as we go
- Result<NsSplit> nsSplit = ques.deriveNsSplit(trans, type);
- if(nsSplit.isOK()) {
- PermDAO.Data pdd = new PermDAO.Data(nsSplit.value, instance, action);
- Result<?> res;
- if((res=ques.mayUser(trans, trans.user(), pdd, Question.Access.read)).notOK()) {
- return Result.err(res);
- }
-
- Result<List<PermDAO.Data>> pdlr = ques.permDAO.read(trans, pdd);
- if(pdlr.isOK())for(PermDAO.Data pd : pdlr.value) {
- Result<List<RoleDAO.Data>> rlrd;
- for(String r : pd.roles) {
- Result<String[]> rs = RoleDAO.Data.decodeToArray(trans, ques, r);
- if(rs.isOK()) {
- rlrd = ques.roleDAO.read(trans, rs.value[0],rs.value[1]);
- // Note: Mapper will restrict what can be viewed
- if(rlrd.isOKhasData()) {
- mapper.roles(trans,rlrd.value,roles,true);
- }
- }
- }
- }
- }
- return Result.ok(roles);
- } finally {
- tt.done();
- }
- }
+ @Override
+ public Result<ROLES> getRolesByPerm(AuthzTrans trans, String type, String instance, String action) {
+ final Validator v = new ServiceValidator();
+ if(v.permType(type)
+ .permInstance(instance)
+ .permAction(action)
+ .err()) {
+ return Result.err(Status.ERR_BadData,v.errs());
+ }
+
+ TimeTaken tt = trans.start("Map Perm Roles Roles", Env.SUB);
+ try {
+ ROLES roles = mapper.newInstance(API.ROLES);
+ // Get list of roles per user, then add to Roles as we go
+ Result<NsSplit> nsSplit = ques.deriveNsSplit(trans, type);
+ if(nsSplit.isOK()) {
+ PermDAO.Data pdd = new PermDAO.Data(nsSplit.value, instance, action);
+ Result<?> res;
+ if((res=ques.mayUser(trans, trans.user(), pdd, Question.Access.read)).notOK()) {
+ return Result.err(res);
+ }
+
+ Result<List<PermDAO.Data>> pdlr = ques.permDAO.read(trans, pdd);
+ if(pdlr.isOK())for(PermDAO.Data pd : pdlr.value) {
+ Result<List<RoleDAO.Data>> rlrd;
+ for(String r : pd.roles) {
+ Result<String[]> rs = RoleDAO.Data.decodeToArray(trans, ques, r);
+ if(rs.isOK()) {
+ rlrd = ques.roleDAO.read(trans, rs.value[0],rs.value[1]);
+ // Note: Mapper will restrict what can be viewed
+ if(rlrd.isOKhasData()) {
+ mapper.roles(trans,rlrd.value,roles,true);
+ }
+ }
+ }
+ }
+ }
+ return Result.ok(roles);
+ } finally {
+ tt.done();
+ }
+ }
@ApiDoc(
method = PUT,
@@ -1788,40 +1788,40 @@ public class AuthzCassServiceImpl <NSS,PERMS,PERMKEY,ROLES,USERS,USERROLES,DELGS
text = { "Add Description Data to a Role" }
)
- @Override
- public Result<Void> updateRoleDescription(AuthzTrans trans, REQUEST from) {
- final Result<RoleDAO.Data> rd = mapper.role(trans, from);
- final ServiceValidator v = new ServiceValidator();
- if(v.role(rd).err()) {
- return Result.err(Status.ERR_BadData,v.errs());
- } {
- if(v.nullOrBlank("description", rd.value.description).err()) {
- return Result.err(Status.ERR_BadData,v.errs());
- }
- }
- final RoleDAO.Data role = rd.value;
- if(ques.roleDAO.read(trans, role.ns, role.name).notOKorIsEmpty()) {
- return Result.err(Status.ERR_NotFound, "Role [" + role.fullName() + "] does not exist");
- }
-
- if (ques.mayUser(trans, trans.user(), role, Access.write).notOK()) {
- return Result.err(Status.ERR_Denied, "You do not have approval to change " + role.fullName());
- }
-
- Result<List<NsDAO.Data>> nsr = ques.nsDAO.read(trans, rd.value.ns);
- if(nsr.notOKorIsEmpty()) {
- return Result.err(nsr);
- }
-
- Result<Void> rdr = ques.roleDAO.addDescription(trans, role.ns, role.name, role.description);
- if(rdr.isOK()) {
- return Result.ok();
- } else {
- return Result.err(rdr);
- }
-
- }
-
+ @Override
+ public Result<Void> updateRoleDescription(AuthzTrans trans, REQUEST from) {
+ final Result<RoleDAO.Data> rd = mapper.role(trans, from);
+ final ServiceValidator v = new ServiceValidator();
+ if(v.role(rd).err()) {
+ return Result.err(Status.ERR_BadData,v.errs());
+ } {
+ if(v.nullOrBlank("description", rd.value.description).err()) {
+ return Result.err(Status.ERR_BadData,v.errs());
+ }
+ }
+ final RoleDAO.Data role = rd.value;
+ if(ques.roleDAO.read(trans, role.ns, role.name).notOKorIsEmpty()) {
+ return Result.err(Status.ERR_NotFound, "Role [" + role.fullName() + "] does not exist");
+ }
+
+ if (ques.mayUser(trans, trans.user(), role, Access.write).notOK()) {
+ return Result.err(Status.ERR_Denied, "You do not have approval to change " + role.fullName());
+ }
+
+ Result<List<NsDAO.Data>> nsr = ques.nsDAO.read(trans, rd.value.ns);
+ if(nsr.notOKorIsEmpty()) {
+ return Result.err(nsr);
+ }
+
+ Result<Void> rdr = ques.roleDAO.addDescription(trans, role.ns, role.name, role.description);
+ if(rdr.isOK()) {
+ return Result.ok();
+ } else {
+ return Result.err(rdr);
+ }
+
+ }
+
@ApiDoc(
method = POST,
path = "/authz/role/perm",
@@ -1839,117 +1839,117 @@ public class AuthzCassServiceImpl <NSS,PERMS,PERMKEY,ROLES,USERS,USERROLES,DELGS
"Note: Using the \"force\" property will create the Permission, if it doesn't exist AND the requesting " +
" ID is allowed to create. It will then grant",
" the permission to the role in one step. To do this: add 'force=true' as a query parameter."
- }
+ }
)
- @Override
- public Result<Void> addPermToRole(final AuthzTrans trans, REQUEST rreq) {
- // Translate Request into Perm and Role Objects
- final Result<PermDAO.Data> rpd = mapper.permFromRPRequest(trans, rreq);
- if(rpd.notOKorIsEmpty()) {
- return Result.err(rpd);
- }
- final Result<RoleDAO.Data> rrd = mapper.roleFromRPRequest(trans, rreq);
- if(rrd.notOKorIsEmpty()) {
- return Result.err(rrd);
- }
-
- // Validate Role and Perm values
- final ServiceValidator v = new ServiceValidator();
- if(v.perm(rpd.value)
- .role(rrd.value)
- .err()) {
- return Result.err(Status.ERR_BadData,v.errs());
- }
-
- Result<List<RoleDAO.Data>> rlrd = ques.roleDAO.read(trans, rrd.value.ns, rrd.value.name);
- if(rlrd.notOKorIsEmpty()) {
- return Result.err(Status.ERR_RoleNotFound, "Role [%s] does not exist", rrd.value.fullName());
- }
-
- // Check Status of Data in DB (does it exist)
- Result<List<PermDAO.Data>> rlpd = ques.permDAO.read(trans, rpd.value.ns,
- rpd.value.type, rpd.value.instance, rpd.value.action);
- PermDAO.Data createPerm = null; // if not null, create first
- if(rlpd.notOKorIsEmpty()) { // Permission doesn't exist
- if(trans.requested(force)) {
- // Remove roles from perm data object so we just create the perm here
- createPerm = rpd.value;
- createPerm.roles.clear();
- } else {
- return Result.err(Status.ERR_PermissionNotFound,"Permission [%s.%s|%s|%s] does not exist",
- rpd.value.ns,rpd.value.type,rpd.value.instance,rpd.value.action);
- }
- } else {
- if (rlpd.value.get(0).roles(false).contains(rrd.value.encode())) {
- return Result.err(Status.ERR_ConflictAlreadyExists,
- "Permission [%s.%s|%s|%s] already granted to Role [%s.%s]",
- rpd.value.ns,rpd.value.type,rpd.value.instance,rpd.value.action,
- rrd.value.ns,rrd.value.name
- );
- }
- }
-
-
- Result<FutureDAO.Data> fd = mapper.future(trans, PermDAO.TABLE, rreq, rpd.value,true, // Allow grants to create Approvals
- new Mapper.Memo() {
- @Override
- public String get() {
- return "Grant Permission [" + rpd.value.fullPerm() + ']' +
- " to Role [" + rrd.value.fullName() + "]";
- }
- },
- new MayChange() {
- private Result<NsDAO.Data> nsd;
- @Override
- public Result<?> mayChange() {
- if(nsd==null) {
- nsd = ques.mayUser(trans, trans.user(), rpd.value, Access.write);
- }
- return nsd;
- }
- });
- Result<List<NsDAO.Data>> nsr = ques.nsDAO.read(trans, rpd.value.ns);
- if(nsr.notOKorIsEmpty()) {
- return Result.err(nsr);
- }
- switch(fd.status) {
- case OK:
- Result<String> rfc = func.createFuture(trans,fd.value,
- rpd.value.fullPerm(),
- trans.user(),
- nsr.value.get(0),
- FUTURE_OP.G);
- if(rfc.isOK()) {
- return Result.err(Status.ACC_Future, "Perm [%s.%s|%s|%s] is saved for future processing",
- rpd.value.ns,
- rpd.value.type,
- rpd.value.instance,
- rpd.value.action);
- } else {
- return Result.err(rfc);
- }
- case Status.ACC_Now:
- Result<Void> rv = null;
- if(createPerm!=null) {// has been validated for creating
- rv = func.createPerm(trans, createPerm, false);
- }
- if(rv==null || rv.isOK()) {
- rv = func.addPermToRole(trans, rrd.value, rpd.value, false);
- }
- return rv;
- default:
- return Result.err(fd);
- }
-
- }
-
- /**
- * Delete Perms from Roles (UnGrant)
- * @param trans
- * @param roleFullName
- * @return
- */
+ @Override
+ public Result<Void> addPermToRole(final AuthzTrans trans, REQUEST rreq) {
+ // Translate Request into Perm and Role Objects
+ final Result<PermDAO.Data> rpd = mapper.permFromRPRequest(trans, rreq);
+ if(rpd.notOKorIsEmpty()) {
+ return Result.err(rpd);
+ }
+ final Result<RoleDAO.Data> rrd = mapper.roleFromRPRequest(trans, rreq);
+ if(rrd.notOKorIsEmpty()) {
+ return Result.err(rrd);
+ }
+
+ // Validate Role and Perm values
+ final ServiceValidator v = new ServiceValidator();
+ if(v.perm(rpd.value)
+ .role(rrd.value)
+ .err()) {
+ return Result.err(Status.ERR_BadData,v.errs());
+ }
+
+ Result<List<RoleDAO.Data>> rlrd = ques.roleDAO.read(trans, rrd.value.ns, rrd.value.name);
+ if(rlrd.notOKorIsEmpty()) {
+ return Result.err(Status.ERR_RoleNotFound, "Role [%s] does not exist", rrd.value.fullName());
+ }
+
+ // Check Status of Data in DB (does it exist)
+ Result<List<PermDAO.Data>> rlpd = ques.permDAO.read(trans, rpd.value.ns,
+ rpd.value.type, rpd.value.instance, rpd.value.action);
+ PermDAO.Data createPerm = null; // if not null, create first
+ if(rlpd.notOKorIsEmpty()) { // Permission doesn't exist
+ if(trans.requested(force)) {
+ // Remove roles from perm data object so we just create the perm here
+ createPerm = rpd.value;
+ createPerm.roles.clear();
+ } else {
+ return Result.err(Status.ERR_PermissionNotFound,"Permission [%s.%s|%s|%s] does not exist",
+ rpd.value.ns,rpd.value.type,rpd.value.instance,rpd.value.action);
+ }
+ } else {
+ if (rlpd.value.get(0).roles(false).contains(rrd.value.encode())) {
+ return Result.err(Status.ERR_ConflictAlreadyExists,
+ "Permission [%s.%s|%s|%s] already granted to Role [%s.%s]",
+ rpd.value.ns,rpd.value.type,rpd.value.instance,rpd.value.action,
+ rrd.value.ns,rrd.value.name
+ );
+ }
+ }
+
+
+ Result<FutureDAO.Data> fd = mapper.future(trans, PermDAO.TABLE, rreq, rpd.value,true, // Allow grants to create Approvals
+ new Mapper.Memo() {
+ @Override
+ public String get() {
+ return "Grant Permission [" + rpd.value.fullPerm() + ']' +
+ " to Role [" + rrd.value.fullName() + "]";
+ }
+ },
+ new MayChange() {
+ private Result<NsDAO.Data> nsd;
+ @Override
+ public Result<?> mayChange() {
+ if(nsd==null) {
+ nsd = ques.mayUser(trans, trans.user(), rpd.value, Access.write);
+ }
+ return nsd;
+ }
+ });
+ Result<List<NsDAO.Data>> nsr = ques.nsDAO.read(trans, rpd.value.ns);
+ if(nsr.notOKorIsEmpty()) {
+ return Result.err(nsr);
+ }
+ switch(fd.status) {
+ case OK:
+ Result<String> rfc = func.createFuture(trans,fd.value,
+ rpd.value.fullPerm(),
+ trans.user(),
+ nsr.value.get(0),
+ FUTURE_OP.G);
+ if(rfc.isOK()) {
+ return Result.err(Status.ACC_Future, "Perm [%s.%s|%s|%s] is saved for future processing",
+ rpd.value.ns,
+ rpd.value.type,
+ rpd.value.instance,
+ rpd.value.action);
+ } else {
+ return Result.err(rfc);
+ }
+ case Status.ACC_Now:
+ Result<Void> rv = null;
+ if(createPerm!=null) {// has been validated for creating
+ rv = func.createPerm(trans, createPerm, false);
+ }
+ if(rv==null || rv.isOK()) {
+ rv = func.addPermToRole(trans, rrd.value, rpd.value, false);
+ }
+ return rv;
+ default:
+ return Result.err(fd);
+ }
+
+ }
+
+ /**
+ * Delete Perms from Roles (UnGrant)
+ * @param trans
+ * @param roleFullName
+ * @return
+ */
@ApiDoc(
method = DELETE,
path = "/authz/role/:role/perm",
@@ -1959,132 +1959,132 @@ public class AuthzCassServiceImpl <NSS,PERMS,PERMKEY,ROLES,USERS,USERROLES,DELGS
text = { "Ungrant a permission from Role :role" }
)
- @Override
- public Result<Void> delPermFromRole(final AuthzTrans trans, REQUEST rreq) {
- final Result<PermDAO.Data> updt = mapper.permFromRPRequest(trans, rreq);
- if(updt.notOKorIsEmpty()) {
- return Result.err(updt);
- }
- final Result<RoleDAO.Data> rrd = mapper.roleFromRPRequest(trans, rreq);
- if(rrd.notOKorIsEmpty()) {
- return Result.err(rrd);
- }
-
- final ServiceValidator v = new ServiceValidator();
- if(v.nullOrBlank(updt.value)
- .nullOrBlank(rrd.value)
- .err()) {
- return Result.err(Status.ERR_BadData,v.errs());
- }
-
- return delPermFromRole(trans, updt.value,rrd.value, rreq);
+ @Override
+ public Result<Void> delPermFromRole(final AuthzTrans trans, REQUEST rreq) {
+ final Result<PermDAO.Data> updt = mapper.permFromRPRequest(trans, rreq);
+ if(updt.notOKorIsEmpty()) {
+ return Result.err(updt);
+ }
+ final Result<RoleDAO.Data> rrd = mapper.roleFromRPRequest(trans, rreq);
+ if(rrd.notOKorIsEmpty()) {
+ return Result.err(rrd);
+ }
+
+ final ServiceValidator v = new ServiceValidator();
+ if(v.nullOrBlank(updt.value)
+ .nullOrBlank(rrd.value)
+ .err()) {
+ return Result.err(Status.ERR_BadData,v.errs());
+ }
+
+ return delPermFromRole(trans, updt.value,rrd.value, rreq);
+ }
+
+ private Result<Void> delPermFromRole(final AuthzTrans trans, PermDAO.Data pdd, RoleDAO.Data rdd, REQUEST rreq) {
+ Result<List<PermDAO.Data>> rlpd = ques.permDAO.read(trans, pdd.ns, pdd.type,
+ pdd.instance, pdd.action);
+
+ if(rlpd.notOKorIsEmpty()) {
+ return Result.err(Status.ERR_PermissionNotFound,
+ "Permission [%s.%s|%s|%s] does not exist",
+ pdd.ns,pdd.type,pdd.instance,pdd.action);
+ }
+
+ Result<FutureDAO.Data> fd = mapper.future(trans, PermDAO.TABLE, rreq, pdd,true, // allow ungrants requests
+ new Mapper.Memo() {
+ @Override
+ public String get() {
+ return "Ungrant Permission [" + pdd.fullPerm() + ']' +
+ " from Role [" + rdd.fullName() + "]";
+ }
+ },
+ new MayChange() {
+ private Result<NsDAO.Data> nsd;
+ @Override
+ public Result<?> mayChange() {
+ if(nsd==null) {
+ nsd = ques.mayUser(trans, trans.user(), pdd, Access.write);
+ }
+ return nsd;
+ }
+ });
+ Result<List<NsDAO.Data>> nsr = ques.nsDAO.read(trans, pdd.ns);
+ if(nsr.notOKorIsEmpty()) {
+ return Result.err(nsr);
+ }
+ switch(fd.status) {
+ case OK:
+ Result<String> rfc = func.createFuture(trans,fd.value,
+ pdd.fullPerm(),
+ trans.user(),
+ nsr.value.get(0),
+ FUTURE_OP.UG
+ );
+ if(rfc.isOK()) {
+ return Result.err(Status.ACC_Future, "Perm [%s.%s|%s|%s] is saved for future processing",
+ pdd.ns,
+ pdd.type,
+ pdd.instance,
+ pdd.action);
+ } else {
+ return Result.err(rfc);
+ }
+ case Status.ACC_Now:
+ return func.delPermFromRole(trans, rdd, pdd, false);
+ default:
+ return Result.err(fd);
+ }
}
-
- private Result<Void> delPermFromRole(final AuthzTrans trans, PermDAO.Data pdd, RoleDAO.Data rdd, REQUEST rreq) {
- Result<List<PermDAO.Data>> rlpd = ques.permDAO.read(trans, pdd.ns, pdd.type,
- pdd.instance, pdd.action);
-
- if(rlpd.notOKorIsEmpty()) {
- return Result.err(Status.ERR_PermissionNotFound,
- "Permission [%s.%s|%s|%s] does not exist",
- pdd.ns,pdd.type,pdd.instance,pdd.action);
- }
-
- Result<FutureDAO.Data> fd = mapper.future(trans, PermDAO.TABLE, rreq, pdd,true, // allow ungrants requests
- new Mapper.Memo() {
- @Override
- public String get() {
- return "Ungrant Permission [" + pdd.fullPerm() + ']' +
- " from Role [" + rdd.fullName() + "]";
- }
- },
- new MayChange() {
- private Result<NsDAO.Data> nsd;
- @Override
- public Result<?> mayChange() {
- if(nsd==null) {
- nsd = ques.mayUser(trans, trans.user(), pdd, Access.write);
- }
- return nsd;
- }
- });
- Result<List<NsDAO.Data>> nsr = ques.nsDAO.read(trans, pdd.ns);
- if(nsr.notOKorIsEmpty()) {
- return Result.err(nsr);
- }
- switch(fd.status) {
- case OK:
- Result<String> rfc = func.createFuture(trans,fd.value,
- pdd.fullPerm(),
- trans.user(),
- nsr.value.get(0),
- FUTURE_OP.UG
- );
- if(rfc.isOK()) {
- return Result.err(Status.ACC_Future, "Perm [%s.%s|%s|%s] is saved for future processing",
- pdd.ns,
- pdd.type,
- pdd.instance,
- pdd.action);
- } else {
- return Result.err(rfc);
- }
- case Status.ACC_Now:
- return func.delPermFromRole(trans, rdd, pdd, false);
- default:
- return Result.err(fd);
- }
- }
/*
@ApiDoc(
method = DELETE,
path = "/authz/role/:role/perm/:type/:instance/:action",
params = {"role|string|true",
- "perm type|string|true",
- "perm instance|string|true",
- "perm action|string|true"
- },
+ "perm type|string|true",
+ "perm instance|string|true",
+ "perm action|string|true"
+ },
expectedCode = 200,
errorCodes = {404,406},
text = { "Ungrant a single permission from Role :role with direct key" }
)
*/
- @Override
+ @Override
public Result<Void> delPermFromRole(AuthzTrans trans, String role, String type, String instance, String action) {
- Result<Data> rpns = ques.deriveNs(trans, type);
- if(rpns.notOKorIsEmpty()) {
- return Result.err(rpns);
- }
-
- final Validator v = new ServiceValidator();
- if(v.role(role)
- .permType(rpns.value.name,rpns.value.parent)
- .permInstance(instance)
- .permAction(action)
- .err()) {
- return Result.err(Status.ERR_BadData,v.errs());
- }
-
- Result<Data> rrns = ques.deriveNs(trans, role);
- if(rrns.notOKorIsEmpty()) {
- return Result.err(rrns);
- }
-
- final Result<List<RoleDAO.Data>> rrd = ques.roleDAO.read(trans, rrns.value.parent, rrns.value.name);
- if(rrd.notOKorIsEmpty()) {
- return Result.err(rrd);
- }
-
- final Result<List<PermDAO.Data>> rpd = ques.permDAO.read(trans, rpns.value.parent, rpns.value.name, instance, action);
- if(rpd.notOKorIsEmpty()) {
- return Result.err(rpd);
- }
-
-
- return delPermFromRole(trans,rpd.value.get(0), rrd.value.get(0), mapper.ungrantRequest(trans, role, type, instance, action));
- }
-
+ Result<Data> rpns = ques.deriveNs(trans, type);
+ if(rpns.notOKorIsEmpty()) {
+ return Result.err(rpns);
+ }
+
+ final Validator v = new ServiceValidator();
+ if(v.role(role)
+ .permType(rpns.value.name,rpns.value.parent)
+ .permInstance(instance)
+ .permAction(action)
+ .err()) {
+ return Result.err(Status.ERR_BadData,v.errs());
+ }
+
+ Result<Data> rrns = ques.deriveNs(trans, role);
+ if(rrns.notOKorIsEmpty()) {
+ return Result.err(rrns);
+ }
+
+ final Result<List<RoleDAO.Data>> rrd = ques.roleDAO.read(trans, rrns.value.parent, rrns.value.name);
+ if(rrd.notOKorIsEmpty()) {
+ return Result.err(rrd);
+ }
+
+ final Result<List<PermDAO.Data>> rpd = ques.permDAO.read(trans, rpns.value.parent, rpns.value.name, instance, action);
+ if(rpd.notOKorIsEmpty()) {
+ return Result.err(rpd);
+ }
+
+
+ return delPermFromRole(trans,rpd.value.get(0), rrd.value.get(0), mapper.ungrantRequest(trans, role, type, instance, action));
+ }
+
@ApiDoc(
method = DELETE,
path = "/authz/role/:role",
@@ -2094,19 +2094,19 @@ public class AuthzCassServiceImpl <NSS,PERMS,PERMKEY,ROLES,USERS,USERROLES,DELGS
text = { "Delete the Role named :role"}
)
- @Override
- public Result<Void> deleteRole(AuthzTrans trans, String role) {
- Result<RoleDAO.Data> rrdd = RoleDAO.Data.decode(trans,ques,role);
- if(rrdd.isOKhasData()) {
- final ServiceValidator v = new ServiceValidator();
- if(v.nullOrBlank(rrdd.value).err()) {
- return Result.err(Status.ERR_BadData,v.errs());
- }
- return func.deleteRole(trans, rrdd.value, false, false);
- } else {
- return Result.err(rrdd);
- }
- }
+ @Override
+ public Result<Void> deleteRole(AuthzTrans trans, String role) {
+ Result<RoleDAO.Data> rrdd = RoleDAO.Data.decode(trans,ques,role);
+ if(rrdd.isOKhasData()) {
+ final ServiceValidator v = new ServiceValidator();
+ if(v.nullOrBlank(rrdd.value).err()) {
+ return Result.err(Status.ERR_BadData,v.errs());
+ }
+ return func.deleteRole(trans, rrdd.value, false, false);
+ } else {
+ return Result.err(rrdd);
+ }
+ }
@ApiDoc(
method = DELETE,
@@ -2115,2134 +2115,2134 @@ public class AuthzCassServiceImpl <NSS,PERMS,PERMKEY,ROLES,USERS,USERROLES,DELGS
expectedCode = 200,
errorCodes = { 404,406 },
text = { "Delete the Role referenced by RoleKey",
- "You cannot normally delete a role which still has permissions granted or users assigned to it,",
- "however the \"force\" property allows you to do just that. To do this: Add 'force=true'",
- "as a query parameter.",
- "<p>WARNING: Using force will remove all users and permission from this role. Use with care.</p>"}
+ "You cannot normally delete a role which still has permissions granted or users assigned to it,",
+ "however the \"force\" property allows you to do just that. To do this: Add 'force=true'",
+ "as a query parameter.",
+ "<p>WARNING: Using force will remove all users and permission from this role. Use with care.</p>"}
)
- @Override
- public Result<Void> deleteRole(final AuthzTrans trans, REQUEST from) {
- final Result<RoleDAO.Data> rd = mapper.role(trans, from);
- final ServiceValidator v = new ServiceValidator();
- if(rd==null) {
- return Result.err(Status.ERR_BadData,"Request does not contain Role");
- }
- if(v.nullOrBlank(rd.value).err()) {
- return Result.err(Status.ERR_BadData,v.errs());
- }
- final RoleDAO.Data role = rd.value;
- if(ques.roleDAO.read(trans, role).notOKorIsEmpty() && !trans.requested(force)) {
- return Result.err(Status.ERR_RoleNotFound, "Role [" + role.fullName() + "] does not exist");
- }
-
- Result<FutureDAO.Data> fd = mapper.future(trans,RoleDAO.TABLE,from,role,false,
- new Mapper.Memo() {
- @Override
- public String get() {
- return "Delete Role [" + role.fullName() + ']'
- + " and all attached user roles";
- }
- },
- new MayChange() {
- private Result<NsDAO.Data> nsd;
- @Override
- public Result<?> mayChange() {
- if(nsd==null) {
- nsd = ques.mayUser(trans, trans.user(), role, Access.write);
- }
- return nsd;
- }
- });
-
- switch(fd.status) {
- case OK:
- Result<List<NsDAO.Data>> nsr = ques.nsDAO.read(trans, rd.value.ns);
- if(nsr.notOKorIsEmpty()) {
- return Result.err(nsr);
- }
-
- Result<String> rfc = func.createFuture(trans, fd.value,
- role.encode(), trans.user(),nsr.value.get(0),FUTURE_OP.D);
- if(rfc.isOK()) {
- return Result.err(Status.ACC_Future, "Role Deletion [%s.%s] is saved for future processing",
- rd.value.ns,
- rd.value.name);
- } else {
- return Result.err(rfc);
- }
- case Status.ACC_Now:
- return func.deleteRole(trans,role,trans.requested(force), true /*preapproved*/);
- default:
- return Result.err(fd);
- }
-
- }
+ @Override
+ public Result<Void> deleteRole(final AuthzTrans trans, REQUEST from) {
+ final Result<RoleDAO.Data> rd = mapper.role(trans, from);
+ final ServiceValidator v = new ServiceValidator();
+ if(rd==null) {
+ return Result.err(Status.ERR_BadData,"Request does not contain Role");
+ }
+ if(v.nullOrBlank(rd.value).err()) {
+ return Result.err(Status.ERR_BadData,v.errs());
+ }
+ final RoleDAO.Data role = rd.value;
+ if(ques.roleDAO.read(trans, role).notOKorIsEmpty() && !trans.requested(force)) {
+ return Result.err(Status.ERR_RoleNotFound, "Role [" + role.fullName() + "] does not exist");
+ }
+
+ Result<FutureDAO.Data> fd = mapper.future(trans,RoleDAO.TABLE,from,role,false,
+ new Mapper.Memo() {
+ @Override
+ public String get() {
+ return "Delete Role [" + role.fullName() + ']'
+ + " and all attached user roles";
+ }
+ },
+ new MayChange() {
+ private Result<NsDAO.Data> nsd;
+ @Override
+ public Result<?> mayChange() {
+ if(nsd==null) {
+ nsd = ques.mayUser(trans, trans.user(), role, Access.write);
+ }
+ return nsd;
+ }
+ });
+
+ switch(fd.status) {
+ case OK:
+ Result<List<NsDAO.Data>> nsr = ques.nsDAO.read(trans, rd.value.ns);
+ if(nsr.notOKorIsEmpty()) {
+ return Result.err(nsr);
+ }
+
+ Result<String> rfc = func.createFuture(trans, fd.value,
+ role.encode(), trans.user(),nsr.value.get(0),FUTURE_OP.D);
+ if(rfc.isOK()) {
+ return Result.err(Status.ACC_Future, "Role Deletion [%s.%s] is saved for future processing",
+ rd.value.ns,
+ rd.value.name);
+ } else {
+ return Result.err(rfc);
+ }
+ case Status.ACC_Now:
+ return func.deleteRole(trans,role,trans.requested(force), true /*preapproved*/);
+ default:
+ return Result.err(fd);
+ }
+
+ }
/***********************************
* CRED
***********************************/
- private class MayCreateCred implements MayChange {
- private Result<NsDAO.Data> nsd;
- private AuthzTrans trans;
- private CredDAO.Data cred;
- private Executor exec;
-
- public MayCreateCred(AuthzTrans trans, CredDAO.Data cred, Executor exec) {
- this.trans = trans;
- this.cred = cred;
- this.exec = exec;
- }
-
- @Override
- public Result<?> mayChange() {
- if(nsd==null) {
- nsd = ques.validNSOfDomain(trans, cred.id);
- }
- // is Ns of CredID valid?
- if(nsd.isOK()) {
- try {
- // Check Org Policy
- if(trans.org().validate(trans,Policy.CREATE_MECHID, exec, cred.id)==null) {
- return Result.ok();
- } else {
- Result<?> rmc = ques.mayUser(trans, trans.user(), nsd.value, Access.write);
- if(rmc.isOKhasData()) {
- return rmc;
- }
- }
- } catch (Exception e) {
- trans.warn().log(e);
- }
- } else {
- trans.warn().log(nsd.errorString());
- }
- return Result.err(Status.ERR_Denied,"%s is not allowed to create %s in %s",trans.user(),cred.id,cred.ns);
- }
- }
-
- private class MayChangeCred implements MayChange {
-
- private Result<NsDAO.Data> nsd;
- private AuthzTrans trans;
- private CredDAO.Data cred;
- public MayChangeCred(AuthzTrans trans, CredDAO.Data cred) {
- this.trans = trans;
- this.cred = cred;
- }
-
- @Override
- public Result<?> mayChange() {
- // User can change himself (but not create)
- if(trans.user().equals(cred.id)) {
- return Result.ok();
- }
- if(nsd==null) {
- nsd = ques.validNSOfDomain(trans, cred.id);
- }
- // Get the Namespace
- if(nsd.isOK()) {
- if(ques.mayUser(trans, trans.user(), nsd.value,Access.write).isOK()) {
- return Result.ok();
- }
- String user[] = Split.split('.',trans.user());
- if(user.length>2) {
- String company = user[user.length-1] + '.' + user[user.length-2];
- if(ques.isGranted(trans, trans.user(), ROOT_NS,"password",company,"reset")) {
- return Result.ok();
- }
- }
- }
- return Result.err(Status.ERR_Denied,"%s is not allowed to change %s in %s",trans.user(),cred.id,cred.ns);
- }
-
- }
-
- private final long DAY_IN_MILLIS = 24*3600*1000L;
-
- @ApiDoc(
- method = POST,
- path = "/authn/cred",
- params = {},
- expectedCode = 201,
- errorCodes = {403,404,406,409},
- text = { "A credential consists of:",
- "<ul><li>id - the ID to create within AAF. The domain is in reverse",
- "order of Namespace (i.e. Users of Namespace com.att.myapp would be",
- "AB1234@myapp.att.com</li>",
- "<li>password - Company Policy Compliant Password</li></ul>",
- "Note: AAF does support multiple credentials with the same ID.",
- "Check with your organization if you have this implemented."
- }
- )
- @Override
- public Result<Void> createUserCred(final AuthzTrans trans, REQUEST from) {
- final String cmdDescription = ("Create User Credential");
- TimeTaken tt = trans.start(cmdDescription, Env.SUB);
-
- try {
- Result<CredDAO.Data> rcred = mapper.cred(trans, from, true);
- if(rcred.isOKhasData()) {
- byte[] rawCred = rcred.value.cred.array();
- rcred = ques.userCredSetup(trans, rcred.value);
-
- final ServiceValidator v = new ServiceValidator();
-
- if(v.cred(trans, trans.org(),rcred,true).err()) { // Note: Creates have stricter Validations
- return Result.err(Status.ERR_BadData,v.errs());
- }
-
-
- // 2016-4 Jonathan, New Behavior - If MechID is not registered with Org, deny creation
- Identity mechID = null;
- Organization org = trans.org();
- try {
- mechID = org.getIdentity(trans, rcred.value.id);
- } catch (Exception e1) {
- trans.error().log(e1,rcred.value.id,"cannot be validated at this time");
- }
- if(mechID==null || !mechID.isFound()) {
- return Result.err(Status.ERR_Policy,"MechIDs must be registered with %s before provisioning in AAF",org.getName());
- }
-
- Result<List<NsDAO.Data>> nsr = ques.nsDAO.read(trans, rcred.value.ns);
- if(nsr.notOKorIsEmpty()) {
- return Result.err(Status.ERR_NsNotFound,"Cannot provision %s on non-existent Namespace %s",mechID.id(),rcred.value.ns);
- }
-
-
- boolean firstID = false;
- MayChange mc;
-
- CassExecutor exec = new CassExecutor(trans, func);
- Result<List<CredDAO.Data>> rlcd = ques.credDAO.readID(trans, rcred.value.id);
- if (rlcd.isOKhasData()) {
- if (!org.canHaveMultipleCreds(rcred.value.id)) {
- return Result.err(Status.ERR_ConflictAlreadyExists, "Credential exists");
- }
- Result<Boolean> rb;
- for (CredDAO.Data curr : rlcd.value) {
- // May not use the same password in the list
- // Note: ASPR specifies character differences, but we don't actually store the
- // password to validate char differences.
-
- rb = ques.userCredCheck(trans, curr, rawCred);
- if(rb.notOK()) {
- return Result.err(rb);
- } else if(rb.value){
- return Result.err(Status.ERR_Policy, "Credential content cannot be reused.");
- } else if (Chrono.dateOnlyStamp(curr.expires).equals(Chrono.dateOnlyStamp(rcred.value.expires)) && curr.type==rcred.value.type) {
- return Result.err(Status.ERR_ConflictAlreadyExists, "Credential with same Expiration Date exists, use 'reset'");
- }
- }
- } else {
- try {
- // 2016-04-12 Jonathan If Caller is the Sponsor and is also an Owner of NS, allow without special Perm
- String theMechID = rcred.value.id;
- Boolean otherMechIDs = false;
- // find out if this is the only mechID. other MechIDs mean special handling (not automated)
- for(CredDAO.Data cd : ques.credDAO.readNS(trans,nsr.value.get(0).name).value) {
- if(!cd.id.equals(theMechID)) {
- otherMechIDs = true;
- break;
- }
- }
- String reason;
- // We can say "ID does not exist" here
- if((reason=org.validate(trans, Policy.CREATE_MECHID, exec, theMechID,trans.user(),otherMechIDs.toString()))!=null) {
- return Result.err(Status.ERR_Denied, reason);
- }
- firstID=true;
- } catch (Exception e) {
- return Result.err(e);
- }
- }
-
- mc = new MayCreateCred(trans, rcred.value, exec);
-
- final CredDAO.Data cdd = rcred.value;
- Result<FutureDAO.Data> fd = mapper.future(trans,CredDAO.TABLE,from, rcred.value,false, // may want to enable in future.
- new Mapper.Memo() {
- @Override
- public String get() {
- return cmdDescription + " [" +
- cdd.id + '|'
- + cdd.type + '|'
- + cdd.expires + ']';
- }
- },
- mc);
-
- switch(fd.status) {
- case OK:
- Result<String> rfc = func.createFuture(trans, fd.value,
- rcred.value.id + '|' + rcred.value.type.toString() + '|' + rcred.value.expires,
- trans.user(), nsr.value.get(0), FUTURE_OP.C);
- if(rfc.isOK()) {
- return Result.err(Status.ACC_Future, "Credential Request [%s|%s|%s] is saved for future processing",
- rcred.value.id,
- Integer.toString(rcred.value.type),
- rcred.value.expires.toString());
- } else {
- return Result.err(rfc);
- }
- case Status.ACC_Now:
- try {
- if(firstID) {
- // && !nsr.value.get(0).isAdmin(trans.getUserPrincipal().getName())) {
- Result<List<String>> admins = func.getAdmins(trans, nsr.value.get(0).name, false);
- // OK, it's a first ID, and not by NS Admin, so let's set TempPassword length
- // Note, we only do this on First time, because of possibility of
- // prematurely expiring a production id
- if(admins.isOKhasData() && !admins.value.contains(trans.user())) {
- rcred.value.expires = org.expiration(null, Expiration.TempPassword).getTime();
- }
- }
- } catch (Exception e) {
- trans.error().log(e, "While setting expiration to TempPassword");
- }
- Result<?>udr = ques.credDAO.create(trans, rcred.value);
- if(udr.isOK()) {
- return Result.ok();
- }
- return Result.err(udr);
- default:
- return Result.err(fd);
- }
-
- } else {
- return Result.err(rcred);
- }
- } finally {
- tt.done();
- }
- }
-
- @ApiDoc(
- method = GET,
- path = "/authn/creds/ns/:ns",
- params = {"ns|string|true"},
- expectedCode = 200,
- errorCodes = {403,404,406},
- text = { "Return all IDs in Namespace :ns"
- }
- )
- @Override
- public Result<USERS> getCredsByNS(AuthzTrans trans, String ns) {
- final Validator v = new ServiceValidator();
- if(v.ns(ns).err()) {
- return Result.err(Status.ERR_BadData,v.errs());
- }
-
- // check if user is allowed to view NS
- Result<NsDAO.Data> rnd = ques.deriveNs(trans,ns);
- if(rnd.notOK()) {
- return Result.err(rnd);
- }
- rnd = ques.mayUser(trans, trans.user(), rnd.value, Access.read);
- if(rnd.notOK()) {
- return Result.err(rnd);
- }
-
- TimeTaken tt = trans.start("MAP Creds by NS to Creds", Env.SUB);
- try {
- USERS users = mapper.newInstance(API.USERS);
- Result<List<CredDAO.Data>> rlcd = ques.credDAO.readNS(trans, ns);
-
- if(rlcd.isOK()) {
- if(!rlcd.isEmpty()) {
- return mapper.cred(rlcd.value, users);
- }
- return Result.ok(users);
- } else {
- return Result.err(rlcd);
- }
- } finally {
- tt.done();
- }
-
- }
-
- @ApiDoc(
- method = GET,
- path = "/authn/creds/id/:ns",
- params = {"id|string|true"},
- expectedCode = 200,
- errorCodes = {403,404,406},
- text = { "Return all IDs in for ID"
- ,"(because IDs are multiple, due to multiple Expiration Dates)"
- }
- )
- @Override
- public Result<USERS> getCredsByID(AuthzTrans trans, String id) {
- final Validator v = new ServiceValidator();
- if(v.nullOrBlank("ID",id).err()) {
- return Result.err(Status.ERR_BadData,v.errs());
- }
-
- String ns = Question.domain2ns(id);
- // check if user is allowed to view NS
- Result<NsDAO.Data> rnd = ques.deriveNs(trans,ns);
- if(rnd.notOK()) {
- return Result.err(rnd);
- }
- rnd = ques.mayUser(trans, trans.user(), rnd.value, Access.read);
- if(rnd.notOK()) {
- return Result.err(rnd);
- }
-
- TimeTaken tt = trans.start("MAP Creds by ID to Creds", Env.SUB);
- try {
- USERS users = mapper.newInstance(API.USERS);
- Result<List<CredDAO.Data>> rlcd = ques.credDAO.readID(trans, id);
-
- if(rlcd.isOK()) {
- if(!rlcd.isEmpty()) {
- return mapper.cred(rlcd.value, users);
- }
- return Result.ok(users);
- } else {
- return Result.err(rlcd);
- }
- } finally {
- tt.done();
- }
-
- }
-
- @ApiDoc(
- method = GET,
- path = "/authn/certs/id/:id",
- params = {"id|string|true"},
- expectedCode = 200,
- errorCodes = {403,404,406},
- text = { "Return Cert Info for ID"
- }
- )
- @Override
- public Result<CERTS> getCertInfoByID(AuthzTrans trans, HttpServletRequest req, String id) {
- TimeTaken tt = trans.start("Get Cert Info by ID", Env.SUB);
- try {
- CERTS certs = mapper.newInstance(API.CERTS);
- Result<List<CertDAO.Data>> rlcd = ques.certDAO.readID(trans, id);
-
- if(rlcd.isOK()) {
- if(!rlcd.isEmpty()) {
- return mapper.cert(rlcd.value, certs);
- }
- return Result.ok(certs);
- } else {
- return Result.err(rlcd);
- }
- } finally {
- tt.done();
- }
-
- }
-
- @ApiDoc(
- method = PUT,
- path = "/authn/cred",
- params = {},
- expectedCode = 200,
- errorCodes = {300,403,404,406},
- text = { "Reset a Credential Password. If multiple credentials exist for this",
- "ID, you will need to specify which entry you are resetting in the",
- "CredRequest object"
- }
- )
- @Override
- public Result<Void> changeUserCred(final AuthzTrans trans, REQUEST from) {
- final String cmdDescription = "Update User Credential";
- TimeTaken tt = trans.start(cmdDescription, Env.SUB);
- try {
- Result<CredDAO.Data> rcred = mapper.cred(trans, from, true);
- if(rcred.isOKhasData()) {
- rcred = ques.userCredSetup(trans, rcred.value);
-
- final ServiceValidator v = new ServiceValidator();
-
- if(v.cred(trans, trans.org(),rcred,false).err()) {// Note: Creates have stricter Validations
- return Result.err(Status.ERR_BadData,v.errs());
- }
- Result<List<CredDAO.Data>> rlcd = ques.credDAO.readID(trans, rcred.value.id);
- if(rlcd.notOKorIsEmpty()) {
- return Result.err(Status.ERR_UserNotFound, "Credential does not exist");
- }
-
- MayChange mc = new MayChangeCred(trans, rcred.value);
- Result<?> rmc = mc.mayChange();
- if (rmc.notOK()) {
- return Result.err(rmc);
- }
-
- Result<Integer> ri = selectEntryIfMultiple((CredRequest)from, rlcd.value);
- if(ri.notOK()) {
- return Result.err(ri);
- }
- int entry = ri.value;
-
-
- final CredDAO.Data cred = rcred.value;
-
- Result<FutureDAO.Data> fd = mapper.future(trans,CredDAO.TABLE,from, rcred.value,false,
- new Mapper.Memo() {
- @Override
- public String get() {
- return cmdDescription + " [" +
- cred.id + '|'
- + cred.type + '|'
- + cred.expires + ']';
- }
- },
- mc);
-
- Result<List<NsDAO.Data>> nsr = ques.nsDAO.read(trans, rcred.value.ns);
- if(nsr.notOKorIsEmpty()) {
- return Result.err(nsr);
- }
-
- switch(fd.status) {
- case OK:
- Result<String> rfc = func.createFuture(trans, fd.value,
- rcred.value.id + '|' + rcred.value.type.toString() + '|' + rcred.value.expires,
- trans.user(), nsr.value.get(0), FUTURE_OP.U);
- if(rfc.isOK()) {
- return Result.err(Status.ACC_Future, "Credential Request [%s|%s|%s]",
- rcred.value.id,
- Integer.toString(rcred.value.type),
- rcred.value.expires.toString());
- } else {
- return Result.err(rfc);
- }
- case Status.ACC_Now:
- Result<?>udr = null;
- // If we are Resetting Password on behalf of someone else (am not the Admin)
- // use TempPassword Expiration time.
- Expiration exp;
- if(ques.isAdmin(trans, trans.user(), nsr.value.get(0).name)) {
- exp = Expiration.Password;
- } else {
- exp = Expiration.TempPassword;
- }
-
- Organization org = trans.org();
- CredDAO.Data current = rlcd.value.get(entry);
- // If user resets password in same day, we will have a primary key conflict, so subtract 1 day
- if (current.expires.equals(rcred.value.expires)
- && rlcd.value.get(entry).type==rcred.value.type) {
- GregorianCalendar gc = org.expiration(null, exp,rcred.value.id);
- gc = Chrono.firstMomentOfDay(gc);
- gc.set(GregorianCalendar.HOUR_OF_DAY, org.startOfDay());
- rcred.value.expires = new Date(gc.getTimeInMillis() - DAY_IN_MILLIS);
- } else {
- rcred.value.expires = org.expiration(null,exp).getTime();
- }
- // Copy in other fields 10/21/2016
- rcred.value.notes=current.notes;
-
- udr = ques.credDAO.create(trans, rcred.value);
- if(udr.isOK()) {
- udr = ques.credDAO.delete(trans, rlcd.value.get(entry),false);
- }
- if (udr.isOK()) {
- return Result.ok();
- }
-
- return Result.err(udr);
- default:
- return Result.err(fd);
- }
- } else {
- return Result.err(rcred);
- }
- } finally {
- tt.done();
- }
- }
-
- /*
- * Codify the way to get Either Choice Needed or actual Integer from Credit Request
- */
- private Result<Integer> selectEntryIfMultiple(final CredRequest cr, List<CredDAO.Data> lcd) {
- int entry = 0;
- if (lcd.size() > 1) {
- String inputOption = cr.getEntry();
- if (inputOption == null) {
- String message = selectCredFromList(lcd, false);
- String[] variables = buildVariables(lcd);
- return Result.err(Status.ERR_ChoiceNeeded, message, variables);
- } else {
- entry = Integer.parseInt(inputOption) - 1;
- }
- if (entry < 0 || entry >= lcd.size()) {
- return Result.err(Status.ERR_BadData, "User chose invalid credential selection");
- }
- }
- return Result.ok(entry);
- }
-
- @ApiDoc(
- method = PUT,
- path = "/authn/cred/:days",
- params = {"days|string|true"},
- expectedCode = 200,
- errorCodes = {300,403,404,406},
- text = { "Extend a Credential Expiration Date. The intention of this API is",
- "to avoid an outage in PROD due to a Credential expiring before it",
- "can be configured correctly. Measures are being put in place ",
- "so that this is not abused."
- }
- )
- @Override
- public Result<Void> extendUserCred(final AuthzTrans trans, REQUEST from, String days) {
- TimeTaken tt = trans.start("Extend User Credential", Env.SUB);
- try {
- Result<CredDAO.Data> cred = mapper.cred(trans, from, false);
- Organization org = trans.org();
- final ServiceValidator v = new ServiceValidator();
- if(v.notOK(cred).err() ||
- v.nullOrBlank(cred.value.id, "Invalid ID").err() ||
- v.user(org,cred.value.id).err()) {
- return Result.err(Status.ERR_BadData,v.errs());
- }
-
- try {
- String reason;
- if ((reason=org.validate(trans, Policy.MAY_EXTEND_CRED_EXPIRES, new CassExecutor(trans,func)))!=null) {
- return Result.err(Status.ERR_Policy,reason);
- }
- } catch (Exception e) {
- String msg;
- trans.error().log(e, msg="Could not contact Organization for User Validation");
- return Result.err(Status.ERR_Denied, msg);
- }
-
- // Get the list of Cred Entries
- Result<List<CredDAO.Data>> rlcd = ques.credDAO.readID(trans, cred.value.id);
- if(rlcd.notOKorIsEmpty()) {
- return Result.err(Status.ERR_UserNotFound, "Credential does not exist");
- }
-
- //Need to do the "Pick Entry" mechanism
- Result<Integer> ri = selectEntryIfMultiple((CredRequest)from, rlcd.value);
- if(ri.notOK()) {
- return Result.err(ri);
- }
-
- CredDAO.Data found = rlcd.value.get(ri.value);
- CredDAO.Data cd = cred.value;
- // Copy over the cred
- cd.id = found.id;
- cd.cred = found.cred;
- cd.other = found.other;
- cd.type = found.type;
- cd.notes = found.notes;
- cd.ns = found.ns;
- cd.expires = org.expiration(null, Expiration.ExtendPassword,days).getTime();
-
- cred = ques.credDAO.create(trans, cd);
- if(cred.isOK()) {
- return Result.ok();
- }
- return Result.err(cred);
- } finally {
- tt.done();
- }
- }
-
- private String[] buildVariables(List<CredDAO.Data> value) {
- // ensure credentials are sorted so we can fully automate Cred regression test
- Collections.sort(value, new Comparator<CredDAO.Data>() {
- @Override
- public int compare(CredDAO.Data cred1, CredDAO.Data cred2) {
- return cred1.expires.compareTo(cred2.expires);
- }
- });
- String [] vars = new String[value.size()+1];
- vars[0]="Choice";
- for (int i = 0; i < value.size(); i++) {
- vars[i+1] = value.get(i).id + " " + value.get(i).type
- + " |" + value.get(i).expires;
- }
- return vars;
- }
-
- private String selectCredFromList(List<CredDAO.Data> value, boolean isDelete) {
- StringBuilder errMessage = new StringBuilder();
- String userPrompt = isDelete?"Select which cred to delete (set force=true to delete all):":"Select which cred to update:";
- int numSpaces = value.get(0).id.length() - "Id".length();
-
- errMessage.append(userPrompt + '\n');
- errMessage.append(" Id");
- for (int i = 0; i < numSpaces; i++) {
- errMessage.append(' ');
- }
- errMessage.append(" Type Expires" + '\n');
- for(int i=0;i<value.size();++i) {
- errMessage.append(" %s\n");
- }
- errMessage.append("Run same command again with chosen entry as last parameter");
-
- return errMessage.toString();
-
- }
-
- @ApiDoc(
- method = DELETE,
- path = "/authn/cred",
- params = {},
- expectedCode = 200,
- errorCodes = {300,403,404,406},
- text = { "Delete a Credential. If multiple credentials exist for this",
- "ID, you will need to specify which entry you are deleting in the",
- "CredRequest object."
- }
- )
- @Override
- public Result<Void> deleteUserCred(AuthzTrans trans, REQUEST from) {
- final Result<CredDAO.Data> cred = mapper.cred(trans, from, false);
- final Validator v = new ServiceValidator();
- if(v.nullOrBlank("cred", cred.value.id).err()) {
- return Result.err(Status.ERR_BadData,v.errs());
- }
-
- Result<List<CredDAO.Data>> rlcd = ques.credDAO.readID(trans, cred.value.id);
- if(rlcd.notOKorIsEmpty()) {
- // Empty Creds should have no user_roles.
- Result<List<UserRoleDAO.Data>> rlurd = ques.userRoleDAO.readByUser(trans, cred.value.id);
- if(rlurd.isOK()) {
- for(UserRoleDAO.Data data : rlurd.value) {
- ques.userRoleDAO.delete(trans, data, false);
- }
- }
- return Result.err(Status.ERR_UserNotFound, "Credential does not exist");
- }
- boolean isLastCred = rlcd.value.size()==1;
-
- MayChange mc = new MayChangeCred(trans,cred.value);
- Result<?> rmc = mc.mayChange();
- if (rmc.notOK()) {
- return Result.err(rmc);
- }
-
- int entry = 0;
- if(!trans.requested(force)) {
- if (rlcd.value.size() > 1) {
- CredRequest cr = (CredRequest)from;
- String inputOption = cr.getEntry();
- if (inputOption == null) {
- String message = selectCredFromList(rlcd.value, true);
- String[] variables = buildVariables(rlcd.value);
- return Result.err(Status.ERR_ChoiceNeeded, message, variables);
- } else {
- try {
- if(inputOption.length()>5) { // should be a date
- Date d = Chrono.xmlDatatypeFactory.newXMLGregorianCalendar(inputOption).toGregorianCalendar().getTime();
- entry = 0;
- for(CredDAO.Data cd : rlcd.value) {
- if(cd.type.equals(cr.getType()) && cd.expires.equals(d)) {
- break;
- }
- ++entry;
- }
- } else {
- entry = Integer.parseInt(inputOption) - 1;
- }
- } catch(NullPointerException e) {
- return Result.err(Status.ERR_BadData, "Invalid Date Format for Entry");
- } catch(NumberFormatException e) {
- return Result.err(Status.ERR_BadData, "User chose invalid credential selection");
- }
- }
- isLastCred = (entry==-1)?true:false;
- } else {
- isLastCred = true;
- }
- if (entry < -1 || entry >= rlcd.value.size()) {
- return Result.err(Status.ERR_BadData, "User chose invalid credential selection");
- }
- }
-
- Result<FutureDAO.Data> fd = mapper.future(trans,CredDAO.TABLE,from,cred.value,false,
- new Mapper.Memo() {
- @Override
- public String get() {
- return "Delete Credential [" +
- cred.value.id +
- ']';
- }
- },
- mc);
-
- Result<List<NsDAO.Data>> nsr = ques.nsDAO.read(trans, cred.value.ns);
- if(nsr.notOKorIsEmpty()) {
- return Result.err(nsr);
- }
-
- switch(fd.status) {
- case OK:
- Result<String> rfc = func.createFuture(trans, fd.value, cred.value.id,
- trans.user(), nsr.value.get(0), FUTURE_OP.D);
-
- if(rfc.isOK()) {
- return Result.err(Status.ACC_Future, "Credential Delete [%s] is saved for future processing",cred.value.id);
- } else {
- return Result.err(rfc);
- }
- case Status.ACC_Now:
- Result<?>udr = null;
- if (!trans.requested(force)) {
- if(entry<0 || entry >= rlcd.value.size()) {
- return Result.err(Status.ERR_BadData,"Invalid Choice [" + entry + "] chosen for Delete [%s] is saved for future processing",cred.value.id);
- }
- udr = ques.credDAO.delete(trans, rlcd.value.get(entry),false);
- } else {
- for (CredDAO.Data curr : rlcd.value) {
- udr = ques.credDAO.delete(trans, curr, false);
- if (udr.notOK()) {
- return Result.err(udr);
- }
- }
- }
- if(isLastCred) {
- Result<List<UserRoleDAO.Data>> rlurd = ques.userRoleDAO.readByUser(trans, cred.value.id);
- if(rlurd.isOK()) {
- for(UserRoleDAO.Data data : rlurd.value) {
- ques.userRoleDAO.delete(trans, data, false);
- }
- }
- }
- if(udr==null) {
- return Result.err(Result.ERR_NotFound,"No User Data found");
- }
- if (udr.isOK()) {
- return Result.ok();
- }
- return Result.err(udr);
- default:
- return Result.err(fd);
- }
-
- }
-
-
- @Override
- public Result<Date> doesCredentialMatch(AuthzTrans trans, REQUEST credReq) {
- TimeTaken tt = trans.start("Does Credential Match", Env.SUB);
- try {
- // Note: Mapper assigns RAW type
- Result<CredDAO.Data> data = mapper.cred(trans, credReq,false);
- if(data.notOKorIsEmpty()) {
- return Result.err(data);
- }
- CredDAO.Data cred = data.value; // of the Mapped Cred
- if(cred.cred==null) {
- return Result.err(Result.ERR_BadData,"No Password");
- } else {
- return ques.doesUserCredMatch(trans, cred.id, cred.cred.array());
- }
-
- } catch (DAOException e) {
- trans.error().log(e,"Error looking up cred");
- return Result.err(Status.ERR_Denied,"Credential does not match");
- } finally {
- tt.done();
- }
- }
-
- @ApiDoc(
- method = GET,
- path = "/authn/basicAuth",
- params = {},
- expectedCode = 200,
- errorCodes = { 403 },
- text = { "!!!! DEPRECATED without X509 Authentication STOP USING THIS API BY DECEMBER 2017, or use Certificates !!!!\n"
- + "Use /authn/validate instead\n"
- + "Note: Validate a Password using BasicAuth Base64 encoded Header. This HTTP/S call is intended as a fast"
- + " User/Password lookup for Security Frameworks, and responds 200 if it passes BasicAuth "
- + "security, and 403 if it does not." }
- )
- private void basicAuth() {
- // This is a place holder for Documentation. The real BasicAuth API does not call Service.
- }
-
- @ApiDoc(
- method = POST,
- path = "/authn/validate",
- params = {},
- expectedCode = 200,
- errorCodes = { 403 },
- text = { "Validate a Credential given a Credential Structure. This is a more comprehensive validation, can "
- + "do more than BasicAuth as Credential types exp" }
- )
- @Override
- public Result<Date> validateBasicAuth(AuthzTrans trans, String basicAuth) {
- //TODO how to make sure people don't use this in browsers? Do we care?
- TimeTaken tt = trans.start("Validate Basic Auth", Env.SUB);
- try {
- BasicPrincipal bp = new BasicPrincipal(basicAuth,trans.org().getRealm());
- Result<Date> rq = ques.doesUserCredMatch(trans, bp.getName(), bp.getCred());
- // Note: Only want to log problem, don't want to send back to end user
- if(rq.isOK()) {
- return rq;
- } else {
- trans.audit().log(rq.errorString());
- }
- } catch (Exception e) {
- trans.warn().log(e);
- } finally {
- tt.done();
- }
- return Result.err(Status.ERR_Denied,"Bad Basic Auth");
- }
+ private class MayCreateCred implements MayChange {
+ private Result<NsDAO.Data> nsd;
+ private AuthzTrans trans;
+ private CredDAO.Data cred;
+ private Executor exec;
+
+ public MayCreateCred(AuthzTrans trans, CredDAO.Data cred, Executor exec) {
+ this.trans = trans;
+ this.cred = cred;
+ this.exec = exec;
+ }
+
+ @Override
+ public Result<?> mayChange() {
+ if(nsd==null) {
+ nsd = ques.validNSOfDomain(trans, cred.id);
+ }
+ // is Ns of CredID valid?
+ if(nsd.isOK()) {
+ try {
+ // Check Org Policy
+ if(trans.org().validate(trans,Policy.CREATE_MECHID, exec, cred.id)==null) {
+ return Result.ok();
+ } else {
+ Result<?> rmc = ques.mayUser(trans, trans.user(), nsd.value, Access.write);
+ if(rmc.isOKhasData()) {
+ return rmc;
+ }
+ }
+ } catch (Exception e) {
+ trans.warn().log(e);
+ }
+ } else {
+ trans.warn().log(nsd.errorString());
+ }
+ return Result.err(Status.ERR_Denied,"%s is not allowed to create %s in %s",trans.user(),cred.id,cred.ns);
+ }
+ }
+
+ private class MayChangeCred implements MayChange {
+
+ private Result<NsDAO.Data> nsd;
+ private AuthzTrans trans;
+ private CredDAO.Data cred;
+ public MayChangeCred(AuthzTrans trans, CredDAO.Data cred) {
+ this.trans = trans;
+ this.cred = cred;
+ }
+
+ @Override
+ public Result<?> mayChange() {
+ // User can change himself (but not create)
+ if(trans.user().equals(cred.id)) {
+ return Result.ok();
+ }
+ if(nsd==null) {
+ nsd = ques.validNSOfDomain(trans, cred.id);
+ }
+ // Get the Namespace
+ if(nsd.isOK()) {
+ if(ques.mayUser(trans, trans.user(), nsd.value,Access.write).isOK()) {
+ return Result.ok();
+ }
+ String user[] = Split.split('.',trans.user());
+ if(user.length>2) {
+ String company = user[user.length-1] + '.' + user[user.length-2];
+ if(ques.isGranted(trans, trans.user(), ROOT_NS,"password",company,"reset")) {
+ return Result.ok();
+ }
+ }
+ }
+ return Result.err(Status.ERR_Denied,"%s is not allowed to change %s in %s",trans.user(),cred.id,cred.ns);
+ }
+
+ }
+
+ private final long DAY_IN_MILLIS = 24*3600*1000L;
+
+ @ApiDoc(
+ method = POST,
+ path = "/authn/cred",
+ params = {},
+ expectedCode = 201,
+ errorCodes = {403,404,406,409},
+ text = { "A credential consists of:",
+ "<ul><li>id - the ID to create within AAF. The domain is in reverse",
+ "order of Namespace (i.e. Users of Namespace com.att.myapp would be",
+ "AB1234@myapp.att.com</li>",
+ "<li>password - Company Policy Compliant Password</li></ul>",
+ "Note: AAF does support multiple credentials with the same ID.",
+ "Check with your organization if you have this implemented."
+ }
+ )
+ @Override
+ public Result<Void> createUserCred(final AuthzTrans trans, REQUEST from) {
+ final String cmdDescription = ("Create User Credential");
+ TimeTaken tt = trans.start(cmdDescription, Env.SUB);
+
+ try {
+ Result<CredDAO.Data> rcred = mapper.cred(trans, from, true);
+ if(rcred.isOKhasData()) {
+ byte[] rawCred = rcred.value.cred.array();
+ rcred = ques.userCredSetup(trans, rcred.value);
+
+ final ServiceValidator v = new ServiceValidator();
+
+ if(v.cred(trans, trans.org(),rcred,true).err()) { // Note: Creates have stricter Validations
+ return Result.err(Status.ERR_BadData,v.errs());
+ }
+
+
+ // 2016-4 Jonathan, New Behavior - If MechID is not registered with Org, deny creation
+ Identity mechID = null;
+ Organization org = trans.org();
+ try {
+ mechID = org.getIdentity(trans, rcred.value.id);
+ } catch (Exception e1) {
+ trans.error().log(e1,rcred.value.id,"cannot be validated at this time");
+ }
+ if(mechID==null || !mechID.isFound()) {
+ return Result.err(Status.ERR_Policy,"MechIDs must be registered with %s before provisioning in AAF",org.getName());
+ }
+
+ Result<List<NsDAO.Data>> nsr = ques.nsDAO.read(trans, rcred.value.ns);
+ if(nsr.notOKorIsEmpty()) {
+ return Result.err(Status.ERR_NsNotFound,"Cannot provision %s on non-existent Namespace %s",mechID.id(),rcred.value.ns);
+ }
+
+
+ boolean firstID = false;
+ MayChange mc;
+
+ CassExecutor exec = new CassExecutor(trans, func);
+ Result<List<CredDAO.Data>> rlcd = ques.credDAO.readID(trans, rcred.value.id);
+ if (rlcd.isOKhasData()) {
+ if (!org.canHaveMultipleCreds(rcred.value.id)) {
+ return Result.err(Status.ERR_ConflictAlreadyExists, "Credential exists");
+ }
+ Result<Boolean> rb;
+ for (CredDAO.Data curr : rlcd.value) {
+ // May not use the same password in the list
+ // Note: ASPR specifies character differences, but we don't actually store the
+ // password to validate char differences.
+
+ rb = ques.userCredCheck(trans, curr, rawCred);
+ if(rb.notOK()) {
+ return Result.err(rb);
+ } else if(rb.value){
+ return Result.err(Status.ERR_Policy, "Credential content cannot be reused.");
+ } else if (Chrono.dateOnlyStamp(curr.expires).equals(Chrono.dateOnlyStamp(rcred.value.expires)) && curr.type==rcred.value.type) {
+ return Result.err(Status.ERR_ConflictAlreadyExists, "Credential with same Expiration Date exists, use 'reset'");
+ }
+ }
+ } else {
+ try {
+ // 2016-04-12 Jonathan If Caller is the Sponsor and is also an Owner of NS, allow without special Perm
+ String theMechID = rcred.value.id;
+ Boolean otherMechIDs = false;
+ // find out if this is the only mechID. other MechIDs mean special handling (not automated)
+ for(CredDAO.Data cd : ques.credDAO.readNS(trans,nsr.value.get(0).name).value) {
+ if(!cd.id.equals(theMechID)) {
+ otherMechIDs = true;
+ break;
+ }
+ }
+ String reason;
+ // We can say "ID does not exist" here
+ if((reason=org.validate(trans, Policy.CREATE_MECHID, exec, theMechID,trans.user(),otherMechIDs.toString()))!=null) {
+ return Result.err(Status.ERR_Denied, reason);
+ }
+ firstID=true;
+ } catch (Exception e) {
+ return Result.err(e);
+ }
+ }
+
+ mc = new MayCreateCred(trans, rcred.value, exec);
+
+ final CredDAO.Data cdd = rcred.value;
+ Result<FutureDAO.Data> fd = mapper.future(trans,CredDAO.TABLE,from, rcred.value,false, // may want to enable in future.
+ new Mapper.Memo() {
+ @Override
+ public String get() {
+ return cmdDescription + " [" +
+ cdd.id + '|'
+ + cdd.type + '|'
+ + cdd.expires + ']';
+ }
+ },
+ mc);
+
+ switch(fd.status) {
+ case OK:
+ Result<String> rfc = func.createFuture(trans, fd.value,
+ rcred.value.id + '|' + rcred.value.type.toString() + '|' + rcred.value.expires,
+ trans.user(), nsr.value.get(0), FUTURE_OP.C);
+ if(rfc.isOK()) {
+ return Result.err(Status.ACC_Future, "Credential Request [%s|%s|%s] is saved for future processing",
+ rcred.value.id,
+ Integer.toString(rcred.value.type),
+ rcred.value.expires.toString());
+ } else {
+ return Result.err(rfc);
+ }
+ case Status.ACC_Now:
+ try {
+ if(firstID) {
+ // && !nsr.value.get(0).isAdmin(trans.getUserPrincipal().getName())) {
+ Result<List<String>> admins = func.getAdmins(trans, nsr.value.get(0).name, false);
+ // OK, it's a first ID, and not by NS Admin, so let's set TempPassword length
+ // Note, we only do this on First time, because of possibility of
+ // prematurely expiring a production id
+ if(admins.isOKhasData() && !admins.value.contains(trans.user())) {
+ rcred.value.expires = org.expiration(null, Expiration.TempPassword).getTime();
+ }
+ }
+ } catch (Exception e) {
+ trans.error().log(e, "While setting expiration to TempPassword");
+ }
+ Result<?>udr = ques.credDAO.create(trans, rcred.value);
+ if(udr.isOK()) {
+ return Result.ok();
+ }
+ return Result.err(udr);
+ default:
+ return Result.err(fd);
+ }
+
+ } else {
+ return Result.err(rcred);
+ }
+ } finally {
+ tt.done();
+ }
+ }
+
+ @ApiDoc(
+ method = GET,
+ path = "/authn/creds/ns/:ns",
+ params = {"ns|string|true"},
+ expectedCode = 200,
+ errorCodes = {403,404,406},
+ text = { "Return all IDs in Namespace :ns"
+ }
+ )
+ @Override
+ public Result<USERS> getCredsByNS(AuthzTrans trans, String ns) {
+ final Validator v = new ServiceValidator();
+ if(v.ns(ns).err()) {
+ return Result.err(Status.ERR_BadData,v.errs());
+ }
+
+ // check if user is allowed to view NS
+ Result<NsDAO.Data> rnd = ques.deriveNs(trans,ns);
+ if(rnd.notOK()) {
+ return Result.err(rnd);
+ }
+ rnd = ques.mayUser(trans, trans.user(), rnd.value, Access.read);
+ if(rnd.notOK()) {
+ return Result.err(rnd);
+ }
+
+ TimeTaken tt = trans.start("MAP Creds by NS to Creds", Env.SUB);
+ try {
+ USERS users = mapper.newInstance(API.USERS);
+ Result<List<CredDAO.Data>> rlcd = ques.credDAO.readNS(trans, ns);
+
+ if(rlcd.isOK()) {
+ if(!rlcd.isEmpty()) {
+ return mapper.cred(rlcd.value, users);
+ }
+ return Result.ok(users);
+ } else {
+ return Result.err(rlcd);
+ }
+ } finally {
+ tt.done();
+ }
+
+ }
+
+ @ApiDoc(
+ method = GET,
+ path = "/authn/creds/id/:ns",
+ params = {"id|string|true"},
+ expectedCode = 200,
+ errorCodes = {403,404,406},
+ text = { "Return all IDs in for ID"
+ ,"(because IDs are multiple, due to multiple Expiration Dates)"
+ }
+ )
+ @Override
+ public Result<USERS> getCredsByID(AuthzTrans trans, String id) {
+ final Validator v = new ServiceValidator();
+ if(v.nullOrBlank("ID",id).err()) {
+ return Result.err(Status.ERR_BadData,v.errs());
+ }
+
+ String ns = Question.domain2ns(id);
+ // check if user is allowed to view NS
+ Result<NsDAO.Data> rnd = ques.deriveNs(trans,ns);
+ if(rnd.notOK()) {
+ return Result.err(rnd);
+ }
+ rnd = ques.mayUser(trans, trans.user(), rnd.value, Access.read);
+ if(rnd.notOK()) {
+ return Result.err(rnd);
+ }
+
+ TimeTaken tt = trans.start("MAP Creds by ID to Creds", Env.SUB);
+ try {
+ USERS users = mapper.newInstance(API.USERS);
+ Result<List<CredDAO.Data>> rlcd = ques.credDAO.readID(trans, id);
+
+ if(rlcd.isOK()) {
+ if(!rlcd.isEmpty()) {
+ return mapper.cred(rlcd.value, users);
+ }
+ return Result.ok(users);
+ } else {
+ return Result.err(rlcd);
+ }
+ } finally {
+ tt.done();
+ }
+
+ }
+
+ @ApiDoc(
+ method = GET,
+ path = "/authn/certs/id/:id",
+ params = {"id|string|true"},
+ expectedCode = 200,
+ errorCodes = {403,404,406},
+ text = { "Return Cert Info for ID"
+ }
+ )
+ @Override
+ public Result<CERTS> getCertInfoByID(AuthzTrans trans, HttpServletRequest req, String id) {
+ TimeTaken tt = trans.start("Get Cert Info by ID", Env.SUB);
+ try {
+ CERTS certs = mapper.newInstance(API.CERTS);
+ Result<List<CertDAO.Data>> rlcd = ques.certDAO.readID(trans, id);
+
+ if(rlcd.isOK()) {
+ if(!rlcd.isEmpty()) {
+ return mapper.cert(rlcd.value, certs);
+ }
+ return Result.ok(certs);
+ } else {
+ return Result.err(rlcd);
+ }
+ } finally {
+ tt.done();
+ }
+
+ }
+
+ @ApiDoc(
+ method = PUT,
+ path = "/authn/cred",
+ params = {},
+ expectedCode = 200,
+ errorCodes = {300,403,404,406},
+ text = { "Reset a Credential Password. If multiple credentials exist for this",
+ "ID, you will need to specify which entry you are resetting in the",
+ "CredRequest object"
+ }
+ )
+ @Override
+ public Result<Void> changeUserCred(final AuthzTrans trans, REQUEST from) {
+ final String cmdDescription = "Update User Credential";
+ TimeTaken tt = trans.start(cmdDescription, Env.SUB);
+ try {
+ Result<CredDAO.Data> rcred = mapper.cred(trans, from, true);
+ if(rcred.isOKhasData()) {
+ rcred = ques.userCredSetup(trans, rcred.value);
+
+ final ServiceValidator v = new ServiceValidator();
+
+ if(v.cred(trans, trans.org(),rcred,false).err()) {// Note: Creates have stricter Validations
+ return Result.err(Status.ERR_BadData,v.errs());
+ }
+ Result<List<CredDAO.Data>> rlcd = ques.credDAO.readID(trans, rcred.value.id);
+ if(rlcd.notOKorIsEmpty()) {
+ return Result.err(Status.ERR_UserNotFound, "Credential does not exist");
+ }
+
+ MayChange mc = new MayChangeCred(trans, rcred.value);
+ Result<?> rmc = mc.mayChange();
+ if (rmc.notOK()) {
+ return Result.err(rmc);
+ }
+
+ Result<Integer> ri = selectEntryIfMultiple((CredRequest)from, rlcd.value);
+ if(ri.notOK()) {
+ return Result.err(ri);
+ }
+ int entry = ri.value;
+
+
+ final CredDAO.Data cred = rcred.value;
+
+ Result<FutureDAO.Data> fd = mapper.future(trans,CredDAO.TABLE,from, rcred.value,false,
+ new Mapper.Memo() {
+ @Override
+ public String get() {
+ return cmdDescription + " [" +
+ cred.id + '|'
+ + cred.type + '|'
+ + cred.expires + ']';
+ }
+ },
+ mc);
+
+ Result<List<NsDAO.Data>> nsr = ques.nsDAO.read(trans, rcred.value.ns);
+ if(nsr.notOKorIsEmpty()) {
+ return Result.err(nsr);
+ }
+
+ switch(fd.status) {
+ case OK:
+ Result<String> rfc = func.createFuture(trans, fd.value,
+ rcred.value.id + '|' + rcred.value.type.toString() + '|' + rcred.value.expires,
+ trans.user(), nsr.value.get(0), FUTURE_OP.U);
+ if(rfc.isOK()) {
+ return Result.err(Status.ACC_Future, "Credential Request [%s|%s|%s]",
+ rcred.value.id,
+ Integer.toString(rcred.value.type),
+ rcred.value.expires.toString());
+ } else {
+ return Result.err(rfc);
+ }
+ case Status.ACC_Now:
+ Result<?>udr = null;
+ // If we are Resetting Password on behalf of someone else (am not the Admin)
+ // use TempPassword Expiration time.
+ Expiration exp;
+ if(ques.isAdmin(trans, trans.user(), nsr.value.get(0).name)) {
+ exp = Expiration.Password;
+ } else {
+ exp = Expiration.TempPassword;
+ }
+
+ Organization org = trans.org();
+ CredDAO.Data current = rlcd.value.get(entry);
+ // If user resets password in same day, we will have a primary key conflict, so subtract 1 day
+ if (current.expires.equals(rcred.value.expires)
+ && rlcd.value.get(entry).type==rcred.value.type) {
+ GregorianCalendar gc = org.expiration(null, exp,rcred.value.id);
+ gc = Chrono.firstMomentOfDay(gc);
+ gc.set(GregorianCalendar.HOUR_OF_DAY, org.startOfDay());
+ rcred.value.expires = new Date(gc.getTimeInMillis() - DAY_IN_MILLIS);
+ } else {
+ rcred.value.expires = org.expiration(null,exp).getTime();
+ }
+ // Copy in other fields 10/21/2016
+ rcred.value.notes=current.notes;
+
+ udr = ques.credDAO.create(trans, rcred.value);
+ if(udr.isOK()) {
+ udr = ques.credDAO.delete(trans, rlcd.value.get(entry),false);
+ }
+ if (udr.isOK()) {
+ return Result.ok();
+ }
+
+ return Result.err(udr);
+ default:
+ return Result.err(fd);
+ }
+ } else {
+ return Result.err(rcred);
+ }
+ } finally {
+ tt.done();
+ }
+ }
+
+ /*
+ * Codify the way to get Either Choice Needed or actual Integer from Credit Request
+ */
+ private Result<Integer> selectEntryIfMultiple(final CredRequest cr, List<CredDAO.Data> lcd) {
+ int entry = 0;
+ if (lcd.size() > 1) {
+ String inputOption = cr.getEntry();
+ if (inputOption == null) {
+ String message = selectCredFromList(lcd, false);
+ String[] variables = buildVariables(lcd);
+ return Result.err(Status.ERR_ChoiceNeeded, message, variables);
+ } else {
+ entry = Integer.parseInt(inputOption) - 1;
+ }
+ if (entry < 0 || entry >= lcd.size()) {
+ return Result.err(Status.ERR_BadData, "User chose invalid credential selection");
+ }
+ }
+ return Result.ok(entry);
+ }
+
+ @ApiDoc(
+ method = PUT,
+ path = "/authn/cred/:days",
+ params = {"days|string|true"},
+ expectedCode = 200,
+ errorCodes = {300,403,404,406},
+ text = { "Extend a Credential Expiration Date. The intention of this API is",
+ "to avoid an outage in PROD due to a Credential expiring before it",
+ "can be configured correctly. Measures are being put in place ",
+ "so that this is not abused."
+ }
+ )
+ @Override
+ public Result<Void> extendUserCred(final AuthzTrans trans, REQUEST from, String days) {
+ TimeTaken tt = trans.start("Extend User Credential", Env.SUB);
+ try {
+ Result<CredDAO.Data> cred = mapper.cred(trans, from, false);
+ Organization org = trans.org();
+ final ServiceValidator v = new ServiceValidator();
+ if(v.notOK(cred).err() ||
+ v.nullOrBlank(cred.value.id, "Invalid ID").err() ||
+ v.user(org,cred.value.id).err()) {
+ return Result.err(Status.ERR_BadData,v.errs());
+ }
+
+ try {
+ String reason;
+ if ((reason=org.validate(trans, Policy.MAY_EXTEND_CRED_EXPIRES, new CassExecutor(trans,func)))!=null) {
+ return Result.err(Status.ERR_Policy,reason);
+ }
+ } catch (Exception e) {
+ String msg;
+ trans.error().log(e, msg="Could not contact Organization for User Validation");
+ return Result.err(Status.ERR_Denied, msg);
+ }
+
+ // Get the list of Cred Entries
+ Result<List<CredDAO.Data>> rlcd = ques.credDAO.readID(trans, cred.value.id);
+ if(rlcd.notOKorIsEmpty()) {
+ return Result.err(Status.ERR_UserNotFound, "Credential does not exist");
+ }
+
+ //Need to do the "Pick Entry" mechanism
+ Result<Integer> ri = selectEntryIfMultiple((CredRequest)from, rlcd.value);
+ if(ri.notOK()) {
+ return Result.err(ri);
+ }
+
+ CredDAO.Data found = rlcd.value.get(ri.value);
+ CredDAO.Data cd = cred.value;
+ // Copy over the cred
+ cd.id = found.id;
+ cd.cred = found.cred;
+ cd.other = found.other;
+ cd.type = found.type;
+ cd.notes = found.notes;
+ cd.ns = found.ns;
+ cd.expires = org.expiration(null, Expiration.ExtendPassword,days).getTime();
+
+ cred = ques.credDAO.create(trans, cd);
+ if(cred.isOK()) {
+ return Result.ok();
+ }
+ return Result.err(cred);
+ } finally {
+ tt.done();
+ }
+ }
+
+ private String[] buildVariables(List<CredDAO.Data> value) {
+ // ensure credentials are sorted so we can fully automate Cred regression test
+ Collections.sort(value, new Comparator<CredDAO.Data>() {
+ @Override
+ public int compare(CredDAO.Data cred1, CredDAO.Data cred2) {
+ return cred1.expires.compareTo(cred2.expires);
+ }
+ });
+ String [] vars = new String[value.size()+1];
+ vars[0]="Choice";
+ for (int i = 0; i < value.size(); i++) {
+ vars[i+1] = value.get(i).id + " " + value.get(i).type
+ + " |" + value.get(i).expires;
+ }
+ return vars;
+ }
+
+ private String selectCredFromList(List<CredDAO.Data> value, boolean isDelete) {
+ StringBuilder errMessage = new StringBuilder();
+ String userPrompt = isDelete?"Select which cred to delete (set force=true to delete all):":"Select which cred to update:";
+ int numSpaces = value.get(0).id.length() - "Id".length();
+
+ errMessage.append(userPrompt + '\n');
+ errMessage.append(" Id");
+ for (int i = 0; i < numSpaces; i++) {
+ errMessage.append(' ');
+ }
+ errMessage.append(" Type Expires" + '\n');
+ for(int i=0;i<value.size();++i) {
+ errMessage.append(" %s\n");
+ }
+ errMessage.append("Run same command again with chosen entry as last parameter");
+
+ return errMessage.toString();
+
+ }
+
+ @ApiDoc(
+ method = DELETE,
+ path = "/authn/cred",
+ params = {},
+ expectedCode = 200,
+ errorCodes = {300,403,404,406},
+ text = { "Delete a Credential. If multiple credentials exist for this",
+ "ID, you will need to specify which entry you are deleting in the",
+ "CredRequest object."
+ }
+ )
+ @Override
+ public Result<Void> deleteUserCred(AuthzTrans trans, REQUEST from) {
+ final Result<CredDAO.Data> cred = mapper.cred(trans, from, false);
+ final Validator v = new ServiceValidator();
+ if(v.nullOrBlank("cred", cred.value.id).err()) {
+ return Result.err(Status.ERR_BadData,v.errs());
+ }
+
+ Result<List<CredDAO.Data>> rlcd = ques.credDAO.readID(trans, cred.value.id);
+ if(rlcd.notOKorIsEmpty()) {
+ // Empty Creds should have no user_roles.
+ Result<List<UserRoleDAO.Data>> rlurd = ques.userRoleDAO.readByUser(trans, cred.value.id);
+ if(rlurd.isOK()) {
+ for(UserRoleDAO.Data data : rlurd.value) {
+ ques.userRoleDAO.delete(trans, data, false);
+ }
+ }
+ return Result.err(Status.ERR_UserNotFound, "Credential does not exist");
+ }
+ boolean isLastCred = rlcd.value.size()==1;
+
+ MayChange mc = new MayChangeCred(trans,cred.value);
+ Result<?> rmc = mc.mayChange();
+ if (rmc.notOK()) {
+ return Result.err(rmc);
+ }
+
+ int entry = 0;
+ if(!trans.requested(force)) {
+ if (rlcd.value.size() > 1) {
+ CredRequest cr = (CredRequest)from;
+ String inputOption = cr.getEntry();
+ if (inputOption == null) {
+ String message = selectCredFromList(rlcd.value, true);
+ String[] variables = buildVariables(rlcd.value);
+ return Result.err(Status.ERR_ChoiceNeeded, message, variables);
+ } else {
+ try {
+ if(inputOption.length()>5) { // should be a date
+ Date d = Chrono.xmlDatatypeFactory.newXMLGregorianCalendar(inputOption).toGregorianCalendar().getTime();
+ entry = 0;
+ for(CredDAO.Data cd : rlcd.value) {
+ if(cd.type.equals(cr.getType()) && cd.expires.equals(d)) {
+ break;
+ }
+ ++entry;
+ }
+ } else {
+ entry = Integer.parseInt(inputOption) - 1;
+ }
+ } catch(NullPointerException e) {
+ return Result.err(Status.ERR_BadData, "Invalid Date Format for Entry");
+ } catch(NumberFormatException e) {
+ return Result.err(Status.ERR_BadData, "User chose invalid credential selection");
+ }
+ }
+ isLastCred = (entry==-1)?true:false;
+ } else {
+ isLastCred = true;
+ }
+ if (entry < -1 || entry >= rlcd.value.size()) {
+ return Result.err(Status.ERR_BadData, "User chose invalid credential selection");
+ }
+ }
+
+ Result<FutureDAO.Data> fd = mapper.future(trans,CredDAO.TABLE,from,cred.value,false,
+ new Mapper.Memo() {
+ @Override
+ public String get() {
+ return "Delete Credential [" +
+ cred.value.id +
+ ']';
+ }
+ },
+ mc);
+
+ Result<List<NsDAO.Data>> nsr = ques.nsDAO.read(trans, cred.value.ns);
+ if(nsr.notOKorIsEmpty()) {
+ return Result.err(nsr);
+ }
+
+ switch(fd.status) {
+ case OK:
+ Result<String> rfc = func.createFuture(trans, fd.value, cred.value.id,
+ trans.user(), nsr.value.get(0), FUTURE_OP.D);
+
+ if(rfc.isOK()) {
+ return Result.err(Status.ACC_Future, "Credential Delete [%s] is saved for future processing",cred.value.id);
+ } else {
+ return Result.err(rfc);
+ }
+ case Status.ACC_Now:
+ Result<?>udr = null;
+ if (!trans.requested(force)) {
+ if(entry<0 || entry >= rlcd.value.size()) {
+ return Result.err(Status.ERR_BadData,"Invalid Choice [" + entry + "] chosen for Delete [%s] is saved for future processing",cred.value.id);
+ }
+ udr = ques.credDAO.delete(trans, rlcd.value.get(entry),false);
+ } else {
+ for (CredDAO.Data curr : rlcd.value) {
+ udr = ques.credDAO.delete(trans, curr, false);
+ if (udr.notOK()) {
+ return Result.err(udr);
+ }
+ }
+ }
+ if(isLastCred) {
+ Result<List<UserRoleDAO.Data>> rlurd = ques.userRoleDAO.readByUser(trans, cred.value.id);
+ if(rlurd.isOK()) {
+ for(UserRoleDAO.Data data : rlurd.value) {
+ ques.userRoleDAO.delete(trans, data, false);
+ }
+ }
+ }
+ if(udr==null) {
+ return Result.err(Result.ERR_NotFound,"No User Data found");
+ }
+ if (udr.isOK()) {
+ return Result.ok();
+ }
+ return Result.err(udr);
+ default:
+ return Result.err(fd);
+ }
+
+ }
+
+
+ @Override
+ public Result<Date> doesCredentialMatch(AuthzTrans trans, REQUEST credReq) {
+ TimeTaken tt = trans.start("Does Credential Match", Env.SUB);
+ try {
+ // Note: Mapper assigns RAW type
+ Result<CredDAO.Data> data = mapper.cred(trans, credReq,false);
+ if(data.notOKorIsEmpty()) {
+ return Result.err(data);
+ }
+ CredDAO.Data cred = data.value; // of the Mapped Cred
+ if(cred.cred==null) {
+ return Result.err(Result.ERR_BadData,"No Password");
+ } else {
+ return ques.doesUserCredMatch(trans, cred.id, cred.cred.array());
+ }
+
+ } catch (DAOException e) {
+ trans.error().log(e,"Error looking up cred");
+ return Result.err(Status.ERR_Denied,"Credential does not match");
+ } finally {
+ tt.done();
+ }
+ }
+
+ @ApiDoc(
+ method = GET,
+ path = "/authn/basicAuth",
+ params = {},
+ expectedCode = 200,
+ errorCodes = { 403 },
+ text = { "!!!! DEPRECATED without X509 Authentication STOP USING THIS API BY DECEMBER 2017, or use Certificates !!!!\n"
+ + "Use /authn/validate instead\n"
+ + "Note: Validate a Password using BasicAuth Base64 encoded Header. This HTTP/S call is intended as a fast"
+ + " User/Password lookup for Security Frameworks, and responds 200 if it passes BasicAuth "
+ + "security, and 403 if it does not." }
+ )
+ private void basicAuth() {
+ // This is a place holder for Documentation. The real BasicAuth API does not call Service.
+ }
+
+ @ApiDoc(
+ method = POST,
+ path = "/authn/validate",
+ params = {},
+ expectedCode = 200,
+ errorCodes = { 403 },
+ text = { "Validate a Credential given a Credential Structure. This is a more comprehensive validation, can "
+ + "do more than BasicAuth as Credential types exp" }
+ )
+ @Override
+ public Result<Date> validateBasicAuth(AuthzTrans trans, String basicAuth) {
+ //TODO how to make sure people don't use this in browsers? Do we care?
+ TimeTaken tt = trans.start("Validate Basic Auth", Env.SUB);
+ try {
+ BasicPrincipal bp = new BasicPrincipal(basicAuth,trans.org().getRealm());
+ Result<Date> rq = ques.doesUserCredMatch(trans, bp.getName(), bp.getCred());
+ // Note: Only want to log problem, don't want to send back to end user
+ if(rq.isOK()) {
+ return rq;
+ } else {
+ trans.audit().log(rq.errorString());
+ }
+ } catch (Exception e) {
+ trans.warn().log(e);
+ } finally {
+ tt.done();
+ }
+ return Result.err(Status.ERR_Denied,"Bad Basic Auth");
+ }
/***********************************
* USER-ROLE
***********************************/
- @ApiDoc(
- method = POST,
- path = "/authz/userRole",
- params = {},
- expectedCode = 201,
- errorCodes = {403,404,406,409},
- text = { "Create a UserRole relationship (add User to Role)",
- "A UserRole is an object Representation of membership of a Role for limited time.",
- "If a shorter amount of time for Role ownership is required, use the 'End' field.",
- "** Note: Owners of Namespaces will be required to revalidate users in these roles ",
- "before Expirations expire. Namespace owners will be notified by email."
- }
- )
- @Override
- public Result<Void> createUserRole(final AuthzTrans trans, REQUEST from) {
- TimeTaken tt = trans.start("Create UserRole", Env.SUB);
- try {
- Result<UserRoleDAO.Data> urr = mapper.userRole(trans, from);
- if(urr.notOKorIsEmpty()) {
- return Result.err(urr);
- }
- final UserRoleDAO.Data userRole = urr.value;
-
- final ServiceValidator v = new ServiceValidator();
- if(v.user_role(userRole).err() ||
- v.user(trans.org(), userRole.user).err()) {
- return Result.err(Status.ERR_BadData,v.errs());
- }
-
-
-
- // Check if user can change first
- Result<FutureDAO.Data> fd = mapper.future(trans,UserRoleDAO.TABLE,from,urr.value,true, // may request Approvals
- new Mapper.Memo() {
- @Override
- public String get() {
- return "Add User [" + userRole.user + "] to Role [" +
- userRole.role +
- ']';
- }
- },
- new MayChange() {
- private Result<NsDAO.Data> nsd;
- @Override
- public Result<?> mayChange() {
- if(nsd==null) {
- RoleDAO.Data r = RoleDAO.Data.decode(userRole);
- nsd = ques.mayUser(trans, trans.user(), r, Access.write);
- }
- return nsd;
- }
- });
- Result<NsDAO.Data> nsr = ques.deriveNs(trans, userRole.role);
- if(nsr.notOKorIsEmpty()) {
- return Result.err(nsr);
- }
-
- switch(fd.status) {
- case OK:
- Result<String> rfc = func.createFuture(trans, fd.value, userRole.user+'|'+userRole.ns + '.' + userRole.rname,
- userRole.user, nsr.value, FUTURE_OP.C);
- if(rfc.isOK()) {
- return Result.err(Status.ACC_Future, "UserRole [%s - %s.%s] is saved for future processing",
- userRole.user,
- userRole.ns,
- userRole.rname);
- } else {
- return Result.err(rfc);
- }
- case Status.ACC_Now:
- return func.addUserRole(trans, userRole);
- default:
- return Result.err(fd);
- }
- } finally {
- tt.done();
- }
- }
-
- /**
- * getUserRolesByRole
- */
- @ApiDoc(
- method = GET,
- path = "/authz/userRoles/role/:role",
- params = {"role|string|true"},
- expectedCode = 200,
- errorCodes = {404,406},
- text = { "List all Users that are attached to Role specified in :role",
- }
- )
- @Override
- public Result<USERROLES> getUserRolesByRole(AuthzTrans trans, String role) {
- final Validator v = new ServiceValidator();
- if(v.nullOrBlank("Role",role).err()) {
- return Result.err(Status.ERR_BadData,v.errs());
- }
-
- Result<RoleDAO.Data> rrdd;
- rrdd = RoleDAO.Data.decode(trans,ques,role);
- if(rrdd.notOK()) {
- return Result.err(rrdd);
- }
- // May Requester see result?
- Result<NsDAO.Data> ns = ques.mayUser(trans,trans.user(), rrdd.value,Access.read);
- if (ns.notOK()) {
- return Result.err(ns);
- }
-
- // boolean filter = true;
- // if (ns.value.isAdmin(trans.user()) || ns.value.isResponsible(trans.user()))
- // filter = false;
-
- // Get list of roles per user, then add to Roles as we go
- HashSet<UserRoleDAO.Data> userSet = new HashSet<>();
- Result<List<UserRoleDAO.Data>> rlurd = ques.userRoleDAO.readByRole(trans, role);
- if(rlurd.isOK()) {
- for(UserRoleDAO.Data data : rlurd.value) {
- userSet.add(data);
- }
- }
-
- @SuppressWarnings("unchecked")
- USERROLES users = (USERROLES) mapper.newInstance(API.USER_ROLES);
- // Checked for permission
- mapper.userRoles(trans, userSet, users);
- return Result.ok(users);
- }
- /**
- * getUserRolesByRole
- */
- @ApiDoc(
- method = GET,
- path = "/authz/userRoles/user/:user",
- params = {"role|string|true"},
- expectedCode = 200,
- errorCodes = {404,406},
- text = { "List all UserRoles for :user",
- }
- )
- @Override
- public Result<USERROLES> getUserRolesByUser(AuthzTrans trans, String user) {
- final Validator v = new ServiceValidator();
- if(v.nullOrBlank("User",user).err()) {
- return Result.err(Status.ERR_BadData,v.errs());
- }
-
- // Get list of roles per user, then add to Roles as we go
- Result<List<UserRoleDAO.Data>> rlurd = ques.userRoleDAO.readByUser(trans, user);
- if(rlurd.notOK()) {
- return Result.err(rlurd);
- }
-
- /* Check for
- * 1) is User
- * 2) is User's Supervisor
- * 3) Has special global access =read permission
- *
- * If none of the 3, then filter results to NSs in which Calling User has Ns.access * read
- */
- boolean mustFilter;
- String callingUser = trans.getUserPrincipal().getName();
- NsDAO.Data ndd = new NsDAO.Data();
-
- if(user.equals(callingUser)) {
- mustFilter = false;
- } else {
- Organization org = trans.org();
- try {
- Identity orgID = org.getIdentity(trans, user);
- Identity manager = orgID==null?null:orgID.responsibleTo();
- if(orgID!=null && (manager!=null && callingUser.equals(manager.fullID()))) {
- mustFilter = false;
- } else if(ques.isGranted(trans, callingUser, ROOT_NS, Question.ACCESS, "*", Access.read.name())) {
- mustFilter=false;
- } else {
- mustFilter = true;
- }
- } catch (OrganizationException e) {
- trans.env().log(e);
- mustFilter = true;
- }
- }
-
- List<UserRoleDAO.Data> content;
- if(mustFilter) {
- content = new ArrayList<>(rlurd.value.size()); // avoid multi-memory redos
-
- for(UserRoleDAO.Data data : rlurd.value) {
- ndd.name=data.ns;
- Result<Data> mur = ques.mayUser(trans, callingUser, ndd, Access.read);
- if(mur.isOK()){
- content.add(data);
- }
- }
-
- } else {
- content = rlurd.value;
- }
-
-
- @SuppressWarnings("unchecked")
- USERROLES users = (USERROLES) mapper.newInstance(API.USER_ROLES);
- // Checked for permission
- mapper.userRoles(trans, content, users);
- return Result.ok(users);
- }
-
-
- @ApiDoc(
- method = PUT,
- path = "/authz/userRole/user",
- params = {},
- expectedCode = 200,
- errorCodes = {403,404,406},
- text = { "Set a User's roles to the roles specified in the UserRoleRequest object.",
- "WARNING: Roles supplied will be the ONLY roles attached to this user",
- "If no roles are supplied, user's roles are reset."
- }
- )
- @Override
- public Result<Void> resetRolesForUser(AuthzTrans trans, REQUEST rreq) {
- Result<UserRoleDAO.Data> rurdd = mapper.userRole(trans, rreq);
- final ServiceValidator v = new ServiceValidator();
- if(rurdd.notOKorIsEmpty()) {
- return Result.err(rurdd);
- }
- if (v.user(trans.org(), rurdd.value.user).err()) {
- return Result.err(Status.ERR_BadData,v.errs());
- }
-
- Set<String> currRoles = new HashSet<>();
- Result<List<UserRoleDAO.Data>> rlurd = ques.userRoleDAO.readByUser(trans, rurdd.value.user);
- if(rlurd.isOK()) {
- for(UserRoleDAO.Data data : rlurd.value) {
- currRoles.add(data.role);
- }
- }
-
- Result<Void> rv = null;
- String[] roles;
- if(rurdd.value.role==null) {
- roles = new String[0];
- } else {
- roles = rurdd.value.role.split(",");
- }
-
- for (String role : roles) {
- if (v.role(role).err()) {
- return Result.err(Status.ERR_BadData,v.errs());
- }
- Result<RoleDAO.Data> rrdd = RoleDAO.Data.decode(trans, ques, role);
- if(rrdd.notOK()) {
- return Result.err(rrdd);
- }
-
- rurdd.value.role(rrdd.value);
-
- Result<NsDAO.Data> nsd = ques.mayUser(trans, trans.user(), rrdd.value,Access.write);
- if (nsd.notOK()) {
- return Result.err(nsd);
- }
- Result<NsDAO.Data> nsr = ques.deriveNs(trans, role);
- if(nsr.notOKorIsEmpty()) {
- return Result.err(nsr);
- }
-
- if(currRoles.contains(role)) {
- currRoles.remove(role);
- } else {
- rv = func.addUserRole(trans, rurdd.value);
- if (rv.notOK()) {
- return rv;
- }
- }
- }
-
- for (String role : currRoles) {
- rurdd.value.role(trans,ques,role);
- rv = ques.userRoleDAO.delete(trans, rurdd.value, false);
- if(rv.notOK()) {
- trans.info().log(rurdd.value.user,"/",rurdd.value.role, "expected to be deleted, but does not exist");
- // return rv; // if it doesn't exist, don't error out
- }
-
- }
-
- return Result.ok();
-
- }
-
- @ApiDoc(
- method = PUT,
- path = "/authz/userRole/role",
- params = {},
- expectedCode = 200,
- errorCodes = {403,404,406},
- text = { "Set a Role's users to the users specified in the UserRoleRequest object.",
- "WARNING: Users supplied will be the ONLY users attached to this role",
- "If no users are supplied, role's users are reset."
- }
- )
- @Override
- public Result<Void> resetUsersForRole(AuthzTrans trans, REQUEST rreq) {
- Result<UserRoleDAO.Data> rurdd = mapper.userRole(trans, rreq);
- if(rurdd.notOKorIsEmpty()) {
- return Result.err(rurdd);
- }
- final ServiceValidator v = new ServiceValidator();
- if (v.user_role(rurdd.value).err()) {
- return Result.err(Status.ERR_BadData,v.errs());
- }
-
- RoleDAO.Data rd = RoleDAO.Data.decode(rurdd.value);
-
- Result<NsDAO.Data> nsd = ques.mayUser(trans, trans.user(), rd, Access.write);
- if (nsd.notOK()) {
- return Result.err(nsd);
- }
-
- Result<NsDAO.Data> nsr = ques.deriveNs(trans, rurdd.value.role);
- if(nsr.notOKorIsEmpty()) {
- return Result.err(nsr);
- }
-
- Set<String> currUsers = new HashSet<>();
- Result<List<UserRoleDAO.Data>> rlurd = ques.userRoleDAO.readByRole(trans, rurdd.value.role);
- if(rlurd.isOK()) {
- for(UserRoleDAO.Data data : rlurd.value) {
- currUsers.add(data.user);
- }
- }
-
- // found when connected remotely to DEVL, can't replicate locally
- // inconsistent errors with cmd: role user setTo [nothing]
- // deleteUserRole --> read --> get --> cacheIdx(?)
- // sometimes returns idx for last added user instead of user passed in
- // cache bug?
-
-
- Result<Void> rv = null;
- String[] users = {};
- if (rurdd.value.user != null) {
- users = rurdd.value.user.split(",");
- }
-
- for (String user : users) {
- if (v.user(trans.org(), user).err()) {
- return Result.err(Status.ERR_BadData,v.errs());
- }
- rurdd.value.user = user;
-
- if(currUsers.contains(user)) {
- currUsers.remove(user);
- } else {
- rv = func.addUserRole(trans, rurdd.value);
- if (rv.notOK()) {
- return rv;
- }
- }
- }
-
- for (String user : currUsers) {
- rurdd.value.user = user;
- rv = ques.userRoleDAO.delete(trans, rurdd.value, false);
- if(rv.notOK()) {
- trans.info().log(rurdd.value, "expected to be deleted, but not exists");
- return rv;
- }
- }
-
- return Result.ok();
- }
-
- @ApiDoc(
- method = GET,
- path = "/authz/userRole/extend/:user/:role",
- params = { "user|string|true",
- "role|string|true"
- },
- expectedCode = 200,
- errorCodes = {403,404,406},
- text = { "Extend the Expiration of this User Role by the amount set by Organization",
- "Requestor must be allowed to modify the role"
- }
- )
- @Override
- public Result<Void> extendUserRole(AuthzTrans trans, String user, String role) {
- Organization org = trans.org();
- final ServiceValidator v = new ServiceValidator();
- if(v.user(org, user)
- .role(role)
- .err()) {
- return Result.err(Status.ERR_BadData,v.errs());
- }
-
- Result<RoleDAO.Data> rrdd = RoleDAO.Data.decode(trans,ques,role);
- if(rrdd.notOK()) {
- return Result.err(rrdd);
- }
-
- Result<NsDAO.Data> rcr = ques.mayUser(trans, trans.user(), rrdd.value, Access.write);
- boolean mayNotChange;
- if((mayNotChange = rcr.notOK()) && !trans.requested(future)) {
- return Result.err(rcr);
- }
-
- Result<List<UserRoleDAO.Data>> rr = ques.userRoleDAO.read(trans, user,role);
- if(rr.notOK()) {
- return Result.err(rr);
- }
- for(UserRoleDAO.Data userRole : rr.value) {
- if(mayNotChange) { // Function exited earlier if !trans.futureRequested
- FutureDAO.Data fto = new FutureDAO.Data();
- fto.target=UserRoleDAO.TABLE;
- fto.memo = "Extend User ["+userRole.user+"] in Role ["+userRole.role+"]";
- GregorianCalendar now = new GregorianCalendar();
- fto.start = now.getTime();
- fto.expires = org.expiration(now, Expiration.Future).getTime();
- try {
- fto.construct = userRole.bytify();
- } catch (IOException e) {
- trans.error().log(e, "Error while bytifying UserRole for Future");
- return Result.err(e);
- }
-
- Result<String> rfc = func.createFuture(trans, fto,
- userRole.user+'|'+userRole.role, userRole.user, rcr.value, FUTURE_OP.U);
- if(rfc.isOK()) {
- return Result.err(Status.ACC_Future, "UserRole [%s - %s] is saved for future processing",
- userRole.user,
- userRole.role);
- } else {
- return Result.err(rfc);
- }
- } else {
- return func.extendUserRole(trans, userRole, false);
- }
- }
- return Result.err(Result.ERR_NotFound,"This user and role doesn't exist");
- }
-
- @ApiDoc(
- method = DELETE,
- path = "/authz/userRole/:user/:role",
- params = { "user|string|true",
- "role|string|true"
- },
- expectedCode = 200,
- errorCodes = {403,404,406},
- text = { "Remove Role :role from User :user."
- }
- )
- @Override
- public Result<Void> deleteUserRole(AuthzTrans trans, String usr, String role) {
- Validator val = new ServiceValidator();
- if(val.nullOrBlank("User", usr)
- .nullOrBlank("Role", role).err()) {
- return Result.err(Status.ERR_BadData, val.errs());
- }
-
- boolean mayNotChange;
- Result<RoleDAO.Data> rrdd = RoleDAO.Data.decode(trans,ques,role);
- if(rrdd.notOK()) {
- return Result.err(rrdd);
- }
-
- RoleDAO.Data rdd = rrdd.value;
- Result<NsDAO.Data> rns = ques.mayUser(trans, trans.user(), rdd, Access.write);
-
- // Make sure we don't delete the last owner of valid NS
- if(rns.isOKhasData() && Question.OWNER.equals(rdd.name) && ques.countOwner(trans,rdd.ns)<=1) {
- return Result.err(Status.ERR_Denied,"You may not delete the last Owner of " + rdd.ns );
- }
-
- if(mayNotChange=rns.notOK()) {
- if(!trans.requested(future)) {
- return Result.err(rns);
- }
- }
-
- Result<List<UserRoleDAO.Data>> rulr;
- if((rulr=ques.userRoleDAO.read(trans, usr, role)).notOKorIsEmpty()) {
- return Result.err(Status.ERR_UserRoleNotFound, "User [ "+usr+" ] is not "
- + "Assigned to the Role [ " + role + " ]");
- }
-
- UserRoleDAO.Data userRole = rulr.value.get(0);
- if(mayNotChange) { // Function exited earlier if !trans.futureRequested
- FutureDAO.Data fto = new FutureDAO.Data();
- fto.target=UserRoleDAO.TABLE;
- fto.memo = "Remove User ["+userRole.user+"] from Role ["+userRole.role+"]";
- GregorianCalendar now = new GregorianCalendar();
- fto.start = now.getTime();
- fto.expires = trans.org().expiration(now, Expiration.Future).getTime();
-
- Result<String> rfc = func.createFuture(trans, fto,
- userRole.user+'|'+userRole.role, userRole.user, rns.value, FUTURE_OP.D);
- if(rfc.isOK()) {
- return Result.err(Status.ACC_Future, "UserRole [%s - %s] is saved for future processing",
- userRole.user,
- userRole.role);
- } else {
- return Result.err(rfc);
- }
- } else {
- return ques.userRoleDAO.delete(trans, rulr.value.get(0), false);
- }
- }
-
- @ApiDoc(
- method = GET,
- path = "/authz/userRole/:user/:role",
- params = {"user|string|true",
- "role|string|true"},
- expectedCode = 200,
- errorCodes = {403,404,406},
- text = { "Returns the User (with Expiration date from listed User/Role) if it exists"
- }
- )
- @Override
- public Result<USERS> getUserInRole(AuthzTrans trans, String user, String role) {
- final Validator v = new ServiceValidator();
- if(v.role(role).nullOrBlank("User", user).err()) {
- return Result.err(Status.ERR_BadData,v.errs());
- }
-
-// Result<NsDAO.Data> ns = ques.deriveNs(trans, role);
-// if (ns.notOK()) return Result.err(ns);
-//
-// Result<NsDAO.Data> rnd = ques.mayUser(trans, trans.user(), ns.value, Access.write);
- // May calling user see by virtue of the Role
- Result<RoleDAO.Data> rrdd = RoleDAO.Data.decode(trans, ques, role);
- if(rrdd.notOK()) {
- return Result.err(rrdd);
- }
- Result<NsDAO.Data> rnd = ques.mayUser(trans, trans.user(), rrdd.value,Access.read);
- if(rnd.notOK()) {
- return Result.err(rnd);
- }
-
- HashSet<UserRoleDAO.Data> userSet = new HashSet<>();
- Result<List<UserRoleDAO.Data>> rlurd = ques.userRoleDAO.readUserInRole(trans, user, role);
- if(rlurd.isOK()) {
- for(UserRoleDAO.Data data : rlurd.value) {
- userSet.add(data);
- }
- }
-
- @SuppressWarnings("unchecked")
- USERS users = (USERS) mapper.newInstance(API.USERS);
- mapper.users(trans, userSet, users);
- return Result.ok(users);
- }
-
- @ApiDoc(
- method = GET,
- path = "/authz/users/role/:role",
- params = {"user|string|true",
- "role|string|true"},
- expectedCode = 200,
- errorCodes = {403,404,406},
- text = { "Returns the User (with Expiration date from listed User/Role) if it exists"
- }
- )
- @Override
- public Result<USERS> getUsersByRole(AuthzTrans trans, String role) {
- final Validator v = new ServiceValidator();
- if(v.nullOrBlank("Role",role).err()) {
- return Result.err(Status.ERR_BadData,v.errs());
- }
-
-// Result<NsDAO.Data> ns = ques.deriveNs(trans, role);
-// if (ns.notOK()) return Result.err(ns);
-//
-// Result<NsDAO.Data> rnd = ques.mayUser(trans, trans.user(), ns.value, Access.write);
- // May calling user see by virtue of the Role
- Result<RoleDAO.Data> rrdd = RoleDAO.Data.decode(trans, ques, role);
- if(rrdd.notOK()) {
- return Result.err(rrdd);
- }
-
- boolean contactOnly = false;
- // Allow the request of any valid user to find the contact of the NS (Owner)
- Result<NsDAO.Data> rnd = ques.mayUser(trans, trans.user(), rrdd.value,Access.read);
- if(rnd.notOK()) {
- if(Question.OWNER.equals(rrdd.value.name)) {
- contactOnly = true;
- } else {
- return Result.err(rnd);
- }
- }
-
- HashSet<UserRoleDAO.Data> userSet = new HashSet<>();
- Result<List<UserRoleDAO.Data>> rlurd = ques.userRoleDAO.readByRole(trans, role);
- if(rlurd.isOK()) {
- for(UserRoleDAO.Data data : rlurd.value) {
- if(contactOnly) { //scrub data
- // Can't change actual object, or will mess up the cache.
- UserRoleDAO.Data scrub = new UserRoleDAO.Data();
- scrub.ns = data.ns;
- scrub.rname = data.rname;
- scrub.role = data.role;
- scrub.user = data.user;
- userSet.add(scrub);
- } else {
- userSet.add(data);
- }
- }
- }
-
- @SuppressWarnings("unchecked")
- USERS users = (USERS) mapper.newInstance(API.USERS);
- mapper.users(trans, userSet, users);
- return Result.ok(users);
- }
-
- /**
- * getUsersByPermission
- */
+ @ApiDoc(
+ method = POST,
+ path = "/authz/userRole",
+ params = {},
+ expectedCode = 201,
+ errorCodes = {403,404,406,409},
+ text = { "Create a UserRole relationship (add User to Role)",
+ "A UserRole is an object Representation of membership of a Role for limited time.",
+ "If a shorter amount of time for Role ownership is required, use the 'End' field.",
+ "** Note: Owners of Namespaces will be required to revalidate users in these roles ",
+ "before Expirations expire. Namespace owners will be notified by email."
+ }
+ )
+ @Override
+ public Result<Void> createUserRole(final AuthzTrans trans, REQUEST from) {
+ TimeTaken tt = trans.start("Create UserRole", Env.SUB);
+ try {
+ Result<UserRoleDAO.Data> urr = mapper.userRole(trans, from);
+ if(urr.notOKorIsEmpty()) {
+ return Result.err(urr);
+ }
+ final UserRoleDAO.Data userRole = urr.value;
+
+ final ServiceValidator v = new ServiceValidator();
+ if(v.user_role(userRole).err() ||
+ v.user(trans.org(), userRole.user).err()) {
+ return Result.err(Status.ERR_BadData,v.errs());
+ }
+
+
+
+ // Check if user can change first
+ Result<FutureDAO.Data> fd = mapper.future(trans,UserRoleDAO.TABLE,from,urr.value,true, // may request Approvals
+ new Mapper.Memo() {
+ @Override
+ public String get() {
+ return "Add User [" + userRole.user + "] to Role [" +
+ userRole.role +
+ ']';
+ }
+ },
+ new MayChange() {
+ private Result<NsDAO.Data> nsd;
+ @Override
+ public Result<?> mayChange() {
+ if(nsd==null) {
+ RoleDAO.Data r = RoleDAO.Data.decode(userRole);
+ nsd = ques.mayUser(trans, trans.user(), r, Access.write);
+ }
+ return nsd;
+ }
+ });
+ Result<NsDAO.Data> nsr = ques.deriveNs(trans, userRole.role);
+ if(nsr.notOKorIsEmpty()) {
+ return Result.err(nsr);
+ }
+
+ switch(fd.status) {
+ case OK:
+ Result<String> rfc = func.createFuture(trans, fd.value, userRole.user+'|'+userRole.ns + '.' + userRole.rname,
+ userRole.user, nsr.value, FUTURE_OP.C);
+ if(rfc.isOK()) {
+ return Result.err(Status.ACC_Future, "UserRole [%s - %s.%s] is saved for future processing",
+ userRole.user,
+ userRole.ns,
+ userRole.rname);
+ } else {
+ return Result.err(rfc);
+ }
+ case Status.ACC_Now:
+ return func.addUserRole(trans, userRole);
+ default:
+ return Result.err(fd);
+ }
+ } finally {
+ tt.done();
+ }
+ }
+
+ /**
+ * getUserRolesByRole
+ */
+ @ApiDoc(
+ method = GET,
+ path = "/authz/userRoles/role/:role",
+ params = {"role|string|true"},
+ expectedCode = 200,
+ errorCodes = {404,406},
+ text = { "List all Users that are attached to Role specified in :role",
+ }
+ )
+ @Override
+ public Result<USERROLES> getUserRolesByRole(AuthzTrans trans, String role) {
+ final Validator v = new ServiceValidator();
+ if(v.nullOrBlank("Role",role).err()) {
+ return Result.err(Status.ERR_BadData,v.errs());
+ }
+
+ Result<RoleDAO.Data> rrdd;
+ rrdd = RoleDAO.Data.decode(trans,ques,role);
+ if(rrdd.notOK()) {
+ return Result.err(rrdd);
+ }
+ // May Requester see result?
+ Result<NsDAO.Data> ns = ques.mayUser(trans,trans.user(), rrdd.value,Access.read);
+ if (ns.notOK()) {
+ return Result.err(ns);
+ }
+
+ // boolean filter = true;
+ // if (ns.value.isAdmin(trans.user()) || ns.value.isResponsible(trans.user()))
+ // filter = false;
+
+ // Get list of roles per user, then add to Roles as we go
+ HashSet<UserRoleDAO.Data> userSet = new HashSet<>();
+ Result<List<UserRoleDAO.Data>> rlurd = ques.userRoleDAO.readByRole(trans, role);
+ if(rlurd.isOK()) {
+ for(UserRoleDAO.Data data : rlurd.value) {
+ userSet.add(data);
+ }
+ }
+
+ @SuppressWarnings("unchecked")
+ USERROLES users = (USERROLES) mapper.newInstance(API.USER_ROLES);
+ // Checked for permission
+ mapper.userRoles(trans, userSet, users);
+ return Result.ok(users);
+ }
+ /**
+ * getUserRolesByRole
+ */
+ @ApiDoc(
+ method = GET,
+ path = "/authz/userRoles/user/:user",
+ params = {"role|string|true"},
+ expectedCode = 200,
+ errorCodes = {404,406},
+ text = { "List all UserRoles for :user",
+ }
+ )
+ @Override
+ public Result<USERROLES> getUserRolesByUser(AuthzTrans trans, String user) {
+ final Validator v = new ServiceValidator();
+ if(v.nullOrBlank("User",user).err()) {
+ return Result.err(Status.ERR_BadData,v.errs());
+ }
+
+ // Get list of roles per user, then add to Roles as we go
+ Result<List<UserRoleDAO.Data>> rlurd = ques.userRoleDAO.readByUser(trans, user);
+ if(rlurd.notOK()) {
+ return Result.err(rlurd);
+ }
+
+ /* Check for
+ * 1) is User
+ * 2) is User's Supervisor
+ * 3) Has special global access =read permission
+ *
+ * If none of the 3, then filter results to NSs in which Calling User has Ns.access * read
+ */
+ boolean mustFilter;
+ String callingUser = trans.getUserPrincipal().getName();
+ NsDAO.Data ndd = new NsDAO.Data();
+
+ if(user.equals(callingUser)) {
+ mustFilter = false;
+ } else {
+ Organization org = trans.org();
+ try {
+ Identity orgID = org.getIdentity(trans, user);
+ Identity manager = orgID==null?null:orgID.responsibleTo();
+ if(orgID!=null && (manager!=null && callingUser.equals(manager.fullID()))) {
+ mustFilter = false;
+ } else if(ques.isGranted(trans, callingUser, ROOT_NS, Question.ACCESS, "*", Access.read.name())) {
+ mustFilter=false;
+ } else {
+ mustFilter = true;
+ }
+ } catch (OrganizationException e) {
+ trans.env().log(e);
+ mustFilter = true;
+ }
+ }
+
+ List<UserRoleDAO.Data> content;
+ if(mustFilter) {
+ content = new ArrayList<>(rlurd.value.size()); // avoid multi-memory redos
+
+ for(UserRoleDAO.Data data : rlurd.value) {
+ ndd.name=data.ns;
+ Result<Data> mur = ques.mayUser(trans, callingUser, ndd, Access.read);
+ if(mur.isOK()){
+ content.add(data);
+ }
+ }
+
+ } else {
+ content = rlurd.value;
+ }
+
+
+ @SuppressWarnings("unchecked")
+ USERROLES users = (USERROLES) mapper.newInstance(API.USER_ROLES);
+ // Checked for permission
+ mapper.userRoles(trans, content, users);
+ return Result.ok(users);
+ }
+
+
+ @ApiDoc(
+ method = PUT,
+ path = "/authz/userRole/user",
+ params = {},
+ expectedCode = 200,
+ errorCodes = {403,404,406},
+ text = { "Set a User's roles to the roles specified in the UserRoleRequest object.",
+ "WARNING: Roles supplied will be the ONLY roles attached to this user",
+ "If no roles are supplied, user's roles are reset."
+ }
+ )
+ @Override
+ public Result<Void> resetRolesForUser(AuthzTrans trans, REQUEST rreq) {
+ Result<UserRoleDAO.Data> rurdd = mapper.userRole(trans, rreq);
+ final ServiceValidator v = new ServiceValidator();
+ if(rurdd.notOKorIsEmpty()) {
+ return Result.err(rurdd);
+ }
+ if (v.user(trans.org(), rurdd.value.user).err()) {
+ return Result.err(Status.ERR_BadData,v.errs());
+ }
+
+ Set<String> currRoles = new HashSet<>();
+ Result<List<UserRoleDAO.Data>> rlurd = ques.userRoleDAO.readByUser(trans, rurdd.value.user);
+ if(rlurd.isOK()) {
+ for(UserRoleDAO.Data data : rlurd.value) {
+ currRoles.add(data.role);
+ }
+ }
+
+ Result<Void> rv = null;
+ String[] roles;
+ if(rurdd.value.role==null) {
+ roles = new String[0];
+ } else {
+ roles = rurdd.value.role.split(",");
+ }
+
+ for (String role : roles) {
+ if (v.role(role).err()) {
+ return Result.err(Status.ERR_BadData,v.errs());
+ }
+ Result<RoleDAO.Data> rrdd = RoleDAO.Data.decode(trans, ques, role);
+ if(rrdd.notOK()) {
+ return Result.err(rrdd);
+ }
+
+ rurdd.value.role(rrdd.value);
+
+ Result<NsDAO.Data> nsd = ques.mayUser(trans, trans.user(), rrdd.value,Access.write);
+ if (nsd.notOK()) {
+ return Result.err(nsd);
+ }
+ Result<NsDAO.Data> nsr = ques.deriveNs(trans, role);
+ if(nsr.notOKorIsEmpty()) {
+ return Result.err(nsr);
+ }
+
+ if(currRoles.contains(role)) {
+ currRoles.remove(role);
+ } else {
+ rv = func.addUserRole(trans, rurdd.value);
+ if (rv.notOK()) {
+ return rv;
+ }
+ }
+ }
+
+ for (String role : currRoles) {
+ rurdd.value.role(trans,ques,role);
+ rv = ques.userRoleDAO.delete(trans, rurdd.value, false);
+ if(rv.notOK()) {
+ trans.info().log(rurdd.value.user,"/",rurdd.value.role, "expected to be deleted, but does not exist");
+ // return rv; // if it doesn't exist, don't error out
+ }
+
+ }
+
+ return Result.ok();
+
+ }
+
+ @ApiDoc(
+ method = PUT,
+ path = "/authz/userRole/role",
+ params = {},
+ expectedCode = 200,
+ errorCodes = {403,404,406},
+ text = { "Set a Role's users to the users specified in the UserRoleRequest object.",
+ "WARNING: Users supplied will be the ONLY users attached to this role",
+ "If no users are supplied, role's users are reset."
+ }
+ )
+ @Override
+ public Result<Void> resetUsersForRole(AuthzTrans trans, REQUEST rreq) {
+ Result<UserRoleDAO.Data> rurdd = mapper.userRole(trans, rreq);
+ if(rurdd.notOKorIsEmpty()) {
+ return Result.err(rurdd);
+ }
+ final ServiceValidator v = new ServiceValidator();
+ if (v.user_role(rurdd.value).err()) {
+ return Result.err(Status.ERR_BadData,v.errs());
+ }
+
+ RoleDAO.Data rd = RoleDAO.Data.decode(rurdd.value);
+
+ Result<NsDAO.Data> nsd = ques.mayUser(trans, trans.user(), rd, Access.write);
+ if (nsd.notOK()) {
+ return Result.err(nsd);
+ }
+
+ Result<NsDAO.Data> nsr = ques.deriveNs(trans, rurdd.value.role);
+ if(nsr.notOKorIsEmpty()) {
+ return Result.err(nsr);
+ }
+
+ Set<String> currUsers = new HashSet<>();
+ Result<List<UserRoleDAO.Data>> rlurd = ques.userRoleDAO.readByRole(trans, rurdd.value.role);
+ if(rlurd.isOK()) {
+ for(UserRoleDAO.Data data : rlurd.value) {
+ currUsers.add(data.user);
+ }
+ }
+
+ // found when connected remotely to DEVL, can't replicate locally
+ // inconsistent errors with cmd: role user setTo [nothing]
+ // deleteUserRole --> read --> get --> cacheIdx(?)
+ // sometimes returns idx for last added user instead of user passed in
+ // cache bug?
+
+
+ Result<Void> rv = null;
+ String[] users = {};
+ if (rurdd.value.user != null) {
+ users = rurdd.value.user.split(",");
+ }
+
+ for (String user : users) {
+ if (v.user(trans.org(), user).err()) {
+ return Result.err(Status.ERR_BadData,v.errs());
+ }
+ rurdd.value.user = user;
+
+ if(currUsers.contains(user)) {
+ currUsers.remove(user);
+ } else {
+ rv = func.addUserRole(trans, rurdd.value);
+ if (rv.notOK()) {
+ return rv;
+ }
+ }
+ }
+
+ for (String user : currUsers) {
+ rurdd.value.user = user;
+ rv = ques.userRoleDAO.delete(trans, rurdd.value, false);
+ if(rv.notOK()) {
+ trans.info().log(rurdd.value, "expected to be deleted, but not exists");
+ return rv;
+ }
+ }
+
+ return Result.ok();
+ }
+
+ @ApiDoc(
+ method = GET,
+ path = "/authz/userRole/extend/:user/:role",
+ params = { "user|string|true",
+ "role|string|true"
+ },
+ expectedCode = 200,
+ errorCodes = {403,404,406},
+ text = { "Extend the Expiration of this User Role by the amount set by Organization",
+ "Requestor must be allowed to modify the role"
+ }
+ )
+ @Override
+ public Result<Void> extendUserRole(AuthzTrans trans, String user, String role) {
+ Organization org = trans.org();
+ final ServiceValidator v = new ServiceValidator();
+ if(v.user(org, user)
+ .role(role)
+ .err()) {
+ return Result.err(Status.ERR_BadData,v.errs());
+ }
+
+ Result<RoleDAO.Data> rrdd = RoleDAO.Data.decode(trans,ques,role);
+ if(rrdd.notOK()) {
+ return Result.err(rrdd);
+ }
+
+ Result<NsDAO.Data> rcr = ques.mayUser(trans, trans.user(), rrdd.value, Access.write);
+ boolean mayNotChange;
+ if((mayNotChange = rcr.notOK()) && !trans.requested(future)) {
+ return Result.err(rcr);
+ }
+
+ Result<List<UserRoleDAO.Data>> rr = ques.userRoleDAO.read(trans, user,role);
+ if(rr.notOK()) {
+ return Result.err(rr);
+ }
+ for(UserRoleDAO.Data userRole : rr.value) {
+ if(mayNotChange) { // Function exited earlier if !trans.futureRequested
+ FutureDAO.Data fto = new FutureDAO.Data();
+ fto.target=UserRoleDAO.TABLE;
+ fto.memo = "Extend User ["+userRole.user+"] in Role ["+userRole.role+"]";
+ GregorianCalendar now = new GregorianCalendar();
+ fto.start = now.getTime();
+ fto.expires = org.expiration(now, Expiration.Future).getTime();
+ try {
+ fto.construct = userRole.bytify();
+ } catch (IOException e) {
+ trans.error().log(e, "Error while bytifying UserRole for Future");
+ return Result.err(e);
+ }
+
+ Result<String> rfc = func.createFuture(trans, fto,
+ userRole.user+'|'+userRole.role, userRole.user, rcr.value, FUTURE_OP.U);
+ if(rfc.isOK()) {
+ return Result.err(Status.ACC_Future, "UserRole [%s - %s] is saved for future processing",
+ userRole.user,
+ userRole.role);
+ } else {
+ return Result.err(rfc);
+ }
+ } else {
+ return func.extendUserRole(trans, userRole, false);
+ }
+ }
+ return Result.err(Result.ERR_NotFound,"This user and role doesn't exist");
+ }
+
+ @ApiDoc(
+ method = DELETE,
+ path = "/authz/userRole/:user/:role",
+ params = { "user|string|true",
+ "role|string|true"
+ },
+ expectedCode = 200,
+ errorCodes = {403,404,406},
+ text = { "Remove Role :role from User :user."
+ }
+ )
+ @Override
+ public Result<Void> deleteUserRole(AuthzTrans trans, String usr, String role) {
+ Validator val = new ServiceValidator();
+ if(val.nullOrBlank("User", usr)
+ .nullOrBlank("Role", role).err()) {
+ return Result.err(Status.ERR_BadData, val.errs());
+ }
+
+ boolean mayNotChange;
+ Result<RoleDAO.Data> rrdd = RoleDAO.Data.decode(trans,ques,role);
+ if(rrdd.notOK()) {
+ return Result.err(rrdd);
+ }
+
+ RoleDAO.Data rdd = rrdd.value;
+ Result<NsDAO.Data> rns = ques.mayUser(trans, trans.user(), rdd, Access.write);
+
+ // Make sure we don't delete the last owner of valid NS
+ if(rns.isOKhasData() && Question.OWNER.equals(rdd.name) && ques.countOwner(trans,rdd.ns)<=1) {
+ return Result.err(Status.ERR_Denied,"You may not delete the last Owner of " + rdd.ns );
+ }
+
+ if(mayNotChange=rns.notOK()) {
+ if(!trans.requested(future)) {
+ return Result.err(rns);
+ }
+ }
+
+ Result<List<UserRoleDAO.Data>> rulr;
+ if((rulr=ques.userRoleDAO.read(trans, usr, role)).notOKorIsEmpty()) {
+ return Result.err(Status.ERR_UserRoleNotFound, "User [ "+usr+" ] is not "
+ + "Assigned to the Role [ " + role + " ]");
+ }
+
+ UserRoleDAO.Data userRole = rulr.value.get(0);
+ if(mayNotChange) { // Function exited earlier if !trans.futureRequested
+ FutureDAO.Data fto = new FutureDAO.Data();
+ fto.target=UserRoleDAO.TABLE;
+ fto.memo = "Remove User ["+userRole.user+"] from Role ["+userRole.role+"]";
+ GregorianCalendar now = new GregorianCalendar();
+ fto.start = now.getTime();
+ fto.expires = trans.org().expiration(now, Expiration.Future).getTime();
+
+ Result<String> rfc = func.createFuture(trans, fto,
+ userRole.user+'|'+userRole.role, userRole.user, rns.value, FUTURE_OP.D);
+ if(rfc.isOK()) {
+ return Result.err(Status.ACC_Future, "UserRole [%s - %s] is saved for future processing",
+ userRole.user,
+ userRole.role);
+ } else {
+ return Result.err(rfc);
+ }
+ } else {
+ return ques.userRoleDAO.delete(trans, rulr.value.get(0), false);
+ }
+ }
+
+ @ApiDoc(
+ method = GET,
+ path = "/authz/userRole/:user/:role",
+ params = {"user|string|true",
+ "role|string|true"},
+ expectedCode = 200,
+ errorCodes = {403,404,406},
+ text = { "Returns the User (with Expiration date from listed User/Role) if it exists"
+ }
+ )
+ @Override
+ public Result<USERS> getUserInRole(AuthzTrans trans, String user, String role) {
+ final Validator v = new ServiceValidator();
+ if(v.role(role).nullOrBlank("User", user).err()) {
+ return Result.err(Status.ERR_BadData,v.errs());
+ }
+
+// Result<NsDAO.Data> ns = ques.deriveNs(trans, role);
+// if (ns.notOK()) return Result.err(ns);
+//
+// Result<NsDAO.Data> rnd = ques.mayUser(trans, trans.user(), ns.value, Access.write);
+ // May calling user see by virtue of the Role
+ Result<RoleDAO.Data> rrdd = RoleDAO.Data.decode(trans, ques, role);
+ if(rrdd.notOK()) {
+ return Result.err(rrdd);
+ }
+ Result<NsDAO.Data> rnd = ques.mayUser(trans, trans.user(), rrdd.value,Access.read);
+ if(rnd.notOK()) {
+ return Result.err(rnd);
+ }
+
+ HashSet<UserRoleDAO.Data> userSet = new HashSet<>();
+ Result<List<UserRoleDAO.Data>> rlurd = ques.userRoleDAO.readUserInRole(trans, user, role);
+ if(rlurd.isOK()) {
+ for(UserRoleDAO.Data data : rlurd.value) {
+ userSet.add(data);
+ }
+ }
+
+ @SuppressWarnings("unchecked")
+ USERS users = (USERS) mapper.newInstance(API.USERS);
+ mapper.users(trans, userSet, users);
+ return Result.ok(users);
+ }
+
+ @ApiDoc(
+ method = GET,
+ path = "/authz/users/role/:role",
+ params = {"user|string|true",
+ "role|string|true"},
+ expectedCode = 200,
+ errorCodes = {403,404,406},
+ text = { "Returns the User (with Expiration date from listed User/Role) if it exists"
+ }
+ )
+ @Override
+ public Result<USERS> getUsersByRole(AuthzTrans trans, String role) {
+ final Validator v = new ServiceValidator();
+ if(v.nullOrBlank("Role",role).err()) {
+ return Result.err(Status.ERR_BadData,v.errs());
+ }
+
+// Result<NsDAO.Data> ns = ques.deriveNs(trans, role);
+// if (ns.notOK()) return Result.err(ns);
+//
+// Result<NsDAO.Data> rnd = ques.mayUser(trans, trans.user(), ns.value, Access.write);
+ // May calling user see by virtue of the Role
+ Result<RoleDAO.Data> rrdd = RoleDAO.Data.decode(trans, ques, role);
+ if(rrdd.notOK()) {
+ return Result.err(rrdd);
+ }
+
+ boolean contactOnly = false;
+ // Allow the request of any valid user to find the contact of the NS (Owner)
+ Result<NsDAO.Data> rnd = ques.mayUser(trans, trans.user(), rrdd.value,Access.read);
+ if(rnd.notOK()) {
+ if(Question.OWNER.equals(rrdd.value.name)) {
+ contactOnly = true;
+ } else {
+ return Result.err(rnd);
+ }
+ }
+
+ HashSet<UserRoleDAO.Data> userSet = new HashSet<>();
+ Result<List<UserRoleDAO.Data>> rlurd = ques.userRoleDAO.readByRole(trans, role);
+ if(rlurd.isOK()) {
+ for(UserRoleDAO.Data data : rlurd.value) {
+ if(contactOnly) { //scrub data
+ // Can't change actual object, or will mess up the cache.
+ UserRoleDAO.Data scrub = new UserRoleDAO.Data();
+ scrub.ns = data.ns;
+ scrub.rname = data.rname;
+ scrub.role = data.role;
+ scrub.user = data.user;
+ userSet.add(scrub);
+ } else {
+ userSet.add(data);
+ }
+ }
+ }
+
+ @SuppressWarnings("unchecked")
+ USERS users = (USERS) mapper.newInstance(API.USERS);
+ mapper.users(trans, userSet, users);
+ return Result.ok(users);
+ }
+
+ /**
+ * getUsersByPermission
+ */
@ApiDoc(
method = GET,
path = "/authz/users/perm/:type/:instance/:action",
- params = { "type|string|true",
- "instance|string|true",
- "action|string|true"
- },
+ params = { "type|string|true",
+ "instance|string|true",
+ "action|string|true"
+ },
expectedCode = 200,
errorCodes = {404,406},
text = { "List all Users that have Permission specified by :type :instance :action",
- }
+ }
)
- @Override
- public Result<USERS> getUsersByPermission(AuthzTrans trans, String type, String instance, String action) {
- final Validator v = new ServiceValidator();
- if(v.nullOrBlank("Type",type)
- .nullOrBlank("Instance",instance)
- .nullOrBlank("Action",action)
- .err()) {
- return Result.err(Status.ERR_BadData,v.errs());
- }
-
- Result<NsSplit> nss = ques.deriveNsSplit(trans, type);
- if(nss.notOK()) {
- return Result.err(nss);
- }
-
- Result<List<NsDAO.Data>> nsd = ques.nsDAO.read(trans, nss.value.ns);
- if (nsd.notOK()) {
- return Result.err(nsd);
- }
-
- boolean allInstance = ASTERIX.equals(instance);
- boolean allAction = ASTERIX.equals(action);
- // Get list of roles per Permission,
- // Then loop through Roles to get Users
- // Note: Use Sets to avoid processing or responding with Duplicates
- Set<String> roleUsed = new HashSet<>();
- Set<UserRoleDAO.Data> userSet = new HashSet<>();
-
- if(!nss.isEmpty()) {
- Result<List<PermDAO.Data>> rlp = ques.permDAO.readByType(trans, nss.value.ns, nss.value.name);
- if(rlp.isOKhasData()) {
- for(PermDAO.Data pd : rlp.value) {
- if((allInstance || pd.instance.equals(instance)) &&
- (allAction || pd.action.equals(action))) {
- if(ques.mayUser(trans, trans.user(),pd,Access.read).isOK()) {
- for(String role : pd.roles) {
- if(!roleUsed.contains(role)) { // avoid evaluating Role many times
- roleUsed.add(role);
- Result<List<UserRoleDAO.Data>> rlurd = ques.userRoleDAO.readByRole(trans, role.replace('|', '.'));
- if(rlurd.isOKhasData()) {
- for(UserRoleDAO.Data urd : rlurd.value) {
- userSet.add(urd);
- }
- }
- }
- }
- }
- }
- }
- }
- }
- @SuppressWarnings("unchecked")
- USERS users = (USERS) mapper.newInstance(API.USERS);
- mapper.users(trans, userSet, users);
- return Result.ok(users);
- }
+ @Override
+ public Result<USERS> getUsersByPermission(AuthzTrans trans, String type, String instance, String action) {
+ final Validator v = new ServiceValidator();
+ if(v.nullOrBlank("Type",type)
+ .nullOrBlank("Instance",instance)
+ .nullOrBlank("Action",action)
+ .err()) {
+ return Result.err(Status.ERR_BadData,v.errs());
+ }
+
+ Result<NsSplit> nss = ques.deriveNsSplit(trans, type);
+ if(nss.notOK()) {
+ return Result.err(nss);
+ }
+
+ Result<List<NsDAO.Data>> nsd = ques.nsDAO.read(trans, nss.value.ns);
+ if (nsd.notOK()) {
+ return Result.err(nsd);
+ }
+
+ boolean allInstance = ASTERIX.equals(instance);
+ boolean allAction = ASTERIX.equals(action);
+ // Get list of roles per Permission,
+ // Then loop through Roles to get Users
+ // Note: Use Sets to avoid processing or responding with Duplicates
+ Set<String> roleUsed = new HashSet<>();
+ Set<UserRoleDAO.Data> userSet = new HashSet<>();
+
+ if(!nss.isEmpty()) {
+ Result<List<PermDAO.Data>> rlp = ques.permDAO.readByType(trans, nss.value.ns, nss.value.name);
+ if(rlp.isOKhasData()) {
+ for(PermDAO.Data pd : rlp.value) {
+ if((allInstance || pd.instance.equals(instance)) &&
+ (allAction || pd.action.equals(action))) {
+ if(ques.mayUser(trans, trans.user(),pd,Access.read).isOK()) {
+ for(String role : pd.roles) {
+ if(!roleUsed.contains(role)) { // avoid evaluating Role many times
+ roleUsed.add(role);
+ Result<List<UserRoleDAO.Data>> rlurd = ques.userRoleDAO.readByRole(trans, role.replace('|', '.'));
+ if(rlurd.isOKhasData()) {
+ for(UserRoleDAO.Data urd : rlurd.value) {
+ userSet.add(urd);
+ }
+ }
+ }
+ }
+ }
+ }
+ }
+ }
+ }
+ @SuppressWarnings("unchecked")
+ USERS users = (USERS) mapper.newInstance(API.USERS);
+ mapper.users(trans, userSet, users);
+ return Result.ok(users);
+ }
/***********************************
* HISTORY
- ***********************************/
- @Override
- public Result<HISTORY> getHistoryByUser(final AuthzTrans trans, String user, final int[] yyyymm, final int sort) {
- final Validator v = new ServiceValidator();
- if(v.nullOrBlank("User",user).err()) {
- return Result.err(Status.ERR_BadData,v.errs());
- }
-
- Result<NsDAO.Data> rnd;
- // Users may look at their own data
- if(trans.user().equals(user)) {
- // Users may look at their own data
- } else {
- int at = user.indexOf('@');
- if(at>=0 && trans.org().getRealm().equals(user.substring(at+1))) {
- NsDAO.Data nsd = new NsDAO.Data();
- nsd.name = Question.domain2ns(user);
- rnd = ques.mayUser(trans, trans.user(), nsd, Access.read);
- if(rnd.notOK()) {
- return Result.err(rnd);
- }
- } else {
- rnd = ques.validNSOfDomain(trans, user);
- if(rnd.notOK()) {
- return Result.err(rnd);
- }
-
- rnd = ques.mayUser(trans, trans.user(), rnd.value, Access.read);
- if(rnd.notOK()) {
- return Result.err(rnd);
- }
- }
- }
- Result<List<HistoryDAO.Data>> resp = ques.historyDAO.readByUser(trans, user, yyyymm);
- if(resp.notOK()) {
- return Result.err(resp);
- }
- return mapper.history(trans, resp.value,sort);
- }
-
- @Override
- public Result<HISTORY> getHistoryByRole(AuthzTrans trans, String role, int[] yyyymm, final int sort) {
- final Validator v = new ServiceValidator();
- if(v.nullOrBlank("Role",role).err()) {
- return Result.err(Status.ERR_BadData,v.errs());
- }
-
- Result<RoleDAO.Data> rrdd = RoleDAO.Data.decode(trans, ques, role);
- if(rrdd.notOK()) {
- return Result.err(rrdd);
- }
-
- Result<NsDAO.Data> rnd = ques.mayUser(trans, trans.user(), rrdd.value, Access.read);
- if(rnd.notOK()) {
- return Result.err(rnd);
- }
- Result<List<HistoryDAO.Data>> resp = ques.historyDAO.readBySubject(trans, role, "role", yyyymm);
- if(resp.notOK()) {
- return Result.err(resp);
- }
- return mapper.history(trans, resp.value,sort);
- }
-
- @Override
- public Result<HISTORY> getHistoryByPerm(AuthzTrans trans, String type, int[] yyyymm, final int sort) {
- final Validator v = new ServiceValidator();
- if(v.nullOrBlank("Type",type)
- .err()) {
- return Result.err(Status.ERR_BadData,v.errs());
- }
-
- // May user see Namespace of Permission (since it's only one piece... we can't check for "is permission part of")
- Result<NsDAO.Data> rnd = ques.deriveNs(trans,type);
- if(rnd.notOK()) {
- return Result.err(rnd);
- }
-
- rnd = ques.mayUser(trans, trans.user(), rnd.value, Access.read);
- if(rnd.notOK()) {
- return Result.err(rnd);
- }
- Result<List<HistoryDAO.Data>> resp = ques.historyDAO.readBySubject(trans, type, "perm", yyyymm);
- if(resp.notOK()) {
- return Result.err(resp);
- }
- return mapper.history(trans, resp.value,sort);
- }
-
- @Override
- public Result<HISTORY> getHistoryByNS(AuthzTrans trans, String ns, int[] yyyymm, final int sort) {
- final Validator v = new ServiceValidator();
- if(v.nullOrBlank("NS",ns)
- .err()) {
- return Result.err(Status.ERR_BadData,v.errs());
- }
-
- Result<NsDAO.Data> rnd = ques.deriveNs(trans,ns);
- if(rnd.notOK()) {
- return Result.err(rnd);
- }
- rnd = ques.mayUser(trans, trans.user(), rnd.value, Access.read);
- if(rnd.notOK()) {
- return Result.err(rnd);
- }
-
- Result<List<HistoryDAO.Data>> resp = ques.historyDAO.readBySubject(trans, ns, "ns", yyyymm);
- if(resp.notOK()) {
- return Result.err(resp);
- }
- return mapper.history(trans, resp.value,sort);
- }
+ ***********************************/
+ @Override
+ public Result<HISTORY> getHistoryByUser(final AuthzTrans trans, String user, final int[] yyyymm, final int sort) {
+ final Validator v = new ServiceValidator();
+ if(v.nullOrBlank("User",user).err()) {
+ return Result.err(Status.ERR_BadData,v.errs());
+ }
+
+ Result<NsDAO.Data> rnd;
+ // Users may look at their own data
+ if(trans.user().equals(user)) {
+ // Users may look at their own data
+ } else {
+ int at = user.indexOf('@');
+ if(at>=0 && trans.org().getRealm().equals(user.substring(at+1))) {
+ NsDAO.Data nsd = new NsDAO.Data();
+ nsd.name = Question.domain2ns(user);
+ rnd = ques.mayUser(trans, trans.user(), nsd, Access.read);
+ if(rnd.notOK()) {
+ return Result.err(rnd);
+ }
+ } else {
+ rnd = ques.validNSOfDomain(trans, user);
+ if(rnd.notOK()) {
+ return Result.err(rnd);
+ }
+
+ rnd = ques.mayUser(trans, trans.user(), rnd.value, Access.read);
+ if(rnd.notOK()) {
+ return Result.err(rnd);
+ }
+ }
+ }
+ Result<List<HistoryDAO.Data>> resp = ques.historyDAO.readByUser(trans, user, yyyymm);
+ if(resp.notOK()) {
+ return Result.err(resp);
+ }
+ return mapper.history(trans, resp.value,sort);
+ }
+
+ @Override
+ public Result<HISTORY> getHistoryByRole(AuthzTrans trans, String role, int[] yyyymm, final int sort) {
+ final Validator v = new ServiceValidator();
+ if(v.nullOrBlank("Role",role).err()) {
+ return Result.err(Status.ERR_BadData,v.errs());
+ }
+
+ Result<RoleDAO.Data> rrdd = RoleDAO.Data.decode(trans, ques, role);
+ if(rrdd.notOK()) {
+ return Result.err(rrdd);
+ }
+
+ Result<NsDAO.Data> rnd = ques.mayUser(trans, trans.user(), rrdd.value, Access.read);
+ if(rnd.notOK()) {
+ return Result.err(rnd);
+ }
+ Result<List<HistoryDAO.Data>> resp = ques.historyDAO.readBySubject(trans, role, "role", yyyymm);
+ if(resp.notOK()) {
+ return Result.err(resp);
+ }
+ return mapper.history(trans, resp.value,sort);
+ }
+
+ @Override
+ public Result<HISTORY> getHistoryByPerm(AuthzTrans trans, String type, int[] yyyymm, final int sort) {
+ final Validator v = new ServiceValidator();
+ if(v.nullOrBlank("Type",type)
+ .err()) {
+ return Result.err(Status.ERR_BadData,v.errs());
+ }
+
+ // May user see Namespace of Permission (since it's only one piece... we can't check for "is permission part of")
+ Result<NsDAO.Data> rnd = ques.deriveNs(trans,type);
+ if(rnd.notOK()) {
+ return Result.err(rnd);
+ }
+
+ rnd = ques.mayUser(trans, trans.user(), rnd.value, Access.read);
+ if(rnd.notOK()) {
+ return Result.err(rnd);
+ }
+ Result<List<HistoryDAO.Data>> resp = ques.historyDAO.readBySubject(trans, type, "perm", yyyymm);
+ if(resp.notOK()) {
+ return Result.err(resp);
+ }
+ return mapper.history(trans, resp.value,sort);
+ }
+
+ @Override
+ public Result<HISTORY> getHistoryByNS(AuthzTrans trans, String ns, int[] yyyymm, final int sort) {
+ final Validator v = new ServiceValidator();
+ if(v.nullOrBlank("NS",ns)
+ .err()) {
+ return Result.err(Status.ERR_BadData,v.errs());
+ }
+
+ Result<NsDAO.Data> rnd = ques.deriveNs(trans,ns);
+ if(rnd.notOK()) {
+ return Result.err(rnd);
+ }
+ rnd = ques.mayUser(trans, trans.user(), rnd.value, Access.read);
+ if(rnd.notOK()) {
+ return Result.err(rnd);
+ }
+
+ Result<List<HistoryDAO.Data>> resp = ques.historyDAO.readBySubject(trans, ns, "ns", yyyymm);
+ if(resp.notOK()) {
+ return Result.err(resp);
+ }
+ return mapper.history(trans, resp.value,sort);
+ }
/***********************************
* DELEGATE
***********************************/
- @Override
- public Result<Void> createDelegate(final AuthzTrans trans, REQUEST base) {
- return createOrUpdateDelegate(trans, base, Question.Access.create);
- }
-
- @Override
- public Result<Void> updateDelegate(AuthzTrans trans, REQUEST base) {
- return createOrUpdateDelegate(trans, base, Question.Access.write);
- }
-
-
- private Result<Void> createOrUpdateDelegate(final AuthzTrans trans, REQUEST base, final Access access) {
- final Result<DelegateDAO.Data> rd = mapper.delegate(trans, base);
- final ServiceValidator v = new ServiceValidator();
- if(v.delegate(trans.org(),rd).err()) {
- return Result.err(Status.ERR_BadData,v.errs());
- }
-
- final DelegateDAO.Data dd = rd.value;
-
- Result<List<DelegateDAO.Data>> ddr = ques.delegateDAO.read(trans, dd);
- if(access==Access.create && ddr.isOKhasData()) {
- return Result.err(Status.ERR_ConflictAlreadyExists, "[%s] already delegates to [%s]", dd.user, ddr.value.get(0).delegate);
- } else if(access!=Access.create && ddr.notOKorIsEmpty()) {
- return Result.err(Status.ERR_NotFound, "[%s] does not have a Delegate Record to [%s].",dd.user,access.name());
- }
- Result<Void> rv = ques.mayUser(trans, dd, access);
- if(rv.notOK()) {
- return rv;
- }
-
- Result<FutureDAO.Data> fd = mapper.future(trans,DelegateDAO.TABLE,base, dd, false,
- new Mapper.Memo() {
- @Override
- public String get() {
- StringBuilder sb = new StringBuilder();
- sb.append(access.name());
- sb.setCharAt(0, Character.toUpperCase(sb.charAt(0)));
- sb.append("Delegate ");
- sb.append(access==Access.create?"[":"to [");
- sb.append(rd.value.delegate);
- sb.append("] for [");
- sb.append(rd.value.user);
- sb.append(']');
- return sb.toString();
- }
- },
- new MayChange() {
- @Override
- public Result<?> mayChange() {
- return Result.ok(); // Validate in code above
- }
- });
-
- switch(fd.status) {
- case OK:
- Result<String> rfc = func.createFuture(trans, fd.value,
- dd.user, trans.user(),null, access==Access.create?FUTURE_OP.C:FUTURE_OP.U);
- if(rfc.isOK()) {
- return Result.err(Status.ACC_Future, "Delegate for [%s]",
- dd.user);
- } else {
- return Result.err(rfc);
- }
- case Status.ACC_Now:
- if(access==Access.create) {
- Result<DelegateDAO.Data> rdr = ques.delegateDAO.create(trans, dd);
- if(rdr.isOK()) {
- return Result.ok();
- } else {
- return Result.err(rdr);
- }
- } else {
- return ques.delegateDAO.update(trans, dd);
- }
- default:
- return Result.err(fd);
- }
- }
-
- @Override
- public Result<Void> deleteDelegate(AuthzTrans trans, REQUEST base) {
- final Result<DelegateDAO.Data> rd = mapper.delegate(trans, base);
- final Validator v = new ServiceValidator();
- if(v.notOK(rd).nullOrBlank("User", rd.value.user).err()) {
- return Result.err(Status.ERR_BadData,v.errs());
- }
-
- Result<List<DelegateDAO.Data>> ddl;
- if((ddl=ques.delegateDAO.read(trans, rd.value)).notOKorIsEmpty()) {
- return Result.err(Status.ERR_DelegateNotFound,"Cannot delete non-existent Delegate");
- }
- final DelegateDAO.Data dd = ddl.value.get(0);
- Result<Void> rv = ques.mayUser(trans, dd, Access.write);
- if(rv.notOK()) {
- return rv;
- }
-
- return ques.delegateDAO.delete(trans, dd, false);
- }
-
- @Override
- public Result<Void> deleteDelegate(AuthzTrans trans, String userName) {
- DelegateDAO.Data dd = new DelegateDAO.Data();
- final Validator v = new ServiceValidator();
- if(v.nullOrBlank("User", userName).err()) {
- return Result.err(Status.ERR_BadData,v.errs());
- }
- dd.user = userName;
- Result<List<DelegateDAO.Data>> ddl;
- if((ddl=ques.delegateDAO.read(trans, dd)).notOKorIsEmpty()) {
- return Result.err(Status.ERR_DelegateNotFound,"Cannot delete non-existent Delegate");
- }
- dd = ddl.value.get(0);
- Result<Void> rv = ques.mayUser(trans, dd, Access.write);
- if(rv.notOK()) {
- return rv;
- }
-
- return ques.delegateDAO.delete(trans, dd, false);
- }
-
- @Override
- public Result<DELGS> getDelegatesByUser(AuthzTrans trans, String user) {
- final Validator v = new ServiceValidator();
- if(v.nullOrBlank("User", user).err()) {
- return Result.err(Status.ERR_BadData,v.errs());
- }
-
- DelegateDAO.Data ddd = new DelegateDAO.Data();
- ddd.user = user;
- ddd.delegate = null;
- Result<Void> rv = ques.mayUser(trans, ddd, Access.read);
- if(rv.notOK()) {
- return Result.err(rv);
- }
-
- TimeTaken tt = trans.start("Get delegates for a user", Env.SUB);
-
- Result<List<DelegateDAO.Data>> dbDelgs = ques.delegateDAO.read(trans, user);
- try {
- if (dbDelgs.isOKhasData()) {
- return mapper.delegate(dbDelgs.value);
- } else {
- return Result.err(Status.ERR_DelegateNotFound,"No Delegate found for [%s]",user);
- }
- } finally {
- tt.done();
- }
- }
-
- @Override
- public Result<DELGS> getDelegatesByDelegate(AuthzTrans trans, String delegate) {
- final Validator v = new ServiceValidator();
- if(v.nullOrBlank("Delegate", delegate).err()) {
- return Result.err(Status.ERR_BadData,v.errs());
- }
-
- DelegateDAO.Data ddd = new DelegateDAO.Data();
- ddd.user = delegate;
- Result<Void> rv = ques.mayUser(trans, ddd, Access.read);
- if(rv.notOK()) {
- return Result.err(rv);
- }
-
- TimeTaken tt = trans.start("Get users for a delegate", Env.SUB);
-
- Result<List<DelegateDAO.Data>> dbDelgs = ques.delegateDAO.readByDelegate(trans, delegate);
- try {
- if (dbDelgs.isOKhasData()) {
- return mapper.delegate(dbDelgs.value);
- } else {
- return Result.err(Status.ERR_DelegateNotFound,"Delegate [%s] is not delegating for anyone.",delegate);
- }
- } finally {
- tt.done();
- }
- }
+ @Override
+ public Result<Void> createDelegate(final AuthzTrans trans, REQUEST base) {
+ return createOrUpdateDelegate(trans, base, Question.Access.create);
+ }
+
+ @Override
+ public Result<Void> updateDelegate(AuthzTrans trans, REQUEST base) {
+ return createOrUpdateDelegate(trans, base, Question.Access.write);
+ }
+
+
+ private Result<Void> createOrUpdateDelegate(final AuthzTrans trans, REQUEST base, final Access access) {
+ final Result<DelegateDAO.Data> rd = mapper.delegate(trans, base);
+ final ServiceValidator v = new ServiceValidator();
+ if(v.delegate(trans.org(),rd).err()) {
+ return Result.err(Status.ERR_BadData,v.errs());
+ }
+
+ final DelegateDAO.Data dd = rd.value;
+
+ Result<List<DelegateDAO.Data>> ddr = ques.delegateDAO.read(trans, dd);
+ if(access==Access.create && ddr.isOKhasData()) {
+ return Result.err(Status.ERR_ConflictAlreadyExists, "[%s] already delegates to [%s]", dd.user, ddr.value.get(0).delegate);
+ } else if(access!=Access.create && ddr.notOKorIsEmpty()) {
+ return Result.err(Status.ERR_NotFound, "[%s] does not have a Delegate Record to [%s].",dd.user,access.name());
+ }
+ Result<Void> rv = ques.mayUser(trans, dd, access);
+ if(rv.notOK()) {
+ return rv;
+ }
+
+ Result<FutureDAO.Data> fd = mapper.future(trans,DelegateDAO.TABLE,base, dd, false,
+ new Mapper.Memo() {
+ @Override
+ public String get() {
+ StringBuilder sb = new StringBuilder();
+ sb.append(access.name());
+ sb.setCharAt(0, Character.toUpperCase(sb.charAt(0)));
+ sb.append("Delegate ");
+ sb.append(access==Access.create?"[":"to [");
+ sb.append(rd.value.delegate);
+ sb.append("] for [");
+ sb.append(rd.value.user);
+ sb.append(']');
+ return sb.toString();
+ }
+ },
+ new MayChange() {
+ @Override
+ public Result<?> mayChange() {
+ return Result.ok(); // Validate in code above
+ }
+ });
+
+ switch(fd.status) {
+ case OK:
+ Result<String> rfc = func.createFuture(trans, fd.value,
+ dd.user, trans.user(),null, access==Access.create?FUTURE_OP.C:FUTURE_OP.U);
+ if(rfc.isOK()) {
+ return Result.err(Status.ACC_Future, "Delegate for [%s]",
+ dd.user);
+ } else {
+ return Result.err(rfc);
+ }
+ case Status.ACC_Now:
+ if(access==Access.create) {
+ Result<DelegateDAO.Data> rdr = ques.delegateDAO.create(trans, dd);
+ if(rdr.isOK()) {
+ return Result.ok();
+ } else {
+ return Result.err(rdr);
+ }
+ } else {
+ return ques.delegateDAO.update(trans, dd);
+ }
+ default:
+ return Result.err(fd);
+ }
+ }
+
+ @Override
+ public Result<Void> deleteDelegate(AuthzTrans trans, REQUEST base) {
+ final Result<DelegateDAO.Data> rd = mapper.delegate(trans, base);
+ final Validator v = new ServiceValidator();
+ if(v.notOK(rd).nullOrBlank("User", rd.value.user).err()) {
+ return Result.err(Status.ERR_BadData,v.errs());
+ }
+
+ Result<List<DelegateDAO.Data>> ddl;
+ if((ddl=ques.delegateDAO.read(trans, rd.value)).notOKorIsEmpty()) {
+ return Result.err(Status.ERR_DelegateNotFound,"Cannot delete non-existent Delegate");
+ }
+ final DelegateDAO.Data dd = ddl.value.get(0);
+ Result<Void> rv = ques.mayUser(trans, dd, Access.write);
+ if(rv.notOK()) {
+ return rv;
+ }
+
+ return ques.delegateDAO.delete(trans, dd, false);
+ }
+
+ @Override
+ public Result<Void> deleteDelegate(AuthzTrans trans, String userName) {
+ DelegateDAO.Data dd = new DelegateDAO.Data();
+ final Validator v = new ServiceValidator();
+ if(v.nullOrBlank("User", userName).err()) {
+ return Result.err(Status.ERR_BadData,v.errs());
+ }
+ dd.user = userName;
+ Result<List<DelegateDAO.Data>> ddl;
+ if((ddl=ques.delegateDAO.read(trans, dd)).notOKorIsEmpty()) {
+ return Result.err(Status.ERR_DelegateNotFound,"Cannot delete non-existent Delegate");
+ }
+ dd = ddl.value.get(0);
+ Result<Void> rv = ques.mayUser(trans, dd, Access.write);
+ if(rv.notOK()) {
+ return rv;
+ }
+
+ return ques.delegateDAO.delete(trans, dd, false);
+ }
+
+ @Override
+ public Result<DELGS> getDelegatesByUser(AuthzTrans trans, String user) {
+ final Validator v = new ServiceValidator();
+ if(v.nullOrBlank("User", user).err()) {
+ return Result.err(Status.ERR_BadData,v.errs());
+ }
+
+ DelegateDAO.Data ddd = new DelegateDAO.Data();
+ ddd.user = user;
+ ddd.delegate = null;
+ Result<Void> rv = ques.mayUser(trans, ddd, Access.read);
+ if(rv.notOK()) {
+ return Result.err(rv);
+ }
+
+ TimeTaken tt = trans.start("Get delegates for a user", Env.SUB);
+
+ Result<List<DelegateDAO.Data>> dbDelgs = ques.delegateDAO.read(trans, user);
+ try {
+ if (dbDelgs.isOKhasData()) {
+ return mapper.delegate(dbDelgs.value);
+ } else {
+ return Result.err(Status.ERR_DelegateNotFound,"No Delegate found for [%s]",user);
+ }
+ } finally {
+ tt.done();
+ }
+ }
+
+ @Override
+ public Result<DELGS> getDelegatesByDelegate(AuthzTrans trans, String delegate) {
+ final Validator v = new ServiceValidator();
+ if(v.nullOrBlank("Delegate", delegate).err()) {
+ return Result.err(Status.ERR_BadData,v.errs());
+ }
+
+ DelegateDAO.Data ddd = new DelegateDAO.Data();
+ ddd.user = delegate;
+ Result<Void> rv = ques.mayUser(trans, ddd, Access.read);
+ if(rv.notOK()) {
+ return Result.err(rv);
+ }
+
+ TimeTaken tt = trans.start("Get users for a delegate", Env.SUB);
+
+ Result<List<DelegateDAO.Data>> dbDelgs = ques.delegateDAO.readByDelegate(trans, delegate);
+ try {
+ if (dbDelgs.isOKhasData()) {
+ return mapper.delegate(dbDelgs.value);
+ } else {
+ return Result.err(Status.ERR_DelegateNotFound,"Delegate [%s] is not delegating for anyone.",delegate);
+ }
+ } finally {
+ tt.done();
+ }
+ }
/***********************************
* APPROVAL
***********************************/
- private static final String APPR_FMT = "actor=%s, action=%s, operation=\"%s\", requestor=%s, delegator=%s";
- @Override
- public Result<Void> updateApproval(AuthzTrans trans, APPROVALS approvals) {
- Result<List<ApprovalDAO.Data>> rlad = mapper.approvals(approvals);
- if(rlad.notOK()) {
- return Result.err(rlad);
- }
- int numApprs = rlad.value.size();
- if(numApprs<1) {
- return Result.err(Status.ERR_NoApprovals,"No Approvals sent for Updating");
- }
- int numProcessed = 0;
- String user = trans.user();
-
- Result<List<ApprovalDAO.Data>> curr;
- Lookup<List<ApprovalDAO.Data>> apprByTicket=null;
- for(ApprovalDAO.Data updt : rlad.value) {
- if(updt.ticket!=null) {
- curr = ques.approvalDAO.readByTicket(trans, updt.ticket);
- if(curr.isOKhasData()) {
- final List<ApprovalDAO.Data> add = curr.value;
- apprByTicket = new Lookup<List<ApprovalDAO.Data>>() { // Store a Pre-Lookup
- @Override
- public List<ApprovalDAO.Data> get(AuthzTrans trans, Object ... noop) {
- return add;
- }
- };
- }
- } else if(updt.id!=null) {
- curr = ques.approvalDAO.read(trans, updt);
- } else if(updt.approver!=null) {
- curr = ques.approvalDAO.readByApprover(trans, updt.approver);
- } else {
- return Result.err(Status.ERR_BadData,"Approvals need ID, Ticket or Approval data to update");
- }
-
- if(curr.isOKhasData()) {
- Map<String, Result<List<DelegateDAO.Data>>> delegateCache = new HashMap<>();
- Map<UUID, FutureDAO.Data> futureCache = new HashMap<>();
- FutureDAO.Data hasDeleted = new FutureDAO.Data();
-
- for(ApprovalDAO.Data cd : curr.value) {
- if("pending".equals(cd.status)) {
- // Check for right record. Need ID, or (Ticket&Trans.User==Appr)
- // If Default ID
- boolean delegatedAction = ques.isDelegated(trans, user, cd.approver, delegateCache);
- String delegator = cd.approver;
- if(updt.id!=null ||
- (updt.ticket!=null && user.equals(cd.approver)) ||
- (updt.ticket!=null && delegatedAction)) {
- if(updt.ticket.equals(cd.ticket)) {
- Changed ch = new Changed();
- cd.id = ch.changed(cd.id,updt.id);
-// cd.ticket = changed(cd.ticket,updt.ticket);
- cd.user = ch.changed(cd.user,updt.user);
- cd.approver = ch.changed(cd.approver,updt.approver);
- cd.type = ch.changed(cd.type,updt.type);
- cd.status = ch.changed(cd.status,updt.status);
- cd.memo = ch.changed(cd.memo,updt.memo);
- cd.operation = ch.changed(cd.operation,updt.operation);
- cd.updated = ch.changed(cd.updated,updt.updated==null?new Date():updt.updated);
- if(updt.status.equals("denied")) {
- cd.last_notified = null;
- }
- if(cd.ticket!=null) {
- FutureDAO.Data fdd = futureCache.get(cd.ticket);
- if(fdd==null) { // haven't processed ticket yet
- Result<FutureDAO.Data> rfdd = ques.futureDAO.readPrimKey(trans, cd.ticket);
- if(rfdd.isOK()) {
- fdd = rfdd.value; // null is ok
- } else {
- fdd = hasDeleted;
- }
- futureCache.put(cd.ticket, fdd); // processed this Ticket... don't do others on this ticket
- }
- if(fdd==hasDeleted) { // YES, by Object
- cd.ticket = null;
- cd.status = "ticketDeleted";
- ch.hasChanged(true);
- } else {
- FUTURE_OP fop = FUTURE_OP.toFO(cd.operation);
- if(fop==null) {
- trans.info().printf("Approval Status %s is not actionable",cd.status);
- } else if(apprByTicket!=null) {
- Result<OP_STATUS> rv = func.performFutureOp(trans, fop, fdd, apprByTicket,func.urDBLookup);
- if (rv.isOK()) {
- switch(rv.value) {
- case E:
- if (delegatedAction) {
- trans.audit().printf(APPR_FMT,user,updt.status,cd.memo,cd.user,delegator);
- }
- futureCache.put(cd.ticket, hasDeleted);
- break;
- case D:
- case L:
- ch.hasChanged(true);
- trans.audit().printf(APPR_FMT,user,rv.value.desc(),cd.memo,cd.user,delegator);
- futureCache.put(cd.ticket, hasDeleted);
- break;
- default:
- }
- } else {
- trans.info().log(rv.toString());
- }
- }
-
- }
- ++numProcessed;
- }
- if(ch.hasChanged()) {
- ques.approvalDAO.update(trans, cd, true);
- }
- }
- }
- }
- }
- }
- }
-
- if(numApprs==numProcessed) {
- return Result.ok();
- }
- return Result.err(Status.ERR_ActionNotCompleted,numProcessed + " out of " + numApprs + " completed");
-
- }
-
- private static class Changed {
- private boolean hasChanged = false;
-
- public<T> T changed(T src, T proposed) {
- if(proposed==null || (src!=null && src.equals(proposed))) {
- return src;
- }
- hasChanged=true;
- return proposed;
- }
-
- public void hasChanged(boolean b) {
- hasChanged=b;
- }
-
- public boolean hasChanged() {
- return hasChanged;
- }
- }
-
- @Override
- public Result<APPROVALS> getApprovalsByUser(AuthzTrans trans, String user) {
- final Validator v = new ServiceValidator();
- if(v.nullOrBlank("User", user).err()) {
- return Result.err(Status.ERR_BadData,v.errs());
- }
-
- Result<List<ApprovalDAO.Data>> rapd = ques.approvalDAO.readByUser(trans, user);
- if(rapd.isOK()) {
- return mapper.approvals(rapd.value);
- } else {
- return Result.err(rapd);
- }
+ private static final String APPR_FMT = "actor=%s, action=%s, operation=\"%s\", requestor=%s, delegator=%s";
+ @Override
+ public Result<Void> updateApproval(AuthzTrans trans, APPROVALS approvals) {
+ Result<List<ApprovalDAO.Data>> rlad = mapper.approvals(approvals);
+ if(rlad.notOK()) {
+ return Result.err(rlad);
+ }
+ int numApprs = rlad.value.size();
+ if(numApprs<1) {
+ return Result.err(Status.ERR_NoApprovals,"No Approvals sent for Updating");
+ }
+ int numProcessed = 0;
+ String user = trans.user();
+
+ Result<List<ApprovalDAO.Data>> curr;
+ Lookup<List<ApprovalDAO.Data>> apprByTicket=null;
+ for(ApprovalDAO.Data updt : rlad.value) {
+ if(updt.ticket!=null) {
+ curr = ques.approvalDAO.readByTicket(trans, updt.ticket);
+ if(curr.isOKhasData()) {
+ final List<ApprovalDAO.Data> add = curr.value;
+ apprByTicket = new Lookup<List<ApprovalDAO.Data>>() { // Store a Pre-Lookup
+ @Override
+ public List<ApprovalDAO.Data> get(AuthzTrans trans, Object ... noop) {
+ return add;
+ }
+ };
+ }
+ } else if(updt.id!=null) {
+ curr = ques.approvalDAO.read(trans, updt);
+ } else if(updt.approver!=null) {
+ curr = ques.approvalDAO.readByApprover(trans, updt.approver);
+ } else {
+ return Result.err(Status.ERR_BadData,"Approvals need ID, Ticket or Approval data to update");
+ }
+
+ if(curr.isOKhasData()) {
+ Map<String, Result<List<DelegateDAO.Data>>> delegateCache = new HashMap<>();
+ Map<UUID, FutureDAO.Data> futureCache = new HashMap<>();
+ FutureDAO.Data hasDeleted = new FutureDAO.Data();
+
+ for(ApprovalDAO.Data cd : curr.value) {
+ if("pending".equals(cd.status)) {
+ // Check for right record. Need ID, or (Ticket&Trans.User==Appr)
+ // If Default ID
+ boolean delegatedAction = ques.isDelegated(trans, user, cd.approver, delegateCache);
+ String delegator = cd.approver;
+ if(updt.id!=null ||
+ (updt.ticket!=null && user.equals(cd.approver)) ||
+ (updt.ticket!=null && delegatedAction)) {
+ if(updt.ticket.equals(cd.ticket)) {
+ Changed ch = new Changed();
+ cd.id = ch.changed(cd.id,updt.id);
+// cd.ticket = changed(cd.ticket,updt.ticket);
+ cd.user = ch.changed(cd.user,updt.user);
+ cd.approver = ch.changed(cd.approver,updt.approver);
+ cd.type = ch.changed(cd.type,updt.type);
+ cd.status = ch.changed(cd.status,updt.status);
+ cd.memo = ch.changed(cd.memo,updt.memo);
+ cd.operation = ch.changed(cd.operation,updt.operation);
+ cd.updated = ch.changed(cd.updated,updt.updated==null?new Date():updt.updated);
+ if(updt.status.equals("denied")) {
+ cd.last_notified = null;
+ }
+ if(cd.ticket!=null) {
+ FutureDAO.Data fdd = futureCache.get(cd.ticket);
+ if(fdd==null) { // haven't processed ticket yet
+ Result<FutureDAO.Data> rfdd = ques.futureDAO.readPrimKey(trans, cd.ticket);
+ if(rfdd.isOK()) {
+ fdd = rfdd.value; // null is ok
+ } else {
+ fdd = hasDeleted;
+ }
+ futureCache.put(cd.ticket, fdd); // processed this Ticket... don't do others on this ticket
+ }
+ if(fdd==hasDeleted) { // YES, by Object
+ cd.ticket = null;
+ cd.status = "ticketDeleted";
+ ch.hasChanged(true);
+ } else {
+ FUTURE_OP fop = FUTURE_OP.toFO(cd.operation);
+ if(fop==null) {
+ trans.info().printf("Approval Status %s is not actionable",cd.status);
+ } else if(apprByTicket!=null) {
+ Result<OP_STATUS> rv = func.performFutureOp(trans, fop, fdd, apprByTicket,func.urDBLookup);
+ if (rv.isOK()) {
+ switch(rv.value) {
+ case E:
+ if (delegatedAction) {
+ trans.audit().printf(APPR_FMT,user,updt.status,cd.memo,cd.user,delegator);
+ }
+ futureCache.put(cd.ticket, hasDeleted);
+ break;
+ case D:
+ case L:
+ ch.hasChanged(true);
+ trans.audit().printf(APPR_FMT,user,rv.value.desc(),cd.memo,cd.user,delegator);
+ futureCache.put(cd.ticket, hasDeleted);
+ break;
+ default:
+ }
+ } else {
+ trans.info().log(rv.toString());
+ }
+ }
+
+ }
+ ++numProcessed;
+ }
+ if(ch.hasChanged()) {
+ ques.approvalDAO.update(trans, cd, true);
+ }
+ }
+ }
+ }
+ }
+ }
+ }
+
+ if(numApprs==numProcessed) {
+ return Result.ok();
+ }
+ return Result.err(Status.ERR_ActionNotCompleted,numProcessed + " out of " + numApprs + " completed");
+
+ }
+
+ private static class Changed {
+ private boolean hasChanged = false;
+
+ public<T> T changed(T src, T proposed) {
+ if(proposed==null || (src!=null && src.equals(proposed))) {
+ return src;
+ }
+ hasChanged=true;
+ return proposed;
+ }
+
+ public void hasChanged(boolean b) {
+ hasChanged=b;
+ }
+
+ public boolean hasChanged() {
+ return hasChanged;
+ }
+ }
+
+ @Override
+ public Result<APPROVALS> getApprovalsByUser(AuthzTrans trans, String user) {
+ final Validator v = new ServiceValidator();
+ if(v.nullOrBlank("User", user).err()) {
+ return Result.err(Status.ERR_BadData,v.errs());
+ }
+
+ Result<List<ApprovalDAO.Data>> rapd = ques.approvalDAO.readByUser(trans, user);
+ if(rapd.isOK()) {
+ return mapper.approvals(rapd.value);
+ } else {
+ return Result.err(rapd);
+ }
}
- @Override
- public Result<APPROVALS> getApprovalsByTicket(AuthzTrans trans, String ticket) {
- final Validator v = new ServiceValidator();
- if(v.nullOrBlank("Ticket", ticket).err()) {
- return Result.err(Status.ERR_BadData,v.errs());
- }
- UUID uuid;
- try {
- uuid = UUID.fromString(ticket);
- } catch (IllegalArgumentException e) {
- return Result.err(Status.ERR_BadData,e.getMessage());
- }
-
- Result<List<ApprovalDAO.Data>> rapd = ques.approvalDAO.readByTicket(trans, uuid);
- if(rapd.isOK()) {
- return mapper.approvals(rapd.value);
- } else {
- return Result.err(rapd);
- }
- }
-
- @Override
- public Result<APPROVALS> getApprovalsByApprover(AuthzTrans trans, String approver) {
- final Validator v = new ServiceValidator();
- if(v.nullOrBlank("Approver", approver).err()) {
- return Result.err(Status.ERR_BadData,v.errs());
- }
-
- List<ApprovalDAO.Data> listRapds = new ArrayList<>();
-
- Result<List<ApprovalDAO.Data>> myRapd = ques.approvalDAO.readByApprover(trans, approver);
- if(myRapd.notOK()) {
- return Result.err(myRapd);
- }
-
- listRapds.addAll(myRapd.value);
-
- Result<List<DelegateDAO.Data>> delegatedFor = ques.delegateDAO.readByDelegate(trans, approver);
- if (delegatedFor.isOK()) {
- for (DelegateDAO.Data dd : delegatedFor.value) {
- if (dd.expires.after(new Date())) {
- String delegator = dd.user;
- Result<List<ApprovalDAO.Data>> rapd = ques.approvalDAO.readByApprover(trans, delegator);
- if (rapd.isOK()) {
- for (ApprovalDAO.Data d : rapd.value) {
- if (!d.user.equals(trans.user())) {
- listRapds.add(d);
- }
- }
- }
- }
- }
- }
-
- return mapper.approvals(listRapds);
- }
-
- /* (non-Javadoc)
- * @see org.onap.aaf.auth.service.AuthzService#clearCache(org.onap.aaf.auth.env.test.AuthzTrans, java.lang.String)
- */
- @Override
- public Result<Void> cacheClear(AuthzTrans trans, String cname) {
- if(ques.isGranted(trans,trans.user(),ROOT_NS,CACHE,cname,"clear")) {
- return ques.clearCache(trans,cname);
- }
- return Result.err(Status.ERR_Denied, "%s does not have AAF Permission '%s.%s|%s|clear",
- trans.user(),ROOT_NS,CACHE,cname);
- }
-
- /* (non-Javadoc)
- * @see org.onap.aaf.auth.service.AuthzService#cacheClear(org.onap.aaf.auth.env.test.AuthzTrans, java.lang.String, java.lang.Integer)
- */
- @Override
- public Result<Void> cacheClear(AuthzTrans trans, String cname, int[] segment) {
- if(ques.isGranted(trans,trans.user(),ROOT_NS,CACHE,cname,"clear")) {
- Result<Void> v=null;
- for(int i: segment) {
- v=ques.cacheClear(trans,cname,i);
- }
- if(v!=null) {
- return v;
- }
- }
- return Result.err(Status.ERR_Denied, "%s does not have AAF Permission '%s.%s|%s|clear",
- trans.user(),ROOT_NS,CACHE,cname);
- }
-
- /* (non-Javadoc)
- * @see org.onap.aaf.auth.service.AuthzService#dbReset(org.onap.aaf.auth.env.test.AuthzTrans)
- */
- @Override
- public void dbReset(AuthzTrans trans) {
- ques.historyDAO.reportPerhapsReset(trans, null);
- }
+ @Override
+ public Result<APPROVALS> getApprovalsByTicket(AuthzTrans trans, String ticket) {
+ final Validator v = new ServiceValidator();
+ if(v.nullOrBlank("Ticket", ticket).err()) {
+ return Result.err(Status.ERR_BadData,v.errs());
+ }
+ UUID uuid;
+ try {
+ uuid = UUID.fromString(ticket);
+ } catch (IllegalArgumentException e) {
+ return Result.err(Status.ERR_BadData,e.getMessage());
+ }
+
+ Result<List<ApprovalDAO.Data>> rapd = ques.approvalDAO.readByTicket(trans, uuid);
+ if(rapd.isOK()) {
+ return mapper.approvals(rapd.value);
+ } else {
+ return Result.err(rapd);
+ }
+ }
+
+ @Override
+ public Result<APPROVALS> getApprovalsByApprover(AuthzTrans trans, String approver) {
+ final Validator v = new ServiceValidator();
+ if(v.nullOrBlank("Approver", approver).err()) {
+ return Result.err(Status.ERR_BadData,v.errs());
+ }
+
+ List<ApprovalDAO.Data> listRapds = new ArrayList<>();
+
+ Result<List<ApprovalDAO.Data>> myRapd = ques.approvalDAO.readByApprover(trans, approver);
+ if(myRapd.notOK()) {
+ return Result.err(myRapd);
+ }
+
+ listRapds.addAll(myRapd.value);
+
+ Result<List<DelegateDAO.Data>> delegatedFor = ques.delegateDAO.readByDelegate(trans, approver);
+ if (delegatedFor.isOK()) {
+ for (DelegateDAO.Data dd : delegatedFor.value) {
+ if (dd.expires.after(new Date())) {
+ String delegator = dd.user;
+ Result<List<ApprovalDAO.Data>> rapd = ques.approvalDAO.readByApprover(trans, delegator);
+ if (rapd.isOK()) {
+ for (ApprovalDAO.Data d : rapd.value) {
+ if (!d.user.equals(trans.user())) {
+ listRapds.add(d);
+ }
+ }
+ }
+ }
+ }
+ }
+
+ return mapper.approvals(listRapds);
+ }
+
+ /* (non-Javadoc)
+ * @see org.onap.aaf.auth.service.AuthzService#clearCache(org.onap.aaf.auth.env.test.AuthzTrans, java.lang.String)
+ */
+ @Override
+ public Result<Void> cacheClear(AuthzTrans trans, String cname) {
+ if(ques.isGranted(trans,trans.user(),ROOT_NS,CACHE,cname,"clear")) {
+ return ques.clearCache(trans,cname);
+ }
+ return Result.err(Status.ERR_Denied, "%s does not have AAF Permission '%s.%s|%s|clear",
+ trans.user(),ROOT_NS,CACHE,cname);
+ }
+
+ /* (non-Javadoc)
+ * @see org.onap.aaf.auth.service.AuthzService#cacheClear(org.onap.aaf.auth.env.test.AuthzTrans, java.lang.String, java.lang.Integer)
+ */
+ @Override
+ public Result<Void> cacheClear(AuthzTrans trans, String cname, int[] segment) {
+ if(ques.isGranted(trans,trans.user(),ROOT_NS,CACHE,cname,"clear")) {
+ Result<Void> v=null;
+ for(int i: segment) {
+ v=ques.cacheClear(trans,cname,i);
+ }
+ if(v!=null) {
+ return v;
+ }
+ }
+ return Result.err(Status.ERR_Denied, "%s does not have AAF Permission '%s.%s|%s|clear",
+ trans.user(),ROOT_NS,CACHE,cname);
+ }
+
+ /* (non-Javadoc)
+ * @see org.onap.aaf.auth.service.AuthzService#dbReset(org.onap.aaf.auth.env.test.AuthzTrans)
+ */
+ @Override
+ public void dbReset(AuthzTrans trans) {
+ ques.historyDAO.reportPerhapsReset(trans, null);
+ }
}
diff --git a/auth/auth-service/src/main/java/org/onap/aaf/auth/service/AuthzService.java b/auth/auth-service/src/main/java/org/onap/aaf/auth/service/AuthzService.java
index 01e18510..6d4836d7 100644
--- a/auth/auth-service/src/main/java/org/onap/aaf/auth/service/AuthzService.java
+++ b/auth/auth-service/src/main/java/org/onap/aaf/auth/service/AuthzService.java
@@ -32,737 +32,737 @@ import org.onap.aaf.auth.layer.Result;
import org.onap.aaf.auth.service.mapper.Mapper;
public interface AuthzService<NSS,PERMS,PERMKEY,ROLES,USERS,USERROLES,DELGS,CERTS,KEYS,REQUEST,HISTORY,ERR,APPROVALS> {
- public Mapper<NSS,PERMS,PERMKEY,ROLES,USERS,USERROLES,DELGS,CERTS,KEYS,REQUEST,HISTORY,ERR,APPROVALS> mapper();
-
+ public Mapper<NSS,PERMS,PERMKEY,ROLES,USERS,USERROLES,DELGS,CERTS,KEYS,REQUEST,HISTORY,ERR,APPROVALS> mapper();
+
/***********************************
* NAMESPACE
***********************************/
- /**
- *
- * @param trans
- * @param user
- * @param ns
- * @return
- * @throws DAOException
- * @throws
- */
- public Result<Void> createNS(AuthzTrans trans, REQUEST request, NsType type);
-
- /**
- *
- * @param trans
- * @param ns
- * @return
- */
- public Result<Void> addAdminNS(AuthzTrans trans, String ns, String id);
-
- /**
- *
- * @param trans
- * @param ns
- * @return
- */
- public Result<Void> delAdminNS(AuthzTrans trans, String ns, String id);
-
- /**
- *
- * @param trans
- * @param ns
- * @param id
- * @return
- */
- public Result<Void> addResponsibleNS(AuthzTrans trans, String ns, String id);
-
- /**
- *
- * @param trans
- * @param ns
- * @param id
- * @return
- */
- public Result<Void> delResponsibleNS(AuthzTrans trans, String ns, String id);
-
- /**
- *
- * @param trans
- * @param ns
- * @param key
- * @param value
- * @return
- */
- public Result<Void> createNsAttrib(AuthzTrans trans, String ns, String key, String value);
-
- /**
- *
- * @param trans
- * @param ns
- * @param key
- * @param value
- * @return
- */
- public Result<?> updateNsAttrib(AuthzTrans trans, String ns, String key, String value);
-
- /**
- *
- * @param trans
- * @param ns
- * @param key
- * @return
- */
- public Result<Void> deleteNsAttrib(AuthzTrans trans, String ns, String key);
-
- /**
- *
- * @param trans
- * @param ns
- * @param key
- * @return
- */
- public Result<KEYS> readNsByAttrib(AuthzTrans trans, String key);
-
-
- /**
- *
- * @param trans
- * @param ns
- * @return
- */
- public Result<NSS> getNSbyName(AuthzTrans trans, String ns);
-
- /**
- *
- * @param trans
- * @param user
- * @return
- */
- public Result<NSS> getNSbyAdmin(AuthzTrans trans, String user, boolean full);
-
- /**
- *
- * @param trans
- * @param user
- * @return
- */
- public Result<NSS> getNSbyResponsible(AuthzTrans trans, String user, boolean full);
-
- /**
- *
- * @param trans
- * @param user
- * @return
- */
- public Result<NSS> getNSbyEither(AuthzTrans trans, String user, boolean full);
-
- /**
- *
- * @param trans
- * @param parent
- * @return
- */
- public Result<NSS> getNSsChildren(AuthzTrans trans, String parent);
-
- /**
- *
- * @param trans
- * @param req
- * @return
- */
- public Result<Void> updateNsDescription(AuthzTrans trans, REQUEST req);
-
- /**
- *
- * @param trans
- * @param ns
- * @param user
- * @return
- * @throws DAOException
- */
- public Result<Void> deleteNS(AuthzTrans trans, String ns);
+ /**
+ *
+ * @param trans
+ * @param user
+ * @param ns
+ * @return
+ * @throws DAOException
+ * @throws
+ */
+ public Result<Void> createNS(AuthzTrans trans, REQUEST request, NsType type);
+
+ /**
+ *
+ * @param trans
+ * @param ns
+ * @return
+ */
+ public Result<Void> addAdminNS(AuthzTrans trans, String ns, String id);
+
+ /**
+ *
+ * @param trans
+ * @param ns
+ * @return
+ */
+ public Result<Void> delAdminNS(AuthzTrans trans, String ns, String id);
+
+ /**
+ *
+ * @param trans
+ * @param ns
+ * @param id
+ * @return
+ */
+ public Result<Void> addResponsibleNS(AuthzTrans trans, String ns, String id);
+
+ /**
+ *
+ * @param trans
+ * @param ns
+ * @param id
+ * @return
+ */
+ public Result<Void> delResponsibleNS(AuthzTrans trans, String ns, String id);
+
+ /**
+ *
+ * @param trans
+ * @param ns
+ * @param key
+ * @param value
+ * @return
+ */
+ public Result<Void> createNsAttrib(AuthzTrans trans, String ns, String key, String value);
+
+ /**
+ *
+ * @param trans
+ * @param ns
+ * @param key
+ * @param value
+ * @return
+ */
+ public Result<?> updateNsAttrib(AuthzTrans trans, String ns, String key, String value);
+
+ /**
+ *
+ * @param trans
+ * @param ns
+ * @param key
+ * @return
+ */
+ public Result<Void> deleteNsAttrib(AuthzTrans trans, String ns, String key);
+
+ /**
+ *
+ * @param trans
+ * @param ns
+ * @param key
+ * @return
+ */
+ public Result<KEYS> readNsByAttrib(AuthzTrans trans, String key);
+
+
+ /**
+ *
+ * @param trans
+ * @param ns
+ * @return
+ */
+ public Result<NSS> getNSbyName(AuthzTrans trans, String ns);
+
+ /**
+ *
+ * @param trans
+ * @param user
+ * @return
+ */
+ public Result<NSS> getNSbyAdmin(AuthzTrans trans, String user, boolean full);
+
+ /**
+ *
+ * @param trans
+ * @param user
+ * @return
+ */
+ public Result<NSS> getNSbyResponsible(AuthzTrans trans, String user, boolean full);
+
+ /**
+ *
+ * @param trans
+ * @param user
+ * @return
+ */
+ public Result<NSS> getNSbyEither(AuthzTrans trans, String user, boolean full);
+
+ /**
+ *
+ * @param trans
+ * @param parent
+ * @return
+ */
+ public Result<NSS> getNSsChildren(AuthzTrans trans, String parent);
+
+ /**
+ *
+ * @param trans
+ * @param req
+ * @return
+ */
+ public Result<Void> updateNsDescription(AuthzTrans trans, REQUEST req);
+
+ /**
+ *
+ * @param trans
+ * @param ns
+ * @param user
+ * @return
+ * @throws DAOException
+ */
+ public Result<Void> deleteNS(AuthzTrans trans, String ns);
/***********************************
* PERM
***********************************/
- /**
- *
- * @param trans
- * @param rreq
- * @return
- * @throws DAOException
- * @throws MappingException
- */
- public Result<Void> createPerm(AuthzTrans trans, REQUEST rreq);
-
- /**
- *
- * @param trans
- * @param childPerm
- * @return
- * @throws DAOException
- */
- public Result<PERMS> getPermsByType(AuthzTrans trans, String perm);
-
- /**
- *
- * @param trans
- * @param type
- * @param instance
- * @param action
- * @return
- */
- public Result<PERMS> getPermsByName(AuthzTrans trans, String type,
- String instance, String action);
-
- /**
- * Gets all the permissions for a user across all the roles it is assigned to
- * @param userName
- * @return
- * @throws Exception
- * @throws Exception
- */
- public Result<PERMS> getPermsByUser(AuthzTrans trans, String userName);
-
- /**
- * Gets all the permissions for a user across all the roles it is assigned to, filtered by NS (Scope)
- *
- * @param trans
- * @param user
- * @param scopes
- * @return
- */
- public Result<PERMS> getPermsByUserScope(AuthzTrans trans, String user, String[] scopes);
-
-
- /**
- * Gets all the permissions for a user across all the roles it is assigned to
- *
- * Add AAF Perms representing the "MayUser" calls if
- * 1) Allowed
- * 2) User has equivalent permission
- *
- * @param userName
- * @return
- * @throws Exception
- * @throws Exception
- */
- public Result<PERMS> getPermsByUser(AuthzTrans trans, PERMS perms, String userName);
-
- /**
- *
- * Gets all the permissions for a user across all the roles it is assigned to
- *
- * @param roleName
- * @return
- * @throws Exception
- */
- public Result<PERMS> getPermsByRole(AuthzTrans trans, String roleName);
-
- /**
- *
- * @param trans
- * @param ns
- * @return
- */
- public Result<PERMS> getPermsByNS(AuthzTrans trans, String ns);
-
- /**
- * rename permission
- *
- * @param trans
- * @param rreq
- * @param isRename
- * @param origType
- * @param origInstance
- * @param origAction
- * @return
- */
- public Result<Void> renamePerm(AuthzTrans trans, REQUEST rreq, String origType, String origInstance, String origAction);
-
- /**
- *
- * @param trans
- * @param req
- * @return
- */
- public Result<Void> updatePermDescription(AuthzTrans trans, REQUEST req);
-
- /**
- *
- * @param trans
- * @param from
- * @return
- */
- public Result<Void> resetPermRoles(AuthzTrans trans, REQUEST from);
-
- /**
- *
- * @param trans
- * @param from
- * @return
- * @throws Exception
- */
- public Result<Void> deletePerm(AuthzTrans trans, REQUEST from);
-
- /**
- *
- * @param trans
- * @param user
- * @param perm
- * @param type
- * @param action
- * @return
- * @throws Exception
- */
- Result<Void> deletePerm(AuthzTrans trans, String perm, String type, String action);
+ /**
+ *
+ * @param trans
+ * @param rreq
+ * @return
+ * @throws DAOException
+ * @throws MappingException
+ */
+ public Result<Void> createPerm(AuthzTrans trans, REQUEST rreq);
+
+ /**
+ *
+ * @param trans
+ * @param childPerm
+ * @return
+ * @throws DAOException
+ */
+ public Result<PERMS> getPermsByType(AuthzTrans trans, String perm);
+
+ /**
+ *
+ * @param trans
+ * @param type
+ * @param instance
+ * @param action
+ * @return
+ */
+ public Result<PERMS> getPermsByName(AuthzTrans trans, String type,
+ String instance, String action);
+
+ /**
+ * Gets all the permissions for a user across all the roles it is assigned to
+ * @param userName
+ * @return
+ * @throws Exception
+ * @throws Exception
+ */
+ public Result<PERMS> getPermsByUser(AuthzTrans trans, String userName);
+
+ /**
+ * Gets all the permissions for a user across all the roles it is assigned to, filtered by NS (Scope)
+ *
+ * @param trans
+ * @param user
+ * @param scopes
+ * @return
+ */
+ public Result<PERMS> getPermsByUserScope(AuthzTrans trans, String user, String[] scopes);
+
+
+ /**
+ * Gets all the permissions for a user across all the roles it is assigned to
+ *
+ * Add AAF Perms representing the "MayUser" calls if
+ * 1) Allowed
+ * 2) User has equivalent permission
+ *
+ * @param userName
+ * @return
+ * @throws Exception
+ * @throws Exception
+ */
+ public Result<PERMS> getPermsByUser(AuthzTrans trans, PERMS perms, String userName);
+
+ /**
+ *
+ * Gets all the permissions for a user across all the roles it is assigned to
+ *
+ * @param roleName
+ * @return
+ * @throws Exception
+ */
+ public Result<PERMS> getPermsByRole(AuthzTrans trans, String roleName);
+
+ /**
+ *
+ * @param trans
+ * @param ns
+ * @return
+ */
+ public Result<PERMS> getPermsByNS(AuthzTrans trans, String ns);
+
+ /**
+ * rename permission
+ *
+ * @param trans
+ * @param rreq
+ * @param isRename
+ * @param origType
+ * @param origInstance
+ * @param origAction
+ * @return
+ */
+ public Result<Void> renamePerm(AuthzTrans trans, REQUEST rreq, String origType, String origInstance, String origAction);
+
+ /**
+ *
+ * @param trans
+ * @param req
+ * @return
+ */
+ public Result<Void> updatePermDescription(AuthzTrans trans, REQUEST req);
+
+ /**
+ *
+ * @param trans
+ * @param from
+ * @return
+ */
+ public Result<Void> resetPermRoles(AuthzTrans trans, REQUEST from);
+
+ /**
+ *
+ * @param trans
+ * @param from
+ * @return
+ * @throws Exception
+ */
+ public Result<Void> deletePerm(AuthzTrans trans, REQUEST from);
+
+ /**
+ *
+ * @param trans
+ * @param user
+ * @param perm
+ * @param type
+ * @param action
+ * @return
+ * @throws Exception
+ */
+ Result<Void> deletePerm(AuthzTrans trans, String perm, String type, String action);
/***********************************
* ROLE
***********************************/
- /**
- *
- * @param trans
- * @param user
- * @param role
- * @param approvers
- * @return
- * @throws DAOException
- * @throws Exception
- */
- public Result<Void> createRole(AuthzTrans trans, REQUEST req);
-
- /**
- *
- * @param trans
- * @param role
- * @return
- */
- public Result<ROLES> getRolesByName(AuthzTrans trans, String role);
-
- /**
- *
- * @param trans
- * @param user
- * @return
- * @throws DAOException
- */
- public Result<ROLES> getRolesByUser(AuthzTrans trans, String user);
-
- /**
- *
- * @param trans
- * @param user
- * @return
- */
- public Result<ROLES> getRolesByNS(AuthzTrans trans, String user);
-
- /**
- *
- * @param trans
- * @param name
- * @return
- */
- public Result<ROLES> getRolesByNameOnly(AuthzTrans trans, String name);
-
- /**
- *
- * @param trans
- * @param type
- * @param instance
- * @param action
- * @return
- */
- public Result<ROLES> getRolesByPerm(AuthzTrans trans, String type, String instance, String action);
-
- /**
- *
- * @param trans
- * @param req
- * @return
- */
- public Result<Void> updateRoleDescription(AuthzTrans trans, REQUEST req);
-
- /**
- *
- * @param trans
- * @param rreq
- * @return
- * @throws DAOException
- */
- public Result<Void> addPermToRole(AuthzTrans trans, REQUEST rreq);
-
-
- /**
- *
- * @param trans
- * @param rreq
- * @return
- * @throws DAOException
- */
- Result<Void> delPermFromRole(AuthzTrans trans, REQUEST rreq);
-
- /**
- * Itemized key delete
- * @param trans
- * @param role
- * @param type
- * @param instance
- * @param action
- * @return
- */
- public Result<Void> delPermFromRole(AuthzTrans trans, String role, String type, String instance, String action);
-
- /**
- *
- * @param trans
- * @param user
- * @param role
- * @return
- * @throws DAOException
- * @throws MappingException
- */
- public Result<Void> deleteRole(AuthzTrans trans, String role);
-
- /**
- *
- * @param trans
- * @param req
- * @return
- */
- public Result<Void> deleteRole(AuthzTrans trans, REQUEST req);
+ /**
+ *
+ * @param trans
+ * @param user
+ * @param role
+ * @param approvers
+ * @return
+ * @throws DAOException
+ * @throws Exception
+ */
+ public Result<Void> createRole(AuthzTrans trans, REQUEST req);
+
+ /**
+ *
+ * @param trans
+ * @param role
+ * @return
+ */
+ public Result<ROLES> getRolesByName(AuthzTrans trans, String role);
+
+ /**
+ *
+ * @param trans
+ * @param user
+ * @return
+ * @throws DAOException
+ */
+ public Result<ROLES> getRolesByUser(AuthzTrans trans, String user);
+
+ /**
+ *
+ * @param trans
+ * @param user
+ * @return
+ */
+ public Result<ROLES> getRolesByNS(AuthzTrans trans, String user);
+
+ /**
+ *
+ * @param trans
+ * @param name
+ * @return
+ */
+ public Result<ROLES> getRolesByNameOnly(AuthzTrans trans, String name);
+
+ /**
+ *
+ * @param trans
+ * @param type
+ * @param instance
+ * @param action
+ * @return
+ */
+ public Result<ROLES> getRolesByPerm(AuthzTrans trans, String type, String instance, String action);
+
+ /**
+ *
+ * @param trans
+ * @param req
+ * @return
+ */
+ public Result<Void> updateRoleDescription(AuthzTrans trans, REQUEST req);
+
+ /**
+ *
+ * @param trans
+ * @param rreq
+ * @return
+ * @throws DAOException
+ */
+ public Result<Void> addPermToRole(AuthzTrans trans, REQUEST rreq);
+
+
+ /**
+ *
+ * @param trans
+ * @param rreq
+ * @return
+ * @throws DAOException
+ */
+ Result<Void> delPermFromRole(AuthzTrans trans, REQUEST rreq);
+
+ /**
+ * Itemized key delete
+ * @param trans
+ * @param role
+ * @param type
+ * @param instance
+ * @param action
+ * @return
+ */
+ public Result<Void> delPermFromRole(AuthzTrans trans, String role, String type, String instance, String action);
+
+ /**
+ *
+ * @param trans
+ * @param user
+ * @param role
+ * @return
+ * @throws DAOException
+ * @throws MappingException
+ */
+ public Result<Void> deleteRole(AuthzTrans trans, String role);
+
+ /**
+ *
+ * @param trans
+ * @param req
+ * @return
+ */
+ public Result<Void> deleteRole(AuthzTrans trans, REQUEST req);
/***********************************
* CRED
***********************************/
- /**
- *
- * @param trans
- * @param from
- * @return
- */
- Result<Void> createUserCred(AuthzTrans trans, REQUEST from);
-
- /**
- *
- * @param trans
- * @param from
- * @return
- */
- Result<Void> changeUserCred(AuthzTrans trans, REQUEST from);
-
- /**
- *
- * @param trans
- * @param from
- * @param days
- * @return
- */
- Result<Void> extendUserCred(AuthzTrans trans, REQUEST from, String days);
-
- /**
- *
- * @param trans
- * @param ns
- * @return
- */
- public Result<USERS> getCredsByNS(AuthzTrans trans, String ns);
-
- /**
- *
- * @param trans
- * @param id
- * @return
- */
- public Result<USERS> getCredsByID(AuthzTrans trans, String id);
-
- /**
- *
- * @param trans
- * @param req
- * @param id
- * @return
- */
- public Result<CERTS> getCertInfoByID(AuthzTrans trans, HttpServletRequest req, String id);
-
- /**
- *
- * @param trans
- * @param credReq
- * @return
- */
- public Result<Void> deleteUserCred(AuthzTrans trans, REQUEST credReq);
-
- /**
- *
- * @param trans
- * @param user
- * @return
- * @throws Exception
- */
- public Result<Date> doesCredentialMatch(AuthzTrans trans, REQUEST credReq);
-
- /**
- *
- * @param trans
- * @param basicAuth
- * @return
- */
- public Result<Date> validateBasicAuth(AuthzTrans trans, String basicAuth);
-
- /**
- *
- * @param trans
- * @param role
- * @return
- */
- public Result<USERS> getUsersByRole(AuthzTrans trans, String role);
-
- /**
- *
- * @param trans
- * @param role
- * @return
- */
- public Result<USERS> getUserInRole(AuthzTrans trans, String user, String role);
-
- /**
- *
- * @param trans
- * @param type
- * @param instance
- * @param action
- * @return
- */
- public Result<USERS> getUsersByPermission(AuthzTrans trans,String type, String instance, String action);
-
-
+ /**
+ *
+ * @param trans
+ * @param from
+ * @return
+ */
+ Result<Void> createUserCred(AuthzTrans trans, REQUEST from);
+
+ /**
+ *
+ * @param trans
+ * @param from
+ * @return
+ */
+ Result<Void> changeUserCred(AuthzTrans trans, REQUEST from);
+
+ /**
+ *
+ * @param trans
+ * @param from
+ * @param days
+ * @return
+ */
+ Result<Void> extendUserCred(AuthzTrans trans, REQUEST from, String days);
+
+ /**
+ *
+ * @param trans
+ * @param ns
+ * @return
+ */
+ public Result<USERS> getCredsByNS(AuthzTrans trans, String ns);
+
+ /**
+ *
+ * @param trans
+ * @param id
+ * @return
+ */
+ public Result<USERS> getCredsByID(AuthzTrans trans, String id);
+
+ /**
+ *
+ * @param trans
+ * @param req
+ * @param id
+ * @return
+ */
+ public Result<CERTS> getCertInfoByID(AuthzTrans trans, HttpServletRequest req, String id);
+
+ /**
+ *
+ * @param trans
+ * @param credReq
+ * @return
+ */
+ public Result<Void> deleteUserCred(AuthzTrans trans, REQUEST credReq);
+
+ /**
+ *
+ * @param trans
+ * @param user
+ * @return
+ * @throws Exception
+ */
+ public Result<Date> doesCredentialMatch(AuthzTrans trans, REQUEST credReq);
+
+ /**
+ *
+ * @param trans
+ * @param basicAuth
+ * @return
+ */
+ public Result<Date> validateBasicAuth(AuthzTrans trans, String basicAuth);
+
+ /**
+ *
+ * @param trans
+ * @param role
+ * @return
+ */
+ public Result<USERS> getUsersByRole(AuthzTrans trans, String role);
+
+ /**
+ *
+ * @param trans
+ * @param role
+ * @return
+ */
+ public Result<USERS> getUserInRole(AuthzTrans trans, String user, String role);
+
+ /**
+ *
+ * @param trans
+ * @param type
+ * @param instance
+ * @param action
+ * @return
+ */
+ public Result<USERS> getUsersByPermission(AuthzTrans trans,String type, String instance, String action);
+
+
/***********************************
* USER-ROLE
***********************************/
- /**
- *
- * @param trans
- * @param user
- * @param request
- * @return
- * @throws Exception
- */
- public Result<Void> createUserRole(AuthzTrans trans, REQUEST request);
-
- /**
- *
- * @param trans
- * @param role
- * @return
- */
- public Result<USERROLES> getUserRolesByRole(AuthzTrans trans, String role);
-
- /**
- *
- * @param trans
- * @param role
- * @return
- */
- public Result<USERROLES> getUserRolesByUser(AuthzTrans trans, String user);
-
- /**
- *
- * @param trans
- * @param from
- * @return
- */
- public Result<Void> resetRolesForUser(AuthzTrans trans, REQUEST from);
-
- /**
- *
- * @param trans
- * @param from
- * @return
- */
- public Result<Void> resetUsersForRole(AuthzTrans trans, REQUEST from);
-
- /**
- *
- * @param trans
- * @param user
- * @param role
- * @return
- */
- public Result<Void> extendUserRole(AuthzTrans trans, String user,
- String role);
-
- /**
- *
- * @param trans
- * @param user
- * @param usr
- * @param role
- * @return
- * @throws DAOException
- */
- public Result<Void> deleteUserRole(AuthzTrans trans, String usr, String role);
+ /**
+ *
+ * @param trans
+ * @param user
+ * @param request
+ * @return
+ * @throws Exception
+ */
+ public Result<Void> createUserRole(AuthzTrans trans, REQUEST request);
+
+ /**
+ *
+ * @param trans
+ * @param role
+ * @return
+ */
+ public Result<USERROLES> getUserRolesByRole(AuthzTrans trans, String role);
+
+ /**
+ *
+ * @param trans
+ * @param role
+ * @return
+ */
+ public Result<USERROLES> getUserRolesByUser(AuthzTrans trans, String user);
+
+ /**
+ *
+ * @param trans
+ * @param from
+ * @return
+ */
+ public Result<Void> resetRolesForUser(AuthzTrans trans, REQUEST from);
+
+ /**
+ *
+ * @param trans
+ * @param from
+ * @return
+ */
+ public Result<Void> resetUsersForRole(AuthzTrans trans, REQUEST from);
+
+ /**
+ *
+ * @param trans
+ * @param user
+ * @param role
+ * @return
+ */
+ public Result<Void> extendUserRole(AuthzTrans trans, String user,
+ String role);
+
+ /**
+ *
+ * @param trans
+ * @param user
+ * @param usr
+ * @param role
+ * @return
+ * @throws DAOException
+ */
+ public Result<Void> deleteUserRole(AuthzTrans trans, String usr, String role);
/***********************************
* HISTORY
- ***********************************/
- /**
- *
- * @param trans
- * @param user
- * @param yyyymm
- * @return
- */
- public Result<HISTORY> getHistoryByUser(AuthzTrans trans, String user, int[] yyyymm, int sort);
-
- /**
- *
- * @param trans
- * @param subj
- * @param yyyymm
- * @param sort
- * @return
- */
- public Result<HISTORY> getHistoryByRole(AuthzTrans trans, String subj, int[] yyyymm, int sort);
-
- /**
- *
- * @param trans
- * @param subj
- * @param yyyymm
- * @param sort
- * @return
- */
- public Result<HISTORY> getHistoryByPerm(AuthzTrans trans, String subj, int[] yyyymm, int sort);
-
- /**
- *
- * @param trans
- * @param subj
- * @param yyyymm
- * @param sort
- * @return
- */
- public Result<HISTORY> getHistoryByNS(AuthzTrans trans, String subj, int[] yyyymm, int sort);
+ ***********************************/
+ /**
+ *
+ * @param trans
+ * @param user
+ * @param yyyymm
+ * @return
+ */
+ public Result<HISTORY> getHistoryByUser(AuthzTrans trans, String user, int[] yyyymm, int sort);
+
+ /**
+ *
+ * @param trans
+ * @param subj
+ * @param yyyymm
+ * @param sort
+ * @return
+ */
+ public Result<HISTORY> getHistoryByRole(AuthzTrans trans, String subj, int[] yyyymm, int sort);
+
+ /**
+ *
+ * @param trans
+ * @param subj
+ * @param yyyymm
+ * @param sort
+ * @return
+ */
+ public Result<HISTORY> getHistoryByPerm(AuthzTrans trans, String subj, int[] yyyymm, int sort);
+
+ /**
+ *
+ * @param trans
+ * @param subj
+ * @param yyyymm
+ * @param sort
+ * @return
+ */
+ public Result<HISTORY> getHistoryByNS(AuthzTrans trans, String subj, int[] yyyymm, int sort);
/***********************************
* DELEGATE
***********************************/
- /**
- *
- * @param trans
- * @param delegates
- * @return
- * @throws Exception
- */
- public Result<Void> createDelegate(AuthzTrans trans, REQUEST reqDelegate);
-
- /**
- *
- * @param trans
- * @param delegates
- * @return
- * @throws Exception
- */
- public Result<Void> updateDelegate(AuthzTrans trans, REQUEST reqDelegate);
-
- /**
- *
- * @param trans
- * @param userName
- * @param delegate
- * @return
- * @throws Exception
- */
- public Result<Void> deleteDelegate(AuthzTrans trans, REQUEST reqDelegate);
-
- /**
- *
- * @param trans
- * @param userName
- * @return
- */
- public Result<Void> deleteDelegate(AuthzTrans trans, String userName);
-
- /**
- *
- * @param trans
- * @param user
- * @return
- * @throws Exception
- */
- public Result<DELGS> getDelegatesByUser(AuthzTrans trans, String user);
-
-
- /**
- *
- * @param trans
- * @param delegate
- * @return
- */
- public Result<DELGS> getDelegatesByDelegate(AuthzTrans trans, String delegate);
+ /**
+ *
+ * @param trans
+ * @param delegates
+ * @return
+ * @throws Exception
+ */
+ public Result<Void> createDelegate(AuthzTrans trans, REQUEST reqDelegate);
+
+ /**
+ *
+ * @param trans
+ * @param delegates
+ * @return
+ * @throws Exception
+ */
+ public Result<Void> updateDelegate(AuthzTrans trans, REQUEST reqDelegate);
+
+ /**
+ *
+ * @param trans
+ * @param userName
+ * @param delegate
+ * @return
+ * @throws Exception
+ */
+ public Result<Void> deleteDelegate(AuthzTrans trans, REQUEST reqDelegate);
+
+ /**
+ *
+ * @param trans
+ * @param userName
+ * @return
+ */
+ public Result<Void> deleteDelegate(AuthzTrans trans, String userName);
+
+ /**
+ *
+ * @param trans
+ * @param user
+ * @return
+ * @throws Exception
+ */
+ public Result<DELGS> getDelegatesByUser(AuthzTrans trans, String user);
+
+
+ /**
+ *
+ * @param trans
+ * @param delegate
+ * @return
+ */
+ public Result<DELGS> getDelegatesByDelegate(AuthzTrans trans, String delegate);
/***********************************
* APPROVAL
***********************************/
- /**
- *
- * @param trans
- * @param user
- * @param approver
- * @param status
- * @return
- */
- public Result<Void> updateApproval(AuthzTrans trans, APPROVALS approvals);
-
- /**
- *
- * @param trans
- * @param user
- * @return
- */
- public Result<APPROVALS> getApprovalsByUser(AuthzTrans trans, String user);
-
- /**
- *
- * @param trans
- * @param ticket
- * @return
- */
- public Result<APPROVALS> getApprovalsByTicket(AuthzTrans trans, String ticket);
-
- /**
- *
- * @param trans
- * @param approver
- * @return
- */
- public Result<APPROVALS> getApprovalsByApprover(AuthzTrans trans, String approver);
-
- /**
- *
- * @param trans
- * @param cname
- * @return
- */
- public Result<Void> cacheClear(AuthzTrans trans, String cname);
-
- /**
- *
- * @param trans
- * @param cname
- * @param segment
- * @return
- */
- public Result<Void> cacheClear(AuthzTrans trans, String cname, int[] segment);
-
- /**
- *
- * @param trans
- */
- public void dbReset(AuthzTrans trans);
+ /**
+ *
+ * @param trans
+ * @param user
+ * @param approver
+ * @param status
+ * @return
+ */
+ public Result<Void> updateApproval(AuthzTrans trans, APPROVALS approvals);
+
+ /**
+ *
+ * @param trans
+ * @param user
+ * @return
+ */
+ public Result<APPROVALS> getApprovalsByUser(AuthzTrans trans, String user);
+
+ /**
+ *
+ * @param trans
+ * @param ticket
+ * @return
+ */
+ public Result<APPROVALS> getApprovalsByTicket(AuthzTrans trans, String ticket);
+
+ /**
+ *
+ * @param trans
+ * @param approver
+ * @return
+ */
+ public Result<APPROVALS> getApprovalsByApprover(AuthzTrans trans, String approver);
+
+ /**
+ *
+ * @param trans
+ * @param cname
+ * @return
+ */
+ public Result<Void> cacheClear(AuthzTrans trans, String cname);
+
+ /**
+ *
+ * @param trans
+ * @param cname
+ * @param segment
+ * @return
+ */
+ public Result<Void> cacheClear(AuthzTrans trans, String cname, int[] segment);
+
+ /**
+ *
+ * @param trans
+ */
+ public void dbReset(AuthzTrans trans);
}
diff --git a/auth/auth-service/src/main/java/org/onap/aaf/auth/service/Code.java b/auth/auth-service/src/main/java/org/onap/aaf/auth/service/Code.java
index ba6e9d10..ac799f4e 100644
--- a/auth/auth-service/src/main/java/org/onap/aaf/auth/service/Code.java
+++ b/auth/auth-service/src/main/java/org/onap/aaf/auth/service/Code.java
@@ -26,19 +26,19 @@ import org.onap.aaf.auth.rserv.HttpCode;
import org.onap.aaf.auth.service.facade.AuthzFacade;
public abstract class Code extends HttpCode<AuthzTrans, AuthzFacade> implements Cloneable {
- public boolean useJSON;
+ public boolean useJSON;
- public Code(AuthzFacade facade, String description, boolean useJSON, String ... roles) {
- super(facade, description, roles);
- this.useJSON = useJSON;
- }
-
- public <D extends Code> D clone(AuthzFacade facade, boolean useJSON) throws Exception {
- @SuppressWarnings("unchecked")
- D d = (D)clone();
- d.useJSON = useJSON;
- d.context = facade;
- return d;
- }
-
+ public Code(AuthzFacade facade, String description, boolean useJSON, String ... roles) {
+ super(facade, description, roles);
+ this.useJSON = useJSON;
+ }
+
+ public <D extends Code> D clone(AuthzFacade facade, boolean useJSON) throws Exception {
+ @SuppressWarnings("unchecked")
+ D d = (D)clone();
+ d.useJSON = useJSON;
+ d.context = facade;
+ return d;
+ }
+
} \ No newline at end of file
diff --git a/auth/auth-service/src/main/java/org/onap/aaf/auth/service/MayChange.java b/auth/auth-service/src/main/java/org/onap/aaf/auth/service/MayChange.java
index 7df43a4c..a1ceb75a 100644
--- a/auth/auth-service/src/main/java/org/onap/aaf/auth/service/MayChange.java
+++ b/auth/auth-service/src/main/java/org/onap/aaf/auth/service/MayChange.java
@@ -29,5 +29,5 @@ import org.onap.aaf.auth.layer.Result;
*
*/
public interface MayChange {
- public Result<?> mayChange();
+ public Result<?> mayChange();
}
diff --git a/auth/auth-service/src/main/java/org/onap/aaf/auth/service/api/API_Api.java b/auth/auth-service/src/main/java/org/onap/aaf/auth/service/api/API_Api.java
index 79dda326..5213a6e9 100644
--- a/auth/auth-service/src/main/java/org/onap/aaf/auth/service/api/API_Api.java
+++ b/auth/auth-service/src/main/java/org/onap/aaf/auth/service/api/API_Api.java
@@ -40,53 +40,53 @@ import org.onap.aaf.cadi.Symm;
*
*/
public class API_Api {
- // Hide Public Constructor
- private API_Api() {}
-
- /**
- * Normal Init level APIs
- *
- * @param authzAPI
- * @param facade
- * @throws Exception
- */
- public static void init(final AAF_Service authzAPI, AuthzFacade facade) throws Exception {
- ////////
- // Overall APIs
- ///////
- authzAPI.route(HttpMethods.GET,"/api",API.API,new Code(facade,"Document API", true) {
- @Override
- public void handle(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp) throws Exception {
- Result<Void> r = context.getAPI(trans,resp,authzAPI);
- if(r.isOK()) {
- resp.setStatus(HttpStatus.OK_200);
- } else {
- context.error(trans,resp,r);
- }
- }
- });
+ // Hide Public Constructor
+ private API_Api() {}
+
+ /**
+ * Normal Init level APIs
+ *
+ * @param authzAPI
+ * @param facade
+ * @throws Exception
+ */
+ public static void init(final AAF_Service authzAPI, AuthzFacade facade) throws Exception {
+ ////////
+ // Overall APIs
+ ///////
+ authzAPI.route(HttpMethods.GET,"/api",API.API,new Code(facade,"Document API", true) {
+ @Override
+ public void handle(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp) throws Exception {
+ Result<Void> r = context.getAPI(trans,resp,authzAPI);
+ if(r.isOK()) {
+ resp.setStatus(HttpStatus.OK_200);
+ } else {
+ context.error(trans,resp,r);
+ }
+ }
+ });
- ////////
- // Overall Examples
- ///////
- authzAPI.route(HttpMethods.GET,"/api/example/*",API.VOID,new Code(facade,"Document API", true) {
- @Override
- public void handle(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp) throws Exception {
- String pathInfo = req.getPathInfo();
- int question = pathInfo.lastIndexOf('?');
-
- pathInfo = pathInfo.substring(13, question<0?pathInfo.length():question);// IMPORTANT, this is size of "/api/example/"
- String nameOrContextType=Symm.base64noSplit.decode(pathInfo);
- Result<Void> r = context.getAPIExample(trans,resp,nameOrContextType,
- question>=0 && "optional=true".equalsIgnoreCase(req.getPathInfo().substring(question+1))
- );
- if(r.isOK()) {
- resp.setStatus(HttpStatus.OK_200);
- } else {
- context.error(trans,resp,r);
- }
- }
- });
+ ////////
+ // Overall Examples
+ ///////
+ authzAPI.route(HttpMethods.GET,"/api/example/*",API.VOID,new Code(facade,"Document API", true) {
+ @Override
+ public void handle(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp) throws Exception {
+ String pathInfo = req.getPathInfo();
+ int question = pathInfo.lastIndexOf('?');
+
+ pathInfo = pathInfo.substring(13, question<0?pathInfo.length():question);// IMPORTANT, this is size of "/api/example/"
+ String nameOrContextType=Symm.base64noSplit.decode(pathInfo);
+ Result<Void> r = context.getAPIExample(trans,resp,nameOrContextType,
+ question>=0 && "optional=true".equalsIgnoreCase(req.getPathInfo().substring(question+1))
+ );
+ if(r.isOK()) {
+ resp.setStatus(HttpStatus.OK_200);
+ } else {
+ context.error(trans,resp,r);
+ }
+ }
+ });
- }
+ }
}
diff --git a/auth/auth-service/src/main/java/org/onap/aaf/auth/service/api/API_Approval.java b/auth/auth-service/src/main/java/org/onap/aaf/auth/service/api/API_Approval.java
index e0c07684..c0836038 100644
--- a/auth/auth-service/src/main/java/org/onap/aaf/auth/service/api/API_Approval.java
+++ b/auth/auth-service/src/main/java/org/onap/aaf/auth/service/api/API_Approval.java
@@ -36,71 +36,71 @@ import org.onap.aaf.auth.service.facade.AuthzFacade;
import org.onap.aaf.auth.service.mapper.Mapper.API;
public class API_Approval {
- // Hide Public Constructor
- private API_Approval() {}
-
- public static void init(AAF_Service authzAPI, AuthzFacade facade) throws Exception {
+ // Hide Public Constructor
+ private API_Approval() {}
+
+ public static void init(AAF_Service authzAPI, AuthzFacade facade) throws Exception {
- /**
- * Get Approvals by User
- */
- authzAPI.route(GET, "/authz/approval/user/:user",API.APPROVALS,
- new Code(facade,"Get Approvals by User", true) {
- @Override
- public void handle(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp) throws Exception {
- Result<Void> r = context.getApprovalsByUser(trans, resp, pathParam(req,"user"));
- if(r.isOK()) {
- resp.setStatus(HttpStatus.OK_200);
- } else {
- context.error(trans,resp,r);
- }
- }
- });
+ /**
+ * Get Approvals by User
+ */
+ authzAPI.route(GET, "/authz/approval/user/:user",API.APPROVALS,
+ new Code(facade,"Get Approvals by User", true) {
+ @Override
+ public void handle(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp) throws Exception {
+ Result<Void> r = context.getApprovalsByUser(trans, resp, pathParam(req,"user"));
+ if(r.isOK()) {
+ resp.setStatus(HttpStatus.OK_200);
+ } else {
+ context.error(trans,resp,r);
+ }
+ }
+ });
- /**
- * Get Approvals by Ticket
- */
- authzAPI.route(GET, "/authz/approval/ticket/:ticket",API.APPROVALS,new Code(facade,"Get Approvals by Ticket ", true) {
- @Override
- public void handle(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp) throws Exception {
- Result<Void> r = context.getApprovalsByTicket(trans, resp, pathParam(req,"ticket"));
- if(r.isOK()) {
- resp.setStatus(HttpStatus.OK_200);
- } else {
- context.error(trans,resp,r);
- }
- }
- });
+ /**
+ * Get Approvals by Ticket
+ */
+ authzAPI.route(GET, "/authz/approval/ticket/:ticket",API.APPROVALS,new Code(facade,"Get Approvals by Ticket ", true) {
+ @Override
+ public void handle(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp) throws Exception {
+ Result<Void> r = context.getApprovalsByTicket(trans, resp, pathParam(req,"ticket"));
+ if(r.isOK()) {
+ resp.setStatus(HttpStatus.OK_200);
+ } else {
+ context.error(trans,resp,r);
+ }
+ }
+ });
- /**
- * Get Approvals by Approver
- */
- authzAPI.route(GET, "/authz/approval/approver/:approver",API.APPROVALS,new Code(facade,"Get Approvals by Approver", true) {
- @Override
- public void handle(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp) throws Exception {
- Result<Void> r = context.getApprovalsByApprover(trans, resp, pathParam(req,"approver"));
- if(r.isOK()) {
- resp.setStatus(HttpStatus.OK_200);
- } else {
- context.error(trans,resp,r);
- }
- }
- });
+ /**
+ * Get Approvals by Approver
+ */
+ authzAPI.route(GET, "/authz/approval/approver/:approver",API.APPROVALS,new Code(facade,"Get Approvals by Approver", true) {
+ @Override
+ public void handle(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp) throws Exception {
+ Result<Void> r = context.getApprovalsByApprover(trans, resp, pathParam(req,"approver"));
+ if(r.isOK()) {
+ resp.setStatus(HttpStatus.OK_200);
+ } else {
+ context.error(trans,resp,r);
+ }
+ }
+ });
- /**
- * Update an approval
- */
- authzAPI.route(PUT, "/authz/approval",API.APPROVALS,new Code(facade,"Update approvals", true) {
- @Override
- public void handle(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp) throws Exception {
- Result<Void> r = context.updateApproval(trans, req, resp);
- if(r.isOK()) {
- resp.setStatus(HttpStatus.OK_200);
- } else {
- context.error(trans,resp,r);
- }
- }
- });
- }
+ /**
+ * Update an approval
+ */
+ authzAPI.route(PUT, "/authz/approval",API.APPROVALS,new Code(facade,"Update approvals", true) {
+ @Override
+ public void handle(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp) throws Exception {
+ Result<Void> r = context.updateApproval(trans, req, resp);
+ if(r.isOK()) {
+ resp.setStatus(HttpStatus.OK_200);
+ } else {
+ context.error(trans,resp,r);
+ }
+ }
+ });
+ }
}
diff --git a/auth/auth-service/src/main/java/org/onap/aaf/auth/service/api/API_Creds.java b/auth/auth-service/src/main/java/org/onap/aaf/auth/service/api/API_Creds.java
index 390c3089..68e0f145 100644
--- a/auth/auth-service/src/main/java/org/onap/aaf/auth/service/api/API_Creds.java
+++ b/auth/auth-service/src/main/java/org/onap/aaf/auth/service/api/API_Creds.java
@@ -56,245 +56,245 @@ import org.onap.aaf.misc.env.TimeTaken;
*
*/
public class API_Creds {
- // Hide Public Interface
- private API_Creds() {}
- // needed to validate Creds even when already Authenticated x509
- /**
- * TIME SENSITIVE APIs
- *
- * These will be first in the list
- *
- * @param env
- * @param authzAPI
- * @param facade
- * @param directAAFUserPass
- * @throws Exception
- */
- public static void timeSensitiveInit(Env env, AAF_Service authzAPI, AuthzFacade facade, final DirectAAFUserPass directAAFUserPass) throws Exception {
- /**
- * Basic Auth, quick Validation
- *
- * Responds OK or NotAuthorized
- */
- authzAPI.route(env, HttpMethods.GET, "/authn/basicAuth", new Code(facade,"Is given BasicAuth valid?",true) {
- @Override
- public void handle(
- AuthzTrans trans,
- HttpServletRequest req,
- HttpServletResponse resp) throws Exception {
+ // Hide Public Interface
+ private API_Creds() {}
+ // needed to validate Creds even when already Authenticated x509
+ /**
+ * TIME SENSITIVE APIs
+ *
+ * These will be first in the list
+ *
+ * @param env
+ * @param authzAPI
+ * @param facade
+ * @param directAAFUserPass
+ * @throws Exception
+ */
+ public static void timeSensitiveInit(Env env, AAF_Service authzAPI, AuthzFacade facade, final DirectAAFUserPass directAAFUserPass) throws Exception {
+ /**
+ * Basic Auth, quick Validation
+ *
+ * Responds OK or NotAuthorized
+ */
+ authzAPI.route(env, HttpMethods.GET, "/authn/basicAuth", new Code(facade,"Is given BasicAuth valid?",true) {
+ @Override
+ public void handle(
+ AuthzTrans trans,
+ HttpServletRequest req,
+ HttpServletResponse resp) throws Exception {
- Principal p = trans.getUserPrincipal();
- if (p instanceof BasicPrincipal) {
- // the idea is that if call is made with this credential, and it's a BasicPrincipal, it's ok
- // otherwise, it wouldn't have gotten here.
- resp.setStatus(HttpStatus.OK_200);
- } else if (p instanceof X509Principal) {
- // have to check Basic Auth here, because it might be CSP.
- String authz = req.getHeader("Authorization");
- if(authz.startsWith("Basic ")) {
- BasicHttpTaf bht = ((X509Principal)p).getBasicHttpTaf();
- if(bht!=null) {
- BasicPrincipal bp = new BasicPrincipal(authz,"");
- CredVal cv = bht.getCredVal(bp.getDomain());
- if(cv!=null) {
- if(cv.validate(bp.getName(), Type.PASSWORD, bp.getCred(), null) ) {
- resp.setStatus(HttpStatus.OK_200);
- } else {
- resp.setStatus(HttpStatus.FORBIDDEN_403);
- }
- }
- } else {
- String decoded = Symm.base64noSplit.decode(authz.substring(6));
- int colon = decoded.indexOf(':');
- TimeTaken tt = trans.start("Direct Validation", Env.REMOTE);
- try {
- if(directAAFUserPass.validate(
- decoded.substring(0,colon),
- CredVal.Type.PASSWORD ,
- decoded.substring(colon+1).getBytes(),trans)) {
-
- resp.setStatus(HttpStatus.OK_200);
- } else {
- // DME2 at this version crashes without some sort of response
- resp.getOutputStream().print("");
- resp.setStatus(HttpStatus.FORBIDDEN_403);
- }
- } finally {
- tt.done();
- }
- }
- }
- } else if(p == null) {
- trans.error().log("Transaction not Authenticated... no Principal");
- resp.setStatus(HttpStatus.FORBIDDEN_403);
- } else {
- trans.checkpoint("Basic Auth Check Failed: This wasn't a Basic Auth Trans");
- // For Auth Security questions, we don't give any info to client on why failed
- resp.setStatus(HttpStatus.FORBIDDEN_403);
- }
- }
- },"text/plain","*/*","*");
-
- /**
- * returns whether a given Credential is valid
- */
- authzAPI.route(POST, "/authn/validate", API.CRED_REQ, new Code(facade,"Is given Credential valid?",true) {
- @Override
- public void handle(
- AuthzTrans trans,
- HttpServletRequest req,
- HttpServletResponse resp) throws Exception {
-
- Result<Date> r = context.doesCredentialMatch(trans, req, resp);
- if(r.isOK()) {
- resp.setStatus(HttpStatus.OK_200);
- } else {
- // For Security, we don't give any info out on why failed, other than forbidden
- // Can't do "401", because that is on the call itself
- resp.setStatus(HttpStatus.FORBIDDEN_403);
- }
- }
- });
+ Principal p = trans.getUserPrincipal();
+ if (p instanceof BasicPrincipal) {
+ // the idea is that if call is made with this credential, and it's a BasicPrincipal, it's ok
+ // otherwise, it wouldn't have gotten here.
+ resp.setStatus(HttpStatus.OK_200);
+ } else if (p instanceof X509Principal) {
+ // have to check Basic Auth here, because it might be CSP.
+ String authz = req.getHeader("Authorization");
+ if(authz.startsWith("Basic ")) {
+ BasicHttpTaf bht = ((X509Principal)p).getBasicHttpTaf();
+ if(bht!=null) {
+ BasicPrincipal bp = new BasicPrincipal(authz,"");
+ CredVal cv = bht.getCredVal(bp.getDomain());
+ if(cv!=null) {
+ if(cv.validate(bp.getName(), Type.PASSWORD, bp.getCred(), null) ) {
+ resp.setStatus(HttpStatus.OK_200);
+ } else {
+ resp.setStatus(HttpStatus.FORBIDDEN_403);
+ }
+ }
+ } else {
+ String decoded = Symm.base64noSplit.decode(authz.substring(6));
+ int colon = decoded.indexOf(':');
+ TimeTaken tt = trans.start("Direct Validation", Env.REMOTE);
+ try {
+ if(directAAFUserPass.validate(
+ decoded.substring(0,colon),
+ CredVal.Type.PASSWORD ,
+ decoded.substring(colon+1).getBytes(),trans)) {
+
+ resp.setStatus(HttpStatus.OK_200);
+ } else {
+ // DME2 at this version crashes without some sort of response
+ resp.getOutputStream().print("");
+ resp.setStatus(HttpStatus.FORBIDDEN_403);
+ }
+ } finally {
+ tt.done();
+ }
+ }
+ }
+ } else if(p == null) {
+ trans.error().log("Transaction not Authenticated... no Principal");
+ resp.setStatus(HttpStatus.FORBIDDEN_403);
+ } else {
+ trans.checkpoint("Basic Auth Check Failed: This wasn't a Basic Auth Trans");
+ // For Auth Security questions, we don't give any info to client on why failed
+ resp.setStatus(HttpStatus.FORBIDDEN_403);
+ }
+ }
+ },"text/plain","*/*","*");
+
+ /**
+ * returns whether a given Credential is valid
+ */
+ authzAPI.route(POST, "/authn/validate", API.CRED_REQ, new Code(facade,"Is given Credential valid?",true) {
+ @Override
+ public void handle(
+ AuthzTrans trans,
+ HttpServletRequest req,
+ HttpServletResponse resp) throws Exception {
+
+ Result<Date> r = context.doesCredentialMatch(trans, req, resp);
+ if(r.isOK()) {
+ resp.setStatus(HttpStatus.OK_200);
+ } else {
+ // For Security, we don't give any info out on why failed, other than forbidden
+ // Can't do "401", because that is on the call itself
+ resp.setStatus(HttpStatus.FORBIDDEN_403);
+ }
+ }
+ });
- /**
- * returns whether a given Credential is valid
- */
- authzAPI.route(GET, "/authn/cert/id/:id", API.CERTS, new Code(facade,"Get Cert Info by ID",true) {
- @Override
- public void handle(
- AuthzTrans trans,
- HttpServletRequest req,
- HttpServletResponse resp) throws Exception {
-
- Result<Void> r = context.getCertInfoByID(trans, req, resp, pathParam(req,":id") );
- if(r.isOK()) {
- resp.setStatus(HttpStatus.OK_200);
- } else {
- // For Security, we don't give any info out on why failed, other than forbidden
- resp.setStatus(HttpStatus.FORBIDDEN_403);
- }
- }
- });
+ /**
+ * returns whether a given Credential is valid
+ */
+ authzAPI.route(GET, "/authn/cert/id/:id", API.CERTS, new Code(facade,"Get Cert Info by ID",true) {
+ @Override
+ public void handle(
+ AuthzTrans trans,
+ HttpServletRequest req,
+ HttpServletResponse resp) throws Exception {
+
+ Result<Void> r = context.getCertInfoByID(trans, req, resp, pathParam(req,":id") );
+ if(r.isOK()) {
+ resp.setStatus(HttpStatus.OK_200);
+ } else {
+ // For Security, we don't give any info out on why failed, other than forbidden
+ resp.setStatus(HttpStatus.FORBIDDEN_403);
+ }
+ }
+ });
- }
-
- /**
- * Normal Init level APIs
- *
- * @param authzAPI
- * @param facade
- * @throws Exception
- */
- public static void init(AAF_Service authzAPI, AuthzFacade facade) throws Exception {
- /**
- * Create a new ID/Credential
- */
- authzAPI.route(POST,"/authn/cred",API.CRED_REQ,new Code(facade,"Add a New ID/Credential", true) {
- @Override
- public void handle(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp) throws Exception { Result<Void> r = context.createUserCred(trans, req);
- if(r.isOK()) {
- resp.setStatus(HttpStatus.CREATED_201);
- } else {
- context.error(trans,resp,r);
- }
- }
- });
-
- /**
- * gets all credentials by Namespace
- */
- authzAPI.route(GET, "/authn/creds/ns/:ns", API.USERS, new Code(facade,"Get Creds for a Namespace",true) {
- @Override
- public void handle(
- AuthzTrans trans,
- HttpServletRequest req,
- HttpServletResponse resp) throws Exception {
-
- Result<Void> r = context.getCredsByNS(trans, resp, pathParam(req, "ns"));
- if(r.isOK()) {
- resp.setStatus(HttpStatus.OK_200);
- } else {
- context.error(trans,resp,r);
- }
- }
+ }
+
+ /**
+ * Normal Init level APIs
+ *
+ * @param authzAPI
+ * @param facade
+ * @throws Exception
+ */
+ public static void init(AAF_Service authzAPI, AuthzFacade facade) throws Exception {
+ /**
+ * Create a new ID/Credential
+ */
+ authzAPI.route(POST,"/authn/cred",API.CRED_REQ,new Code(facade,"Add a New ID/Credential", true) {
+ @Override
+ public void handle(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp) throws Exception { Result<Void> r = context.createUserCred(trans, req);
+ if(r.isOK()) {
+ resp.setStatus(HttpStatus.CREATED_201);
+ } else {
+ context.error(trans,resp,r);
+ }
+ }
+ });
+
+ /**
+ * gets all credentials by Namespace
+ */
+ authzAPI.route(GET, "/authn/creds/ns/:ns", API.USERS, new Code(facade,"Get Creds for a Namespace",true) {
+ @Override
+ public void handle(
+ AuthzTrans trans,
+ HttpServletRequest req,
+ HttpServletResponse resp) throws Exception {
+
+ Result<Void> r = context.getCredsByNS(trans, resp, pathParam(req, "ns"));
+ if(r.isOK()) {
+ resp.setStatus(HttpStatus.OK_200);
+ } else {
+ context.error(trans,resp,r);
+ }
+ }
- });
-
- /**
- * gets all credentials by ID
- */
- authzAPI.route(GET, "/authn/creds/id/:id", API.USERS, new Code(facade,"Get Creds by ID",true) {
- @Override
- public void handle(
- AuthzTrans trans,
- HttpServletRequest req,
- HttpServletResponse resp) throws Exception {
-
- Result<Void> r = context.getCredsByID(trans, resp, pathParam(req, "id"));
- if(r.isOK()) {
- resp.setStatus(HttpStatus.OK_200);
- } else {
- context.error(trans,resp,r);
- }
- }
+ });
+
+ /**
+ * gets all credentials by ID
+ */
+ authzAPI.route(GET, "/authn/creds/id/:id", API.USERS, new Code(facade,"Get Creds by ID",true) {
+ @Override
+ public void handle(
+ AuthzTrans trans,
+ HttpServletRequest req,
+ HttpServletResponse resp) throws Exception {
+
+ Result<Void> r = context.getCredsByID(trans, resp, pathParam(req, "id"));
+ if(r.isOK()) {
+ resp.setStatus(HttpStatus.OK_200);
+ } else {
+ context.error(trans,resp,r);
+ }
+ }
- });
+ });
- /**
- * Update ID/Credential (aka reset)
- */
- authzAPI.route(PUT,"/authn/cred",API.CRED_REQ,new Code(facade,"Update an ID/Credential", true) {
- @Override
- public void handle(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp) throws Exception {
-
- Result<Void> r = context.changeUserCred(trans, req);
- if(r.isOK()) {
- resp.setStatus(HttpStatus.OK_200);
- } else {
- context.error(trans,resp,r);
- }
- }
- });
+ /**
+ * Update ID/Credential (aka reset)
+ */
+ authzAPI.route(PUT,"/authn/cred",API.CRED_REQ,new Code(facade,"Update an ID/Credential", true) {
+ @Override
+ public void handle(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp) throws Exception {
+
+ Result<Void> r = context.changeUserCred(trans, req);
+ if(r.isOK()) {
+ resp.setStatus(HttpStatus.OK_200);
+ } else {
+ context.error(trans,resp,r);
+ }
+ }
+ });
- /**
- * Extend ID/Credential
- * This behavior will accelerate getting out of P1 outages due to ignoring renewal requests, or
- * other expiration issues.
- *
- * Scenario is that people who are solving Password problems at night, are not necessarily those who
- * know what the passwords are supposed to be. Also, changing Password, without changing Configurations
- * using that password only exacerbates the P1 Issue.
- */
- authzAPI.route(PUT,"/authn/cred/:days",API.CRED_REQ,new Code(facade,"Extend an ID/Credential", true) {
- @Override
- public void handle(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp) throws Exception {
- Result<Void> r = context.extendUserCred(trans, req, pathParam(req, "days"));
- if(r.isOK()) {
- resp.setStatus(HttpStatus.OK_200);
- } else {
- context.error(trans,resp,r);
- }
- }
- });
+ /**
+ * Extend ID/Credential
+ * This behavior will accelerate getting out of P1 outages due to ignoring renewal requests, or
+ * other expiration issues.
+ *
+ * Scenario is that people who are solving Password problems at night, are not necessarily those who
+ * know what the passwords are supposed to be. Also, changing Password, without changing Configurations
+ * using that password only exacerbates the P1 Issue.
+ */
+ authzAPI.route(PUT,"/authn/cred/:days",API.CRED_REQ,new Code(facade,"Extend an ID/Credential", true) {
+ @Override
+ public void handle(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp) throws Exception {
+ Result<Void> r = context.extendUserCred(trans, req, pathParam(req, "days"));
+ if(r.isOK()) {
+ resp.setStatus(HttpStatus.OK_200);
+ } else {
+ context.error(trans,resp,r);
+ }
+ }
+ });
- /**
- * Delete a ID/Credential by Object
- */
- authzAPI.route(DELETE,"/authn/cred",API.CRED_REQ,new Code(facade,"Delete a Credential", true) {
- @Override
- public void handle(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp) throws Exception {
- Result<Void> r = context.deleteUserCred(trans, req);
- if(r.isOK()) {
- resp.setStatus(HttpStatus.OK_200);
- } else {
- context.error(trans,resp,r);
- }
- }
- });
+ /**
+ * Delete a ID/Credential by Object
+ */
+ authzAPI.route(DELETE,"/authn/cred",API.CRED_REQ,new Code(facade,"Delete a Credential", true) {
+ @Override
+ public void handle(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp) throws Exception {
+ Result<Void> r = context.deleteUserCred(trans, req);
+ if(r.isOK()) {
+ resp.setStatus(HttpStatus.OK_200);
+ } else {
+ context.error(trans,resp,r);
+ }
+ }
+ });
- }
+ }
}
diff --git a/auth/auth-service/src/main/java/org/onap/aaf/auth/service/api/API_Delegate.java b/auth/auth-service/src/main/java/org/onap/aaf/auth/service/api/API_Delegate.java
index 067c9192..ec1824b1 100644
--- a/auth/auth-service/src/main/java/org/onap/aaf/auth/service/api/API_Delegate.java
+++ b/auth/auth-service/src/main/java/org/onap/aaf/auth/service/api/API_Delegate.java
@@ -39,114 +39,114 @@ import org.onap.aaf.auth.service.facade.AuthzFacade;
import org.onap.aaf.auth.service.mapper.Mapper.API;
public class API_Delegate {
- public static void init(AAF_Service authzAPI, AuthzFacade facade) throws Exception {
- /**
- * Add a delegate
- */
- authzAPI.route(POST, "/authz/delegate",API.DELG_REQ,new Code(facade,"Add a Delegate", true) {
+ public static void init(AAF_Service authzAPI, AuthzFacade facade) throws Exception {
+ /**
+ * Add a delegate
+ */
+ authzAPI.route(POST, "/authz/delegate",API.DELG_REQ,new Code(facade,"Add a Delegate", true) {
- @Override
- public void handle(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp) throws Exception {
- Result<Void> r = context.createDelegate(trans, req, resp);
- switch(r.status) {
- case OK:
- resp.setStatus(HttpStatus.CREATED_201);
- break;
- default:
- context.error(trans,resp,r);
- }
- }
- });
-
- /**
- * Update a delegate
- */
- authzAPI.route(PUT, "/authz/delegate",API.DELG_REQ,new Code(facade,"Update a Delegate", true) {
+ @Override
+ public void handle(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp) throws Exception {
+ Result<Void> r = context.createDelegate(trans, req, resp);
+ switch(r.status) {
+ case OK:
+ resp.setStatus(HttpStatus.CREATED_201);
+ break;
+ default:
+ context.error(trans,resp,r);
+ }
+ }
+ });
+
+ /**
+ * Update a delegate
+ */
+ authzAPI.route(PUT, "/authz/delegate",API.DELG_REQ,new Code(facade,"Update a Delegate", true) {
- @Override
- public void handle(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp) throws Exception {
- Result<Void> r = context.updateDelegate(trans, req, resp);
- switch(r.status) {
- case OK:
- resp.setStatus(HttpStatus.OK_200);
- break;
- default:
- context.error(trans,resp,r);
- }
- }
- });
-
- /**
- * DELETE delegates for a user
- */
- authzAPI.route(DELETE, "/authz/delegate",API.DELG_REQ,new Code(facade,"Delete delegates for a user", true) {
+ @Override
+ public void handle(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp) throws Exception {
+ Result<Void> r = context.updateDelegate(trans, req, resp);
+ switch(r.status) {
+ case OK:
+ resp.setStatus(HttpStatus.OK_200);
+ break;
+ default:
+ context.error(trans,resp,r);
+ }
+ }
+ });
+
+ /**
+ * DELETE delegates for a user
+ */
+ authzAPI.route(DELETE, "/authz/delegate",API.DELG_REQ,new Code(facade,"Delete delegates for a user", true) {
- @Override
- public void handle(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp) throws Exception {
- Result<Void> r = context.deleteDelegate(trans, req, resp);
- switch(r.status) {
- case OK:
- resp.setStatus(HttpStatus.OK_200);
- break;
- default:
- context.error(trans,resp,r);
- }
- }
- });
-
- /**
- * DELETE a delegate
- */
- authzAPI.route(DELETE, "/authz/delegate/:user_name",API.VOID,new Code(facade,"Delete a Delegate", true) {
+ @Override
+ public void handle(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp) throws Exception {
+ Result<Void> r = context.deleteDelegate(trans, req, resp);
+ switch(r.status) {
+ case OK:
+ resp.setStatus(HttpStatus.OK_200);
+ break;
+ default:
+ context.error(trans,resp,r);
+ }
+ }
+ });
+
+ /**
+ * DELETE a delegate
+ */
+ authzAPI.route(DELETE, "/authz/delegate/:user_name",API.VOID,new Code(facade,"Delete a Delegate", true) {
- @Override
- public void handle(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp) throws Exception {
- Result<Void> r = context.deleteDelegate(trans, pathParam(req, "user_name"));
- switch(r.status) {
- case OK:
- resp.setStatus(HttpStatus.OK_200);
- break;
- default:
- context.error(trans,resp,r);
- }
- }
- });
-
- /**
- * Read who is delegating for User
- */
- authzAPI.route(GET, "/authz/delegates/user/:user",API.DELGS,new Code(facade,"Get Delegates by User", true) {
+ @Override
+ public void handle(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp) throws Exception {
+ Result<Void> r = context.deleteDelegate(trans, pathParam(req, "user_name"));
+ switch(r.status) {
+ case OK:
+ resp.setStatus(HttpStatus.OK_200);
+ break;
+ default:
+ context.error(trans,resp,r);
+ }
+ }
+ });
+
+ /**
+ * Read who is delegating for User
+ */
+ authzAPI.route(GET, "/authz/delegates/user/:user",API.DELGS,new Code(facade,"Get Delegates by User", true) {
- @Override
- public void handle(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp) throws Exception {
- Result<Void> r = context.getDelegatesByUser(trans, pathParam(req, "user"), resp);
- switch(r.status) {
- case OK:
- resp.setStatus(HttpStatus.OK_200);
- break;
- default:
- context.error(trans,resp,r);
- }
- }
- });
+ @Override
+ public void handle(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp) throws Exception {
+ Result<Void> r = context.getDelegatesByUser(trans, pathParam(req, "user"), resp);
+ switch(r.status) {
+ case OK:
+ resp.setStatus(HttpStatus.OK_200);
+ break;
+ default:
+ context.error(trans,resp,r);
+ }
+ }
+ });
- /**
- * Read for whom the User is delegating
- */
- authzAPI.route(GET, "/authz/delegates/delegate/:delegate",API.DELGS,new Code(facade,"Get Delegates by Delegate", true) {
+ /**
+ * Read for whom the User is delegating
+ */
+ authzAPI.route(GET, "/authz/delegates/delegate/:delegate",API.DELGS,new Code(facade,"Get Delegates by Delegate", true) {
- @Override
- public void handle(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp) throws Exception {
- Result<Void> r = context.getDelegatesByDelegate(trans, pathParam(req, "delegate"), resp);
- switch(r.status) {
- case OK:
- resp.setStatus(HttpStatus.OK_200);
- break;
- default:
- context.error(trans,resp,r);
- }
- }
- });
+ @Override
+ public void handle(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp) throws Exception {
+ Result<Void> r = context.getDelegatesByDelegate(trans, pathParam(req, "delegate"), resp);
+ switch(r.status) {
+ case OK:
+ resp.setStatus(HttpStatus.OK_200);
+ break;
+ default:
+ context.error(trans,resp,r);
+ }
+ }
+ });
- }
+ }
}
diff --git a/auth/auth-service/src/main/java/org/onap/aaf/auth/service/api/API_History.java b/auth/auth-service/src/main/java/org/onap/aaf/auth/service/api/API_History.java
index 9044e177..e0911937 100644
--- a/auth/auth-service/src/main/java/org/onap/aaf/auth/service/api/API_History.java
+++ b/auth/auth-service/src/main/java/org/onap/aaf/auth/service/api/API_History.java
@@ -46,7 +46,7 @@ import org.onap.aaf.auth.service.mapper.Mapper.API;
* Pull certain types of History Info
*
* Specify yyyymm as
- * single - 201504
+ * single - 201504
* commas 201503,201504
* ranges 201501-201504
* combinations 201301,201401,201501-201504
@@ -55,185 +55,185 @@ import org.onap.aaf.auth.service.mapper.Mapper.API;
*
*/
public class API_History {
- /**
- * Normal Init level APIs
- *
- * @param authzAPI
- * @param facade
- * @throws Exception
- */
- public static void init(AAF_Service authzAPI, AuthzFacade facade) throws Exception {
- /**
- * Get History
- */
- authzAPI.route(GET,"/authz/hist/user/:user",API.HISTORY,new Code(facade,"Get History by User", true) {
- @Override
- public void handle(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp) throws Exception {
- int[] years;
- int descend;
- try {
- years = getYears(req);
- descend = decending(req);
- } catch(Exception e) {
- context.error(trans, resp, Result.err(Status.ERR_BadData, e.getMessage()));
- return;
- }
+ /**
+ * Normal Init level APIs
+ *
+ * @param authzAPI
+ * @param facade
+ * @throws Exception
+ */
+ public static void init(AAF_Service authzAPI, AuthzFacade facade) throws Exception {
+ /**
+ * Get History
+ */
+ authzAPI.route(GET,"/authz/hist/user/:user",API.HISTORY,new Code(facade,"Get History by User", true) {
+ @Override
+ public void handle(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp) throws Exception {
+ int[] years;
+ int descend;
+ try {
+ years = getYears(req);
+ descend = decending(req);
+ } catch(Exception e) {
+ context.error(trans, resp, Result.err(Status.ERR_BadData, e.getMessage()));
+ return;
+ }
- Result<Void> r = context.getHistoryByUser(trans, resp, pathParam(req,":user"),years,descend);
- switch(r.status) {
- case OK:
- resp.setStatus(HttpStatus.OK_200);
- break;
- default:
- context.error(trans,resp,r);
- }
- }
- });
+ Result<Void> r = context.getHistoryByUser(trans, resp, pathParam(req,":user"),years,descend);
+ switch(r.status) {
+ case OK:
+ resp.setStatus(HttpStatus.OK_200);
+ break;
+ default:
+ context.error(trans,resp,r);
+ }
+ }
+ });
- /**
- * Get History by NS
- */
- authzAPI.route(GET,"/authz/hist/ns/:ns",API.HISTORY,new Code(facade,"Get History by Namespace", true) {
- @Override
- public void handle(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp) throws Exception {
- int[] years;
- int descend;
- try {
- years = getYears(req);
- descend = decending(req);
- } catch(Exception e) {
- context.error(trans, resp, Result.err(Status.ERR_BadData, e.getMessage()));
- return;
- }
-
- Result<Void> r = context.getHistoryByNS(trans, resp, pathParam(req,":ns"),years,descend);
- switch(r.status) {
- case OK:
- resp.setStatus(HttpStatus.OK_200);
- break;
- default:
- context.error(trans,resp,r);
- }
- }
- });
+ /**
+ * Get History by NS
+ */
+ authzAPI.route(GET,"/authz/hist/ns/:ns",API.HISTORY,new Code(facade,"Get History by Namespace", true) {
+ @Override
+ public void handle(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp) throws Exception {
+ int[] years;
+ int descend;
+ try {
+ years = getYears(req);
+ descend = decending(req);
+ } catch(Exception e) {
+ context.error(trans, resp, Result.err(Status.ERR_BadData, e.getMessage()));
+ return;
+ }
+
+ Result<Void> r = context.getHistoryByNS(trans, resp, pathParam(req,":ns"),years,descend);
+ switch(r.status) {
+ case OK:
+ resp.setStatus(HttpStatus.OK_200);
+ break;
+ default:
+ context.error(trans,resp,r);
+ }
+ }
+ });
- /**
- * Get History by Role
- */
- authzAPI.route(GET,"/authz/hist/role/:role",API.HISTORY,new Code(facade,"Get History by Role", true) {
- @Override
- public void handle(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp) throws Exception {
- int[] years;
- int descend;
- try {
- years = getYears(req);
- descend = decending(req);
- } catch(Exception e) {
- context.error(trans, resp, Result.err(Status.ERR_BadData, e.getMessage()));
- return;
- }
+ /**
+ * Get History by Role
+ */
+ authzAPI.route(GET,"/authz/hist/role/:role",API.HISTORY,new Code(facade,"Get History by Role", true) {
+ @Override
+ public void handle(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp) throws Exception {
+ int[] years;
+ int descend;
+ try {
+ years = getYears(req);
+ descend = decending(req);
+ } catch(Exception e) {
+ context.error(trans, resp, Result.err(Status.ERR_BadData, e.getMessage()));
+ return;
+ }
- Result<Void> r = context.getHistoryByRole(trans, resp, pathParam(req,":role"),years,descend);
- switch(r.status) {
- case OK:
- resp.setStatus(HttpStatus.OK_200);
- break;
- default:
- context.error(trans,resp,r);
- }
- }
- });
+ Result<Void> r = context.getHistoryByRole(trans, resp, pathParam(req,":role"),years,descend);
+ switch(r.status) {
+ case OK:
+ resp.setStatus(HttpStatus.OK_200);
+ break;
+ default:
+ context.error(trans,resp,r);
+ }
+ }
+ });
- /**
- * Get History by Perm Type
- */
- authzAPI.route(GET,"/authz/hist/perm/:type",API.HISTORY,new Code(facade,"Get History by Perm Type", true) {
- @Override
- public void handle(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp) throws Exception {
- int[] years;
- int descend;
- try {
- years = getYears(req);
- descend = decending(req);
- } catch(Exception e) {
- context.error(trans, resp, Result.err(Status.ERR_BadData, e.getMessage()));
- return;
- }
-
- Result<Void> r = context.getHistoryByPerm(trans, resp, pathParam(req,":type"),years,descend);
- switch(r.status) {
- case OK:
- resp.setStatus(HttpStatus.OK_200);
- break;
- default:
- context.error(trans,resp,r);
- }
- }
- });
- }
+ /**
+ * Get History by Perm Type
+ */
+ authzAPI.route(GET,"/authz/hist/perm/:type",API.HISTORY,new Code(facade,"Get History by Perm Type", true) {
+ @Override
+ public void handle(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp) throws Exception {
+ int[] years;
+ int descend;
+ try {
+ years = getYears(req);
+ descend = decending(req);
+ } catch(Exception e) {
+ context.error(trans, resp, Result.err(Status.ERR_BadData, e.getMessage()));
+ return;
+ }
+
+ Result<Void> r = context.getHistoryByPerm(trans, resp, pathParam(req,":type"),years,descend);
+ switch(r.status) {
+ case OK:
+ resp.setStatus(HttpStatus.OK_200);
+ break;
+ default:
+ context.error(trans,resp,r);
+ }
+ }
+ });
+ }
- // Check if Ascending
- private static int decending(HttpServletRequest req) {
- if("true".equalsIgnoreCase(req.getParameter("desc")))return -1;
- if("true".equalsIgnoreCase(req.getParameter("asc")))return 1;
- return 0;
- }
-
- // Get Common "yyyymm" parameter, or none
-
- private static int[] getYears(HttpServletRequest req) throws NumberFormatException {
- // Sonar says threading issues.
- SimpleDateFormat FMT = new SimpleDateFormat("yyyyMM");
- String yyyymm = req.getParameter("yyyymm");
- ArrayList<Integer> ai= new ArrayList<>();
- if(yyyymm==null) {
- GregorianCalendar gc = new GregorianCalendar();
- // three months is the default
- for(int i=0;i<3;++i) {
- ai.add(Integer.parseInt(FMT.format(gc.getTime())));
- gc.add(GregorianCalendar.MONTH, -1);
- }
- } else {
- for(String ym : yyyymm.split(",")) {
- String range[] = ym.split("\\s*-\\s*");
- switch(range.length) {
- case 0:
- break;
- case 1:
- if(!ym.endsWith("-")) {
- ai.add(getNum(ym));
- break;
- } else {
- range=new String[] {ym.substring(0, 6),FMT.format(new Date())};
- }
- default:
- GregorianCalendar gc = new GregorianCalendar();
- gc.set(GregorianCalendar.MONTH, Integer.parseInt(range[1].substring(4,6))-1);
- gc.set(GregorianCalendar.YEAR, Integer.parseInt(range[1].substring(0,4)));
- int end = getNum(FMT.format(gc.getTime()));
-
- gc.set(GregorianCalendar.MONTH, Integer.parseInt(range[0].substring(4,6))-1);
- gc.set(GregorianCalendar.YEAR, Integer.parseInt(range[0].substring(0,4)));
- for(int i=getNum(FMT.format(gc.getTime()));i<=end;gc.add(GregorianCalendar.MONTH, 1),i=getNum(FMT.format(gc.getTime()))) {
- ai.add(i);
- }
+ // Check if Ascending
+ private static int decending(HttpServletRequest req) {
+ if("true".equalsIgnoreCase(req.getParameter("desc")))return -1;
+ if("true".equalsIgnoreCase(req.getParameter("asc")))return 1;
+ return 0;
+ }
+
+ // Get Common "yyyymm" parameter, or none
+
+ private static int[] getYears(HttpServletRequest req) throws NumberFormatException {
+ // Sonar says threading issues.
+ SimpleDateFormat FMT = new SimpleDateFormat("yyyyMM");
+ String yyyymm = req.getParameter("yyyymm");
+ ArrayList<Integer> ai= new ArrayList<>();
+ if(yyyymm==null) {
+ GregorianCalendar gc = new GregorianCalendar();
+ // three months is the default
+ for(int i=0;i<3;++i) {
+ ai.add(Integer.parseInt(FMT.format(gc.getTime())));
+ gc.add(GregorianCalendar.MONTH, -1);
+ }
+ } else {
+ for(String ym : yyyymm.split(",")) {
+ String range[] = ym.split("\\s*-\\s*");
+ switch(range.length) {
+ case 0:
+ break;
+ case 1:
+ if(!ym.endsWith("-")) {
+ ai.add(getNum(ym));
+ break;
+ } else {
+ range=new String[] {ym.substring(0, 6),FMT.format(new Date())};
+ }
+ default:
+ GregorianCalendar gc = new GregorianCalendar();
+ gc.set(GregorianCalendar.MONTH, Integer.parseInt(range[1].substring(4,6))-1);
+ gc.set(GregorianCalendar.YEAR, Integer.parseInt(range[1].substring(0,4)));
+ int end = getNum(FMT.format(gc.getTime()));
+
+ gc.set(GregorianCalendar.MONTH, Integer.parseInt(range[0].substring(4,6))-1);
+ gc.set(GregorianCalendar.YEAR, Integer.parseInt(range[0].substring(0,4)));
+ for(int i=getNum(FMT.format(gc.getTime()));i<=end;gc.add(GregorianCalendar.MONTH, 1),i=getNum(FMT.format(gc.getTime()))) {
+ ai.add(i);
+ }
- }
- }
- }
- if(ai.size()==0) {
- throw new NumberFormatException(yyyymm + " is an invalid number or range");
- }
- Collections.sort(ai);
- int ym[] = new int[ai.size()];
- for(int i=0;i<ym.length;++i) {
- ym[i]=ai.get(i);
- }
- return ym;
- }
-
- private static int getNum(String n) {
- if(n==null || n.length()!=6) throw new NumberFormatException(n + " is not in YYYYMM format");
- return Integer.parseInt(n);
- }
+ }
+ }
+ }
+ if(ai.size()==0) {
+ throw new NumberFormatException(yyyymm + " is an invalid number or range");
+ }
+ Collections.sort(ai);
+ int ym[] = new int[ai.size()];
+ for(int i=0;i<ym.length;++i) {
+ ym[i]=ai.get(i);
+ }
+ return ym;
+ }
+
+ private static int getNum(String n) {
+ if(n==null || n.length()!=6) throw new NumberFormatException(n + " is not in YYYYMM format");
+ return Integer.parseInt(n);
+ }
}
diff --git a/auth/auth-service/src/main/java/org/onap/aaf/auth/service/api/API_Mgmt.java b/auth/auth-service/src/main/java/org/onap/aaf/auth/service/api/API_Mgmt.java
index b68b445c..be608df5 100644
--- a/auth/auth-service/src/main/java/org/onap/aaf/auth/service/api/API_Mgmt.java
+++ b/auth/auth-service/src/main/java/org/onap/aaf/auth/service/api/API_Mgmt.java
@@ -48,229 +48,229 @@ import org.onap.aaf.misc.env.Trans;
*/
public class API_Mgmt {
- private static final String SUCCESS = "SUCCESS";
- private final static String PERM_DB_POOL_CLEAR=Define.ROOT_NS()+".db|pool|clear";
- private final static String PERM_DENY_IP = Define.ROOT_NS()+".deny|" + Define.ROOT_COMPANY() + "|ip";
- private final static String PERM_DENY_ID = Define.ROOT_NS()+".deny|" + Define.ROOT_COMPANY() + "|id";
- private final static String PERM_LOG_ID = Define.ROOT_NS()+".log|" + Define.ROOT_COMPANY() + "|id";
+ private static final String SUCCESS = "SUCCESS";
+ private final static String PERM_DB_POOL_CLEAR=Define.ROOT_NS()+".db|pool|clear";
+ private final static String PERM_DENY_IP = Define.ROOT_NS()+".deny|" + Define.ROOT_COMPANY() + "|ip";
+ private final static String PERM_DENY_ID = Define.ROOT_NS()+".deny|" + Define.ROOT_COMPANY() + "|id";
+ private final static String PERM_LOG_ID = Define.ROOT_NS()+".log|" + Define.ROOT_COMPANY() + "|id";
- /**
- * Normal Init level APIs
- *
- * @param authzAPI
- * @param facade
- * @throws Exception
- */
- public static void init(final AAF_Service authzAPI, AuthzFacade facade) throws Exception {
+ /**
+ * Normal Init level APIs
+ *
+ * @param authzAPI
+ * @param facade
+ * @throws Exception
+ */
+ public static void init(final AAF_Service authzAPI, AuthzFacade facade) throws Exception {
- /**
- * Clear Cache Segment
- */
- authzAPI.route(DELETE,"/mgmt/cache/:area/:segments",API.VOID,new Code(facade,"Clear Cache by Segment", true) {
- @Override
- public void handle(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp) throws Exception {
- Result<Void> r = context.cacheClear(trans, pathParam(req,"area"), pathParam(req,"segments"));
- switch(r.status) {
- case OK:
- trans.checkpoint(SUCCESS,Trans.ALWAYS);
- resp.setStatus(HttpStatus.OK_200);
- break;
- default:
- context.error(trans,resp,r);
- }
- }
- });
-
- /**
- * Clear Cache
- */
- authzAPI.route(DELETE,"/mgmt/cache/:area",API.VOID,new Code(facade,"Clear Cache", true) {
- @Override
- public void handle(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp) throws Exception {
- Result<Void> r;
- String area;
- r = context.cacheClear(trans, area=pathParam(req,"area"));
- switch(r.status) {
- case OK:
- trans.audit().log("Cache " + area + " has been cleared by "+trans.user());
- trans.checkpoint(SUCCESS,Trans.ALWAYS);
- resp.setStatus(HttpStatus.OK_200);
- break;
- default:
- context.error(trans,resp,r);
- }
- }
- });
+ /**
+ * Clear Cache Segment
+ */
+ authzAPI.route(DELETE,"/mgmt/cache/:area/:segments",API.VOID,new Code(facade,"Clear Cache by Segment", true) {
+ @Override
+ public void handle(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp) throws Exception {
+ Result<Void> r = context.cacheClear(trans, pathParam(req,"area"), pathParam(req,"segments"));
+ switch(r.status) {
+ case OK:
+ trans.checkpoint(SUCCESS,Trans.ALWAYS);
+ resp.setStatus(HttpStatus.OK_200);
+ break;
+ default:
+ context.error(trans,resp,r);
+ }
+ }
+ });
+
+ /**
+ * Clear Cache
+ */
+ authzAPI.route(DELETE,"/mgmt/cache/:area",API.VOID,new Code(facade,"Clear Cache", true) {
+ @Override
+ public void handle(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp) throws Exception {
+ Result<Void> r;
+ String area;
+ r = context.cacheClear(trans, area=pathParam(req,"area"));
+ switch(r.status) {
+ case OK:
+ trans.audit().log("Cache " + area + " has been cleared by "+trans.user());
+ trans.checkpoint(SUCCESS,Trans.ALWAYS);
+ resp.setStatus(HttpStatus.OK_200);
+ break;
+ default:
+ context.error(trans,resp,r);
+ }
+ }
+ });
- /**
- * Clear DB Sessions
- */
- authzAPI.route(DELETE,"/mgmt/dbsession",API.VOID,new Code(facade,"Clear DBSessions", true) {
- @Override
- public void handle(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp) throws Exception {
- try {
- if(req.isUserInRole(PERM_DB_POOL_CLEAR)) {
- context.dbReset(trans);
+ /**
+ * Clear DB Sessions
+ */
+ authzAPI.route(DELETE,"/mgmt/dbsession",API.VOID,new Code(facade,"Clear DBSessions", true) {
+ @Override
+ public void handle(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp) throws Exception {
+ try {
+ if(req.isUserInRole(PERM_DB_POOL_CLEAR)) {
+ context.dbReset(trans);
- trans.audit().log("DB Sessions have been cleared by "+trans.user());
+ trans.audit().log("DB Sessions have been cleared by "+trans.user());
- trans.checkpoint(SUCCESS,Trans.ALWAYS);
- resp.setStatus(HttpStatus.OK_200);
- return;
- }
- context.error(trans,resp,Result.err(Result.ERR_Denied,"%s is not allowed to clear dbsessions",trans.user()));
- } catch(Exception e) {
- trans.error().log(e, "clearing dbsession");
- context.error(trans,resp,Result.err(e));
- }
- }
- });
+ trans.checkpoint(SUCCESS,Trans.ALWAYS);
+ resp.setStatus(HttpStatus.OK_200);
+ return;
+ }
+ context.error(trans,resp,Result.err(Result.ERR_Denied,"%s is not allowed to clear dbsessions",trans.user()));
+ } catch(Exception e) {
+ trans.error().log(e, "clearing dbsession");
+ context.error(trans,resp,Result.err(e));
+ }
+ }
+ });
- /**
- * Deny an IP
- */
- authzAPI.route(POST, "/mgmt/deny/ip/:ip", API.VOID, new Code(facade,"Deny IP",true) {
- @Override
- public void handle(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp) throws Exception {
- String ip = pathParam(req,":ip");
- if(req.isUserInRole(PERM_DENY_IP)) {
- if(DenialOfServiceTaf.denyIP(ip)) {
- trans.audit().log(ip+" has been set to deny by "+trans.user());
- trans.checkpoint(SUCCESS,Trans.ALWAYS);
+ /**
+ * Deny an IP
+ */
+ authzAPI.route(POST, "/mgmt/deny/ip/:ip", API.VOID, new Code(facade,"Deny IP",true) {
+ @Override
+ public void handle(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp) throws Exception {
+ String ip = pathParam(req,":ip");
+ if(req.isUserInRole(PERM_DENY_IP)) {
+ if(DenialOfServiceTaf.denyIP(ip)) {
+ trans.audit().log(ip+" has been set to deny by "+trans.user());
+ trans.checkpoint(SUCCESS,Trans.ALWAYS);
- resp.setStatus(HttpStatus.CREATED_201);
- } else {
- context.error(trans,resp,Result.err(Status.ERR_ConflictAlreadyExists,
- ip + " is already being denied"));
- }
- } else {
- trans.audit().log(trans.user(),"has attempted to deny",ip,"without authorization");
- context.error(trans,resp,Result.err(Status.ERR_Denied,
- trans.getUserPrincipal().getName() + " is not allowed to set IP Denial"));
- }
- }
- });
-
- /**
- * Stop Denying an IP
- */
- authzAPI.route(DELETE, "/mgmt/deny/ip/:ip", API.VOID, new Code(facade,"Stop Denying IP",true) {
- @Override
- public void handle(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp) throws Exception {
- String ip = pathParam(req,":ip");
- if(req.isUserInRole(PERM_DENY_IP)) {
- if(DenialOfServiceTaf.removeDenyIP(ip)) {
- trans.audit().log(ip+" has been removed from denial by "+trans.user());
- trans.checkpoint(SUCCESS,Trans.ALWAYS);
- resp.setStatus(HttpStatus.OK_200);
- } else {
- context.error(trans,resp,Result.err(Status.ERR_NotFound,
- ip + " is not on the denial list"));
- }
- } else {
- trans.audit().log(trans.user(),"has attempted to remove",ip," from being denied without authorization");
- context.error(trans,resp,Result.err(Status.ERR_Denied,
- trans.getUserPrincipal().getName() + " is not allowed to remove IP Denial"));
- }
- }
- });
+ resp.setStatus(HttpStatus.CREATED_201);
+ } else {
+ context.error(trans,resp,Result.err(Status.ERR_ConflictAlreadyExists,
+ ip + " is already being denied"));
+ }
+ } else {
+ trans.audit().log(trans.user(),"has attempted to deny",ip,"without authorization");
+ context.error(trans,resp,Result.err(Status.ERR_Denied,
+ trans.getUserPrincipal().getName() + " is not allowed to set IP Denial"));
+ }
+ }
+ });
+
+ /**
+ * Stop Denying an IP
+ */
+ authzAPI.route(DELETE, "/mgmt/deny/ip/:ip", API.VOID, new Code(facade,"Stop Denying IP",true) {
+ @Override
+ public void handle(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp) throws Exception {
+ String ip = pathParam(req,":ip");
+ if(req.isUserInRole(PERM_DENY_IP)) {
+ if(DenialOfServiceTaf.removeDenyIP(ip)) {
+ trans.audit().log(ip+" has been removed from denial by "+trans.user());
+ trans.checkpoint(SUCCESS,Trans.ALWAYS);
+ resp.setStatus(HttpStatus.OK_200);
+ } else {
+ context.error(trans,resp,Result.err(Status.ERR_NotFound,
+ ip + " is not on the denial list"));
+ }
+ } else {
+ trans.audit().log(trans.user(),"has attempted to remove",ip," from being denied without authorization");
+ context.error(trans,resp,Result.err(Status.ERR_Denied,
+ trans.getUserPrincipal().getName() + " is not allowed to remove IP Denial"));
+ }
+ }
+ });
- /**
- * Deny an ID
- */
- authzAPI.route(POST, "/mgmt/deny/id/:id", API.VOID, new Code(facade,"Deny ID",true) {
- @Override
- public void handle(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp) throws Exception {
- String id = pathParam(req,":id");
- if(req.isUserInRole(PERM_DENY_ID)) {
- if(DenialOfServiceTaf.denyID(id)) {
- trans.audit().log(id+" has been set to deny by "+trans.user());
- trans.checkpoint(SUCCESS,Trans.ALWAYS);
- resp.setStatus(HttpStatus.CREATED_201);
- } else {
- context.error(trans,resp,Result.err(Status.ERR_ConflictAlreadyExists,
- id + " is already being denied"));
- }
- } else {
- trans.audit().log(trans.user(),"has attempted to deny",id,"without authorization");
- context.error(trans,resp,Result.err(Status.ERR_Denied,
- trans.getUserPrincipal().getName() + " is not allowed to set ID Denial"));
- }
- }
- });
-
- /**
- * Stop Denying an ID
- */
- authzAPI.route(DELETE, "/mgmt/deny/id/:id", API.VOID, new Code(facade,"Stop Denying ID",true) {
- @Override
- public void handle(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp) throws Exception {
- String id = pathParam(req,":id");
- if(req.isUserInRole(PERM_DENY_ID)) {
- if(DenialOfServiceTaf.removeDenyID(id)) {
- trans.audit().log(id+" has been removed from denial by " + trans.user());
- trans.checkpoint(SUCCESS,Trans.ALWAYS);
- resp.setStatus(HttpStatus.OK_200);
- } else {
- context.error(trans,resp,Result.err(Status.ERR_NotFound,
- id + " is not on the denial list"));
- }
- } else {
- trans.audit().log(trans.user(),"has attempted to remove",id," from being denied without authorization");
- context.error(trans,resp,Result.err(Status.ERR_Denied,
- trans.getUserPrincipal().getName() + " is not allowed to remove ID Denial"));
- }
- }
- });
+ /**
+ * Deny an ID
+ */
+ authzAPI.route(POST, "/mgmt/deny/id/:id", API.VOID, new Code(facade,"Deny ID",true) {
+ @Override
+ public void handle(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp) throws Exception {
+ String id = pathParam(req,":id");
+ if(req.isUserInRole(PERM_DENY_ID)) {
+ if(DenialOfServiceTaf.denyID(id)) {
+ trans.audit().log(id+" has been set to deny by "+trans.user());
+ trans.checkpoint(SUCCESS,Trans.ALWAYS);
+ resp.setStatus(HttpStatus.CREATED_201);
+ } else {
+ context.error(trans,resp,Result.err(Status.ERR_ConflictAlreadyExists,
+ id + " is already being denied"));
+ }
+ } else {
+ trans.audit().log(trans.user(),"has attempted to deny",id,"without authorization");
+ context.error(trans,resp,Result.err(Status.ERR_Denied,
+ trans.getUserPrincipal().getName() + " is not allowed to set ID Denial"));
+ }
+ }
+ });
+
+ /**
+ * Stop Denying an ID
+ */
+ authzAPI.route(DELETE, "/mgmt/deny/id/:id", API.VOID, new Code(facade,"Stop Denying ID",true) {
+ @Override
+ public void handle(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp) throws Exception {
+ String id = pathParam(req,":id");
+ if(req.isUserInRole(PERM_DENY_ID)) {
+ if(DenialOfServiceTaf.removeDenyID(id)) {
+ trans.audit().log(id+" has been removed from denial by " + trans.user());
+ trans.checkpoint(SUCCESS,Trans.ALWAYS);
+ resp.setStatus(HttpStatus.OK_200);
+ } else {
+ context.error(trans,resp,Result.err(Status.ERR_NotFound,
+ id + " is not on the denial list"));
+ }
+ } else {
+ trans.audit().log(trans.user(),"has attempted to remove",id," from being denied without authorization");
+ context.error(trans,resp,Result.err(Status.ERR_Denied,
+ trans.getUserPrincipal().getName() + " is not allowed to remove ID Denial"));
+ }
+ }
+ });
- /**
- * Deny an ID
- */
- authzAPI.route(POST, "/mgmt/log/id/:id", API.VOID, new Code(facade,"Special Log ID",true) {
- @Override
- public void handle(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp) throws Exception {
- String id = pathParam(req,":id");
- if(req.isUserInRole(PERM_LOG_ID)) {
- if(Question.specialLogOn(trans,id)) {
- trans.audit().log(id+" has been set to special Log by "+trans.user());
- trans.checkpoint(SUCCESS,Trans.ALWAYS);
- resp.setStatus(HttpStatus.CREATED_201);
- } else {
- context.error(trans,resp,Result.err(Status.ERR_ConflictAlreadyExists,
- id + " is already being special Logged"));
- }
- } else {
- trans.audit().log(trans.user(),"has attempted to special Log",id,"without authorization");
- context.error(trans,resp,Result.err(Status.ERR_Denied,
- trans.getUserPrincipal().getName() + " is not allowed to set ID special Logging"));
- }
- }
- });
-
- /**
- * Stop Denying an ID
- */
- authzAPI.route(DELETE, "/mgmt/log/id/:id", API.VOID, new Code(facade,"Stop Special Log ID",true) {
- @Override
- public void handle(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp) throws Exception {
- String id = pathParam(req,":id");
- if(req.isUserInRole(PERM_LOG_ID)) {
- if(Question.specialLogOff(trans,id)) {
- trans.audit().log(id+" has been removed from special Logging by " + trans.user());
- trans.checkpoint(SUCCESS,Trans.ALWAYS);
- resp.setStatus(HttpStatus.OK_200);
- } else {
- context.error(trans,resp,Result.err(Status.ERR_NotFound,
- id + " is not on the special Logging list"));
- }
- } else {
- trans.audit().log(trans.user(),"has attempted to remove",id," from being special Logged without authorization");
- context.error(trans,resp,Result.err(Status.ERR_Denied,
- trans.getUserPrincipal().getName() + " is not allowed to remove ID special Logging"));
- }
- }
- });
+ /**
+ * Deny an ID
+ */
+ authzAPI.route(POST, "/mgmt/log/id/:id", API.VOID, new Code(facade,"Special Log ID",true) {
+ @Override
+ public void handle(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp) throws Exception {
+ String id = pathParam(req,":id");
+ if(req.isUserInRole(PERM_LOG_ID)) {
+ if(Question.specialLogOn(trans,id)) {
+ trans.audit().log(id+" has been set to special Log by "+trans.user());
+ trans.checkpoint(SUCCESS,Trans.ALWAYS);
+ resp.setStatus(HttpStatus.CREATED_201);
+ } else {
+ context.error(trans,resp,Result.err(Status.ERR_ConflictAlreadyExists,
+ id + " is already being special Logged"));
+ }
+ } else {
+ trans.audit().log(trans.user(),"has attempted to special Log",id,"without authorization");
+ context.error(trans,resp,Result.err(Status.ERR_Denied,
+ trans.getUserPrincipal().getName() + " is not allowed to set ID special Logging"));
+ }
+ }
+ });
+
+ /**
+ * Stop Denying an ID
+ */
+ authzAPI.route(DELETE, "/mgmt/log/id/:id", API.VOID, new Code(facade,"Stop Special Log ID",true) {
+ @Override
+ public void handle(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp) throws Exception {
+ String id = pathParam(req,":id");
+ if(req.isUserInRole(PERM_LOG_ID)) {
+ if(Question.specialLogOff(trans,id)) {
+ trans.audit().log(id+" has been removed from special Logging by " + trans.user());
+ trans.checkpoint(SUCCESS,Trans.ALWAYS);
+ resp.setStatus(HttpStatus.OK_200);
+ } else {
+ context.error(trans,resp,Result.err(Status.ERR_NotFound,
+ id + " is not on the special Logging list"));
+ }
+ } else {
+ trans.audit().log(trans.user(),"has attempted to remove",id," from being special Logged without authorization");
+ context.error(trans,resp,Result.err(Status.ERR_Denied,
+ trans.getUserPrincipal().getName() + " is not allowed to remove ID special Logging"));
+ }
+ }
+ });
- }
+ }
}
diff --git a/auth/auth-service/src/main/java/org/onap/aaf/auth/service/api/API_Multi.java b/auth/auth-service/src/main/java/org/onap/aaf/auth/service/api/API_Multi.java
index d3fe4f1f..45bc9d0f 100644
--- a/auth/auth-service/src/main/java/org/onap/aaf/auth/service/api/API_Multi.java
+++ b/auth/auth-service/src/main/java/org/onap/aaf/auth/service/api/API_Multi.java
@@ -38,28 +38,28 @@ import org.onap.aaf.auth.service.mapper.Mapper.API;
public class API_Multi {
- public static void init(AAF_Service authzAPI, AuthzFacade facade) throws Exception {
-
- authzAPI.route(POST,"/authz/multi",API.VOID, new Code(facade,"Multiple Request API",true) {
- @Override
- public void handle(
- AuthzTrans trans,
- HttpServletRequest req,
- HttpServletResponse resp) throws Exception {
- Result<Void> r = context.addResponsibilityForNS(trans, resp, pathParam(req,":ns"), pathParam(req,":id"));
- switch(r.status) {
- case OK:
- resp.setStatus(HttpStatus.CREATED_201);
- break;
- case Status.ACC_Future:
- resp.setStatus(HttpStatus.ACCEPTED_202);
- break;
- default:
- context.error(trans,resp,r);
- }
- }
- }
- );
- }
+ public static void init(AAF_Service authzAPI, AuthzFacade facade) throws Exception {
+
+ authzAPI.route(POST,"/authz/multi",API.VOID, new Code(facade,"Multiple Request API",true) {
+ @Override
+ public void handle(
+ AuthzTrans trans,
+ HttpServletRequest req,
+ HttpServletResponse resp) throws Exception {
+ Result<Void> r = context.addResponsibilityForNS(trans, resp, pathParam(req,":ns"), pathParam(req,":id"));
+ switch(r.status) {
+ case OK:
+ resp.setStatus(HttpStatus.CREATED_201);
+ break;
+ case Status.ACC_Future:
+ resp.setStatus(HttpStatus.ACCEPTED_202);
+ break;
+ default:
+ context.error(trans,resp,r);
+ }
+ }
+ }
+ );
+ }
}
diff --git a/auth/auth-service/src/main/java/org/onap/aaf/auth/service/api/API_NS.java b/auth/auth-service/src/main/java/org/onap/aaf/auth/service/api/API_NS.java
index 1087cd4d..0c4a7e49 100644
--- a/auth/auth-service/src/main/java/org/onap/aaf/auth/service/api/API_NS.java
+++ b/auth/auth-service/src/main/java/org/onap/aaf/auth/service/api/API_NS.java
@@ -41,355 +41,355 @@ import org.onap.aaf.auth.service.facade.AuthzFacade;
import org.onap.aaf.auth.service.mapper.Mapper.API;
public class API_NS {
- private static final String FULL = "full";
- private static final String TRUE = "true";
+ private static final String FULL = "full";
+ private static final String TRUE = "true";
- public static void init(AAF_Service authzAPI, AuthzFacade facade) throws Exception {
- /**
- * puts a new Namespace in Authz DB
- *
- * TESTCASES: TC_NS1, TC_NSdelete1
- */
- authzAPI.route(POST,"/authz/ns",API.NS_REQ, new Code(facade,"Create a Namespace",true) {
- @Override
- public void handle(
- AuthzTrans trans,
- HttpServletRequest req,
- HttpServletResponse resp) throws Exception {
- NsType nst = NsType.fromString(req.getParameter("type"));
- Result<Void> r = context.requestNS(trans, req, resp,nst);
-
- switch(r.status) {
- case OK:
- resp.setStatus(HttpStatus.CREATED_201);
- break;
- case Status.ACC_Future:
- resp.setStatus(HttpStatus.ACCEPTED_202);
- break;
- default:
- context.error(trans,resp,r);
- }
- }
- }
- );
-
- /**
- * removes a Namespace from Authz DB
- *
- * TESTCASES: TC_NS1, TC_NSdelete1
- */
- authzAPI.route(DELETE,"/authz/ns/:ns",API.VOID, new Code(facade,"Delete a Namespace",true) {
- @Override
- public void handle(
- AuthzTrans trans,
- HttpServletRequest req,
- HttpServletResponse resp) throws Exception {
- Result<Void> r = context.deleteNS(trans, req, resp, pathParam(req,":ns"));
- switch(r.status) {
- case OK:
- resp.setStatus(HttpStatus.OK_200);
- break;
- default:
- context.error(trans,resp,r);
- }
- }
- }
- );
+ public static void init(AAF_Service authzAPI, AuthzFacade facade) throws Exception {
+ /**
+ * puts a new Namespace in Authz DB
+ *
+ * TESTCASES: TC_NS1, TC_NSdelete1
+ */
+ authzAPI.route(POST,"/authz/ns",API.NS_REQ, new Code(facade,"Create a Namespace",true) {
+ @Override
+ public void handle(
+ AuthzTrans trans,
+ HttpServletRequest req,
+ HttpServletResponse resp) throws Exception {
+ NsType nst = NsType.fromString(req.getParameter("type"));
+ Result<Void> r = context.requestNS(trans, req, resp,nst);
+
+ switch(r.status) {
+ case OK:
+ resp.setStatus(HttpStatus.CREATED_201);
+ break;
+ case Status.ACC_Future:
+ resp.setStatus(HttpStatus.ACCEPTED_202);
+ break;
+ default:
+ context.error(trans,resp,r);
+ }
+ }
+ }
+ );
+
+ /**
+ * removes a Namespace from Authz DB
+ *
+ * TESTCASES: TC_NS1, TC_NSdelete1
+ */
+ authzAPI.route(DELETE,"/authz/ns/:ns",API.VOID, new Code(facade,"Delete a Namespace",true) {
+ @Override
+ public void handle(
+ AuthzTrans trans,
+ HttpServletRequest req,
+ HttpServletResponse resp) throws Exception {
+ Result<Void> r = context.deleteNS(trans, req, resp, pathParam(req,":ns"));
+ switch(r.status) {
+ case OK:
+ resp.setStatus(HttpStatus.OK_200);
+ break;
+ default:
+ context.error(trans,resp,r);
+ }
+ }
+ }
+ );
- /**
- * Add an Admin in NS in Authz DB
- *
- * TESTCASES: TC_NS1
- */
- authzAPI.route(POST,"/authz/ns/:ns/admin/:id",API.VOID, new Code(facade,"Add an Admin to a Namespace",true) {
- @Override
- public void handle(
- AuthzTrans trans,
- HttpServletRequest req,
- HttpServletResponse resp) throws Exception {
- Result<Void> r = context.addAdminToNS(trans, resp, pathParam(req,":ns"), pathParam(req,":id"));
- switch(r.status) {
- case OK:
- resp.setStatus(HttpStatus.CREATED_201);
- break;
- case Status.ACC_Future:
- resp.setStatus(HttpStatus.ACCEPTED_202);
- break;
- default:
- context.error(trans,resp,r);
- }
- }
- }
- );
-
- /**
- * Removes an Admin from Namespace in Authz DB
- *
- * TESTCASES: TC_NS1
- */
- authzAPI.route(DELETE,"/authz/ns/:ns/admin/:id",API.VOID, new Code(facade,"Remove an Admin from a Namespace",true) {
- @Override
- public void handle(
- AuthzTrans trans,
- HttpServletRequest req,
- HttpServletResponse resp) throws Exception {
- Result<Void> r = context.delAdminFromNS(trans, resp, pathParam(req,":ns"), pathParam(req,":id"));
- switch(r.status) {
- case OK:
- resp.setStatus(HttpStatus.OK_200);
- break;
- default:
- context.error(trans,resp,r);
- }
- }
- }
- );
+ /**
+ * Add an Admin in NS in Authz DB
+ *
+ * TESTCASES: TC_NS1
+ */
+ authzAPI.route(POST,"/authz/ns/:ns/admin/:id",API.VOID, new Code(facade,"Add an Admin to a Namespace",true) {
+ @Override
+ public void handle(
+ AuthzTrans trans,
+ HttpServletRequest req,
+ HttpServletResponse resp) throws Exception {
+ Result<Void> r = context.addAdminToNS(trans, resp, pathParam(req,":ns"), pathParam(req,":id"));
+ switch(r.status) {
+ case OK:
+ resp.setStatus(HttpStatus.CREATED_201);
+ break;
+ case Status.ACC_Future:
+ resp.setStatus(HttpStatus.ACCEPTED_202);
+ break;
+ default:
+ context.error(trans,resp,r);
+ }
+ }
+ }
+ );
+
+ /**
+ * Removes an Admin from Namespace in Authz DB
+ *
+ * TESTCASES: TC_NS1
+ */
+ authzAPI.route(DELETE,"/authz/ns/:ns/admin/:id",API.VOID, new Code(facade,"Remove an Admin from a Namespace",true) {
+ @Override
+ public void handle(
+ AuthzTrans trans,
+ HttpServletRequest req,
+ HttpServletResponse resp) throws Exception {
+ Result<Void> r = context.delAdminFromNS(trans, resp, pathParam(req,":ns"), pathParam(req,":id"));
+ switch(r.status) {
+ case OK:
+ resp.setStatus(HttpStatus.OK_200);
+ break;
+ default:
+ context.error(trans,resp,r);
+ }
+ }
+ }
+ );
- /**
- * Add an Admin in NS in Authz DB
- *
- * TESTCASES: TC_NS1
- */
- authzAPI.route(POST,"/authz/ns/:ns/responsible/:id",API.VOID, new Code(facade,"Add a Responsible Identity to a Namespace",true) {
- @Override
- public void handle(
- AuthzTrans trans,
- HttpServletRequest req,
- HttpServletResponse resp) throws Exception {
- Result<Void> r = context.addResponsibilityForNS(trans, resp, pathParam(req,":ns"), pathParam(req,":id"));
- switch(r.status) {
- case OK:
- resp.setStatus(HttpStatus.CREATED_201);
- break;
- case Status.ACC_Future:
- resp.setStatus(HttpStatus.ACCEPTED_202);
- break;
- default:
- context.error(trans,resp,r);
- }
- }
- }
- );
+ /**
+ * Add an Admin in NS in Authz DB
+ *
+ * TESTCASES: TC_NS1
+ */
+ authzAPI.route(POST,"/authz/ns/:ns/responsible/:id",API.VOID, new Code(facade,"Add a Responsible Identity to a Namespace",true) {
+ @Override
+ public void handle(
+ AuthzTrans trans,
+ HttpServletRequest req,
+ HttpServletResponse resp) throws Exception {
+ Result<Void> r = context.addResponsibilityForNS(trans, resp, pathParam(req,":ns"), pathParam(req,":id"));
+ switch(r.status) {
+ case OK:
+ resp.setStatus(HttpStatus.CREATED_201);
+ break;
+ case Status.ACC_Future:
+ resp.setStatus(HttpStatus.ACCEPTED_202);
+ break;
+ default:
+ context.error(trans,resp,r);
+ }
+ }
+ }
+ );
- /**
- *
- */
- authzAPI.route(GET,"/authz/nss/:id",API.NSS, new Code(facade,"Return Information about Namespaces", true) {
- @Override
- public void handle(
- AuthzTrans trans,
- HttpServletRequest req,
- HttpServletResponse resp) throws Exception {
- Result<Void> r = context.getNSsByName(trans, resp, pathParam(req,":id"));
- switch(r.status) {
- case OK:
- resp.setStatus(HttpStatus.OK_200);
- break;
- default:
- context.error(trans,resp,r);
- }
- }
- }
- );
-
- /**
- * Get all Namespaces where user is an admin
- */
- authzAPI.route(GET,"/authz/nss/admin/:user",API.NSS, new Code(facade,"Return Namespaces where User is an Admin", true) {
- @Override
- public void handle(
- AuthzTrans trans,
- HttpServletRequest req,
- HttpServletResponse resp) throws Exception {
- Result<Void> r = context.getNSsByAdmin(trans, resp, pathParam(req,":user"),TRUE.equals(req.getParameter(FULL)));
- switch(r.status) {
- case OK:
- resp.setStatus(HttpStatus.OK_200);
- break;
- default:
- context.error(trans,resp,r);
- }
- }
- }
- );
-
- /**
- * Get all Namespaces where user is a responsible party
- */
- authzAPI.route(GET,"/authz/nss/responsible/:user",API.NSS, new Code(facade,"Return Namespaces where User is Responsible", true) {
- @Override
- public void handle(
- AuthzTrans trans,
- HttpServletRequest req,
- HttpServletResponse resp) throws Exception {
- Result<Void> r = context.getNSsByResponsible(trans, resp, pathParam(req,":user"),TRUE.equals(req.getParameter(FULL)));
- switch(r.status) {
- case OK:
- resp.setStatus(HttpStatus.OK_200);
- break;
- default:
- context.error(trans,resp,r);
- }
- }
- }
- );
+ /**
+ *
+ */
+ authzAPI.route(GET,"/authz/nss/:id",API.NSS, new Code(facade,"Return Information about Namespaces", true) {
+ @Override
+ public void handle(
+ AuthzTrans trans,
+ HttpServletRequest req,
+ HttpServletResponse resp) throws Exception {
+ Result<Void> r = context.getNSsByName(trans, resp, pathParam(req,":id"));
+ switch(r.status) {
+ case OK:
+ resp.setStatus(HttpStatus.OK_200);
+ break;
+ default:
+ context.error(trans,resp,r);
+ }
+ }
+ }
+ );
+
+ /**
+ * Get all Namespaces where user is an admin
+ */
+ authzAPI.route(GET,"/authz/nss/admin/:user",API.NSS, new Code(facade,"Return Namespaces where User is an Admin", true) {
+ @Override
+ public void handle(
+ AuthzTrans trans,
+ HttpServletRequest req,
+ HttpServletResponse resp) throws Exception {
+ Result<Void> r = context.getNSsByAdmin(trans, resp, pathParam(req,":user"),TRUE.equals(req.getParameter(FULL)));
+ switch(r.status) {
+ case OK:
+ resp.setStatus(HttpStatus.OK_200);
+ break;
+ default:
+ context.error(trans,resp,r);
+ }
+ }
+ }
+ );
+
+ /**
+ * Get all Namespaces where user is a responsible party
+ */
+ authzAPI.route(GET,"/authz/nss/responsible/:user",API.NSS, new Code(facade,"Return Namespaces where User is Responsible", true) {
+ @Override
+ public void handle(
+ AuthzTrans trans,
+ HttpServletRequest req,
+ HttpServletResponse resp) throws Exception {
+ Result<Void> r = context.getNSsByResponsible(trans, resp, pathParam(req,":user"),TRUE.equals(req.getParameter(FULL)));
+ switch(r.status) {
+ case OK:
+ resp.setStatus(HttpStatus.OK_200);
+ break;
+ default:
+ context.error(trans,resp,r);
+ }
+ }
+ }
+ );
- /**
- * Get all Namespaces where user is an admin or owner
- */
- authzAPI.route(GET,"/authz/nss/either/:user",API.NSS, new Code(facade,"Return Namespaces where User Admin or Owner", true) {
- @Override
- public void handle(
- AuthzTrans trans,
- HttpServletRequest req,
- HttpServletResponse resp) throws Exception {
- Result<Void> r = context.getNSsByEither(trans, resp, pathParam(req,":user"),TRUE.equals(req.getParameter(FULL)));
- switch(r.status) {
- case OK:
- resp.setStatus(HttpStatus.OK_200);
- break;
- default:
- context.error(trans,resp,r);
- }
- }
- }
- );
+ /**
+ * Get all Namespaces where user is an admin or owner
+ */
+ authzAPI.route(GET,"/authz/nss/either/:user",API.NSS, new Code(facade,"Return Namespaces where User Admin or Owner", true) {
+ @Override
+ public void handle(
+ AuthzTrans trans,
+ HttpServletRequest req,
+ HttpServletResponse resp) throws Exception {
+ Result<Void> r = context.getNSsByEither(trans, resp, pathParam(req,":user"),TRUE.equals(req.getParameter(FULL)));
+ switch(r.status) {
+ case OK:
+ resp.setStatus(HttpStatus.OK_200);
+ break;
+ default:
+ context.error(trans,resp,r);
+ }
+ }
+ }
+ );
- /**
- * Get all children Namespaces
- */
- authzAPI.route(GET,"/authz/nss/children/:id",API.NSS, new Code(facade,"Return Child Namespaces", true) {
- @Override
- public void handle(
- AuthzTrans trans,
- HttpServletRequest req,
- HttpServletResponse resp) throws Exception {
- Result<Void> r = context.getNSsChildren(trans, resp, pathParam(req,":id"));
- switch(r.status) {
- case OK:
- resp.setStatus(HttpStatus.OK_200);
- break;
- default:
- context.error(trans,resp,r);
- }
- }
- }
- );
+ /**
+ * Get all children Namespaces
+ */
+ authzAPI.route(GET,"/authz/nss/children/:id",API.NSS, new Code(facade,"Return Child Namespaces", true) {
+ @Override
+ public void handle(
+ AuthzTrans trans,
+ HttpServletRequest req,
+ HttpServletResponse resp) throws Exception {
+ Result<Void> r = context.getNSsChildren(trans, resp, pathParam(req,":id"));
+ switch(r.status) {
+ case OK:
+ resp.setStatus(HttpStatus.OK_200);
+ break;
+ default:
+ context.error(trans,resp,r);
+ }
+ }
+ }
+ );
- /**
- * Set a description of a Namespace
- */
- authzAPI.route(PUT,"/authz/ns",API.NS_REQ,new Code(facade,"Set a Description for a Namespace",true) {
- @Override
- public void handle(
- AuthzTrans trans,
- HttpServletRequest req,
- HttpServletResponse resp) throws Exception {
-
- Result<Void> r = context.updateNsDescription(trans, req, resp);
- switch(r.status) {
- case OK:
- resp.setStatus(HttpStatus.OK_200);
- break;
- default:
- context.error(trans,resp,r);
- }
- }
- });
-
- /**
- * Removes an Owner from Namespace in Authz DB
- *
- * TESTCASES: TC_NS1
- */
- authzAPI.route(DELETE,"/authz/ns/:ns/responsible/:id",API.VOID, new Code(facade,"Remove a Responsible Identity from Namespace",true) {
- @Override
- public void handle(
- AuthzTrans trans,
- HttpServletRequest req,
- HttpServletResponse resp) throws Exception {
- Result<Void> r = context.delResponsibilityForNS(trans, resp, pathParam(req,":ns"), pathParam(req,":id"));
- switch(r.status) {
- case OK:
- resp.setStatus(HttpStatus.OK_200);
- break;
- default:
- context.error(trans,resp,r);
- }
- }
- }
- );
+ /**
+ * Set a description of a Namespace
+ */
+ authzAPI.route(PUT,"/authz/ns",API.NS_REQ,new Code(facade,"Set a Description for a Namespace",true) {
+ @Override
+ public void handle(
+ AuthzTrans trans,
+ HttpServletRequest req,
+ HttpServletResponse resp) throws Exception {
+
+ Result<Void> r = context.updateNsDescription(trans, req, resp);
+ switch(r.status) {
+ case OK:
+ resp.setStatus(HttpStatus.OK_200);
+ break;
+ default:
+ context.error(trans,resp,r);
+ }
+ }
+ });
+
+ /**
+ * Removes an Owner from Namespace in Authz DB
+ *
+ * TESTCASES: TC_NS1
+ */
+ authzAPI.route(DELETE,"/authz/ns/:ns/responsible/:id",API.VOID, new Code(facade,"Remove a Responsible Identity from Namespace",true) {
+ @Override
+ public void handle(
+ AuthzTrans trans,
+ HttpServletRequest req,
+ HttpServletResponse resp) throws Exception {
+ Result<Void> r = context.delResponsibilityForNS(trans, resp, pathParam(req,":ns"), pathParam(req,":id"));
+ switch(r.status) {
+ case OK:
+ resp.setStatus(HttpStatus.OK_200);
+ break;
+ default:
+ context.error(trans,resp,r);
+ }
+ }
+ }
+ );
- authzAPI.route(POST,"/authz/ns/:ns/attrib/:key/:value",API.VOID, new Code(facade,"Add an Attribute from a Namespace",true) {
- @Override
- public void handle(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp) throws Exception {
- Result<Void> r = context.createAttribForNS(trans, resp,
- pathParam(req,":ns"),
- pathParam(req,":key"),
- pathParam(req,":value"));
- switch(r.status) {
- case OK:
- resp.setStatus(HttpStatus.CREATED_201);
- break;
- default:
- context.error(trans,resp,r);
- }
- }
- }
- );
+ authzAPI.route(POST,"/authz/ns/:ns/attrib/:key/:value",API.VOID, new Code(facade,"Add an Attribute from a Namespace",true) {
+ @Override
+ public void handle(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp) throws Exception {
+ Result<Void> r = context.createAttribForNS(trans, resp,
+ pathParam(req,":ns"),
+ pathParam(req,":key"),
+ pathParam(req,":value"));
+ switch(r.status) {
+ case OK:
+ resp.setStatus(HttpStatus.CREATED_201);
+ break;
+ default:
+ context.error(trans,resp,r);
+ }
+ }
+ }
+ );
- authzAPI.route(GET,"/authz/ns/attrib/:key",API.KEYS, new Code(facade,"get Ns Key List From Attribute",true) {
- @Override
- public void handle(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp) throws Exception {
- Result<Void> r = context.readNsByAttrib(trans, resp, pathParam(req,":key"));
- switch(r.status) {
- case OK:
- resp.setStatus(HttpStatus.OK_200);
- break;
- default:
- context.error(trans,resp,r);
- }
- }
- }
- );
+ authzAPI.route(GET,"/authz/ns/attrib/:key",API.KEYS, new Code(facade,"get Ns Key List From Attribute",true) {
+ @Override
+ public void handle(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp) throws Exception {
+ Result<Void> r = context.readNsByAttrib(trans, resp, pathParam(req,":key"));
+ switch(r.status) {
+ case OK:
+ resp.setStatus(HttpStatus.OK_200);
+ break;
+ default:
+ context.error(trans,resp,r);
+ }
+ }
+ }
+ );
- authzAPI.route(PUT,"/authz/ns/:ns/attrib/:key/:value",API.VOID, new Code(facade,"update an Attribute from a Namespace",true) {
- @Override
- public void handle(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp) throws Exception {
- Result<Void> r = context.updAttribForNS(trans, resp,
- pathParam(req,":ns"),
- pathParam(req,":key"),
- pathParam(req,":value"));
- switch(r.status) {
- case OK:
- resp.setStatus(HttpStatus.OK_200);
- break;
- default:
- context.error(trans,resp,r);
- }
- }
- }
- );
-
- authzAPI.route(DELETE,"/authz/ns/:ns/attrib/:key",API.VOID, new Code(facade,"delete an Attribute from a Namespace",true) {
- @Override
- public void handle(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp) throws Exception {
- Result<Void> r = context.delAttribForNS(trans, resp,
- pathParam(req,":ns"),
- pathParam(req,":key"));
- switch(r.status) {
- case OK:
- resp.setStatus(HttpStatus.OK_200);
- break;
- default:
- context.error(trans,resp,r);
- }
- }
- }
- );
+ authzAPI.route(PUT,"/authz/ns/:ns/attrib/:key/:value",API.VOID, new Code(facade,"update an Attribute from a Namespace",true) {
+ @Override
+ public void handle(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp) throws Exception {
+ Result<Void> r = context.updAttribForNS(trans, resp,
+ pathParam(req,":ns"),
+ pathParam(req,":key"),
+ pathParam(req,":value"));
+ switch(r.status) {
+ case OK:
+ resp.setStatus(HttpStatus.OK_200);
+ break;
+ default:
+ context.error(trans,resp,r);
+ }
+ }
+ }
+ );
+
+ authzAPI.route(DELETE,"/authz/ns/:ns/attrib/:key",API.VOID, new Code(facade,"delete an Attribute from a Namespace",true) {
+ @Override
+ public void handle(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp) throws Exception {
+ Result<Void> r = context.delAttribForNS(trans, resp,
+ pathParam(req,":ns"),
+ pathParam(req,":key"));
+ switch(r.status) {
+ case OK:
+ resp.setStatus(HttpStatus.OK_200);
+ break;
+ default:
+ context.error(trans,resp,r);
+ }
+ }
+ }
+ );
- }
-
-
+ }
+
+
}
diff --git a/auth/auth-service/src/main/java/org/onap/aaf/auth/service/api/API_Perms.java b/auth/auth-service/src/main/java/org/onap/aaf/auth/service/api/API_Perms.java
index c9795a5f..5f2a823e 100644
--- a/auth/auth-service/src/main/java/org/onap/aaf/auth/service/api/API_Perms.java
+++ b/auth/auth-service/src/main/java/org/onap/aaf/auth/service/api/API_Perms.java
@@ -43,254 +43,254 @@ import org.onap.aaf.cadi.config.Config;
import org.onap.aaf.misc.env.util.Split;
public class API_Perms {
- public static void timeSensitiveInit(AAF_Service authzAPI, AuthzFacade facade) throws Exception {
- /**
- * gets all permissions by user name
- */
- authzAPI.route(GET, "/authz/perms/user/:user", API.PERMS, new Code(facade,"Get Permissions by User",true) {
- public void handle(
- AuthzTrans trans,
- HttpServletRequest req,
- HttpServletResponse resp) throws Exception {
-
- String scopes = req.getParameter("scopes");
- Result<Void> r;
- if(scopes==null) {
- r = context.getPermsByUser(trans, resp, pathParam(req, "user"));
- } else {
- r = context.getPermsByUserScope(trans, resp, pathParam(req, "user"),Split.split(':', scopes));
- }
- switch(r.status) {
- case OK:
- resp.setStatus(HttpStatus.OK_200);
- break;
- default:
- context.error(trans,resp,r);
- }
- }
+ public static void timeSensitiveInit(AAF_Service authzAPI, AuthzFacade facade) throws Exception {
+ /**
+ * gets all permissions by user name
+ */
+ authzAPI.route(GET, "/authz/perms/user/:user", API.PERMS, new Code(facade,"Get Permissions by User",true) {
+ public void handle(
+ AuthzTrans trans,
+ HttpServletRequest req,
+ HttpServletResponse resp) throws Exception {
+
+ String scopes = req.getParameter("scopes");
+ Result<Void> r;
+ if(scopes==null) {
+ r = context.getPermsByUser(trans, resp, pathParam(req, "user"));
+ } else {
+ r = context.getPermsByUserScope(trans, resp, pathParam(req, "user"),Split.split(':', scopes));
+ }
+ switch(r.status) {
+ case OK:
+ resp.setStatus(HttpStatus.OK_200);
+ break;
+ default:
+ context.error(trans,resp,r);
+ }
+ }
- });
-
- /**
- * gets all permissions by user name
- */
- authzAPI.route(POST, "/authz/perms/user/:user", API.PERMS, new Code(facade,"Get Permissions by User, Query AAF Perms",true) {
- public void handle(
- AuthzTrans trans,
- HttpServletRequest req,
- HttpServletResponse resp) throws Exception {
-
- Result<Void> r = context.getPermsByUserWithAAFQuery(trans, req, resp, pathParam(req, "user"));
- switch(r.status) {
- case OK:
- resp.setStatus(HttpStatus.OK_200);
- break;
- default:
- context.error(trans,resp,r);
- }
- }
+ });
+
+ /**
+ * gets all permissions by user name
+ */
+ authzAPI.route(POST, "/authz/perms/user/:user", API.PERMS, new Code(facade,"Get Permissions by User, Query AAF Perms",true) {
+ public void handle(
+ AuthzTrans trans,
+ HttpServletRequest req,
+ HttpServletResponse resp) throws Exception {
+
+ Result<Void> r = context.getPermsByUserWithAAFQuery(trans, req, resp, pathParam(req, "user"));
+ switch(r.status) {
+ case OK:
+ resp.setStatus(HttpStatus.OK_200);
+ break;
+ default:
+ context.error(trans,resp,r);
+ }
+ }
- });
+ });
- } // end timeSensitiveInit
+ } // end timeSensitiveInit
- public static void init(AAF_Service authzAPI, AuthzFacade facade) throws Exception {
- /**
- * Create a Permission
- */
- authzAPI.route(POST,"/authz/perm",API.PERM_REQ,new Code(facade,"Create a Permission",true) {
- public void handle(
- AuthzTrans trans,
- HttpServletRequest req,
- HttpServletResponse resp) throws Exception {
-
- Result<Void> r = context.createPerm(trans, req, resp);
- switch(r.status) {
- case OK:
- resp.setStatus(HttpStatus.CREATED_201);
- break;
- default:
- context.error(trans,resp,r);
- }
- }
- });
+ public static void init(AAF_Service authzAPI, AuthzFacade facade) throws Exception {
+ /**
+ * Create a Permission
+ */
+ authzAPI.route(POST,"/authz/perm",API.PERM_REQ,new Code(facade,"Create a Permission",true) {
+ public void handle(
+ AuthzTrans trans,
+ HttpServletRequest req,
+ HttpServletResponse resp) throws Exception {
+
+ Result<Void> r = context.createPerm(trans, req, resp);
+ switch(r.status) {
+ case OK:
+ resp.setStatus(HttpStatus.CREATED_201);
+ break;
+ default:
+ context.error(trans,resp,r);
+ }
+ }
+ });
- /**
- * get details of Permission
- */
- authzAPI.route(GET, "/authz/perms/:type/:instance/:action", API.PERMS, new Code(facade,"Get Permissions by Key",true) {
- public void handle(
- AuthzTrans trans,
- HttpServletRequest req,
- HttpServletResponse resp) throws Exception {
-
- Result<Void> r = context.getPermsByName(trans, resp,
- pathParam(req, "type"),
- URLDecoder.decode(pathParam(req, "instance"),Config.UTF_8),
- pathParam(req, "action"));
- switch(r.status) {
- case OK:
- resp.setStatus(HttpStatus.OK_200);
- break;
- default:
- context.error(trans,resp,r);
- }
- }
+ /**
+ * get details of Permission
+ */
+ authzAPI.route(GET, "/authz/perms/:type/:instance/:action", API.PERMS, new Code(facade,"Get Permissions by Key",true) {
+ public void handle(
+ AuthzTrans trans,
+ HttpServletRequest req,
+ HttpServletResponse resp) throws Exception {
+
+ Result<Void> r = context.getPermsByName(trans, resp,
+ pathParam(req, "type"),
+ URLDecoder.decode(pathParam(req, "instance"),Config.UTF_8),
+ pathParam(req, "action"));
+ switch(r.status) {
+ case OK:
+ resp.setStatus(HttpStatus.OK_200);
+ break;
+ default:
+ context.error(trans,resp,r);
+ }
+ }
- });
-
- /**
- * get children of Permission
- */
- authzAPI.route(GET, "/authz/perms/:type", API.PERMS, new Code(facade,"Get Permissions by Type",true) {
- public void handle(
- AuthzTrans trans,
- HttpServletRequest req,
- HttpServletResponse resp) throws Exception {
-
- Result<Void> r = context.getPermsByType(trans, resp, pathParam(req, "type"));
- switch(r.status) {
- case OK:
- resp.setStatus(HttpStatus.OK_200);
- break;
- default:
- context.error(trans,resp,r);
- }
- }
+ });
+
+ /**
+ * get children of Permission
+ */
+ authzAPI.route(GET, "/authz/perms/:type", API.PERMS, new Code(facade,"Get Permissions by Type",true) {
+ public void handle(
+ AuthzTrans trans,
+ HttpServletRequest req,
+ HttpServletResponse resp) throws Exception {
+
+ Result<Void> r = context.getPermsByType(trans, resp, pathParam(req, "type"));
+ switch(r.status) {
+ case OK:
+ resp.setStatus(HttpStatus.OK_200);
+ break;
+ default:
+ context.error(trans,resp,r);
+ }
+ }
- });
+ });
-
- /**
- * gets all permissions by role name
- */
- authzAPI.route(GET,"/authz/perms/role/:role",API.PERMS,new Code(facade,"Get Permissions by Role",true) {
- public void handle(
- AuthzTrans trans,
- HttpServletRequest req,
- HttpServletResponse resp) throws Exception {
-
- Result<Void> r = context.getPermsForRole(trans, resp, pathParam(req, "role"));
- switch(r.status) {
- case OK:
- resp.setStatus(HttpStatus.OK_200);
- break;
- default:
- context.error(trans,resp,r);
- }
- }
- });
+
+ /**
+ * gets all permissions by role name
+ */
+ authzAPI.route(GET,"/authz/perms/role/:role",API.PERMS,new Code(facade,"Get Permissions by Role",true) {
+ public void handle(
+ AuthzTrans trans,
+ HttpServletRequest req,
+ HttpServletResponse resp) throws Exception {
+
+ Result<Void> r = context.getPermsForRole(trans, resp, pathParam(req, "role"));
+ switch(r.status) {
+ case OK:
+ resp.setStatus(HttpStatus.OK_200);
+ break;
+ default:
+ context.error(trans,resp,r);
+ }
+ }
+ });
- /**
- * gets all permissions by Namespace
- */
- authzAPI.route(GET,"/authz/perms/ns/:ns",API.PERMS,new Code(facade,"Get PermsByNS",true) {
- public void handle(
- AuthzTrans trans,
- HttpServletRequest req,
- HttpServletResponse resp) throws Exception {
-
- Result<Void> r = context.getPermsByNS(trans, resp, pathParam(req, "ns"));
- switch(r.status) {
- case OK:
- resp.setStatus(HttpStatus.OK_200);
- break;
- default:
- context.error(trans,resp,r);
- }
- }
- });
-
- /**
- * Set a perm's description
- */
- authzAPI.route(PUT,"/authz/perm",API.PERM_REQ,new Code(facade,"Set Description for Permission",true) {
- @Override
- public void handle(
- AuthzTrans trans,
- HttpServletRequest req,
- HttpServletResponse resp) throws Exception {
-
- Result<Void> r = context.updatePermDescription(trans, req, resp);
- switch(r.status) {
- case OK:
- resp.setStatus(HttpStatus.OK_200);
- break;
- default:
- context.error(trans,resp,r);
- }
- }
- });
-
- /**
- * Update a permission with a rename
- */
- authzAPI.route(PUT,"/authz/perm/:type/:instance/:action",API.PERM_REQ,new Code(facade,"Update a Permission",true) {
- public void handle(
- AuthzTrans trans,
- HttpServletRequest req,
- HttpServletResponse resp) throws Exception {
-
- Result<Void> r = context.renamePerm(trans, req, resp, pathParam(req, "type"),
- pathParam(req, "instance"), pathParam(req, "action"));
- switch(r.status) {
- case OK:
- resp.setStatus(HttpStatus.OK_200);
- break;
- default:
- context.error(trans,resp,r);
- }
- }
- });
-
- /**
- * Delete a Permission
- */
- authzAPI.route(DELETE,"/authz/perm",API.PERM_REQ,new Code(facade,"Delete a Permission",true) {
- public void handle(
- AuthzTrans trans,
- HttpServletRequest req,
- HttpServletResponse resp) throws Exception {
-
- Result<Void> r = context.deletePerm(trans,req, resp);
- switch(r.status) {
- case OK:
- resp.setStatus(HttpStatus.OK_200);
- break;
- default:
- context.error(trans,resp,r);
- }
- }
- });
+ /**
+ * gets all permissions by Namespace
+ */
+ authzAPI.route(GET,"/authz/perms/ns/:ns",API.PERMS,new Code(facade,"Get PermsByNS",true) {
+ public void handle(
+ AuthzTrans trans,
+ HttpServletRequest req,
+ HttpServletResponse resp) throws Exception {
+
+ Result<Void> r = context.getPermsByNS(trans, resp, pathParam(req, "ns"));
+ switch(r.status) {
+ case OK:
+ resp.setStatus(HttpStatus.OK_200);
+ break;
+ default:
+ context.error(trans,resp,r);
+ }
+ }
+ });
+
+ /**
+ * Set a perm's description
+ */
+ authzAPI.route(PUT,"/authz/perm",API.PERM_REQ,new Code(facade,"Set Description for Permission",true) {
+ @Override
+ public void handle(
+ AuthzTrans trans,
+ HttpServletRequest req,
+ HttpServletResponse resp) throws Exception {
+
+ Result<Void> r = context.updatePermDescription(trans, req, resp);
+ switch(r.status) {
+ case OK:
+ resp.setStatus(HttpStatus.OK_200);
+ break;
+ default:
+ context.error(trans,resp,r);
+ }
+ }
+ });
+
+ /**
+ * Update a permission with a rename
+ */
+ authzAPI.route(PUT,"/authz/perm/:type/:instance/:action",API.PERM_REQ,new Code(facade,"Update a Permission",true) {
+ public void handle(
+ AuthzTrans trans,
+ HttpServletRequest req,
+ HttpServletResponse resp) throws Exception {
+
+ Result<Void> r = context.renamePerm(trans, req, resp, pathParam(req, "type"),
+ pathParam(req, "instance"), pathParam(req, "action"));
+ switch(r.status) {
+ case OK:
+ resp.setStatus(HttpStatus.OK_200);
+ break;
+ default:
+ context.error(trans,resp,r);
+ }
+ }
+ });
+
+ /**
+ * Delete a Permission
+ */
+ authzAPI.route(DELETE,"/authz/perm",API.PERM_REQ,new Code(facade,"Delete a Permission",true) {
+ public void handle(
+ AuthzTrans trans,
+ HttpServletRequest req,
+ HttpServletResponse resp) throws Exception {
+
+ Result<Void> r = context.deletePerm(trans,req, resp);
+ switch(r.status) {
+ case OK:
+ resp.setStatus(HttpStatus.OK_200);
+ break;
+ default:
+ context.error(trans,resp,r);
+ }
+ }
+ });
-
-
+
+
- /**
- * Delete a Permission
- */
- authzAPI.route(DELETE,"/authz/perm/:name/:type/:action",API.PERM_KEY,new Code(facade,"Delete a Permission",true) {
- public void handle(
- AuthzTrans trans,
- HttpServletRequest req,
- HttpServletResponse resp) throws Exception {
-
- Result<Void> r = context.deletePerm(trans, resp,
- pathParam(req, ":name"),
- pathParam(req, ":type"),
- pathParam(req, ":action"));
- switch(r.status) {
- case OK:
- resp.setStatus(HttpStatus.OK_200);
- break;
- default:
- context.error(trans,resp,r);
- }
- }
- });
+ /**
+ * Delete a Permission
+ */
+ authzAPI.route(DELETE,"/authz/perm/:name/:type/:action",API.PERM_KEY,new Code(facade,"Delete a Permission",true) {
+ public void handle(
+ AuthzTrans trans,
+ HttpServletRequest req,
+ HttpServletResponse resp) throws Exception {
+
+ Result<Void> r = context.deletePerm(trans, resp,
+ pathParam(req, ":name"),
+ pathParam(req, ":type"),
+ pathParam(req, ":action"));
+ switch(r.status) {
+ case OK:
+ resp.setStatus(HttpStatus.OK_200);
+ break;
+ default:
+ context.error(trans,resp,r);
+ }
+ }
+ });
- } // end init
+ } // end init
}
diff --git a/auth/auth-service/src/main/java/org/onap/aaf/auth/service/api/API_Roles.java b/auth/auth-service/src/main/java/org/onap/aaf/auth/service/api/API_Roles.java
index 24259e16..2c93bc38 100644
--- a/auth/auth-service/src/main/java/org/onap/aaf/auth/service/api/API_Roles.java
+++ b/auth/auth-service/src/main/java/org/onap/aaf/auth/service/api/API_Roles.java
@@ -40,298 +40,298 @@ import org.onap.aaf.auth.service.facade.AuthzFacade;
import org.onap.aaf.auth.service.mapper.Mapper.API;
public class API_Roles {
- public static void init(AAF_Service authzAPI, AuthzFacade facade) throws Exception {
- /**
- * puts a new role in Authz DB
- */
- authzAPI.route(POST,"/authz/role",API.ROLE_REQ, new Code(facade,"Create Role",true) {
- @Override
- public void handle(
- AuthzTrans trans,
- HttpServletRequest req,
- HttpServletResponse resp) throws Exception {
- Result<Void> r = context.createRole(trans, req, resp);
-
- switch(r.status) {
- case OK:
- resp.setStatus(HttpStatus.CREATED_201);
- break;
- case Status.ACC_Future:
- resp.setStatus(HttpStatus.ACCEPTED_202);
- break;
- default:
- context.error(trans,resp,r);
- }
- }
- }
- );
+ public static void init(AAF_Service authzAPI, AuthzFacade facade) throws Exception {
+ /**
+ * puts a new role in Authz DB
+ */
+ authzAPI.route(POST,"/authz/role",API.ROLE_REQ, new Code(facade,"Create Role",true) {
+ @Override
+ public void handle(
+ AuthzTrans trans,
+ HttpServletRequest req,
+ HttpServletResponse resp) throws Exception {
+ Result<Void> r = context.createRole(trans, req, resp);
+
+ switch(r.status) {
+ case OK:
+ resp.setStatus(HttpStatus.CREATED_201);
+ break;
+ case Status.ACC_Future:
+ resp.setStatus(HttpStatus.ACCEPTED_202);
+ break;
+ default:
+ context.error(trans,resp,r);
+ }
+ }
+ }
+ );
- /**
- * get Role by name
- */
- authzAPI.route(GET, "/authz/roles/:role", API.ROLES, new Code(facade,"GetRolesByFullName",true) {
- public void handle(
- AuthzTrans trans,
- HttpServletRequest req,
- HttpServletResponse resp) throws Exception {
-
- Result<Void> r = context.getRolesByName(trans, resp, pathParam(req, "role"));
- switch(r.status) {
- case OK:
- resp.setStatus(HttpStatus.OK_200);
- break;
- default:
- context.error(trans,resp,r);
- }
- }
+ /**
+ * get Role by name
+ */
+ authzAPI.route(GET, "/authz/roles/:role", API.ROLES, new Code(facade,"GetRolesByFullName",true) {
+ public void handle(
+ AuthzTrans trans,
+ HttpServletRequest req,
+ HttpServletResponse resp) throws Exception {
+
+ Result<Void> r = context.getRolesByName(trans, resp, pathParam(req, "role"));
+ switch(r.status) {
+ case OK:
+ resp.setStatus(HttpStatus.OK_200);
+ break;
+ default:
+ context.error(trans,resp,r);
+ }
+ }
- });
+ });
- /**
- * gets all Roles by user name
- */
- authzAPI.route(GET, "/authz/roles/user/:name", API.ROLES, new Code(facade,"GetRolesByUser",true) {
- public void handle(
- AuthzTrans trans,
- HttpServletRequest req,
- HttpServletResponse resp) throws Exception {
-
- Result<Void> r = context.getRolesByUser(trans, resp, pathParam(req, "name"));
- switch(r.status) {
- case OK:
- resp.setStatus(HttpStatus.OK_200);
- break;
- default:
- context.error(trans,resp,r);
- }
- }
+ /**
+ * gets all Roles by user name
+ */
+ authzAPI.route(GET, "/authz/roles/user/:name", API.ROLES, new Code(facade,"GetRolesByUser",true) {
+ public void handle(
+ AuthzTrans trans,
+ HttpServletRequest req,
+ HttpServletResponse resp) throws Exception {
+
+ Result<Void> r = context.getRolesByUser(trans, resp, pathParam(req, "name"));
+ switch(r.status) {
+ case OK:
+ resp.setStatus(HttpStatus.OK_200);
+ break;
+ default:
+ context.error(trans,resp,r);
+ }
+ }
- });
+ });
- /**
- * gets all Roles by Namespace
- */
- authzAPI.route(GET, "/authz/roles/ns/:ns", API.ROLES, new Code(facade,"GetRolesByNS",true) {
- public void handle(
- AuthzTrans trans,
- HttpServletRequest req,
- HttpServletResponse resp) throws Exception {
-
- Result<Void> r = context.getRolesByNS(trans, resp, pathParam(req, "ns"));
- switch(r.status) {
- case OK:
- resp.setStatus(HttpStatus.OK_200);
- break;
- default:
- context.error(trans,resp,r);
- }
- }
- });
+ /**
+ * gets all Roles by Namespace
+ */
+ authzAPI.route(GET, "/authz/roles/ns/:ns", API.ROLES, new Code(facade,"GetRolesByNS",true) {
+ public void handle(
+ AuthzTrans trans,
+ HttpServletRequest req,
+ HttpServletResponse resp) throws Exception {
+
+ Result<Void> r = context.getRolesByNS(trans, resp, pathParam(req, "ns"));
+ switch(r.status) {
+ case OK:
+ resp.setStatus(HttpStatus.OK_200);
+ break;
+ default:
+ context.error(trans,resp,r);
+ }
+ }
+ });
- /**
- * gets all Roles by Name without the Namespace
- */
- authzAPI.route(GET, "/authz/roles/name/:name", API.ROLES, new Code(facade,"GetRolesByNameOnly",true) {
- public void handle(
- AuthzTrans trans,
- HttpServletRequest req,
- HttpServletResponse resp) throws Exception {
- Result<Void> r = context.getRolesByNameOnly(trans, resp, pathParam(req, ":name"));
- switch(r.status) {
- case OK:
- resp.setStatus(HttpStatus.OK_200);
- break;
- default:
- context.error(trans,resp,r);
- }
- }
- });
-
- /**
- * Deletes a Role from Authz DB by Object
- */
- authzAPI.route(DELETE,"/authz/role",API.ROLE_REQ, new Code(facade,"Delete Role",true) {
- @Override
- public void handle(
- AuthzTrans trans,
- HttpServletRequest req,
- HttpServletResponse resp) throws Exception {
- Result<Void> r = context.deleteRole(trans, req, resp);
-
- switch(r.status) {
- case OK:
- resp.setStatus(HttpStatus.OK_200);
- break;
- default:
- context.error(trans,resp,r);
- }
- }
-
- }
- );
-
+ /**
+ * gets all Roles by Name without the Namespace
+ */
+ authzAPI.route(GET, "/authz/roles/name/:name", API.ROLES, new Code(facade,"GetRolesByNameOnly",true) {
+ public void handle(
+ AuthzTrans trans,
+ HttpServletRequest req,
+ HttpServletResponse resp) throws Exception {
+ Result<Void> r = context.getRolesByNameOnly(trans, resp, pathParam(req, ":name"));
+ switch(r.status) {
+ case OK:
+ resp.setStatus(HttpStatus.OK_200);
+ break;
+ default:
+ context.error(trans,resp,r);
+ }
+ }
+ });
+
+ /**
+ * Deletes a Role from Authz DB by Object
+ */
+ authzAPI.route(DELETE,"/authz/role",API.ROLE_REQ, new Code(facade,"Delete Role",true) {
+ @Override
+ public void handle(
+ AuthzTrans trans,
+ HttpServletRequest req,
+ HttpServletResponse resp) throws Exception {
+ Result<Void> r = context.deleteRole(trans, req, resp);
+
+ switch(r.status) {
+ case OK:
+ resp.setStatus(HttpStatus.OK_200);
+ break;
+ default:
+ context.error(trans,resp,r);
+ }
+ }
+
+ }
+ );
+
-
- /**
- * Deletes a Role from Authz DB by Key
- */
- authzAPI.route(DELETE,"/authz/role/:role",API.ROLE, new Code(facade,"Delete Role",true) {
- @Override
- public void handle(
- AuthzTrans trans,
- HttpServletRequest req,
- HttpServletResponse resp) throws Exception {
- Result<Void> r = context.deleteRole(trans, resp, pathParam(req,":role"));
-
- switch(r.status) {
- case OK:
- resp.setStatus(HttpStatus.OK_200);
- break;
- default:
- context.error(trans,resp,r);
- }
- }
-
- }
- );
-
+
+ /**
+ * Deletes a Role from Authz DB by Key
+ */
+ authzAPI.route(DELETE,"/authz/role/:role",API.ROLE, new Code(facade,"Delete Role",true) {
+ @Override
+ public void handle(
+ AuthzTrans trans,
+ HttpServletRequest req,
+ HttpServletResponse resp) throws Exception {
+ Result<Void> r = context.deleteRole(trans, resp, pathParam(req,":role"));
+
+ switch(r.status) {
+ case OK:
+ resp.setStatus(HttpStatus.OK_200);
+ break;
+ default:
+ context.error(trans,resp,r);
+ }
+ }
+
+ }
+ );
+
- /**
- * Add a Permission to a Role (Grant)
- */
- authzAPI.route(POST,"/authz/role/perm",API.ROLE_PERM_REQ, new Code(facade,"Add Permission to Role",true) {
- @Override
- public void handle(
- AuthzTrans trans,
- HttpServletRequest req,
- HttpServletResponse resp) throws Exception {
-
- Result<Void> r = context.addPermToRole(trans, req, resp);
-
- switch(r.status) {
- case OK:
- resp.setStatus(HttpStatus.CREATED_201);
- break;
- default:
- context.error(trans,resp,r);
- }
- }
- }
- );
-
- /**
- * Get all Roles by Permission
- */
- authzAPI.route(GET,"/authz/roles/perm/:type/:instance/:action",API.ROLES,new Code(facade,"GetRolesByPerm",true) {
- public void handle(
- AuthzTrans trans,
- HttpServletRequest req,
- HttpServletResponse resp) throws Exception {
-
- Result<Void> r = context.getRolesByPerm(trans, resp,
- pathParam(req, "type"),
- pathParam(req, "instance"),
- pathParam(req, "action"));
- switch(r.status) {
- case OK:
- resp.setStatus(HttpStatus.OK_200);
- break;
- default:
- context.error(trans,resp,r);
- }
- }
- });
-
- /**
- * Set a role's description
- */
- authzAPI.route(PUT,"/authz/role",API.ROLE_REQ,new Code(facade,"Set Description for role",true) {
- @Override
- public void handle(
- AuthzTrans trans,
- HttpServletRequest req,
- HttpServletResponse resp) throws Exception {
-
- Result<Void> r = context.updateRoleDescription(trans, req, resp);
- switch(r.status) {
- case OK:
- resp.setStatus(HttpStatus.OK_200);
- break;
- default:
- context.error(trans,resp,r);
- }
- }
- });
-
- /**
- * Set a permission's roles to roles given
- */
- authzAPI.route(PUT,"/authz/role/perm",API.ROLE_PERM_REQ,new Code(facade,"Set a Permission's Roles",true) {
- @Override
- public void handle(
- AuthzTrans trans,
- HttpServletRequest req,
- HttpServletResponse resp) throws Exception {
-
- Result<Void> r = context.resetPermRoles(trans, req, resp);
- switch(r.status) {
- case OK:
- resp.setStatus(HttpStatus.OK_200);
- break;
- default:
- context.error(trans,resp,r);
- }
- }
- });
-
- /**
- * Delete a Permission from a Role
- * With multiple perms
- */
- authzAPI.route(DELETE,"/authz/role/:role/perm",API.ROLE_PERM_REQ, new Code(facade,"Delete Permission from Role",true) {
- @Override
- public void handle(
- AuthzTrans trans,
- HttpServletRequest req,
- HttpServletResponse resp) throws Exception {
- Result<Void> r = context.delPermFromRole(trans, req, resp);
-
- switch(r.status) {
- case OK:
- resp.setStatus(HttpStatus.OK_200);
- break;
- default:
- context.error(trans,resp,r);
- }
- }
- });
+ /**
+ * Add a Permission to a Role (Grant)
+ */
+ authzAPI.route(POST,"/authz/role/perm",API.ROLE_PERM_REQ, new Code(facade,"Add Permission to Role",true) {
+ @Override
+ public void handle(
+ AuthzTrans trans,
+ HttpServletRequest req,
+ HttpServletResponse resp) throws Exception {
+
+ Result<Void> r = context.addPermToRole(trans, req, resp);
+
+ switch(r.status) {
+ case OK:
+ resp.setStatus(HttpStatus.CREATED_201);
+ break;
+ default:
+ context.error(trans,resp,r);
+ }
+ }
+ }
+ );
+
+ /**
+ * Get all Roles by Permission
+ */
+ authzAPI.route(GET,"/authz/roles/perm/:type/:instance/:action",API.ROLES,new Code(facade,"GetRolesByPerm",true) {
+ public void handle(
+ AuthzTrans trans,
+ HttpServletRequest req,
+ HttpServletResponse resp) throws Exception {
+
+ Result<Void> r = context.getRolesByPerm(trans, resp,
+ pathParam(req, "type"),
+ pathParam(req, "instance"),
+ pathParam(req, "action"));
+ switch(r.status) {
+ case OK:
+ resp.setStatus(HttpStatus.OK_200);
+ break;
+ default:
+ context.error(trans,resp,r);
+ }
+ }
+ });
+
+ /**
+ * Set a role's description
+ */
+ authzAPI.route(PUT,"/authz/role",API.ROLE_REQ,new Code(facade,"Set Description for role",true) {
+ @Override
+ public void handle(
+ AuthzTrans trans,
+ HttpServletRequest req,
+ HttpServletResponse resp) throws Exception {
+
+ Result<Void> r = context.updateRoleDescription(trans, req, resp);
+ switch(r.status) {
+ case OK:
+ resp.setStatus(HttpStatus.OK_200);
+ break;
+ default:
+ context.error(trans,resp,r);
+ }
+ }
+ });
+
+ /**
+ * Set a permission's roles to roles given
+ */
+ authzAPI.route(PUT,"/authz/role/perm",API.ROLE_PERM_REQ,new Code(facade,"Set a Permission's Roles",true) {
+ @Override
+ public void handle(
+ AuthzTrans trans,
+ HttpServletRequest req,
+ HttpServletResponse resp) throws Exception {
+
+ Result<Void> r = context.resetPermRoles(trans, req, resp);
+ switch(r.status) {
+ case OK:
+ resp.setStatus(HttpStatus.OK_200);
+ break;
+ default:
+ context.error(trans,resp,r);
+ }
+ }
+ });
+
+ /**
+ * Delete a Permission from a Role
+ * With multiple perms
+ */
+ authzAPI.route(DELETE,"/authz/role/:role/perm",API.ROLE_PERM_REQ, new Code(facade,"Delete Permission from Role",true) {
+ @Override
+ public void handle(
+ AuthzTrans trans,
+ HttpServletRequest req,
+ HttpServletResponse resp) throws Exception {
+ Result<Void> r = context.delPermFromRole(trans, req, resp);
+
+ switch(r.status) {
+ case OK:
+ resp.setStatus(HttpStatus.OK_200);
+ break;
+ default:
+ context.error(trans,resp,r);
+ }
+ }
+ });
- /*
- * Delete a Permission from a Role by key only
- * /
- authzAPI.route(DELETE,"/authz/role/:role/perm/:type/:instance/:action",API.ROLE_PERM_REQ, new Code(facade,"Delete Permission from Role",true) {
- @Override
- public void handle(
- AuthzTrans trans,
- HttpServletRequest req,
- HttpServletResponse resp) throws Exception {
- Result<Void> r = context.delPermFromRole(trans, resp,
- pathParam(req,":role"),
- pathParam(req,":type"),
- pathParam(req,":instance"),
- pathParam(req,":action"));
-
- switch(r.status) {
- case OK:
- resp.setStatus(HttpStatus.OK_200);
- break;
- default:
- context.error(trans,resp,r);
- }
- }
- });
- */
- }
+ /*
+ * Delete a Permission from a Role by key only
+ * /
+ authzAPI.route(DELETE,"/authz/role/:role/perm/:type/:instance/:action",API.ROLE_PERM_REQ, new Code(facade,"Delete Permission from Role",true) {
+ @Override
+ public void handle(
+ AuthzTrans trans,
+ HttpServletRequest req,
+ HttpServletResponse resp) throws Exception {
+ Result<Void> r = context.delPermFromRole(trans, resp,
+ pathParam(req,":role"),
+ pathParam(req,":type"),
+ pathParam(req,":instance"),
+ pathParam(req,":action"));
+
+ switch(r.status) {
+ case OK:
+ resp.setStatus(HttpStatus.OK_200);
+ break;
+ default:
+ context.error(trans,resp,r);
+ }
+ }
+ });
+ */
+ }
}
diff --git a/auth/auth-service/src/main/java/org/onap/aaf/auth/service/api/API_User.java b/auth/auth-service/src/main/java/org/onap/aaf/auth/service/api/API_User.java
index 26be2a07..0ce1dfe2 100644
--- a/auth/auth-service/src/main/java/org/onap/aaf/auth/service/api/API_User.java
+++ b/auth/auth-service/src/main/java/org/onap/aaf/auth/service/api/API_User.java
@@ -41,93 +41,93 @@ import org.onap.aaf.auth.service.mapper.Mapper.API;
*
*/
public class API_User {
- /**
- * Normal Init level APIs
- *
- * @param authzAPI
- * @param facade
- * @throws Exception
- */
- public static void init(final AAF_Service authzAPI, AuthzFacade facade) throws Exception {
- /**
- * get all Users who have Permission X
- */
- authzAPI.route(GET,"/authz/users/perm/:type/:instance/:action",API.USERS,new Code(facade,"Get Users By Permission", true) {
- @Override
- public void handle(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp) throws Exception {
-// trans.checkpoint(pathParam(req,"type") + " "
-// + pathParam(req,"instance") + " "
-// + pathParam(req,"action"));
+ /**
+ * Normal Init level APIs
+ *
+ * @param authzAPI
+ * @param facade
+ * @throws Exception
+ */
+ public static void init(final AAF_Service authzAPI, AuthzFacade facade) throws Exception {
+ /**
+ * get all Users who have Permission X
+ */
+ authzAPI.route(GET,"/authz/users/perm/:type/:instance/:action",API.USERS,new Code(facade,"Get Users By Permission", true) {
+ @Override
+ public void handle(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp) throws Exception {
+// trans.checkpoint(pathParam(req,"type") + " "
+// + pathParam(req,"instance") + " "
+// + pathParam(req,"action"));
//
- Result<Void> r = context.getUsersByPermission(trans, resp,
- pathParam(req, ":type"),
- pathParam(req, ":instance"),
- pathParam(req, ":action"));
- switch(r.status) {
- case OK:
- resp.setStatus(HttpStatus.OK_200);
- break;
- default:
- context.error(trans,resp,r);
- }
- }
- });
+ Result<Void> r = context.getUsersByPermission(trans, resp,
+ pathParam(req, ":type"),
+ pathParam(req, ":instance"),
+ pathParam(req, ":action"));
+ switch(r.status) {
+ case OK:
+ resp.setStatus(HttpStatus.OK_200);
+ break;
+ default:
+ context.error(trans,resp,r);
+ }
+ }
+ });
- /**
- * get all Users who have Role X
- */
- authzAPI.route(GET,"/authz/users/role/:role",API.USERS,new Code(facade,"Get Users By Role", true) {
- @Override
- public void handle(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp) throws Exception {
- Result<Void> r = context.getUsersByRole(trans, resp, pathParam(req, ":role"));
- switch(r.status) {
- case OK:
- resp.setStatus(HttpStatus.OK_200);
- break;
- default:
- context.error(trans,resp,r);
- }
- }
- });
-
- /**
- * Get User Role if exists
- * @deprecated
- */
- authzAPI.route(GET,"/authz/userRole/:user/:role",API.USERS,new Code(facade,"Get if User is In Role", true) {
- @Override
- public void handle(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp) throws Exception {
- Result<Void> r = context.getUserInRole(trans, resp, pathParam(req,":user"),pathParam(req,":role"));
- switch(r.status) {
- case OK:
- resp.setStatus(HttpStatus.OK_200);
- break;
- default:
- context.error(trans,resp,r);
- }
- }
- });
+ /**
+ * get all Users who have Role X
+ */
+ authzAPI.route(GET,"/authz/users/role/:role",API.USERS,new Code(facade,"Get Users By Role", true) {
+ @Override
+ public void handle(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp) throws Exception {
+ Result<Void> r = context.getUsersByRole(trans, resp, pathParam(req, ":role"));
+ switch(r.status) {
+ case OK:
+ resp.setStatus(HttpStatus.OK_200);
+ break;
+ default:
+ context.error(trans,resp,r);
+ }
+ }
+ });
+
+ /**
+ * Get User Role if exists
+ * @deprecated
+ */
+ authzAPI.route(GET,"/authz/userRole/:user/:role",API.USERS,new Code(facade,"Get if User is In Role", true) {
+ @Override
+ public void handle(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp) throws Exception {
+ Result<Void> r = context.getUserInRole(trans, resp, pathParam(req,":user"),pathParam(req,":role"));
+ switch(r.status) {
+ case OK:
+ resp.setStatus(HttpStatus.OK_200);
+ break;
+ default:
+ context.error(trans,resp,r);
+ }
+ }
+ });
- /**
- * Get User Role if exists
- */
- authzAPI.route(GET,"/authz/users/:user/:role",API.USERS,new Code(facade,"Get if User is In Role", true) {
- @Override
- public void handle(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp) throws Exception {
- Result<Void> r = context.getUserInRole(trans, resp, pathParam(req,":user"),pathParam(req,":role"));
- switch(r.status) {
- case OK:
- resp.setStatus(HttpStatus.OK_200);
- break;
- default:
- context.error(trans,resp,r);
- }
- }
- });
-
+ /**
+ * Get User Role if exists
+ */
+ authzAPI.route(GET,"/authz/users/:user/:role",API.USERS,new Code(facade,"Get if User is In Role", true) {
+ @Override
+ public void handle(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp) throws Exception {
+ Result<Void> r = context.getUserInRole(trans, resp, pathParam(req,":user"),pathParam(req,":role"));
+ switch(r.status) {
+ case OK:
+ resp.setStatus(HttpStatus.OK_200);
+ break;
+ default:
+ context.error(trans,resp,r);
+ }
+ }
+ });
+
- }
-
+ }
+
}
diff --git a/auth/auth-service/src/main/java/org/onap/aaf/auth/service/api/API_UserRole.java b/auth/auth-service/src/main/java/org/onap/aaf/auth/service/api/API_UserRole.java
index 89550a71..7937a184 100644
--- a/auth/auth-service/src/main/java/org/onap/aaf/auth/service/api/API_UserRole.java
+++ b/auth/auth-service/src/main/java/org/onap/aaf/auth/service/api/API_UserRole.java
@@ -44,138 +44,138 @@ import org.onap.aaf.auth.service.mapper.Mapper.API;
*
*/
public class API_UserRole {
- /**
- * Normal Init level APIs
- *
- * @param authzAPI
- * @param facade
- * @throws Exception
- */
- public static void init(final AAF_Service authzAPI, AuthzFacade facade) throws Exception {
- /**
- * Request User Role Access
- */
- authzAPI.route(POST,"/authz/userRole",API.USER_ROLE_REQ,new Code(facade,"Request User Role Access", true) {
- @Override
- public void handle(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp) throws Exception {
- Result<Void> r = context.requestUserRole(trans, req, resp);
- switch(r.status) {
- case OK:
- resp.setStatus(HttpStatus.CREATED_201);
- break;
- default:
- context.error(trans,resp,r);
- }
- }
- });
-
-
- /**
- * Get UserRoles by Role
- */
- authzAPI.route(GET,"/authz/userRoles/role/:role",API.USER_ROLES,new Code(facade,"Get UserRoles by Role", true) {
- @Override
- public void handle(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp) throws Exception {
- Result<Void> r = context.getUserRolesByRole(trans, resp, pathParam(req,":role"));
- switch(r.status) {
- case OK:
- resp.setStatus(HttpStatus.OK_200);
- break;
- default:
- context.error(trans,resp,r);
- }
- }
- });
-
- /**
- * Get UserRoles by User
- */
- authzAPI.route(GET,"/authz/userRoles/user/:user",API.USER_ROLES,new Code(facade,"Get UserRoles by User", true) {
- @Override
- public void handle(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp) throws Exception {
- Result<Void> r = context.getUserRolesByUser(trans, resp, pathParam(req,":user"));
- switch(r.status) {
- case OK:
- resp.setStatus(HttpStatus.OK_200);
- break;
- default:
- context.error(trans,resp,r);
- }
- }
- });
+ /**
+ * Normal Init level APIs
+ *
+ * @param authzAPI
+ * @param facade
+ * @throws Exception
+ */
+ public static void init(final AAF_Service authzAPI, AuthzFacade facade) throws Exception {
+ /**
+ * Request User Role Access
+ */
+ authzAPI.route(POST,"/authz/userRole",API.USER_ROLE_REQ,new Code(facade,"Request User Role Access", true) {
+ @Override
+ public void handle(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp) throws Exception {
+ Result<Void> r = context.requestUserRole(trans, req, resp);
+ switch(r.status) {
+ case OK:
+ resp.setStatus(HttpStatus.CREATED_201);
+ break;
+ default:
+ context.error(trans,resp,r);
+ }
+ }
+ });
+
+
+ /**
+ * Get UserRoles by Role
+ */
+ authzAPI.route(GET,"/authz/userRoles/role/:role",API.USER_ROLES,new Code(facade,"Get UserRoles by Role", true) {
+ @Override
+ public void handle(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp) throws Exception {
+ Result<Void> r = context.getUserRolesByRole(trans, resp, pathParam(req,":role"));
+ switch(r.status) {
+ case OK:
+ resp.setStatus(HttpStatus.OK_200);
+ break;
+ default:
+ context.error(trans,resp,r);
+ }
+ }
+ });
+
+ /**
+ * Get UserRoles by User
+ */
+ authzAPI.route(GET,"/authz/userRoles/user/:user",API.USER_ROLES,new Code(facade,"Get UserRoles by User", true) {
+ @Override
+ public void handle(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp) throws Exception {
+ Result<Void> r = context.getUserRolesByUser(trans, resp, pathParam(req,":user"));
+ switch(r.status) {
+ case OK:
+ resp.setStatus(HttpStatus.OK_200);
+ break;
+ default:
+ context.error(trans,resp,r);
+ }
+ }
+ });
-
- /**
- * Update roles attached to user in path
- */
- authzAPI.route(PUT,"/authz/userRole/user",API.USER_ROLE_REQ,new Code(facade,"Update Roles for a user", true) {
- @Override
- public void handle(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp) throws Exception {
- Result<Void> r = context.resetRolesForUser(trans, resp, req);
- switch(r.status) {
- case OK:
- resp.setStatus(HttpStatus.OK_200);
- break;
- default:
- context.error(trans,resp,r);
- }
- }
- });
-
-
- /**
- * Update users attached to role in path
- */
- authzAPI.route(PUT,"/authz/userRole/role",API.USER_ROLE_REQ,new Code(facade,"Update Users for a role", true) {
- @Override
- public void handle(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp) throws Exception {
- Result<Void> r = context.resetUsersForRole(trans, resp, req);
- switch(r.status) {
- case OK:
- resp.setStatus(HttpStatus.OK_200);
- break;
- default:
- context.error(trans,resp,r);
- }
- }
- });
-
- /**
- * Extend Expiration Date (according to Organizational rules)
- */
- authzAPI.route(PUT, "/authz/userRole/extend/:user/:role", API.VOID, new Code(facade,"Extend Expiration", true) {
- @Override
- public void handle(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp) throws Exception {
- Result<Void> r = context.extendUserRoleExpiration(trans,resp,pathParam(req,":user"),pathParam(req,":role"));
- switch(r.status) {
- case OK:
- resp.setStatus(HttpStatus.OK_200);
- break;
- default:
- context.error(trans,resp,r);
- }
-
- }
-
- });
-
-
- /**
- * Create a new ID/Credential
- */
- authzAPI.route(DELETE,"/authz/userRole/:user/:role",API.VOID,new Code(facade,"Delete User Role", true) {
- @Override
- public void handle(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp) throws Exception {
- Result<Void> r = context.deleteUserRole(trans, resp, pathParam(req,":user"),pathParam(req,":role"));
- switch(r.status) {
- case OK:
- resp.setStatus(HttpStatus.OK_200);
- break;
- default:
- context.error(trans,resp,r);
- }
- }
- });
+
+ /**
+ * Update roles attached to user in path
+ */
+ authzAPI.route(PUT,"/authz/userRole/user",API.USER_ROLE_REQ,new Code(facade,"Update Roles for a user", true) {
+ @Override
+ public void handle(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp) throws Exception {
+ Result<Void> r = context.resetRolesForUser(trans, resp, req);
+ switch(r.status) {
+ case OK:
+ resp.setStatus(HttpStatus.OK_200);
+ break;
+ default:
+ context.error(trans,resp,r);
+ }
+ }
+ });
+
+
+ /**
+ * Update users attached to role in path
+ */
+ authzAPI.route(PUT,"/authz/userRole/role",API.USER_ROLE_REQ,new Code(facade,"Update Users for a role", true) {
+ @Override
+ public void handle(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp) throws Exception {
+ Result<Void> r = context.resetUsersForRole(trans, resp, req);
+ switch(r.status) {
+ case OK:
+ resp.setStatus(HttpStatus.OK_200);
+ break;
+ default:
+ context.error(trans,resp,r);
+ }
+ }
+ });
+
+ /**
+ * Extend Expiration Date (according to Organizational rules)
+ */
+ authzAPI.route(PUT, "/authz/userRole/extend/:user/:role", API.VOID, new Code(facade,"Extend Expiration", true) {
+ @Override
+ public void handle(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp) throws Exception {
+ Result<Void> r = context.extendUserRoleExpiration(trans,resp,pathParam(req,":user"),pathParam(req,":role"));
+ switch(r.status) {
+ case OK:
+ resp.setStatus(HttpStatus.OK_200);
+ break;
+ default:
+ context.error(trans,resp,r);
+ }
+
+ }
+
+ });
+
+
+ /**
+ * Create a new ID/Credential
+ */
+ authzAPI.route(DELETE,"/authz/userRole/:user/:role",API.VOID,new Code(facade,"Delete User Role", true) {
+ @Override
+ public void handle(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp) throws Exception {
+ Result<Void> r = context.deleteUserRole(trans, resp, pathParam(req,":user"),pathParam(req,":role"));
+ switch(r.status) {
+ case OK:
+ resp.setStatus(HttpStatus.OK_200);
+ break;
+ default:
+ context.error(trans,resp,r);
+ }
+ }
+ });
- }
+ }
}
diff --git a/auth/auth-service/src/main/java/org/onap/aaf/auth/service/facade/AuthzFacade.java b/auth/auth-service/src/main/java/org/onap/aaf/auth/service/facade/AuthzFacade.java
index af375199..61a491f0 100644
--- a/auth/auth-service/src/main/java/org/onap/aaf/auth/service/facade/AuthzFacade.java
+++ b/auth/auth-service/src/main/java/org/onap/aaf/auth/service/facade/AuthzFacade.java
@@ -45,221 +45,221 @@ import org.onap.aaf.auth.rserv.RServlet;
*
*/
public interface AuthzFacade {
- public static final int PERM_DEPEND_424 = -1000;
- public static final int ROLE_DEPEND_424 = -1001;
+ public static final int PERM_DEPEND_424 = -1000;
+ public static final int ROLE_DEPEND_424 = -1001;
- /*
- * Namespaces
- */
- public abstract Result<Void> requestNS(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp, NsType type);
-
- public abstract Result<Void> getNSsByName(AuthzTrans trans, HttpServletResponse resp, String ns);
-
- public abstract Result<Void> getNSsByAdmin(AuthzTrans trans, HttpServletResponse resp, String user, boolean full);
-
- public abstract Result<Void> getNSsByResponsible(AuthzTrans trans, HttpServletResponse resp, String user, boolean full);
-
- public abstract Result<Void> getNSsByEither(AuthzTrans trans, HttpServletResponse resp, String user, boolean full);
+ /*
+ * Namespaces
+ */
+ public abstract Result<Void> requestNS(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp, NsType type);
+
+ public abstract Result<Void> getNSsByName(AuthzTrans trans, HttpServletResponse resp, String ns);
+
+ public abstract Result<Void> getNSsByAdmin(AuthzTrans trans, HttpServletResponse resp, String user, boolean full);
+
+ public abstract Result<Void> getNSsByResponsible(AuthzTrans trans, HttpServletResponse resp, String user, boolean full);
+
+ public abstract Result<Void> getNSsByEither(AuthzTrans trans, HttpServletResponse resp, String user, boolean full);
- public abstract Result<Void> getNSsChildren(AuthzTrans trans, HttpServletResponse resp, String pathParam);
+ public abstract Result<Void> getNSsChildren(AuthzTrans trans, HttpServletResponse resp, String pathParam);
- public abstract Result<Void> addAdminToNS(AuthzTrans trans, HttpServletResponse resp, String ns, String id);
+ public abstract Result<Void> addAdminToNS(AuthzTrans trans, HttpServletResponse resp, String ns, String id);
- public abstract Result<Void> delAdminFromNS(AuthzTrans trans, HttpServletResponse resp, String ns, String id);
+ public abstract Result<Void> delAdminFromNS(AuthzTrans trans, HttpServletResponse resp, String ns, String id);
- public abstract Result<Void> addResponsibilityForNS(AuthzTrans trans, HttpServletResponse resp, String ns, String id);
+ public abstract Result<Void> addResponsibilityForNS(AuthzTrans trans, HttpServletResponse resp, String ns, String id);
- public abstract Result<Void> delResponsibilityForNS(AuthzTrans trans, HttpServletResponse resp, String ns, String id);
-
- public abstract Result<Void> updateNsDescription(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp);
+ public abstract Result<Void> delResponsibilityForNS(AuthzTrans trans, HttpServletResponse resp, String ns, String id);
+
+ public abstract Result<Void> updateNsDescription(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp);
- public abstract Result<Void> deleteNS(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp, String ns);
+ public abstract Result<Void> deleteNS(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp, String ns);
- // NS Attribs
- public abstract Result<Void> createAttribForNS(AuthzTrans trans, HttpServletResponse resp, String ns, String key, String value);
+ // NS Attribs
+ public abstract Result<Void> createAttribForNS(AuthzTrans trans, HttpServletResponse resp, String ns, String key, String value);
- public abstract Result<Void> readNsByAttrib(AuthzTrans trans, HttpServletResponse resp, String key);
+ public abstract Result<Void> readNsByAttrib(AuthzTrans trans, HttpServletResponse resp, String key);
- public abstract Result<Void> updAttribForNS(AuthzTrans trans, HttpServletResponse resp, String ns, String key, String value);
+ public abstract Result<Void> updAttribForNS(AuthzTrans trans, HttpServletResponse resp, String ns, String key, String value);
- public abstract Result<Void> delAttribForNS(AuthzTrans trans, HttpServletResponse resp, String ns, String key);
+ public abstract Result<Void> delAttribForNS(AuthzTrans trans, HttpServletResponse resp, String ns, String key);
- /*
- * Permissions
- */
- public abstract Result<Void> createPerm(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp);
-
- public abstract Result<Void> getPermsByName(AuthzTrans trans, HttpServletResponse resp,
- String type, String instance, String action);
+ /*
+ * Permissions
+ */
+ public abstract Result<Void> createPerm(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp);
+
+ public abstract Result<Void> getPermsByName(AuthzTrans trans, HttpServletResponse resp,
+ String type, String instance, String action);
- public abstract Result<Void> getPermsByUser(AuthzTrans trans, HttpServletResponse response, String user);
+ public abstract Result<Void> getPermsByUser(AuthzTrans trans, HttpServletResponse response, String user);
- public abstract Result<Void> getPermsByUserScope(AuthzTrans trans, HttpServletResponse resp, String user, String[] scopes);
-
- public abstract Result<Void> getPermsByUserWithAAFQuery(AuthzTrans trans, HttpServletRequest request, HttpServletResponse response, String user);
-
- public abstract Result<Void> getPermsByType(AuthzTrans trans, HttpServletResponse resp, String type);
+ public abstract Result<Void> getPermsByUserScope(AuthzTrans trans, HttpServletResponse resp, String user, String[] scopes);
+
+ public abstract Result<Void> getPermsByUserWithAAFQuery(AuthzTrans trans, HttpServletRequest request, HttpServletResponse response, String user);
+
+ public abstract Result<Void> getPermsByType(AuthzTrans trans, HttpServletResponse resp, String type);
- public abstract Result<Void> getPermsForRole(AuthzTrans trans, HttpServletResponse response, String roleName);
+ public abstract Result<Void> getPermsForRole(AuthzTrans trans, HttpServletResponse response, String roleName);
- public abstract Result<Void> getPermsByNS(AuthzTrans trans, HttpServletResponse response, String ns);
-
- public abstract Result<Void> renamePerm(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp,
- String type, String instance, String action);
-
- public abstract Result<Void> updatePermDescription(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp);
-
- public abstract Result<Void> resetPermRoles(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp);
+ public abstract Result<Void> getPermsByNS(AuthzTrans trans, HttpServletResponse response, String ns);
+
+ public abstract Result<Void> renamePerm(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp,
+ String type, String instance, String action);
+
+ public abstract Result<Void> updatePermDescription(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp);
+
+ public abstract Result<Void> resetPermRoles(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp);
- public abstract Result<Void> deletePerm(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp);
+ public abstract Result<Void> deletePerm(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp);
- public abstract Result<Void> deletePerm(AuthzTrans trans, HttpServletResponse resp,
- String perm, String type, String action);
+ public abstract Result<Void> deletePerm(AuthzTrans trans, HttpServletResponse resp,
+ String perm, String type, String action);
- /*
- * Roles
- */
- public abstract Result<Void> createRole(AuthzTrans trans, HttpServletRequest req, HttpServletResponse response);
-
- public abstract Result<Void> getRolesByName(AuthzTrans trans,HttpServletResponse resp, String name);
+ /*
+ * Roles
+ */
+ public abstract Result<Void> createRole(AuthzTrans trans, HttpServletRequest req, HttpServletResponse response);
+
+ public abstract Result<Void> getRolesByName(AuthzTrans trans,HttpServletResponse resp, String name);
- public abstract Result<Void> getRolesByNS(AuthzTrans trans, HttpServletResponse resp, String ns);
+ public abstract Result<Void> getRolesByNS(AuthzTrans trans, HttpServletResponse resp, String ns);
- public abstract Result<Void> getRolesByNameOnly(AuthzTrans trans, HttpServletResponse resp, String nameOnly);
+ public abstract Result<Void> getRolesByNameOnly(AuthzTrans trans, HttpServletResponse resp, String nameOnly);
- public abstract Result<Void> getRolesByUser(AuthzTrans trans, HttpServletResponse resp, String user);
+ public abstract Result<Void> getRolesByUser(AuthzTrans trans, HttpServletResponse resp, String user);
- public abstract Result<Void> getRolesByPerm(AuthzTrans trans, HttpServletResponse resp, String type, String instance, String action);
+ public abstract Result<Void> getRolesByPerm(AuthzTrans trans, HttpServletResponse resp, String type, String instance, String action);
- public abstract Result<Void> updateRoleDescription(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp);
-
- public abstract Result<Void> addPermToRole(AuthzTrans trans,HttpServletRequest req, HttpServletResponse resp);
-
- public abstract Result<Void> delPermFromRole(AuthzTrans trans,HttpServletRequest req, HttpServletResponse resp);
+ public abstract Result<Void> updateRoleDescription(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp);
+
+ public abstract Result<Void> addPermToRole(AuthzTrans trans,HttpServletRequest req, HttpServletResponse resp);
+
+ public abstract Result<Void> delPermFromRole(AuthzTrans trans,HttpServletRequest req, HttpServletResponse resp);
- public abstract Result<Void> delPermFromRole(AuthzTrans trans, HttpServletResponse resp,
- String role, String type, String instance, String action);
+ public abstract Result<Void> delPermFromRole(AuthzTrans trans, HttpServletResponse resp,
+ String role, String type, String instance, String action);
- public abstract Result<Void> deleteRole(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp);
+ public abstract Result<Void> deleteRole(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp);
- public abstract Result<Void> deleteRole(AuthzTrans trans, HttpServletResponse resp, String role);
+ public abstract Result<Void> deleteRole(AuthzTrans trans, HttpServletResponse resp, String role);
- /*
- * Users
- */
-
- public abstract Result<Void> getUsersByRole(AuthzTrans trans, HttpServletResponse resp, String role);
-
- public abstract Result<Void> getUsersByPermission(AuthzTrans trans, HttpServletResponse resp,
- String type, String instance, String action);
+ /*
+ * Users
+ */
+
+ public abstract Result<Void> getUsersByRole(AuthzTrans trans, HttpServletResponse resp, String role);
+
+ public abstract Result<Void> getUsersByPermission(AuthzTrans trans, HttpServletResponse resp,
+ String type, String instance, String action);
- /*
- * Delegates
- */
- public abstract Result<Void> createDelegate(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp);
-
- public abstract Result<Void> updateDelegate(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp);
-
- public abstract Result<Void> deleteDelegate(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp);
-
- public abstract Result<Void> deleteDelegate(AuthzTrans trans, String user);
-
- public abstract Result<Void> getDelegatesByUser(AuthzTrans trans, String userName, HttpServletResponse resp);
+ /*
+ * Delegates
+ */
+ public abstract Result<Void> createDelegate(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp);
+
+ public abstract Result<Void> updateDelegate(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp);
+
+ public abstract Result<Void> deleteDelegate(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp);
+
+ public abstract Result<Void> deleteDelegate(AuthzTrans trans, String user);
+
+ public abstract Result<Void> getDelegatesByUser(AuthzTrans trans, String userName, HttpServletResponse resp);
- public abstract Result<Void> getDelegatesByDelegate(AuthzTrans trans, String userName, HttpServletResponse resp);
+ public abstract Result<Void> getDelegatesByDelegate(AuthzTrans trans, String userName, HttpServletResponse resp);
- /*
- * Credentials
- */
- public abstract Result<Void> createUserCred(AuthzTrans trans, HttpServletRequest req);
+ /*
+ * Credentials
+ */
+ public abstract Result<Void> createUserCred(AuthzTrans trans, HttpServletRequest req);
- public abstract Result<Void> changeUserCred(AuthzTrans trans, HttpServletRequest req);
+ public abstract Result<Void> changeUserCred(AuthzTrans trans, HttpServletRequest req);
- public abstract Result<Void> extendUserCred(AuthzTrans trans, HttpServletRequest req, String days);
+ public abstract Result<Void> extendUserCred(AuthzTrans trans, HttpServletRequest req, String days);
- public abstract Result<Void> getCredsByNS(AuthzTrans trans, HttpServletResponse resp, String ns);
+ public abstract Result<Void> getCredsByNS(AuthzTrans trans, HttpServletResponse resp, String ns);
- public abstract Result<Void> getCredsByID(AuthzTrans trans, HttpServletResponse resp, String id);
+ public abstract Result<Void> getCredsByID(AuthzTrans trans, HttpServletResponse resp, String id);
- public abstract Result<Void> deleteUserCred(AuthzTrans trans, HttpServletRequest req);
+ public abstract Result<Void> deleteUserCred(AuthzTrans trans, HttpServletRequest req);
- public abstract Result<Void> validBasicAuth(AuthzTrans trans, HttpServletResponse resp, String basicAuth);
+ public abstract Result<Void> validBasicAuth(AuthzTrans trans, HttpServletResponse resp, String basicAuth);
- public abstract Result<Date> doesCredentialMatch(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp);
+ public abstract Result<Date> doesCredentialMatch(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp);
- /*
- * Miscellaneous
- */
- /**
- * Place Standard Messages based on HTTP Code onto Error Data Structure, and write to OutputStream
- * Log message
- */
- public abstract void error(AuthzTrans trans, HttpServletResponse response, Result<?> result);
+ /*
+ * Miscellaneous
+ */
+ /**
+ * Place Standard Messages based on HTTP Code onto Error Data Structure, and write to OutputStream
+ * Log message
+ */
+ public abstract void error(AuthzTrans trans, HttpServletResponse response, Result<?> result);
- /*
- * UserRole
- */
- public abstract Result<Void> requestUserRole(AuthzTrans trans,HttpServletRequest req, HttpServletResponse resp);
-
- public abstract Result<Void> getUserInRole(AuthzTrans trans, HttpServletResponse resp, String user, String role);
-
- public abstract Result<Void> getUserRolesByRole(AuthzTrans trans, HttpServletResponse resp, String role);
-
- public abstract Result<Void> getUserRolesByUser(AuthzTrans trans, HttpServletResponse resp, String user);
+ /*
+ * UserRole
+ */
+ public abstract Result<Void> requestUserRole(AuthzTrans trans,HttpServletRequest req, HttpServletResponse resp);
+
+ public abstract Result<Void> getUserInRole(AuthzTrans trans, HttpServletResponse resp, String user, String role);
+
+ public abstract Result<Void> getUserRolesByRole(AuthzTrans trans, HttpServletResponse resp, String role);
+
+ public abstract Result<Void> getUserRolesByUser(AuthzTrans trans, HttpServletResponse resp, String user);
- public abstract Result<Void> deleteUserRole(AuthzTrans trans, HttpServletResponse resp, String user, String role);
-
- public abstract Result<Void> resetUsersForRole(AuthzTrans trans, HttpServletResponse resp, HttpServletRequest req);
+ public abstract Result<Void> deleteUserRole(AuthzTrans trans, HttpServletResponse resp, String user, String role);
+
+ public abstract Result<Void> resetUsersForRole(AuthzTrans trans, HttpServletResponse resp, HttpServletRequest req);
- public abstract Result<Void> resetRolesForUser(AuthzTrans trans, HttpServletResponse resp, HttpServletRequest req);
-
- public abstract Result<Void> extendUserRoleExpiration(AuthzTrans trans, HttpServletResponse resp, String user,
- String role);
+ public abstract Result<Void> resetRolesForUser(AuthzTrans trans, HttpServletResponse resp, HttpServletRequest req);
+
+ public abstract Result<Void> extendUserRoleExpiration(AuthzTrans trans, HttpServletResponse resp, String user,
+ String role);
- /*
- * Approval
- */
- public abstract Result<Void> updateApproval(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp);
-
- public abstract Result<Void> getApprovalsByUser(AuthzTrans trans, HttpServletResponse resp, String user);
-
- public abstract Result<Void> getApprovalsByTicket(AuthzTrans trans, HttpServletResponse resp, String ticket);
-
- public abstract Result<Void> getApprovalsByApprover(AuthzTrans trans, HttpServletResponse resp, String approver);
+ /*
+ * Approval
+ */
+ public abstract Result<Void> updateApproval(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp);
+
+ public abstract Result<Void> getApprovalsByUser(AuthzTrans trans, HttpServletResponse resp, String user);
+
+ public abstract Result<Void> getApprovalsByTicket(AuthzTrans trans, HttpServletResponse resp, String ticket);
+
+ public abstract Result<Void> getApprovalsByApprover(AuthzTrans trans, HttpServletResponse resp, String approver);
- /*
- * History
- */
- public abstract Result<Void> getHistoryByUser(AuthzTrans trans, HttpServletResponse resp, String user, int[] yyyymm, final int sort);
-
- public abstract Result<Void> getHistoryByRole(AuthzTrans trans, HttpServletResponse resp, String subject, int[] yyyymm, final int sort);
+ /*
+ * History
+ */
+ public abstract Result<Void> getHistoryByUser(AuthzTrans trans, HttpServletResponse resp, String user, int[] yyyymm, final int sort);
+
+ public abstract Result<Void> getHistoryByRole(AuthzTrans trans, HttpServletResponse resp, String subject, int[] yyyymm, final int sort);
- public abstract Result<Void> getHistoryByPerm(AuthzTrans trans, HttpServletResponse resp, String subject, int[] yyyymm, final int sort);
+ public abstract Result<Void> getHistoryByPerm(AuthzTrans trans, HttpServletResponse resp, String subject, int[] yyyymm, final int sort);
- public abstract Result<Void> getHistoryByNS(AuthzTrans trans, HttpServletResponse resp, String subject, int[] yyyymm, final int sort);
+ public abstract Result<Void> getHistoryByNS(AuthzTrans trans, HttpServletResponse resp, String subject, int[] yyyymm, final int sort);
- /*
- * Cache
- */
- public abstract Result<Void> cacheClear(AuthzTrans trans, String pathParam);
+ /*
+ * Cache
+ */
+ public abstract Result<Void> cacheClear(AuthzTrans trans, String pathParam);
- public abstract Result<Void> cacheClear(AuthzTrans trans, String string,String segments);
-
- public abstract void dbReset(AuthzTrans trans);
+ public abstract Result<Void> cacheClear(AuthzTrans trans, String string,String segments);
+
+ public abstract void dbReset(AuthzTrans trans);
- /*
- * API
- */
- public Result<Void> getAPI(AuthzTrans trans, HttpServletResponse resp, RServlet<AuthzTrans> rservlet);
-
- public abstract Result<Void> getAPIExample(AuthzTrans trans, HttpServletResponse resp, String typeCode, boolean optional);
+ /*
+ * API
+ */
+ public Result<Void> getAPI(AuthzTrans trans, HttpServletResponse resp, RServlet<AuthzTrans> rservlet);
+
+ public abstract Result<Void> getAPIExample(AuthzTrans trans, HttpServletResponse resp, String typeCode, boolean optional);
- public abstract Result<Void> getCertInfoByID(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp, String id);
+ public abstract Result<Void> getCertInfoByID(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp, String id);
diff --git a/auth/auth-service/src/main/java/org/onap/aaf/auth/service/facade/AuthzFacadeFactory.java b/auth/auth-service/src/main/java/org/onap/aaf/auth/service/facade/AuthzFacadeFactory.java
index de8260f1..1d7f31e5 100644
--- a/auth/auth-service/src/main/java/org/onap/aaf/auth/service/facade/AuthzFacadeFactory.java
+++ b/auth/auth-service/src/main/java/org/onap/aaf/auth/service/facade/AuthzFacadeFactory.java
@@ -31,25 +31,25 @@ import org.onap.aaf.misc.env.Data;
public class AuthzFacadeFactory {
- public static AuthzFacade_2_0 v2_0(AuthzEnv env, AuthzTrans trans, Data.TYPE type, Question question) throws APIException {
- return new AuthzFacade_2_0(env,
- new AuthzCassServiceImpl<
- aaf.v2_0.Nss,
- aaf.v2_0.Perms,
- aaf.v2_0.Pkey,
- aaf.v2_0.Roles,
- aaf.v2_0.Users,
- aaf.v2_0.UserRoles,
- aaf.v2_0.Delgs,
- aaf.v2_0.Certs,
- aaf.v2_0.Keys,
- aaf.v2_0.Request,
- aaf.v2_0.History,
- aaf.v2_0.Error,
- aaf.v2_0.Approvals>
- (trans,new Mapper_2_0(question),question),
- type);
- }
-
+ public static AuthzFacade_2_0 v2_0(AuthzEnv env, AuthzTrans trans, Data.TYPE type, Question question) throws APIException {
+ return new AuthzFacade_2_0(env,
+ new AuthzCassServiceImpl<
+ aaf.v2_0.Nss,
+ aaf.v2_0.Perms,
+ aaf.v2_0.Pkey,
+ aaf.v2_0.Roles,
+ aaf.v2_0.Users,
+ aaf.v2_0.UserRoles,
+ aaf.v2_0.Delgs,
+ aaf.v2_0.Certs,
+ aaf.v2_0.Keys,
+ aaf.v2_0.Request,
+ aaf.v2_0.History,
+ aaf.v2_0.Error,
+ aaf.v2_0.Approvals>
+ (trans,new Mapper_2_0(question),question),
+ type);
+ }
+
}
diff --git a/auth/auth-service/src/main/java/org/onap/aaf/auth/service/facade/AuthzFacadeImpl.java b/auth/auth-service/src/main/java/org/onap/aaf/auth/service/facade/AuthzFacadeImpl.java
index 4895e26f..0e1479c4 100644
--- a/auth/auth-service/src/main/java/org/onap/aaf/auth/service/facade/AuthzFacadeImpl.java
+++ b/auth/auth-service/src/main/java/org/onap/aaf/auth/service/facade/AuthzFacadeImpl.java
@@ -86,7 +86,7 @@ import aaf.v2_0.Api;
* 1) Interact with the Service Implementation (which might be supported by various kinds of Backend Storage)
* 2) Validate incoming data (if applicable)
* 3) Convert the Service response into the right Format, and mark the Content Type
- * a) In the future, we may support multiple Response Formats, aka JSON or XML, based on User Request.
+ * a) In the future, we may support multiple Response Formats, aka JSON or XML, based on User Request.
* 4) Log Service info, warnings and exceptions as necessary
* 5) When asked by the API layer, this will create and write Error content to the OutputStream
*
@@ -97,2546 +97,2546 @@ import aaf.v2_0.Api;
*
*/
public abstract class AuthzFacadeImpl<NSS,PERMS,PERMKEY,ROLES,USERS,USERROLES,DELGS,CERTS,KEYS,REQUEST,HISTORY,ERR,APPROVALS> extends FacadeImpl implements AuthzFacade
- {
- private static final String FORBIDDEN = "Forbidden";
- private static final String NOT_FOUND = "Not Found";
- private static final String NOT_ACCEPTABLE = "Not Acceptable";
- private static final String GENERAL_SERVICE_ERROR = "General Service Error";
- private static final String NO_DATA = "***No Data***";
- private AuthzService<NSS,PERMS,PERMKEY,ROLES,USERS,USERROLES,DELGS,CERTS,KEYS,REQUEST,HISTORY,ERR,APPROVALS> service = null;
- private final RosettaDF<NSS> nssDF;
- private final RosettaDF<PERMS> permsDF;
- private final RosettaDF<ROLES> roleDF;
- private final RosettaDF<USERS> usersDF;
- private final RosettaDF<USERROLES> userrolesDF;
- private final RosettaDF<CERTS> certsDF;
- private final RosettaDF<DELGS> delgDF;
- private final RosettaDF<REQUEST> permRequestDF;
- private final RosettaDF<REQUEST> roleRequestDF;
- private final RosettaDF<REQUEST> userRoleRequestDF;
- private final RosettaDF<REQUEST> rolePermRequestDF;
- private final RosettaDF<REQUEST> nsRequestDF;
- private final RosettaDF<REQUEST> credRequestDF;
- private final RosettaDF<REQUEST> delgRequestDF;
- private final RosettaDF<HISTORY> historyDF;
- private final RosettaDF<KEYS> keysDF;
-
- private final RosettaDF<ERR> errDF;
- private final RosettaDF<APPROVALS> approvalDF;
- // Note: Api is not different per Version
- private final RosettaDF<Api> apiDF;
-
-
- @SuppressWarnings("unchecked")
- public AuthzFacadeImpl(AuthzEnv env, AuthzService<NSS,PERMS,PERMKEY,ROLES,USERS,USERROLES,DELGS,CERTS,KEYS,REQUEST,HISTORY,ERR,APPROVALS> service, Data.TYPE dataType) throws APIException {
- this.service = service;
- (nssDF = env.newDataFactory(service.mapper().getClass(API.NSS))).in(dataType).out(dataType);
- (permRequestDF = env.newDataFactory(service.mapper().getClass(API.PERM_REQ))).in(dataType).out(dataType);
- (permsDF = env.newDataFactory(service.mapper().getClass(API.PERMS))).in(dataType).out(dataType);
-// (permKeyDF = env.newDataFactory(service.mapper().getClass(API.PERM_KEY))).in(dataType).out(dataType);
- (roleDF = env.newDataFactory(service.mapper().getClass(API.ROLES))).in(dataType).out(dataType);
- (roleRequestDF = env.newDataFactory(service.mapper().getClass(API.ROLE_REQ))).in(dataType).out(dataType);
- (usersDF = env.newDataFactory(service.mapper().getClass(API.USERS))).in(dataType).out(dataType);
- (userrolesDF = env.newDataFactory(service.mapper().getClass(API.USER_ROLES))).in(dataType).out(dataType);
- (certsDF = env.newDataFactory(service.mapper().getClass(API.CERTS))).in(dataType).out(dataType)
- .rootMarshal((Marshal<CERTS>) service.mapper().getMarshal(API.CERTS));
- ;
- (userRoleRequestDF = env.newDataFactory(service.mapper().getClass(API.USER_ROLE_REQ))).in(dataType).out(dataType);
- (rolePermRequestDF = env.newDataFactory(service.mapper().getClass(API.ROLE_PERM_REQ))).in(dataType).out(dataType);
- (nsRequestDF = env.newDataFactory(service.mapper().getClass(API.NS_REQ))).in(dataType).out(dataType);
- (credRequestDF = env.newDataFactory(service.mapper().getClass(API.CRED_REQ))).in(dataType).out(dataType);
- (delgRequestDF = env.newDataFactory(service.mapper().getClass(API.DELG_REQ))).in(dataType).out(dataType);
- (historyDF = env.newDataFactory(service.mapper().getClass(API.HISTORY))).in(dataType).out(dataType);
- ( keysDF = env.newDataFactory(service.mapper().getClass(API.KEYS))).in(dataType).out(dataType);
- (delgDF = env.newDataFactory(service.mapper().getClass(API.DELGS))).in(dataType).out(dataType);
- (approvalDF = env.newDataFactory(service.mapper().getClass(API.APPROVALS))).in(dataType).out(dataType);
- (errDF = env.newDataFactory(service.mapper().getClass(API.ERROR))).in(dataType).out(dataType);
- (apiDF = env.newDataFactory(Api.class)).in(dataType).out(dataType);
- }
-
- public Mapper<NSS,PERMS,PERMKEY,ROLES,USERS,USERROLES,DELGS,CERTS,KEYS,REQUEST,HISTORY,ERR,APPROVALS> mapper() {
- return service.mapper();
- }
-
- /* (non-Javadoc)
- * @see com.att.authz.facade.AuthzFacade#error(org.onap.aaf.auth.env.test.AuthzTrans, javax.servlet.http.HttpServletResponse, int)
- *
- * Note: Conforms to AT&T TSS RESTful Error Structure
- */
- @Override
- public void error(AuthzTrans trans, HttpServletResponse response, Result<?> result) {
- String msg = result.details==null?"%s":"%s - " + result.details.trim();
- String msgId;
- String[] detail;
- boolean hidemsg = false;
- if(result.variables==null) {
- detail = new String[1];
- } else {
- int l = result.variables.length;
- detail=new String[l+1];
- System.arraycopy(result.variables, 0, detail, 1, l);
- }
- //int httpstatus;
-
- switch(result.status) {
- case ERR_ActionNotCompleted:
- msgId = "SVC1202";
- detail[0] = "Accepted, Action not complete";
- response.setStatus(/*httpstatus=*/202);
- break;
-
- case ERR_Policy:
- msgId = "SVC3403";
- detail[0] = FORBIDDEN;
- response.setStatus(/*httpstatus=*/403);
- break;
- case ERR_Security:
- msgId = "SVC2403";
- detail[0] = FORBIDDEN;
- response.setStatus(/*httpstatus=*/403);
- break;
- case ERR_Denied:
- msgId = "SVC1403";
- detail[0] = FORBIDDEN;
- response.setStatus(/*httpstatus=*/403);
- break;
- // This is still forbidden to directly impact, but can be Requested when passed
- // with "request=true" query Param
- case ERR_FutureNotRequested:
- msgId = "SVC2403";
- detail[0] = msg;
- response.setStatus(/*httpstatus=*/403);
- break;
-
- case ERR_NsNotFound:
- msgId = "SVC2404";
- detail[0] = NOT_FOUND;
- response.setStatus(/*httpstatus=*/404);
- break;
- case ERR_RoleNotFound:
- msgId = "SVC3404";
- detail[0] = NOT_FOUND;
- response.setStatus(/*httpstatus=*/404);
- break;
- case ERR_PermissionNotFound:
- msgId = "SVC4404";
- detail[0] = NOT_FOUND;
- response.setStatus(/*httpstatus=*/404);
- break;
- case ERR_UserNotFound:
- msgId = "SVC5404";
- detail[0] = NOT_FOUND;
- response.setStatus(/*httpstatus=*/404);
- break;
- case ERR_UserRoleNotFound:
- msgId = "SVC6404";
- detail[0] = NOT_FOUND;
- response.setStatus(/*httpstatus=*/404);
- break;
- case ERR_DelegateNotFound:
- msgId = "SVC7404";
- detail[0] = NOT_FOUND;
- response.setStatus(/*httpstatus=*/404);
- break;
- case ERR_NotFound:
- msgId = "SVC1404";
- detail[0] = NOT_FOUND;
- response.setStatus(/*httpstatus=*/404);
- break;
-
- case ERR_InvalidDelegate:
- msgId="SVC2406";
- detail[0] = NOT_ACCEPTABLE;
- response.setStatus(/*httpstatus=*/406);
- break;
- case ERR_BadData:
- msgId="SVC1406";
- detail[0] = NOT_ACCEPTABLE;
- response.setStatus(/*httpstatus=*/406);
- break;
-
- case ERR_ConflictAlreadyExists:
- msgId = "SVC1409";
- detail[0] = "Conflict Already Exists";
- response.setStatus(/*httpstatus=*/409);
- break;
-
- case ERR_DependencyExists:
- msgId = "SVC1424";
- detail[0] = "Failed Dependency";
- response.setStatus(/*httpstatus=*/424);
- break;
-
- case ERR_NotImplemented:
- msgId = "SVC1501";
- detail[0] = "Not Implemented";
- response.setStatus(/*httpstatus=*/501);
- break;
-
- case Status.ACC_Future:
- msgId = "SVC1202";
- detail[0] = "Accepted for Future, pending Approvals";
- response.setStatus(/*httpstatus=*/202);
- break;
- case ERR_ChoiceNeeded:
- msgId = "SVC1300";
- detail = result.variables;
- response.setStatus(/*httpstatus=*/300);
- break;
- case ERR_Backend:
- msgId = "SVC2500";
- detail[0] = GENERAL_SERVICE_ERROR;
- response.setStatus(/*httpstatus=*/500);
- hidemsg = true;
- break;
-
- default:
- msgId = "SVC1500";
- detail[0] = GENERAL_SERVICE_ERROR;
- response.setStatus(/*httpstatus=*/500);
- hidemsg = true;
- break;
- }
-
- try {
- StringBuilder holder = new StringBuilder();
- ERR em = service.mapper().errorFromMessage(holder,msgId,msg,detail);
- trans.checkpoint(
- "ErrResp [" +
- msgId +
- "] " +
- holder.toString(),
- Env.ALWAYS);
- if(hidemsg) {
- holder.setLength(0);
- em = mapper().errorFromMessage(holder, msgId, "Server had an issue processing this request");
- }
- errDF.newData(trans).load(em).to(response.getOutputStream());
- } catch (Exception e) {
- trans.error().log(e,"unable to send response for",msg);
- }
- }
-
- ///////////////////////////
- // Namespace
- ///////////////////////////
- public static final String CREATE_NS = "createNamespace";
- public static final String ADD_NS_ADMIN = "addNamespaceAdmin";
- public static final String DELETE_NS_ADMIN = "delNamespaceAdmin";
- public static final String ADD_NS_RESPONSIBLE = "addNamespaceResponsible";
- public static final String DELETE_NS_RESPONSIBLE = "delNamespaceResponsible";
- public static final String GET_NS_BY_NAME = "getNamespaceByName";
- public static final String GET_NS_BY_ADMIN = "getNamespaceByAdmin";
- public static final String GET_NS_BY_RESPONSIBLE = "getNamespaceByResponsible";
- public static final String GET_NS_BY_EITHER = "getNamespaceByEither";
- public static final String GET_NS_CHILDREN = "getNamespaceChildren";
- public static final String UPDATE_NS_DESC = "updateNamespaceDescription";
- public static final String DELETE_NS = "deleteNamespace";
-
-
- /* (non-Javadoc)
- * @see com.att.authz.facade.AuthzFacade#createNS(org.onap.aaf.auth.env.test.AuthzTrans, javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse)
- */
- @Override
- public Result<Void> requestNS(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp, NsType type) {
- TimeTaken tt = trans.start(CREATE_NS, Env.SUB|Env.ALWAYS);
- try {
- REQUEST request;
- try {
- Data<REQUEST> rd = nsRequestDF.newData().load(req.getInputStream());
- if(Question.willSpecialLog(trans, trans.user())) {
- Question.logEncryptTrace(trans,rd.asString());
- }
- request = rd.asObject();
- } catch(APIException e) {
- trans.error().log("Invalid Input",IN,CREATE_NS);
- return Result.err(Status.ERR_BadData,"Invalid Input");
- }
-
- Result<Void> rp = service.createNS(trans,request,type);
- switch(rp.status) {
- case OK:
- setContentType(resp,nsRequestDF.getOutType());
- return Result.ok();
- default:
- return Result.err(rp);
- }
- } catch (Exception e) {
- trans.error().log(e,IN,CREATE_NS);
- return Result.err(e);
- } finally {
- tt.done();
- }
- }
-
- /* (non-Javadoc)
- * @see com.att.authz.facade.AuthzFacade#addAdminToNS(org.onap.aaf.auth.env.test.AuthzTrans, java.lang.String, java.lang.String)
- */
- @Override
- public Result<Void> addAdminToNS(AuthzTrans trans, HttpServletResponse resp, String ns, String id) {
- TimeTaken tt = trans.start(ADD_NS_ADMIN + ' ' + ns + ' ' + id, Env.SUB|Env.ALWAYS);
- try {
- Result<Void> rp = service.addAdminNS(trans,ns,id);
- switch(rp.status) {
- case OK:
- //TODO Perms??
- setContentType(resp,nsRequestDF.getOutType());
- resp.getOutputStream().println();
- return Result.ok();
- default:
- return Result.err(rp);
- }
- } catch (Exception e) {
- trans.error().log(e,IN,ADD_NS_ADMIN);
- return Result.err(e);
- } finally {
- tt.done();
- }
- }
-
- /* (non-Javadoc)
- * @see com.att.authz.facade.AuthzFacade#delAdminFromNS(org.onap.aaf.auth.env.test.AuthzTrans, java.lang.String, java.lang.String)
- */
- @Override
- public Result<Void> delAdminFromNS(AuthzTrans trans, HttpServletResponse resp, String ns, String id) {
- TimeTaken tt = trans.start(DELETE_NS_ADMIN + ' ' + ns + ' ' + id, Env.SUB|Env.ALWAYS);
- try {
- Result<Void> rp = service.delAdminNS(trans, ns, id);
- switch(rp.status) {
- case OK:
- setContentType(resp,nsRequestDF.getOutType());
- return Result.ok();
- default:
- return Result.err(rp);
- }
- } catch (Exception e) {
- trans.error().log(e,IN,DELETE_NS_ADMIN);
- return Result.err(e);
- } finally {
- tt.done();
- }
- }
-
- /* (non-Javadoc)
- * @see com.att.authz.facade.AuthzFacade#addAdminToNS(org.onap.aaf.auth.env.test.AuthzTrans, java.lang.String, java.lang.String)
- */
- @Override
- public Result<Void> addResponsibilityForNS(AuthzTrans trans, HttpServletResponse resp, String ns, String id) {
- TimeTaken tt = trans.start(ADD_NS_RESPONSIBLE + ' ' + ns + ' ' + id, Env.SUB|Env.ALWAYS);
- try {
- Result<Void> rp = service.addResponsibleNS(trans,ns,id);
- switch(rp.status) {
- case OK:
- setContentType(resp,nsRequestDF.getOutType());
- resp.getOutputStream().println();
- return Result.ok();
- default:
- return Result.err(rp);
- }
- } catch (Exception e) {
- trans.error().log(e,IN,ADD_NS_RESPONSIBLE);
- return Result.err(e);
- } finally {
- tt.done();
- }
- }
-
- /* (non-Javadoc)
- * @see com.att.authz.facade.AuthzFacade#delAdminFromNS(org.onap.aaf.auth.env.test.AuthzTrans, java.lang.String, java.lang.String)
- */
- @Override
- public Result<Void> delResponsibilityForNS(AuthzTrans trans, HttpServletResponse resp, String ns, String id) {
- TimeTaken tt = trans.start(DELETE_NS_RESPONSIBLE + ' ' + ns + ' ' + id, Env.SUB|Env.ALWAYS);
- try {
- Result<Void> rp = service.delResponsibleNS(trans, ns, id);
- switch(rp.status) {
- case OK:
- setContentType(resp,nsRequestDF.getOutType());
- resp.getOutputStream().println();
- return Result.ok();
- default:
- return Result.err(rp);
- }
- } catch (Exception e) {
- trans.error().log(e,IN,DELETE_NS_RESPONSIBLE);
- return Result.err(e);
- } finally {
- tt.done();
- }
- }
-
- /* (non-Javadoc)
- * @see com.att.authz.facade.AuthzFacade#getNSsByName(org.onap.aaf.auth.env.test.AuthzTrans, javax.servlet.http.HttpServletResponse, java.lang.String)
- */
- @Override
- public Result<Void> getNSsByName(AuthzTrans trans, HttpServletResponse resp, String ns) {
- TimeTaken tt = trans.start(GET_NS_BY_NAME + ' ' + ns, Env.SUB|Env.ALWAYS);
- try {
- Result<NSS> rp = service.getNSbyName(trans, ns);
- switch(rp.status) {
- case OK:
- RosettaData<NSS> data = nssDF.newData(trans).load(rp.value);
- if(Question.willSpecialLog(trans, trans.user())) {
- Question.logEncryptTrace(trans,data.asString());
- }
- data.to(resp.getOutputStream());
- setContentType(resp,nssDF.getOutType());
- return Result.ok();
- default:
- return Result.err(rp);
- }
- } catch (Exception e) {
- trans.error().log(e,IN,GET_NS_BY_NAME);
- return Result.err(e);
- } finally {
- tt.done();
- }
- }
-
-// TODO: uncomment when on cassandra 2.1.2 for MyNamespace GUI page
- /* (non-Javadoc)
- * @see com.att.authz.facade.AuthzFacade#getNSsByAdmin(org.onap.aaf.auth.env.test.AuthzTrans, javax.servlet.http.HttpServletResponse, java.lang.String)
- */
- @Override
- public Result<Void> getNSsByAdmin(AuthzTrans trans, HttpServletResponse resp, String user, boolean full){
- TimeTaken tt = trans.start(GET_NS_BY_ADMIN + ' ' + user, Env.SUB|Env.ALWAYS);
- try {
- Result<NSS> rp = service.getNSbyAdmin(trans, user, full);
- switch(rp.status) {
- case OK:
- RosettaData<NSS> data = nssDF.newData(trans).load(rp.value);
- if(Question.willSpecialLog(trans, trans.user())) {
- Question.logEncryptTrace(trans,data.asString());
- }
- data.to(resp.getOutputStream());
- setContentType(resp,nssDF.getOutType());
- return Result.ok();
- default:
- return Result.err(rp);
- }
- } catch (Exception e) {
- trans.error().log(e,IN,GET_NS_BY_ADMIN);
- return Result.err(e);
- } finally {
- tt.done();
- }
- }
-
-// TODO: uncomment when on cassandra 2.1.2 for MyNamespace GUI page
- /* (non-Javadoc)
- * @see com.att.authz.facade.AuthzFacade#getNSsByResponsible(org.onap.aaf.auth.env.test.AuthzTrans, javax.servlet.http.HttpServletResponse, java.lang.String)
- */
- @Override
- public Result<Void> getNSsByResponsible(AuthzTrans trans, HttpServletResponse resp, String user, boolean full){
- TimeTaken tt = trans.start(GET_NS_BY_RESPONSIBLE + ' ' + user, Env.SUB|Env.ALWAYS);
- try {
- Result<NSS> rp = service.getNSbyResponsible(trans, user, full);
- switch(rp.status) {
- case OK:
- RosettaData<NSS> data = nssDF.newData(trans).load(rp.value);
- if(Question.willSpecialLog(trans, trans.user())) {
- Question.logEncryptTrace(trans,data.asString());
- }
- data.to(resp.getOutputStream());
-
- setContentType(resp,nssDF.getOutType());
- return Result.ok();
- default:
- return Result.err(rp);
- }
- } catch (Exception e) {
- trans.error().log(e,IN,GET_NS_BY_RESPONSIBLE);
- return Result.err(e);
- } finally {
- tt.done();
- }
- }
-
- /* (non-Javadoc)
- * @see com.att.authz.facade.AuthzFacade#getNSsByResponsible(org.onap.aaf.auth.env.test.AuthzTrans, javax.servlet.http.HttpServletResponse, java.lang.String)
- */
- @Override
- public Result<Void> getNSsByEither(AuthzTrans trans, HttpServletResponse resp, String user, boolean full){
- TimeTaken tt = trans.start(GET_NS_BY_EITHER + ' ' + user, Env.SUB|Env.ALWAYS);
- try {
- Result<NSS> rp = service.getNSbyEither(trans, user, full);
-
- switch(rp.status) {
- case OK:
- RosettaData<NSS> data = nssDF.newData(trans).load(rp.value);
- if(Question.willSpecialLog(trans, trans.user())) {
- Question.logEncryptTrace(trans,data.asString());
- }
- data.to(resp.getOutputStream());
-
- setContentType(resp,nssDF.getOutType());
- return Result.ok();
- default:
- return Result.err(rp);
- }
- } catch (Exception e) {
- trans.error().log(e,IN,GET_NS_BY_EITHER);
- return Result.err(e);
- } finally {
- tt.done();
- }
- }
-
- /* (non-Javadoc)
- * @see com.att.authz.facade.AuthzFacade#getNSsByResponsible(org.onap.aaf.auth.env.test.AuthzTrans, javax.servlet.http.HttpServletResponse, java.lang.String)
- */
- @Override
- public Result<Void> getNSsChildren(AuthzTrans trans, HttpServletResponse resp, String parent){
- TimeTaken tt = trans.start(GET_NS_CHILDREN + ' ' + parent, Env.SUB|Env.ALWAYS);
- try {
- Result<NSS> rp = service.getNSsChildren(trans, parent);
- switch(rp.status) {
- case OK:
- RosettaData<NSS> data = nssDF.newData(trans).load(rp.value);
- if(Question.willSpecialLog(trans, trans.user())) {
- Question.logEncryptTrace(trans,data.asString());
- }
- data.to(resp.getOutputStream());
- setContentType(resp,nssDF.getOutType());
- return Result.ok();
- default:
- return Result.err(rp);
- }
- } catch (Exception e) {
- trans.error().log(e,IN,GET_NS_CHILDREN);
- return Result.err(e);
- } finally {
- tt.done();
- }
- }
-
- @Override
- public Result<Void> updateNsDescription(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp) {
- TimeTaken tt = trans.start(UPDATE_NS_DESC, Env.SUB|Env.ALWAYS);
- try {
- REQUEST rreq;
- try {
- RosettaData<REQUEST> data = nsRequestDF.newData().load(req.getInputStream());
- if(Question.willSpecialLog(trans, trans.user())) {
- Question.logEncryptTrace(trans,data.asString());
- }
- rreq = data.asObject();
- } catch(APIException e) {
- trans.error().log("Invalid Input",IN,UPDATE_NS_DESC);
- return Result.err(Status.ERR_BadData,"Invalid Input");
-
- }
- Result<Void> rp = service.updateNsDescription(trans, rreq);
- switch(rp.status) {
- case OK:
- setContentType(resp,nsRequestDF.getOutType());
- return Result.ok();
- default:
- return Result.err(rp);
- }
- } catch (Exception e) {
- trans.error().log(e,IN,UPDATE_NS_DESC);
- return Result.err(e);
- } finally {
- tt.done();
- }
- }
-
- /*
- * (non-Javadoc)
- * @see com.att.authz.facade.AuthzFacade#requestNS(org.onap.aaf.auth.env.test.AuthzTrans, javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse)
- */
- @Override
- public Result<Void> deleteNS(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp, String ns) {
- TimeTaken tt = trans.start(DELETE_NS + ' ' + ns, Env.SUB|Env.ALWAYS);
- try {
- Result<Void> rp = service.deleteNS(trans,ns);
- switch(rp.status) {
- case OK:
- setContentType(resp,nsRequestDF.getOutType());
- return Result.ok();
- default:
- return Result.err(rp);
- }
- } catch (Exception e) {
- trans.error().log(e,IN,DELETE_NS);
- return Result.err(e);
- } finally {
- tt.done();
- }
- }
-
- private final static String NS_CREATE_ATTRIB = "nsCreateAttrib";
- private final static String NS_UPDATE_ATTRIB = "nsUpdateAttrib";
- private final static String READ_NS_BY_ATTRIB = "readNsByAttrib";
- private final static String NS_DELETE_ATTRIB = "nsDeleteAttrib";
-
- /* (non-Javadoc)
- * @see com.att.authz.facade.AuthzFacade#createAttribForNS(org.onap.aaf.auth.env.test.AuthzTrans, javax.servlet.http.HttpServletResponse, java.lang.String, java.lang.String, java.lang.String)
- */
- @Override
- public Result<Void> createAttribForNS(AuthzTrans trans, HttpServletResponse resp, String ns, String key, String value) {
- TimeTaken tt = trans.start(NS_CREATE_ATTRIB + ' ' + ns + ':'+key+':'+value, Env.SUB|Env.ALWAYS);
- try {
- Result<?> rp = service.createNsAttrib(trans,ns,key,value);
- switch(rp.status) {
- case OK:
- setContentType(resp, keysDF.getOutType());
- resp.getOutputStream().println();
- return Result.ok();
- default:
- return Result.err(rp);
- }
- } catch (Exception e) {
- trans.error().log(e,IN,NS_CREATE_ATTRIB);
- return Result.err(e);
- } finally {
- tt.done();
- }
- }
-
- /* (non-Javadoc)
- * @see com.att.authz.facade.AuthzFacade#readAttribForNS(org.onap.aaf.auth.env.test.AuthzTrans, javax.servlet.http.HttpServletResponse, java.lang.String)
- */
- @Override
- public Result<Void> readNsByAttrib(AuthzTrans trans, HttpServletResponse resp, String key) {
- TimeTaken tt = trans.start(READ_NS_BY_ATTRIB + ' ' + key, Env.SUB|Env.ALWAYS);
- try {
- Result<KEYS> rp = service.readNsByAttrib(trans, key);
- switch(rp.status) {
- case OK:
- RosettaData<KEYS> data = keysDF.newData(trans).load(rp.value);
- if(Question.willSpecialLog(trans, trans.user())) {
- Question.logEncryptTrace(trans,data.asString());
- }
- data.to(resp.getOutputStream());
- setContentType(resp,keysDF.getOutType());
- return Result.ok();
- default:
- return Result.err(rp);
- }
- } catch (Exception e) {
- trans.error().log(e,IN,READ_NS_BY_ATTRIB);
- return Result.err(e);
- } finally {
- tt.done();
- }
- }
-
- /* (non-Javadoc)
- * @see com.att.authz.facade.AuthzFacade#updAttribForNS(org.onap.aaf.auth.env.test.AuthzTrans, javax.servlet.http.HttpServletResponse, java.lang.String, java.lang.String, java.lang.String)
- */
- @Override
- public Result<Void> updAttribForNS(AuthzTrans trans, HttpServletResponse resp, String ns, String key, String value) {
- TimeTaken tt = trans.start(NS_UPDATE_ATTRIB + ' ' + ns + ':'+key+':'+value, Env.SUB|Env.ALWAYS);
- try {
- Result<?> rp = service.updateNsAttrib(trans,ns,key,value);
- switch(rp.status) {
- case OK:
- setContentType(resp, keysDF.getOutType());
- resp.getOutputStream().println();
- return Result.ok();
- default:
- return Result.err(rp);
- }
- } catch (Exception e) {
- trans.error().log(e,IN,NS_UPDATE_ATTRIB);
- return Result.err(e);
- } finally {
- tt.done();
- }
-
- }
-
- /* (non-Javadoc)
- * @see com.att.authz.facade.AuthzFacade#delAttribForNS(org.onap.aaf.auth.env.test.AuthzTrans, javax.servlet.http.HttpServletResponse, java.lang.String, java.lang.String)
- */
- @Override
- public Result<Void> delAttribForNS(AuthzTrans trans, HttpServletResponse resp, String ns, String key) {
- TimeTaken tt = trans.start(NS_DELETE_ATTRIB + ' ' + ns + ':'+key, Env.SUB|Env.ALWAYS);
- try {
- Result<?> rp = service.deleteNsAttrib(trans,ns,key);
- switch(rp.status) {
- case OK:
- setContentType(resp, keysDF.getOutType());
- resp.getOutputStream().println();
- return Result.ok();
- default:
- return Result.err(rp);
- }
- } catch (Exception e) {
- trans.error().log(e,IN,NS_DELETE_ATTRIB);
- return Result.err(e);
- } finally {
- tt.done();
- }
- }
+ {
+ private static final String FORBIDDEN = "Forbidden";
+ private static final String NOT_FOUND = "Not Found";
+ private static final String NOT_ACCEPTABLE = "Not Acceptable";
+ private static final String GENERAL_SERVICE_ERROR = "General Service Error";
+ private static final String NO_DATA = "***No Data***";
+ private AuthzService<NSS,PERMS,PERMKEY,ROLES,USERS,USERROLES,DELGS,CERTS,KEYS,REQUEST,HISTORY,ERR,APPROVALS> service = null;
+ private final RosettaDF<NSS> nssDF;
+ private final RosettaDF<PERMS> permsDF;
+ private final RosettaDF<ROLES> roleDF;
+ private final RosettaDF<USERS> usersDF;
+ private final RosettaDF<USERROLES> userrolesDF;
+ private final RosettaDF<CERTS> certsDF;
+ private final RosettaDF<DELGS> delgDF;
+ private final RosettaDF<REQUEST> permRequestDF;
+ private final RosettaDF<REQUEST> roleRequestDF;
+ private final RosettaDF<REQUEST> userRoleRequestDF;
+ private final RosettaDF<REQUEST> rolePermRequestDF;
+ private final RosettaDF<REQUEST> nsRequestDF;
+ private final RosettaDF<REQUEST> credRequestDF;
+ private final RosettaDF<REQUEST> delgRequestDF;
+ private final RosettaDF<HISTORY> historyDF;
+ private final RosettaDF<KEYS> keysDF;
+
+ private final RosettaDF<ERR> errDF;
+ private final RosettaDF<APPROVALS> approvalDF;
+ // Note: Api is not different per Version
+ private final RosettaDF<Api> apiDF;
+
+
+ @SuppressWarnings("unchecked")
+ public AuthzFacadeImpl(AuthzEnv env, AuthzService<NSS,PERMS,PERMKEY,ROLES,USERS,USERROLES,DELGS,CERTS,KEYS,REQUEST,HISTORY,ERR,APPROVALS> service, Data.TYPE dataType) throws APIException {
+ this.service = service;
+ (nssDF = env.newDataFactory(service.mapper().getClass(API.NSS))).in(dataType).out(dataType);
+ (permRequestDF = env.newDataFactory(service.mapper().getClass(API.PERM_REQ))).in(dataType).out(dataType);
+ (permsDF = env.newDataFactory(service.mapper().getClass(API.PERMS))).in(dataType).out(dataType);
+// (permKeyDF = env.newDataFactory(service.mapper().getClass(API.PERM_KEY))).in(dataType).out(dataType);
+ (roleDF = env.newDataFactory(service.mapper().getClass(API.ROLES))).in(dataType).out(dataType);
+ (roleRequestDF = env.newDataFactory(service.mapper().getClass(API.ROLE_REQ))).in(dataType).out(dataType);
+ (usersDF = env.newDataFactory(service.mapper().getClass(API.USERS))).in(dataType).out(dataType);
+ (userrolesDF = env.newDataFactory(service.mapper().getClass(API.USER_ROLES))).in(dataType).out(dataType);
+ (certsDF = env.newDataFactory(service.mapper().getClass(API.CERTS))).in(dataType).out(dataType)
+ .rootMarshal((Marshal<CERTS>) service.mapper().getMarshal(API.CERTS));
+ ;
+ (userRoleRequestDF = env.newDataFactory(service.mapper().getClass(API.USER_ROLE_REQ))).in(dataType).out(dataType);
+ (rolePermRequestDF = env.newDataFactory(service.mapper().getClass(API.ROLE_PERM_REQ))).in(dataType).out(dataType);
+ (nsRequestDF = env.newDataFactory(service.mapper().getClass(API.NS_REQ))).in(dataType).out(dataType);
+ (credRequestDF = env.newDataFactory(service.mapper().getClass(API.CRED_REQ))).in(dataType).out(dataType);
+ (delgRequestDF = env.newDataFactory(service.mapper().getClass(API.DELG_REQ))).in(dataType).out(dataType);
+ (historyDF = env.newDataFactory(service.mapper().getClass(API.HISTORY))).in(dataType).out(dataType);
+ ( keysDF = env.newDataFactory(service.mapper().getClass(API.KEYS))).in(dataType).out(dataType);
+ (delgDF = env.newDataFactory(service.mapper().getClass(API.DELGS))).in(dataType).out(dataType);
+ (approvalDF = env.newDataFactory(service.mapper().getClass(API.APPROVALS))).in(dataType).out(dataType);
+ (errDF = env.newDataFactory(service.mapper().getClass(API.ERROR))).in(dataType).out(dataType);
+ (apiDF = env.newDataFactory(Api.class)).in(dataType).out(dataType);
+ }
+
+ public Mapper<NSS,PERMS,PERMKEY,ROLES,USERS,USERROLES,DELGS,CERTS,KEYS,REQUEST,HISTORY,ERR,APPROVALS> mapper() {
+ return service.mapper();
+ }
+
+ /* (non-Javadoc)
+ * @see com.att.authz.facade.AuthzFacade#error(org.onap.aaf.auth.env.test.AuthzTrans, javax.servlet.http.HttpServletResponse, int)
+ *
+ * Note: Conforms to AT&T TSS RESTful Error Structure
+ */
+ @Override
+ public void error(AuthzTrans trans, HttpServletResponse response, Result<?> result) {
+ String msg = result.details==null?"%s":"%s - " + result.details.trim();
+ String msgId;
+ String[] detail;
+ boolean hidemsg = false;
+ if(result.variables==null) {
+ detail = new String[1];
+ } else {
+ int l = result.variables.length;
+ detail=new String[l+1];
+ System.arraycopy(result.variables, 0, detail, 1, l);
+ }
+ //int httpstatus;
+
+ switch(result.status) {
+ case ERR_ActionNotCompleted:
+ msgId = "SVC1202";
+ detail[0] = "Accepted, Action not complete";
+ response.setStatus(/*httpstatus=*/202);
+ break;
+
+ case ERR_Policy:
+ msgId = "SVC3403";
+ detail[0] = FORBIDDEN;
+ response.setStatus(/*httpstatus=*/403);
+ break;
+ case ERR_Security:
+ msgId = "SVC2403";
+ detail[0] = FORBIDDEN;
+ response.setStatus(/*httpstatus=*/403);
+ break;
+ case ERR_Denied:
+ msgId = "SVC1403";
+ detail[0] = FORBIDDEN;
+ response.setStatus(/*httpstatus=*/403);
+ break;
+ // This is still forbidden to directly impact, but can be Requested when passed
+ // with "request=true" query Param
+ case ERR_FutureNotRequested:
+ msgId = "SVC2403";
+ detail[0] = msg;
+ response.setStatus(/*httpstatus=*/403);
+ break;
+
+ case ERR_NsNotFound:
+ msgId = "SVC2404";
+ detail[0] = NOT_FOUND;
+ response.setStatus(/*httpstatus=*/404);
+ break;
+ case ERR_RoleNotFound:
+ msgId = "SVC3404";
+ detail[0] = NOT_FOUND;
+ response.setStatus(/*httpstatus=*/404);
+ break;
+ case ERR_PermissionNotFound:
+ msgId = "SVC4404";
+ detail[0] = NOT_FOUND;
+ response.setStatus(/*httpstatus=*/404);
+ break;
+ case ERR_UserNotFound:
+ msgId = "SVC5404";
+ detail[0] = NOT_FOUND;
+ response.setStatus(/*httpstatus=*/404);
+ break;
+ case ERR_UserRoleNotFound:
+ msgId = "SVC6404";
+ detail[0] = NOT_FOUND;
+ response.setStatus(/*httpstatus=*/404);
+ break;
+ case ERR_DelegateNotFound:
+ msgId = "SVC7404";
+ detail[0] = NOT_FOUND;
+ response.setStatus(/*httpstatus=*/404);
+ break;
+ case ERR_NotFound:
+ msgId = "SVC1404";
+ detail[0] = NOT_FOUND;
+ response.setStatus(/*httpstatus=*/404);
+ break;
+
+ case ERR_InvalidDelegate:
+ msgId="SVC2406";
+ detail[0] = NOT_ACCEPTABLE;
+ response.setStatus(/*httpstatus=*/406);
+ break;
+ case ERR_BadData:
+ msgId="SVC1406";
+ detail[0] = NOT_ACCEPTABLE;
+ response.setStatus(/*httpstatus=*/406);
+ break;
+
+ case ERR_ConflictAlreadyExists:
+ msgId = "SVC1409";
+ detail[0] = "Conflict Already Exists";
+ response.setStatus(/*httpstatus=*/409);
+ break;
+
+ case ERR_DependencyExists:
+ msgId = "SVC1424";
+ detail[0] = "Failed Dependency";
+ response.setStatus(/*httpstatus=*/424);
+ break;
+
+ case ERR_NotImplemented:
+ msgId = "SVC1501";
+ detail[0] = "Not Implemented";
+ response.setStatus(/*httpstatus=*/501);
+ break;
+
+ case Status.ACC_Future:
+ msgId = "SVC1202";
+ detail[0] = "Accepted for Future, pending Approvals";
+ response.setStatus(/*httpstatus=*/202);
+ break;
+ case ERR_ChoiceNeeded:
+ msgId = "SVC1300";
+ detail = result.variables;
+ response.setStatus(/*httpstatus=*/300);
+ break;
+ case ERR_Backend:
+ msgId = "SVC2500";
+ detail[0] = GENERAL_SERVICE_ERROR;
+ response.setStatus(/*httpstatus=*/500);
+ hidemsg = true;
+ break;
+
+ default:
+ msgId = "SVC1500";
+ detail[0] = GENERAL_SERVICE_ERROR;
+ response.setStatus(/*httpstatus=*/500);
+ hidemsg = true;
+ break;
+ }
+
+ try {
+ StringBuilder holder = new StringBuilder();
+ ERR em = service.mapper().errorFromMessage(holder,msgId,msg,detail);
+ trans.checkpoint(
+ "ErrResp [" +
+ msgId +
+ "] " +
+ holder.toString(),
+ Env.ALWAYS);
+ if(hidemsg) {
+ holder.setLength(0);
+ em = mapper().errorFromMessage(holder, msgId, "Server had an issue processing this request");
+ }
+ errDF.newData(trans).load(em).to(response.getOutputStream());
+ } catch (Exception e) {
+ trans.error().log(e,"unable to send response for",msg);
+ }
+ }
+
+ ///////////////////////////
+ // Namespace
+ ///////////////////////////
+ public static final String CREATE_NS = "createNamespace";
+ public static final String ADD_NS_ADMIN = "addNamespaceAdmin";
+ public static final String DELETE_NS_ADMIN = "delNamespaceAdmin";
+ public static final String ADD_NS_RESPONSIBLE = "addNamespaceResponsible";
+ public static final String DELETE_NS_RESPONSIBLE = "delNamespaceResponsible";
+ public static final String GET_NS_BY_NAME = "getNamespaceByName";
+ public static final String GET_NS_BY_ADMIN = "getNamespaceByAdmin";
+ public static final String GET_NS_BY_RESPONSIBLE = "getNamespaceByResponsible";
+ public static final String GET_NS_BY_EITHER = "getNamespaceByEither";
+ public static final String GET_NS_CHILDREN = "getNamespaceChildren";
+ public static final String UPDATE_NS_DESC = "updateNamespaceDescription";
+ public static final String DELETE_NS = "deleteNamespace";
+
+
+ /* (non-Javadoc)
+ * @see com.att.authz.facade.AuthzFacade#createNS(org.onap.aaf.auth.env.test.AuthzTrans, javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse)
+ */
+ @Override
+ public Result<Void> requestNS(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp, NsType type) {
+ TimeTaken tt = trans.start(CREATE_NS, Env.SUB|Env.ALWAYS);
+ try {
+ REQUEST request;
+ try {
+ Data<REQUEST> rd = nsRequestDF.newData().load(req.getInputStream());
+ if(Question.willSpecialLog(trans, trans.user())) {
+ Question.logEncryptTrace(trans,rd.asString());
+ }
+ request = rd.asObject();
+ } catch(APIException e) {
+ trans.error().log("Invalid Input",IN,CREATE_NS);
+ return Result.err(Status.ERR_BadData,"Invalid Input");
+ }
+
+ Result<Void> rp = service.createNS(trans,request,type);
+ switch(rp.status) {
+ case OK:
+ setContentType(resp,nsRequestDF.getOutType());
+ return Result.ok();
+ default:
+ return Result.err(rp);
+ }
+ } catch (Exception e) {
+ trans.error().log(e,IN,CREATE_NS);
+ return Result.err(e);
+ } finally {
+ tt.done();
+ }
+ }
+
+ /* (non-Javadoc)
+ * @see com.att.authz.facade.AuthzFacade#addAdminToNS(org.onap.aaf.auth.env.test.AuthzTrans, java.lang.String, java.lang.String)
+ */
+ @Override
+ public Result<Void> addAdminToNS(AuthzTrans trans, HttpServletResponse resp, String ns, String id) {
+ TimeTaken tt = trans.start(ADD_NS_ADMIN + ' ' + ns + ' ' + id, Env.SUB|Env.ALWAYS);
+ try {
+ Result<Void> rp = service.addAdminNS(trans,ns,id);
+ switch(rp.status) {
+ case OK:
+ //TODO Perms??
+ setContentType(resp,nsRequestDF.getOutType());
+ resp.getOutputStream().println();
+ return Result.ok();
+ default:
+ return Result.err(rp);
+ }
+ } catch (Exception e) {
+ trans.error().log(e,IN,ADD_NS_ADMIN);
+ return Result.err(e);
+ } finally {
+ tt.done();
+ }
+ }
+
+ /* (non-Javadoc)
+ * @see com.att.authz.facade.AuthzFacade#delAdminFromNS(org.onap.aaf.auth.env.test.AuthzTrans, java.lang.String, java.lang.String)
+ */
+ @Override
+ public Result<Void> delAdminFromNS(AuthzTrans trans, HttpServletResponse resp, String ns, String id) {
+ TimeTaken tt = trans.start(DELETE_NS_ADMIN + ' ' + ns + ' ' + id, Env.SUB|Env.ALWAYS);
+ try {
+ Result<Void> rp = service.delAdminNS(trans, ns, id);
+ switch(rp.status) {
+ case OK:
+ setContentType(resp,nsRequestDF.getOutType());
+ return Result.ok();
+ default:
+ return Result.err(rp);
+ }
+ } catch (Exception e) {
+ trans.error().log(e,IN,DELETE_NS_ADMIN);
+ return Result.err(e);
+ } finally {
+ tt.done();
+ }
+ }
+
+ /* (non-Javadoc)
+ * @see com.att.authz.facade.AuthzFacade#addAdminToNS(org.onap.aaf.auth.env.test.AuthzTrans, java.lang.String, java.lang.String)
+ */
+ @Override
+ public Result<Void> addResponsibilityForNS(AuthzTrans trans, HttpServletResponse resp, String ns, String id) {
+ TimeTaken tt = trans.start(ADD_NS_RESPONSIBLE + ' ' + ns + ' ' + id, Env.SUB|Env.ALWAYS);
+ try {
+ Result<Void> rp = service.addResponsibleNS(trans,ns,id);
+ switch(rp.status) {
+ case OK:
+ setContentType(resp,nsRequestDF.getOutType());
+ resp.getOutputStream().println();
+ return Result.ok();
+ default:
+ return Result.err(rp);
+ }
+ } catch (Exception e) {
+ trans.error().log(e,IN,ADD_NS_RESPONSIBLE);
+ return Result.err(e);
+ } finally {
+ tt.done();
+ }
+ }
+
+ /* (non-Javadoc)
+ * @see com.att.authz.facade.AuthzFacade#delAdminFromNS(org.onap.aaf.auth.env.test.AuthzTrans, java.lang.String, java.lang.String)
+ */
+ @Override
+ public Result<Void> delResponsibilityForNS(AuthzTrans trans, HttpServletResponse resp, String ns, String id) {
+ TimeTaken tt = trans.start(DELETE_NS_RESPONSIBLE + ' ' + ns + ' ' + id, Env.SUB|Env.ALWAYS);
+ try {
+ Result<Void> rp = service.delResponsibleNS(trans, ns, id);
+ switch(rp.status) {
+ case OK:
+ setContentType(resp,nsRequestDF.getOutType());
+ resp.getOutputStream().println();
+ return Result.ok();
+ default:
+ return Result.err(rp);
+ }
+ } catch (Exception e) {
+ trans.error().log(e,IN,DELETE_NS_RESPONSIBLE);
+ return Result.err(e);
+ } finally {
+ tt.done();
+ }
+ }
+
+ /* (non-Javadoc)
+ * @see com.att.authz.facade.AuthzFacade#getNSsByName(org.onap.aaf.auth.env.test.AuthzTrans, javax.servlet.http.HttpServletResponse, java.lang.String)
+ */
+ @Override
+ public Result<Void> getNSsByName(AuthzTrans trans, HttpServletResponse resp, String ns) {
+ TimeTaken tt = trans.start(GET_NS_BY_NAME + ' ' + ns, Env.SUB|Env.ALWAYS);
+ try {
+ Result<NSS> rp = service.getNSbyName(trans, ns);
+ switch(rp.status) {
+ case OK:
+ RosettaData<NSS> data = nssDF.newData(trans).load(rp.value);
+ if(Question.willSpecialLog(trans, trans.user())) {
+ Question.logEncryptTrace(trans,data.asString());
+ }
+ data.to(resp.getOutputStream());
+ setContentType(resp,nssDF.getOutType());
+ return Result.ok();
+ default:
+ return Result.err(rp);
+ }
+ } catch (Exception e) {
+ trans.error().log(e,IN,GET_NS_BY_NAME);
+ return Result.err(e);
+ } finally {
+ tt.done();
+ }
+ }
+
+// TODO: uncomment when on cassandra 2.1.2 for MyNamespace GUI page
+ /* (non-Javadoc)
+ * @see com.att.authz.facade.AuthzFacade#getNSsByAdmin(org.onap.aaf.auth.env.test.AuthzTrans, javax.servlet.http.HttpServletResponse, java.lang.String)
+ */
+ @Override
+ public Result<Void> getNSsByAdmin(AuthzTrans trans, HttpServletResponse resp, String user, boolean full){
+ TimeTaken tt = trans.start(GET_NS_BY_ADMIN + ' ' + user, Env.SUB|Env.ALWAYS);
+ try {
+ Result<NSS> rp = service.getNSbyAdmin(trans, user, full);
+ switch(rp.status) {
+ case OK:
+ RosettaData<NSS> data = nssDF.newData(trans).load(rp.value);
+ if(Question.willSpecialLog(trans, trans.user())) {
+ Question.logEncryptTrace(trans,data.asString());
+ }
+ data.to(resp.getOutputStream());
+ setContentType(resp,nssDF.getOutType());
+ return Result.ok();
+ default:
+ return Result.err(rp);
+ }
+ } catch (Exception e) {
+ trans.error().log(e,IN,GET_NS_BY_ADMIN);
+ return Result.err(e);
+ } finally {
+ tt.done();
+ }
+ }
+
+// TODO: uncomment when on cassandra 2.1.2 for MyNamespace GUI page
+ /* (non-Javadoc)
+ * @see com.att.authz.facade.AuthzFacade#getNSsByResponsible(org.onap.aaf.auth.env.test.AuthzTrans, javax.servlet.http.HttpServletResponse, java.lang.String)
+ */
+ @Override
+ public Result<Void> getNSsByResponsible(AuthzTrans trans, HttpServletResponse resp, String user, boolean full){
+ TimeTaken tt = trans.start(GET_NS_BY_RESPONSIBLE + ' ' + user, Env.SUB|Env.ALWAYS);
+ try {
+ Result<NSS> rp = service.getNSbyResponsible(trans, user, full);
+ switch(rp.status) {
+ case OK:
+ RosettaData<NSS> data = nssDF.newData(trans).load(rp.value);
+ if(Question.willSpecialLog(trans, trans.user())) {
+ Question.logEncryptTrace(trans,data.asString());
+ }
+ data.to(resp.getOutputStream());
+
+ setContentType(resp,nssDF.getOutType());
+ return Result.ok();
+ default:
+ return Result.err(rp);
+ }
+ } catch (Exception e) {
+ trans.error().log(e,IN,GET_NS_BY_RESPONSIBLE);
+ return Result.err(e);
+ } finally {
+ tt.done();
+ }
+ }
+
+ /* (non-Javadoc)
+ * @see com.att.authz.facade.AuthzFacade#getNSsByResponsible(org.onap.aaf.auth.env.test.AuthzTrans, javax.servlet.http.HttpServletResponse, java.lang.String)
+ */
+ @Override
+ public Result<Void> getNSsByEither(AuthzTrans trans, HttpServletResponse resp, String user, boolean full){
+ TimeTaken tt = trans.start(GET_NS_BY_EITHER + ' ' + user, Env.SUB|Env.ALWAYS);
+ try {
+ Result<NSS> rp = service.getNSbyEither(trans, user, full);
+
+ switch(rp.status) {
+ case OK:
+ RosettaData<NSS> data = nssDF.newData(trans).load(rp.value);
+ if(Question.willSpecialLog(trans, trans.user())) {
+ Question.logEncryptTrace(trans,data.asString());
+ }
+ data.to(resp.getOutputStream());
+
+ setContentType(resp,nssDF.getOutType());
+ return Result.ok();
+ default:
+ return Result.err(rp);
+ }
+ } catch (Exception e) {
+ trans.error().log(e,IN,GET_NS_BY_EITHER);
+ return Result.err(e);
+ } finally {
+ tt.done();
+ }
+ }
+
+ /* (non-Javadoc)
+ * @see com.att.authz.facade.AuthzFacade#getNSsByResponsible(org.onap.aaf.auth.env.test.AuthzTrans, javax.servlet.http.HttpServletResponse, java.lang.String)
+ */
+ @Override
+ public Result<Void> getNSsChildren(AuthzTrans trans, HttpServletResponse resp, String parent){
+ TimeTaken tt = trans.start(GET_NS_CHILDREN + ' ' + parent, Env.SUB|Env.ALWAYS);
+ try {
+ Result<NSS> rp = service.getNSsChildren(trans, parent);
+ switch(rp.status) {
+ case OK:
+ RosettaData<NSS> data = nssDF.newData(trans).load(rp.value);
+ if(Question.willSpecialLog(trans, trans.user())) {
+ Question.logEncryptTrace(trans,data.asString());
+ }
+ data.to(resp.getOutputStream());
+ setContentType(resp,nssDF.getOutType());
+ return Result.ok();
+ default:
+ return Result.err(rp);
+ }
+ } catch (Exception e) {
+ trans.error().log(e,IN,GET_NS_CHILDREN);
+ return Result.err(e);
+ } finally {
+ tt.done();
+ }
+ }
+
+ @Override
+ public Result<Void> updateNsDescription(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp) {
+ TimeTaken tt = trans.start(UPDATE_NS_DESC, Env.SUB|Env.ALWAYS);
+ try {
+ REQUEST rreq;
+ try {
+ RosettaData<REQUEST> data = nsRequestDF.newData().load(req.getInputStream());
+ if(Question.willSpecialLog(trans, trans.user())) {
+ Question.logEncryptTrace(trans,data.asString());
+ }
+ rreq = data.asObject();
+ } catch(APIException e) {
+ trans.error().log("Invalid Input",IN,UPDATE_NS_DESC);
+ return Result.err(Status.ERR_BadData,"Invalid Input");
+
+ }
+ Result<Void> rp = service.updateNsDescription(trans, rreq);
+ switch(rp.status) {
+ case OK:
+ setContentType(resp,nsRequestDF.getOutType());
+ return Result.ok();
+ default:
+ return Result.err(rp);
+ }
+ } catch (Exception e) {
+ trans.error().log(e,IN,UPDATE_NS_DESC);
+ return Result.err(e);
+ } finally {
+ tt.done();
+ }
+ }
+
+ /*
+ * (non-Javadoc)
+ * @see com.att.authz.facade.AuthzFacade#requestNS(org.onap.aaf.auth.env.test.AuthzTrans, javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse)
+ */
+ @Override
+ public Result<Void> deleteNS(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp, String ns) {
+ TimeTaken tt = trans.start(DELETE_NS + ' ' + ns, Env.SUB|Env.ALWAYS);
+ try {
+ Result<Void> rp = service.deleteNS(trans,ns);
+ switch(rp.status) {
+ case OK:
+ setContentType(resp,nsRequestDF.getOutType());
+ return Result.ok();
+ default:
+ return Result.err(rp);
+ }
+ } catch (Exception e) {
+ trans.error().log(e,IN,DELETE_NS);
+ return Result.err(e);
+ } finally {
+ tt.done();
+ }
+ }
+
+ private final static String NS_CREATE_ATTRIB = "nsCreateAttrib";
+ private final static String NS_UPDATE_ATTRIB = "nsUpdateAttrib";
+ private final static String READ_NS_BY_ATTRIB = "readNsByAttrib";
+ private final static String NS_DELETE_ATTRIB = "nsDeleteAttrib";
+
+ /* (non-Javadoc)
+ * @see com.att.authz.facade.AuthzFacade#createAttribForNS(org.onap.aaf.auth.env.test.AuthzTrans, javax.servlet.http.HttpServletResponse, java.lang.String, java.lang.String, java.lang.String)
+ */
+ @Override
+ public Result<Void> createAttribForNS(AuthzTrans trans, HttpServletResponse resp, String ns, String key, String value) {
+ TimeTaken tt = trans.start(NS_CREATE_ATTRIB + ' ' + ns + ':'+key+':'+value, Env.SUB|Env.ALWAYS);
+ try {
+ Result<?> rp = service.createNsAttrib(trans,ns,key,value);
+ switch(rp.status) {
+ case OK:
+ setContentType(resp, keysDF.getOutType());
+ resp.getOutputStream().println();
+ return Result.ok();
+ default:
+ return Result.err(rp);
+ }
+ } catch (Exception e) {
+ trans.error().log(e,IN,NS_CREATE_ATTRIB);
+ return Result.err(e);
+ } finally {
+ tt.done();
+ }
+ }
+
+ /* (non-Javadoc)
+ * @see com.att.authz.facade.AuthzFacade#readAttribForNS(org.onap.aaf.auth.env.test.AuthzTrans, javax.servlet.http.HttpServletResponse, java.lang.String)
+ */
+ @Override
+ public Result<Void> readNsByAttrib(AuthzTrans trans, HttpServletResponse resp, String key) {
+ TimeTaken tt = trans.start(READ_NS_BY_ATTRIB + ' ' + key, Env.SUB|Env.ALWAYS);
+ try {
+ Result<KEYS> rp = service.readNsByAttrib(trans, key);
+ switch(rp.status) {
+ case OK:
+ RosettaData<KEYS> data = keysDF.newData(trans).load(rp.value);
+ if(Question.willSpecialLog(trans, trans.user())) {
+ Question.logEncryptTrace(trans,data.asString());
+ }
+ data.to(resp.getOutputStream());
+ setContentType(resp,keysDF.getOutType());
+ return Result.ok();
+ default:
+ return Result.err(rp);
+ }
+ } catch (Exception e) {
+ trans.error().log(e,IN,READ_NS_BY_ATTRIB);
+ return Result.err(e);
+ } finally {
+ tt.done();
+ }
+ }
+
+ /* (non-Javadoc)
+ * @see com.att.authz.facade.AuthzFacade#updAttribForNS(org.onap.aaf.auth.env.test.AuthzTrans, javax.servlet.http.HttpServletResponse, java.lang.String, java.lang.String, java.lang.String)
+ */
+ @Override
+ public Result<Void> updAttribForNS(AuthzTrans trans, HttpServletResponse resp, String ns, String key, String value) {
+ TimeTaken tt = trans.start(NS_UPDATE_ATTRIB + ' ' + ns + ':'+key+':'+value, Env.SUB|Env.ALWAYS);
+ try {
+ Result<?> rp = service.updateNsAttrib(trans,ns,key,value);
+ switch(rp.status) {
+ case OK:
+ setContentType(resp, keysDF.getOutType());
+ resp.getOutputStream().println();
+ return Result.ok();
+ default:
+ return Result.err(rp);
+ }
+ } catch (Exception e) {
+ trans.error().log(e,IN,NS_UPDATE_ATTRIB);
+ return Result.err(e);
+ } finally {
+ tt.done();
+ }
+
+ }
+
+ /* (non-Javadoc)
+ * @see com.att.authz.facade.AuthzFacade#delAttribForNS(org.onap.aaf.auth.env.test.AuthzTrans, javax.servlet.http.HttpServletResponse, java.lang.String, java.lang.String)
+ */
+ @Override
+ public Result<Void> delAttribForNS(AuthzTrans trans, HttpServletResponse resp, String ns, String key) {
+ TimeTaken tt = trans.start(NS_DELETE_ATTRIB + ' ' + ns + ':'+key, Env.SUB|Env.ALWAYS);
+ try {
+ Result<?> rp = service.deleteNsAttrib(trans,ns,key);
+ switch(rp.status) {
+ case OK:
+ setContentType(resp, keysDF.getOutType());
+ resp.getOutputStream().println();
+ return Result.ok();
+ default:
+ return Result.err(rp);
+ }
+ } catch (Exception e) {
+ trans.error().log(e,IN,NS_DELETE_ATTRIB);
+ return Result.err(e);
+ } finally {
+ tt.done();
+ }
+ }
//
// PERMISSION
//
- public static final String CREATE_PERMISSION = "createPermission";
- public static final String GET_PERMS_BY_TYPE = "getPermsByType";
- public static final String GET_PERMS_BY_NAME = "getPermsByName";
- public static final String GET_PERMISSIONS_BY_USER = "getPermissionsByUser";
- public static final String GET_PERMISSIONS_BY_USER_SCOPE = "getPermissionsByUserScope";
- public static final String GET_PERMISSIONS_BY_USER_WITH_QUERY = "getPermissionsByUserWithQuery";
- public static final String GET_PERMISSIONS_BY_ROLE = "getPermissionsByRole";
- public static final String GET_PERMISSIONS_BY_NS = "getPermissionsByNS";
- public static final String UPDATE_PERMISSION = "updatePermission";
- public static final String UPDATE_PERM_DESC = "updatePermissionDescription";
- public static final String SET_PERMISSION_ROLES_TO = "setPermissionRolesTo";
- public static final String DELETE_PERMISSION = "deletePermission";
-
- /*
- * (non-Javadoc)
- * @see com.att.authz.facade.AuthzFacade#createOrUpdatePerm(org.onap.aaf.auth.env.test.AuthzTrans, javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse, boolean, java.lang.String, java.lang.String, java.lang.String)
- */
- @Override
- public Result<Void> createPerm(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp) {
- TimeTaken tt = trans.start( CREATE_PERMISSION, Env.SUB|Env.ALWAYS);
- try {
- REQUEST rreq;
- try {
- RosettaData<REQUEST> data = permRequestDF.newData().load(req.getInputStream());
- if(Question.willSpecialLog(trans, trans.user())) {
- Question.logEncryptTrace(trans,data.asString());
- }
- rreq = data.asObject();
- } catch(APIException e) {
- trans.error().log("Invalid Input",IN,CREATE_PERMISSION);
- return Result.err(Status.ERR_BadData,"Invalid Input");
- }
-
- Result<Void> rp = service.createPerm(trans,rreq);
- switch(rp.status) {
- case OK:
- setContentType(resp,permsDF.getOutType());
- return Result.ok();
- default:
- return Result.err(rp);
- }
- } catch (Exception e) {
- trans.error().log(e,IN,CREATE_PERMISSION);
- return Result.err(e);
- } finally {
- tt.done();
- }
- }
-
- /* (non-Javadoc)
- * @see com.att.authz.facade.AuthzFacade#getChildPerms(org.onap.aaf.auth.env.test.AuthzTrans, javax.servlet.http.HttpServletResponse, java.lang.String)
- */
- @Override
- public Result<Void> getPermsByType(AuthzTrans trans, HttpServletResponse resp, String perm) {
- TimeTaken tt = trans.start(GET_PERMS_BY_TYPE + ' ' + perm, Env.SUB|Env.ALWAYS);
- try {
-
- Result<PERMS> rp = service.getPermsByType(trans, perm);
- switch(rp.status) {
- case OK:
- RosettaData<PERMS> data = permsDF.newData(trans).load(rp.value);
- if(Question.willSpecialLog(trans, trans.user())) {
- Question.logEncryptTrace(trans,data.asString());
- }
- data.to(resp.getOutputStream());
- setContentType(resp,permsDF.getOutType());
- setCacheControlOff(resp);
- return Result.ok();
- default:
- return Result.err(rp);
- }
- } catch (Exception e) {
- trans.error().log(e,IN,GET_PERMS_BY_TYPE);
- return Result.err(e);
- } finally {
- tt.done();
- }
- }
-
- @Override
- public Result<Void> getPermsByName(AuthzTrans trans, HttpServletResponse resp,
- String type, String instance, String action) {
-
- TimeTaken tt = trans.start(GET_PERMS_BY_NAME + ' ' + type
- + '|' + instance + '|' + action, Env.SUB|Env.ALWAYS);
- try {
-
- Result<PERMS> rp = service.getPermsByName(trans, type, instance, action);
- switch(rp.status) {
- case OK:
- RosettaData<PERMS> data = permsDF.newData(trans).load(rp.value);
- if(Question.willSpecialLog(trans, trans.user())) {
- Question.logEncryptTrace(trans,data.asString());
- }
- data.to(resp.getOutputStream());
- setContentType(resp,permsDF.getOutType());
- setCacheControlOff(resp);
- return Result.ok();
- default:
- return Result.err(rp);
- }
- } catch (Exception e) {
- trans.error().log(e,IN,GET_PERMS_BY_TYPE);
- return Result.err(e);
- } finally {
- tt.done();
- }
- }
-
- /* (non-Javadoc)
- * @see com.att.authz.facade.AuthzFacade#getPermissionByUser(org.onap.aaf.auth.env.test.AuthzTrans, javax.servlet.http.HttpServletResponse, java.lang.String)
- */
- @Override
- public Result<Void> getPermsByUser(AuthzTrans trans, HttpServletResponse resp, String user) {
- TimeTaken tt = trans.start(GET_PERMISSIONS_BY_USER + ' ' + user, Env.SUB|Env.ALWAYS);
- try {
- Result<PERMS> rp = service.getPermsByUser(trans, user);
- switch(rp.status) {
- case OK:
- RosettaData<PERMS> data = permsDF.newData(trans).load(rp.value);
- if(Question.willSpecialLog(trans, trans.user())) {
- Question.logEncryptTrace(trans,data.asString());
- }
- data.to(resp.getOutputStream());
- setContentType(resp,permsDF.getOutType());
- setCacheControlOff(resp);
- return Result.ok();
- default:
- return Result.err(rp);
- }
- } catch (Exception e) {
- trans.error().log(e,IN,GET_PERMISSIONS_BY_USER, user);
- return Result.err(e);
- } finally {
- tt.done();
- }
- }
-
- /* (non-Javadoc)
- * @see com.att.authz.facade.AuthzFacade#getPermissionByUser(org.onap.aaf.auth.env.test.AuthzTrans, javax.servlet.http.HttpServletResponse, java.lang.String)
- */
- @Override
- public Result<Void> getPermsByUserScope(AuthzTrans trans, HttpServletResponse resp, String user, String[] scopes) {
- TimeTaken tt = trans.start(GET_PERMISSIONS_BY_USER_SCOPE + ' ' + user, Env.SUB|Env.ALWAYS);
- try {
- Result<PERMS> rp = service.getPermsByUserScope(trans, user, scopes);
- switch(rp.status) {
- case OK:
- RosettaData<PERMS> data = permsDF.newData(trans).load(rp.value);
- if(Question.willSpecialLog(trans, trans.user())) {
- Question.logEncryptTrace(trans,data.asString());
- }
- data.to(resp.getOutputStream());
- setContentType(resp,permsDF.getOutType());
- setCacheControlOff(resp);
- return Result.ok();
- default:
- return Result.err(rp);
- }
- } catch (Exception e) {
- trans.error().log(e,IN,GET_PERMISSIONS_BY_USER_SCOPE, user);
- return Result.err(e);
- } finally {
- tt.done();
- }
- }
-
-
-
- /* (non-Javadoc)
- * @see com.att.authz.facade.AuthzFacade#getPermissionByUser(org.onap.aaf.auth.env.test.AuthzTrans, javax.servlet.http.HttpServletResponse, java.lang.String)
- */
- @Override
- public Result<Void> getPermsByUserWithAAFQuery(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp, String user) {
- TimeTaken tt = trans.start(GET_PERMISSIONS_BY_USER_WITH_QUERY + ' ' + user, Env.SUB|Env.ALWAYS);
- try {
- PERMS perms;
- try {
- RosettaData<PERMS> data = permsDF.newData().load(req.getInputStream());
- if(Question.willSpecialLog(trans, trans.user())) {
- Question.logEncryptTrace(trans,data.asString());
- }
- perms = data.asObject();
- } catch(APIException e) {
- trans.error().log("Invalid Input",IN,GET_PERMISSIONS_BY_USER_WITH_QUERY);
- return Result.err(Status.ERR_BadData,"Invalid Input");
- }
-
- Result<PERMS> rp = service.getPermsByUser(trans, perms, user);
- switch(rp.status) {
- case OK:
- RosettaData<PERMS> data = permsDF.newData(trans).load(rp.value);
- if(Question.willSpecialLog(trans, trans.user())) {
- Question.logEncryptTrace(trans,data.asString());
- }
- data.to(resp.getOutputStream());
- setContentType(resp,permsDF.getOutType());
- setCacheControlOff(resp);
- return Result.ok();
- default:
- return Result.err(rp);
- }
- } catch (Exception e) {
- trans.error().log(e,IN,GET_PERMISSIONS_BY_USER_WITH_QUERY , user);
- return Result.err(e);
- } finally {
- tt.done();
- }
- }
-
-
- /* (non-Javadoc)
- * @see com.att.authz.facade.AuthzFacade#getPermissionsForRole(org.onap.aaf.auth.env.test.AuthzTrans, javax.servlet.http.HttpServletResponse, java.lang.String)
- */
- @Override
- public Result<Void> getPermsForRole(AuthzTrans trans, HttpServletResponse resp, String roleName) {
- TimeTaken tt = trans.start(GET_PERMISSIONS_BY_ROLE + ' ' + roleName, Env.SUB|Env.ALWAYS);
- try {
- Result<PERMS> rp = service.getPermsByRole(trans, roleName);
- switch(rp.status) {
- case OK:
- RosettaData<PERMS> data = permsDF.newData(trans).load(rp.value);
- if(Question.willSpecialLog(trans, trans.user())) {
- Question.logEncryptTrace(trans,data.asString());
- }
- data.to(resp.getOutputStream());
- setContentType(resp,permsDF.getOutType());
- setCacheControlOff(resp);
- return Result.ok();
- default:
- return Result.err(rp);
- }
- } catch (Exception e) {
- trans.error().log(e,IN,GET_PERMISSIONS_BY_ROLE);
- return Result.err(e);
- } finally {
- tt.done();
- }
- }
-
- @Override
- public Result<Void> getPermsByNS(AuthzTrans trans,HttpServletResponse resp,String ns) {
- TimeTaken tt = trans.start(GET_PERMISSIONS_BY_NS + ' ' + ns, Env.SUB|Env.ALWAYS);
- try {
- Result<PERMS> rp = service.getPermsByNS(trans, ns);
- switch(rp.status) {
- case OK:
- RosettaData<PERMS> data = permsDF.newData(trans).load(rp.value);
- if(Question.willSpecialLog(trans, trans.user())) {
- Question.logEncryptTrace(trans,data.asString());
- }
- data.to(resp.getOutputStream());
- setContentType(resp,permsDF.getOutType());
- setCacheControlOff(resp);
- return Result.ok();
- default:
- return Result.err(rp);
- }
- } catch (Exception e) {
- trans.error().log(e,IN,GET_PERMISSIONS_BY_NS);
- return Result.err(e);
- } finally {
- tt.done();
- }
- }
-
- /*
- * (non-Javadoc)
- * @see com.att.authz.facade.AuthzFacade#createOrUpdatePerm(org.onap.aaf.auth.env.test.AuthzTrans, javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse, boolean, java.lang.String, java.lang.String, java.lang.String)
- */
- @Override
- public Result<Void> renamePerm(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp,
- String origType, String origInstance, String origAction) {
- String cmdDescription = UPDATE_PERMISSION;
- TimeTaken tt = trans.start( cmdDescription + ' ' + origType + ' ' + origInstance + ' ' + origAction, Env.SUB|Env.ALWAYS);
- try {
- REQUEST rreq;
- try {
- RosettaData<REQUEST> data = permRequestDF.newData().load(req.getInputStream());
- if(Question.willSpecialLog(trans, trans.user())) {
- Question.logEncryptTrace(trans,data.asString());
- }
- rreq = data.asObject();
- } catch(APIException e) {
- trans.error().log("Invalid Input",IN,cmdDescription);
- return Result.err(Status.ERR_BadData,"Invalid Input");
- }
-
- Result<Void> rp = service.renamePerm(trans,rreq, origType, origInstance, origAction);
- switch(rp.status) {
- case OK:
- setContentType(resp,permsDF.getOutType());
- return Result.ok();
- default:
- return Result.err(rp);
- }
- } catch (Exception e) {
- trans.error().log(e,IN,cmdDescription);
- return Result.err(e);
- } finally {
- tt.done();
- }
- }
-
- @Override
- public Result<Void> updatePermDescription(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp) {
- TimeTaken tt = trans.start(UPDATE_PERM_DESC, Env.SUB|Env.ALWAYS);
- try {
- REQUEST rreq;
- try {
- RosettaData<REQUEST> data = permRequestDF.newData().load(req.getInputStream());
- if(Question.willSpecialLog(trans, trans.user())) {
- Question.logEncryptTrace(trans,data.asString());
- }
- rreq = data.asObject();
- } catch(APIException e) {
- trans.error().log("Invalid Input",IN,UPDATE_PERM_DESC);
- return Result.err(Status.ERR_BadData,"Invalid Input");
-
- }
- Result<Void> rp = service.updatePermDescription(trans, rreq);
- switch(rp.status) {
- case OK:
- setContentType(resp,permRequestDF.getOutType());
- return Result.ok();
- default:
- return Result.err(rp);
- }
- } catch (Exception e) {
- trans.error().log(e,IN,UPDATE_PERM_DESC);
- return Result.err(e);
- } finally {
- tt.done();
- }
- }
-
-
- @Override
- public Result<Void> resetPermRoles(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp) {
- TimeTaken tt = trans.start(SET_PERMISSION_ROLES_TO, Env.SUB|Env.ALWAYS);
- try {
- REQUEST rreq;
- try {
- RosettaData<REQUEST> data = rolePermRequestDF.newData().load(req.getInputStream());
- if(Question.willSpecialLog(trans, trans.user())) {
- Question.logEncryptTrace(trans,data.asString());
- }
- rreq = data.asObject();
- } catch(APIException e) {
- trans.error().log("Invalid Input",IN, SET_PERMISSION_ROLES_TO);
- return Result.err(Status.ERR_BadData,"Invalid Input");
- }
-
- Result<Void> rp = service.resetPermRoles(trans, rreq);
-
- switch(rp.status) {
- case OK:
- setContentType(resp,permsDF.getOutType());
- return Result.ok();
- default:
- return Result.err(rp);
- }
- } catch (Exception e) {
- trans.error().log(e,IN,SET_PERMISSION_ROLES_TO);
- return Result.err(e);
- } finally {
- tt.done();
- }
- }
-
- @Override
- public Result<Void> deletePerm(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp) {
- TimeTaken tt = trans.start(DELETE_PERMISSION, Env.SUB|Env.ALWAYS);
- try {
- REQUEST rreq;
- try {
- RosettaData<REQUEST> data = permRequestDF.newData().load(req.getInputStream());
- if(Question.willSpecialLog(trans, trans.user())) {
- Question.logEncryptTrace(trans,data.asString());
- }
- rreq = data.asObject();
- } catch(APIException e) {
- trans.error().log("Invalid Input",IN,DELETE_PERMISSION);
- return Result.err(Status.ERR_BadData,"Invalid Input");
-
- }
-
- Result<Void> rp = service.deletePerm(trans,rreq);
- switch(rp.status) {
- case OK:
- setContentType(resp,permsDF.getOutType());
- return Result.ok();
- default:
- return Result.err(rp);
- }
- } catch (Exception e) {
- trans.error().log(e,IN,DELETE_PERMISSION);
- return Result.err(e);
- } finally {
- tt.done();
- }
- }
-
- @Override
- public Result<Void> deletePerm(AuthzTrans trans, HttpServletResponse resp, String type, String instance, String action) {
- TimeTaken tt = trans.start(DELETE_PERMISSION + type + ' ' + instance + ' ' + action, Env.SUB|Env.ALWAYS);
- try {
- Result<Void> rp = service.deletePerm(trans,type,instance,action);
- switch(rp.status) {
- case OK:
- setContentType(resp,permsDF.getOutType());
- return Result.ok();
- default:
- return Result.err(rp);
- }
- } catch (Exception e) {
- trans.error().log(e,IN,DELETE_PERMISSION);
- return Result.err(e);
- } finally {
- tt.done();
- }
- }
-
- public static final String CREATE_ROLE = "createRole";
- public static final String GET_ROLES_BY_USER = "getRolesByUser";
- public static final String GET_ROLES_BY_NS = "getRolesByNS";
- public static final String GET_ROLES_BY_NAME_ONLY = "getRolesByNameOnly";
- public static final String GET_ROLES_BY_NAME = "getRolesByName";
- public static final String GET_ROLES_BY_PERM = "getRolesByPerm";
- public static final String UPDATE_ROLE_DESC = "updateRoleDescription";
- public static final String ADD_PERM_TO_ROLE = "addPermissionToRole";
- public static final String DELETE_PERM_FROM_ROLE = "deletePermissionFromRole";
- public static final String UPDATE_MGTPERM_ROLE = "updateMgtPermRole";
- public static final String DELETE_ROLE = "deleteRole";
- public static final String GET_CERT_BY_ID = "getCertByID";
-
- @Override
- public Result<Void> createRole(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp) {
- TimeTaken tt = trans.start(CREATE_ROLE, Env.SUB|Env.ALWAYS);
- try {
- REQUEST rreq;
- try {
- RosettaData<REQUEST> data = roleRequestDF.newData().load(req.getInputStream());
- if(Question.willSpecialLog(trans, trans.user())) {
- Question.logEncryptTrace(trans,data.asString());
- }
- rreq = data.asObject();
- } catch(APIException e) {
- trans.error().log("Invalid Input",IN,CREATE_ROLE);
- return Result.err(Status.ERR_BadData,"Invalid Input");
-
- }
- Result<Void> rp = service.createRole(trans, rreq);
- switch(rp.status) {
- case OK:
- setContentType(resp,roleRequestDF.getOutType());
- return Result.ok();
- default:
- return Result.err(rp);
- }
- } catch (Exception e) {
- trans.error().log(e,IN,CREATE_ROLE);
- return Result.err(e);
- } finally {
- tt.done();
- }
- }
-
- /* (non-Javadoc)
- * @see com.att.authz.facade.AuthzFacade#getRolesByName(org.onap.aaf.auth.env.test.AuthzTrans, javax.servlet.http.HttpServletResponse, java.lang.String)
- */
- @Override
- public Result<Void> getRolesByName(AuthzTrans trans, HttpServletResponse resp, String role) {
- TimeTaken tt = trans.start(GET_ROLES_BY_NAME + ' ' + role, Env.SUB|Env.ALWAYS);
- try {
- Result<ROLES> rp = service.getRolesByName(trans, role);
- switch(rp.status) {
- case OK:
- RosettaData<ROLES> data = roleDF.newData(trans).load(rp.value);
- if(Question.willSpecialLog(trans, trans.user())) {
- Question.logEncryptTrace(trans,data.asString());
- }
- data.to(resp.getOutputStream());
- setContentType(resp,roleDF.getOutType());
- setCacheControlOff(resp);
- return Result.ok();
- default:
- return Result.err(rp);
- }
- } catch (Exception e) {
- trans.error().log(e,IN,GET_ROLES_BY_NAME);
- return Result.err(e);
- } finally {
- tt.done();
- }
- }
-
- /* (non-Javadoc)
- * @see com.att.authz.facade.AuthzFacade#getRolesByUser(org.onap.aaf.auth.env.test.AuthzTrans, javax.servlet.http.HttpServletResponse, java.lang.String)
- */
- @Override
- public Result<Void> getRolesByUser(AuthzTrans trans,HttpServletResponse resp, String user) {
- TimeTaken tt = trans.start(GET_ROLES_BY_USER + ' ' + user, Env.SUB|Env.ALWAYS);
- try {
- Result<ROLES> rp = service.getRolesByUser(trans, user);
- switch(rp.status) {
- case OK:
- RosettaData<ROLES> data = roleDF.newData(trans).load(rp.value);
- if(Question.willSpecialLog(trans, trans.user())) {
- Question.logEncryptTrace(trans,data.asString());
- }
- data.to(resp.getOutputStream());
- setContentType(resp,roleDF.getOutType());
- setCacheControlOff(resp);
- return Result.ok();
- default:
- return Result.err(rp);
- }
- } catch (Exception e) {
- trans.error().log(e,IN,GET_ROLES_BY_USER, user);
- return Result.err(e);
- } finally {
- tt.done();
- }
- }
-
- /* (non-Javadoc)
- * @see com.att.authz.facade.AuthzFacade#getRolesByUser(org.onap.aaf.auth.env.test.AuthzTrans, javax.servlet.http.HttpServletResponse, java.lang.String)
- */
- @Override
- public Result<Void> getRolesByNS(AuthzTrans trans,HttpServletResponse resp, String ns) {
- TimeTaken tt = trans.start(GET_ROLES_BY_NS + ' ' + ns, Env.SUB|Env.ALWAYS);
- try {
- Result<ROLES> rp = service.getRolesByNS(trans, ns);
- switch(rp.status) {
- case OK:
- if(!rp.isEmpty()) {
- RosettaData<ROLES> data = roleDF.newData(trans).load(rp.value);
- if(Question.willSpecialLog(trans, trans.user())) {
- Question.logEncryptTrace(trans,data.asString());
- }
- data.to(resp.getOutputStream());
- } else {
- Question.logEncryptTrace(trans, NO_DATA);
- }
- setContentType(resp,roleDF.getOutType());
- setCacheControlOff(resp);
- return Result.ok();
- default:
- return Result.err(rp);
- }
- } catch (Exception e) {
- trans.error().log(e,IN,GET_ROLES_BY_NS);
- return Result.err(e);
- } finally {
- tt.done();
- }
- }
-
-
- /* (non-Javadoc)
- * @see com.att.authz.facade.AuthzFacade#getRolesByNameOnly(org.onap.aaf.auth.env.test.AuthzTrans, javax.servlet.http.HttpServletResponse, java.lang.String)
- */
- @Override
- public Result<Void> getRolesByNameOnly(AuthzTrans trans,HttpServletResponse resp, String nameOnly) {
- TimeTaken tt = trans.start(GET_ROLES_BY_NAME_ONLY + ' ' + nameOnly, Env.SUB|Env.ALWAYS);
- try {
- Result<ROLES> rp = service.getRolesByNameOnly(trans, nameOnly);
- switch(rp.status) {
- case OK:
- if(!rp.isEmpty()) {
- RosettaData<ROLES> data = roleDF.newData(trans).load(rp.value);
- if(Question.willSpecialLog(trans, trans.user())) {
- Question.logEncryptTrace(trans,data.asString());
- }
- data.to(resp.getOutputStream());
- } else {
- Question.logEncryptTrace(trans, NO_DATA);
- }
- setContentType(resp,roleDF.getOutType());
- setCacheControlOff(resp);
- return Result.ok();
- default:
- return Result.err(rp);
- }
- } catch (Exception e) {
- trans.error().log(e,IN,GET_ROLES_BY_NAME_ONLY);
- return Result.err(e);
- } finally {
- tt.done();
- }
- }
-
- /* (non-Javadoc)
- * @see com.att.authz.facade.AuthzFacade#getRolesByUser(org.onap.aaf.auth.env.test.AuthzTrans, javax.servlet.http.HttpServletResponse, java.lang.String)
- */
- @Override
- public Result<Void> getRolesByPerm(AuthzTrans trans,HttpServletResponse resp, String type, String instance, String action) {
- TimeTaken tt = trans.start(GET_ROLES_BY_PERM + type +' '+instance+' '+action, Env.SUB|Env.ALWAYS);
- try {
- Result<ROLES> rp = service.getRolesByPerm(trans, type,instance,action);
- switch(rp.status) {
- case OK:
- RosettaData<ROLES> data = roleDF.newData(trans).load(rp.value);
- if(Question.willSpecialLog(trans, trans.user())) {
- Question.logEncryptTrace(trans,data.asString());
- }
- data.to(resp.getOutputStream());
- setContentType(resp,roleDF.getOutType());
- setCacheControlOff(resp);
- return Result.ok();
- default:
- return Result.err(rp);
- }
- } catch (Exception e) {
- trans.error().log(e,IN,GET_ROLES_BY_PERM);
- return Result.err(e);
- } finally {
- tt.done();
- }
- }
-
- /*
- * (non-Javadoc)
- * @see com.att.authz.facade.AuthzFacade#updateDescription(org.onap.aaf.auth.env.test.AuthzTrans, javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse)
- */
- @Override
- public Result<Void> updateRoleDescription(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp) {
- TimeTaken tt = trans.start(UPDATE_ROLE_DESC, Env.SUB|Env.ALWAYS);
- try {
- REQUEST rreq;
- try {
- RosettaData<REQUEST> data = roleRequestDF.newData().load(req.getInputStream());
- if(Question.willSpecialLog(trans, trans.user())) {
- Question.logEncryptTrace(trans,data.asString());
- }
- rreq = data.asObject();
- } catch(APIException e) {
- trans.error().log("Invalid Input",IN,UPDATE_ROLE_DESC);
- return Result.err(Status.ERR_BadData,"Invalid Input");
-
- }
- Result<Void> rp = service.updateRoleDescription(trans, rreq);
- switch(rp.status) {
- case OK:
- setContentType(resp,roleRequestDF.getOutType());
- return Result.ok();
- default:
- return rp;
- }
- } catch (Exception e) {
- trans.error().log(e,IN,UPDATE_ROLE_DESC);
- return Result.err(e);
- } finally {
- tt.done();
- }
- }
-
- @Override
- public Result<Void> addPermToRole(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp) {
- TimeTaken tt = trans.start(ADD_PERM_TO_ROLE, Env.SUB|Env.ALWAYS);
- try {
- REQUEST rreq;
- try {
- RosettaData<REQUEST> data = rolePermRequestDF.newData().load(req.getInputStream());
- if(Question.willSpecialLog(trans, trans.user())) {
- Question.logEncryptTrace(trans,data.asString());
- }
- rreq = data.asObject();
- } catch(APIException e) {
- trans.error().log("Invalid Input",IN,ADD_PERM_TO_ROLE);
- return Result.err(Status.ERR_BadData,"Invalid Input");
-
- }
- Result<Void> rp = service.addPermToRole(trans, rreq);
- switch(rp.status) {
- case OK:
- setContentType(resp,permsDF.getOutType());
- resp.getOutputStream().println();
- return Result.ok();
- default:
- return Result.err(rp);
- }
- } catch (Exception e) {
- trans.error().log(e,IN,ADD_PERM_TO_ROLE);
- return Result.err(e);
- } finally {
- tt.done();
- }
- }
-
- @Override
- public Result<Void> delPermFromRole(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp) {
- TimeTaken tt = trans.start(DELETE_PERM_FROM_ROLE, Env.SUB|Env.ALWAYS);
- try {
- REQUEST rreq;
- try {
- RosettaData<REQUEST> data = rolePermRequestDF.newData().load(req.getInputStream());
- if(Question.willSpecialLog(trans, trans.user())) {
- Question.logEncryptTrace(trans,data.asString());
- }
- rreq = data.asObject();
- } catch(APIException e) {
- trans.error().log("Invalid Input",IN,DELETE_PERM_FROM_ROLE);
- return Result.err(Status.ERR_BadData,"Invalid Input");
-
- }
- Result<Void> rp = service.delPermFromRole(trans, rreq);
- switch(rp.status) {
- case OK:
- setContentType(resp,permsDF.getOutType());
- resp.getOutputStream().println();
- return Result.ok();
- default:
- return Result.err(rp);
- }
- } catch (Exception e) {
- trans.error().log(e,IN,DELETE_PERM_FROM_ROLE);
- return Result.err(e);
- } finally {
- tt.done();
- }
- }
-
- /* (non-Javadoc)
- * @see com.att.authz.facade.AuthzFacade#delPermFromRole(org.onap.aaf.auth.env.test.AuthzTrans, javax.servlet.http.HttpServletResponse, java.lang.String, java.lang.String, java.lang.String, java.lang.String)
- */
- @Override
- public Result<Void> delPermFromRole(AuthzTrans trans, HttpServletResponse resp, String role, String type,
- String instance, String action) {
- TimeTaken tt = trans.start(DELETE_PERM_FROM_ROLE, Env.SUB|Env.ALWAYS);
- try {
- Result<Void> rp = service.delPermFromRole(trans, role, type, instance, action);
- switch(rp.status) {
- case OK:
- setContentType(resp,permsDF.getOutType());
- resp.getOutputStream().println();
- return Result.ok();
- default:
- return Result.err(rp);
- }
- } catch (Exception e) {
- trans.error().log(e,IN,DELETE_PERM_FROM_ROLE);
- return Result.err(e);
- } finally {
- tt.done();
- }
- }
-
- @Override
- public Result<Void> deleteRole(AuthzTrans trans, HttpServletResponse resp, String role) {
- TimeTaken tt = trans.start(DELETE_ROLE + ' ' + role, Env.SUB|Env.ALWAYS);
- try {
- Result<Void> rp = service.deleteRole(trans, role);
- switch(rp.status) {
- case OK:
- setContentType(resp,permsDF.getOutType());
- return Result.ok();
- default:
- return Result.err(rp);
- }
- } catch (Exception e) {
- trans.error().log(e,IN,DELETE_ROLE);
- return Result.err(e);
- } finally {
- tt.done();
- }
- }
-
- @Override
- public Result<Void> deleteRole(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp) {
- TimeTaken tt = trans.start(DELETE_ROLE, Env.SUB|Env.ALWAYS);
- try {
- REQUEST rreq;
- try {
- RosettaData<REQUEST> data = roleRequestDF.newData().load(req.getInputStream());
- if(Question.willSpecialLog(trans, trans.user())) {
- Question.logEncryptTrace(trans,data.asString());
- }
- rreq = data.asObject();
- } catch(APIException e) {
- trans.error().log("Invalid Input",IN,CREATE_ROLE);
- return Result.err(Status.ERR_BadData,"Invalid Input");
- }
-
- Result<Void> rp = service.deleteRole(trans, rreq);
- switch(rp.status) {
- case OK:
- setContentType(resp,permsDF.getOutType());
- return Result.ok();
- default:
- return Result.err(rp);
- }
- } catch (Exception e) {
- trans.error().log(e,IN,DELETE_ROLE);
- return Result.err(e);
- } finally {
- tt.done();
- }
- }
-
- public static final String CREATE_CRED = "createUserCred";
- private static final String GET_CREDS_BY_NS = "getCredsByNS";
- private static final String GET_CREDS_BY_ID = "getCredsByID";
- public static final String UPDATE_CRED = "updateUserCred";
- public static final String EXTEND_CRED = "extendUserCred";
- public static final String DELETE_CRED = "deleteUserCred";
- public static final String DOES_CRED_MATCH = "doesCredMatch";
- public static final String VALIDATE_BASIC_AUTH = "validateBasicAuth";
-
-
-
- @Override
- /**
- * Create Credential
- *
- */
- public Result<Void> createUserCred(AuthzTrans trans, HttpServletRequest req) {
- TimeTaken tt = trans.start(CREATE_CRED, Env.SUB|Env.ALWAYS);
- try {
- RosettaData<REQUEST> data = credRequestDF.newData().load(req.getInputStream());
- if(Question.willSpecialLog(trans, trans.user())) {
- Question.logEncryptTrace(trans,data.asString());
- }
- return service.createUserCred(trans, data.asObject());
- } catch(APIException e) {
- trans.error().log(e,"Bad Input data");
- return Result.err(Status.ERR_BadData, e.getLocalizedMessage());
- } catch (Exception e) {
- trans.error().log(e,IN,CREATE_CRED);
- return Result.err(e);
- } finally {
- tt.done();
- }
- }
-
- @Override
- public Result<Void> changeUserCred(AuthzTrans trans, HttpServletRequest req) {
- TimeTaken tt = trans.start(UPDATE_CRED, Env.SUB|Env.ALWAYS);
- try {
- RosettaData<REQUEST> data = credRequestDF.newData().load(req.getInputStream());
- if(Question.willSpecialLog(trans, trans.user())) {
- Question.logEncryptTrace(trans,data.asString());
- }
-
- return service.changeUserCred(trans, data.asObject());
- } catch(APIException e) {
- trans.error().log(e,"Bad Input data");
- return Result.err(Status.ERR_BadData, e.getLocalizedMessage());
- } catch (Exception e) {
- trans.error().log(e,IN,UPDATE_CRED);
- return Result.err(e);
- } finally {
- tt.done();
- }
- }
-
- /* (non-Javadoc)
- * @see com.att.authz.facade.AuthzFacade#extendUserCred(org.onap.aaf.auth.env.test.AuthzTrans, javax.servlet.http.HttpServletRequest, int)
- */
- @Override
- public Result<Void> extendUserCred(AuthzTrans trans, HttpServletRequest req, String days) {
- TimeTaken tt = trans.start(EXTEND_CRED, Env.SUB|Env.ALWAYS);
- try {
- RosettaData<REQUEST> data = credRequestDF.newData().load(req.getInputStream());
- if(Question.willSpecialLog(trans, trans.user())) {
- Question.logEncryptTrace(trans,data.asString());
- }
-
- return service.extendUserCred(trans, data.asObject(), days);
- } catch(APIException e) {
- trans.error().log(e,"Bad Input data");
- return Result.err(Status.ERR_BadData, e.getLocalizedMessage());
- } catch (Exception e) {
- trans.error().log(e,IN,EXTEND_CRED);
- return Result.err(e);
- } finally {
- tt.done();
- }
- }
-
- @Override
- public Result<Void> getCredsByNS(AuthzTrans trans, HttpServletResponse resp, String ns) {
- TimeTaken tt = trans.start(GET_CREDS_BY_NS + ' ' + ns, Env.SUB|Env.ALWAYS);
-
- try {
- Result<USERS> ru = service.getCredsByNS(trans,ns);
- switch(ru.status) {
- case OK:
- RosettaData<USERS> data = usersDF.newData(trans).load(ru.value);
- if(Question.willSpecialLog(trans,trans.user())) {
- Question.logEncryptTrace(trans,data.asString());
- }
- data.to(resp.getOutputStream());
- setContentType(resp,usersDF.getOutType());
- return Result.ok();
- default:
- return Result.err(ru);
- }
- } catch (Exception e) {
- trans.error().log(e,IN,GET_CREDS_BY_NS);
- return Result.err(e);
- } finally {
- tt.done();
- }
-
- }
-
-
- /* (non-Javadoc)
- * @see com.att.authz.facade.AuthzFacade#getCredsByID(org.onap.aaf.auth.env.test.AuthzTrans, javax.servlet.http.HttpServletResponse, java.lang.String)
- */
- @Override
- public Result<Void> getCredsByID(AuthzTrans trans, HttpServletResponse resp, String id) {
- TimeTaken tt = trans.start(GET_CREDS_BY_ID + ' ' + id, Env.SUB|Env.ALWAYS);
-
- try {
- Result<USERS> ru = service.getCredsByID(trans,id);
- switch(ru.status) {
- case OK:
- RosettaData<USERS> data = usersDF.newData(trans).load(ru.value);
- if(Question.willSpecialLog(trans, trans.user())) {
- Question.logEncryptTrace(trans,data.asString());
- }
- data.to(resp.getOutputStream());
- setContentType(resp,usersDF.getOutType());
- return Result.ok();
- default:
- return Result.err(ru);
- }
- } catch (Exception e) {
- trans.error().log(e,IN,GET_CREDS_BY_ID);
- return Result.err(e);
- } finally {
- tt.done();
- }
-
- }
-
- @Override
- public Result<Void> deleteUserCred(AuthzTrans trans, HttpServletRequest req) {
- TimeTaken tt = trans.start(DELETE_CRED, Env.SUB|Env.ALWAYS);
- try {
- RosettaData<REQUEST> data = credRequestDF.newData().load(req.getInputStream());
- if(Question.willSpecialLog(trans, trans.user())) {
- Question.logEncryptTrace(trans,data.asString());
- }
-
- return service.deleteUserCred(trans, data.asObject());
- } catch(APIException e) {
- trans.error().log(e,"Bad Input data");
- return Result.err(Status.ERR_BadData, e.getLocalizedMessage());
- } catch (Exception e) {
- trans.error().log(e,IN,DELETE_CRED);
- return Result.err(e);
- } finally {
- tt.done();
- }
- }
-
-
- @Override
- public Result<Date> doesCredentialMatch(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp) {
- TimeTaken tt = trans.start(DOES_CRED_MATCH, Env.SUB|Env.ALWAYS);
- try {
- RosettaData<REQUEST> data = credRequestDF.newData().load(req.getInputStream());
- if(Question.willSpecialLog(trans, trans.user())) {
- Question.logEncryptTrace(trans,data.asString());
- }
-
- return service.doesCredentialMatch(trans, data.asObject());
- } catch(APIException e) {
- trans.error().log(e,"Bad Input data");
- return Result.err(Status.ERR_BadData, e.getLocalizedMessage());
- } catch (IOException e) {
- trans.error().log(e,IN,DOES_CRED_MATCH);
- return Result.err(e);
- } finally {
- tt.done();
- }
- }
-
-
- @Override
- public Result<Void> validBasicAuth(AuthzTrans trans, HttpServletResponse resp, String basicAuth) {
- TimeTaken tt = trans.start(VALIDATE_BASIC_AUTH, Env.SUB|Env.ALWAYS);
- try {
- Result<Date> result = service.validateBasicAuth(trans,basicAuth);
- switch(result.status){
- case OK:
- resp.getOutputStream().write(Chrono.utcStamp(result.value).getBytes());
- return Result.ok();
- }
- return Result.err(result);
- } catch (Exception e) {
- trans.error().log(e,IN,VALIDATE_BASIC_AUTH);
- return Result.err(e);
- } finally {
- tt.done();
- }
- }
-
- /* (non-Javadoc)
- * @see com.att.authz.facade.AuthzFacade#getCertInfoByID(org.onap.aaf.auth.env.test.AuthzTrans, javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse, java.lang.String)
- */
- @Override
- public Result<Void> getCertInfoByID(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp, String id) {
- TimeTaken tt = trans.start(GET_CERT_BY_ID, Env.SUB|Env.ALWAYS);
- try {
- Result<CERTS> rci = service.getCertInfoByID(trans,req,id);
-
- switch(rci.status) {
- case OK:
- if(Question.willSpecialLog(trans, trans.user())) {
- RosettaData<CERTS> data = certsDF.newData(trans).load(rci.value);
- Question.logEncryptTrace(trans,data.asString());
- data.to(resp.getOutputStream());
- } else {
- certsDF.direct(trans, rci.value, resp.getOutputStream());
- }
- setContentType(resp,certsDF.getOutType());
- return Result.ok();
- default:
- return Result.err(rci);
- }
- } catch (Exception e) {
- trans.error().log(e,IN,GET_CERT_BY_ID);
- return Result.err(e);
- } finally {
- tt.done();
- }
- }
-
- public static final String CREATE_DELEGATE = "createDelegate";
- public static final String UPDATE_DELEGATE = "updateDelegate";
- public static final String DELETE_DELEGATE = "deleteDelegate";
- public static final String GET_DELEGATE_USER = "getDelegatesByUser";
- public static final String GET_DELEGATE_DELG = "getDelegatesByDelegate";
-
- @Override
- public Result<Void> createDelegate(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp) {
- TimeTaken tt = trans.start(CREATE_DELEGATE, Env.SUB|Env.ALWAYS);
- try {
- Data<REQUEST> data = delgRequestDF.newData().load(req.getInputStream());
- if(Question.willSpecialLog(trans, trans.user())) {
- Question.logEncryptTrace(trans,data.asString());
- }
-
- return service.createDelegate(trans, data.asObject());
- } catch (Exception e) {
- trans.error().log(e,IN,CREATE_DELEGATE);
- return Result.err(e);
- } finally {
- tt.done();
- }
- }
-
- @Override
- public Result<Void> updateDelegate(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp) {
- TimeTaken tt = trans.start(UPDATE_DELEGATE, Env.SUB|Env.ALWAYS);
- try {
- Data<REQUEST> data = delgRequestDF.newData().load(req.getInputStream());
- if(Question.willSpecialLog(trans, trans.user())) {
- Question.logEncryptTrace(trans,data.asString());
- }
-
- return service.updateDelegate(trans, data.asObject());
- } catch (Exception e) {
- trans.error().log(e,IN,UPDATE_DELEGATE);
- return Result.err(e);
- } finally {
- tt.done();
- }
- }
-
- @Override
- public Result<Void> deleteDelegate(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp) {
- TimeTaken tt = trans.start(DELETE_DELEGATE, Env.SUB|Env.ALWAYS);
- try {
- Data<REQUEST> data = delgRequestDF.newData().load(req.getInputStream());
- if(Question.willSpecialLog(trans, trans.user())) {
- Question.logEncryptTrace(trans,data.asString());
- }
-
- return service.deleteDelegate(trans, data.asObject());
- } catch (Exception e) {
- trans.error().log(e,IN,DELETE_DELEGATE);
- return Result.err(e);
- } finally {
- tt.done();
- }
- }
-
- @Override
- public Result<Void> deleteDelegate(AuthzTrans trans, String userName) {
- TimeTaken tt = trans.start(DELETE_DELEGATE + ' ' + userName, Env.SUB|Env.ALWAYS);
- try {
- return service.deleteDelegate(trans, userName);
- } catch (Exception e) {
- trans.error().log(e,IN,DELETE_DELEGATE);
- return Result.err(e);
- } finally {
- tt.done();
- }
- }
-
- @Override
- public Result<Void> getDelegatesByUser(AuthzTrans trans, String user, HttpServletResponse resp) {
- TimeTaken tt = trans.start(GET_DELEGATE_USER, Env.SUB|Env.ALWAYS);
- try {
- Result<DELGS> rd = service.getDelegatesByUser(trans, user);
-
- switch(rd.status) {
- case OK:
- RosettaData<DELGS> data = delgDF.newData(trans).load(rd.value);
- if(Question.willSpecialLog(trans, trans.user())) {
- Question.logEncryptTrace(trans,data.asString());
- }
- data.to(resp.getOutputStream());
- setContentType(resp,delgDF.getOutType());
- return Result.ok();
- default:
- return Result.err(rd);
- }
- } catch (Exception e) {
- trans.error().log(e,IN,GET_DELEGATE_USER);
- return Result.err(e);
- } finally {
- tt.done();
- }
- }
-
- @Override
- public Result<Void> getDelegatesByDelegate(AuthzTrans trans, String delegate, HttpServletResponse resp) {
- TimeTaken tt = trans.start(GET_DELEGATE_DELG, Env.SUB|Env.ALWAYS);
- try {
- Result<DELGS> rd = service.getDelegatesByDelegate(trans, delegate);
- switch(rd.status) {
- case OK:
- RosettaData<DELGS> data = delgDF.newData(trans).load(rd.value);
- if(Question.willSpecialLog(trans, trans.user())) {
- Question.logEncryptTrace(trans,data.asString());
- }
- data.to(resp.getOutputStream());
- setContentType(resp,delgDF.getOutType());
- return Result.ok();
- default:
- return Result.err(rd);
- }
- } catch (Exception e) {
- trans.error().log(e,IN,GET_DELEGATE_DELG);
- return Result.err(e);
- } finally {
- tt.done();
- }
- }
-
- private static final String REQUEST_USER_ROLE = "createUserRole";
- private static final String GET_USERROLES = "getUserRoles";
- private static final String GET_USERROLES_BY_ROLE = "getUserRolesByRole";
- private static final String GET_USERROLES_BY_USER = "getUserRolesByUser";
- private static final String SET_ROLES_FOR_USER = "setRolesForUser";
- private static final String SET_USERS_FOR_ROLE = "setUsersForRole";
- private static final String EXTEND_USER_ROLE = "extendUserRole";
- private static final String DELETE_USER_ROLE = "deleteUserRole";
- @Override
- public Result<Void> requestUserRole(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp) {
- TimeTaken tt = trans.start(REQUEST_USER_ROLE, Env.SUB|Env.ALWAYS);
- try {
- REQUEST request;
- try {
- Data<REQUEST> data = userRoleRequestDF.newData().load(req.getInputStream());
- if(Question.willSpecialLog(trans, trans.user())) {
- Question.logEncryptTrace(trans,data.asString());
- }
-
- request = data.asObject();
- } catch(APIException e) {
- return Result.err(Status.ERR_BadData,"Invalid Input");
- }
-
- Result<Void> rp = service.createUserRole(trans,request);
- switch(rp.status) {
- case OK:
- setContentType(resp,permsDF.getOutType());
- return Result.ok();
- default:
- return Result.err(rp);
- }
- } catch (Exception e) {
- trans.error().log(e,IN,REQUEST_USER_ROLE);
- return Result.err(e);
- } finally {
- tt.done();
- }
- }
-
- @Override
- public Result<Void> getUserInRole(AuthzTrans trans, HttpServletResponse resp, String user, String role) {
- TimeTaken tt = trans.start(GET_USERROLES + ' ' + user + '|' + role, Env.SUB|Env.ALWAYS);
- try {
- Result<USERS> ru = service.getUserInRole(trans,user,role);
- switch(ru.status) {
- case OK:
- RosettaData<USERS> data = usersDF.newData(trans).load(ru.value);
- if(Question.willSpecialLog(trans, trans.user())) {
- Question.logEncryptTrace(trans,data.asString());
- }
-
- data.to(resp.getOutputStream());
- setContentType(resp,usersDF.getOutType());
- setCacheControlOff(resp);
- return Result.ok();
- default:
- return Result.err(ru);
- }
- } catch (Exception e) {
- trans.error().log(e,IN,GET_USERROLES);
- return Result.err(e);
- } finally {
- tt.done();
- }
-
- }
-
- @Override
- public Result<Void> getUserRolesByUser(AuthzTrans trans, HttpServletResponse resp, String user) {
- TimeTaken tt = trans.start(GET_USERROLES_BY_USER + ' ' + user, Env.SUB|Env.ALWAYS);
- try {
- Result<USERROLES> ru = service.getUserRolesByUser(trans,user);
- switch(ru.status) {
- case OK:
- RosettaData<USERROLES> data = userrolesDF.newData(trans).load(ru.value);
- if(Question.willSpecialLog(trans, trans.user())) {
- Question.logEncryptTrace(trans,data.asString());
- }
-
- data.to(resp.getOutputStream());
- setContentType(resp,usersDF.getOutType());
- setCacheControlOff(resp);
- return Result.ok();
- default:
- return Result.err(ru);
- }
- } catch (Exception e) {
- trans.error().log(e,IN,GET_USERROLES_BY_USER);
- return Result.err(e);
- } finally {
- tt.done();
- }
-
- }
-
- @Override
- public Result<Void> getUserRolesByRole(AuthzTrans trans, HttpServletResponse resp, String role) {
- TimeTaken tt = trans.start(GET_USERROLES_BY_ROLE + ' ' + role, Env.SUB|Env.ALWAYS);
- try {
- Result<USERROLES> ru = service.getUserRolesByRole(trans,role);
- switch(ru.status) {
- case OK:
- RosettaData<USERROLES> data = userrolesDF.newData(trans).load(ru.value);
- if(Question.willSpecialLog(trans, trans.user())) {
- Question.logEncryptTrace(trans,data.asString());
- }
-
- data.to(resp.getOutputStream());
- setContentType(resp,usersDF.getOutType());
- setCacheControlOff(resp);
- return Result.ok();
- default:
- return Result.err(ru);
- }
- } catch (Exception e) {
- trans.error().log(e,IN,GET_USERROLES_BY_ROLE);
- return Result.err(e);
- } finally {
- tt.done();
- }
-
- }
-
-
- @Override
- public Result<Void> resetUsersForRole(AuthzTrans trans, HttpServletResponse resp, HttpServletRequest req) {
- TimeTaken tt = trans.start(SET_USERS_FOR_ROLE, Env.SUB|Env.ALWAYS);
- try {
- REQUEST rreq;
- try {
- RosettaData<REQUEST> data = userRoleRequestDF.newData().load(req.getInputStream());
- if(Question.willSpecialLog(trans, trans.user())) {
- Question.logEncryptTrace(trans,data.asString());
- }
- rreq = data.asObject();
- } catch(APIException e) {
- trans.error().log("Invalid Input",IN, SET_USERS_FOR_ROLE);
- return Result.err(Status.ERR_BadData,"Invalid Input");
- }
-
- Result<Void> rp = service.resetUsersForRole(trans, rreq);
-
- switch(rp.status) {
- case OK:
- setContentType(resp,permsDF.getOutType());
- return Result.ok();
- default:
- return Result.err(rp);
- }
- } catch (Exception e) {
- trans.error().log(e,IN,SET_USERS_FOR_ROLE);
- return Result.err(e);
- } finally {
- tt.done();
- }
-
- }
-
- @Override
- public Result<Void> resetRolesForUser(AuthzTrans trans, HttpServletResponse resp, HttpServletRequest req) {
- TimeTaken tt = trans.start(SET_ROLES_FOR_USER, Env.SUB|Env.ALWAYS);
- try {
- REQUEST rreq;
- try {
- RosettaData<REQUEST> data = userRoleRequestDF.newData().load(req.getInputStream());
- if(Question.willSpecialLog(trans, trans.user())) {
- Question.logEncryptTrace(trans,data.asString());
- }
-
- rreq = data.asObject();
- } catch(APIException e) {
- trans.error().log("Invalid Input",IN, SET_ROLES_FOR_USER);
- return Result.err(Status.ERR_BadData,"Invalid Input");
- }
-
- Result<Void> rp = service.resetRolesForUser(trans, rreq);
-
- switch(rp.status) {
- case OK:
- setContentType(resp,permsDF.getOutType());
- return Result.ok();
- default:
- return Result.err(rp);
- }
- } catch (Exception e) {
- trans.error().log(e,IN,SET_ROLES_FOR_USER);
- return Result.err(e);
- } finally {
- tt.done();
- }
-
- }
-
- /* (non-Javadoc)
- * @see com.att.authz.facade.AuthzFacade#extendUserRoleExpiration(org.onap.aaf.auth.env.test.AuthzTrans, javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse, java.lang.String, java.lang.String)
- */
- @Override
- public Result<Void> extendUserRoleExpiration(AuthzTrans trans, HttpServletResponse resp, String user, String role) {
- TimeTaken tt = trans.start(EXTEND_USER_ROLE + ' ' + user + ' ' + role, Env.SUB|Env.ALWAYS);
- try {
- return service.extendUserRole(trans,user,role);
- } catch (Exception e) {
- trans.error().log(e,IN,EXTEND_USER_ROLE);
- return Result.err(e);
- } finally {
- tt.done();
- }
- }
-
- @Override
- public Result<Void> deleteUserRole(AuthzTrans trans, HttpServletResponse resp, String user, String role) {
- TimeTaken tt = trans.start(DELETE_USER_ROLE + ' ' + user + ' ' + role, Env.SUB|Env.ALWAYS);
- try {
- Result<Void> rp = service.deleteUserRole(trans,user,role);
- switch(rp.status) {
- case OK:
- setContentType(resp,permsDF.getOutType());
- return Result.ok();
- default:
- return Result.err(rp);
- }
- } catch (Exception e) {
- trans.error().log(e,IN,DELETE_USER_ROLE);
- return Result.err(e);
- } finally {
- tt.done();
- }
- }
-
- private static final String UPDATE_APPROVAL = "updateApproval";
- private static final String GET_APPROVALS_BY_USER = "getApprovalsByUser.";
- private static final String GET_APPROVALS_BY_TICKET = "getApprovalsByTicket.";
- private static final String GET_APPROVALS_BY_APPROVER = "getApprovalsByApprover.";
-
- @Override
- public Result<Void> updateApproval(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp) {
- TimeTaken tt = trans.start(UPDATE_APPROVAL, Env.SUB|Env.ALWAYS);
- try {
- Data<APPROVALS> data = approvalDF.newData().load(req.getInputStream());
- if(Question.willSpecialLog(trans, trans.user())) {
- Question.logEncryptTrace(trans,data.asString());
- }
-
- Result<Void> rp = service.updateApproval(trans, data.asObject());
-
- switch(rp.status) {
- case OK:
- setContentType(resp,approvalDF.getOutType());
- return Result.ok();
- default:
- return Result.err(rp);
- }
- } catch (Exception e) {
- trans.error().log(e,IN,UPDATE_APPROVAL);
- return Result.err(e);
- } finally {
- tt.done();
- }
- }
-
- @Override
- public Result<Void> getApprovalsByUser(AuthzTrans trans, HttpServletResponse resp, String user) {
- TimeTaken tt = trans.start(GET_APPROVALS_BY_USER + ' ' + user, Env.SUB|Env.ALWAYS);
- try {
- Result<APPROVALS> rp = service.getApprovalsByUser(trans, user);
- switch(rp.status) {
- case OK:
- RosettaData<APPROVALS> data = approvalDF.newData(trans).load(rp.value);
- if(Question.willSpecialLog(trans, trans.user())) {
- Question.logEncryptTrace(trans,data.asString());
- }
- data.to(resp.getOutputStream());
-
- setContentType(resp,permsDF.getOutType());
- return Result.ok();
- default:
- return Result.err(rp);
- }
- } catch (Exception e) {
- trans.error().log(e,IN,GET_APPROVALS_BY_USER, user);
- return Result.err(e);
- } finally {
- tt.done();
- }
- }
-
- @Override
- public Result<Void> getApprovalsByApprover(AuthzTrans trans, HttpServletResponse resp, String approver) {
- TimeTaken tt = trans.start(GET_APPROVALS_BY_APPROVER + ' ' + approver, Env.SUB|Env.ALWAYS);
- try {
- Result<APPROVALS> rp = service.getApprovalsByApprover(trans, approver);
- switch(rp.status) {
- case OK:
- RosettaData<APPROVALS> data = approvalDF.newData(trans).load(rp.value);
- if(Question.willSpecialLog(trans, trans.user())) {
- Question.logEncryptTrace(trans,data.asString());
- }
-
- data.to(resp.getOutputStream());
- setContentType(resp,permsDF.getOutType());
- return Result.ok();
- default:
- return Result.err(rp);
- }
- } catch (Exception e) {
- trans.error().log(e,IN,GET_APPROVALS_BY_APPROVER,approver);
- return Result.err(e);
- } finally {
- tt.done();
- }
- }
-
- @Override
- public Result<Void> getApprovalsByTicket(AuthzTrans trans, HttpServletResponse resp, String ticket) {
- TimeTaken tt = trans.start(GET_APPROVALS_BY_TICKET, Env.SUB|Env.ALWAYS);
- try {
- Result<APPROVALS> rp = service.getApprovalsByTicket(trans, ticket);
- switch(rp.status) {
- case OK:
- RosettaData<APPROVALS> data = approvalDF.newData(trans).load(rp.value);
- if(Question.willSpecialLog(trans, trans.user())) {
- Question.logEncryptTrace(trans,data.asString());
- }
-
- data.to(resp.getOutputStream());
- setContentType(resp,permsDF.getOutType());
- return Result.ok();
- default:
- return Result.err(rp);
- }
- } catch (Exception e) {
- trans.error().log(e,IN,GET_APPROVALS_BY_TICKET);
- return Result.err(e);
- } finally {
- tt.done();
- }
- }
-
-
-
- public static final String GET_USERS_PERMISSION = "getUsersByPermission";
- public static final String GET_USERS_ROLE = "getUsersByRole";
-
- /* (non-Javadoc)
- * @see com.att.authz.facade.AuthzFacade#getUsersByRole(org.onap.aaf.auth.env.test.AuthzTrans, javax.servlet.http.HttpServletResponse, java.lang.String)
- */
- @Override
- public Result<Void> getUsersByRole(AuthzTrans trans, HttpServletResponse resp, String role) {
- TimeTaken tt = trans.start(GET_USERS_ROLE + ' ' + role, Env.SUB|Env.ALWAYS);
- try {
- Result<USERS> ru = service.getUsersByRole(trans,role);
- switch(ru.status) {
- case OK:
- RosettaData<USERS> data = usersDF.newData(trans).load(ru.value);
- if(Question.willSpecialLog(trans, trans.user())) {
- Question.logEncryptTrace(trans,data.asString());
- }
-
- data.to(resp.getOutputStream());
- setContentType(resp,usersDF.getOutType());
- return Result.ok();
- default:
- return Result.err(ru);
- }
- } catch (Exception e) {
- trans.error().log(e,IN,GET_USERS_ROLE);
- return Result.err(e);
- } finally {
- tt.done();
- }
- }
-
- /* (non-Javadoc)
- * @see com.att.authz.facade.AuthzFacade#getUsersByPermission(org.onap.aaf.auth.env.test.AuthzTrans, javax.servlet.http.HttpServletResponse, java.lang.String, java.lang.String, java.lang.String)
- */
- @Override
- public Result<Void> getUsersByPermission(AuthzTrans trans, HttpServletResponse resp,
- String type, String instance, String action) {
- TimeTaken tt = trans.start(GET_USERS_PERMISSION + ' ' + type + ' ' + instance + ' ' +action, Env.SUB|Env.ALWAYS);
- try {
- Result<USERS> ru = service.getUsersByPermission(trans,type,instance,action);
- switch(ru.status) {
- case OK:
- RosettaData<USERS> data = usersDF.newData(trans).load(ru.value);
- if(Question.willSpecialLog(trans, trans.user())) {
- Question.logEncryptTrace(trans,data.asString());
- }
-
- data.to(resp.getOutputStream());
- setContentType(resp,usersDF.getOutType());
- return Result.ok();
- default:
- return Result.err(ru);
- }
- } catch (Exception e) {
- trans.error().log(e,IN,GET_USERS_PERMISSION);
- return Result.err(e);
- } finally {
- tt.done();
- }
- }
-
-
- public static final String GET_HISTORY_USER = "getHistoryByUser";
- public static final String GET_HISTORY_ROLE = "getHistoryByRole";
- public static final String GET_HISTORY_PERM = "getHistoryByPerm";
- public static final String GET_HISTORY_NS = "getHistoryByNS";
- /* (non-Javadoc)
- * @see com.att.authz.facade.AuthzFacade#getHistoryByUser(org.onap.aaf.auth.env.test.AuthzTrans, javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse)
- */
- @Override
- public Result<Void> getHistoryByUser(AuthzTrans trans, HttpServletResponse resp, String user, int[] yyyymm, final int sort) {
- StringBuilder sb = new StringBuilder();
- sb.append(GET_HISTORY_USER);
- sb.append(' ');
- sb.append(user);
- sb.append(" for ");
- boolean first = true;
- for(int i : yyyymm) {
- if(first) {
- first = false;
- } else {
- sb.append(',');
- }
- sb.append(i);
- }
- TimeTaken tt = trans.start(sb.toString(), Env.SUB|Env.ALWAYS);
-
- try {
- Result<HISTORY> rh = service.getHistoryByUser(trans,user,yyyymm,sort);
- switch(rh.status) {
- case OK:
- RosettaData<HISTORY> data = historyDF.newData(trans).load(rh.value);
- if(Question.willSpecialLog(trans, trans.user())) {
- Question.logEncryptTrace(trans,data.asString());
- }
-
- data.to(resp.getOutputStream());
- setContentType(resp,historyDF.getOutType());
- return Result.ok();
- default:
- return Result.err(rh);
- }
- } catch (Exception e) {
- trans.error().log(e,IN,GET_HISTORY_USER);
- return Result.err(e);
- } finally {
- tt.done();
- }
- }
-
- /* (non-Javadoc)
- * @see com.att.authz.facade.AuthzFacade#getHistoryByRole(org.onap.aaf.auth.env.test.AuthzTrans, javax.servlet.http.HttpServletResponse, java.lang.String, int[])
- */
- @Override
- public Result<Void> getHistoryByRole(AuthzTrans trans, HttpServletResponse resp, String role, int[] yyyymm, final int sort) {
- StringBuilder sb = new StringBuilder();
- sb.append(GET_HISTORY_ROLE);
- sb.append(' ');
- sb.append(role);
- sb.append(" for ");
- boolean first = true;
- for(int i : yyyymm) {
- if(first) {
- first = false;
- } else {
- sb.append(',');
- }
- sb.append(i);
- }
- TimeTaken tt = trans.start(sb.toString(), Env.SUB|Env.ALWAYS);
- try {
- Result<HISTORY> rh = service.getHistoryByRole(trans,role,yyyymm,sort);
- switch(rh.status) {
- case OK:
- RosettaData<HISTORY> data = historyDF.newData(trans).load(rh.value);
- if(Question.willSpecialLog(trans, trans.user())) {
- Question.logEncryptTrace(trans,data.asString());
- }
-
- data.to(resp.getOutputStream());
- setContentType(resp,historyDF.getOutType());
- return Result.ok();
- default:
- return Result.err(rh);
- }
- } catch (Exception e) {
- trans.error().log(e,IN,GET_HISTORY_ROLE);
- return Result.err(e);
- } finally {
- tt.done();
- }
- }
-
- /* (non-Javadoc)
- * @see com.att.authz.facade.AuthzFacade#getHistoryByNS(org.onap.aaf.auth.env.test.AuthzTrans, javax.servlet.http.HttpServletResponse, java.lang.String, int[])
- */
- @Override
- public Result<Void> getHistoryByNS(AuthzTrans trans, HttpServletResponse resp, String ns, int[] yyyymm, final int sort) {
- StringBuilder sb = new StringBuilder();
- sb.append(GET_HISTORY_NS);
- sb.append(' ');
- sb.append(ns);
- sb.append(" for ");
- boolean first = true;
- for(int i : yyyymm) {
- if(first) {
- first = false;
- } else {
- sb.append(',');
- }
- sb.append(i);
- }
- TimeTaken tt = trans.start(sb.toString(), Env.SUB|Env.ALWAYS);
- try {
- Result<HISTORY> rh = service.getHistoryByNS(trans,ns,yyyymm,sort);
- switch(rh.status) {
- case OK:
- RosettaData<HISTORY> data = historyDF.newData(trans).load(rh.value);
- if(Question.willSpecialLog(trans, trans.user())) {
- Question.logEncryptTrace(trans,data.asString());
- }
-
- data.to(resp.getOutputStream());
- setContentType(resp,historyDF.getOutType());
- return Result.ok();
- default:
- return Result.err(rh);
- }
- } catch (Exception e) {
- trans.error().log(e,IN,GET_HISTORY_NS);
- return Result.err(e);
- } finally {
- tt.done();
- }
- }
-
- /* (non-Javadoc)
- * @see com.att.authz.facade.AuthzFacade#getHistoryByPerm(org.onap.aaf.auth.env.test.AuthzTrans, javax.servlet.http.HttpServletResponse, java.lang.String, int[])
- */
- @Override
- public Result<Void> getHistoryByPerm(AuthzTrans trans, HttpServletResponse resp, String perm, int[] yyyymm, final int sort) {
- StringBuilder sb = new StringBuilder();
- sb.append(GET_HISTORY_PERM);
- sb.append(' ');
- sb.append(perm);
- sb.append(" for ");
- boolean first = true;
- for(int i : yyyymm) {
- if(first) {
- first = false;
- } else {
- sb.append(',');
- }
- sb.append(i);
- }
- TimeTaken tt = trans.start(sb.toString(), Env.SUB|Env.ALWAYS);
- try {
- Result<HISTORY> rh = service.getHistoryByPerm(trans,perm,yyyymm,sort);
- switch(rh.status) {
- case OK:
- RosettaData<HISTORY> data = historyDF.newData(trans).load(rh.value);
- if(Question.willSpecialLog(trans, trans.user())) {
- Question.logEncryptTrace(trans,data.asString());
- }
-
- data.to(resp.getOutputStream());
- setContentType(resp,historyDF.getOutType());
- return Result.ok();
- default:
- return Result.err(rh);
- }
- } catch (Exception e) {
- trans.error().log(e,IN,GET_HISTORY_PERM);
- return Result.err(e);
- } finally {
- tt.done();
- }
- }
-
- public final static String CACHE_CLEAR = "cacheClear ";
-// public final static String CACHE_VALIDATE = "validateCache";
-
- /* (non-Javadoc)
- * @see com.att.authz.facade.AuthzFacade#cacheClear(org.onap.aaf.auth.env.test.AuthzTrans, java.lang.String)
- */
- @Override
- public Result<Void> cacheClear(AuthzTrans trans, String cname) {
- TimeTaken tt = trans.start(CACHE_CLEAR + cname, Env.SUB|Env.ALWAYS);
- try {
- return service.cacheClear(trans,cname);
- } catch (Exception e) {
- trans.error().log(e,IN,CACHE_CLEAR);
- return Result.err(e);
- } finally {
- tt.done();
- }
- }
-
- /* (non-Javadoc)
+ public static final String CREATE_PERMISSION = "createPermission";
+ public static final String GET_PERMS_BY_TYPE = "getPermsByType";
+ public static final String GET_PERMS_BY_NAME = "getPermsByName";
+ public static final String GET_PERMISSIONS_BY_USER = "getPermissionsByUser";
+ public static final String GET_PERMISSIONS_BY_USER_SCOPE = "getPermissionsByUserScope";
+ public static final String GET_PERMISSIONS_BY_USER_WITH_QUERY = "getPermissionsByUserWithQuery";
+ public static final String GET_PERMISSIONS_BY_ROLE = "getPermissionsByRole";
+ public static final String GET_PERMISSIONS_BY_NS = "getPermissionsByNS";
+ public static final String UPDATE_PERMISSION = "updatePermission";
+ public static final String UPDATE_PERM_DESC = "updatePermissionDescription";
+ public static final String SET_PERMISSION_ROLES_TO = "setPermissionRolesTo";
+ public static final String DELETE_PERMISSION = "deletePermission";
+
+ /*
+ * (non-Javadoc)
+ * @see com.att.authz.facade.AuthzFacade#createOrUpdatePerm(org.onap.aaf.auth.env.test.AuthzTrans, javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse, boolean, java.lang.String, java.lang.String, java.lang.String)
+ */
+ @Override
+ public Result<Void> createPerm(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp) {
+ TimeTaken tt = trans.start( CREATE_PERMISSION, Env.SUB|Env.ALWAYS);
+ try {
+ REQUEST rreq;
+ try {
+ RosettaData<REQUEST> data = permRequestDF.newData().load(req.getInputStream());
+ if(Question.willSpecialLog(trans, trans.user())) {
+ Question.logEncryptTrace(trans,data.asString());
+ }
+ rreq = data.asObject();
+ } catch(APIException e) {
+ trans.error().log("Invalid Input",IN,CREATE_PERMISSION);
+ return Result.err(Status.ERR_BadData,"Invalid Input");
+ }
+
+ Result<Void> rp = service.createPerm(trans,rreq);
+ switch(rp.status) {
+ case OK:
+ setContentType(resp,permsDF.getOutType());
+ return Result.ok();
+ default:
+ return Result.err(rp);
+ }
+ } catch (Exception e) {
+ trans.error().log(e,IN,CREATE_PERMISSION);
+ return Result.err(e);
+ } finally {
+ tt.done();
+ }
+ }
+
+ /* (non-Javadoc)
+ * @see com.att.authz.facade.AuthzFacade#getChildPerms(org.onap.aaf.auth.env.test.AuthzTrans, javax.servlet.http.HttpServletResponse, java.lang.String)
+ */
+ @Override
+ public Result<Void> getPermsByType(AuthzTrans trans, HttpServletResponse resp, String perm) {
+ TimeTaken tt = trans.start(GET_PERMS_BY_TYPE + ' ' + perm, Env.SUB|Env.ALWAYS);
+ try {
+
+ Result<PERMS> rp = service.getPermsByType(trans, perm);
+ switch(rp.status) {
+ case OK:
+ RosettaData<PERMS> data = permsDF.newData(trans).load(rp.value);
+ if(Question.willSpecialLog(trans, trans.user())) {
+ Question.logEncryptTrace(trans,data.asString());
+ }
+ data.to(resp.getOutputStream());
+ setContentType(resp,permsDF.getOutType());
+ setCacheControlOff(resp);
+ return Result.ok();
+ default:
+ return Result.err(rp);
+ }
+ } catch (Exception e) {
+ trans.error().log(e,IN,GET_PERMS_BY_TYPE);
+ return Result.err(e);
+ } finally {
+ tt.done();
+ }
+ }
+
+ @Override
+ public Result<Void> getPermsByName(AuthzTrans trans, HttpServletResponse resp,
+ String type, String instance, String action) {
+
+ TimeTaken tt = trans.start(GET_PERMS_BY_NAME + ' ' + type
+ + '|' + instance + '|' + action, Env.SUB|Env.ALWAYS);
+ try {
+
+ Result<PERMS> rp = service.getPermsByName(trans, type, instance, action);
+ switch(rp.status) {
+ case OK:
+ RosettaData<PERMS> data = permsDF.newData(trans).load(rp.value);
+ if(Question.willSpecialLog(trans, trans.user())) {
+ Question.logEncryptTrace(trans,data.asString());
+ }
+ data.to(resp.getOutputStream());
+ setContentType(resp,permsDF.getOutType());
+ setCacheControlOff(resp);
+ return Result.ok();
+ default:
+ return Result.err(rp);
+ }
+ } catch (Exception e) {
+ trans.error().log(e,IN,GET_PERMS_BY_TYPE);
+ return Result.err(e);
+ } finally {
+ tt.done();
+ }
+ }
+
+ /* (non-Javadoc)
+ * @see com.att.authz.facade.AuthzFacade#getPermissionByUser(org.onap.aaf.auth.env.test.AuthzTrans, javax.servlet.http.HttpServletResponse, java.lang.String)
+ */
+ @Override
+ public Result<Void> getPermsByUser(AuthzTrans trans, HttpServletResponse resp, String user) {
+ TimeTaken tt = trans.start(GET_PERMISSIONS_BY_USER + ' ' + user, Env.SUB|Env.ALWAYS);
+ try {
+ Result<PERMS> rp = service.getPermsByUser(trans, user);
+ switch(rp.status) {
+ case OK:
+ RosettaData<PERMS> data = permsDF.newData(trans).load(rp.value);
+ if(Question.willSpecialLog(trans, trans.user())) {
+ Question.logEncryptTrace(trans,data.asString());
+ }
+ data.to(resp.getOutputStream());
+ setContentType(resp,permsDF.getOutType());
+ setCacheControlOff(resp);
+ return Result.ok();
+ default:
+ return Result.err(rp);
+ }
+ } catch (Exception e) {
+ trans.error().log(e,IN,GET_PERMISSIONS_BY_USER, user);
+ return Result.err(e);
+ } finally {
+ tt.done();
+ }
+ }
+
+ /* (non-Javadoc)
+ * @see com.att.authz.facade.AuthzFacade#getPermissionByUser(org.onap.aaf.auth.env.test.AuthzTrans, javax.servlet.http.HttpServletResponse, java.lang.String)
+ */
+ @Override
+ public Result<Void> getPermsByUserScope(AuthzTrans trans, HttpServletResponse resp, String user, String[] scopes) {
+ TimeTaken tt = trans.start(GET_PERMISSIONS_BY_USER_SCOPE + ' ' + user, Env.SUB|Env.ALWAYS);
+ try {
+ Result<PERMS> rp = service.getPermsByUserScope(trans, user, scopes);
+ switch(rp.status) {
+ case OK:
+ RosettaData<PERMS> data = permsDF.newData(trans).load(rp.value);
+ if(Question.willSpecialLog(trans, trans.user())) {
+ Question.logEncryptTrace(trans,data.asString());
+ }
+ data.to(resp.getOutputStream());
+ setContentType(resp,permsDF.getOutType());
+ setCacheControlOff(resp);
+ return Result.ok();
+ default:
+ return Result.err(rp);
+ }
+ } catch (Exception e) {
+ trans.error().log(e,IN,GET_PERMISSIONS_BY_USER_SCOPE, user);
+ return Result.err(e);
+ } finally {
+ tt.done();
+ }
+ }
+
+
+
+ /* (non-Javadoc)
+ * @see com.att.authz.facade.AuthzFacade#getPermissionByUser(org.onap.aaf.auth.env.test.AuthzTrans, javax.servlet.http.HttpServletResponse, java.lang.String)
+ */
+ @Override
+ public Result<Void> getPermsByUserWithAAFQuery(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp, String user) {
+ TimeTaken tt = trans.start(GET_PERMISSIONS_BY_USER_WITH_QUERY + ' ' + user, Env.SUB|Env.ALWAYS);
+ try {
+ PERMS perms;
+ try {
+ RosettaData<PERMS> data = permsDF.newData().load(req.getInputStream());
+ if(Question.willSpecialLog(trans, trans.user())) {
+ Question.logEncryptTrace(trans,data.asString());
+ }
+ perms = data.asObject();
+ } catch(APIException e) {
+ trans.error().log("Invalid Input",IN,GET_PERMISSIONS_BY_USER_WITH_QUERY);
+ return Result.err(Status.ERR_BadData,"Invalid Input");
+ }
+
+ Result<PERMS> rp = service.getPermsByUser(trans, perms, user);
+ switch(rp.status) {
+ case OK:
+ RosettaData<PERMS> data = permsDF.newData(trans).load(rp.value);
+ if(Question.willSpecialLog(trans, trans.user())) {
+ Question.logEncryptTrace(trans,data.asString());
+ }
+ data.to(resp.getOutputStream());
+ setContentType(resp,permsDF.getOutType());
+ setCacheControlOff(resp);
+ return Result.ok();
+ default:
+ return Result.err(rp);
+ }
+ } catch (Exception e) {
+ trans.error().log(e,IN,GET_PERMISSIONS_BY_USER_WITH_QUERY , user);
+ return Result.err(e);
+ } finally {
+ tt.done();
+ }
+ }
+
+
+ /* (non-Javadoc)
+ * @see com.att.authz.facade.AuthzFacade#getPermissionsForRole(org.onap.aaf.auth.env.test.AuthzTrans, javax.servlet.http.HttpServletResponse, java.lang.String)
+ */
+ @Override
+ public Result<Void> getPermsForRole(AuthzTrans trans, HttpServletResponse resp, String roleName) {
+ TimeTaken tt = trans.start(GET_PERMISSIONS_BY_ROLE + ' ' + roleName, Env.SUB|Env.ALWAYS);
+ try {
+ Result<PERMS> rp = service.getPermsByRole(trans, roleName);
+ switch(rp.status) {
+ case OK:
+ RosettaData<PERMS> data = permsDF.newData(trans).load(rp.value);
+ if(Question.willSpecialLog(trans, trans.user())) {
+ Question.logEncryptTrace(trans,data.asString());
+ }
+ data.to(resp.getOutputStream());
+ setContentType(resp,permsDF.getOutType());
+ setCacheControlOff(resp);
+ return Result.ok();
+ default:
+ return Result.err(rp);
+ }
+ } catch (Exception e) {
+ trans.error().log(e,IN,GET_PERMISSIONS_BY_ROLE);
+ return Result.err(e);
+ } finally {
+ tt.done();
+ }
+ }
+
+ @Override
+ public Result<Void> getPermsByNS(AuthzTrans trans,HttpServletResponse resp,String ns) {
+ TimeTaken tt = trans.start(GET_PERMISSIONS_BY_NS + ' ' + ns, Env.SUB|Env.ALWAYS);
+ try {
+ Result<PERMS> rp = service.getPermsByNS(trans, ns);
+ switch(rp.status) {
+ case OK:
+ RosettaData<PERMS> data = permsDF.newData(trans).load(rp.value);
+ if(Question.willSpecialLog(trans, trans.user())) {
+ Question.logEncryptTrace(trans,data.asString());
+ }
+ data.to(resp.getOutputStream());
+ setContentType(resp,permsDF.getOutType());
+ setCacheControlOff(resp);
+ return Result.ok();
+ default:
+ return Result.err(rp);
+ }
+ } catch (Exception e) {
+ trans.error().log(e,IN,GET_PERMISSIONS_BY_NS);
+ return Result.err(e);
+ } finally {
+ tt.done();
+ }
+ }
+
+ /*
+ * (non-Javadoc)
+ * @see com.att.authz.facade.AuthzFacade#createOrUpdatePerm(org.onap.aaf.auth.env.test.AuthzTrans, javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse, boolean, java.lang.String, java.lang.String, java.lang.String)
+ */
+ @Override
+ public Result<Void> renamePerm(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp,
+ String origType, String origInstance, String origAction) {
+ String cmdDescription = UPDATE_PERMISSION;
+ TimeTaken tt = trans.start( cmdDescription + ' ' + origType + ' ' + origInstance + ' ' + origAction, Env.SUB|Env.ALWAYS);
+ try {
+ REQUEST rreq;
+ try {
+ RosettaData<REQUEST> data = permRequestDF.newData().load(req.getInputStream());
+ if(Question.willSpecialLog(trans, trans.user())) {
+ Question.logEncryptTrace(trans,data.asString());
+ }
+ rreq = data.asObject();
+ } catch(APIException e) {
+ trans.error().log("Invalid Input",IN,cmdDescription);
+ return Result.err(Status.ERR_BadData,"Invalid Input");
+ }
+
+ Result<Void> rp = service.renamePerm(trans,rreq, origType, origInstance, origAction);
+ switch(rp.status) {
+ case OK:
+ setContentType(resp,permsDF.getOutType());
+ return Result.ok();
+ default:
+ return Result.err(rp);
+ }
+ } catch (Exception e) {
+ trans.error().log(e,IN,cmdDescription);
+ return Result.err(e);
+ } finally {
+ tt.done();
+ }
+ }
+
+ @Override
+ public Result<Void> updatePermDescription(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp) {
+ TimeTaken tt = trans.start(UPDATE_PERM_DESC, Env.SUB|Env.ALWAYS);
+ try {
+ REQUEST rreq;
+ try {
+ RosettaData<REQUEST> data = permRequestDF.newData().load(req.getInputStream());
+ if(Question.willSpecialLog(trans, trans.user())) {
+ Question.logEncryptTrace(trans,data.asString());
+ }
+ rreq = data.asObject();
+ } catch(APIException e) {
+ trans.error().log("Invalid Input",IN,UPDATE_PERM_DESC);
+ return Result.err(Status.ERR_BadData,"Invalid Input");
+
+ }
+ Result<Void> rp = service.updatePermDescription(trans, rreq);
+ switch(rp.status) {
+ case OK:
+ setContentType(resp,permRequestDF.getOutType());
+ return Result.ok();
+ default:
+ return Result.err(rp);
+ }
+ } catch (Exception e) {
+ trans.error().log(e,IN,UPDATE_PERM_DESC);
+ return Result.err(e);
+ } finally {
+ tt.done();
+ }
+ }
+
+
+ @Override
+ public Result<Void> resetPermRoles(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp) {
+ TimeTaken tt = trans.start(SET_PERMISSION_ROLES_TO, Env.SUB|Env.ALWAYS);
+ try {
+ REQUEST rreq;
+ try {
+ RosettaData<REQUEST> data = rolePermRequestDF.newData().load(req.getInputStream());
+ if(Question.willSpecialLog(trans, trans.user())) {
+ Question.logEncryptTrace(trans,data.asString());
+ }
+ rreq = data.asObject();
+ } catch(APIException e) {
+ trans.error().log("Invalid Input",IN, SET_PERMISSION_ROLES_TO);
+ return Result.err(Status.ERR_BadData,"Invalid Input");
+ }
+
+ Result<Void> rp = service.resetPermRoles(trans, rreq);
+
+ switch(rp.status) {
+ case OK:
+ setContentType(resp,permsDF.getOutType());
+ return Result.ok();
+ default:
+ return Result.err(rp);
+ }
+ } catch (Exception e) {
+ trans.error().log(e,IN,SET_PERMISSION_ROLES_TO);
+ return Result.err(e);
+ } finally {
+ tt.done();
+ }
+ }
+
+ @Override
+ public Result<Void> deletePerm(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp) {
+ TimeTaken tt = trans.start(DELETE_PERMISSION, Env.SUB|Env.ALWAYS);
+ try {
+ REQUEST rreq;
+ try {
+ RosettaData<REQUEST> data = permRequestDF.newData().load(req.getInputStream());
+ if(Question.willSpecialLog(trans, trans.user())) {
+ Question.logEncryptTrace(trans,data.asString());
+ }
+ rreq = data.asObject();
+ } catch(APIException e) {
+ trans.error().log("Invalid Input",IN,DELETE_PERMISSION);
+ return Result.err(Status.ERR_BadData,"Invalid Input");
+
+ }
+
+ Result<Void> rp = service.deletePerm(trans,rreq);
+ switch(rp.status) {
+ case OK:
+ setContentType(resp,permsDF.getOutType());
+ return Result.ok();
+ default:
+ return Result.err(rp);
+ }
+ } catch (Exception e) {
+ trans.error().log(e,IN,DELETE_PERMISSION);
+ return Result.err(e);
+ } finally {
+ tt.done();
+ }
+ }
+
+ @Override
+ public Result<Void> deletePerm(AuthzTrans trans, HttpServletResponse resp, String type, String instance, String action) {
+ TimeTaken tt = trans.start(DELETE_PERMISSION + type + ' ' + instance + ' ' + action, Env.SUB|Env.ALWAYS);
+ try {
+ Result<Void> rp = service.deletePerm(trans,type,instance,action);
+ switch(rp.status) {
+ case OK:
+ setContentType(resp,permsDF.getOutType());
+ return Result.ok();
+ default:
+ return Result.err(rp);
+ }
+ } catch (Exception e) {
+ trans.error().log(e,IN,DELETE_PERMISSION);
+ return Result.err(e);
+ } finally {
+ tt.done();
+ }
+ }
+
+ public static final String CREATE_ROLE = "createRole";
+ public static final String GET_ROLES_BY_USER = "getRolesByUser";
+ public static final String GET_ROLES_BY_NS = "getRolesByNS";
+ public static final String GET_ROLES_BY_NAME_ONLY = "getRolesByNameOnly";
+ public static final String GET_ROLES_BY_NAME = "getRolesByName";
+ public static final String GET_ROLES_BY_PERM = "getRolesByPerm";
+ public static final String UPDATE_ROLE_DESC = "updateRoleDescription";
+ public static final String ADD_PERM_TO_ROLE = "addPermissionToRole";
+ public static final String DELETE_PERM_FROM_ROLE = "deletePermissionFromRole";
+ public static final String UPDATE_MGTPERM_ROLE = "updateMgtPermRole";
+ public static final String DELETE_ROLE = "deleteRole";
+ public static final String GET_CERT_BY_ID = "getCertByID";
+
+ @Override
+ public Result<Void> createRole(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp) {
+ TimeTaken tt = trans.start(CREATE_ROLE, Env.SUB|Env.ALWAYS);
+ try {
+ REQUEST rreq;
+ try {
+ RosettaData<REQUEST> data = roleRequestDF.newData().load(req.getInputStream());
+ if(Question.willSpecialLog(trans, trans.user())) {
+ Question.logEncryptTrace(trans,data.asString());
+ }
+ rreq = data.asObject();
+ } catch(APIException e) {
+ trans.error().log("Invalid Input",IN,CREATE_ROLE);
+ return Result.err(Status.ERR_BadData,"Invalid Input");
+
+ }
+ Result<Void> rp = service.createRole(trans, rreq);
+ switch(rp.status) {
+ case OK:
+ setContentType(resp,roleRequestDF.getOutType());
+ return Result.ok();
+ default:
+ return Result.err(rp);
+ }
+ } catch (Exception e) {
+ trans.error().log(e,IN,CREATE_ROLE);
+ return Result.err(e);
+ } finally {
+ tt.done();
+ }
+ }
+
+ /* (non-Javadoc)
+ * @see com.att.authz.facade.AuthzFacade#getRolesByName(org.onap.aaf.auth.env.test.AuthzTrans, javax.servlet.http.HttpServletResponse, java.lang.String)
+ */
+ @Override
+ public Result<Void> getRolesByName(AuthzTrans trans, HttpServletResponse resp, String role) {
+ TimeTaken tt = trans.start(GET_ROLES_BY_NAME + ' ' + role, Env.SUB|Env.ALWAYS);
+ try {
+ Result<ROLES> rp = service.getRolesByName(trans, role);
+ switch(rp.status) {
+ case OK:
+ RosettaData<ROLES> data = roleDF.newData(trans).load(rp.value);
+ if(Question.willSpecialLog(trans, trans.user())) {
+ Question.logEncryptTrace(trans,data.asString());
+ }
+ data.to(resp.getOutputStream());
+ setContentType(resp,roleDF.getOutType());
+ setCacheControlOff(resp);
+ return Result.ok();
+ default:
+ return Result.err(rp);
+ }
+ } catch (Exception e) {
+ trans.error().log(e,IN,GET_ROLES_BY_NAME);
+ return Result.err(e);
+ } finally {
+ tt.done();
+ }
+ }
+
+ /* (non-Javadoc)
+ * @see com.att.authz.facade.AuthzFacade#getRolesByUser(org.onap.aaf.auth.env.test.AuthzTrans, javax.servlet.http.HttpServletResponse, java.lang.String)
+ */
+ @Override
+ public Result<Void> getRolesByUser(AuthzTrans trans,HttpServletResponse resp, String user) {
+ TimeTaken tt = trans.start(GET_ROLES_BY_USER + ' ' + user, Env.SUB|Env.ALWAYS);
+ try {
+ Result<ROLES> rp = service.getRolesByUser(trans, user);
+ switch(rp.status) {
+ case OK:
+ RosettaData<ROLES> data = roleDF.newData(trans).load(rp.value);
+ if(Question.willSpecialLog(trans, trans.user())) {
+ Question.logEncryptTrace(trans,data.asString());
+ }
+ data.to(resp.getOutputStream());
+ setContentType(resp,roleDF.getOutType());
+ setCacheControlOff(resp);
+ return Result.ok();
+ default:
+ return Result.err(rp);
+ }
+ } catch (Exception e) {
+ trans.error().log(e,IN,GET_ROLES_BY_USER, user);
+ return Result.err(e);
+ } finally {
+ tt.done();
+ }
+ }
+
+ /* (non-Javadoc)
+ * @see com.att.authz.facade.AuthzFacade#getRolesByUser(org.onap.aaf.auth.env.test.AuthzTrans, javax.servlet.http.HttpServletResponse, java.lang.String)
+ */
+ @Override
+ public Result<Void> getRolesByNS(AuthzTrans trans,HttpServletResponse resp, String ns) {
+ TimeTaken tt = trans.start(GET_ROLES_BY_NS + ' ' + ns, Env.SUB|Env.ALWAYS);
+ try {
+ Result<ROLES> rp = service.getRolesByNS(trans, ns);
+ switch(rp.status) {
+ case OK:
+ if(!rp.isEmpty()) {
+ RosettaData<ROLES> data = roleDF.newData(trans).load(rp.value);
+ if(Question.willSpecialLog(trans, trans.user())) {
+ Question.logEncryptTrace(trans,data.asString());
+ }
+ data.to(resp.getOutputStream());
+ } else {
+ Question.logEncryptTrace(trans, NO_DATA);
+ }
+ setContentType(resp,roleDF.getOutType());
+ setCacheControlOff(resp);
+ return Result.ok();
+ default:
+ return Result.err(rp);
+ }
+ } catch (Exception e) {
+ trans.error().log(e,IN,GET_ROLES_BY_NS);
+ return Result.err(e);
+ } finally {
+ tt.done();
+ }
+ }
+
+
+ /* (non-Javadoc)
+ * @see com.att.authz.facade.AuthzFacade#getRolesByNameOnly(org.onap.aaf.auth.env.test.AuthzTrans, javax.servlet.http.HttpServletResponse, java.lang.String)
+ */
+ @Override
+ public Result<Void> getRolesByNameOnly(AuthzTrans trans,HttpServletResponse resp, String nameOnly) {
+ TimeTaken tt = trans.start(GET_ROLES_BY_NAME_ONLY + ' ' + nameOnly, Env.SUB|Env.ALWAYS);
+ try {
+ Result<ROLES> rp = service.getRolesByNameOnly(trans, nameOnly);
+ switch(rp.status) {
+ case OK:
+ if(!rp.isEmpty()) {
+ RosettaData<ROLES> data = roleDF.newData(trans).load(rp.value);
+ if(Question.willSpecialLog(trans, trans.user())) {
+ Question.logEncryptTrace(trans,data.asString());
+ }
+ data.to(resp.getOutputStream());
+ } else {
+ Question.logEncryptTrace(trans, NO_DATA);
+ }
+ setContentType(resp,roleDF.getOutType());
+ setCacheControlOff(resp);
+ return Result.ok();
+ default:
+ return Result.err(rp);
+ }
+ } catch (Exception e) {
+ trans.error().log(e,IN,GET_ROLES_BY_NAME_ONLY);
+ return Result.err(e);
+ } finally {
+ tt.done();
+ }
+ }
+
+ /* (non-Javadoc)
+ * @see com.att.authz.facade.AuthzFacade#getRolesByUser(org.onap.aaf.auth.env.test.AuthzTrans, javax.servlet.http.HttpServletResponse, java.lang.String)
+ */
+ @Override
+ public Result<Void> getRolesByPerm(AuthzTrans trans,HttpServletResponse resp, String type, String instance, String action) {
+ TimeTaken tt = trans.start(GET_ROLES_BY_PERM + type +' '+instance+' '+action, Env.SUB|Env.ALWAYS);
+ try {
+ Result<ROLES> rp = service.getRolesByPerm(trans, type,instance,action);
+ switch(rp.status) {
+ case OK:
+ RosettaData<ROLES> data = roleDF.newData(trans).load(rp.value);
+ if(Question.willSpecialLog(trans, trans.user())) {
+ Question.logEncryptTrace(trans,data.asString());
+ }
+ data.to(resp.getOutputStream());
+ setContentType(resp,roleDF.getOutType());
+ setCacheControlOff(resp);
+ return Result.ok();
+ default:
+ return Result.err(rp);
+ }
+ } catch (Exception e) {
+ trans.error().log(e,IN,GET_ROLES_BY_PERM);
+ return Result.err(e);
+ } finally {
+ tt.done();
+ }
+ }
+
+ /*
+ * (non-Javadoc)
+ * @see com.att.authz.facade.AuthzFacade#updateDescription(org.onap.aaf.auth.env.test.AuthzTrans, javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse)
+ */
+ @Override
+ public Result<Void> updateRoleDescription(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp) {
+ TimeTaken tt = trans.start(UPDATE_ROLE_DESC, Env.SUB|Env.ALWAYS);
+ try {
+ REQUEST rreq;
+ try {
+ RosettaData<REQUEST> data = roleRequestDF.newData().load(req.getInputStream());
+ if(Question.willSpecialLog(trans, trans.user())) {
+ Question.logEncryptTrace(trans,data.asString());
+ }
+ rreq = data.asObject();
+ } catch(APIException e) {
+ trans.error().log("Invalid Input",IN,UPDATE_ROLE_DESC);
+ return Result.err(Status.ERR_BadData,"Invalid Input");
+
+ }
+ Result<Void> rp = service.updateRoleDescription(trans, rreq);
+ switch(rp.status) {
+ case OK:
+ setContentType(resp,roleRequestDF.getOutType());
+ return Result.ok();
+ default:
+ return rp;
+ }
+ } catch (Exception e) {
+ trans.error().log(e,IN,UPDATE_ROLE_DESC);
+ return Result.err(e);
+ } finally {
+ tt.done();
+ }
+ }
+
+ @Override
+ public Result<Void> addPermToRole(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp) {
+ TimeTaken tt = trans.start(ADD_PERM_TO_ROLE, Env.SUB|Env.ALWAYS);
+ try {
+ REQUEST rreq;
+ try {
+ RosettaData<REQUEST> data = rolePermRequestDF.newData().load(req.getInputStream());
+ if(Question.willSpecialLog(trans, trans.user())) {
+ Question.logEncryptTrace(trans,data.asString());
+ }
+ rreq = data.asObject();
+ } catch(APIException e) {
+ trans.error().log("Invalid Input",IN,ADD_PERM_TO_ROLE);
+ return Result.err(Status.ERR_BadData,"Invalid Input");
+
+ }
+ Result<Void> rp = service.addPermToRole(trans, rreq);
+ switch(rp.status) {
+ case OK:
+ setContentType(resp,permsDF.getOutType());
+ resp.getOutputStream().println();
+ return Result.ok();
+ default:
+ return Result.err(rp);
+ }
+ } catch (Exception e) {
+ trans.error().log(e,IN,ADD_PERM_TO_ROLE);
+ return Result.err(e);
+ } finally {
+ tt.done();
+ }
+ }
+
+ @Override
+ public Result<Void> delPermFromRole(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp) {
+ TimeTaken tt = trans.start(DELETE_PERM_FROM_ROLE, Env.SUB|Env.ALWAYS);
+ try {
+ REQUEST rreq;
+ try {
+ RosettaData<REQUEST> data = rolePermRequestDF.newData().load(req.getInputStream());
+ if(Question.willSpecialLog(trans, trans.user())) {
+ Question.logEncryptTrace(trans,data.asString());
+ }
+ rreq = data.asObject();
+ } catch(APIException e) {
+ trans.error().log("Invalid Input",IN,DELETE_PERM_FROM_ROLE);
+ return Result.err(Status.ERR_BadData,"Invalid Input");
+
+ }
+ Result<Void> rp = service.delPermFromRole(trans, rreq);
+ switch(rp.status) {
+ case OK:
+ setContentType(resp,permsDF.getOutType());
+ resp.getOutputStream().println();
+ return Result.ok();
+ default:
+ return Result.err(rp);
+ }
+ } catch (Exception e) {
+ trans.error().log(e,IN,DELETE_PERM_FROM_ROLE);
+ return Result.err(e);
+ } finally {
+ tt.done();
+ }
+ }
+
+ /* (non-Javadoc)
+ * @see com.att.authz.facade.AuthzFacade#delPermFromRole(org.onap.aaf.auth.env.test.AuthzTrans, javax.servlet.http.HttpServletResponse, java.lang.String, java.lang.String, java.lang.String, java.lang.String)
+ */
+ @Override
+ public Result<Void> delPermFromRole(AuthzTrans trans, HttpServletResponse resp, String role, String type,
+ String instance, String action) {
+ TimeTaken tt = trans.start(DELETE_PERM_FROM_ROLE, Env.SUB|Env.ALWAYS);
+ try {
+ Result<Void> rp = service.delPermFromRole(trans, role, type, instance, action);
+ switch(rp.status) {
+ case OK:
+ setContentType(resp,permsDF.getOutType());
+ resp.getOutputStream().println();
+ return Result.ok();
+ default:
+ return Result.err(rp);
+ }
+ } catch (Exception e) {
+ trans.error().log(e,IN,DELETE_PERM_FROM_ROLE);
+ return Result.err(e);
+ } finally {
+ tt.done();
+ }
+ }
+
+ @Override
+ public Result<Void> deleteRole(AuthzTrans trans, HttpServletResponse resp, String role) {
+ TimeTaken tt = trans.start(DELETE_ROLE + ' ' + role, Env.SUB|Env.ALWAYS);
+ try {
+ Result<Void> rp = service.deleteRole(trans, role);
+ switch(rp.status) {
+ case OK:
+ setContentType(resp,permsDF.getOutType());
+ return Result.ok();
+ default:
+ return Result.err(rp);
+ }
+ } catch (Exception e) {
+ trans.error().log(e,IN,DELETE_ROLE);
+ return Result.err(e);
+ } finally {
+ tt.done();
+ }
+ }
+
+ @Override
+ public Result<Void> deleteRole(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp) {
+ TimeTaken tt = trans.start(DELETE_ROLE, Env.SUB|Env.ALWAYS);
+ try {
+ REQUEST rreq;
+ try {
+ RosettaData<REQUEST> data = roleRequestDF.newData().load(req.getInputStream());
+ if(Question.willSpecialLog(trans, trans.user())) {
+ Question.logEncryptTrace(trans,data.asString());
+ }
+ rreq = data.asObject();
+ } catch(APIException e) {
+ trans.error().log("Invalid Input",IN,CREATE_ROLE);
+ return Result.err(Status.ERR_BadData,"Invalid Input");
+ }
+
+ Result<Void> rp = service.deleteRole(trans, rreq);
+ switch(rp.status) {
+ case OK:
+ setContentType(resp,permsDF.getOutType());
+ return Result.ok();
+ default:
+ return Result.err(rp);
+ }
+ } catch (Exception e) {
+ trans.error().log(e,IN,DELETE_ROLE);
+ return Result.err(e);
+ } finally {
+ tt.done();
+ }
+ }
+
+ public static final String CREATE_CRED = "createUserCred";
+ private static final String GET_CREDS_BY_NS = "getCredsByNS";
+ private static final String GET_CREDS_BY_ID = "getCredsByID";
+ public static final String UPDATE_CRED = "updateUserCred";
+ public static final String EXTEND_CRED = "extendUserCred";
+ public static final String DELETE_CRED = "deleteUserCred";
+ public static final String DOES_CRED_MATCH = "doesCredMatch";
+ public static final String VALIDATE_BASIC_AUTH = "validateBasicAuth";
+
+
+
+ @Override
+ /**
+ * Create Credential
+ *
+ */
+ public Result<Void> createUserCred(AuthzTrans trans, HttpServletRequest req) {
+ TimeTaken tt = trans.start(CREATE_CRED, Env.SUB|Env.ALWAYS);
+ try {
+ RosettaData<REQUEST> data = credRequestDF.newData().load(req.getInputStream());
+ if(Question.willSpecialLog(trans, trans.user())) {
+ Question.logEncryptTrace(trans,data.asString());
+ }
+ return service.createUserCred(trans, data.asObject());
+ } catch(APIException e) {
+ trans.error().log(e,"Bad Input data");
+ return Result.err(Status.ERR_BadData, e.getLocalizedMessage());
+ } catch (Exception e) {
+ trans.error().log(e,IN,CREATE_CRED);
+ return Result.err(e);
+ } finally {
+ tt.done();
+ }
+ }
+
+ @Override
+ public Result<Void> changeUserCred(AuthzTrans trans, HttpServletRequest req) {
+ TimeTaken tt = trans.start(UPDATE_CRED, Env.SUB|Env.ALWAYS);
+ try {
+ RosettaData<REQUEST> data = credRequestDF.newData().load(req.getInputStream());
+ if(Question.willSpecialLog(trans, trans.user())) {
+ Question.logEncryptTrace(trans,data.asString());
+ }
+
+ return service.changeUserCred(trans, data.asObject());
+ } catch(APIException e) {
+ trans.error().log(e,"Bad Input data");
+ return Result.err(Status.ERR_BadData, e.getLocalizedMessage());
+ } catch (Exception e) {
+ trans.error().log(e,IN,UPDATE_CRED);
+ return Result.err(e);
+ } finally {
+ tt.done();
+ }
+ }
+
+ /* (non-Javadoc)
+ * @see com.att.authz.facade.AuthzFacade#extendUserCred(org.onap.aaf.auth.env.test.AuthzTrans, javax.servlet.http.HttpServletRequest, int)
+ */
+ @Override
+ public Result<Void> extendUserCred(AuthzTrans trans, HttpServletRequest req, String days) {
+ TimeTaken tt = trans.start(EXTEND_CRED, Env.SUB|Env.ALWAYS);
+ try {
+ RosettaData<REQUEST> data = credRequestDF.newData().load(req.getInputStream());
+ if(Question.willSpecialLog(trans, trans.user())) {
+ Question.logEncryptTrace(trans,data.asString());
+ }
+
+ return service.extendUserCred(trans, data.asObject(), days);
+ } catch(APIException e) {
+ trans.error().log(e,"Bad Input data");
+ return Result.err(Status.ERR_BadData, e.getLocalizedMessage());
+ } catch (Exception e) {
+ trans.error().log(e,IN,EXTEND_CRED);
+ return Result.err(e);
+ } finally {
+ tt.done();
+ }
+ }
+
+ @Override
+ public Result<Void> getCredsByNS(AuthzTrans trans, HttpServletResponse resp, String ns) {
+ TimeTaken tt = trans.start(GET_CREDS_BY_NS + ' ' + ns, Env.SUB|Env.ALWAYS);
+
+ try {
+ Result<USERS> ru = service.getCredsByNS(trans,ns);
+ switch(ru.status) {
+ case OK:
+ RosettaData<USERS> data = usersDF.newData(trans).load(ru.value);
+ if(Question.willSpecialLog(trans,trans.user())) {
+ Question.logEncryptTrace(trans,data.asString());
+ }
+ data.to(resp.getOutputStream());
+ setContentType(resp,usersDF.getOutType());
+ return Result.ok();
+ default:
+ return Result.err(ru);
+ }
+ } catch (Exception e) {
+ trans.error().log(e,IN,GET_CREDS_BY_NS);
+ return Result.err(e);
+ } finally {
+ tt.done();
+ }
+
+ }
+
+
+ /* (non-Javadoc)
+ * @see com.att.authz.facade.AuthzFacade#getCredsByID(org.onap.aaf.auth.env.test.AuthzTrans, javax.servlet.http.HttpServletResponse, java.lang.String)
+ */
+ @Override
+ public Result<Void> getCredsByID(AuthzTrans trans, HttpServletResponse resp, String id) {
+ TimeTaken tt = trans.start(GET_CREDS_BY_ID + ' ' + id, Env.SUB|Env.ALWAYS);
+
+ try {
+ Result<USERS> ru = service.getCredsByID(trans,id);
+ switch(ru.status) {
+ case OK:
+ RosettaData<USERS> data = usersDF.newData(trans).load(ru.value);
+ if(Question.willSpecialLog(trans, trans.user())) {
+ Question.logEncryptTrace(trans,data.asString());
+ }
+ data.to(resp.getOutputStream());
+ setContentType(resp,usersDF.getOutType());
+ return Result.ok();
+ default:
+ return Result.err(ru);
+ }
+ } catch (Exception e) {
+ trans.error().log(e,IN,GET_CREDS_BY_ID);
+ return Result.err(e);
+ } finally {
+ tt.done();
+ }
+
+ }
+
+ @Override
+ public Result<Void> deleteUserCred(AuthzTrans trans, HttpServletRequest req) {
+ TimeTaken tt = trans.start(DELETE_CRED, Env.SUB|Env.ALWAYS);
+ try {
+ RosettaData<REQUEST> data = credRequestDF.newData().load(req.getInputStream());
+ if(Question.willSpecialLog(trans, trans.user())) {
+ Question.logEncryptTrace(trans,data.asString());
+ }
+
+ return service.deleteUserCred(trans, data.asObject());
+ } catch(APIException e) {
+ trans.error().log(e,"Bad Input data");
+ return Result.err(Status.ERR_BadData, e.getLocalizedMessage());
+ } catch (Exception e) {
+ trans.error().log(e,IN,DELETE_CRED);
+ return Result.err(e);
+ } finally {
+ tt.done();
+ }
+ }
+
+
+ @Override
+ public Result<Date> doesCredentialMatch(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp) {
+ TimeTaken tt = trans.start(DOES_CRED_MATCH, Env.SUB|Env.ALWAYS);
+ try {
+ RosettaData<REQUEST> data = credRequestDF.newData().load(req.getInputStream());
+ if(Question.willSpecialLog(trans, trans.user())) {
+ Question.logEncryptTrace(trans,data.asString());
+ }
+
+ return service.doesCredentialMatch(trans, data.asObject());
+ } catch(APIException e) {
+ trans.error().log(e,"Bad Input data");
+ return Result.err(Status.ERR_BadData, e.getLocalizedMessage());
+ } catch (IOException e) {
+ trans.error().log(e,IN,DOES_CRED_MATCH);
+ return Result.err(e);
+ } finally {
+ tt.done();
+ }
+ }
+
+
+ @Override
+ public Result<Void> validBasicAuth(AuthzTrans trans, HttpServletResponse resp, String basicAuth) {
+ TimeTaken tt = trans.start(VALIDATE_BASIC_AUTH, Env.SUB|Env.ALWAYS);
+ try {
+ Result<Date> result = service.validateBasicAuth(trans,basicAuth);
+ switch(result.status){
+ case OK:
+ resp.getOutputStream().write(Chrono.utcStamp(result.value).getBytes());
+ return Result.ok();
+ }
+ return Result.err(result);
+ } catch (Exception e) {
+ trans.error().log(e,IN,VALIDATE_BASIC_AUTH);
+ return Result.err(e);
+ } finally {
+ tt.done();
+ }
+ }
+
+ /* (non-Javadoc)
+ * @see com.att.authz.facade.AuthzFacade#getCertInfoByID(org.onap.aaf.auth.env.test.AuthzTrans, javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse, java.lang.String)
+ */
+ @Override
+ public Result<Void> getCertInfoByID(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp, String id) {
+ TimeTaken tt = trans.start(GET_CERT_BY_ID, Env.SUB|Env.ALWAYS);
+ try {
+ Result<CERTS> rci = service.getCertInfoByID(trans,req,id);
+
+ switch(rci.status) {
+ case OK:
+ if(Question.willSpecialLog(trans, trans.user())) {
+ RosettaData<CERTS> data = certsDF.newData(trans).load(rci.value);
+ Question.logEncryptTrace(trans,data.asString());
+ data.to(resp.getOutputStream());
+ } else {
+ certsDF.direct(trans, rci.value, resp.getOutputStream());
+ }
+ setContentType(resp,certsDF.getOutType());
+ return Result.ok();
+ default:
+ return Result.err(rci);
+ }
+ } catch (Exception e) {
+ trans.error().log(e,IN,GET_CERT_BY_ID);
+ return Result.err(e);
+ } finally {
+ tt.done();
+ }
+ }
+
+ public static final String CREATE_DELEGATE = "createDelegate";
+ public static final String UPDATE_DELEGATE = "updateDelegate";
+ public static final String DELETE_DELEGATE = "deleteDelegate";
+ public static final String GET_DELEGATE_USER = "getDelegatesByUser";
+ public static final String GET_DELEGATE_DELG = "getDelegatesByDelegate";
+
+ @Override
+ public Result<Void> createDelegate(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp) {
+ TimeTaken tt = trans.start(CREATE_DELEGATE, Env.SUB|Env.ALWAYS);
+ try {
+ Data<REQUEST> data = delgRequestDF.newData().load(req.getInputStream());
+ if(Question.willSpecialLog(trans, trans.user())) {
+ Question.logEncryptTrace(trans,data.asString());
+ }
+
+ return service.createDelegate(trans, data.asObject());
+ } catch (Exception e) {
+ trans.error().log(e,IN,CREATE_DELEGATE);
+ return Result.err(e);
+ } finally {
+ tt.done();
+ }
+ }
+
+ @Override
+ public Result<Void> updateDelegate(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp) {
+ TimeTaken tt = trans.start(UPDATE_DELEGATE, Env.SUB|Env.ALWAYS);
+ try {
+ Data<REQUEST> data = delgRequestDF.newData().load(req.getInputStream());
+ if(Question.willSpecialLog(trans, trans.user())) {
+ Question.logEncryptTrace(trans,data.asString());
+ }
+
+ return service.updateDelegate(trans, data.asObject());
+ } catch (Exception e) {
+ trans.error().log(e,IN,UPDATE_DELEGATE);
+ return Result.err(e);
+ } finally {
+ tt.done();
+ }
+ }
+
+ @Override
+ public Result<Void> deleteDelegate(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp) {
+ TimeTaken tt = trans.start(DELETE_DELEGATE, Env.SUB|Env.ALWAYS);
+ try {
+ Data<REQUEST> data = delgRequestDF.newData().load(req.getInputStream());
+ if(Question.willSpecialLog(trans, trans.user())) {
+ Question.logEncryptTrace(trans,data.asString());
+ }
+
+ return service.deleteDelegate(trans, data.asObject());
+ } catch (Exception e) {
+ trans.error().log(e,IN,DELETE_DELEGATE);
+ return Result.err(e);
+ } finally {
+ tt.done();
+ }
+ }
+
+ @Override
+ public Result<Void> deleteDelegate(AuthzTrans trans, String userName) {
+ TimeTaken tt = trans.start(DELETE_DELEGATE + ' ' + userName, Env.SUB|Env.ALWAYS);
+ try {
+ return service.deleteDelegate(trans, userName);
+ } catch (Exception e) {
+ trans.error().log(e,IN,DELETE_DELEGATE);
+ return Result.err(e);
+ } finally {
+ tt.done();
+ }
+ }
+
+ @Override
+ public Result<Void> getDelegatesByUser(AuthzTrans trans, String user, HttpServletResponse resp) {
+ TimeTaken tt = trans.start(GET_DELEGATE_USER, Env.SUB|Env.ALWAYS);
+ try {
+ Result<DELGS> rd = service.getDelegatesByUser(trans, user);
+
+ switch(rd.status) {
+ case OK:
+ RosettaData<DELGS> data = delgDF.newData(trans).load(rd.value);
+ if(Question.willSpecialLog(trans, trans.user())) {
+ Question.logEncryptTrace(trans,data.asString());
+ }
+ data.to(resp.getOutputStream());
+ setContentType(resp,delgDF.getOutType());
+ return Result.ok();
+ default:
+ return Result.err(rd);
+ }
+ } catch (Exception e) {
+ trans.error().log(e,IN,GET_DELEGATE_USER);
+ return Result.err(e);
+ } finally {
+ tt.done();
+ }
+ }
+
+ @Override
+ public Result<Void> getDelegatesByDelegate(AuthzTrans trans, String delegate, HttpServletResponse resp) {
+ TimeTaken tt = trans.start(GET_DELEGATE_DELG, Env.SUB|Env.ALWAYS);
+ try {
+ Result<DELGS> rd = service.getDelegatesByDelegate(trans, delegate);
+ switch(rd.status) {
+ case OK:
+ RosettaData<DELGS> data = delgDF.newData(trans).load(rd.value);
+ if(Question.willSpecialLog(trans, trans.user())) {
+ Question.logEncryptTrace(trans,data.asString());
+ }
+ data.to(resp.getOutputStream());
+ setContentType(resp,delgDF.getOutType());
+ return Result.ok();
+ default:
+ return Result.err(rd);
+ }
+ } catch (Exception e) {
+ trans.error().log(e,IN,GET_DELEGATE_DELG);
+ return Result.err(e);
+ } finally {
+ tt.done();
+ }
+ }
+
+ private static final String REQUEST_USER_ROLE = "createUserRole";
+ private static final String GET_USERROLES = "getUserRoles";
+ private static final String GET_USERROLES_BY_ROLE = "getUserRolesByRole";
+ private static final String GET_USERROLES_BY_USER = "getUserRolesByUser";
+ private static final String SET_ROLES_FOR_USER = "setRolesForUser";
+ private static final String SET_USERS_FOR_ROLE = "setUsersForRole";
+ private static final String EXTEND_USER_ROLE = "extendUserRole";
+ private static final String DELETE_USER_ROLE = "deleteUserRole";
+ @Override
+ public Result<Void> requestUserRole(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp) {
+ TimeTaken tt = trans.start(REQUEST_USER_ROLE, Env.SUB|Env.ALWAYS);
+ try {
+ REQUEST request;
+ try {
+ Data<REQUEST> data = userRoleRequestDF.newData().load(req.getInputStream());
+ if(Question.willSpecialLog(trans, trans.user())) {
+ Question.logEncryptTrace(trans,data.asString());
+ }
+
+ request = data.asObject();
+ } catch(APIException e) {
+ return Result.err(Status.ERR_BadData,"Invalid Input");
+ }
+
+ Result<Void> rp = service.createUserRole(trans,request);
+ switch(rp.status) {
+ case OK:
+ setContentType(resp,permsDF.getOutType());
+ return Result.ok();
+ default:
+ return Result.err(rp);
+ }
+ } catch (Exception e) {
+ trans.error().log(e,IN,REQUEST_USER_ROLE);
+ return Result.err(e);
+ } finally {
+ tt.done();
+ }
+ }
+
+ @Override
+ public Result<Void> getUserInRole(AuthzTrans trans, HttpServletResponse resp, String user, String role) {
+ TimeTaken tt = trans.start(GET_USERROLES + ' ' + user + '|' + role, Env.SUB|Env.ALWAYS);
+ try {
+ Result<USERS> ru = service.getUserInRole(trans,user,role);
+ switch(ru.status) {
+ case OK:
+ RosettaData<USERS> data = usersDF.newData(trans).load(ru.value);
+ if(Question.willSpecialLog(trans, trans.user())) {
+ Question.logEncryptTrace(trans,data.asString());
+ }
+
+ data.to(resp.getOutputStream());
+ setContentType(resp,usersDF.getOutType());
+ setCacheControlOff(resp);
+ return Result.ok();
+ default:
+ return Result.err(ru);
+ }
+ } catch (Exception e) {
+ trans.error().log(e,IN,GET_USERROLES);
+ return Result.err(e);
+ } finally {
+ tt.done();
+ }
+
+ }
+
+ @Override
+ public Result<Void> getUserRolesByUser(AuthzTrans trans, HttpServletResponse resp, String user) {
+ TimeTaken tt = trans.start(GET_USERROLES_BY_USER + ' ' + user, Env.SUB|Env.ALWAYS);
+ try {
+ Result<USERROLES> ru = service.getUserRolesByUser(trans,user);
+ switch(ru.status) {
+ case OK:
+ RosettaData<USERROLES> data = userrolesDF.newData(trans).load(ru.value);
+ if(Question.willSpecialLog(trans, trans.user())) {
+ Question.logEncryptTrace(trans,data.asString());
+ }
+
+ data.to(resp.getOutputStream());
+ setContentType(resp,usersDF.getOutType());
+ setCacheControlOff(resp);
+ return Result.ok();
+ default:
+ return Result.err(ru);
+ }
+ } catch (Exception e) {
+ trans.error().log(e,IN,GET_USERROLES_BY_USER);
+ return Result.err(e);
+ } finally {
+ tt.done();
+ }
+
+ }
+
+ @Override
+ public Result<Void> getUserRolesByRole(AuthzTrans trans, HttpServletResponse resp, String role) {
+ TimeTaken tt = trans.start(GET_USERROLES_BY_ROLE + ' ' + role, Env.SUB|Env.ALWAYS);
+ try {
+ Result<USERROLES> ru = service.getUserRolesByRole(trans,role);
+ switch(ru.status) {
+ case OK:
+ RosettaData<USERROLES> data = userrolesDF.newData(trans).load(ru.value);
+ if(Question.willSpecialLog(trans, trans.user())) {
+ Question.logEncryptTrace(trans,data.asString());
+ }
+
+ data.to(resp.getOutputStream());
+ setContentType(resp,usersDF.getOutType());
+ setCacheControlOff(resp);
+ return Result.ok();
+ default:
+ return Result.err(ru);
+ }
+ } catch (Exception e) {
+ trans.error().log(e,IN,GET_USERROLES_BY_ROLE);
+ return Result.err(e);
+ } finally {
+ tt.done();
+ }
+
+ }
+
+
+ @Override
+ public Result<Void> resetUsersForRole(AuthzTrans trans, HttpServletResponse resp, HttpServletRequest req) {
+ TimeTaken tt = trans.start(SET_USERS_FOR_ROLE, Env.SUB|Env.ALWAYS);
+ try {
+ REQUEST rreq;
+ try {
+ RosettaData<REQUEST> data = userRoleRequestDF.newData().load(req.getInputStream());
+ if(Question.willSpecialLog(trans, trans.user())) {
+ Question.logEncryptTrace(trans,data.asString());
+ }
+ rreq = data.asObject();
+ } catch(APIException e) {
+ trans.error().log("Invalid Input",IN, SET_USERS_FOR_ROLE);
+ return Result.err(Status.ERR_BadData,"Invalid Input");
+ }
+
+ Result<Void> rp = service.resetUsersForRole(trans, rreq);
+
+ switch(rp.status) {
+ case OK:
+ setContentType(resp,permsDF.getOutType());
+ return Result.ok();
+ default:
+ return Result.err(rp);
+ }
+ } catch (Exception e) {
+ trans.error().log(e,IN,SET_USERS_FOR_ROLE);
+ return Result.err(e);
+ } finally {
+ tt.done();
+ }
+
+ }
+
+ @Override
+ public Result<Void> resetRolesForUser(AuthzTrans trans, HttpServletResponse resp, HttpServletRequest req) {
+ TimeTaken tt = trans.start(SET_ROLES_FOR_USER, Env.SUB|Env.ALWAYS);
+ try {
+ REQUEST rreq;
+ try {
+ RosettaData<REQUEST> data = userRoleRequestDF.newData().load(req.getInputStream());
+ if(Question.willSpecialLog(trans, trans.user())) {
+ Question.logEncryptTrace(trans,data.asString());
+ }
+
+ rreq = data.asObject();
+ } catch(APIException e) {
+ trans.error().log("Invalid Input",IN, SET_ROLES_FOR_USER);
+ return Result.err(Status.ERR_BadData,"Invalid Input");
+ }
+
+ Result<Void> rp = service.resetRolesForUser(trans, rreq);
+
+ switch(rp.status) {
+ case OK:
+ setContentType(resp,permsDF.getOutType());
+ return Result.ok();
+ default:
+ return Result.err(rp);
+ }
+ } catch (Exception e) {
+ trans.error().log(e,IN,SET_ROLES_FOR_USER);
+ return Result.err(e);
+ } finally {
+ tt.done();
+ }
+
+ }
+
+ /* (non-Javadoc)
+ * @see com.att.authz.facade.AuthzFacade#extendUserRoleExpiration(org.onap.aaf.auth.env.test.AuthzTrans, javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse, java.lang.String, java.lang.String)
+ */
+ @Override
+ public Result<Void> extendUserRoleExpiration(AuthzTrans trans, HttpServletResponse resp, String user, String role) {
+ TimeTaken tt = trans.start(EXTEND_USER_ROLE + ' ' + user + ' ' + role, Env.SUB|Env.ALWAYS);
+ try {
+ return service.extendUserRole(trans,user,role);
+ } catch (Exception e) {
+ trans.error().log(e,IN,EXTEND_USER_ROLE);
+ return Result.err(e);
+ } finally {
+ tt.done();
+ }
+ }
+
+ @Override
+ public Result<Void> deleteUserRole(AuthzTrans trans, HttpServletResponse resp, String user, String role) {
+ TimeTaken tt = trans.start(DELETE_USER_ROLE + ' ' + user + ' ' + role, Env.SUB|Env.ALWAYS);
+ try {
+ Result<Void> rp = service.deleteUserRole(trans,user,role);
+ switch(rp.status) {
+ case OK:
+ setContentType(resp,permsDF.getOutType());
+ return Result.ok();
+ default:
+ return Result.err(rp);
+ }
+ } catch (Exception e) {
+ trans.error().log(e,IN,DELETE_USER_ROLE);
+ return Result.err(e);
+ } finally {
+ tt.done();
+ }
+ }
+
+ private static final String UPDATE_APPROVAL = "updateApproval";
+ private static final String GET_APPROVALS_BY_USER = "getApprovalsByUser.";
+ private static final String GET_APPROVALS_BY_TICKET = "getApprovalsByTicket.";
+ private static final String GET_APPROVALS_BY_APPROVER = "getApprovalsByApprover.";
+
+ @Override
+ public Result<Void> updateApproval(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp) {
+ TimeTaken tt = trans.start(UPDATE_APPROVAL, Env.SUB|Env.ALWAYS);
+ try {
+ Data<APPROVALS> data = approvalDF.newData().load(req.getInputStream());
+ if(Question.willSpecialLog(trans, trans.user())) {
+ Question.logEncryptTrace(trans,data.asString());
+ }
+
+ Result<Void> rp = service.updateApproval(trans, data.asObject());
+
+ switch(rp.status) {
+ case OK:
+ setContentType(resp,approvalDF.getOutType());
+ return Result.ok();
+ default:
+ return Result.err(rp);
+ }
+ } catch (Exception e) {
+ trans.error().log(e,IN,UPDATE_APPROVAL);
+ return Result.err(e);
+ } finally {
+ tt.done();
+ }
+ }
+
+ @Override
+ public Result<Void> getApprovalsByUser(AuthzTrans trans, HttpServletResponse resp, String user) {
+ TimeTaken tt = trans.start(GET_APPROVALS_BY_USER + ' ' + user, Env.SUB|Env.ALWAYS);
+ try {
+ Result<APPROVALS> rp = service.getApprovalsByUser(trans, user);
+ switch(rp.status) {
+ case OK:
+ RosettaData<APPROVALS> data = approvalDF.newData(trans).load(rp.value);
+ if(Question.willSpecialLog(trans, trans.user())) {
+ Question.logEncryptTrace(trans,data.asString());
+ }
+ data.to(resp.getOutputStream());
+
+ setContentType(resp,permsDF.getOutType());
+ return Result.ok();
+ default:
+ return Result.err(rp);
+ }
+ } catch (Exception e) {
+ trans.error().log(e,IN,GET_APPROVALS_BY_USER, user);
+ return Result.err(e);
+ } finally {
+ tt.done();
+ }
+ }
+
+ @Override
+ public Result<Void> getApprovalsByApprover(AuthzTrans trans, HttpServletResponse resp, String approver) {
+ TimeTaken tt = trans.start(GET_APPROVALS_BY_APPROVER + ' ' + approver, Env.SUB|Env.ALWAYS);
+ try {
+ Result<APPROVALS> rp = service.getApprovalsByApprover(trans, approver);
+ switch(rp.status) {
+ case OK:
+ RosettaData<APPROVALS> data = approvalDF.newData(trans).load(rp.value);
+ if(Question.willSpecialLog(trans, trans.user())) {
+ Question.logEncryptTrace(trans,data.asString());
+ }
+
+ data.to(resp.getOutputStream());
+ setContentType(resp,permsDF.getOutType());
+ return Result.ok();
+ default:
+ return Result.err(rp);
+ }
+ } catch (Exception e) {
+ trans.error().log(e,IN,GET_APPROVALS_BY_APPROVER,approver);
+ return Result.err(e);
+ } finally {
+ tt.done();
+ }
+ }
+
+ @Override
+ public Result<Void> getApprovalsByTicket(AuthzTrans trans, HttpServletResponse resp, String ticket) {
+ TimeTaken tt = trans.start(GET_APPROVALS_BY_TICKET, Env.SUB|Env.ALWAYS);
+ try {
+ Result<APPROVALS> rp = service.getApprovalsByTicket(trans, ticket);
+ switch(rp.status) {
+ case OK:
+ RosettaData<APPROVALS> data = approvalDF.newData(trans).load(rp.value);
+ if(Question.willSpecialLog(trans, trans.user())) {
+ Question.logEncryptTrace(trans,data.asString());
+ }
+
+ data.to(resp.getOutputStream());
+ setContentType(resp,permsDF.getOutType());
+ return Result.ok();
+ default:
+ return Result.err(rp);
+ }
+ } catch (Exception e) {
+ trans.error().log(e,IN,GET_APPROVALS_BY_TICKET);
+ return Result.err(e);
+ } finally {
+ tt.done();
+ }
+ }
+
+
+
+ public static final String GET_USERS_PERMISSION = "getUsersByPermission";
+ public static final String GET_USERS_ROLE = "getUsersByRole";
+
+ /* (non-Javadoc)
+ * @see com.att.authz.facade.AuthzFacade#getUsersByRole(org.onap.aaf.auth.env.test.AuthzTrans, javax.servlet.http.HttpServletResponse, java.lang.String)
+ */
+ @Override
+ public Result<Void> getUsersByRole(AuthzTrans trans, HttpServletResponse resp, String role) {
+ TimeTaken tt = trans.start(GET_USERS_ROLE + ' ' + role, Env.SUB|Env.ALWAYS);
+ try {
+ Result<USERS> ru = service.getUsersByRole(trans,role);
+ switch(ru.status) {
+ case OK:
+ RosettaData<USERS> data = usersDF.newData(trans).load(ru.value);
+ if(Question.willSpecialLog(trans, trans.user())) {
+ Question.logEncryptTrace(trans,data.asString());
+ }
+
+ data.to(resp.getOutputStream());
+ setContentType(resp,usersDF.getOutType());
+ return Result.ok();
+ default:
+ return Result.err(ru);
+ }
+ } catch (Exception e) {
+ trans.error().log(e,IN,GET_USERS_ROLE);
+ return Result.err(e);
+ } finally {
+ tt.done();
+ }
+ }
+
+ /* (non-Javadoc)
+ * @see com.att.authz.facade.AuthzFacade#getUsersByPermission(org.onap.aaf.auth.env.test.AuthzTrans, javax.servlet.http.HttpServletResponse, java.lang.String, java.lang.String, java.lang.String)
+ */
+ @Override
+ public Result<Void> getUsersByPermission(AuthzTrans trans, HttpServletResponse resp,
+ String type, String instance, String action) {
+ TimeTaken tt = trans.start(GET_USERS_PERMISSION + ' ' + type + ' ' + instance + ' ' +action, Env.SUB|Env.ALWAYS);
+ try {
+ Result<USERS> ru = service.getUsersByPermission(trans,type,instance,action);
+ switch(ru.status) {
+ case OK:
+ RosettaData<USERS> data = usersDF.newData(trans).load(ru.value);
+ if(Question.willSpecialLog(trans, trans.user())) {
+ Question.logEncryptTrace(trans,data.asString());
+ }
+
+ data.to(resp.getOutputStream());
+ setContentType(resp,usersDF.getOutType());
+ return Result.ok();
+ default:
+ return Result.err(ru);
+ }
+ } catch (Exception e) {
+ trans.error().log(e,IN,GET_USERS_PERMISSION);
+ return Result.err(e);
+ } finally {
+ tt.done();
+ }
+ }
+
+
+ public static final String GET_HISTORY_USER = "getHistoryByUser";
+ public static final String GET_HISTORY_ROLE = "getHistoryByRole";
+ public static final String GET_HISTORY_PERM = "getHistoryByPerm";
+ public static final String GET_HISTORY_NS = "getHistoryByNS";
+ /* (non-Javadoc)
+ * @see com.att.authz.facade.AuthzFacade#getHistoryByUser(org.onap.aaf.auth.env.test.AuthzTrans, javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse)
+ */
+ @Override
+ public Result<Void> getHistoryByUser(AuthzTrans trans, HttpServletResponse resp, String user, int[] yyyymm, final int sort) {
+ StringBuilder sb = new StringBuilder();
+ sb.append(GET_HISTORY_USER);
+ sb.append(' ');
+ sb.append(user);
+ sb.append(" for ");
+ boolean first = true;
+ for(int i : yyyymm) {
+ if(first) {
+ first = false;
+ } else {
+ sb.append(',');
+ }
+ sb.append(i);
+ }
+ TimeTaken tt = trans.start(sb.toString(), Env.SUB|Env.ALWAYS);
+
+ try {
+ Result<HISTORY> rh = service.getHistoryByUser(trans,user,yyyymm,sort);
+ switch(rh.status) {
+ case OK:
+ RosettaData<HISTORY> data = historyDF.newData(trans).load(rh.value);
+ if(Question.willSpecialLog(trans, trans.user())) {
+ Question.logEncryptTrace(trans,data.asString());
+ }
+
+ data.to(resp.getOutputStream());
+ setContentType(resp,historyDF.getOutType());
+ return Result.ok();
+ default:
+ return Result.err(rh);
+ }
+ } catch (Exception e) {
+ trans.error().log(e,IN,GET_HISTORY_USER);
+ return Result.err(e);
+ } finally {
+ tt.done();
+ }
+ }
+
+ /* (non-Javadoc)
+ * @see com.att.authz.facade.AuthzFacade#getHistoryByRole(org.onap.aaf.auth.env.test.AuthzTrans, javax.servlet.http.HttpServletResponse, java.lang.String, int[])
+ */
+ @Override
+ public Result<Void> getHistoryByRole(AuthzTrans trans, HttpServletResponse resp, String role, int[] yyyymm, final int sort) {
+ StringBuilder sb = new StringBuilder();
+ sb.append(GET_HISTORY_ROLE);
+ sb.append(' ');
+ sb.append(role);
+ sb.append(" for ");
+ boolean first = true;
+ for(int i : yyyymm) {
+ if(first) {
+ first = false;
+ } else {
+ sb.append(',');
+ }
+ sb.append(i);
+ }
+ TimeTaken tt = trans.start(sb.toString(), Env.SUB|Env.ALWAYS);
+ try {
+ Result<HISTORY> rh = service.getHistoryByRole(trans,role,yyyymm,sort);
+ switch(rh.status) {
+ case OK:
+ RosettaData<HISTORY> data = historyDF.newData(trans).load(rh.value);
+ if(Question.willSpecialLog(trans, trans.user())) {
+ Question.logEncryptTrace(trans,data.asString());
+ }
+
+ data.to(resp.getOutputStream());
+ setContentType(resp,historyDF.getOutType());
+ return Result.ok();
+ default:
+ return Result.err(rh);
+ }
+ } catch (Exception e) {
+ trans.error().log(e,IN,GET_HISTORY_ROLE);
+ return Result.err(e);
+ } finally {
+ tt.done();
+ }
+ }
+
+ /* (non-Javadoc)
+ * @see com.att.authz.facade.AuthzFacade#getHistoryByNS(org.onap.aaf.auth.env.test.AuthzTrans, javax.servlet.http.HttpServletResponse, java.lang.String, int[])
+ */
+ @Override
+ public Result<Void> getHistoryByNS(AuthzTrans trans, HttpServletResponse resp, String ns, int[] yyyymm, final int sort) {
+ StringBuilder sb = new StringBuilder();
+ sb.append(GET_HISTORY_NS);
+ sb.append(' ');
+ sb.append(ns);
+ sb.append(" for ");
+ boolean first = true;
+ for(int i : yyyymm) {
+ if(first) {
+ first = false;
+ } else {
+ sb.append(',');
+ }
+ sb.append(i);
+ }
+ TimeTaken tt = trans.start(sb.toString(), Env.SUB|Env.ALWAYS);
+ try {
+ Result<HISTORY> rh = service.getHistoryByNS(trans,ns,yyyymm,sort);
+ switch(rh.status) {
+ case OK:
+ RosettaData<HISTORY> data = historyDF.newData(trans).load(rh.value);
+ if(Question.willSpecialLog(trans, trans.user())) {
+ Question.logEncryptTrace(trans,data.asString());
+ }
+
+ data.to(resp.getOutputStream());
+ setContentType(resp,historyDF.getOutType());
+ return Result.ok();
+ default:
+ return Result.err(rh);
+ }
+ } catch (Exception e) {
+ trans.error().log(e,IN,GET_HISTORY_NS);
+ return Result.err(e);
+ } finally {
+ tt.done();
+ }
+ }
+
+ /* (non-Javadoc)
+ * @see com.att.authz.facade.AuthzFacade#getHistoryByPerm(org.onap.aaf.auth.env.test.AuthzTrans, javax.servlet.http.HttpServletResponse, java.lang.String, int[])
+ */
+ @Override
+ public Result<Void> getHistoryByPerm(AuthzTrans trans, HttpServletResponse resp, String perm, int[] yyyymm, final int sort) {
+ StringBuilder sb = new StringBuilder();
+ sb.append(GET_HISTORY_PERM);
+ sb.append(' ');
+ sb.append(perm);
+ sb.append(" for ");
+ boolean first = true;
+ for(int i : yyyymm) {
+ if(first) {
+ first = false;
+ } else {
+ sb.append(',');
+ }
+ sb.append(i);
+ }
+ TimeTaken tt = trans.start(sb.toString(), Env.SUB|Env.ALWAYS);
+ try {
+ Result<HISTORY> rh = service.getHistoryByPerm(trans,perm,yyyymm,sort);
+ switch(rh.status) {
+ case OK:
+ RosettaData<HISTORY> data = historyDF.newData(trans).load(rh.value);
+ if(Question.willSpecialLog(trans, trans.user())) {
+ Question.logEncryptTrace(trans,data.asString());
+ }
+
+ data.to(resp.getOutputStream());
+ setContentType(resp,historyDF.getOutType());
+ return Result.ok();
+ default:
+ return Result.err(rh);
+ }
+ } catch (Exception e) {
+ trans.error().log(e,IN,GET_HISTORY_PERM);
+ return Result.err(e);
+ } finally {
+ tt.done();
+ }
+ }
+
+ public final static String CACHE_CLEAR = "cacheClear ";
+// public final static String CACHE_VALIDATE = "validateCache";
+
+ /* (non-Javadoc)
+ * @see com.att.authz.facade.AuthzFacade#cacheClear(org.onap.aaf.auth.env.test.AuthzTrans, java.lang.String)
+ */
+ @Override
+ public Result<Void> cacheClear(AuthzTrans trans, String cname) {
+ TimeTaken tt = trans.start(CACHE_CLEAR + cname, Env.SUB|Env.ALWAYS);
+ try {
+ return service.cacheClear(trans,cname);
+ } catch (Exception e) {
+ trans.error().log(e,IN,CACHE_CLEAR);
+ return Result.err(e);
+ } finally {
+ tt.done();
+ }
+ }
+
+ /* (non-Javadoc)
* @see com.att.authz.facade.AuthzFacade#cacheClear(org.onap.aaf.auth.env.test.AuthzTrans, java.lang.String, java.lang.Integer)
*/
- @Override
- public Result<Void> cacheClear(AuthzTrans trans, String cname, String segments) {
- TimeTaken tt = trans.start(CACHE_CLEAR + cname + ", segments[" + segments + ']', Env.SUB|Env.ALWAYS);
- try {
- String[] segs = segments.split("\\s*,\\s*");
- int isegs[] = new int[segs.length];
- for(int i=0;i<segs.length;++i) {
- try {
- isegs[i] = Integer.parseInt(segs[i]);
- } catch(NumberFormatException nfe) {
- isegs[i] = -1;
- }
- }
- return service.cacheClear(trans,cname, isegs);
- } catch (Exception e) {
- trans.error().log(e,IN,CACHE_CLEAR);
- return Result.err(e);
- } finally {
- tt.done();
- }
- }
-
- /* (non-Javadoc)
- * @see com.att.authz.facade.AuthzFacade#dbReset(org.onap.aaf.auth.env.test.AuthzTrans)
- */
- @Override
- public void dbReset(AuthzTrans trans) {
- service.dbReset(trans);
- }
-
- /* (non-Javadoc)
- * @see com.att.authz.facade.AuthzFacade#getAPI(org.onap.aaf.auth.env.test.AuthzTrans, javax.servlet.http.HttpServletResponse)
- */
- public final static String API_REPORT = "apiReport";
- @Override
- public Result<Void> getAPI(AuthzTrans trans, HttpServletResponse resp, RServlet<AuthzTrans> rservlet) {
- TimeTaken tt = trans.start(API_REPORT, Env.SUB);
- try {
- Api api = new Api();
- Api.Route ar;
- Method[] meths = AuthzCassServiceImpl.class.getDeclaredMethods();
- for(RouteReport rr : rservlet.routeReport()) {
- api.getRoute().add(ar = new Api.Route());
- ar.setMeth(rr.meth.name());
- ar.setPath(rr.path);
- ar.setDesc(rr.desc);
- ar.getContentType().addAll(rr.contextTypes);
- for(Method m : meths) {
- ApiDoc ad;
- if((ad = m.getAnnotation(ApiDoc.class))!=null &&
- rr.meth.equals(ad.method()) &&
- rr.path.equals(ad.path())) {
- for(String param : ad.params()) {
- ar.getParam().add(param);
- }
- for(String text : ad.text()) {
- ar.getComments().add(text);
- }
- ar.setExpected(ad.expectedCode());
- for(int ec : ad.errorCodes()) {
- ar.getExplicitErr().add(ec);
- }
- }
- }
- }
- RosettaData<Api> data = apiDF.newData(trans).load(api);
- if(Question.willSpecialLog(trans, trans.user())) {
- Question.logEncryptTrace(trans,data.asString());
- }
-
- data.to(resp.getOutputStream());
- setContentType(resp,apiDF.getOutType());
- return Result.ok();
-
- } catch (Exception e) {
- trans.error().log(e,IN,API_REPORT);
- return Result.err(e);
- } finally {
- tt.done();
- }
- }
-
-
- public final static String API_EXAMPLE = "apiExample";
-
- /* (non-Javadoc)
- * @see com.att.authz.facade.AuthzFacade#getAPIExample(org.onap.aaf.auth.env.test.AuthzTrans, javax.servlet.http.HttpServletResponse, java.lang.String)
- */
- @Override
- public Result<Void> getAPIExample(AuthzTrans trans, HttpServletResponse resp, String nameOrContentType, boolean optional) {
- TimeTaken tt = trans.start(API_EXAMPLE, Env.SUB);
- try {
- String content =Examples.print(apiDF.getEnv(), nameOrContentType, optional);
- resp.getOutputStream().print(content);
- setContentType(resp,content.contains("<?xml")?TYPE.XML:TYPE.JSON);
- return Result.ok();
- } catch (Exception e) {
- trans.error().log(e,IN,API_EXAMPLE);
- return Result.err(Status.ERR_NotImplemented,e.getMessage());
- } finally {
- tt.done();
- }
- }
+ @Override
+ public Result<Void> cacheClear(AuthzTrans trans, String cname, String segments) {
+ TimeTaken tt = trans.start(CACHE_CLEAR + cname + ", segments[" + segments + ']', Env.SUB|Env.ALWAYS);
+ try {
+ String[] segs = segments.split("\\s*,\\s*");
+ int isegs[] = new int[segs.length];
+ for(int i=0;i<segs.length;++i) {
+ try {
+ isegs[i] = Integer.parseInt(segs[i]);
+ } catch(NumberFormatException nfe) {
+ isegs[i] = -1;
+ }
+ }
+ return service.cacheClear(trans,cname, isegs);
+ } catch (Exception e) {
+ trans.error().log(e,IN,CACHE_CLEAR);
+ return Result.err(e);
+ } finally {
+ tt.done();
+ }
+ }
+
+ /* (non-Javadoc)
+ * @see com.att.authz.facade.AuthzFacade#dbReset(org.onap.aaf.auth.env.test.AuthzTrans)
+ */
+ @Override
+ public void dbReset(AuthzTrans trans) {
+ service.dbReset(trans);
+ }
+
+ /* (non-Javadoc)
+ * @see com.att.authz.facade.AuthzFacade#getAPI(org.onap.aaf.auth.env.test.AuthzTrans, javax.servlet.http.HttpServletResponse)
+ */
+ public final static String API_REPORT = "apiReport";
+ @Override
+ public Result<Void> getAPI(AuthzTrans trans, HttpServletResponse resp, RServlet<AuthzTrans> rservlet) {
+ TimeTaken tt = trans.start(API_REPORT, Env.SUB);
+ try {
+ Api api = new Api();
+ Api.Route ar;
+ Method[] meths = AuthzCassServiceImpl.class.getDeclaredMethods();
+ for(RouteReport rr : rservlet.routeReport()) {
+ api.getRoute().add(ar = new Api.Route());
+ ar.setMeth(rr.meth.name());
+ ar.setPath(rr.path);
+ ar.setDesc(rr.desc);
+ ar.getContentType().addAll(rr.contextTypes);
+ for(Method m : meths) {
+ ApiDoc ad;
+ if((ad = m.getAnnotation(ApiDoc.class))!=null &&
+ rr.meth.equals(ad.method()) &&
+ rr.path.equals(ad.path())) {
+ for(String param : ad.params()) {
+ ar.getParam().add(param);
+ }
+ for(String text : ad.text()) {
+ ar.getComments().add(text);
+ }
+ ar.setExpected(ad.expectedCode());
+ for(int ec : ad.errorCodes()) {
+ ar.getExplicitErr().add(ec);
+ }
+ }
+ }
+ }
+ RosettaData<Api> data = apiDF.newData(trans).load(api);
+ if(Question.willSpecialLog(trans, trans.user())) {
+ Question.logEncryptTrace(trans,data.asString());
+ }
+
+ data.to(resp.getOutputStream());
+ setContentType(resp,apiDF.getOutType());
+ return Result.ok();
+
+ } catch (Exception e) {
+ trans.error().log(e,IN,API_REPORT);
+ return Result.err(e);
+ } finally {
+ tt.done();
+ }
+ }
+
+
+ public final static String API_EXAMPLE = "apiExample";
+
+ /* (non-Javadoc)
+ * @see com.att.authz.facade.AuthzFacade#getAPIExample(org.onap.aaf.auth.env.test.AuthzTrans, javax.servlet.http.HttpServletResponse, java.lang.String)
+ */
+ @Override
+ public Result<Void> getAPIExample(AuthzTrans trans, HttpServletResponse resp, String nameOrContentType, boolean optional) {
+ TimeTaken tt = trans.start(API_EXAMPLE, Env.SUB);
+ try {
+ String content =Examples.print(apiDF.getEnv(), nameOrContentType, optional);
+ resp.getOutputStream().print(content);
+ setContentType(resp,content.contains("<?xml")?TYPE.XML:TYPE.JSON);
+ return Result.ok();
+ } catch (Exception e) {
+ trans.error().log(e,IN,API_EXAMPLE);
+ return Result.err(Status.ERR_NotImplemented,e.getMessage());
+ } finally {
+ tt.done();
+ }
+ }
} \ No newline at end of file
diff --git a/auth/auth-service/src/main/java/org/onap/aaf/auth/service/facade/AuthzFacade_2_0.java b/auth/auth-service/src/main/java/org/onap/aaf/auth/service/facade/AuthzFacade_2_0.java
index d6bbc378..0e67ac49 100644
--- a/auth/auth-service/src/main/java/org/onap/aaf/auth/service/facade/AuthzFacade_2_0.java
+++ b/auth/auth-service/src/main/java/org/onap/aaf/auth/service/facade/AuthzFacade_2_0.java
@@ -41,23 +41,23 @@ import aaf.v2_0.UserRoles;
import aaf.v2_0.Users;
public class AuthzFacade_2_0 extends AuthzFacadeImpl<
- Nss,
- Perms,
- Pkey,
- Roles,
- Users,
- UserRoles,
- Delgs,
- Certs,
- Keys,
- Request,
- History,
- Error,
- Approvals>
+ Nss,
+ Perms,
+ Pkey,
+ Roles,
+ Users,
+ UserRoles,
+ Delgs,
+ Certs,
+ Keys,
+ Request,
+ History,
+ Error,
+ Approvals>
{
- public AuthzFacade_2_0(AuthzEnv env,
- AuthzService<Nss, Perms, Pkey, Roles, Users, UserRoles, Delgs, Certs, Keys, Request, History, Error, Approvals> service,
- Data.TYPE type) throws APIException {
- super(env, service, type);
- }
+ public AuthzFacade_2_0(AuthzEnv env,
+ AuthzService<Nss, Perms, Pkey, Roles, Users, UserRoles, Delgs, Certs, Keys, Request, History, Error, Approvals> service,
+ Data.TYPE type) throws APIException {
+ super(env, service, type);
+ }
}
diff --git a/auth/auth-service/src/main/java/org/onap/aaf/auth/service/mapper/Mapper.java b/auth/auth-service/src/main/java/org/onap/aaf/auth/service/mapper/Mapper.java
index e7cedf96..c66525da 100644
--- a/auth/auth-service/src/main/java/org/onap/aaf/auth/service/mapper/Mapper.java
+++ b/auth/auth-service/src/main/java/org/onap/aaf/auth/service/mapper/Mapper.java
@@ -41,82 +41,82 @@ import org.onap.aaf.auth.service.MayChange;
import org.onap.aaf.misc.rosetta.Marshal;
public interface Mapper<
- NSS,
- PERMS,
- PERMKEY,
- ROLES,
- USERS,
- USERROLES,
- DELGS,
- CERTS,
- KEYS,
- REQUEST,
- HISTORY,
- ERROR,
- APPROVALS>
+ NSS,
+ PERMS,
+ PERMKEY,
+ ROLES,
+ USERS,
+ USERROLES,
+ DELGS,
+ CERTS,
+ KEYS,
+ REQUEST,
+ HISTORY,
+ ERROR,
+ APPROVALS>
{
- enum API{NSS,NS_REQ,
- PERMS,PERM_KEY,PERM_REQ,
- ROLES,ROLE,ROLE_REQ,ROLE_PERM_REQ,
- USERS,USER_ROLE_REQ,USER_ROLES,
- CRED_REQ,CERTS,
- APPROVALS,
- DELGS,DELG_REQ,
- KEYS,
- HISTORY,
- ERROR,
- API,
- VOID};
- public Class<?> getClass(API api);
- public<A> Marshal<A> getMarshal(API api);
- public<A> A newInstance(API api);
+ enum API{NSS,NS_REQ,
+ PERMS,PERM_KEY,PERM_REQ,
+ ROLES,ROLE,ROLE_REQ,ROLE_PERM_REQ,
+ USERS,USER_ROLE_REQ,USER_ROLES,
+ CRED_REQ,CERTS,
+ APPROVALS,
+ DELGS,DELG_REQ,
+ KEYS,
+ HISTORY,
+ ERROR,
+ API,
+ VOID};
+ public Class<?> getClass(API api);
+ public<A> Marshal<A> getMarshal(API api);
+ public<A> A newInstance(API api);
- public Result<PermDAO.Data> permkey(AuthzTrans trans, PERMKEY from);
- public Result<PermDAO.Data> perm(AuthzTrans trans, REQUEST from);
- public Result<RoleDAO.Data> role(AuthzTrans trans, REQUEST from);
- public Result<Namespace> ns(AuthzTrans trans, REQUEST from);
- public Result<CredDAO.Data> cred(AuthzTrans trans, REQUEST from, boolean requiresPass);
- public Result<USERS> cred(List<CredDAO.Data> lcred, USERS to);
- public Result<CERTS> cert(List<CertDAO.Data> lcert, CERTS to);
- public Result<DelegateDAO.Data> delegate(AuthzTrans trans, REQUEST from);
- public Result<DELGS> delegate(List<DelegateDAO.Data> lDelg);
- public Result<APPROVALS> approvals(List<ApprovalDAO.Data> lAppr);
- public Result<List<ApprovalDAO.Data>> approvals(APPROVALS apprs);
- public Result<List<PermDAO.Data>> perms(AuthzTrans trans, PERMS perms);
-
- public Result<UserRoleDAO.Data> userRole(AuthzTrans trans, REQUEST from);
- public Result<PermDAO.Data> permFromRPRequest(AuthzTrans trans, REQUEST from);
- public REQUEST ungrantRequest(AuthzTrans trans, String role, String type, String instance, String action);
- public Result<RoleDAO.Data> roleFromRPRequest(AuthzTrans trans, REQUEST from);
-
- /*
- * Check Requests of varying sorts for Future fields set
- */
- public Result<FutureDAO.Data> future(AuthzTrans trans, String table, REQUEST from, Bytification content, boolean enableApproval, Memo memo, MayChange mc);
+ public Result<PermDAO.Data> permkey(AuthzTrans trans, PERMKEY from);
+ public Result<PermDAO.Data> perm(AuthzTrans trans, REQUEST from);
+ public Result<RoleDAO.Data> role(AuthzTrans trans, REQUEST from);
+ public Result<Namespace> ns(AuthzTrans trans, REQUEST from);
+ public Result<CredDAO.Data> cred(AuthzTrans trans, REQUEST from, boolean requiresPass);
+ public Result<USERS> cred(List<CredDAO.Data> lcred, USERS to);
+ public Result<CERTS> cert(List<CertDAO.Data> lcert, CERTS to);
+ public Result<DelegateDAO.Data> delegate(AuthzTrans trans, REQUEST from);
+ public Result<DELGS> delegate(List<DelegateDAO.Data> lDelg);
+ public Result<APPROVALS> approvals(List<ApprovalDAO.Data> lAppr);
+ public Result<List<ApprovalDAO.Data>> approvals(APPROVALS apprs);
+ public Result<List<PermDAO.Data>> perms(AuthzTrans trans, PERMS perms);
+
+ public Result<UserRoleDAO.Data> userRole(AuthzTrans trans, REQUEST from);
+ public Result<PermDAO.Data> permFromRPRequest(AuthzTrans trans, REQUEST from);
+ public REQUEST ungrantRequest(AuthzTrans trans, String role, String type, String instance, String action);
+ public Result<RoleDAO.Data> roleFromRPRequest(AuthzTrans trans, REQUEST from);
+
+ /*
+ * Check Requests of varying sorts for Future fields set
+ */
+ public Result<FutureDAO.Data> future(AuthzTrans trans, String table, REQUEST from, Bytification content, boolean enableApproval, Memo memo, MayChange mc);
- public Result<NSS> nss(AuthzTrans trans, Namespace from, NSS to);
+ public Result<NSS> nss(AuthzTrans trans, Namespace from, NSS to);
- // Note: Prevalidate if NS given is allowed to be seen before calling
- public Result<NSS> nss(AuthzTrans trans, Collection<Namespace> from, NSS to);
-// public Result<NSS> ns_attrib(AuthzTrans trans, Set<String> from, NSS to);
- public Result<PERMS> perms(AuthzTrans trans, List<PermDAO.Data> from, PERMS to, boolean filter);
- public Result<PERMS> perms(AuthzTrans trans, List<PermDAO.Data> from, PERMS to, String[] scopes, boolean filter);
- public Result<ROLES> roles(AuthzTrans trans, List<RoleDAO.Data> from, ROLES roles, boolean filter);
- // Note: Prevalidate if NS given is allowed to be seen before calling
- public Result<USERS> users(AuthzTrans trans, Collection<UserRoleDAO.Data> from, USERS to);
- public Result<USERROLES> userRoles(AuthzTrans trans, Collection<UserRoleDAO.Data> from, USERROLES to);
- public Result<KEYS> keys(Collection<String> from);
+ // Note: Prevalidate if NS given is allowed to be seen before calling
+ public Result<NSS> nss(AuthzTrans trans, Collection<Namespace> from, NSS to);
+// public Result<NSS> ns_attrib(AuthzTrans trans, Set<String> from, NSS to);
+ public Result<PERMS> perms(AuthzTrans trans, List<PermDAO.Data> from, PERMS to, boolean filter);
+ public Result<PERMS> perms(AuthzTrans trans, List<PermDAO.Data> from, PERMS to, String[] scopes, boolean filter);
+ public Result<ROLES> roles(AuthzTrans trans, List<RoleDAO.Data> from, ROLES roles, boolean filter);
+ // Note: Prevalidate if NS given is allowed to be seen before calling
+ public Result<USERS> users(AuthzTrans trans, Collection<UserRoleDAO.Data> from, USERS to);
+ public Result<USERROLES> userRoles(AuthzTrans trans, Collection<UserRoleDAO.Data> from, USERROLES to);
+ public Result<KEYS> keys(Collection<String> from);
- public Result<HISTORY> history(AuthzTrans trans, List<HistoryDAO.Data> history, final int sort);
-
- public ERROR errorFromMessage(StringBuilder holder, String msgID, String text, String... detail);
-
- /*
- * A Memo Creator... Use to avoid creating superfluous Strings until needed.
- */
- public static interface Memo {
- public String get();
- }
+ public Result<HISTORY> history(AuthzTrans trans, List<HistoryDAO.Data> history, final int sort);
+
+ public ERROR errorFromMessage(StringBuilder holder, String msgID, String text, String... detail);
+
+ /*
+ * A Memo Creator... Use to avoid creating superfluous Strings until needed.
+ */
+ public static interface Memo {
+ public String get();
+ }
diff --git a/auth/auth-service/src/main/java/org/onap/aaf/auth/service/mapper/Mapper_2_0.java b/auth/auth-service/src/main/java/org/onap/aaf/auth/service/mapper/Mapper_2_0.java
index f414a9fd..5f6f30e4 100644
--- a/auth/auth-service/src/main/java/org/onap/aaf/auth/service/mapper/Mapper_2_0.java
+++ b/auth/auth-service/src/main/java/org/onap/aaf/auth/service/mapper/Mapper_2_0.java
@@ -97,771 +97,771 @@ import aaf.v2_0.Users;
import aaf.v2_0.Users.User;
public class Mapper_2_0 implements Mapper<Nss, Perms, Pkey, Roles, Users, UserRoles, Delgs, Certs, Keys, Request, History, Error, Approvals> {
- private Question q;
-
- public Mapper_2_0(Question q) {
- this.q = q;
- }
-
- /* (non-Javadoc)
- * @see org.onap.aaf.auth.service.mapper.Mapper#ns(java.lang.Object, org.onap.aaf.auth.service.mapper.Mapper.Holder)
- */
- @Override
- public Result<Namespace> ns(AuthzTrans trans, Request base) {
- NsRequest from = (NsRequest)base;
- Namespace namespace = new Namespace();
- namespace.name = from.getName();
- namespace.admin = from.getAdmin();
- namespace.owner = from.getResponsible();
- namespace.description = from.getDescription();
- trans.checkpoint(namespace.name, Env.ALWAYS);
-
- NsType nt = NsType.fromString(from.getType());
- if(nt.equals(NsType.UNKNOWN)) {
- String ns = namespace.name;
- int count = 0;
- for(int i=ns.indexOf('.');
- i>=0;
- i=ns.indexOf('.',i+1)) {
- ++count;
- }
- switch(count) {
- case 0: nt = NsType.ROOT;break;
- case 1: nt = NsType.COMPANY;break;
- default: nt = NsType.APP;
- }
- }
- namespace.type = nt.type;
-
- return Result.ok(namespace);
- }
-
- @Override
- public Result<Nss> nss(AuthzTrans trans, Namespace from, Nss to) {
- List<Ns> nss = to.getNs();
- Ns ns = new Ns();
- ns.setName(from.name);
- if(from.admin!=null)ns.getAdmin().addAll(from.admin);
- if(from.owner!=null)ns.getResponsible().addAll(from.owner);
- if(from.attrib!=null) {
- for(Pair<String,String> attrib : from.attrib) {
- Ns.Attrib toAttrib = new Ns.Attrib();
- toAttrib.setKey(attrib.x);
- toAttrib.setValue(attrib.y);
- ns.getAttrib().add(toAttrib);
- }
- }
-
- ns.setDescription(from.description);
- nss.add(ns);
- return Result.ok(to);
- }
-
- /**
- * Note: Prevalidate if NS given is allowed to be seen before calling
- */
- @Override
- public Result<Nss> nss(AuthzTrans trans, Collection<Namespace> from, Nss to) {
- List<Ns> nss = to.getNs();
- for(Namespace nd : from) {
- Ns ns = new Ns();
- ns.setName(nd.name);
- if(nd.admin!=null) {
- ns.getAdmin().addAll(nd.admin);
- }
- if(nd.owner!=null) {
- ns.getResponsible().addAll(nd.owner);
- }
- ns.setDescription(nd.description);
- if(nd.attrib!=null) {
- for(Pair<String,String> attrib : nd.attrib) {
- Ns.Attrib toAttrib = new Ns.Attrib();
- toAttrib.setKey(attrib.x);
- toAttrib.setValue(attrib.y);
- ns.getAttrib().add(toAttrib);
- }
- }
-
- nss.add(ns);
- }
- return Result.ok(to);
- }
-
- @Override
- public Result<Perms> perms(AuthzTrans trans, List<PermDAO.Data> from, Perms to, boolean filter) {
- List<Perm> perms = to.getPerm();
- final boolean addNS = trans.requested(REQD_TYPE.ns);
- TimeTaken tt = trans.start("Filter Perms before return", Env.SUB);
- try {
- if(from!=null) {
- for (PermDAO.Data data : from) {
- if(!filter || q.mayUser(trans, trans.user(), data, Access.read).isOK()) {
- Perm perm = new Perm();
- perm.setType(data.fullType());
- perm.setInstance(data.instance);
- perm.setAction(data.action);
- perm.setDescription(data.description);
- if(addNS) {
- perm.setNs(data.ns);
- }
- for(String role : data.roles(false)) {
- perm.getRoles().add(role);
- }
- perms.add(perm);
- }
- }
- }
- } finally {
- tt.done();
- }
-
- tt = trans.start("Sort Perms", Env.SUB);
- try {
- Collections.sort(perms, new Comparator<Perm>() {
- @Override
- public int compare(Perm perm1, Perm perm2) {
- int typeCompare = perm1.getType().compareToIgnoreCase(perm2.getType());
- if (typeCompare == 0) {
- int instanceCompare = perm1.getInstance().compareToIgnoreCase(perm2.getInstance());
- if (instanceCompare == 0) {
- return perm1.getAction().compareToIgnoreCase(perm2.getAction());
- }
- return instanceCompare;
- }
- return typeCompare;
- }
- });
- } finally {
- tt.done();
- }
- return Result.ok(to);
- }
-
- @Override
- public Result<Perms> perms(AuthzTrans trans, List<PermDAO.Data> from, Perms to, String[] nss, boolean filter) {
- List<Perm> perms = to.getPerm();
- TimeTaken tt = trans.start("Filter Perms before return", Env.SUB);
- try {
- if(from!=null) {
- boolean inNSS;
- for (PermDAO.Data data : from) {
- inNSS=false;
- for(int i=0;!inNSS && i<nss.length;++i) {
- if(nss[i].equals(data.ns)) {
- inNSS=true;
- }
- }
- if(inNSS && (!filter || q.mayUser(trans, trans.user(), data, Access.read).isOK())) {
- Perm perm = new Perm();
- perm.setType(data.fullType());
- perm.setInstance(data.instance);
- perm.setAction(data.action);
- for(String role : data.roles(false)) {
- perm.getRoles().add(role);
- }
- perm.setDescription(data.description);
- perms.add(perm);
- }
- }
- }
- } finally {
- tt.done();
- }
-
- tt = trans.start("Sort Perms", Env.SUB);
- try {
- Collections.sort(perms, new Comparator<Perm>() {
- @Override
- public int compare(Perm perm1, Perm perm2) {
- int typeCompare = perm1.getType().compareToIgnoreCase(perm2.getType());
- if (typeCompare == 0) {
- int instanceCompare = perm1.getInstance().compareToIgnoreCase(perm2.getInstance());
- if (instanceCompare == 0) {
- return perm1.getAction().compareToIgnoreCase(perm2.getAction());
- }
- return instanceCompare;
- }
- return typeCompare;
- }
- });
- } finally {
- tt.done();
- }
- return Result.ok(to);
- }
-
- @Override
- public Result<List<PermDAO.Data>> perms(AuthzTrans trans, Perms perms) {
- List<PermDAO.Data> lpd = new ArrayList<>();
- for (Perm p : perms.getPerm()) {
- Result<NsSplit> nss = q.deriveNsSplit(trans, p.getType());
- PermDAO.Data pd = new PermDAO.Data();
- if(nss.isOK()) {
- pd.ns=nss.value.ns;
- pd.type = nss.value.name;
- pd.instance = p.getInstance();
- pd.action = p.getAction();
- for (String role : p.getRoles()) {
- pd.roles(true).add(role);
- }
- lpd.add(pd);
- } else {
- return Result.err(nss);
- }
- }
- return Result.ok(lpd);
- }
-
-
- @Override
- public Result<PermDAO.Data> permkey(AuthzTrans trans, Pkey from) {
- return q.permFrom(trans, from.getType(),from.getInstance(),from.getAction());
- }
-
- @Override
- public Result<PermDAO.Data> permFromRPRequest(AuthzTrans trans, Request req) {
- RolePermRequest from = (RolePermRequest)req;
- Pkey perm = from.getPerm();
- if(perm==null)return Result.err(Status.ERR_NotFound, "Permission not found");
- Result<NsSplit> nss = q.deriveNsSplit(trans, perm.getType());
- PermDAO.Data pd = new PermDAO.Data();
- if(nss.isOK()) {
- pd.ns=nss.value.ns;
- pd.type = nss.value.name;
- pd.instance = from.getPerm().getInstance();
- pd.action = from.getPerm().getAction();
- trans.checkpoint(pd.fullPerm(), Env.ALWAYS);
-
- String[] roles = {};
-
- if (from.getRole() != null) {
- roles = from.getRole().split(",");
- }
- for (String role : roles) {
- pd.roles(true).add(role);
- }
- return Result.ok(pd);
- } else {
- return Result.err(nss);
- }
- }
-
- @Override
- public Result<RoleDAO.Data> roleFromRPRequest(AuthzTrans trans, Request req) {
- RolePermRequest from = (RolePermRequest)req;
- Result<NsSplit> nss = q.deriveNsSplit(trans, from.getRole());
- RoleDAO.Data rd = new RoleDAO.Data();
- if(nss.isOK()) {
- rd.ns = nss.value.ns;
- rd.name = nss.value.name;
- trans.checkpoint(rd.fullName(), Env.ALWAYS);
- return Result.ok(rd);
- } else {
- return Result.err(nss);
- }
- }
-
- @Override
- public Result<PermDAO.Data> perm(AuthzTrans trans, Request req) {
- PermRequest from = (PermRequest)req;
- Result<NsSplit> nss = q.deriveNsSplit(trans, from.getType());
- PermDAO.Data pd = new PermDAO.Data();
- if(nss.isOK()) {
- pd.ns=nss.value.ns;
- pd.type = nss.value.name;
- pd.instance = from.getInstance();
- pd.action = from.getAction();
- pd.description = from.getDescription();
- trans.checkpoint(pd.fullPerm(), Env.ALWAYS);
- return Result.ok(pd);
- } else {
- return Result.err(nss);
- }
- }
-
- @Override
- public Request ungrantRequest(AuthzTrans trans, String role, String type, String instance, String action) {
- RolePermRequest rpr = new RolePermRequest();
- Pkey pkey = new Pkey();
- pkey.setType(type);
- pkey.setInstance(instance);
- pkey.setAction(action);
- rpr.setPerm(pkey);
-
- rpr.setRole(role);
- return rpr;
- }
-
- @Override
- public Result<RoleDAO.Data> role(AuthzTrans trans, Request base) {
- RoleRequest from = (RoleRequest)base;
- Result<NsSplit> nss = q.deriveNsSplit(trans, from.getName());
- if(nss.isOK()) {
- RoleDAO.Data to = new RoleDAO.Data();
- to.ns = nss.value.ns;
- to.name = nss.value.name;
- to.description = from.getDescription();
- trans.checkpoint(to.fullName(), Env.ALWAYS);
-
- return Result.ok(to);
- } else {
- return Result.err(nss);
- }
- }
-
- /* (non-Javadoc)
- * @see org.onap.aaf.auth.service.mapper.Mapper#roles(java.util.List)
- */
- @Override
- public Result<Roles> roles(AuthzTrans trans, List<RoleDAO.Data> from, Roles to, boolean filter) {
- final boolean needNS = trans.requested(REQD_TYPE.ns);
- for(RoleDAO.Data frole : from) {
- // Only Add Data to view if User is allowed to see this Role
- if(!filter || q.mayUser(trans, trans.user(), frole,Access.read).isOK()) {
- Role role = new Role();
- role.setName(frole.ns + '.' + frole.name);
- role.setDescription(frole.description);
- if(needNS) {
- role.setNs(frole.ns);
- }
- for(String p : frole.perms(false)) { // can see any Perms in the Role he has permission for
- Result<String[]> rpa = PermDAO.Data.decodeToArray(trans,q,p);
- if(rpa.notOK())
- return Result.err(rpa);
-
- String[] pa = rpa.value;
- Pkey pKey = new Pkey();
- pKey.setType(pa[0]+'.'+pa[1]);
- pKey.setInstance(pa[2]);
- pKey.setAction(pa[3]);
- role.getPerms().add(pKey);
- }
- to.getRole().add(role);
- }
- }
- return Result.ok(to);
- }
-
- /*
- * (non-Javadoc)
- * @see org.onap.aaf.auth.service.mapper.Mapper#users(java.util.Collection, java.lang.Object)
- *
- * Note: Prevalidate all data for permission to view
- */
- @Override
- public Result<Users> users(AuthzTrans trans, Collection<UserRoleDAO.Data> from, Users to) {
- List<User> cu = to.getUser();
- for(UserRoleDAO.Data urd : from) {
- User user = new User();
- user.setId(urd.user);
- if(urd.expires!=null) {
- user.setExpires(Chrono.timeStamp(urd.expires));
- }
- cu.add(user);
- }
- return Result.ok(to);
- }
-
- /*
- * (non-Javadoc)
- * @see org.onap.aaf.auth.service.mapper.Mapper#users(java.util.Collection, java.lang.Object)
- *
- * Note: Prevalidate all data for permission to view
- */
- @Override
- public Result<UserRoles> userRoles(AuthzTrans trans, Collection<UserRoleDAO.Data> from, UserRoles to) {
- List<UserRole> cu = to.getUserRole();
- for(UserRoleDAO.Data urd : from) {
- UserRole ur = new UserRole();
- ur.setUser(urd.user);
- ur.setRole(urd.role);
- ur.setExpires(Chrono.timeStamp(urd.expires));
- cu.add(ur);
- }
- return Result.ok(to);
- }
-
- @Override
- public Result<UserRoleDAO.Data> userRole(AuthzTrans trans, Request base) {
- try {
- UserRoleRequest from = (UserRoleRequest)base;
-
- // Setup UserRoleData, either for immediate placement, or for futureIt i
- UserRoleDAO.Data to = new UserRoleDAO.Data();
- if (from.getUser() != null) {
- to.user = from.getUser();
- }
- if (from.getRole() != null) {
- to.role(trans,q,from.getRole());
- }
- to.expires = getExpires(trans.org(),Expiration.UserInRole,base,from.getUser());
- trans.checkpoint(to.toString(), Env.ALWAYS);
-
- return Result.ok(to);
- } catch (Exception t) {
- return Result.err(Status.ERR_BadData,t.getMessage());
- }
- }
-
- @Override
- public Result<CredDAO.Data> cred(AuthzTrans trans, Request base, boolean requiresPass) {
- CredRequest from = (CredRequest)base;
- CredDAO.Data to = new CredDAO.Data();
- to.id=from.getId();
- to.ns = Question.domain2ns(to.id);
- String passwd = from.getPassword();
- if(requiresPass) {
- String ok = trans.org().isValidPassword(trans, to.id,passwd);
- if(ok.length()>0) {
- return Result.err(Status.ERR_BadData,ok);
- }
- } else {
- to.type=0;
- }
- if(passwd != null) {
- to.cred = ByteBuffer.wrap(passwd.getBytes());
- to.type = CredDAO.RAW;
- } else {
- to.type = 0;
- }
-
- // Note: Ensure requested EndDate created will match Organization Password Rules
- // P.S. Do not apply TempPassword rule here. Do that when you know you are doing a Create/Reset (see Service)
- to.expires = getExpires(trans.org(),Expiration.Password,base,from.getId());
- trans.checkpoint(to.id, Env.ALWAYS);
-
- return Result.ok(to);
- }
-
- @Override
- public Result<Users> cred(List<CredDAO.Data> from, Users to) {
- List<User> cu = to.getUser();
- for(CredDAO.Data cred : from) {
- User user = new User();
- user.setId(cred.id);
- user.setExpires(Chrono.timeStamp(cred.expires));
- user.setType(cred.type);
- cu.add(user);
- }
- return Result.ok(to);
- }
-
- @Override
- public Result<Certs> cert(List<CertDAO.Data> from, Certs to) {
- List<Cert> lc = to.getCert();
- for(CertDAO.Data fcred : from) {
- Cert cert = new Cert();
- cert.setId(fcred.id);
- cert.setX500(fcred.x500);
- /**TODO - change Interface
- * @deprecated */
- cert.setFingerprint(fcred.serial.toByteArray());
- lc.add(cert);
- }
- return Result.ok(to);
- }
-
- /**
- * Analyze whether Requests should be acted on now, or in the future, based on Start Date, and whether the requester
- * is allowed to change this value directly
- *
- * Returning Result.OK means it should be done in the future.
- * Returning Result.ACC_Now means to act on table change now.
- */
- @Override
- public Result<FutureDAO.Data> future(AuthzTrans trans, String table, Request from,
- Bytification content, boolean enableApproval, Memo memo, MayChange mc) {
- Result<?> rMayChange;
- boolean needsAppr = enableApproval?trans.requested(REQD_TYPE.future):false;
- if(!needsAppr && (needsAppr = (rMayChange=mc.mayChange()).notOK())) {
- if(enableApproval) {
- if(!trans.requested(AuthzTrans.REQD_TYPE.future)) {
- return Result.err(rMayChange);
- }
- } else {
- return Result.err(rMayChange);
- }
- }
- GregorianCalendar now = new GregorianCalendar();
- GregorianCalendar start = from.getStart()==null?now:from.getStart().toGregorianCalendar();
-
- GregorianCalendar expires = trans.org().expiration(start, Expiration.Future);
- XMLGregorianCalendar xgc;
- if((xgc=from.getEnd())!=null) {
- GregorianCalendar fgc = xgc.toGregorianCalendar();
- expires = expires.before(fgc)?expires:fgc; // Min of desired expiration, and Org expiration
- }
-
- //TODO needs two answers from this. What's the NSS, and may Change.
- FutureDAO.Data fto;
- if(start.after(now) || needsAppr ) {
- //String user = trans.user();
- fto = new FutureDAO.Data();
- fto.target=table;
- fto.memo = memo.get();
- fto.start = start.getTime();
- fto.expires = expires.getTime();
- if(needsAppr) { // Need to add Approvers...
- /*
- Result<Data> rslt = mc.getNsd();
- if(rslt.notOKorIsEmpty())return Result.err(rslt);
- appr.addAll(mc.getNsd().value.responsible);
- try {
- //Note from 2013 Is this getting Approvers for user only? What about Delegates?
- // 3/25/2014. Approvers are set by Corporate policy. We don't have to worry here about what that means.
- // It is important to get Delegates, if necessary, at notification time
- // If we add delegates now, it will get all confused as to who is actually responsible.
- for(Organization.User ou : org.getApprovers(trans, user)) {
- appr.add(ou.email);
- }
- } catch (Exception e) {
- return Result.err(Status.ERR_Policy,org.getName() + " did not respond with Approvers: " + e.getLocalizedMessage());
- }
- */
- }
- try {
- fto.construct = content.bytify();
- } catch (Exception e) {
- return Result.err(Status.ERR_BadData,"Data cannot be saved for Future.");
- }
- } else {
- return Result.err(Status.ACC_Now, "Make Data changes now.");
- }
- return Result.ok(fto);
- }
-
-
- /* (non-Javadoc)
- * @see org.onap.aaf.auth.service.mapper.Mapper#history(java.util.List)
- */
- @Override
- public Result<History> history(AuthzTrans trans, List<HistoryDAO.Data> history, final int sort) {
- History hist = new History();
- List<Item> items = hist.getItem();
- for(HistoryDAO.Data data : history) {
- History.Item item = new History.Item();
- item.setYYYYMM(Integer.toString(data.yr_mon));
- Date date = Chrono.uuidToDate(data.id);
- item.setTimestamp(Chrono.timeStamp(date));
- item.setAction(data.action);
- item.setMemo(data.memo);
- item.setSubject(data.subject);
- item.setTarget(data.target);
- item.setUser(data.user);
- items.add(item);
- }
-
- if(sort != 0) {
- TimeTaken tt = trans.start("Sort ", Env.SUB);
- try {
- java.util.Collections.sort(items, new Comparator<Item>() {
- @Override
- public int compare(Item o1, Item o2) {
- return sort*(o1.getTimestamp().compare(o2.getTimestamp()));
- }
- });
- } finally {
- tt.done();
- }
- }
- return Result.ok(hist);
- }
-
- @Override
- public Error errorFromMessage(StringBuilder holder, String msgID, String text, String... var) {
- Error err = new Error();
- err.setMessageId(msgID);
- // AT&T Restful Error Format requires numbers "%" placements
- err.setText(Vars.convert(holder, text, var));
- for(String s : var) {
- err.getVariables().add(s);
- }
- return err;
- }
-
- @Override
- public Class<?> getClass(API api) {
- switch(api) {
- case NSS: return Nss.class;
- case NS_REQ: return NsRequest.class;
- case PERMS: return Perms.class;
- case PERM_KEY: return PermKey.class;
- case ROLES: return Roles.class;
- case ROLE: return Role.class;
- case USERS: return Users.class;
- case DELGS: return Delgs.class;
- case CERTS: return Certs.class;
- case DELG_REQ: return DelgRequest.class;
- case PERM_REQ: return PermRequest.class;
- case ROLE_REQ: return RoleRequest.class;
- case CRED_REQ: return CredRequest.class;
- case USER_ROLE_REQ: return UserRoleRequest.class;
- case USER_ROLES: return UserRoles.class;
- case ROLE_PERM_REQ: return RolePermRequest.class;
- case APPROVALS: return Approvals.class;
- case KEYS: return Keys.class;
- case HISTORY: return History.class;
-// case MODEL: return Model.class;
- case ERROR: return Error.class;
- case API: return Api.class;
- case VOID: return Void.class;
- }
- return null;
- }
-
- @SuppressWarnings("unchecked")
- @Override
- public <A> A newInstance(API api) {
- switch(api) {
- case NS_REQ: return (A) new NsRequest();
- case NSS: return (A) new Nss();
- case PERMS: return (A)new Perms();
- case PERM_KEY: return (A)new PermKey();
- case ROLES: return (A)new Roles();
- case ROLE: return (A)new Role();
- case USERS: return (A)new Users();
- case DELGS: return (A)new Delgs();
- case CERTS: return (A)new Certs();
- case PERM_REQ: return (A)new PermRequest();
- case CRED_REQ: return (A)new CredRequest();
- case ROLE_REQ: return (A)new RoleRequest();
- case USER_ROLE_REQ: return (A)new UserRoleRequest();
- case USER_ROLES: return (A)new UserRoles();
- case ROLE_PERM_REQ: return (A)new RolePermRequest();
- case HISTORY: return (A)new History();
- case KEYS: return (A)new Keys();
- //case MODEL: return (A)new Model();
- case ERROR: return (A)new Error();
- case API: return (A)new Api();
- case VOID: return null;
-
- case APPROVALS: return (A) new Approvals();
- case DELG_REQ: return (A) new DelgRequest();
- }
- return null;
- }
-
- @SuppressWarnings("unchecked")
- /**
- * Get Typed Marshaler as they are defined
- *
- * @param api
- * @return
- */
- public <A> Marshal<A> getMarshal(API api) {
- switch(api) {
- case CERTS: return (Marshal<A>) new CertsMarshal();
- default:
- return null;
- }
- }
-
- @Override
- public Result<Approvals> approvals(List<ApprovalDAO.Data> lAppr) {
- Approvals apprs = new Approvals();
- List<Approval> lappr = apprs.getApprovals();
- Approval a;
- for(ApprovalDAO.Data appr : lAppr) {
- a = new Approval();
- a.setId(appr.id.toString());
- if(appr.ticket==null) {
- a.setTicket(null);
- } else {
- a.setTicket(appr.ticket.toString());
- }
- a.setUser(appr.user);
- a.setApprover(appr.approver);
- a.setType(appr.type);
- a.setStatus(appr.status);
- a.setMemo(appr.memo);
- a.setOperation(appr.operation);
- a.setUpdated(Chrono.timeStamp(appr.updated));
- lappr.add(a);
- }
- return Result.ok(apprs);
- }
-
- @Override
- public Result<List<ApprovalDAO.Data>> approvals(Approvals apprs) {
- List<ApprovalDAO.Data> lappr = new ArrayList<>();
- for(Approval a : apprs.getApprovals()) {
- ApprovalDAO.Data ad = new ApprovalDAO.Data();
- String str = a.getId();
- if(str!=null)ad.id=UUID.fromString(str);
- str = a.getTicket();
- if(str!=null)ad.ticket=UUID.fromString(str);
- ad.user=a.getUser();
- ad.approver=a.getApprover();
- ad.type=a.getType();
- ad.status=a.getStatus();
- ad.operation=a.getOperation();
- ad.memo=a.getMemo();
-
- XMLGregorianCalendar xgc = a.getUpdated();
- if(xgc!=null)ad.updated=xgc.toGregorianCalendar().getTime();
- lappr.add(ad);
- }
- return Result.ok(lappr);
- }
-
- @Override
- public Result<Delgs> delegate(List<DelegateDAO.Data> lDelg) {
- Delgs delgs = new Delgs();
- List<Delg> ldelg = delgs.getDelgs();
- Delg d;
- for(DelegateDAO.Data del: lDelg) {
- d = new Delg();
- d.setUser(del.user);
- d.setDelegate(del.delegate);
- if(del.expires!=null)d.setExpires(Chrono.timeStamp(del.expires));
- ldelg.add(d);
- }
- return Result.ok(delgs);
- }
-
- @Override
- public Result<Data> delegate(AuthzTrans trans, Request base) {
- try {
- DelgRequest from = (DelgRequest)base;
- DelegateDAO.Data to = new DelegateDAO.Data();
- String user = from.getUser();
- to.user = user;
- String delegate = from.getDelegate();
- to.delegate = delegate;
- to.expires = getExpires(trans.org(),Expiration.UserDelegate,base,from.getUser());
- trans.checkpoint(to.user+"=>"+to.delegate, Env.ALWAYS);
-
- return Result.ok(to);
- } catch (Exception t) {
- return Result.err(Status.ERR_BadData,t.getMessage());
- }
- }
-
- /*
- * We want "Expired" dates to start at a specified time set by the Organization, and consistent wherever
- * the date is created from.
- */
- private Date getExpires(Organization org, Expiration exp, Request base, String id) {
- XMLGregorianCalendar end = base.getEnd();
- GregorianCalendar gc = end==null?new GregorianCalendar():end.toGregorianCalendar();
- GregorianCalendar orggc;
- orggc = org.expiration(gc,exp,id);
-
- // We'll choose the lesser of dates to ensure Policy Compliance...
-
- GregorianCalendar endgc = end==null||gc.after(orggc)?orggc:gc;
- // Allow the Organization to determine when official "day Start" begins, Specifically when to consider something Expired.
- endgc = Chrono.firstMomentOfDay(endgc);
- endgc.set(GregorianCalendar.HOUR_OF_DAY, org.startOfDay());
- return endgc.getTime();
- }
-
-
- @Override
- public Result<Keys> keys(Collection<String> from) {
- Keys keys = new Keys();
- keys.getKey().addAll(from);
- return Result.ok(keys).emptyList(from.isEmpty());
- }
+ private Question q;
+
+ public Mapper_2_0(Question q) {
+ this.q = q;
+ }
+
+ /* (non-Javadoc)
+ * @see org.onap.aaf.auth.service.mapper.Mapper#ns(java.lang.Object, org.onap.aaf.auth.service.mapper.Mapper.Holder)
+ */
+ @Override
+ public Result<Namespace> ns(AuthzTrans trans, Request base) {
+ NsRequest from = (NsRequest)base;
+ Namespace namespace = new Namespace();
+ namespace.name = from.getName();
+ namespace.admin = from.getAdmin();
+ namespace.owner = from.getResponsible();
+ namespace.description = from.getDescription();
+ trans.checkpoint(namespace.name, Env.ALWAYS);
+
+ NsType nt = NsType.fromString(from.getType());
+ if(nt.equals(NsType.UNKNOWN)) {
+ String ns = namespace.name;
+ int count = 0;
+ for(int i=ns.indexOf('.');
+ i>=0;
+ i=ns.indexOf('.',i+1)) {
+ ++count;
+ }
+ switch(count) {
+ case 0: nt = NsType.ROOT;break;
+ case 1: nt = NsType.COMPANY;break;
+ default: nt = NsType.APP;
+ }
+ }
+ namespace.type = nt.type;
+
+ return Result.ok(namespace);
+ }
+
+ @Override
+ public Result<Nss> nss(AuthzTrans trans, Namespace from, Nss to) {
+ List<Ns> nss = to.getNs();
+ Ns ns = new Ns();
+ ns.setName(from.name);
+ if(from.admin!=null)ns.getAdmin().addAll(from.admin);
+ if(from.owner!=null)ns.getResponsible().addAll(from.owner);
+ if(from.attrib!=null) {
+ for(Pair<String,String> attrib : from.attrib) {
+ Ns.Attrib toAttrib = new Ns.Attrib();
+ toAttrib.setKey(attrib.x);
+ toAttrib.setValue(attrib.y);
+ ns.getAttrib().add(toAttrib);
+ }
+ }
+
+ ns.setDescription(from.description);
+ nss.add(ns);
+ return Result.ok(to);
+ }
+
+ /**
+ * Note: Prevalidate if NS given is allowed to be seen before calling
+ */
+ @Override
+ public Result<Nss> nss(AuthzTrans trans, Collection<Namespace> from, Nss to) {
+ List<Ns> nss = to.getNs();
+ for(Namespace nd : from) {
+ Ns ns = new Ns();
+ ns.setName(nd.name);
+ if(nd.admin!=null) {
+ ns.getAdmin().addAll(nd.admin);
+ }
+ if(nd.owner!=null) {
+ ns.getResponsible().addAll(nd.owner);
+ }
+ ns.setDescription(nd.description);
+ if(nd.attrib!=null) {
+ for(Pair<String,String> attrib : nd.attrib) {
+ Ns.Attrib toAttrib = new Ns.Attrib();
+ toAttrib.setKey(attrib.x);
+ toAttrib.setValue(attrib.y);
+ ns.getAttrib().add(toAttrib);
+ }
+ }
+
+ nss.add(ns);
+ }
+ return Result.ok(to);
+ }
+
+ @Override
+ public Result<Perms> perms(AuthzTrans trans, List<PermDAO.Data> from, Perms to, boolean filter) {
+ List<Perm> perms = to.getPerm();
+ final boolean addNS = trans.requested(REQD_TYPE.ns);
+ TimeTaken tt = trans.start("Filter Perms before return", Env.SUB);
+ try {
+ if(from!=null) {
+ for (PermDAO.Data data : from) {
+ if(!filter || q.mayUser(trans, trans.user(), data, Access.read).isOK()) {
+ Perm perm = new Perm();
+ perm.setType(data.fullType());
+ perm.setInstance(data.instance);
+ perm.setAction(data.action);
+ perm.setDescription(data.description);
+ if(addNS) {
+ perm.setNs(data.ns);
+ }
+ for(String role : data.roles(false)) {
+ perm.getRoles().add(role);
+ }
+ perms.add(perm);
+ }
+ }
+ }
+ } finally {
+ tt.done();
+ }
+
+ tt = trans.start("Sort Perms", Env.SUB);
+ try {
+ Collections.sort(perms, new Comparator<Perm>() {
+ @Override
+ public int compare(Perm perm1, Perm perm2) {
+ int typeCompare = perm1.getType().compareToIgnoreCase(perm2.getType());
+ if (typeCompare == 0) {
+ int instanceCompare = perm1.getInstance().compareToIgnoreCase(perm2.getInstance());
+ if (instanceCompare == 0) {
+ return perm1.getAction().compareToIgnoreCase(perm2.getAction());
+ }
+ return instanceCompare;
+ }
+ return typeCompare;
+ }
+ });
+ } finally {
+ tt.done();
+ }
+ return Result.ok(to);
+ }
+
+ @Override
+ public Result<Perms> perms(AuthzTrans trans, List<PermDAO.Data> from, Perms to, String[] nss, boolean filter) {
+ List<Perm> perms = to.getPerm();
+ TimeTaken tt = trans.start("Filter Perms before return", Env.SUB);
+ try {
+ if(from!=null) {
+ boolean inNSS;
+ for (PermDAO.Data data : from) {
+ inNSS=false;
+ for(int i=0;!inNSS && i<nss.length;++i) {
+ if(nss[i].equals(data.ns)) {
+ inNSS=true;
+ }
+ }
+ if(inNSS && (!filter || q.mayUser(trans, trans.user(), data, Access.read).isOK())) {
+ Perm perm = new Perm();
+ perm.setType(data.fullType());
+ perm.setInstance(data.instance);
+ perm.setAction(data.action);
+ for(String role : data.roles(false)) {
+ perm.getRoles().add(role);
+ }
+ perm.setDescription(data.description);
+ perms.add(perm);
+ }
+ }
+ }
+ } finally {
+ tt.done();
+ }
+
+ tt = trans.start("Sort Perms", Env.SUB);
+ try {
+ Collections.sort(perms, new Comparator<Perm>() {
+ @Override
+ public int compare(Perm perm1, Perm perm2) {
+ int typeCompare = perm1.getType().compareToIgnoreCase(perm2.getType());
+ if (typeCompare == 0) {
+ int instanceCompare = perm1.getInstance().compareToIgnoreCase(perm2.getInstance());
+ if (instanceCompare == 0) {
+ return perm1.getAction().compareToIgnoreCase(perm2.getAction());
+ }
+ return instanceCompare;
+ }
+ return typeCompare;
+ }
+ });
+ } finally {
+ tt.done();
+ }
+ return Result.ok(to);
+ }
+
+ @Override
+ public Result<List<PermDAO.Data>> perms(AuthzTrans trans, Perms perms) {
+ List<PermDAO.Data> lpd = new ArrayList<>();
+ for (Perm p : perms.getPerm()) {
+ Result<NsSplit> nss = q.deriveNsSplit(trans, p.getType());
+ PermDAO.Data pd = new PermDAO.Data();
+ if(nss.isOK()) {
+ pd.ns=nss.value.ns;
+ pd.type = nss.value.name;
+ pd.instance = p.getInstance();
+ pd.action = p.getAction();
+ for (String role : p.getRoles()) {
+ pd.roles(true).add(role);
+ }
+ lpd.add(pd);
+ } else {
+ return Result.err(nss);
+ }
+ }
+ return Result.ok(lpd);
+ }
+
+
+ @Override
+ public Result<PermDAO.Data> permkey(AuthzTrans trans, Pkey from) {
+ return q.permFrom(trans, from.getType(),from.getInstance(),from.getAction());
+ }
+
+ @Override
+ public Result<PermDAO.Data> permFromRPRequest(AuthzTrans trans, Request req) {
+ RolePermRequest from = (RolePermRequest)req;
+ Pkey perm = from.getPerm();
+ if(perm==null)return Result.err(Status.ERR_NotFound, "Permission not found");
+ Result<NsSplit> nss = q.deriveNsSplit(trans, perm.getType());
+ PermDAO.Data pd = new PermDAO.Data();
+ if(nss.isOK()) {
+ pd.ns=nss.value.ns;
+ pd.type = nss.value.name;
+ pd.instance = from.getPerm().getInstance();
+ pd.action = from.getPerm().getAction();
+ trans.checkpoint(pd.fullPerm(), Env.ALWAYS);
+
+ String[] roles = {};
+
+ if (from.getRole() != null) {
+ roles = from.getRole().split(",");
+ }
+ for (String role : roles) {
+ pd.roles(true).add(role);
+ }
+ return Result.ok(pd);
+ } else {
+ return Result.err(nss);
+ }
+ }
+
+ @Override
+ public Result<RoleDAO.Data> roleFromRPRequest(AuthzTrans trans, Request req) {
+ RolePermRequest from = (RolePermRequest)req;
+ Result<NsSplit> nss = q.deriveNsSplit(trans, from.getRole());
+ RoleDAO.Data rd = new RoleDAO.Data();
+ if(nss.isOK()) {
+ rd.ns = nss.value.ns;
+ rd.name = nss.value.name;
+ trans.checkpoint(rd.fullName(), Env.ALWAYS);
+ return Result.ok(rd);
+ } else {
+ return Result.err(nss);
+ }
+ }
+
+ @Override
+ public Result<PermDAO.Data> perm(AuthzTrans trans, Request req) {
+ PermRequest from = (PermRequest)req;
+ Result<NsSplit> nss = q.deriveNsSplit(trans, from.getType());
+ PermDAO.Data pd = new PermDAO.Data();
+ if(nss.isOK()) {
+ pd.ns=nss.value.ns;
+ pd.type = nss.value.name;
+ pd.instance = from.getInstance();
+ pd.action = from.getAction();
+ pd.description = from.getDescription();
+ trans.checkpoint(pd.fullPerm(), Env.ALWAYS);
+ return Result.ok(pd);
+ } else {
+ return Result.err(nss);
+ }
+ }
+
+ @Override
+ public Request ungrantRequest(AuthzTrans trans, String role, String type, String instance, String action) {
+ RolePermRequest rpr = new RolePermRequest();
+ Pkey pkey = new Pkey();
+ pkey.setType(type);
+ pkey.setInstance(instance);
+ pkey.setAction(action);
+ rpr.setPerm(pkey);
+
+ rpr.setRole(role);
+ return rpr;
+ }
+
+ @Override
+ public Result<RoleDAO.Data> role(AuthzTrans trans, Request base) {
+ RoleRequest from = (RoleRequest)base;
+ Result<NsSplit> nss = q.deriveNsSplit(trans, from.getName());
+ if(nss.isOK()) {
+ RoleDAO.Data to = new RoleDAO.Data();
+ to.ns = nss.value.ns;
+ to.name = nss.value.name;
+ to.description = from.getDescription();
+ trans.checkpoint(to.fullName(), Env.ALWAYS);
+
+ return Result.ok(to);
+ } else {
+ return Result.err(nss);
+ }
+ }
+
+ /* (non-Javadoc)
+ * @see org.onap.aaf.auth.service.mapper.Mapper#roles(java.util.List)
+ */
+ @Override
+ public Result<Roles> roles(AuthzTrans trans, List<RoleDAO.Data> from, Roles to, boolean filter) {
+ final boolean needNS = trans.requested(REQD_TYPE.ns);
+ for(RoleDAO.Data frole : from) {
+ // Only Add Data to view if User is allowed to see this Role
+ if(!filter || q.mayUser(trans, trans.user(), frole,Access.read).isOK()) {
+ Role role = new Role();
+ role.setName(frole.ns + '.' + frole.name);
+ role.setDescription(frole.description);
+ if(needNS) {
+ role.setNs(frole.ns);
+ }
+ for(String p : frole.perms(false)) { // can see any Perms in the Role he has permission for
+ Result<String[]> rpa = PermDAO.Data.decodeToArray(trans,q,p);
+ if(rpa.notOK())
+ return Result.err(rpa);
+
+ String[] pa = rpa.value;
+ Pkey pKey = new Pkey();
+ pKey.setType(pa[0]+'.'+pa[1]);
+ pKey.setInstance(pa[2]);
+ pKey.setAction(pa[3]);
+ role.getPerms().add(pKey);
+ }
+ to.getRole().add(role);
+ }
+ }
+ return Result.ok(to);
+ }
+
+ /*
+ * (non-Javadoc)
+ * @see org.onap.aaf.auth.service.mapper.Mapper#users(java.util.Collection, java.lang.Object)
+ *
+ * Note: Prevalidate all data for permission to view
+ */
+ @Override
+ public Result<Users> users(AuthzTrans trans, Collection<UserRoleDAO.Data> from, Users to) {
+ List<User> cu = to.getUser();
+ for(UserRoleDAO.Data urd : from) {
+ User user = new User();
+ user.setId(urd.user);
+ if(urd.expires!=null) {
+ user.setExpires(Chrono.timeStamp(urd.expires));
+ }
+ cu.add(user);
+ }
+ return Result.ok(to);
+ }
+
+ /*
+ * (non-Javadoc)
+ * @see org.onap.aaf.auth.service.mapper.Mapper#users(java.util.Collection, java.lang.Object)
+ *
+ * Note: Prevalidate all data for permission to view
+ */
+ @Override
+ public Result<UserRoles> userRoles(AuthzTrans trans, Collection<UserRoleDAO.Data> from, UserRoles to) {
+ List<UserRole> cu = to.getUserRole();
+ for(UserRoleDAO.Data urd : from) {
+ UserRole ur = new UserRole();
+ ur.setUser(urd.user);
+ ur.setRole(urd.role);
+ ur.setExpires(Chrono.timeStamp(urd.expires));
+ cu.add(ur);
+ }
+ return Result.ok(to);
+ }
+
+ @Override
+ public Result<UserRoleDAO.Data> userRole(AuthzTrans trans, Request base) {
+ try {
+ UserRoleRequest from = (UserRoleRequest)base;
+
+ // Setup UserRoleData, either for immediate placement, or for futureIt i
+ UserRoleDAO.Data to = new UserRoleDAO.Data();
+ if (from.getUser() != null) {
+ to.user = from.getUser();
+ }
+ if (from.getRole() != null) {
+ to.role(trans,q,from.getRole());
+ }
+ to.expires = getExpires(trans.org(),Expiration.UserInRole,base,from.getUser());
+ trans.checkpoint(to.toString(), Env.ALWAYS);
+
+ return Result.ok(to);
+ } catch (Exception t) {
+ return Result.err(Status.ERR_BadData,t.getMessage());
+ }
+ }
+
+ @Override
+ public Result<CredDAO.Data> cred(AuthzTrans trans, Request base, boolean requiresPass) {
+ CredRequest from = (CredRequest)base;
+ CredDAO.Data to = new CredDAO.Data();
+ to.id=from.getId();
+ to.ns = Question.domain2ns(to.id);
+ String passwd = from.getPassword();
+ if(requiresPass) {
+ String ok = trans.org().isValidPassword(trans, to.id,passwd);
+ if(ok.length()>0) {
+ return Result.err(Status.ERR_BadData,ok);
+ }
+ } else {
+ to.type=0;
+ }
+ if(passwd != null) {
+ to.cred = ByteBuffer.wrap(passwd.getBytes());
+ to.type = CredDAO.RAW;
+ } else {
+ to.type = 0;
+ }
+
+ // Note: Ensure requested EndDate created will match Organization Password Rules
+ // P.S. Do not apply TempPassword rule here. Do that when you know you are doing a Create/Reset (see Service)
+ to.expires = getExpires(trans.org(),Expiration.Password,base,from.getId());
+ trans.checkpoint(to.id, Env.ALWAYS);
+
+ return Result.ok(to);
+ }
+
+ @Override
+ public Result<Users> cred(List<CredDAO.Data> from, Users to) {
+ List<User> cu = to.getUser();
+ for(CredDAO.Data cred : from) {
+ User user = new User();
+ user.setId(cred.id);
+ user.setExpires(Chrono.timeStamp(cred.expires));
+ user.setType(cred.type);
+ cu.add(user);
+ }
+ return Result.ok(to);
+ }
+
+ @Override
+ public Result<Certs> cert(List<CertDAO.Data> from, Certs to) {
+ List<Cert> lc = to.getCert();
+ for(CertDAO.Data fcred : from) {
+ Cert cert = new Cert();
+ cert.setId(fcred.id);
+ cert.setX500(fcred.x500);
+ /**TODO - change Interface
+ * @deprecated */
+ cert.setFingerprint(fcred.serial.toByteArray());
+ lc.add(cert);
+ }
+ return Result.ok(to);
+ }
+
+ /**
+ * Analyze whether Requests should be acted on now, or in the future, based on Start Date, and whether the requester
+ * is allowed to change this value directly
+ *
+ * Returning Result.OK means it should be done in the future.
+ * Returning Result.ACC_Now means to act on table change now.
+ */
+ @Override
+ public Result<FutureDAO.Data> future(AuthzTrans trans, String table, Request from,
+ Bytification content, boolean enableApproval, Memo memo, MayChange mc) {
+ Result<?> rMayChange;
+ boolean needsAppr = enableApproval?trans.requested(REQD_TYPE.future):false;
+ if(!needsAppr && (needsAppr = (rMayChange=mc.mayChange()).notOK())) {
+ if(enableApproval) {
+ if(!trans.requested(AuthzTrans.REQD_TYPE.future)) {
+ return Result.err(rMayChange);
+ }
+ } else {
+ return Result.err(rMayChange);
+ }
+ }
+ GregorianCalendar now = new GregorianCalendar();
+ GregorianCalendar start = from.getStart()==null?now:from.getStart().toGregorianCalendar();
+
+ GregorianCalendar expires = trans.org().expiration(start, Expiration.Future);
+ XMLGregorianCalendar xgc;
+ if((xgc=from.getEnd())!=null) {
+ GregorianCalendar fgc = xgc.toGregorianCalendar();
+ expires = expires.before(fgc)?expires:fgc; // Min of desired expiration, and Org expiration
+ }
+
+ //TODO needs two answers from this. What's the NSS, and may Change.
+ FutureDAO.Data fto;
+ if(start.after(now) || needsAppr ) {
+ //String user = trans.user();
+ fto = new FutureDAO.Data();
+ fto.target=table;
+ fto.memo = memo.get();
+ fto.start = start.getTime();
+ fto.expires = expires.getTime();
+ if(needsAppr) { // Need to add Approvers...
+ /*
+ Result<Data> rslt = mc.getNsd();
+ if(rslt.notOKorIsEmpty())return Result.err(rslt);
+ appr.addAll(mc.getNsd().value.responsible);
+ try {
+ //Note from 2013 Is this getting Approvers for user only? What about Delegates?
+ // 3/25/2014. Approvers are set by Corporate policy. We don't have to worry here about what that means.
+ // It is important to get Delegates, if necessary, at notification time
+ // If we add delegates now, it will get all confused as to who is actually responsible.
+ for(Organization.User ou : org.getApprovers(trans, user)) {
+ appr.add(ou.email);
+ }
+ } catch (Exception e) {
+ return Result.err(Status.ERR_Policy,org.getName() + " did not respond with Approvers: " + e.getLocalizedMessage());
+ }
+ */
+ }
+ try {
+ fto.construct = content.bytify();
+ } catch (Exception e) {
+ return Result.err(Status.ERR_BadData,"Data cannot be saved for Future.");
+ }
+ } else {
+ return Result.err(Status.ACC_Now, "Make Data changes now.");
+ }
+ return Result.ok(fto);
+ }
+
+
+ /* (non-Javadoc)
+ * @see org.onap.aaf.auth.service.mapper.Mapper#history(java.util.List)
+ */
+ @Override
+ public Result<History> history(AuthzTrans trans, List<HistoryDAO.Data> history, final int sort) {
+ History hist = new History();
+ List<Item> items = hist.getItem();
+ for(HistoryDAO.Data data : history) {
+ History.Item item = new History.Item();
+ item.setYYYYMM(Integer.toString(data.yr_mon));
+ Date date = Chrono.uuidToDate(data.id);
+ item.setTimestamp(Chrono.timeStamp(date));
+ item.setAction(data.action);
+ item.setMemo(data.memo);
+ item.setSubject(data.subject);
+ item.setTarget(data.target);
+ item.setUser(data.user);
+ items.add(item);
+ }
+
+ if(sort != 0) {
+ TimeTaken tt = trans.start("Sort ", Env.SUB);
+ try {
+ java.util.Collections.sort(items, new Comparator<Item>() {
+ @Override
+ public int compare(Item o1, Item o2) {
+ return sort*(o1.getTimestamp().compare(o2.getTimestamp()));
+ }
+ });
+ } finally {
+ tt.done();
+ }
+ }
+ return Result.ok(hist);
+ }
+
+ @Override
+ public Error errorFromMessage(StringBuilder holder, String msgID, String text, String... var) {
+ Error err = new Error();
+ err.setMessageId(msgID);
+ // AT&T Restful Error Format requires numbers "%" placements
+ err.setText(Vars.convert(holder, text, var));
+ for(String s : var) {
+ err.getVariables().add(s);
+ }
+ return err;
+ }
+
+ @Override
+ public Class<?> getClass(API api) {
+ switch(api) {
+ case NSS: return Nss.class;
+ case NS_REQ: return NsRequest.class;
+ case PERMS: return Perms.class;
+ case PERM_KEY: return PermKey.class;
+ case ROLES: return Roles.class;
+ case ROLE: return Role.class;
+ case USERS: return Users.class;
+ case DELGS: return Delgs.class;
+ case CERTS: return Certs.class;
+ case DELG_REQ: return DelgRequest.class;
+ case PERM_REQ: return PermRequest.class;
+ case ROLE_REQ: return RoleRequest.class;
+ case CRED_REQ: return CredRequest.class;
+ case USER_ROLE_REQ: return UserRoleRequest.class;
+ case USER_ROLES: return UserRoles.class;
+ case ROLE_PERM_REQ: return RolePermRequest.class;
+ case APPROVALS: return Approvals.class;
+ case KEYS: return Keys.class;
+ case HISTORY: return History.class;
+// case MODEL: return Model.class;
+ case ERROR: return Error.class;
+ case API: return Api.class;
+ case VOID: return Void.class;
+ }
+ return null;
+ }
+
+ @SuppressWarnings("unchecked")
+ @Override
+ public <A> A newInstance(API api) {
+ switch(api) {
+ case NS_REQ: return (A) new NsRequest();
+ case NSS: return (A) new Nss();
+ case PERMS: return (A)new Perms();
+ case PERM_KEY: return (A)new PermKey();
+ case ROLES: return (A)new Roles();
+ case ROLE: return (A)new Role();
+ case USERS: return (A)new Users();
+ case DELGS: return (A)new Delgs();
+ case CERTS: return (A)new Certs();
+ case PERM_REQ: return (A)new PermRequest();
+ case CRED_REQ: return (A)new CredRequest();
+ case ROLE_REQ: return (A)new RoleRequest();
+ case USER_ROLE_REQ: return (A)new UserRoleRequest();
+ case USER_ROLES: return (A)new UserRoles();
+ case ROLE_PERM_REQ: return (A)new RolePermRequest();
+ case HISTORY: return (A)new History();
+ case KEYS: return (A)new Keys();
+ //case MODEL: return (A)new Model();
+ case ERROR: return (A)new Error();
+ case API: return (A)new Api();
+ case VOID: return null;
+
+ case APPROVALS: return (A) new Approvals();
+ case DELG_REQ: return (A) new DelgRequest();
+ }
+ return null;
+ }
+
+ @SuppressWarnings("unchecked")
+ /**
+ * Get Typed Marshaler as they are defined
+ *
+ * @param api
+ * @return
+ */
+ public <A> Marshal<A> getMarshal(API api) {
+ switch(api) {
+ case CERTS: return (Marshal<A>) new CertsMarshal();
+ default:
+ return null;
+ }
+ }
+
+ @Override
+ public Result<Approvals> approvals(List<ApprovalDAO.Data> lAppr) {
+ Approvals apprs = new Approvals();
+ List<Approval> lappr = apprs.getApprovals();
+ Approval a;
+ for(ApprovalDAO.Data appr : lAppr) {
+ a = new Approval();
+ a.setId(appr.id.toString());
+ if(appr.ticket==null) {
+ a.setTicket(null);
+ } else {
+ a.setTicket(appr.ticket.toString());
+ }
+ a.setUser(appr.user);
+ a.setApprover(appr.approver);
+ a.setType(appr.type);
+ a.setStatus(appr.status);
+ a.setMemo(appr.memo);
+ a.setOperation(appr.operation);
+ a.setUpdated(Chrono.timeStamp(appr.updated));
+ lappr.add(a);
+ }
+ return Result.ok(apprs);
+ }
+
+ @Override
+ public Result<List<ApprovalDAO.Data>> approvals(Approvals apprs) {
+ List<ApprovalDAO.Data> lappr = new ArrayList<>();
+ for(Approval a : apprs.getApprovals()) {
+ ApprovalDAO.Data ad = new ApprovalDAO.Data();
+ String str = a.getId();
+ if(str!=null)ad.id=UUID.fromString(str);
+ str = a.getTicket();
+ if(str!=null)ad.ticket=UUID.fromString(str);
+ ad.user=a.getUser();
+ ad.approver=a.getApprover();
+ ad.type=a.getType();
+ ad.status=a.getStatus();
+ ad.operation=a.getOperation();
+ ad.memo=a.getMemo();
+
+ XMLGregorianCalendar xgc = a.getUpdated();
+ if(xgc!=null)ad.updated=xgc.toGregorianCalendar().getTime();
+ lappr.add(ad);
+ }
+ return Result.ok(lappr);
+ }
+
+ @Override
+ public Result<Delgs> delegate(List<DelegateDAO.Data> lDelg) {
+ Delgs delgs = new Delgs();
+ List<Delg> ldelg = delgs.getDelgs();
+ Delg d;
+ for(DelegateDAO.Data del: lDelg) {
+ d = new Delg();
+ d.setUser(del.user);
+ d.setDelegate(del.delegate);
+ if(del.expires!=null)d.setExpires(Chrono.timeStamp(del.expires));
+ ldelg.add(d);
+ }
+ return Result.ok(delgs);
+ }
+
+ @Override
+ public Result<Data> delegate(AuthzTrans trans, Request base) {
+ try {
+ DelgRequest from = (DelgRequest)base;
+ DelegateDAO.Data to = new DelegateDAO.Data();
+ String user = from.getUser();
+ to.user = user;
+ String delegate = from.getDelegate();
+ to.delegate = delegate;
+ to.expires = getExpires(trans.org(),Expiration.UserDelegate,base,from.getUser());
+ trans.checkpoint(to.user+"=>"+to.delegate, Env.ALWAYS);
+
+ return Result.ok(to);
+ } catch (Exception t) {
+ return Result.err(Status.ERR_BadData,t.getMessage());
+ }
+ }
+
+ /*
+ * We want "Expired" dates to start at a specified time set by the Organization, and consistent wherever
+ * the date is created from.
+ */
+ private Date getExpires(Organization org, Expiration exp, Request base, String id) {
+ XMLGregorianCalendar end = base.getEnd();
+ GregorianCalendar gc = end==null?new GregorianCalendar():end.toGregorianCalendar();
+ GregorianCalendar orggc;
+ orggc = org.expiration(gc,exp,id);
+
+ // We'll choose the lesser of dates to ensure Policy Compliance...
+
+ GregorianCalendar endgc = end==null||gc.after(orggc)?orggc:gc;
+ // Allow the Organization to determine when official "day Start" begins, Specifically when to consider something Expired.
+ endgc = Chrono.firstMomentOfDay(endgc);
+ endgc.set(GregorianCalendar.HOUR_OF_DAY, org.startOfDay());
+ return endgc.getTime();
+ }
+
+
+ @Override
+ public Result<Keys> keys(Collection<String> from) {
+ Keys keys = new Keys();
+ keys.getKey().addAll(from);
+ return Result.ok(keys).emptyList(from.isEmpty());
+ }
} \ No newline at end of file
diff --git a/auth/auth-service/src/main/java/org/onap/aaf/auth/service/validation/ServiceValidator.java b/auth/auth-service/src/main/java/org/onap/aaf/auth/service/validation/ServiceValidator.java
index 80b06a51..4a088abc 100644
--- a/auth/auth-service/src/main/java/org/onap/aaf/auth/service/validation/ServiceValidator.java
+++ b/auth/auth-service/src/main/java/org/onap/aaf/auth/service/validation/ServiceValidator.java
@@ -43,209 +43,209 @@ import org.onap.aaf.auth.validation.Validator;
*
*/
public class ServiceValidator extends Validator {
- public ServiceValidator perm(Result<PermDAO.Data> rpd) {
- if(rpd.notOK()) {
- msg(rpd.details);
- } else {
- perm(rpd.value);
- }
- return this;
- }
-
-
- public ServiceValidator perm(PermDAO.Data pd) {
- if(pd==null) {
- msg("Perm Data is null.");
- } else {
- ns(pd.ns);
- permType(pd.type,pd.ns);
- permInstance(pd.instance);
- permAction(pd.action);
- if(pd.roles!=null) {
- for(String role : pd.roles) {
- role(role);
- }
- }
- if(pd.roles!=null) {
- for(String r : pd.roles) {
- role(r);
- }
- }
- description("Perm",pd.description);
- }
- return this;
- }
-
- public ServiceValidator role(Result<RoleDAO.Data> rrd) {
- if(rrd.notOK()) {
- msg(rrd.details);
- } else {
- role(rrd.value);
- }
- return this;
- }
-
- public ServiceValidator role(RoleDAO.Data pd) {
- if(pd==null) {
- msg("Role Data is null.");
- } else {
- ns(pd.ns);
- role(pd.name);
- if(pd.perms!=null) {
- for(String perm : pd.perms) {
- String[] ps = perm.split("\\|");
- if(ps.length!=3) {
- msg("Perm [" + perm + "] in Role [" + pd.fullName() + "] is not correctly separated with '|'");
- } else {
- permType(ps[0],null);
- permInstance(ps[1]);
- permAction(ps[2]);
- }
- }
- }
- description("Role",pd.description);
- }
- return this;
- }
-
- public ServiceValidator delegate(Organization org, Result<DelegateDAO.Data> rdd) {
- if(rdd.notOK()) {
- msg(rdd.details);
- } else {
- delegate(org, rdd.value);
- }
- return this;
- }
-
- public ServiceValidator delegate(Organization org, DelegateDAO.Data dd) {
- if(dd==null) {
- msg("Delegate Data is null.");
- } else {
- user(org,dd.user);
- user(org,dd.delegate);
- }
- return this;
- }
-
-
- public ServiceValidator cred(AuthzTrans trans, Organization org, Result<CredDAO.Data> rcd, boolean isNew) {
- if(rcd.notOK()) {
- msg(rcd.details);
- } else {
- cred(trans, org,rcd.value,isNew);
- }
- return this;
- }
-
- public ServiceValidator cred(AuthzTrans trans, Organization org, CredDAO.Data cd, boolean isNew) {
- if(cd==null) {
- msg("Cred Data is null.");
- } else {
- if(!org.isValidCred(trans, cd.id)) {
- msg("ID [" + cd.id + "] is invalid in " + org.getName());
- }
- String str = cd.id;
- int idx = str.indexOf('@');
- if(idx>0) {
- str = str.substring(0,idx);
- }
-
- if(org.supportsRealm(cd.id)) {
- String resp = org.isValidID(trans, str);
- if(isNew && (resp!=null && resp.length()>0)) {
- msg(cd.id,str);
- }
- }
-
- if(cd.type==null) {
- msg("Credential Type must be set");
- } else {
- switch(cd.type) {
- case CredDAO.BASIC_AUTH_SHA256:
- // ok
- break;
- default:
- msg("Credential Type [",Integer.toString(cd.type),"] is invalid");
- }
- }
- }
- return this;
- }
-
-
- public ServiceValidator user(Organization org, String user) {
- if(nob(user,ID_CHARS)) {
- msg("User [",user,"] is invalid.");
- }
- return this;
- }
-
- public ServiceValidator ns(Result<Namespace> nsd) {
- notOK(nsd);
- ns(nsd.value);
- return this;
- }
-
- public ServiceValidator ns(Namespace ns) {
- ns(ns.name);
- for(String s : ns.admin) {
- if(nob(s,ID_CHARS)) {
- msg("Admin [" + s + "] is invalid.");
- }
-
- }
- for(String s : ns.owner) {
- if(nob(s,ID_CHARS)) {
- msg("Responsible [" + s + "] is invalid.");
- }
-
- }
-
- if(ns.attrib!=null) {
- for(Pair<String, String> at : ns.attrib) {
- if(nob(at.x,NAME_CHARS)) {
- msg("Attribute tag [" + at.x + "] is invalid.");
- }
- if(nob(at.x,NAME_CHARS)) {
- msg("Attribute value [" + at.y + "] is invalid.");
- }
- }
- }
-
- description("Namespace",ns.description);
- return this;
- }
-
- public ServiceValidator user_role(UserRoleDAO.Data urdd) {
- if(urdd==null) {
- msg("UserRole is null");
- } else {
- role(urdd.role);
- nullOrBlank("UserRole.ns",urdd.ns);
- nullOrBlank("UserRole.rname",urdd.rname);
- }
- return this;
- }
-
- public ServiceValidator nullOrBlank(PermDAO.Data pd) {
- if(pd==null) {
- msg("Permission is null");
- } else {
- nullOrBlank("NS",pd.ns).
- nullOrBlank("Type",pd.type).
- nullOrBlank("Instance",pd.instance).
- nullOrBlank("Action",pd.action);
- }
- return this;
- }
-
- public ServiceValidator nullOrBlank(RoleDAO.Data rd) {
- if(rd==null) {
- msg("Role is null");
- } else {
- nullOrBlank("NS",rd.ns).
- nullOrBlank("Name",rd.name);
- }
- return this;
- }
+ public ServiceValidator perm(Result<PermDAO.Data> rpd) {
+ if(rpd.notOK()) {
+ msg(rpd.details);
+ } else {
+ perm(rpd.value);
+ }
+ return this;
+ }
+
+
+ public ServiceValidator perm(PermDAO.Data pd) {
+ if(pd==null) {
+ msg("Perm Data is null.");
+ } else {
+ ns(pd.ns);
+ permType(pd.type,pd.ns);
+ permInstance(pd.instance);
+ permAction(pd.action);
+ if(pd.roles!=null) {
+ for(String role : pd.roles) {
+ role(role);
+ }
+ }
+ if(pd.roles!=null) {
+ for(String r : pd.roles) {
+ role(r);
+ }
+ }
+ description("Perm",pd.description);
+ }
+ return this;
+ }
+
+ public ServiceValidator role(Result<RoleDAO.Data> rrd) {
+ if(rrd.notOK()) {
+ msg(rrd.details);
+ } else {
+ role(rrd.value);
+ }
+ return this;
+ }
+
+ public ServiceValidator role(RoleDAO.Data pd) {
+ if(pd==null) {
+ msg("Role Data is null.");
+ } else {
+ ns(pd.ns);
+ role(pd.name);
+ if(pd.perms!=null) {
+ for(String perm : pd.perms) {
+ String[] ps = perm.split("\\|");
+ if(ps.length!=3) {
+ msg("Perm [" + perm + "] in Role [" + pd.fullName() + "] is not correctly separated with '|'");
+ } else {
+ permType(ps[0],null);
+ permInstance(ps[1]);
+ permAction(ps[2]);
+ }
+ }
+ }
+ description("Role",pd.description);
+ }
+ return this;
+ }
+
+ public ServiceValidator delegate(Organization org, Result<DelegateDAO.Data> rdd) {
+ if(rdd.notOK()) {
+ msg(rdd.details);
+ } else {
+ delegate(org, rdd.value);
+ }
+ return this;
+ }
+
+ public ServiceValidator delegate(Organization org, DelegateDAO.Data dd) {
+ if(dd==null) {
+ msg("Delegate Data is null.");
+ } else {
+ user(org,dd.user);
+ user(org,dd.delegate);
+ }
+ return this;
+ }
+
+
+ public ServiceValidator cred(AuthzTrans trans, Organization org, Result<CredDAO.Data> rcd, boolean isNew) {
+ if(rcd.notOK()) {
+ msg(rcd.details);
+ } else {
+ cred(trans, org,rcd.value,isNew);
+ }
+ return this;
+ }
+
+ public ServiceValidator cred(AuthzTrans trans, Organization org, CredDAO.Data cd, boolean isNew) {
+ if(cd==null) {
+ msg("Cred Data is null.");
+ } else {
+ if(!org.isValidCred(trans, cd.id)) {
+ msg("ID [" + cd.id + "] is invalid in " + org.getName());
+ }
+ String str = cd.id;
+ int idx = str.indexOf('@');
+ if(idx>0) {
+ str = str.substring(0,idx);
+ }
+
+ if(org.supportsRealm(cd.id)) {
+ String resp = org.isValidID(trans, str);
+ if(isNew && (resp!=null && resp.length()>0)) {
+ msg(cd.id,str);
+ }
+ }
+
+ if(cd.type==null) {
+ msg("Credential Type must be set");
+ } else {
+ switch(cd.type) {
+ case CredDAO.BASIC_AUTH_SHA256:
+ // ok
+ break;
+ default:
+ msg("Credential Type [",Integer.toString(cd.type),"] is invalid");
+ }
+ }
+ }
+ return this;
+ }
+
+
+ public ServiceValidator user(Organization org, String user) {
+ if(nob(user,ID_CHARS)) {
+ msg("User [",user,"] is invalid.");
+ }
+ return this;
+ }
+
+ public ServiceValidator ns(Result<Namespace> nsd) {
+ notOK(nsd);
+ ns(nsd.value);
+ return this;
+ }
+
+ public ServiceValidator ns(Namespace ns) {
+ ns(ns.name);
+ for(String s : ns.admin) {
+ if(nob(s,ID_CHARS)) {
+ msg("Admin [" + s + "] is invalid.");
+ }
+
+ }
+ for(String s : ns.owner) {
+ if(nob(s,ID_CHARS)) {
+ msg("Responsible [" + s + "] is invalid.");
+ }
+
+ }
+
+ if(ns.attrib!=null) {
+ for(Pair<String, String> at : ns.attrib) {
+ if(nob(at.x,NAME_CHARS)) {
+ msg("Attribute tag [" + at.x + "] is invalid.");
+ }
+ if(nob(at.x,NAME_CHARS)) {
+ msg("Attribute value [" + at.y + "] is invalid.");
+ }
+ }
+ }
+
+ description("Namespace",ns.description);
+ return this;
+ }
+
+ public ServiceValidator user_role(UserRoleDAO.Data urdd) {
+ if(urdd==null) {
+ msg("UserRole is null");
+ } else {
+ role(urdd.role);
+ nullOrBlank("UserRole.ns",urdd.ns);
+ nullOrBlank("UserRole.rname",urdd.rname);
+ }
+ return this;
+ }
+
+ public ServiceValidator nullOrBlank(PermDAO.Data pd) {
+ if(pd==null) {
+ msg("Permission is null");
+ } else {
+ nullOrBlank("NS",pd.ns).
+ nullOrBlank("Type",pd.type).
+ nullOrBlank("Instance",pd.instance).
+ nullOrBlank("Action",pd.action);
+ }
+ return this;
+ }
+
+ public ServiceValidator nullOrBlank(RoleDAO.Data rd) {
+ if(rd==null) {
+ msg("Role is null");
+ } else {
+ nullOrBlank("NS",rd.ns).
+ nullOrBlank("Name",rd.name);
+ }
+ return this;
+ }
}
diff --git a/auth/auth-service/src/test/java/org/onap/aaf/auth/service/api/test/JU_API_Approval.java b/auth/auth-service/src/test/java/org/onap/aaf/auth/service/api/test/JU_API_Approval.java
index f302742f..19c79037 100644
--- a/auth/auth-service/src/test/java/org/onap/aaf/auth/service/api/test/JU_API_Approval.java
+++ b/auth/auth-service/src/test/java/org/onap/aaf/auth/service/api/test/JU_API_Approval.java
@@ -35,34 +35,34 @@ import org.onap.aaf.auth.service.facade.AuthzFacade;
import org.powermock.modules.junit4.PowerMockRunner;
@RunWith(PowerMockRunner.class)
public class JU_API_Approval {
- API_Approval api_Approval;
+ API_Approval api_Approval;
- @Mock
- AAF_Service authzAPI;
- AuthzFacade facade;
+ @Mock
+ AAF_Service authzAPI;
+ AuthzFacade facade;
- @Before
- public void setUp()
- {
+ @Before
+ public void setUp()
+ {
- }
+ }
- @SuppressWarnings("static-access")
- @Test
- public void testInit() {
+ @SuppressWarnings("static-access")
+ @Test
+ public void testInit() {
- try {
- api_Approval.init(authzAPI, facade);
- } catch (Exception e) {
- // TODO Auto-generated catch block
- e.printStackTrace();
- }
- //assertTrue(true);
- }
+ try {
+ api_Approval.init(authzAPI, facade);
+ } catch (Exception e) {
+ // TODO Auto-generated catch block
+ e.printStackTrace();
+ }
+ //assertTrue(true);
+ }
-// @Test
-// public void notYetImplemented() {
-// fail("Tests in this file should not be trusted");
-// }
+// @Test
+// public void notYetImplemented() {
+// fail("Tests in this file should not be trusted");
+// }
}
diff --git a/auth/auth-service/src/test/java/org/onap/aaf/auth/service/api/test/JU_API_Creds.java b/auth/auth-service/src/test/java/org/onap/aaf/auth/service/api/test/JU_API_Creds.java
index 41d4daf0..32319e2e 100644
--- a/auth/auth-service/src/test/java/org/onap/aaf/auth/service/api/test/JU_API_Creds.java
+++ b/auth/auth-service/src/test/java/org/onap/aaf/auth/service/api/test/JU_API_Creds.java
@@ -38,43 +38,43 @@ import org.powermock.modules.junit4.PowerMockRunner;
@RunWith(PowerMockRunner.class)
public class JU_API_Creds {
- API_Creds api_Creds;
- @Mock
- AAF_Service authzAPI;
- AuthzFacade facade;
- Env env;
- DirectAAFUserPass directAAFUserPass;
- @Before
- public void setUp(){
+ API_Creds api_Creds;
+ @Mock
+ AAF_Service authzAPI;
+ AuthzFacade facade;
+ Env env;
+ DirectAAFUserPass directAAFUserPass;
+ @Before
+ public void setUp(){
- }
+ }
- @SuppressWarnings("static-access")
- @Test
- public void testInit(){
- try {
- api_Creds.init(authzAPI, facade);
- } catch (Exception e) {
- // TODO Auto-generated catch block
- e.printStackTrace();
- }
- }
+ @SuppressWarnings("static-access")
+ @Test
+ public void testInit(){
+ try {
+ api_Creds.init(authzAPI, facade);
+ } catch (Exception e) {
+ // TODO Auto-generated catch block
+ e.printStackTrace();
+ }
+ }
- @SuppressWarnings("static-access")
- @Test
- public void testTimeSensitiveInit(){
+ @SuppressWarnings("static-access")
+ @Test
+ public void testTimeSensitiveInit(){
- try {
- api_Creds.timeSensitiveInit(env, authzAPI, facade, directAAFUserPass);
- } catch (Exception e) {
- // TODO Auto-generated catch block
- e.printStackTrace();
- }
- }
+ try {
+ api_Creds.timeSensitiveInit(env, authzAPI, facade, directAAFUserPass);
+ } catch (Exception e) {
+ // TODO Auto-generated catch block
+ e.printStackTrace();
+ }
+ }
//
-// @Test
-// public void notYetImplemented() {
-// fail("Tests in this file should not be trusted");
-// }
+// @Test
+// public void notYetImplemented() {
+// fail("Tests in this file should not be trusted");
+// }
}
diff --git a/auth/auth-service/src/test/java/org/onap/aaf/auth/service/api/test/JU_API_Delegate.java b/auth/auth-service/src/test/java/org/onap/aaf/auth/service/api/test/JU_API_Delegate.java
index 9ca81525..b97ef6e6 100644
--- a/auth/auth-service/src/test/java/org/onap/aaf/auth/service/api/test/JU_API_Delegate.java
+++ b/auth/auth-service/src/test/java/org/onap/aaf/auth/service/api/test/JU_API_Delegate.java
@@ -35,30 +35,30 @@ import org.onap.aaf.auth.service.facade.AuthzFacade;
import org.powermock.modules.junit4.PowerMockRunner;
@RunWith(PowerMockRunner.class)
public class JU_API_Delegate {
- API_Delegate api_Delegate;
- @Mock
- AAF_Service authzAPI;
- AuthzFacade facade;
- @Before
- public void setUp() {
+ API_Delegate api_Delegate;
+ @Mock
+ AAF_Service authzAPI;
+ AuthzFacade facade;
+ @Before
+ public void setUp() {
- }
+ }
- @SuppressWarnings("static-access")
- @Test
- public void testInit(){
+ @SuppressWarnings("static-access")
+ @Test
+ public void testInit(){
- try {
- api_Delegate.init(authzAPI, facade);
- } catch (Exception e) {
- // TODO Auto-generated catch block
- e.printStackTrace();
- }
- }
+ try {
+ api_Delegate.init(authzAPI, facade);
+ } catch (Exception e) {
+ // TODO Auto-generated catch block
+ e.printStackTrace();
+ }
+ }
//
-// @Test
-// public void notYetImplemented() {
-// fail("Tests in this file should not be trusted");
-// }
+// @Test
+// public void notYetImplemented() {
+// fail("Tests in this file should not be trusted");
+// }
}
diff --git a/auth/auth-service/src/test/java/org/onap/aaf/auth/service/api/test/JU_API_History.java b/auth/auth-service/src/test/java/org/onap/aaf/auth/service/api/test/JU_API_History.java
index dc0a8260..6ea5c560 100644
--- a/auth/auth-service/src/test/java/org/onap/aaf/auth/service/api/test/JU_API_History.java
+++ b/auth/auth-service/src/test/java/org/onap/aaf/auth/service/api/test/JU_API_History.java
@@ -35,33 +35,33 @@ import org.onap.aaf.auth.service.facade.AuthzFacade;
import org.powermock.modules.junit4.PowerMockRunner;
@RunWith(PowerMockRunner.class)
public class JU_API_History {
- API_History api_History;
+ API_History api_History;
- @Mock
- AAF_Service authzAPI;
- AuthzFacade facade;
+ @Mock
+ AAF_Service authzAPI;
+ AuthzFacade facade;
- @Before
- public void setUp(){
+ @Before
+ public void setUp(){
- }
+ }
- @SuppressWarnings("static-access")
- @Test
- public void testInit(){
+ @SuppressWarnings("static-access")
+ @Test
+ public void testInit(){
- try {
- api_History.init(authzAPI, facade);
- } catch (Exception e) {
- // TODO Auto-generated catch block
- e.printStackTrace();
- }
- assertTrue(true);
- }
+ try {
+ api_History.init(authzAPI, facade);
+ } catch (Exception e) {
+ // TODO Auto-generated catch block
+ e.printStackTrace();
+ }
+ assertTrue(true);
+ }
-// @Test
-// public void notYetImplemented() {
-// fail("Tests in this file should not be trusted");
-// }
+// @Test
+// public void notYetImplemented() {
+// fail("Tests in this file should not be trusted");
+// }
}
diff --git a/auth/auth-service/src/test/java/org/onap/aaf/auth/service/api/test/JU_API_NS.java b/auth/auth-service/src/test/java/org/onap/aaf/auth/service/api/test/JU_API_NS.java
index ce123404..1279e40e 100644
--- a/auth/auth-service/src/test/java/org/onap/aaf/auth/service/api/test/JU_API_NS.java
+++ b/auth/auth-service/src/test/java/org/onap/aaf/auth/service/api/test/JU_API_NS.java
@@ -34,26 +34,26 @@ import org.onap.aaf.auth.service.facade.AuthzFacade;
import org.powermock.modules.junit4.PowerMockRunner;
@RunWith(PowerMockRunner.class)
public class JU_API_NS {
- API_NS api_Ns;
- @Mock
- AAF_Service authzAPI;
- AuthzFacade facade;
-
-
- @SuppressWarnings("static-access")
- @Test
- public void testInit(){
- try {
- api_Ns.init(authzAPI, facade);
- } catch (Exception e) {
- // TODO Auto-generated catch block
- e.printStackTrace();
- }
- }
-
-// @Test
-// public void notYetImplemented() {
-// fail("Tests in this file should not be trusted");
-// }
+ API_NS api_Ns;
+ @Mock
+ AAF_Service authzAPI;
+ AuthzFacade facade;
+
+
+ @SuppressWarnings("static-access")
+ @Test
+ public void testInit(){
+ try {
+ api_Ns.init(authzAPI, facade);
+ } catch (Exception e) {
+ // TODO Auto-generated catch block
+ e.printStackTrace();
+ }
+ }
+
+// @Test
+// public void notYetImplemented() {
+// fail("Tests in this file should not be trusted");
+// }
}
diff --git a/auth/auth-service/src/test/java/org/onap/aaf/auth/service/api/test/JU_API_Perms.java b/auth/auth-service/src/test/java/org/onap/aaf/auth/service/api/test/JU_API_Perms.java
index f778fd9e..fa9aa77c 100644
--- a/auth/auth-service/src/test/java/org/onap/aaf/auth/service/api/test/JU_API_Perms.java
+++ b/auth/auth-service/src/test/java/org/onap/aaf/auth/service/api/test/JU_API_Perms.java
@@ -35,41 +35,41 @@ import org.onap.aaf.auth.service.facade.AuthzFacade;
import org.powermock.modules.junit4.PowerMockRunner;
@RunWith(PowerMockRunner.class)
public class JU_API_Perms {
- API_Perms api_Perms;
- @Mock
- AAF_Service authzAPI;
- AuthzFacade facade;
+ API_Perms api_Perms;
+ @Mock
+ AAF_Service authzAPI;
+ AuthzFacade facade;
- @Before
- public void setUp(){
+ @Before
+ public void setUp(){
- }
+ }
- @SuppressWarnings("static-access")
- @Test
- public void testInit(){
- try {
- api_Perms.init(authzAPI, facade);
- } catch (Exception e) {
- // TODO Auto-generated catch block
- e.printStackTrace();
- }
- }
+ @SuppressWarnings("static-access")
+ @Test
+ public void testInit(){
+ try {
+ api_Perms.init(authzAPI, facade);
+ } catch (Exception e) {
+ // TODO Auto-generated catch block
+ e.printStackTrace();
+ }
+ }
- @SuppressWarnings("static-access")
- @Test
- public void testTimeSensitiveInit(){
- try {
- api_Perms.timeSensitiveInit(authzAPI, facade);
- } catch (Exception e) {
- // TODO Auto-generated catch block
- e.printStackTrace();
- }
- }
+ @SuppressWarnings("static-access")
+ @Test
+ public void testTimeSensitiveInit(){
+ try {
+ api_Perms.timeSensitiveInit(authzAPI, facade);
+ } catch (Exception e) {
+ // TODO Auto-generated catch block
+ e.printStackTrace();
+ }
+ }
-// @Test
-// public void notYetImplemented() {
-// fail("Tests in this file should not be trusted");
-// }
+// @Test
+// public void notYetImplemented() {
+// fail("Tests in this file should not be trusted");
+// }
}
diff --git a/auth/auth-service/src/test/java/org/onap/aaf/auth/service/api/test/JU_API_Roles.java b/auth/auth-service/src/test/java/org/onap/aaf/auth/service/api/test/JU_API_Roles.java
index 67506d32..95414677 100644
--- a/auth/auth-service/src/test/java/org/onap/aaf/auth/service/api/test/JU_API_Roles.java
+++ b/auth/auth-service/src/test/java/org/onap/aaf/auth/service/api/test/JU_API_Roles.java
@@ -35,31 +35,31 @@ import org.onap.aaf.auth.service.facade.AuthzFacade;
import org.powermock.modules.junit4.PowerMockRunner;
@RunWith(PowerMockRunner.class)
public class JU_API_Roles {
- API_Roles api_Roles;
- @Mock
- AAF_Service authzAPI;
- AuthzFacade facade;
+ API_Roles api_Roles;
+ @Mock
+ AAF_Service authzAPI;
+ AuthzFacade facade;
- @Before
- public void setUp() {
- assertTrue(true);
- }
+ @Before
+ public void setUp() {
+ assertTrue(true);
+ }
- @SuppressWarnings("static-access")
- @Test
- public void testInit(){
- try {
- api_Roles.init(authzAPI, facade);
- } catch (Exception e) {
- // TODO Auto-generated catch block
- e.printStackTrace();
- }
- }
+ @SuppressWarnings("static-access")
+ @Test
+ public void testInit(){
+ try {
+ api_Roles.init(authzAPI, facade);
+ } catch (Exception e) {
+ // TODO Auto-generated catch block
+ e.printStackTrace();
+ }
+ }
-// @Test
-// public void notYetImplemented() {
-// fail("Tests in this file should not be trusted");
-// }
+// @Test
+// public void notYetImplemented() {
+// fail("Tests in this file should not be trusted");
+// }
}
diff --git a/auth/auth-service/src/test/java/org/onap/aaf/auth/service/api/test/JU_API_User.java b/auth/auth-service/src/test/java/org/onap/aaf/auth/service/api/test/JU_API_User.java
index 89e5875f..45e63aa0 100644
--- a/auth/auth-service/src/test/java/org/onap/aaf/auth/service/api/test/JU_API_User.java
+++ b/auth/auth-service/src/test/java/org/onap/aaf/auth/service/api/test/JU_API_User.java
@@ -35,30 +35,30 @@ import org.onap.aaf.auth.service.facade.AuthzFacade;
import org.powermock.modules.junit4.PowerMockRunner;
@RunWith(PowerMockRunner.class)
public class JU_API_User {
- API_User api_User;
- @Mock
- AAF_Service authzAPI;
- AuthzFacade facade;
+ API_User api_User;
+ @Mock
+ AAF_Service authzAPI;
+ AuthzFacade facade;
- @Before
- public void setUp() {
- //assertTrue(true);
- }
+ @Before
+ public void setUp() {
+ //assertTrue(true);
+ }
- @SuppressWarnings("static-access")
- @Test
- public void testInit(){
- try {
- api_User.init(authzAPI, facade);
- } catch (Exception e) {
- // TODO Auto-generated catch block
- e.printStackTrace();
- }
- }
+ @SuppressWarnings("static-access")
+ @Test
+ public void testInit(){
+ try {
+ api_User.init(authzAPI, facade);
+ } catch (Exception e) {
+ // TODO Auto-generated catch block
+ e.printStackTrace();
+ }
+ }
-// @Test
-// public void notYetImplemented() {
-// fail("Tests in this file should not be trusted");
-// }
+// @Test
+// public void notYetImplemented() {
+// fail("Tests in this file should not be trusted");
+// }
}
diff --git a/auth/auth-service/src/test/java/org/onap/aaf/auth/service/api/test/JU_API_UserRole.java b/auth/auth-service/src/test/java/org/onap/aaf/auth/service/api/test/JU_API_UserRole.java
index dce67063..7dfc914d 100644
--- a/auth/auth-service/src/test/java/org/onap/aaf/auth/service/api/test/JU_API_UserRole.java
+++ b/auth/auth-service/src/test/java/org/onap/aaf/auth/service/api/test/JU_API_UserRole.java
@@ -35,26 +35,26 @@ import org.onap.aaf.auth.service.facade.AuthzFacade;
import org.powermock.modules.junit4.PowerMockRunner;
@RunWith(PowerMockRunner.class)
public class JU_API_UserRole {
- API_UserRole api_UserRole;
- @Mock
- AAF_Service authzAPI;
- AuthzFacade facade;
-
-
- @SuppressWarnings("static-access")
- @Test
- public void testInit(){
- try {
- api_UserRole.init(authzAPI, facade);
- } catch (Exception e) {
- // TODO Auto-generated catch block
- e.printStackTrace();
- }
- }
-
-// @Test
-// public void notYetImplemented() {
-// fail("Tests in this file should not be trusted");
-// }
+ API_UserRole api_UserRole;
+ @Mock
+ AAF_Service authzAPI;
+ AuthzFacade facade;
+
+
+ @SuppressWarnings("static-access")
+ @Test
+ public void testInit(){
+ try {
+ api_UserRole.init(authzAPI, facade);
+ } catch (Exception e) {
+ // TODO Auto-generated catch block
+ e.printStackTrace();
+ }
+ }
+
+// @Test
+// public void notYetImplemented() {
+// fail("Tests in this file should not be trusted");
+// }
}
diff --git a/auth/auth-service/src/test/java/org/onap/aaf/auth/service/validation/test/JU_ServiceValidator.java b/auth/auth-service/src/test/java/org/onap/aaf/auth/service/validation/test/JU_ServiceValidator.java
index 872161a0..1a3b0265 100644
--- a/auth/auth-service/src/test/java/org/onap/aaf/auth/service/validation/test/JU_ServiceValidator.java
+++ b/auth/auth-service/src/test/java/org/onap/aaf/auth/service/validation/test/JU_ServiceValidator.java
@@ -37,78 +37,78 @@ import org.onap.aaf.auth.validation.Validator;
public class JU_ServiceValidator {
- ServiceValidator validator;
+ ServiceValidator validator;
- @Before
- public void setUp() {
- validator = new ServiceValidator();
- }
+ @Before
+ public void setUp() {
+ validator = new ServiceValidator();
+ }
- @Test
- public void permNotOk() {
+ @Test
+ public void permNotOk() {
- Result<PermDAO.Data> rpd = Result.err(1, "ERR_Security");
+ Result<PermDAO.Data> rpd = Result.err(1, "ERR_Security");
- validator.perm(rpd);
- assertTrue(validator.errs().equals("ERR_Security\n"));
+ validator.perm(rpd);
+ assertTrue(validator.errs().equals("ERR_Security\n"));
- }
-
- @Test
- public void permInstance() {
- assertFalse(validator.permInstance("hello").err());
- assertFalse(validator.permInstance("hello32").err());
- assertFalse(validator.permInstance("hello-32").err());
- assertFalse(validator.permInstance(":asdf:*:sdf*:sdk").err());
- assertFalse(validator.permInstance(":asdf:*:sdf*:sdk*").err());
- // Perms may not end in ":"
- assertTrue(validator.permInstance(":").err());
- assertTrue(validator.permInstance(":hello:").err());
- }
+ }
+
+ @Test
+ public void permInstance() {
+ assertFalse(validator.permInstance("hello").err());
+ assertFalse(validator.permInstance("hello32").err());
+ assertFalse(validator.permInstance("hello-32").err());
+ assertFalse(validator.permInstance(":asdf:*:sdf*:sdk").err());
+ assertFalse(validator.permInstance(":asdf:*:sdf*:sdk*").err());
+ // Perms may not end in ":"
+ assertTrue(validator.permInstance(":").err());
+ assertTrue(validator.permInstance(":hello:").err());
+ }
- @Test
- public void permOkNull() {
+ @Test
+ public void permOkNull() {
- Result rpd = Result.ok();
+ Result rpd = Result.ok();
- validator.perm(rpd);
- assertTrue(validator.errs().equals("Perm Data is null.\n"));
+ validator.perm(rpd);
+ assertTrue(validator.errs().equals("Perm Data is null.\n"));
- }
+ }
- @Test
- public void roleOkNull() {
+ @Test
+ public void roleOkNull() {
- Result rrd = Result.ok();
+ Result rrd = Result.ok();
- validator.role(rrd);
- assertTrue(validator.errs().equals("Role Data is null.\n"));
- }
+ validator.role(rrd);
+ assertTrue(validator.errs().equals("Role Data is null.\n"));
+ }
- @Test
- public void roleOk() {
- RoleDAO.Data to = new RoleDAO.Data();
- to.ns = "namespace";
- to.name = "name";
- to.description = "description";
- Set<String> permissions = new HashSet<>();
- permissions.add("perm1");
- to.perms = permissions;
+ @Test
+ public void roleOk() {
+ RoleDAO.Data to = new RoleDAO.Data();
+ to.ns = "namespace";
+ to.name = "name";
+ to.description = "description";
+ Set<String> permissions = new HashSet<>();
+ permissions.add("perm1");
+ to.perms = permissions;
- Result<RoleDAO.Data> rrd = Result.ok(to);
+ Result<RoleDAO.Data> rrd = Result.ok(to);
- validator.role(rrd);
- assertTrue(
- validator.errs().equals("Perm [perm1] in Role [namespace.name] is not correctly separated with '|'\n"));
- }
+ validator.role(rrd);
+ assertTrue(
+ validator.errs().equals("Perm [perm1] in Role [namespace.name] is not correctly separated with '|'\n"));
+ }
- @Test
- public void roleNotOk() {
+ @Test
+ public void roleNotOk() {
- Result rrd = Result.err(1, "ERR_Security");
+ Result rrd = Result.err(1, "ERR_Security");
- validator.role(rrd);
- assertTrue(validator.errs().equals("ERR_Security\n"));
- }
+ validator.role(rrd);
+ assertTrue(validator.errs().equals("ERR_Security\n"));
+ }
}
diff --git a/auth/auth-service/src/test/java/org/onap/aaf/authz/service/mapper/JU_Mapper_2_0.java b/auth/auth-service/src/test/java/org/onap/aaf/authz/service/mapper/JU_Mapper_2_0.java
index a7df421b..12b343d5 100644
--- a/auth/auth-service/src/test/java/org/onap/aaf/authz/service/mapper/JU_Mapper_2_0.java
+++ b/auth/auth-service/src/test/java/org/onap/aaf/authz/service/mapper/JU_Mapper_2_0.java
@@ -102,195 +102,195 @@ public class JU_Mapper_2_0 {
private static final String USER = "John";
- private Mapper_2_0 mapper;
- @Mock
- private Question question;
- @Mock
- private AuthzTrans transaction;
- @Mock
+ private Mapper_2_0 mapper;
+ @Mock
+ private Question question;
+ @Mock
+ private AuthzTrans transaction;
+ @Mock
private TimeTaken tt;
- @Before
- public void setUp() throws APIException, IOException, CadiException {
- given(transaction.start(anyString(), eq(Env.SUB))).willReturn(tt);
- given(transaction.user()).willReturn(USER);
- this.mapper = new Mapper_2_0(question);
- }
-
- @Test(expected = ClassCastException.class)
- public void ns_willThrowException_whenInvalidRequestType() {
- //given
- Request rq = new Request();
-
- //when
- mapper.ns(transaction, rq);
-
- //then
- fail("Expected ClassCastException");
- }
-
- @Test
- public void ns_shouldConvertNamespaceRequest_whenValidTypeIsExplicitlyProvided() {
- //given
- String namespaceName = "org.companyA.app1";
- String namespaceType = "APP";
- NsType expectedNsType = NsType.APP;
- NsRequest nsRequest = createNsRequestForType(namespaceName, namespaceType);
-
- //when
- Result<Namespace> result = mapper.ns(transaction,nsRequest);
-
- //then
- assertTrue(result.isOK());
- assertNamespaceValues(result.value, expectedNsType, namespaceName);
- verify(transaction).checkpoint(namespaceName,Env.ALWAYS);
- }
-
- @Test
- public void ns_shouldConvertNamespaceRequest_whenInValidTypeIsExplicitlyProvided() {
- //given
- String namespaceName = "org.companyA.app1.service0";
- String invalidNsType = "BLUE";
- NsType expectedNsType = NsType.APP;
- NsRequest nsRequest = createNsRequestForType(namespaceName, invalidNsType);
-
- //when
- Result<Namespace> result = mapper.ns(transaction,nsRequest);
-
- //then
- assertTrue(result.isOK());
- assertNamespaceValues(result.value, expectedNsType, namespaceName);
- verify(transaction).checkpoint(namespaceName,Env.ALWAYS);
- }
-
- @Test
- public void ns_shouldConvertRootNamespaceRequest_whenTypeNotProvided() {
- //given
- String rootNsName = "org";
- NsType expectedNsType = NsType.ROOT;
- NsRequest nsRequest = createNsRequestForType(rootNsName, null);
-
- //when
- Result<Namespace> result = mapper.ns(transaction,nsRequest);
-
- //then
- assertTrue(result.isOK());
- assertNamespaceValues(result.value, expectedNsType, rootNsName);
- verify(transaction).checkpoint(rootNsName,Env.ALWAYS);
- }
-
- @Test
- public void ns_shouldConvertCompanyNamespaceRequest_whenTypeNotProvided() {
- //given
- String companyNsName = "org.companyA";
- NsType expectedNsType = NsType.COMPANY;
- NsRequest nsRequest = createNsRequestForType(companyNsName, null);
-
- //when
- Result<Namespace> result = mapper.ns(transaction,nsRequest);
-
- //then
- assertTrue(result.isOK());
- assertNamespaceValues(result.value, expectedNsType, companyNsName);
- verify(transaction).checkpoint(companyNsName,Env.ALWAYS);
- }
-
- private void assertNamespaceValues(Namespace value, NsType nsType, String namespaceName) {
- List<String> people = Lists.newArrayList("tk007@people.osaaf.org");
- assertEquals(Integer.valueOf(nsType.type), value.type);
- assertEquals(namespaceName, value.name);
- assertEquals("some namespace description", value.description);
- assertEquals(people, value.admin);
- assertEquals(people, value.owner);
- }
-
- private NsRequest createNsRequestForType(String nsName, String nsType) {
- NsRequest req = mapper.newInstance(API.NS_REQ);
- req.setType(nsType);
- req.setName(nsName);
- req.setDescription("some namespace description");
- req.getAdmin().add("tk007@people.osaaf.org");
- req.getResponsible().add("tk007@people.osaaf.org");
- return req;
- }
-
- @Test
- public void nss_shouldConvertNamespaceToNss_withoutAttributes() {
- //given
- Nss nss = mapper.newInstance(API.NSS);
- Namespace ns = mapper.ns(transaction, createNsRequestForType("org.onap", null)).value;
-
- //when
- Result<Nss> result = mapper.nss(transaction, ns, nss);
-
- //then
- assertTrue(result.isOK());
- assertEquals("Only one Ns should be added",1, result.value.getNs().size());
- Ns addedNs = Iterables.getOnlyElement(result.value.getNs());
- assertEquals(ns.admin, addedNs.getAdmin());
- assertEquals(ns.name, addedNs.getName());
- assertEquals(ns.owner, addedNs.getResponsible());
- assertEquals(ns.description, addedNs.getDescription());
- assertTrue(addedNs.getAttrib().isEmpty());
- }
-
- @Test
- public void nss_shouldConvertNamespaceToNss_withAttributes() {
- //given
- Nss nss = mapper.newInstance(API.NSS);
- Namespace ns = mapper.ns(transaction, createNsRequestForType("org.onap", null)).value;
- ns.attrib = Lists.newArrayList();
- int attribNum = 5;
- Map<String, String> attribs = ImmutableMap.of("key1", "value1", "key2", "value2", "key3", "value3", "key4", "value4", "key5", "value5");
- attribs.forEach((key,val) -> ns.attrib.add(new Pair<>(key,val)));
-
- //when
- Result<Nss> result = mapper.nss(transaction, ns, nss);
-
- //then
- assertTrue(result.isOK());
- assertEquals("Only one Ns should be added",1, result.value.getNs().size());
- Ns addedNs = Iterables.getOnlyElement(result.value.getNs());
- assertEquals(attribNum, addedNs.getAttrib().size());
- addedNs.getAttrib().forEach( attr -> {
- assertEquals(attr.getValue(), attribs.get(attr.getKey()));
- });
- }
-
- @Test
- public void nss_shouldAddSeveralNamespacesToNss() {
- //given
- Nss nss = mapper.newInstance(API.NSS);
- Namespace ns1 = mapper.ns(transaction, createNsRequestForType("org.onap", "COMPANY")).value;
- Namespace ns2 = mapper.ns(transaction, createNsRequestForType("org.onap.prh", "APP")).value;
-
- //when
- Result<Nss> result = mapper.nss(transaction, Lists.newArrayList(ns1,ns2), nss);
-
- //then
- assertTrue(result.isOK());
- assertEquals("Two namespaces should be added",2, result.value.getNs().size());
- }
-
- @Test
- public void perm_shouldNotAddPerms_whenFilterIsSet_andUserIsNotAuthorized() {
- //given
+ @Before
+ public void setUp() throws APIException, IOException, CadiException {
+ given(transaction.start(anyString(), eq(Env.SUB))).willReturn(tt);
+ given(transaction.user()).willReturn(USER);
+ this.mapper = new Mapper_2_0(question);
+ }
+
+ @Test(expected = ClassCastException.class)
+ public void ns_willThrowException_whenInvalidRequestType() {
+ //given
+ Request rq = new Request();
+
+ //when
+ mapper.ns(transaction, rq);
+
+ //then
+ fail("Expected ClassCastException");
+ }
+
+ @Test
+ public void ns_shouldConvertNamespaceRequest_whenValidTypeIsExplicitlyProvided() {
+ //given
+ String namespaceName = "org.companyA.app1";
+ String namespaceType = "APP";
+ NsType expectedNsType = NsType.APP;
+ NsRequest nsRequest = createNsRequestForType(namespaceName, namespaceType);
+
+ //when
+ Result<Namespace> result = mapper.ns(transaction,nsRequest);
+
+ //then
+ assertTrue(result.isOK());
+ assertNamespaceValues(result.value, expectedNsType, namespaceName);
+ verify(transaction).checkpoint(namespaceName,Env.ALWAYS);
+ }
+
+ @Test
+ public void ns_shouldConvertNamespaceRequest_whenInValidTypeIsExplicitlyProvided() {
+ //given
+ String namespaceName = "org.companyA.app1.service0";
+ String invalidNsType = "BLUE";
+ NsType expectedNsType = NsType.APP;
+ NsRequest nsRequest = createNsRequestForType(namespaceName, invalidNsType);
+
+ //when
+ Result<Namespace> result = mapper.ns(transaction,nsRequest);
+
+ //then
+ assertTrue(result.isOK());
+ assertNamespaceValues(result.value, expectedNsType, namespaceName);
+ verify(transaction).checkpoint(namespaceName,Env.ALWAYS);
+ }
+
+ @Test
+ public void ns_shouldConvertRootNamespaceRequest_whenTypeNotProvided() {
+ //given
+ String rootNsName = "org";
+ NsType expectedNsType = NsType.ROOT;
+ NsRequest nsRequest = createNsRequestForType(rootNsName, null);
+
+ //when
+ Result<Namespace> result = mapper.ns(transaction,nsRequest);
+
+ //then
+ assertTrue(result.isOK());
+ assertNamespaceValues(result.value, expectedNsType, rootNsName);
+ verify(transaction).checkpoint(rootNsName,Env.ALWAYS);
+ }
+
+ @Test
+ public void ns_shouldConvertCompanyNamespaceRequest_whenTypeNotProvided() {
+ //given
+ String companyNsName = "org.companyA";
+ NsType expectedNsType = NsType.COMPANY;
+ NsRequest nsRequest = createNsRequestForType(companyNsName, null);
+
+ //when
+ Result<Namespace> result = mapper.ns(transaction,nsRequest);
+
+ //then
+ assertTrue(result.isOK());
+ assertNamespaceValues(result.value, expectedNsType, companyNsName);
+ verify(transaction).checkpoint(companyNsName,Env.ALWAYS);
+ }
+
+ private void assertNamespaceValues(Namespace value, NsType nsType, String namespaceName) {
+ List<String> people = Lists.newArrayList("tk007@people.osaaf.org");
+ assertEquals(Integer.valueOf(nsType.type), value.type);
+ assertEquals(namespaceName, value.name);
+ assertEquals("some namespace description", value.description);
+ assertEquals(people, value.admin);
+ assertEquals(people, value.owner);
+ }
+
+ private NsRequest createNsRequestForType(String nsName, String nsType) {
+ NsRequest req = mapper.newInstance(API.NS_REQ);
+ req.setType(nsType);
+ req.setName(nsName);
+ req.setDescription("some namespace description");
+ req.getAdmin().add("tk007@people.osaaf.org");
+ req.getResponsible().add("tk007@people.osaaf.org");
+ return req;
+ }
+
+ @Test
+ public void nss_shouldConvertNamespaceToNss_withoutAttributes() {
+ //given
+ Nss nss = mapper.newInstance(API.NSS);
+ Namespace ns = mapper.ns(transaction, createNsRequestForType("org.onap", null)).value;
+
+ //when
+ Result<Nss> result = mapper.nss(transaction, ns, nss);
+
+ //then
+ assertTrue(result.isOK());
+ assertEquals("Only one Ns should be added",1, result.value.getNs().size());
+ Ns addedNs = Iterables.getOnlyElement(result.value.getNs());
+ assertEquals(ns.admin, addedNs.getAdmin());
+ assertEquals(ns.name, addedNs.getName());
+ assertEquals(ns.owner, addedNs.getResponsible());
+ assertEquals(ns.description, addedNs.getDescription());
+ assertTrue(addedNs.getAttrib().isEmpty());
+ }
+
+ @Test
+ public void nss_shouldConvertNamespaceToNss_withAttributes() {
+ //given
+ Nss nss = mapper.newInstance(API.NSS);
+ Namespace ns = mapper.ns(transaction, createNsRequestForType("org.onap", null)).value;
+ ns.attrib = Lists.newArrayList();
+ int attribNum = 5;
+ Map<String, String> attribs = ImmutableMap.of("key1", "value1", "key2", "value2", "key3", "value3", "key4", "value4", "key5", "value5");
+ attribs.forEach((key,val) -> ns.attrib.add(new Pair<>(key,val)));
+
+ //when
+ Result<Nss> result = mapper.nss(transaction, ns, nss);
+
+ //then
+ assertTrue(result.isOK());
+ assertEquals("Only one Ns should be added",1, result.value.getNs().size());
+ Ns addedNs = Iterables.getOnlyElement(result.value.getNs());
+ assertEquals(attribNum, addedNs.getAttrib().size());
+ addedNs.getAttrib().forEach( attr -> {
+ assertEquals(attr.getValue(), attribs.get(attr.getKey()));
+ });
+ }
+
+ @Test
+ public void nss_shouldAddSeveralNamespacesToNss() {
+ //given
+ Nss nss = mapper.newInstance(API.NSS);
+ Namespace ns1 = mapper.ns(transaction, createNsRequestForType("org.onap", "COMPANY")).value;
+ Namespace ns2 = mapper.ns(transaction, createNsRequestForType("org.onap.prh", "APP")).value;
+
+ //when
+ Result<Nss> result = mapper.nss(transaction, Lists.newArrayList(ns1,ns2), nss);
+
+ //then
+ assertTrue(result.isOK());
+ assertEquals("Two namespaces should be added",2, result.value.getNs().size());
+ }
+
+ @Test
+ public void perm_shouldNotAddPerms_whenFilterIsSet_andUserIsNotAuthorized() {
+ //given
given(question.mayUser(eq(transaction), eq(USER), any(PermDAO.Data.class), eq(Access.read)))
.willReturn(Result.err(9, "error"));
Perms permsContainer = mapper.newInstance(API.PERMS);
List<PermDAO.Data> permsData = Lists.newArrayList(new PermDAO.Data());
boolean filter = true;
- //when
+ //when
Result<Perms> result = mapper.perms(transaction, permsData, permsContainer, filter);
- //then
+ //then
assertTrue(result.isOK());
assertEquals("No perms added",0,result.value.getPerm().size());
- }
+ }
- @Test
+ @Test
public void perm_shouldAddPerm_withNamespaceSet_whenUserIsAuthorized_AndNamespaceIsRequestedType() {
//given
given(question.mayUser(eq(transaction), eq(USER), any(PermDAO.Data.class), eq(Access.read)))
@@ -298,13 +298,13 @@ public class JU_Mapper_2_0 {
given(transaction.requested(REQD_TYPE.ns)).willReturn(true);
Perms permsContainer = mapper.newInstance(API.PERMS);
Set<String> roles = Sets.newHashSet("org.onap.portal.owner","org.onap.portal.designer"
- ,"org.onap.portal.tester");
+ ,"org.onap.portal.tester");
String namespace = "org.onap.portal";
String type = "access";
String fullType = namespace + "." +type;
String action = "read";
String description = "Portal Read Access";
- List<PermDAO.Data> permsData = Lists.newArrayList(createPermDAOobj(namespace, type, "*",action, roles, description));
+ List<PermDAO.Data> permsData = Lists.newArrayList(createPermDAOobj(namespace, type, "*",action, roles, description));
boolean filter = true;
//when
@@ -322,66 +322,66 @@ public class JU_Mapper_2_0 {
assertEquals(Lists.newArrayList(roles), perm.getRoles());
}
- @Test
- public void perm_shouldAddPerm_withoutNamespaceSet_whenUserIsAuthorized_AndNamespaceIsNotRequestedType() {
- //given
- given(question.mayUser(eq(transaction), eq(USER), any(PermDAO.Data.class), eq(Access.read)))
- .willReturn(Result.ok(new NsDAO.Data()));
- given(transaction.requested(REQD_TYPE.ns)).willReturn(false);
- Perms permsContainer = mapper.newInstance(API.PERMS);
- String namespace = "org.onap.portal";
- String type = "access";
- String fullType = namespace + "." + type;
- String action = "read";
- List<PermDAO.Data> permsData = Lists.newArrayList(createPermDAOobj(namespace, type, "*",action, null, null));
- boolean filter = true;
-
- //when
- Result<Perms> result = mapper.perms(transaction, permsData, permsContainer, filter);
-
- //then
- assertTrue(result.isOK());
- assertEquals("Perm is added",1,result.value.getPerm().size());
- Perm perm = Iterables.getOnlyElement(result.value.getPerm());
- assertNull(perm.getNs());
- assertEquals(fullType, perm.getType());
- assertEquals(action, perm.getAction());
- }
-
- @Test
- public void perm_shouldAddPermsWithCorrectSortedOrder() {
- //given
- given(question.mayUser(eq(transaction), eq(USER), any(PermDAO.Data.class), eq(Access.read)))
- .willReturn(Result.ok(new NsDAO.Data()));
- Perms permsContainer = mapper.newInstance(API.PERMS);
- PermDAO.Data perm1 = createPermDAOobj("org.onap.portal", "access", "*", "read", null, null);
- PermDAO.Data perm2 = createPermDAOobj("org.onap.portal", "access", "*", "write", null, null);
- PermDAO.Data perm3 = createPermDAOobj("org.onap.portal", "design", "*", "new", null, null);
- PermDAO.Data perm4 = createPermDAOobj("org.onap.portal", "workflow", "1", "edit", null, null);
- PermDAO.Data perm5 = createPermDAOobj("org.onap.portal", "workflow", "2", "edit", null, null);
- List<PermDAO.Data> permsData = Lists.newArrayList(perm4, perm1, perm5, perm3, perm2);
- List<PermDAO.Data> correctOrderPerms = Lists.newArrayList(perm1, perm2, perm3, perm4, perm5);
-
- //when
- Result<Perms> result = mapper.perms(transaction, permsData, permsContainer, true);
-
- //then
- assertTrue(result.isOK());
- assertEquals("Alls Perms added",5,result.value.getPerm().size());
- List<Perm> mappedPerms = result.value.getPerm();
- for(int i=0; i<5; i++) {
- comparePerm(correctOrderPerms.get(i), mappedPerms.get(i));
- }
- }
-
- private void comparePerm(Data data, Perm perm) {
- assertEquals(data.ns + "." + data.type, perm.getType());
- assertEquals(data.instance, perm.getInstance());
- assertEquals(data.action, perm.getAction());
- }
-
- private PermDAO.Data createPermDAOobj(String ns, String name, String instance, String action, Set<String> roles, String description) {
- NsSplit nss = new NsSplit(ns, name);
+ @Test
+ public void perm_shouldAddPerm_withoutNamespaceSet_whenUserIsAuthorized_AndNamespaceIsNotRequestedType() {
+ //given
+ given(question.mayUser(eq(transaction), eq(USER), any(PermDAO.Data.class), eq(Access.read)))
+ .willReturn(Result.ok(new NsDAO.Data()));
+ given(transaction.requested(REQD_TYPE.ns)).willReturn(false);
+ Perms permsContainer = mapper.newInstance(API.PERMS);
+ String namespace = "org.onap.portal";
+ String type = "access";
+ String fullType = namespace + "." + type;
+ String action = "read";
+ List<PermDAO.Data> permsData = Lists.newArrayList(createPermDAOobj(namespace, type, "*",action, null, null));
+ boolean filter = true;
+
+ //when
+ Result<Perms> result = mapper.perms(transaction, permsData, permsContainer, filter);
+
+ //then
+ assertTrue(result.isOK());
+ assertEquals("Perm is added",1,result.value.getPerm().size());
+ Perm perm = Iterables.getOnlyElement(result.value.getPerm());
+ assertNull(perm.getNs());
+ assertEquals(fullType, perm.getType());
+ assertEquals(action, perm.getAction());
+ }
+
+ @Test
+ public void perm_shouldAddPermsWithCorrectSortedOrder() {
+ //given
+ given(question.mayUser(eq(transaction), eq(USER), any(PermDAO.Data.class), eq(Access.read)))
+ .willReturn(Result.ok(new NsDAO.Data()));
+ Perms permsContainer = mapper.newInstance(API.PERMS);
+ PermDAO.Data perm1 = createPermDAOobj("org.onap.portal", "access", "*", "read", null, null);
+ PermDAO.Data perm2 = createPermDAOobj("org.onap.portal", "access", "*", "write", null, null);
+ PermDAO.Data perm3 = createPermDAOobj("org.onap.portal", "design", "*", "new", null, null);
+ PermDAO.Data perm4 = createPermDAOobj("org.onap.portal", "workflow", "1", "edit", null, null);
+ PermDAO.Data perm5 = createPermDAOobj("org.onap.portal", "workflow", "2", "edit", null, null);
+ List<PermDAO.Data> permsData = Lists.newArrayList(perm4, perm1, perm5, perm3, perm2);
+ List<PermDAO.Data> correctOrderPerms = Lists.newArrayList(perm1, perm2, perm3, perm4, perm5);
+
+ //when
+ Result<Perms> result = mapper.perms(transaction, permsData, permsContainer, true);
+
+ //then
+ assertTrue(result.isOK());
+ assertEquals("Alls Perms added",5,result.value.getPerm().size());
+ List<Perm> mappedPerms = result.value.getPerm();
+ for(int i=0; i<5; i++) {
+ comparePerm(correctOrderPerms.get(i), mappedPerms.get(i));
+ }
+ }
+
+ private void comparePerm(Data data, Perm perm) {
+ assertEquals(data.ns + "." + data.type, perm.getType());
+ assertEquals(data.instance, perm.getInstance());
+ assertEquals(data.action, perm.getAction());
+ }
+
+ private PermDAO.Data createPermDAOobj(String ns, String name, String instance, String action, Set<String> roles, String description) {
+ NsSplit nss = new NsSplit(ns, name);
PermDAO.Data perm = new PermDAO.Data(nss, instance, action);
perm.roles = roles;
perm.description = description;
@@ -389,263 +389,263 @@ public class JU_Mapper_2_0 {
}
@Test
- public void role_shouldReturnErrorResult_whenNssIsNok() throws Exception {
- //given
- String roleName = "admin";
- RoleRequest request = createRoleRequest(roleName, "role description");
- given(question.deriveNsSplit(transaction, roleName)).willReturn(Result.err(new IllegalArgumentException()));
-
- //when
- Result<RoleDAO.Data> result = mapper.role(transaction, request);
-
- //then
- assertFalse(result.isOK());
- assertNull(result.value);
- assertEquals(ERR_General, result.status);
- }
-
- @Test
- public void role_shouldReturnMappedRoleObject_whenNssIsOk() throws Exception {
- //given
- String roleName = "admin";
- String roleNs = "org.onap.roles";
- String roleFullName = roleNs + "." + roleName;
- String description =" role description";
- RoleRequest request = createRoleRequest(roleFullName, description);
- given(question.deriveNsSplit(transaction, roleFullName)).willReturn(Result.ok(new NsSplit(roleNs, roleName)));
-
- //when
- Result<RoleDAO.Data> result = mapper.role(transaction, request);
-
- //then
- assertTrue(result.isOK());
- assertEquals(roleName, result.value.name);
- assertEquals(roleNs, result.value.ns);
- assertEquals(description, result.value.description);
- verify(transaction).checkpoint(roleFullName, Env.ALWAYS);
- }
-
- private RoleRequest createRoleRequest(String name, String description) {
- RoleRequest req = mapper.newInstance(API.ROLE_REQ);
- req.setName(name);
- req.setDescription(description);
- return req;
- }
-
- @Test
- public void roles_shouldNotAddAnyRoles_whenFilterFlagIsNotSet() {
- //given
- Roles initialRoles = new Roles();
- RoleDAO.Data role = createRoleDAOobj("org.onap.app1", "org.onap.app1.admin", "description");
-
- //when
- Result<Roles> result = mapper.roles(transaction, Lists.newArrayList(role), initialRoles, false);
-
- //then
- assertTrue(result.isOK());
- assertEquals(initialRoles.getRole(), result.value.getRole());
- }
-
- @Test
- public void roles_shouldNotAddAnyRoles_whenFilterFlagIsSet_andUserIsNotAuthorizedToReadRole() {
- //given
- Roles initialRoles = new Roles();
- RoleDAO.Data role = createRoleDAOobj("org.onap.app1", "org.onap.app1.admin", "description");
- given(question.mayUser(eq(transaction), eq(USER), any(RoleDAO.Data.class), eq(Access.read)))
- .willReturn(Result.err(9, "error"));
-
- //when
- Result<Roles> result = mapper.roles(transaction, Lists.newArrayList(role), initialRoles, true);
-
- //then
- assertTrue(result.isOK());
- assertEquals(initialRoles.getRole(), result.value.getRole());
- }
-
- @Test
- public void roles_shouldAddRolesWithoutNamespace_whenNsNotRequested_andFilterFlagSet_andUserIsAuthorized() {
- test_roles_shouldAddRoles(false);
- }
-
- @Test
- public void roles_shouldAddRolesWithNamespace_whenNsRequested_andFilterFlagSet_andUserIsAuthorized() {
- test_roles_shouldAddRoles(true);
- }
-
- private void test_roles_shouldAddRoles(boolean namespaceRequested) {
- //given
- String namespace = "org.onap.app1";
- String description = "role description";
- Set<String> roleNames = Sets.newHashSet(namespace+".admin", namespace+".deployer");
- List<RoleDAO.Data> daoRoles = roleNames.stream().map( name -> createRoleDAOobj(namespace, name, description))
- .collect(Collectors.toList());
- given(question.mayUser(eq(transaction), eq(USER), any(RoleDAO.Data.class), eq(Access.read)))
- .willReturn(Result.ok(new NsDAO.Data()));
- given(transaction.requested(REQD_TYPE.ns)).willReturn(namespaceRequested);
-
- //when
- Result<Roles> result = mapper.roles(transaction, daoRoles, new Roles(), true);
-
- //then
- assertTrue(result.isOK());
- assertEquals(2, result.value.getRole().size());
- result.value.getRole().stream().forEach( role -> {
- assertTrue(role.getPerms().isEmpty());
- if(namespaceRequested) {
- assertEquals(namespace, role.getNs());
- } else {
- assertNull(role.getNs());
- }
- assertTrue(roleNames.contains(role.getName()));
- assertEquals(description, role.getDescription());
- });
- }
-
- @Test
- public void roles_shouldReturnErrorResult_whenAnyPermHasInvalidFormat() {
- //given
- given(question.mayUser(eq(transaction), eq(USER), any(RoleDAO.Data.class), eq(Access.read)))
- .willReturn(Result.ok(new NsDAO.Data()));
- RoleDAO.Data role = createRoleDAOobj("org.onap.app", "org.onap.app.admin", "description");
- role.perms = Sets.newHashSet("invalidPermFormat");
-
- //when
- Result<Roles> result = mapper.roles(transaction, Lists.newArrayList(role), new Roles(), true);
-
- //then
- assertFalse(result.isOK());
- assertEquals(ERR_BadData, result.status);
- }
-
- @Test
- public void roles_shouldAddPerms_whenAllPermsProperlyDefined_andUserCanViewIt() {
- //given
- given(question.mayUser(eq(transaction), eq(USER), any(RoleDAO.Data.class), eq(Access.read)))
- .willReturn(Result.ok(new NsDAO.Data()));
- given(question.deriveNsSplit(transaction, "org.onap.app")).willReturn(Result.ok(mock(NsSplit.class)));
- RoleDAO.Data role = createRoleDAOobj("org.onap.app", "org.onap.app.admin", "description");
- role.perms = Sets.newHashSet("org.onap.app|access|*|read,approve");
-
- //when
- Result<Roles> result = mapper.roles(transaction, Lists.newArrayList(role), new Roles(), true);
-
- //then
- assertTrue(result.isOK());
- Role mappedRole = Iterables.getOnlyElement(result.value.getRole());
- Pkey pKey = Iterables.getOnlyElement(mappedRole.getPerms());
- assertEquals("org.onap.app.access", pKey.getType());
- assertEquals("*", pKey.getInstance());
- assertEquals("read,approve", pKey.getAction());
- }
-
- private RoleDAO.Data createRoleDAOobj(String namespace, String rolename, String desc) {
- NsDAO.Data ns = new NsDAO.Data();
- ns.name = namespace;
- RoleDAO.Data role = RoleDAO.Data.create(ns, rolename);
- role.description = desc;
- return role;
- }
-
- @Test
- public void userRoles_shouldMapUserRolesFromDAO() {
- //given
- String user = "john@people.osaaf.org";
- String role = "admin";
- String namespace = "org.osaaf.aaf";
- int year = 2020;
- int month = 10;
- int day = 31;
- Date expiration = new Calendar.Builder().setDate(year,month-1, day).build().getTime(); //month is 0-based
- UserRoles targetRoles = new UserRoles();
-
- //when
- Result<UserRoles> result = mapper.userRoles(transaction, Lists.newArrayList(
- createUserRoleDAOobj(user, expiration, namespace, role)), targetRoles);
-
- //then
- assertTrue(result.isOK());
- UserRole targetRole = Iterables.getOnlyElement(result.value.getUserRole());
- assertEquals(user, targetRole.getUser());
- assertEquals(role, targetRole.getRole());
- assertEquals(year, targetRole.getExpires().getYear());
- assertEquals(month, targetRole.getExpires().getMonth());
- assertEquals(day, targetRole.getExpires().getDay());
- }
-
- @Test
- public void userRole_shouldReturnErrorResult_whenAnyExceptionOccurs() {
- //given
- PermRequest wrongRequestType = new PermRequest();
-
- //when
- Result<UserRoleDAO.Data> result = mapper.userRole(transaction, wrongRequestType);
-
- //then
- assertFalse(result.isOK());
- assertEquals(ERR_BadData, result.status);
- verifyZeroInteractions(transaction);
- }
-
- @Test
- public void userRole_shouldReturnEmptyRoleDAOobj_whenRequestIsEmpty() {
- //given
- UserRoleRequest request = new UserRoleRequest();
- given(question.deriveNsSplit(any(), any())).willReturn(Result.err(new IllegalArgumentException()));
- Organization org = mock(Organization.class);
- given(org.expiration(any(), eq(Expiration.UserInRole), any())).willReturn(new GregorianCalendar());
- given(transaction.org()).willReturn(org);
-
- //when
- Result<UserRoleDAO.Data> result = mapper.userRole(transaction, request);
-
- //then
- assertTrue(result.isOK());
- assertNull(result.value.ns);
- assertNull(result.value.rname);
- assertNull(result.value.role);
- assertNull(result.value.user);
- assertNotNull(result.value.expires);
- }
-
- @Test
- public void userRole_shouldReturnMappedRoleDAOobj_whenRequestIsFilled() {
- //given
- String user = "johny@people.osaaf.org";
- String role = "org.onap.app1.deployer";
- String rName = "deployer";
- String namespace = "org.onap.app1";
-
- given(question.deriveNsSplit(transaction, role)).willReturn(Result.ok(new NsSplit(namespace, rName)));
- Organization org = mock(Organization.class);
- given(org.expiration(any(), eq(Expiration.UserInRole), any())).willReturn(new GregorianCalendar());
- given(transaction.org()).willReturn(org);
-
- //when
- Result<UserRoleDAO.Data> result = mapper.userRole(transaction, createUserRoleRequest(role, user));
-
- //then
- assertTrue(result.isOK());
- assertEquals(user, result.value.user);
- assertEquals(role, result.value.role);
- assertEquals(rName, result.value.rname);
- assertEquals(namespace, result.value.ns);
- assertNotNull(result.value.expires);
- }
-
- private UserRoleRequest createUserRoleRequest(String role, String user) {
- UserRoleRequest request = new UserRoleRequest();
- request.setRole(role);
- request.setUser(user);
- return request;
- }
-
- private UserRoleDAO.Data createUserRoleDAOobj(String userName, Date expires, String namespace, String roleName) {
- UserRoleDAO.Data userRole = new UserRoleDAO.Data();
- userRole.user = userName;
- userRole.expires = expires;
- userRole.ns = namespace;
- userRole.role = roleName;
- return userRole;
- }
+ public void role_shouldReturnErrorResult_whenNssIsNok() throws Exception {
+ //given
+ String roleName = "admin";
+ RoleRequest request = createRoleRequest(roleName, "role description");
+ given(question.deriveNsSplit(transaction, roleName)).willReturn(Result.err(new IllegalArgumentException()));
+
+ //when
+ Result<RoleDAO.Data> result = mapper.role(transaction, request);
+
+ //then
+ assertFalse(result.isOK());
+ assertNull(result.value);
+ assertEquals(ERR_General, result.status);
+ }
+
+ @Test
+ public void role_shouldReturnMappedRoleObject_whenNssIsOk() throws Exception {
+ //given
+ String roleName = "admin";
+ String roleNs = "org.onap.roles";
+ String roleFullName = roleNs + "." + roleName;
+ String description =" role description";
+ RoleRequest request = createRoleRequest(roleFullName, description);
+ given(question.deriveNsSplit(transaction, roleFullName)).willReturn(Result.ok(new NsSplit(roleNs, roleName)));
+
+ //when
+ Result<RoleDAO.Data> result = mapper.role(transaction, request);
+
+ //then
+ assertTrue(result.isOK());
+ assertEquals(roleName, result.value.name);
+ assertEquals(roleNs, result.value.ns);
+ assertEquals(description, result.value.description);
+ verify(transaction).checkpoint(roleFullName, Env.ALWAYS);
+ }
+
+ private RoleRequest createRoleRequest(String name, String description) {
+ RoleRequest req = mapper.newInstance(API.ROLE_REQ);
+ req.setName(name);
+ req.setDescription(description);
+ return req;
+ }
+
+ @Test
+ public void roles_shouldNotAddAnyRoles_whenFilterFlagIsNotSet() {
+ //given
+ Roles initialRoles = new Roles();
+ RoleDAO.Data role = createRoleDAOobj("org.onap.app1", "org.onap.app1.admin", "description");
+
+ //when
+ Result<Roles> result = mapper.roles(transaction, Lists.newArrayList(role), initialRoles, false);
+
+ //then
+ assertTrue(result.isOK());
+ assertEquals(initialRoles.getRole(), result.value.getRole());
+ }
+
+ @Test
+ public void roles_shouldNotAddAnyRoles_whenFilterFlagIsSet_andUserIsNotAuthorizedToReadRole() {
+ //given
+ Roles initialRoles = new Roles();
+ RoleDAO.Data role = createRoleDAOobj("org.onap.app1", "org.onap.app1.admin", "description");
+ given(question.mayUser(eq(transaction), eq(USER), any(RoleDAO.Data.class), eq(Access.read)))
+ .willReturn(Result.err(9, "error"));
+
+ //when
+ Result<Roles> result = mapper.roles(transaction, Lists.newArrayList(role), initialRoles, true);
+
+ //then
+ assertTrue(result.isOK());
+ assertEquals(initialRoles.getRole(), result.value.getRole());
+ }
+
+ @Test
+ public void roles_shouldAddRolesWithoutNamespace_whenNsNotRequested_andFilterFlagSet_andUserIsAuthorized() {
+ test_roles_shouldAddRoles(false);
+ }
+
+ @Test
+ public void roles_shouldAddRolesWithNamespace_whenNsRequested_andFilterFlagSet_andUserIsAuthorized() {
+ test_roles_shouldAddRoles(true);
+ }
+
+ private void test_roles_shouldAddRoles(boolean namespaceRequested) {
+ //given
+ String namespace = "org.onap.app1";
+ String description = "role description";
+ Set<String> roleNames = Sets.newHashSet(namespace+".admin", namespace+".deployer");
+ List<RoleDAO.Data> daoRoles = roleNames.stream().map( name -> createRoleDAOobj(namespace, name, description))
+ .collect(Collectors.toList());
+ given(question.mayUser(eq(transaction), eq(USER), any(RoleDAO.Data.class), eq(Access.read)))
+ .willReturn(Result.ok(new NsDAO.Data()));
+ given(transaction.requested(REQD_TYPE.ns)).willReturn(namespaceRequested);
+
+ //when
+ Result<Roles> result = mapper.roles(transaction, daoRoles, new Roles(), true);
+
+ //then
+ assertTrue(result.isOK());
+ assertEquals(2, result.value.getRole().size());
+ result.value.getRole().stream().forEach( role -> {
+ assertTrue(role.getPerms().isEmpty());
+ if(namespaceRequested) {
+ assertEquals(namespace, role.getNs());
+ } else {
+ assertNull(role.getNs());
+ }
+ assertTrue(roleNames.contains(role.getName()));
+ assertEquals(description, role.getDescription());
+ });
+ }
+
+ @Test
+ public void roles_shouldReturnErrorResult_whenAnyPermHasInvalidFormat() {
+ //given
+ given(question.mayUser(eq(transaction), eq(USER), any(RoleDAO.Data.class), eq(Access.read)))
+ .willReturn(Result.ok(new NsDAO.Data()));
+ RoleDAO.Data role = createRoleDAOobj("org.onap.app", "org.onap.app.admin", "description");
+ role.perms = Sets.newHashSet("invalidPermFormat");
+
+ //when
+ Result<Roles> result = mapper.roles(transaction, Lists.newArrayList(role), new Roles(), true);
+
+ //then
+ assertFalse(result.isOK());
+ assertEquals(ERR_BadData, result.status);
+ }
+
+ @Test
+ public void roles_shouldAddPerms_whenAllPermsProperlyDefined_andUserCanViewIt() {
+ //given
+ given(question.mayUser(eq(transaction), eq(USER), any(RoleDAO.Data.class), eq(Access.read)))
+ .willReturn(Result.ok(new NsDAO.Data()));
+ given(question.deriveNsSplit(transaction, "org.onap.app")).willReturn(Result.ok(mock(NsSplit.class)));
+ RoleDAO.Data role = createRoleDAOobj("org.onap.app", "org.onap.app.admin", "description");
+ role.perms = Sets.newHashSet("org.onap.app|access|*|read,approve");
+
+ //when
+ Result<Roles> result = mapper.roles(transaction, Lists.newArrayList(role), new Roles(), true);
+
+ //then
+ assertTrue(result.isOK());
+ Role mappedRole = Iterables.getOnlyElement(result.value.getRole());
+ Pkey pKey = Iterables.getOnlyElement(mappedRole.getPerms());
+ assertEquals("org.onap.app.access", pKey.getType());
+ assertEquals("*", pKey.getInstance());
+ assertEquals("read,approve", pKey.getAction());
+ }
+
+ private RoleDAO.Data createRoleDAOobj(String namespace, String rolename, String desc) {
+ NsDAO.Data ns = new NsDAO.Data();
+ ns.name = namespace;
+ RoleDAO.Data role = RoleDAO.Data.create(ns, rolename);
+ role.description = desc;
+ return role;
+ }
+
+ @Test
+ public void userRoles_shouldMapUserRolesFromDAO() {
+ //given
+ String user = "john@people.osaaf.org";
+ String role = "admin";
+ String namespace = "org.osaaf.aaf";
+ int year = 2020;
+ int month = 10;
+ int day = 31;
+ Date expiration = new Calendar.Builder().setDate(year,month-1, day).build().getTime(); //month is 0-based
+ UserRoles targetRoles = new UserRoles();
+
+ //when
+ Result<UserRoles> result = mapper.userRoles(transaction, Lists.newArrayList(
+ createUserRoleDAOobj(user, expiration, namespace, role)), targetRoles);
+
+ //then
+ assertTrue(result.isOK());
+ UserRole targetRole = Iterables.getOnlyElement(result.value.getUserRole());
+ assertEquals(user, targetRole.getUser());
+ assertEquals(role, targetRole.getRole());
+ assertEquals(year, targetRole.getExpires().getYear());
+ assertEquals(month, targetRole.getExpires().getMonth());
+ assertEquals(day, targetRole.getExpires().getDay());
+ }
+
+ @Test
+ public void userRole_shouldReturnErrorResult_whenAnyExceptionOccurs() {
+ //given
+ PermRequest wrongRequestType = new PermRequest();
+
+ //when
+ Result<UserRoleDAO.Data> result = mapper.userRole(transaction, wrongRequestType);
+
+ //then
+ assertFalse(result.isOK());
+ assertEquals(ERR_BadData, result.status);
+ verifyZeroInteractions(transaction);
+ }
+
+ @Test
+ public void userRole_shouldReturnEmptyRoleDAOobj_whenRequestIsEmpty() {
+ //given
+ UserRoleRequest request = new UserRoleRequest();
+ given(question.deriveNsSplit(any(), any())).willReturn(Result.err(new IllegalArgumentException()));
+ Organization org = mock(Organization.class);
+ given(org.expiration(any(), eq(Expiration.UserInRole), any())).willReturn(new GregorianCalendar());
+ given(transaction.org()).willReturn(org);
+
+ //when
+ Result<UserRoleDAO.Data> result = mapper.userRole(transaction, request);
+
+ //then
+ assertTrue(result.isOK());
+ assertNull(result.value.ns);
+ assertNull(result.value.rname);
+ assertNull(result.value.role);
+ assertNull(result.value.user);
+ assertNotNull(result.value.expires);
+ }
+
+ @Test
+ public void userRole_shouldReturnMappedRoleDAOobj_whenRequestIsFilled() {
+ //given
+ String user = "johny@people.osaaf.org";
+ String role = "org.onap.app1.deployer";
+ String rName = "deployer";
+ String namespace = "org.onap.app1";
+
+ given(question.deriveNsSplit(transaction, role)).willReturn(Result.ok(new NsSplit(namespace, rName)));
+ Organization org = mock(Organization.class);
+ given(org.expiration(any(), eq(Expiration.UserInRole), any())).willReturn(new GregorianCalendar());
+ given(transaction.org()).willReturn(org);
+
+ //when
+ Result<UserRoleDAO.Data> result = mapper.userRole(transaction, createUserRoleRequest(role, user));
+
+ //then
+ assertTrue(result.isOK());
+ assertEquals(user, result.value.user);
+ assertEquals(role, result.value.role);
+ assertEquals(rName, result.value.rname);
+ assertEquals(namespace, result.value.ns);
+ assertNotNull(result.value.expires);
+ }
+
+ private UserRoleRequest createUserRoleRequest(String role, String user) {
+ UserRoleRequest request = new UserRoleRequest();
+ request.setRole(role);
+ request.setUser(user);
+ return request;
+ }
+
+ private UserRoleDAO.Data createUserRoleDAOobj(String userName, Date expires, String namespace, String roleName) {
+ UserRoleDAO.Data userRole = new UserRoleDAO.Data();
+ userRole.user = userName;
+ userRole.expires = expires;
+ userRole.ns = namespace;
+ userRole.role = roleName;
+ return userRole;
+ }
}