summaryrefslogtreecommitdiffstats
path: root/authz-batch/src/main/java/com/att/authz/reports/CheckUR.java
diff options
context:
space:
mode:
Diffstat (limited to 'authz-batch/src/main/java/com/att/authz/reports/CheckUR.java')
-rw-r--r--authz-batch/src/main/java/com/att/authz/reports/CheckUR.java74
1 files changed, 74 insertions, 0 deletions
diff --git a/authz-batch/src/main/java/com/att/authz/reports/CheckUR.java b/authz-batch/src/main/java/com/att/authz/reports/CheckUR.java
new file mode 100644
index 00000000..5064140c
--- /dev/null
+++ b/authz-batch/src/main/java/com/att/authz/reports/CheckUR.java
@@ -0,0 +1,74 @@
+/*******************************************************************************
+ * Copyright (c) 2016 AT&T Intellectual Property. All rights reserved.
+ *******************************************************************************/
+package com.att.authz.reports;
+
+import java.io.IOException;
+
+import com.att.authz.Batch;
+import com.att.authz.env.AuthzTrans;
+import com.att.authz.helpers.NS;
+import com.att.authz.helpers.NS.NSSplit;
+import com.att.authz.helpers.UserRole;
+import org.onap.aaf.inno.env.APIException;
+import org.onap.aaf.inno.env.Env;
+import org.onap.aaf.inno.env.TimeTaken;
+
+public class CheckUR extends Batch{
+
+ public CheckUR(AuthzTrans trans) throws APIException, IOException {
+ super(trans.env());
+ TimeTaken tt = trans.start("Connect to Cluster", Env.REMOTE);
+ try {
+ session = cluster.connect();
+ } finally {
+ tt.done();
+ }
+ NS.load(trans, session,NS.v2_0_11);
+ UserRole.load(trans, session,UserRole.v2_0_11);
+ }
+
+ @Override
+ protected void run(AuthzTrans trans) {
+ trans.info().log("Get All Namespaces");
+
+
+ String query;
+
+ /// Evaluate
+ for(UserRole urKey : UserRole.data) {
+ NSSplit nss = NS.deriveParent(urKey.role);
+ if(nss==null && NS.data.size()>0 ) { // there is no Namespace for this UserRole
+ if(dryRun) {
+ trans.warn().printf("Would delete %s %s, which has no corresponding Namespace",urKey.user,urKey.role);
+ } else {
+ query = "DELETE FROM authz.user_role WHERE "
+ + "user='" + urKey.user
+ + "' AND role='" + urKey.role
+ + "';";
+ session.execute(query);
+ trans.warn().printf("Deleting %s %s, which has no corresponding Namespace",urKey.user,urKey.role);
+ }
+ } else if(urKey.ns == null || urKey.rname == null || !urKey.role.equals(urKey.ns+'.'+urKey.rname)) {
+ if(dryRun) {
+ trans.warn().log(urKey,"needs to be split and added to Record (", urKey.ns, urKey.rname,")");
+ } else {
+ query = "UPDATE authz.user_role SET ns='" + nss.ns
+ + "', rname='" + nss.other
+ + "' WHERE "
+ + "user='" + urKey.user
+ + "' AND role='" + urKey.role
+ + "';";
+ session.execute(query);
+ trans.warn().log("Setting ns and rname",query);
+ }
+ }
+ }
+ }
+
+ @Override
+ protected void _close(AuthzTrans trans) {
+ session.close();
+ aspr.info("End " + this.getClass().getSimpleName() + " processing" );
+ }
+}