summaryrefslogtreecommitdiffstats
path: root/authz-batch/src/main/java/com/att/authz/reports/Expiring.java
diff options
context:
space:
mode:
Diffstat (limited to 'authz-batch/src/main/java/com/att/authz/reports/Expiring.java')
-rw-r--r--authz-batch/src/main/java/com/att/authz/reports/Expiring.java235
1 files changed, 0 insertions, 235 deletions
diff --git a/authz-batch/src/main/java/com/att/authz/reports/Expiring.java b/authz-batch/src/main/java/com/att/authz/reports/Expiring.java
deleted file mode 100644
index eb420433..00000000
--- a/authz-batch/src/main/java/com/att/authz/reports/Expiring.java
+++ /dev/null
@@ -1,235 +0,0 @@
-/*******************************************************************************
- * Copyright (c) 2016 AT&T Intellectual Property. All rights reserved.
- *******************************************************************************/
-package com.att.authz.reports;
-
-import java.io.IOException;
-import java.util.ArrayList;
-import java.util.Date;
-import java.util.GregorianCalendar;
-import java.util.List;
-
-import com.att.authz.Batch;
-import com.att.authz.actions.Action;
-import com.att.authz.actions.ActionDAO;
-import com.att.authz.actions.CredDelete;
-import com.att.authz.actions.CredPrint;
-import com.att.authz.actions.FADelete;
-import com.att.authz.actions.FAPrint;
-import com.att.authz.actions.Key;
-import com.att.authz.actions.URDelete;
-import com.att.authz.actions.URFutureApprove;
-import com.att.authz.actions.URFuturePrint;
-import com.att.authz.actions.URPrint;
-import com.att.authz.env.AuthzTrans;
-import com.att.authz.helpers.Cred;
-import com.att.authz.helpers.Cred.Instance;
-import com.att.authz.helpers.Future;
-import com.att.authz.helpers.Notification;
-import com.att.authz.helpers.UserRole;
-import com.att.authz.layer.Result;
-import com.att.authz.org.Organization.Identity;
-import com.att.dao.aaf.cass.CredDAO;
-import com.att.inno.env.APIException;
-import com.att.inno.env.Env;
-import com.att.inno.env.TimeTaken;
-
-public class Expiring extends Batch {
-
- private final Action<UserRole,Void> urDelete,urPrint;
- private final Action<UserRole,List<Identity>> urFutureApprove;
- private final Action<CredDAO.Data,Void> crDelete,crPrint;
- private final Action<Future,Void> faDelete;
-// private final Email email;
- private final Key<UserRole> memoKey;
-
- public Expiring(AuthzTrans trans) throws APIException, IOException {
- super(trans.env());
- trans.info().log("Starting Connection Process");
- TimeTaken tt0 = trans.start("Cassandra Initialization", Env.SUB);
- try {
- urPrint = new URPrint("Expired:");
- crPrint = new CredPrint("Expired:");
-
- URFutureApprove ufr = new URFutureApprove(trans,cluster);
- memoKey = ufr;
-
- if(isDryRun()) {
- urDelete = new URPrint("Would Delete:");
- // While Testing
-// urFutureApprove = ufr;
- urFutureApprove = new URFuturePrint("Would setup Future/Approvals");
- crDelete = new CredPrint("Would Delete:");
- faDelete = new FAPrint("Would Delete:");
-// email = new EmailPrint();
-
- TimeTaken tt = trans.start("Connect to Cluster", Env.REMOTE);
- try {
- session = cluster.connect();
- } finally {
- tt.done();
- }
-
- } else {
- TimeTaken tt = trans.start("Connect to Cluster with DAOs", Env.REMOTE);
- try {
- ActionDAO<UserRole,Void> adao;
- urDelete = adao = new URDelete(trans, cluster);
- urFutureApprove = new URFutureApprove(trans,adao);
- faDelete = new FADelete(trans, adao);
-
- crDelete = new CredDelete(trans, adao);
-// email = new Email();
- TimeTaken tt2 = trans.start("Connect to Cluster", Env.REMOTE);
- try {
- session = adao.getSession(trans);
- } finally {
- tt2.done();
- }
- } finally {
- tt.done();
- }
- }
-
- UserRole.load(trans, session, UserRole.v2_0_11);
- Cred.load(trans, session);
- Notification.load(trans, session, Notification.v2_0_14);
- Future.load(trans,session,Future.v2_0_15);
- } finally {
- tt0.done();
- }
- }
-
- @Override
- protected void run(AuthzTrans trans) {
- // Setup Date boundaries
- Date now = new Date();
- GregorianCalendar gc = new GregorianCalendar();
- gc.setTime(now);
- gc.add(GregorianCalendar.MONTH, 1);
- Date future = gc.getTime();
- gc.setTime(now);
- gc.add(GregorianCalendar.MONTH, -1);
- Date tooLate = gc.getTime();
- int count = 0, deleted=0;
-
-// List<Notification> ln = new ArrayList<Notification>();
- TimeTaken tt;
-
- // Run for Expired Futures
- trans.info().log("Checking for Expired Futures");
- tt = trans.start("Delete old Futures", Env.REMOTE);
- try {
- List<Future> delf = new ArrayList<Future>();
- for(Future f : Future.data) {
- AuthzTrans localTrans = env.newTransNoAvg();
- if(f.expires.before(now)) {
- faDelete.exec(localTrans, f);
- delf.add(f);
- }
- }
- Future.delete(delf);
- } finally {
- tt.done();
- }
-
- // Run for Roles
- trans.info().log("Checking for Expired Roles");
- try {
- for(UserRole ur : UserRole.data) {
- AuthzTrans localTrans = env.newTransNoAvg();
- if(ur.expires.before(tooLate)) {
- if("owner".equals(ur.rname)) { // don't delete Owners, even if Expired
- urPrint.exec(localTrans,ur);
- } else {
- urDelete.exec(localTrans,ur);
- ++deleted;
- trans.logAuditTrail(trans.info());
- }
- ++count;
- } else if(ur.expires.before(future)) {
- List<Future> fbm = Future.byMemo.get(memoKey.key(ur));
- if(fbm==null || fbm.isEmpty()) {
- Result<List<Identity>> rapprovers = urFutureApprove.exec(localTrans, ur);
- if(rapprovers.isOK()) {
- for(Identity ou : rapprovers.value) {
-// Notification n = Notification.addApproval(localTrans,ou);
-// if(n.org==null) {
-// n.org = getOrgFromID(localTrans, ur.user);
-// }
-// ln.add(n);
- urPrint.exec(localTrans,ur);
- if(isDryRun()) {
- trans.logAuditTrail(trans.info());
- }
- }
- }
- }
- ++count;
- }
- }
- } finally {
- env.info().log("Found",count,"roles expiring before",future);
- env.info().log("deleting",deleted,"roles expiring before",tooLate);
- }
-
-// // Email Approval Notification
-// email.subject("AAF Role Expiration Warning (ENV: %s)", batchEnv);
-// email.indent("");
-// for(Notification n: ln) {
-// if(n.org==null) {
-// trans.error().log("No Organization for Notification");
-// } else if(n.update(trans, session, isDryRun())) {
-// email.clear();
-// email.addTo(n.user);
-// email.line(n.text(new StringBuilder()).toString());
-// email.exec(trans,n.org);
-// }
-// }
- // Run for Creds
- trans.info().log("Checking for Expired Credentials");
- System.out.flush();
- count = 0;
- try {
- CredDAO.Data crd = new CredDAO.Data();
- Date last = null;
- for( Cred creds : Cred.data.values()) {
- AuthzTrans localTrans = env.newTransNoAvg();
- crd.id = creds.id;
- for(int type : creds.types()) {
- crd.type = type;
- for( Instance inst : creds.instances) {
- if(inst.expires.before(tooLate)) {
- crd.expires = inst.expires;
- crDelete.exec(localTrans, crd);
- } else if(last==null || inst.expires.after(last)) {
- last = inst.expires;
- }
- }
- if(last!=null) {
- if(last.before(future)) {
- crd.expires = last;
- crPrint.exec(localTrans, crd);
- ++count;
- }
- }
- }
- }
- } finally {
- env.info().log("Found",count,"current creds expiring before",future);
- }
-
- }
-
- @Override
- protected void _close(AuthzTrans trans) {
- aspr.info("End " + this.getClass().getSimpleName() + " processing" );
- for(Action<?,?> action : new Action<?,?>[] {urDelete,crDelete}) {
- if(action instanceof ActionDAO) {
- ((ActionDAO<?,?>)action).close(trans);
- }
- }
- session.close();
- }
-
-}