diff options
Diffstat (limited to 'authz-cmd/src/main/java/com/att/cmd/user')
11 files changed, 1183 insertions, 0 deletions
diff --git a/authz-cmd/src/main/java/com/att/cmd/user/Cred.java b/authz-cmd/src/main/java/com/att/cmd/user/Cred.java new file mode 100644 index 00000000..13198890 --- /dev/null +++ b/authz-cmd/src/main/java/com/att/cmd/user/Cred.java @@ -0,0 +1,153 @@ +/*******************************************************************************
+ * ============LICENSE_START====================================================
+ * * org.onap.aai
+ * * ===========================================================================
+ * * Copyright © 2017 AT&T Intellectual Property. All rights reserved.
+ * * Copyright © 2017 Amdocs
+ * * ===========================================================================
+ * * Licensed under the Apache License, Version 2.0 (the "License");
+ * * you may not use this file except in compliance with the License.
+ * * You may obtain a copy of the License at
+ * *
+ * * http://www.apache.org/licenses/LICENSE-2.0
+ * *
+ * * Unless required by applicable law or agreed to in writing, software
+ * * distributed under the License is distributed on an "AS IS" BASIS,
+ * * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * * See the License for the specific language governing permissions and
+ * * limitations under the License.
+ * * ============LICENSE_END====================================================
+ * *
+ * * ECOMP is a trademark and service mark of AT&T Intellectual Property.
+ * *
+ ******************************************************************************/
+package com.att.cmd.user;
+
+import com.att.cadi.CadiException;
+import com.att.cadi.LocatorException;
+import com.att.cadi.client.Future;
+import com.att.cadi.client.Rcli;
+import com.att.cadi.client.Retryable;
+import com.att.cmd.AAFcli;
+import com.att.cmd.Cmd;
+import com.att.cmd.Param;
+import com.att.cssa.rserv.HttpMethods;
+import com.att.inno.env.APIException;
+
+import aaf.v2_0.CredRequest;
+
+public class Cred extends Cmd {
+ private static final String CRED_PATH = "/authn/cred";
+ private static final String[] options = {"add","del","reset","extend"/*,"clean"*/};
+// private Clean clean;
+ public Cred(User parent) {
+ super(parent,"cred",
+ new Param(optionsToString(options),true),
+ new Param("id",true),
+ new Param("password (! D|E)",false),
+ new Param("entry# (if multi)",false)
+ );
+// clean = new Clean(this);
+ }
+
+ @Override
+ public int _exec(int _idx, final String ... args) throws CadiException, APIException, LocatorException {
+ int idx = _idx;
+ String key = args[idx++];
+ final int option = whichOption(options,key);
+
+ final CredRequest cr = new CredRequest();
+ cr.setId(args[idx++]);
+ if(option!=1 && option!=3) {
+ if(idx>=args.length) throw new CadiException("Password Required");
+ cr.setPassword(args[idx++]);
+ }
+ if(args.length>idx)
+ cr.setEntry(args[idx++]);
+
+ // Set Start/End commands
+ setStartEnd(cr);
+// final int cleanIDX = _idx+1;
+ Integer ret = same(new Retryable<Integer>() {
+ @Override
+ public Integer code(Rcli<?> client) throws CadiException, APIException {
+ Future<CredRequest> fp=null;
+ String verb =null;
+ switch(option) {
+ case 0:
+ fp = client.create(
+ CRED_PATH,
+ getDF(CredRequest.class),
+ cr
+ );
+ verb = "Added Credential [";
+ break;
+ case 1:
+// if(aafcli.addForce())cr.setForce("TRUE");
+ setQueryParamsOn(client);
+ fp = client.delete(CRED_PATH,
+ getDF(CredRequest.class),
+ cr
+ );
+ verb = "Deleted Credential [";
+ break;
+ case 2:
+ fp = client.update(
+ CRED_PATH,
+ getDF(CredRequest.class),
+ cr
+ );
+ verb = "Reset Credential [";
+ break;
+ case 3:
+ fp = client.update(
+ CRED_PATH+"/5",
+ getDF(CredRequest.class),
+ cr
+ );
+ verb = "Extended Credential [";
+ break;
+// case 4:
+// return clean.exec(cleanIDX, args);
+ }
+ if(fp.get(AAFcli.timeout())) {
+ pw().print(verb);
+ pw().print(cr.getId());
+ pw().println(']');
+ } else if(fp.code()==202) {
+ pw().println("Credential Action Accepted, but requires Approvals before actualizing");
+ } else if(fp.code()==406 && option==1) {
+ pw().println("You cannot delete this Credential");
+ } else {
+ error(fp);
+ }
+ return fp.code();
+ }
+ });
+ if(ret==null)ret = -1;
+ return ret;
+ }
+
+ @Override
+ public void detailedHelp(int _indent, StringBuilder sb) {
+ int indent = _indent;
+ detailLine(sb,indent,"Add, Delete or Reset Credential");
+ indent+=2;
+ detailLine(sb,indent,"id - the ID to create/delete/reset within AAF");
+ detailLine(sb,indent,"password - Company Policy compliant Password (not required for Delete)");
+ detailLine(sb,indent,"entry - selected option when deleting/resetting a cred with multiple entries");
+ sb.append('\n');
+ detailLine(sb,indent,"The Domain can be related to any Namespace you have access to *");
+ detailLine(sb,indent,"The Domain is in reverse order of Namespace, i.e. ");
+ detailLine(sb,indent+2,"NS of com.att.myapp can create user of XY1234@myapp.att.com");
+ sb.append('\n');
+ detailLine(sb,indent,"NOTE: AAF does support multiple creds with the same ID. Check with your org if you");
+ detailLine(sb,indent+2,"have this implemented. (For example, this is implemented for MechIDs at AT&T)");
+ sb.append('\n');
+ detailLine(sb,indent,"Delegates can be listed by the User or by the Delegate");
+ indent-=2;
+ api(sb,indent,HttpMethods.POST,"authn/cred",CredRequest.class,true);
+ api(sb,indent,HttpMethods.DELETE,"authn/cred",CredRequest.class,false);
+ api(sb,indent,HttpMethods.PUT,"authn/cred",CredRequest.class,false);
+ }
+}
diff --git a/authz-cmd/src/main/java/com/att/cmd/user/Delg.java b/authz-cmd/src/main/java/com/att/cmd/user/Delg.java new file mode 100644 index 00000000..af4095f3 --- /dev/null +++ b/authz-cmd/src/main/java/com/att/cmd/user/Delg.java @@ -0,0 +1,136 @@ +/*******************************************************************************
+ * ============LICENSE_START====================================================
+ * * org.onap.aai
+ * * ===========================================================================
+ * * Copyright © 2017 AT&T Intellectual Property. All rights reserved.
+ * * Copyright © 2017 Amdocs
+ * * ===========================================================================
+ * * Licensed under the Apache License, Version 2.0 (the "License");
+ * * you may not use this file except in compliance with the License.
+ * * You may obtain a copy of the License at
+ * *
+ * * http://www.apache.org/licenses/LICENSE-2.0
+ * *
+ * * Unless required by applicable law or agreed to in writing, software
+ * * distributed under the License is distributed on an "AS IS" BASIS,
+ * * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * * See the License for the specific language governing permissions and
+ * * limitations under the License.
+ * * ============LICENSE_END====================================================
+ * *
+ * * ECOMP is a trademark and service mark of AT&T Intellectual Property.
+ * *
+ ******************************************************************************/
+package com.att.cmd.user;
+
+import java.text.ParseException;
+import java.util.Date;
+
+import com.att.cadi.CadiException;
+import com.att.cadi.LocatorException;
+import com.att.cadi.client.Future;
+import com.att.cadi.client.Rcli;
+import com.att.cadi.client.Retryable;
+import com.att.cmd.AAFcli;
+import com.att.cmd.BaseCmd;
+import com.att.cmd.Param;
+import com.att.cssa.rserv.HttpMethods;
+import com.att.inno.env.APIException;
+import com.att.inno.env.util.Chrono;
+import com.att.rosetta.env.RosettaDF;
+
+import aaf.v2_0.DelgRequest;
+
+public class Delg extends BaseCmd<User> {
+ static final String AUTHZ_DELG = "/authz/delegate";
+ private final static String[] options = {"add","upd","del"};
+
+ public Delg(User user) throws APIException {
+ super(user,"delegate",
+ new Param(optionsToString(options),true),
+ new Param("from",true),
+ new Param("to REQ A&U",false),
+ new Param("until (YYYY-MM-DD) REQ A", false)
+ );
+ }
+
+ @Override
+ public int _exec(final int index, final String ... args) throws CadiException, APIException, LocatorException {
+ return same(new Retryable<Integer>() {
+ @Override
+ public Integer code(Rcli<?> client) throws CadiException, APIException {
+ int idx = index;
+ String realm = getOrgRealm();
+ DelgRequest dr = new DelgRequest();
+ setStartEnd(dr);
+
+ int option= whichOption(options, args[idx++]);
+ String user = args[idx++];
+ if (user.indexOf('@') < 0 && realm != null) user += '@' + realm;
+ dr.setUser(user);
+ if(option<2) {
+ String delegate = args[idx++];
+ if (delegate.indexOf('@') < 0 && realm != null) delegate += '@' + realm;
+ dr.setDelegate(delegate);
+ if(option<2 && args.length>idx) {
+ Date date;
+ try {
+ date = Chrono.dateOnlyFmt.parse(args[idx++]);
+ } catch (ParseException e) {
+ throw new CadiException(e);
+ }
+ dr.setEnd(Chrono.timeStamp(date));
+ }
+ }
+
+ Future<DelgRequest> fp;
+ RosettaDF<DelgRequest> df = getDF(DelgRequest.class);
+ String verb;
+ setQueryParamsOn(client);
+
+ switch(option) {
+ case 0:
+ fp = client.create(AUTHZ_DELG, df, dr);
+ verb = "Added";
+ break;
+ case 1:
+ fp = client.update(AUTHZ_DELG, df, dr);
+ verb = "Updated";
+ break;
+ case 2:
+ fp = client.delete(AUTHZ_DELG, df, dr);
+ verb = "Deleted";
+ break;
+ default:
+ throw new CadiException("Bad Argument");
+ };
+
+ if(fp.get(AAFcli.timeout())) {
+ pw().append("Delegate ");
+ pw().println(verb);
+ } else {
+ error(fp);
+ }
+ return fp.code();
+ }
+ });
+ }
+
+ @Override
+ public void detailedHelp(int _indent, StringBuilder sb) {
+ int indent = _indent;
+ detailLine(sb,indent,"Add, Update or Delete Delegate");
+ indent+=2;
+ detailLine(sb,indent,"A Delegate is a person who will temporarily cover the Approval and");
+ detailLine(sb,indent,"Ownership questions on behalf of the person Responsible.");
+ sb.append('\n');
+ detailLine(sb,indent,"fromID - the person who is the Responsible person of record");
+ detailLine(sb,indent,"toID - the person who will be delegated (required for Add/Update)");
+ detailLine(sb,indent,"until - the end date for this delegation");
+ indent-=2;
+ api(sb,indent,HttpMethods.POST,AUTHZ_DELG,DelgRequest.class,true);
+ api(sb,indent,HttpMethods.DELETE,AUTHZ_DELG,DelgRequest.class,false);
+ api(sb,indent,HttpMethods.PUT,AUTHZ_DELG,DelgRequest.class,false);
+ }
+
+}
diff --git a/authz-cmd/src/main/java/com/att/cmd/user/List.java b/authz-cmd/src/main/java/com/att/cmd/user/List.java new file mode 100644 index 00000000..d88c15dc --- /dev/null +++ b/authz-cmd/src/main/java/com/att/cmd/user/List.java @@ -0,0 +1,122 @@ +/*******************************************************************************
+ * ============LICENSE_START====================================================
+ * * org.onap.aai
+ * * ===========================================================================
+ * * Copyright © 2017 AT&T Intellectual Property. All rights reserved.
+ * * Copyright © 2017 Amdocs
+ * * ===========================================================================
+ * * Licensed under the Apache License, Version 2.0 (the "License");
+ * * you may not use this file except in compliance with the License.
+ * * You may obtain a copy of the License at
+ * *
+ * * http://www.apache.org/licenses/LICENSE-2.0
+ * *
+ * * Unless required by applicable law or agreed to in writing, software
+ * * distributed under the License is distributed on an "AS IS" BASIS,
+ * * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * * See the License for the specific language governing permissions and
+ * * limitations under the License.
+ * * ============LICENSE_END====================================================
+ * *
+ * * ECOMP is a trademark and service mark of AT&T Intellectual Property.
+ * *
+ ******************************************************************************/
+package com.att.cmd.user;
+
+import java.util.Collections;
+import java.util.Comparator;
+
+import com.att.cmd.BaseCmd;
+import com.att.inno.env.util.Chrono;
+
+import aaf.v2_0.Approval;
+import aaf.v2_0.Approvals;
+import aaf.v2_0.Delg;
+import aaf.v2_0.Delgs;
+import aaf.v2_0.Users;
+
+public class List extends BaseCmd<User> {
+
+ public List(User parent) {
+ super(parent,"list");
+ cmds.add(new ListForRoles(this));
+ cmds.add(new ListForPermission(this));
+ cmds.add(new ListForCreds(this));
+ cmds.add(new ListDelegates(this));
+ cmds.add(new ListApprovals(this));
+ cmds.add(new ListActivity(this));
+ }
+
+
+ void report(Users users, boolean count, String ... str) {
+ reportHead(str);
+ String format = reportColHead("%-50s %-30s\n","User","Expires");
+ String date = "XXXX-XX-XX";
+ int idx = 0;
+ java.util.List<aaf.v2_0.Users.User> sorted = users.getUser();
+ Collections.sort(sorted, new Comparator<aaf.v2_0.Users.User>() {
+ @Override
+ public int compare(aaf.v2_0.Users.User u1, aaf.v2_0.Users.User u2) {
+ if(u2==null || u2 == null) {
+ return -1;
+ }
+ return u1.getId().compareTo(u2.getId());
+ }
+ });
+ for(aaf.v2_0.Users.User user : sorted) {
+ if(!aafcli.isTest())
+ date = Chrono.dateOnlyStamp(user.getExpires());
+
+ pw().format(format,
+ count? (Integer.valueOf(++idx) + ") " + user.getId()): user.getId(),
+ date);
+ }
+ pw().println();
+ }
+
+ public void report(Approvals approvals, String title, String id) {
+ reportHead(title,id);
+ String format = reportColHead(" %-20s %-20s %-11s %-6s %12s\n","User","Approver","Type","Status","Updated");
+ java.util.List<Approval> lapp = approvals.getApprovals();
+ Collections.sort(lapp, new Comparator<Approval>() {
+ @Override
+ public int compare(Approval a1, Approval a2) {
+ return a1.getTicket().compareTo(a2.getTicket());
+ }
+ } );
+ String ticket = null, prev = null;
+ for(Approval app : lapp ) {
+ ticket = app.getTicket();
+ if(!ticket.equals(prev)) {
+ pw().print("Ticket: ");
+ pw().println(ticket);
+ }
+ prev = ticket;
+
+ pw().format(format,
+ app.getUser(),
+ app.getApprover(),
+ app.getType(),
+ app.getStatus(),
+ Chrono.niceDateStamp(app.getUpdated())
+ );
+ }
+ }
+
+ public void report(Delgs delgs, String title, String id) {
+ reportHead(title,id);
+ String format = reportColHead(" %-25s %-25s %-10s\n","User","Delegate","Expires");
+ String date = "XXXX-XX-XX";
+ for(Delg delg : delgs.getDelgs()) {
+ if(!this.aafcli.isTest())
+ date = Chrono.dateOnlyStamp(delg.getExpires());
+ pw().printf(format,
+ delg.getUser(),
+ delg.getDelegate(),
+ date
+ );
+ }
+ }
+
+
+}
diff --git a/authz-cmd/src/main/java/com/att/cmd/user/ListActivity.java b/authz-cmd/src/main/java/com/att/cmd/user/ListActivity.java new file mode 100644 index 00000000..bf384f6e --- /dev/null +++ b/authz-cmd/src/main/java/com/att/cmd/user/ListActivity.java @@ -0,0 +1,81 @@ +/*******************************************************************************
+ * ============LICENSE_START====================================================
+ * * org.onap.aai
+ * * ===========================================================================
+ * * Copyright © 2017 AT&T Intellectual Property. All rights reserved.
+ * * Copyright © 2017 Amdocs
+ * * ===========================================================================
+ * * Licensed under the Apache License, Version 2.0 (the "License");
+ * * you may not use this file except in compliance with the License.
+ * * You may obtain a copy of the License at
+ * *
+ * * http://www.apache.org/licenses/LICENSE-2.0
+ * *
+ * * Unless required by applicable law or agreed to in writing, software
+ * * distributed under the License is distributed on an "AS IS" BASIS,
+ * * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * * See the License for the specific language governing permissions and
+ * * limitations under the License.
+ * * ============LICENSE_END====================================================
+ * *
+ * * ECOMP is a trademark and service mark of AT&T Intellectual Property.
+ * *
+ ******************************************************************************/
+package com.att.cmd.user;
+
+import com.att.cadi.CadiException;
+import com.att.cadi.LocatorException;
+import com.att.cadi.client.Future;
+import com.att.cadi.client.Rcli;
+import com.att.cadi.client.Retryable;
+import com.att.cmd.AAFcli;
+import com.att.cmd.Cmd;
+import com.att.cmd.Param;
+import com.att.cssa.rserv.HttpMethods;
+import com.att.inno.env.APIException;
+
+import aaf.v2_0.History;
+
+/**
+ *
+ */
+public class ListActivity extends Cmd {
+ private static final String HEADER = "List Activity of User";
+
+ public ListActivity(List parent) {
+ super(parent,"activity",
+ new Param("user",true));
+ }
+
+ @Override
+ public int _exec(int _idx, final String ... args) throws CadiException, APIException, LocatorException {
+ int idx = _idx;
+ String user = args[idx++];
+ String realm = getOrgRealm();
+ final String fullUser = (user.indexOf('@') < 0 && realm != null)?user + '@' + realm:user;
+ return same(new Retryable<Integer>() {
+ @Override
+ public Integer code(Rcli<?> client) throws CadiException, APIException {
+
+ Future<History> fp = client.read(
+ "/authz/hist/user/"+fullUser,
+ getDF(History.class)
+ );
+ if(fp.get(AAFcli.timeout())) {
+ activity(fp.value,HEADER + " [ " + fullUser + " ]");
+ } else {
+ error(fp);
+ }
+ return fp.code();
+ }
+ });
+ }
+
+
+ @Override
+ public void detailedHelp(int indent, StringBuilder sb) {
+ detailLine(sb,indent,HEADER);
+ api(sb,indent,HttpMethods.GET,"authz/hist/user/<user>",History.class,true);
+ }
+
+}
diff --git a/authz-cmd/src/main/java/com/att/cmd/user/ListApprovals.java b/authz-cmd/src/main/java/com/att/cmd/user/ListApprovals.java new file mode 100644 index 00000000..85569f41 --- /dev/null +++ b/authz-cmd/src/main/java/com/att/cmd/user/ListApprovals.java @@ -0,0 +1,104 @@ +/*******************************************************************************
+ * ============LICENSE_START====================================================
+ * * org.onap.aai
+ * * ===========================================================================
+ * * Copyright © 2017 AT&T Intellectual Property. All rights reserved.
+ * * Copyright © 2017 Amdocs
+ * * ===========================================================================
+ * * Licensed under the Apache License, Version 2.0 (the "License");
+ * * you may not use this file except in compliance with the License.
+ * * You may obtain a copy of the License at
+ * *
+ * * http://www.apache.org/licenses/LICENSE-2.0
+ * *
+ * * Unless required by applicable law or agreed to in writing, software
+ * * distributed under the License is distributed on an "AS IS" BASIS,
+ * * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * * See the License for the specific language governing permissions and
+ * * limitations under the License.
+ * * ============LICENSE_END====================================================
+ * *
+ * * ECOMP is a trademark and service mark of AT&T Intellectual Property.
+ * *
+ ******************************************************************************/
+package com.att.cmd.user;
+
+import com.att.cadi.CadiException;
+import com.att.cadi.LocatorException;
+import com.att.cadi.client.Future;
+import com.att.cadi.client.Rcli;
+import com.att.cadi.client.Retryable;
+import com.att.cmd.AAFcli;
+import com.att.cmd.Cmd;
+import com.att.cmd.Param;
+import com.att.cssa.rserv.HttpMethods;
+import com.att.inno.env.APIException;
+
+import aaf.v2_0.Approvals;
+
+/**
+ *
+ *
+ */
+public class ListApprovals extends Cmd {
+ private static final String HEADER = "List Approvals";
+ private final static String[] options = {"user","approver","ticket"};
+ public ListApprovals(List parent) {
+ super(parent,"approvals",
+ new Param(optionsToString(options),true),
+ new Param("value",true));
+ }
+
+ @Override
+ public int _exec(int _idx, final String ... args) throws CadiException, APIException, LocatorException {
+ int idx = _idx;
+ final String type = args[idx++];
+ int option = whichOption(options,type);
+ String value = args[idx++];
+ final String fullValue;
+ if (option != 2) {
+ String realm = getOrgRealm();
+ fullValue = (value.indexOf('@')<0 && realm != null)?value +'@'+realm:value;
+ } else {
+ fullValue = value;
+ }
+ return same(new Retryable<Integer>() {
+ @Override
+ public Integer code(Rcli<?> client) throws CadiException, APIException {
+ Future<Approvals> fp = client.read(
+ "/authz/approval/"+type+'/'+fullValue,
+ getDF(Approvals.class)
+ );
+ if(fp.get(AAFcli.timeout())) {
+ ((List)parent).report(fp.value,HEADER + " by " + type,fullValue);
+ if(fp.code()==404) {
+ return 200;
+ }
+ } else {
+ error(fp);
+ }
+ return fp.code();
+ }
+ });
+ }
+
+ @Override
+ public void detailedHelp(int _indent, StringBuilder sb) {
+ int indent = _indent;
+ detailLine(sb,indent,HEADER);
+ indent+=2;
+ detailLine(sb,indent,"Approvals are used when the Requestor does not have the rights");
+ detailLine(sb,indent,"to perform the action required. Approvers are those listed as");
+ detailLine(sb,indent,"responsible for Namespace associated with the request, and those");
+ detailLine(sb,indent,"required by the Company by Policy. This may be, for instance");
+ detailLine(sb,indent,"the supervisor of the requestor");
+ sb.append('\n');
+ detailLine(sb,indent,"Delegates can be listed by User, Approver or Ticket.");
+ indent-=2;
+ api(sb,indent,HttpMethods.GET,"authz/approval/user/<value>",Approvals.class,true);
+ api(sb,indent,HttpMethods.GET,"authz/approval/approver/<value>",Approvals.class,false);
+ api(sb,indent,HttpMethods.GET,"authz/approval/ticket/<value>",Approvals.class,false);
+ }
+
+
+}
diff --git a/authz-cmd/src/main/java/com/att/cmd/user/ListDelegates.java b/authz-cmd/src/main/java/com/att/cmd/user/ListDelegates.java new file mode 100644 index 00000000..779f6253 --- /dev/null +++ b/authz-cmd/src/main/java/com/att/cmd/user/ListDelegates.java @@ -0,0 +1,95 @@ +/*******************************************************************************
+ * ============LICENSE_START====================================================
+ * * org.onap.aai
+ * * ===========================================================================
+ * * Copyright © 2017 AT&T Intellectual Property. All rights reserved.
+ * * Copyright © 2017 Amdocs
+ * * ===========================================================================
+ * * Licensed under the Apache License, Version 2.0 (the "License");
+ * * you may not use this file except in compliance with the License.
+ * * You may obtain a copy of the License at
+ * *
+ * * http://www.apache.org/licenses/LICENSE-2.0
+ * *
+ * * Unless required by applicable law or agreed to in writing, software
+ * * distributed under the License is distributed on an "AS IS" BASIS,
+ * * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * * See the License for the specific language governing permissions and
+ * * limitations under the License.
+ * * ============LICENSE_END====================================================
+ * *
+ * * ECOMP is a trademark and service mark of AT&T Intellectual Property.
+ * *
+ ******************************************************************************/
+package com.att.cmd.user;
+
+import com.att.cadi.CadiException;
+import com.att.cadi.LocatorException;
+import com.att.cadi.client.Future;
+import com.att.cadi.client.Rcli;
+import com.att.cadi.client.Retryable;
+import com.att.cmd.AAFcli;
+import com.att.cmd.Cmd;
+import com.att.cmd.Param;
+import com.att.cssa.rserv.HttpMethods;
+import com.att.inno.env.APIException;
+
+import aaf.v2_0.Delgs;
+
+/**
+ *
+ */
+public class ListDelegates extends Cmd {
+ private static final String HEADER = "List Delegates";
+ private static final String[] options = {"user","delegate"};
+ public ListDelegates(List parent) {
+ super(parent,"delegates",
+ new Param(optionsToString(options),true),
+ new Param("id",true));
+ }
+
+ @Override
+ public int _exec(int _idx, final String ... args) throws CadiException, APIException, LocatorException {
+ String realm = getOrgRealm();
+ int idx = _idx;
+ final String key = args[idx++];
+ //int option = whichOption(options,key);
+ String id = args[idx++];
+ final String fullID = (id.indexOf('@') < 0 && realm != null)? id + '@' + realm:id;
+ return same(new Retryable<Integer>() {
+ @Override
+ public Integer code(Rcli<?> client) throws CadiException, APIException {
+
+ Future<Delgs> fp = client.read(
+ "/authz/delegates/" + key + '/' + fullID,
+ getDF(Delgs.class)
+ );
+ if(fp.get(AAFcli.timeout())) {
+ ((List)parent).report(fp.value,HEADER + " by " + key, fullID);
+ if(fp.code()==404)return 200;
+ } else {
+ error(fp);
+ }
+ return fp.code();
+ }
+ });
+ }
+
+ @Override
+ public void detailedHelp(int _indent, StringBuilder sb) {
+ int indent = _indent;
+ detailLine(sb,indent,HEADER);
+ indent+=2;
+ detailLine(sb,indent,"Delegates are those people temporarily assigned to cover the");
+ detailLine(sb,indent,"responsibility of Approving, etc, while the actual Responsible");
+ detailLine(sb,indent,"Party is absent. Typically, this is for Vacation, or Business");
+ detailLine(sb,indent,"Travel.");
+ sb.append('\n');
+ detailLine(sb,indent,"Delegates can be listed by the User or by the Delegate");
+ indent-=2;
+ api(sb,indent,HttpMethods.GET,"authz/delegates/user/<id>",Delgs.class,true);
+ api(sb,indent,HttpMethods.GET,"authz/delegates/delegate/<id>",Delgs.class,false);
+ }
+
+
+}
diff --git a/authz-cmd/src/main/java/com/att/cmd/user/ListForCreds.java b/authz-cmd/src/main/java/com/att/cmd/user/ListForCreds.java new file mode 100644 index 00000000..8ede1187 --- /dev/null +++ b/authz-cmd/src/main/java/com/att/cmd/user/ListForCreds.java @@ -0,0 +1,99 @@ +/*******************************************************************************
+ * ============LICENSE_START====================================================
+ * * org.onap.aai
+ * * ===========================================================================
+ * * Copyright © 2017 AT&T Intellectual Property. All rights reserved.
+ * * Copyright © 2017 Amdocs
+ * * ===========================================================================
+ * * Licensed under the Apache License, Version 2.0 (the "License");
+ * * you may not use this file except in compliance with the License.
+ * * You may obtain a copy of the License at
+ * *
+ * * http://www.apache.org/licenses/LICENSE-2.0
+ * *
+ * * Unless required by applicable law or agreed to in writing, software
+ * * distributed under the License is distributed on an "AS IS" BASIS,
+ * * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * * See the License for the specific language governing permissions and
+ * * limitations under the License.
+ * * ============LICENSE_END====================================================
+ * *
+ * * ECOMP is a trademark and service mark of AT&T Intellectual Property.
+ * *
+ ******************************************************************************/
+package com.att.cmd.user;
+
+import java.util.Collections;
+import java.util.Comparator;
+
+import com.att.cadi.CadiException;
+import com.att.cadi.LocatorException;
+import com.att.cadi.client.Future;
+import com.att.cadi.client.Rcli;
+import com.att.cadi.client.Retryable;
+import com.att.cmd.AAFcli;
+import com.att.cmd.Cmd;
+import com.att.cmd.Param;
+import com.att.cssa.rserv.HttpMethods;
+import com.att.inno.env.APIException;
+
+import aaf.v2_0.Users;
+import aaf.v2_0.Users.User;
+
+/**
+ * List for Creds
+ *
+ */
+public class ListForCreds extends Cmd {
+ private final static String[] options = {"ns","id"};
+
+ private static final String HEADER = "List creds for ";
+ public ListForCreds(List parent) {
+ super(parent,"cred",
+ new Param(optionsToString(options),true),
+ new Param("value",true));
+ }
+
+ @Override
+ public int _exec(int _idx, final String ... args) throws CadiException, APIException, LocatorException {
+ int idx = _idx;
+ final int option = whichOption(options, args[idx++]);
+ final String which = options[option];
+ final String value = args[idx++];
+ return same(new Retryable<Integer>() {
+ @Override
+ public Integer code(Rcli<?> client) throws CadiException, APIException {
+ Future<Users> fp = client.read(
+ "/authn/creds/"+which+'/'+value,
+ getDF(Users.class)
+ );
+ if(fp.get(AAFcli.timeout())) {
+ if (aafcli.isTest())
+ Collections.sort(fp.value.getUser(), new Comparator<User>() {
+ @Override
+ public int compare(User u1, User u2) {
+ return u1.getId().compareTo(u2.getId());
+ }
+ });
+ ((com.att.cmd.user.List)parent).report(fp.value,option==1,HEADER+which,value);
+ if(fp.code()==404)return 200;
+ } else {
+ error(fp);
+ }
+ return fp.code();
+ }
+ });
+ }
+
+ @Override
+ public void detailedHelp(int _indent, StringBuilder sb) {
+ int indent = _indent;
+ detailLine(sb,indent,HEADER);
+ indent+=2;
+ detailLine(sb,indent,"This report lists the users associated to Roles.");
+ detailLine(sb,indent,"role - the Role name");
+ indent-=2;
+ api(sb,indent,HttpMethods.GET,"authz/users/role/<role>",Users.class,true);
+ }
+
+}
diff --git a/authz-cmd/src/main/java/com/att/cmd/user/ListForPermission.java b/authz-cmd/src/main/java/com/att/cmd/user/ListForPermission.java new file mode 100644 index 00000000..fb13bbbb --- /dev/null +++ b/authz-cmd/src/main/java/com/att/cmd/user/ListForPermission.java @@ -0,0 +1,104 @@ +/*******************************************************************************
+ * ============LICENSE_START====================================================
+ * * org.onap.aai
+ * * ===========================================================================
+ * * Copyright © 2017 AT&T Intellectual Property. All rights reserved.
+ * * Copyright © 2017 Amdocs
+ * * ===========================================================================
+ * * Licensed under the Apache License, Version 2.0 (the "License");
+ * * you may not use this file except in compliance with the License.
+ * * You may obtain a copy of the License at
+ * *
+ * * http://www.apache.org/licenses/LICENSE-2.0
+ * *
+ * * Unless required by applicable law or agreed to in writing, software
+ * * distributed under the License is distributed on an "AS IS" BASIS,
+ * * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * * See the License for the specific language governing permissions and
+ * * limitations under the License.
+ * * ============LICENSE_END====================================================
+ * *
+ * * ECOMP is a trademark and service mark of AT&T Intellectual Property.
+ * *
+ ******************************************************************************/
+package com.att.cmd.user;
+
+import java.util.Collections;
+import java.util.Comparator;
+
+import com.att.cadi.CadiException;
+import com.att.cadi.LocatorException;
+import com.att.cadi.client.Future;
+import com.att.cadi.client.Rcli;
+import com.att.cadi.client.Retryable;
+import com.att.cmd.AAFcli;
+import com.att.cmd.Cmd;
+import com.att.cmd.Param;
+import com.att.cssa.rserv.HttpMethods;
+import com.att.inno.env.APIException;
+
+import aaf.v2_0.Users;
+import aaf.v2_0.Users.User;
+
+/**
+ * p
+ *
+ */
+public class ListForPermission extends Cmd {
+ private static final String HEADER = "List Users for Permission";
+ public ListForPermission(List parent) {
+ super(parent,"perm",
+ new Param("type",true),
+ new Param("instance",true),
+ new Param("action",true));
+ }
+
+ @Override
+ public int _exec(final int index, final String ... args) throws CadiException, APIException, LocatorException {
+ return same(new Retryable<Integer>() {
+ @Override
+ public Integer code(Rcli<?> client) throws CadiException, APIException {
+ int idx = index;
+ String type = args[idx++];
+ String instance = args[idx++];
+ if("\\*".equals(instance))instance="*";
+ String action = args[idx++];
+ if("\\*".equals(action))action="*";
+ Future<Users> fp = client.read(
+ "/authz/users/perm/"+type+'/'+instance+'/'+action,
+ getDF(Users.class)
+ );
+ if(fp.get(AAFcli.timeout())) {
+ if (aafcli.isTest())
+ Collections.sort(fp.value.getUser(), new Comparator<User>() {
+ @Override
+ public int compare(User u1, User u2) {
+ return u1.getId().compareTo(u2.getId());
+ }
+ });
+ ((com.att.cmd.user.List)parent).report(fp.value,false,HEADER,type+"|"+instance+"|"+action);
+ if(fp.code()==404)return 200;
+ } else {
+ error(fp);
+ }
+ return fp.code();
+ }
+ });
+ }
+
+ @Override
+ public void detailedHelp(int _indent, StringBuilder sb) {
+ int indent = _indent;
+ detailLine(sb,indent,HEADER);
+ indent+=2;
+ detailLine(sb,indent,"This report lists the users associated to Permissions. Since Users");
+ detailLine(sb,indent,"are associated to Roles, and Roles have Permissions, this report");
+ detailLine(sb,indent,"accomodates all these linkages.");
+ sb.append('\n');
+ detailLine(sb,indent,"The URL must contain the Permission's type,instance and action, and ");
+ detailLine(sb,indent,"may include \"*\"s (type in as \\\\*).");
+ detailLine(sb,indent,"See Perm Create Documentation for definitions.");
+ indent-=2;
+ api(sb,indent,HttpMethods.GET,"authz/users/perm/<type>/<instance>/<action>",Users.class,true);
+ }
+}
diff --git a/authz-cmd/src/main/java/com/att/cmd/user/ListForRoles.java b/authz-cmd/src/main/java/com/att/cmd/user/ListForRoles.java new file mode 100644 index 00000000..e2a89905 --- /dev/null +++ b/authz-cmd/src/main/java/com/att/cmd/user/ListForRoles.java @@ -0,0 +1,93 @@ +/*******************************************************************************
+ * ============LICENSE_START====================================================
+ * * org.onap.aai
+ * * ===========================================================================
+ * * Copyright © 2017 AT&T Intellectual Property. All rights reserved.
+ * * Copyright © 2017 Amdocs
+ * * ===========================================================================
+ * * Licensed under the Apache License, Version 2.0 (the "License");
+ * * you may not use this file except in compliance with the License.
+ * * You may obtain a copy of the License at
+ * *
+ * * http://www.apache.org/licenses/LICENSE-2.0
+ * *
+ * * Unless required by applicable law or agreed to in writing, software
+ * * distributed under the License is distributed on an "AS IS" BASIS,
+ * * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * * See the License for the specific language governing permissions and
+ * * limitations under the License.
+ * * ============LICENSE_END====================================================
+ * *
+ * * ECOMP is a trademark and service mark of AT&T Intellectual Property.
+ * *
+ ******************************************************************************/
+package com.att.cmd.user;
+
+import java.util.Collections;
+import java.util.Comparator;
+
+import com.att.cadi.CadiException;
+import com.att.cadi.LocatorException;
+import com.att.cadi.client.Future;
+import com.att.cadi.client.Rcli;
+import com.att.cadi.client.Retryable;
+import com.att.cmd.AAFcli;
+import com.att.cmd.Cmd;
+import com.att.cmd.Param;
+import com.att.cssa.rserv.HttpMethods;
+import com.att.inno.env.APIException;
+
+import aaf.v2_0.Users;
+import aaf.v2_0.Users.User;
+
+/**
+ * p
+ *
+ */
+public class ListForRoles extends Cmd {
+ private static final String HEADER = "List Users for Role";
+ public ListForRoles(List parent) {
+ super(parent,"role", new Param("role",true));
+ }
+
+ @Override
+ public int _exec(int _idx, final String ... args) throws CadiException, APIException, LocatorException {
+ int idx = _idx;
+ final String role = args[idx++];
+ return same(new Retryable<Integer>() {
+ @Override
+ public Integer code(Rcli<?> client) throws CadiException, APIException {
+ Future<Users> fp = client.read(
+ "/authz/users/role/"+role,
+ getDF(Users.class)
+ );
+ if(fp.get(AAFcli.timeout())) {
+ if (aafcli.isTest())
+ Collections.sort(fp.value.getUser(), new Comparator<User>() {
+ @Override
+ public int compare(User u1, User u2) {
+ return u1.getId().compareTo(u2.getId());
+ }
+ });
+ ((com.att.cmd.user.List)parent).report(fp.value,false, HEADER,role);
+ if(fp.code()==404)return 200;
+ } else {
+ error(fp);
+ }
+ return fp.code();
+ }
+ });
+ }
+
+ @Override
+ public void detailedHelp(int _indent, StringBuilder sb) {
+ int indent = _indent;
+ detailLine(sb,indent,HEADER);
+ indent+=2;
+ detailLine(sb,indent,"This report lists the users associated to Roles.");
+ detailLine(sb,indent,"role - the Role name");
+ indent-=2;
+ api(sb,indent,HttpMethods.GET,"authz/users/role/<role>",Users.class,true);
+ }
+
+}
diff --git a/authz-cmd/src/main/java/com/att/cmd/user/Role.java b/authz-cmd/src/main/java/com/att/cmd/user/Role.java new file mode 100644 index 00000000..1d660c6c --- /dev/null +++ b/authz-cmd/src/main/java/com/att/cmd/user/Role.java @@ -0,0 +1,158 @@ +/*******************************************************************************
+ * ============LICENSE_START====================================================
+ * * org.onap.aai
+ * * ===========================================================================
+ * * Copyright © 2017 AT&T Intellectual Property. All rights reserved.
+ * * Copyright © 2017 Amdocs
+ * * ===========================================================================
+ * * Licensed under the Apache License, Version 2.0 (the "License");
+ * * you may not use this file except in compliance with the License.
+ * * You may obtain a copy of the License at
+ * *
+ * * http://www.apache.org/licenses/LICENSE-2.0
+ * *
+ * * Unless required by applicable law or agreed to in writing, software
+ * * distributed under the License is distributed on an "AS IS" BASIS,
+ * * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * * See the License for the specific language governing permissions and
+ * * limitations under the License.
+ * * ============LICENSE_END====================================================
+ * *
+ * * ECOMP is a trademark and service mark of AT&T Intellectual Property.
+ * *
+ ******************************************************************************/
+package com.att.cmd.user;
+
+import com.att.cadi.CadiException;
+import com.att.cadi.LocatorException;
+import com.att.cadi.client.Future;
+import com.att.cadi.client.Rcli;
+import com.att.cadi.client.Retryable;
+import com.att.cmd.AAFcli;
+import com.att.cmd.Cmd;
+import com.att.cmd.Param;
+import com.att.cssa.rserv.HttpMethods;
+import com.att.inno.env.APIException;
+
+import aaf.v2_0.UserRoleRequest;
+
+/**
+ * p
+ *
+ *
+ */
+public class Role extends Cmd {
+ private static final String[] options = {"add", "del", "setTo","extend"};
+ public Role(User parent) {
+ super(parent, "role", new Param(optionsToString(options), true), new Param("user", true), new Param(
+ "role[,role]* (!REQ S)", false));
+ }
+
+ @Override
+ public int _exec(final int index, final String ... args) throws CadiException, APIException, LocatorException {
+ return same(new Retryable<Integer>() {
+ @Override
+ public Integer code(Rcli<?> client) throws CadiException, APIException {
+ int idx = index;
+ String key = args[idx++];
+ int option = whichOption(options, key);
+ String user = args[idx++];
+ String realm = getOrgRealm();
+
+ UserRoleRequest urr = new UserRoleRequest();
+ if (user.indexOf('@') < 0 && realm != null) user += '@' + realm;
+ urr.setUser(user);
+ // Set Start/End commands
+ setStartEnd(urr);
+
+ Future<?> fp = null;
+
+ if (option != 2) {
+ if (args.length < 5) {
+ throw new CadiException(build(new StringBuilder("Too few args: "), null).toString());
+ }
+ String[] roles = args[idx++].split(",");
+ for (String role : roles) {
+ String verb = null,participle=null;
+ urr.setRole(role);
+ // You can request to be added or removed from role.
+ setQueryParamsOn(client);
+ switch(option) {
+ case 0:
+ fp = client.create("/authz/userRole", getDF(UserRoleRequest.class), urr);
+ verb = "Added";
+ participle = "] to User [" ;
+ break;
+ case 1:
+ fp = client.delete("/authz/userRole/" + urr.getUser() + '/' + urr.getRole(), Void.class);
+ verb = "Removed";
+ participle = "] from User [" ;
+ break;
+ case 3:
+ fp = client.update("/authz/userRole/extend/" + urr.getUser() + '/' + urr.getRole());
+ verb = "Extended";
+ participle = "] to User [" ;
+ break;
+ default:
+ throw new CadiException("Invalid action [" + key + ']');
+ }
+ if (fp.get(AAFcli.timeout())) {
+ pw().print(verb);
+ pw().print(" Role [");
+ pw().print(urr.getRole());
+ pw().print(participle);
+ pw().print(urr.getUser());
+ pw().println(']');
+ } else {
+ switch(fp.code()) {
+ case 202:
+ pw().print("UserRole ");
+ pw().print(option == 0 ? "Creation" : option==1?"Deletion":"Extension");
+ pw().println(" Accepted, but requires Approvals before actualizing");
+ break;
+ case 404:
+ if(option==3) {
+ pw().println("Failed with code 404: UserRole is not found, or you do not have permission to view");
+ break;
+ }
+ default:
+ error(fp);
+ }
+ }
+ }
+ } else {
+ // option 2 is setTo command (an update call)
+ String allRoles = "";
+ if (idx < args.length)
+ allRoles = args[idx++];
+
+ urr.setRole(allRoles);
+ fp = client.update("/authz/userRole/user", getDF(UserRoleRequest.class), urr);
+ if (fp.get(AAFcli.timeout())) {
+ pw().println("Set User's Roles to [" + allRoles + "]");
+ } else {
+ error(fp);
+ }
+ }
+ return fp == null ? 0 : fp.code();
+ }
+ });
+ }
+
+ @Override
+ public void detailedHelp(int indent, StringBuilder sb) {
+ detailLine(sb, indent, "Add OR Delete a User to/from a Role OR");
+ detailLine(sb, indent, "Set a User's Roles to the roles supplied");
+ detailLine(sb, indent + 2, "user - ID of User");
+ detailLine(sb, indent + 2, "role(s) - Role or Roles to which to add the User");
+ sb.append('\n');
+ detailLine(sb, indent + 2, "Note: this is the same as \"role user add...\" except allows");
+ detailLine(sb, indent + 2, "assignment of user to multiple roles");
+ detailLine(sb, indent + 2, "WARNING: Roles supplied with setTo will be the ONLY roles attached to this user");
+ detailLine(sb, indent + 2, "If no roles are supplied, user's roles are reset.");
+ api(sb, indent, HttpMethods.POST, "authz/userRole", UserRoleRequest.class, true);
+ api(sb, indent, HttpMethods.DELETE, "authz/userRole/<user>/<role>", Void.class, false);
+ api(sb, indent, HttpMethods.PUT, "authz/userRole/<user>", UserRoleRequest.class, false);
+ }
+
+}
diff --git a/authz-cmd/src/main/java/com/att/cmd/user/User.java b/authz-cmd/src/main/java/com/att/cmd/user/User.java new file mode 100644 index 00000000..13f11117 --- /dev/null +++ b/authz-cmd/src/main/java/com/att/cmd/user/User.java @@ -0,0 +1,38 @@ +/*******************************************************************************
+ * ============LICENSE_START====================================================
+ * * org.onap.aai
+ * * ===========================================================================
+ * * Copyright © 2017 AT&T Intellectual Property. All rights reserved.
+ * * Copyright © 2017 Amdocs
+ * * ===========================================================================
+ * * Licensed under the Apache License, Version 2.0 (the "License");
+ * * you may not use this file except in compliance with the License.
+ * * You may obtain a copy of the License at
+ * *
+ * * http://www.apache.org/licenses/LICENSE-2.0
+ * *
+ * * Unless required by applicable law or agreed to in writing, software
+ * * distributed under the License is distributed on an "AS IS" BASIS,
+ * * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * * See the License for the specific language governing permissions and
+ * * limitations under the License.
+ * * ============LICENSE_END====================================================
+ * *
+ * * ECOMP is a trademark and service mark of AT&T Intellectual Property.
+ * *
+ ******************************************************************************/
+package com.att.cmd.user;
+
+import com.att.cmd.AAFcli;
+import com.att.cmd.BaseCmd;
+import com.att.inno.env.APIException;
+
+public class User extends BaseCmd<User> {
+ public User(AAFcli aafcli) throws APIException {
+ super(aafcli,"user");
+ cmds.add(new Role(this));
+ cmds.add(new Cred(this));
+ cmds.add(new Delg(this));
+ cmds.add(new List(this));
+ }
+}
|