From 58c2a7132f861e269ed707eb585657b0c9ead9f5 Mon Sep 17 00:00:00 2001 From: "Gathman, Jonathan (jg1555)" Date: Wed, 17 Jul 2019 16:07:20 -0500 Subject: Change API Version to 2.1.15 Issue-ID: AAF-902 Change-Id: I25ea4791fcbe45612197d7206b4af1ae23b6c489 Signed-off-by: Gathman, Jonathan (jg1555) --- .../java/org/onap/aaf/auth/dao/hl/Function.java | 9 +--- .../java/org/onap/aaf/auth/dao/hl/Question.java | 53 ++++++++++++++++------ .../org/onap/aaf/auth/direct/DirectAAFLocator.java | 2 +- 3 files changed, 41 insertions(+), 23 deletions(-) (limited to 'auth/auth-cass/src/main/java') diff --git a/auth/auth-cass/src/main/java/org/onap/aaf/auth/dao/hl/Function.java b/auth/auth-cass/src/main/java/org/onap/aaf/auth/dao/hl/Function.java index c59312c0..4ec70d4a 100644 --- a/auth/auth-cass/src/main/java/org/onap/aaf/auth/dao/hl/Function.java +++ b/auth/auth-cass/src/main/java/org/onap/aaf/auth/dao/hl/Function.java @@ -628,12 +628,7 @@ public class Function { return Result.err(Status.ERR_DependencyExists, sb.toString()); } - if (move && parent == null) { - return Result - .err(Status.ERR_DependencyExists, - "Cannot move users, roles or permissions - parent is missing.\nDelete dependencies and try again"); - } - else if (move && parent.type == NsType.COMPANY.type) { + if (move && (parent == null || parent.type == NsType.COMPANY.type)) { return Result .err(Status.ERR_DependencyExists, "Cannot move users, roles or permissions to [%s].\nDelete dependencies and try again", @@ -1040,7 +1035,7 @@ public class Function { // Attached to any Roles? if (fullperm.roles != null) { - if (force) { + if (force || fullperm.roles.contains(user+":user")) { for (String role : fullperm.roles) { Result rv = null; Result rrdd = RoleDAO.Data.decode(trans, q, role); diff --git a/auth/auth-cass/src/main/java/org/onap/aaf/auth/dao/hl/Question.java b/auth/auth-cass/src/main/java/org/onap/aaf/auth/dao/hl/Question.java index 22b14cb4..3b61da31 100644 --- a/auth/auth-cass/src/main/java/org/onap/aaf/auth/dao/hl/Question.java +++ b/auth/auth-cass/src/main/java/org/onap/aaf/auth/dao/hl/Question.java @@ -246,15 +246,29 @@ public class Question { approvalDAO.close(trans); } - public Result permFrom(AuthzTrans trans, String type, - String instance, String action) { - Result rnd = deriveNs(trans, type); - if (rnd.isOK()) { - return Result.ok(new PermDAO.Data(new NsSplit(rnd.value, type), - instance, action)); - } else { - return Result.err(rnd); - } + public Result permFrom(AuthzTrans trans, String type, String instance, String action) { + if(type.indexOf('@') >= 0) { + int colon = type.indexOf(':'); + if(colon>=0) { + PermDAO.Data pdd = new PermDAO.Data(); + pdd.ns = type.substring(0, colon); + pdd.type = type.substring(colon+1); + pdd.instance = instance; + pdd.action = action; + + return Result.ok(pdd); + } else { + return Result.err(Result.ERR_BadData,"Could not extract ns and type from " + type); + } + } else { + Result rnd = deriveNs(trans, type); + if (rnd.isOK()) { + return Result.ok(new PermDAO.Data(new NsSplit(rnd.value, type), + instance, action)); + } else { + return Result.err(rnd); + } + } } /** @@ -317,12 +331,21 @@ public class Question { return Result.ok(rlpUser); } - public Result> getPermsByType(AuthzTrans trans, String perm) { - Result nss = deriveNsSplit(trans, perm); - if (nss.notOK()) { - return Result.err(nss); - } - return permDAO.readByType(trans, nss.value.ns, nss.value.name); + public Result> getPermsByType(AuthzTrans trans, String type) { + if(type.indexOf('@') >= 0) { + int colon = type.indexOf(':'); + if(colon>=0) { + return permDAO.readByType(trans, type.substring(0, colon),type.substring(colon+1)); + } else { + return Result.err(Result.ERR_BadData, "%s is malformed",type); + } + } else { + Result nss = deriveNsSplit(trans, type); + if (nss.notOK()) { + return Result.err(nss); + } + return permDAO.readByType(trans, nss.value.ns, nss.value.name); + } } public Result> getPermsByName(AuthzTrans trans, String type, String instance, String action) { diff --git a/auth/auth-cass/src/main/java/org/onap/aaf/auth/direct/DirectAAFLocator.java b/auth/auth-cass/src/main/java/org/onap/aaf/auth/direct/DirectAAFLocator.java index 2f1d150c..27d5df74 100644 --- a/auth/auth-cass/src/main/java/org/onap/aaf/auth/direct/DirectAAFLocator.java +++ b/auth/auth-cass/src/main/java/org/onap/aaf/auth/direct/DirectAAFLocator.java @@ -77,7 +77,7 @@ public class DirectAAFLocator extends AbsAAFLocator { if(name.indexOf('.')>=0) { aaf_url = "https://"+Config.AAF_LOCATE_URL_TAG+'/'+name+':'+version; } else { - aaf_url = "https://"+Config.AAF_LOCATE_URL_TAG+"/%NS."+name+':'+version; + aaf_url = "https://"+Config.AAF_LOCATE_URL_TAG+"/%CNS.%NS."+name+':'+version; } RegistrationPropHolder rph = new RegistrationPropHolder(access,0); aaf_url = rph.replacements(getClass().getSimpleName(),aaf_url, null,null); -- cgit 1.2.3-korg