From 2c3cb70208785cf0272eae075206074318ca74cc Mon Sep 17 00:00:00 2001 From: Instrumental Date: Thu, 20 Jun 2019 07:22:59 -0500 Subject: Fixes/Refinements from Testing Issue-ID: AAF-857 Change-Id: I2c5a542982b77011ad4ed5c41e08e045c83e2e3f Signed-off-by: Instrumental --- .../src/main/java/org/onap/aaf/auth/dao/cass/PermDAO.java | 9 +++++++-- .../src/main/java/org/onap/aaf/auth/dao/hl/Function.java | 4 ++-- .../src/main/java/org/onap/aaf/auth/dao/hl/Question.java | 2 +- .../main/java/org/onap/aaf/auth/direct/DirectAAFUserPass.java | 2 +- 4 files changed, 11 insertions(+), 6 deletions(-) (limited to 'auth/auth-cass/src/main') diff --git a/auth/auth-cass/src/main/java/org/onap/aaf/auth/dao/cass/PermDAO.java b/auth/auth-cass/src/main/java/org/onap/aaf/auth/dao/cass/PermDAO.java index 3b77a577..0033f8a1 100644 --- a/auth/auth-cass/src/main/java/org/onap/aaf/auth/dao/cass/PermDAO.java +++ b/auth/auth-cass/src/main/java/org/onap/aaf/auth/dao/cass/PermDAO.java @@ -105,8 +105,13 @@ public class PermDAO extends CassDAOImpl { } public String fullPerm() { - StringBuilder sb = new StringBuilder(ns); - sb.append(ns.indexOf('@')<0?'.':':'); + StringBuilder sb = new StringBuilder(); + if(ns==null) { + sb.append("null."); + } else { + sb.append(ns); + sb.append(ns.indexOf('@')<0?'.':':'); + } sb.append(type); sb.append('|'); sb.append(instance); diff --git a/auth/auth-cass/src/main/java/org/onap/aaf/auth/dao/hl/Function.java b/auth/auth-cass/src/main/java/org/onap/aaf/auth/dao/hl/Function.java index 690ffa08..3fde5123 100644 --- a/auth/auth-cass/src/main/java/org/onap/aaf/auth/dao/hl/Function.java +++ b/auth/auth-cass/src/main/java/org/onap/aaf/auth/dao/hl/Function.java @@ -1055,8 +1055,8 @@ public class Function { } else if (!fullperm.roles.isEmpty()) { return Result .err(Status.ERR_DependencyExists, - "Permission [%s.%s|%s|%s] cannot be deleted as it is attached to 1 or more roles.", - fullperm.ns, fullperm.type, fullperm.instance, fullperm.action); + "Permission [%s] cannot be deleted as it is attached to 1 or more roles.", + fullperm.fullPerm()); } } diff --git a/auth/auth-cass/src/main/java/org/onap/aaf/auth/dao/hl/Question.java b/auth/auth-cass/src/main/java/org/onap/aaf/auth/dao/hl/Question.java index 7160edec..d40c2ea0 100644 --- a/auth/auth-cass/src/main/java/org/onap/aaf/auth/dao/hl/Question.java +++ b/auth/auth-cass/src/main/java/org/onap/aaf/auth/dao/hl/Question.java @@ -616,7 +616,7 @@ public class Question { public Result mayUser(AuthzTrans trans, String user,PermDAO.Data pdd, Access access) { if(pdd.ns.indexOf('@')>-1) { - if(user.equals(pdd.ns)) { + if(user.equals(pdd.ns) || isGranted(trans,user,Define.ROOT_NS(),"access",pdd.instance,READ)) { NsDAO.Data ndd = new NsDAO.Data(); ndd.name = user; ndd.type = NsDAO.USER; diff --git a/auth/auth-cass/src/main/java/org/onap/aaf/auth/direct/DirectAAFUserPass.java b/auth/auth-cass/src/main/java/org/onap/aaf/auth/direct/DirectAAFUserPass.java index 62e1592f..3c7d873e 100644 --- a/auth/auth-cass/src/main/java/org/onap/aaf/auth/direct/DirectAAFUserPass.java +++ b/auth/auth-cass/src/main/java/org/onap/aaf/auth/direct/DirectAAFUserPass.java @@ -65,7 +65,7 @@ public class DirectAAFUserPass implements CredVal { } else { trans = env.newTransNoAvg(); if (state instanceof HttpServletRequest) { - trans.set((HttpServletRequest)state); + trans.set((HttpServletRequest)state,null); transfer=true; } } -- cgit 1.2.3-korg