From d0d6604a0371457d84eceb56d9fff668e865253f Mon Sep 17 00:00:00 2001 From: "Gathman, Jonathan (jg1555)" Date: Mon, 8 Jul 2019 17:57:32 -0500 Subject: Cred delete fixes Issue-ID: AAF-857 Change-Id: I5e590eec0e18a17bb9f89d7f704c86fca3f377de Signed-off-by: Gathman, Jonathan (jg1555) --- .../aaf/auth/service/AuthzCassServiceImpl.java | 151 +++++++++++++-------- .../aaf/auth/service/facade/AuthzFacadeImpl.java | 4 +- .../onap/aaf/auth/service/mapper/Mapper_2_0.java | 4 +- 3 files changed, 96 insertions(+), 63 deletions(-) (limited to 'auth/auth-service/src') diff --git a/auth/auth-service/src/main/java/org/onap/aaf/auth/service/AuthzCassServiceImpl.java b/auth/auth-service/src/main/java/org/onap/aaf/auth/service/AuthzCassServiceImpl.java index 37ca509a..9a6ef7e3 100644 --- a/auth/auth-service/src/main/java/org/onap/aaf/auth/service/AuthzCassServiceImpl.java +++ b/auth/auth-service/src/main/java/org/onap/aaf/auth/service/AuthzCassServiceImpl.java @@ -70,6 +70,7 @@ import org.onap.aaf.auth.dao.hl.Function; import org.onap.aaf.auth.dao.hl.Function.FUTURE_OP; import org.onap.aaf.auth.dao.hl.Function.Lookup; import org.onap.aaf.auth.dao.hl.Function.OP_STATUS; +import org.onap.aaf.auth.dao.hl.PermLookup; import org.onap.aaf.auth.dao.hl.Question; import org.onap.aaf.auth.dao.hl.Question.Access; import org.onap.aaf.auth.env.AuthzTrans; @@ -1011,8 +1012,8 @@ public class AuthzCassServiceImpl > rlpd = ques.getPermsByUser(trans, user, - trans.requested(force)); + PermLookup pl = PermLookup.get(trans,ques,user); + Result> rlpd = pl.getPerms(trans.requested(force)); if (rlpd.notOK()) { return Result.err(rlpd); } @@ -1100,7 +1101,8 @@ public class AuthzCassServiceImpl > rlpd = ques.getPermsByUser(trans, user,trans.requested(force)); + PermLookup pl = PermLookup.get(trans,ques,user); + Result> rlpd = pl.getPerms(trans.requested(force)); if (rlpd.notOK()) { return Result.err(rlpd); } @@ -2428,16 +2430,22 @@ public class AuthzCassServiceImpl > rlcd = ques.credDAO().readID(trans, cred.value.id); if (rlcd.notOKorIsEmpty()) { - // Empty Creds should have no user_roles. + // Empty Creds should not have user_roles. Result> rlurd = ques.userRoleDAO().readByUser(trans, cred.value.id); - if (rlurd.isOK()) { + if (rlurd.isOKhasData()) { for (UserRoleDAO.Data data : rlurd.value) { ques.userRoleDAO().delete(trans, data, false); } - } + } return Result.err(Status.ERR_UserNotFound, "Credential does not exist"); } boolean isLastCred = rlcd.value.size()==1; - - int entry = 0; - if (!trans.requested(force)) { - if (rlcd.value.size() > 1) { - CredRequest cr = (CredRequest)from; - String inputOption = cr.getEntry(); - if (inputOption == null) { - List list = filterList(rlcd.value,CredDAO.BASIC_AUTH,CredDAO.BASIC_AUTH_SHA256,CredDAO.CERT_SHA256_RSA); - String message = selectCredFromList(list, MayChangeCred.DELETE); - Object[] variables = buildVariables(list); - return Result.err(Status.ERR_ChoiceNeeded, message, variables); - } else { - try { - if (inputOption.length()>5) { // should be a date - Date d = Chrono.xmlDatatypeFactory.newXMLGregorianCalendar(inputOption).toGregorianCalendar().getTime(); - entry = 0; - for (CredDAO.Data cd : rlcd.value) { - if (cd.type.equals(cr.getType()) && cd.expires.equals(d)) { - break; - } - ++entry; - } - } else { - entry = Integer.parseInt(inputOption) - 1; - } - } catch (NullPointerException e) { - return Result.err(Status.ERR_BadData, "Invalid Date Format for Entry"); - } catch (NumberFormatException e) { - return Result.err(Status.ERR_BadData, "User chose invalid credential selection"); - } - } - isLastCred = (entry==-1)?true:false; - } else { - isLastCred = true; - } - if (entry < -1 || entry >= rlcd.value.size()) { - return Result.err(Status.ERR_BadData, "User chose invalid credential selection"); - } + int entry = -1; + int fentry = entry; + if(cred.value.type==CredDAO.FQI) { + entry = -1; + for(CredDAO.Data cdd : rlcd.value) { + ++fentry; + if(cdd.type == CredDAO.FQI) { + entry = fentry; + break; + } + } + } else { + if (!doForce) { + if (rlcd.value.size() > 1) { + CredRequest cr = (CredRequest)from; + String inputOption = cr.getEntry(); + if (inputOption == null) { + List list = filterList(rlcd.value,CredDAO.BASIC_AUTH,CredDAO.BASIC_AUTH_SHA256,CredDAO.CERT_SHA256_RSA); + String message = selectCredFromList(list, MayChangeCred.DELETE); + Object[] variables = buildVariables(list); + return Result.err(Status.ERR_ChoiceNeeded, message, variables); + } else { + try { + if (inputOption.length()>5) { // should be a date + Date d = Chrono.xmlDatatypeFactory.newXMLGregorianCalendar(inputOption).toGregorianCalendar().getTime(); + for (CredDAO.Data cd : rlcd.value) { + ++fentry; + if (cd.type.equals(cr.getType()) && cd.expires.equals(d)) { + entry = fentry; + break; + } + } + } else { + entry = Integer.parseInt(inputOption) - 1; + int count = 0; + for (CredDAO.Data cd : rlcd.value) { + if(cd.type!=CredDAO.BASIC_AUTH && cd.type!=CredDAO.BASIC_AUTH_SHA256 && cd.type!=CredDAO.CERT_SHA256_RSA) { + ++entry; + } + if(++count>entry) { + break; + } + } + } + } catch (NullPointerException e) { + return Result.err(Status.ERR_BadData, "Invalid Date Format for Entry"); + } catch (NumberFormatException e) { + return Result.err(Status.ERR_BadData, "User chose invalid credential selection"); + } + } + isLastCred = (entry==-1)?true:false; + } else { + isLastCred = true; + } + if (entry < -1 || entry >= rlcd.value.size()) { + return Result.err(Status.ERR_BadData, "User chose invalid credential selection"); + } + } } Result fd = mapper.future(trans,CredDAO.TABLE,from,cred.value,false, @@ -2943,7 +2972,11 @@ public class AuthzCassServiceImpl udr = null; if (!trans.requested(force)) { if (entry<0 || entry >= rlcd.value.size()) { - return Result.err(Status.ERR_BadData,"Invalid Choice [" + entry + "] chosen for Delete [%s] is saved for future processing",cred.value.id); + if(cred.value.type==CredDAO.FQI) { + return Result.err(Status.ERR_BadData,"FQI does not exist"); + } else { + return Result.err(Status.ERR_BadData,"Invalid Choice [" + entry + "] chosen for Delete [%s] is saved for future processing",cred.value.id); + } } udr = ques.credDAO().delete(trans, rlcd.value.get(entry),false); } else { @@ -3015,12 +3048,12 @@ public class AuthzCassServiceImpl cred1.type==cred2.type?cred2.expires.compareTo(cred1.expires): cred1.type dlist = new ArrayList(); + dlist.add(null); String os; for(Object s : result.variables) { if(s!=null && (os=s.toString()).length()>0) { @@ -288,6 +289,7 @@ public abstract class AuthzFacadeImpl0) { return Result.err(Status.ERR_BadData,ok); } - } else { - to.type=0; } if (passwd != null) { to.cred = ByteBuffer.wrap(passwd.getBytes()); to.type = CredDAO.RAW; } else { - to.type = CredDAO.FQI; + to.type = CredDAO.NONE; } } -- cgit 1.2.3-korg