From 62c4eb45e157d502463d797c1353802ca8e1e307 Mon Sep 17 00:00:00 2001
From: sg481n <sg481n@att.com>
Date: Fri, 25 Aug 2017 01:57:24 -0400
Subject: Update project structure for aaf/cadi

Update project structure from com.att to org.onap
and add distribution management and staging plugin.

Issue-id: AAF-22
Change-Id: Idf2b591139e38921ad28782a51486714a05dee92
Signed-off-by: sg481n <sg481n@att.com>
---
 .../java/org/onap/aaf/example/ExamplePerm2_0.java  | 113 +++++++++++++++++++++
 1 file changed, 113 insertions(+)
 create mode 100644 aaf/src/test/java/org/onap/aaf/example/ExamplePerm2_0.java

(limited to 'aaf/src/test/java/org/onap/aaf/example/ExamplePerm2_0.java')

diff --git a/aaf/src/test/java/org/onap/aaf/example/ExamplePerm2_0.java b/aaf/src/test/java/org/onap/aaf/example/ExamplePerm2_0.java
new file mode 100644
index 0000000..f83b15b
--- /dev/null
+++ b/aaf/src/test/java/org/onap/aaf/example/ExamplePerm2_0.java
@@ -0,0 +1,113 @@
+/*******************************************************************************
+ * ============LICENSE_START====================================================
+ * * org.onap.aaf
+ * * ===========================================================================
+ * * Copyright © 2017 AT&T Intellectual Property. All rights reserved.
+ * * ===========================================================================
+ * * Licensed under the Apache License, Version 2.0 (the "License");
+ * * you may not use this file except in compliance with the License.
+ * * You may obtain a copy of the License at
+ * * 
+ *  *      http://www.apache.org/licenses/LICENSE-2.0
+ * * 
+ *  * Unless required by applicable law or agreed to in writing, software
+ * * distributed under the License is distributed on an "AS IS" BASIS,
+ * * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * * See the License for the specific language governing permissions and
+ * * limitations under the License.
+ * * ============LICENSE_END====================================================
+ * *
+ * * ECOMP is a trademark and service mark of AT&T Intellectual Property.
+ * *
+ ******************************************************************************/
+package org.onap.aaf.example;
+
+import java.security.Principal;
+import java.util.ArrayList;
+import java.util.List;
+
+import org.onap.aaf.cadi.Permission;
+import org.onap.aaf.cadi.PropAccess;
+import org.onap.aaf.cadi.aaf.AAFPermission;
+import org.onap.aaf.cadi.aaf.v2_0.AAFAuthn;
+import org.onap.aaf.cadi.aaf.v2_0.AAFCon;
+import org.onap.aaf.cadi.aaf.v2_0.AAFConDME2;
+import org.onap.aaf.cadi.aaf.v2_0.AAFLurPerm;
+
+public class ExamplePerm2_0 {
+	public static void main(String args[]) {
+
+		// Link or reuse to your Logging mechanism
+		PropAccess myAccess = new PropAccess();  
+		
+		// 
+		try {
+			AAFCon<?> acon = new AAFConDME2(myAccess);
+			
+			// AAFLur has pool of DME clients as needed, and Caches Client lookups
+			AAFLurPerm aafLur = acon.newLur();
+			
+			// Note: If you need both Authn and Authz construct the following:
+			AAFAuthn<?> aafAuthn = acon.newAuthn(aafLur);
+
+			// Do not set Mech ID until after you construct AAFAuthn,
+			// because we initiate  "401" info to determine the Realm of 
+			// of the service we're after.
+			acon.basicAuth("mc0897@aaf.att.com", "XXXXXX");
+
+			try {
+				
+				// Normally, you obtain Principal from Authentication System.
+				// For J2EE, you can ask the HttpServletRequest for getUserPrincipal()
+				// If you use CADI as Authenticator, it will get you these Principals from
+				// CSP or BasicAuth mechanisms.
+				String id = "mc0897@aaf.att.com"; //"cluster_admin@gridcore.att.com";
+
+				// If Validate succeeds, you will get a Null, otherwise, you will a String for the reason.
+				String ok = aafAuthn.validate(id, "XXXXXX");
+				if(ok!=null)System.out.println(ok);
+				
+				ok = aafAuthn.validate(id, "wrongPass");
+				if(ok!=null)System.out.println(ok);
+
+
+				// AAF Style permissions are in the form
+				// Type, Instance, Action 
+				AAFPermission perm = new AAFPermission("com.att.grid.core.coh",":dev_cluster", "WRITE");
+				
+				// Now you can ask the LUR (Local Representative of the User Repository about Authorization
+				// With CADI, in J2EE, you can call isUserInRole("com.att.mygroup|mytype|write") on the Request Object 
+				// instead of creating your own LUR
+				System.out.println("Does " + id + " have " + perm);
+				if(aafLur.fish(id, perm)) {
+					System.out.println("Yes, you have permission");
+				} else {
+					System.out.println("No, you don't have permission");
+				}
+
+				System.out.println("Does Bogus have " + perm);
+				if(aafLur.fish("Bogus", perm)) {
+					System.out.println("Yes, you have permission");
+				} else {
+					System.out.println("No, you don't have permission");
+				}
+
+				// Or you can all for all the Permissions available
+				List<Permission> perms = new ArrayList<Permission>();
+				
+				aafLur.fishAll(id,perms);
+				for(Permission prm : perms) {
+					System.out.println(prm.getKey());
+				}
+				
+				// It might be helpful in some cases to clear the User's identity from the Cache
+				aafLur.remove(id);
+			} finally {
+				aafLur.destroy();
+			}
+		} catch (Exception e) {
+			e.printStackTrace();
+		}
+
+	}
+}
-- 
cgit 1.2.3-korg