summaryrefslogtreecommitdiffstats
path: root/aai-core/src
diff options
context:
space:
mode:
Diffstat (limited to 'aai-core/src')
-rw-r--r--aai-core/src/main/java/org/onap/aai/introspection/sideeffect/OwnerCheck.java37
-rw-r--r--aai-core/src/main/java/org/onap/aai/serialization/db/DBSerializer.java22
-rw-r--r--aai-core/src/test/java/org/onap/aai/introspection/sideeffect/OwnerCheckTest.java81
-rw-r--r--aai-core/src/test/resources/onap/oxm/v14/aai_oxm_v14.xml5
4 files changed, 97 insertions, 48 deletions
diff --git a/aai-core/src/main/java/org/onap/aai/introspection/sideeffect/OwnerCheck.java b/aai-core/src/main/java/org/onap/aai/introspection/sideeffect/OwnerCheck.java
index 4ece3771..c383f0c5 100644
--- a/aai-core/src/main/java/org/onap/aai/introspection/sideeffect/OwnerCheck.java
+++ b/aai-core/src/main/java/org/onap/aai/introspection/sideeffect/OwnerCheck.java
@@ -20,24 +20,23 @@
package org.onap.aai.introspection.sideeffect;
-import java.io.UnsupportedEncodingException;
-import java.net.URISyntaxException;
-
-import java.util.List;
-import java.util.Map.Entry;
-import java.util.Optional;
+import org.apache.commons.lang3.ObjectUtils;
import org.apache.tinkerpop.gremlin.structure.Vertex;
-import org.apache.tinkerpop.gremlin.structure.VertexProperty;
-import org.onap.aai.edges.exceptions.AmbiguousRuleChoiceException;
-import org.onap.aai.edges.exceptions.EdgeRuleNotFoundException;
import org.onap.aai.exceptions.AAIException;
import org.onap.aai.introspection.Introspector;
import org.onap.aai.schema.enums.PropertyMetadata;
import org.onap.aai.serialization.db.DBSerializer;
import org.onap.aai.serialization.engines.TransactionalGraphEngine;
+import org.springframework.util.CollectionUtils;
+
+import java.util.Map.Entry;
+import java.util.Optional;
public class OwnerCheck extends SideEffect {
+ public static final String READ_ONLY_SUFFIX = "_readOnly";
+ private static final String DATA_OWNER = "data-owner";
+
public OwnerCheck(Introspector obj, Vertex self, TransactionalGraphEngine dbEngine, DBSerializer serializer) {
super(obj, self, dbEngine, serializer);
}
@@ -55,21 +54,15 @@ public class OwnerCheck extends SideEffect {
}
public static boolean isAuthorized(java.util.Set<String> groups, Vertex vertex) {
- if (groups != null && !groups.isEmpty()) {
- List<Vertex> owningEntity = vertex.graph().traversal()
- .V(vertex)
- .bothE("org.onap.relationships.inventory.BelongsTo")
- .otherV()
- .has("aai-node-type", "owning-entity")
- .toList();
-
- if(!owningEntity.isEmpty()) {
- VertexProperty owningEntityName = owningEntity.get(0).property("owning-entity-name");
-
- return groups.contains(owningEntityName.orElseGet(null));
+ if (!CollectionUtils.isEmpty(groups)) {
+ Object dataOwnerProperty = vertex.property(DATA_OWNER).orElse(null);
+ if (ObjectUtils.isNotEmpty(dataOwnerProperty)) {
+ String dataOwner = dataOwnerProperty.toString();
+ String dataOwnerWithReadAccess = dataOwner + READ_ONLY_SUFFIX;
+ return groups.stream()
+ .anyMatch(group -> group.equals(dataOwner) || group.equals(dataOwnerWithReadAccess));
}
}
-
return true;
}
diff --git a/aai-core/src/main/java/org/onap/aai/serialization/db/DBSerializer.java b/aai-core/src/main/java/org/onap/aai/serialization/db/DBSerializer.java
index 14621e83..7ab49a13 100644
--- a/aai-core/src/main/java/org/onap/aai/serialization/db/DBSerializer.java
+++ b/aai-core/src/main/java/org/onap/aai/serialization/db/DBSerializer.java
@@ -115,6 +115,7 @@ public class DBSerializer {
private Map<String, Pair<Introspector, LinkedHashMap<String, Introspector>>> impliedDeleteUriObjectPair = new LinkedHashMap<>();
private int notificationDepth;
private boolean isDeltaEventsEnabled;
+ private boolean isMultiTenancyEnabled;
/**
* Instantiates a new DB serializer.
@@ -271,6 +272,7 @@ public class DBSerializer {
EdgeSerializer es = ctx.getBean(EdgeSerializer.class);
setEdgeSerializer(es);
isDeltaEventsEnabled = Boolean.parseBoolean(SpringContextAware.getApplicationContext().getEnvironment().getProperty("delta.events.enabled", FALSE));
+ isMultiTenancyEnabled = Boolean.parseBoolean(SpringContextAware.getApplicationContext().getEnvironment().getProperty("multi.tenancy.enabled", FALSE));
}
public void setEdgeSerializer(EdgeSerializer edgeSer) {
@@ -2270,10 +2272,12 @@ public class DBSerializer {
private void executePreSideEffects(Introspector obj, Vertex self) throws AAIException {
- SideEffectRunner runner = new SideEffectRunner.Builder(this.engine, this).addSideEffect(DataCopy.class)
- .addSideEffect(PrivateEdge.class).addSideEffect(OwnerCheck.class).build();
-
- runner.execute(obj, self);
+ SideEffectRunner.Builder runnerBuilder =
+ new SideEffectRunner.Builder(this.engine, this).addSideEffect(DataCopy.class).addSideEffect(PrivateEdge.class);
+ if (isMultiTenancyEnabled) {
+ runnerBuilder.addSideEffect(OwnerCheck.class);
+ }
+ runnerBuilder.build().execute(obj, self);
}
private void executePostSideEffects(Introspector obj, Vertex self) throws AAIException {
@@ -2286,11 +2290,13 @@ public class DBSerializer {
private void enrichData(Introspector obj, Vertex self) throws AAIException {
- SideEffectRunner runner =
- new SideEffectRunner.Builder(this.engine, this).addSideEffect(DataLinkReader.class)
- .addSideEffect(OwnerCheck.class).build();
+ SideEffectRunner.Builder runnerBuilder =
+ new SideEffectRunner.Builder(this.engine, this).addSideEffect(DataLinkReader.class);
- runner.execute(obj, self);
+ if (isMultiTenancyEnabled) {
+ runnerBuilder.addSideEffect(OwnerCheck.class);
+ }
+ runnerBuilder.build().execute(obj, self);
}
public double getDBTimeMsecs() {
diff --git a/aai-core/src/test/java/org/onap/aai/introspection/sideeffect/OwnerCheckTest.java b/aai-core/src/test/java/org/onap/aai/introspection/sideeffect/OwnerCheckTest.java
index 0e33f6c7..9f101965 100644
--- a/aai-core/src/test/java/org/onap/aai/introspection/sideeffect/OwnerCheckTest.java
+++ b/aai-core/src/test/java/org/onap/aai/introspection/sideeffect/OwnerCheckTest.java
@@ -86,16 +86,10 @@ public class OwnerCheckTest extends AAISetup {
.addV("pnf")
.property("aai-node-type", "pnf")
.property("pnf-name", "my-pnf")
+ .property("data-owner", "Operator")
.property(AAIProperties.AAI_URI, "/network/pnfs/pnf/my-pnf")
.property("model-invariant-id", "key1")
.as("v1")
- .addV("owning-entity")
- .property("aai-node-type", "owning-entity")
- .property("owning-entity-name", "OE-Generic")
- .property("owning-entity-id", "367c897c-8cec-47ba-b7f5-4b6139f06691")
- .property(AAIProperties.AAI_URI,"/network/pnfs/pnf/my-pnf/business/owning-entities/owning-entity/367c897c-8cec-47ba-b7f5-4b6139f06691")
- .as("oe")
- .addE("org.onap.relationships.inventory.BelongsTo").to("v1").from("oe")
.property(EdgeProperty.CONTAINS.toString(), true)
.addV("model-ver")
.property("aai-node-type", "model-ver")
@@ -137,14 +131,13 @@ public class OwnerCheckTest extends AAISetup {
}
@Test
- public void shouldFailComparisonWithDiffOwningEntity() throws Exception {
+ public void shouldFailIfGroupsNotContainsDataOwner() throws Exception {
final Loader loader = loaderFactory.createLoaderForVersion(ModelType.MOXY, schemaVersions.getDefaultVersion());
final Introspector obj = loader.introspectorFromName("pnf");
obj.setValue("pnf-name", "my-pnf");
obj.setValue("model-invariant-id", "key1");
obj.setValue("model-version-id", "key2");
- //obj.setValue("owning-entity-id", "367c897c-8cec-47ba-b7f5-4b6139f06691");
TransactionalGraphEngine spy = spy(dbEngine);
TransactionalGraphEngine.Admin adminSpy = spy(dbEngine.asAdmin());
Graph g = graph.newTransaction();
@@ -152,30 +145,29 @@ public class OwnerCheckTest extends AAISetup {
when(spy.asAdmin()).thenReturn(adminSpy);
when(adminSpy.getTraversalSource()).thenReturn(traversal);
DBSerializer serializer =
- new DBSerializer(schemaVersions.getDefaultVersion(),
- spy, introspectorFactoryType,
- "AAI_TEST", new HashSet<>(Arrays.asList("OE-GenericI", "OE-GenericII")));
+ new DBSerializer(schemaVersions.getDefaultVersion(),
+ spy, introspectorFactoryType,
+ "AAI_TEST", new HashSet<>(Arrays.asList("OperatorI", "OperatorII")));
Vertex selfV = g.traversal().V().has("aai-node-type", "pnf").next();
OwnerCheck ownerCheck = new OwnerCheck(obj, selfV, spy, serializer);
thrown.expect(AAIException.class);
- thrown.expectMessage("Group(s) :[OE-GenericI, OE-GenericII] not authorized to perform function");
+ thrown.expectMessage("Group(s) :[OperatorII, OperatorI] not authorized to perform function");
ownerCheck.execute();
g.tx().rollback();
}
@Test
- public void shouldPassIfOwningEntityEqual() throws Exception {
+ public void shouldPassIfGroupsContainsDataOwner() throws Exception {
final Loader loader = loaderFactory.createLoaderForVersion(ModelType.MOXY, schemaVersions.getDefaultVersion());
final Introspector obj = loader.introspectorFromName("pnf");
obj.setValue("pnf-name", "my-pnf");
obj.setValue("model-invariant-id", "key1");
obj.setValue("model-version-id", "key2");
- //obj.setValue("owning-entity-id", "367c897c-8cec-47ba-b7f5-4b6139f06691");
TransactionalGraphEngine spy = spy(dbEngine);
TransactionalGraphEngine.Admin adminSpy = spy(dbEngine.asAdmin());
Graph g = graph.newTransaction();
@@ -189,25 +181,78 @@ public class OwnerCheckTest extends AAISetup {
DBSerializer serializer =
new DBSerializer(schemaVersions.getDefaultVersion(),
spy, introspectorFactoryType,
- "AAI_TEST", new HashSet<>(Arrays.asList("OE-Generic", "OE-GenericII")));
+ "AAI_TEST", new HashSet<>(Arrays.asList("OperatorIII", "Operator")));
+
+ OwnerCheck ownerCheck = new OwnerCheck(obj, selfV, spy, serializer);
+
+ ownerCheck.execute();
+ g.tx().rollback();
+ }
+
+ @Test
+ public void shouldPassIfGroupsIsEmpty() throws Exception {
+
+ final Loader loader = loaderFactory.createLoaderForVersion(ModelType.MOXY, schemaVersions.getDefaultVersion());
+ final Introspector obj = loader.introspectorFromName("pnf");
+ obj.setValue("pnf-name", "my-pnf");
+ obj.setValue("model-invariant-id", "key1");
+ obj.setValue("model-version-id", "key2");
+ TransactionalGraphEngine spy = spy(dbEngine);
+ TransactionalGraphEngine.Admin adminSpy = spy(dbEngine.asAdmin());
+ Graph g = graph.newTransaction();
+ GraphTraversalSource traversal = g.traversal();
+ when(spy.asAdmin()).thenReturn(adminSpy);
+ when(adminSpy.getTraversalSource()).thenReturn(traversal);
+ DBSerializer serializer =
+ new DBSerializer(schemaVersions.getDefaultVersion(),
+ spy, introspectorFactoryType,
+ "AAI_TEST");
+
+ Vertex selfV = g.traversal().V().has("aai-node-type", "pnf").next();
OwnerCheck ownerCheck = new OwnerCheck(obj, selfV, spy, serializer);
ownerCheck.execute();
+ g.tx().rollback();
+ }
+
+ @Test
+ public void shouldPassIfDataOwnerIsNull() throws Exception {
+
+ final Loader loader = loaderFactory.createLoaderForVersion(ModelType.MOXY, schemaVersions.getDefaultVersion());
+ final Introspector obj = loader.introspectorFromName("pnf");
+ obj.setValue("pnf-name", "my-pnf");
+ obj.setValue("model-invariant-id", "key1");
+ obj.setValue("model-version-id", "key2");
+ obj.setValue("data-owner", null);
+ TransactionalGraphEngine spy = spy(dbEngine);
+ TransactionalGraphEngine.Admin adminSpy = spy(dbEngine.asAdmin());
+ Graph g = graph.newTransaction();
+ GraphTraversalSource traversal = g.traversal();
+ when(spy.asAdmin()).thenReturn(adminSpy);
+ when(adminSpy.getTraversalSource()).thenReturn(traversal);
+ DBSerializer serializer =
+ new DBSerializer(schemaVersions.getDefaultVersion(),
+ spy, introspectorFactoryType,
+ "AAI_TEST");
+
+ Vertex selfV = g.traversal().V().has("aai-node-type", "pnf").next();
+ OwnerCheck ownerCheck = new OwnerCheck(obj, selfV, spy, serializer);
+ ownerCheck.execute();
g.tx().rollback();
}
@Test
- public void shouldPassIfUserOwningEntityEmptyl() throws Exception {
+ public void shouldPassIfDataOwnerIsEmpty() throws Exception {
final Loader loader = loaderFactory.createLoaderForVersion(ModelType.MOXY, schemaVersions.getDefaultVersion());
final Introspector obj = loader.introspectorFromName("pnf");
obj.setValue("pnf-name", "my-pnf");
obj.setValue("model-invariant-id", "key1");
obj.setValue("model-version-id", "key2");
- //obj.setValue("owning-entity-id", "367c897c-8cec-47ba-b7f5-4b6139f06691");
+ obj.setValue("data-owner", "");
TransactionalGraphEngine spy = spy(dbEngine);
TransactionalGraphEngine.Admin adminSpy = spy(dbEngine.asAdmin());
Graph g = graph.newTransaction();
diff --git a/aai-core/src/test/resources/onap/oxm/v14/aai_oxm_v14.xml b/aai-core/src/test/resources/onap/oxm/v14/aai_oxm_v14.xml
index b08e4fb1..99596cde 100644
--- a/aai-core/src/test/resources/onap/oxm/v14/aai_oxm_v14.xml
+++ b/aai-core/src/test/resources/onap/oxm/v14/aai_oxm_v14.xml
@@ -5131,6 +5131,11 @@
<xml-property name="ownerCheck" value="N/A"/>
</xml-properties>
</xml-element>
+ <xml-element java-attribute="dataOwner" name="data-owner" type="java.lang.String">
+ <xml-properties>
+ <xml-property name="description" value="Resource owner"/>
+ </xml-properties>
+ </xml-element>
<xml-element java-attribute="pnfName2" name="pnf-name2" type="java.lang.String">
<xml-properties>
<xml-property name="description" value="name of Physical Network Function."/>