diff options
Diffstat (limited to 'aai-core/src')
4 files changed, 97 insertions, 48 deletions
diff --git a/aai-core/src/main/java/org/onap/aai/introspection/sideeffect/OwnerCheck.java b/aai-core/src/main/java/org/onap/aai/introspection/sideeffect/OwnerCheck.java index 4ece3771..c383f0c5 100644 --- a/aai-core/src/main/java/org/onap/aai/introspection/sideeffect/OwnerCheck.java +++ b/aai-core/src/main/java/org/onap/aai/introspection/sideeffect/OwnerCheck.java @@ -20,24 +20,23 @@ package org.onap.aai.introspection.sideeffect; -import java.io.UnsupportedEncodingException; -import java.net.URISyntaxException; - -import java.util.List; -import java.util.Map.Entry; -import java.util.Optional; +import org.apache.commons.lang3.ObjectUtils; import org.apache.tinkerpop.gremlin.structure.Vertex; -import org.apache.tinkerpop.gremlin.structure.VertexProperty; -import org.onap.aai.edges.exceptions.AmbiguousRuleChoiceException; -import org.onap.aai.edges.exceptions.EdgeRuleNotFoundException; import org.onap.aai.exceptions.AAIException; import org.onap.aai.introspection.Introspector; import org.onap.aai.schema.enums.PropertyMetadata; import org.onap.aai.serialization.db.DBSerializer; import org.onap.aai.serialization.engines.TransactionalGraphEngine; +import org.springframework.util.CollectionUtils; + +import java.util.Map.Entry; +import java.util.Optional; public class OwnerCheck extends SideEffect { + public static final String READ_ONLY_SUFFIX = "_readOnly"; + private static final String DATA_OWNER = "data-owner"; + public OwnerCheck(Introspector obj, Vertex self, TransactionalGraphEngine dbEngine, DBSerializer serializer) { super(obj, self, dbEngine, serializer); } @@ -55,21 +54,15 @@ public class OwnerCheck extends SideEffect { } public static boolean isAuthorized(java.util.Set<String> groups, Vertex vertex) { - if (groups != null && !groups.isEmpty()) { - List<Vertex> owningEntity = vertex.graph().traversal() - .V(vertex) - .bothE("org.onap.relationships.inventory.BelongsTo") - .otherV() - .has("aai-node-type", "owning-entity") - .toList(); - - if(!owningEntity.isEmpty()) { - VertexProperty owningEntityName = owningEntity.get(0).property("owning-entity-name"); - - return groups.contains(owningEntityName.orElseGet(null)); + if (!CollectionUtils.isEmpty(groups)) { + Object dataOwnerProperty = vertex.property(DATA_OWNER).orElse(null); + if (ObjectUtils.isNotEmpty(dataOwnerProperty)) { + String dataOwner = dataOwnerProperty.toString(); + String dataOwnerWithReadAccess = dataOwner + READ_ONLY_SUFFIX; + return groups.stream() + .anyMatch(group -> group.equals(dataOwner) || group.equals(dataOwnerWithReadAccess)); } } - return true; } diff --git a/aai-core/src/main/java/org/onap/aai/serialization/db/DBSerializer.java b/aai-core/src/main/java/org/onap/aai/serialization/db/DBSerializer.java index 14621e83..7ab49a13 100644 --- a/aai-core/src/main/java/org/onap/aai/serialization/db/DBSerializer.java +++ b/aai-core/src/main/java/org/onap/aai/serialization/db/DBSerializer.java @@ -115,6 +115,7 @@ public class DBSerializer { private Map<String, Pair<Introspector, LinkedHashMap<String, Introspector>>> impliedDeleteUriObjectPair = new LinkedHashMap<>(); private int notificationDepth; private boolean isDeltaEventsEnabled; + private boolean isMultiTenancyEnabled; /** * Instantiates a new DB serializer. @@ -271,6 +272,7 @@ public class DBSerializer { EdgeSerializer es = ctx.getBean(EdgeSerializer.class); setEdgeSerializer(es); isDeltaEventsEnabled = Boolean.parseBoolean(SpringContextAware.getApplicationContext().getEnvironment().getProperty("delta.events.enabled", FALSE)); + isMultiTenancyEnabled = Boolean.parseBoolean(SpringContextAware.getApplicationContext().getEnvironment().getProperty("multi.tenancy.enabled", FALSE)); } public void setEdgeSerializer(EdgeSerializer edgeSer) { @@ -2270,10 +2272,12 @@ public class DBSerializer { private void executePreSideEffects(Introspector obj, Vertex self) throws AAIException { - SideEffectRunner runner = new SideEffectRunner.Builder(this.engine, this).addSideEffect(DataCopy.class) - .addSideEffect(PrivateEdge.class).addSideEffect(OwnerCheck.class).build(); - - runner.execute(obj, self); + SideEffectRunner.Builder runnerBuilder = + new SideEffectRunner.Builder(this.engine, this).addSideEffect(DataCopy.class).addSideEffect(PrivateEdge.class); + if (isMultiTenancyEnabled) { + runnerBuilder.addSideEffect(OwnerCheck.class); + } + runnerBuilder.build().execute(obj, self); } private void executePostSideEffects(Introspector obj, Vertex self) throws AAIException { @@ -2286,11 +2290,13 @@ public class DBSerializer { private void enrichData(Introspector obj, Vertex self) throws AAIException { - SideEffectRunner runner = - new SideEffectRunner.Builder(this.engine, this).addSideEffect(DataLinkReader.class) - .addSideEffect(OwnerCheck.class).build(); + SideEffectRunner.Builder runnerBuilder = + new SideEffectRunner.Builder(this.engine, this).addSideEffect(DataLinkReader.class); - runner.execute(obj, self); + if (isMultiTenancyEnabled) { + runnerBuilder.addSideEffect(OwnerCheck.class); + } + runnerBuilder.build().execute(obj, self); } public double getDBTimeMsecs() { diff --git a/aai-core/src/test/java/org/onap/aai/introspection/sideeffect/OwnerCheckTest.java b/aai-core/src/test/java/org/onap/aai/introspection/sideeffect/OwnerCheckTest.java index 0e33f6c7..9f101965 100644 --- a/aai-core/src/test/java/org/onap/aai/introspection/sideeffect/OwnerCheckTest.java +++ b/aai-core/src/test/java/org/onap/aai/introspection/sideeffect/OwnerCheckTest.java @@ -86,16 +86,10 @@ public class OwnerCheckTest extends AAISetup { .addV("pnf") .property("aai-node-type", "pnf") .property("pnf-name", "my-pnf") + .property("data-owner", "Operator") .property(AAIProperties.AAI_URI, "/network/pnfs/pnf/my-pnf") .property("model-invariant-id", "key1") .as("v1") - .addV("owning-entity") - .property("aai-node-type", "owning-entity") - .property("owning-entity-name", "OE-Generic") - .property("owning-entity-id", "367c897c-8cec-47ba-b7f5-4b6139f06691") - .property(AAIProperties.AAI_URI,"/network/pnfs/pnf/my-pnf/business/owning-entities/owning-entity/367c897c-8cec-47ba-b7f5-4b6139f06691") - .as("oe") - .addE("org.onap.relationships.inventory.BelongsTo").to("v1").from("oe") .property(EdgeProperty.CONTAINS.toString(), true) .addV("model-ver") .property("aai-node-type", "model-ver") @@ -137,14 +131,13 @@ public class OwnerCheckTest extends AAISetup { } @Test - public void shouldFailComparisonWithDiffOwningEntity() throws Exception { + public void shouldFailIfGroupsNotContainsDataOwner() throws Exception { final Loader loader = loaderFactory.createLoaderForVersion(ModelType.MOXY, schemaVersions.getDefaultVersion()); final Introspector obj = loader.introspectorFromName("pnf"); obj.setValue("pnf-name", "my-pnf"); obj.setValue("model-invariant-id", "key1"); obj.setValue("model-version-id", "key2"); - //obj.setValue("owning-entity-id", "367c897c-8cec-47ba-b7f5-4b6139f06691"); TransactionalGraphEngine spy = spy(dbEngine); TransactionalGraphEngine.Admin adminSpy = spy(dbEngine.asAdmin()); Graph g = graph.newTransaction(); @@ -152,30 +145,29 @@ public class OwnerCheckTest extends AAISetup { when(spy.asAdmin()).thenReturn(adminSpy); when(adminSpy.getTraversalSource()).thenReturn(traversal); DBSerializer serializer = - new DBSerializer(schemaVersions.getDefaultVersion(), - spy, introspectorFactoryType, - "AAI_TEST", new HashSet<>(Arrays.asList("OE-GenericI", "OE-GenericII"))); + new DBSerializer(schemaVersions.getDefaultVersion(), + spy, introspectorFactoryType, + "AAI_TEST", new HashSet<>(Arrays.asList("OperatorI", "OperatorII"))); Vertex selfV = g.traversal().V().has("aai-node-type", "pnf").next(); OwnerCheck ownerCheck = new OwnerCheck(obj, selfV, spy, serializer); thrown.expect(AAIException.class); - thrown.expectMessage("Group(s) :[OE-GenericI, OE-GenericII] not authorized to perform function"); + thrown.expectMessage("Group(s) :[OperatorII, OperatorI] not authorized to perform function"); ownerCheck.execute(); g.tx().rollback(); } @Test - public void shouldPassIfOwningEntityEqual() throws Exception { + public void shouldPassIfGroupsContainsDataOwner() throws Exception { final Loader loader = loaderFactory.createLoaderForVersion(ModelType.MOXY, schemaVersions.getDefaultVersion()); final Introspector obj = loader.introspectorFromName("pnf"); obj.setValue("pnf-name", "my-pnf"); obj.setValue("model-invariant-id", "key1"); obj.setValue("model-version-id", "key2"); - //obj.setValue("owning-entity-id", "367c897c-8cec-47ba-b7f5-4b6139f06691"); TransactionalGraphEngine spy = spy(dbEngine); TransactionalGraphEngine.Admin adminSpy = spy(dbEngine.asAdmin()); Graph g = graph.newTransaction(); @@ -189,25 +181,78 @@ public class OwnerCheckTest extends AAISetup { DBSerializer serializer = new DBSerializer(schemaVersions.getDefaultVersion(), spy, introspectorFactoryType, - "AAI_TEST", new HashSet<>(Arrays.asList("OE-Generic", "OE-GenericII"))); + "AAI_TEST", new HashSet<>(Arrays.asList("OperatorIII", "Operator"))); + + OwnerCheck ownerCheck = new OwnerCheck(obj, selfV, spy, serializer); + + ownerCheck.execute(); + g.tx().rollback(); + } + + @Test + public void shouldPassIfGroupsIsEmpty() throws Exception { + + final Loader loader = loaderFactory.createLoaderForVersion(ModelType.MOXY, schemaVersions.getDefaultVersion()); + final Introspector obj = loader.introspectorFromName("pnf"); + obj.setValue("pnf-name", "my-pnf"); + obj.setValue("model-invariant-id", "key1"); + obj.setValue("model-version-id", "key2"); + TransactionalGraphEngine spy = spy(dbEngine); + TransactionalGraphEngine.Admin adminSpy = spy(dbEngine.asAdmin()); + Graph g = graph.newTransaction(); + GraphTraversalSource traversal = g.traversal(); + when(spy.asAdmin()).thenReturn(adminSpy); + when(adminSpy.getTraversalSource()).thenReturn(traversal); + DBSerializer serializer = + new DBSerializer(schemaVersions.getDefaultVersion(), + spy, introspectorFactoryType, + "AAI_TEST"); + + Vertex selfV = g.traversal().V().has("aai-node-type", "pnf").next(); OwnerCheck ownerCheck = new OwnerCheck(obj, selfV, spy, serializer); ownerCheck.execute(); + g.tx().rollback(); + } + + @Test + public void shouldPassIfDataOwnerIsNull() throws Exception { + + final Loader loader = loaderFactory.createLoaderForVersion(ModelType.MOXY, schemaVersions.getDefaultVersion()); + final Introspector obj = loader.introspectorFromName("pnf"); + obj.setValue("pnf-name", "my-pnf"); + obj.setValue("model-invariant-id", "key1"); + obj.setValue("model-version-id", "key2"); + obj.setValue("data-owner", null); + TransactionalGraphEngine spy = spy(dbEngine); + TransactionalGraphEngine.Admin adminSpy = spy(dbEngine.asAdmin()); + Graph g = graph.newTransaction(); + GraphTraversalSource traversal = g.traversal(); + when(spy.asAdmin()).thenReturn(adminSpy); + when(adminSpy.getTraversalSource()).thenReturn(traversal); + DBSerializer serializer = + new DBSerializer(schemaVersions.getDefaultVersion(), + spy, introspectorFactoryType, + "AAI_TEST"); + + Vertex selfV = g.traversal().V().has("aai-node-type", "pnf").next(); + OwnerCheck ownerCheck = new OwnerCheck(obj, selfV, spy, serializer); + ownerCheck.execute(); g.tx().rollback(); } @Test - public void shouldPassIfUserOwningEntityEmptyl() throws Exception { + public void shouldPassIfDataOwnerIsEmpty() throws Exception { final Loader loader = loaderFactory.createLoaderForVersion(ModelType.MOXY, schemaVersions.getDefaultVersion()); final Introspector obj = loader.introspectorFromName("pnf"); obj.setValue("pnf-name", "my-pnf"); obj.setValue("model-invariant-id", "key1"); obj.setValue("model-version-id", "key2"); - //obj.setValue("owning-entity-id", "367c897c-8cec-47ba-b7f5-4b6139f06691"); + obj.setValue("data-owner", ""); TransactionalGraphEngine spy = spy(dbEngine); TransactionalGraphEngine.Admin adminSpy = spy(dbEngine.asAdmin()); Graph g = graph.newTransaction(); diff --git a/aai-core/src/test/resources/onap/oxm/v14/aai_oxm_v14.xml b/aai-core/src/test/resources/onap/oxm/v14/aai_oxm_v14.xml index b08e4fb1..99596cde 100644 --- a/aai-core/src/test/resources/onap/oxm/v14/aai_oxm_v14.xml +++ b/aai-core/src/test/resources/onap/oxm/v14/aai_oxm_v14.xml @@ -5131,6 +5131,11 @@ <xml-property name="ownerCheck" value="N/A"/> </xml-properties> </xml-element> + <xml-element java-attribute="dataOwner" name="data-owner" type="java.lang.String"> + <xml-properties> + <xml-property name="description" value="Resource owner"/> + </xml-properties> + </xml-element> <xml-element java-attribute="pnfName2" name="pnf-name2" type="java.lang.String"> <xml-properties> <xml-property name="description" value="name of Physical Network Function."/> |