From c35c896ba3cf8ea670c9a3a87e77be0b3dedb2b3 Mon Sep 17 00:00:00 2001 From: Rodrigo Lima Date: Wed, 9 Sep 2020 14:54:15 -0400 Subject: Add side effect to check pnf owning entity - Create side effect to check : user's groups contains pnf's owning entity name - Create unit tests for side effect - Add new process method in HttpEntry to pass set of groups - Pass set of groups to db serializer Issue-ID: AAI-3176 Signed-off-by: Rodrigo Lima Change-Id: I4bc7ab6e22bce8cbe60bd7ef6bb5db73dac3a1c4 --- .../aai/introspection/sideeffect/OwnerCheck.java | 78 +++++++++++++++++++++ .../main/java/org/onap/aai/rest/db/HttpEntry.java | 20 +++++- .../onap/aai/serialization/db/DBSerializer.java | 80 +++++++++++++++++++++- 3 files changed, 174 insertions(+), 4 deletions(-) create mode 100644 aai-core/src/main/java/org/onap/aai/introspection/sideeffect/OwnerCheck.java (limited to 'aai-core/src/main') diff --git a/aai-core/src/main/java/org/onap/aai/introspection/sideeffect/OwnerCheck.java b/aai-core/src/main/java/org/onap/aai/introspection/sideeffect/OwnerCheck.java new file mode 100644 index 00000000..a32c4ecc --- /dev/null +++ b/aai-core/src/main/java/org/onap/aai/introspection/sideeffect/OwnerCheck.java @@ -0,0 +1,78 @@ +/** + * ============LICENSE_START======================================================= + * org.onap.aai + * ================================================================================ + * Copyright © 2017-2018 AT&T Intellectual Property. All rights reserved. + * ================================================================================ + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * ============LICENSE_END========================================================= + */ + +package org.onap.aai.introspection.sideeffect; + +import java.io.UnsupportedEncodingException; +import java.net.URISyntaxException; + +import java.util.List; +import java.util.Map.Entry; +import java.util.Optional; +import org.apache.tinkerpop.gremlin.structure.Vertex; +import org.apache.tinkerpop.gremlin.structure.VertexProperty; +import org.onap.aai.edges.exceptions.AmbiguousRuleChoiceException; +import org.onap.aai.edges.exceptions.EdgeRuleNotFoundException; +import org.onap.aai.exceptions.AAIException; +import org.onap.aai.introspection.Introspector; +import org.onap.aai.schema.enums.PropertyMetadata; +import org.onap.aai.serialization.db.DBSerializer; +import org.onap.aai.serialization.engines.TransactionalGraphEngine; + +public class OwnerCheck extends SideEffect { + + public OwnerCheck(Introspector obj, Vertex self, TransactionalGraphEngine dbEngine, DBSerializer serializer) { + super(obj, self, dbEngine, serializer); + } + + @Override + protected void processURI(Optional completeUri, Entry entry) + throws AAIException { + if (serializer.getGroups() != null && !serializer.getGroups().isEmpty()) { + List owningEntity = self.graph().traversal() + .V(self) + .inE("org.onap.relationships.inventory.BelongsTo") + .outV() + .has("aai-node-type", "owning-entity") + .toList(); + + if(!owningEntity.isEmpty()) { + VertexProperty owningEntityName = owningEntity.get(0).property("owning-entity-name"); + + if(!serializer.getGroups().contains(owningEntityName.orElseGet(null))) { + throw new AAIException("AAI_3304", + "Group(s) :" + serializer.getGroups() + " not authorized to perform function"); + } + } + } //else skip processing because no required properties were specified + + } + + @Override + protected PropertyMetadata getPropertyMetadata() { + return PropertyMetadata.OWNER_CHECK; + } + + @Override + protected boolean replaceWithWildcard() { + return false; + } + +} diff --git a/aai-core/src/main/java/org/onap/aai/rest/db/HttpEntry.java b/aai-core/src/main/java/org/onap/aai/rest/db/HttpEntry.java index 2899a812..aa4fb8c8 100644 --- a/aai-core/src/main/java/org/onap/aai/rest/db/HttpEntry.java +++ b/aai-core/src/main/java/org/onap/aai/rest/db/HttpEntry.java @@ -243,6 +243,13 @@ public class HttpEntry { return dbEngine; } + public Pair>> process(List requests, + String sourceOfTruth, + Set groups) + throws AAIException { + return this.process(requests, sourceOfTruth, groups, true); + } + public Pair>> process(List requests, String sourceOfTruth) throws AAIException { return this.process(requests, sourceOfTruth, true); @@ -339,14 +346,21 @@ public class HttpEntry { * @throws AAIException the AAI exception */ public Pair>> process(List requests, String sourceOfTruth, - boolean enableResourceVersion) throws AAIException { + boolean enableResourceVersion) throws AAIException { + return this.process(requests, sourceOfTruth, Collections.EMPTY_SET, enableResourceVersion); + } + + private Pair>> process(List requests, + String sourceOfTruth, + Set groups, + boolean enableResourceVersion) throws AAIException { DBSerializer serializer = null; if(serverBase != null){ - serializer = new DBSerializer(version, dbEngine, introspectorFactoryType, sourceOfTruth, notificationDepth, serverBase); + serializer = new DBSerializer(version, dbEngine, introspectorFactoryType, sourceOfTruth, groups, notificationDepth, serverBase); } else { - serializer = new DBSerializer(version, dbEngine, introspectorFactoryType, sourceOfTruth, notificationDepth); + serializer = new DBSerializer(version, dbEngine, introspectorFactoryType, sourceOfTruth, groups, notificationDepth); } Response response; diff --git a/aai-core/src/main/java/org/onap/aai/serialization/db/DBSerializer.java b/aai-core/src/main/java/org/onap/aai/serialization/db/DBSerializer.java index 7cd0e785..5b274ee2 100644 --- a/aai-core/src/main/java/org/onap/aai/serialization/db/DBSerializer.java +++ b/aai-core/src/main/java/org/onap/aai/serialization/db/DBSerializer.java @@ -96,6 +96,7 @@ public class DBSerializer { private final TransactionalGraphEngine engine; private final String sourceOfTruth; + private final Set groups; private final ModelType introspectionType; private final SchemaVersion version; private final Loader latestLoader; @@ -128,6 +129,7 @@ public class DBSerializer { String sourceOfTruth) throws AAIException { this.engine = engine; this.sourceOfTruth = sourceOfTruth; + this.groups = Collections.EMPTY_SET; this.introspectionType = introspectionType; this.schemaVersions = (SchemaVersions) SpringContextAware.getBean("schemaVersions"); SchemaVersion latestVersion = schemaVersions.getDefaultVersion(); @@ -144,6 +146,27 @@ public class DBSerializer { initBeans(); } + public DBSerializer(SchemaVersion version, TransactionalGraphEngine engine, ModelType introspectionType, + String sourceOfTruth, Set groups) throws AAIException { + this.engine = engine; + this.sourceOfTruth = sourceOfTruth; + this.groups = groups; + this.introspectionType = introspectionType; + this.schemaVersions = (SchemaVersions) SpringContextAware.getBean("schemaVersions"); + SchemaVersion latestVersion = schemaVersions.getDefaultVersion(); + this.latestLoader = + SpringContextAware.getBean(LoaderFactory.class).createLoaderForVersion(introspectionType, latestVersion); + this.version = version; + this.loader = + SpringContextAware.getBean(LoaderFactory.class).createLoaderForVersion(introspectionType, version); + this.namedPropNodes = this.latestLoader.getNamedPropNodes(); + this.baseURL = AAIConfig.get(AAIConstants.AAI_SERVER_URL_BASE); + this.currentTimeMillis = System.currentTimeMillis(); + // If creating the DBSerializer the old way then set the notification depth to maximum + this.notificationDepth = AAIProperties.MAXIMUM_DEPTH; + initBeans(); + } + public DBSerializer(SchemaVersion version, TransactionalGraphEngine engine, ModelType introspectionType, @@ -151,6 +174,31 @@ public class DBSerializer { int notificationDepth) throws AAIException { this.engine = engine; this.sourceOfTruth = sourceOfTruth; + this.groups = Collections.EMPTY_SET; + this.introspectionType = introspectionType; + this.schemaVersions = (SchemaVersions) SpringContextAware.getBean("schemaVersions"); + SchemaVersion latestVersion = schemaVersions.getDefaultVersion(); + this.latestLoader = + SpringContextAware.getBean(LoaderFactory.class).createLoaderForVersion(introspectionType, latestVersion); + this.version = version; + this.loader = + SpringContextAware.getBean(LoaderFactory.class).createLoaderForVersion(introspectionType, version); + this.namedPropNodes = this.latestLoader.getNamedPropNodes(); + this.baseURL = AAIConfig.get(AAIConstants.AAI_SERVER_URL_BASE); + this.currentTimeMillis = System.currentTimeMillis(); + this.notificationDepth = notificationDepth; + initBeans(); + } + + public DBSerializer(SchemaVersion version, + TransactionalGraphEngine engine, + ModelType introspectionType, + String sourceOfTruth, + Set groups, + int notificationDepth) throws AAIException { + this.engine = engine; + this.sourceOfTruth = sourceOfTruth; + this.groups = groups; this.introspectionType = introspectionType; this.schemaVersions = (SchemaVersions) SpringContextAware.getBean("schemaVersions"); SchemaVersion latestVersion = schemaVersions.getDefaultVersion(); @@ -174,6 +222,32 @@ public class DBSerializer { String serverBase) throws AAIException { this.engine = engine; this.sourceOfTruth = sourceOfTruth; + this.groups = Collections.EMPTY_SET; + this.introspectionType = introspectionType; + this.schemaVersions = (SchemaVersions) SpringContextAware.getBean("schemaVersions"); + SchemaVersion latestVersion = schemaVersions.getDefaultVersion(); + this.latestLoader = + SpringContextAware.getBean(LoaderFactory.class).createLoaderForVersion(introspectionType, latestVersion); + this.version = version; + this.loader = + SpringContextAware.getBean(LoaderFactory.class).createLoaderForVersion(introspectionType, version); + this.namedPropNodes = this.latestLoader.getNamedPropNodes(); + this.baseURL = serverBase; + this.currentTimeMillis = System.currentTimeMillis(); + this.notificationDepth = notificationDepth; + initBeans(); + } + + public DBSerializer(SchemaVersion version, + TransactionalGraphEngine engine, + ModelType introspectionType, + String sourceOfTruth, + Set groups, + int notificationDepth, + String serverBase) throws AAIException { + this.engine = engine; + this.sourceOfTruth = sourceOfTruth; + this.groups = groups; this.introspectionType = introspectionType; this.schemaVersions = (SchemaVersions) SpringContextAware.getBean("schemaVersions"); SchemaVersion latestVersion = schemaVersions.getDefaultVersion(); @@ -223,6 +297,10 @@ public class DBSerializer { return impliedDeleteUriObjectPair; } + public Set getGroups() { + return this.groups; + } + /** * Touch standard vertex properties. * @param v the v @@ -2193,7 +2271,7 @@ public class DBSerializer { private void executePreSideEffects(Introspector obj, Vertex self) throws AAIException { SideEffectRunner runner = new SideEffectRunner.Builder(this.engine, this).addSideEffect(DataCopy.class) - .addSideEffect(PrivateEdge.class).build(); + .addSideEffect(PrivateEdge.class).addSideEffect(OwnerCheck.class).build(); runner.execute(obj, self); } -- cgit 1.2.3-korg