AafPermissionService used in MR_ClientService

bump version Change-Id: I83bff7aa29f54cdea05260308f46d3a7e5b9fe58 Issue-ID: DMAAP-1211 Signed-off-by: piotr.karas <piotr.karas@nokia.com>
author: pkaras <piotr.karas@nokia.com> 2019-06-04 11:04:21 +0200
committer: Dominic Lunanuova <dgl@research.att.com> 2019-06-04 15:50:16 +0000
commit: e01dcd3ea03b02294d4b0f3cd46e825499ec4d49 (patch)
tree: b62863c3b9dc4d7bb890c1a9e5d5186990ce32e1
parent: 2d1b398cd414a71efc85913c162e2f78dfae7c06 (diff)
3 files changed, 13 insertions, 71 deletions
diff --git a/pom.xml b/pom.xml
index 91af75a..544af10 100644
--- a/pom.xml
+++ b/pom.xml
@@ -393,7 +393,7 @@
 		<project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
 		<jettyVersion>9.4.12.RC2</jettyVersion> 
 		<eelf.version>1.0.0</eelf.version>
-		<artifact.version>1.0.28-SNAPSHOT</artifact.version>
+		<artifact.version>1.0.29-SNAPSHOT</artifact.version>
 		<junit.version>4.12</junit.version>
 		<!-- SONAR -->
 		<jacoco.version>0.7.7.201606060606</jacoco.version>
diff --git a/src/main/java/org/onap/dmaap/dbcapi/service/MR_ClientService.java b/src/main/java/org/onap/dmaap/dbcapi/service/MR_ClientService.java
index 81b0ccd..5fe6b66 100644
--- a/src/main/java/org/onap/dmaap/dbcapi/service/MR_ClientService.java
+++ b/src/main/java/org/onap/dmaap/dbcapi/service/MR_ClientService.java
@@ -22,12 +22,8 @@
 
 package org.onap.dmaap.dbcapi.service;
 
-import org.onap.dmaap.dbcapi.aaf.AafService;
 import org.onap.dmaap.dbcapi.aaf.AafService.ServiceType;
 import org.onap.dmaap.dbcapi.aaf.AafServiceImpl;
-import org.onap.dmaap.dbcapi.aaf.AafUserRole;
-import org.onap.dmaap.dbcapi.aaf.DmaapGrant;
-import org.onap.dmaap.dbcapi.aaf.DmaapPerm;
 import org.onap.dmaap.dbcapi.client.MrProvConnection;
 import org.onap.dmaap.dbcapi.database.DatabaseClass;
 import org.onap.dmaap.dbcapi.logging.BaseLoggingClass;
@@ -52,6 +48,8 @@ public class MR_ClientService extends BaseLoggingClass {
     private Map<String, MR_Cluster> clusters = DatabaseClass.getMr_clusters();
     private Map<String, DcaeLocation> locations = DatabaseClass.getDcaeLocations();
     private DmaapService dmaap = new DmaapService();
+    private AafPermissionService aafPermissionService =
+            new AafPermissionService(new AafServiceImpl(ServiceType.AAF_TopicMgr), dmaap);
     private String centralCname;
 
     public MR_ClientService() {
@@ -110,15 +108,15 @@ public class MR_ClientService extends BaseLoggingClass {
         // ONAP style: clients specify Identity to be assigned to generated Role
         String role = client.getClientRole();
         if (role != null) {
-            grantClientRolePerms(client, err);
+            updateApiError(err, aafPermissionService.grantClientRolePerms(client));
         } else if (client.hasClientIdentity()) {
             if (client.isSubscriber()) {
                 role = topic.getSubscriberRole();
-                assignIdentityToRole(client, role, err);
+                updateApiError(err, aafPermissionService.assignClientToRole(client, role));
             }
             if (client.isPublisher()) {
                 role = topic.getPublisherRole();
-                assignIdentityToRole(client, role, err);
+                updateApiError(err, aafPermissionService.assignClientToRole(client, role));
             }
         }
         if (!client.isStatusValid()) {
@@ -180,67 +178,6 @@ public class MR_ClientService extends BaseLoggingClass {
         return DmaapObject_Status.INVALID;
     }
 
-    private void grantClientRolePerms(MR_Client client, ApiError err) {
-        AafService aaf = new AafServiceImpl(ServiceType.AAF_TopicMgr);
-
-        String instance = ":topic." + client.getFqtn();
-        client.setStatus(DmaapObject_Status.VALID);
-        String role = client.getClientRole();
-        for (String want : client.getAction()) {
-            int rc;
-            DmaapPerm perm = new DmaapPerm(dmaap.getTopicPerm(), instance, want);
-            if (role != null) {
-                DmaapGrant g = new DmaapGrant(perm, role);
-                rc = aaf.addGrant(g);
-                if (rc != 201 && rc != 409) {
-                    client.setStatus(DmaapObject_Status.INVALID);
-                    err.setCode(rc);
-                    err.setMessage("Grant of " + dmaap.getTopicPerm() + "|" + instance + "|" + want + " failed for " + role);
-                    logger.warn(err.getMessage());
-                    return;
-                }
-            } else {
-                logger.warn("No Grant of " + dmaap.getTopicPerm() + "|" + instance + "|" + want + " because role is null ");
-            }
-        }
-    }
-
-    private void assignIdentityToRole(MR_Client client, String role, ApiError err) {
-        AafService aaf = new AafServiceImpl(ServiceType.AAF_TopicMgr);
-
-        AafUserRole ur = new AafUserRole(client.getClientIdentity(), role);
-        int rc = aaf.addUserRole(ur);
-        if (rc != 201 && rc != 409) {
-            client.setStatus(DmaapObject_Status.INVALID);
-            err.setCode(rc);
-            err.setMessage("Failed to add user " + client.getClientIdentity() + "  to " + role);
-            logger.warn(err.getMessage());
-            return;
-        }
-        client.setStatus(DmaapObject_Status.VALID);
-
-    }
-
-    private void revokeClientPerms(MR_Client client, ApiError err) {
-        AafService aaf = new AafServiceImpl(ServiceType.AAF_TopicMgr);
-
-        String instance = ":topic." + client.getFqtn();
-        client.setStatus(DmaapObject_Status.VALID);
-        for (String want : client.getAction()) {
-            int rc;
-            DmaapPerm perm = new DmaapPerm(dmaap.getTopicPerm(), instance, want);
-            DmaapGrant g = new DmaapGrant(perm, client.getClientRole());
-            rc = aaf.delGrant(g);
-            if (rc != 200 && rc != 404) {
-                client.setStatus(DmaapObject_Status.INVALID);
-                err.setCode(rc);
-                err.setMessage("Revoke of " + dmaap.getTopicPerm() + "|" + instance + "|" + want + " failed for " + client.getClientRole());
-                logger.warn(err.getMessage());
-                return;
-            }
-        }
-    }
-
     public MR_Client updateMr_Client(MR_Client client, ApiError apiError) {
         MR_Client c = mr_clients.get(client.getMrClientId());
         if (c == null) {
@@ -286,7 +223,7 @@ public class MR_ClientService extends BaseLoggingClass {
 
         // remove from AAF
         if (deleteLevel >= 2) {
-            revokeClientPerms(client, apiError);
+            updateApiError(apiError, aafPermissionService.revokeClientPerms(client));
             if (!apiError.is2xx()) {
                 return;
             }
@@ -297,4 +234,9 @@ public class MR_ClientService extends BaseLoggingClass {
         }
     }
 
+    private void updateApiError(ApiError err, ApiError permissionServiceError) {
+        err.setCode(permissionServiceError.getCode());
+        err.setMessage(permissionServiceError.getMessage());
+        err.setFields(permissionServiceError.getFields());
+    }
 }
diff --git a/version.properties b/version.properties
index 67b4ad2..96f9ee0 100644
--- a/version.properties
+++ b/version.properties
@@ -27,7 +27,7 @@
 
 major=1
 minor=0
-patch=28
+patch=29
 base_version=${major}.${minor}.${patch}
 
 # Release must be completed with git revision # in Jenkins
author	pkaras <piotr.karas@nokia.com>	2019-06-04 11:04:21 +0200
committer	Dominic Lunanuova <dgl@research.att.com>	2019-06-04 15:50:16 +0000
commit	e01dcd3ea03b02294d4b0f3cd46e825499ec4d49 (patch)
tree	b62863c3b9dc4d7bb890c1a9e5d5186990ce32e1
parent	2d1b398cd414a71efc85913c162e2f78dfae7c06 (diff)