diff options
author | Dominic Lunanuova <dgl@research.att.com> | 2019-07-25 19:19:10 +0000 |
---|---|---|
committer | Gerrit Code Review <gerrit@onap.org> | 2019-07-25 19:19:10 +0000 |
commit | 5717199158dbef060b89582f4dfd049aa6cfadc9 (patch) | |
tree | 6800ab833440fa2ad6606986808befae58e649d1 | |
parent | 46d8250f0c0884991e00593ec05477c0759efd57 (diff) | |
parent | ad5381bae1e3ddeba04bd52e3a4b1043e9fab8eb (diff) |
Merge "configurable AAF permissions parts"1.0.2
-rw-r--r-- | src/main/java/org/onap/dmaap/kafkaAuthorize/KafkaCustomAuthorizer.java | 25 |
1 files changed, 20 insertions, 5 deletions
diff --git a/src/main/java/org/onap/dmaap/kafkaAuthorize/KafkaCustomAuthorizer.java b/src/main/java/org/onap/dmaap/kafkaAuthorize/KafkaCustomAuthorizer.java index acafbdf..b78967a 100644 --- a/src/main/java/org/onap/dmaap/kafkaAuthorize/KafkaCustomAuthorizer.java +++ b/src/main/java/org/onap/dmaap/kafkaAuthorize/KafkaCustomAuthorizer.java @@ -76,9 +76,12 @@ public class KafkaCustomAuthorizer implements Authorizer { action = "sub"; } else if (kafkaactivity.equals("Write")) { action = "pub"; - } else if (kafkaactivity.equals("Describe")) { + } else if (kafkaactivity.equals("Create")) { + action = "create"; + } else { return true; } + if (arg2.resourceType().name().equals("Topic")) { topicName = arg2.name(); } else { @@ -88,9 +91,21 @@ public class KafkaCustomAuthorizer implements Authorizer { try { if (null != topicName && topicName.indexOf(".") > 0) { - namspace = topicName.substring(0, topicName.lastIndexOf(".")); - ins = namspace + ".topic"; - type = ":topic." + topicName; + + if (action.equals("create")) { + String instancePart = (System.getenv("msgRtr.topicfactory.aaf") != null) + ? System.getenv("msgRtr.topicfactory.aaf") + : "org.onap.dmaap.mr.topicFactory|:org.onap.dmaap.mr.topic:"; + String[] instandType = (instancePart + namspace + "|create").split("|"); + ins = instandType[0]; + type = instandType[1]; + } else if (action.equals("pub") || action.equals("sub")) { + namspace = topicName.substring(0, topicName.lastIndexOf(".")); + String instancePart = (System.getenv("pubSubInstPart") != null) ? System.getenv("pubSubInstPart") + : ".topic"; + ins = namspace + instancePart; + type = ":topic." + topicName; + } logger.info("^Event Received for topic " + topicName + " , User " + fullName + " , action = " + action); } @@ -107,7 +122,7 @@ public class KafkaCustomAuthorizer implements Authorizer { } if (!hasResp) { logger.info(fullName + " is not allowed in " + ins + "|" + type + "|" + action); - throw new Exception(fullName + " is not allowed in " + ins + "|" + type + "|" + action); + return false; } } } catch (final Exception e) { |