diff options
Diffstat (limited to 'cmso-service/src/main/java/org/onap/optf/cmso/aaf/AafUserRoleProperties.java')
-rwxr-xr-x[-rw-r--r--] | cmso-service/src/main/java/org/onap/optf/cmso/aaf/AafUserRoleProperties.java | 244 |
1 files changed, 105 insertions, 139 deletions
diff --git a/cmso-service/src/main/java/org/onap/optf/cmso/aaf/AafUserRoleProperties.java b/cmso-service/src/main/java/org/onap/optf/cmso/aaf/AafUserRoleProperties.java index 624171d..26bb436 100644..100755 --- a/cmso-service/src/main/java/org/onap/optf/cmso/aaf/AafUserRoleProperties.java +++ b/cmso-service/src/main/java/org/onap/optf/cmso/aaf/AafUserRoleProperties.java @@ -1,139 +1,105 @@ -/* - * Copyright © 2019 AT&T Intellectual Property. - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * - * - * Unless otherwise specified, all documentation contained herein is licensed - * under the Creative Commons License, Attribution 4.0 Intl. (the "License"); - * you may not use this documentation except in compliance with the License. - * You may obtain a copy of the License at - * - * https://creativecommons.org/licenses/by/4.0/ - * - * Unless required by applicable law or agreed to in writing, documentation - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - ******************************************************************************/ - -package org.onap.optf.cmso.aaf; - -import com.fasterxml.jackson.databind.ObjectMapper; -import java.io.File; -import java.io.FileInputStream; -import java.util.ArrayList; -import java.util.List; -import java.util.Properties; -import javax.annotation.PostConstruct; -import javax.servlet.http.HttpServletRequest; -import org.onap.aaf.cadi.Permission; -import org.onap.aaf.cadi.aaf.AAFPermission; -import org.onap.observations.Observation; -import org.onap.optf.cmso.SpringProfiles; -import org.onap.optf.cmso.common.LogMessages; -import org.springframework.beans.factory.annotation.Autowired; -import org.springframework.context.annotation.Profile; -import org.springframework.core.env.Environment; -import org.springframework.stereotype.Component; - -/** - * This class uses a properties file to map URL patterns/method to AAF Permissions (AafPerm). - * - * @author jf9860 - * - */ -@Component -@Profile(SpringProfiles.AAF_AUTHENTICATION) -public class AafUserRoleProperties { - @Autowired - Environment env; - - private List<AafUserRole> list = new ArrayList<>(); - - /** - * Initialize permissions. - */ - @PostConstruct - public void initializePermissions() { - String userRolePropertiesName = - env.getProperty("aaf.user.roles", "src/main/resources/aaf/AAFUserRoles.properties"); - Properties props = new Properties(); - try { - props.load(new FileInputStream(new File(userRolePropertiesName))); - } catch (Exception e) { - Observation.report(LogMessages.UNEXPECTED_EXCEPTION, e, e.getMessage()); - } - for (Object url : props.keySet()) { - Object value = props.get(url); - list.add(new AafUserRole((String) url, (String) value)); - } - } - - /** - * Gets the for url method. - * - * @param url the url - * @param method the method - * @return the for url method - */ - public List<AafUserRole> getForUrlMethod(String url, String method) { - List<AafUserRole> userRoleList = new ArrayList<>(); - for (AafUserRole aur : list) { - if (aur.matches(url, method)) { - userRoleList.add(aur); - } - } - return userRoleList; - } - - /** - * Process permissions. - * - * @param request the request - * @param userPerms the user perms - * @return true, if successful - */ - public boolean processPermissions(HttpServletRequest request, List<Permission> userPerms) { - try { - // Get list of perms that match incoming URL. May be more than 1... - // Users perms must match all that match URL - List<AafUserRole> perms = getForUrlMethod(request.getRequestURI(), request.getMethod()); - int tested = 0; - int passed = 0; - for (AafUserRole perm : perms) { - for (AafPerm test : perm.getAafPerms()) { - tested++; - for (Permission userPerm : userPerms) { - - if (test.matches((AAFPermission) userPerm)) { - passed++; - break; - } - } - } - } - // All permissions must be OK - if (tested > 0 && tested == passed) { - return true; - } - else { - return false; - } - } catch (Exception e) { - Observation.report(LogMessages.UNEXPECTED_EXCEPTION, e, e.getMessage()); - } - return false; - } -} +/*
+ * Copyright (c) 2019 AT&T Intellectual Property.
+ * Modifications Copyright © 2018 IBM.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ *
+ * Unless otherwise specified, all documentation contained herein is licensed
+ * under the Creative Commons License, Attribution 4.0 Intl. (the "License");
+ * you may not use this documentation except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * https://creativecommons.org/licenses/by/4.0/
+ *
+ * Unless required by applicable law or agreed to in writing, documentation
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+*/
+
+package org.onap.optf.cmso.aaf;
+
+import com.att.eelf.configuration.EELFLogger;
+import com.att.eelf.configuration.EELFManager;
+import java.nio.file.Files;
+import java.nio.file.Paths;
+import java.util.ArrayList;
+import java.util.List;
+import javax.annotation.PostConstruct;
+import org.onap.observations.Observation;
+import org.onap.optf.cmso.SpringProfiles;
+import org.onap.optf.cmso.common.LogMessages;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.context.annotation.Profile;
+import org.springframework.core.env.Environment;
+import org.springframework.stereotype.Component;
+
+/**
+ * The Class AafUserRoleProperties.
+ */
+@Component
+@Profile(SpringProfiles.AAF_AUTHENTICATION)
+public class AafUserRoleProperties {
+ private static EELFLogger debug = EELFManager.getInstance().getDebugLogger();
+
+ /** The env. */
+ @Autowired
+ Environment env;
+
+ private List<AafUserRole> list = new ArrayList<>();
+
+ /**
+ * Initialize permissions.
+ */
+ @PostConstruct
+ public void initializePermissions() {
+ String userRolePropertiesName = env.getProperty(AafProperties.aafUserRoleProperties.toString(),
+ "opt/att/ajsc/config/AAFUserRoles.properties");
+ try {
+ List<String> lines = Files.readAllLines(Paths.get(userRolePropertiesName));
+ for (String line : lines) {
+ line = line.trim();
+ if (!line.startsWith("#")) {
+ String[] parts = line.split("=");
+ if (parts.length == 2) {
+ list.add(new AafUserRole(parts[0], env.resolvePlaceholders(parts[1])));
+ } else {
+ Observation.report(LogMessages.INVALID_ATTRIBUTE, line, userRolePropertiesName);
+ }
+ }
+ }
+ } catch (Exception e) {
+ Observation.report(LogMessages.UNEXPECTED_EXCEPTION, e, e.getMessage());
+ }
+ debug.debug("AafUserRole.properties: " + list);
+ }
+
+ /**
+ * Gets the for url method.
+ *
+ * @param url the url
+ * @param method the method
+ * @return the for url method
+ */
+ public List<AafUserRole> getForUrlMethod(String url, String method) {
+ List<AafUserRole> userRoleList = new ArrayList<>();
+ for (AafUserRole aur : list) {
+ if (aur.matches(url, method)) {
+ userRoleList.add(aur);
+ }
+ }
+ return userRoleList;
+ }
+}
|