diff options
| author |   Kotta, Shireesha (sk434m) <shireesha.kotta@att.com> | 2018-10-09 11:28:41 -0400 |
|---|---|---|
| committer | Kotta, Shireesha (sk434m) <shireesha.kotta@att.com> | 2018-10-09 16:55:17 -0400 |
| commit | 47bcf09a62fb260a60b90d4f6c8406d956ab5a8a (patch) | |
| tree | d1eb28e038f362bc4a68207c6f6a74535e47f782 | |
| parent | 15586620ec762ba42f2c6ec1b596ea6ea4425355 (diff) | |
Add roles to user
Issue-ID: PORTAL-432
add roles to user when the app is centralized
Change-Id: I46a782be24ea1804597dc7205bf98170731ffe4d
Signed-off-by: Kotta, Shireesha (sk434m) <shireesha.kotta@att.com>
17 files changed, 362 insertions, 312 deletions
diff --git a/deliveries/Apps_Users_OnBoarding_Script.sql b/deliveries/Apps_Users_OnBoarding_Script.sql index 583238f0..08146ff2 100644 --- a/deliveries/Apps_Users_OnBoarding_Script.sql +++ b/deliveries/Apps_Users_OnBoarding_Script.sql @@ -9,8 +9,8 @@ INSERT INTO `fn_app` (`app_id`, `app_name`, `app_image_url`, `app_description`, (2, 'xDemo App', 'images/cache/portal-222865671_37476.png', NULL, NULL, 'http://portal.api.simpledemo.onap.org:8990/ONAPPORTALSDK/welcome.htm', NULL, 'http://portal.api.simpledemo.onap.org:8990/ONAPPORTALSDK/api/v2', '', '', NULL, '2VxipM8Z3SETg32m3Gp0FvKS6zZ2uCbCw46WDyK6T5E=', 'N', 'Y', NULL, 'Default', 'ueb_key', 'ueb_secret', 'ECOMP-PORTAL-OUTBOX', 1,'N',NULL), (3, 'DMaaP Bus Ctrl', 'images/cache/portal944583064_80711.png', NULL, NULL, 'http://portal.api.simpledemo.onap.org:8989/ECOMPDBCAPP/dbc#/dmaap', NULL, 'http://portal.api.simpledemo.onap.org:8989/ECOMPDBCAPP/api/v2', '', '', NULL, 'okYTaDrhzibcbGVq5mjkVQ==', 'N', 'N', NULL, 'Default', 'ueb_key', 'ueb_secret', 'ECOMP-PORTAL-OUTBOX', 1,'N',NULL), (4, 'SDC', 'images/cache/portal956868231_53879.png', NULL, NULL, 'http://sdc.api.simpledemo.onap.org:8181/sdc1/portal', NULL, 'http://sdc.api.simpledemo.onap.org:8080/api/v2', '', '', NULL, 'j85yNhyIs7zKYbR1VlwEfNhS6b7Om4l0Gx5O8931sCI=', 'N', 'Y', NULL, 'Default', 'ueb_key', 'ueb_secret', 'ECOMP-PORTAL-OUTBOX', 1,'N',NULL), -(5, 'Policy', 'images/cache/portal1470452815_67021.png', NULL, NULL, 'http://policy.api.simpledemo.onap.org:8443/onap/policy', NULL, 'http://policy.api.simpledemo.onap.org:8443/onap/api/v2', '', '', NULL, 'okYTaDrhzibcbGVq5mjkVQ==', 'N', 'Y', NULL, 'Default', 'ueb_key', 'ueb_secret', 'ECOMP-PORTAL-OUTBOX', 1,'N',NULL), -(6, 'Virtual Infrastructure Deployment', 'images/cache/portal-345993588_92550.png', NULL, NULL, 'https://vid.api.simpledemo.onap.org:8443/vid/welcome.htm', NULL, 'https://vid.api.simpledemo.onap.org:8443/vid/api/v2', '', '', NULL, 'okYTaDrhzibcbGVq5mjkVQ==', 'N', 'Y', NULL, 'Default', '2Re7Pvdkgw5aeAUD', 'S31PrbOzGgL4hg4owgtx47Da', 'ECOMP-PORTAL-OUTBOX-90', 1,'N',NULL), +(5, 'Policy', 'images/cache/portal1470452815_67021.png', NULL, NULL, 'http://policy.api.simpledemo.onap.org:8443/onap/policy', NULL, 'http://policy.api.simpledemo.onap.org:8443/onap/api/v2', '', '', NULL, '2VxipM8Z3SETg32m3Gp0FvKS6zZ2uCbCw46WDyK6T5E', 'N', 'Y', NULL, 'Default', 'ueb_key', 'ueb_secret', 'ECOMP-PORTAL-OUTBOX', 1,'N',NULL), +(6, 'Virtual Infrastructure Deployment', 'images/cache/portal-345993588_92550.png', NULL, NULL, 'https://vid.api.simpledemo.onap.org:8443/vid/welcome.htm', NULL, 'http://vid.api.simpledemo.onap.org:8080/vid/api/v2', '', '', NULL, '2VxipM8Z3SETg32m3Gp0FvKS6zZ2uCbCw46WDyK6T5E', 'N', 'Y', NULL, 'Default', '2Re7Pvdkgw5aeAUD', 'S31PrbOzGgL4hg4owgtx47Da', 'ECOMP-PORTAL-OUTBOX-90', 1,'N',NULL), (7, 'A&AI UI', 'images/cache/portal-345993588_92550.png', NULL, NULL, 'http://aai.api.simpledemo.onap.org:9517/services/aai/webapp/index.html#/viewInspect', NULL, 'http://aai.api.simpledemo.onap.org:9517/api/v2', '', '', NULL, 't1oqm6wCXrGUXUSL8mS7pQ==', 'N', 'Y', NULL, 'aaiui', 'ueb_key', 'ueb_secret', 'ECOMP-PORTAL-OUTBOX', 1,'N',NULL), (8, 'CLI', 'images/cache/portal-345993588_92550.png', NULL, NULL, 'http://portal.api.simpledemo.onap.org:8080/', NULL, NULL, '', '', NULL, '', 'Y', 'Y', NULL, '', '', '', '', 1,'N',NULL), (9, 'MSB', 'images/cache/portal-345993588_92550.png', NULL, NULL, 'http://msb-iag:80/iui/microservices/index.html', NULL, NULL, '', '', NULL, '', 'Y', 'Y', NULL, '', '', '', '', 2,'N',NULL); diff --git a/deliveries/local-dev-host-clone.sh b/deliveries/local-dev-host-clone.sh index 36fdaccb..1d7ae42b 100644 --- a/deliveries/local-dev-host-clone.sh +++ b/deliveries/local-dev-host-clone.sh @@ -1,7 +1,7 @@ #!/bin/bash # Sets up a new build area for Portal projects on on a dev/test host such as vm-ep-dev3 -USER=attuid-goes-here -git clone https://${USER}@codecloud.web.att.com/scm/st_quantum/lf_portal.git +USER=org.UserId-goes-here +git clone https://${USER}@gerrit.onap.org/r/a/portal cd lf_portal -git clone https://${USER}@codecloud.web.att.com/scm/st_quantum/lf_portal_sdk.git sdk +git clone https://${USER}@gerrit.onap.org/r/a/portal/sdk diff --git a/deliveries/local-dev-host-start.sh b/deliveries/local-dev-host-start.sh index 7268dcf7..8355983a 100644 --- a/deliveries/local-dev-host-start.sh +++ b/deliveries/local-dev-host-start.sh @@ -43,7 +43,7 @@ export LOGS_DIR=./logs mkdir -p $LOGS_DIR # Make inter-app communication work in dev3 -export EXTRA_HOST_IP="135.207.161.175" +export EXTRA_HOST_IP=localhost export EXTRA_HOST_NAME="portal.api.simpledemo.onap.org" # (re)start containers diff --git a/deliveries/server.xml b/deliveries/server.xml new file mode 100644 index 00000000..3f7bf3f7 --- /dev/null +++ b/deliveries/server.xml @@ -0,0 +1,147 @@ +<?xml version='1.0' encoding='utf-8'?> +<!-- + Licensed to the Apache Software Foundation (ASF) under one or more + contributor license agreements. See the NOTICE file distributed with + this work for additional information regarding copyright ownership. + The ASF licenses this file to You under the Apache License, Version 2.0 + (the "License"); you may not use this file except in compliance with + the License. You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. +--> +<!-- Note: A "Server" is not itself a "Container", so you may not + define subcomponents such as "Valves" at this level. + Documentation at /docs/config/server.html + --> +<Server port="8005" shutdown="SHUTDOWN"> + <Listener className="org.apache.catalina.startup.VersionLoggerListener" /> + <!-- Security listener. Documentation at /docs/config/listeners.html + <Listener className="org.apache.catalina.security.SecurityListener" /> + --> + <!--APR library loader. Documentation at /docs/apr.html --> + <Listener className="org.apache.catalina.core.AprLifecycleListener" SSLEngine="on" /> + <!-- Prevent memory leaks due to use of particular java/javax APIs--> + <Listener className="org.apache.catalina.core.JreMemoryLeakPreventionListener" /> + <Listener className="org.apache.catalina.mbeans.GlobalResourcesLifecycleListener" /> + <Listener className="org.apache.catalina.core.ThreadLocalLeakPreventionListener" /> + + <!-- Global JNDI resources + Documentation at /docs/jndi-resources-howto.html + --> + <GlobalNamingResources> + <!-- Editable user database that can also be used by + UserDatabaseRealm to authenticate users + --> + <Resource name="UserDatabase" auth="Container" + type="org.apache.catalina.UserDatabase" + description="User database that can be updated and saved" + factory="org.apache.catalina.users.MemoryUserDatabaseFactory" + pathname="conf/tomcat-users.xml" /> + </GlobalNamingResources> + + <!-- A "Service" is a collection of one or more "Connectors" that share + a single "Container" Note: A "Service" is not itself a "Container", + so you may not define subcomponents such as "Valves" at this level. + Documentation at /docs/config/service.html + --> + <Service name="Catalina"> + + <!--The connectors can use a shared executor, you can define one or more named thread pools--> + <!-- + <Executor name="tomcatThreadPool" namePrefix="catalina-exec-" + maxThreads="150" minSpareThreads="4"/> + --> + + + <!-- A "Connector" represents an endpoint by which requests are received + and responses are returned. Documentation at : + Java HTTP Connector: /docs/config/http.html (blocking & non-blocking) + Java AJP Connector: /docs/config/ajp.html + APR (HTTP/AJP) Connector: /docs/apr.html + Define a non-SSL/TLS HTTP/1.1 Connector on port 8080 + --> + <Connector port="8080" protocol="HTTP/1.1" + connectionTimeout="20000" + redirectPort="8443" /> + <!-- A "Connector" using the shared thread pool--> + <!-- + <Connector executor="tomcatThreadPool" + port="8080" protocol="HTTP/1.1" + connectionTimeout="20000" + redirectPort="8443" /> + --> + <!-- Define a SSL/TLS HTTP/1.1 Connector on port 8443 + This connector uses the NIO implementation that requires the JSSE + style configuration. When using the APR/native implementation, the + OpenSSL style configuration is required as described in the APR/native + documentation --> + <!-- + <Connector port="8443" protocol="org.apache.coyote.http11.Http11NioProtocol" + maxThreads="150" SSLEnabled="true" scheme="https" secure="true" + clientAuth="false" sslProtocol="TLS" /> + --> + + <Connector port="8443" protocol="org.apache.coyote.http11.Http11NioProtocol" + maxThreads="150" SSLEnabled="true" scheme="https" secure="true" + keystoreFile="keystoreONAP.keystore" keystorePass="changeit" + clientAuth="false" sslProtocol="TLS" /> + + <!-- Define an AJP 1.3 Connector on port 8009 --> + <Connector port="8009" protocol="AJP/1.3" redirectPort="8443" /> + + + <!-- An Engine represents the entry point (within Catalina) that processes + every request. The Engine implementation for Tomcat stand alone + analyzes the HTTP headers included with the request, and passes them + on to the appropriate Host (virtual host). + Documentation at /docs/config/engine.html --> + + <!-- You should set jvmRoute to support load-balancing via AJP ie : + <Engine name="Catalina" defaultHost="localhost" jvmRoute="jvm1"> + --> + <Engine name="Catalina" defaultHost="localhost"> + + <!--For clustering, please take a look at documentation at: + /docs/cluster-howto.html (simple how to) + /docs/config/cluster.html (reference documentation) --> + <!-- + <Cluster className="org.apache.catalina.ha.tcp.SimpleTcpCluster"/> + --> + + <!-- Use the LockOutRealm to prevent attempts to guess user passwords + via a brute-force attack --> + <Realm className="org.apache.catalina.realm.LockOutRealm"> + <!-- This Realm uses the UserDatabase configured in the global JNDI + resources under the key "UserDatabase". Any edits + that are performed against this UserDatabase are immediately + available for use by the Realm. --> + <Realm className="org.apache.catalina.realm.UserDatabaseRealm" + resourceName="UserDatabase"/> + </Realm> + + <Host name="localhost" appBase="webapps" + unpackWARs="true" autoDeploy="true"> + + <!-- SingleSignOn valve, share authentication between web applications + Documentation at: /docs/config/valve.html --> + <!-- + <Valve className="org.apache.catalina.authenticator.SingleSignOn" /> + --> + + <!-- Access log processes all example. + Documentation at: /docs/config/valve.html + Note: The pattern used is equivalent to using pattern="common" --> + <Valve className="org.apache.catalina.valves.AccessLogValve" directory="logs" + prefix="localhost_access_log" suffix=".txt" + pattern="%h %l %u %t "%r" %s %b" /> + + </Host> + </Engine> + </Service> +</Server>
\ No newline at end of file diff --git a/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/service/ApplicationsRestClientServiceImpl.java b/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/service/ApplicationsRestClientServiceImpl.java index 5a354f3a..54b915fe 100644 --- a/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/service/ApplicationsRestClientServiceImpl.java +++ b/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/service/ApplicationsRestClientServiceImpl.java @@ -207,8 +207,8 @@ public class ApplicationsRestClientServiceImpl implements ApplicationsRestClient client.header(SystemProperties.USERAGENT_NAME, EPCommonSystemProperties.ECOMP_PORTAL_BE); logger.debug(EELFLoggerDelegate.debugLogger, - String.format("App %d found, baseUri=[%s], Headers: [%s=%s, %s=%s, %s=%s]", appSystemId, appBaseUri, - APP_USERNAME_HEADER, username, PASSWORD_HEADER, encriptedPwd, BASIC_AUTHENTICATION_HEADER, encodingStr)); + String.format("App %d found, baseUri=[%s], Headers: [%s=%s]", appSystemId, appBaseUri, + APP_USERNAME_HEADER, username)); return client; } diff --git a/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/service/ExternalAccessRolesServiceImpl.java b/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/service/ExternalAccessRolesServiceImpl.java index a77b9589..f83a8e34 100644 --- a/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/service/ExternalAccessRolesServiceImpl.java +++ b/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/service/ExternalAccessRolesServiceImpl.java @@ -2,7 +2,7 @@ * ============LICENSE_START========================================== * ONAP Portal * =================================================================== - * Copyright (C) 2017 AT&T Intellectual Property. All rights reserved. + * Copyright (C) 2017-2018 AT&T Intellectual Property. All rights reserved. * =================================================================== * * Unless otherwise specified, all software contained herein is licensed @@ -42,7 +42,6 @@ import java.util.ArrayList; import java.util.HashMap; import java.util.HashSet; import java.util.Iterator; -import java.util.LinkedHashMap; import java.util.List; import java.util.Map; import java.util.Set; @@ -53,7 +52,6 @@ import java.util.stream.Collectors; import org.apache.commons.codec.DecoderException; import org.apache.commons.codec.binary.Hex; -import org.apache.commons.lang.StringUtils; import org.hibernate.Query; import org.hibernate.Session; import org.hibernate.SessionFactory; @@ -99,7 +97,6 @@ import org.onap.portalapp.portal.transport.ExternalAccessRolePerms; import org.onap.portalapp.portal.transport.ExternalAccessUser; import org.onap.portalapp.portal.transport.ExternalAccessUserRoleDetail; import org.onap.portalapp.portal.transport.ExternalRequestFieldsValidator; -import org.onap.portalapp.portal.transport.ExternalRoleDescription; import org.onap.portalapp.portal.transport.GlobalRoleWithApplicationRoleFunction; import org.onap.portalapp.portal.transport.LocalRole; import org.onap.portalapp.portal.utils.EPCommonSystemProperties; @@ -157,8 +154,6 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic private static final String FUNCTION_PIPE = "|"; - private static final String IS_NULL_STRING = "null"; - private static final String EXTERNAL_AUTH_PERMS = "perms"; private static final String EXTERNAL_AUTH_ROLE_DESCRIPTION = "description"; @@ -167,18 +162,10 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic private static final String CONNECTING_TO_EXTERNAL_AUTH_SYSTEM_LOG_MESSAGE = "Connecting to External Auth system"; - private static final String APP_ROLE_ID = "appRoleId"; - private static final String APP_ID = "appId"; - private static final String PRIORITY = "priority"; - - private static final String ACTIVE = "active"; - private static final String ROLE_NAME = "name"; - private static final String ID = "id"; - private static final String APP_ID_EQUALS = " app_id = "; private static EELFLoggerDelegate logger = EELFLoggerDelegate.getLogger(ExternalAccessRolesServiceImpl.class); @@ -315,12 +302,10 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic * @throws Exception * If updateRoleInExternalSystem fails we catch it in logger for detail message */ - @SuppressWarnings("unchecked") private boolean updateRoleInExternalSystem(Role updateExtRole, EPApp app, boolean isGlobalRole) throws Exception { boolean response = false; ObjectMapper mapper = new ObjectMapper(); ResponseEntity<String> deleteResponse = null; - HttpHeaders headers = EcompPortalUtils.base64encodeKeyForAAFBasicAuth(); List<EPRole> epRoleList = null; if (app.getId().equals(PortalConstants.PORTAL_APP_ID) || (isGlobalRole && !app.getId().equals(PortalConstants.PORTAL_APP_ID))) { @@ -328,7 +313,6 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic } else { epRoleList = getPartnerAppRoleInfo(updateExtRole.getId(), app); } - // Assigning functions to global role if ((isGlobalRole && !app.getId().equals(PortalConstants.PORTAL_APP_ID))) { List<RoleFunction> globalRoleFunctionListNew = convertSetToListOfRoleFunctions(updateExtRole); @@ -360,86 +344,29 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic list = mapper.readValue(perms.toString(), TypeFactory.defaultInstance() .constructCollectionType(List.class, ExternalAccessPerms.class)); } - ExternalRoleDescription sysRoleList = mapper.readValue(desc, ExternalRoleDescription.class); // If role name or role functions are updated then delete // record in External System and add new record to avoid // conflicts - Boolean existingRoleActive; - boolean isActiveValueChanged; - // check role active status - existingRoleActive = new Boolean(sysRoleList.getActive()); - isActiveValueChanged = existingRoleActive.equals(updateExtRole.getActive()); boolean isRoleNameChanged = false; - if (!sysRoleList.getName().equals(updateExtRole.getName())) { + if (!desc.equals(updateExtRole.getName())) { isRoleNameChanged = true; - Map<String, String> delRoleKeyMapper = new HashMap<>(); - delRoleKeyMapper.put(ROLE_NAME, name); - String delRoleKeyValue = mapper.writeValueAsString(delRoleKeyMapper); - deleteResponse = deleteRoleInExternalSystem(delRoleKeyValue); - if (deleteResponse.getStatusCode().value() != 200) { - logger.error(EELFLoggerDelegate.errorLogger, - "updateRoleInExternalSystem: Failed to delete role in external system due to {} ", - deleteResponse.getBody()); - throw new ExternalAuthSystemException(deleteResponse.getBody()); - } + deleteRoleInExtSystem(mapper, name); addRole(updateExtRole, app.getUebKey()); // add partner functions to the global role in External Auth System - if(!list.isEmpty() && isGlobalRole){ - addPartnerHasRoleFunctionsToGlobalRole(list, mapper, app, updateExtRole); + if (!list.isEmpty() && isGlobalRole) { + addPartnerHasRoleFunctionsToGlobalRole(list, mapper, app, updateExtRole); } - list.removeIf(perm -> EcompPortalUtils.checkNameSpaceMatching(perm.getType(), app.getNameSpace())); - // if role name is changes please ignore the previous functions in External Auth and update with user requested functions - addRemoveFunctionsToRole(updateExtRole, app, mapper, roleFunctionListNew, name, - list); + list.removeIf( + perm -> EcompPortalUtils.checkNameSpaceMatching(perm.getType(), app.getNameSpace())); + // if role name is changes please ignore the previous functions in External Auth + // and update with user requested functions + addRemoveFunctionsToRole(updateExtRole, app, mapper, roleFunctionListNew, name, list); } - boolean checkPriorityStatus = StringUtils.equals(String.valueOf(sysRoleList.getPriority()), - String.valueOf(updateExtRole.getPriority())); - ExternalAccessRole updateRole = new ExternalAccessRole(); - if (!isActiveValueChanged || !checkPriorityStatus || sysRoleList.getId().equals(IS_NULL_STRING) - || !sysRoleList.getId().equals(String.valueOf(epRoleList.get(0).getId()))) { - String updateDesc = ""; - List<EPRole> getRole; - final Map<String, String> getAppRoleByName = new HashMap<>(); - getAppRoleByName.put(APP_ROLE_NAME_PARAM, updateExtRole.getName()); - if (app.getId().equals(PortalConstants.PORTAL_APP_ID)) { - getRole = dataAccessService.executeNamedQuery(GET_PORTAL_APP_ROLES_QUERY, getAppRoleByName, - null); - } else { - getAppRoleByName.put("appId", String.valueOf(app.getId())); - getRole = dataAccessService.executeNamedQuery(GET_ROLE_TO_UPDATE_IN_EXTERNAL_AUTH_SYSTEM, - getAppRoleByName, null); - } - Map<String, String> extSystemUpdateRoleJsonMapper = new LinkedHashMap<>(); - extSystemUpdateRoleJsonMapper.put(ID, String.valueOf(getRole.get(0).getId())); - extSystemUpdateRoleJsonMapper.put(ROLE_NAME, String.valueOf(updateExtRole.getName())); - extSystemUpdateRoleJsonMapper.put(ACTIVE, String.valueOf(updateExtRole.getActive())); - extSystemUpdateRoleJsonMapper.put(PRIORITY, String.valueOf(updateExtRole.getPriority())); - if (app.getId().equals(PortalConstants.PORTAL_APP_ID)) { - extSystemUpdateRoleJsonMapper.put(APP_ID, "null"); - extSystemUpdateRoleJsonMapper.put(APP_ROLE_ID, "null"); - } else { - extSystemUpdateRoleJsonMapper.put(APP_ID, String.valueOf(app.getId())); - extSystemUpdateRoleJsonMapper.put(APP_ROLE_ID, - String.valueOf(getRole.get(0).getAppRoleId())); - - } - updateDesc = mapper.writeValueAsString(extSystemUpdateRoleJsonMapper); - updateRole.setName(app.getNameSpace() + "." + updateExtRole.getName().replaceAll( - EcompPortalUtils.EXTERNAL_CENTRAL_AUTH_ROLE_HANDLE_SPECIAL_CHARACTERS, "_")); - updateRole.setDescription(updateDesc); - String updateRoleDesc = mapper.writeValueAsString(updateRole); - HttpEntity<String> entity = new HttpEntity<>(updateRoleDesc, headers); - logger.debug(EELFLoggerDelegate.debugLogger, "updateRoleInExternalSystem: {} for PUT: {}", - CONNECTING_TO_EXTERNAL_AUTH_SYSTEM_LOG_MESSAGE, updateRoleDesc); - ResponseEntity<String> updatePermsResponse = template.exchange( - SystemProperties.getProperty(EPCommonSystemProperties.EXTERNAL_CENTRAL_ACCESS_URL) - + "role", - HttpMethod.PUT, entity, String.class); - logger.debug(EELFLoggerDelegate.debugLogger, - "updateRoleInExternalSystem: Finished updating in External Auth system {} and status code: {} ", - updateRoleDesc, updatePermsResponse.getStatusCode().value()); + // Delete role in External System if role is inactive + if (!updateExtRole.getActive()) { + deleteRoleInExtSystem(mapper, name); } - if(!isRoleNameChanged) { + if (!isRoleNameChanged) { response = addRemoveFunctionsToRole(updateExtRole, app, mapper, roleFunctionListNew, name, list); } @@ -447,17 +374,41 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic } else { // It seems like role exists in local DB but not in External // Access system - addRole(updateExtRole, app.getUebKey()); - List<RoleFunction> roleFunctionListUpdate = convertSetToListOfRoleFunctions(updateExtRole); - response = true; - if (!roleFunctionListUpdate.isEmpty()) { - addRoleFunctionsInExternalSystem(updateExtRole, mapper, app); + if (updateExtRole.getActive()) { + addRole(updateExtRole, app.getUebKey()); + ExternalAccessRolePerms extAddRolePerms = null; + ExternalAccessPerms extAddPerms = null; + List<RoleFunction> roleFunctionListAdd = convertSetToListOfRoleFunctions(updateExtRole); + HttpHeaders headers = EcompPortalUtils.base64encodeKeyForAAFBasicAuth(); + for (RoleFunction roleFunc : roleFunctionListAdd) { + extAddPerms = new ExternalAccessPerms(app.getNameSpace() + "." + roleFunc.getType(), + roleFunc.getCode(), roleFunc.getAction()); + extAddRolePerms = new ExternalAccessRolePerms(extAddPerms, + app.getNameSpace() + "." + updateExtRole.getName().replaceAll( + EcompPortalUtils.EXTERNAL_CENTRAL_AUTH_ROLE_HANDLE_SPECIAL_CHARACTERS, "_")); + response = addRoleFuncExtSysRestAPI(mapper, extAddRolePerms, headers); + } } } } return response; } + private void deleteRoleInExtSystem(ObjectMapper mapper, String name) + throws JsonProcessingException, Exception, ExternalAuthSystemException { + ResponseEntity<String> deleteResponse; + Map<String, String> delRoleKeyMapper = new HashMap<>(); + delRoleKeyMapper.put(ROLE_NAME, name); + String delRoleKeyValue = mapper.writeValueAsString(delRoleKeyMapper); + deleteResponse = deleteRoleInExternalSystem(delRoleKeyValue); + if (deleteResponse.getStatusCode().value() != 200) { + logger.error(EELFLoggerDelegate.errorLogger, + "updateRoleInExternalSystem: Failed to delete role in external system due to {} ", + deleteResponse.getBody()); + throw new ExternalAuthSystemException(deleteResponse.getBody()); + } + } + private boolean addRemoveFunctionsToRole(Role updateExtRole, EPApp app, ObjectMapper mapper, List<RoleFunction> roleFunctionListNew, String name, List<ExternalAccessPerms> list) throws Exception { boolean response; @@ -701,54 +652,23 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic } } - /** - * - * It adds functions to the role in external auth system - * - * @param updateExtRole - * @param addPermsMapper - * @param app - * @return true if success else false - * @throws Exception - */ - private boolean addRoleFunctionsInExternalSystem(Role updateExtRole, ObjectMapper addPermsMapper, EPApp app) - throws Exception { - boolean response = false; - ExternalAccessRolePerms extAddRolePerms = null; - ExternalAccessPerms extAddPerms = null; - List<RoleFunction> roleFunctionListAdd = convertSetToListOfRoleFunctions(updateExtRole); - HttpHeaders headers = EcompPortalUtils.base64encodeKeyForAAFBasicAuth(); - for (RoleFunction roleFunc : roleFunctionListAdd) { - String code = ""; - String type= ""; - String action = ""; - if (roleFunc.getCode().contains(FUNCTION_PIPE)) { - code = EcompPortalUtils.getFunctionCode(roleFunc.getCode()); - type = getFunctionCodeType(roleFunc.getCode()); - action = getFunctionCodeAction(roleFunc.getCode()); - } else { - code = roleFunc.getCode(); - type = roleFunc.getCode().contains("menu") ? "menu" : "url"; - action = "*"; - } - extAddPerms = new ExternalAccessPerms(app.getNameSpace() + "." + type, code, action); - extAddRolePerms = new ExternalAccessRolePerms(extAddPerms, - app.getNameSpace() + "." + updateExtRole.getName().replaceAll(EcompPortalUtils.EXTERNAL_CENTRAL_AUTH_ROLE_HANDLE_SPECIAL_CHARACTERS, "_")); - String updateRolePerms = addPermsMapper.writeValueAsString(extAddRolePerms); - HttpEntity<String> entity = new HttpEntity<>(updateRolePerms, headers); - logger.debug(EELFLoggerDelegate.debugLogger, "addRoleFunctionsInExternalSystem: {} for POST: {} " , CONNECTING_TO_EXTERNAL_AUTH_SYSTEM_LOG_MESSAGE, updateRolePerms); - ResponseEntity<String> addResponse = template.exchange( - SystemProperties.getProperty(EPCommonSystemProperties.EXTERNAL_CENTRAL_ACCESS_URL) + "role/perm", - HttpMethod.POST, entity, String.class); - if (addResponse.getStatusCode().value() != 201) { - response = false; - logger.debug(EELFLoggerDelegate.debugLogger, - "addRoleFunctionsInExternalSystem: While adding permission to the role in External Auth system something went wrong! due to {} and statuscode: {}", - addResponse.getStatusCode().getReasonPhrase(), addResponse.getStatusCode().value()); - } else { - response = true; - logger.debug(EELFLoggerDelegate.debugLogger, "addRoleFunctionsInExternalSystem: Finished adding permissions to roles in External Auth system {} and status code: {} ", updateRolePerms, addResponse.getStatusCode().value()); - } + private boolean addRoleFuncExtSysRestAPI(ObjectMapper addPermsMapper, ExternalAccessRolePerms extAddRolePerms, + HttpHeaders headers) throws JsonProcessingException { + boolean response; + String updateRolePerms = addPermsMapper.writeValueAsString(extAddRolePerms); + HttpEntity<String> entity = new HttpEntity<>(updateRolePerms, headers); + logger.debug(EELFLoggerDelegate.debugLogger, "addRoleFunctionsInExternalSystem: {} for POST: {} " , CONNECTING_TO_EXTERNAL_AUTH_SYSTEM_LOG_MESSAGE, updateRolePerms); + ResponseEntity<String> addResponse = template.exchange( + SystemProperties.getProperty(EPCommonSystemProperties.EXTERNAL_CENTRAL_ACCESS_URL) + "role/perm", + HttpMethod.POST, entity, String.class); + if (addResponse.getStatusCode().value() != 201 && addResponse.getStatusCode().value() != 409) { + response = false; + logger.debug(EELFLoggerDelegate.debugLogger, + "addRoleFunctionsInExternalSystem: While adding permission to the role in External Auth system something went wrong! due to {} and statuscode: {}", + addResponse.getStatusCode().getReasonPhrase(), addResponse.getStatusCode().value()); + } else { + response = true; + logger.debug(EELFLoggerDelegate.debugLogger, "addRoleFunctionsInExternalSystem: Finished adding permissions to roles in External Auth system {} and status code: {} ", updateRolePerms, addResponse.getStatusCode().value()); } return response; } @@ -823,17 +743,8 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic ObjectMapper mapper = new ObjectMapper(); String addNewRole = ""; ExternalAccessRole extRole = new ExternalAccessRole(); - String addDesc = null; - Map<String, String> extSystemJsonMapper = new LinkedHashMap<>(); - extSystemJsonMapper.put(ID, String.valueOf(newRole.get(0).getId())); - extSystemJsonMapper.put(ROLE_NAME, String.valueOf(newRole.get(0).getName())); - extSystemJsonMapper.put(ACTIVE, String.valueOf(newRole.get(0).getActive())); - extSystemJsonMapper.put(PRIORITY, String.valueOf(newRole.get(0).getPriority())); - extSystemJsonMapper.put(APP_ID, String.valueOf(newRole.get(0).getAppId())); - extSystemJsonMapper.put(APP_ROLE_ID, String.valueOf(newRole.get(0).getAppRoleId())); - addDesc = mapper.writeValueAsString(extSystemJsonMapper); extRole.setName(app.getNameSpace() + "." + newRole.get(0).getName().replaceAll(EcompPortalUtils.EXTERNAL_CENTRAL_AUTH_ROLE_HANDLE_SPECIAL_CHARACTERS, "_")); - extRole.setDescription(addDesc); + extRole.setDescription(String.valueOf(newRole.get(0).getName())); addNewRole = mapper.writeValueAsString(extRole); HttpEntity<String> postEntity = new HttpEntity<>(addNewRole, headers); logger.debug(EELFLoggerDelegate.debugLogger, "addNewRoleInExternalSystem: {} for POST: {} " , CONNECTING_TO_EXTERNAL_AUTH_SYSTEM_LOG_MESSAGE, addNewRole); @@ -1258,13 +1169,11 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic */ @SuppressWarnings("unchecked") private CentralV2User createEPUser(EPUser userInfo, Set<EPUserApp> userAppSet, EPApp app) throws Exception { - final Map<String, Long> params = new HashMap<>(); CentralV2User userAppList = new CentralV2User(); CentralV2User user1 = null; final Map<String, Long> params1 = new HashMap<>(); List<EPRole> globalRoleList = new ArrayList<>(); - try { if (app.getId() != PortalConstants.PORTAL_APP_ID) { params1.put("userId", userInfo.getId()); @@ -1781,7 +1690,7 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic String deleteRoleKey = "{\"name\":\"" + app.getNameSpace() + "." + epRoleList.get(0).getName() .replaceAll(EcompPortalUtils.EXTERNAL_CENTRAL_AUTH_ROLE_HANDLE_SPECIAL_CHARACTERS, "_") + "\"}"; deleteResponse = deleteRoleInExternalSystem(deleteRoleKey); - if (deleteResponse.getStatusCode().value() != 200 || deleteResponse.getStatusCode().value() != 404) { + if (deleteResponse.getStatusCode().value() != 200 && deleteResponse.getStatusCode().value() != 404) { EPLogUtil.logExternalAuthAccessAlarm(logger, deleteResponse.getStatusCode()); logger.error(EELFLoggerDelegate.errorLogger, "deleteRoleForApplication: Failed to delete role in external auth system! due to {} ", @@ -2190,7 +2099,8 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic if (extPerms.getJSONObject(i).has("description")) { description = extPerms.getJSONObject(i).getString(EXTERNAL_AUTH_ROLE_DESCRIPTION); } else { - description = extPerms.getJSONObject(i).getString("instance"); + description = extPerms.getJSONObject(i).getString("type")+"|"+extPerms.getJSONObject(i).getString("instance") + +"|"+extPerms.getJSONObject(i).getString("action"); } if (extPerms.getJSONObject(i).has("roles")) { ObjectMapper rolesListMapper = new ObjectMapper(); @@ -2341,7 +2251,7 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic roleParams.put(APP_ROLE_NAME_PARAM, role); List<EPRole> roleCreated = null; if (app.getId().equals(PortalConstants.PORTAL_APP_ID)) { - roleCreated = dataAccessService.executeNamedQuery(GET_ROLE_TO_UPDATE_IN_EXTERNAL_AUTH_SYSTEM, roleParams, + roleCreated = dataAccessService.executeNamedQuery(GET_PORTAL_APP_ROLES_QUERY, roleParams, null); } else { roleParams.put("appId", String.valueOf(app.getId())); @@ -2710,6 +2620,7 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic JSONArray extRole = getAppRolesJSONFromExtAuthSystem(app); logger.debug(EELFLoggerDelegate.debugLogger, "Entering into getExternalRoleDetailsList"); + //refactoring done List<ExternalRoleDetails> externalRoleDetailsList = getExternalRoleDetailsList(app, mapper, extRole); @@ -2899,20 +2810,17 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic ObjectMapper mapper, JSONArray extRole) throws IOException { List<ExternalRoleDetails> externalRoleDetailsList = new ArrayList<>(); - ExternalRoleDescription ApplicationRole = new ExternalRoleDescription(); ExternalAccessPerms externalAccessPerms = new ExternalAccessPerms(); List<String> functionCodelist = new ArrayList<>(); Map<String, EPRole> curRolesMap = getCurrentRolesInDB(app); - for (int i = 0; i < extRole.length(); i++) { ExternalRoleDetails externalRoleDetail = new ExternalRoleDetails(); EPAppRoleFunction ePAppRoleFunction = new EPAppRoleFunction(); JSONObject Role = (JSONObject) extRole.get(i); - String roleName = extRole.getJSONObject(i).getString(ROLE_NAME); - ApplicationRole.setName(roleName.substring(app.getNameSpace().length() + 1)); + String name = extRole.getJSONObject(i).getString(ROLE_NAME); + String actualRoleName = name.substring(app.getNameSpace().length() + 1); if (extRole.getJSONObject(i).has(EXTERNAL_AUTH_ROLE_DESCRIPTION)) { - String desc = extRole.getJSONObject(i).getString(EXTERNAL_AUTH_ROLE_DESCRIPTION); - ApplicationRole.setName(desc); + actualRoleName = extRole.getJSONObject(i).getString(EXTERNAL_AUTH_ROLE_DESCRIPTION); } SortedSet<ExternalAccessPerms> externalAccessPermsOfRole = new TreeSet<>(); if (extRole.getJSONObject(i).has(EXTERNAL_AUTH_PERMS)) { @@ -2932,14 +2840,14 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic } } externalRoleDetail.setActive(true); - externalRoleDetail.setName(ApplicationRole.getName()); + externalRoleDetail.setName(actualRoleName); if (app.getId() == 1) { externalRoleDetail.setAppId(null); } else { externalRoleDetail.setAppId(app.getId()); } // get role functions from DB - EPRole currRole = curRolesMap.get(ApplicationRole.getName() + EPRole currRole = curRolesMap.get(actualRoleName .replaceAll(EcompPortalUtils.EXTERNAL_CENTRAL_AUTH_ROLE_HANDLE_SPECIAL_CHARACTERS, "_")); Long roleId = null; if (currRole != null) @@ -3045,6 +2953,9 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic logger.debug(EELFLoggerDelegate.debugLogger, "syncApplicationRolesWithEcompDB: Finished GET roles from External Auth system and the result is :", res); + if(res == null || res.trim().isEmpty()) + return null; + JSONObject jsonObj = new JSONObject(res); JSONArray extRole = jsonObj.getJSONArray("userRole"); diff --git a/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/service/UserRolesCommonServiceImpl.java b/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/service/UserRolesCommonServiceImpl.java index 2eb7c948..b0dd4a21 100644 --- a/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/service/UserRolesCommonServiceImpl.java +++ b/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/service/UserRolesCommonServiceImpl.java @@ -823,6 +823,72 @@ public class UserRolesCommonServiceImpl { return addRemoteUser; } + + private EPUser pushRemoteUser(List<RoleInAppForUser> roleInAppForUserList, String userId, EPApp app, + ObjectMapper mapper, SearchService searchService, + ApplicationsRestClientService applicationsRestClientService) throws Exception { + EPUser addRemoteUser = null; + if (remoteUserShouldBeCreated(roleInAppForUserList)) { + pushUserOnRemoteApp(userId, app, applicationsRestClientService, searchService, mapper, + isAppUpgradeVersion(app), roleInAppForUserList); + } + return addRemoteUser; + } + + protected void pushUserOnRemoteApp(String userId, EPApp app, + ApplicationsRestClientService applicationsRestClientService, SearchService searchService, + ObjectMapper mapper, boolean postOpenSource, List<RoleInAppForUser> roleInAppForUserList) throws Exception { + + EPUser client = searchService.searchUserByUserId(userId); + + mapper.configure(DeserializationFeature.FAIL_ON_UNKNOWN_PROPERTIES, false); + + if (client == null) { + String msg = "cannot create user " + userId + ", because he/she cannot be found in phonebook."; + logger.error(EELFLoggerDelegate.errorLogger, msg); + throw new Exception(msg); + } + + client.setLoginId(userId); + client.setActive(true); + roleInAppForUserList.removeIf(role -> role.isApplied.equals(false)); + Set<EcompRole> userRolesInRemoteApp = constructUsersRemoteAppRoles(roleInAppForUserList); + SortedSet<Role> roles = new TreeSet<>(); + List<EPRole> getAppRoles = getAppRoles(app.getId()); + for (EcompRole epRole : userRolesInRemoteApp) { + Role role = new Role(); + EPRole appRole = getAppRoles.stream() + .filter(applicationRole -> epRole.getId().equals(applicationRole.getId())) + .findAny() + .orElse(null); + if(appRole != null) + role.setId(appRole.getAppRoleId()); + role.setName(epRole.getName()); + roles.add(role); + } + client.setRoles(roles); + String userInString = null; + userInString = mapper.writerFor(EPUser.class).writeValueAsString(client); + logger.debug(EELFLoggerDelegate.debugLogger, + "about to post a client to remote application, users json = " + userInString); + applicationsRestClientService.post(EPUser.class, app.getId(), userInString, String.format("/user/%s", userId)); + + } + + + public List<EPRole> getAppRoles(Long appId) throws Exception { + List<EPRole> applicationRoles = null; + final Map<String, Long> appParams = new HashMap<>(); + try { + appParams.put("appId", appId); + applicationRoles = dataAccessService.executeNamedQuery("getPartnerAppRolesList", appParams, null); + } catch (Exception e) { + logger.error(EELFLoggerDelegate.errorLogger, "getAppRoles: failed", e); + throw e; + } + return applicationRoles; + } + /** * It checks whether the remote user exists or not * if exits returns user object else null @@ -883,16 +949,12 @@ public class UserRolesCommonServiceImpl { // if centralized app if (app.getCentralAuth()) { if (!app.getId().equals(PortalConstants.PORTAL_APP_ID)) { - try { - addRemoteUser(roleInAppForUserList, userId, app, mapper, searchService, + pushRemoteUser(roleInAppForUserList, userId, app, mapper, searchService, applicationsRestClientService); - } catch (Exception e) { - String message=e.getMessage(); - logger.error(EELFLoggerDelegate.errorLogger, message, e); - } } - Set<EcompRole> userRolesInLocalApp = postUsersRolesToLocalApp(roleInAppForUserList, mapper, + + Set<EcompRole> userRolesInLocalApp = postUsersRolesToLocalApp(roleInAppForUserList, mapper, applicationsRestClientService, appId, userId); RolesInAppForUser rolesInAppForUser = constructRolesInAppForUserUpdate(userId, appId, userRolesInLocalApp); diff --git a/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/transport/ExternalRoleDescription.java b/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/transport/ExternalRoleDescription.java index dd013c78..b9781071 100644 --- a/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/transport/ExternalRoleDescription.java +++ b/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/transport/ExternalRoleDescription.java @@ -39,59 +39,20 @@ package org.onap.portalapp.portal.transport; public class ExternalRoleDescription { - private String id; private String name; - private String active; - private String priority; - private String appId; - private String appRoleId; - public String getId() { - return id; - } - public void setId(String id) { - this.id = id; - } public String getName() { return name; } public void setName(String name) { this.name = name; } - public String getActive() { - return active; - } - public void setActive(String active) { - this.active = active; - } - public String getPriority() { - return priority; - } - public void setPriority(String priority) { - this.priority = priority; - } - public String getAppId() { - return appId; - } - public void setAppId(String appId) { - this.appId = appId; - } - public String getAppRoleId() { - return appRoleId; - } - public void setAppRoleId(String appRoleId) { - this.appRoleId = appRoleId; - } + @Override public int hashCode() { final int prime = 31; int result = 1; - result = prime * result + ((active == null) ? 0 : active.hashCode()); - result = prime * result + ((appId == null) ? 0 : appId.hashCode()); - result = prime * result + ((appRoleId == null) ? 0 : appRoleId.hashCode()); - result = prime * result + ((id == null) ? 0 : id.hashCode()); result = prime * result + ((name == null) ? 0 : name.hashCode()); - result = prime * result + ((priority == null) ? 0 : priority.hashCode()); return result; } @Override @@ -103,38 +64,15 @@ public class ExternalRoleDescription { if (getClass() != obj.getClass()) return false; ExternalRoleDescription other = (ExternalRoleDescription) obj; - if (active == null) { - if (other.active != null) - return false; - } else if (!active.equals(other.active)) - return false; - if (appId == null) { - if (other.appId != null) - return false; - } else if (!appId.equals(other.appId)) - return false; - if (appRoleId == null) { - if (other.appRoleId != null) - return false; - } else if (!appRoleId.equals(other.appRoleId)) - return false; - if (id == null) { - if (other.id != null) - return false; - } else if (!id.equals(other.id)) - return false; if (name == null) { if (other.name != null) return false; } else if (!name.equals(other.name)) return false; - if (priority == null) { - if (other.priority != null) - return false; - } else if (!priority.equals(other.priority)) - return false; return true; } + + } diff --git a/ecomp-portal-BE-common/src/test/java/org/onap/portalapp/portal/transport/ExternalAccessUserRoleDetailTest.java b/ecomp-portal-BE-common/src/test/java/org/onap/portalapp/portal/transport/ExternalAccessUserRoleDetailTest.java index e6d97ec4..1ddadd89 100644 --- a/ecomp-portal-BE-common/src/test/java/org/onap/portalapp/portal/transport/ExternalAccessUserRoleDetailTest.java +++ b/ecomp-portal-BE-common/src/test/java/org/onap/portalapp/portal/transport/ExternalAccessUserRoleDetailTest.java @@ -2,7 +2,7 @@ * ============LICENSE_START========================================== * ONAP Portal * =================================================================== - * Copyright (C) 2017 AT&T Intellectual Property. All rights reserved. + * Copyright (C) 2017-2018 AT&T Intellectual Property. All rights reserved. * =================================================================== * * Unless otherwise specified, all software contained herein is licensed @@ -48,13 +48,7 @@ public class ExternalAccessUserRoleDetailTest { public ExternalAccessUserRoleDetail mockExternalAccessUserRoleDetail(){ ExternalRoleDescription externalRoleDescription = new ExternalRoleDescription(); - externalRoleDescription.setId("test"); externalRoleDescription.setName("test"); - externalRoleDescription.setActive("test"); - externalRoleDescription.setPriority("test"); - externalRoleDescription.setAppId("test"); - externalRoleDescription.setAppRoleId("test"); - ExternalAccessUserRoleDetail externalAccessUserRoleDetail = new ExternalAccessUserRoleDetail("test", externalRoleDescription); externalAccessUserRoleDetail.setName("test"); @@ -67,12 +61,7 @@ public class ExternalAccessUserRoleDetailTest { ExternalAccessUserRoleDetail externalAccessUserRoleDetail = mockExternalAccessUserRoleDetail(); ExternalRoleDescription externalRoleDescription1 = new ExternalRoleDescription(); - externalRoleDescription1.setId("test"); externalRoleDescription1.setName("test"); - externalRoleDescription1.setActive("test"); - externalRoleDescription1.setPriority("test"); - externalRoleDescription1.setAppId("test"); - externalRoleDescription1.setAppRoleId("test"); ExternalAccessUserRoleDetail externalAccessUserRoleDetail1 = new ExternalAccessUserRoleDetail("test", externalRoleDescription1); diff --git a/ecomp-portal-BE-common/src/test/java/org/onap/portalapp/portal/transport/ExternalRoleDescriptionTest.java b/ecomp-portal-BE-common/src/test/java/org/onap/portalapp/portal/transport/ExternalRoleDescriptionTest.java index 6a4b6cab..41ee7fde 100644 --- a/ecomp-portal-BE-common/src/test/java/org/onap/portalapp/portal/transport/ExternalRoleDescriptionTest.java +++ b/ecomp-portal-BE-common/src/test/java/org/onap/portalapp/portal/transport/ExternalRoleDescriptionTest.java @@ -2,7 +2,7 @@ * ============LICENSE_START========================================== * ONAP Portal * =================================================================== - * Copyright (C) 2017 AT&T Intellectual Property. All rights reserved. + * Copyright (C) 2017-2018 AT&T Intellectual Property. All rights reserved. * =================================================================== * * Unless otherwise specified, all software contained herein is licensed @@ -42,7 +42,6 @@ import static org.junit.Assert.assertFalse; import static org.junit.Assert.assertTrue; import org.junit.Test; -import org.onap.portalapp.portal.transport.ExternalRoleDescription; public class ExternalRoleDescriptionTest { @@ -51,49 +50,17 @@ public class ExternalRoleDescriptionTest { @Test public void externalRoleDescriptionTest(){ ExternalRoleDescription extRole=mockExternalRoleDescription(); - ExternalRoleDescription externalRoleDescription = new ExternalRoleDescription(); - externalRoleDescription.setId(extRole.getId()); externalRoleDescription.setName(extRole.getName()); - externalRoleDescription.setActive(extRole.getActive()); - externalRoleDescription.setPriority(extRole.getPriority()); - externalRoleDescription.setAppId(extRole.getAppId()); - externalRoleDescription.setAppRoleId(extRole.getAppRoleId()); - - assertEquals(externalRoleDescription.getId(), TEST); assertEquals(externalRoleDescription.getName(), TEST); - assertEquals(externalRoleDescription.getActive(), TEST); - assertEquals(externalRoleDescription.getPriority(), TEST); - assertEquals(externalRoleDescription.getAppId(), TEST); - assertEquals(externalRoleDescription.getAppRoleId(), TEST); assertEquals(externalRoleDescription.hashCode(), extRole.hashCode()); assertTrue(externalRoleDescription.equals(extRole)); - - assertFalse(externalRoleDescription.equals(null)); - externalRoleDescription.setPriority(null); - assertFalse(externalRoleDescription.equals(extRole)); externalRoleDescription.setName(null); assertFalse(externalRoleDescription.equals(extRole)); - externalRoleDescription.setId(null); - assertFalse(externalRoleDescription.equals(extRole)); - externalRoleDescription.setAppRoleId(null); - assertFalse(externalRoleDescription.equals(extRole)); - externalRoleDescription.setAppId(null); - assertFalse(externalRoleDescription.equals(extRole)); - externalRoleDescription.setActive(null); - assertFalse(externalRoleDescription.equals(extRole)); } private ExternalRoleDescription mockExternalRoleDescription(){ - ExternalRoleDescription externalRoleDescription = new ExternalRoleDescription(); - - externalRoleDescription.setId(TEST); externalRoleDescription.setName(TEST); - externalRoleDescription.setActive(TEST); - externalRoleDescription.setPriority(TEST); - externalRoleDescription.setAppId(TEST); - externalRoleDescription.setAppRoleId(TEST); - return externalRoleDescription; } diff --git a/ecomp-portal-BE-os/README.md b/ecomp-portal-BE-os/README.md index 682dbfce..7f4358f4 100644 --- a/ecomp-portal-BE-os/README.md +++ b/ecomp-portal-BE-os/README.md @@ -44,6 +44,8 @@ Version 2.2 - [Portal-220] Fix to delete a portal admin, removed the OS test case - [Portal-248] Id value fix in in Add App Account Management modal - [Portal-211] High memory Usage by Portal, SDK, Cassandra +- [Portal-202] Remove files that have GPL or other license issues - b2b-library.min.js +- [Portal-432]Push userroles even if the app is centralized(ASDC) Version 1.1.0 (Amsterdam), November 2017 - [Portal-6] Updates to License and Trademark in the PORTAL Source Code diff --git a/ecomp-portal-BE-os/src/main/java/org/onap/portalapp/conf/ExternalAppConfig.java b/ecomp-portal-BE-os/src/main/java/org/onap/portalapp/conf/ExternalAppConfig.java index e9c48251..ac7c3f72 100644 --- a/ecomp-portal-BE-os/src/main/java/org/onap/portalapp/conf/ExternalAppConfig.java +++ b/ecomp-portal-BE-os/src/main/java/org/onap/portalapp/conf/ExternalAppConfig.java @@ -162,23 +162,15 @@ public class ExternalAppConfig extends AppConfig implements Configurable { MDC.put(MDC_ALERT_SEVERITY, AlarmSeverityEnum.INFORMATIONAL.severity()); MDC.put(MDC_INSTANCE_UUID, SystemProperties.getProperty(SystemProperties.INSTANCE_UUID)); - // if("true".equalsIgnoreCase(remotecentralizedsystemaccess)){ - // importFromExternalAuth(); - // } + if("true".equalsIgnoreCase(remotecentralizedsystemaccess)){ + importFromExternalAuth(); + } } catch (Exception e) { logger.error(EELFLoggerDelegate.errorLogger, "init failed", e); } } - /** - * Does a sync on functions, roles and role functions based on namespace - * for all the centralized applications between AAF and ONAP, updates - * fn_user and fn_user_role with user information from AAF. - * - * This is being handled in AAF directly, so it has been deprecated - * - */ - @Deprecated + private void importFromExternalAuth() throws Exception { JSONArray aafAppRoles = new JSONArray(); JSONArray aafUserList = new JSONArray(); @@ -195,8 +187,8 @@ public class ExternalAppConfig extends AppConfig implements Configurable { for(int j = 0; j < aafAppRoles.length(); j++){ ObjectMapper mapper = new ObjectMapper(); String name = aafAppRoles.getJSONObject(j).getString("name"); - String desc = aafAppRoles.getJSONObject(j).getString("description"); - ExternalRoleDescription externalRoleDescription = mapper.readValue(desc, ExternalRoleDescription.class); + //String desc = aafAppRoles.getJSONObject(j).getString("description"); + //ExternalRoleDescription externalRoleDescription = mapper.readValue(desc, ExternalRoleDescription.class); aafUserList = externalAccessRolesService.getAllUsersByRole(name); if(aafUserList != null && aafUserList.length() > 0){ for(int k = 0; k < aafUserList.length(); k++){ diff --git a/ecomp-portal-BE-os/src/main/resources/music.properties b/ecomp-portal-BE-os/src/main/resources/music.properties index fdf6e499..87c4c942 100644 --- a/ecomp-portal-BE-os/src/main/resources/music.properties +++ b/ecomp-portal-BE-os/src/main/resources/music.properties @@ -12,19 +12,19 @@ music.atomic.put = false music.cleanup.frequency = 6 #how old of session need to be cleaned up (hour) music.cleanup.threshold = 10 -cassandra.host=135.197.226.103 -zookeeper.host=135.197.226.103, 135.197.226.108, 135.197.226.119 +cassandra.host=localhost +zookeeper.host=localhost cassandra.user=cassandra cassandra.password=cassandra #Music API -#music.endpoint = http://vm-ep-dev4.research.att.com/MUSIC/rest/ +#music.endpoint = localhost #music.version = v2 #music.keyspace = keyspaces #music.x.minor.version = 3 #music.x.patch.version = 0 -#music.ns = com.att.ecomp.portal.demeter -#music.user.id = m00468@portal.ecomp.att.com -#music.password = friedG33nS- +#music.ns = org.onap.portal +#music.user.id = xxxxxx@portal.onap.org +#music.password = xxxxxx #music.consistency.info = type #music.consistency.info.value = eventual
\ No newline at end of file diff --git a/ecomp-portal-FE-common/client/app/views/role/role-list-controller.js b/ecomp-portal-FE-common/client/app/views/role/role-list-controller.js index acfb25e0..0ae218c4 100644 --- a/ecomp-portal-FE-common/client/app/views/role/role-list-controller.js +++ b/ecomp-portal-FE-common/client/app/views/role/role-list-controller.js @@ -2,7 +2,7 @@ * ============LICENSE_START========================================== * ONAP Portal * =================================================================== - * Copyright (C) 2017 AT&T Intellectual Property. All rights reserved. + * Copyright (C) 2017-2018 AT&T Intellectual Property. All rights reserved. * =================================================================== * * Unless otherwise specified, all software contained herein is licensed @@ -217,6 +217,8 @@ app.controller('roleListController', function ($scope,RoleService, applicationsS // edit Role $scope.editRoleModalPopup = function(appId, availableRole) { + if(!availableRole.active) + return confirmBoxService.showInformation('Edit is disabled! Please toggle the role to activate it.').then(isConfirmed => {}); $scope.editRole = availableRole; if(appId != undefined && availableRole.id != undefined){ RoleService.getRole(appId, availableRole.id).then(function(data){ diff --git a/ecomp-portal-FE-common/client/app/views/role/role_list.html b/ecomp-portal-FE-common/client/app/views/role/role_list.html index b082c3ea..34244b5f 100644 --- a/ecomp-portal-FE-common/client/app/views/role/role_list.html +++ b/ecomp-portal-FE-common/client/app/views/role/role_list.html @@ -93,7 +93,7 @@ </div> </td> <td b2b-table-body id="{{$index}}-button-edit-role" class="icon-misc-pen" ng-click="editRoleModalPopup(apps.selectedCentralizedApp, rowData)"></td> - <td ng-if="apps.selectedCentralizedApp != 1" b2b-table-body class="icon-trash" ng-click="removeRole(apps.selectedCentralizedApp, rowData)"></td> + <td ng-if="apps.selectedCentralizedApp != 1" b2b-table-body class="icon-misc-trash" ng-click="removeRole(apps.selectedCentralizedApp, rowData)"></td> </tr> </tbody> </table> diff --git a/ecomp-portal-FE-os/client/configurations/dev.json b/ecomp-portal-FE-os/client/configurations/dev.json index 43b82c76..ec7ca82d 100644 --- a/ecomp-portal-FE-os/client/configurations/dev.json +++ b/ecomp-portal-FE-os/client/configurations/dev.json @@ -98,7 +98,7 @@ "loggedinUser" : "http://localhost:8080/ecompportal/portalApi/loggedinUser", "modifyLoggedinUser" : "http://localhost:8080/ecompportal/portalApi/modifyLoggedinUser", "centralizedApps": "http:/localhost:8080/ecompportal/portalApi/centralizedApps", - "uploadRoleFunction":"http://www.ecomp.att.com:8080/ecompportal-att/portalApi/uploadRoleFunction/:appId" + "uploadRoleFunction":"http://localhost:8080/ecompportal/portalApi/uploadRoleFunction/:appId" }, "cookieDomain": "onap.org" } diff --git a/ecomp-portal-widget-ms/widget-ms/src/main/resources/application.properties b/ecomp-portal-widget-ms/widget-ms/src/main/resources/application.properties new file mode 100644 index 00000000..5116f966 --- /dev/null +++ b/ecomp-portal-widget-ms/widget-ms/src/main/resources/application.properties @@ -0,0 +1,40 @@ +## General App Properties +server.contextPath=/widget +server.port=8082 +spring.http.multipart.max-file-size=128MB +spring.http.multipart.max-request-size=128MB + +## App DB Properties +# +#db.connectionURL = jdbc:mariadb:failover://mtanjv9pord01.aic.cip.att.com:3306/portal +#db.userName = m02549 +#db.password = 9zDXMxxzUG1ay5Dny1Eazw== +#db.encrypt_flag = true +spring.datasource.url=jdbc:mariadb://vm-ep-dev8.client.research.att.com:3306/portal_2_1_att +spring.datasource.username=portal_user +spring.datasource.password=P0rt@l_user +spring.jpa.properties.hibernate.dialect=org.hibernate.dialect.MySQLDialect +spring.database.driver.classname=org.mariadb.jdbc.Driver +spring.jpa.show-sql=false +spring.jpa.properties.hibernate.format_sql=false + +## Basic Authentication Properties +security.user.name=widget_user +security.user.password=widget_pass + +## Initalization setting +initialization.default.widgets=true +initialization.widgetData.url=http://www.ecomp.att.com:8080/ecompportal-att/commonWidgets + +## Account Basic Authentication Properties +account.user.name=portal +account.user.password=6APqvG4AU2rfLgCvMdySwQ== + +## Certificate Properties +#server.ssl.key-store=classpath:widget-keystore.p12 +#server.ssl.key-store-password=ENC(DiIYnAMab4u7rEW2yKhF9zBL00uU55q8) +#server.ssl.keyStoreType=PKCS12 +#server.ssl.keyAlias=widget-microservice + +## Jasypt Properties +jasypt.encryptor.password=EncryptionKey |