diff options
author | hb123f <hbindu@research.att.com> | 2019-03-20 12:20:44 -0400 |
---|---|---|
committer | hb123f <hbindu@research.att.com> | 2019-03-20 14:13:55 -0400 |
commit | a70761c096192e38800bf38d6c7f61f52bf72007 (patch) | |
tree | cdc5264cec030bc7e677ff1d74c939c56ee51d0d /ecomp-portal-BE-common/src/main/java | |
parent | 3992004ee5f2b0b1635e2aef19c375db87079b52 (diff) |
CADI AAF Integration and merging the code
Issue-ID: PORTAL-319
CADI AAF Integration and code merge
Change-Id: I6e44f3b2741858d8d403b77a49ec9a0153084801
Signed-off-by: hb123f <hbindu@research.att.com>
Diffstat (limited to 'ecomp-portal-BE-common/src/main/java')
30 files changed, 1972 insertions, 1154 deletions
diff --git a/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/controller/AppsController.java b/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/controller/AppsController.java index c7246de0..289c8279 100644 --- a/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/controller/AppsController.java +++ b/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/controller/AppsController.java @@ -80,6 +80,9 @@ import org.springframework.web.bind.annotation.RequestMapping; import org.springframework.web.bind.annotation.RequestMethod; import org.springframework.web.bind.annotation.RestController; +import com.fasterxml.jackson.core.JsonProcessingException; +import com.fasterxml.jackson.databind.ObjectMapper; + @RestController @EnableAspectJAutoProxy @EPAuditLog @@ -174,8 +177,8 @@ public class AppsController extends EPRestrictedBaseController { EPUser user = EPUserUtils.getUserSession(request); List<AppIdAndNameTransportModel> adminApps = null; - try { - if (!adminRolesService.isAccountAdmin(user)) { + try { + if (!adminRolesService.isAccountAdmin(user) && !adminRolesService.isRoleAdmin(user) ) { EcompPortalUtils.setBadPermissions(user, response, "getAdminApps"); } else { adminApps = appService.getAdminApps(user); @@ -206,7 +209,7 @@ public class AppsController extends EPRestrictedBaseController { List<AppIdAndNameTransportModel> adminApps = null; try { - if (!adminRolesService.isSuperAdmin(user) && !adminRolesService.isAccountAdmin(user)) { + if (!adminRolesService.isSuperAdmin(user) && !adminRolesService.isAccountAdmin(user) && !adminRolesService.isRoleAdmin(user) ) { EcompPortalUtils.setBadPermissions(user, response, "getAdminApps"); } else { adminApps = appService.getAppsForSuperAdminAndAccountAdmin(user); @@ -689,11 +692,14 @@ public class AppsController extends EPRestrictedBaseController { public FieldsValidator putOnboardingApp(HttpServletRequest request, @RequestBody OnboardingApp modifiedOnboardingApp, HttpServletResponse response) { FieldsValidator fieldsValidator = null; + EPUser user = null; + EPApp oldEPApp = null; try { - EPUser user = EPUserUtils.getUserSession(request); + user = EPUserUtils.getUserSession(request); if (!adminRolesService.isSuperAdmin(user)) { EcompPortalUtils.setBadPermissions(user, response, "putOnboardingApp"); } else { + oldEPApp = appService.getApp(modifiedOnboardingApp.id); modifiedOnboardingApp.normalize(); fieldsValidator = appService.modifyOnboardingApp(modifiedOnboardingApp, user); response.setStatus(fieldsValidator.httpStatusCode.intValue()); @@ -701,7 +707,16 @@ public class AppsController extends EPRestrictedBaseController { } catch (Exception e) { logger.error(EELFLoggerDelegate.errorLogger, "putOnboardingApps failed", e); } - + if(response.getStatus()==200) { + try { + String oldvaluesAsJson = new ObjectMapper().writeValueAsString(oldEPApp); + String newvaluesAsJson = new ObjectMapper().writeValueAsString(modifiedOnboardingApp); + logger.info(EELFLoggerDelegate.auditLogger, "/portalApi/onboardingApps, old values ="+oldvaluesAsJson); + logger.info(EELFLoggerDelegate.auditLogger, "/portalApi/onboardingApps, loginId="+user.getLoginId()+", new values ="+newvaluesAsJson); + } catch (JsonProcessingException e) { + logger.error(EELFLoggerDelegate.errorLogger, "putOnboardingApps failed", e); + } + } EcompPortalUtils.logAndSerializeObject(logger, "/portalApi/onboardingApps", "PUT result =", response.getStatus()); return fieldsValidator; diff --git a/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/controller/AuxApiRequestMapperController.java b/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/controller/AuxApiRequestMapperController.java index 60c25c65..fe2c349f 100644 --- a/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/controller/AuxApiRequestMapperController.java +++ b/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/controller/AuxApiRequestMapperController.java @@ -51,6 +51,7 @@ import java.util.regex.Pattern; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; +import org.onap.aaf.cadi.aaf.AAFPermission; import org.onap.portalapp.annotation.ApiVersion; import org.onap.portalapp.externalsystemapproval.model.ExternalSystemUser; import org.onap.portalapp.portal.domain.CentralV2RoleFunction; @@ -887,4 +888,31 @@ public class AuxApiRequestMapperController implements ApplicationContextAware, B return fnMenuItems; } + + @ApiOperation(value = "Gets MechId roles", response = String.class, responseContainer = "List") + @RequestMapping(value = { "/v3/systemUser" }, method = RequestMethod.GET, produces = "application/json") + public List<AAFPermission> getSystemUserPerms(HttpServletRequest request, HttpServletResponse response) throws Exception { + List<AAFPermission> permsList = null; + Map<String, Object> res = getMethod(request, response); + try { + permsList = (List<AAFPermission>) invokeMethod(res, request, response); + } catch (Exception e) { + logger.error(EELFLoggerDelegate.errorLogger, "getSystemUserPerms failed", e); + } + return permsList; + } + + @ApiOperation(value = "Update role description in external auth system for an application.", response = PortalRestResponse.class, responseContainer = "Json") + @RequestMapping(value = { "/v3/update/app/roleDescription" }, method = RequestMethod.PUT, produces = "application/json") + public PortalRestResponse<String> updateAppRoleDescription(HttpServletRequest request, HttpServletResponse response) throws Exception { + PortalRestResponse<String> result = null; + Map<String, Object> res = getMethod(request, response); + try { + result = (PortalRestResponse<String>) invokeMethod(res, request, response); + return result; + } catch (Exception e) { + logger.error(EELFLoggerDelegate.errorLogger, "updateAppRoleDescription failed", e); + return new PortalRestResponse<String>(PortalRestStatusEnum.ERROR, e.getMessage(), "Failed"); + } + } } diff --git a/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/controller/ExternalAccessRolesController.java b/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/controller/ExternalAccessRolesController.java index 4a5e0331..5f6818f1 100644 --- a/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/controller/ExternalAccessRolesController.java +++ b/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/controller/ExternalAccessRolesController.java @@ -43,6 +43,8 @@ import java.util.ArrayList; import java.util.HashMap; import java.util.List; import java.util.Map; +import java.util.Set; +import java.util.TreeSet; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; @@ -107,7 +109,7 @@ public class ExternalAccessRolesController implements BasicAuthenticationControl private static final String SUCCESSFULLY_DELETED = "Successfully Deleted"; - private static final String INVALID_UEB_KEY = "Invalid uebkey!"; + private static final String INVALID_UEB_KEY = "Invalid credentials!"; private static final String LOGIN_ID = "LoginId"; @@ -770,7 +772,7 @@ public class ExternalAccessRolesController implements BasicAuthenticationControl addedRoleFunctions = externalAccessRolesService.bulkUploadPartnerRoleFunctions(request.getHeader(UEBKEY)); } catch (Exception e) { response.setStatus(HttpServletResponse.SC_INTERNAL_SERVER_ERROR); - logger.error(EELFLoggerDelegate.errorLogger, "bulkUploadRoles failed", e); + logger.error(EELFLoggerDelegate.errorLogger, "bulkUploadPartnerRoleFunctions failed", e); return new PortalRestResponse<String>(PortalRestStatusEnum.ERROR, "Failed to bulkUploadPartnerRoleFunctions", "Failed"); } return new PortalRestResponse<String>(PortalRestStatusEnum.OK, "Successfully added: '"+addedRoleFunctions + "' role functions", "Success"); @@ -859,10 +861,16 @@ public class ExternalAccessRolesController implements BasicAuthenticationControl String answer = null; try { fieldsValidation(request); + answer = externalAccessRolesService.getV2UserWithRoles(loginId, request.getHeader(UEBKEY)); if (answer != null) { User ecompUser = userservice.userMapper(answer); user = UserUtils.convertToEcompUser(ecompUser); + List<EcompRole> missingRolesOfUser = externalAccessRolesService.missingUserApplicationRoles(request.getHeader(UEBKEY), loginId, user.getRoles()); + if (missingRolesOfUser.size() > 0) { + Set<EcompRole> roles = new TreeSet<EcompRole>(missingRolesOfUser); + user.getRoles().addAll(roles); + } } } catch (Exception e) { sendErrorResponse(response, e); diff --git a/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/controller/HealthCheckController.java b/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/controller/HealthCheckController.java index 811e10ce..cecbd9bd 100644 --- a/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/controller/HealthCheckController.java +++ b/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/controller/HealthCheckController.java @@ -164,12 +164,12 @@ public class HealthCheckController extends EPUnRestrictedBaseController { EPLogUtil.logEcompError(logger, EPAppMessagesEnum.BeDaoSystemError); } - if (!HealthMonitor.isClusterStatusOk()) { - dbInfo.dbClusterStatus = "Problem, check the logs for more details"; - EPLogUtil.logEcompError(logger, EPAppMessagesEnum.BeDaoSystemError); - } else { - dbInfo.dbClusterStatus = statusOk; - } +// if (!HealthMonitor.isClusterStatusOk()) { +// dbInfo.dbClusterStatus = "Problem, check the logs for more details"; +// EPLogUtil.logEcompError(logger, EPAppMessagesEnum.BeDaoSystemError); +// } else { +// dbInfo.dbClusterStatus = statusOk; +// } if (!HealthMonitor.isDatabasePermissionsOk()) { dbInfo.dbPermissions = "Problem, check the logs for more details"; diff --git a/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/controller/RoleManageController.java b/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/controller/RoleManageController.java index 4956e3fd..c6849cd8 100644 --- a/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/controller/RoleManageController.java +++ b/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/controller/RoleManageController.java @@ -656,7 +656,7 @@ public class RoleManageController extends EPRestrictedBaseController { public List<CentralizedApp> getCentralizedAppRoles(HttpServletRequest request, HttpServletResponse response, String userId) throws IOException { EPUser user = EPUserUtils.getUserSession(request); List<CentralizedApp> applicationsList = null; - if (adminRolesService.isAccountAdmin(user) || adminRolesService.isSuperAdmin(user)) { + if (adminRolesService.isAccountAdmin(user) || adminRolesService.isSuperAdmin(user) || adminRolesService.isRoleAdmin(user)) { applicationsList = externalAccessRolesService.getCentralizedAppsOfUser(userId); } else { logger.info(EELFLoggerDelegate.auditLogger, @@ -769,7 +769,7 @@ public class RoleManageController extends EPRestrictedBaseController { app.getUebKey(); List<EPApp> appInfo = externalAccessRolesService.getApp(app.getUebKey()); if(appInfo.isEmpty()){ - throw new InvalidApplicationException("Invalid uebkey"); + throw new InvalidApplicationException("Invalid credentials"); } if(!appInfo.isEmpty() && EcompPortalUtils.checkIfRemoteCentralAccessAllowed() && appInfo.get(0).getCentralAuth()){ ResponseEntity<String> response = externalAccessRolesService.getNameSpaceIfExists(appInfo.get(0)); diff --git a/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/controller/RolesController.java b/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/controller/RolesController.java index c61fb43b..c976629a 100644 --- a/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/controller/RolesController.java +++ b/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/controller/RolesController.java @@ -41,21 +41,21 @@ import java.util.List; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; +import org.onap.aaf.cadi.aaf.AAFPermission; import org.onap.portalapp.annotation.ApiVersion; import org.onap.portalapp.portal.domain.CentralV2RoleFunction; import org.onap.portalapp.portal.ecomp.model.PortalRestResponse; +import org.onap.portalapp.portal.ecomp.model.PortalRestStatusEnum; import org.onap.portalapp.portal.logging.aop.EPAuditLog; -import org.onap.portalapp.portal.transport.CentralUser; +import org.onap.portalapp.portal.service.ExternalAccessRolesService; import org.onap.portalapp.portal.transport.CentralV2Role; import org.onap.portalsdk.core.domain.Role; -import org.onap.portalsdk.core.domain.RoleFunction; +import org.onap.portalsdk.core.logging.logic.EELFLoggerDelegate; +import org.onap.portalsdk.core.onboarding.util.AuthUtil; import org.onap.portalsdk.core.restful.domain.EcompRole; import org.onap.portalsdk.core.restful.domain.EcompUser; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.context.annotation.EnableAspectJAutoProxy; -import org.springframework.web.bind.annotation.PathVariable; -import org.springframework.web.bind.annotation.RequestMapping; -import org.springframework.web.bind.annotation.RequestMethod; import io.swagger.annotations.ApiOperation; @@ -64,14 +64,23 @@ import io.swagger.annotations.ApiOperation; @EPAuditLog @ApiVersion public class RolesController implements BasicAuthenticationController { + + private static EELFLoggerDelegate logger = EELFLoggerDelegate.getLogger(RolesController.class); + final String LOGINID_PATTERN = "/v3/user/[a-zA-Z0-9]{1,25}$"; final String FUNCTION_CD_PATTERN = "/v3/function/[a-zA-Z0-9_-]{1,75}$"; final String DELETE_ROLEFUNCTION = "/v3/roleFunction/[a-zA-Z0-9_-]{1,75}$"; + + private static final String UEBKEY = "uebkey"; + + @Autowired + private ExternalAccessRolesService externalAccessRolesService; @Autowired ExternalAccessRolesController externalAccessRolesController = new ExternalAccessRolesController(); + @ApiOperation(value = "Gets roles for an application which is upgraded to newer version.", response = CentralV2Role.class, responseContainer = "Json") @ApiVersion(max = "v3", service = "/v3/roles", min = 0, method = "GET") @@ -192,6 +201,22 @@ public class RolesController implements BasicAuthenticationController { public List<String> getMenuFunctions(HttpServletRequest request, HttpServletResponse response) throws Exception { return externalAccessRolesController.getMenuFunctions(request, response); } + + @ApiVersion(max = "v3", service = "/v3/update/app/roleDescription", min = 0, method = "PUT") + public PortalRestResponse<String> updateAppRoleDescription(HttpServletRequest request, HttpServletResponse response) + throws Exception { + Integer updatedRoleDesc = 0; + try { + updatedRoleDesc = externalAccessRolesService.updateAppRoleDescription(request.getHeader(UEBKEY)); + } catch (Exception e) { + response.setStatus(HttpServletResponse.SC_INTERNAL_SERVER_ERROR); + logger.error(EELFLoggerDelegate.errorLogger, "updateAppRoleDescription: failed!", e); + return new PortalRestResponse<String>(PortalRestStatusEnum.ERROR, + "updateAppRoleDescription: " + e.getMessage(), "Failure"); + } + return new PortalRestResponse<String>(PortalRestStatusEnum.OK, + "Successfully updated app role descriptions: '" + updatedRoleDesc + "'", "Success"); + } @ApiVersion(max = "v4", service = "/v4/user/[a-zA-Z0-9]{1,25}$", min = 0, method = "GET") public String getEcompUser(HttpServletRequest request, HttpServletResponse response, String loginId) @@ -204,4 +229,10 @@ public class RolesController implements BasicAuthenticationController { throws Exception { return externalAccessRolesController.getEcompRolesOfApplication(request, response); } + + @ApiVersion(max = "v3", service = "/v3/systemUser", min = 0, method = "GET") + public List<AAFPermission> getSystemUser(HttpServletRequest request, HttpServletResponse response) + throws Exception { + return AuthUtil.getAAFPermissions(request); + } } diff --git a/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/controller/SchedulerController.java b/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/controller/SchedulerController.java index cb7c0d44..0be83c97 100644 --- a/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/controller/SchedulerController.java +++ b/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/controller/SchedulerController.java @@ -99,7 +99,8 @@ public class SchedulerController extends EPRestrictedBaseController { String startTimeRequest = requestDateFormat.format(startingTime); logger.debug(EELFLoggerDelegate.debugLogger, "Controller Scheduler GET Timeslots for startTimeRequest: ", startTimeRequest); - logger.debug(EELFLoggerDelegate.debugLogger, "Original Request : \n ", scheduler_request); + logger.debug(EELFLoggerDelegate.debugLogger, "Original Request = {} ", scheduler_request); + String path = SchedulerProperties.getProperty(SchedulerProperties.SCHEDULER_GET_TIME_SLOTS) + scheduler_request; @@ -107,7 +108,7 @@ public class SchedulerController extends EPRestrictedBaseController { Date endTime = new Date(); String endTimeRequest = requestDateFormat.format(endTime); - logger.debug(EELFLoggerDelegate.debugLogger, "Controller Scheduler - GET for EndTimeRequest", + logger.debug(EELFLoggerDelegate.debugLogger, "Controller Scheduler - GET for EndTimeRequest = {}", endTimeRequest); return (new ResponseEntity<String>(schedulerResWrapper.getResponse(), HttpStatus.valueOf(schedulerResWrapper.getStatus()))); @@ -134,12 +135,12 @@ public class SchedulerController extends EPRestrictedBaseController { schedulerRestController.Get(str, uuid, path, restObjStr); GetTimeSlotsWrapper schedulerRespWrapper = SchedulerUtil.getTimeSlotsWrapResponse(restObjStr); - logger.debug(EELFLoggerDelegate.debugLogger, "Get Time Slots Request END : Response: ", + logger.debug(EELFLoggerDelegate.debugLogger, "Get Time Slots Request END : Response: {}", schedulerRespWrapper.getResponse()); if (schedulerRespWrapper.getStatus() != 200 && schedulerRespWrapper.getStatus() != 204 && schedulerRespWrapper.getStatus() != 202) { String message = String.format( - " getTimeslots Information failed . SchedulerResponseWrapper for gettimeslots: %s", schedulerRespWrapper.getResponse()); + " getTimeslots Information failed . SchedulerResponseWrapper for gettimeslots: {}", schedulerRespWrapper.getResponse()); logger.error(EELFLoggerDelegate.errorLogger, message); EPLogUtil.schedulerAccessAlarm(logger, schedulerRespWrapper.getStatus()); @@ -167,11 +168,11 @@ public class SchedulerController extends EPRestrictedBaseController { String uuid = UUID.randomUUID().toString(); scheduler_request.put("scheduleId", uuid); - logger.debug(EELFLoggerDelegate.debugLogger, "UUID : ", uuid); + logger.debug(EELFLoggerDelegate.debugLogger, "UUID = {} ", uuid); // adding uuid to the request payload scheduler_request.put("scheduleId", uuid); - logger.debug(EELFLoggerDelegate.debugLogger, "Original Request ", scheduler_request.toString()); + logger.debug(EELFLoggerDelegate.debugLogger, "Original Request = {}", scheduler_request.toString()); String path = SchedulerProperties .getProperty(SchedulerProperties.SCHEDULER_CREATE_NEW_VNF_CHANGE_INSTANCE_VAL) + uuid; @@ -180,7 +181,7 @@ public class SchedulerController extends EPRestrictedBaseController { Date endTime = new Date(); String endTimeRequest = requestDateFormat.format(endTime); - logger.debug(EELFLoggerDelegate.debugLogger, "Controller Scheduler - POST", endTimeRequest); + logger.debug(EELFLoggerDelegate.debugLogger, "Controller Scheduler - POST= {}", endTimeRequest); return new ResponseEntity<String>(responseWrapper.getResponse(), HttpStatus.valueOf(responseWrapper.getStatus())); @@ -214,7 +215,7 @@ public class SchedulerController extends EPRestrictedBaseController { PostCreateNewVnfWrapper responseWrapper = SchedulerUtil.postCreateNewVnfWrapResponse(restObjStr); - logger.debug(EELFLoggerDelegate.debugLogger, " Post Create New Vnf Scheduling Request END : Response: ", + logger.debug(EELFLoggerDelegate.debugLogger, " Post Create New Vnf Scheduling Request END : Response = {}", responseWrapper.getResponse()); if (responseWrapper.getStatus() != 200 && responseWrapper.getStatus() != 202 && responseWrapper.getStatus() != 204) { logger.error(EELFLoggerDelegate.errorLogger, "PostCreateNewVnfWrapper Information failed", responseWrapper.getResponse()); @@ -235,15 +236,15 @@ public class SchedulerController extends EPRestrictedBaseController { try { Date startingTime = new Date(); String startTimeRequest = requestDateFormat.format(startingTime); - logger.debug(EELFLoggerDelegate.debugLogger, " Controller Scheduler POST : submit_vnf_change_timeslots", + logger.debug(EELFLoggerDelegate.debugLogger, " Controller Scheduler POST : submit_vnf_change_timeslots = {}", startTimeRequest); // Generating uuid String uuid = (String) scheduler_request.get("scheduleId"); - logger.debug(EELFLoggerDelegate.debugLogger, "UUID : ", uuid); + logger.debug(EELFLoggerDelegate.debugLogger, "UUID = {} ", uuid); scheduler_request.remove("scheduleId"); - logger.debug(EELFLoggerDelegate.debugLogger, "Original Request for the schedulerId: ", + logger.debug(EELFLoggerDelegate.debugLogger, "Original Request for the schedulerId= {} ", scheduler_request.toString()); String path = SchedulerProperties.getProperty(SchedulerProperties.SCHEDULER_SUBMIT_NEW_VNF_CHANGE) @@ -254,7 +255,7 @@ public class SchedulerController extends EPRestrictedBaseController { Date endTime = new Date(); String endTimeRequest = requestDateFormat.format(endTime); - logger.debug(EELFLoggerDelegate.debugLogger, " Controller Scheduler - POST Submit for end time request", + logger.debug(EELFLoggerDelegate.debugLogger, " Controller Scheduler - POST Submit for end time request= {}", endTimeRequest); return (new ResponseEntity<String>(responseWrapper.getResponse(),HttpStatus.valueOf(responseWrapper.getStatus()))); @@ -289,7 +290,7 @@ public class SchedulerController extends EPRestrictedBaseController { PostSubmitVnfChangeTimeSlotsWrapper responseWrapper = SchedulerUtil .postSubmitNewVnfWrapResponse(restObjStr); - logger.debug(EELFLoggerDelegate.debugLogger, "Post Submit Scheduling Request END : Response = ", + logger.debug(EELFLoggerDelegate.debugLogger, "Post Submit Scheduling Request END : Response = {}", responseWrapper.getResponse()); if (responseWrapper.getStatus() != 200 && responseWrapper.getStatus() != 202 && responseWrapper.getStatus() != 204) { @@ -336,7 +337,10 @@ public class SchedulerController extends EPRestrictedBaseController { else throw new Exception(entry.getKey() + errorMsg); } + logger.debug(EELFLoggerDelegate.debugLogger, " portalRestResponse - getSchedulerConstant= {}", + map); portalRestResponse = new PortalRestResponse<Map<String, String>>(PortalRestStatusEnum.OK, "success", map); + } catch (Exception e) { logger.error(EELFLoggerDelegate.errorLogger, "getSchedulerConstant failed", e); portalRestResponse = new PortalRestResponse<Map<String, String>>(PortalRestStatusEnum.ERROR, e.getMessage(), diff --git a/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/controller/UserRolesController.java b/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/controller/UserRolesController.java index f5113264..72ae07da 100644 --- a/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/controller/UserRolesController.java +++ b/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/controller/UserRolesController.java @@ -65,6 +65,8 @@ import org.onap.portalapp.portal.service.UserRolesService; import org.onap.portalapp.portal.transport.AppNameIdIsAdmin; import org.onap.portalapp.portal.transport.AppWithRolesForUser; import org.onap.portalapp.portal.transport.AppsListWithAdminRole; +import org.onap.portalapp.portal.transport.EpNotificationItem; +import org.onap.portalapp.portal.transport.ExternalRequestFieldsValidator; import org.onap.portalapp.portal.transport.FieldsValidator; import org.onap.portalapp.portal.transport.RoleInAppForUser; import org.onap.portalapp.portal.transport.UserApplicationRoles; @@ -80,6 +82,7 @@ import org.onap.portalsdk.core.util.SystemProperties; import org.slf4j.MDC; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.context.annotation.EnableAspectJAutoProxy; +import org.springframework.http.ResponseEntity; import org.springframework.web.bind.annotation.PathVariable; import org.springframework.web.bind.annotation.RequestBody; import org.springframework.web.bind.annotation.RequestMapping; @@ -123,7 +126,7 @@ public class UserRolesController extends EPRestrictedBaseController { HttpServletResponse response) { EPUser user = EPUserUtils.getUserSession(request); String searchResult = null; - if (!adminRolesService.isSuperAdmin(user) && !adminRolesService.isAccountAdmin(user)) { + if (!adminRolesService.isSuperAdmin(user) && !adminRolesService.isAccountAdmin(user) && !adminRolesService.isRoleAdmin(user) ) { EcompPortalUtils.setBadPermissions(user, response, "getPhoneBookSearchResult"); } else { searchString = searchString.trim(); @@ -227,6 +230,7 @@ public class UserRolesController extends EPRestrictedBaseController { } }else{ logger.error(EELFLoggerDelegate.errorLogger, "putAppWithUserRoleStateForUser: putAppsWithAdminRoleStateForUser result is null"); + fieldsValidator.httpStatusCode = new Long(HttpServletResponse.SC_INTERNAL_SERVER_ERROR); } logger.info(EELFLoggerDelegate.errorLogger, newAppRoles.toString()); @@ -286,12 +290,14 @@ public class UserRolesController extends EPRestrictedBaseController { EPUser user = EPUserUtils.getUserSession(request); List<RoleInAppForUser> result = null; String feErrorString = ""; - if (!adminRolesService.isAccountAdmin(user)) { + if (!adminRolesService.isAccountAdmin(user) && !adminRolesService.isRoleAdmin(user) ) { + logger.debug(EELFLoggerDelegate.debugLogger, "getAppRolesForUser: Accountadminpermissioncheck {}, RoleAdmincheck {}", adminRolesService.isAccountAdmin(user) , adminRolesService.isRoleAdmin(user)); EcompPortalUtils.setBadPermissions(user, response, "getAppRolesForUser"); feErrorString = EcompPortalUtils.getFEErrorString(true, response.getStatus()); } else { if (EcompPortalUtils.legitimateUserId(orgUserId)) { - result = userRolesService.getAppRolesForUser(appid, orgUserId, extRequestValue); + result = userRolesService.getAppRolesForUser(appid, orgUserId, extRequestValue, user); + logger.debug(EELFLoggerDelegate.debugLogger, "getAppRolesForUser: result {}, appId {}", result , appid); int responseCode = EcompPortalUtils.getExternalAppResponseCode(); if (responseCode != 0 && responseCode != 200) { // external error @@ -342,9 +348,10 @@ public class UserRolesController extends EPRestrictedBaseController { @RequestMapping(value = { "/portalApi/userAppRoles" }, method = { RequestMethod.PUT }, produces = "application/json") - public FieldsValidator putAppWithUserRoleStateForUser(HttpServletRequest request, + public PortalRestResponse<String> putAppWithUserRoleStateForUser(HttpServletRequest request, @RequestBody AppWithRolesForUser newAppRolesForUser, HttpServletResponse response) { - FieldsValidator fieldsValidator = new FieldsValidator(); + //FieldsValidator fieldsValidator = new FieldsValidator(); + PortalRestResponse<String> portalResponse = new PortalRestResponse<>(); StringBuilder sbUserApps = new StringBuilder(); if (newAppRolesForUser != null) { sbUserApps.append("User '" + newAppRolesForUser.orgUserId); @@ -364,14 +371,17 @@ public class UserRolesController extends EPRestrictedBaseController { logger.info(EELFLoggerDelegate.applicationLogger, "putAppWithUserRoleStateForUser: {}", sbUserApps.toString()); EPUser user = EPUserUtils.getUserSession(request); - boolean changesApplied = false; - if (!adminRolesService.isAccountAdmin(user)) { + //boolean changesApplied = false; + ExternalRequestFieldsValidator changesApplied = null; + + if (!adminRolesService.isAccountAdmin(user) && !adminRolesService.isRoleAdmin(user) ) { EcompPortalUtils.setBadPermissions(user, response, "putAppWithUserRoleStateForUser"); } else if(newAppRolesForUser==null){ logger.error(EELFLoggerDelegate.errorLogger, "putAppWithUserRoleStateForUser: newAppRolesForUser is null"); } else{ - changesApplied = userRolesService.setAppWithUserRoleStateForUser(user, newAppRolesForUser); - if (changesApplied) { + changesApplied= userRolesService.setAppWithUserRoleStateForUser(user, newAppRolesForUser); + try{ + if (changesApplied.isResult()) { logger.info(EELFLoggerDelegate.applicationLogger, "putAppWithUserRoleStateForUser: succeeded for app {}, user {}", newAppRolesForUser.appId, newAppRolesForUser.orgUserId); @@ -395,17 +405,25 @@ public class UserRolesController extends EPRestrictedBaseController { MDC.remove(EPCommonSystemProperties.AUDITLOG_BEGIN_TIMESTAMP); MDC.remove(EPCommonSystemProperties.AUDITLOG_END_TIMESTAMP); MDC.remove(SystemProperties.MDC_TIMER); - } else { + portalResponse = new PortalRestResponse<>(PortalRestStatusEnum.OK,"success",null); + + } + if (!changesApplied.isResult()) + throw new Exception(changesApplied.getDetailMessage()); + + }catch (Exception e){ logger.error(EELFLoggerDelegate.errorLogger, "putAppWithUserRoleStateForUser: failed for app {}, user {}", newAppRolesForUser.appId, newAppRolesForUser.orgUserId); + portalResponse = new PortalRestResponse<>(PortalRestStatusEnum.ERROR, e.getMessage(), null); } } EcompPortalUtils.logAndSerializeObject(logger, "/portalApi/userAppRoles", "put result =", changesApplied); - return fieldsValidator; + return portalResponse; } - + + @RequestMapping(value = { "/portalApi/updateRemoteUserProfile" }, method = { RequestMethod.GET }, produces = "application/json") public PortalRestResponse<String> updateRemoteUserProfile(HttpServletRequest request, diff --git a/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/controller/WebAnalyticsExtAppController.java b/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/controller/WebAnalyticsExtAppController.java index afde8bc5..743cbc9a 100644 --- a/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/controller/WebAnalyticsExtAppController.java +++ b/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/controller/WebAnalyticsExtAppController.java @@ -45,6 +45,7 @@ import java.util.Map; import javax.servlet.http.HttpServletRequest; import org.apache.commons.io.IOUtils; +import org.apache.commons.lang.StringUtils; import org.onap.portalapp.controller.EPRestrictedRESTfulBaseController; import org.onap.portalapp.portal.domain.EPApp; import org.onap.portalapp.portal.domain.EcompAuditLog; @@ -138,6 +139,25 @@ public class WebAnalyticsExtAppController extends EPRestrictedRESTfulBaseControl @RequestMapping(value = { "/analytics" }, method = RequestMethod.GET, produces = "application/javascript") public String getAnalyticsScript(HttpServletRequest request) throws Exception { String responseText = ""; + EPApp app = null; + String version = ""; + try { + app = getApp(request); + } catch (Exception e) { + logger.error(EELFLoggerDelegate.errorLogger, + " Error retrieving Application to capture app name for analytics; Proceeding with empty app name"); + } + if (app != null) { + String restEndPoint = app.getAppRestEndpoint(); + if(restEndPoint.indexOf("/api")!=-1) { + version = restEndPoint.substring(restEndPoint.indexOf("/api")+4); + } + } + String END_POINT = "/storeAnalytics"; + if(StringUtils.isNotBlank(version)) { + END_POINT = version + "/storeAnalytics"; + } + final String fileName = "analytics.txt"; InputStream analyticsFileStream = null; try { @@ -152,8 +172,8 @@ public class WebAnalyticsExtAppController extends EPRestrictedRESTfulBaseControl String feURLContext = SystemProperties.getProperty("frontend_url"); String feURL = feURLContext.substring(0, feURLContext.lastIndexOf('/')); - responseText = responseText.replace("PORTAL_ENV_URL", feURL); + responseText = responseText.replace("$END_POINT", END_POINT); return responseText; } @@ -215,18 +235,23 @@ public class WebAnalyticsExtAppController extends EPRestrictedRESTfulBaseControl } protected String getAppName(HttpServletRequest request, String appName) { + + EPApp appRecord = getApp(request); + if (appRecord != null) { + appName = appRecord.getName(); + } + return appName; + } + + protected EPApp getApp(HttpServletRequest request) { String appKeyValue = request.getHeader(APP_KEY); + EPApp appRecord = null; if (appKeyValue == null || appKeyValue.equals("")) { logger.error(EELFLoggerDelegate.errorLogger, " App Key unavailable; Proceeding with null app name"); } else { - EPApp appRecord = appCacheService.getAppFromUeb(appKeyValue); - if (appRecord == null) { - logger.error(EELFLoggerDelegate.errorLogger, " App could not be found for the key " + appKeyValue); - } else - appName = appRecord.getName(); - + appRecord = appCacheService.getAppFromUeb(appKeyValue); } - return appName; + return appRecord; } protected void storeAuxAnalytics(Analytics analyticsMap, String appName) { @@ -253,5 +278,5 @@ public class WebAnalyticsExtAppController extends EPRestrictedRESTfulBaseControl HttpMethod.POST, entity, String.class); out.addCallback(successCallback, failureCallback); } - + } diff --git a/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/domain/EPUser.java b/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/domain/EPUser.java index 0b43b5d9..d7cce0ec 100644 --- a/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/domain/EPUser.java +++ b/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/domain/EPUser.java @@ -538,9 +538,10 @@ public class EPUser extends User { SortedSet<EPRole> roles = new TreeSet<EPRole>(); SortedSet<EPUserApp> userAppRoles = getEPUserApps(); - logger.debug(EELFLoggerDelegate.debugLogger, "In EPUser.getAppEPRoles() - userApps = ", userAppRoles.size()); + logger.debug(EELFLoggerDelegate.debugLogger, "In EPUser.getAppEPRoles() - userApps = {} ", userAppRoles.size()); Iterator<EPUserApp> userAppRolesIterator = userAppRoles.iterator(); + EPUserApp userAppRole = null; // getting default app while (userAppRolesIterator.hasNext()) { @@ -561,7 +562,7 @@ public class EPUser extends User { } } } - logger.debug(EELFLoggerDelegate.debugLogger, "In EPUser.getAppEPRoles() - roles = ", roles.size()); + logger.debug(EELFLoggerDelegate.debugLogger, "In EPUser.getAppEPRoles() - roles = {}" , roles.size()); return roles; } diff --git a/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/domain/EPUserApp.java b/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/domain/EPUserApp.java index f0dd7b2b..3470a9e3 100644 --- a/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/domain/EPUserApp.java +++ b/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/domain/EPUserApp.java @@ -47,7 +47,7 @@ public class EPUserApp extends DomainVo implements java.io.Serializable, Compara private Long userId; private EPApp app; private EPRole role; - private Short priority; + private Integer priority; public EPUserApp() { } @@ -94,11 +94,11 @@ public class EPUserApp extends DomainVo implements java.io.Serializable, Compara this.role = role; } - public Short getPriority() { - return this.priority; + public Integer getPriority() { + return (this.priority == null) ? 1 : priority; } - public void setPriority(Short priority) { + public void setPriority(Integer priority) { this.priority = priority; } diff --git a/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/interceptor/PortalResourceInterceptor.java b/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/interceptor/PortalResourceInterceptor.java index ab88dd6e..b1439060 100644 --- a/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/interceptor/PortalResourceInterceptor.java +++ b/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/interceptor/PortalResourceInterceptor.java @@ -39,9 +39,7 @@ */ package org.onap.portalapp.portal.interceptor; -import java.nio.charset.Charset; import java.util.ArrayList; -import java.util.Base64; import java.util.List; import java.util.Set; import java.util.regex.Matcher; @@ -51,6 +49,8 @@ import java.util.stream.Collectors; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; +import org.mockito.internal.stubbing.answers.ThrowsException; +import org.onap.aaf.cadi.CadiWrap; import org.onap.portalapp.controller.sessionmgt.SessionCommunicationController; import org.onap.portalapp.portal.controller.BasicAuthenticationController; import org.onap.portalapp.portal.controller.ExternalAppsRestfulController; @@ -63,6 +63,7 @@ import org.onap.portalapp.portal.domain.EPUser; import org.onap.portalapp.portal.logging.aop.EPEELFLoggerAdvice; import org.onap.portalapp.portal.logging.format.EPAppMessagesEnum; import org.onap.portalapp.portal.logging.logic.EPLogUtil; +import org.onap.portalapp.portal.service.AdminRolesService; import org.onap.portalapp.portal.service.AppsCacheService; import org.onap.portalapp.portal.service.BasicAuthenticationCredentialService; import org.onap.portalapp.portal.service.ExternalAccessRolesService; @@ -76,7 +77,10 @@ import org.onap.portalsdk.core.exception.UrlAccessRestrictedException; import org.onap.portalsdk.core.interceptor.ResourceInterceptor; import org.onap.portalsdk.core.logging.logic.EELFLoggerDelegate; import org.onap.portalsdk.core.onboarding.listener.PortalTimeoutHandler; +import org.onap.portalsdk.core.onboarding.util.AuthUtil; import org.onap.portalsdk.core.onboarding.util.CipherUtil; +import org.onap.portalsdk.core.onboarding.util.PortalApiConstants; +import org.onap.portalsdk.core.onboarding.util.PortalApiProperties; import org.onap.portalsdk.core.util.SystemProperties; import org.onap.portalsdk.core.util.SystemProperties.SecurityEventTypeEnum; import org.springframework.beans.factory.annotation.Autowired; @@ -97,11 +101,12 @@ public class PortalResourceInterceptor extends ResourceInterceptor { @Autowired private EPEELFLoggerAdvice epAdvice; + + @Autowired + private AdminRolesService adminRolesService; @Autowired private BasicAuthenticationCredentialService basicAuthService; - @Autowired - private ExternalAccessRolesService externalAccessRolesService; @SuppressWarnings("unchecked") @Override @@ -145,10 +150,12 @@ public class PortalResourceInterceptor extends ResourceInterceptor { // trivial // call; otherwise, if it is, then check for the // access - if (matchRoleFunctions(portalApiPath, allRoleFunctions) - && !matchRoleFunctions(portalApiPath, roleFunctions)) { - EPUser user = (EPUser) request.getSession().getAttribute( - SystemProperties.getProperty(SystemProperties.USER_ATTRIBUTE_NAME)); + EPUser user = (EPUser) request.getSession().getAttribute( + SystemProperties.getProperty(SystemProperties.USER_ATTRIBUTE_NAME)); + //RoleAdmin check is being added because the role belongs to partner application + //inorder to access portal api's, bypassing this with isRoleAdmin Check + if ((matchRoleFunctions(portalApiPath, allRoleFunctions) + && !matchRoleFunctions(portalApiPath, roleFunctions)) && !adminRolesService.isRoleAdmin(user)) { logger.error(EELFLoggerDelegate.errorLogger, "preHandle: User {} not authorized for path {} ", user.getOrgUserId(), portalApiPath); @@ -234,90 +241,132 @@ public class PortalResourceInterceptor extends ResourceInterceptor { final String authHeader = request.getHeader(EPCommonSystemProperties.AUTHORIZATION); final String uebkey = request.getHeader(EPCommonSystemProperties.UEB_KEY); - - // Unauthorized access due to missing HTTP Authorization request header - if (authHeader == null) { - final String msg = "no authorization found"; - logger.debug(EELFLoggerDelegate.debugLogger, "checkBasicAuth: {}", msg); - sendErrorResponse(response, HttpServletResponse.SC_UNAUTHORIZED, msg); - return false; - } + try{ + CadiWrap wrapReq = (CadiWrap) request; + logger.debug(EELFLoggerDelegate.debugLogger, "Entering in the loop as the uri contains auxapi : {}"); + String nameSpace=PortalApiProperties.getProperty(PortalApiConstants.AUTH_NAMESPACE); + logger.debug(EELFLoggerDelegate.debugLogger, "namespace form the portal properties : {}",nameSpace); + Boolean accessallowed=AuthUtil.isAccessAllowed(request, nameSpace); + logger.debug(EELFLoggerDelegate.debugLogger, "AccessAllowed for the request and namespace : {}",accessallowed); + if(accessallowed){ + logger.debug(EELFLoggerDelegate.debugLogger, "AccessAllowed is allowed: {}",accessallowed); + + //String[] accountNamePassword = EcompPortalUtils.getUserNamePassword(authHeader); + //check ueb condition + if(uebkey !=null && !uebkey.isEmpty()) + { + EPApp application = appCacheService.getAppFromUeb(uebkey,1); + if (application == null) { + throw new Exception("Invalid credentials!"); + } + else { + final String appUsername = application.getUsername(); + logger.debug(EELFLoggerDelegate.debugLogger, "appUsername : {}",appUsername); - String[] accountNamePassword = EcompPortalUtils.getUserNamePassword(authHeader); - if (accountNamePassword == null || accountNamePassword.length != 2) { - final String msg = "failed to get username and password from Atuhorization header"; - logger.debug(EELFLoggerDelegate.debugLogger, "checkBasicAuth: {}", msg); - sendErrorResponse(response, HttpServletResponse.SC_UNAUTHORIZED, msg); - return false; - } + String[] accountNamePassword = EcompPortalUtils.getUserNamePassword(authHeader); + logger.debug(EELFLoggerDelegate.debugLogger, "accountNamePassword : {}",accountNamePassword); - if(uebkey !=null && !uebkey.isEmpty()) - { - EPApp application = appCacheService.getAppFromUeb(uebkey,1); - if (application == null) { - throw new Exception("Invalid uebkey!"); + if (accountNamePassword == null || accountNamePassword.length != 2) { + final String msg = "failed to get username and password from Atuhorization header"; + logger.debug(EELFLoggerDelegate.debugLogger, "checkBasicAuth Username and password failed to get: {}", msg); + sendErrorResponse(response, HttpServletResponse.SC_UNAUTHORIZED, msg); + return false; + } + if (appUsername.equals(accountNamePassword[0])) { + return true; + }else{ + final String msg = "failed to match the UserName from the application "; + logger.debug(EELFLoggerDelegate.debugLogger, "failed to match the UserName from the application checkBasicAuth Username and password failed to get: {}", msg); + sendErrorResponse(response, HttpServletResponse.SC_UNAUTHORIZED, msg); + return false; + } + } + } + + return true; + } + if(!accessallowed){ + final String msg = "no authorization found"; + logger.debug(EELFLoggerDelegate.debugLogger, "checkBasicAuth when no accessallowed: {}", msg); + sendErrorResponse(response, HttpServletResponse.SC_UNAUTHORIZED, msg); + return false; + } + return false; + + }catch(ClassCastException e){ + logger.debug(EELFLoggerDelegate.debugLogger, "Entering in the classcastexception block if the UN is not the mechid : {}"); + + + // Unauthorized access due to missing HTTP Authorization request header + if (authHeader == null) { + final String msg = "no authorization found"; + logger.debug(EELFLoggerDelegate.debugLogger, "checkBasicAuth: {}", msg); + sendErrorResponse(response, HttpServletResponse.SC_UNAUTHORIZED, msg); + return false; } - else { - final String appUsername = application.getUsername(); - final String dbDecryptedPwd = CipherUtil.decryptPKC(application.getAppPassword()); - if (appUsername.equals(accountNamePassword[0]) && dbDecryptedPwd.equals(accountNamePassword[1])) { - return true; + + String[] accountNamePassword = EcompPortalUtils.getUserNamePassword(authHeader); + if (accountNamePassword == null || accountNamePassword.length != 2) { + final String msg = "failed to get username and password from Atuhorization header"; + logger.debug(EELFLoggerDelegate.debugLogger, "checkBasicAuth: {}", msg); + sendErrorResponse(response, HttpServletResponse.SC_UNAUTHORIZED, msg); + return false; + } + + if(uebkey !=null && !uebkey.isEmpty()) + { + EPApp application = appCacheService.getAppFromUeb(uebkey,1); + if (application == null) { + throw new Exception("Invalid credentials!"); + } + else { + final String appUsername = application.getUsername(); + final String dbDecryptedPwd = CipherUtil.decryptPKC(application.getAppPassword()); + if (appUsername.equals(accountNamePassword[0]) && dbDecryptedPwd.equals(accountNamePassword[1])) { + return true; + } } } - } - - BasicAuthCredentials creds; - try { - creds = basicAuthService.getBasicAuthCredentialByUsernameAndPassword(accountNamePassword[0], - accountNamePassword[1]); - } catch (Exception e) { - logger.error(EELFLoggerDelegate.errorLogger, "checkBasicAuth failed to get credentials", e); - final String msg = "Failed while getting basic authentication credential: "; - sendErrorResponse(response, HttpServletResponse.SC_INTERNAL_SERVER_ERROR, msg); - throw e; - } + + BasicAuthCredentials creds; + try { + creds = basicAuthService.getBasicAuthCredentialByUsernameAndPassword(accountNamePassword[0], + accountNamePassword[1]); + } catch (Exception e1) { + logger.error(EELFLoggerDelegate.errorLogger, "checkBasicAuth failed to get credentials", e1); + final String msg = "Failed while getting basic authentication credential: "; + sendErrorResponse(response, HttpServletResponse.SC_INTERNAL_SERVER_ERROR, msg); + throw e1; + } - // Unauthorized access due to invalid credentials (username and - // password) - if (creds == null || !creds.getUsername().equals(accountNamePassword[0])) { - final String msg = "Unauthorized: Access denied"; - logger.debug(EELFLoggerDelegate.debugLogger, "checkBasicAuth: {}", msg); - sendErrorResponse(response, HttpServletResponse.SC_UNAUTHORIZED, msg); - return false; - } + // Unauthorized access due to invalid credentials (username and + // password) + if (creds == null || !creds.getUsername().equals(accountNamePassword[0])) { + final String msg = "Unauthorized: Access denied"; + logger.debug(EELFLoggerDelegate.debugLogger, "checkBasicAuth: {}", msg); + sendErrorResponse(response, HttpServletResponse.SC_UNAUTHORIZED, msg); + return false; + } - // Unauthorized access due to inactive account - if (creds.getIsActive().equals("N")) { - final String msg = "Unauthorized: The account is inactive"; - logger.debug(EELFLoggerDelegate.debugLogger, "checkBasicAuth: {}", msg); - sendErrorResponse(response, HttpServletResponse.SC_UNAUTHORIZED, msg); - return false; - } - boolean isAllowedEp = false; - for (EPEndpoint ep : creds.getEndpoints()) { - if (ep.getName().equals(uri)) { - isAllowedEp = true; - break; + // Unauthorized access due to inactive account + if (creds.getIsActive().equals("N")) { + final String msg = "Unauthorized: The account is inactive"; + logger.debug(EELFLoggerDelegate.debugLogger, "checkBasicAuth: {}", msg); + sendErrorResponse(response, HttpServletResponse.SC_UNAUTHORIZED, msg); + return false; } + + }catch (Exception e2) { + logger.error(EELFLoggerDelegate.errorLogger, "checkBasicAuth failed to get credentials for some other exception", e2); + final String msg = "Failed while getting basic authentication credential for some other exception: "; + sendErrorResponse(response, HttpServletResponse.SC_INTERNAL_SERVER_ERROR, msg); + throw e2; } + return true; - // If user doesn't specify any endpoint, allow all endpoints for that - // account - if (creds.getEndpoints().size() == 0) - isAllowedEp = true; - - // Unauthorized access due to the invalid endpoints - if (!isAllowedEp) { - final String msg = "Unauthorized: Endpoint access denied"; - logger.debug(EELFLoggerDelegate.debugLogger, "checkBasicAuth: {}", msg); - sendErrorResponse(response, HttpServletResponse.SC_UNAUTHORIZED, msg); - return false; - } - // Made it to the end! - return true; - } +} @SuppressWarnings("unused") private String decrypted(String encrypted) throws Exception { @@ -380,8 +429,11 @@ public class PortalResourceInterceptor extends ResourceInterceptor { } return false; } + + protected void handleSessionUpdates(HttpServletRequest request) { PortalTimeoutHandler.handleSessionUpdatesNative(request, null, null, null, null, manageService); } + } diff --git a/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/listener/HealthMonitor.java b/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/listener/HealthMonitor.java index 6df4f9bd..891da3b7 100644 --- a/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/listener/HealthMonitor.java +++ b/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/listener/HealthMonitor.java @@ -86,7 +86,6 @@ public class HealthMonitor { private static boolean uebUp; private static boolean frontEndUp; private static boolean backEndUp; - private static boolean dbClusterStatusOk; private static boolean dbPermissionsOk; private static boolean zookeeperStatusOk; private static boolean cassandraStatusOk; @@ -106,10 +105,6 @@ public class HealthMonitor { return databaseUp; } - public static boolean isClusterStatusOk() { - return dbClusterStatusOk; - } - public static boolean isDatabasePermissionsOk() { return dbPermissionsOk; } @@ -143,6 +138,7 @@ public class HealthMonitor { int numIntervalsCassandraNotHealthy = 0; logger.debug(EELFLoggerDelegate.debugLogger, "monitorEPHealth thread started"); + long sleepInterval = (Long .valueOf(SystemProperties.getProperty(EPCommonSystemProperties.HEALTH_POLL_INTERVAL_SECONDS)) * 1000); @@ -151,8 +147,10 @@ public class HealthMonitor { logger.debug(EELFLoggerDelegate.debugLogger, "monitorEPHealth: Polling health every " + sleepInterval + " milliseconds. Alerting every " + (sleepInterval * numIntervalsBetweenAlerts) / 1000 + " seconds when component remains down."); - + while (true) { + logger.debug(EELFLoggerDelegate.debugLogger, + "monitorEPHealth: Test Connection to all"); // // Get DB status. If down, signal alert once every X intervals. // @@ -169,18 +167,6 @@ public class HealthMonitor { } } - dbClusterStatusOk = this.checkClusterStatus(); - if (dbClusterStatusOk == false) { - if ((numIntervalsClusterNotHealthy % numIntervalsBetweenAlerts) == 0) { - logger.debug(EELFLoggerDelegate.debugLogger, - "monitorEPHealth: cluster nodes down, logging to error log to trigger alert."); - EPLogUtil.logEcompError(logger, EPAppMessagesEnum.BeHealthCheckMySqlError); - numIntervalsClusterNotHealthy++; - } else { - numIntervalsClusterNotHealthy = 0; - } - } - dbPermissionsOk = this.checkDatabasePermissions(); if (dbPermissionsOk == false) { if ((numIntervalsDatabasePermissionsIncorrect % numIntervalsBetweenAlerts) == 0) { @@ -194,7 +180,9 @@ public class HealthMonitor { } org.onap.portalapp.music.util.MusicUtil MusicUtilSDK = new org.onap.portalapp.music.util.MusicUtil(); if(MusicUtilSDK.isMusicEnable()){ + zookeeperStatusOk = this.checkZookeeperStatus(); + if (zookeeperStatusOk == false) { if ((numIntervalsZookeeperNotHealthy % numIntervalsBetweenAlerts) == 0) { logger.debug(EELFLoggerDelegate.debugLogger, @@ -279,7 +267,8 @@ public class HealthMonitor { monitorEPHealth(); } catch (InterruptedException e) { logger.debug(EELFLoggerDelegate.debugLogger, "healthMonitorThread interrupted", e); - } catch (Exception e) { + } + catch (Exception e) { logger.error(EELFLoggerDelegate.errorLogger, "healthMonitorThread failed", e); } } @@ -327,36 +316,6 @@ public class HealthMonitor { return isUp; } - private boolean checkClusterStatus() { - boolean isUp = false; - Session localSession = null; - try { - localSession = sessionFactory.openSession(); - if (localSession != null) { - // If all nodes are unhealthy in a cluster, this will throw an - // exception - String sql = "select * from mysql.user"; - Query query = localSession.createSQLQuery(sql); - @SuppressWarnings("unchecked") - List<String> queryList = query.list(); - if (queryList != null) { - isUp = true; - } - } - } catch (Exception e) { - logger.error(EELFLoggerDelegate.errorLogger, "checkClusterStatus failed", e); - if ((e.getCause() != null) && (e.getCause().getMessage() != null)) { - logger.error(EELFLoggerDelegate.errorLogger, "checkClusterStatus failure cause", e.getCause()); - } - isUp = false; - } finally { - if (localSession != null) { - localSession.close(); - } - } - return isUp; - } - private boolean checkZookeeperStatus() { String[] zookeeperNodes = MusicUtil.getMyZkHost().split(","); diff --git a/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/scheduleraux/SchedulerAuxUtil.java b/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/scheduleraux/SchedulerAuxUtil.java index 4e470462..4a4c9283 100644 --- a/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/scheduleraux/SchedulerAuxUtil.java +++ b/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/scheduleraux/SchedulerAuxUtil.java @@ -39,13 +39,10 @@ package org.onap.portalapp.portal.scheduleraux; import java.text.DateFormat; import java.text.SimpleDateFormat; -import java.util.Date; import org.glassfish.jersey.client.ClientResponse; import org.onap.portalsdk.core.logging.logic.EELFLoggerDelegate; -import com.fasterxml.jackson.databind.ObjectMapper; - public class SchedulerAuxUtil { private static EELFLoggerDelegate logger = EELFLoggerDelegate.getLogger(SchedulerAuxUtil.class); diff --git a/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/service/AdminRolesService.java b/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/service/AdminRolesService.java index e61f87a2..a9d55fc8 100644 --- a/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/service/AdminRolesService.java +++ b/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/service/AdminRolesService.java @@ -64,6 +64,10 @@ public interface AdminRolesService { */ public boolean isAccountAdmin(EPUser user); + + public boolean isRoleAdmin(EPUser user); + + /** * Attention! User roles in ONAP PORTAL cannot be managed by this function. * @param user diff --git a/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/service/AdminRolesServiceImpl.java b/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/service/AdminRolesServiceImpl.java index 981b9ce7..c8e04f4f 100644 --- a/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/service/AdminRolesServiceImpl.java +++ b/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/service/AdminRolesServiceImpl.java @@ -38,10 +38,15 @@ package org.onap.portalapp.portal.service; import java.util.ArrayList; +import java.util.Arrays; import java.util.HashMap; +import java.util.HashSet; import java.util.List; import java.util.Map; +import java.util.Set; import java.util.SortedSet; +import java.util.TreeSet; +import java.util.stream.Collectors; import javax.annotation.PostConstruct; @@ -51,6 +56,7 @@ import org.hibernate.SessionFactory; import org.hibernate.Transaction; import org.json.JSONArray; import org.json.JSONObject; +import org.onap.portalapp.portal.domain.CentralV2RoleFunction; import org.onap.portalapp.portal.domain.EPApp; import org.onap.portalapp.portal.domain.EPRole; import org.onap.portalapp.portal.domain.EPUser; @@ -62,11 +68,15 @@ import org.onap.portalapp.portal.logging.format.EPAppMessagesEnum; import org.onap.portalapp.portal.logging.logic.EPLogUtil; import org.onap.portalapp.portal.transport.AppNameIdIsAdmin; import org.onap.portalapp.portal.transport.AppsListWithAdminRole; +import org.onap.portalapp.portal.transport.EPUserAppCurrentRoles; import org.onap.portalapp.portal.transport.ExternalAccessUser; import org.onap.portalapp.portal.utils.EPCommonSystemProperties; import org.onap.portalapp.portal.utils.EcompPortalUtils; import org.onap.portalapp.portal.utils.PortalConstants; +import org.onap.portalapp.util.EPUserUtils; +import org.onap.portalsdk.core.domain.RoleFunction; import org.onap.portalsdk.core.logging.logic.EELFLoggerDelegate; +import org.onap.portalsdk.core.restful.domain.EcompRole; import org.onap.portalsdk.core.service.DataAccessService; import org.onap.portalsdk.core.util.SystemProperties; import org.springframework.beans.factory.annotation.Autowired; @@ -91,6 +101,7 @@ public class AdminRolesServiceImpl implements AdminRolesService { private Long SYS_ADMIN_ROLE_ID = 1L; private Long ACCOUNT_ADMIN_ROLE_ID = 999L; private Long ECOMP_APP_ID = 1L; + public static final String TYPE_APPROVER = "approver"; private EELFLoggerDelegate logger = EELFLoggerDelegate.getLogger(AdminRolesServiceImpl.class); @@ -102,6 +113,8 @@ public class AdminRolesServiceImpl implements AdminRolesService { private SearchService searchService; @Autowired private EPAppService appsService; + @Autowired + private ExternalAccessRolesService externalAccessRolesService; private RestTemplate template = new RestTemplate(); @@ -434,9 +447,22 @@ public class AdminRolesServiceImpl implements AdminRolesService { EPUser currentUser = user != null ? (EPUser) dataAccessService.getDomainObject(EPUser.class, user.getId(), null) : null; + + final Map<String, Long> userParams = new HashMap<>(); + userParams.put("userId", user.getId()); + logger.debug(EELFLoggerDelegate.debugLogger, "Is account admin for user {}", user.getId()); + List<Integer> userAdminApps = new ArrayList<>(); + + userAdminApps =dataAccessService.executeNamedQuery("getAdminAppsForTheUser", userParams, null); + logger.debug(EELFLoggerDelegate.debugLogger, "Is account admin for userAdminApps() - for user {}, found userAdminAppsSize {}", user.getOrgUserId(), userAdminApps.size()); + + if (currentUser != null && currentUser.getId() != null) { for (EPUserApp userApp : currentUser.getEPUserApps()) { - if (userApp.getRole().getId().equals(ACCOUNT_ADMIN_ROLE_ID)) { + + + if (userApp.getRole().getId().equals(ACCOUNT_ADMIN_ROLE_ID)||(userAdminApps.size()>1)) { + logger.debug(EELFLoggerDelegate.debugLogger, "Is account admin for userAdminApps() - for user {}, found Id {}", user.getOrgUserId(), userApp.getRole().getId()); // Account Administrator sees only the applications // he/she is Administrator return true; @@ -450,6 +476,55 @@ public class AdminRolesServiceImpl implements AdminRolesService { } return false; } + + + public boolean isRoleAdmin(EPUser user) { + try { + logger.debug(EELFLoggerDelegate.debugLogger, "Checking if user has isRoleAdmin access"); + + EPUser currentUser = user != null + ? (EPUser) dataAccessService.getDomainObject(EPUser.class, user.getId(), null) + : null; + final Map<String, Long> userParams = new HashMap<>(); + userParams.put("userId", user.getId()); + List<RoleFunction> roleFunctionSet = new ArrayList<>(); + + List getRoleFuncListOfUser = dataAccessService.executeNamedQuery("getRoleFunctionsOfUserforAlltheApplications", userParams, null); + logger.debug(EELFLoggerDelegate.debugLogger, "Checking if user has isRoleAdmin access :: getRoleFuncListOfUser" , getRoleFuncListOfUser); + Set<String> getRoleFuncListOfPortalSet = new HashSet<>(getRoleFuncListOfUser); + Set<String> getRoleFuncListOfPortalSet1=new HashSet<>(); + Set<String> roleFunSet = new HashSet<>(); + roleFunSet = getRoleFuncListOfPortalSet.stream().filter(x -> x.contains("|")).collect(Collectors.toSet()); + if (roleFunSet.size() > 0) + for (String roleFunction : roleFunSet) { + //String roleFun = EcompPortalUtils.getFunctionCode(roleFunction); + String roleFun = EcompPortalUtils.getFunctionCode(roleFunction); + String type = externalAccessRolesService.getFunctionCodeType(roleFunction); + //getRoleFuncListOfPortalSet.remove(roleFunction); + getRoleFuncListOfPortalSet1.add(type); + } + + + + for (String rolefunc : getRoleFuncListOfPortalSet1) { + logger.debug(EELFLoggerDelegate.debugLogger, "Checking if user has approver rolefunction" , rolefunc); + if (rolefunc.equalsIgnoreCase(TYPE_APPROVER)) { + logger.debug(EELFLoggerDelegate.debugLogger, "Checking if user has approver rolefunction" , rolefunc); + return true; + }else{ + return false; + + } + } + + + } catch (Exception e) { + EPLogUtil.logEcompError(logger, EPAppMessagesEnum.BeDaoSystemError, e); + logger.error(EELFLoggerDelegate.errorLogger, "Exception occurred while executing isRoleAdmin operation", + e); + } + return false; + } public boolean isUser(EPUser user) { try { @@ -490,24 +565,24 @@ public class AdminRolesServiceImpl implements AdminRolesService { @Override public boolean isAccountAdminOfApplication(EPUser user, EPApp app) { + Boolean isApplicationAccountAdmin=false; try { - EPUser currentUser = user != null - ? (EPUser) dataAccessService.getDomainObject(EPUser.class, user.getId(), null) : null; - if (currentUser != null && currentUser.getId() != null) { - SortedSet<EPUserApp> userApps = currentUser.getEPUserApps(); - EPUserApp userApp = userApps.stream() - .filter(x -> x.getRole().getId().equals(PortalConstants.ACCOUNT_ADMIN_ROLE_ID) - && x.getApp().getId().equals(app.getId())) - .findAny().orElse(null); - if (userApp != null) { - return true; - } - } - } catch (Exception e) { + final Map<String, Long> userParams = new HashMap<>(); + userParams.put("userId", user.getId()); + logger.debug(EELFLoggerDelegate.debugLogger, "Is account admin for user {}", user.getId()); + List<Integer> userAdminApps = new ArrayList<>(); + userAdminApps =dataAccessService.executeNamedQuery("getAdminAppsForTheUser", userParams, null); + if(userAdminApps.size()>=1){ + isApplicationAccountAdmin=userAdminApps.contains((int) (long) app.getId()); + logger.debug(EELFLoggerDelegate.debugLogger, "Is account admin for user is true{} ,appId {}", user.getId(),app.getId()); + } + } catch (Exception e) { EPLogUtil.logEcompError(logger, EPAppMessagesEnum.BeDaoSystemError, e); logger.error(EELFLoggerDelegate.errorLogger, "Exception occurred while executing isAccountAdminOfApplication operation", e); } - return false; + logger.debug(EELFLoggerDelegate.debugLogger, "In AdminRolesServiceImpl() - isAccountAdminOfApplication = {} and userId ={} ", isApplicationAccountAdmin, user.getOrgUserId()); + return isApplicationAccountAdmin; + } } diff --git a/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/service/ApplicationsRestClientServiceImpl.java b/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/service/ApplicationsRestClientServiceImpl.java index 54b915fe..fd6610c2 100644 --- a/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/service/ApplicationsRestClientServiceImpl.java +++ b/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/service/ApplicationsRestClientServiceImpl.java @@ -63,6 +63,7 @@ import org.onap.portalapp.portal.utils.EPCommonSystemProperties; import org.onap.portalapp.portal.utils.EcompPortalUtils; import org.onap.portalapp.util.SystemType; import org.onap.portalsdk.core.logging.logic.EELFLoggerDelegate; +import org.onap.portalsdk.core.onboarding.exception.CipherUtilException; import org.onap.portalsdk.core.onboarding.util.CipherUtil; import org.onap.portalsdk.core.util.SystemProperties; import org.slf4j.MDC; @@ -125,12 +126,12 @@ public class ApplicationsRestClientServiceImpl implements ApplicationsRestClient } @EPMetricsLog - private void verifyResponse(Response response) throws HTTPException { + private void verifyResponse(Response response,String restPath) throws HTTPException { int status = response.getStatus(); logger.debug(EELFLoggerDelegate.debugLogger, "http response status=" + status); MDC.put(EPCommonSystemProperties.EXTERNAL_API_RESPONSE_CODE, Integer.toString(status)); if (!isHttpSuccess(status)) { - String errMsg = "Failed. Status=" + status + "; [" + ((ResponseImpl)response).getStatusInfo().getReasonPhrase().toString() + String errMsg = "Failed. Status=" + status + restPath +"; [" + ((ResponseImpl)response).getStatusInfo().getReasonPhrase().toString() + "]"; URL url = null; try { @@ -142,7 +143,7 @@ public class ApplicationsRestClientServiceImpl implements ApplicationsRestClient // never mind. it is only for the debug message. logger.warn(EELFLoggerDelegate.errorLogger, "Failed to build URL", e); } - logger.error(EELFLoggerDelegate.errorLogger, "http response failed. " + errMsg + "; url=" + url); + logger.error(EELFLoggerDelegate.errorLogger, "http response failed. " + restPath + errMsg + "; url=" + url); EPLogUtil.logEcompError(logger, EPAppMessagesEnum.BeIncorrectHttpStatusError); throw new HTTPException(status, errMsg, url); } @@ -157,6 +158,8 @@ public class ApplicationsRestClientServiceImpl implements ApplicationsRestClient return createClientFor(appId, restPath, SystemType.APPLICATION); } + + //TODO Need to implement the mylogins once the endpoint is confirmed @EPMetricsLog private WebClient createClientFor(long appSystemId, String restPath, SystemType type) { @@ -173,6 +176,7 @@ public class ApplicationsRestClientServiceImpl implements ApplicationsRestClient String appBaseUri = (type == SystemType.APPLICATION) ? externalApp.getAppRestEndpoint() : ""; String username = (type == SystemType.APPLICATION) ? externalApp.getUsername(): ""; String encriptedPwd = (type == SystemType.APPLICATION) ? externalApp.getAppPassword(): ""; + String appName = (type == SystemType.APPLICATION) ? externalApp.getName(): ""; String decreptedAppPwd = StringUtils.EMPTY; @@ -185,31 +189,59 @@ public class ApplicationsRestClientServiceImpl implements ApplicationsRestClient MDC.put(EPCommonSystemProperties.TARGET_ENTITY, appName); MDC.put(EPCommonSystemProperties.TARGET_SERVICE_NAME, restPath); + if(!encriptedPwd.isEmpty() || encriptedPwd != null || StringUtils.isEmpty(encriptedPwd)){ try { decreptedAppPwd = CipherUtil.decryptPKC(encriptedPwd, SystemProperties.getProperty(SystemProperties.Decryption_Key)); } catch (Exception e) { logger.error(EELFLoggerDelegate.errorLogger, "createClientFor failed to decrypt", e); } - + } WebClient client = createClientForPath(appBaseUri, restPath); + + + if(externalApp.getAppPassword().isEmpty() || externalApp.getAppPassword()==null){ + logger.debug(EELFLoggerDelegate.debugLogger, "Entering in the externalApp get app password contains null : {}"); + + externalApp = appsCacheService.getApp(1L); + logger.debug(EELFLoggerDelegate.debugLogger, "external App Information : {}",externalApp); + + String mechidUsername=externalApp.getUsername(); + logger.debug(EELFLoggerDelegate.debugLogger, "external App mechidUsername Information : {}",mechidUsername); + + String password=externalApp.getAppPassword(); + String decreptedexternalAppPwd = StringUtils.EMPTY; + try { + decreptedexternalAppPwd = CipherUtil.decryptPKC(password, + SystemProperties.getProperty(SystemProperties.Decryption_Key)); + } catch (CipherUtilException e) { + logger.error(EELFLoggerDelegate.errorLogger, "failed to decreptedexternalAppPwd when external app pwd is null", e); + } + + username =mechidUsername; + decreptedAppPwd = decreptedexternalAppPwd; + + }else{ + logger.debug(EELFLoggerDelegate.debugLogger, "Entering in the externalApp get app password is not null : {}" ); // support basic authentication for some partners String encoding = Base64.getEncoder().encodeToString((username + ":" + decreptedAppPwd).getBytes()); String encodingStr = "Basic " + encoding; client.header(BASIC_AUTHENTICATION_HEADER, encodingStr); - + } + // But still keep code downward compatible for non compliant apps client.header(APP_USERNAME_HEADER, username); client.header(PASSWORD_HEADER, decreptedAppPwd); + String encoding = Base64.getEncoder().encodeToString((username + ":" + decreptedAppPwd).getBytes()); + String encodingStr = "Basic " + encoding; + client.header(BASIC_AUTHENTICATION_HEADER, encodingStr); client.header(SystemProperties.ECOMP_REQUEST_ID, MDC.get(MDC_KEY_REQUEST_ID)); client.header(SystemProperties.USERAGENT_NAME, EPCommonSystemProperties.ECOMP_PORTAL_BE); - logger.debug(EELFLoggerDelegate.debugLogger, - String.format("App %d found, baseUri=[%s], Headers: [%s=%s]", appSystemId, appBaseUri, + String.format("check the partner application URL App %d found, baseUri=[%s], Headers: [%s=%s]", appSystemId, appBaseUri, APP_USERNAME_HEADER, username)); - return client; } return null; @@ -221,8 +253,8 @@ public class ApplicationsRestClientServiceImpl implements ApplicationsRestClient Response response = getResponse(appId, restPath); if (response != null) { - verifyResponse(response); - + //verifyResponse(response); + verifyResponse(response,restPath); /* It is not recommendable to use the implementation class org.apache.cxf.jaxrs.impl.ResponseImpl in the code, but had to force this in-order to prevent conflict with the ResponseImpl class of Jersey Client which doesn't work as expected. Created Portal-253 for tracking */ @@ -244,8 +276,8 @@ public class ApplicationsRestClientServiceImpl implements ApplicationsRestClient Response response = getResponse(appId, restPath); if (response != null) { - verifyResponse(response); - + //verifyResponse(response); + verifyResponse(response,restPath); /* It is not recommendable to use the implementation class org.apache.cxf.jaxrs.impl.ResponseImpl in the code, but had to force this in-order to prevent conflict with the ResponseImpl class of Jersey Client which doesn't work as expected. Created Portal-253 for tracking */ @@ -274,7 +306,8 @@ public class ApplicationsRestClientServiceImpl implements ApplicationsRestClient Response response = getResponse(appId, restPath); if (response != null) { - verifyResponse(response); + //verifyResponse(response); + verifyResponse(response,restPath); String str = ((ResponseImpl)response).readEntity(String.class); EcompPortalUtils.logAndSerializeObject(logger, restPath, "GET result =", str); @@ -313,6 +346,7 @@ public class ApplicationsRestClientServiceImpl implements ApplicationsRestClient } + @SuppressWarnings({ "unchecked", "null" }) @Override public <T> T post(Class<T> clazz, long appId, Object payload, String restPath, SystemType type) throws HTTPException { WebClient client = null; @@ -337,14 +371,16 @@ public class ApplicationsRestClientServiceImpl implements ApplicationsRestClient } if (response != null) { - verifyResponse(response); - + //verifyResponse(response); + verifyResponse(response,restPath); // String contentType = response.getHeaderString("Content-Type"); if (clazz != null) { String str = ((ResponseImpl)response).readEntity(String.class); EcompPortalUtils.logAndSerializeObject(logger, restPath, "POST result =", str); try { - t = gson.fromJson(str, clazz); + t = (T) gson.fromJson(str, t.getClass()); + + //t = gson.fromJson(str, clazz); } catch (Exception e) { EPLogUtil.logEcompError(logger, EPAppMessagesEnum.BeInvalidJsonInput, e); } @@ -392,7 +428,8 @@ public class ApplicationsRestClientServiceImpl implements ApplicationsRestClient } if (response != null) { - verifyResponse(response); + //verifyResponse(response); + verifyResponse(response,restPath); String str = ((ResponseImpl)response).readEntity(String.class); EcompPortalUtils.logAndSerializeObject(logger, restPath, "PUT result =", str); try { diff --git a/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/service/EPAppCommonServiceImpl.java b/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/service/EPAppCommonServiceImpl.java index 24572fb2..5c3c51bf 100644 --- a/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/service/EPAppCommonServiceImpl.java +++ b/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/service/EPAppCommonServiceImpl.java @@ -63,6 +63,7 @@ import org.onap.portalapp.portal.domain.AdminUserApplications; import org.onap.portalapp.portal.domain.AppIdAndNameTransportModel; import org.onap.portalapp.portal.domain.AppsResponse; import org.onap.portalapp.portal.domain.EPApp; +import org.onap.portalapp.portal.domain.EPRole; import org.onap.portalapp.portal.domain.EPUser; import org.onap.portalapp.portal.domain.EPUserAppRolesRequest; import org.onap.portalapp.portal.domain.EPUserAppRolesRequestDetail; @@ -143,12 +144,15 @@ public class EPAppCommonServiceImpl implements EPAppService { EPLogUtil.logEcompError(logger, EPAppMessagesEnum.BeDaoSystemError, e); return null; } + } else { logger.error(EELFLoggerDelegate.errorLogger, "getUserAsAdminApps: only Account Admin may invoke this function!"); return new ArrayList<EPApp>(); } } + + @Override public List<EPApp> getUserByOrgUserIdAsAdminApps(String orgUserId) { @@ -195,7 +199,7 @@ public class EPAppCommonServiceImpl implements EPAppService { ecompApp.setUrl(app.getUrl()); ecompApp.setAlternateUrl(app.getAlternateUrl()); ecompApp.setUebTopicName(app.getUebTopicName()); - ecompApp.setUebKey(app.getUebKey()); + //ecompApp.setUebKey(app.getUebKey()); ecompApp.setUebSecret(app.getUebSecret()); ecompApp.setEnabled(app.getEnabled()); ecompApp.setCentralAuth(app.getCentralAuth()); @@ -216,25 +220,66 @@ public class EPAppCommonServiceImpl implements EPAppService { } } + + @SuppressWarnings("unchecked") @Override public List<AppIdAndNameTransportModel> getAdminApps(EPUser user) { - if (adminRolesService.isAccountAdmin(user)) { - String format = "SELECT app.APP_ID, app.APP_NAME, app.APP_TYPE FROM FN_APP app inner join FN_USER_ROLE userrole ON userrole.APP_ID=app.APP_ID " - + "where userrole.USER_ID = %d AND userrole.ROLE_ID=" + ACCOUNT_ADMIN_ROLE_ID - + " AND (app.ENABLED = 'Y' OR app.APP_ID=1)"; - String sql = String.format(format, user.getId()); - // sql += " AND app.APP_REST_ENDPOINT IS NOT NULL AND - // app.APP_REST_ENDPOINT <> ''"; - logQuery(sql); + + if (adminRolesService.isAccountAdmin(user) && adminRolesService.isRoleAdmin(user)) { + final Map<String, Long> params = new HashMap<>(); + params.put("userId", user.getId()); + List applicationRoleswithAccountandRoleadmin = dataAccessService + .executeNamedQuery("getApplicationsofTheUserwithAdminAndRoleAdmin", params, null); try { - return dataAccessService.executeSQLQuery(sql, AppIdAndNameTransportModel.class, null); + return applicationRoleswithAccountandRoleadmin; } catch (Exception e) { EPLogUtil.logEcompError(logger, EPAppMessagesEnum.BeDaoSystemError, e); logger.error(EELFLoggerDelegate.errorLogger, - "Exception occurred while fetching the adminApps for user " + user.getLoginId(), e); + "Exception occurred while fetching the list of user who has type account and role approver " + + user.getLoginId(), + e); + } + } + + else { + if (adminRolesService.isAccountAdmin(user)) { + String format = "SELECT app.APP_ID, app.APP_NAME, app.APP_TYPE FROM FN_APP app inner join FN_USER_ROLE userrole ON userrole.APP_ID=app.APP_ID " + + "where userrole.USER_ID = %d AND userrole.ROLE_ID=" + ACCOUNT_ADMIN_ROLE_ID + + " AND (app.ENABLED = 'Y' OR app.APP_ID=1)"; + String sql = String.format(format, user.getId()); + logQuery(sql); + try { + return dataAccessService.executeSQLQuery(sql, AppIdAndNameTransportModel.class, null); + } catch (Exception e) { + EPLogUtil.logEcompError(logger, EPAppMessagesEnum.BeDaoSystemError, e); + logger.error(EELFLoggerDelegate.errorLogger, + "Exception occurred while fetching the adminApps for user " + user.getLoginId(), e); + } + + } + + if (adminRolesService.isRoleAdmin(user)) { + final Map<String, Long> params = new HashMap<>(); + params.put("userId", user.getId()); + List applicationRoles = dataAccessService.executeNamedQuery("getApplicationsofTheUserContainsApprover", + params, null); + + try { + return applicationRoles; + } catch (Exception e) { + EPLogUtil.logEcompError(logger, EPAppMessagesEnum.BeDaoSystemError, e); + logger.error(EELFLoggerDelegate.errorLogger, + "Exception occurred while fetching the list of user who has type approver " + + user.getLoginId(), + e); + } + } } + // sql += " AND app.APP_REST_ENDPOINT IS NOT NULL AND + // app.APP_REST_ENDPOINT <> ''"; + return new ArrayList<AppIdAndNameTransportModel>(); } @@ -444,18 +489,41 @@ public class EPAppCommonServiceImpl implements EPAppService { protected FieldsValidator onboardingAppFieldsChecker(OnboardingApp onboardingApp) { FieldsValidator fieldsValidator = new FieldsValidator(); + if(onboardingApp.isCentralAuth){ if (onboardingApp.name == null || onboardingApp.name.length() == 0 || onboardingApp.url == null || onboardingApp.url.length() == 0 || onboardingApp.restrictedApp == null || onboardingApp.isOpen == null || onboardingApp.isEnabled == null || (onboardingApp.id != null && onboardingApp.id.equals(ECOMP_APP_ID)) - // For a normal app (appType==1), these fields must be filled + // For a normal app (appType == PortalConstants.PortalAppId), + // these fields must be filled // in. // For a restricted app (appType==2), they will be empty. - || ((!onboardingApp.restrictedApp) - && (onboardingApp.username == null || onboardingApp.username.length() == 0 - || onboardingApp.appPassword == null || onboardingApp.appPassword.length() == 0))) { + || ((!onboardingApp.restrictedApp) && (onboardingApp.myLoginsAppName == null + || onboardingApp.myLoginsAppName.length() == 0 || onboardingApp.myLoginsAppOwner == null + || onboardingApp.myLoginsAppOwner.length() == 0 || onboardingApp.username == null + || onboardingApp.username.length() == 0 ))) { fieldsValidator.httpStatusCode = new Long(HttpServletResponse.SC_BAD_REQUEST); } + }else{ + + if (onboardingApp.name == null || onboardingApp.name.length() == 0 || onboardingApp.url == null + || onboardingApp.url.length() == 0 || onboardingApp.restrictedApp == null + || onboardingApp.isOpen == null || onboardingApp.isEnabled == null + || (onboardingApp.id != null && onboardingApp.id.equals(ECOMP_APP_ID)) + // For a normal app (appType == PortalConstants.PortalAppId), + // these fields must be filled + // in. + // For a restricted app (appType==2), they will be empty. + || ((!onboardingApp.restrictedApp) && (onboardingApp.myLoginsAppName == null + || onboardingApp.myLoginsAppName.length() == 0 || onboardingApp.myLoginsAppOwner == null + || onboardingApp.myLoginsAppOwner.length() == 0 || onboardingApp.username == null + || onboardingApp.username.length() == 0 || onboardingApp.appPassword == null + || onboardingApp.appPassword.length() == 0))) { + fieldsValidator.httpStatusCode = new Long(HttpServletResponse.SC_BAD_REQUEST); + } + + + } return fieldsValidator; } diff --git a/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/service/EPLeftMenuServiceImpl.java b/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/service/EPLeftMenuServiceImpl.java index f661163d..97c2b74c 100644 --- a/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/service/EPLeftMenuServiceImpl.java +++ b/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/service/EPLeftMenuServiceImpl.java @@ -37,8 +37,10 @@ */ package org.onap.portalapp.portal.service; +import java.util.ArrayList; import java.util.Collection; import java.util.Comparator; +import java.util.HashMap; import java.util.LinkedHashMap; import java.util.List; import java.util.Map; @@ -53,6 +55,7 @@ import org.onap.portalapp.portal.domain.EPUser; import org.onap.portalapp.portal.logging.aop.EPMetricsLog; import org.onap.portalsdk.core.domain.MenuData; import org.onap.portalsdk.core.logging.logic.EELFLoggerDelegate; +import org.onap.portalsdk.core.service.DataAccessService; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.context.annotation.EnableAspectJAutoProxy; import org.springframework.stereotype.Service; @@ -71,6 +74,9 @@ public class EPLeftMenuServiceImpl implements EPLeftMenuService { @Autowired private ExternalAccessRolesService externalAccessRolesService; + @Autowired + private DataAccessService dataAccessService; + /* * (non-Javadoc) * @@ -83,6 +89,7 @@ public class EPLeftMenuServiceImpl implements EPLeftMenuService { final Map<String, JSONObject> defaultNavMap = new LinkedHashMap<String, JSONObject>(); resetNavMap(defaultNavMap); loadDefaultNavMap(defaultNavMap); + loadNavMapByUserAdminRole(defaultNavMap,user); loadNavMapByRole(defaultNavMap, fullMenuSet , user); return convertToSideBarModel(defaultNavMap); } @@ -175,5 +182,20 @@ public class EPLeftMenuServiceImpl implements EPLeftMenuService { defaultNavMap.put("root.widgetCatalog", navItemsDetails3); } + + @SuppressWarnings("unchecked") + private void loadNavMapByUserAdminRole(Map<String, JSONObject> defaultNavMap, EPUser user) { + List<String> applicationsList = new ArrayList<>(); + final Map<String, Long> appParams = new HashMap<>(); + appParams.put("userId", user.getId()); + applicationsList = dataAccessService.executeNamedQuery("getAprroverRoleFunctionsOfUser", appParams, null); + if (applicationsList.size() > 0) { + JSONObject navItemsDetails = new JSONObject(); + navItemsDetails.put("name", "Users"); + navItemsDetails.put("state", "root.users"); + navItemsDetails.put("imageSrc", "icon-user"); + defaultNavMap.put("root.users", navItemsDetails); + } + } } diff --git a/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/service/ExternalAccessRolesService.java b/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/service/ExternalAccessRolesService.java index 170d4323..ee960c40 100644 --- a/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/service/ExternalAccessRolesService.java +++ b/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/service/ExternalAccessRolesService.java @@ -40,6 +40,7 @@ package org.onap.portalapp.portal.service; import java.io.IOException; import java.util.List; import java.util.Map; +import java.util.Set; import org.hibernate.Session; import org.json.JSONArray; @@ -51,12 +52,14 @@ import org.onap.portalapp.portal.domain.EPUser; import org.onap.portalapp.portal.domain.ExternalRoleDetails; import org.onap.portalapp.portal.ecomp.model.UploadRoleFunctionExtSystem; import org.onap.portalapp.portal.exceptions.InvalidUserException; +import org.onap.portalapp.portal.exceptions.RoleFunctionException; import org.onap.portalapp.portal.transport.CentralRole; import org.onap.portalapp.portal.transport.CentralRoleFunction; import org.onap.portalapp.portal.transport.CentralUser; import org.onap.portalapp.portal.transport.CentralV2Role; import org.onap.portalapp.portal.transport.ExternalRequestFieldsValidator; import org.onap.portalsdk.core.domain.Role; +import org.onap.portalsdk.core.restful.domain.EcompRole; import org.onap.portalsdk.core.restful.domain.EcompUser; import org.springframework.http.HttpEntity; import org.springframework.http.ResponseEntity; @@ -387,7 +390,7 @@ public interface ExternalAccessRolesService { * @param app * @return List of EPRole objects */ - Map<String, EPRole> getCurrentRolesInDB(EPApp app); + Map<String, EPRole> getAppRoleNamesWithUnderscoreMap(EPApp app); /** @@ -482,4 +485,35 @@ public interface ExternalAccessRolesService { */ ResponseEntity<String> getUserRolesFromExtAuthSystem(String orgUserId, HttpEntity<String> getUserRolesEntity) throws Exception; + /** + * + * Updates app role description in external auth system + * + * @param uebkey + * @return number of updates + */ + public Integer updateAppRoleDescription(String uebkey); + + /** + * Creates centralRoleObject + * @param app + * @param roleInfo + * @param roleList + * @param params + * @return returns List<CentralV2Role> + * @throws RoleFunctionException + */ + public List<CentralV2Role> createCentralRoleObject(List<EPApp> app, List<EPRole> roleInfo, + List<CentralV2Role> roleList, Map<String, Long> params) throws RoleFunctionException; + + /** + * + * @param uebkey + * @param loginId + * @param CurrentUserRoles + * @return returns list of user roles + * @throws Exception + */ + public List<EcompRole> missingUserApplicationRoles(String uebkey, String loginId, Set<EcompRole> CurrentUserRoles) throws Exception; + } diff --git a/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/service/ExternalAccessRolesServiceImpl.java b/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/service/ExternalAccessRolesServiceImpl.java index 29cd6444..3a86952b 100644 --- a/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/service/ExternalAccessRolesServiceImpl.java +++ b/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/service/ExternalAccessRolesServiceImpl.java @@ -89,6 +89,7 @@ import org.onap.portalapp.portal.transport.CentralV2Role; import org.onap.portalapp.portal.transport.CentralV2User; import org.onap.portalapp.portal.transport.CentralV2UserApp; import org.onap.portalapp.portal.transport.CentralizedAppRoles; +import org.onap.portalapp.portal.transport.EPUserAppCurrentRoles; import org.onap.portalapp.portal.transport.EcompUserRoles; import org.onap.portalapp.portal.transport.ExternalAccessPerms; import org.onap.portalapp.portal.transport.ExternalAccessPermsDetail; @@ -133,64 +134,40 @@ import com.fasterxml.jackson.databind.type.TypeFactory; @EPMetricsLog @EPAuditLog public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesService { - private static final String APP_ROLE_NAME_PARAM = "appRoleName"; - private static final String GET_ROLE_TO_UPDATE_IN_EXTERNAL_AUTH_SYSTEM = "getRoletoUpdateInExternalAuthSystem"; - private static final String GET_PORTAL_APP_ROLES_QUERY = "getPortalAppRoles"; - private static final String GET_ROLE_FUNCTION_QUERY = "getRoleFunction"; - private static final String FUNCTION_CODE_PARAMS = "functionCode"; - private static final String AND_FUNCTION_CD_EQUALS = " and function_cd = '"; - private static final String OWNER = ".owner"; - private static final String ADMIN = ".admin"; - private static final String ACCOUNT_ADMINISTRATOR = ".Account_Administrator"; - private static final String FUNCTION_PIPE = "|"; - private static final String EXTERNAL_AUTH_PERMS = "perms"; - private static final String EXTERNAL_AUTH_ROLE_DESCRIPTION = "description"; - private static final String IS_EMPTY_JSON_STRING = "{}"; - private static final String CONNECTING_TO_EXTERNAL_AUTH_SYSTEM_LOG_MESSAGE = "Connecting to External Auth system"; - private static final String APP_ID = "appId"; - private static final String ROLE_NAME = "name"; - private static final String APP_ID_EQUALS = " app_id = "; - private static EELFLoggerDelegate logger = EELFLoggerDelegate.getLogger(ExternalAccessRolesServiceImpl.class); - @Autowired private DataAccessService dataAccessService; - @Autowired private EPAppService epAppService; - @Autowired private SessionFactory sessionFactory; - @Autowired EPRoleService ePRoleService; - RestTemplate template = new RestTemplate(); - - // These decode values are based on HexDecoder static final String decodeValueOfForwardSlash = "2f"; static final String decodeValueOfHiphen = "2d"; static final String decodeValueOfStar = "2a"; @SuppressWarnings("unchecked") + @Override public List<EPRole> getAppRoles(Long appId) throws Exception { List<EPRole> applicationRoles = null; final Map<String, Long> appParams = new HashMap<>(); @@ -216,8 +193,9 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic final Map<String, String> appUebkeyParams = new HashMap<>(); appUebkeyParams.put("appKey", uebkey); app = dataAccessService.executeNamedQuery("getMyAppDetailsByUebKey", appUebkeyParams, null); - if(!app.isEmpty() && !app.get(0).getEnabled() && !app.get(0).getId().equals(PortalConstants.PORTAL_APP_ID)){ - throw new InactiveApplicationException("Application:"+app.get(0).getName()+" is Unavailable"); + if (!app.isEmpty() && !app.get(0).getEnabled() + && !app.get(0).getId().equals(PortalConstants.PORTAL_APP_ID)) { + throw new InactiveApplicationException("Application:" + app.get(0).getName() + " is Unavailable"); } } catch (Exception e) { logger.error(EELFLoggerDelegate.errorLogger, "getApp: failed", e); @@ -227,7 +205,8 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic } /** - * It returns single application role from external auth system + * It returns single application role from external auth system + * * @param addRole * @param app * @return JSON string which contains application role details @@ -264,11 +243,14 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic HttpMethod.POST, entity, String.class); if (addResponse.getStatusCode().value() == 201) { response = true; - logger.debug(EELFLoggerDelegate.debugLogger, "addRole: Finished adding role in the External Auth system and response code: {} ", addResponse.getStatusCode().value()); + logger.debug(EELFLoggerDelegate.debugLogger, + "addRole: Finished adding role in the External Auth system and response code: {} ", + addResponse.getStatusCode().value()); } if (addResponse.getStatusCode().value() == 406) { logger.error(EELFLoggerDelegate.errorLogger, - "addRole: Failed to add in the External Auth system due to {} and status code: {}", addResponse.getBody(), addResponse.getStatusCode().value()); + "addRole: Failed to add in the External Auth system due to {} and status code: {}", + addResponse.getBody(), addResponse.getStatusCode().value()); } return response; } @@ -278,18 +260,21 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic * It deletes record in external auth system * * @param delRole - * @return JSON String which has status code and response body + * @return JSON String which has status code and response body * @throws Exception */ private ResponseEntity<String> deleteRoleInExternalSystem(String delRole) throws Exception { ResponseEntity<String> delResponse = null; HttpHeaders headers = EcompPortalUtils.base64encodeKeyForAAFBasicAuth(); HttpEntity<String> entity = new HttpEntity<>(delRole, headers); - logger.debug(EELFLoggerDelegate.debugLogger, "deleteRoleInExternalSystem: {} for DELETE: {}" , CONNECTING_TO_EXTERNAL_AUTH_SYSTEM_LOG_MESSAGE, delRole); + logger.debug(EELFLoggerDelegate.debugLogger, "deleteRoleInExternalSystem: {} for DELETE: {}", + CONNECTING_TO_EXTERNAL_AUTH_SYSTEM_LOG_MESSAGE, delRole); delResponse = template.exchange( SystemProperties.getProperty(EPCommonSystemProperties.EXTERNAL_CENTRAL_ACCESS_URL) + "role?force=true", HttpMethod.DELETE, entity, String.class); - logger.debug(EELFLoggerDelegate.debugLogger, "deleteRoleInExternalSystem: Finished DELETE operation in the External Auth system {} and status code: {} ", delRole, delResponse.getStatusCode().value()); + logger.debug(EELFLoggerDelegate.debugLogger, + "deleteRoleInExternalSystem: Finished DELETE operation in the External Auth system {} and status code: {} ", + delRole, delResponse.getStatusCode().value()); return delResponse; } @@ -300,7 +285,8 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic * @param app * @return true if success else false * @throws Exception - * If updateRoleInExternalSystem fails we catch it in logger for detail message + * If updateRoleInExternalSystem fails we catch it in logger for + * detail message */ private boolean updateRoleInExternalSystem(Role updateExtRole, EPApp app, boolean isGlobalRole) throws Exception { boolean response = false; @@ -352,13 +338,15 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic isRoleNameChanged = true; deleteRoleInExtSystem(mapper, name); addRole(updateExtRole, app.getUebKey()); - // add partner functions to the global role in External Auth System + // add partner functions to the global role in External + // Auth System if (!list.isEmpty() && isGlobalRole) { addPartnerHasRoleFunctionsToGlobalRole(list, mapper, app, updateExtRole); } list.removeIf( perm -> EcompPortalUtils.checkNameSpaceMatching(perm.getType(), app.getNameSpace())); - // if role name is changes please ignore the previous functions in External Auth + // if role name is changes please ignore the previous + // functions in External Auth // and update with user requested functions addRemoveFunctionsToRole(updateExtRole, app, mapper, roleFunctionListNew, name, list); } @@ -423,21 +411,22 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic HttpHeaders headers = EcompPortalUtils.base64encodeKeyForAAFBasicAuth(); if (!list.isEmpty()) { for (ExternalAccessPerms perm : list) { - RoleFunction roleFunc = updateRoleFunc.get(perm.getType().substring(app.getNameSpace().length()+1) + FUNCTION_PIPE + perm.getInstance() + FUNCTION_PIPE + perm.getAction()); - if (roleFunc==null) { - RoleFunction roleFuncPipeFilter = updateRoleFunc.get(perm.getInstance()); - if(roleFuncPipeFilter == null) - removePermForRole(perm, mapper, name, headers); + RoleFunction roleFunc = updateRoleFunc.get(perm.getType().substring(app.getNameSpace().length() + 1) + + FUNCTION_PIPE + perm.getInstance() + FUNCTION_PIPE + perm.getAction()); + if (roleFunc == null) { + RoleFunction roleFuncPipeFilter = updateRoleFunc.get(perm.getInstance()); + if (roleFuncPipeFilter == null) + removePermForRole(perm, mapper, name, headers); } extRolePermMap.put(perm.getInstance(), perm); - extRolePermMapPipes.put( - perm.getType().substring(app.getNameSpace().length()+1) + FUNCTION_PIPE + perm.getInstance() + FUNCTION_PIPE + perm.getAction(), perm); + extRolePermMapPipes.put(perm.getType().substring(app.getNameSpace().length() + 1) + FUNCTION_PIPE + + perm.getInstance() + FUNCTION_PIPE + perm.getAction(), perm); } } response = true; if (!roleFunctionListNew.isEmpty()) { for (RoleFunction roleFunc : roleFunctionListNew) { - if(roleFunc.getCode().contains(FUNCTION_PIPE)) { + if (roleFunc.getCode().contains(FUNCTION_PIPE)) { ExternalAccessPerms perm = extRolePermMapPipes.get(roleFunc.getCode()); if (perm == null) { response = addFunctionsToRoleInExternalAuthSystem(updateExtRole, app, mapper, headers, @@ -453,9 +442,10 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic } return response; } - + /* - * Adds function to the role in the external auth system while editing a role or updating new functions to a role + * Adds function to the role in the external auth system while editing a + * role or updating new functions to a role * */ private boolean addFunctionsToRoleInExternalAuthSystem(Role updateExtRole, EPApp app, ObjectMapper mapper, @@ -468,7 +458,7 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic String action = ""; if (roleFunc.getCode().contains(FUNCTION_PIPE)) { code = EcompPortalUtils.getFunctionCode(roleFunc.getCode()); - type = getFunctionCodeType(roleFunc.getCode()); + type = EcompPortalUtils.getFunctionType(roleFunc.getCode()); action = getFunctionCodeAction(roleFunc.getCode()); } else { code = roleFunc.getCode(); @@ -476,25 +466,20 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic action = "*"; } extPerms = new ExternalAccessPerms(app.getNameSpace() + "." + type, code, action); - extRolePerms = new ExternalAccessRolePerms(extPerms, - app.getNameSpace() + "." - + updateExtRole.getName().replaceAll( - EcompPortalUtils.EXTERNAL_CENTRAL_AUTH_ROLE_HANDLE_SPECIAL_CHARACTERS, - "_")); + extRolePerms = new ExternalAccessRolePerms(extPerms, app.getNameSpace() + "." + updateExtRole.getName() + .replaceAll(EcompPortalUtils.EXTERNAL_CENTRAL_AUTH_ROLE_HANDLE_SPECIAL_CHARACTERS, "_")); String updateRolePerms = mapper.writeValueAsString(extRolePerms); HttpEntity<String> entity = new HttpEntity<>(updateRolePerms, headers); logger.debug(EELFLoggerDelegate.debugLogger, "updateRoleInExternalSystem: {} for POST: {}", CONNECTING_TO_EXTERNAL_AUTH_SYSTEM_LOG_MESSAGE, updateRolePerms); ResponseEntity<String> addResponse = template.exchange( - SystemProperties.getProperty( - EPCommonSystemProperties.EXTERNAL_CENTRAL_ACCESS_URL) + "role/perm", + SystemProperties.getProperty(EPCommonSystemProperties.EXTERNAL_CENTRAL_ACCESS_URL) + "role/perm", HttpMethod.POST, entity, String.class); - if (addResponse.getStatusCode().value() != 201 && addResponse.getStatusCode().value()!= 409) { + if (addResponse.getStatusCode().value() != 201 && addResponse.getStatusCode().value() != 409) { response = false; logger.debug(EELFLoggerDelegate.debugLogger, "updateRoleInExternalSystem: Connected to External Auth system but something went wrong! due to {} and statuscode: {}", - addResponse.getStatusCode().getReasonPhrase(), - addResponse.getStatusCode().value()); + addResponse.getStatusCode().getReasonPhrase(), addResponse.getStatusCode().value()); } else { response = true; logger.debug(EELFLoggerDelegate.debugLogger, @@ -503,7 +488,7 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic } return response; } - + private void addPartnerHasRoleFunctionsToGlobalRole(List<ExternalAccessPerms> permslist, ObjectMapper mapper, EPApp app, Role updateExtRole) throws Exception { for (ExternalAccessPerms perm : permslist) { @@ -533,19 +518,20 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic addResponse.getStatusCode().value()); } } catch (Exception e) { - logger.error(EELFLoggerDelegate.errorLogger, "addPartnerHasRoleFunctionsToGlobalRole: Failed for POST request: {} due to ", - addPerms, e); + logger.error(EELFLoggerDelegate.errorLogger, + "addPartnerHasRoleFunctionsToGlobalRole: Failed for POST request: {} due to ", addPerms, e); } } } } @SuppressWarnings("unchecked") - private void addFunctionsTOGlobalRole(List<EPRole> epRoleList, Role updateExtRole, List<RoleFunction> roleFunctionListNew, ObjectMapper mapper, EPApp app, EPApp portalAppInfo) + private void addFunctionsTOGlobalRole(List<EPRole> epRoleList, Role updateExtRole, + List<RoleFunction> roleFunctionListNew, ObjectMapper mapper, EPApp app, EPApp portalAppInfo) throws Exception { try { logger.debug(EELFLoggerDelegate.debugLogger, "Entering into addFunctionsTOGlobalRole"); - //GET Permissions from External Auth System + // GET Permissions from External Auth System JSONArray extPerms = getExtAuthPermissions(app); List<ExternalAccessPermsDetail> permsDetailList = getExtAuthPerrmissonList(app, extPerms); final Map<String, ExternalAccessPermsDetail> existingPermsWithRoles = new HashMap<>(); @@ -555,99 +541,108 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic for (ExternalAccessPermsDetail permDetail : permsDetailList) { existingPermsWithRoles.put(EcompPortalUtils.getFunctionCode(permDetail.getInstance()), permDetail); existingPermsWithRolesWithPipes.put(permDetail.getInstance(), permDetail); - } // Add If function does not exists for role in External Auth System for (RoleFunction roleFunc : roleFunctionListNew) { String roleFuncCode = ""; ExternalAccessPermsDetail permsDetail; - if(roleFunc.getCode().contains(FUNCTION_PIPE)) { + if (roleFunc.getCode().contains(FUNCTION_PIPE)) { roleFuncCode = roleFunc.getCode(); permsDetail = existingPermsWithRolesWithPipes.get(roleFunc.getCode()); } else { roleFuncCode = EcompPortalUtils.getFunctionCode(roleFunc.getCode()); permsDetail = existingPermsWithRoles.get(roleFuncCode); } - if (null == permsDetail.getRoles() || !permsDetail.getRoles() - .contains(portalAppInfo.getNameSpace() + FUNCTION_PIPE + epRoleList.get(0).getName().replaceAll( - EcompPortalUtils.EXTERNAL_CENTRAL_AUTH_ROLE_HANDLE_SPECIAL_CHARACTERS, "_"))) { + if (null == permsDetail.getRoles() + || !permsDetail.getRoles() + .contains(portalAppInfo.getNameSpace() + FUNCTION_PIPE + + epRoleList.get(0).getName().replaceAll( + EcompPortalUtils.EXTERNAL_CENTRAL_AUTH_ROLE_HANDLE_SPECIAL_CHARACTERS, + "_"))) { addRoleFunctionsToGlobalRoleInExternalSystem(roleFunc, updateExtRole, mapper, app, portalAppInfo); } userRquestedFunctionsMap.put(roleFuncCode, roleFunc); userRquestedFunctionsMapPipesFilter.put(EcompPortalUtils.getFunctionCode(roleFuncCode), roleFunc); - } - // Delete functions if exists in External Auth System but not in incoming request - final Map<String, Long> epAppRoleFuncParams = new HashMap<>(); + } + // Delete functions if exists in External Auth System but not in + // incoming + // request + final Map<String, Long> epAppRoleFuncParams = new HashMap<>(); epAppRoleFuncParams.put("requestedAppId", app.getId()); - epAppRoleFuncParams.put("roleId",updateExtRole.getId()); - List<GlobalRoleWithApplicationRoleFunction> globalRoleFunctionList = dataAccessService.executeNamedQuery("getGlobalRoleForRequestedApp", epAppRoleFuncParams, null); - for(GlobalRoleWithApplicationRoleFunction globalRoleFunc: globalRoleFunctionList){ + epAppRoleFuncParams.put("roleId", updateExtRole.getId()); + List<GlobalRoleWithApplicationRoleFunction> globalRoleFunctionList = dataAccessService + .executeNamedQuery("getGlobalRoleForRequestedApp", epAppRoleFuncParams, null); + for (GlobalRoleWithApplicationRoleFunction globalRoleFunc : globalRoleFunctionList) { String globalRoleFuncWithoutPipes = ""; RoleFunction roleFunc = null; - if(globalRoleFunc.getFunctionCd().contains(FUNCTION_PIPE)) { + if (globalRoleFunc.getFunctionCd().contains(FUNCTION_PIPE)) { globalRoleFuncWithoutPipes = globalRoleFunc.getFunctionCd(); roleFunc = userRquestedFunctionsMap.get(globalRoleFuncWithoutPipes); - }else { - globalRoleFuncWithoutPipes = EcompPortalUtils.getFunctionCode(globalRoleFunc.getFunctionCd()); + } else { + globalRoleFuncWithoutPipes = EcompPortalUtils.getFunctionCode(globalRoleFunc.getFunctionCd()); roleFunc = userRquestedFunctionsMapPipesFilter.get(globalRoleFuncWithoutPipes); } - if(roleFunc == null){ - ExternalAccessPermsDetail permDetailFromMap = globalRoleFunc.getFunctionCd().contains(FUNCTION_PIPE) ? existingPermsWithRolesWithPipes.get(globalRoleFuncWithoutPipes) : existingPermsWithRoles.get(globalRoleFuncWithoutPipes); - ExternalAccessPerms perm = new ExternalAccessPerms(permDetailFromMap.getType(), EcompPortalUtils.getFunctionCode(permDetailFromMap.getInstance()), permDetailFromMap.getAction()); - String roleName = portalAppInfo.getNameSpace()+"."+globalRoleFunc.getRoleName().replaceAll(EcompPortalUtils.EXTERNAL_CENTRAL_AUTH_ROLE_HANDLE_SPECIAL_CHARACTERS, "_"); + if (roleFunc == null) { + ExternalAccessPermsDetail permDetailFromMap = globalRoleFunc.getFunctionCd().contains(FUNCTION_PIPE) + ? existingPermsWithRolesWithPipes.get(globalRoleFuncWithoutPipes) + : existingPermsWithRoles.get(globalRoleFuncWithoutPipes); + ExternalAccessPerms perm = new ExternalAccessPerms(permDetailFromMap.getType(), + EcompPortalUtils.getFunctionCode(permDetailFromMap.getInstance()), + permDetailFromMap.getAction()); + String roleName = portalAppInfo.getNameSpace() + "." + globalRoleFunc.getRoleName() + .replaceAll(EcompPortalUtils.EXTERNAL_CENTRAL_AUTH_ROLE_HANDLE_SPECIAL_CHARACTERS, "_"); HttpHeaders headers = EcompPortalUtils.base64encodeKeyForAAFBasicAuth(); removePermForRole(perm, mapper, roleName, headers); } } logger.debug(EELFLoggerDelegate.debugLogger, "Finished addFunctionsTOGlobalRole"); } catch (Exception e) { - logger.error(EELFLoggerDelegate.errorLogger, "addFunctionsTOGlobalRole: Failed",e); + logger.error(EELFLoggerDelegate.errorLogger, "addFunctionsTOGlobalRole: Failed", e); throw e; } } - private void addRoleFunctionsToGlobalRoleInExternalSystem(RoleFunction addFunction, Role globalRole, ObjectMapper mapper, EPApp app, - EPApp portalAppInfo) throws Exception { + private void addRoleFunctionsToGlobalRoleInExternalSystem(RoleFunction addFunction, Role globalRole, + ObjectMapper mapper, EPApp app, EPApp portalAppInfo) throws Exception { try { logger.debug(EELFLoggerDelegate.debugLogger, "Entering into addRoleFunctionsToGlobalRoleInExternalSystem"); ExternalAccessRolePerms extAddRolePerms = null; ExternalAccessPerms extAddPerms = null; HttpHeaders headers = EcompPortalUtils.base64encodeKeyForAAFBasicAuth(); - String code = ""; - String type = ""; - String action = ""; - if (addFunction.getCode().contains(FUNCTION_PIPE)) { - code = EcompPortalUtils.getFunctionCode(addFunction.getCode()); - type = getFunctionCodeType(addFunction.getCode()); - action = getFunctionCodeAction(addFunction.getCode()); - } else { - code = addFunction.getCode(); - type = addFunction.getCode().contains("menu") ? "menu" : "url"; - action = "*"; - } - extAddPerms = new ExternalAccessPerms(app.getNameSpace() + "." + type, code, action); - extAddRolePerms = new ExternalAccessRolePerms(extAddPerms, - portalAppInfo.getNameSpace() + "." + globalRole.getName().replaceAll( - EcompPortalUtils.EXTERNAL_CENTRAL_AUTH_ROLE_HANDLE_SPECIAL_CHARACTERS, "_")); - String updateRolePerms = mapper.writeValueAsString(extAddRolePerms); - HttpEntity<String> entity = new HttpEntity<>(updateRolePerms, headers); - logger.debug(EELFLoggerDelegate.debugLogger, "addRoleFunctionsInExternalSystem: {} ", - CONNECTING_TO_EXTERNAL_AUTH_SYSTEM_LOG_MESSAGE); - ResponseEntity<String> addResponse = template - .exchange(SystemProperties.getProperty(EPCommonSystemProperties.EXTERNAL_CENTRAL_ACCESS_URL) - + "role/perm", HttpMethod.POST, entity, String.class); - if (addResponse.getStatusCode().value() != 201) { - logger.debug(EELFLoggerDelegate.debugLogger, - "addRoleFunctionsInExternalSystem: While adding permission to the role in External Auth system something went wrong! due to {} and statuscode: {}", - addResponse.getStatusCode().getReasonPhrase(), addResponse.getStatusCode().value()); - } else { - logger.debug(EELFLoggerDelegate.debugLogger, - "addRoleFunctionsInExternalSystem: Finished adding permissions to roles in External Auth system and status code: {} ", - addResponse.getStatusCode().value()); - } + String code = ""; + String type = ""; + String action = ""; + if (addFunction.getCode().contains(FUNCTION_PIPE)) { + code = EcompPortalUtils.getFunctionCode(addFunction.getCode()); + type = getFunctionCodeType(addFunction.getCode()); + action = getFunctionCodeAction(addFunction.getCode()); + } else { + code = addFunction.getCode(); + type = addFunction.getCode().contains("menu") ? "menu" : "url"; + action = "*"; + } + extAddPerms = new ExternalAccessPerms(app.getNameSpace() + "." + type, code, action); + extAddRolePerms = new ExternalAccessRolePerms(extAddPerms, portalAppInfo.getNameSpace() + "." + globalRole + .getName().replaceAll(EcompPortalUtils.EXTERNAL_CENTRAL_AUTH_ROLE_HANDLE_SPECIAL_CHARACTERS, "_")); + String updateRolePerms = mapper.writeValueAsString(extAddRolePerms); + HttpEntity<String> entity = new HttpEntity<>(updateRolePerms, headers); + logger.debug(EELFLoggerDelegate.debugLogger, "addRoleFunctionsInExternalSystem: {} ", + CONNECTING_TO_EXTERNAL_AUTH_SYSTEM_LOG_MESSAGE); + ResponseEntity<String> addResponse = template.exchange( + SystemProperties.getProperty(EPCommonSystemProperties.EXTERNAL_CENTRAL_ACCESS_URL) + "role/perm", + HttpMethod.POST, entity, String.class); + if (addResponse.getStatusCode().value() != 201) { + logger.debug(EELFLoggerDelegate.debugLogger, + "addRoleFunctionsInExternalSystem: While adding permission to the role in External Auth system something went wrong! due to {} and statuscode: {}", + addResponse.getStatusCode().getReasonPhrase(), addResponse.getStatusCode().value()); + } else { + logger.debug(EELFLoggerDelegate.debugLogger, + "addRoleFunctionsInExternalSystem: Finished adding permissions to roles in External Auth system and status code: {} ", + addResponse.getStatusCode().value()); + } logger.debug(EELFLoggerDelegate.debugLogger, "Finished addRoleFunctionsToGlobalRoleInExternalSystem"); - }catch(Exception e){ - logger.error(EELFLoggerDelegate.errorLogger, "addRoleFunctionsToGlobalRoleInExternalSystem: Failed",e); + } catch (Exception e) { + logger.error(EELFLoggerDelegate.errorLogger, "addRoleFunctionsToGlobalRoleInExternalSystem: Failed", e); throw e; } } @@ -657,7 +652,8 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic boolean response; String updateRolePerms = addPermsMapper.writeValueAsString(extAddRolePerms); HttpEntity<String> entity = new HttpEntity<>(updateRolePerms, headers); - logger.debug(EELFLoggerDelegate.debugLogger, "addRoleFunctionsInExternalSystem: {} for POST: {} " , CONNECTING_TO_EXTERNAL_AUTH_SYSTEM_LOG_MESSAGE, updateRolePerms); + logger.debug(EELFLoggerDelegate.debugLogger, "addRoleFunctionsInExternalSystem: {} for POST: {} ", + CONNECTING_TO_EXTERNAL_AUTH_SYSTEM_LOG_MESSAGE, updateRolePerms); ResponseEntity<String> addResponse = template.exchange( SystemProperties.getProperty(EPCommonSystemProperties.EXTERNAL_CENTRAL_ACCESS_URL) + "role/perm", HttpMethod.POST, entity, String.class); @@ -668,17 +664,20 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic addResponse.getStatusCode().getReasonPhrase(), addResponse.getStatusCode().value()); } else { response = true; - logger.debug(EELFLoggerDelegate.debugLogger, "addRoleFunctionsInExternalSystem: Finished adding permissions to roles in External Auth system {} and status code: {} ", updateRolePerms, addResponse.getStatusCode().value()); + logger.debug(EELFLoggerDelegate.debugLogger, + "addRoleFunctionsInExternalSystem: Finished adding permissions to roles in External Auth system {} and status code: {} ", + updateRolePerms, addResponse.getStatusCode().value()); } return response; } /** * - * It converts list of functions in updateExtRole parameter to the RoleFunction object + * It converts list of functions in updateExtRole parameter to the + * RoleFunction object * * @param updateExtRole - * @return list of functions + * @return list of functions */ @SuppressWarnings("unchecked") private List<RoleFunction> convertSetToListOfRoleFunctions(Role updateExtRole) { @@ -701,28 +700,31 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic * @param permMapper * @param name * @param headers - * @throws JsonProcessingException + * @throws JsonProcessingException * @throws Exception */ private void removePermForRole(ExternalAccessPerms perm, ObjectMapper permMapper, String name, HttpHeaders headers) throws ExternalAuthSystemException, JsonProcessingException { ExternalAccessRolePerms extAccessRolePerms = new ExternalAccessRolePerms(perm, name); String permDetails = permMapper.writeValueAsString(extAccessRolePerms); - try{ - HttpEntity<String> deleteEntity = new HttpEntity<>(permDetails, headers); - logger.debug(EELFLoggerDelegate.debugLogger, "removePermForRole: {} for DELETE: {} " , CONNECTING_TO_EXTERNAL_AUTH_SYSTEM_LOG_MESSAGE, permDetails); - ResponseEntity<String> deletePermResponse = template - .exchange(SystemProperties.getProperty(EPCommonSystemProperties.EXTERNAL_CENTRAL_ACCESS_URL) + "role/" - + name + "/perm", HttpMethod.DELETE, deleteEntity, String.class); - if (deletePermResponse.getStatusCode().value() != 200) { - throw new ExternalAuthSystemException(deletePermResponse.getBody()); - } - logger.debug(EELFLoggerDelegate.debugLogger, "removePermForRole: Finished deleting permission to role in External Auth system: {} and status code: {}", - permDetails, deletePermResponse.getStatusCode().value()); - } catch(Exception e){ - if(e.getMessage().contains("404")){ - logger.error(EELFLoggerDelegate.errorLogger, "Failed to add role for DELETE request: {} due to {}", permDetails, e.getMessage()); - } else{ + try { + HttpEntity<String> deleteEntity = new HttpEntity<>(permDetails, headers); + logger.debug(EELFLoggerDelegate.debugLogger, "removePermForRole: {} for DELETE: {} ", + CONNECTING_TO_EXTERNAL_AUTH_SYSTEM_LOG_MESSAGE, permDetails); + ResponseEntity<String> deletePermResponse = template + .exchange(SystemProperties.getProperty(EPCommonSystemProperties.EXTERNAL_CENTRAL_ACCESS_URL) + + "role/" + name + "/perm", HttpMethod.DELETE, deleteEntity, String.class); + if (deletePermResponse.getStatusCode().value() != 200) { + throw new ExternalAuthSystemException(deletePermResponse.getBody()); + } + logger.debug(EELFLoggerDelegate.debugLogger, + "removePermForRole: Finished deleting permission to role in External Auth system: {} and status code: {}", + permDetails, deletePermResponse.getStatusCode().value()); + } catch (Exception e) { + if (e.getMessage().contains("404")) { + logger.error(EELFLoggerDelegate.errorLogger, "Failed to add role for DELETE request: {} due to {}", + permDetails, e.getMessage()); + } else { throw e; } } @@ -737,29 +739,32 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic * @throws Exception * If fails to add role in the system */ - private void addNewRoleInExternalSystem(List<EPRole> newRole, EPApp app) throws Exception, HttpClientErrorException { - try{ - HttpHeaders headers = EcompPortalUtils.base64encodeKeyForAAFBasicAuth(); - ObjectMapper mapper = new ObjectMapper(); - String addNewRole = ""; - ExternalAccessRole extRole = new ExternalAccessRole(); - extRole.setName(app.getNameSpace() + "." + newRole.get(0).getName().replaceAll(EcompPortalUtils.EXTERNAL_CENTRAL_AUTH_ROLE_HANDLE_SPECIAL_CHARACTERS, "_")); - extRole.setDescription(String.valueOf(newRole.get(0).getName())); - addNewRole = mapper.writeValueAsString(extRole); - HttpEntity<String> postEntity = new HttpEntity<>(addNewRole, headers); - logger.debug(EELFLoggerDelegate.debugLogger, "addNewRoleInExternalSystem: {} for POST: {} " , CONNECTING_TO_EXTERNAL_AUTH_SYSTEM_LOG_MESSAGE, addNewRole); - ResponseEntity<String> addNewRoleInExternalSystem = template.exchange( - SystemProperties.getProperty(EPCommonSystemProperties.EXTERNAL_CENTRAL_ACCESS_URL) + "role", - HttpMethod.POST, postEntity, String.class); + private void addNewRoleInExternalSystem(List<EPRole> newRole, EPApp app) + throws Exception, HttpClientErrorException { + try { + HttpHeaders headers = EcompPortalUtils.base64encodeKeyForAAFBasicAuth(); + ObjectMapper mapper = new ObjectMapper(); + String addNewRole = ""; + ExternalAccessRole extRole = new ExternalAccessRole(); + extRole.setName(app.getNameSpace() + "." + newRole.get(0).getName() + .replaceAll(EcompPortalUtils.EXTERNAL_CENTRAL_AUTH_ROLE_HANDLE_SPECIAL_CHARACTERS, "_")); + extRole.setDescription(String.valueOf(newRole.get(0).getName())); + addNewRole = mapper.writeValueAsString(extRole); + HttpEntity<String> postEntity = new HttpEntity<>(addNewRole, headers); + logger.debug(EELFLoggerDelegate.debugLogger, "addNewRoleInExternalSystem: {} for POST: {} ", + CONNECTING_TO_EXTERNAL_AUTH_SYSTEM_LOG_MESSAGE, addNewRole); + ResponseEntity<String> addNewRoleInExternalSystem = template.exchange( + SystemProperties.getProperty(EPCommonSystemProperties.EXTERNAL_CENTRAL_ACCESS_URL) + "role", + HttpMethod.POST, postEntity, String.class); if (addNewRoleInExternalSystem.getStatusCode().value() == 201) { logger.debug(EELFLoggerDelegate.debugLogger, "addNewRoleInExternalSystem: Finished adding into External Auth system for POST: {} and status code: {}", addNewRole, addNewRoleInExternalSystem.getStatusCode().value()); } - }catch(HttpClientErrorException ht){ - dataAccessService.deleteDomainObjects(EPRole.class, " role_id = "+ newRole.get(0).getId(), null); - logger.error(EELFLoggerDelegate.debugLogger, "addNewRoleInExternalSystem: Failed to add in External Auth system and status code: {}", - ht); + } catch (HttpClientErrorException ht) { + dataAccessService.deleteDomainObjects(EPRole.class, " role_id = " + newRole.get(0).getId(), null); + logger.error(EELFLoggerDelegate.debugLogger, + "addNewRoleInExternalSystem: Failed to add in External Auth system and status code: {}", ht); throw new HttpClientErrorException(ht.getStatusCode()); } } @@ -778,14 +783,15 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic ObjectMapper mapper = new ObjectMapper(); String addNewRole = ""; ExternalAccessRole extRole = new ExternalAccessRole(); - extRole.setName(app.getNameSpace() + "." + addRole.getName().replaceAll(EcompPortalUtils.EXTERNAL_CENTRAL_AUTH_ROLE_HANDLE_SPECIAL_CHARACTERS, "_")); + extRole.setName(app.getNameSpace() + "." + addRole.getName() + .replaceAll(EcompPortalUtils.EXTERNAL_CENTRAL_AUTH_ROLE_HANDLE_SPECIAL_CHARACTERS, "_")); extRole.setDescription(String.valueOf(addRole.getName())); addNewRole = mapper.writeValueAsString(extRole); return addNewRole; } /** - * It create a role in the external auth system and then in our local + * It create a role in the external auth system and then in our local * * @param addRoleInDB * @param app @@ -794,7 +800,7 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic */ @SuppressWarnings("unchecked") @Transactional(rollbackFor = Exception.class) - public boolean addRoleInEcompDB(Role addRoleInDB, EPApp app) throws Exception { + public boolean addRoleInEcompDB(Role addRoleInDB, EPApp app) throws Exception { boolean result = false; EPRole epRole = null; Set<RoleFunction> roleFunctionList = addRoleInDB.getRoleFunctions(); @@ -823,19 +829,22 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic } dataAccessService.saveDomainObject(epRoleNew, null); List<EPRole> getRoleCreated = null; - final Map<String, String> epAppRoleParams = new HashMap<>(); - final Map<String, String> epAppPortalRoleParams = new HashMap<>(); + final Map<String, String> epAppRoleParams = new HashMap<>(); + final Map<String, String> epAppPortalRoleParams = new HashMap<>(); if (!app.getId().equals(PortalConstants.PORTAL_APP_ID)) { epAppRoleParams.put("appId", String.valueOf(app.getId())); epAppRoleParams.put(APP_ROLE_NAME_PARAM, addRoleInDB.getName()); - List<EPRole> roleCreated = dataAccessService.executeNamedQuery(GET_ROLE_TO_UPDATE_IN_EXTERNAL_AUTH_SYSTEM, epAppRoleParams, null); + List<EPRole> roleCreated = dataAccessService + .executeNamedQuery(GET_ROLE_TO_UPDATE_IN_EXTERNAL_AUTH_SYSTEM, epAppRoleParams, null); EPRole epUpdateRole = roleCreated.get(0); epUpdateRole.setAppRoleId(epUpdateRole.getId()); dataAccessService.saveDomainObject(epUpdateRole, null); - getRoleCreated = dataAccessService.executeNamedQuery(GET_ROLE_TO_UPDATE_IN_EXTERNAL_AUTH_SYSTEM, epAppRoleParams, null); + getRoleCreated = dataAccessService.executeNamedQuery(GET_ROLE_TO_UPDATE_IN_EXTERNAL_AUTH_SYSTEM, + epAppRoleParams, null); } else { epAppPortalRoleParams.put(APP_ROLE_NAME_PARAM, addRoleInDB.getName()); - getRoleCreated = dataAccessService.executeNamedQuery(GET_PORTAL_APP_ROLES_QUERY, epAppPortalRoleParams, null); + getRoleCreated = dataAccessService.executeNamedQuery(GET_PORTAL_APP_ROLES_QUERY, + epAppPortalRoleParams, null); } // Add role in External Auth system if (EcompPortalUtils.checkIfRemoteCentralAccessAllowed()) { @@ -905,19 +914,23 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic * @param checkRole * @param app * @throws Exception - * If role exits + * If role exits */ private void checkIfRoleExitsInExternalSystem(Role checkRole, EPApp app) throws Exception { getNameSpaceIfExists(app); HttpHeaders headers = EcompPortalUtils.base64encodeKeyForAAFBasicAuth(); - String roleName = app.getNameSpace() + "." + checkRole.getName().replaceAll(EcompPortalUtils.EXTERNAL_CENTRAL_AUTH_ROLE_HANDLE_SPECIAL_CHARACTERS, "_"); + String roleName = app.getNameSpace() + "." + checkRole.getName() + .replaceAll(EcompPortalUtils.EXTERNAL_CENTRAL_AUTH_ROLE_HANDLE_SPECIAL_CHARACTERS, "_"); HttpEntity<String> checkRoleEntity = new HttpEntity<>(headers); - logger.debug(EELFLoggerDelegate.debugLogger, "checkIfRoleExitsInExternalSystem: {} " , CONNECTING_TO_EXTERNAL_AUTH_SYSTEM_LOG_MESSAGE); + logger.debug(EELFLoggerDelegate.debugLogger, "checkIfRoleExitsInExternalSystem: {} ", + CONNECTING_TO_EXTERNAL_AUTH_SYSTEM_LOG_MESSAGE); ResponseEntity<String> checkRoleInExternalSystem = template .exchange(SystemProperties.getProperty(EPCommonSystemProperties.EXTERNAL_CENTRAL_ACCESS_URL) + "roles/" + roleName, HttpMethod.GET, checkRoleEntity, String.class); if (!checkRoleInExternalSystem.getBody().equals(IS_EMPTY_JSON_STRING)) { - logger.debug("checkIfRoleExitsInExternalSystem: Role already exists in external system {} and status code: {} ", checkRoleInExternalSystem.getBody(), checkRoleInExternalSystem.getStatusCode().value()); + logger.debug( + "checkIfRoleExitsInExternalSystem: Role already exists in external system {} and status code: {} ", + checkRoleInExternalSystem.getBody(), checkRoleInExternalSystem.getStatusCode().value()); throw new ExternalAuthSystemException(" Role already exists in external system"); } } @@ -931,10 +944,9 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic * @throws Exception */ @SuppressWarnings("unchecked") - private void saveRoleFunction(List<RoleFunction> roleFunctionListNew, EPApp app, List<EPRole> applicationRoles ,Long roleAppId) - throws Exception { - final Map<String, String> getAppFunctionParams = new HashMap<>(); - + private void saveRoleFunction(List<RoleFunction> roleFunctionListNew, EPApp app, List<EPRole> applicationRoles, + Long roleAppId) throws Exception { + final Map<String, String> getAppFunctionParams = new HashMap<>(); for (RoleFunction roleFunc : roleFunctionListNew) { String code = EcompPortalUtils.getFunctionCode(roleFunc.getCode()); EPAppRoleFunction appRoleFunc = new EPAppRoleFunction(); @@ -944,45 +956,46 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic getAppFunctionParams.put("appId", String.valueOf(app.getId())); getAppFunctionParams.put(FUNCTION_CODE_PARAMS, roleFunc.getCode()); // query to check if function code has pipes - List<CentralV2RoleFunction> roleFunction = dataAccessService.executeNamedQuery(GET_ROLE_FUNCTION_QUERY, getAppFunctionParams, null); - if(roleFunction.isEmpty()){ + List<CentralV2RoleFunction> roleFunction = dataAccessService.executeNamedQuery(GET_ROLE_FUNCTION_QUERY, + getAppFunctionParams, null); + if (roleFunction.isEmpty()) { getAppFunctionParams.put(FUNCTION_CODE_PARAMS, code); roleFunction = dataAccessService.executeNamedQuery(GET_ROLE_FUNCTION_QUERY, getAppFunctionParams, null); } - if(roleFunction.size() > 1){ + if (roleFunction.size() > 1) { CentralV2RoleFunction getExactFunctionCode = appFunctionListFilter(code, roleFunction); appRoleFunc.setCode(getExactFunctionCode.getCode()); - } else{ + } else { appRoleFunc.setCode(roleFunction.get(0).getCode()); } - dataAccessService.saveDomainObject(appRoleFunc, null); } } /** * - * It filters the app functions which starts with similar name in the result set + * It filters the app functions which starts with similar name in the result + * set * * @param roleFunc * @param roleFunction - * @return CentralRoleFunction + * @return CentralRoleFunction */ private CentralV2RoleFunction appFunctionListFilter(String roleFuncCode, List<CentralV2RoleFunction> roleFunction) { - final Map<String, CentralV2RoleFunction> appFunctionsFilter = new HashMap<>(); - final Map<String, CentralV2RoleFunction> appFunctionsFilterPipes = new HashMap<>(); + final Map<String, CentralV2RoleFunction> appFunctionsFilter = new HashMap<>(); + final Map<String, CentralV2RoleFunction> appFunctionsFilterPipes = new HashMap<>(); CentralV2RoleFunction getExactFunctionCode = null; - for(CentralV2RoleFunction cenRoleFunction : roleFunction){ + for (CentralV2RoleFunction cenRoleFunction : roleFunction) { appFunctionsFilter.put(cenRoleFunction.getCode(), cenRoleFunction); appFunctionsFilterPipes.put(EcompPortalUtils.getFunctionCode(cenRoleFunction.getCode()), cenRoleFunction); } getExactFunctionCode = appFunctionsFilter.get(roleFuncCode); - if(getExactFunctionCode == null){ + if (getExactFunctionCode == null) { getExactFunctionCode = appFunctionsFilterPipes.get(roleFuncCode); } return getExactFunctionCode; } - + /** * It deletes all EPAppRoleFunction records in the portal * @@ -994,17 +1007,18 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic final Map<String, Long> appRoleFuncsParams = new HashMap<>(); appRoleFuncsParams.put("appId", app.getId()); appRoleFuncsParams.put("roleId", role.get(0).getId()); - List<EPAppRoleFunction> appRoleFunctionList = dataAccessService.executeNamedQuery("getAppRoleFunctionOnRoleIdandAppId", appRoleFuncsParams, null); + List<EPAppRoleFunction> appRoleFunctionList = dataAccessService + .executeNamedQuery("getAppRoleFunctionOnRoleIdandAppId", appRoleFuncsParams, null); if (!appRoleFunctionList.isEmpty()) { for (EPAppRoleFunction approleFunction : appRoleFunctionList) { dataAccessService.deleteDomainObject(approleFunction, null); } } } - + @Override @SuppressWarnings("unchecked") - public List<EPUser> getUser(String loginId) throws InvalidUserException{ + public List<EPUser> getUser(String loginId) throws InvalidUserException { final Map<String, String> userParams = new HashMap<>(); userParams.put("org_user_id", loginId); List<EPUser> userList = dataAccessService.executeNamedQuery("getEPUserByOrgUserId", userParams, null); @@ -1051,10 +1065,10 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic List<EPApp> app = getApp(uebkey); List<EPRole> appRolesList = getAppRoles(app.get(0).getId()); roleList = createCentralRoleObject(app, appRolesList, roleList, params); - if(app.get(0).getId() != PortalConstants.PORTAL_APP_ID){ - List<CentralV2Role> globalRoleList = getGlobalRolesOfApplication(app.get(0).getId()); + if (app.get(0).getId() != PortalConstants.PORTAL_APP_ID) { + List<CentralV2Role> globalRoleList = getGlobalRolesOfApplication(app.get(0).getId()); List<EPRole> globalRolesList = getGlobalRolesOfPortal(); - List<CentralV2Role> portalsGlobalRolesFinlaList = new ArrayList<>(); + List<CentralV2Role> portalsGlobalRolesFinlaList = new ArrayList<>(); if (!globalRolesList.isEmpty()) { for (EPRole eprole : globalRolesList) { CentralV2Role cenRole = convertRoleToCentralV2Role(eprole); @@ -1062,10 +1076,10 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic } roleList.addAll(globalRoleList); for (CentralV2Role role : portalsGlobalRolesFinlaList) { - CentralV2Role result = roleList.stream() - .filter(x -> role.getId().equals(x.getId())).findAny().orElse(null); - if (result == null) - roleList.add(role); + CentralV2Role result = roleList.stream().filter(x -> role.getId().equals(x.getId())).findAny() + .orElse(null); + if (result == null) + roleList.add(role); } } else { for (EPRole role : globalRolesList) { @@ -1089,10 +1103,15 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic List<CentralV2RoleFunction> finalRoleList = new ArrayList<>(); final Map<String, Long> params = new HashMap<>(); params.put(APP_ID, app.getId()); - List<CentralV2RoleFunction> getRoleFuncList = dataAccessService.executeNamedQuery("getAllRoleFunctions", params, null); + List<CentralV2RoleFunction> getRoleFuncList = dataAccessService.executeNamedQuery("getAllRoleFunctions", params, + null); for (CentralV2RoleFunction roleFuncItem : getRoleFuncList) { String code = EcompPortalUtils.getFunctionCode(roleFuncItem.getCode()); - String type = getFunctionCodeType(roleFuncItem.getCode()); + String type = ""; + if (roleFuncItem.getCode().contains("|")) + type = EcompPortalUtils.getFunctionType(roleFuncItem.getCode()); + else + type = getFunctionCodeType(roleFuncItem.getCode()); String action = getFunctionCodeAction(roleFuncItem.getCode()); roleFuncItem.setCode(EPUserUtils.decodeFunctionCode(code)); roleFuncItem.setType(type); @@ -1102,11 +1121,9 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic return finalRoleList; } - @Override public String getFunctionCodeAction(String roleFuncItem) { - return (!roleFuncItem.contains(FUNCTION_PIPE)) ? "*" - : EcompPortalUtils.getFunctionAction(roleFuncItem); + return (!roleFuncItem.contains(FUNCTION_PIPE)) ? "*" : EcompPortalUtils.getFunctionAction(roleFuncItem); } @Override @@ -1115,9 +1132,8 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic if ((roleFuncItem.contains(FUNCTION_PIPE) && roleFuncItem.contains("menu")) || (!roleFuncItem.contains(FUNCTION_PIPE) && roleFuncItem.contains("menu"))) { type = "menu"; - } else if (checkIfCodeHasNoPipesAndHasTypeUrl(roleFuncItem) - ||checkIfCodeHasPipesAndHasTypeUrl(roleFuncItem) - ||checkIfCodeHasNoPipesAndHasNoTypeUrl(roleFuncItem)) { + } else if (checkIfCodeHasNoPipesAndHasTypeUrl(roleFuncItem) || checkIfCodeHasPipesAndHasTypeUrl(roleFuncItem) + || checkIfCodeHasNoPipesAndHasNoTypeUrl(roleFuncItem)) { type = "url"; } else if (roleFuncItem.contains(FUNCTION_PIPE) && (!roleFuncItem.contains("menu") || roleFuncItem.contains("url"))) { @@ -1136,10 +1152,10 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic private boolean checkIfCodeHasNoPipesAndHasNoTypeUrl(String roleFuncItem) { return !roleFuncItem.contains(FUNCTION_PIPE) && !roleFuncItem.contains("url"); } - + /** * - * It check whether function code has pipes and url string in it + * It check whether function code has pipes and url string in it * * @param roleFuncItem * @return true or false @@ -1150,7 +1166,7 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic /** * - * It check whether function code has no pipes and has url string in it + * It check whether function code has no pipes and has url string in it * * @param roleFuncItem * @return true or false @@ -1160,7 +1176,8 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic } /** - * It returns user detail information which is deep copy of EPUser.class object + * It returns user detail information which is deep copy of EPUser.class + * object * * @param userInfo * @param userAppSet @@ -1200,6 +1217,7 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic String.valueOf(epApp.getOpen()), String.valueOf(epApp.getEnabled()), epApp.getThumbnail(), epApp.getUsername(), epApp.getUebKey(), epApp.getUebSecret(), epApp.getUebTopicName()); + cenApp.setAppPassword(EPCommonSystemProperties.APP_DISPLAY_PASSWORD); cua.setApp(cenApp); Long appId = null; if (globalRole.toLowerCase().startsWith("global_") @@ -1242,12 +1260,10 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic userApp.getRole().getName(), userApp.getRole().getActive(), userApp.getRole().getPriority(), roleFunctionSet, null, null); cua.setRole(cenRole); - userAppList.getUserApps().add(cua); } } } - user1 = new CentralV2User(null, userInfo.getCreated(), userInfo.getModified(), userInfo.getCreatedId(), userInfo.getModifiedId(), userInfo.getRowNum(), userInfo.getOrgId(), userInfo.getManagerId(), userInfo.getFirstName(), userInfo.getMiddleInitial(), userInfo.getLastName(), userInfo.getPhone(), @@ -1301,11 +1317,9 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic if (roleList.isEmpty()) { return cenRole; } - } catch (Exception e) { logger.error(EELFLoggerDelegate.errorLogger, "getRoleInfo: failed", e); throw e; - } return roleList.get(0); } @@ -1315,9 +1329,9 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic List<EPRole> roleInfo; final Map<String, Long> getPartnerAppRoleParams = new HashMap<>(); getPartnerAppRoleParams.put("appRoleId", roleId); - getPartnerAppRoleParams.put("appId", app.getId()); + getPartnerAppRoleParams.put("appId", app.getId()); roleInfo = dataAccessService.executeNamedQuery("getPartnerAppRoleByRoleId", getPartnerAppRoleParams, null); - if(roleInfo.isEmpty()) { + if (roleInfo.isEmpty()) { getPartnerAppRoleParams.put("appRoleId", roleId); roleInfo = dataAccessService.executeNamedQuery("getPartnerAppRoleById", getPartnerAppRoleParams, null); } @@ -1332,20 +1346,22 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic roleInfo = dataAccessService.executeNamedQuery("getPortalAppRoleByRoleId", getPortalAppRoleParams, null); return roleInfo; } - + /** * - * It returns list of app roles along with role functions and which went through deep copy + * It returns list of app roles along with role functions and which went + * through deep copy * * @param app * @param roleInfo * @param roleList * @param params * @return - * @throws DecoderException + * @throws DecoderException */ @SuppressWarnings("unchecked") - private List<CentralV2Role> createCentralRoleObject(List<EPApp> app, List<EPRole> roleInfo, + @Override + public List<CentralV2Role> createCentralRoleObject(List<EPApp> app, List<EPRole> roleInfo, List<CentralV2Role> roleList, Map<String, Long> params) throws RoleFunctionException { for (EPRole role : roleInfo) { params.put("roleId", role.getId()); @@ -1427,29 +1443,29 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic String newfunctionTypeFormat = EcompPortalUtils.getFunctionType(functionCodeFormat); String newfunctionActionFormat = EcompPortalUtils.getFunctionAction(functionCodeFormat); roleFunc = new CentralV2RoleFunction(getRoleFuncList.getId(), newfunctionCodeFormat, - getRoleFuncList.getName(), getRoleFuncList.getAppId(), newfunctionTypeFormat, newfunctionActionFormat, - getRoleFuncList.getEditUrl()); + getRoleFuncList.getName(), getRoleFuncList.getAppId(), newfunctionTypeFormat, + newfunctionActionFormat, getRoleFuncList.getEditUrl()); } else { - roleFunc = new CentralV2RoleFunction(getRoleFuncList.getId(), functionCodeFormat, - getRoleFuncList.getName(), getRoleFuncList.getAppId(), - getRoleFuncList.getEditUrl()); + roleFunc = new CentralV2RoleFunction(getRoleFuncList.getId(), functionCodeFormat, getRoleFuncList.getName(), + getRoleFuncList.getAppId(), getRoleFuncList.getEditUrl()); } return roleFunc; } @Override - public boolean saveCentralRoleFunction(CentralV2RoleFunction domainCentralRoleFunction, EPApp app) throws Exception { + public boolean saveCentralRoleFunction(CentralV2RoleFunction domainCentralRoleFunction, EPApp app) + throws Exception { boolean saveOrUpdateFunction = false; try { domainCentralRoleFunction.setCode(encodeFunctionCode(domainCentralRoleFunction.getCode())); final Map<String, String> functionParams = new HashMap<>(); functionParams.put("appId", String.valueOf(app.getId())); - if(EcompPortalUtils.checkIfRemoteCentralAccessAllowed()) { - addRoleFunctionInExternalSystem(domainCentralRoleFunction, app); + if (EcompPortalUtils.checkIfRemoteCentralAccessAllowed()) { + addRoleFunctionInExternalSystem(domainCentralRoleFunction, app); } - if(domainCentralRoleFunction.getType() != null && domainCentralRoleFunction.getAction() != null){ - domainCentralRoleFunction.setCode(domainCentralRoleFunction.getType()+ - FUNCTION_PIPE+domainCentralRoleFunction.getCode()+FUNCTION_PIPE+domainCentralRoleFunction.getAction()); + if (domainCentralRoleFunction.getType() != null && domainCentralRoleFunction.getAction() != null) { + domainCentralRoleFunction.setCode(domainCentralRoleFunction.getType() + FUNCTION_PIPE + + domainCentralRoleFunction.getCode() + FUNCTION_PIPE + domainCentralRoleFunction.getAction()); } domainCentralRoleFunction.setAppId(app.getId()); dataAccessService.saveDomainObject(domainCentralRoleFunction, null); @@ -1460,7 +1476,7 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic } return saveOrUpdateFunction; } - + /** * It creates application permission in external auth system * @@ -1472,24 +1488,32 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic throws Exception { ObjectMapper mapper = new ObjectMapper(); ExternalAccessPerms extPerms = new ExternalAccessPerms(); - HttpHeaders headers = EcompPortalUtils.base64encodeKeyForAAFBasicAuth(); + HttpHeaders headers = EcompPortalUtils.base64encodeKeyForAAFBasicAuth(); String type = ""; String instance = ""; String action = ""; - if((domainCentralRoleFunction.getType()!=null && domainCentralRoleFunction.getAction()!=null) || domainCentralRoleFunction.getCode().contains(FUNCTION_PIPE)){ - type = domainCentralRoleFunction.getCode().contains(FUNCTION_PIPE) ? EcompPortalUtils.getFunctionType(domainCentralRoleFunction.getCode()) : domainCentralRoleFunction.getType(); - instance = domainCentralRoleFunction.getCode().contains(FUNCTION_PIPE) ? EcompPortalUtils.getFunctionCode(domainCentralRoleFunction.getCode()) : domainCentralRoleFunction.getCode(); - action = domainCentralRoleFunction.getCode().contains(FUNCTION_PIPE) ? EcompPortalUtils.getFunctionAction(domainCentralRoleFunction.getCode()) : domainCentralRoleFunction.getAction(); - } else{ + if ((domainCentralRoleFunction.getType() != null && domainCentralRoleFunction.getAction() != null) + || domainCentralRoleFunction.getCode().contains(FUNCTION_PIPE)) { + type = domainCentralRoleFunction.getCode().contains(FUNCTION_PIPE) + ? EcompPortalUtils.getFunctionType(domainCentralRoleFunction.getCode()) + : domainCentralRoleFunction.getType(); + instance = domainCentralRoleFunction.getCode().contains(FUNCTION_PIPE) + ? EcompPortalUtils.getFunctionCode(domainCentralRoleFunction.getCode()) + : domainCentralRoleFunction.getCode(); + action = domainCentralRoleFunction.getCode().contains(FUNCTION_PIPE) + ? EcompPortalUtils.getFunctionAction(domainCentralRoleFunction.getCode()) + : domainCentralRoleFunction.getAction(); + } else { type = domainCentralRoleFunction.getCode().contains("menu") ? "menu" : "url"; instance = domainCentralRoleFunction.getCode(); - action = "*"; - } + action = "*"; + } // get Permissions from External Auth System JSONArray extPermsList = getExtAuthPermissions(app); List<ExternalAccessPermsDetail> permsDetailList = getExtAuthPerrmissonList(app, extPermsList); - String requestedPerm = type+FUNCTION_PIPE+instance+FUNCTION_PIPE+action; - boolean checkIfFunctionsExits = permsDetailList.stream().anyMatch(permsDetail -> permsDetail.getInstance().equals(requestedPerm)); + String requestedPerm = type + FUNCTION_PIPE + instance + FUNCTION_PIPE + action; + boolean checkIfFunctionsExits = permsDetailList.stream() + .anyMatch(permsDetail -> permsDetail.getInstance().equals(requestedPerm)); if (!checkIfFunctionsExits) { try { extPerms.setAction(action); @@ -1498,18 +1522,22 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic extPerms.setDescription(domainCentralRoleFunction.getName()); String addFunction = mapper.writeValueAsString(extPerms); HttpEntity<String> entity = new HttpEntity<>(addFunction, headers); - logger.debug(EELFLoggerDelegate.debugLogger, "addRoleFunctionInExternalSystem: {} for POST: {}" , CONNECTING_TO_EXTERNAL_AUTH_SYSTEM_LOG_MESSAGE, addFunction); - ResponseEntity<String> addPermResponse= template.exchange( + logger.debug(EELFLoggerDelegate.debugLogger, "addRoleFunctionInExternalSystem: {} for POST: {}", + CONNECTING_TO_EXTERNAL_AUTH_SYSTEM_LOG_MESSAGE, addFunction); + ResponseEntity<String> addPermResponse = template.exchange( SystemProperties.getProperty(EPCommonSystemProperties.EXTERNAL_CENTRAL_ACCESS_URL) + "perm", HttpMethod.POST, entity, String.class); - logger.debug(EELFLoggerDelegate.debugLogger, "addRoleFunctionInExternalSystem: Finished adding permission for POST: {} and status code: {} ", addPermResponse.getStatusCode().value(), addFunction); - } catch(HttpClientErrorException e){ - logger.error(EELFLoggerDelegate.errorLogger, "HttpClientErrorException - Failed to add function in external central auth system", e); + logger.debug(EELFLoggerDelegate.debugLogger, + "addRoleFunctionInExternalSystem: Finished adding permission for POST: {} and status code: {} ", + addPermResponse.getStatusCode().value(), addFunction); + } catch (HttpClientErrorException e) { + logger.error(EELFLoggerDelegate.errorLogger, + "HttpClientErrorException - Failed to add function in external central auth system", e); EPLogUtil.logExternalAuthAccessAlarm(logger, e.getStatusCode()); throw e; - }catch (Exception e) { - logger.error(EELFLoggerDelegate.errorLogger, "addRoleFunctionInExternalSystem: Failed to add fucntion in external central auth system", - e); + } catch (Exception e) { + logger.error(EELFLoggerDelegate.errorLogger, + "addRoleFunctionInExternalSystem: Failed to add fucntion in external central auth system", e); throw e; } } else { @@ -1520,17 +1548,23 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic extPerms.setDescription(domainCentralRoleFunction.getName()); String updateRoleFunction = mapper.writeValueAsString(extPerms); HttpEntity<String> entity = new HttpEntity<>(updateRoleFunction, headers); - logger.debug(EELFLoggerDelegate.debugLogger, "addRoleFunctionInExternalSystem: {} for PUT: {}" , CONNECTING_TO_EXTERNAL_AUTH_SYSTEM_LOG_MESSAGE, updateRoleFunction); + logger.debug(EELFLoggerDelegate.debugLogger, "addRoleFunctionInExternalSystem: {} for PUT: {}", + CONNECTING_TO_EXTERNAL_AUTH_SYSTEM_LOG_MESSAGE, updateRoleFunction); ResponseEntity<String> updatePermResponse = template.exchange( SystemProperties.getProperty(EPCommonSystemProperties.EXTERNAL_CENTRAL_ACCESS_URL) + "perm", HttpMethod.PUT, entity, String.class); - logger.debug(EELFLoggerDelegate.debugLogger, "addRoleFunctionInExternalSystem: Finished updating permission in External Auth system {} and response: {} ", updateRoleFunction, updatePermResponse.getStatusCode().value()); - } catch(HttpClientErrorException e){ - logger.error(EELFLoggerDelegate.errorLogger, "HttpClientErrorException - Failed to add function in external central auth system", e); + logger.debug(EELFLoggerDelegate.debugLogger, + "addRoleFunctionInExternalSystem: Finished updating permission in External Auth system {} and response: {} ", + updateRoleFunction, updatePermResponse.getStatusCode().value()); + } catch (HttpClientErrorException e) { + logger.error(EELFLoggerDelegate.errorLogger, + "HttpClientErrorException - Failed to add function in external central auth system", e); EPLogUtil.logExternalAuthAccessAlarm(logger, e.getStatusCode()); throw e; } catch (Exception e) { - logger.error(EELFLoggerDelegate.errorLogger, "addRoleFunctionInExternalSystem: Failed to update function in external central auth system",e); + logger.error(EELFLoggerDelegate.errorLogger, + "addRoleFunctionInExternalSystem: Failed to update function in external central auth system", + e); throw e; } } @@ -1562,7 +1596,7 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic } /** - * It deletes app function record in portal + * It deletes app function record in portal * * @param code * @param app @@ -1571,10 +1605,10 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic dataAccessService.deleteDomainObjects(EPAppRoleFunction.class, APP_ID_EQUALS + app.getId() + AND_FUNCTION_CD_EQUALS + code + "'", null); } - + /** * - * It deletes permission in the external auth system + * It deletes permission in the external auth system * * @param domainCentralRoleFunction * @param app @@ -1603,8 +1637,9 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic logger.debug(EELFLoggerDelegate.debugLogger, "deleteRoleFunctionInExternalSystem: Finished deleting permission in External Auth system {} and status code: {} ", deleteRoleFunction, delPermResponse.getStatusCode().value()); - } catch(HttpClientErrorException e){ - logger.error(EELFLoggerDelegate.errorLogger, "HttpClientErrorException - Failed to delete functions in External System", e); + } catch (HttpClientErrorException e) { + logger.error(EELFLoggerDelegate.errorLogger, + "HttpClientErrorException - Failed to delete functions in External System", e); EPLogUtil.logExternalAuthAccessAlarm(logger, e.getStatusCode()); } catch (Exception e) { if (e.getMessage().equalsIgnoreCase("404 Not Found")) { @@ -1612,7 +1647,8 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic " deleteRoleFunctionInExternalSystem: It seems like function is already deleted in external central auth system but exists in local DB", e.getMessage()); } else { - logger.error(EELFLoggerDelegate.errorLogger, "deleteRoleFunctionInExternalSystem: Failed to delete functions in External System", e); + logger.error(EELFLoggerDelegate.errorLogger, + "deleteRoleFunctionInExternalSystem: Failed to delete functions in External System", e); } } } @@ -1629,7 +1665,7 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic message = e.getMessage(); logger.error(EELFLoggerDelegate.errorLogger, "saveRoleForApplication failed", e); } - return new ExternalRequestFieldsValidator(response,message); + return new ExternalRequestFieldsValidator(response, message); } @SuppressWarnings("unchecked") @@ -1647,7 +1683,8 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic epRoleList = dataAccessService.executeNamedQuery(GET_PORTAL_APP_ROLES_QUERY, deleteRoleParams, null); } else { deleteRoleParams.put(APP_ID, String.valueOf(app.getId())); - epRoleList = dataAccessService.executeNamedQuery(GET_ROLE_TO_UPDATE_IN_EXTERNAL_AUTH_SYSTEM, deleteRoleParams, null); + epRoleList = dataAccessService.executeNamedQuery(GET_ROLE_TO_UPDATE_IN_EXTERNAL_AUTH_SYSTEM, + deleteRoleParams, null); } if (!epRoleList.isEmpty()) { transaction = localSession.beginTransaction(); @@ -1674,31 +1711,30 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic } return result; } - + /** * - * It deletes role for application in external auth system + * It deletes role for application in external auth system * * @param epRoleList contains role information - * @param app contains application information + * @param app contains application information * @throws Exception */ private void deleteRoleInExternalAuthSystem(List<EPRole> epRoleList, EPApp app) throws Exception { ResponseEntity<String> deleteResponse; ResponseEntity<String> res = getNameSpaceIfExists(app); if (res.getStatusCode() == HttpStatus.OK) { - // Delete Role in External System - String deleteRoleKey = "{\"name\":\"" + app.getNameSpace() + "." + epRoleList.get(0).getName() - .replaceAll(EcompPortalUtils.EXTERNAL_CENTRAL_AUTH_ROLE_HANDLE_SPECIAL_CHARACTERS, "_") + "\"}"; - deleteResponse = deleteRoleInExternalSystem(deleteRoleKey); - if (deleteResponse.getStatusCode().value() != 200 && deleteResponse.getStatusCode().value() != 404) { - EPLogUtil.logExternalAuthAccessAlarm(logger, deleteResponse.getStatusCode()); - logger.error(EELFLoggerDelegate.errorLogger, - "deleteRoleForApplication: Failed to delete role in external auth system! due to {} ", - deleteResponse.getBody()); - } - logger.debug(EELFLoggerDelegate.debugLogger, - "deleteRoleForApplication: about to commit the transaction"); + // Delete Role in External System + String deleteRoleKey = "{\"name\":\"" + app.getNameSpace() + "." + epRoleList.get(0).getName() + .replaceAll(EcompPortalUtils.EXTERNAL_CENTRAL_AUTH_ROLE_HANDLE_SPECIAL_CHARACTERS, "_") + "\"}"; + deleteResponse = deleteRoleInExternalSystem(deleteRoleKey); + if (deleteResponse.getStatusCode().value() != 200 && deleteResponse.getStatusCode().value() != 404) { + EPLogUtil.logExternalAuthAccessAlarm(logger, deleteResponse.getStatusCode()); + logger.error(EELFLoggerDelegate.errorLogger, + "deleteRoleForApplication: Failed to delete role in external auth system! due to {} ", + deleteResponse.getBody()); + } + logger.debug(EELFLoggerDelegate.debugLogger, "deleteRoleForApplication: about to commit the transaction"); } } @@ -1715,35 +1751,41 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic HttpHeaders headers = EcompPortalUtils.base64encodeKeyForAAFBasicAuth(); HttpEntity<String> entity = new HttpEntity<>(headers); getNameSpaceIfExists(app); - logger.debug(EELFLoggerDelegate.debugLogger,"deleteUserRoleInExternalSystem: {} " , CONNECTING_TO_EXTERNAL_AUTH_SYSTEM_LOG_MESSAGE); - ResponseEntity<String> getResponse = template - .exchange( - SystemProperties.getProperty(EPCommonSystemProperties.EXTERNAL_CENTRAL_ACCESS_URL) + "userRole/" - + LoginId - + SystemProperties - .getProperty(EPCommonSystemProperties.EXTERNAL_CENTRAL_ACCESS_USER_DOMAIN) - + "/" + app.getNameSpace() + "." + role.getName().replaceAll(EcompPortalUtils.EXTERNAL_CENTRAL_AUTH_ROLE_HANDLE_SPECIAL_CHARACTERS, "_"), - HttpMethod.GET, entity, String.class); - logger.debug(EELFLoggerDelegate.debugLogger, "deleteUserRoleInExternalSystem: Finished GET user roles from External Auth system and response: {} ", getResponse.getBody()); + logger.debug(EELFLoggerDelegate.debugLogger, "deleteUserRoleInExternalSystem: {} ", + CONNECTING_TO_EXTERNAL_AUTH_SYSTEM_LOG_MESSAGE); + ResponseEntity<String> getResponse = template.exchange( + SystemProperties.getProperty(EPCommonSystemProperties.EXTERNAL_CENTRAL_ACCESS_URL) + "userRole/" + + LoginId + + SystemProperties.getProperty(EPCommonSystemProperties.EXTERNAL_CENTRAL_ACCESS_USER_DOMAIN) + + "/" + app.getNameSpace() + "." + + role.getName() + .replaceAll(EcompPortalUtils.EXTERNAL_CENTRAL_AUTH_ROLE_HANDLE_SPECIAL_CHARACTERS, "_"), + HttpMethod.GET, entity, String.class); + logger.debug(EELFLoggerDelegate.debugLogger, + "deleteUserRoleInExternalSystem: Finished GET user roles from External Auth system and response: {} ", + getResponse.getBody()); if (getResponse.getStatusCode().value() != 200) { throw new ExternalAuthSystemException(getResponse.getBody()); } String res = getResponse.getBody(); if (!res.equals(IS_EMPTY_JSON_STRING)) { HttpEntity<String> userRoleentity = new HttpEntity<>(headers); - logger.debug(EELFLoggerDelegate.debugLogger, "deleteUserRoleInExternalSystem: {} " , CONNECTING_TO_EXTERNAL_AUTH_SYSTEM_LOG_MESSAGE); - ResponseEntity<String> deleteResponse = template - .exchange( - SystemProperties.getProperty(EPCommonSystemProperties.EXTERNAL_CENTRAL_ACCESS_URL) - + "userRole/" + LoginId - + SystemProperties - .getProperty(EPCommonSystemProperties.EXTERNAL_CENTRAL_ACCESS_USER_DOMAIN) - + "/" + app.getNameSpace() + "." + role.getName().replaceAll(EcompPortalUtils.EXTERNAL_CENTRAL_AUTH_ROLE_HANDLE_SPECIAL_CHARACTERS, "_"), - HttpMethod.DELETE, userRoleentity, String.class); + logger.debug(EELFLoggerDelegate.debugLogger, "deleteUserRoleInExternalSystem: {} ", + CONNECTING_TO_EXTERNAL_AUTH_SYSTEM_LOG_MESSAGE); + ResponseEntity<String> deleteResponse = template.exchange( + SystemProperties.getProperty(EPCommonSystemProperties.EXTERNAL_CENTRAL_ACCESS_URL) + "userRole/" + + LoginId + + SystemProperties.getProperty(EPCommonSystemProperties.EXTERNAL_CENTRAL_ACCESS_USER_DOMAIN) + + "/" + app.getNameSpace() + "." + + role.getName().replaceAll( + EcompPortalUtils.EXTERNAL_CENTRAL_AUTH_ROLE_HANDLE_SPECIAL_CHARACTERS, "_"), + HttpMethod.DELETE, userRoleentity, String.class); if (deleteResponse.getStatusCode().value() != 200) { throw new ExternalAuthSystemException("Failed to delete user role"); } - logger.debug(EELFLoggerDelegate.debugLogger, "deleteUserRoleInExternalSystem: Finished deleting user role in External Auth system and status code: {} ", deleteResponse.getStatusCode().value()); + logger.debug(EELFLoggerDelegate.debugLogger, + "deleteUserRoleInExternalSystem: Finished deleting user role in External Auth system and status code: {} ", + deleteResponse.getStatusCode().value()); } } @@ -1778,12 +1820,12 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic throw e; } return roleList; - } @Override @Transactional(rollbackFor = Exception.class) - public ExternalRequestFieldsValidator deleteDependencyRoleRecord(Long roleId, String uebkey, String LoginId) throws Exception { + public ExternalRequestFieldsValidator deleteDependencyRoleRecord(Long roleId, String uebkey, String LoginId) + throws Exception { Session localSession = sessionFactory.openSession(); String message = ""; Transaction transaction = null; @@ -1793,14 +1835,14 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic transaction = localSession.beginTransaction(); List<EPRole> epRoleList = null; app = getApp(uebkey).get(0); - if(app.getId().equals(PortalConstants.PORTAL_APP_ID)){ + if (app.getId().equals(PortalConstants.PORTAL_APP_ID)) { epRoleList = getPortalAppRoleInfo(roleId); - } else{ + } else { epRoleList = getPartnerAppRoleInfo(roleId, app); } - if(EcompPortalUtils.checkIfRemoteCentralAccessAllowed()) { + if (EcompPortalUtils.checkIfRemoteCentralAccessAllowed()) { // Delete User Role in External System before deleting role - deleteUserRoleInExternalSystem(epRoleList.get(0), app, LoginId); + deleteUserRoleInExternalSystem(epRoleList.get(0), app, LoginId); } // Delete user app roles dataAccessService.deleteDomainObjects(EPUserApp.class, @@ -1809,13 +1851,14 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic deleteRoleDependencyRecords(localSession, epRoleList.get(0).getId(), app.getId(), isPortalRequest); transaction.commit(); if (EcompPortalUtils.checkIfRemoteCentralAccessAllowed()) { - // Final call to delete role once all dependencies has been deleted + // Final call to delete role once all dependencies has been + // deleted deleteRoleInExternalAuthSystem(epRoleList, app); } - dataAccessService.deleteDomainObjects(EPRole.class, " role_id = "+ epRoleList.get(0).getId(), null); + dataAccessService.deleteDomainObjects(EPRole.class, " role_id = " + epRoleList.get(0).getId(), null); logger.debug(EELFLoggerDelegate.debugLogger, "deleteDependencyRoleRecord: committed the transaction"); response = true; - } catch(HttpClientErrorException e){ + } catch (HttpClientErrorException e) { logger.error(EELFLoggerDelegate.errorLogger, "deleteDependencyRoleRecord: HttpClientErrorException", e); EPLogUtil.logExternalAuthAccessAlarm(logger, e.getStatusCode()); message = e.getMessage(); @@ -1827,42 +1870,39 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic } finally { localSession.close(); } - return new ExternalRequestFieldsValidator(response,message); + return new ExternalRequestFieldsValidator(response, message); } - + @Override @SuppressWarnings("unchecked") @Transactional public void syncRoleFunctionFromExternalAccessSystem(EPApp app) { try { - // get Permissions from External Auth System JSONArray extPerms = getExtAuthPermissions(app); List<ExternalAccessPermsDetail> permsDetailList = getExtAuthPerrmissonList(app, extPerms); - // get functions in DB final Map<String, Long> params = new HashMap<>(); final Map<String, CentralV2RoleFunction> roleFuncMap = new HashMap<>(); params.put(APP_ID, app.getId()); - List<CentralV2RoleFunction> appFunctions = dataAccessService.executeNamedQuery("getAllRoleFunctions", params, - null); + List<CentralV2RoleFunction> appFunctions = dataAccessService.executeNamedQuery("getAllRoleFunctions", + params, null); if (!appFunctions.isEmpty()) { for (CentralV2RoleFunction roleFunc : appFunctions) { roleFuncMap.put(roleFunc.getCode(), roleFunc); } } - // get Roles for portal in DB List<EPRole> portalRoleList = getGlobalRolesOfPortal(); final Map<String, EPRole> existingPortalRolesMap = new HashMap<>(); - for(EPRole epRole : portalRoleList){ - existingPortalRolesMap.put(epRole.getName().replaceAll(EcompPortalUtils.EXTERNAL_CENTRAL_AUTH_ROLE_HANDLE_SPECIAL_CHARACTERS, "_"), epRole); + for (EPRole epRole : portalRoleList) { + existingPortalRolesMap.put(epRole.getName().replaceAll( + EcompPortalUtils.EXTERNAL_CENTRAL_AUTH_ROLE_HANDLE_SPECIAL_CHARACTERS, "_"), epRole); } - // get Roles in DB - final Map<String, EPRole> currentRolesInDB = getCurrentRolesInDB(app); - - // store External Permissions with Pipe and without Pipe (just instance) + final Map<String, EPRole> currentRolesInDB = getAppRoleNamesWithUnderscoreMap(app); + // store External Permissions with Pipe and without Pipe (just + // instance) final Map<String, ExternalAccessPermsDetail> extAccessPermsContainsPipeMap = new HashMap<>(); final Map<String, ExternalAccessPermsDetail> extAccessPermsMap = new HashMap<>(); for (ExternalAccessPermsDetail permsDetailInfoWithPipe : permsDetailList) { @@ -1870,7 +1910,6 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic String finalFunctionCodeVal = EcompPortalUtils.getFunctionCode(permsDetailInfoWithPipe.getInstance()); extAccessPermsMap.put(finalFunctionCodeVal, permsDetailInfoWithPipe); } - // Add if new functions and app role functions were added in // external auth system for (ExternalAccessPermsDetail permsDetail : permsDetailList) { @@ -1882,10 +1921,10 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic if (roles != null) { // Check if function has any roles and which does not exist // in External Auth System. If exists delete in local - addRemoveIfFunctionsRolesIsSyncWithExternalAuth(app, currentRolesInDB, roleFunctionList, roles, existingPortalRolesMap); + addRemoveIfFunctionsRolesIsSyncWithExternalAuth(app, currentRolesInDB, roleFunctionList, roles, + existingPortalRolesMap); } } - // Check if function does exits in External Auth System but exits in // local then delete function and its dependencies for (CentralV2RoleFunction roleFunc : appFunctions) { @@ -1901,23 +1940,20 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic } catch (Exception e) { logger.error(EELFLoggerDelegate.errorLogger, "syncRoleFunctionFromExternalAccessSystem: Failed to delete function", e); - } } - logger.debug(EELFLoggerDelegate.debugLogger, "syncRoleFunctionFromExternalAccessSystem: Finished syncRoleFunctionFromExternalAccessSystem"); } catch (Exception e) { logger.error(EELFLoggerDelegate.errorLogger, "syncRoleFunctionFromExternalAccessSystem: Failed syncRoleFunctionFromExternalAccessSystem", e); - } } @SuppressWarnings("unchecked") private void addRemoveIfFunctionsRolesIsSyncWithExternalAuth(EPApp app, final Map<String, EPRole> currentRolesInDB, - List<CentralV2RoleFunction> roleFunctionList, List<String> roles, Map<String, EPRole> existingPortalRolesMap) - throws Exception { + List<CentralV2RoleFunction> roleFunctionList, List<String> roles, + Map<String, EPRole> existingPortalRolesMap) throws Exception { if (!roleFunctionList.isEmpty()) { final Map<String, String> appRoleFuncParams = new HashMap<>(); final Map<String, LocalRole> currentAppRoleFunctionsMap = new HashMap<>(); @@ -1931,11 +1967,12 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic EcompPortalUtils.EXTERNAL_CENTRAL_AUTH_ROLE_HANDLE_SPECIAL_CHARACTERS, "_"), localRole); } for (String addRole : roles) { - currentRolesInExtSystem.put(addRole.substring(addRole.indexOf(FUNCTION_PIPE)+1), addRole); + currentRolesInExtSystem.put(addRole.substring(addRole.indexOf(FUNCTION_PIPE) + 1), addRole); } for (String extAuthrole : roles) { String roleNameSpace = extAuthrole.substring(0, extAuthrole.indexOf(FUNCTION_PIPE)); - boolean isNameSpaceMatching = EcompPortalUtils.checkNameSpaceMatching(roleNameSpace, app.getNameSpace()); + boolean isNameSpaceMatching = EcompPortalUtils.checkNameSpaceMatching(roleNameSpace, + app.getNameSpace()); if (isNameSpaceMatching) { if (!currentAppRoleFunctionsMap .containsKey(extAuthrole.substring(app.getNameSpace().length() + 1))) { @@ -1961,8 +1998,11 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic EPAppRoleFunction addGlobalRoleFunctions = new EPAppRoleFunction(); params.put("appId", app.getId()); params.put("roleId", role.getId()); - List<EPAppRoleFunction> currentGlobalRoleFunctionsList = dataAccessService.executeNamedQuery("getAppRoleFunctionOnRoleIdandAppId", params, null); - boolean checkIfRoleFunctionExists = currentGlobalRoleFunctionsList.stream().anyMatch(currentGlobalRoleFunction -> currentGlobalRoleFunction.getCode().equals(roleFunctionList.get(0).getCode())); + List<EPAppRoleFunction> currentGlobalRoleFunctionsList = dataAccessService + .executeNamedQuery("getAppRoleFunctionOnRoleIdandAppId", params, null); + boolean checkIfRoleFunctionExists = currentGlobalRoleFunctionsList.stream() + .anyMatch(currentGlobalRoleFunction -> currentGlobalRoleFunction.getCode() + .equals(roleFunctionList.get(0).getCode())); if (role != null && !checkIfRoleFunctionExists) { addGlobalRoleFunctions.setAppId(app.getId()); addGlobalRoleFunctions.setRoleId(role.getId()); @@ -1991,31 +2031,24 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic private void deleteAppRoleFuncDoesNotExitsInExtSystem(EPApp app, CentralV2RoleFunction roleFunc) { logger.debug(EELFLoggerDelegate.debugLogger, - "syncRoleFunctionFromExternalAccessSystem: Deleting app role function {}", - roleFunc.getCode()); + "syncRoleFunctionFromExternalAccessSystem: Deleting app role function {}", roleFunc.getCode()); dataAccessService.deleteDomainObjects(EPAppRoleFunction.class, - APP_ID_EQUALS + app.getId() + AND_FUNCTION_CD_EQUALS + roleFunc.getCode() +"'", null); + APP_ID_EQUALS + app.getId() + AND_FUNCTION_CD_EQUALS + roleFunc.getCode() + "'", null); logger.debug(EELFLoggerDelegate.debugLogger, - "syncRoleFunctionFromExternalAccessSystem: Deleted app role function {}", - roleFunc.getCode()); - + "syncRoleFunctionFromExternalAccessSystem: Deleted app role function {}", roleFunc.getCode()); logger.debug(EELFLoggerDelegate.debugLogger, - "syncRoleFunctionFromExternalAccessSystem: Deleting app function {}", - roleFunc.getCode()); + "syncRoleFunctionFromExternalAccessSystem: Deleting app function {}", roleFunc.getCode()); dataAccessService.deleteDomainObjects(CentralV2RoleFunction.class, - APP_ID_EQUALS + app.getId() + AND_FUNCTION_CD_EQUALS + roleFunc.getCode() +"'", null); + APP_ID_EQUALS + app.getId() + AND_FUNCTION_CD_EQUALS + roleFunc.getCode() + "'", null); logger.debug(EELFLoggerDelegate.debugLogger, - "syncRoleFunctionFromExternalAccessSystem: Deleted app function {}", - roleFunc.getCode()); + "syncRoleFunctionFromExternalAccessSystem: Deleted app function {}", roleFunc.getCode()); } private void checkAndAddRoleInDB(EPApp app, final Map<String, EPRole> currentRolesInDB, List<CentralV2RoleFunction> roleFunctionList, String roleList) throws Exception { - if (!currentRolesInDB.containsKey( - roleList.substring(app.getNameSpace().length() + 1))) { - Role role = addRoleInDBIfDoesNotExists(app, - roleList.substring(app.getNameSpace().length() + 1)); - addIfRoleDescriptionNotExitsInExtSystem(role, app); + if (!currentRolesInDB.containsKey(roleList.substring(app.getNameSpace().length() + 1))) { + Role role = addRoleInDBIfDoesNotExists(app, roleList.substring(app.getNameSpace().length() + 1)); + addRoleDescriptionInExtSystem(role, app); if (!roleFunctionList.isEmpty()) { try { if (!roleFunctionList.isEmpty()) { @@ -2027,16 +2060,16 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic } } catch (Exception e) { logger.error(EELFLoggerDelegate.errorLogger, - "syncRoleFunctionFromExternalAccessSystem: Failed to save app role function ", - e); + "syncRoleFunctionFromExternalAccessSystem: Failed to save app role function ", e); } } } } @SuppressWarnings("unchecked") - private List<CentralV2RoleFunction> addGetLocalFunction(EPApp app, final Map<String, CentralV2RoleFunction> roleFuncMap, - ExternalAccessPermsDetail permsDetail, String code, CentralV2RoleFunction getFunctionCodeKey) { + private List<CentralV2RoleFunction> addGetLocalFunction(EPApp app, + final Map<String, CentralV2RoleFunction> roleFuncMap, ExternalAccessPermsDetail permsDetail, String code, + CentralV2RoleFunction getFunctionCodeKey) { String finalFunctionCodeVal = addToLocalIfFunctionNotExists(app, roleFuncMap, permsDetail, code, getFunctionCodeKey); final Map<String, String> appSyncFuncsParams = new HashMap<>(); @@ -2054,9 +2087,8 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic } private String addToLocalIfFunctionNotExists(EPApp app, final Map<String, CentralV2RoleFunction> roleFuncMap, - ExternalAccessPermsDetail permsDetail, String code, CentralV2RoleFunction getFunctionCodeKey - ) { - String finalFunctionCodeVal = ""; + ExternalAccessPermsDetail permsDetail, String code, CentralV2RoleFunction getFunctionCodeKey) { + String finalFunctionCodeVal = ""; if (null == getFunctionCodeKey) { finalFunctionCodeVal = EcompPortalUtils.getFunctionCode(permsDetail.getInstance()); CentralV2RoleFunction checkIfCodeStillExits = roleFuncMap.get(finalFunctionCodeVal); @@ -2074,7 +2106,7 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic @SuppressWarnings("unchecked") @Override - public Map<String, EPRole> getCurrentRolesInDB(EPApp app) { + public Map<String, EPRole> getAppRoleNamesWithUnderscoreMap(EPApp app) { final Map<String, EPRole> currentRolesInDB = new HashMap<>(); List<EPRole> getCurrentRoleList = null; final Map<String, Long> appParams = new HashMap<>(); @@ -2091,8 +2123,24 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic return currentRolesInDB; } - private List<ExternalAccessPermsDetail> getExtAuthPerrmissonList(EPApp app, JSONArray extPerms) - throws IOException{ + @SuppressWarnings("unchecked") + private Map<String, EPRole> getAppRoleNamesMap(EPApp app) { + final Map<String, EPRole> currentRolesInDB = new HashMap<>(); + List<EPRole> getCurrentRoleList = null; + final Map<String, Long> appParams = new HashMap<>(); + if (app.getId().equals(PortalConstants.PORTAL_APP_ID)) { + getCurrentRoleList = dataAccessService.executeNamedQuery("getPortalAppRolesList", null, null); + } else { + appParams.put("appId", app.getId()); + getCurrentRoleList = dataAccessService.executeNamedQuery("getPartnerAppRolesList", appParams, null); + } + for (EPRole role : getCurrentRoleList) { + currentRolesInDB.put(role.getName(), role); + } + return currentRolesInDB; + } + + private List<ExternalAccessPermsDetail> getExtAuthPerrmissonList(EPApp app, JSONArray extPerms) throws IOException { ExternalAccessPermsDetail permDetails = null; List<ExternalAccessPermsDetail> permsDetailList = new ArrayList<>(); for (int i = 0; i < extPerms.length(); i++) { @@ -2100,8 +2148,9 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic if (extPerms.getJSONObject(i).has("description")) { description = extPerms.getJSONObject(i).getString(EXTERNAL_AUTH_ROLE_DESCRIPTION); } else { - description = extPerms.getJSONObject(i).getString("type")+"|"+extPerms.getJSONObject(i).getString("instance") - +"|"+extPerms.getJSONObject(i).getString("action"); + description = extPerms.getJSONObject(i).getString("type") + "|" + + extPerms.getJSONObject(i).getString("instance") + "|" + + extPerms.getJSONObject(i).getString("action"); } if (extPerms.getJSONObject(i).has("roles")) { ObjectMapper rolesListMapper = new ObjectMapper(); @@ -2132,10 +2181,8 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic HttpEntity<String> entity = new HttpEntity<>(headers); logger.debug(EELFLoggerDelegate.debugLogger, "syncRoleFunctionFromExternalAccessSystem: {} ", CONNECTING_TO_EXTERNAL_AUTH_SYSTEM_LOG_MESSAGE); - response = template - .exchange(SystemProperties.getProperty(EPCommonSystemProperties.EXTERNAL_CENTRAL_ACCESS_URL) - + "perms/ns/" + app.getNameSpace(), HttpMethod.GET, entity, String.class); - + response = template.exchange(SystemProperties.getProperty(EPCommonSystemProperties.EXTERNAL_CENTRAL_ACCESS_URL) + + "perms/ns/" + app.getNameSpace(), HttpMethod.GET, entity, String.class); String res = response.getBody(); logger.debug(EELFLoggerDelegate.debugLogger, "syncRoleFunctionFromExternalAccessSystem: Finished GET permissions from External Auth system and response: {} ", @@ -2150,7 +2197,7 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic } return extPerms; } - + /** * * Add function into local DB @@ -2160,13 +2207,13 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic * @param code */ private void addFunctionInEcompDB(EPApp app, ExternalAccessPermsDetail permsDetail, String code) { - try{ - CentralV2RoleFunction addFunction = new CentralV2RoleFunction(); - addFunction.setAppId(app.getId()); - addFunction.setCode(code); - addFunction.setName(permsDetail.getDescription()); - dataAccessService.saveDomainObject(addFunction, null); - } catch(Exception e){ + try { + CentralV2RoleFunction addFunction = new CentralV2RoleFunction(); + addFunction.setAppId(app.getId()); + addFunction.setCode(code); + addFunction.setName(permsDetail.getDescription()); + dataAccessService.saveDomainObject(addFunction, null); + } catch (Exception e) { logger.error(EELFLoggerDelegate.errorLogger, "addFunctionInEcompDB: Failed to add function", e); } } @@ -2179,27 +2226,30 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic * @param app * @throws Exception */ - private void addIfRoleDescriptionNotExitsInExtSystem(Role role, EPApp app) throws Exception { - String addRoleNew = updateExistingRoleInExternalSystem(role, app); - HttpHeaders headers = EcompPortalUtils.base64encodeKeyForAAFBasicAuth(); + private boolean addRoleDescriptionInExtSystem(Role role, EPApp app) throws Exception { + boolean status = false; try { + String addRoleNew = updateExistingRoleInExternalSystem(role, app); + HttpHeaders headers = EcompPortalUtils.base64encodeKeyForAAFBasicAuth(); HttpEntity<String> entity = new HttpEntity<>(addRoleNew, headers); template.exchange( SystemProperties.getProperty(EPCommonSystemProperties.EXTERNAL_CENTRAL_ACCESS_URL) + "role", HttpMethod.PUT, entity, String.class); + status = true; } catch (HttpClientErrorException e) { - logger.error(EELFLoggerDelegate.errorLogger, "HttpClientErrorException - Failed to addIfRoleDescriptionNotExitsInExtSystem", - e); + logger.error(EELFLoggerDelegate.errorLogger, + "HttpClientErrorException - Failed to addRoleDescriptionInExtSystem", e); EPLogUtil.logExternalAuthAccessAlarm(logger, e.getStatusCode()); } catch (Exception e) { - logger.error(EELFLoggerDelegate.errorLogger, "addIfRoleDescriptionNotExitsInExtSystem: Failed", - e); + logger.error(EELFLoggerDelegate.errorLogger, "addRoleDescriptionInExtSystem: Failed", e); } + return status; } /** * - * While sync functions form external auth system if new role found we should add in local and return Role.class object + * While sync functions form external auth system if new role found we + * should add in local and return Role.class object * * @param app * @param role @@ -2209,7 +2259,8 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic private Role addRoleInDBIfDoesNotExists(EPApp app, String role) { Role setNewRole = new Role(); try { - // functions can have new role created in External Auth System prevent + // functions can have new role created in External Auth System + // prevent // duplication here boolean isCreated = checkIfRoleExitsElseCreateInSyncFunctions(role, app); final Map<String, String> getRoleByNameParams = new HashMap<>(); @@ -2252,8 +2303,7 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic roleParams.put(APP_ROLE_NAME_PARAM, role); List<EPRole> roleCreated = null; if (app.getId().equals(PortalConstants.PORTAL_APP_ID)) { - roleCreated = dataAccessService.executeNamedQuery(GET_PORTAL_APP_ROLES_QUERY, roleParams, - null); + roleCreated = dataAccessService.executeNamedQuery(GET_PORTAL_APP_ROLES_QUERY, roleParams, null); } else { roleParams.put("appId", String.valueOf(app.getId())); roleCreated = dataAccessService.executeNamedQuery(GET_ROLE_TO_UPDATE_IN_EXTERNAL_AUTH_SYSTEM, roleParams, @@ -2290,7 +2340,7 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic addRoleFunctionInExternalSystem(cenRoleFunc, app); functionsAdded++; } - } catch(HttpClientErrorException e){ + } catch (HttpClientErrorException e) { logger.error(EELFLoggerDelegate.errorLogger, "HttpClientErrorException - bulkUploadFunctions failed", e); EPLogUtil.logExternalAuthAccessAlarm(logger, e.getStatusCode()); } catch (Exception e) { @@ -2368,14 +2418,17 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic template.exchange( SystemProperties.getProperty(EPCommonSystemProperties.EXTERNAL_CENTRAL_ACCESS_URL) + "role", HttpMethod.POST, entity, String.class); - } catch(HttpClientErrorException e){ - logger.error(EELFLoggerDelegate.errorLogger, "HttpClientErrorException - Failed to addRoleInExternalSystem", e); + } catch (HttpClientErrorException e) { + logger.error(EELFLoggerDelegate.errorLogger, "HttpClientErrorException - Failed to addRoleInExternalSystem", + e); EPLogUtil.logExternalAuthAccessAlarm(logger, e.getStatusCode()); } catch (Exception e) { if (e.getMessage().equalsIgnoreCase("409 Conflict")) { - logger.error(EELFLoggerDelegate.errorLogger, "addRoleInExternalSystem: Role already exits but does not break functionality", e); + logger.error(EELFLoggerDelegate.errorLogger, + "addRoleInExternalSystem: Role already exits but does not break functionality", e); } else { - logger.error(EELFLoggerDelegate.errorLogger, "addRoleInExternalSystem: Failed to addRoleInExternalSystem", e.getMessage()); + logger.error(EELFLoggerDelegate.errorLogger, + "addRoleInExternalSystem: Failed to addRoleInExternalSystem", e.getMessage()); } } } @@ -2399,15 +2452,16 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic } } } - } catch(HttpClientErrorException e){ - logger.error(EELFLoggerDelegate.errorLogger, "HttpClientErrorException - Failed to bulkUploadRolesFunctions", e); + } catch (HttpClientErrorException e) { + logger.error(EELFLoggerDelegate.errorLogger, + "HttpClientErrorException - Failed to bulkUploadRolesFunctions", e); EPLogUtil.logExternalAuthAccessAlarm(logger, e.getStatusCode()); } catch (Exception e) { logger.error(EELFLoggerDelegate.errorLogger, "bulkUploadRolesFunctions: failed", e); } return roleFunctions; } - + /** * Its adding a role function while doing bulk upload * @@ -2419,14 +2473,14 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic String type = ""; String instance = ""; String action = ""; - if(addRoleFunc.getFunctionCd().contains(FUNCTION_PIPE)){ - type = EcompPortalUtils.getFunctionType(addRoleFunc.getFunctionCd()); + if (addRoleFunc.getFunctionCd().contains(FUNCTION_PIPE)) { + type = EcompPortalUtils.getFunctionType(addRoleFunc.getFunctionCd()); instance = EcompPortalUtils.getFunctionCode(addRoleFunc.getFunctionCd()); action = EcompPortalUtils.getFunctionAction(addRoleFunc.getFunctionCd()); - } else{ + } else { type = addRoleFunc.getFunctionCd().contains("menu") ? "menu" : "url"; instance = addRoleFunc.getFunctionCd(); - action = "*"; + action = "*"; } ExternalAccessRolePerms extRolePerms = null; ExternalAccessPerms extPerms = null; @@ -2435,8 +2489,8 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic HttpHeaders headers = EcompPortalUtils.base64encodeKeyForAAFBasicAuth(); extPerms = new ExternalAccessPerms(app.getNameSpace() + "." + type, instance, action, addRoleFunc.getFunctionName()); - extRolePerms = new ExternalAccessRolePerms(extPerms, - app.getNameSpace() + "." + role.getName().replaceAll(EcompPortalUtils.EXTERNAL_CENTRAL_AUTH_ROLE_HANDLE_SPECIAL_CHARACTERS, "_")); + extRolePerms = new ExternalAccessRolePerms(extPerms, app.getNameSpace() + "." + role.getName() + .replaceAll(EcompPortalUtils.EXTERNAL_CENTRAL_AUTH_ROLE_HANDLE_SPECIAL_CHARACTERS, "_")); String updateRolePerms = mapper.writeValueAsString(extRolePerms); HttpEntity<String> entity = new HttpEntity<>(updateRolePerms, headers); template.exchange( @@ -2445,10 +2499,11 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic } catch (Exception e) { if (e.getMessage().equalsIgnoreCase("409 Conflict")) { logger.error(EELFLoggerDelegate.errorLogger, - "addRoleFunctionsInExternalSystem: RoleFunction already exits but does not break functionality", e); + "addRoleFunctionsInExternalSystem: RoleFunction already exits but does not break functionality", + e); } else { - logger.error(EELFLoggerDelegate.errorLogger, "addRoleFunctionsInExternalSystem: Failed to addRoleFunctionsInExternalSystem", - e.getMessage()); + logger.error(EELFLoggerDelegate.errorLogger, + "addRoleFunctionsInExternalSystem: Failed to addRoleFunctionsInExternalSystem", e.getMessage()); } } } @@ -2468,7 +2523,8 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic functionsAdded++; } } catch (HttpClientErrorException e) { - logger.error(EELFLoggerDelegate.errorLogger, "HttpClientErrorException - bulkUploadPartnerFunctions failed", e); + logger.error(EELFLoggerDelegate.errorLogger, "HttpClientErrorException - bulkUploadPartnerFunctions failed", + e); EPLogUtil.logExternalAuthAccessAlarm(logger, e.getStatusCode()); } catch (Exception e) { logger.error(EELFLoggerDelegate.errorLogger, "bulkUploadPartnerFunctions: failed", e.getMessage(), e); @@ -2518,7 +2574,7 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic "addFunctionInExternalSystem: Failed to add fucntion in external central auth system", e); throw e; } - } + } @Override public void bulkUploadPartnerRoles(String uebkey, List<Role> roleList) throws Exception { @@ -2538,8 +2594,8 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic try { for (EPRole role : roles) { params.put("roleId", role.getId()); - List<BulkUploadRoleFunction> appRoleFunc = dataAccessService.executeNamedQuery("uploadPartnerRoleFunctions", - params, null); + List<BulkUploadRoleFunction> appRoleFunc = dataAccessService + .executeNamedQuery("uploadPartnerRoleFunctions", params, null); if (!appRoleFunc.isEmpty()) { for (BulkUploadRoleFunction addRoleFunc : appRoleFunc) { addRoleFunctionsInExternalSystem(addRoleFunc, role, app); @@ -2548,11 +2604,12 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic } } // upload global role functions to ext auth system - if(!app.getId().equals(PortalConstants.PORTAL_APP_ID)) { + if (!app.getId().equals(PortalConstants.PORTAL_APP_ID)) { roleFunctions = bulkUploadGlobalRoleFunctions(app, roleFunctions); } - } catch(HttpClientErrorException e){ - logger.error(EELFLoggerDelegate.errorLogger, "HttpClientErrorException - Failed to bulkUploadRolesFunctions", e); + } catch (HttpClientErrorException e) { + logger.error(EELFLoggerDelegate.errorLogger, + "HttpClientErrorException - Failed to bulkUploadRolesFunctions", e); EPLogUtil.logExternalAuthAccessAlarm(logger, e.getStatusCode()); } catch (Exception e) { logger.error(EELFLoggerDelegate.errorLogger, "bulkUploadRolesFunctions: failed", e); @@ -2586,8 +2643,9 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic action = "*"; } extPerms = new ExternalAccessPerms(app.getNameSpace() + "." + type, instance, action); - extRolePerms = new ExternalAccessRolePerms(extPerms, portalApp.getNameSpace() + "." + globalRoleFunc.getRoleName() - .replaceAll(EcompPortalUtils.EXTERNAL_CENTRAL_AUTH_ROLE_HANDLE_SPECIAL_CHARACTERS, "_")); + extRolePerms = new ExternalAccessRolePerms(extPerms, + portalApp.getNameSpace() + "." + globalRoleFunc.getRoleName().replaceAll( + EcompPortalUtils.EXTERNAL_CENTRAL_AUTH_ROLE_HANDLE_SPECIAL_CHARACTERS, "_")); String updateRolePerms = mapper.writeValueAsString(extRolePerms); HttpEntity<String> entity = new HttpEntity<>(updateRolePerms, headers); updateRoleFunctionInExternalSystem(updateRolePerms, entity); @@ -2611,48 +2669,44 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic public void syncApplicationRolesWithEcompDB(EPApp app) { try { logger.debug(EELFLoggerDelegate.debugLogger, "syncRoleFunctionFromExternalAccessSystem: Started"); - //Sync functions and roles assigned to it which also creates new roles if does not exits in portal + // Sync functions and roles assigned to it which also creates new roles if does + // not exits in portal syncRoleFunctionFromExternalAccessSystem(app); - logger.debug(EELFLoggerDelegate.debugLogger, "syncRoleFunctionFromExternalAccessSystem: Finished"); - + logger.debug(EELFLoggerDelegate.debugLogger, "syncRoleFunctionFromExternalAccessSystem: Finished"); ObjectMapper mapper = new ObjectMapper(); logger.debug(EELFLoggerDelegate.debugLogger, "Entering to getAppRolesJSONFromExtAuthSystem"); // Get Permissions from External Auth System JSONArray extRole = getAppRolesJSONFromExtAuthSystem(app); - logger.debug(EELFLoggerDelegate.debugLogger, "Entering into getExternalRoleDetailsList"); - List<ExternalRoleDetails> externalRoleDetailsList = getExternalRoleDetailsList(app, - mapper, extRole); - + // refactoring done + List<ExternalRoleDetails> externalRoleDetailsList = getExternalRoleDetailsList(app, mapper, extRole); List<EPRole> finalRoleList = new ArrayList<>(); for (ExternalRoleDetails externalRole : externalRoleDetailsList) { EPRole ecompRole = convertExternalRoleDetailstoEpRole(externalRole); finalRoleList.add(ecompRole); } - List<EPRole> applicationRolesList; applicationRolesList = getAppRoles(app.getId()); List<String> applicationRoleIdList = new ArrayList<>(); for (EPRole applicationRole : applicationRolesList) { - applicationRoleIdList.add(applicationRole.getName().replaceAll(EcompPortalUtils.EXTERNAL_CENTRAL_AUTH_ROLE_HANDLE_SPECIAL_CHARACTERS, "_")); + applicationRoleIdList.add(applicationRole.getName()); } - List<EPRole> roleListToBeAddInEcompDB = new ArrayList<>(); for (EPRole aafRole : finalRoleList) { if (!applicationRoleIdList.contains(aafRole.getName())) { roleListToBeAddInEcompDB.add(aafRole); } } - logger.debug(EELFLoggerDelegate.debugLogger, "Entering into inactiveRolesNotInExternalAuthSystem"); // Check if roles exits in external Access system and if not make inactive in DB inactiveRolesNotInExternalAuthSystem(app, finalRoleList, applicationRolesList); logger.debug(EELFLoggerDelegate.debugLogger, "Entering into addNewRoleInEcompDBUpdateDescInExtAuthSystem"); - // Add new roles in DB and updates role description in External Auth System + // Add new roles in DB and updates role description in External Auth System addNewRoleInEcompDBUpdateDescInExtAuthSystem(app, roleListToBeAddInEcompDB); logger.debug(EELFLoggerDelegate.debugLogger, "syncApplicationRolesWithEcompDB: Finished"); } catch (HttpClientErrorException e) { - logger.error(EELFLoggerDelegate.errorLogger, "syncApplicationRolesWithEcompDB: Failed due to the External Auth System", e); + logger.error(EELFLoggerDelegate.errorLogger, + "syncApplicationRolesWithEcompDB: Failed due to the External Auth System", e); EPLogUtil.logExternalAuthAccessAlarm(logger, e.getStatusCode()); } catch (Exception e) { logger.error(EELFLoggerDelegate.errorLogger, "syncApplicationRolesWithEcompDB: Failed ", e); @@ -2681,14 +2735,14 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic final Map<String, String> globalRoleParams = new HashMap<>(); globalRoleParams.put("appId", String.valueOf(app.getId())); globalRoleParams.put("appRoleName", roleToBeAddedInEcompDB.getName()); - getRoleCreatedInSync = dataAccessService.executeNamedQuery(GET_ROLE_TO_UPDATE_IN_EXTERNAL_AUTH_SYSTEM, globalRoleParams, null); + getRoleCreatedInSync = dataAccessService + .executeNamedQuery(GET_ROLE_TO_UPDATE_IN_EXTERNAL_AUTH_SYSTEM, globalRoleParams, null); EPRole epUpdateRole = getRoleCreatedInSync.get(0); epUpdateRole.setAppRoleId(epUpdateRole.getId()); dataAccessService.saveDomainObject(epUpdateRole, null); } List<EPRole> roleList = new ArrayList<>(); final Map<String, String> params = new HashMap<>(); - params.put(APP_ROLE_NAME_PARAM, roleToBeAddedInEcompDB.getName()); boolean isPortalRole = false; if (app.getId() == 1) { @@ -2697,7 +2751,8 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic } else { isPortalRole = false; params.put(APP_ID, app.getId().toString()); - roleList = dataAccessService.executeNamedQuery(GET_ROLE_TO_UPDATE_IN_EXTERNAL_AUTH_SYSTEM, params, null); + roleList = dataAccessService.executeNamedQuery(GET_ROLE_TO_UPDATE_IN_EXTERNAL_AUTH_SYSTEM, params, + null); } EPRole role = roleList.get(0); Role aaFrole = new Role(); @@ -2715,11 +2770,63 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic /** * - * It de-activates application roles in DB if not present in External Auth system + * It checks description in External Auth System if found any + * changes updates in DB + * + * @param app + * @param finalRoleList + * contains list of External Auth System roles list which is + * converted to EPRole + */ + @SuppressWarnings("unchecked") + private void checkAndUpdateRoleInDB(EPApp app, List<EPRole> finalRoleList) { + for (EPRole roleItem : finalRoleList) { + final Map<String, String> roleParams = new HashMap<>(); + List<EPRole> currentList = null; + roleParams.put(APP_ROLE_NAME_PARAM, roleItem.getName()); + if (app.getId() == 1) { + currentList = dataAccessService.executeNamedQuery(GET_PORTAL_APP_ROLES_QUERY, roleParams, null); + } else { + roleParams.put(APP_ID, app.getId().toString()); + currentList = dataAccessService.executeNamedQuery(GET_ROLE_TO_UPDATE_IN_EXTERNAL_AUTH_SYSTEM, + roleParams, null); + } + if (!currentList.isEmpty()) { + try { + Boolean aafRoleActive; + Boolean localRoleActive; + boolean result; + aafRoleActive = Boolean.valueOf(roleItem.getActive()); + localRoleActive = Boolean.valueOf(currentList.get(0).getActive()); + result = aafRoleActive.equals(localRoleActive); + EPRole updateRole = currentList.get(0); + if (!result) { + updateRole.setActive(roleItem.getActive()); + dataAccessService.saveDomainObject(updateRole, null); + } + if (roleItem.getPriority() != null + && !currentList.get(0).getPriority().equals(roleItem.getPriority())) { + updateRole.setPriority(roleItem.getPriority()); + dataAccessService.saveDomainObject(updateRole, null); + } + } catch (Exception e) { + logger.error(EELFLoggerDelegate.errorLogger, + "syncApplicationRolesWithEcompDB: Failed to update role ", e); + } + } + } + } + + /** + * + * It de-activates application roles in DB if not present in External Auth + * system * * @param app - * @param finalRoleList contains list of current roles present in External Auth System - * @param applicationRolesList contains list of current roles present in DB + * @param finalRoleList + * contains list of current roles present in External Auth System + * @param applicationRolesList + * contains list of current roles present in DB */ @SuppressWarnings("unchecked") private void inactiveRolesNotInExternalAuthSystem(EPApp app, List<EPRole> finalRoleList, @@ -2733,14 +2840,16 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic final Map<String, String> extRoleParams = new HashMap<>(); List<EPRole> roleList = null; extRoleParams.put(APP_ROLE_NAME_PARAM, role.getName()); - if (!checkRolesInactive.containsKey(role.getName().replaceAll(EcompPortalUtils.EXTERNAL_CENTRAL_AUTH_ROLE_HANDLE_SPECIAL_CHARACTERS, "_"))) { + if (!checkRolesInactive.containsKey(role.getName() + .replaceAll(EcompPortalUtils.EXTERNAL_CENTRAL_AUTH_ROLE_HANDLE_SPECIAL_CHARACTERS, "_"))) { if (app.getId() == 1) { roleList = dataAccessService.executeNamedQuery(GET_PORTAL_APP_ROLES_QUERY, extRoleParams, null); } else { extRoleParams.put(APP_ID, app.getId().toString()); - roleList = dataAccessService.executeNamedQuery(GET_ROLE_TO_UPDATE_IN_EXTERNAL_AUTH_SYSTEM, extRoleParams, null); + roleList = dataAccessService.executeNamedQuery(GET_ROLE_TO_UPDATE_IN_EXTERNAL_AUTH_SYSTEM, + extRoleParams, null); } - if(!roleList.isEmpty()) { + if (!roleList.isEmpty()) { EPRole updateRoleInactive = roleList.get(0); updateRoleInactive.setActive(false); dataAccessService.saveDomainObject(updateRoleInactive, null); @@ -2752,22 +2861,25 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic } } } - + @Override @SuppressWarnings("unchecked") - public List<ExternalRoleDetails> getExternalRoleDetailsList(EPApp app, - ObjectMapper mapper, JSONArray extRole) + public List<ExternalRoleDetails> getExternalRoleDetailsList(EPApp app, ObjectMapper mapper, JSONArray extRole) throws IOException { List<ExternalRoleDetails> externalRoleDetailsList = new ArrayList<>(); ExternalAccessPerms externalAccessPerms = new ExternalAccessPerms(); List<String> functionCodelist = new ArrayList<>(); - Map<String, EPRole> curRolesMap = getCurrentRolesInDB(app); + Map<String, EPRole> curRolesMap = getAppRoleNamesMap(app); + Map<String, EPRole> curRolesUnderscoreMap = getAppRoleNamesWithUnderscoreMap(app); for (int i = 0; i < extRole.length(); i++) { ExternalRoleDetails externalRoleDetail = new ExternalRoleDetails(); EPAppRoleFunction ePAppRoleFunction = new EPAppRoleFunction(); JSONObject Role = (JSONObject) extRole.get(i); String name = extRole.getJSONObject(i).getString(ROLE_NAME); - String actualRoleName = name.substring(app.getNameSpace().length() + 1); + String actualRoleName = name.substring(app.getNameSpace().length() + 1); + if (extRole.getJSONObject(i).has(EXTERNAL_AUTH_ROLE_DESCRIPTION)) { + actualRoleName = extRole.getJSONObject(i).getString(EXTERNAL_AUTH_ROLE_DESCRIPTION); + } SortedSet<ExternalAccessPerms> externalAccessPermsOfRole = new TreeSet<>(); if (extRole.getJSONObject(i).has(EXTERNAL_AUTH_PERMS)) { JSONArray extPerm = (JSONArray) Role.get(EXTERNAL_AUTH_PERMS); @@ -2782,7 +2894,6 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic functionCodelist.add(ePAppRoleFunction.getCode()); externalAccessPermsOfRole.add(externalAccessPerms); } - } } externalRoleDetail.setActive(true); @@ -2792,18 +2903,19 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic } else { externalRoleDetail.setAppId(app.getId()); } - // get role functions from DB - EPRole currRole = curRolesMap.get(actualRoleName - .replaceAll(EcompPortalUtils.EXTERNAL_CENTRAL_AUTH_ROLE_HANDLE_SPECIAL_CHARACTERS, "_")); + EPRole currRole = null; + currRole = (!extRole.getJSONObject(i).has(EXTERNAL_AUTH_ROLE_DESCRIPTION)) + ? curRolesUnderscoreMap.get(actualRoleName) + : curRolesMap.get(actualRoleName); Long roleId = null; if (currRole != null) roleId = currRole.getId(); - // get role functions from DB final Map<String, EPAppRoleFunction> roleFunctionsMap = new HashMap<>(); final Map<String, Long> appRoleFuncsParams = new HashMap<>(); if (roleId != null) { appRoleFuncsParams.put("appId", app.getId()); appRoleFuncsParams.put("roleId", roleId); + // get role functions from DB List<EPAppRoleFunction> appRoleFunctions = dataAccessService .executeNamedQuery("getAppRoleFunctionOnRoleIdandAppId", appRoleFuncsParams, null); if (!appRoleFunctions.isEmpty()) { @@ -2864,9 +2976,8 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic HttpEntity<String> entity = new HttpEntity<>(headers); logger.debug(EELFLoggerDelegate.debugLogger, "syncApplicationRolesWithEcompDB: {} ", CONNECTING_TO_EXTERNAL_AUTH_SYSTEM_LOG_MESSAGE); - response = template - .exchange(SystemProperties.getProperty(EPCommonSystemProperties.EXTERNAL_CENTRAL_ACCESS_URL) - + "roles/ns/" + app.getNameSpace(), HttpMethod.GET, entity, String.class); + response = template.exchange(SystemProperties.getProperty(EPCommonSystemProperties.EXTERNAL_CENTRAL_ACCESS_URL) + + "roles/ns/" + app.getNameSpace(), HttpMethod.GET, entity, String.class); String res = response.getBody(); logger.debug(EELFLoggerDelegate.debugLogger, "syncApplicationRolesWithEcompDB: Finished GET roles from External Auth system and the result is :", @@ -2880,31 +2991,28 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic && !app.getId().equals(PortalConstants.PORTAL_APP_ID))) { extRole.remove(i); i--; - } + } } return extRole; } - + @Override - public JSONArray getAllUsersByRole(String roleName) throws Exception{ + public JSONArray getAllUsersByRole(String roleName) throws Exception { ResponseEntity<String> response = null; HttpHeaders headers = EcompPortalUtils.base64encodeKeyForAAFBasicAuth(); HttpEntity<String> entity = new HttpEntity<>(headers); logger.debug(EELFLoggerDelegate.debugLogger, "getAllUsersByRole: {} ", CONNECTING_TO_EXTERNAL_AUTH_SYSTEM_LOG_MESSAGE); - response = template - .exchange(SystemProperties.getProperty(EPCommonSystemProperties.EXTERNAL_CENTRAL_ACCESS_URL) - + "userRoles/role/" + roleName, HttpMethod.GET, entity, String.class); + response = template.exchange(SystemProperties.getProperty(EPCommonSystemProperties.EXTERNAL_CENTRAL_ACCESS_URL) + + "userRoles/role/" + roleName, HttpMethod.GET, entity, String.class); String res = response.getBody(); logger.debug(EELFLoggerDelegate.debugLogger, "syncApplicationRolesWithEcompDB: Finished GET roles from External Auth system and the result is :", res); - if(res == null || res.trim().isEmpty()) + if (res == null || res.trim().isEmpty()) return null; - JSONObject jsonObj = new JSONObject(res); JSONArray extRole = jsonObj.getJSONArray("userRole"); - return extRole; } @@ -2936,7 +3044,7 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic if (app.getCentralAuth()) { userRolesList = dataAccessService.executeNamedQuery("getBulkUserRoles", params, null); for (BulkUploadUserRoles userRolesUpload : userRolesList) { - if(!userRolesUpload.getOrgUserId().equals("su1234")){ + if (!userRolesUpload.getOrgUserId().equals("su1234")) { addUserRoleInExternalSystem(userRolesUpload); userRolesAdded++; } @@ -2946,7 +3054,7 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic } /** - * Its adding a user role in external auth system while doing bulk upload + * Its adding a user role in external auth system while doing bulk upload * * @param userRolesUpload */ @@ -2960,90 +3068,86 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic + SystemProperties.getProperty(EPCommonSystemProperties.EXTERNAL_CENTRAL_ACCESS_USER_DOMAIN); } ExternalAccessUser extUser = new ExternalAccessUser(name, - userRolesUpload.getAppNameSpace() + "." + userRolesUpload.getRoleName().replaceAll(EcompPortalUtils.EXTERNAL_CENTRAL_AUTH_ROLE_HANDLE_SPECIAL_CHARACTERS, "_")); + userRolesUpload.getAppNameSpace() + "." + userRolesUpload.getRoleName() + .replaceAll(EcompPortalUtils.EXTERNAL_CENTRAL_AUTH_ROLE_HANDLE_SPECIAL_CHARACTERS, "_")); String userRole = mapper.writeValueAsString(extUser); HttpHeaders headers = EcompPortalUtils.base64encodeKeyForAAFBasicAuth(); HttpEntity<String> entity = new HttpEntity<>(userRole, headers); template.exchange( SystemProperties.getProperty(EPCommonSystemProperties.EXTERNAL_CENTRAL_ACCESS_URL) + "userRole", HttpMethod.POST, entity, String.class); - } catch(HttpClientErrorException e){ - logger.error(EELFLoggerDelegate.errorLogger, "HttpClientErrorException - Failed to addUserRoleInExternalSystem", e); + } catch (HttpClientErrorException e) { + logger.error(EELFLoggerDelegate.errorLogger, + "HttpClientErrorException - Failed to addUserRoleInExternalSystem", e); EPLogUtil.logExternalAuthAccessAlarm(logger, e.getStatusCode()); } catch (Exception e) { if (e.getMessage().equalsIgnoreCase("409 Conflict")) { - logger.error(EELFLoggerDelegate.errorLogger, "addUserRoleInExternalSystem: UserRole already exits but does not break functionality"); + logger.error(EELFLoggerDelegate.errorLogger, + "addUserRoleInExternalSystem: UserRole already exits but does not break functionality"); } else { - logger.error(EELFLoggerDelegate.errorLogger, "addUserRoleInExternalSystem: Failed to addUserRoleInExternalSystem", e); + logger.error(EELFLoggerDelegate.errorLogger, + "addUserRoleInExternalSystem: Failed to addUserRoleInExternalSystem", e); } } } @Override - public void deleteRoleDependencyRecords(Session localSession, Long roleId, Long appId, boolean isPortalRequest) throws Exception { + public void deleteRoleDependencyRecords(Session localSession, Long roleId, Long appId, boolean isPortalRequest) + throws Exception { try { - String sql = ""; + String sql = ""; Query query = null; - - //It should delete only when it portal's roleId - if(appId.equals(PortalConstants.PORTAL_APP_ID)){ - // Delete from fn_role_function - sql = "DELETE FROM fn_role_function WHERE role_id=" + roleId; - logger.debug(EELFLoggerDelegate.debugLogger, "Executing query: " + sql); - query = localSession.createSQLQuery(sql); - query.executeUpdate(); - - // Delete from fn_role_composite - sql = "DELETE FROM fn_role_composite WHERE parent_role_id=" + roleId + " OR child_role_id=" + roleId; - logger.debug(EELFLoggerDelegate.debugLogger, "Executing query: " + sql); - query = localSession.createSQLQuery(sql); - query.executeUpdate(); + // It should delete only when it portal's roleId + if (appId.equals(PortalConstants.PORTAL_APP_ID)) { + // Delete from fn_role_function + sql = "DELETE FROM fn_role_function WHERE role_id=" + roleId; + logger.debug(EELFLoggerDelegate.debugLogger, "Executing query: " + sql); + query = localSession.createSQLQuery(sql); + query.executeUpdate(); + // Delete from fn_role_composite + sql = "DELETE FROM fn_role_composite WHERE parent_role_id=" + roleId + " OR child_role_id=" + roleId; + logger.debug(EELFLoggerDelegate.debugLogger, "Executing query: " + sql); + query = localSession.createSQLQuery(sql); + query.executeUpdate(); } - // Delete from ep_app_role_function sql = "DELETE FROM ep_app_role_function WHERE role_id=" + roleId; logger.debug(EELFLoggerDelegate.debugLogger, "Executing query: " + sql); query = localSession.createSQLQuery(sql); query.executeUpdate(); - // Delete from ep_role_notification sql = "DELETE FROM ep_role_notification WHERE role_id=" + roleId; logger.debug(EELFLoggerDelegate.debugLogger, "Executing query: " + sql); query = localSession.createSQLQuery(sql); query.executeUpdate(); - // Delete from fn_user_pseudo_role sql = "DELETE FROM fn_user_pseudo_role WHERE pseudo_role_id=" + roleId; logger.debug(EELFLoggerDelegate.debugLogger, "Executing query: " + sql); query = localSession.createSQLQuery(sql); query.executeUpdate(); - // Delete form EP_WIDGET_CATALOG_ROLE sql = "DELETE FROM EP_WIDGET_CATALOG_ROLE WHERE role_id=" + roleId; logger.debug(EELFLoggerDelegate.debugLogger, "Executing query: " + sql); query = localSession.createSQLQuery(sql); query.executeUpdate(); - // Delete form EP_WIDGET_CATALOG_ROLE sql = "DELETE FROM ep_user_roles_request_det WHERE requested_role_id=" + roleId; logger.debug(EELFLoggerDelegate.debugLogger, "Executing query: " + sql); query = localSession.createSQLQuery(sql); query.executeUpdate(); - - if(!isPortalRequest) { + if (!isPortalRequest) { // Delete form fn_menu_functional_roles sql = "DELETE FROM fn_menu_functional_roles WHERE role_id=" + roleId; logger.debug(EELFLoggerDelegate.debugLogger, "Executing query: " + sql); query = localSession.createSQLQuery(sql); - query.executeUpdate(); + query.executeUpdate(); } } catch (Exception e) { logger.debug(EELFLoggerDelegate.debugLogger, "deleteRoleDependeciesRecord: failed ", e); throw new DeleteDomainObjectFailedException("delete Failed" + e.getMessage()); } - } - + @SuppressWarnings("unchecked") @Override public List<String> getMenuFunctionsList(String uebkey) throws Exception { @@ -3054,8 +3158,8 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic final Map<String, Long> appParams = new HashMap<>(); appParams.put(APP_ID, app.getId()); appMenuFunctionsList = dataAccessService.executeNamedQuery("getMenuFunctions", appParams, null); - for(String appMenuFunction : appMenuFunctionsList) { - if(appMenuFunction.contains(FUNCTION_PIPE)) { + for (String appMenuFunction : appMenuFunctionsList) { + if (appMenuFunction.contains(FUNCTION_PIPE)) { appMenuFunctionsFinalList.add(EcompPortalUtils.getFunctionCode(appMenuFunction)); } else { appMenuFunctionsFinalList.add(appMenuFunction); @@ -3068,98 +3172,91 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic return appMenuFunctionsFinalList; } - @SuppressWarnings({ "unchecked"}) + @SuppressWarnings({ "unchecked" }) @Override public List<EcompUser> getAllAppUsers(String uebkey) throws Exception { List<String> usersList = new ArrayList<>(); - List<EcompUser> usersfinalList = new ArrayList<>(); - try { - EPApp app = getApp(uebkey).get(0); - final Map<String, Long> appParams = new HashMap<>(); - appParams.put("appId", app.getId()); - List<EcompUserRoles> userList = (List<EcompUserRoles>) dataAccessService - .executeNamedQuery("ApplicationUserRoles", appParams, null); - for (EcompUserRoles ecompUserRole : userList) { - boolean found = false; - Set<EcompRole> roles = null; - for (EcompUser user : usersfinalList) { - if (user.getOrgUserId().equals(ecompUserRole.getOrgUserId())) { - EcompRole ecompRole = new EcompRole(); - ecompRole.setId(ecompUserRole.getRoleId()); - ecompRole.setName(ecompUserRole.getRoleName()); - roles = user.getRoles(); - EcompRole role = roles.stream().filter(x -> x.getName().equals(ecompUserRole.getRoleName())).findAny() - .orElse(null); - SortedSet<EcompRoleFunction> roleFunctionSet = new TreeSet<>(); - if(role != null) - { - roleFunctionSet = (SortedSet<EcompRoleFunction>) role.getRoleFunctions(); - } - - String functionCode = EcompPortalUtils.getFunctionCode(ecompUserRole.getFunctionCode()); - functionCode = EPUserUtils.decodeFunctionCode(functionCode); - EcompRoleFunction epRoleFunction = new EcompRoleFunction(); - epRoleFunction.setName(ecompUserRole.getFunctionName()); - epRoleFunction.setCode(EPUserUtils.decodeFunctionCode(functionCode)); - epRoleFunction.setType(getFunctionCodeType(ecompUserRole.getFunctionCode())); - epRoleFunction.setAction(getFunctionCodeAction(ecompUserRole.getFunctionCode())); - roleFunctionSet.add(epRoleFunction); - ecompRole.setRoleFunctions(roleFunctionSet); - roles.add(ecompRole); - user.setRoles(roles); - found = true; - break; - } - } - - if (!found) { - EcompUser epUser = new EcompUser(); - epUser.setOrgId(ecompUserRole.getOrgId()); - epUser.setManagerId(ecompUserRole.getManagerId()); - epUser.setFirstName(ecompUserRole.getFirstName()); - epUser.setLastName(ecompUserRole.getLastName()); - epUser.setPhone(ecompUserRole.getPhone()); - epUser.setEmail(ecompUserRole.getEmail()); - epUser.setOrgUserId(ecompUserRole.getOrgUserId()); - epUser.setOrgCode(ecompUserRole.getOrgCode()); - epUser.setOrgManagerUserId(ecompUserRole.getOrgManagerUserId()); - epUser.setJobTitle(ecompUserRole.getJobTitle()); - epUser.setLoginId(ecompUserRole.getLoginId()); - epUser.setActive(true); - roles = new HashSet<>(); - EcompRole ecompRole = new EcompRole(); - ecompRole.setId(ecompUserRole.getRoleId()); - ecompRole.setName(ecompUserRole.getRoleName()); - SortedSet<EcompRoleFunction> roleFunctionSet = new TreeSet<>(); - - String functionCode = EcompPortalUtils.getFunctionCode(ecompUserRole.getFunctionCode()); - functionCode = EPUserUtils.decodeFunctionCode(functionCode); - EcompRoleFunction epRoleFunction = new EcompRoleFunction(); - epRoleFunction.setName(ecompUserRole.getFunctionName()); - epRoleFunction.setCode(EPUserUtils.decodeFunctionCode(functionCode)); - epRoleFunction.setType(getFunctionCodeType(ecompUserRole.getFunctionCode())); - epRoleFunction.setAction(getFunctionCodeAction(ecompUserRole.getFunctionCode())); - roleFunctionSet.add(epRoleFunction); - ecompRole.setRoleFunctions(roleFunctionSet); - roles.add(ecompRole); - epUser.setRoles(roles); - usersfinalList.add(epUser); - } - } - ObjectMapper mapper = new ObjectMapper(); - - for (EcompUser u1 : usersfinalList) { - String str = mapper.writeValueAsString(u1); - usersList.add(str); - } - } catch (Exception e) { - logger.error(EELFLoggerDelegate.errorLogger, "getAllUsers failed", e); - throw e; - } - return usersfinalList; - - } - + List<EcompUser> usersfinalList = new ArrayList<>(); + try { + EPApp app = getApp(uebkey).get(0); + final Map<String, Long> appParams = new HashMap<>(); + appParams.put("appId", app.getId()); + List<EcompUserRoles> userList = (List<EcompUserRoles>) dataAccessService + .executeNamedQuery("ApplicationUserRoles", appParams, null); + for (EcompUserRoles ecompUserRole : userList) { + boolean found = false; + Set<EcompRole> roles = null; + for (EcompUser user : usersfinalList) { + if (user.getOrgUserId().equals(ecompUserRole.getOrgUserId())) { + EcompRole ecompRole = new EcompRole(); + ecompRole.setId(ecompUserRole.getRoleId()); + ecompRole.setName(ecompUserRole.getRoleName()); + roles = user.getRoles(); + EcompRole role = roles.stream().filter(x -> x.getName().equals(ecompUserRole.getRoleName())) + .findAny().orElse(null); + SortedSet<EcompRoleFunction> roleFunctionSet = new TreeSet<>(); + if (role != null) { + roleFunctionSet = (SortedSet<EcompRoleFunction>) role.getRoleFunctions(); + } + String functionCode = EcompPortalUtils.getFunctionCode(ecompUserRole.getFunctionCode()); + functionCode = EPUserUtils.decodeFunctionCode(functionCode); + EcompRoleFunction epRoleFunction = new EcompRoleFunction(); + epRoleFunction.setName(ecompUserRole.getFunctionName()); + epRoleFunction.setCode(EPUserUtils.decodeFunctionCode(functionCode)); + epRoleFunction.setType(getFunctionCodeType(ecompUserRole.getFunctionCode())); + epRoleFunction.setAction(getFunctionCodeAction(ecompUserRole.getFunctionCode())); + roleFunctionSet.add(epRoleFunction); + ecompRole.setRoleFunctions(roleFunctionSet); + roles.add(ecompRole); + user.setRoles(roles); + found = true; + break; + } + } + if (!found) { + EcompUser epUser = new EcompUser(); + epUser.setOrgId(ecompUserRole.getOrgId()); + epUser.setManagerId(ecompUserRole.getManagerId()); + epUser.setFirstName(ecompUserRole.getFirstName()); + epUser.setLastName(ecompUserRole.getLastName()); + epUser.setPhone(ecompUserRole.getPhone()); + epUser.setEmail(ecompUserRole.getEmail()); + epUser.setOrgUserId(ecompUserRole.getOrgUserId()); + epUser.setOrgCode(ecompUserRole.getOrgCode()); + epUser.setOrgManagerUserId(ecompUserRole.getOrgManagerUserId()); + epUser.setJobTitle(ecompUserRole.getJobTitle()); + epUser.setLoginId(ecompUserRole.getLoginId()); + epUser.setActive(true); + roles = new HashSet<>(); + EcompRole ecompRole = new EcompRole(); + ecompRole.setId(ecompUserRole.getRoleId()); + ecompRole.setName(ecompUserRole.getRoleName()); + SortedSet<EcompRoleFunction> roleFunctionSet = new TreeSet<>(); + String functionCode = EcompPortalUtils.getFunctionCode(ecompUserRole.getFunctionCode()); + functionCode = EPUserUtils.decodeFunctionCode(functionCode); + EcompRoleFunction epRoleFunction = new EcompRoleFunction(); + epRoleFunction.setName(ecompUserRole.getFunctionName()); + epRoleFunction.setCode(EPUserUtils.decodeFunctionCode(functionCode)); + epRoleFunction.setType(getFunctionCodeType(ecompUserRole.getFunctionCode())); + epRoleFunction.setAction(getFunctionCodeAction(ecompUserRole.getFunctionCode())); + roleFunctionSet.add(epRoleFunction); + ecompRole.setRoleFunctions(roleFunctionSet); + roles.add(ecompRole); + epUser.setRoles(roles); + usersfinalList.add(epUser); + } + } + ObjectMapper mapper = new ObjectMapper(); + for (EcompUser u1 : usersfinalList) { + String str = mapper.writeValueAsString(u1); + usersList.add(str); + } + } catch (Exception e) { + logger.error(EELFLoggerDelegate.errorLogger, "getAllUsers failed", e); + throw e; + } + return usersfinalList; + } @Override public Role ConvertCentralRoleToRole(String result) { @@ -3185,17 +3282,16 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic } return newRole; } - + @Override @SuppressWarnings("unchecked") public List<CentralizedApp> getCentralizedAppsOfUser(String userId) { Map<String, String> params = new HashMap<>(); params.put("userId", userId); List<CentralizedApp> centralizedAppsList = new ArrayList<>(); - try{ - centralizedAppsList = dataAccessService - .executeNamedQuery("getCentralizedAppsOfUser", params, null); - }catch (Exception e) { + try { + centralizedAppsList = dataAccessService.executeNamedQuery("getCentralizedAppsOfUser", params, null); + } catch (Exception e) { logger.error(EELFLoggerDelegate.errorLogger, "getCentralizedAppsOfUser failed", e); } return centralizedAppsList; @@ -3276,15 +3372,16 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic String type; String action; CentralV2RoleFunction cenRoleFun; - if(role.getFunctionCd().contains(FUNCTION_PIPE)){ + if (role.getFunctionCd().contains(FUNCTION_PIPE)) { instance = EcompPortalUtils.getFunctionCode(role.getFunctionCd()); type = EcompPortalUtils.getFunctionType(role.getFunctionCd()); action = EcompPortalUtils.getFunctionAction(role.getFunctionCd()); cenRoleFun = new CentralV2RoleFunction(null, instance, role.getFunctionName(), null, type, action, null); - } else{ + } else { type = getFunctionCodeType(role.getFunctionCd()); action = getFunctionCodeAction(role.getFunctionCd()); - cenRoleFun = new CentralV2RoleFunction(null, role.getFunctionCd(), role.getFunctionName(), null, type, action, null); + cenRoleFun = new CentralV2RoleFunction(null, role.getFunctionCd(), role.getFunctionName(), null, type, + action, null); } return cenRoleFun; } @@ -3302,28 +3399,27 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic } private CentralV2Role convertRoleToCentralV2Role(EPRole role) { - return new CentralV2Role(role.getId(), role.getCreated(), role.getModified(), role.getCreatedId(), + return new CentralV2Role(role.getId(), role.getCreated(), role.getModified(), role.getCreatedId(), role.getModifiedId(), role.getRowNum(), role.getName(), role.getActive(), role.getPriority(), new TreeSet<>(), new TreeSet<>(), new TreeSet<>()); - } - + @Override - public List<CentralRoleFunction> convertCentralRoleFunctionToRoleFunctionObject(List<CentralV2RoleFunction> answer) { + public List<CentralRoleFunction> convertCentralRoleFunctionToRoleFunctionObject( + List<CentralV2RoleFunction> answer) { List<CentralRoleFunction> addRoleFuncList = new ArrayList<>(); - for(CentralV2RoleFunction cenRoleFunc : answer){ + for (CentralV2RoleFunction cenRoleFunc : answer) { CentralRoleFunction setRoleFunc = new CentralRoleFunction(); setRoleFunc.setCode(cenRoleFunc.getCode()); setRoleFunc.setName(cenRoleFunc.getName()); addRoleFuncList.add(setRoleFunc); - } + } return addRoleFuncList; } @Override public CentralUser getUserRoles(String loginId, String uebkey) throws Exception { CentralUser sendUserRoles = null; - try { CentralV2User cenV2User = getV2UserAppRoles(loginId, uebkey); sendUserRoles = convertV2UserRolesToOlderVersion(cenV2User); @@ -3354,6 +3450,80 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic return createEPUser(user, userAppSet, app); } + private List<EcompRole> getUserAppRoles(EPApp app, EPUser user) { + final Map<String, Long> userParams = new HashMap<>(); + userParams.put("appId", app.getId()); + userParams.put("userId", user.getId()); + @SuppressWarnings("unchecked") + List<EPUserAppCurrentRoles> userAppsRolesList = dataAccessService.executeNamedQuery("getUserAppCurrentRoles", + userParams, null); + List<EcompRole> setUserRoles = new ArrayList<>(); + for (EPUserAppCurrentRoles role : userAppsRolesList) { + logger.debug(EELFLoggerDelegate.debugLogger, "In getUserAppRoles()- get userRolename = {}", + role.getRoleName()); + EcompRole ecompRole = new EcompRole(); + ecompRole.setId(role.getRoleId()); + ecompRole.setName(role.getRoleName()); + setUserRoles.add(ecompRole); + } + logger.debug(EELFLoggerDelegate.debugLogger, "In getUserAppRoles()- get userrole list size = {}", + setUserRoles.size()); + return setUserRoles; + } + + @Override + public List<EcompRole> missingUserApplicationRoles(String uebkey, String loginId, Set<EcompRole> CurrentUserRoles) + throws Exception { + List<EPApp> appList = getApp(uebkey); + EPApp app = appList.get(0); + List<EPUser> epUserList; + epUserList = getUser(loginId); + List<EcompRole> missingUserAppRoles = new ArrayList<>(); + List<String> roleNamesList = CurrentUserRoles.stream().map(EcompRole::getName).collect(Collectors.toList()); + logger.debug(EELFLoggerDelegate.debugLogger, "Roles of User from hibernate :" + roleNamesList); + List<EcompRole> userApplicationsRolesfromDB = getUserAppRoles(app, epUserList.get(0)); + if (userApplicationsRolesfromDB.size() > 0) { + missingUserAppRoles = userApplicationsRolesfromDB.stream().filter(x -> !roleNamesList.contains(x.getName())) + .collect(Collectors.toList()); + } + List<String> MissingroleNamesList = missingUserAppRoles.stream().map(EcompRole::getName) + .collect(Collectors.toList()); + logger.debug(EELFLoggerDelegate.debugLogger, "MissingUserAppRoles():" + MissingroleNamesList); + + List<EcompRole> finalMissingRoleList = new ArrayList<>(); + if (missingUserAppRoles.size() > 0) { + final Map<String, Long> params = new HashMap<>(); + for (EcompRole role : missingUserAppRoles) { + params.put("roleId", role.getId()); + params.put(APP_ID, app.getId()); + + EcompRole epRole = new EcompRole(); + epRole.setId(role.getId()); + epRole.setName(role.getName()); + @SuppressWarnings("unchecked") + List<CentralV2RoleFunction> appRoleFunctionList = dataAccessService + .executeNamedQuery("getAppRoleFunctionList", params, null); + SortedSet<EcompRoleFunction> roleFunctionSet = new TreeSet<>(); + for (CentralV2RoleFunction roleFunc : appRoleFunctionList) { + String functionCode = EcompPortalUtils.getFunctionCode(roleFunc.getCode()); + String type = getFunctionCodeType(roleFunc.getCode()); + String action = getFunctionCodeAction(roleFunc.getCode()); + EcompRoleFunction fun = new EcompRoleFunction(); + fun.setAction(action); + fun.setCode(functionCode); + fun.setType(type); + fun.setName(roleFunc.getName()); + roleFunctionSet.add(fun); + + } + epRole.setRoleFunctions(roleFunctionSet); + finalMissingRoleList.add(epRole); + } + } + + return finalMissingRoleList; + } + /** * It converts V2 CentralUser object to old version CentralUser object * @@ -3361,56 +3531,59 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic * @return EPUser object */ private CentralUser convertV2UserRolesToOlderVersion(CentralV2User cenV2User) { - Set<CentralV2UserApp> userV2Apps = cenV2User.getUserApps(); - Set<CentralUserApp> userApps = new TreeSet<>(); - for(CentralV2UserApp userApp : userV2Apps){ - CentralApp app = userApp.getApp(); - CentralUserApp cua = new CentralUserApp(); - cua.setUserId(null); - cua.setApp(app); - SortedSet<CentralRoleFunction> cenRoleFunction = new TreeSet<>(); - for(CentralV2RoleFunction cenV2RoleFunc : userApp.getRole().getRoleFunctions() ){ - CentralRoleFunction cenRoleFunc = new CentralRoleFunction(cenV2RoleFunc.getCode(), cenV2RoleFunc.getName()); - cenRoleFunction.add(cenRoleFunc); - } - CentralRole role = new CentralRole(userApp.getRole().getId(), userApp.getRole().getName(), userApp.getRole().getActive(), userApp.getRole().getPriority(), - cenRoleFunction); - cua.setRole(role); - userApps.add(cua); - } - return new CentralUser(cenV2User.getId(), cenV2User.getCreated(), cenV2User.getModified(), - cenV2User.getCreatedId(),cenV2User.getModifiedId(), - cenV2User.getRowNum(), cenV2User.getOrgId(), cenV2User.getManagerId(), cenV2User.getFirstName(), - cenV2User.getMiddleInitial(), cenV2User.getLastName(), cenV2User.getPhone(), cenV2User.getFax(), - cenV2User.getCellular(),cenV2User.getEmail(),cenV2User.getAddressId(),cenV2User.getAlertMethodCd(), - cenV2User.getHrid(),cenV2User.getOrgUserId(),cenV2User.getOrgCode(),cenV2User.getAddress1(), - cenV2User.getAddress2(),cenV2User.getCity(),cenV2User.getState(),cenV2User.getZipCode(),cenV2User.getCountry(), - cenV2User.getOrgManagerUserId(),cenV2User.getLocationClli(),cenV2User.getBusinessCountryCode(), - cenV2User.getBusinessCountryName(),cenV2User.getBusinessUnit(),cenV2User.getBusinessUnitName(), - cenV2User.getDepartment(),cenV2User.getDepartmentName(),cenV2User.getCompanyCode(), - cenV2User.getCompany(),cenV2User.getZipCodeSuffix(),cenV2User.getJobTitle(), - cenV2User.getCommandChain(),cenV2User.getSiloStatus(),cenV2User.getCostCenter(), - cenV2User.getFinancialLocCode(),cenV2User.getLoginId(),cenV2User.getLoginPwd(), - cenV2User.getLastLoginDate(),cenV2User.isActive(),cenV2User.isInternal(),cenV2User.getSelectedProfileId(),cenV2User.getTimeZoneId(), - cenV2User.isOnline(),cenV2User.getChatId(), - userApps); + Set<CentralV2UserApp> userV2Apps = cenV2User.getUserApps(); + Set<CentralUserApp> userApps = new TreeSet<>(); + for (CentralV2UserApp userApp : userV2Apps) { + CentralApp app = userApp.getApp(); + CentralUserApp cua = new CentralUserApp(); + cua.setUserId(null); + cua.setApp(app); + SortedSet<CentralRoleFunction> cenRoleFunction = new TreeSet<>(); + for (CentralV2RoleFunction cenV2RoleFunc : userApp.getRole().getRoleFunctions()) { + CentralRoleFunction cenRoleFunc = new CentralRoleFunction(cenV2RoleFunc.getCode(), + cenV2RoleFunc.getName()); + cenRoleFunction.add(cenRoleFunc); + } + CentralRole role = new CentralRole(userApp.getRole().getId(), userApp.getRole().getName(), + userApp.getRole().getActive(), userApp.getRole().getPriority(), cenRoleFunction); + cua.setRole(role); + userApps.add(cua); + } + return new CentralUser(cenV2User.getId(), cenV2User.getCreated(), cenV2User.getModified(), + cenV2User.getCreatedId(), cenV2User.getModifiedId(), cenV2User.getRowNum(), cenV2User.getOrgId(), + cenV2User.getManagerId(), cenV2User.getFirstName(), cenV2User.getMiddleInitial(), + cenV2User.getLastName(), cenV2User.getPhone(), cenV2User.getFax(), cenV2User.getCellular(), + cenV2User.getEmail(), cenV2User.getAddressId(), cenV2User.getAlertMethodCd(), cenV2User.getHrid(), + cenV2User.getOrgUserId(), cenV2User.getOrgCode(), cenV2User.getAddress1(), cenV2User.getAddress2(), + cenV2User.getCity(), cenV2User.getState(), cenV2User.getZipCode(), cenV2User.getCountry(), + cenV2User.getOrgManagerUserId(), cenV2User.getLocationClli(), cenV2User.getBusinessCountryCode(), + cenV2User.getBusinessCountryName(), cenV2User.getBusinessUnit(), cenV2User.getBusinessUnitName(), + cenV2User.getDepartment(), cenV2User.getDepartmentName(), cenV2User.getCompanyCode(), + cenV2User.getCompany(), cenV2User.getZipCodeSuffix(), cenV2User.getJobTitle(), + cenV2User.getCommandChain(), cenV2User.getSiloStatus(), cenV2User.getCostCenter(), + cenV2User.getFinancialLocCode(), cenV2User.getLoginId(), cenV2User.getLoginPwd(), + cenV2User.getLastLoginDate(), cenV2User.isActive(), cenV2User.isInternal(), + cenV2User.getSelectedProfileId(), cenV2User.getTimeZoneId(), cenV2User.isOnline(), + cenV2User.getChatId(), userApps); } @Override public List<CentralRole> convertV2CentralRoleListToOldVerisonCentralRoleList(List<CentralV2Role> v2CenRoleList) { List<CentralRole> cenRoleList = new ArrayList<>(); - for(CentralV2Role v2CenRole : v2CenRoleList){ - SortedSet<CentralRoleFunction> cenRoleFuncList = new TreeSet<>(); - for(CentralV2RoleFunction v2CenRoleFunc: v2CenRole.getRoleFunctions()){ - CentralRoleFunction roleFunc = new CentralRoleFunction(v2CenRoleFunc.getCode(), v2CenRoleFunc.getName()); - cenRoleFuncList.add(roleFunc); - } - CentralRole role = new CentralRole(v2CenRole.getId(), v2CenRole.getName(), v2CenRole.getActive(), v2CenRole.getPriority(), cenRoleFuncList); - cenRoleList.add(role); - } + for (CentralV2Role v2CenRole : v2CenRoleList) { + SortedSet<CentralRoleFunction> cenRoleFuncList = new TreeSet<>(); + for (CentralV2RoleFunction v2CenRoleFunc : v2CenRole.getRoleFunctions()) { + CentralRoleFunction roleFunc = new CentralRoleFunction(v2CenRoleFunc.getCode(), + v2CenRoleFunc.getName()); + cenRoleFuncList.add(roleFunc); + } + CentralRole role = new CentralRole(v2CenRole.getId(), v2CenRole.getName(), v2CenRole.getActive(), + v2CenRole.getPriority(), cenRoleFuncList); + cenRoleList.add(role); + } return cenRoleList; } - + @Override public ResponseEntity<String> getNameSpaceIfExists(EPApp app) throws Exception { HttpHeaders headers = EcompPortalUtils.base64encodeKeyForAAFBasicAuth(); @@ -3433,7 +3606,7 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic } return response; } - + @Override public CentralRole convertV2CentralRoleToOldVerisonCentralRole(CentralV2Role v2CenRole) { SortedSet<CentralRoleFunction> cenRoleFuncList = new TreeSet<>(); @@ -3458,17 +3631,17 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic userRolesList = dataAccessService.executeNamedQuery("getBulkUsersForSingleRole", params, null); for (BulkUploadUserRoles userRolesUpload : userRolesList) { userRolesUpload.setRoleName(modifiedRoleName); - if(!userRolesUpload.getOrgUserId().equals("su1234")){ + if (!userRolesUpload.getOrgUserId().equals("su1234")) { addUserRoleInExternalSystem(userRolesUpload); userRolesAdded++; } } } return userRolesAdded; - } - + } + @Override - public String encodeFunctionCode(String funCode){ + public String encodeFunctionCode(String funCode) { String encodedString = funCode; List<Pattern> encodingList = new ArrayList<>(); encodingList.add(Pattern.compile("/")); @@ -3476,11 +3649,11 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic for (Pattern xssInputPattern : encodingList) { encodedString = xssInputPattern.matcher(encodedString) .replaceAll("%" + Hex.encodeHexString(xssInputPattern.toString().getBytes())); - } - encodedString = encodedString.replaceAll("\\*", "%"+ Hex.encodeHexString("*".getBytes())); + } + encodedString = encodedString.replaceAll("\\*", "%" + Hex.encodeHexString("*".getBytes())); return encodedString; } - + @Override public void bulkUploadRoleFunc(UploadRoleFunctionExtSystem data, EPApp app) throws Exception { ObjectMapper mapper = new ObjectMapper(); @@ -3488,18 +3661,16 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic try { ExternalAccessRolePerms extRolePerms; ExternalAccessPerms extPerms; - extPerms = new ExternalAccessPerms(app.getNameSpace() + "." + data.getType(), encodeFunctionCode(data.getInstance()), data.getAction()); + extPerms = new ExternalAccessPerms(app.getNameSpace() + "." + data.getType(), + encodeFunctionCode(data.getInstance()), data.getAction()); String appNameSpace = ""; - if(data.getIsGlobalRolePartnerFunc()) { - appNameSpace = epAppService.getApp(1l).getNameSpace(); + if (data.getIsGlobalRolePartnerFunc()) { + appNameSpace = epAppService.getApp(1l).getNameSpace(); } else { - appNameSpace = app.getNameSpace(); + appNameSpace = app.getNameSpace(); } - extRolePerms = new ExternalAccessRolePerms(extPerms, - appNameSpace + "." - + data.getRoleName().replaceAll( - EcompPortalUtils.EXTERNAL_CENTRAL_AUTH_ROLE_HANDLE_SPECIAL_CHARACTERS, - "_")); + extRolePerms = new ExternalAccessRolePerms(extPerms, appNameSpace + "." + data.getRoleName() + .replaceAll(EcompPortalUtils.EXTERNAL_CENTRAL_AUTH_ROLE_HANDLE_SPECIAL_CHARACTERS, "_")); String updateRolePerms = mapper.writeValueAsString(extRolePerms); HttpEntity<String> entity = new HttpEntity<>(updateRolePerms, headers); updateRoleFunctionInExternalSystem(updateRolePerms, entity); @@ -3513,7 +3684,6 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic "addFunctionInExternalSystem: Failed to add role fucntion in external central auth system", e); throw e; } - } private void updateRoleFunctionInExternalSystem(String updateRolePerms, HttpEntity<String> entity) { @@ -3526,7 +3696,7 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic "bulkUploadRoleFunc: Finished adding permission for POST: {} and status code: {} ", addPermResponse.getStatusCode().value(), updateRolePerms); } - + @Override public void syncApplicationUserRolesFromExtAuthSystem(String loginId) throws Exception { String name = ""; @@ -3587,7 +3757,8 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic if (!currentCentralizedUserAppRolesMap.containsKey(extUserRoleDetail.getName())) { CentralizedAppRoles getCenAppRole = cenAppRolesMap.get(extUserRoleDetail.getName()); if (getCenAppRole != null) { - logger.debug(EELFLoggerDelegate.debugLogger, "addUserRolesInLocal: Adding user role from external auth system {}", + logger.debug(EELFLoggerDelegate.debugLogger, + "addUserRolesInLocal: Adding user role from external auth system {}", extUserRoleDetail.toString()); EPUserApp userApp = new EPUserApp(); EPApp app = new EPApp(); @@ -3598,14 +3769,17 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic userApp.setUserId(user.getId()); userApp.setRole(epRole); dataAccessService.saveDomainObject(userApp, null); - logger.debug(EELFLoggerDelegate.debugLogger, "addUserRolesInLocal: Finished user role from external auth system {}", + logger.debug(EELFLoggerDelegate.debugLogger, + "addUserRolesInLocal: Finished user role from external auth system {}", extUserRoleDetail.toString()); - } else if (getCenAppRole == null // check if user has app account admin role + } else if (getCenAppRole == null // check if user has app + // account admin role && extUserRoleDetail.getName().endsWith(PortalConstants.ADMIN_ROLE.replaceAll( EcompPortalUtils.EXTERNAL_CENTRAL_AUTH_ROLE_HANDLE_SPECIAL_CHARACTERS, "_"))) { EPApp app = centralisedAppsMap.get(extUserRoleDetail.getName()); if (app != null) { - logger.debug(EELFLoggerDelegate.debugLogger, "addUserRolesInLocal: Adding user role from external auth system {}", + logger.debug(EELFLoggerDelegate.debugLogger, + "addUserRolesInLocal: Adding user role from external auth system {}", extUserRoleDetail.toString()); EPUserApp userApp = new EPUserApp(); EPRole epRole = new EPRole(); @@ -3614,7 +3788,8 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic userApp.setUserId(user.getId()); userApp.setRole(epRole); dataAccessService.saveDomainObject(userApp, null); - logger.debug(EELFLoggerDelegate.debugLogger, "addUserRolesInLocal: Finished user role from external auth system {}", + logger.debug(EELFLoggerDelegate.debugLogger, + "addUserRolesInLocal: Finished user role from external auth system {}", extUserRoleDetail.toString()); } } @@ -3629,13 +3804,14 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic @SuppressWarnings("unchecked") private HashMap<String, EPApp> getCentralizedAdminAppsInfo() { - List<EPApp> centralizedApps = dataAccessService - .executeNamedQuery("getCentralizedApps", null, null); + List<EPApp> centralizedApps = dataAccessService.executeNamedQuery("getCentralizedApps", null, null); HashMap<String, EPApp> centralisedAppsMap = new HashMap<>(); for (EPApp cenApp : centralizedApps) { - centralisedAppsMap.put(cenApp.getNameSpace()+ "." + - PortalConstants.ADMIN_ROLE.replaceAll( - EcompPortalUtils.EXTERNAL_CENTRAL_AUTH_ROLE_HANDLE_SPECIAL_CHARACTERS, "_"), cenApp); + centralisedAppsMap.put( + cenApp.getNameSpace() + "." + + PortalConstants.ADMIN_ROLE.replaceAll( + EcompPortalUtils.EXTERNAL_CENTRAL_AUTH_ROLE_HANDLE_SPECIAL_CHARACTERS, "_"), + cenApp); } return centralisedAppsMap; } @@ -3645,9 +3821,10 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic HashMap<String, CentralizedAppRoles> currentCentralizedUserAppRolesMap = new HashMap<>(); for (CentralizedAppRoles cenAppUserRole : currentUserAppRoles) { currentCentralizedUserAppRolesMap.put( - cenAppUserRole.getAppNameSpace() + "." + cenAppUserRole.getRoleName() - .replaceAll(EcompPortalUtils.EXTERNAL_CENTRAL_AUTH_ROLE_HANDLE_SPECIAL_CHARACTERS, "_"), - cenAppUserRole); + cenAppUserRole.getAppNameSpace() + "." + + cenAppUserRole.getRoleName().replaceAll( + EcompPortalUtils.EXTERNAL_CENTRAL_AUTH_ROLE_HANDLE_SPECIAL_CHARACTERS, "_"), + cenAppUserRole); } return currentCentralizedUserAppRolesMap; } @@ -3659,13 +3836,14 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic HashMap<String, CentralizedAppRoles> cenAppRolesMap = new HashMap<>(); for (CentralizedAppRoles CentralizedAppRole : centralizedAppRoles) { cenAppRolesMap.put( - CentralizedAppRole.getAppNameSpace() + "." + CentralizedAppRole.getRoleName() - .replaceAll(EcompPortalUtils.EXTERNAL_CENTRAL_AUTH_ROLE_HANDLE_SPECIAL_CHARACTERS, "_"), + CentralizedAppRole.getAppNameSpace() + "." + + CentralizedAppRole.getRoleName().replaceAll( + EcompPortalUtils.EXTERNAL_CENTRAL_AUTH_ROLE_HANDLE_SPECIAL_CHARACTERS, "_"), CentralizedAppRole); } return cenAppRolesMap; } - + @Override public ResponseEntity<String> getUserRolesFromExtAuthSystem(String name, HttpEntity<String> getUserRolesEntity) { logger.debug(EELFLoggerDelegate.debugLogger, "Connecting to external system to get current user roles"); @@ -3673,14 +3851,35 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic .exchange(SystemProperties.getProperty(EPCommonSystemProperties.EXTERNAL_CENTRAL_ACCESS_URL) + "roles/user/" + name, HttpMethod.GET, getUserRolesEntity, String.class); if (getResponse.getStatusCode().value() == 200) { - logger.debug(EELFLoggerDelegate.debugLogger, "getAllUserRoleFromExtAuthSystem: Finished GET user roles from external system and received user roles {}", + logger.debug(EELFLoggerDelegate.debugLogger, + "getAllUserRoleFromExtAuthSystem: Finished GET user roles from external system and received user roles {}", + getResponse.getBody()); + } else { + logger.error(EELFLoggerDelegate.errorLogger, + "getAllUserRoleFromExtAuthSystem: Failed GET user roles from external system and received user roles {}", getResponse.getBody()); - - }else{ - logger.error(EELFLoggerDelegate.errorLogger, "getAllUserRoleFromExtAuthSystem: Failed GET user roles from external system and received user roles {}",getResponse.getBody() ); EPLogUtil.logExternalAuthAccessAlarm(logger, getResponse.getStatusCode()); } return getResponse; } + @Override + public Integer updateAppRoleDescription(String uebkey) { + Integer roleDescUpdated = 0; + EPApp app; + try { + app = getApp(uebkey).get(0); + List<EPRole> roles = getAppRoles(app.getId()); + for (EPRole epRole : roles) { + Role role = new Role(); + role.setName(epRole.getName()); + boolean status = addRoleDescriptionInExtSystem(role, app); + if (status) + roleDescUpdated++; + } + } catch (Exception e) { + logger.error(EELFLoggerDelegate.errorLogger, "updateAppRoleDescription: Failed! ", e); + } + return roleDescUpdated; + } } diff --git a/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/service/UserRolesCommonServiceImpl.java b/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/service/UserRolesCommonServiceImpl.java index b0dd4a21..5d9761ce 100644 --- a/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/service/UserRolesCommonServiceImpl.java +++ b/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/service/UserRolesCommonServiceImpl.java @@ -65,6 +65,7 @@ import org.json.JSONArray; import org.json.JSONObject; import org.onap.portalapp.externalsystemapproval.model.ExternalSystemRoleApproval; import org.onap.portalapp.externalsystemapproval.model.ExternalSystemUser; +import org.onap.portalapp.portal.domain.CentralV2RoleFunction; import org.onap.portalapp.portal.domain.EPApp; import org.onap.portalapp.portal.domain.EPRole; import org.onap.portalapp.portal.domain.EPUser; @@ -98,8 +99,10 @@ import org.onap.portalapp.portal.transport.UserApplicationRoles; import org.onap.portalapp.portal.utils.EPCommonSystemProperties; import org.onap.portalapp.portal.utils.EcompPortalUtils; import org.onap.portalapp.portal.utils.PortalConstants; +import org.onap.portalapp.util.EPUserUtils; import org.onap.portalapp.util.SystemType; import org.onap.portalsdk.core.domain.Role; +import org.onap.portalsdk.core.domain.RoleFunction; import org.onap.portalsdk.core.logging.logic.EELFLoggerDelegate; import org.onap.portalsdk.core.restful.domain.EcompRole; import org.onap.portalsdk.core.service.DataAccessService; @@ -123,6 +126,8 @@ public class UserRolesCommonServiceImpl { private static EELFLoggerDelegate logger = EELFLoggerDelegate.getLogger(UserRolesCommonServiceImpl.class); private static final Object syncRests = new Object(); + + private static final String APP_ID = "appId"; @Autowired private DataAccessService dataAccessService; @@ -138,7 +143,10 @@ public class UserRolesCommonServiceImpl { private EPRoleService epRoleService; @Autowired private RoleService roleService; - + @Autowired + private AdminRolesService adminRolesService; + @Autowired + private EPAppService appService; @Autowired private ExternalAccessRolesService externalAccessRolesService; @@ -428,18 +436,25 @@ public class UserRolesCommonServiceImpl { for (EPRole ecompRole : userAppRoles) { userAppRolesMap.add(ecompRole.getId()); } + logger.debug(EELFLoggerDelegate.debugLogger, "In constructRolesInAppForUserGet() - userAppRolesMap = {}", userAppRolesMap); + } else { logger.error(EELFLoggerDelegate.errorLogger, "constructRolesInAppForUserGet has received userAppRoles list empty."); } if (appRoles != null) { + for (Role ecompRole : appRoles) { + logger.debug(EELFLoggerDelegate.debugLogger, "In constructRolesInAppForUserGet() - appRoles not null = {}", ecompRole); + if (ecompRole.getId().equals(PortalConstants.ACCOUNT_ADMIN_ROLE_ID) && !extRequestValue) continue; RoleInAppForUser roleForUser = new RoleInAppForUser(ecompRole.getId(), ecompRole.getName()); roleForUser.isApplied = userAppRolesMap.contains(ecompRole.getId()); rolesInAppForUser.add(roleForUser); + logger.debug(EELFLoggerDelegate.debugLogger, "In constructRolesInAppForUserGet() - rolesInAppForUser = {}", rolesInAppForUser); + } } else { logger.error(EELFLoggerDelegate.errorLogger, @@ -815,29 +830,31 @@ public class UserRolesCommonServiceImpl { * @return * @throws Exception */ - private EPUser addRemoteUser(List<RoleInAppForUser> roleInAppForUserList, String userId, EPApp app, ObjectMapper mapper, SearchService searchService, ApplicationsRestClientService applicationsRestClientService) throws Exception{ + private EPUser addRemoteUser(List<RoleInAppForUser> roleInAppForUserList, String userId, EPApp app, + ObjectMapper mapper, SearchService searchService, + ApplicationsRestClientService applicationsRestClientService) throws Exception { EPUser addRemoteUser = null; if (remoteUserShouldBeCreated(roleInAppForUserList)) { - createNewUserOnRemoteApp(userId, app, applicationsRestClientService, searchService, mapper, isAppUpgradeVersion(app)); + createNewUserOnRemoteApp(userId, app, applicationsRestClientService, searchService, mapper, + isAppUpgradeVersion(app)); } return addRemoteUser; } - private EPUser pushRemoteUser(List<RoleInAppForUser> roleInAppForUserList, String userId, EPApp app, ObjectMapper mapper, SearchService searchService, - ApplicationsRestClientService applicationsRestClientService) throws Exception { + ApplicationsRestClientService applicationsRestClientService,boolean appRoleIdUsed) throws Exception { EPUser addRemoteUser = null; - if (remoteUserShouldBeCreated(roleInAppForUserList)) { +// if (remoteUserShouldBeCreated(roleInAppForUserList)) { pushUserOnRemoteApp(userId, app, applicationsRestClientService, searchService, mapper, - isAppUpgradeVersion(app), roleInAppForUserList); - } + isAppUpgradeVersion(app), roleInAppForUserList, appRoleIdUsed); +// } return addRemoteUser; } protected void pushUserOnRemoteApp(String userId, EPApp app, ApplicationsRestClientService applicationsRestClientService, SearchService searchService, - ObjectMapper mapper, boolean postOpenSource, List<RoleInAppForUser> roleInAppForUserList) throws Exception { + ObjectMapper mapper, boolean postOpenSource, List<RoleInAppForUser> roleInAppForUserList,boolean appRoleIdUsed) throws Exception { EPUser client = searchService.searchUserByUserId(userId); @@ -852,18 +869,50 @@ public class UserRolesCommonServiceImpl { client.setLoginId(userId); client.setActive(true); roleInAppForUserList.removeIf(role -> role.isApplied.equals(false)); - Set<EcompRole> userRolesInRemoteApp = constructUsersRemoteAppRoles(roleInAppForUserList); SortedSet<Role> roles = new TreeSet<>(); - List<EPRole> getAppRoles = getAppRoles(app.getId()); - for (EcompRole epRole : userRolesInRemoteApp) { + + List<EPRole> getAppRoles = externalAccessRolesService.getAppRoles(app.getId()); + List<EPApp> appList = new ArrayList<>(); + appList.add(app); + List<CentralV2Role> roleList = new ArrayList<>(); + Map<String, Long> params = new HashMap<>(); + + List<EPRole> userRoles = new ArrayList<>(); + + for (RoleInAppForUser roleInappForUser : roleInAppForUserList) { + EPRole role = new EPRole(); + role.setId(roleInappForUser.getRoleId()); + role.setName(roleInappForUser.getRoleName()); + userRoles.add(role); + } + + if (appRoleIdUsed) { + List<EPRole> userAppRoles = new ArrayList<>(); + for (EPRole role : userRoles) { + EPRole appRole = getAppRoles.stream() + .filter(applicationRole -> role.getId().equals(applicationRole.getAppRoleId())).findAny() + .orElse(null); + EPRole epRole = new EPRole(); + if (appRole != null) { + epRole.setId(appRole.getId()); + epRole.setName(appRole.getName()); + } + userAppRoles.add(epRole); + } + userRoles = new ArrayList<>(); + userRoles.addAll(userAppRoles); + } + roleList = externalAccessRolesService.createCentralRoleObject(appList, userRoles, roleList, params); + + for (CentralV2Role epRole : roleList) { Role role = new Role(); EPRole appRole = getAppRoles.stream() - .filter(applicationRole -> epRole.getId().equals(applicationRole.getId())) - .findAny() - .orElse(null); - if(appRole != null) - role.setId(appRole.getAppRoleId()); + .filter(applicationRole -> epRole.getId().equals(applicationRole.getId())).findAny().orElse(null); + if (appRole != null){ + role.setId(appRole.getAppRoleId()); role.setName(epRole.getName()); + role.setRoleFunctions(epRole.getRoleFunctions()); + } roles.add(role); } client.setRoles(roles); @@ -872,23 +921,8 @@ public class UserRolesCommonServiceImpl { logger.debug(EELFLoggerDelegate.debugLogger, "about to post a client to remote application, users json = " + userInString); applicationsRestClientService.post(EPUser.class, app.getId(), userInString, String.format("/user/%s", userId)); - - } - - - public List<EPRole> getAppRoles(Long appId) throws Exception { - List<EPRole> applicationRoles = null; - final Map<String, Long> appParams = new HashMap<>(); - try { - appParams.put("appId", appId); - applicationRoles = dataAccessService.executeNamedQuery("getPartnerAppRolesList", appParams, null); - } catch (Exception e) { - logger.error(EELFLoggerDelegate.errorLogger, "getAppRoles: failed", e); - throw e; - } - return applicationRoles; } - + /** * It checks whether the remote user exists or not * if exits returns user object else null @@ -929,10 +963,11 @@ public class UserRolesCommonServiceImpl { * setAppWithUserRoleStateForUser(org.onap.portalapp.portal.domain. * EPUser, org.onap.portalapp.portal.transport.AppWithRolesForUser) */ - public boolean setAppWithUserRoleStateForUser(EPUser user, AppWithRolesForUser newAppRolesForUser) { + public ExternalRequestFieldsValidator setAppWithUserRoleStateForUser(EPUser user, AppWithRolesForUser newAppRolesForUser) { boolean result = false; boolean epRequestValue = false; String userId = ""; + String reqMessage = ""; if (newAppRolesForUser != null && newAppRolesForUser.orgUserId != null) { userId = newAppRolesForUser.orgUserId.trim(); } @@ -949,11 +984,10 @@ public class UserRolesCommonServiceImpl { // if centralized app if (app.getCentralAuth()) { if (!app.getId().equals(PortalConstants.PORTAL_APP_ID)) { - pushRemoteUser(roleInAppForUserList, userId, app, mapper, searchService, - applicationsRestClientService); + pushRemoteUser(roleInAppForUserList, userId, app, mapper, searchService, + applicationsRestClientService,false); } - Set<EcompRole> userRolesInLocalApp = postUsersRolesToLocalApp(roleInAppForUserList, mapper, applicationsRestClientService, appId, userId); RolesInAppForUser rolesInAppForUser = constructRolesInAppForUserUpdate(userId, appId, @@ -982,8 +1016,7 @@ public class UserRolesCommonServiceImpl { if (remoteAppUser == null) { remoteAppUser = addRemoteUser(roleInAppForUserList, userId, app, mapper, searchService, applicationsRestClientService); } - if (remoteAppUser != null) { - Set<EcompRole> userRolesInRemoteApp = postUsersRolesToRemoteApp(roleInAppForUserList, mapper, + Set<EcompRole> userRolesInRemoteApp = postUsersRolesToRemoteApp(roleInAppForUserList, mapper, applicationsRestClientService, appId, userId); RolesInAppForUser rolesInAppForUser = constructRolesInAppForUserUpdate(userId, appId, userRolesInRemoteApp); @@ -994,22 +1027,32 @@ public class UserRolesCommonServiceImpl { logger.debug(EELFLoggerDelegate.debugLogger, "setAppWithUserRoleStateForUser: no roles in app {}, set user {} to inactive", app, userId); - remoteAppUser.setActive(false); + //remoteAppUser.setActive(false); postUserToRemoteApp(userId, user, app, applicationsRestClientService); - } } } } } catch (Exception e) { + /*String message = String.format( + "Failed to create user or update user roles for User %s, AppId %s", + userId, Long.toString(appId)); + logger.error(EELFLoggerDelegate.errorLogger, message, e); + result = false;*/ + String message = String.format( "Failed to create user or update user roles for User %s, AppId %s", userId, Long.toString(appId)); logger.error(EELFLoggerDelegate.errorLogger, message, e); result = false; + reqMessage = e.getMessage(); + + } } - return result; + //return result; + return new ExternalRequestFieldsValidator(result, reqMessage); + } /** * It adds user roles in External system and also make data consistent in both local and in External System @@ -1053,10 +1096,8 @@ public class UserRolesCommonServiceImpl { if (extRoles.getJSONObject(i).getString("name").startsWith(app.getNameSpace() + ".") && !extRoles.getJSONObject(i).getString("name").equals(app.getNameSpace() + ".admin") && !extRoles.getJSONObject(i).getString("name").equals(app.getNameSpace() + ".owner")) { - ObjectMapper descMapper = new ObjectMapper(); - if (extRoles.getJSONObject(i).has("description") && EcompPortalUtils.isJSONValid(extRoles.getJSONObject(i).getString("description"))) { - ExternalRoleDescription desc = descMapper.readValue( - extRoles.getJSONObject(i).getString("description"), ExternalRoleDescription.class); + if (extRoles.getJSONObject(i).has("description")) { + ExternalRoleDescription desc = new ExternalRoleDescription(extRoles.getJSONObject(i).getString("description")); userRoleDetail = new ExternalAccessUserRoleDetail( extRoles.getJSONObject(i).getString("name"), desc); userRoleDetailList.add(userRoleDetail); @@ -1157,7 +1198,7 @@ public class UserRolesCommonServiceImpl { private List<ExternalAccessUserRoleDetail> CheckIfRoleAreMatchingInUserRoleDetailList( List<ExternalAccessUserRoleDetail> userRoleDetailList, EPApp app) { - Map<String, EPRole> epRoleList = externalAccessRolesService.getCurrentRolesInDB(app); + Map<String, EPRole> epRoleList = externalAccessRolesService.getAppRoleNamesWithUnderscoreMap(app); //Add Account Admin role for partner app to prevent conflict if(!app.getId().equals(PortalConstants.PORTAL_APP_ID)) { EPRole role = new EPRole(); @@ -1352,7 +1393,7 @@ public class UserRolesCommonServiceImpl { final Map<String, Long> params = new HashMap<>(); final Map<String, String> userParams = new HashMap<>(); List<EPUser> userInfo = null; - EPUser userId = null; + EPUser user = null; List<EPUserAppRolesRequest> epRequestId = null; String orgUserId = ""; String updateStatus = ""; @@ -1377,9 +1418,9 @@ public class UserRolesCommonServiceImpl { } if (userInfo.size() != 0 || !userInfo.isEmpty()) { validateExternalRequestFields(userInfo, app); - userId = userInfo.get(0); + user = userInfo.get(0); params.put("appId", app.getId()); - params.put("userId", userId.getId()); + params.put("userId", user.getId()); epRequestId = (List<EPUserAppRolesRequest>) dataAccessService .executeNamedQuery("userAppRolesRequestList", params, null); epRequestIdSize = epRequestId.size(); @@ -1399,7 +1440,7 @@ public class UserRolesCommonServiceImpl { List<EcompUserAppRoles> userRoleList = null; if(!userInfo.isEmpty()){ final Map<String, Long> appParams = new HashMap<>(); - appParams.put("userId", userId.getId()); + appParams.put("userId", user.getId()); appParams.put("appId", app.getId()); userRoleList = dataAccessService.executeNamedQuery("getUserAppExistingRoles", appParams, null); } @@ -1416,17 +1457,20 @@ public class UserRolesCommonServiceImpl { if (app.getCentralAuth()) { // We should add If user does not exist in remote application try { - // If adding just account admin role dont make remote application user call - if (!app.getId().equals(PortalConstants.PORTAL_APP_ID) && !(checkIfAdminRoleExists - && reqType.equals("DELETE")) && roleInAppForUserList.size() > 1) { - EPUser remoteAppUser = null; - remoteAppUser = checkIfRemoteUserExits(orgUserId, app, - applicationsRestClientService); - if (remoteAppUser == null) { - addRemoteUser(roleInAppForUserList, orgUserId, app, mapper, searchService, - applicationsRestClientService); - reqMessage = "Saved Successfully"; - } + // If adding just account admin role dont make remote application user call or + // if request has only single non admin role then make remote call + if (!(app.getId().equals(PortalConstants.PORTAL_APP_ID) && reqType.equals("DELETE")) + && ((checkIfAdminRoleExists && roleInAppForUserList.size() > 1) + || (!checkIfAdminRoleExists && roleInAppForUserList.size() >= 1))) { + // check if admin role exist then delete + List<RoleInAppForUser> remoteUserRoles = roleInAppForUserList.stream() + .collect(Collectors.toList()); + remoteUserRoles.removeIf(role -> { + return (role.getRoleId().equals(PortalConstants.ACCOUNT_ADMIN_ROLE_ID)); + }); + String orgUserIdNewOrExist = (userInfo.size() != 0 || !userInfo.isEmpty()) ? user.getOrgUserId() : orgUserId; + pushRemoteUser(remoteUserRoles, orgUserIdNewOrExist , app, mapper, searchService, + applicationsRestClientService,true); } } catch (Exception e) { reqMessage = e.getMessage(); @@ -1455,34 +1499,35 @@ public class UserRolesCommonServiceImpl { result = applyChangesInUserRolesForAppToEcompDB(rolesInAppForUser, externalSystemRequest, reqType); } else {// remote app // If adding just account admin role don't do remote application user call - if(!((roleInAppForUserList.size() == 1 || reqType.equals("DELETE")) && checkIfAdminRoleExists)){ - EPUser remoteAppUser = null; + if (!((roleInAppForUserList.size() == 1 || reqType.equals("DELETE")) && checkIfAdminRoleExists)) { + EPUser remoteAppUser = null; remoteAppUser = checkIfRemoteUserExits(orgUserId, app, applicationsRestClientService); - if (remoteAppUser == null) { - remoteAppUser = addRemoteUser(roleInAppForUserList, orgUserId, app, mapper, searchService, applicationsRestClientService); - reqMessage = "Saved Successfully"; - } - if (remoteAppUser != null) { - Set<EcompRole> userRolesInRemoteApp = postUsersRolesToRemoteApp(roleInAppForUserList, - mapper, applicationsRestClientService, app.getId(), orgUserId); - - RolesInAppForUser rolesInAppForUser = constructRolesInAppForUserUpdate(orgUserId, - app.getId(), userRolesInRemoteApp); - logger.info(EELFLoggerDelegate.debugLogger, "setExternalRequestUserAppRole: {} user app roles: for app {}, user {}", - logMessage, newAppRolesForUser.getApplicationName(), - newAppRolesForUser.getLoginId()); - result = applyChangesInUserRolesForAppToEcompDB(rolesInAppForUser, externalSystemRequest, - reqType); - // If no roles remain, request app to set user inactive. - /*if (userRolesInRemoteApp.size() == 0) { - logger.debug(EELFLoggerDelegate.debugLogger, - "setAppWithUserRoleStateForUser: no roles in app {}, set user {} to inactive", app, - orgUserId); - //TODO Need to fix the logged in user is not set to inactive - remoteAppUser.setActive(false); - postUserToRemoteApp(orgUserId, user, app, applicationsRestClientService); - }*/ + if (remoteAppUser == null) { + addRemoteUser(roleInAppForUserList, orgUserId, app, mapper, searchService, + applicationsRestClientService); + reqMessage = "Saved Successfully"; } + + Set<EcompRole> userRolesInRemoteApp = postUsersRolesToRemoteApp(roleInAppForUserList, mapper, + applicationsRestClientService, app.getId(), orgUserId); + + RolesInAppForUser rolesInAppForUser = constructRolesInAppForUserUpdate(orgUserId, app.getId(), + userRolesInRemoteApp); + logger.info(EELFLoggerDelegate.debugLogger, + "setExternalRequestUserAppRole: {} user app roles: for app {}, user {}", logMessage, + newAppRolesForUser.getApplicationName(), newAppRolesForUser.getLoginId()); + result = applyChangesInUserRolesForAppToEcompDB(rolesInAppForUser, externalSystemRequest, + reqType); + // If no roles remain, request app to set user inactive. + /* + * if (userRolesInRemoteApp.size() == 0) { + * logger.debug(EELFLoggerDelegate.debugLogger, + * "setAppWithUserRoleStateForUser: no roles in app {}, set user {} to inactive" + * , app, orgUserId); //TODO Need to fix the logged in user is not set to + * inactive remoteAppUser.setActive(false); postUserToRemoteApp(orgUserId, user, + * app, applicationsRestClientService); } + */ + } else { // Here we are adding only we have single account admin in roleInAppForUserList and this should not add in remote if(!(reqType.equals("DELETE")) && userInfo.isEmpty()){ @@ -1502,7 +1547,7 @@ public class UserRolesCommonServiceImpl { } if (epRequestIdSize > 0 && !userInfo.isEmpty()) { updateStatus = "C"; - applyChangesToAppRolesRequest(app.getId(), userId.getId(), updateStatus, epRequestId.get(0)); + applyChangesToAppRolesRequest(app.getId(), user.getId(), updateStatus, epRequestId.get(0)); } } } catch (Exception e) { @@ -1513,7 +1558,7 @@ public class UserRolesCommonServiceImpl { reqMessage = e.getMessage(); if(epRequestIdSize > 0 && userInfo!=null && !userInfo.isEmpty()){ updateStatus = "F"; - applyChangesToAppRolesRequest(app.getId(), userId.getId(), + applyChangesToAppRolesRequest(app.getId(), user.getId(), updateStatus, epRequestId.get(0)); } } @@ -1634,157 +1679,290 @@ public class UserRolesCommonServiceImpl { * getAppRolesForUser(java.lang.Long, java.lang.String) */ @SuppressWarnings("unchecked") - public List<RoleInAppForUser> getAppRolesForUser(Long appId, String userId, Boolean extRequestValue) { - - List<RoleInAppForUser> rolesInAppForUser = null; - EPApp app = appsService.getApp(appId); - try { - // for onap portal app, no need to make a remote call - List<Role> roleList = new ArrayList<>(); - if (appId == PortalConstants.PORTAL_APP_ID) { - if(app.getCentralAuth()){ - List<CentralV2Role> cenRoleList = externalAccessRolesService.getRolesForApp(app.getUebKey()); - for(CentralV2Role cenRole : cenRoleList){ - Role role = new Role(); - role.setActive(cenRole.getActive()); - role.setId(cenRole.getId()); - role.setName(cenRole.getName()); - role.setPriority(cenRole.getPriority()); - roleList.add(role); - } - }else{ - roleList = roleService.getAvailableRoles(userId); + public List<RoleInAppForUser> getAppRolesForUser(Long appId, String userId, Boolean extRequestValue,EPUser user) { + List<RoleInAppForUser> rolesInAppForUser = null; + EPApp app = appsService.getApp(appId); + logger.debug(EELFLoggerDelegate.debugLogger, "In getAppRolesForUser() - app = {}", app); + try { + // for onap portal app, no need to make a remote call + List<Role> roleList = new ArrayList<>(); + if (appId == PortalConstants.PORTAL_APP_ID) { + if(app.getCentralAuth()){ + List<CentralV2Role> cenRoleList = externalAccessRolesService.getRolesForApp(app.getUebKey()); + for(CentralV2Role cenRole : cenRoleList){ + Role role = new Role(); + role.setActive(cenRole.getActive()); + role.setId(cenRole.getId()); + role.setName(cenRole.getName()); + role.setPriority(cenRole.getPriority()); + roleList.add(role); } - List<Role> activeRoleList = new ArrayList<Role>(); - for(Role role: roleList) { - if(role.getActive()) { - if(role.getId() != 1){ // prevent portal admin from being added - activeRoleList.add(role); - } else if(extRequestValue){ - activeRoleList.add(role); - } + }else{ + roleList = roleService.getAvailableRoles(userId); + } + List<Role> activeRoleList = new ArrayList<Role>(); + for(Role role: roleList) { + if(role.getActive()) { + if(role.getId() != 1){ // prevent portal admin from being added + activeRoleList.add(role); + } else if(extRequestValue){ + activeRoleList.add(role); } - - } - EPUser localUser = getUserFromApp(userId, app, applicationsRestClientService); - // If localUser does not exists return roles - Set<EPRole> roleSet = null; - EPRole[] roleSetList = null; - if(localUser != null){ - roleSet = localUser.getAppEPRoles(app); - roleSetList = roleSet.toArray(new EPRole[0]); } - rolesInAppForUser = constructRolesInAppForUserGet(activeRoleList, roleSetList, extRequestValue); - return rolesInAppForUser; + } - - EcompRole[] appRoles = null; - List<EcompRole> roles = new ArrayList<>(); - if(app.getCentralAuth()){ - final Map<String, Long> appParams = new HashMap<>(); + EPUser localUser = getUserFromApp(userId, app, applicationsRestClientService); + // If localUser does not exists return roles + Set<EPRole> roleSet = null; + EPRole[] roleSetList = null; + if(localUser != null){ + roleSet = localUser.getAppEPRoles(app); + roleSetList = roleSet.toArray(new EPRole[0]); + } + rolesInAppForUser = constructRolesInAppForUserGet(activeRoleList, roleSetList, extRequestValue); + return rolesInAppForUser; + } + + EcompRole[] appRoles = null; + List<EcompRole> roles = new ArrayList<>(); + if (app.getCentralAuth()) { + final Map<String, Long> appParams = new HashMap<>(); appParams.put("appId", app.getId()); - List<EPRole> applicationRoles = dataAccessService.executeNamedQuery("getActiveRolesOfApplication", appParams, null); - for(EPRole role : applicationRoles){ + List<EPRole> applicationRoles = dataAccessService.executeNamedQuery("getActiveRolesOfApplication", + appParams, null); + + EPApp application = appService.getApp(appId); + boolean checkIfUserisApplicationAccAdmin = adminRolesService.isAccountAdminOfApplication(user, + application); + + List<EPRole> rolesetwithfunctioncds = new ArrayList<EPRole>(); + for (EPRole role : applicationRoles) { + Map<String, Long> params = new HashMap<>(); + params.put("roleId", role.getId()); + params.put(APP_ID, app.getId()); + List<CentralV2RoleFunction> cenRoleFuncList = dataAccessService + .executeNamedQuery("getAppRoleFunctionList", params, null); + + // SortedSet<CentralV2RoleFunction> roleFunctionSet = + // new TreeSet<>(); + SortedSet<RoleFunction> roleFunctionSet = new TreeSet<>(); + for (CentralV2RoleFunction roleFunc : cenRoleFuncList) { + + String functionCode = EcompPortalUtils.getFunctionCode(roleFunc.getCode()); + functionCode = EPUserUtils.decodeFunctionCode(functionCode); + String type = externalAccessRolesService.getFunctionCodeType(roleFunc.getCode()); + String action = externalAccessRolesService.getFunctionCodeAction(roleFunc.getCode()); + String name = roleFunc.getName(); + + RoleFunction function = new RoleFunction(); + function.setAction(action); + function.setType(type); + function.setCode(functionCode); + function.setName(name); + roleFunctionSet.add(function); + role.setRoleFunctions(roleFunctionSet); + + } + rolesetwithfunctioncds.add(role); + + + } + + for (EPRole role1 : rolesetwithfunctioncds) { EcompRole ecompRole = new EcompRole(); - ecompRole.setId(role.getId()); - ecompRole.setName(role.getName()); + ecompRole.setId(role1.getId()); + ecompRole.setName(role1.getName()); + ecompRole.setRoleFunctions(role1.getRoleFunctions()); roles.add(ecompRole); + + } + if (checkIfUserisApplicationAccAdmin) { + appRoles = roles.toArray(new EcompRole[roles.size()]); + logger.debug(EELFLoggerDelegate.debugLogger, "In getAppRolesForUser() If Logged in user checkIfUserisApplicationAccAdmin- appRoles = {}", appRoles); + } else if (adminRolesService.isRoleAdmin(user) && !checkIfUserisApplicationAccAdmin) { + List<EcompRole> roleAdminAppRoles = new ArrayList<>(); + List<String> roleAdminAppRolesNames = new ArrayList<>(); + final Map<String, Long> userParams = new HashMap<>(); + userParams.put("userId", user.getId()); + List<String> getUserApproverRoles = dataAccessService.executeNamedQuery("getUserApproverRoles", userParams, null); + + List<EcompRole> userapproverRolesList = new ArrayList<>(); + for (String str : getUserApproverRoles) { + EcompRole epRole = roles.stream().filter(x -> str.equals(x.getName())).findAny().orElse(null); + if (epRole != null) + userapproverRolesList.add(epRole); + } +// roles.removeAll(userapproverRolesList); + for (EcompRole role : userapproverRolesList) { + + List<RoleFunction> roleFunList = new ArrayList<>(); + roleFunList.addAll(role.getRoleFunctions()); + boolean checkIfFunctionsExits = roleFunList.stream() + .anyMatch(roleFunction -> roleFunction.getType().equalsIgnoreCase("Approver")); + if (checkIfFunctionsExits) { + roleAdminAppRoles.add(role); + List<RoleFunction> filteredList = roleFunList.stream() + .filter(x -> "Approver".equalsIgnoreCase(x.getType())).collect(Collectors.toList()); + roleAdminAppRolesNames.addAll(filteredList.stream().map(RoleFunction::getCode) + .collect(Collectors.toList())); +// roleAdminAppRolesNames = filteredList.stream().map(RoleFunction::getCode) +// .collect(Collectors.toList()); + } + } + for (String name : roleAdminAppRolesNames) { + EcompRole ecompRole = roles.stream().filter(x -> name.equals(x.getName())).findAny() + .orElse(null); + if (ecompRole != null) + roleAdminAppRoles.add(ecompRole); + + } + appRoles = roleAdminAppRoles.toArray(new EcompRole[roleAdminAppRoles.size()]); + } - appRoles = roles.toArray(new EcompRole[roles.size()]); } else{ - appRoles = applicationsRestClientService.get(EcompRole[].class, appId, "/roles"); + appRoles = applicationsRestClientService.get(EcompRole[].class, appId, "/roles"); + } + // Test this error case, for generating an internal ONAP Portal + // error + // EcompRole[] appRoles = null; + // If there is an exception in the rest client api, then null will + // be returned. + if (appRoles != null) { + if(!app.getCentralAuth()) { + syncAppRoles(sessionFactory, appId, appRoles); } - // Test this error case, for generating an internal ONAP Portal - // error - // EcompRole[] appRoles = null; - // If there is an exception in the rest client api, then null will - // be returned. - if (appRoles != null) { - if(!app.getCentralAuth()) { - syncAppRoles(sessionFactory, appId, appRoles); - } - EcompRole[] userAppRoles = null; + EcompRole[] userAppRoles = null; + try { try { - try { - if(app.getCentralAuth()){ - final Map<String, String> params = new HashMap<>(); - final Map<String, Long> userParams = new HashMap<>(); - params.put("orgUserIdValue", userId); - List<EPUser> user = dataAccessService.executeNamedQuery("epUserAppId", params, null); - userParams.put("appId", app.getId()); - userParams.put("userId", user.get(0).getId()); - List<EPUserAppCurrentRoles> userAppsRolesList = dataAccessService.executeNamedQuery("getUserAppCurrentRoles", userParams, null); - List<EcompRole> setUserRoles = new ArrayList<>(); - for(EPUserAppCurrentRoles role : userAppsRolesList){ - EcompRole ecompRole = new EcompRole(); - ecompRole.setId(role.getRoleId()); - ecompRole.setName(role.getRoleName()); - setUserRoles.add(ecompRole); + + if(app.getCentralAuth()){ + final Map<String, String> params = new HashMap<>(); + final Map<String, Long> userParams = new HashMap<>(); + params.put("orgUserIdValue", userId); + List<EPUser> actualUser = dataAccessService.executeNamedQuery("epUserAppId", params, null); + userParams.put("appId", app.getId()); + userParams.put("userId", actualUser.get(0).getId()); + List<EPUserAppCurrentRoles> userAppsRolesList = dataAccessService.executeNamedQuery("getUserAppCurrentRoles", userParams, null); + + List<EcompRole> setUserRoles = new ArrayList<>(); + for(EPUserAppCurrentRoles role : userAppsRolesList){ + logger.debug(EELFLoggerDelegate.debugLogger, "In getAppRolesForUser() - userAppsRolesList get userRolename = {}", role.getRoleName()); + EcompRole ecompRole = new EcompRole(); + ecompRole.setId(role.getRoleId()); + ecompRole.setName(role.getRoleName()); + setUserRoles.add(ecompRole); + } + + boolean checkIfUserisAccAdmin = setUserRoles.stream() + .anyMatch(ecompRole -> ecompRole.getId() == 999L); + + if (!checkIfUserisAccAdmin) { + List<EcompRole> userApplicationRolesList = setUserRoles; + List<EcompRole> appRolesList = Arrays.asList(appRoles); + Set<EcompRole> finalUserAppRolesList = new HashSet<>(); + + List<String> roleNames = new ArrayList<>(); + for (EcompRole role : userApplicationRolesList) { + EcompRole epRole = appRolesList.stream() + .filter(x -> role.getName().equals(x.getName())).findAny().orElse(null); + List<RoleFunction> roleFunList = new ArrayList<>(); + if(epRole.getRoleFunctions().size()>0) + roleFunList.addAll(epRole.getRoleFunctions()); + boolean checkIfFunctionsExits = roleFunList.stream().anyMatch( + roleFunction -> roleFunction.getType().equalsIgnoreCase("Approver")); + if (checkIfFunctionsExits) { + finalUserAppRolesList.add(role); + List<RoleFunction> filteredList = roleFunList.stream() + .filter(x -> "Approver".equalsIgnoreCase(x.getType())) + .collect(Collectors.toList()); + roleNames = filteredList.stream().map(RoleFunction::getCode) + .collect(Collectors.toList()); + } + + for (String name : roleNames) { + EcompRole ecompRole = appRolesList.stream() + .filter(x -> name.equals(x.getName())).findAny().orElse(null); + if (ecompRole != null) + finalUserAppRolesList.add(ecompRole); + } } - userAppRoles = setUserRoles.toArray(new EcompRole[setUserRoles.size()]); - rolesInAppForUser = constructRolesInAppForUserGet(appRoles, userAppRoles); - return rolesInAppForUser; - }else{ - userAppRoles = applicationsRestClientService.get(EcompRole[].class, appId, - String.format("/user/%s/roles", userId)); - } - } catch (HTTPException e) { - // Some apps are returning 400 if user is not found. - if (e.getResponseCode() == 400) { - logger.debug(EELFLoggerDelegate.debugLogger, - "getAppRolesForUser caught exception with response code 400; continuing", e); - } else { - // Other response code, let it come thru. - throw e; - } + + + for (String name : roleNames) { + + boolean checkIfFunctionsExits = userAppsRolesList.stream().anyMatch( + role -> role.getRoleName().equalsIgnoreCase(name)); + if(checkIfFunctionsExits) + { + EcompRole epRole = appRolesList.stream().filter(x -> name.equals(x.getName())) + .findAny().orElse(null); + if(epRole != null) + setUserRoles.add(epRole); + } + + } + userAppRoles = setUserRoles.toArray(new EcompRole[setUserRoles.size()]); + } + }else{ + userAppRoles = applicationsRestClientService.get(EcompRole[].class, appId, + String.format("/user/%s/roles", userId)); } - if (userAppRoles == null) { - if (EcompPortalUtils.getExternalAppResponseCode() == 400) { - EcompPortalUtils.setExternalAppResponseCode(200); - String message = String.format( - "getAppRolesForUser: App %s, User %, endpoint /user/{userid}/roles returned 400, " - + "assuming user doesn't exist, app is framework SDK based, and things are ok. " - + "Overriding to 200 until framework SDK returns a useful response.", - Long.toString(appId), userId); - logger.warn(EELFLoggerDelegate.applicationLogger, message); - } + } catch (HTTPException e) { + // Some apps are returning 400 if user is not found. + if (e.getResponseCode() == 400) { + logger.debug(EELFLoggerDelegate.debugLogger, + "getAppRolesForUser caught exception with response code 400; continuing", e); + } else { + // Other response code, let it come thru. + throw e; } - - HashMap<Long, EcompRole> appRolesActiveMap =hashMapFromEcompRoles(appRoles); - ArrayList<EcompRole> activeRoles = new ArrayList<EcompRole>(); - if(userAppRoles != null){ - for (int i = 0; i < userAppRoles.length; i++) { - if (appRolesActiveMap.containsKey(userAppRoles[i].getId())) { - EcompRole role = new EcompRole(); - role.setId(userAppRoles[i].getId()); - role.setName(userAppRoles[i].getName()); - activeRoles.add(role); - } + } + if (userAppRoles == null) { + if (EcompPortalUtils.getExternalAppResponseCode() == 400) { + EcompPortalUtils.setExternalAppResponseCode(200); + String message = String.format( + "getAppRolesForUser: App %s, User %, endpoint /user/{userid}/roles returned 400, " + + "assuming user doesn't exist, app is framework SDK based, and things are ok. " + + "Overriding to 200 until framework SDK returns a useful response.", + Long.toString(appId), userId); + logger.warn(EELFLoggerDelegate.applicationLogger, message); + } + } + + HashMap<Long, EcompRole> appRolesActiveMap =hashMapFromEcompRoles(appRoles); + ArrayList<EcompRole> activeRoles = new ArrayList<EcompRole>(); + if(userAppRoles != null){ + for (int i = 0; i < userAppRoles.length; i++) { + if (appRolesActiveMap.containsKey(userAppRoles[i].getId())) { + EcompRole role = new EcompRole(); + role.setId(userAppRoles[i].getId()); + role.setName(userAppRoles[i].getName()); + activeRoles.add(role); } } - EcompRole[] userAppRolesActive = activeRoles.toArray(new EcompRole[activeRoles.size()]); - - // If the remote application isn't down we MUST sync user - // roles here in case we have this user here! - syncUserRoles(sessionFactory, userId, appId, userAppRolesActive, extRequestValue, null); - } catch (Exception e) { - // TODO: we may need to check if user exists, maybe remote - // app is down. - String message = String.format( - "getAppRolesForUser: user %s does not exist in remote application %s", userId, - Long.toString(appId)); - logger.error(EELFLoggerDelegate.errorLogger, message, e); - userAppRoles = new EcompRole[0]; - } - rolesInAppForUser = constructRolesInAppForUserGet(appRoles, userAppRoles); + } + EcompRole[] userAppRolesActive = activeRoles.toArray(new EcompRole[activeRoles.size()]); + + // If the remote application isn't down we MUST sync user + // roles here in case we have this user here! + syncUserRoles(sessionFactory, userId, appId, userAppRolesActive, extRequestValue, null); + } catch (Exception e) { + // TODO: we may need to check if user exists, maybe remote + // app is down. + String message = String.format( + "getAppRolesForUser: user %s does not exist in remote application %s", userId, + Long.toString(appId)); + logger.error(EELFLoggerDelegate.errorLogger, message, e); + userAppRoles = new EcompRole[0]; } - } catch (Exception e) { - String message = String.format("getAppRolesForUser: failed for User %s, AppId %s", userId, - Long.toString(appId)); - logger.error(EELFLoggerDelegate.errorLogger, message, e); + rolesInAppForUser = constructRolesInAppForUserGet(appRoles, userAppRoles); } - return rolesInAppForUser; - + } catch (Exception e) { + String message = String.format("getAppRolesForUser: failed for User %s, AppId %s", userId, + Long.toString(appId)); + logger.error(EELFLoggerDelegate.errorLogger, message, e); + } + return rolesInAppForUser; } private boolean postUserRolesToMylogins(AppWithRolesForUser userAppRolesData, @@ -1974,16 +2152,49 @@ public class UserRolesCommonServiceImpl { * @param app * @return */ + @SuppressWarnings("unchecked") private List<RemoteRole> convertToRemoteRoleList(EPUser user, EPApp app) { List<RemoteRole> roleList = new ArrayList<RemoteRole>(); SortedSet<EPRole> roleSet = user.getAppEPRoles(app); for (EPRole role : roleSet) { + logger.debug(EELFLoggerDelegate.debugLogger, "In convertToRemoteRoleList() - for user {}, found Name {}", user.getOrgUserId(), role.getName()); RemoteRole rRole = new RemoteRole(); rRole.setId(role.getId()); rRole.setName(role.getName()); roleList.add(rRole); } + + //Get the active roles of user for that application using query + List<EPRole> userEpRoleList = new ArrayList<>(); + final Map<String, Long> params = new HashMap<>(); + params.put("appId", app.getId()); + params.put("userId", user.getId()); + userEpRoleList = dataAccessService.executeNamedQuery("getUserRoleOnUserIdAndAppId", params, null); + + for (EPRole remoteUserRoleList : userEpRoleList) { + + RemoteRole remoteRoleListId = roleList.stream().filter(x -> remoteUserRoleList.getId().equals(x.getId())) + .findAny().orElse(null); + if (remoteRoleListId == null) { + logger.debug(EELFLoggerDelegate.debugLogger, + "Adding the role to the rolelist () - for user {}, found Name {}", user.getOrgUserId(), + + remoteUserRoleList.getName()); + RemoteRole role = new RemoteRole(); + role.setId(remoteUserRoleList.getId()); + role.setName(remoteUserRoleList.getName()); + + roleList.add(role); + } + + } + + logger.debug(EELFLoggerDelegate.debugLogger, "rolelist size of the USER() - for user {}, found RoleListSize {}", user.getOrgUserId(), roleList.size()); + return roleList; + + + } public RemoteUserWithRoles[] doGetUsers(boolean postOpenSource, String remoteUsersString) { @@ -2013,4 +2224,20 @@ public class UserRolesCommonServiceImpl { return userRoleList; } + + /*public static void main(String[] args) { + List<EcompRole> str1 = new ArrayList<String>(); + str1.add("A"); + str1.add("B"); + str1.add("C"); + str1.add("D"); + + List<String> str2 = new ArrayList<String>(); + str2.add("D"); + str2.add("E"); + + List<EcompRole> userApplicationRolesList = setUserRoles; + List<EcompRole> appRolesList = Arrays.asList(appRoles); + + }*/ } diff --git a/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/service/UserRolesService.java b/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/service/UserRolesService.java index bbae4a6a..49a50117 100644 --- a/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/service/UserRolesService.java +++ b/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/service/UserRolesService.java @@ -64,11 +64,12 @@ public interface UserRolesService { * ID of row in fn_user * @param extRequestValue * set to false if request is from users page otherwise true + * @param * @return List<RoleInAppForUser> */ - public List<RoleInAppForUser> getAppRolesForUser(Long appId, String userId, Boolean extRequestValue); + public List<RoleInAppForUser> getAppRolesForUser(Long appId, String userId, Boolean extRequestValue, EPUser user ); - public boolean setAppWithUserRoleStateForUser(EPUser user, AppWithRolesForUser newAppRolesForUser); + public ExternalRequestFieldsValidator setAppWithUserRoleStateForUser(EPUser user, AppWithRolesForUser newAppRolesForUser); public List<UserApplicationRoles> getUsersFromAppEndpoint(Long appId) throws HTTPException; diff --git a/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/transport/CentralUserApp.java b/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/transport/CentralUserApp.java index 1eb27e7f..6d960043 100644 --- a/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/transport/CentralUserApp.java +++ b/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/transport/CentralUserApp.java @@ -46,7 +46,7 @@ public class CentralUserApp implements Serializable, Comparable { private Long userId; private CentralApp app; private CentralRole role; - private Short priority; + private Integer priority; /** * @return the userId @@ -96,7 +96,7 @@ public class CentralUserApp implements Serializable, Comparable { /** * @return the priority */ - public Short getPriority() { + public Integer getPriority() { return priority; } @@ -104,7 +104,7 @@ public class CentralUserApp implements Serializable, Comparable { * @param priority * the priority to set */ - public void setPriority(Short priority) { + public void setPriority(Integer priority) { this.priority = priority; } diff --git a/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/transport/CentralV2UserApp.java b/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/transport/CentralV2UserApp.java index 0f4bc783..2ada8ed1 100644 --- a/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/transport/CentralV2UserApp.java +++ b/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/transport/CentralV2UserApp.java @@ -49,7 +49,7 @@ public class CentralV2UserApp implements Serializable, Comparable{ private Long userId; private CentralApp app; private CentralV2Role role; - private Short priority; + private Integer priority; @@ -89,13 +89,13 @@ public class CentralV2UserApp implements Serializable, Comparable{ - public Short getPriority() { + public Integer getPriority() { return priority; } - public void setPriority(Short priority) { + public void setPriority(Integer priority) { this.priority = priority; } diff --git a/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/transport/EPUserAppCurrentRoles.java b/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/transport/EPUserAppCurrentRoles.java index dbf48301..6a0f19d3 100644 --- a/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/transport/EPUserAppCurrentRoles.java +++ b/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/transport/EPUserAppCurrentRoles.java @@ -59,7 +59,7 @@ public class EPUserAppCurrentRoles implements Serializable{ private Long userId; @Id @Column(name="priority") - private String priority ; + private Integer priority ; @Id @Column(name="role_id") private Long roleId; @@ -75,10 +75,10 @@ public class EPUserAppCurrentRoles implements Serializable{ public void setUserId(Long userId) { this.userId = userId; } - public String getPriority() { + public Integer getPriority() { return priority; } - public void setPriority(String priority) { + public void setPriority(Integer priority) { this.priority = priority; } public Long getRoleId() { diff --git a/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/transport/EcompUserAppRoles.java b/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/transport/EcompUserAppRoles.java index 9d25c7c1..a7446f6f 100644 --- a/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/transport/EcompUserAppRoles.java +++ b/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/transport/EcompUserAppRoles.java @@ -59,7 +59,7 @@ public class EcompUserAppRoles implements Serializable { private Long userId; @Id @Column(name="priority") - private String priority ; + private Integer priority ; @Id @Column(name="role_id") private Long roleId; @@ -78,10 +78,10 @@ public class EcompUserAppRoles implements Serializable { public void setUserId(Long userId) { this.userId = userId; } - public String getPriority() { + public Integer getPriority() { return priority; } - public void setPriority(String priority) { + public void setPriority(Integer priority) { this.priority = priority; } public Long getRoleId() { diff --git a/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/transport/ExternalRoleDescription.java b/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/transport/ExternalRoleDescription.java index b9781071..47a1978c 100644 --- a/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/transport/ExternalRoleDescription.java +++ b/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/transport/ExternalRoleDescription.java @@ -39,11 +39,20 @@ package org.onap.portalapp.portal.transport; public class ExternalRoleDescription { - private String name; - + private String name; + + public ExternalRoleDescription() { + super(); + } + + public ExternalRoleDescription(String name) { + this.name = name; + } + public String getName() { return name; } + public void setName(String name) { this.name = name; } @@ -55,6 +64,7 @@ public class ExternalRoleDescription { result = prime * result + ((name == null) ? 0 : name.hashCode()); return result; } + @Override public boolean equals(Object obj) { if (this == obj) @@ -71,8 +81,5 @@ public class ExternalRoleDescription { return false; return true; } - - - - + } diff --git a/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/utils/EPCommonSystemProperties.java b/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/utils/EPCommonSystemProperties.java index 2c619af8..80501e39 100644 --- a/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/utils/EPCommonSystemProperties.java +++ b/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/utils/EPCommonSystemProperties.java @@ -99,5 +99,6 @@ public class EPCommonSystemProperties extends SystemProperties { public static final String UEB_KEY = "uebkey"; public static final String AUTHORIZATION = "Authorization"; public static final String USERNAME = "username"; + public static final String PASSWORD = "password"; } diff --git a/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/utils/EcompPortalUtils.java b/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/utils/EcompPortalUtils.java index f8d1116b..1b5613ca 100644 --- a/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/utils/EcompPortalUtils.java +++ b/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/utils/EcompPortalUtils.java @@ -43,6 +43,7 @@ import java.net.UnknownHostException; import java.nio.charset.Charset; import java.text.SimpleDateFormat; import java.util.ArrayList; +import java.util.Arrays; import java.util.Base64; import java.util.Date; import java.util.List; @@ -247,9 +248,13 @@ public class EcompPortalUtils { // This method might be just for testing purposes. public static void setExternalAppResponseCode(int responseCode) { try { - String code = String.valueOf(responseCode); + /*String code = String.valueOf(responseCode); MDC.put(EPCommonSystemProperties.EXTERNAL_API_RESPONSE_CODE,code ); - code=StringUtils.EMPTY; + code=StringUtils.EMPTY;*/ + String code = Integer.toString(responseCode); + MDC.put(EPCommonSystemProperties.EXTERNAL_API_RESPONSE_CODE,code ); + char[] chars=code.toCharArray(); + Arrays.fill(chars, ' '); } catch (Exception e) { logger.error(EELFLoggerDelegate.errorLogger, "setExternalAppResponseCode failed", e); } |