login and Certman AAF Integration changes

Issue-ID: PORTAL-386, PORTAL-389 failed to create user with special char in login_id Change-Id: I415adf615a7af97319d8d11a740e75d3dfa11583 Signed-off-by: Kishore Reddy, Gujja (kg811t) <kg811t@research.att.com>
author: Kishore Reddy, Gujja (kg811t) <kg811t@research.att.com> 2018-09-25 13:59:56 -0400
committer: Kishore Reddy, Gujja (kg811t) <kg811t@research.att.com> 2018-09-26 16:52:00 -0400
commit: a59bc3e85eaf33c0a38063e5c30fe890588a0eb1 (patch)
tree: b19ba17d5dbd6cecc0b34c0ef6b158c088746384 /ecomp-portal-BE-common/src
parent: 4be6886a011ddbc4543e8c27b759a27ff3415c18 (diff)
5 files changed, 79 insertions, 85 deletions
diff --git a/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/service/ExternalAccessRolesServiceImpl.java b/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/service/ExternalAccessRolesServiceImpl.java
index 4197d232..a77b9589 100644
--- a/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/service/ExternalAccessRolesServiceImpl.java
+++ b/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/service/ExternalAccessRolesServiceImpl.java
@@ -867,23 +867,8 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic
 		ObjectMapper mapper = new ObjectMapper();
 		String addNewRole = "";
 		ExternalAccessRole extRole = new ExternalAccessRole();
-		List<EPRole> role = null;
-		String addDesc = null;
-		Map<String, String> extSystemUpdateRole = new LinkedHashMap<>();
-		if (app.getId().equals(PortalConstants.PORTAL_APP_ID)) {
-			role = getPortalAppRoleInfo(addRole.getId());
-		} else {
-			role = getPartnerAppRoleInfo(addRole.getId(), app);
-		}
-		extSystemUpdateRole.put(ID, String.valueOf(role.get(0).getId()));
-		extSystemUpdateRole.put(ROLE_NAME, String.valueOf(addRole.getName()));
-		extSystemUpdateRole.put(ACTIVE, String.valueOf(role.get(0).getActive()));
-		extSystemUpdateRole.put(PRIORITY, String.valueOf(role.get(0).getPriority()));
-		extSystemUpdateRole.put(APP_ID, String.valueOf(role.get(0).getAppId()));
-		extSystemUpdateRole.put(APP_ROLE_ID, String.valueOf(role.get(0).getAppRoleId()));
-		addDesc = mapper.writeValueAsString(extSystemUpdateRole);
 		extRole.setName(app.getNameSpace() + "." + addRole.getName().replaceAll(EcompPortalUtils.EXTERNAL_CENTRAL_AUTH_ROLE_HANDLE_SPECIAL_CHARACTERS, "_"));
-		extRole.setDescription(addDesc);
+		extRole.setDescription(String.valueOf(addRole.getName()));
 		addNewRole = mapper.writeValueAsString(extRole);
 		return addNewRole;
 	}
@@ -897,7 +882,7 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic
 	 * @throws Exception
 	 */
 	@SuppressWarnings("unchecked")
-        @Transactional(rollbackFor = Exception.class)
+	@Transactional(rollbackFor = Exception.class)
 	public boolean addRoleInEcompDB(Role addRoleInDB, EPApp app) throws Exception {		
 		boolean result = false;
 		EPRole epRole = null;
@@ -2738,7 +2723,7 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic
 			applicationRolesList = getAppRoles(app.getId());
 			List<String> applicationRoleIdList = new ArrayList<>();
 			for (EPRole applicationRole : applicationRolesList) {
-				applicationRoleIdList.add(applicationRole.getName());
+				applicationRoleIdList.add(applicationRole.getName().replaceAll(EcompPortalUtils.EXTERNAL_CENTRAL_AUTH_ROLE_HANDLE_SPECIAL_CHARACTERS, "_"));
 			}
 
 			List<EPRole> roleListToBeAddInEcompDB = new ArrayList<>();
@@ -2915,30 +2900,27 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic
 			throws IOException {
 		List<ExternalRoleDetails> externalRoleDetailsList = new ArrayList<>();
 		ExternalRoleDescription ApplicationRole = new ExternalRoleDescription();
-		ExternalAccessPerms externalAccessPerms = new ExternalAccessPerms(); 
+		ExternalAccessPerms externalAccessPerms = new ExternalAccessPerms();
 		List<String> functionCodelist = new ArrayList<>();
+		Map<String, EPRole> curRolesMap = getCurrentRolesInDB(app);
+
 		for (int i = 0; i < extRole.length(); i++) {
 			ExternalRoleDetails externalRoleDetail = new ExternalRoleDetails();
 			EPAppRoleFunction ePAppRoleFunction = new EPAppRoleFunction();
 			JSONObject Role = (JSONObject) extRole.get(i);
-			if (!extRole.getJSONObject(i).has(EXTERNAL_AUTH_ROLE_DESCRIPTION)) {
-				ApplicationRole.setActive("true");
-				ApplicationRole.setAppId(IS_NULL_STRING);
-				ApplicationRole.setPriority(IS_NULL_STRING);
-				ApplicationRole.setAppRoleId(IS_NULL_STRING);
-				String roleName = extRole.getJSONObject(i).getString(ROLE_NAME);
-				ApplicationRole.setName(roleName.substring(app.getNameSpace().length() + 1));
-			} else {
+			String roleName = extRole.getJSONObject(i).getString(ROLE_NAME);
+			ApplicationRole.setName(roleName.substring(app.getNameSpace().length() + 1));
+			if (extRole.getJSONObject(i).has(EXTERNAL_AUTH_ROLE_DESCRIPTION)) {
 				String desc = extRole.getJSONObject(i).getString(EXTERNAL_AUTH_ROLE_DESCRIPTION);
-				ApplicationRole = mapper.readValue(desc, ExternalRoleDescription.class);
+				ApplicationRole.setName(desc);
 			}
-
 			SortedSet<ExternalAccessPerms> externalAccessPermsOfRole = new TreeSet<>();
 			if (extRole.getJSONObject(i).has(EXTERNAL_AUTH_PERMS)) {
 				JSONArray extPerm = (JSONArray) Role.get(EXTERNAL_AUTH_PERMS);
 				for (int j = 0; j < extPerm.length(); j++) {
 					JSONObject perms = extPerm.getJSONObject(j);
-					boolean isNamespaceMatching = EcompPortalUtils.checkNameSpaceMatching(perms.getString("type"), app.getNameSpace());
+					boolean isNamespaceMatching = EcompPortalUtils.checkNameSpaceMatching(perms.getString("type"),
+							app.getNameSpace());
 					if (isNamespaceMatching) {
 						externalAccessPerms = new ExternalAccessPerms(perms.getString("type"),
 								perms.getString("instance"), perms.getString("action"));
@@ -2949,46 +2931,33 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic
 
 				}
 			}
-
-			if (ApplicationRole.getActive().equals(IS_NULL_STRING)) {
-				externalRoleDetail.setActive(false);
-			} else {
-				externalRoleDetail.setActive(Boolean.parseBoolean(ApplicationRole.getActive()));
-			}
+			externalRoleDetail.setActive(true);
 			externalRoleDetail.setName(ApplicationRole.getName());
-
-			if (ApplicationRole.getAppId().equals(IS_NULL_STRING) && app.getId() == 1) {
+			if (app.getId() == 1) {
 				externalRoleDetail.setAppId(null);
-			} else if (ApplicationRole.getAppId().equals(IS_NULL_STRING)) {
-				externalRoleDetail.setAppId(app.getId());
-			} else {
-				externalRoleDetail.setAppId(Long.parseLong(ApplicationRole.getAppId()));
-			}
-
-			if (ApplicationRole.getPriority().equals(IS_NULL_STRING)) {
-				externalRoleDetail.setPriority(null);
 			} else {
-				externalRoleDetail.setPriority(Integer.parseInt(ApplicationRole.getPriority()));
-			}
-
-			if (ApplicationRole.getAppRoleId().equals(IS_NULL_STRING) && app.getId() == 1) {
-				externalRoleDetail.setAppRoleId(null);
+				externalRoleDetail.setAppId(app.getId());
 			}
-
+			// get role functions from DB
+			EPRole currRole = curRolesMap.get(ApplicationRole.getName()
+					.replaceAll(EcompPortalUtils.EXTERNAL_CENTRAL_AUTH_ROLE_HANDLE_SPECIAL_CHARACTERS, "_"));
+			Long roleId = null;
+			if (currRole != null)
+				roleId = currRole.getId();
 			// get role functions from DB
 			final Map<String, EPAppRoleFunction> roleFunctionsMap = new HashMap<>();
-			if (!ApplicationRole.getId().equals(IS_NULL_STRING)) {
-				final Map<String, Long> appRoleFuncsParams = new  HashMap<>();
+			final Map<String, Long> appRoleFuncsParams = new HashMap<>();
+			if (roleId != null) {
 				appRoleFuncsParams.put("appId", app.getId());
-				appRoleFuncsParams.put("roleId", Long.valueOf(ApplicationRole.getId()));
-				List<EPAppRoleFunction> appRoleFunctions = dataAccessService.executeNamedQuery("getAppRoleFunctionOnRoleIdandAppId", appRoleFuncsParams, null);
+				appRoleFuncsParams.put("roleId", roleId);
+				List<EPAppRoleFunction> appRoleFunctions = dataAccessService
+						.executeNamedQuery("getAppRoleFunctionOnRoleIdandAppId", appRoleFuncsParams, null);
 				if (!appRoleFunctions.isEmpty()) {
 					for (EPAppRoleFunction roleFunc : appRoleFunctions) {
 						roleFunctionsMap.put(roleFunc.getCode(), roleFunc);
 					}
 				}
 			}
-
 			if (!externalAccessPermsOfRole.isEmpty()) {
 				// Adding functions to role
 				for (ExternalAccessPerms externalpermission : externalAccessPermsOfRole) {
@@ -3000,22 +2969,24 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic
 						EPAppRoleFunction checkRoleFunctionPipeExits = roleFunctionsMap.get(funcCode);
 						if (checkRoleFunctionPipeExits == null) {
 							try {
-								final Map<String, String> appFuncsParams = new  HashMap<>();
+								final Map<String, String> appFuncsParams = new HashMap<>();
 								appFuncsParams.put("appId", String.valueOf(app.getId()));
 								appFuncsParams.put("functionCd", externalpermission.getInstance());
 								logger.debug(EELFLoggerDelegate.debugLogger,
 										"SyncApplicationRolesWithEcompDB: Adding function to the role: {}",
 										externalpermission.getInstance());
 								List<CentralV2RoleFunction> roleFunction = null;
-								roleFunction = dataAccessService.executeNamedQuery("getAppFunctionOnCodeAndAppId", appFuncsParams, null);
+								roleFunction = dataAccessService.executeNamedQuery("getAppFunctionOnCodeAndAppId",
+										appFuncsParams, null);
 								if (roleFunction.isEmpty()) {
 									appFuncsParams.put("functionCd", funcCode);
-									roleFunction = dataAccessService.executeNamedQuery("getAppFunctionOnCodeAndAppId", appFuncsParams, null);
+									roleFunction = dataAccessService.executeNamedQuery("getAppFunctionOnCodeAndAppId",
+											appFuncsParams, null);
 								}
 								if (!roleFunction.isEmpty()) {
 									EPAppRoleFunction apRoleFunction = new EPAppRoleFunction();
 									apRoleFunction.setAppId(app.getId());
-									apRoleFunction.setRoleId(Long.parseLong(ApplicationRole.getId()));
+									apRoleFunction.setRoleId(roleId);
 									apRoleFunction.setCode(roleFunction.get(0).getCode());
 									dataAccessService.saveDomainObject(apRoleFunction, null);
 								}
@@ -3089,7 +3060,7 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic
 	 */
 	private EPRole convertExternalRoleDetailstoEpRole(ExternalRoleDetails externalRoleDetails) {
 		EPRole role = new EPRole();
-		role.setActive(externalRoleDetails.isActive());
+		role.setActive(true);
 		role.setAppId(externalRoleDetails.getAppId());
 		role.setAppRoleId(externalRoleDetails.getAppRoleId());
 		role.setName(externalRoleDetails.getName());
diff --git a/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/service/SearchServiceImpl.java b/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/service/SearchServiceImpl.java
index a192ad94..c766106d 100644
--- a/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/service/SearchServiceImpl.java
+++ b/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/service/SearchServiceImpl.java
@@ -39,9 +39,9 @@ package org.onap.portalapp.portal.service;
 
 import java.util.ArrayList;
 import java.util.List;
-import java.util.regex.Matcher;
-import java.util.regex.Pattern;
 
+import org.onap.portalapp.portal.service.SearchService;
+import org.onap.portalapp.portal.service.SearchServiceImpl;
 import org.onap.portalapp.portal.domain.EPUser;
 import org.onap.portalapp.portal.logging.aop.EPMetricsLog;
 import org.onap.portalapp.portal.transport.UserWithNameSurnameTitle;
@@ -74,10 +74,8 @@ public class SearchServiceImpl implements SearchService {
 	public String searchUsersInPhoneBook(String searchString) {
 		String orgUserId = null;
 		List<String> tokens = EcompPortalUtils.parsingByRegularExpression(searchString, " ");
-		Pattern pattern = Pattern.compile(EcompPortalUtils.SEARCH_USERS_REGEX);
 		for (int i = 0; i < tokens.size(); i++) { // find orgUserId if possible and remove it from tokens
-			Matcher matcher = pattern.matcher(tokens.get(i));
-			if (matcher.matches()) {
+			if (tokens.get(i).matches(".*\\d+.*")) {
 				orgUserId = tokens.get(i);
 				tokens.remove(i);
 			}
diff --git a/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/utils/EcompPortalUtils.java b/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/utils/EcompPortalUtils.java
index a4b6cc24..809e42f9 100644
--- a/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/utils/EcompPortalUtils.java
+++ b/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/utils/EcompPortalUtils.java
@@ -58,7 +58,6 @@ import org.onap.portalapp.portal.logging.format.EPAppMessagesEnum;
 import org.onap.portalapp.portal.logging.logic.EPLogUtil;
 import org.onap.portalsdk.core.logging.logic.EELFLoggerDelegate;
 import org.onap.portalsdk.core.onboarding.util.CipherUtil;
-import org.onap.portalsdk.core.onboarding.util.PortalApiConstants;
 import org.onap.portalsdk.core.util.SystemProperties;
 import org.slf4j.MDC;
 import org.springframework.http.HttpHeaders;
@@ -80,9 +79,6 @@ public class EcompPortalUtils {
 	// It is a regular expression used for while creating a External Central Auth Role 
 	public static final String EXTERNAL_CENTRAL_AUTH_ROLE_HANDLE_SPECIAL_CHARACTERS = "([^A-Z^a-z^0-9^\\.^%^(^)^=^:])";
 	
-	// regex for alphanumeric , dashes and underscore
-		public static final String SEARCH_USERS_REGEX = "(^[a-zA-Z0-9_-]*$)";
-
 	/**
 	 * @param orgUserId
 	 *            User ID to validate
diff --git a/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/utils/MusicCookieCsrfTokenRepository.java b/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/utils/MusicCookieCsrfTokenRepository.java
index 75c66162..988b97a5 100644
--- a/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/utils/MusicCookieCsrfTokenRepository.java
+++ b/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/utils/MusicCookieCsrfTokenRepository.java
@@ -1,17 +1,39 @@
-/*
- * Copyright 2012-2016 the original author or authors.
+/*-
+ * ============LICENSE_START==========================================
+ * ONAP Portal
+ * ===================================================================
+ * Copyright (C) 2018 AT&T Intellectual Property. All rights reserved.
+ * ===================================================================
  *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
+ * Unless otherwise specified, all software contained herein is licensed
+ * under the Apache License, Version 2.0 (the "License");
+ * you may not use this software except in compliance with the License.
  * You may obtain a copy of the License at
  *
- *      http://www.apache.org/licenses/LICENSE-2.0
+ *             http://www.apache.org/licenses/LICENSE-2.0
  *
  * Unless required by applicable law or agreed to in writing, software
  * distributed under the License is distributed on an "AS IS" BASIS,
  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  * See the License for the specific language governing permissions and
  * limitations under the License.
+ *
+ * Unless otherwise specified, all documentation contained herein is licensed
+ * under the Creative Commons License, Attribution 4.0 Intl. (the "License");
+ * you may not use this documentation except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *             https://creativecommons.org/licenses/by/4.0/
+ *
+ * Unless required by applicable law or agreed to in writing, documentation
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ * ============LICENSE_END============================================
+ *
+ * 
  */
 
 package org.onap.portalapp.portal.utils;
@@ -35,8 +57,7 @@ public final class MusicCookieCsrfTokenRepository implements CsrfTokenRepository
 	static final String CSRF_PARAMETER_NAME = "_csrf";
 	static final String EP_SERVICE = "EPService";
 	CookieCsrfTokenRepository cookieRepo = null;
-	private static final EELFLoggerDelegate logger = EELFLoggerDelegate.getLogger(MusicService.class);
-
+	private static final EELFLoggerDelegate logger = EELFLoggerDelegate.getLogger(MusicCookieCsrfTokenRepository.class);
 	public MusicCookieCsrfTokenRepository() {
 	}
 	
@@ -64,12 +85,14 @@ public final class MusicCookieCsrfTokenRepository implements CsrfTokenRepository
 		if(cookieRepoToken==null){ // if cookieRepo does not has the token, check the cassandra for the values stored by other tomcats
 			try { // todo this part of the code needs to be replaced with out depending on EPService cookie
 				String sessionId = getSessionIdFromCookie(request);
+				if(sessionId == null) 
+					return null;
 				String token = MusicService.getAttribute(CSRF_COOKIE_NAME, sessionId);
 				if (token==null || !StringUtils.hasLength(token)) 
 					return null;
 				cookieRepoToken = new DefaultCsrfToken(CSRF_HEADER_NAME, CSRF_PARAMETER_NAME , token); 
 			} catch (Exception e) {
-				logger.error(EELFLoggerDelegate.errorLogger, "Error while calling csrf saveToken" , e);
+				logger.error(EELFLoggerDelegate.errorLogger, "Error while calling csrf loadToken" , e);
 			}
 		}
 		return cookieRepoToken;
diff --git a/ecomp-portal-BE-common/src/main/webapp/WEB-INF/fusion/orm/EP.hbm.xml b/ecomp-portal-BE-common/src/main/webapp/WEB-INF/fusion/orm/EP.hbm.xml
index becfe7c2..e4b81448 100644
--- a/ecomp-portal-BE-common/src/main/webapp/WEB-INF/fusion/orm/EP.hbm.xml
+++ b/ecomp-portal-BE-common/src/main/webapp/WEB-INF/fusion/orm/EP.hbm.xml
@@ -1306,9 +1306,12 @@ where fn_role.app_id = fn_app.app_id and fn_app.enabled='Y' and fn_role.active_y
           where a.user_id =:userId  and b.app_id = c.app_id and a.app_id = c.role_app_id and b.enabled = 'Y' and c.role_id = d.role_id and d.active_yn='Y' and a.role_id = d.role_id and e.app_id = c.app_id
 			) A 
     		left outer join
-			(select  distinct
-			c.AFFECTED_RECORD_ID, c.AUDIT_DATE 
-			from FN_AUDIT_LOG c
+			(select  FN_AUDIT_LOG.AFFECTED_RECORD_ID, max(FN_AUDIT_LOG.AUDIT_DATE) AS AUDIT_DATE 
+			from FN_APP LEFT JOIN FN_AUDIT_LOG 
+			on FN_APP.APP_ID = FN_AUDIT_LOG.AFFECTED_RECORD_ID  
+			where FN_APP.ENABLED = 'Y' and FN_AUDIT_LOG.user_id=:userId
+			and (audit_date) BETWEEN (CURDATE() - INTERVAL 90 DAY) and CURDATE() 
+			group by  FN_AUDIT_LOG.AFFECTED_RECORD_ID
 			 )B
 			on A.app_id = B.Affected_record_id
 			order by AUDIT_DATE DESC;
@@ -1349,9 +1352,12 @@ where fn_role.app_id = fn_app.app_id and fn_app.enabled='Y' and fn_role.active_y
 			
 			) A 
     		left outer join
-			(select  distinct
-			c.AFFECTED_RECORD_ID, c.AUDIT_DATE 
-			from FN_AUDIT_LOG c
+			(select  FN_AUDIT_LOG.AFFECTED_RECORD_ID, max(FN_AUDIT_LOG.AUDIT_DATE) AS AUDIT_DATE 
+			from FN_APP LEFT JOIN FN_AUDIT_LOG 
+			on FN_APP.APP_ID = FN_AUDIT_LOG.AFFECTED_RECORD_ID  
+			where FN_APP.ENABLED = 'Y' and FN_AUDIT_LOG.user_id=:userId
+			and (audit_date) BETWEEN (CURDATE() - INTERVAL 90 DAY) and CURDATE() 
+			group by  FN_AUDIT_LOG.AFFECTED_RECORD_ID 
 			 )B
 			on A.app_id = B.Affected_record_id
 			order by AUDIT_DATE DESC;
author	Kishore Reddy, Gujja (kg811t) <kg811t@research.att.com>	2018-09-25 13:59:56 -0400
committer	Kishore Reddy, Gujja (kg811t) <kg811t@research.att.com>	2018-09-26 16:52:00 -0400
commit	a59bc3e85eaf33c0a38063e5c30fe890588a0eb1 (patch)
tree	b19ba17d5dbd6cecc0b34c0ef6b158c088746384 /ecomp-portal-BE-common/src
parent	4be6886a011ddbc4543e8c27b759a27ff3415c18 (diff)