summaryrefslogtreecommitdiffstats
path: root/ecomp-portal-BE-common/src
diff options
context:
space:
mode:
authorKishore Reddy, Gujja (kg811t) <kg811t@research.att.com>2018-09-25 13:59:56 -0400
committerKishore Reddy, Gujja (kg811t) <kg811t@research.att.com>2018-09-26 16:52:00 -0400
commita59bc3e85eaf33c0a38063e5c30fe890588a0eb1 (patch)
treeb19ba17d5dbd6cecc0b34c0ef6b158c088746384 /ecomp-portal-BE-common/src
parent4be6886a011ddbc4543e8c27b759a27ff3415c18 (diff)
login and Certman AAF Integration changes
Issue-ID: PORTAL-386, PORTAL-389 failed to create user with special char in login_id Change-Id: I415adf615a7af97319d8d11a740e75d3dfa11583 Signed-off-by: Kishore Reddy, Gujja (kg811t) <kg811t@research.att.com>
Diffstat (limited to 'ecomp-portal-BE-common/src')
-rw-r--r--ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/service/ExternalAccessRolesServiceImpl.java95
-rw-r--r--ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/service/SearchServiceImpl.java8
-rw-r--r--ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/utils/EcompPortalUtils.java4
-rw-r--r--ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/utils/MusicCookieCsrfTokenRepository.java39
-rw-r--r--ecomp-portal-BE-common/src/main/webapp/WEB-INF/fusion/orm/EP.hbm.xml18
5 files changed, 79 insertions, 85 deletions
diff --git a/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/service/ExternalAccessRolesServiceImpl.java b/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/service/ExternalAccessRolesServiceImpl.java
index 4197d232..a77b9589 100644
--- a/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/service/ExternalAccessRolesServiceImpl.java
+++ b/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/service/ExternalAccessRolesServiceImpl.java
@@ -867,23 +867,8 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic
ObjectMapper mapper = new ObjectMapper();
String addNewRole = "";
ExternalAccessRole extRole = new ExternalAccessRole();
- List<EPRole> role = null;
- String addDesc = null;
- Map<String, String> extSystemUpdateRole = new LinkedHashMap<>();
- if (app.getId().equals(PortalConstants.PORTAL_APP_ID)) {
- role = getPortalAppRoleInfo(addRole.getId());
- } else {
- role = getPartnerAppRoleInfo(addRole.getId(), app);
- }
- extSystemUpdateRole.put(ID, String.valueOf(role.get(0).getId()));
- extSystemUpdateRole.put(ROLE_NAME, String.valueOf(addRole.getName()));
- extSystemUpdateRole.put(ACTIVE, String.valueOf(role.get(0).getActive()));
- extSystemUpdateRole.put(PRIORITY, String.valueOf(role.get(0).getPriority()));
- extSystemUpdateRole.put(APP_ID, String.valueOf(role.get(0).getAppId()));
- extSystemUpdateRole.put(APP_ROLE_ID, String.valueOf(role.get(0).getAppRoleId()));
- addDesc = mapper.writeValueAsString(extSystemUpdateRole);
extRole.setName(app.getNameSpace() + "." + addRole.getName().replaceAll(EcompPortalUtils.EXTERNAL_CENTRAL_AUTH_ROLE_HANDLE_SPECIAL_CHARACTERS, "_"));
- extRole.setDescription(addDesc);
+ extRole.setDescription(String.valueOf(addRole.getName()));
addNewRole = mapper.writeValueAsString(extRole);
return addNewRole;
}
@@ -897,7 +882,7 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic
* @throws Exception
*/
@SuppressWarnings("unchecked")
- @Transactional(rollbackFor = Exception.class)
+ @Transactional(rollbackFor = Exception.class)
public boolean addRoleInEcompDB(Role addRoleInDB, EPApp app) throws Exception {
boolean result = false;
EPRole epRole = null;
@@ -2738,7 +2723,7 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic
applicationRolesList = getAppRoles(app.getId());
List<String> applicationRoleIdList = new ArrayList<>();
for (EPRole applicationRole : applicationRolesList) {
- applicationRoleIdList.add(applicationRole.getName());
+ applicationRoleIdList.add(applicationRole.getName().replaceAll(EcompPortalUtils.EXTERNAL_CENTRAL_AUTH_ROLE_HANDLE_SPECIAL_CHARACTERS, "_"));
}
List<EPRole> roleListToBeAddInEcompDB = new ArrayList<>();
@@ -2915,30 +2900,27 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic
throws IOException {
List<ExternalRoleDetails> externalRoleDetailsList = new ArrayList<>();
ExternalRoleDescription ApplicationRole = new ExternalRoleDescription();
- ExternalAccessPerms externalAccessPerms = new ExternalAccessPerms();
+ ExternalAccessPerms externalAccessPerms = new ExternalAccessPerms();
List<String> functionCodelist = new ArrayList<>();
+ Map<String, EPRole> curRolesMap = getCurrentRolesInDB(app);
+
for (int i = 0; i < extRole.length(); i++) {
ExternalRoleDetails externalRoleDetail = new ExternalRoleDetails();
EPAppRoleFunction ePAppRoleFunction = new EPAppRoleFunction();
JSONObject Role = (JSONObject) extRole.get(i);
- if (!extRole.getJSONObject(i).has(EXTERNAL_AUTH_ROLE_DESCRIPTION)) {
- ApplicationRole.setActive("true");
- ApplicationRole.setAppId(IS_NULL_STRING);
- ApplicationRole.setPriority(IS_NULL_STRING);
- ApplicationRole.setAppRoleId(IS_NULL_STRING);
- String roleName = extRole.getJSONObject(i).getString(ROLE_NAME);
- ApplicationRole.setName(roleName.substring(app.getNameSpace().length() + 1));
- } else {
+ String roleName = extRole.getJSONObject(i).getString(ROLE_NAME);
+ ApplicationRole.setName(roleName.substring(app.getNameSpace().length() + 1));
+ if (extRole.getJSONObject(i).has(EXTERNAL_AUTH_ROLE_DESCRIPTION)) {
String desc = extRole.getJSONObject(i).getString(EXTERNAL_AUTH_ROLE_DESCRIPTION);
- ApplicationRole = mapper.readValue(desc, ExternalRoleDescription.class);
+ ApplicationRole.setName(desc);
}
-
SortedSet<ExternalAccessPerms> externalAccessPermsOfRole = new TreeSet<>();
if (extRole.getJSONObject(i).has(EXTERNAL_AUTH_PERMS)) {
JSONArray extPerm = (JSONArray) Role.get(EXTERNAL_AUTH_PERMS);
for (int j = 0; j < extPerm.length(); j++) {
JSONObject perms = extPerm.getJSONObject(j);
- boolean isNamespaceMatching = EcompPortalUtils.checkNameSpaceMatching(perms.getString("type"), app.getNameSpace());
+ boolean isNamespaceMatching = EcompPortalUtils.checkNameSpaceMatching(perms.getString("type"),
+ app.getNameSpace());
if (isNamespaceMatching) {
externalAccessPerms = new ExternalAccessPerms(perms.getString("type"),
perms.getString("instance"), perms.getString("action"));
@@ -2949,46 +2931,33 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic
}
}
-
- if (ApplicationRole.getActive().equals(IS_NULL_STRING)) {
- externalRoleDetail.setActive(false);
- } else {
- externalRoleDetail.setActive(Boolean.parseBoolean(ApplicationRole.getActive()));
- }
+ externalRoleDetail.setActive(true);
externalRoleDetail.setName(ApplicationRole.getName());
-
- if (ApplicationRole.getAppId().equals(IS_NULL_STRING) && app.getId() == 1) {
+ if (app.getId() == 1) {
externalRoleDetail.setAppId(null);
- } else if (ApplicationRole.getAppId().equals(IS_NULL_STRING)) {
- externalRoleDetail.setAppId(app.getId());
- } else {
- externalRoleDetail.setAppId(Long.parseLong(ApplicationRole.getAppId()));
- }
-
- if (ApplicationRole.getPriority().equals(IS_NULL_STRING)) {
- externalRoleDetail.setPriority(null);
} else {
- externalRoleDetail.setPriority(Integer.parseInt(ApplicationRole.getPriority()));
- }
-
- if (ApplicationRole.getAppRoleId().equals(IS_NULL_STRING) && app.getId() == 1) {
- externalRoleDetail.setAppRoleId(null);
+ externalRoleDetail.setAppId(app.getId());
}
-
+ // get role functions from DB
+ EPRole currRole = curRolesMap.get(ApplicationRole.getName()
+ .replaceAll(EcompPortalUtils.EXTERNAL_CENTRAL_AUTH_ROLE_HANDLE_SPECIAL_CHARACTERS, "_"));
+ Long roleId = null;
+ if (currRole != null)
+ roleId = currRole.getId();
// get role functions from DB
final Map<String, EPAppRoleFunction> roleFunctionsMap = new HashMap<>();
- if (!ApplicationRole.getId().equals(IS_NULL_STRING)) {
- final Map<String, Long> appRoleFuncsParams = new HashMap<>();
+ final Map<String, Long> appRoleFuncsParams = new HashMap<>();
+ if (roleId != null) {
appRoleFuncsParams.put("appId", app.getId());
- appRoleFuncsParams.put("roleId", Long.valueOf(ApplicationRole.getId()));
- List<EPAppRoleFunction> appRoleFunctions = dataAccessService.executeNamedQuery("getAppRoleFunctionOnRoleIdandAppId", appRoleFuncsParams, null);
+ appRoleFuncsParams.put("roleId", roleId);
+ List<EPAppRoleFunction> appRoleFunctions = dataAccessService
+ .executeNamedQuery("getAppRoleFunctionOnRoleIdandAppId", appRoleFuncsParams, null);
if (!appRoleFunctions.isEmpty()) {
for (EPAppRoleFunction roleFunc : appRoleFunctions) {
roleFunctionsMap.put(roleFunc.getCode(), roleFunc);
}
}
}
-
if (!externalAccessPermsOfRole.isEmpty()) {
// Adding functions to role
for (ExternalAccessPerms externalpermission : externalAccessPermsOfRole) {
@@ -3000,22 +2969,24 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic
EPAppRoleFunction checkRoleFunctionPipeExits = roleFunctionsMap.get(funcCode);
if (checkRoleFunctionPipeExits == null) {
try {
- final Map<String, String> appFuncsParams = new HashMap<>();
+ final Map<String, String> appFuncsParams = new HashMap<>();
appFuncsParams.put("appId", String.valueOf(app.getId()));
appFuncsParams.put("functionCd", externalpermission.getInstance());
logger.debug(EELFLoggerDelegate.debugLogger,
"SyncApplicationRolesWithEcompDB: Adding function to the role: {}",
externalpermission.getInstance());
List<CentralV2RoleFunction> roleFunction = null;
- roleFunction = dataAccessService.executeNamedQuery("getAppFunctionOnCodeAndAppId", appFuncsParams, null);
+ roleFunction = dataAccessService.executeNamedQuery("getAppFunctionOnCodeAndAppId",
+ appFuncsParams, null);
if (roleFunction.isEmpty()) {
appFuncsParams.put("functionCd", funcCode);
- roleFunction = dataAccessService.executeNamedQuery("getAppFunctionOnCodeAndAppId", appFuncsParams, null);
+ roleFunction = dataAccessService.executeNamedQuery("getAppFunctionOnCodeAndAppId",
+ appFuncsParams, null);
}
if (!roleFunction.isEmpty()) {
EPAppRoleFunction apRoleFunction = new EPAppRoleFunction();
apRoleFunction.setAppId(app.getId());
- apRoleFunction.setRoleId(Long.parseLong(ApplicationRole.getId()));
+ apRoleFunction.setRoleId(roleId);
apRoleFunction.setCode(roleFunction.get(0).getCode());
dataAccessService.saveDomainObject(apRoleFunction, null);
}
@@ -3089,7 +3060,7 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic
*/
private EPRole convertExternalRoleDetailstoEpRole(ExternalRoleDetails externalRoleDetails) {
EPRole role = new EPRole();
- role.setActive(externalRoleDetails.isActive());
+ role.setActive(true);
role.setAppId(externalRoleDetails.getAppId());
role.setAppRoleId(externalRoleDetails.getAppRoleId());
role.setName(externalRoleDetails.getName());
diff --git a/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/service/SearchServiceImpl.java b/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/service/SearchServiceImpl.java
index a192ad94..c766106d 100644
--- a/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/service/SearchServiceImpl.java
+++ b/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/service/SearchServiceImpl.java
@@ -39,9 +39,9 @@ package org.onap.portalapp.portal.service;
import java.util.ArrayList;
import java.util.List;
-import java.util.regex.Matcher;
-import java.util.regex.Pattern;
+import org.onap.portalapp.portal.service.SearchService;
+import org.onap.portalapp.portal.service.SearchServiceImpl;
import org.onap.portalapp.portal.domain.EPUser;
import org.onap.portalapp.portal.logging.aop.EPMetricsLog;
import org.onap.portalapp.portal.transport.UserWithNameSurnameTitle;
@@ -74,10 +74,8 @@ public class SearchServiceImpl implements SearchService {
public String searchUsersInPhoneBook(String searchString) {
String orgUserId = null;
List<String> tokens = EcompPortalUtils.parsingByRegularExpression(searchString, " ");
- Pattern pattern = Pattern.compile(EcompPortalUtils.SEARCH_USERS_REGEX);
for (int i = 0; i < tokens.size(); i++) { // find orgUserId if possible and remove it from tokens
- Matcher matcher = pattern.matcher(tokens.get(i));
- if (matcher.matches()) {
+ if (tokens.get(i).matches(".*\\d+.*")) {
orgUserId = tokens.get(i);
tokens.remove(i);
}
diff --git a/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/utils/EcompPortalUtils.java b/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/utils/EcompPortalUtils.java
index a4b6cc24..809e42f9 100644
--- a/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/utils/EcompPortalUtils.java
+++ b/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/utils/EcompPortalUtils.java
@@ -58,7 +58,6 @@ import org.onap.portalapp.portal.logging.format.EPAppMessagesEnum;
import org.onap.portalapp.portal.logging.logic.EPLogUtil;
import org.onap.portalsdk.core.logging.logic.EELFLoggerDelegate;
import org.onap.portalsdk.core.onboarding.util.CipherUtil;
-import org.onap.portalsdk.core.onboarding.util.PortalApiConstants;
import org.onap.portalsdk.core.util.SystemProperties;
import org.slf4j.MDC;
import org.springframework.http.HttpHeaders;
@@ -80,9 +79,6 @@ public class EcompPortalUtils {
// It is a regular expression used for while creating a External Central Auth Role
public static final String EXTERNAL_CENTRAL_AUTH_ROLE_HANDLE_SPECIAL_CHARACTERS = "([^A-Z^a-z^0-9^\\.^%^(^)^=^:])";
- // regex for alphanumeric , dashes and underscore
- public static final String SEARCH_USERS_REGEX = "(^[a-zA-Z0-9_-]*$)";
-
/**
* @param orgUserId
* User ID to validate
diff --git a/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/utils/MusicCookieCsrfTokenRepository.java b/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/utils/MusicCookieCsrfTokenRepository.java
index 75c66162..988b97a5 100644
--- a/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/utils/MusicCookieCsrfTokenRepository.java
+++ b/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/utils/MusicCookieCsrfTokenRepository.java
@@ -1,17 +1,39 @@
-/*
- * Copyright 2012-2016 the original author or authors.
+/*-
+ * ============LICENSE_START==========================================
+ * ONAP Portal
+ * ===================================================================
+ * Copyright (C) 2018 AT&T Intellectual Property. All rights reserved.
+ * ===================================================================
*
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
+ * Unless otherwise specified, all software contained herein is licensed
+ * under the Apache License, Version 2.0 (the "License");
+ * you may not use this software except in compliance with the License.
* You may obtain a copy of the License at
*
- * http://www.apache.org/licenses/LICENSE-2.0
+ * http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
+ *
+ * Unless otherwise specified, all documentation contained herein is licensed
+ * under the Creative Commons License, Attribution 4.0 Intl. (the "License");
+ * you may not use this documentation except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * https://creativecommons.org/licenses/by/4.0/
+ *
+ * Unless required by applicable law or agreed to in writing, documentation
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ * ============LICENSE_END============================================
+ *
+ *
*/
package org.onap.portalapp.portal.utils;
@@ -35,8 +57,7 @@ public final class MusicCookieCsrfTokenRepository implements CsrfTokenRepository
static final String CSRF_PARAMETER_NAME = "_csrf";
static final String EP_SERVICE = "EPService";
CookieCsrfTokenRepository cookieRepo = null;
- private static final EELFLoggerDelegate logger = EELFLoggerDelegate.getLogger(MusicService.class);
-
+ private static final EELFLoggerDelegate logger = EELFLoggerDelegate.getLogger(MusicCookieCsrfTokenRepository.class);
public MusicCookieCsrfTokenRepository() {
}
@@ -64,12 +85,14 @@ public final class MusicCookieCsrfTokenRepository implements CsrfTokenRepository
if(cookieRepoToken==null){ // if cookieRepo does not has the token, check the cassandra for the values stored by other tomcats
try { // todo this part of the code needs to be replaced with out depending on EPService cookie
String sessionId = getSessionIdFromCookie(request);
+ if(sessionId == null)
+ return null;
String token = MusicService.getAttribute(CSRF_COOKIE_NAME, sessionId);
if (token==null || !StringUtils.hasLength(token))
return null;
cookieRepoToken = new DefaultCsrfToken(CSRF_HEADER_NAME, CSRF_PARAMETER_NAME , token);
} catch (Exception e) {
- logger.error(EELFLoggerDelegate.errorLogger, "Error while calling csrf saveToken" , e);
+ logger.error(EELFLoggerDelegate.errorLogger, "Error while calling csrf loadToken" , e);
}
}
return cookieRepoToken;
diff --git a/ecomp-portal-BE-common/src/main/webapp/WEB-INF/fusion/orm/EP.hbm.xml b/ecomp-portal-BE-common/src/main/webapp/WEB-INF/fusion/orm/EP.hbm.xml
index becfe7c2..e4b81448 100644
--- a/ecomp-portal-BE-common/src/main/webapp/WEB-INF/fusion/orm/EP.hbm.xml
+++ b/ecomp-portal-BE-common/src/main/webapp/WEB-INF/fusion/orm/EP.hbm.xml
@@ -1306,9 +1306,12 @@ where fn_role.app_id = fn_app.app_id and fn_app.enabled='Y' and fn_role.active_y
where a.user_id =:userId and b.app_id = c.app_id and a.app_id = c.role_app_id and b.enabled = 'Y' and c.role_id = d.role_id and d.active_yn='Y' and a.role_id = d.role_id and e.app_id = c.app_id
) A
left outer join
- (select distinct
- c.AFFECTED_RECORD_ID, c.AUDIT_DATE
- from FN_AUDIT_LOG c
+ (select FN_AUDIT_LOG.AFFECTED_RECORD_ID, max(FN_AUDIT_LOG.AUDIT_DATE) AS AUDIT_DATE
+ from FN_APP LEFT JOIN FN_AUDIT_LOG
+ on FN_APP.APP_ID = FN_AUDIT_LOG.AFFECTED_RECORD_ID
+ where FN_APP.ENABLED = 'Y' and FN_AUDIT_LOG.user_id=:userId
+ and (audit_date) BETWEEN (CURDATE() - INTERVAL 90 DAY) and CURDATE()
+ group by FN_AUDIT_LOG.AFFECTED_RECORD_ID
)B
on A.app_id = B.Affected_record_id
order by AUDIT_DATE DESC;
@@ -1349,9 +1352,12 @@ where fn_role.app_id = fn_app.app_id and fn_app.enabled='Y' and fn_role.active_y
) A
left outer join
- (select distinct
- c.AFFECTED_RECORD_ID, c.AUDIT_DATE
- from FN_AUDIT_LOG c
+ (select FN_AUDIT_LOG.AFFECTED_RECORD_ID, max(FN_AUDIT_LOG.AUDIT_DATE) AS AUDIT_DATE
+ from FN_APP LEFT JOIN FN_AUDIT_LOG
+ on FN_APP.APP_ID = FN_AUDIT_LOG.AFFECTED_RECORD_ID
+ where FN_APP.ENABLED = 'Y' and FN_AUDIT_LOG.user_id=:userId
+ and (audit_date) BETWEEN (CURDATE() - INTERVAL 90 DAY) and CURDATE()
+ group by FN_AUDIT_LOG.AFFECTED_RECORD_ID
)B
on A.app_id = B.Affected_record_id
order by AUDIT_DATE DESC;