diff options
author | Kishore Reddy, Gujja (kg811t) <kg811t@research.att.com> | 2018-09-25 13:59:56 -0400 |
---|---|---|
committer | Kishore Reddy, Gujja (kg811t) <kg811t@research.att.com> | 2018-09-26 16:52:00 -0400 |
commit | a59bc3e85eaf33c0a38063e5c30fe890588a0eb1 (patch) | |
tree | b19ba17d5dbd6cecc0b34c0ef6b158c088746384 /ecomp-portal-BE-common | |
parent | 4be6886a011ddbc4543e8c27b759a27ff3415c18 (diff) |
login and Certman AAF Integration changes
Issue-ID: PORTAL-386, PORTAL-389
failed to create user with special char in login_id
Change-Id: I415adf615a7af97319d8d11a740e75d3dfa11583
Signed-off-by: Kishore Reddy, Gujja (kg811t) <kg811t@research.att.com>
Diffstat (limited to 'ecomp-portal-BE-common')
5 files changed, 79 insertions, 85 deletions
diff --git a/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/service/ExternalAccessRolesServiceImpl.java b/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/service/ExternalAccessRolesServiceImpl.java index 4197d232..a77b9589 100644 --- a/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/service/ExternalAccessRolesServiceImpl.java +++ b/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/service/ExternalAccessRolesServiceImpl.java @@ -867,23 +867,8 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic ObjectMapper mapper = new ObjectMapper(); String addNewRole = ""; ExternalAccessRole extRole = new ExternalAccessRole(); - List<EPRole> role = null; - String addDesc = null; - Map<String, String> extSystemUpdateRole = new LinkedHashMap<>(); - if (app.getId().equals(PortalConstants.PORTAL_APP_ID)) { - role = getPortalAppRoleInfo(addRole.getId()); - } else { - role = getPartnerAppRoleInfo(addRole.getId(), app); - } - extSystemUpdateRole.put(ID, String.valueOf(role.get(0).getId())); - extSystemUpdateRole.put(ROLE_NAME, String.valueOf(addRole.getName())); - extSystemUpdateRole.put(ACTIVE, String.valueOf(role.get(0).getActive())); - extSystemUpdateRole.put(PRIORITY, String.valueOf(role.get(0).getPriority())); - extSystemUpdateRole.put(APP_ID, String.valueOf(role.get(0).getAppId())); - extSystemUpdateRole.put(APP_ROLE_ID, String.valueOf(role.get(0).getAppRoleId())); - addDesc = mapper.writeValueAsString(extSystemUpdateRole); extRole.setName(app.getNameSpace() + "." + addRole.getName().replaceAll(EcompPortalUtils.EXTERNAL_CENTRAL_AUTH_ROLE_HANDLE_SPECIAL_CHARACTERS, "_")); - extRole.setDescription(addDesc); + extRole.setDescription(String.valueOf(addRole.getName())); addNewRole = mapper.writeValueAsString(extRole); return addNewRole; } @@ -897,7 +882,7 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic * @throws Exception */ @SuppressWarnings("unchecked") - @Transactional(rollbackFor = Exception.class) + @Transactional(rollbackFor = Exception.class) public boolean addRoleInEcompDB(Role addRoleInDB, EPApp app) throws Exception { boolean result = false; EPRole epRole = null; @@ -2738,7 +2723,7 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic applicationRolesList = getAppRoles(app.getId()); List<String> applicationRoleIdList = new ArrayList<>(); for (EPRole applicationRole : applicationRolesList) { - applicationRoleIdList.add(applicationRole.getName()); + applicationRoleIdList.add(applicationRole.getName().replaceAll(EcompPortalUtils.EXTERNAL_CENTRAL_AUTH_ROLE_HANDLE_SPECIAL_CHARACTERS, "_")); } List<EPRole> roleListToBeAddInEcompDB = new ArrayList<>(); @@ -2915,30 +2900,27 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic throws IOException { List<ExternalRoleDetails> externalRoleDetailsList = new ArrayList<>(); ExternalRoleDescription ApplicationRole = new ExternalRoleDescription(); - ExternalAccessPerms externalAccessPerms = new ExternalAccessPerms(); + ExternalAccessPerms externalAccessPerms = new ExternalAccessPerms(); List<String> functionCodelist = new ArrayList<>(); + Map<String, EPRole> curRolesMap = getCurrentRolesInDB(app); + for (int i = 0; i < extRole.length(); i++) { ExternalRoleDetails externalRoleDetail = new ExternalRoleDetails(); EPAppRoleFunction ePAppRoleFunction = new EPAppRoleFunction(); JSONObject Role = (JSONObject) extRole.get(i); - if (!extRole.getJSONObject(i).has(EXTERNAL_AUTH_ROLE_DESCRIPTION)) { - ApplicationRole.setActive("true"); - ApplicationRole.setAppId(IS_NULL_STRING); - ApplicationRole.setPriority(IS_NULL_STRING); - ApplicationRole.setAppRoleId(IS_NULL_STRING); - String roleName = extRole.getJSONObject(i).getString(ROLE_NAME); - ApplicationRole.setName(roleName.substring(app.getNameSpace().length() + 1)); - } else { + String roleName = extRole.getJSONObject(i).getString(ROLE_NAME); + ApplicationRole.setName(roleName.substring(app.getNameSpace().length() + 1)); + if (extRole.getJSONObject(i).has(EXTERNAL_AUTH_ROLE_DESCRIPTION)) { String desc = extRole.getJSONObject(i).getString(EXTERNAL_AUTH_ROLE_DESCRIPTION); - ApplicationRole = mapper.readValue(desc, ExternalRoleDescription.class); + ApplicationRole.setName(desc); } - SortedSet<ExternalAccessPerms> externalAccessPermsOfRole = new TreeSet<>(); if (extRole.getJSONObject(i).has(EXTERNAL_AUTH_PERMS)) { JSONArray extPerm = (JSONArray) Role.get(EXTERNAL_AUTH_PERMS); for (int j = 0; j < extPerm.length(); j++) { JSONObject perms = extPerm.getJSONObject(j); - boolean isNamespaceMatching = EcompPortalUtils.checkNameSpaceMatching(perms.getString("type"), app.getNameSpace()); + boolean isNamespaceMatching = EcompPortalUtils.checkNameSpaceMatching(perms.getString("type"), + app.getNameSpace()); if (isNamespaceMatching) { externalAccessPerms = new ExternalAccessPerms(perms.getString("type"), perms.getString("instance"), perms.getString("action")); @@ -2949,46 +2931,33 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic } } - - if (ApplicationRole.getActive().equals(IS_NULL_STRING)) { - externalRoleDetail.setActive(false); - } else { - externalRoleDetail.setActive(Boolean.parseBoolean(ApplicationRole.getActive())); - } + externalRoleDetail.setActive(true); externalRoleDetail.setName(ApplicationRole.getName()); - - if (ApplicationRole.getAppId().equals(IS_NULL_STRING) && app.getId() == 1) { + if (app.getId() == 1) { externalRoleDetail.setAppId(null); - } else if (ApplicationRole.getAppId().equals(IS_NULL_STRING)) { - externalRoleDetail.setAppId(app.getId()); - } else { - externalRoleDetail.setAppId(Long.parseLong(ApplicationRole.getAppId())); - } - - if (ApplicationRole.getPriority().equals(IS_NULL_STRING)) { - externalRoleDetail.setPriority(null); } else { - externalRoleDetail.setPriority(Integer.parseInt(ApplicationRole.getPriority())); - } - - if (ApplicationRole.getAppRoleId().equals(IS_NULL_STRING) && app.getId() == 1) { - externalRoleDetail.setAppRoleId(null); + externalRoleDetail.setAppId(app.getId()); } - + // get role functions from DB + EPRole currRole = curRolesMap.get(ApplicationRole.getName() + .replaceAll(EcompPortalUtils.EXTERNAL_CENTRAL_AUTH_ROLE_HANDLE_SPECIAL_CHARACTERS, "_")); + Long roleId = null; + if (currRole != null) + roleId = currRole.getId(); // get role functions from DB final Map<String, EPAppRoleFunction> roleFunctionsMap = new HashMap<>(); - if (!ApplicationRole.getId().equals(IS_NULL_STRING)) { - final Map<String, Long> appRoleFuncsParams = new HashMap<>(); + final Map<String, Long> appRoleFuncsParams = new HashMap<>(); + if (roleId != null) { appRoleFuncsParams.put("appId", app.getId()); - appRoleFuncsParams.put("roleId", Long.valueOf(ApplicationRole.getId())); - List<EPAppRoleFunction> appRoleFunctions = dataAccessService.executeNamedQuery("getAppRoleFunctionOnRoleIdandAppId", appRoleFuncsParams, null); + appRoleFuncsParams.put("roleId", roleId); + List<EPAppRoleFunction> appRoleFunctions = dataAccessService + .executeNamedQuery("getAppRoleFunctionOnRoleIdandAppId", appRoleFuncsParams, null); if (!appRoleFunctions.isEmpty()) { for (EPAppRoleFunction roleFunc : appRoleFunctions) { roleFunctionsMap.put(roleFunc.getCode(), roleFunc); } } } - if (!externalAccessPermsOfRole.isEmpty()) { // Adding functions to role for (ExternalAccessPerms externalpermission : externalAccessPermsOfRole) { @@ -3000,22 +2969,24 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic EPAppRoleFunction checkRoleFunctionPipeExits = roleFunctionsMap.get(funcCode); if (checkRoleFunctionPipeExits == null) { try { - final Map<String, String> appFuncsParams = new HashMap<>(); + final Map<String, String> appFuncsParams = new HashMap<>(); appFuncsParams.put("appId", String.valueOf(app.getId())); appFuncsParams.put("functionCd", externalpermission.getInstance()); logger.debug(EELFLoggerDelegate.debugLogger, "SyncApplicationRolesWithEcompDB: Adding function to the role: {}", externalpermission.getInstance()); List<CentralV2RoleFunction> roleFunction = null; - roleFunction = dataAccessService.executeNamedQuery("getAppFunctionOnCodeAndAppId", appFuncsParams, null); + roleFunction = dataAccessService.executeNamedQuery("getAppFunctionOnCodeAndAppId", + appFuncsParams, null); if (roleFunction.isEmpty()) { appFuncsParams.put("functionCd", funcCode); - roleFunction = dataAccessService.executeNamedQuery("getAppFunctionOnCodeAndAppId", appFuncsParams, null); + roleFunction = dataAccessService.executeNamedQuery("getAppFunctionOnCodeAndAppId", + appFuncsParams, null); } if (!roleFunction.isEmpty()) { EPAppRoleFunction apRoleFunction = new EPAppRoleFunction(); apRoleFunction.setAppId(app.getId()); - apRoleFunction.setRoleId(Long.parseLong(ApplicationRole.getId())); + apRoleFunction.setRoleId(roleId); apRoleFunction.setCode(roleFunction.get(0).getCode()); dataAccessService.saveDomainObject(apRoleFunction, null); } @@ -3089,7 +3060,7 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic */ private EPRole convertExternalRoleDetailstoEpRole(ExternalRoleDetails externalRoleDetails) { EPRole role = new EPRole(); - role.setActive(externalRoleDetails.isActive()); + role.setActive(true); role.setAppId(externalRoleDetails.getAppId()); role.setAppRoleId(externalRoleDetails.getAppRoleId()); role.setName(externalRoleDetails.getName()); diff --git a/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/service/SearchServiceImpl.java b/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/service/SearchServiceImpl.java index a192ad94..c766106d 100644 --- a/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/service/SearchServiceImpl.java +++ b/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/service/SearchServiceImpl.java @@ -39,9 +39,9 @@ package org.onap.portalapp.portal.service; import java.util.ArrayList; import java.util.List; -import java.util.regex.Matcher; -import java.util.regex.Pattern; +import org.onap.portalapp.portal.service.SearchService; +import org.onap.portalapp.portal.service.SearchServiceImpl; import org.onap.portalapp.portal.domain.EPUser; import org.onap.portalapp.portal.logging.aop.EPMetricsLog; import org.onap.portalapp.portal.transport.UserWithNameSurnameTitle; @@ -74,10 +74,8 @@ public class SearchServiceImpl implements SearchService { public String searchUsersInPhoneBook(String searchString) { String orgUserId = null; List<String> tokens = EcompPortalUtils.parsingByRegularExpression(searchString, " "); - Pattern pattern = Pattern.compile(EcompPortalUtils.SEARCH_USERS_REGEX); for (int i = 0; i < tokens.size(); i++) { // find orgUserId if possible and remove it from tokens - Matcher matcher = pattern.matcher(tokens.get(i)); - if (matcher.matches()) { + if (tokens.get(i).matches(".*\\d+.*")) { orgUserId = tokens.get(i); tokens.remove(i); } diff --git a/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/utils/EcompPortalUtils.java b/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/utils/EcompPortalUtils.java index a4b6cc24..809e42f9 100644 --- a/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/utils/EcompPortalUtils.java +++ b/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/utils/EcompPortalUtils.java @@ -58,7 +58,6 @@ import org.onap.portalapp.portal.logging.format.EPAppMessagesEnum; import org.onap.portalapp.portal.logging.logic.EPLogUtil; import org.onap.portalsdk.core.logging.logic.EELFLoggerDelegate; import org.onap.portalsdk.core.onboarding.util.CipherUtil; -import org.onap.portalsdk.core.onboarding.util.PortalApiConstants; import org.onap.portalsdk.core.util.SystemProperties; import org.slf4j.MDC; import org.springframework.http.HttpHeaders; @@ -80,9 +79,6 @@ public class EcompPortalUtils { // It is a regular expression used for while creating a External Central Auth Role public static final String EXTERNAL_CENTRAL_AUTH_ROLE_HANDLE_SPECIAL_CHARACTERS = "([^A-Z^a-z^0-9^\\.^%^(^)^=^:])"; - // regex for alphanumeric , dashes and underscore - public static final String SEARCH_USERS_REGEX = "(^[a-zA-Z0-9_-]*$)"; - /** * @param orgUserId * User ID to validate diff --git a/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/utils/MusicCookieCsrfTokenRepository.java b/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/utils/MusicCookieCsrfTokenRepository.java index 75c66162..988b97a5 100644 --- a/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/utils/MusicCookieCsrfTokenRepository.java +++ b/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/utils/MusicCookieCsrfTokenRepository.java @@ -1,17 +1,39 @@ -/* - * Copyright 2012-2016 the original author or authors. +/*- + * ============LICENSE_START========================================== + * ONAP Portal + * =================================================================== + * Copyright (C) 2018 AT&T Intellectual Property. All rights reserved. + * =================================================================== * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. + * Unless otherwise specified, all software contained herein is licensed + * under the Apache License, Version 2.0 (the "License"); + * you may not use this software except in compliance with the License. * You may obtain a copy of the License at * - * http://www.apache.org/licenses/LICENSE-2.0 + * http://www.apache.org/licenses/LICENSE-2.0 * * Unless required by applicable law or agreed to in writing, software * distributed under the License is distributed on an "AS IS" BASIS, * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. * See the License for the specific language governing permissions and * limitations under the License. + * + * Unless otherwise specified, all documentation contained herein is licensed + * under the Creative Commons License, Attribution 4.0 Intl. (the "License"); + * you may not use this documentation except in compliance with the License. + * You may obtain a copy of the License at + * + * https://creativecommons.org/licenses/by/4.0/ + * + * Unless required by applicable law or agreed to in writing, documentation + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + * ============LICENSE_END============================================ + * + * */ package org.onap.portalapp.portal.utils; @@ -35,8 +57,7 @@ public final class MusicCookieCsrfTokenRepository implements CsrfTokenRepository static final String CSRF_PARAMETER_NAME = "_csrf"; static final String EP_SERVICE = "EPService"; CookieCsrfTokenRepository cookieRepo = null; - private static final EELFLoggerDelegate logger = EELFLoggerDelegate.getLogger(MusicService.class); - + private static final EELFLoggerDelegate logger = EELFLoggerDelegate.getLogger(MusicCookieCsrfTokenRepository.class); public MusicCookieCsrfTokenRepository() { } @@ -64,12 +85,14 @@ public final class MusicCookieCsrfTokenRepository implements CsrfTokenRepository if(cookieRepoToken==null){ // if cookieRepo does not has the token, check the cassandra for the values stored by other tomcats try { // todo this part of the code needs to be replaced with out depending on EPService cookie String sessionId = getSessionIdFromCookie(request); + if(sessionId == null) + return null; String token = MusicService.getAttribute(CSRF_COOKIE_NAME, sessionId); if (token==null || !StringUtils.hasLength(token)) return null; cookieRepoToken = new DefaultCsrfToken(CSRF_HEADER_NAME, CSRF_PARAMETER_NAME , token); } catch (Exception e) { - logger.error(EELFLoggerDelegate.errorLogger, "Error while calling csrf saveToken" , e); + logger.error(EELFLoggerDelegate.errorLogger, "Error while calling csrf loadToken" , e); } } return cookieRepoToken; diff --git a/ecomp-portal-BE-common/src/main/webapp/WEB-INF/fusion/orm/EP.hbm.xml b/ecomp-portal-BE-common/src/main/webapp/WEB-INF/fusion/orm/EP.hbm.xml index becfe7c2..e4b81448 100644 --- a/ecomp-portal-BE-common/src/main/webapp/WEB-INF/fusion/orm/EP.hbm.xml +++ b/ecomp-portal-BE-common/src/main/webapp/WEB-INF/fusion/orm/EP.hbm.xml @@ -1306,9 +1306,12 @@ where fn_role.app_id = fn_app.app_id and fn_app.enabled='Y' and fn_role.active_y where a.user_id =:userId and b.app_id = c.app_id and a.app_id = c.role_app_id and b.enabled = 'Y' and c.role_id = d.role_id and d.active_yn='Y' and a.role_id = d.role_id and e.app_id = c.app_id ) A left outer join - (select distinct - c.AFFECTED_RECORD_ID, c.AUDIT_DATE - from FN_AUDIT_LOG c + (select FN_AUDIT_LOG.AFFECTED_RECORD_ID, max(FN_AUDIT_LOG.AUDIT_DATE) AS AUDIT_DATE + from FN_APP LEFT JOIN FN_AUDIT_LOG + on FN_APP.APP_ID = FN_AUDIT_LOG.AFFECTED_RECORD_ID + where FN_APP.ENABLED = 'Y' and FN_AUDIT_LOG.user_id=:userId + and (audit_date) BETWEEN (CURDATE() - INTERVAL 90 DAY) and CURDATE() + group by FN_AUDIT_LOG.AFFECTED_RECORD_ID )B on A.app_id = B.Affected_record_id order by AUDIT_DATE DESC; @@ -1349,9 +1352,12 @@ where fn_role.app_id = fn_app.app_id and fn_app.enabled='Y' and fn_role.active_y ) A left outer join - (select distinct - c.AFFECTED_RECORD_ID, c.AUDIT_DATE - from FN_AUDIT_LOG c + (select FN_AUDIT_LOG.AFFECTED_RECORD_ID, max(FN_AUDIT_LOG.AUDIT_DATE) AS AUDIT_DATE + from FN_APP LEFT JOIN FN_AUDIT_LOG + on FN_APP.APP_ID = FN_AUDIT_LOG.AFFECTED_RECORD_ID + where FN_APP.ENABLED = 'Y' and FN_AUDIT_LOG.user_id=:userId + and (audit_date) BETWEEN (CURDATE() - INTERVAL 90 DAY) and CURDATE() + group by FN_AUDIT_LOG.AFFECTED_RECORD_ID )B on A.app_id = B.Affected_record_id order by AUDIT_DATE DESC; |