summaryrefslogtreecommitdiffstats
path: root/portal-BE/src/main/java
diff options
context:
space:
mode:
authorDominik Mizyn <d.mizyn@samsung.com>2019-11-18 13:08:23 +0100
committerDominik Mizyn <d.mizyn@samsung.com>2019-11-18 13:52:09 +0100
commitdd4c51e4349b596766f2fda555a7a0d3ba46e9fa (patch)
treea4d60c9900fc29302bd42e1a9bee77aea6c70587 /portal-BE/src/main/java
parentd904fc786956891946e7bd92b559fdb98f62330f (diff)
UserRolesController methods up
putAppWithUserRoleStateForUser() up Issue-ID: PORTAL-710 Change-Id: Ie0d03fc28d684bb0362901b0ec108941e70f6b9c Signed-off-by: Dominik Mizyn <d.mizyn@samsung.com>
Diffstat (limited to 'portal-BE/src/main/java')
-rw-r--r--portal-BE/src/main/java/org/onap/portal/controller/LanguageController.java2
-rw-r--r--portal-BE/src/main/java/org/onap/portal/controller/UserController.java2
-rw-r--r--portal-BE/src/main/java/org/onap/portal/controller/UserRolesController.java202
-rw-r--r--portal-BE/src/main/java/org/onap/portal/controller/WebAnalyticsExtAppController.java2
-rw-r--r--portal-BE/src/main/java/org/onap/portal/dao/ep/EpAppFunctionDao.java59
-rw-r--r--portal-BE/src/main/java/org/onap/portal/dao/ep/EpUserRolesRequestDao.java6
-rw-r--r--portal-BE/src/main/java/org/onap/portal/dao/ep/EpUserRolesRequestDetDao.java6
-rw-r--r--portal-BE/src/main/java/org/onap/portal/dao/fn/FnRoleDao.java21
-rw-r--r--portal-BE/src/main/java/org/onap/portal/dao/fn/FnUserRoleDao.java3
-rw-r--r--portal-BE/src/main/java/org/onap/portal/domain/db/ep/EpAppFunction.java38
-rw-r--r--portal-BE/src/main/java/org/onap/portal/domain/db/ep/EpUserRolesRequest.java9
-rw-r--r--portal-BE/src/main/java/org/onap/portal/domain/db/ep/EpUserRolesRequestDet.java9
-rw-r--r--portal-BE/src/main/java/org/onap/portal/domain/db/fn/FnRole.java280
-rw-r--r--portal-BE/src/main/java/org/onap/portal/domain/db/fn/FnRoleComposite.java95
-rw-r--r--portal-BE/src/main/java/org/onap/portal/domain/db/fn/FnUser.java695
-rw-r--r--portal-BE/src/main/java/org/onap/portal/domain/db/fn/FnUserRole.java5
-rw-r--r--portal-BE/src/main/java/org/onap/portal/domain/dto/DomainVo.java2
-rw-r--r--portal-BE/src/main/java/org/onap/portal/domain/dto/transport/CentralV2Role.java71
-rw-r--r--portal-BE/src/main/java/org/onap/portal/domain/dto/transport/EcompUserAppRoles.java1
-rw-r--r--portal-BE/src/main/java/org/onap/portal/exception/SyncUserRolesException.java50
-rw-r--r--portal-BE/src/main/java/org/onap/portal/logging/aop/EPEELFLoggerAdvice.java2
-rw-r--r--portal-BE/src/main/java/org/onap/portal/service/AdminRolesService.java1227
-rw-r--r--portal-BE/src/main/java/org/onap/portal/service/ApplicationsRestClientService.java634
-rw-r--r--portal-BE/src/main/java/org/onap/portal/service/AppsCacheService.java174
-rw-r--r--portal-BE/src/main/java/org/onap/portal/service/EcompUserAppRolesService.java86
-rw-r--r--portal-BE/src/main/java/org/onap/portal/service/ExternalAccessRolesService.java223
-rw-r--r--portal-BE/src/main/java/org/onap/portal/service/ep/EpAppFunctionService.java62
-rw-r--r--portal-BE/src/main/java/org/onap/portal/service/ep/EpUserRolesRequestDetService.java7
-rw-r--r--portal-BE/src/main/java/org/onap/portal/service/ep/EpUserRolesRequestService.java7
-rw-r--r--portal-BE/src/main/java/org/onap/portal/service/fn/FnAppService.java112
-rw-r--r--portal-BE/src/main/java/org/onap/portal/service/fn/FnRoleService.java76
-rw-r--r--portal-BE/src/main/java/org/onap/portal/service/fn/FnUserRoleService.java692
-rw-r--r--portal-BE/src/main/java/org/onap/portal/service/fn/FnUserService.java10
-rw-r--r--portal-BE/src/main/java/org/onap/portal/service/fn/old/AppsCacheService.java170
-rw-r--r--portal-BE/src/main/java/org/onap/portal/utils/EPUserUtils.java7
35 files changed, 3491 insertions, 1556 deletions
diff --git a/portal-BE/src/main/java/org/onap/portal/controller/LanguageController.java b/portal-BE/src/main/java/org/onap/portal/controller/LanguageController.java
index c545d7f1..c470aead 100644
--- a/portal-BE/src/main/java/org/onap/portal/controller/LanguageController.java
+++ b/portal-BE/src/main/java/org/onap/portal/controller/LanguageController.java
@@ -101,7 +101,7 @@ public class LanguageController {
@SuppressWarnings("OptionalGetWithoutIsPresent")
FnUser user = fnUserService.getUser(userId).get();
user.setLanguageId(fnLanguage);
- fnUserService.saveFnUser(principal, user);
+ fnUserService.saveFnUser(user);
//response.setResponse(fnUserMapper.fnUserToFnUserDto(user).toString());
response.setMessage("SUCCESS");
response.setStatus(PortalRestStatusEnum.OK);
diff --git a/portal-BE/src/main/java/org/onap/portal/controller/UserController.java b/portal-BE/src/main/java/org/onap/portal/controller/UserController.java
index c2dcccd6..8057a9a6 100644
--- a/portal-BE/src/main/java/org/onap/portal/controller/UserController.java
+++ b/portal-BE/src/main/java/org/onap/portal/controller/UserController.java
@@ -113,7 +113,7 @@ public class UserController {
user.setLoginPwd(CipherUtil
.encryptPKC(profileDetail.getLoginPassword(), "AGLDdG4D04BKm2IxIWEr8o==!"));
}
- userService.saveFnUser(principal, user);
+ userService.saveFnUser(user);
// Update user info in the session
portalRestResponse = new PortalRestResponse<>(PortalRestStatusEnum.OK, "success", null);
}
diff --git a/portal-BE/src/main/java/org/onap/portal/controller/UserRolesController.java b/portal-BE/src/main/java/org/onap/portal/controller/UserRolesController.java
index ce7cf1f9..da3026e1 100644
--- a/portal-BE/src/main/java/org/onap/portal/controller/UserRolesController.java
+++ b/portal-BE/src/main/java/org/onap/portal/controller/UserRolesController.java
@@ -51,17 +51,30 @@ import org.apache.cxf.transport.http.HTTPException;
import org.onap.portal.domain.db.fn.FnRole;
import org.onap.portal.domain.db.fn.FnUser;
import org.onap.portal.domain.dto.ecomp.EPUserAppCatalogRoles;
+import org.onap.portal.domain.dto.ecomp.EcompAuditLog;
import org.onap.portal.domain.dto.ecomp.ExternalSystemAccess;
+import org.onap.portal.domain.dto.ecomp.PortalRestResponse;
+import org.onap.portal.domain.dto.ecomp.PortalRestStatusEnum;
import org.onap.portal.domain.dto.transport.AppWithRolesForUser;
+import org.onap.portal.domain.dto.transport.ExternalRequestFieldsValidator;
import org.onap.portal.domain.dto.transport.FieldsValidator;
+import org.onap.portal.domain.dto.transport.RoleInAppForUser;
import org.onap.portal.domain.dto.transport.UserApplicationRoles;
+import org.onap.portal.logging.aop.EPEELFLoggerAdvice;
+import org.onap.portal.logging.logic.EPLogUtil;
import org.onap.portal.service.AdminRolesService;
import org.onap.portal.service.ApplicationsRestClientService;
import org.onap.portal.service.fn.FnUserRoleService;
import org.onap.portal.service.fn.FnUserService;
+import org.onap.portal.utils.EPCommonSystemProperties;
import org.onap.portal.utils.EcompPortalUtils;
+import org.onap.portal.utils.PortalConstants;
+import org.onap.portalsdk.core.domain.AuditLog;
import org.onap.portalsdk.core.logging.logic.EELFLoggerDelegate;
import org.onap.portalsdk.core.restful.domain.EcompRole;
+import org.onap.portalsdk.core.service.AuditServiceImpl;
+import org.onap.portalsdk.core.util.SystemProperties;
+import org.slf4j.MDC;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Configuration;
import org.springframework.web.bind.annotation.PathVariable;
@@ -81,6 +94,7 @@ public class UserRolesController {
private final FnUserRoleService fnUserRoleService;
private final AdminRolesService adminRolesService;
private final ApplicationsRestClientService applicationsRestClientService;
+ private final AuditServiceImpl auditService = new AuditServiceImpl();
/*
private final UserRolesService userRolesService;
@@ -316,112 +330,112 @@ public class UserRolesController {
}
return result;
}
+ */
- @RequestMapping(value = {"/portalApi/userAppRoles"}, method = {
- RequestMethod.PUT}, produces = "application/json")
- public PortalRestResponse<String> putAppWithUserRoleStateForUser(Principal principal,
- @RequestBody AppWithRolesForUser newAppRolesForUser, HttpServletResponse response) {
- // FieldsValidator fieldsValidator = new FieldsValidator();
- PortalRestResponse<String> portalResponse = new PortalRestResponse<>();
- StringBuilder sbUserApps = new StringBuilder();
- if (newAppRolesForUser != null) {
- sbUserApps.append("User '" + newAppRolesForUser.getOrgUserId());
- if (newAppRolesForUser.getAppId() != null && !newAppRolesForUser.getAppRoles().isEmpty()) {
- sbUserApps.append("' has roles = { ");
- for (RoleInAppForUser appRole : newAppRolesForUser.getAppRoles()) {
- if (appRole.isApplied) {
- sbUserApps.append(appRole.roleName + " ,");
- }
+ @RequestMapping(value = {"/portalApi/userAppRoles"}, method = {
+ RequestMethod.PUT}, produces = "application/json")
+ public PortalRestResponse<String> putAppWithUserRoleStateForUser(Principal principal,
+ @RequestBody AppWithRolesForUser newAppRolesForUser, HttpServletResponse response) {
+ // FieldsValidator fieldsValidator = new FieldsValidator();
+ PortalRestResponse<String> portalResponse = new PortalRestResponse<>();
+ StringBuilder sbUserApps = new StringBuilder();
+ if (newAppRolesForUser != null) {
+ sbUserApps.append("User '").append(newAppRolesForUser.getOrgUserId());
+ if (newAppRolesForUser.getAppId() != null && !newAppRolesForUser.getAppRoles().isEmpty()) {
+ sbUserApps.append("' has roles = { ");
+ for (RoleInAppForUser appRole : newAppRolesForUser.getAppRoles()) {
+ if (appRole.getIsApplied()) {
+ sbUserApps.append(appRole.getRoleName()).append(" ,");
}
- sbUserApps.deleteCharAt(sbUserApps.length() - 1);
- sbUserApps.append("} assigned for the app " + newAppRolesForUser.getAppId());
- } else {
- sbUserApps.append("' has no roles assigned for app " + newAppRolesForUser.getAppId());
}
- }
- logger.info(EELFLoggerDelegate.applicationLogger, "putAppWithUserRoleStateForUser: {}",
- sbUserApps.toString());
-
- FnUser user = fnUserService.loadUserByUsername(principal.getName());
- // boolean changesApplied = false;
- ExternalRequestFieldsValidator changesApplied = null;
-
- if (!adminRolesService.isAccountAdmin(user) && !adminRolesService.isRoleAdmin(user)) {
- EcompPortalUtils.setBadPermissions(user, response, "putAppWithUserRoleStateForUser");
- } else if (newAppRolesForUser == null) {
- logger.error(EELFLoggerDelegate.errorLogger,
- "putAppWithUserRoleStateForUser: newAppRolesForUser is null");
+ sbUserApps.deleteCharAt(sbUserApps.length() - 1);
+ sbUserApps.append("} assigned for the app ").append(newAppRolesForUser.getAppId());
} else {
- changesApplied = userRolesService.setAppWithUserRoleStateForUser(user, newAppRolesForUser);
- try {
- if (changesApplied.isResult()) {
- logger.info(EELFLoggerDelegate.applicationLogger,
- "putAppWithUserRoleStateForUser: succeeded for app {}, user {}",
- newAppRolesForUser.getAppId(),
- newAppRolesForUser.getAppId());
-
- MDC.put(EPCommonSystemProperties.AUDITLOG_BEGIN_TIMESTAMP,
- EPEELFLoggerAdvice.getCurrentDateTimeUTC());
- AuditLog auditLog = new AuditLog();
- auditLog.setUserId(user.getId());
- auditLog.setActivityCode(EcompAuditLog.CD_ACTIVITY_UPDATE_USER);
- auditLog.setAffectedRecordId(newAppRolesForUser.getOrgUserId());
- auditLog.setComments(EcompPortalUtils.truncateString(sbUserApps.toString(),
- PortalConstants.AUDIT_LOG_COMMENT_SIZE));
- auditService.logActivity(auditLog, null);
-
- MDC.put(EPCommonSystemProperties.AUDITLOG_END_TIMESTAMP,
- EPEELFLoggerAdvice.getCurrentDateTimeUTC());
- EcompPortalUtils.calculateDateTimeDifferenceForLog(
- MDC.get(EPCommonSystemProperties.AUDITLOG_BEGIN_TIMESTAMP),
- MDC.get(EPCommonSystemProperties.AUDITLOG_END_TIMESTAMP));
- logger.info(EELFLoggerDelegate.auditLogger,
- EPLogUtil.formatAuditLogMessage(
- "UserRolesController.putAppWithUserRoleStateForUser",
- EcompAuditLog.CD_ACTIVITY_UPDATE_USER, user.getOrgUserId(),
- newAppRolesForUser.getOrgUserId(), sbUserApps.toString()));
- MDC.remove(EPCommonSystemProperties.AUDITLOG_BEGIN_TIMESTAMP);
- MDC.remove(EPCommonSystemProperties.AUDITLOG_END_TIMESTAMP);
- MDC.remove(SystemProperties.MDC_TIMER);
- portalResponse = new PortalRestResponse<>(PortalRestStatusEnum.OK, "success", null);
-
- }
- if (!changesApplied.isResult()) {
- throw new Exception(changesApplied.getDetailMessage());
- }
-
- } catch (Exception e) {
- logger.error(EELFLoggerDelegate.errorLogger,
- "putAppWithUserRoleStateForUser: failed for app {}, user {}",
- newAppRolesForUser.getAppId(),
- newAppRolesForUser.getOrgUserId(), e);
- portalResponse = new PortalRestResponse<>(PortalRestStatusEnum.ERROR, e.getMessage(), null);
- }
+ sbUserApps.append("' has no roles assigned for app ").append(newAppRolesForUser.getAppId());
}
-
- EcompPortalUtils.logAndSerializeObject(logger, "/portalApi/userAppRoles", "put result =", changesApplied);
- return portalResponse;
}
+ logger.info(EELFLoggerDelegate.applicationLogger, "putAppWithUserRoleStateForUser: {}",
+ sbUserApps.toString());
- @RequestMapping(value = {"/portalApi/updateRemoteUserProfile"}, method = {
- RequestMethod.GET}, produces = "application/json")
- public PortalRestResponse<String> updateRemoteUserProfile(HttpServletRequest request) {
+ FnUser user = fnUserService.loadUserByUsername(principal.getName());
+ // boolean changesApplied = false;
+ ExternalRequestFieldsValidator changesApplied = null;
- String updateRemoteUserFlag = FAILURE;
+ if (!adminRolesService.isAccountAdmin(user) && !adminRolesService.isRoleAdmin(user)) {
+ EcompPortalUtils.setBadPermissions(user, response, "putAppWithUserRoleStateForUser");
+ } else if (newAppRolesForUser == null) {
+ logger.error(EELFLoggerDelegate.errorLogger,
+ "putAppWithUserRoleStateForUser: newAppRolesForUser is null");
+ } else {
+ changesApplied = adminRolesService.setAppWithUserRoleStateForUser(user, newAppRolesForUser);
try {
- // saveNewUser = userService.saveNewUser(newUser);
- String orgUserId = request.getParameter("loginId");
- Long appId = Long.parseLong(request.getParameter("appId"));
- userRolesService.updateRemoteUserProfile(orgUserId, appId);
+ if (changesApplied.isResult()) {
+ logger.info(EELFLoggerDelegate.applicationLogger,
+ "putAppWithUserRoleStateForUser: succeeded for app {}, user {}",
+ newAppRolesForUser.getAppId(),
+ newAppRolesForUser.getAppId());
+
+ MDC.put(EPCommonSystemProperties.AUDITLOG_BEGIN_TIMESTAMP,
+ EPEELFLoggerAdvice.getCurrentDateTimeUTC());
+ AuditLog auditLog = new AuditLog();
+ auditLog.setUserId(user.getId());
+ auditLog.setActivityCode(EcompAuditLog.CD_ACTIVITY_UPDATE_USER);
+ auditLog.setAffectedRecordId(newAppRolesForUser.getOrgUserId());
+ auditLog.setComments(EcompPortalUtils.truncateString(sbUserApps.toString(),
+ PortalConstants.AUDIT_LOG_COMMENT_SIZE));
+ auditService.logActivity(auditLog, null);
+
+ MDC.put(EPCommonSystemProperties.AUDITLOG_END_TIMESTAMP,
+ EPEELFLoggerAdvice.getCurrentDateTimeUTC());
+ EcompPortalUtils.calculateDateTimeDifferenceForLog(
+ MDC.get(EPCommonSystemProperties.AUDITLOG_BEGIN_TIMESTAMP),
+ MDC.get(EPCommonSystemProperties.AUDITLOG_END_TIMESTAMP));
+ logger.info(EELFLoggerDelegate.auditLogger,
+ EPLogUtil.formatAuditLogMessage(
+ "UserRolesController.putAppWithUserRoleStateForUser",
+ EcompAuditLog.CD_ACTIVITY_UPDATE_USER, user.getOrgUserId(),
+ newAppRolesForUser.getOrgUserId(), sbUserApps.toString()));
+ MDC.remove(EPCommonSystemProperties.AUDITLOG_BEGIN_TIMESTAMP);
+ MDC.remove(EPCommonSystemProperties.AUDITLOG_END_TIMESTAMP);
+ MDC.remove(SystemProperties.MDC_TIMER);
+ portalResponse = new PortalRestResponse<>(PortalRestStatusEnum.OK, "success", null);
+
+ }
+ if (!changesApplied.isResult()) {
+ throw new Exception(changesApplied.getDetailMessage());
+ }
} catch (Exception e) {
- logger.error(EELFLoggerDelegate.errorLogger, "updateRemoteUserProfile failed", e);
- return new PortalRestResponse<>(PortalRestStatusEnum.OK, updateRemoteUserFlag, e.getMessage());
+ logger.error(EELFLoggerDelegate.errorLogger,
+ "putAppWithUserRoleStateForUser: failed for app {}, user {}",
+ newAppRolesForUser.getAppId(),
+ newAppRolesForUser.getOrgUserId(), e);
+ portalResponse = new PortalRestResponse<>(PortalRestStatusEnum.ERROR, e.getMessage(), null);
}
- return new PortalRestResponse<>(PortalRestStatusEnum.ERROR, updateRemoteUserFlag, "");
+ }
+
+ EcompPortalUtils.logAndSerializeObject(logger, "/portalApi/userAppRoles", "put result =", changesApplied);
+ return portalResponse;
+ }
+ @RequestMapping(value = {"/portalApi/updateRemoteUserProfile"}, method = {
+ RequestMethod.GET}, produces = "application/json")
+ public PortalRestResponse<String> updateRemoteUserProfile(HttpServletRequest request) {
+
+ String updateRemoteUserFlag = FAILURE;
+ try {
+ // saveNewUser = userService.saveNewUser(newUser);
+ String orgUserId = request.getParameter("loginId");
+ long appId = Long.parseLong(request.getParameter("appId"));
+ fnUserRoleService.updateRemoteUserProfile(orgUserId, appId);
+ } catch (Exception e) {
+ logger.error(EELFLoggerDelegate.errorLogger, "updateRemoteUserProfile failed", e);
+ return new PortalRestResponse<>(PortalRestStatusEnum.OK, updateRemoteUserFlag, e.getMessage());
}
- */
+ return new PortalRestResponse<>(PortalRestStatusEnum.ERROR, updateRemoteUserFlag, "");
+
+ }
+
@RequestMapping(value = {"/portalApi/app/{appId}/users"}, method = {
RequestMethod.GET}, produces = "application/json")
public List<UserApplicationRoles> getUsersFromAppEndpoint(@PathVariable("appId") Long appId) {
@@ -488,9 +502,8 @@ public class UserRolesController {
public FieldsValidator putAppWithUserRoleRequest(Principal principal,
@RequestBody AppWithRolesForUser newAppRolesForUser, HttpServletResponse response) {
FieldsValidator fieldsValidator = null;
+ FnUser user = fnUserService.loadUserByUsername(principal.getName());
try {
-
- FnUser user = fnUserService.loadUserByUsername(principal.getName());
fieldsValidator = fnUserRoleService.putUserAppRolesRequest(newAppRolesForUser, user);
response.setStatus(0);
@@ -505,6 +518,7 @@ public class UserRolesController {
}
+ @SuppressWarnings("ConstantConditions")
@RequestMapping(value = {"/portalApi/appCatalogRoles"}, method = {
RequestMethod.GET}, produces = "application/json")
public List<EPUserAppCatalogRoles> getUserAppCatalogRoles(Principal principal,
diff --git a/portal-BE/src/main/java/org/onap/portal/controller/WebAnalyticsExtAppController.java b/portal-BE/src/main/java/org/onap/portal/controller/WebAnalyticsExtAppController.java
index 849b2620..603e45d2 100644
--- a/portal-BE/src/main/java/org/onap/portal/controller/WebAnalyticsExtAppController.java
+++ b/portal-BE/src/main/java/org/onap/portal/controller/WebAnalyticsExtAppController.java
@@ -57,8 +57,8 @@ import org.onap.portal.domain.dto.transport.Analytics;
import org.onap.portal.logging.aop.EPAuditLog;
import org.onap.portal.logging.aop.EPEELFLoggerAdvice;
import org.onap.portal.logging.logic.EPLogUtil;
+import org.onap.portal.service.AppsCacheService;
import org.onap.portal.service.WidgetMService;
-import org.onap.portal.service.fn.old.AppsCacheService;
import org.onap.portal.utils.EPCommonSystemProperties;
import org.onap.portal.utils.EcompPortalUtils;
import org.onap.portal.utils.PortalConstants;
diff --git a/portal-BE/src/main/java/org/onap/portal/dao/ep/EpAppFunctionDao.java b/portal-BE/src/main/java/org/onap/portal/dao/ep/EpAppFunctionDao.java
new file mode 100644
index 00000000..935e5646
--- /dev/null
+++ b/portal-BE/src/main/java/org/onap/portal/dao/ep/EpAppFunctionDao.java
@@ -0,0 +1,59 @@
+/*
+ * ============LICENSE_START==========================================
+ * ONAP Portal
+ * ===================================================================
+ * Copyright (C) 2019 AT&T Intellectual Property. All rights reserved.
+ * ===================================================================
+ * Modifications Copyright (c) 2019 Samsung
+ * ===================================================================
+ *
+ * Unless otherwise specified, all software contained herein is licensed
+ * under the Apache License, Version 2.0 (the "License");
+ * you may not use this software except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ * Unless otherwise specified, all documentation contained herein is licensed
+ * under the Creative Commons License, Attribution 4.0 Intl. (the "License");
+ * you may not use this documentation except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * https://creativecommons.org/licenses/by/4.0/
+ *
+ * Unless required by applicable law or agreed to in writing, documentation
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ * ============LICENSE_END============================================
+ *
+ *
+ */
+
+package org.onap.portal.dao.ep;
+
+import java.util.List;
+import org.onap.portal.domain.db.ep.EpAppFunction;
+import org.onap.portal.domain.db.ep.EpAppFunction.EpAppFunctionId;
+import org.springframework.data.jpa.repository.JpaRepository;
+import org.springframework.data.jpa.repository.Query;
+import org.springframework.data.repository.query.Param;
+import org.springframework.stereotype.Repository;
+import org.springframework.transaction.annotation.Transactional;
+
+@Repository
+@Transactional
+public interface EpAppFunctionDao extends JpaRepository<EpAppFunction, EpAppFunctionId> {
+
+ @Query
+ List<EpAppFunction> getAppRoleFunctionList(final @Param("roleId") Long roleId, final @Param("appId") Long appId);
+
+}
diff --git a/portal-BE/src/main/java/org/onap/portal/dao/ep/EpUserRolesRequestDao.java b/portal-BE/src/main/java/org/onap/portal/dao/ep/EpUserRolesRequestDao.java
index b4987e9c..7924d431 100644
--- a/portal-BE/src/main/java/org/onap/portal/dao/ep/EpUserRolesRequestDao.java
+++ b/portal-BE/src/main/java/org/onap/portal/dao/ep/EpUserRolesRequestDao.java
@@ -40,13 +40,17 @@
package org.onap.portal.dao.ep;
+import java.util.List;
import org.onap.portal.domain.db.ep.EpUserRolesRequest;
import org.springframework.data.jpa.repository.JpaRepository;
+import org.springframework.data.jpa.repository.Query;
+import org.springframework.data.repository.query.Param;
import org.springframework.stereotype.Repository;
import org.springframework.transaction.annotation.Transactional;
@Repository
@Transactional
public interface EpUserRolesRequestDao extends JpaRepository<EpUserRolesRequest, Long> {
-
+ @Query
+ List<EpUserRolesRequest> userAppRolesRequestList(final @Param("userId") Long userId, final @Param("appId") Long appId);
}
diff --git a/portal-BE/src/main/java/org/onap/portal/dao/ep/EpUserRolesRequestDetDao.java b/portal-BE/src/main/java/org/onap/portal/dao/ep/EpUserRolesRequestDetDao.java
index 35893193..cfc97baa 100644
--- a/portal-BE/src/main/java/org/onap/portal/dao/ep/EpUserRolesRequestDetDao.java
+++ b/portal-BE/src/main/java/org/onap/portal/dao/ep/EpUserRolesRequestDetDao.java
@@ -40,8 +40,11 @@
package org.onap.portal.dao.ep;
+import java.util.List;
import org.onap.portal.domain.db.ep.EpUserRolesRequestDet;
import org.springframework.data.jpa.repository.JpaRepository;
+import org.springframework.data.jpa.repository.Query;
+import org.springframework.data.repository.query.Param;
import org.springframework.stereotype.Repository;
import org.springframework.transaction.annotation.Transactional;
@@ -49,4 +52,7 @@ import org.springframework.transaction.annotation.Transactional;
@Transactional
public interface EpUserRolesRequestDetDao extends JpaRepository<EpUserRolesRequestDet, Long> {
+ @Query
+ List<EpUserRolesRequestDet> appRolesRequestDetailList(final @Param("reqId") Long reqId);
+
}
diff --git a/portal-BE/src/main/java/org/onap/portal/dao/fn/FnRoleDao.java b/portal-BE/src/main/java/org/onap/portal/dao/fn/FnRoleDao.java
index 01bcdfe5..a87f31cc 100644
--- a/portal-BE/src/main/java/org/onap/portal/dao/fn/FnRoleDao.java
+++ b/portal-BE/src/main/java/org/onap/portal/dao/fn/FnRoleDao.java
@@ -52,9 +52,22 @@ import org.springframework.transaction.annotation.Transactional;
@Transactional
public interface FnRoleDao extends JpaRepository<FnRole, Long> {
- @Query
- List<FnRole> retrieveAppRoleByAppRoleIdAndByAppId(final @Param("appId") Long appId,
- final @Param("appRoleId") Long appRoleId);
+ @Query
+ List<FnRole> retrieveAppRoleByAppRoleIdAndByAppId(final @Param("appId") Long appId,
+ final @Param("appRoleId") Long appRoleId);
- List<FnRole> getUserRoleOnUserIdAndAppId(final @Param("userId") Long userId, final @Param("appId") Long appId);
+ @Query
+ List<FnRole> getUserRoleOnUserIdAndAppId(final @Param("userId") Long userId, final @Param("appId") Long appId);
+
+ @Query
+ List<FnRole> retrieveAppRoleByRoleIdWhereAppIdIsNull(final @Param("roleId") Long roleId);
+
+ @Query
+ List<FnRole> retrieveAppRolesWhereAppIdIsNull();
+
+ @Query
+ List<FnRole> retrieveAppRolesByAppId(final @Param("appId") Long id);
+
+ @Query
+ List<FnRole> retrieveAppRolesByRoleNameAndByAppId(final @Param("roleName") String roleName, final @Param("appId") Long appId);
}
diff --git a/portal-BE/src/main/java/org/onap/portal/dao/fn/FnUserRoleDao.java b/portal-BE/src/main/java/org/onap/portal/dao/fn/FnUserRoleDao.java
index 9c0a6fef..efb56b29 100644
--- a/portal-BE/src/main/java/org/onap/portal/dao/fn/FnUserRoleDao.java
+++ b/portal-BE/src/main/java/org/onap/portal/dao/fn/FnUserRoleDao.java
@@ -62,4 +62,7 @@ public interface FnUserRoleDao extends JpaRepository<FnUserRole, Long> {
@Query
List<FnUserRole> getUserRolesForRoleIdAndAppId(final @Param("roleId") Long roleId, final @Param("appId") Long appId);
+
+ @Query
+ List<FnUserRole> retrieveByAppIdAndUserId(final @Param("appId") Long appId, final @Param("userId") String userId);
}
diff --git a/portal-BE/src/main/java/org/onap/portal/domain/db/ep/EpAppFunction.java b/portal-BE/src/main/java/org/onap/portal/domain/db/ep/EpAppFunction.java
index d37c71ec..533309df 100644
--- a/portal-BE/src/main/java/org/onap/portal/domain/db/ep/EpAppFunction.java
+++ b/portal-BE/src/main/java/org/onap/portal/domain/db/ep/EpAppFunction.java
@@ -51,6 +51,8 @@ import javax.persistence.IdClass;
import javax.persistence.Index;
import javax.persistence.JoinColumn;
import javax.persistence.ManyToOne;
+import javax.persistence.NamedQueries;
+import javax.persistence.NamedQuery;
import javax.persistence.OneToMany;
import javax.persistence.Table;
import javax.validation.Valid;
@@ -64,6 +66,7 @@ import lombok.Setter;
import org.hibernate.validator.constraints.SafeHtml;
import org.onap.portal.domain.db.ep.EpAppFunction.EpAppFunctionId;
import org.onap.portal.domain.db.fn.FnApp;
+import org.onap.portal.domain.dto.DomainVo;
/*
CREATE TABLE `ep_app_function` (
@@ -76,6 +79,20 @@ CREATE TABLE `ep_app_function` (
)
*/
+@NamedQueries({
+ @NamedQuery(
+ name = "EpAppFunction.getAppRoleFunctionList",
+ query = "from\n"
+ + " EpAppRoleFunction rf,\n"
+ + " EpAppFunction f\n"
+ + " where\n"
+ + " rf.fnRole.roleId = :roleId\n"
+ + " and rf.appId.appId = :appId\n"
+ + " and rf.appId.appId = f.appId.appId\n"
+ + " and rf.epAppFunction.functionCd = f.functionCd"
+ )
+})
+
@Table(name = "ep_app_function", indexes = {@Index(name = "fk_ep_app_function_app_id", columnList = "app_id")})
@Getter
@@ -84,7 +101,7 @@ CREATE TABLE `ep_app_function` (
@IdClass(EpAppFunctionId.class)
@NoArgsConstructor
@AllArgsConstructor
-public class EpAppFunction implements Serializable{
+public class EpAppFunction extends DomainVo implements Serializable{
@Id
@ManyToOne(cascade = CascadeType.ALL, fetch = FetchType.LAZY)
@JoinColumn(name = "app_id")
@@ -101,6 +118,14 @@ public class EpAppFunction implements Serializable{
@NotNull
@SafeHtml
private String functionName;
+
+ private Long roleId;
+ private String type;
+ @SafeHtml
+ private String action;
+ @SafeHtml
+ private String editUrl;
+
@OneToMany(
targetEntity = EpAppRoleFunction.class,
mappedBy = "epAppFunction",
@@ -109,6 +134,17 @@ public class EpAppFunction implements Serializable{
)
private Set<EpAppRoleFunction> epAppRoleFunctions;
+ public EpAppFunction(Long id, String code, String name, FnApp appId, String type, String action,String editUrl) {
+ super();
+ this.id = id;
+ this.functionCd = code;
+ this.functionName = name;
+ this.appId = appId;
+ this.type = type;
+ this.action = action;
+ this.editUrl = editUrl;
+ }
+
@Getter
@Setter
@EqualsAndHashCode
diff --git a/portal-BE/src/main/java/org/onap/portal/domain/db/ep/EpUserRolesRequest.java b/portal-BE/src/main/java/org/onap/portal/domain/db/ep/EpUserRolesRequest.java
index 387f038d..752e47aa 100644
--- a/portal-BE/src/main/java/org/onap/portal/domain/db/ep/EpUserRolesRequest.java
+++ b/portal-BE/src/main/java/org/onap/portal/domain/db/ep/EpUserRolesRequest.java
@@ -52,6 +52,8 @@ import javax.persistence.GenerationType;
import javax.persistence.Id;
import javax.persistence.JoinColumn;
import javax.persistence.ManyToOne;
+import javax.persistence.NamedQueries;
+import javax.persistence.NamedQuery;
import javax.persistence.OneToMany;
import javax.persistence.Table;
import javax.validation.Valid;
@@ -84,6 +86,13 @@ CREATE TABLE `ep_user_roles_request` (
)
*/
+@NamedQueries({
+ @NamedQuery(
+ name = "EpUserRolesRequest.userAppRolesRequestList",
+ query = "FROM EpUserRolesRequest where userId.userId =:userId and appId.appId =:appId and requestStatus = 'P'"
+ )
+})
+
@Table(name = "ep_user_roles_request")
@NoArgsConstructor
@AllArgsConstructor
diff --git a/portal-BE/src/main/java/org/onap/portal/domain/db/ep/EpUserRolesRequestDet.java b/portal-BE/src/main/java/org/onap/portal/domain/db/ep/EpUserRolesRequestDet.java
index 76044530..5338754b 100644
--- a/portal-BE/src/main/java/org/onap/portal/domain/db/ep/EpUserRolesRequestDet.java
+++ b/portal-BE/src/main/java/org/onap/portal/domain/db/ep/EpUserRolesRequestDet.java
@@ -51,6 +51,8 @@ import javax.persistence.Id;
import javax.persistence.Index;
import javax.persistence.JoinColumn;
import javax.persistence.ManyToOne;
+import javax.persistence.NamedQueries;
+import javax.persistence.NamedQuery;
import javax.persistence.OneToOne;
import javax.persistence.Table;
import javax.validation.Valid;
@@ -78,6 +80,13 @@ CREATE TABLE `ep_user_roles_request_det` (
)
*/
+@NamedQueries({
+ @NamedQuery(
+ name = "EpUserRolesRequestDet.appRolesRequestDetailList",
+ query = "FROM EpUserRolesRequestDet where reqId.reqId = :reqId"
+ )
+})
+
@Table(name = "ep_user_roles_request_det", indexes = {
@Index(name = "fk_user_roles_req_fn_req_id", columnList = "req_id"),
@Index(name = "fk_user_roles_req_fn_role_id", columnList = "requested_role_id")
diff --git a/portal-BE/src/main/java/org/onap/portal/domain/db/fn/FnRole.java b/portal-BE/src/main/java/org/onap/portal/domain/db/fn/FnRole.java
index 275ce1e3..80617ba9 100644
--- a/portal-BE/src/main/java/org/onap/portal/domain/db/fn/FnRole.java
+++ b/portal-BE/src/main/java/org/onap/portal/domain/db/fn/FnRole.java
@@ -44,11 +44,13 @@ import java.io.Serializable;
import java.util.Set;
import javax.persistence.CascadeType;
import javax.persistence.Column;
+import javax.persistence.Embeddable;
import javax.persistence.Entity;
import javax.persistence.FetchType;
import javax.persistence.GeneratedValue;
import javax.persistence.GenerationType;
import javax.persistence.Id;
+import javax.persistence.IdClass;
import javax.persistence.Index;
import javax.persistence.JoinColumn;
import javax.persistence.JoinTable;
@@ -85,46 +87,44 @@ CREATE TABLE `fn_role` (
*/
@NamedQueries({
- @NamedQuery(
- name = "FnRole.retrieveAppRolesByRoleNameAndByAppId",
- query = "FROM FnRole where role_name =:roleName and app_id =:appId"),
- @NamedQuery(
- name = "FnRole.retrieveAppRolesByAppId",
- query = "FROM FnRole where app_id =:appId"),
- @NamedQuery(
- name = "FnRole.retrieveAppRolesWhereAppIdIsNull",
- query = "FROM FnRole where app_id is null"),
- @NamedQuery(
- name = "FnRole.retrieveAppRoleByRoleIdWhereAppIdIsNull",
- query = "FROM FnRole where role_id =:roleId and app_id is null"),
- @NamedQuery(
- name = "FnRole.retrieveAppRoleByAppRoleIdAndByAppId",
- query = "FROM FnRole where appRoleId =:appRoleId and appId =:appId"),
- @NamedQuery(
- name = "FnRole.retrieveAppRoleByRoleIdAndAppId",
- query = "FROM FnRole where role_id =:roleId and app_id =:appId"),
- @NamedQuery(
- name = "FnRole.retrieveAppRolesByRoleNameAndWhereAppIdIsNull",
- query = "FROM FnRole where role_name =:roleName and app_id is null"),
- @NamedQuery(
- name = "FnRole.retrieveActiveRolesOfApplication",
- query = "from FnRole where active_yn = 'Y' and app_id=:appId"),
- @NamedQuery(name = "FnRole.retrieveRoleToUpdateInExternalAuthSystem",
- query = "FROM FnRole where role_name =:roleName and app_id =:appId"),
- @NamedQuery(
- name = "FnRole.getUserRoleOnUserIdAndAppId",
- query = " FROM"
- + " FnRole fr,\n"
- + " FnUserRole fur\n"
- + " WHERE\n"
- + " fr.roleId = fur.roleId\n"
- + " AND fur.userId = :userId"
- + " AND fur.appId = :appId\n"
- + " AND fr.activeYn = 'y'")
- })
+ @NamedQuery(
+ name = "FnRole.retrieveAppRolesByRoleNameAndByAppId",
+ query = "FROM FnRole where roleName =:roleName and appId =:appId"),
+ @NamedQuery(
+ name = "FnRole.retrieveAppRolesByAppId",
+ query = "FROM FnRole where appId =:appId"),
+ @NamedQuery(
+ name = "FnRole.retrieveAppRolesWhereAppIdIsNull",
+ query = "FROM FnRole where appId is null"),
+ @NamedQuery(
+ name = "FnRole.retrieveAppRoleByRoleIdWhereAppIdIsNull",
+ query = "FROM FnRole where roleId =:roleId and appId is null"),
+ @NamedQuery(
+ name = "FnRole.retrieveAppRoleByAppRoleIdAndByAppId",
+ query = "FROM FnRole where appRoleId =:appRoleId and appId =:appId"),
+ @NamedQuery(
+ name = "FnRole.retrieveAppRoleByRoleIdAndAppId",
+ query = "FROM FnRole where roleId =:roleId and appId =:appId"),
+ @NamedQuery(
+ name = "FnRole.retrieveAppRolesByRoleNameAndWhereAppIdIsNull",
+ query = "FROM FnRole where roleName =:roleName and appId is null"),
+ @NamedQuery(
+ name = "FnRole.retrieveActiveRolesOfApplication",
+ query = "from FnRole where active_yn = 'Y' and appId=:appId"),
+ @NamedQuery(
+ name = "FnRole.getUserRoleOnUserIdAndAppId",
+ query = " FROM"
+ + " FnRole fr,\n"
+ + " FnUserRole fur\n"
+ + " WHERE\n"
+ + " fr.roleId = fur.roleId\n"
+ + " AND fur.userId = :userId"
+ + " AND fur.appId = :appId\n"
+ + " AND fr.activeYn = 'y'")
+})
@Table(name = "fn_role", indexes = {
- @Index(name = "fn_role_name_app_id_idx", columnList = "role_name, app_id", unique = true)
+ @Index(name = "fn_role_name_app_id_idx", columnList = "role_name, app_id", unique = true)
})
@NoArgsConstructor
@AllArgsConstructor
@@ -133,98 +133,114 @@ CREATE TABLE `fn_role` (
@Entity
public class FnRole extends DomainVo implements Serializable {
- @Id
- @GeneratedValue(strategy = GenerationType.AUTO)
- @Column(name = "role_id", length = 11, nullable = false)
- @Digits(integer = 11, fraction = 0)
- private Long roleId;
- @Column(name = "role_name", length = 300, nullable = false)
- @Size(max = 300)
- @NotNull
- @SafeHtml
- private String roleName;
- @Column(name = "active_yn", length = 1, columnDefinition = "character varying(1) default 'y'", nullable = false)
- @NotNull
- private Boolean activeYn;
- @Column(name = "priority", length = 4, columnDefinition = "decimal(4,0) DEFAULT NULL")
- @Digits(integer = 4, fraction = 0)
- private Long priority;
- @Column(name = "app_Id", length = 11, columnDefinition = "int(11) default null")
- @Digits(integer = 11, fraction = 0)
- private Long appId;
- @Column(name = "app_role_id", length = 11, columnDefinition = "int(11) default null")
- @Digits(integer = 11, fraction = 0)
- private Long appRoleId;
- @OneToMany(
- targetEntity = FnRoleFunction.class,
- mappedBy = "roleId",
- cascade = CascadeType.ALL,
- fetch = FetchType.LAZY
- )
- private Set<FnRoleFunction> fnRoleFunctions;
- @ManyToMany(cascade = CascadeType.ALL, fetch = FetchType.LAZY)
- @JoinTable(
- name = "fn_user_pseudo_role",
- joinColumns = {@JoinColumn(name = "pseudo_role_Id", referencedColumnName = "role_id")},
- inverseJoinColumns = {@JoinColumn(name = "user_id", referencedColumnName = "user_id")},
- indexes = {
- @Index(name = "fk_pseudo_role_user_id", columnList = "user_id")
- }
- )
- private Set<FnUser> fnUsers;
- @ManyToMany(cascade = CascadeType.ALL, fetch = FetchType.LAZY)
- @JoinTable(
- name = "fn_role_composite",
- joinColumns = {@JoinColumn(name = "parent_role_id", referencedColumnName = "role_id")},
- inverseJoinColumns = {@JoinColumn(name = "child_role_id", referencedColumnName = "role_id")},
- indexes = {
- @Index(name = "fk_fn_role_composite_child", columnList = "child_role_id")
- }
- )
- private Set<FnRole> fnRoles;
- @ManyToMany(cascade = CascadeType.ALL,
- fetch = FetchType.LAZY)
- private Set<FnRole> fnRoleList;
- @OneToMany(
- targetEntity = EpRoleNotification.class,
- mappedBy = "notificationID",
- cascade = CascadeType.ALL,
- fetch = FetchType.LAZY
- )
- private Set<EpRoleNotification> epRoleNotifications;
- @OneToMany(
- targetEntity = FnMenuFunctionalRoles.class,
- mappedBy = "roleId",
- cascade = CascadeType.ALL,
- fetch = FetchType.LAZY
- )
- private Set<FnMenuFunctionalRoles> fnMenuFunctionalRoles;
- @OneToMany(
- targetEntity = EpWidgetCatalogRole.class,
- mappedBy = "roleId",
- cascade = CascadeType.ALL,
- fetch = FetchType.LAZY
- )
- private Set<EpWidgetCatalogRole> epWidgetCatalogRoles;
- @OneToMany(
- targetEntity = EpAppRoleFunction.class,
- mappedBy = "fnRole",
- cascade = CascadeType.ALL,
- fetch = FetchType.LAZY
- )
- private Set<EpAppRoleFunction> epAppRoleFunctions;
- @OneToMany(
- targetEntity = EpUserRolesRequestDet.class,
- mappedBy = "requestedRoleId",
- cascade = CascadeType.ALL,
- fetch = FetchType.LAZY
- )
- private Set<EpUserRolesRequestDet> epUserRolesRequestDets;
- @OneToMany(
- targetEntity = FnUserRole.class,
- mappedBy = "roleId",
- cascade = CascadeType.ALL,
- fetch = FetchType.LAZY
- )
- private Set<FnUserRole> fnUserRoles;
+ @Id
+ @GeneratedValue(strategy = GenerationType.AUTO)
+ @Column(name = "role_id", length = 11, nullable = false)
+ @Digits(integer = 11, fraction = 0)
+ private Long roleId;
+ @Column(name = "role_name", length = 300, nullable = false)
+ @Size(max = 300)
+ @NotNull
+ @SafeHtml
+ private String roleName;
+ @Column(name = "active_yn", length = 1, columnDefinition = "character varying(1) default 'y'", nullable = false)
+ @NotNull
+ private Boolean activeYn;
+ @Column(name = "priority", length = 4, columnDefinition = "decimal(4,0) DEFAULT NULL")
+ @Digits(integer = 4, fraction = 0)
+ private Integer priority;
+ @Column(name = "app_Id", length = 11, columnDefinition = "int(11) default null")
+ @Digits(integer = 11, fraction = 0)
+ private Long appId;
+ @Column(name = "app_role_id", length = 11, columnDefinition = "int(11) default null")
+ @Digits(integer = 11, fraction = 0)
+ private Long appRoleId;
+ @OneToMany(
+ targetEntity = FnRoleFunction.class,
+ mappedBy = "roleId",
+ cascade = CascadeType.ALL,
+ fetch = FetchType.LAZY
+ )
+ private Set<FnRoleFunction> fnRoleFunctions;
+ @ManyToMany(cascade = CascadeType.ALL, fetch = FetchType.LAZY)
+ @JoinTable(
+ name = "fn_user_pseudo_role",
+ joinColumns = {@JoinColumn(name = "pseudo_role_Id", referencedColumnName = "role_id")},
+ inverseJoinColumns = {@JoinColumn(name = "user_id", referencedColumnName = "user_id")},
+ indexes = {
+ @Index(name = "fk_pseudo_role_user_id", columnList = "user_id")
+ }
+ )
+ private Set<FnUser> fnUsers;
+ @OneToMany(
+ targetEntity = FnRoleComposite.class,
+ mappedBy = "childRoles",
+ cascade = CascadeType.ALL,
+ fetch = FetchType.LAZY
+ )
+ private Set<FnRoleComposite> childRoles;
+ @OneToMany(
+ targetEntity = FnRoleComposite.class,
+ mappedBy = "parentRoles",
+ cascade = CascadeType.ALL,
+ fetch = FetchType.LAZY
+ )
+ private Set<FnRoleComposite> parentRoles;
+ @ManyToMany(cascade = CascadeType.ALL,
+ fetch = FetchType.LAZY)
+ private Set<FnRoleFunction> roleFunctions;
+ @OneToMany(
+ targetEntity = EpRoleNotification.class,
+ mappedBy = "notificationID",
+ cascade = CascadeType.ALL,
+ fetch = FetchType.LAZY
+ )
+ private Set<EpRoleNotification> epRoleNotifications;
+ @OneToMany(
+ targetEntity = FnMenuFunctionalRoles.class,
+ mappedBy = "roleId",
+ cascade = CascadeType.ALL,
+ fetch = FetchType.LAZY
+ )
+ private Set<FnMenuFunctionalRoles> fnMenuFunctionalRoles;
+ @OneToMany(
+ targetEntity = EpWidgetCatalogRole.class,
+ mappedBy = "roleId",
+ cascade = CascadeType.ALL,
+ fetch = FetchType.LAZY
+ )
+ private Set<EpWidgetCatalogRole> epWidgetCatalogRoles;
+ @OneToMany(
+ targetEntity = EpAppRoleFunction.class,
+ mappedBy = "fnRole",
+ cascade = CascadeType.ALL,
+ fetch = FetchType.LAZY
+ )
+ private Set<EpAppRoleFunction> epAppRoleFunctions;
+ @OneToMany(
+ targetEntity = EpUserRolesRequestDet.class,
+ mappedBy = "requestedRoleId",
+ cascade = CascadeType.ALL,
+ fetch = FetchType.LAZY
+ )
+ private Set<EpUserRolesRequestDet> epUserRolesRequestDets;
+ @OneToMany(
+ targetEntity = FnUserRole.class,
+ mappedBy = "roleId",
+ cascade = CascadeType.ALL,
+ fetch = FetchType.LAZY
+ )
+ private Set<FnUserRole> fnUserRoles;
+
+ public FnRole(Long roleId, String roleName, Boolean activeYn, Integer priority,
+ Set<FnRoleFunction> fnRoleFunctions, Set<FnRoleComposite> childRoles,
+ Set<FnRoleComposite> parentRoles) {
+ this.roleId = roleId;
+ this.roleName = roleName;
+ this.activeYn = activeYn;
+ this.priority = priority;
+ this.fnRoleFunctions = fnRoleFunctions;
+ this.childRoles = childRoles;
+ this.parentRoles = parentRoles;
+ }
}
diff --git a/portal-BE/src/main/java/org/onap/portal/domain/db/fn/FnRoleComposite.java b/portal-BE/src/main/java/org/onap/portal/domain/db/fn/FnRoleComposite.java
new file mode 100644
index 00000000..42a24b22
--- /dev/null
+++ b/portal-BE/src/main/java/org/onap/portal/domain/db/fn/FnRoleComposite.java
@@ -0,0 +1,95 @@
+/*
+ * ============LICENSE_START==========================================
+ * ONAP Portal
+ * ===================================================================
+ * Copyright (C) 2019 AT&T Intellectual Property. All rights reserved.
+ * ===================================================================
+ * Modifications Copyright (c) 2019 Samsung
+ * ===================================================================
+ *
+ * Unless otherwise specified, all software contained herein is licensed
+ * under the Apache License, Version 2.0 (the "License");
+ * you may not use this software except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ * Unless otherwise specified, all documentation contained herein is licensed
+ * under the Creative Commons License, Attribution 4.0 Intl. (the "License");
+ * you may not use this documentation except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * https://creativecommons.org/licenses/by/4.0/
+ *
+ * Unless required by applicable law or agreed to in writing, documentation
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ * ============LICENSE_END============================================
+ *
+ *
+ */
+
+package org.onap.portal.domain.db.fn;
+
+import java.io.Serializable;
+import javax.persistence.CascadeType;
+import javax.persistence.Entity;
+import javax.persistence.FetchType;
+import javax.persistence.Id;
+import javax.persistence.IdClass;
+import javax.persistence.Index;
+import javax.persistence.JoinColumn;
+import javax.persistence.ManyToOne;
+import javax.persistence.Table;
+import javax.validation.Valid;
+import lombok.AllArgsConstructor;
+import lombok.EqualsAndHashCode;
+import lombok.Getter;
+import lombok.NoArgsConstructor;
+import lombok.Setter;
+import org.onap.portal.domain.db.fn.FnRoleComposite.FnRoleCompositeId;
+
+@Table(name = "fn_role_composite", indexes = {
+ @Index(name = "fk_fn_role_composite_child", columnList = "child_role_id")
+})
+@Getter
+@Setter
+@Entity
+@NoArgsConstructor
+@AllArgsConstructor
+@IdClass(FnRoleCompositeId.class)
+public class FnRoleComposite implements Serializable{
+
+ @Id
+ @Valid
+ @ManyToOne(fetch = FetchType.LAZY, cascade = CascadeType.ALL)
+ @JoinColumn(name = "parent_role_id")
+ private FnRole parentRoles;
+ @Id
+ @Valid
+ @ManyToOne(fetch = FetchType.LAZY, cascade = CascadeType.ALL)
+ @JoinColumn(name = "child_role_id")
+ private FnRole childRoles;
+
+ @Getter
+ @Setter
+ @NoArgsConstructor
+ @EqualsAndHashCode
+ @AllArgsConstructor
+ public class FnRoleCompositeId implements Serializable {
+
+ @Valid
+ private FnRole parentRoles;
+ @Valid
+ private FnRole childRoles;
+ }
+}
diff --git a/portal-BE/src/main/java/org/onap/portal/domain/db/fn/FnUser.java b/portal-BE/src/main/java/org/onap/portal/domain/db/fn/FnUser.java
index 315f911a..dc01f388 100644
--- a/portal-BE/src/main/java/org/onap/portal/domain/db/fn/FnUser.java
+++ b/portal-BE/src/main/java/org/onap/portal/domain/db/fn/FnUser.java
@@ -63,7 +63,6 @@ import javax.persistence.ManyToOne;
import javax.persistence.NamedQueries;
import javax.persistence.NamedQuery;
import javax.persistence.OneToMany;
-import javax.persistence.SequenceGenerator;
import javax.persistence.Table;
import javax.persistence.UniqueConstraint;
import javax.validation.constraints.Digits;
@@ -85,6 +84,9 @@ import org.onap.portal.domain.db.ep.EpUserNotification;
import org.onap.portal.domain.db.ep.EpUserRolesRequest;
import org.onap.portal.domain.db.ep.EpWidgetCatalogParameter;
import org.onap.portal.domain.dto.DomainVo;
+import org.onap.portalsdk.core.domain.App;
+import org.onap.portalsdk.core.domain.Role;
+import org.onap.portalsdk.core.domain.UserApp;
import org.onap.portalsdk.core.logging.logic.EELFLoggerDelegate;
import org.springframework.security.core.GrantedAuthority;
import org.springframework.security.core.authority.SimpleGrantedAuthority;
@@ -155,31 +157,31 @@ CREATE TABLE `fn_user` (
*/
@NamedQueries({
- @NamedQuery(
- name = "FnUser.getUserWithOrgUserId",
- query = "FROM FnUser WHERE orgUserId = :orgId"),
- @NamedQuery(
- name = "FnUser.getActiveUsers",
- query = "FROM FnUser WHERE activeYn = 'Y'"),
- @NamedQuery(
- name = "FnUser.getUsersByOrgIds",
- query = "FROM FnUser WHERE orgUserId IN :orgIds"
- )
+ @NamedQuery(
+ name = "FnUser.getUserWithOrgUserId",
+ query = "FROM FnUser WHERE orgUserId = :orgId"),
+ @NamedQuery(
+ name = "FnUser.getActiveUsers",
+ query = "FROM FnUser WHERE activeYn = 'Y'"),
+ @NamedQuery(
+ name = "FnUser.getUsersByOrgIds",
+ query = "FROM FnUser WHERE orgUserId IN :orgIds"
+ )
})
@Table(name = "fn_user", indexes = {
- @Index(name = "fn_user_address_id", columnList = "address_id"),
- @Index(name = "fn_user_alert_method_cd", columnList = "alert_method_cd"),
- @Index(name = "fn_user_org_id", columnList = "org_id"),
- @Index(name = "fk_fn_user_ref_197_fn_user", columnList = "manager_id"),
- @Index(name = "fk_fn_user_ref_198_fn_user", columnList = "created_id"),
- @Index(name = "fk_fn_user_ref_199_fn_user", columnList = "modified_id"),
- @Index(name = "fk_timezone", columnList = "timezone")
+ @Index(name = "fn_user_address_id", columnList = "address_id"),
+ @Index(name = "fn_user_alert_method_cd", columnList = "alert_method_cd"),
+ @Index(name = "fn_user_org_id", columnList = "org_id"),
+ @Index(name = "fk_fn_user_ref_197_fn_user", columnList = "manager_id"),
+ @Index(name = "fk_fn_user_ref_198_fn_user", columnList = "created_id"),
+ @Index(name = "fk_fn_user_ref_199_fn_user", columnList = "modified_id"),
+ @Index(name = "fk_timezone", columnList = "timezone")
},
- uniqueConstraints = {
- @UniqueConstraint(name = "fn_user_hrid", columnNames = "hrid"),
- @UniqueConstraint(name = "fn_user_login_id", columnNames = "login_id")
+ uniqueConstraints = {
+ @UniqueConstraint(name = "fn_user_hrid", columnNames = "hrid"),
+ @UniqueConstraint(name = "fn_user_login_id", columnNames = "login_id")
- })
+ })
@Getter
@Setter
@@ -190,334 +192,361 @@ CREATE TABLE `fn_user` (
@DynamicUpdate
public class FnUser extends DomainVo implements UserDetails, Serializable {
- private static EELFLoggerDelegate logger = EELFLoggerDelegate.getLogger(FnUser.class);
+ private static EELFLoggerDelegate logger = EELFLoggerDelegate.getLogger(FnUser.class);
+
+ @Id
+ @GeneratedValue(strategy = GenerationType.IDENTITY)
+ @Column(name = "user_id", nullable = false)
+ private Long userId;
+ @ManyToOne(cascade = CascadeType.ALL, fetch = FetchType.LAZY)
+ @JoinColumn(name = "org_id")
+ private FnOrg orgId;
+ @ManyToOne(cascade = CascadeType.ALL, fetch = FetchType.LAZY)
+ @JoinColumn(name = "manager_id")
+ private FnUser managerId;
+ @Column(name = "first_name", length = 50)
+ @Size(max = 50)
+ @SafeHtml
+ private String firstName;
+ @Column(name = "middle_name", length = 50)
+ @Size(max = 50)
+ @SafeHtml
+ private String middleName;
+ @Column(name = "last_name", length = 50)
+ @Size(max = 50)
+ @SafeHtml
+ private String lastName;
+ @Column(name = "phone", length = 25)
+ @Size(max = 25)
+ @SafeHtml
+ private String phone;
+ @Column(name = "fax", length = 25)
+ @Size(max = 25)
+ @SafeHtml
+ private String fax;
+ @Column(name = "cellular", length = 25)
+ @Size(max = 25)
+ @SafeHtml
+ private String cellular;
+ @Column(name = "email", length = 50)
+ @Size(max = 50)
+ @Email
+ @SafeHtml
+ private String email;
+ @Column(name = "address_id")
+ @Digits(integer = 11, fraction = 0)
+ private Long addressId;
+ @ManyToOne(fetch = FetchType.LAZY, cascade = CascadeType.ALL)
+ @JoinColumn(name = "alert_method_cd")
+ private FnLuAlertMethod alertMethodCd;
+ @Column(name = "hrid", length = 20)
+ @Size(max = 20)
+ @SafeHtml
+ private String hrid;
+ @Column(name = "org_user_id", length = 20)
+ @Size(max = 20)
+ @SafeHtml
+ private String orgUserId;
+ @Column(name = "org_code", length = 30)
+ @Size(max = 30)
+ @SafeHtml
+ private String org_code;
+ @Column(name = "login_id", length = 25)
+ @Size(max = 25)
+ @SafeHtml
+ private String loginId;
+ @Column(name = "login_pwd", length = 100)
+ @Size(max = 100)
+ @SafeHtml
+ private String loginPwd;
+ @Column(name = "last_login_date", nullable = false, columnDefinition = "datetime DEFAULT current_timestamp() ON UPDATE current_timestamp()")
+ @PastOrPresent
+ protected LocalDateTime lastLoginDate;
+ @Column(name = "active_yn", nullable = false)
+ private Boolean activeYn;
+ @ManyToOne(fetch = FetchType.LAZY, cascade = CascadeType.ALL)
+ @JoinColumn(name = "created_id")
+ private FnUser createdId;
+ @Column(name = "created_date", columnDefinition = "datetime DEFAULT current_timestamp()", nullable = false)
+ @PastOrPresent
+ protected LocalDateTime createdDate;
+ @ManyToOne(fetch = FetchType.LAZY, cascade = CascadeType.ALL)
+ @JoinColumn(name = "modified_id")
+ private FnUser modifiedId;
+ @Column(name = "modified_date", nullable = false, columnDefinition = "datetime default now()")
+ @PastOrPresent
+ protected LocalDateTime modifiedDate;
+ @Column(name = "is_internal_yn", nullable = false, columnDefinition = "bit DEFAULT 0")
+ private Boolean isInternalYn;
+ @Column(name = "is_system_user", nullable = false, columnDefinition = "bit DEFAULT 0")
+ private Boolean isSystemUser;
+ @Column(name = "address_line_1", length = 100)
+ @Size(max = 100)
+ @SafeHtml
+ private String addressLine1;
+ @Column(name = "address_line_2", length = 100)
+ @Size(max = 100)
+ @SafeHtml
+ private String addressLine2;
+ @Column(name = "city", length = 50)
+ @Size(max = 50)
+ @SafeHtml
+ private String city;
+ @Column(name = "state_cd", length = 3)
+ @Size(max = 3)
+ @SafeHtml
+ private String stateCd;
+ @Column(name = "zip_code", length = 11)
+ @Size(max = 11)
+ @SafeHtml
+ private String zipCode;
+ @Column(name = "country_cd", length = 3)
+ @Size(max = 3)
+ @SafeHtml
+ private String countryCd;
+ @Column(name = "location_clli", length = 8)
+ @Size(max = 8)
+ @SafeHtml
+ private String locationClli;
+ @Column(name = "org_manager_userid", length = 20)
+ @Size(max = 20)
+ @SafeHtml
+ private String orgManagerUserId;
+ @Column(name = "company", length = 100)
+ @Size(max = 100)
+ @SafeHtml
+ private String company;
+ @Column(name = "department_name", length = 200)
+ @Size(max = 200)
+ @SafeHtml
+ private String departmentName;
+ @Column(name = "job_title", length = 100)
+ @Size(max = 100)
+ @SafeHtml
+ private String jobTitle;
+ @ManyToOne(fetch = FetchType.LAZY, cascade = CascadeType.ALL)
+ @JoinColumn(name = "timezone")
+ private FnLuTimezone timezone;
+ @Column(name = "department", length = 25)
+ @Size(max = 25)
+ @SafeHtml
+ private String department;
+ @Column(name = "business_unit", length = 25)
+ @Size(max = 25)
+ @SafeHtml
+ private String businessUnit;
+ @Column(name = "business_unit_name", length = 100)
+ @Size(max = 100)
+ @SafeHtml
+ private String businessUnitName;
+ @Column(name = "cost_center", length = 25)
+ @Size(max = 25)
+ @SafeHtml
+ private String cost_center;
+ @Column(name = "fin_loc_code", length = 10)
+ @Size(max = 10)
+ @SafeHtml
+ private String finLocCode;
+ @Column(name = "silo_status", length = 10)
+ @Size(max = 10)
+ @SafeHtml
+ private String siloStatus;
+ @ManyToOne(fetch = FetchType.LAZY, cascade = CascadeType.ALL)
+ @JoinColumn(name = "language_id", nullable = false, columnDefinition = "bigint DEFAULT 1")
+ @NotNull(message = "languageId must not be null")
+ private FnLanguage languageId;
+ @Column(name = "is_guest", nullable = false, columnDefinition = "bit DEFAULT 0")
+ @NotNull(message = "guest must not be null")
+ private Boolean guest;
+ @ManyToMany(cascade = CascadeType.ALL, fetch = FetchType.LAZY, mappedBy = "fnUserList")
+ private Set<CrReportFileHistory> crReportFileHistorie;
+ @ManyToMany(cascade = CascadeType.ALL, fetch = FetchType.EAGER)
+ private Set<FnRole> fnRoles;
+ @ManyToMany(cascade = CascadeType.ALL, fetch = FetchType.LAZY)
+ private Set<FnMenuFunctional> fnRoleList;
+ @OneToMany(
+ targetEntity = FnAuditLog.class,
+ mappedBy = "userId",
+ cascade = CascadeType.ALL,
+ fetch = FetchType.LAZY
+ )
+ private Set<FnAuditLog> fnAuditLogs;
+ @OneToMany(
+ targetEntity = FnUser.class,
+ mappedBy = "createdId",
+ cascade = CascadeType.ALL,
+ fetch = FetchType.LAZY
+ )
+ private Set<FnUser> fnUsersCreatedId;
+ @OneToMany(
+ targetEntity = FnUser.class,
+ mappedBy = "managerId",
+ cascade = CascadeType.ALL,
+ fetch = FetchType.LAZY
+ )
+ private Set<FnUser> fnUsersManagerId;
+ @OneToMany(
+ targetEntity = FnUser.class,
+ mappedBy = "modifiedId",
+ cascade = CascadeType.ALL,
+ fetch = FetchType.LAZY
+ )
+ private Set<FnUser> fnUsersModifiedId;
+ @OneToMany(
+ targetEntity = EpUserRolesRequest.class,
+ mappedBy = "userId",
+ cascade = CascadeType.ALL,
+ fetch = FetchType.LAZY
+ )
+ private Set<EpUserRolesRequest> epUserRolesRequests;
+ @OneToMany(
+ targetEntity = FnPersUserAppSel.class,
+ mappedBy = "userId",
+ cascade = CascadeType.ALL,
+ fetch = FetchType.LAZY
+ )
+ private Set<FnPersUserAppSel> persUserAppSels;
+ @OneToMany(
+ targetEntity = EpWidgetCatalogParameter.class,
+ mappedBy = "userId",
+ cascade = CascadeType.ALL,
+ fetch = FetchType.LAZY
+ )
+ private Set<EpWidgetCatalogParameter> epWidgetCatalogParameters;
+ @OneToMany(
+ targetEntity = EpPersUserWidgetPlacement.class,
+ mappedBy = "userId",
+ cascade = CascadeType.ALL,
+ fetch = FetchType.LAZY
+ )
+ private Set<EpPersUserWidgetPlacement> epPersUserWidgetPlacements;
+ @OneToMany(
+ targetEntity = EpPersUserWidgetSel.class,
+ mappedBy = "userId",
+ cascade = CascadeType.ALL,
+ fetch = FetchType.LAZY
+ )
+ private Set<EpPersUserWidgetSel> epPersUserWidgetSels;
+ @OneToMany(
+ targetEntity = FnUserRole.class,
+ mappedBy = "userId",
+ cascade = CascadeType.ALL,
+ fetch = FetchType.LAZY
+ )
+ private Set<FnUserRole> userApps;
+ @OneToMany(
+ targetEntity = EpUserNotification.class,
+ mappedBy = "userId",
+ cascade = CascadeType.ALL,
+ fetch = FetchType.LAZY
+ )
+ private Set<EpUserNotification> epUserNotifications;
+
+ @Override
+ public Collection<? extends GrantedAuthority> getAuthorities() {
+ return fnRoles
+ .stream()
+ .map(fnRole -> new SimpleGrantedAuthority("ROLE_" + fnRole.getRoleName()))
+ .collect(Collectors.toList());
+ }
+
+ @Override
+ public String getPassword() {
+ return this.getLoginPwd();
+ }
+
+ @Override
+ public String getUsername() {
+ return this.getLoginId();
+ }
- @Id
- @GeneratedValue(strategy = GenerationType.IDENTITY)
- @Column(name = "user_id", nullable = false)
- private Long userId;
- @ManyToOne(cascade = CascadeType.ALL, fetch = FetchType.LAZY)
- @JoinColumn(name = "org_id")
- private FnOrg orgId;
- @ManyToOne(cascade = CascadeType.ALL, fetch = FetchType.LAZY)
- @JoinColumn(name = "manager_id")
- private FnUser managerId;
- @Column(name = "first_name", length = 50)
- @Size(max = 50)
- @SafeHtml
- private String firstName;
- @Column(name = "middle_name", length = 50)
- @Size(max = 50)
- @SafeHtml
- private String middleName;
- @Column(name = "last_name", length = 50)
- @Size(max = 50)
- @SafeHtml
- private String lastName;
- @Column(name = "phone", length = 25)
- @Size(max = 25)
- @SafeHtml
- private String phone;
- @Column(name = "fax", length = 25)
- @Size(max = 25)
- @SafeHtml
- private String fax;
- @Column(name = "cellular", length = 25)
- @Size(max = 25)
- @SafeHtml
- private String cellular;
- @Column(name = "email", length = 50)
- @Size(max = 50)
- @Email
- @SafeHtml
- private String email;
- @Column(name = "address_id")
- @Digits(integer = 11, fraction = 0)
- private Long addressId;
- @ManyToOne(fetch = FetchType.LAZY, cascade = CascadeType.ALL)
- @JoinColumn(name = "alert_method_cd")
- private FnLuAlertMethod alertMethodCd;
- @Column(name = "hrid", length = 20)
- @Size(max = 20)
- @SafeHtml
- private String hrid;
- @Column(name = "org_user_id", length = 20)
- @Size(max = 20)
- @SafeHtml
- private String orgUserId;
- @Column(name = "org_code", length = 30)
- @Size(max = 30)
- @SafeHtml
- private String org_code;
- @Column(name = "login_id", length = 25)
- @Size(max = 25)
- @SafeHtml
- private String loginId;
- @Column(name = "login_pwd", length = 100)
- @Size(max = 100)
- @SafeHtml
- private String loginPwd;
- @Column(name = "last_login_date", nullable = false, columnDefinition = "datetime DEFAULT current_timestamp() ON UPDATE current_timestamp()")
- @PastOrPresent
- protected LocalDateTime lastLoginDate;
- @Column(name = "active_yn", nullable = false)
- private Boolean activeYn;
- @ManyToOne(fetch = FetchType.LAZY, cascade = CascadeType.ALL)
- @JoinColumn(name = "created_id")
- private FnUser createdId;
- @Column(name = "created_date", columnDefinition = "datetime DEFAULT current_timestamp()", nullable = false)
- @PastOrPresent
- protected LocalDateTime createdDate;
- @ManyToOne(fetch = FetchType.LAZY, cascade = CascadeType.ALL)
- @JoinColumn(name = "modified_id")
- private FnUser modifiedId;
- @Column(name = "modified_date", nullable = false, columnDefinition = "datetime default now()")
- @PastOrPresent
- protected LocalDateTime modifiedDate;
- @Column(name = "is_internal_yn", nullable = false, columnDefinition = "bit DEFAULT 0")
- private Boolean isInternalYn;
- @Column(name = "address_line_1", length = 100)
- @Size(max = 100)
- @SafeHtml
- private String addressLine1;
- @Column(name = "address_line_2", length = 100)
- @Size(max = 100)
- @SafeHtml
- private String addressLine2;
- @Column(name = "city", length = 50)
- @Size(max = 50)
- @SafeHtml
- private String city;
- @Column(name = "state_cd", length = 3)
- @Size(max = 3)
- @SafeHtml
- private String stateCd;
- @Column(name = "zip_code", length = 11)
- @Size(max = 11)
- @SafeHtml
- private String zipCode;
- @Column(name = "country_cd", length = 3)
- @Size(max = 3)
- @SafeHtml
- private String countryCd;
- @Column(name = "location_clli", length = 8)
- @Size(max = 8)
- @SafeHtml
- private String locationClli;
- @Column(name = "org_manager_userid", length = 20)
- @Size(max = 20)
- @SafeHtml
- private String orgManagerUserId;
- @Column(name = "company", length = 100)
- @Size(max = 100)
- @SafeHtml
- private String company;
- @Column(name = "department_name", length = 200)
- @Size(max = 200)
- @SafeHtml
- private String departmentName;
- @Column(name = "job_title", length = 100)
- @Size(max = 100)
- @SafeHtml
- private String jobTitle;
- @ManyToOne(fetch = FetchType.LAZY, cascade = CascadeType.ALL)
- @JoinColumn(name = "timezone")
- private FnLuTimezone timezone;
- @Column(name = "department", length = 25)
- @Size(max = 25)
- @SafeHtml
- private String department;
- @Column(name = "business_unit", length = 25)
- @Size(max = 25)
- @SafeHtml
- private String businessUnit;
- @Column(name = "business_unit_name", length = 100)
- @Size(max = 100)
- @SafeHtml
- private String businessUnitName;
- @Column(name = "cost_center", length = 25)
- @Size(max = 25)
- @SafeHtml
- private String cost_center;
- @Column(name = "fin_loc_code", length = 10)
- @Size(max = 10)
- @SafeHtml
- private String finLocCode;
- @Column(name = "silo_status", length = 10)
- @Size(max = 10)
- @SafeHtml
- private String siloStatus;
- @ManyToOne(fetch = FetchType.LAZY, cascade = CascadeType.ALL)
- @JoinColumn(name = "language_id", nullable = false, columnDefinition = "bigint DEFAULT 1")
- @NotNull(message = "languageId must not be null")
- private FnLanguage languageId;
- @Column(name = "is_guest", nullable = false, columnDefinition = "bit DEFAULT 0")
- @NotNull(message = "guest must not be null")
- private Boolean guest;
- @ManyToMany(cascade = CascadeType.ALL, fetch = FetchType.LAZY, mappedBy = "fnUserList")
- private Set<CrReportFileHistory> crReportFileHistorie;
- @ManyToMany(cascade = CascadeType.ALL, fetch = FetchType.EAGER)
- private Set<FnRole> fnRoles;
- @ManyToMany(cascade = CascadeType.ALL, fetch = FetchType.LAZY)
- private Set<FnMenuFunctional> fnRoleList;
- @OneToMany(
- targetEntity = FnAuditLog.class,
- mappedBy = "userId",
- cascade = CascadeType.ALL,
- fetch = FetchType.LAZY
- )
- private Set<FnAuditLog> fnAuditLogs;
- @OneToMany(
- targetEntity = FnUser.class,
- mappedBy = "createdId",
- cascade = CascadeType.ALL,
- fetch = FetchType.LAZY
- )
- private Set<FnUser> fnUsersCreatedId;
- @OneToMany(
- targetEntity = FnUser.class,
- mappedBy = "managerId",
- cascade = CascadeType.ALL,
- fetch = FetchType.LAZY
- )
- private Set<FnUser> fnUsersManagerId;
- @OneToMany(
- targetEntity = FnUser.class,
- mappedBy = "modifiedId",
- cascade = CascadeType.ALL,
- fetch = FetchType.LAZY
- )
- private Set<FnUser> fnUsersModifiedId;
- @OneToMany(
- targetEntity = EpUserRolesRequest.class,
- mappedBy = "userId",
- cascade = CascadeType.ALL,
- fetch = FetchType.LAZY
- )
- private Set<EpUserRolesRequest> epUserRolesRequests;
- @OneToMany(
- targetEntity = FnPersUserAppSel.class,
- mappedBy = "userId",
- cascade = CascadeType.ALL,
- fetch = FetchType.LAZY
- )
- private Set<FnPersUserAppSel> persUserAppSels;
- @OneToMany(
- targetEntity = EpWidgetCatalogParameter.class,
- mappedBy = "userId",
- cascade = CascadeType.ALL,
- fetch = FetchType.LAZY
- )
- private Set<EpWidgetCatalogParameter> epWidgetCatalogParameters;
- @OneToMany(
- targetEntity = EpPersUserWidgetPlacement.class,
- mappedBy = "userId",
- cascade = CascadeType.ALL,
- fetch = FetchType.LAZY
- )
- private Set<EpPersUserWidgetPlacement> epPersUserWidgetPlacements;
- @OneToMany(
- targetEntity = EpPersUserWidgetSel.class,
- mappedBy = "userId",
- cascade = CascadeType.ALL,
- fetch = FetchType.LAZY
- )
- private Set<EpPersUserWidgetSel> epPersUserWidgetSels;
- @OneToMany(
- targetEntity = FnUserRole.class,
- mappedBy = "userId",
- cascade = CascadeType.ALL,
- fetch = FetchType.LAZY
- )
- private Set<FnUserRole> fnUserRoles;
- @OneToMany(
- targetEntity = EpUserNotification.class,
- mappedBy = "userId",
- cascade = CascadeType.ALL,
- fetch = FetchType.LAZY
- )
- private Set<EpUserNotification> epUserNotifications;
+ @Override
+ public boolean isAccountNonExpired() {
+ return true;
+ }
- @Override
- public Collection<? extends GrantedAuthority> getAuthorities() {
- return fnRoles
- .stream()
- .map(fnRole -> new SimpleGrantedAuthority("ROLE_" + fnRole.getRoleName()))
- .collect(Collectors.toList());
- }
+ @Override
+ public boolean isAccountNonLocked() {
+ return true;
+ }
- @Override
- public String getPassword() {
- return this.getLoginPwd();
- }
+ @Override
+ public boolean isCredentialsNonExpired() {
+ return true;
+ }
- @Override
- public String getUsername() {
- return this.getLoginId();
- }
+ @Override
+ public boolean isEnabled() {
+ return true;
+ }
- @Override
- public boolean isAccountNonExpired() {
- return true;
- }
+ public String getFullName() {
+ return this.firstName + " " + this.lastName;
+ }
- @Override
- public boolean isAccountNonLocked() {
- return true;
- }
+ public SortedSet<FnRole> getAppEPRoles(FnApp app) {
- @Override
- public boolean isCredentialsNonExpired() {
- return true;
- }
+ logger.debug(EELFLoggerDelegate.debugLogger, "In EPUser.getAppEPRoles() - app = {}", app.getAppName());
- @Override
- public boolean isEnabled() {
- return true;
- }
+ SortedSet<FnRole> roles = new TreeSet<>();
+ Set<FnUserRole> userAppRoles = getUserApps();
- public String getFullName() {
- return this.firstName + " " + this.lastName;
- }
+ logger.debug(EELFLoggerDelegate.debugLogger, "In EPUser.getAppEPRoles() - userApps = {} ", userAppRoles.size());
- public SortedSet<FnRole> getAppEPRoles(FnApp app) {
+ Iterator<FnUserRole> userAppRolesIterator = userAppRoles.iterator();
- logger.debug(EELFLoggerDelegate.debugLogger, "In EPUser.getAppEPRoles() - app = {}", app.getAppName());
+ FnUserRole userAppRole;
+ // getting default app
+ while (userAppRolesIterator.hasNext()) {
+ FnUserRole tempUserApp = userAppRolesIterator.next();
+ if (tempUserApp.getAppId().getId().equals(app.getId())) {
- SortedSet<FnRole> roles = new TreeSet<>();
- Set<FnUserRole> userAppRoles = getFnUserRoles();
+ logger.debug(EELFLoggerDelegate.debugLogger,
+ "In EPUser.getAppEPRoles() - for user {}, found application {}", this.getFullName(),
+ app.getAppName());
- logger.debug(EELFLoggerDelegate.debugLogger, "In EPUser.getAppEPRoles() - userApps = {} ", userAppRoles.size());
+ userAppRole = tempUserApp;
- Iterator<FnUserRole> userAppRolesIterator = userAppRoles.iterator();
+ FnRole role = userAppRole.getRoleId();
+ if (role.getActiveYn()) {
+ logger.debug(EELFLoggerDelegate.debugLogger,
+ "In EPUser.getAppEPRoles() - Role {} is active - adding for user {} and app {}",
+ role.getRoleName(), this.getFullName(), app.getAppName());
+ roles.add(role);
+ } else {
+ logger.debug(EELFLoggerDelegate.debugLogger,
+ "In EPUser.getAppEPRoles() - Role {} is NOT active - NOT adding for user {} and app {}",
+ role.getRoleName(), this.getFullName(), app.getAppName());
+ }
+ }
+ }
+ logger.debug(EELFLoggerDelegate.debugLogger, "In EPUser.getAppEPRoles() - roles = {}", roles.size());
- FnUserRole userAppRole;
- // getting default app
- while (userAppRolesIterator.hasNext()) {
- FnUserRole tempUserApp = userAppRolesIterator.next();
- if (tempUserApp.getAppId().getId().equals(app.getId())) {
+ return roles;
+ }
- logger.debug(EELFLoggerDelegate.debugLogger,
- "In EPUser.getAppEPRoles() - for user {}, found application {}", this.getFullName(),
- app.getAppName());
+ public void setRoles(Set<FnRole> roles) {
+ FnApp app = new FnApp();
+ app.setId(1L);
+ app.setAppName("Default");
+ this.addAppRoles(app, roles);
+ }
- userAppRole = tempUserApp;
+ private void addAppRoles(FnApp app, Set<FnRole> roles) {
+ if (roles != null) {
+ Set<FnUserRole> newUserApps = new HashSet<>();
+ for (FnRole role : roles) {
+ FnUserRole userApp = new FnUserRole();
+ userApp.setUserId(this);
+ userApp.setAppId(app);
+ userApp.setRoleId(role);
+ newUserApps.add(userApp);
+ }
- FnRole role = userAppRole.getRoleId();
- if (role.getActiveYn()) {
- logger.debug(EELFLoggerDelegate.debugLogger,
- "In EPUser.getAppEPRoles() - Role {} is active - adding for user {} and app {}",
- role.getRoleName(), this.getFullName(), app.getAppName());
- roles.add(role);
- } else {
- logger.debug(EELFLoggerDelegate.debugLogger,
- "In EPUser.getAppEPRoles() - Role {} is NOT active - NOT adding for user {} and app {}",
- role.getRoleName(), this.getFullName(), app.getAppName());
- }
- }
- }
- logger.debug(EELFLoggerDelegate.debugLogger, "In EPUser.getAppEPRoles() - roles = {}", roles.size());
+ this.setUserApps(newUserApps);
+ } else {
+ this.userApps.clear();
+ }
- return roles;
- }
+ }
}
diff --git a/portal-BE/src/main/java/org/onap/portal/domain/db/fn/FnUserRole.java b/portal-BE/src/main/java/org/onap/portal/domain/db/fn/FnUserRole.java
index 06320c4c..f3fdec1e 100644
--- a/portal-BE/src/main/java/org/onap/portal/domain/db/fn/FnUserRole.java
+++ b/portal-BE/src/main/java/org/onap/portal/domain/db/fn/FnUserRole.java
@@ -144,7 +144,10 @@ CREATE TABLE `fn_user_role` (
+ " FnUserRole userrole\n"
+ "WHERE\n"
+ " userrole.roleId.roleId = :roleId\n"
- + " AND userrole.appId.appId = :appId"
+ + " AND userrole.appId.appId = :appId"),
+ @NamedQuery(
+ name = "FnUserRole.retrieveByAppIdAndUserId",
+ query = "from FnUserRole where appId.appId =:appId and userId.userId =:userId"
)
})
diff --git a/portal-BE/src/main/java/org/onap/portal/domain/dto/DomainVo.java b/portal-BE/src/main/java/org/onap/portal/domain/dto/DomainVo.java
index 230da910..91ea87f2 100644
--- a/portal-BE/src/main/java/org/onap/portal/domain/dto/DomainVo.java
+++ b/portal-BE/src/main/java/org/onap/portal/domain/dto/DomainVo.java
@@ -65,6 +65,7 @@ import org.onap.portalsdk.core.logging.logic.EELFLoggerDelegate;
@Inheritance(strategy = InheritanceType.SINGLE_TABLE)
public class DomainVo extends FusionVo implements Serializable, Cloneable, Comparable {
+ private static final EELFLoggerDelegate logger = EELFLoggerDelegate.getLogger(DomainVo.class);
private static final long serialVersionUID = 1L;
protected Long id;
@@ -75,7 +76,6 @@ public class DomainVo extends FusionVo implements Serializable, Cloneable, Compa
protected Long rowNum;
protected Serializable auditUserId;
protected Set auditTrail = null;
- private static EELFLoggerDelegate logger = EELFLoggerDelegate.getLogger(DomainVo.class);
public DomainVo(Long id) {
this.id = id;
diff --git a/portal-BE/src/main/java/org/onap/portal/domain/dto/transport/CentralV2Role.java b/portal-BE/src/main/java/org/onap/portal/domain/dto/transport/CentralV2Role.java
index 25cc66fa..84fa0fbd 100644
--- a/portal-BE/src/main/java/org/onap/portal/domain/dto/transport/CentralV2Role.java
+++ b/portal-BE/src/main/java/org/onap/portal/domain/dto/transport/CentralV2Role.java
@@ -41,62 +41,65 @@
package org.onap.portal.domain.dto.transport;
import java.io.Serializable;
-import java.util.Date;
+import java.time.LocalDateTime;
import java.util.SortedSet;
import java.util.TreeSet;
import lombok.AllArgsConstructor;
+import lombok.Builder;
import lombok.EqualsAndHashCode;
import lombok.Getter;
import lombok.NoArgsConstructor;
import lombok.Setter;
+import org.onap.portal.domain.db.ep.EpAppFunction;
@Getter
@Setter
+@Builder
@EqualsAndHashCode
@NoArgsConstructor
@AllArgsConstructor
public class CentralV2Role implements Serializable, Comparable {
- private static final long serialVersionUID = -4332644961113063714L;
+ private static final long serialVersionUID = -4332644961113063714L;
- private Long id;
- private Date created;
- private Date modified;
- private Long createdId;
- private Long modifiedId;
- private Long rowNum;
- private String name;
- private boolean active;
- private Integer priority;
- private SortedSet<CentralV2RoleFunction> roleFunctions = new TreeSet<>();
- private SortedSet<CentralV2Role> childRoles = new TreeSet<>();
- private SortedSet<CentralV2Role> parentRoles = new TreeSet<>();
+ private Long id;
+ private LocalDateTime created;
+ private LocalDateTime modified;
+ private Long createdId;
+ private Long modifiedId;
+ private Long rowNum;
+ private String name;
+ private boolean active;
+ private Integer priority;
+ private SortedSet<EpAppFunction> roleFunctions = new TreeSet<>();
+ private SortedSet<CentralV2Role> childRoles = new TreeSet<>();
+ private SortedSet<CentralV2Role> parentRoles = new TreeSet<>();
- public CentralV2Role(Long id, String name) {
- this.id = id;
- this.name = name;
- }
+ public CentralV2Role(Long id, String name) {
+ this.id = id;
+ this.name = name;
+ }
- public void addRoleFunction(CentralV2RoleFunction roleFunction) {
- this.roleFunctions.add(roleFunction);
- }
+ public void addRoleFunction(EpAppFunction roleFunction) {
+ this.roleFunctions.add(roleFunction);
+ }
- public void addChildRole(CentralV2Role role) {
- this.childRoles.add(role);
- }
+ public void addChildRole(CentralV2Role role) {
+ this.childRoles.add(role);
+ }
- public void addParentRole(CentralV2Role role) {
- this.parentRoles.add(role);
- }
+ public void addParentRole(CentralV2Role role) {
+ this.parentRoles.add(role);
+ }
- @Override
- public int compareTo(Object obj) {
- CentralV2Role other = (CentralV2Role) obj;
+ @Override
+ public int compareTo(Object obj) {
+ CentralV2Role other = (CentralV2Role) obj;
- String c1 = getName();
- String c2 = other.getName();
+ String c1 = getName();
+ String c2 = other.getName();
- return (c1 == null || c2 == null) ? 1 : c1.compareTo(c2);
- }
+ return (c1 == null || c2 == null) ? 1 : c1.compareTo(c2);
+ }
}
diff --git a/portal-BE/src/main/java/org/onap/portal/domain/dto/transport/EcompUserAppRoles.java b/portal-BE/src/main/java/org/onap/portal/domain/dto/transport/EcompUserAppRoles.java
index ebf8fe88..bb110ece 100644
--- a/portal-BE/src/main/java/org/onap/portal/domain/dto/transport/EcompUserAppRoles.java
+++ b/portal-BE/src/main/java/org/onap/portal/domain/dto/transport/EcompUserAppRoles.java
@@ -61,5 +61,4 @@ public class EcompUserAppRoles implements Serializable {
private Integer priority;
private Long roleId;
private String roleName;
-
}
diff --git a/portal-BE/src/main/java/org/onap/portal/exception/SyncUserRolesException.java b/portal-BE/src/main/java/org/onap/portal/exception/SyncUserRolesException.java
new file mode 100644
index 00000000..604689ae
--- /dev/null
+++ b/portal-BE/src/main/java/org/onap/portal/exception/SyncUserRolesException.java
@@ -0,0 +1,50 @@
+/*
+ * ============LICENSE_START==========================================
+ * ONAP Portal
+ * ===================================================================
+ * Copyright (C) 2019 AT&T Intellectual Property. All rights reserved.
+ * ===================================================================
+ * Modifications Copyright (c) 2019 Samsung
+ * ===================================================================
+ *
+ * Unless otherwise specified, all software contained herein is licensed
+ * under the Apache License, Version 2.0 (the "License");
+ * you may not use this software except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ * Unless otherwise specified, all documentation contained herein is licensed
+ * under the Creative Commons License, Attribution 4.0 Intl. (the "License");
+ * you may not use this documentation except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * https://creativecommons.org/licenses/by/4.0/
+ *
+ * Unless required by applicable law or agreed to in writing, documentation
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ * ============LICENSE_END============================================
+ *
+ *
+ */
+
+package org.onap.portal.exception;
+
+public class SyncUserRolesException extends Exception{
+
+ public SyncUserRolesException(String msg) {
+ super(msg);
+ }
+
+}
+
diff --git a/portal-BE/src/main/java/org/onap/portal/logging/aop/EPEELFLoggerAdvice.java b/portal-BE/src/main/java/org/onap/portal/logging/aop/EPEELFLoggerAdvice.java
index fa8ab5d5..b555e6ae 100644
--- a/portal-BE/src/main/java/org/onap/portal/logging/aop/EPEELFLoggerAdvice.java
+++ b/portal-BE/src/main/java/org/onap/portal/logging/aop/EPEELFLoggerAdvice.java
@@ -49,8 +49,8 @@ import java.util.UUID;
import javax.servlet.http.HttpServletRequest;
import org.onap.portal.domain.db.fn.FnApp;
import org.onap.portal.domain.db.fn.FnUser;
+import org.onap.portal.service.AppsCacheService;
import org.onap.portal.service.fn.FnUserService;
-import org.onap.portal.service.fn.old.AppsCacheService;
import org.onap.portal.utils.EPCommonSystemProperties;
import org.onap.portal.utils.EcompPortalUtils;
import org.onap.portalsdk.core.exception.SessionExpiredException;
diff --git a/portal-BE/src/main/java/org/onap/portal/service/AdminRolesService.java b/portal-BE/src/main/java/org/onap/portal/service/AdminRolesService.java
index c2d88bc1..74b3548a 100644
--- a/portal-BE/src/main/java/org/onap/portal/service/AdminRolesService.java
+++ b/portal-BE/src/main/java/org/onap/portal/service/AdminRolesService.java
@@ -40,112 +40,1169 @@
package org.onap.portal.service;
+import com.fasterxml.jackson.core.JsonProcessingException;
+import com.fasterxml.jackson.databind.DeserializationFeature;
+import com.fasterxml.jackson.databind.ObjectMapper;
+import java.time.LocalDateTime;
+import java.util.ArrayList;
+import java.util.Arrays;
+import java.util.Collection;
+import java.util.Collections;
import java.util.HashMap;
+import java.util.HashSet;
import java.util.List;
import java.util.Map;
+import java.util.Set;
+import java.util.SortedSet;
+import java.util.TreeSet;
+import java.util.stream.Collectors;
import javax.persistence.EntityManager;
+import javax.persistence.Query;
+import org.apache.commons.lang.StringUtils;
+import org.apache.cxf.transport.http.HTTPException;
+import org.hibernate.Session;
+import org.hibernate.SessionFactory;
+import org.hibernate.Transaction;
+import org.json.JSONArray;
+import org.json.JSONObject;
+import org.onap.portal.domain.db.ep.EpUserRolesRequest;
+import org.onap.portal.domain.db.ep.EpUserRolesRequestDet;
+import org.onap.portal.domain.db.fn.FnApp;
import org.onap.portal.domain.db.fn.FnRole;
import org.onap.portal.domain.db.fn.FnUser;
import org.onap.portal.domain.db.fn.FnUserRole;
+import org.onap.portal.domain.dto.transport.AppWithRolesForUser;
+import org.onap.portal.domain.dto.transport.CentralV2Role;
+import org.onap.portal.domain.dto.transport.EcompUserAppRoles;
+import org.onap.portal.domain.dto.transport.ExternalAccessUser;
+import org.onap.portal.domain.dto.transport.ExternalAccessUserRoleDetail;
+import org.onap.portal.domain.dto.transport.ExternalRequestFieldsValidator;
+import org.onap.portal.domain.dto.transport.ExternalRoleDescription;
+import org.onap.portal.domain.dto.transport.RemoteRoleV1;
+import org.onap.portal.domain.dto.transport.RoleInAppForUser;
+import org.onap.portal.domain.dto.transport.RolesInAppForUser;
+import org.onap.portal.exception.SyncUserRolesException;
import org.onap.portal.logging.format.EPAppMessagesEnum;
import org.onap.portal.logging.logic.EPLogUtil;
+import org.onap.portal.service.ep.EpUserRolesRequestDetService;
+import org.onap.portal.service.ep.EpUserRolesRequestService;
+import org.onap.portal.service.fn.FnAppService;
+import org.onap.portal.service.fn.FnRoleService;
import org.onap.portal.service.fn.FnUserRoleService;
import org.onap.portal.service.fn.FnUserService;
+import org.onap.portal.utils.EPCommonSystemProperties;
+import org.onap.portal.utils.EcompPortalUtils;
+import org.onap.portal.utils.PortalConstants;
+import org.onap.portalsdk.core.domain.Role;
import org.onap.portalsdk.core.logging.logic.EELFLoggerDelegate;
+import org.onap.portalsdk.core.restful.domain.EcompRole;
+import org.onap.portalsdk.core.util.SystemProperties;
import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.http.HttpEntity;
+import org.springframework.http.HttpHeaders;
+import org.springframework.http.HttpMethod;
+import org.springframework.http.HttpStatus;
+import org.springframework.http.ResponseEntity;
import org.springframework.stereotype.Service;
import org.springframework.transaction.annotation.Transactional;
+import org.springframework.web.client.HttpClientErrorException;
+import org.springframework.web.client.RestTemplate;
@Service
@Transactional
public class AdminRolesService {
- private EELFLoggerDelegate logger = EELFLoggerDelegate.getLogger(AdminRolesService.class);
-
- private final Long SYS_ADMIN_ROLE_ID = 1L;
- private final Long ACCOUNT_ADMIN_ROLE_ID = 999L;
- private final Long ECOMP_APP_ID = 1L;
- private final String ADMIN_ACCOUNT = "Is account admin for user {}";
-
- private final EntityManager entityManager;
- private final FnUserService fnUserService;
- private final FnUserRoleService fnUserRoleService;
-
- @Autowired
- public AdminRolesService(final EntityManager entityManager,
- final FnUserService fnUserService, final FnUserRoleService fnUserRoleService) {
- this.entityManager = entityManager;
- this.fnUserService = fnUserService;
- this.fnUserRoleService = fnUserRoleService;
- }
-
- public boolean isSuperAdmin(final String orgUserId) {
- boolean isSuperAdmin;
- try {
- isSuperAdmin = fnUserRoleService
- .isSuperAdmin(orgUserId, SYS_ADMIN_ROLE_ID, ECOMP_APP_ID);
- } catch (Exception e) {
- logger.error("isSuperAdmin exception: " + e.toString());
- throw e;
+ private EELFLoggerDelegate logger = EELFLoggerDelegate.getLogger(AdminRolesService.class);
+ private static final Object syncRests = new Object();
+ private RestTemplate template = new RestTemplate();
+
+ private final Long SYS_ADMIN_ROLE_ID = 1L;
+ private final Long ACCOUNT_ADMIN_ROLE_ID = 999L;
+ private final Long ECOMP_APP_ID = 1L;
+ private final String ADMIN_ACCOUNT = "Is account admin for user {}";
+
+ private final AppsCacheService appsCacheService;
+ private final EntityManager entityManager;
+ private final FnUserService fnUserService;
+ private final FnRoleService fnRoleService;
+ private final FnAppService fnAppService;
+ private final FnUserRoleService fnUserRoleService;
+ private final EcompUserAppRolesService ecompUserAppRolesService;
+ private final ApplicationsRestClientService applicationsRestClientService;
+ private final EpUserRolesRequestDetService epUserRolesRequestDetService;
+ private final ExternalAccessRolesService externalAccessRolesService;
+ private final EpUserRolesRequestService epUserRolesRequestService;
+
+ @Autowired
+ public AdminRolesService(AppsCacheService appsCacheService,
+ final EntityManager entityManager,
+ final FnUserService fnUserService, FnRoleService fnRoleService,
+ FnAppService fnAppService,
+ final FnUserRoleService fnUserRoleService,
+ EcompUserAppRolesService ecompUserAppRolesService,
+ ApplicationsRestClientService applicationsRestClientService,
+ EpUserRolesRequestDetService epUserRolesRequestDetService,
+ ExternalAccessRolesService externalAccessRolesService,
+ EpUserRolesRequestService epUserRolesRequestService) {
+ this.appsCacheService = appsCacheService;
+ this.entityManager = entityManager;
+ this.fnUserService = fnUserService;
+ this.fnRoleService = fnRoleService;
+ this.fnAppService = fnAppService;
+ this.fnUserRoleService = fnUserRoleService;
+ this.ecompUserAppRolesService = ecompUserAppRolesService;
+ this.applicationsRestClientService = applicationsRestClientService;
+ this.epUserRolesRequestDetService = epUserRolesRequestDetService;
+ this.externalAccessRolesService = externalAccessRolesService;
+ this.epUserRolesRequestService = epUserRolesRequestService;
+ }
+
+ public boolean isSuperAdmin(final String orgUserId) {
+ boolean isSuperAdmin;
+ try {
+ isSuperAdmin = fnUserRoleService
+ .isSuperAdmin(orgUserId, SYS_ADMIN_ROLE_ID, ECOMP_APP_ID);
+ } catch (Exception e) {
+ logger.error("isSuperAdmin exception: " + e.toString());
+ throw e;
+ }
+ logger.info("isSuperAdmin " + isSuperAdmin);
+ return isSuperAdmin;
+ }
+
+ public boolean isAccountAdmin(FnUser user) {
+ try {
+ final Map<String, Long> userParams = new HashMap<>();
+ userParams.put("userId", user.getId());
+ logger.debug(EELFLoggerDelegate.debugLogger, ADMIN_ACCOUNT, user.getId());
+ List<Integer> userAdminApps = getAdminAppsForTheUser(user.getId());
+ logger.debug(EELFLoggerDelegate.debugLogger,
+ "Is account admin for userAdminApps() - for user {}, found userAdminAppsSize {}",
+ user.getOrgUserId(), userAdminApps.size());
+
+ if (user.getId() != null) {
+ for (FnUserRole userApp : user.getUserApps()) {
+ if (userApp.getRoleId().getId().equals(ACCOUNT_ADMIN_ROLE_ID) || (
+ userAdminApps.size() > 1)) {
+ logger.debug(EELFLoggerDelegate.debugLogger,
+ "Is account admin for userAdminApps() - for user {}, found Id {}",
+ user.getOrgUserId(), userApp.getRoleId().getId());
+ return true;
+ }
+ }
+ }
+ } catch (Exception e) {
+ EPLogUtil.logEcompError(logger, EPAppMessagesEnum.BeDaoSystemError, e);
+ logger.error(EELFLoggerDelegate.errorLogger,
+ "Exception occurred while executing isAccountAdmin operation",
+ e);
+ }
+ return false;
+ }
+
+ public boolean isUser(FnUser user) {
+ try {
+ FnUser currentUser = fnUserService.getUser(user.getId()).orElseThrow(Exception::new);
+ if (currentUser != null && currentUser.getId() != null) {
+ for (FnUserRole userApp : currentUser.getUserApps()) {
+ if (!userApp.getAppId().getId().equals(ECOMP_APP_ID)) {
+ FnRole role = userApp.getRoleId();
+ if (!role.getId().equals(SYS_ADMIN_ROLE_ID) && !role.getId()
+ .equals(ACCOUNT_ADMIN_ROLE_ID)) {
+ if (role.getActiveYn()) {
+ return true;
+ }
+ }
+ }
+ }
+ }
+ } catch (Exception e) {
+ EPLogUtil.logEcompError(logger, EPAppMessagesEnum.BeDaoSystemError, e);
+ logger.error(EELFLoggerDelegate.errorLogger, "Exception occurred while executing isUser operation",
+ e);
+ }
+ return false;
+ }
+
+ public boolean isRoleAdmin(FnUser user) {
+ try {
+ logger.debug(EELFLoggerDelegate.debugLogger, "Checking if user has isRoleAdmin access");
+ List getRoleFuncListOfUser = fnUserRoleService.getRoleFunctionsOfUserforAlltheApplications(user.getId());
+ logger.debug(EELFLoggerDelegate.debugLogger,
+ "Checking if user has isRoleAdmin access :: getRoleFuncListOfUser", getRoleFuncListOfUser);
+ Set<String> getRoleFuncListOfPortalSet = new HashSet<>(getRoleFuncListOfUser);
+ Set<String> getRoleFuncListOfPortalSet1 = new HashSet<>();
+ Set<String> roleFunSet;
+ roleFunSet = getRoleFuncListOfPortalSet.stream().filter(x -> x.contains("|"))
+ .collect(Collectors.toSet());
+ if (!roleFunSet.isEmpty()) {
+ for (String roleFunction : roleFunSet) {
+ String type = externalAccessRolesService.getFunctionCodeType(roleFunction);
+ getRoleFuncListOfPortalSet1.add(type);
+ }
+ }
+
+ boolean checkIfFunctionsExits = getRoleFuncListOfPortalSet1.stream()
+ .anyMatch(roleFunction -> roleFunction.equalsIgnoreCase("Approver"));
+ logger.debug(EELFLoggerDelegate.debugLogger, "Checking if user has approver rolefunction",
+ checkIfFunctionsExits);
+
+ return checkIfFunctionsExits;
+
+ } catch (Exception e) {
+ EPLogUtil.logEcompError(logger, EPAppMessagesEnum.BeDaoSystemError, e);
+ logger.error(EELFLoggerDelegate.errorLogger,
+ "Exception occurred while executing isRoleAdmin operation",
+ e);
+ }
+ return false;
+ }
+
+ public boolean isAccountAdminOfApplication(FnUser user, FnApp app) {
+ boolean isApplicationAccountAdmin = false;
+ try {
+ logger.debug(EELFLoggerDelegate.debugLogger, ADMIN_ACCOUNT, user.getId());
+ List<Integer> userAdminApps = getAdminAppsForTheUser(user.getId());
+ if (!userAdminApps.isEmpty()) {
+ isApplicationAccountAdmin = userAdminApps.contains(app.getId());
+ logger.debug(EELFLoggerDelegate.debugLogger, "Is account admin for user is true{} ,appId {}", user.getId(),
+ app.getId());
+ }
+ } catch (Exception e) {
+ EPLogUtil.logEcompError(logger, EPAppMessagesEnum.BeDaoSystemError, e);
+ logger.error(EELFLoggerDelegate.errorLogger,
+ "Exception occurred while executing isAccountAdminOfApplication operation", e);
+ }
+ logger.debug(EELFLoggerDelegate.debugLogger,
+ "In AdminRolesServiceImpl() - isAccountAdminOfApplication = {} and userId ={} ", isApplicationAccountAdmin,
+ user.getOrgUserId());
+ return isApplicationAccountAdmin;
+
+ }
+
+ private List<Integer> getAdminAppsForTheUser(final Long userId) {
+ String query = "select fa.app_id from fn_user_role ur,fn_app fa where ur.user_id =:userId and ur.app_id=fa.app_id and ur.role_id= 999 and (fa.enabled = 'Y' || fa.app_id=1)";
+ return entityManager.createQuery(query, Integer.class)
+ .setParameter("userId", userId).getResultList();
+ }
+
+ public ExternalRequestFieldsValidator setAppWithUserRoleStateForUser(FnUser user,
+ AppWithRolesForUser newAppRolesForUser) {
+ boolean result = false;
+ boolean epRequestValue = false;
+ String userId = "";
+ String reqMessage = "";
+ if (newAppRolesForUser != null && newAppRolesForUser.getOrgUserId() != null) {
+ userId = newAppRolesForUser.getOrgUserId().trim();
+ }
+ Long appId = newAppRolesForUser.getAppId();
+ List<RoleInAppForUser> roleInAppForUserList = newAppRolesForUser.getAppRoles();
+
+ if (userId.length() > 0) {
+ ObjectMapper mapper = new ObjectMapper();
+ mapper.configure(DeserializationFeature.FAIL_ON_UNKNOWN_PROPERTIES, false);
+
+ try {
+ FnApp app = fnAppService.getById(appId);
+
+ boolean checkIfUserisApplicationAccAdmin = isAccountAdminOfApplication(user,
+ app);
+ Set<EcompRole> rolesGotDeletedFromApprover = new TreeSet<>();
+
+ boolean checkIfUserIsOnlyRoleAdmin =
+ isRoleAdmin(user) && !checkIfUserisApplicationAccAdmin;
+ if (checkIfUserIsOnlyRoleAdmin) {
+ for (RoleInAppForUser roleInAppForUser : roleInAppForUserList) {
+ if (!roleInAppForUser.getIsApplied()) {
+ EcompRole ecompRole = new EcompRole();
+ ecompRole.setId(roleInAppForUser.getRoleId());
+ ecompRole.setName(roleInAppForUser.getRoleName());
+ rolesGotDeletedFromApprover.add(ecompRole);
+ }
+ }
+ }
+
+ applyChangesToUserAppRolesForMyLoginsRequest(user, appId);
+
+ boolean systemUser = newAppRolesForUser.isSystemUser();
+
+ if ((app.getAuthCentral() || app.getId().equals(PortalConstants.PORTAL_APP_ID))
+ && systemUser) {
+
+ Set<EcompRole> userRolesInLocalApp = postUsersRolesToLocalApp(roleInAppForUserList);
+ RolesInAppForUser rolesInAppForUser = constructRolesInAppForUserUpdate(userId, appId,
+ userRolesInLocalApp);
+ List<RoleInAppForUser> roleAppUserList = rolesInAppForUser.getRoles();
+ Set<EcompRole> rolesGotDeletedByApprover = new TreeSet<>();
+ if (EcompPortalUtils.checkIfRemoteCentralAccessAllowed()) {
+ // Apply changes in external Access system
+
+ updateUserRolesInExternalSystem(app, rolesInAppForUser.getOrgUserId(),
+ roleAppUserList,
+ epRequestValue, systemUser, rolesGotDeletedByApprover, false);
+ }
+ result = applyChangesInUserRolesForAppToEcompDB(rolesInAppForUser, epRequestValue,
+ "Portal",
+ systemUser, rolesGotDeletedByApprover, false);
+
+ } else if (!app.getAuthCentral() && systemUser) {
+ throw new Exception("For non-centralized application we cannot add systemUser");
+ } else { // if centralized app
+ if (app.getAuthCentral()) {
+ if (!app.getId().equals(PortalConstants.PORTAL_APP_ID)) {
+ pushRemoteUser(roleInAppForUserList, userId, app, mapper,
+ applicationsRestClientService, false);
+ }
+
+ Set<EcompRole> userRolesInLocalApp = postUsersRolesToLocalApp(
+ roleInAppForUserList);
+ RolesInAppForUser rolesInAppForUser = constructRolesInAppForUserUpdate(userId,
+ appId,
+ userRolesInLocalApp);
+ List<RoleInAppForUser> roleAppUserList = rolesInAppForUser.getRoles();
+ if (EcompPortalUtils.checkIfRemoteCentralAccessAllowed()) {
+
+ // Apply changes in external Access system
+ updateUserRolesInExternalSystem(app, rolesInAppForUser.getOrgUserId(),
+ roleAppUserList,
+ epRequestValue, false, rolesGotDeletedFromApprover,
+ checkIfUserIsOnlyRoleAdmin);
+ }
+ result = applyChangesInUserRolesForAppToEcompDB(rolesInAppForUser,
+ epRequestValue, "Portal", systemUser, rolesGotDeletedFromApprover,
+ checkIfUserIsOnlyRoleAdmin);
+ }
+ // In case if portal is not centralized then follow existing approach
+ else if (!app.getAuthCentral() && app.getId()
+ .equals(PortalConstants.PORTAL_APP_ID)) {
+ Set<EcompRole> userRolesInLocalApp = postUsersRolesToLocalApp(
+ roleInAppForUserList);
+ RolesInAppForUser rolesInAppForUser = constructRolesInAppForUserUpdate(userId,
+ appId,
+ userRolesInLocalApp);
+ Set<EcompRole> rolesGotDeletedByApprover = new TreeSet<>();
+ result = applyChangesInUserRolesForAppToEcompDB(rolesInAppForUser,
+ epRequestValue, "Portal", false, rolesGotDeletedByApprover, false);
+ } else {// remote app
+ FnUser remoteAppUser;
+ if (!app.getAuthCentral() && !app.getId()
+ .equals(PortalConstants.PORTAL_APP_ID)) {
+
+ remoteAppUser = checkIfRemoteUserExits(userId, app,
+ applicationsRestClientService);
+
+ if (remoteAppUser == null) {
+ addRemoteUser(roleInAppForUserList, userId, app,
+ mapper, applicationsRestClientService);
+ }
+ Set<EcompRole> userRolesInRemoteApp = postUsersRolesToRemoteApp(
+ roleInAppForUserList, mapper,
+ applicationsRestClientService, appId, userId);
+ RolesInAppForUser rolesInAppForUser = constructRolesInAppForUserUpdate(
+ userId, appId,
+ userRolesInRemoteApp);
+ Set<EcompRole> rolesGotDeletedByApprover = new TreeSet<>();
+ result = applyChangesInUserRolesForAppToEcompDB(rolesInAppForUser,
+ epRequestValue, null, false, rolesGotDeletedByApprover, false);
+
+ // If no roles remain, request app to set user inactive.
+ if (userRolesInRemoteApp.size() == 0) {
+ logger.debug(EELFLoggerDelegate.debugLogger,
+ "setAppWithUserRoleStateForUser: no roles in app {}, set user {} to inactive",
+ app,
+ userId);
+ postUserToRemoteApp(userId, app,
+ applicationsRestClientService);
+ }
+ }
+ }
+ }
+ } catch (Exception e) {
+ String message = String.format(
+ "Failed to create user or update user roles for User %s, AppId %s",
+ userId, Long.toString(appId));
+ logger.error(EELFLoggerDelegate.errorLogger, message, e);
+ result = false;
+ reqMessage = e.getMessage();
+ }
+ }
+ //return result;
+ return new ExternalRequestFieldsValidator(result, reqMessage);
+
+ }
+
+ private void pushRemoteUser(List<RoleInAppForUser> roleInAppForUserList, String userId, FnApp app,
+ ObjectMapper mapper, ApplicationsRestClientService applicationsRestClientService, boolean appRoleIdUsed)
+ throws Exception {
+ pushUserOnRemoteApp(userId, app, applicationsRestClientService, mapper,
+ roleInAppForUserList, appRoleIdUsed);
+ }
+
+
+ private void postUserToRemoteApp(String userId, FnApp app,
+ ApplicationsRestClientService applicationsRestClientService) throws HTTPException {
+
+ getUser(userId, app, applicationsRestClientService);
+
+ }
+
+ private FnUser getUser(String userId, FnApp app, ApplicationsRestClientService applicationsRestClientService)
+ throws HTTPException {
+ return applicationsRestClientService.get(FnUser.class, app.getId(), String.format("/user/%s", userId), true);
+
+ }
+
+ private void pushUserOnRemoteApp(String userId, FnApp app,
+ ApplicationsRestClientService applicationsRestClientService,
+ ObjectMapper mapper, List<RoleInAppForUser> roleInAppForUserList, boolean appRoleIdUsed)
+ throws Exception {
+
+ FnUser client;
+ client = fnUserService.loadUserByUsername(userId);
+
+ mapper.configure(DeserializationFeature.FAIL_ON_UNKNOWN_PROPERTIES, false);
+ if (client == null) {
+ String msg = "cannot create user " + userId + ", because he/she cannot be found in directory.";
+ logger.error(EELFLoggerDelegate.errorLogger, msg);
+ List<FnUser> userList = fnUserService.getUserWithOrgUserId(userId);
+ if (!userList.isEmpty()) {
+ logger.debug(EELFLoggerDelegate.debugLogger,
+ userList.get(0).getOrgUserId() + " User was found in Portal");
+ client = userList.get(0);
+ client.setUserApps(Collections.EMPTY_SET);
+ client.setIsSystemUser(false);
+ } else {
+ logger.error(EELFLoggerDelegate.errorLogger, "user cannot be found be in directory or in portal");
+ throw new Exception(msg);
+ }
+
+ }
+
+ client.setLoginId(userId);
+ client.setActiveYn(true);
+ client.setOrgUserId(userId);
+
+ roleInAppForUserList.removeIf(role -> role.getIsApplied().equals(false));
+ SortedSet<Role> roles = new TreeSet<>();
+
+ List<FnRole> getAppRoles = externalAccessRolesService.getAppRoles(app.getId());
+ List<FnApp> appList = new ArrayList<>();
+ appList.add(app);
+ List<CentralV2Role> roleList = new ArrayList<>();
+ Map<String, Long> params = new HashMap<>();
+
+ List<FnRole> userRoles = new ArrayList<>();
+
+ for (RoleInAppForUser roleInappForUser : roleInAppForUserList) {
+ FnRole role = new FnRole();
+ role.setId(roleInappForUser.getRoleId());
+ role.setRoleName(roleInappForUser.getRoleName());
+ userRoles.add(role);
+ }
+
+ if (appRoleIdUsed) {
+ List<FnRole> userAppRoles = new ArrayList<>();
+ for (FnRole role : userRoles) {
+ FnRole appRole = getAppRoles.stream()
+ .filter(applicationRole -> role.getId().equals(applicationRole.getAppRoleId())).findAny()
+ .orElse(null);
+ FnRole epRole = new FnRole();
+ if (appRole != null) {
+ epRole.setId(appRole.getId());
+ epRole.setRoleName(appRole.getRoleName());
+ }
+ userAppRoles.add(epRole);
+ }
+ userRoles = new ArrayList<>(userAppRoles);
+ }
+ roleList = externalAccessRolesService.createCentralRoleObject(appList, userRoles, roleList);
+
+ for (CentralV2Role epRole : roleList) {
+ Role role = new Role();
+ FnRole appRole = getAppRoles.stream()
+ .filter(applicationRole -> epRole.getId().equals(applicationRole.getId())).findAny().orElse(null);
+ if (appRole != null) {
+ role.setId(appRole.getAppRoleId());
+ role.setName(epRole.getName());
+ role.setRoleFunctions(epRole.getRoleFunctions());
+ }
+ roles.add(role);
+ }
+ client.setRoles(roles.stream().map(this::roleToFnRole).collect(Collectors.toSet()));
+ String userInString;
+ userInString = mapper.writerFor(FnUser.class).writeValueAsString(client);
+ logger.debug(EELFLoggerDelegate.debugLogger,
+ "about to post a client to remote application, users json = " + userInString);
+ applicationsRestClientService.post(FnUser.class, app.getId(), userInString, String.format("/user/%s", userId));
+ }
+
+ private FnRole roleToFnRole(Role role) {
+ return new FnRole(role.getId(), role.getName(), role.getActive(), role.getPriority(), role.getRoleFunctions(),
+ role.getChildRoles(), role.getParentRoles());
+ }
+
+ private Set<EcompRole> postUsersRolesToRemoteApp(List<RoleInAppForUser> roleInAppForUserList, ObjectMapper mapper,
+ ApplicationsRestClientService applicationsRestClientService, Long appId, String userId)
+ throws JsonProcessingException, HTTPException {
+ Set<EcompRole> updatedUserRolesinRemote = constructUsersRemoteAppRoles(roleInAppForUserList);
+ Set<EcompRole> updateUserRolesInEcomp = constructUsersEcompRoles(roleInAppForUserList);
+ String userRolesAsString = mapper.writeValueAsString(updatedUserRolesinRemote);
+ FnApp externalApp;
+ externalApp = appsCacheService.getApp(appId);
+ String appBaseUri = null;
+ Set<RemoteRoleV1> updatedUserRolesinRemoteV1 = new TreeSet<>();
+ if (externalApp != null) {
+ appBaseUri = externalApp.getAppRestEndpoint();
+ }
+ if (appBaseUri != null && appBaseUri.endsWith("/api")) {
+ for (EcompRole eprole : updatedUserRolesinRemote) {
+ RemoteRoleV1 role = new RemoteRoleV1();
+ role.setId(eprole.getId());
+ role.setName(eprole.getName());
+ updatedUserRolesinRemoteV1.add(role);
+ }
+ userRolesAsString = mapper.writeValueAsString(updatedUserRolesinRemoteV1);
+ }
+ applicationsRestClientService.post(EcompRole.class, appId, userRolesAsString,
+ String.format("/user/%s/roles", userId));
+ return updateUserRolesInEcomp;
+ }
+
+ private void addRemoteUser(List<RoleInAppForUser> roleInAppForUserList, String userId, FnApp app,
+ ObjectMapper mapper, ApplicationsRestClientService applicationsRestClientService) throws Exception {
+ if (remoteUserShouldBeCreated(roleInAppForUserList)) {
+ createNewUserOnRemoteApp(userId, app, applicationsRestClientService, mapper);
+ }
+ }
+
+ private void createNewUserOnRemoteApp(String userId, FnApp app,
+ ApplicationsRestClientService applicationsRestClientService, ObjectMapper mapper)
+ throws Exception {
+
+ FnUser client = fnUserService.loadUserByUsername(userId);
+
+ mapper.configure(DeserializationFeature.FAIL_ON_UNKNOWN_PROPERTIES, false);
+
+ if (client == null) {
+ String msg = "cannot create user " + userId + ", because he/she cannot be found in phonebook.";
+ logger.error(EELFLoggerDelegate.errorLogger, msg);
+ throw new Exception(msg);
+ }
+
+ client.setLoginId(userId);
+ client.setActiveYn(true);
+
+ String userInString;
+ userInString = mapper.writerFor(FnUser.class).writeValueAsString(client);
+ logger.debug(EELFLoggerDelegate.debugLogger,
+ "about to post new client to remote application, users json = " + userInString);
+ applicationsRestClientService.post(FnUser.class, app.getId(), userInString, String.format("/user", userId));
+
+ }
+
+ private boolean remoteUserShouldBeCreated(List<RoleInAppForUser> roleInAppForUserList) {
+ for (RoleInAppForUser roleInAppForUser : roleInAppForUserList) {
+ if (roleInAppForUser.getIsApplied()) {
+ return true;
+ }
+ }
+ return false;
+ }
+
+ private Set<EcompRole> constructUsersRemoteAppRoles(List<RoleInAppForUser> roleInAppForUserList) {
+ Set<EcompRole> existingUserRoles = new TreeSet<>();
+ for (RoleInAppForUser roleInAppForUser : roleInAppForUserList) {
+ if (roleInAppForUser.getIsApplied() && !roleInAppForUser.getRoleId()
+ .equals(PortalConstants.ACCOUNT_ADMIN_ROLE_ID)) {
+ EcompRole ecompRole = new EcompRole();
+ ecompRole.setId(roleInAppForUser.getRoleId());
+ ecompRole.setName(roleInAppForUser.getRoleName());
+ existingUserRoles.add(ecompRole);
+ }
+ }
+ return existingUserRoles;
+ }
+
+ private void applyChangesToUserAppRolesForMyLoginsRequest(FnUser user, Long appId) {
+ List<EpUserRolesRequest> epRequestIdVal;
+ try {
+ epRequestIdVal = epUserRolesRequestService.userAppRolesRequestList(user.getId(), appId);
+ if (epRequestIdVal.size() > 0) {
+ EpUserRolesRequest epAppRolesRequestData = epRequestIdVal.get(0);
+ epAppRolesRequestData.setUpdatedDate(LocalDateTime.now());
+ epAppRolesRequestData.setRequestStatus("O");
+ epAppRolesRequestData.setUserId(user);
+ epUserRolesRequestService.saveOne(epAppRolesRequestData);
+ List<EpUserRolesRequestDet> epUserAppRolesDetailList = epUserRolesRequestDetService
+ .appRolesRequestDetailList(epAppRolesRequestData.getReqId());
+ if (epUserAppRolesDetailList.size() > 0) {
+ for (EpUserRolesRequestDet epRequestUpdateList : epUserAppRolesDetailList) {
+ epRequestUpdateList.setRequestType("O");
+ epRequestUpdateList.setReqId(epAppRolesRequestData);
+ epRequestUpdateList.setReqId(epAppRolesRequestData);
+ epUserRolesRequestDetService.saveOne(epRequestUpdateList);
+ }
+ logger.debug(EELFLoggerDelegate.debugLogger,
+ "User App roles request from User Page is overridden");
+ }
+ }
+
+ } catch (Exception e) {
+ logger.error(EELFLoggerDelegate.errorLogger, "applyChangesToUserAppRolesRequest failed", e);
+ }
+ }
+
+ private Set<EcompRole> postUsersRolesToLocalApp(List<RoleInAppForUser> roleInAppForUserList) {
+ return constructUsersEcompRoles(roleInAppForUserList);
+ }
+
+ private Set<EcompRole> constructUsersEcompRoles(List<RoleInAppForUser> roleInAppForUserList) {
+ Set<EcompRole> existingUserRoles = new TreeSet<>();
+ for (RoleInAppForUser roleInAppForUser : roleInAppForUserList) {
+ if (roleInAppForUser.getIsApplied()) {
+ EcompRole ecompRole = new EcompRole();
+ ecompRole.setId(roleInAppForUser.getRoleId());
+ ecompRole.setName(roleInAppForUser.getRoleName());
+ existingUserRoles.add(ecompRole);
+ }
+ }
+ return existingUserRoles;
+ }
+
+ public RolesInAppForUser constructRolesInAppForUserUpdate(String userId, Long appId,
+ Set<EcompRole> userRolesInRemoteApp) {
+ RolesInAppForUser result;
+ result = new RolesInAppForUser();
+ result.setAppId(appId);
+ result.setOrgUserId(userId);
+
+ for (EcompRole role : userRolesInRemoteApp) {
+ RoleInAppForUser roleInAppForUser = new RoleInAppForUser();
+ roleInAppForUser.setRoleId(role.getId());
+ roleInAppForUser.setRoleName(role.getName());
+ roleInAppForUser.setIsApplied(true);
+ result.getRoles().add(roleInAppForUser);
+ }
+ return result;
+ }
+
+ private void updateUserRolesInExternalSystem(FnApp app, String orgUserId, List<RoleInAppForUser> roleInAppUser,
+ boolean isPortalRequest, boolean isSystemUser, Set<EcompRole> deletedRolesByApprover,
+ boolean isLoggedInUserRoleAdminofApp) throws Exception {
+ try {
+ List<FnUser> userInfo = checkIfUserExists(orgUserId);
+ if (userInfo.isEmpty()) {
+ createLocalUserIfNecessary(orgUserId, isSystemUser);
+ }
+ String name;
+ if (EPCommonSystemProperties
+ .containsProperty(EPCommonSystemProperties.EXTERNAL_CENTRAL_ACCESS_USER_DOMAIN)
+ && !isSystemUser) {
+ name = orgUserId
+ + SystemProperties
+ .getProperty(EPCommonSystemProperties.EXTERNAL_CENTRAL_ACCESS_USER_DOMAIN);
+ } else {
+ name = orgUserId;
+ }
+ ObjectMapper mapper = new ObjectMapper();
+ HttpHeaders headers = EcompPortalUtils.base64encodeKeyForAAFBasicAuth();
+ HttpEntity<String> getUserRolesEntity = new HttpEntity<>(headers);
+ ResponseEntity<String> getResponse = externalAccessRolesService
+ .getUserRolesFromExtAuthSystem(name, getUserRolesEntity);
+
+ List<ExternalAccessUserRoleDetail> userRoleDetailList = new ArrayList<>();
+ String res = getResponse.getBody();
+ JSONObject jsonObj;
+ JSONArray extRoles = null;
+ if (!res.equals("{}")) {
+ jsonObj = new JSONObject(res);
+ extRoles = jsonObj.getJSONArray("role");
+ }
+ ExternalAccessUserRoleDetail userRoleDetail;
+ if (extRoles != null) {
+ for (int i = 0; i < extRoles.length(); i++) {
+ if (extRoles.getJSONObject(i).getString("name").startsWith(app.getAuthNamespace() + ".")
+ && !extRoles.getJSONObject(i).getString("name")
+ .equals(app.getAuthNamespace() + ".admin")
+ && !extRoles.getJSONObject(i).getString("name")
+ .equals(app.getAuthNamespace() + ".owner")) {
+ if (extRoles.getJSONObject(i).has("description")) {
+ ExternalRoleDescription desc = new ExternalRoleDescription(
+ extRoles.getJSONObject(i).getString("description"));
+ userRoleDetail = new ExternalAccessUserRoleDetail(
+ extRoles.getJSONObject(i).getString("name"), desc);
+ userRoleDetailList.add(userRoleDetail);
+ } else {
+ userRoleDetail = new ExternalAccessUserRoleDetail(
+ extRoles.getJSONObject(i).getString("name"), null);
+ userRoleDetailList.add(userRoleDetail);
+ }
+
+ }
+ }
+ }
+
+ List<ExternalAccessUserRoleDetail> userRoleListMatchingInExtAuthAndLocal = checkIfRoleAreMatchingInUserRoleDetailList(
+ userRoleDetailList, app);
+
+ List<EcompUserAppRoles> userAppList;
+ // If request coming from portal not from external role approval system then we have to check if user already
+ // have account admin or system admin as GUI will not send these roles
+ if (!isPortalRequest) {
+ FnUser user = fnUserService.getUserWithOrgUserId(orgUserId).get(0);
+ userAppList = ecompUserAppRolesService.getUserAppExistingRoles(app.getAppId(), user.getUserId());
+ if (!roleInAppUser.isEmpty()) {
+ for (EcompUserAppRoles userApp : userAppList) {
+ if (userApp.getRoleId().equals(PortalConstants.SYS_ADMIN_ROLE_ID)
+ || userApp.getRoleId()
+ .equals(PortalConstants.ACCOUNT_ADMIN_ROLE_ID)) {
+ RoleInAppForUser addSpecialRole = new RoleInAppForUser();
+ addSpecialRole.setIsApplied(true);
+ addSpecialRole.setRoleId(userApp.getRoleId());
+ addSpecialRole.setRoleName(userApp.getRoleName());
+ roleInAppUser.add(addSpecialRole);
+ }
+ }
+ }
+ }
+ List<RoleInAppForUser> roleInAppUserNonDupls = roleInAppUser.stream().distinct()
+ .collect(Collectors.toList());
+ Map<String, RoleInAppForUser> currentUserRolesToUpdate = new HashMap<>();
+ for (RoleInAppForUser roleInAppUserNew : roleInAppUserNonDupls) {
+ currentUserRolesToUpdate.put(roleInAppUserNew.getRoleName()
+ .replaceAll(EcompPortalUtils.EXTERNAL_CENTRAL_AUTH_ROLE_HANDLE_SPECIAL_CHARACTERS,
+ "_"), roleInAppUserNew);
+ }
+ final Map<String, ExternalAccessUserRoleDetail> currentUserRolesInExternalSystem = new HashMap<>();
+ for (ExternalAccessUserRoleDetail extAccessUserRole : userRoleListMatchingInExtAuthAndLocal) {
+ currentUserRolesInExternalSystem.put(extAccessUserRole.getName(), extAccessUserRole);
+ }
+
+ if (isLoggedInUserRoleAdminofApp) {
+ if (deletedRolesByApprover.size() > 0) {
+ List<ExternalAccessUserRoleDetail> newUpdatedRoles = new ArrayList<>();
+ for (ExternalAccessUserRoleDetail userRole : userRoleListMatchingInExtAuthAndLocal) {
+ for (EcompRole role : deletedRolesByApprover) {
+ if ((userRole.getName().substring(app.getAuthNamespace().length() + 1))
+ .equals(role.getName())) {
+ newUpdatedRoles.add(userRole);
}
- logger.info("isSuperAdmin " + isSuperAdmin);
- return isSuperAdmin;
- }
-
- public boolean isAccountAdmin(FnUser user) {
- try {
- final Map<String, Long> userParams = new HashMap<>();
- userParams.put("userId", user.getId());
- logger.debug(EELFLoggerDelegate.debugLogger, ADMIN_ACCOUNT, user.getId());
- List<Integer> userAdminApps;
- String query = "select fa.app_id from fn_user_role ur,fn_app fa where ur.user_id =:userId and ur.app_id=fa.app_id and ur.role_id= 999 and (fa.enabled = 'Y' || fa.app_id=1)";
- userAdminApps = entityManager.createQuery(query, Integer.class)
- .setParameter("userId", user.getId()).getResultList();
- logger.debug(EELFLoggerDelegate.debugLogger,
- "Is account admin for userAdminApps() - for user {}, found userAdminAppsSize {}",
- user.getOrgUserId(), userAdminApps.size());
-
- if (user.getId() != null) {
- for (FnUserRole userApp : user.getFnUserRoles()) {
- if (userApp.getRoleId().getId().equals(ACCOUNT_ADMIN_ROLE_ID) || (
- userAdminApps.size() > 1)) {
- logger.debug(EELFLoggerDelegate.debugLogger,
- "Is account admin for userAdminApps() - for user {}, found Id {}",
- user.getOrgUserId(), userApp.getRoleId().getId());
- return true;
- }
- }
- }
- } catch (Exception e) {
- EPLogUtil.logEcompError(logger, EPAppMessagesEnum.BeDaoSystemError, e);
- logger.error(EELFLoggerDelegate.errorLogger,
- "Exception occurred while executing isAccountAdmin operation",
- e);
+ }
+ }
+ if (newUpdatedRoles.size() > 0) {
+ userRoleListMatchingInExtAuthAndLocal = new ArrayList<>(newUpdatedRoles);
+ } else {
+ userRoleListMatchingInExtAuthAndLocal = new ArrayList<>();
+ currentUserRolesToUpdate = new HashMap<>();
+
+ }
+
+ } else {
+ userRoleListMatchingInExtAuthAndLocal = new ArrayList<>();
+ currentUserRolesToUpdate = new HashMap<>();
+
+ }
+ }
+
+ // Check if user roles does not exists in local but still there in External Central Auth System delete them all
+ for (ExternalAccessUserRoleDetail userRole : userRoleListMatchingInExtAuthAndLocal) {
+ if (!(currentUserRolesToUpdate
+ .containsKey(userRole.getName().substring(app.getAuthNamespace().length() + 1)))) {
+ HttpEntity<String> entity = new HttpEntity<>(headers);
+ logger.debug(EELFLoggerDelegate.debugLogger,
+ "updateUserRolesInExternalSystem: Connecting to external system to DELETE user role {}",
+ userRole.getName());
+ ResponseEntity<String> deleteResponse = template.exchange(
+ SystemProperties
+ .getProperty(EPCommonSystemProperties.EXTERNAL_CENTRAL_ACCESS_URL)
+ + "userRole/" + name + "/" + userRole.getName(),
+ HttpMethod.DELETE, entity, String.class);
+ logger.debug(EELFLoggerDelegate.debugLogger,
+ "updateUserRolesInExternalSystem: Finished DELETE operation in external system for user role {} and the response is {}",
+ userRole.getName(), deleteResponse.getBody());
+ }
+ }
+ // Check if user roles does not exists in External Central Auth System add them all
+ for (RoleInAppForUser addUserRole : roleInAppUserNonDupls) {
+ if (!(currentUserRolesInExternalSystem
+ .containsKey(app.getAuthNamespace() + "." + addUserRole.getRoleName().replaceAll(
+ EcompPortalUtils.EXTERNAL_CENTRAL_AUTH_ROLE_HANDLE_SPECIAL_CHARACTERS,
+ "_")))) {
+ ExternalAccessUser extUser = new ExternalAccessUser(name,
+ app.getAuthNamespace() + "." + addUserRole.getRoleName().replaceAll(
+ EcompPortalUtils.EXTERNAL_CENTRAL_AUTH_ROLE_HANDLE_SPECIAL_CHARACTERS,
+ "_"));
+ String formattedUserRole = mapper.writeValueAsString(extUser);
+ HttpEntity<String> entity = new HttpEntity<>(formattedUserRole, headers);
+ logger.debug(EELFLoggerDelegate.debugLogger,
+ "updateUserRolesInExternalSystem: Connecting to external system for user {} and POST {}",
+ name, addUserRole.getRoleName());
+ ResponseEntity<String> addResponse = template
+ .exchange(SystemProperties
+ .getProperty(EPCommonSystemProperties.EXTERNAL_CENTRAL_ACCESS_URL)
+ + "userRole", HttpMethod.POST, entity, String.class);
+ logger.debug(EELFLoggerDelegate.debugLogger,
+ "updateUserRolesInExternalSystem: Finished adding user role in external system {} and added user role {}",
+ addResponse.getBody(), addUserRole.getRoleName());
+ if (addResponse.getStatusCode().value() != 201
+ && addResponse.getStatusCode().value() != 404) {
+ logger.debug(EELFLoggerDelegate.debugLogger,
+ "Finished POST operation in external system but unable to save user role",
+ addResponse.getBody(),
+ addUserRole.getRoleName());
+ throw new Exception(addResponse.getBody());
+ }
+ }
+ }
+ } catch (HttpClientErrorException e) {
+ logger.error(EELFLoggerDelegate.errorLogger,
+ "updateUserRolesInExternalSystem: Failed to add user role for application {} due to {}",
+ app.getId(), e);
+ if (e.getStatusCode() == HttpStatus.FORBIDDEN) {
+ logger.error(EELFLoggerDelegate.errorLogger, "Please enter the valid systemUser",
+ orgUserId);
+ throw new HttpClientErrorException(HttpStatus.FORBIDDEN,
+ "Please enter the valid systemUser");
+ }
+ if (e.getStatusCode() == HttpStatus.NOT_FOUND) {
+ logger.error(EELFLoggerDelegate.errorLogger, "Please enter the valid role");
+ throw new HttpClientErrorException(HttpStatus.NOT_FOUND, "Please enter the valid role");
+ }
+ EPLogUtil.logExternalAuthAccessAlarm(logger, HttpStatus.BAD_REQUEST);
+ throw e;
+ } catch (Exception e) {
+ logger.error(EELFLoggerDelegate.errorLogger,
+ "updateUserRolesInExternalSystem: Failed to add user role for application {} due to {}",
+ app.getId(), e);
+ EPLogUtil.logExternalAuthAccessAlarm(logger, HttpStatus.BAD_REQUEST);
+ throw e;
+ }
+ }
+
+ private List<ExternalAccessUserRoleDetail> checkIfRoleAreMatchingInUserRoleDetailList(
+ List<ExternalAccessUserRoleDetail> userRoleDetailList, FnApp app) {
+ Map<String, FnRole> epRoleList = externalAccessRolesService.getAppRoleNamesWithUnderscoreMap(app);
+ //Add Account Admin role for partner app to prevent conflict
+ if (!PortalConstants.PORTAL_APP_ID.equals(app.getId())) {
+ FnRole role = new FnRole();
+ role.setRoleName(PortalConstants.ADMIN_ROLE
+ .replaceAll(EcompPortalUtils.EXTERNAL_CENTRAL_AUTH_ROLE_HANDLE_SPECIAL_CHARACTERS, "_"));
+ epRoleList.put(role.getRoleName(), role);
+ }
+ userRoleDetailList.removeIf(
+ userRoleDetail -> !epRoleList
+ .containsKey(userRoleDetail.getName().substring(app.getAuthNamespace().length() + 1)));
+ return userRoleDetailList;
+ }
+
+ private List<FnUser> checkIfUserExists(String userParams) {
+ return fnUserService.getUserWithOrgUserId(userParams);
+ }
+
+ @Transactional
+ private void createLocalUserIfNecessary(String userId, boolean isSystemUser) {
+ if (StringUtils.isEmpty(userId)) {
+ logger.error(EELFLoggerDelegate.errorLogger, "createLocalUserIfNecessary : empty userId!");
+ return;
+ }
+ try {
+ List<FnUser> userList = fnUserService.getUserWithOrgUserId(userId);
+ if (userList.size() == 0) {
+ FnUser client;
+ if (!isSystemUser) {
+ client = fnUserService.loadUserByUsername(userId);
+ } else {
+ client = new FnUser();
+ client.setOrgUserId(userId);
+ client.setIsSystemUser(true);
+ client.setFirstName(userId.substring(0, userId.indexOf("@")));
+ }
+ if (client == null) {
+ String msg = "createLocalUserIfNecessary: cannot create user " + userId
+ + ", because not found in phonebook";
+ logger.error(EELFLoggerDelegate.errorLogger, msg);
+ } else {
+ client.setLoginId(userId);
+ client.setActiveYn(true);
+ }
+ fnUserService.saveFnUser(client);
+ }
+ } catch (Exception e) {
+ EPLogUtil.logEcompError(logger, EPAppMessagesEnum.BeDaoSystemError, e);
+ }
+
+ }
+
+ private FnUser checkIfRemoteUserExits(String userId, FnApp app,
+ ApplicationsRestClientService applicationsRestClientService) throws HTTPException {
+ FnUser checkRemoteUser = null;
+ try {
+ checkRemoteUser = getUserFromApp(userId, app, applicationsRestClientService);
+ } catch (HTTPException e) {
+ // Some apps are returning 400 if user is not found.
+ if (e.getResponseCode() == 400) {
+ logger.debug(EELFLoggerDelegate.debugLogger,
+ "setAppWithUserRoleStateForUser: getuserFromApp threw exception with response code 400; continuing",
+ e);
+ } else if (e.getResponseCode() == 404) {
+ logger.debug(EELFLoggerDelegate.debugLogger,
+ "setAppWithUserRoleStateForUser: getuserFromApp threw exception with response code 404; continuing",
+ e);
+ } else {
+ // Other response code, let it come thru.
+ throw e;
+ }
+ }
+ return checkRemoteUser;
+ }
+
+ private FnUser getUserFromApp(String userId, FnApp app, ApplicationsRestClientService applicationsRestClientService)
+ throws HTTPException {
+ if (PortalConstants.PORTAL_APP_ID.equals(app.getId())) {
+ List<FnUser> userList = fnUserService.getUserWithOrgUserId(userId);
+ if (userList != null && !userList.isEmpty()) {
+ return userList.get(0);
+ } else {
+ return null;
+ }
+ }
+ return getUser(userId, app, applicationsRestClientService);
+ }
+
+ private boolean applyChangesInUserRolesForAppToEcompDB(RolesInAppForUser rolesInAppForUser,
+ boolean externalSystemRequest, String reqType, boolean isSystemUser,
+ Set<EcompRole> rolesDeletedByApprover, boolean isLoggedInUserRoleAdminOfApp) throws Exception {
+ boolean result = false;
+ String userId = rolesInAppForUser.getOrgUserId();
+ Long appId = rolesInAppForUser.getAppId();
+ synchronized (syncRests) {
+ createLocalUserIfNecessary(userId, isSystemUser);
+
+ EcompRole[] userAppRoles = new EcompRole[(int) rolesInAppForUser.getRoles().stream().distinct().count()];
+ for (int i = 0;
+ i < rolesInAppForUser.getRoles().stream().distinct().count(); i++) {
+ RoleInAppForUser roleInAppForUser = rolesInAppForUser.getRoles().get(i);
+ EcompRole role = new EcompRole();
+ role.setId(roleInAppForUser.getRoleId());
+ role.setName(roleInAppForUser.getRoleName());
+ userAppRoles[i] = role;
+ }
+ try {
+ EcompRole[] applicationRoles = null;
+
+ if (isLoggedInUserRoleAdminOfApp) {
+ List<EcompRole> roles = Arrays.stream(userAppRoles)
+ .collect(Collectors.toList());
+ List<EcompRole> roles1 = new ArrayList<>(rolesDeletedByApprover);
+ roles.addAll(roles1);
+ applicationRoles = roles.toArray(new EcompRole[0]);
+ }
+
+ syncUserRoles(userId, appId, userAppRoles, externalSystemRequest,
+ reqType, isLoggedInUserRoleAdminOfApp, applicationRoles);
+ result = true;
+ } catch (Exception e) {
+ logger.error(EELFLoggerDelegate.errorLogger,
+ "applyChangesInUserRolesForAppToEcompDB: failed to syncUserRoles for orgUserId "
+ + userId, e);
+ if ("DELETE".equals(reqType)) {
+ throw new Exception(e.getMessage());
+ }
+ }
+ }
+ return result;
+ }
+
+ private void syncUserRoles(String userId, Long appId,
+ EcompRole[] userAppRoles, Boolean extRequestValue, String reqType, boolean checkIfUserisRoleAdmin,
+ EcompRole[] appRoles) throws Exception {
+
+ Transaction transaction = null;
+ String roleActive;
+ HashMap<Long, EcompRole> newUserAppRolesMap = hashMapFromEcompRoles(userAppRoles);
+ List<FnRole> roleInfo = externalAccessRolesService
+ .getPortalAppRoleInfo(PortalConstants.ACCOUNT_ADMIN_ROLE_ID);
+ FnRole adminRole = new FnRole();
+ if (roleInfo.size() > 0) {
+ adminRole = roleInfo.get(0);
+ logger.debug(EELFLoggerDelegate.debugLogger, "Admin RoleName form DB: " + adminRole.getRoleName());
+ }
+ try {
+ List<FnUser> userList = fnUserService.getUserWithOrgUserId(userId);
+ if (userList.size() > 0) {
+ FnUser client = userList.get(0);
+ roleActive = ("DELETE".equals(reqType)) ? "" : " and role.active = 'Y'";
+ List<FnUserRole> userRoles = fnUserRoleService.retrieveByAppIdAndUserId(appId, userId);
+ entityManager
+ .createQuery("from EPUserApp where app.id=:appId and userId=:userId" + roleActive)
+ .setParameter("appId", appId)
+ .setParameter("userId", client.getId())
+ .getResultList();
+
+ if ("DELETE".equals(reqType)) {
+ for (FnUserRole userAppRoleList : userRoles) {
+ List<FnRole> rolesList =
+ (!userAppRoleList.getRoleId().getRoleName()
+ .equals(adminRole.getRoleName()))
+ ? fnRoleService.retrieveAppRolesByRoleNameAndByAppId
+ (userAppRoleList.getRoleId().getRoleName(), appId)
+ : fnRoleService.retrieveAppRolesWhereAppIdIsNull();
+ if (!rolesList.isEmpty()) {
+ checkIfRoleInactive(rolesList.get(0));
+ }
+ }
+ }
+
+ if (appRoles != null) {
+ List<EcompRole> appRolesList = Arrays.stream(appRoles).collect(Collectors.toList());
+ List<FnUserRole> finalUserRolesList = new ArrayList<>();
+ if (checkIfUserisRoleAdmin) {
+ for (EcompRole role : appRolesList) {
+ for (FnUserRole userAppRoleList : userRoles) {
+ if (userAppRoleList.getRoleId().getRoleName()
+ .equals(role.getName())) {
+ finalUserRolesList.add(userAppRoleList);
+ }
+
}
- return false;
- }
-
- public boolean isUser(FnUser user) {
- try {
- FnUser currentUser = fnUserService.getUser(user.getId()).orElseThrow(Exception::new);
- if (currentUser != null && currentUser.getId() != null) {
- for (FnUserRole userApp : currentUser.getFnUserRoles()) {
- if (!userApp.getAppId().getId().equals(ECOMP_APP_ID)) {
- FnRole role = userApp.getRoleId();
- if (!role.getId().equals(SYS_ADMIN_ROLE_ID) && !role.getId()
- .equals(ACCOUNT_ADMIN_ROLE_ID)) {
- if (role.getActiveYn()) {
- return true;
- }
- }
- }
- }
- }
- } catch (Exception e) {
- EPLogUtil.logEcompError(logger, EPAppMessagesEnum.BeDaoSystemError, e);
- logger.error(EELFLoggerDelegate.errorLogger, "Exception occurred while executing isUser operation",
- e);
+ }
+ userRoles = new ArrayList<>(finalUserRolesList);
+ }
+ }
+
+ for (FnUserRole userRole : userRoles) {
+ if (!PortalConstants.ACCOUNT_ADMIN_ROLE_ID.equals(userRole.getRoleId().getRoleId())
+ && !PortalConstants.SYS_ADMIN_ROLE_ID
+ .equals(userRole.getRoleId().getRoleId())
+ && !extRequestValue) {
+ syncUserRolesExtension(userRole, appId,
+ newUserAppRolesMap);
+ } else if (extRequestValue && ("PUT".equals(reqType) || "POST".equals(reqType)
+ || "DELETE".equals(reqType))) {
+ syncUserRolesExtension(userRole, appId,
+ newUserAppRolesMap);
+ } else if (extRequestValue && !PortalConstants.ACCOUNT_ADMIN_ROLE_ID
+ .equals(userRole.getRoleId().getRoleId())) {
+ syncUserRolesExtension(userRole, appId,
+ newUserAppRolesMap);
+ }
+ }
+
+ Collection<EcompRole> newRolesToAdd = newUserAppRolesMap.values();
+ if (newRolesToAdd.size() > 0) {
+ FnApp app = fnAppService.getById(appId);
+
+ HashMap<Long, FnRole> rolesMap = new HashMap<>();
+ if (appId.equals(PortalConstants.PORTAL_APP_ID)) { // local app
+ String appIdValue = "";
+ if (!extRequestValue) {
+ appIdValue = "and id != " + PortalConstants.SYS_ADMIN_ROLE_ID;
+ }
+ @SuppressWarnings("unchecked")
+ List<FnRole> roles = entityManager
+ .createQuery(
+ "from " + FnRole.class.getName() + " where appId is null "
+ + appIdValue).getResultList();
+ for (FnRole role : roles) {
+ role.setAppId(1L);
+ rolesMap.put(role.getId(), role);
+ }
+ } else { // remote app
+ @SuppressWarnings("unchecked")
+ List<FnRole> roles = entityManager
+ .createQuery("from EPRole where appId=:appId")
+ .setParameter("appId", appId)
+ .getResultList();
+ for (FnRole role : roles) {
+ if (!extRequestValue && app.getAuthCentral()) {
+ rolesMap.put(role.getId(), role);
+ } else {
+ rolesMap.put(role.getAppRoleId(), role);
}
- return false;
- }
+ }
+ }
+
+ FnRole role;
+ for (EcompRole userRole : newRolesToAdd) {
+ FnUserRole userApp = new FnUserRole();
+ if (("PUT".equals(reqType) || "POST".equals(reqType)) && userRole.getName()
+ .equals(adminRole.getRoleName())) {
+ role = fnRoleService.getById(PortalConstants.ACCOUNT_ADMIN_ROLE_ID);
+ userApp.setRoleId(role);
+ } else if ((userRole.getId().equals(PortalConstants.ACCOUNT_ADMIN_ROLE_ID))
+ && !extRequestValue) {
+ continue;
+ } else if ((userRole.getId().equals(PortalConstants.SYS_ADMIN_ROLE_ID)) && app
+ .getId().equals(PortalConstants.PORTAL_APP_ID) && !extRequestValue) {
+ continue;
+ } else {
+ userApp.setRoleId(rolesMap.get(userRole.getId()));
+ }
+
+ userApp.setUserId(client);
+ userApp.setAppId(app);
+ fnUserRoleService.saveOne(userApp);
+ }
+
+ if (PortalConstants.PORTAL_APP_ID.equals(appId)) {
+ /*
+ * for local app -- hack - always make sure fn_role
+ * table's app_id is null and not 1 for primary app in
+ * this case being onap portal app; reason: hibernate
+ * is rightly setting this to 1 while persisting to
+ * fn_role as per the mapping but SDK role management
+ * code expects the app_id to be null as there is no
+ * concept of App_id in SDK
+ */
+ Query query = entityManager.createQuery("update fn_role set app_id = null where app_id = 1 ");
+ query.executeUpdate();
+ }
+ }
+ }
+ transaction.commit();
+ } catch (Exception e) {
+ logger.error(EELFLoggerDelegate.errorLogger, "syncUserRoles failed", e);
+ EPLogUtil.logEcompError(logger, EPAppMessagesEnum.BeDaoSystemError, e);
+ EcompPortalUtils.rollbackTransaction(transaction,
+ "Exception occurred in syncUserRoles, Details: " + e.toString());
+ if ("DELETE".equals(reqType)) {
+ throw new SyncUserRolesException(e.getMessage());
+ }
+ }
+ }
+
+ private static HashMap<Long, EcompRole> hashMapFromEcompRoles(EcompRole[] ecompRoles) {
+ HashMap<Long, EcompRole> result = new HashMap<>();
+ if (ecompRoles != null) {
+ for (EcompRole ecompRole : ecompRoles) {
+ if (ecompRole.getId() != null) {
+ result.put(ecompRole.getId(), ecompRole);
+ }
+ }
+ }
+ return result;
+ }
+
+ private void syncUserRolesExtension(FnUserRole userRole, Long appId,
+ HashMap<Long, EcompRole> newUserAppRolesMap) {
+
+ Long userAppRoleId;
+ if (PortalConstants.PORTAL_APP_ID.equals(appId)) { // local app
+ userAppRoleId = userRole.getRoleId().getRoleId();
+ } else { // remote app
+ userAppRoleId = userRole.getId();
+ }
+
+ if (!newUserAppRolesMap.containsKey(userAppRoleId)) {
+ fnUserRoleService.deleteById(userRole.getId());
+ } else {
+ newUserAppRolesMap.remove(userAppRoleId);
+ }
+ }
+
+ private void checkIfRoleInactive(FnRole epRole) throws Exception {
+ if (!epRole.getActiveYn()) {
+ throw new Exception(epRole.getRoleName() + " role is unavailable");
+ }
+ }
}
diff --git a/portal-BE/src/main/java/org/onap/portal/service/ApplicationsRestClientService.java b/portal-BE/src/main/java/org/onap/portal/service/ApplicationsRestClientService.java
index e606cb0b..78434cc8 100644
--- a/portal-BE/src/main/java/org/onap/portal/service/ApplicationsRestClientService.java
+++ b/portal-BE/src/main/java/org/onap/portal/service/ApplicationsRestClientService.java
@@ -42,6 +42,7 @@ package org.onap.portal.service;
import static com.att.eelf.configuration.Configuration.MDC_KEY_REQUEST_ID;
+import com.fasterxml.jackson.databind.ObjectMapper;
import com.google.gson.Gson;
import java.net.MalformedURLException;
import java.net.URL;
@@ -51,13 +52,11 @@ import javax.ws.rs.core.MediaType;
import javax.ws.rs.core.Response;
import org.apache.commons.lang.StringUtils;
import org.apache.cxf.jaxrs.client.WebClient;
-import org.apache.cxf.jaxrs.impl.ResponseImpl;
import org.apache.cxf.transport.http.HTTPException;
import org.onap.portal.domain.db.fn.FnApp;
import org.onap.portal.logging.aop.EPMetricsLog;
import org.onap.portal.logging.format.EPAppMessagesEnum;
import org.onap.portal.logging.logic.EPLogUtil;
-import org.onap.portal.service.fn.old.AppsCacheService;
import org.onap.portal.utils.EPCommonSystemProperties;
import org.onap.portal.utils.EcompPortalUtils;
import org.onap.portal.utils.SystemType;
@@ -72,321 +71,340 @@ import org.springframework.stereotype.Service;
@Service
public class ApplicationsRestClientService {
- private static final String PASSWORD_HEADER = "password";
- private static final String APP_USERNAME_HEADER = "username";
- private static final String BASIC_AUTHENTICATION_HEADER = "Authorization";
-
- private static EELFLoggerDelegate logger = EELFLoggerDelegate.getLogger(ApplicationsRestClientService.class);
-
- Gson gson = null;
-
- private final AppsCacheService appsCacheService;
-
- @Autowired
- public ApplicationsRestClientService(AppsCacheService appsCacheService) {
- this.appsCacheService = appsCacheService;
- }
-
- private static boolean isHttpSuccess(int status) {
- return status / 100 == 2;
- }
-
- @EPMetricsLog
- private void verifyResponse(Response response, String restPath) throws HTTPException {
- int status = response.getStatus();
- logger.debug(EELFLoggerDelegate.debugLogger, "http response status=" + status);
- MDC.put(EPCommonSystemProperties.EXTERNAL_API_RESPONSE_CODE, Integer.toString(status));
- if (!isHttpSuccess(status)) {
- String errMsg =
- "Failed. Status=" + status + restPath + "; [" + ((ResponseImpl) response).getStatusInfo()
- .getReasonPhrase().toString()
- + "]";
- URL url = null;
- try {
- // must not be null to avoid NPE in HTTPException constructor
- url = new URL("http://null");
- if (((ResponseImpl) response).getLocation() != null) {
- url = ((ResponseImpl) response).getLocation().toURL();
- }
- } catch (MalformedURLException e) {
- // never mind. it is only for the debug message.
- logger.warn(EELFLoggerDelegate.errorLogger, "Failed to build URL", e);
- }
- logger.error(EELFLoggerDelegate.errorLogger,
- "http response failed. " + restPath + errMsg + "; url=" + url);
- EPLogUtil.logEcompError(logger, EPAppMessagesEnum.BeIncorrectHttpStatusError);
- throw new HTTPException(status, errMsg, url);
- }
- }
-
- private WebClient createClientForApp(long appId, String restPath) {
- return createClientFor(appId, restPath, SystemType.APPLICATION);
- }
-
- private static WebClient createClientForPath(String baseUri, String path) {
- logger.info(EELFLoggerDelegate.debugLogger, "Creating web client for " + baseUri + " + " + path);
- WebClient client = WebClient.create(baseUri);
- client.type(MediaType.APPLICATION_JSON).accept(MediaType.APPLICATION_JSON);
- client.path(path);
- return client;
- }
-
- //TODO Need to implement the mylogins once the endpoint is confirmed
- @EPMetricsLog
- private WebClient createClientFor(long appSystemId, String restPath, SystemType type) {
- logger.debug(EELFLoggerDelegate.debugLogger,
- "creating client for appId=" + appSystemId + "; restPath=" + restPath);
- FnApp externalApp = null;
-
- if (type == SystemType.APPLICATION) {
- externalApp = appsCacheService.getApp(appSystemId);
- } else {
- // TO DO
- }
-
- if (externalApp != null) {
- String appBaseUri = (type == SystemType.APPLICATION) ? externalApp.getAppRestEndpoint() : "";
- String username = (type == SystemType.APPLICATION) ? externalApp.getAppUsername() : "";
- String encriptedPwd = (type == SystemType.APPLICATION) ? externalApp.getAppPassword() : "";
-
- String appName = (type == SystemType.APPLICATION) ? externalApp.getAppName() : "";
- String decreptedAppPwd = StringUtils.EMPTY;
-
- // Set local context
- MDC.put(EPCommonSystemProperties.PROTOCOL, EPCommonSystemProperties.HTTP);
- if (appBaseUri != null && appBaseUri.contains("https")) {
- MDC.put(EPCommonSystemProperties.PROTOCOL, EPCommonSystemProperties.HTTPS);
- }
- MDC.put(EPCommonSystemProperties.FULL_URL, appBaseUri + restPath);
- MDC.put(EPCommonSystemProperties.TARGET_ENTITY, appName);
- MDC.put(EPCommonSystemProperties.TARGET_SERVICE_NAME, restPath);
-
- if (!encriptedPwd.isEmpty() || encriptedPwd != null || StringUtils.isEmpty(encriptedPwd)) {
- try {
- decreptedAppPwd = CipherUtil.decryptPKC(encriptedPwd,
- SystemProperties.getProperty(SystemProperties.Decryption_Key));
- } catch (Exception e) {
- logger.error(EELFLoggerDelegate.errorLogger, "createClientFor failed to decrypt", e);
- }
- }
- WebClient client = createClientForPath(appBaseUri, restPath);
-
- if (externalApp.getAppPassword().isEmpty() || externalApp.getAppPassword() == null) {
- logger.debug(EELFLoggerDelegate.debugLogger,
- "Entering in the externalApp get app password contains null : {}");
-
- externalApp = appsCacheService.getApp(1L);
- logger.debug(EELFLoggerDelegate.debugLogger, "external App Information : {}", externalApp);
-
- String mechidUsername = externalApp.getAppUsername();
- logger.debug(EELFLoggerDelegate.debugLogger, "external App mechidUsername Information : {}",
- mechidUsername);
-
- String password = externalApp.getAppPassword();
- String decreptedexternalAppPwd = StringUtils.EMPTY;
- try {
- decreptedexternalAppPwd = CipherUtil.decryptPKC(password,
- SystemProperties.getProperty(SystemProperties.Decryption_Key));
- } catch (CipherUtilException e) {
- logger.error(EELFLoggerDelegate.errorLogger,
- "failed to decreptedexternalAppPwd when external app pwd is null", e);
- }
-
- username = mechidUsername;
- decreptedAppPwd = decreptedexternalAppPwd;
-
- } else {
- logger.debug(EELFLoggerDelegate.debugLogger,
- "Entering in the externalApp get app password is not null : {}");
-
- // support basic authentication for some partners
- String encoding = Base64.getEncoder()
- .encodeToString((username + ":" + decreptedAppPwd).getBytes());
- String encodingStr = "Basic " + encoding;
- client.header(BASIC_AUTHENTICATION_HEADER, encodingStr);
- }
-
- // But still keep code downward compatible for non compliant apps
- client.header(APP_USERNAME_HEADER, username);
- client.header(PASSWORD_HEADER, decreptedAppPwd);
-
- String encoding = Base64.getEncoder()
- .encodeToString((username + ":" + decreptedAppPwd).getBytes());
- String encodingStr = "Basic " + encoding;
- client.header(BASIC_AUTHENTICATION_HEADER, encodingStr);
- client.header(SystemProperties.ECOMP_REQUEST_ID, MDC.get(MDC_KEY_REQUEST_ID));
- client.header(SystemProperties.USERAGENT_NAME, EPCommonSystemProperties.ECOMP_PORTAL_BE);
- logger.debug(EELFLoggerDelegate.debugLogger,
- String.format(
- "check the partner application URL App %d found, baseUri=[%s], Headers: [%s=%s]",
- appSystemId, appBaseUri,
- APP_USERNAME_HEADER, username));
- return client;
- }
- return null;
- }
-
- public <T> T post(Class<T> clazz, long appId, Object payload, String restPath, SystemType type)
- throws HTTPException {
- WebClient client = null;
- Response response = null;
- T t = null;
-
- client = createClientFor(appId, restPath, type);
- EcompPortalUtils.logAndSerializeObject(logger, restPath, "POST request =", payload);
-
- try {
- if (client != null) {
- response = client.post(payload);
- } else {
- logger.error(EELFLoggerDelegate.errorLogger,
- "Unable to create the Webclient to make the '" + restPath + "' API call.");
- }
- } catch (Exception e) {
- MDC.put(EPCommonSystemProperties.EXTERNAL_API_RESPONSE_CODE,
- Integer.toString(HttpServletResponse.SC_INTERNAL_SERVER_ERROR));
- EPLogUtil.logEcompError(logger, EPAppMessagesEnum.BeRestApiGeneralError, e);
- logger.error(EELFLoggerDelegate.errorLogger,
- "Exception occurred while making the POST REST API call", e);
- }
-
- if (response != null) {
- //verifyResponse(response);
- verifyResponse(response, restPath);
- // String contentType = response.getHeaderString("Content-Type");
- if (clazz != null) {
- String str = ((ResponseImpl) response).readEntity(String.class);
- EcompPortalUtils.logAndSerializeObject(logger, restPath, "POST result =", str);
- try {
- t = (T) gson.fromJson(str, clazz);
-
- //t = gson.fromJson(str, clazz);
- } catch (Exception e) {
- EPLogUtil.logEcompError(logger, EPAppMessagesEnum.BeInvalidJsonInput, e);
- }
- }
- }
- return t;
- }
-
- public <T> T post(Class<T> clazz, long appId, Object payload, String restPath) throws HTTPException {
- return post(clazz, appId, payload, restPath, SystemType.APPLICATION);
- }
-
- public <T> T put(Class<T> clazz, long appId, Object payload, String restPath) throws HTTPException {
- WebClient client = null;
- Response response = null;
- T t = null;
-
- logger.debug(EELFLoggerDelegate.debugLogger,
- "Entering to createClientForApp method for payload: {} and restPath: {} and appId: {}",
- payload.toString(), restPath, appId);
-
- client = createClientForApp(appId, restPath);
- EcompPortalUtils.logAndSerializeObject(logger, restPath, "PUT request =", payload);
-
- logger.debug(EELFLoggerDelegate.debugLogger,
- "Finished createClientForApp method for payload: {} and restPath: {} and appId: {}",
- payload.toString(), restPath, appId);
-
- try {
- if (client != null) {
- logger.debug(EELFLoggerDelegate.debugLogger,
- "Entering to PUT for payload: {} and restPath: {} and appId: {}",
- payload.toString(), restPath, appId);
-
- response = client.put(payload);
-
- logger.debug(EELFLoggerDelegate.debugLogger,
- "Finished to PUT for payload: {} and restPath: {} and appId: {}",
- payload.toString(), restPath, appId);
-
- } else {
- logger.error(EELFLoggerDelegate.errorLogger,
- "Unable to create the Webclient to make the '" + restPath + "' API call.");
- }
- } catch (Exception e) {
- MDC.put(EPCommonSystemProperties.EXTERNAL_API_RESPONSE_CODE,
- Integer.toString(HttpServletResponse.SC_INTERNAL_SERVER_ERROR));
- EPLogUtil.logEcompError(logger, EPAppMessagesEnum.BeRestApiGeneralError, e);
- logger.error(EELFLoggerDelegate.errorLogger,
- "Exception occurred while making the PUT REST API call", e);
- }
-
- if (response != null) {
- //verifyResponse(response);
- verifyResponse(response, restPath);
- String str = ((ResponseImpl) response).readEntity(String.class);
- EcompPortalUtils.logAndSerializeObject(logger, restPath, "PUT result =", str);
- try {
- t = gson.fromJson(str, clazz);
- } catch (Exception e) {
- EPLogUtil.logEcompError(logger, EPAppMessagesEnum.BeInvalidJsonInput, e);
- }
- }
- return t;
- }
-
- protected Response getResponse(long appId, String restPath) {
- WebClient webClient = null;
- Response response = null;
-
- webClient = createClientForApp(appId, restPath);
- EcompPortalUtils.logAndSerializeObject(logger, restPath, "GET request =", "no-payload");
-
- try {
- if (webClient != null) {
- response = webClient.get();
- } else {
- logger.error(EELFLoggerDelegate.errorLogger,
- "Unable to create the Webclient to make the '" + restPath + "' API call.");
- }
- } catch (Exception e) {
- MDC.put(EPCommonSystemProperties.EXTERNAL_API_RESPONSE_CODE,
- Integer.toString(HttpServletResponse.SC_INTERNAL_SERVER_ERROR));
- EPLogUtil.logEcompError(logger, EPAppMessagesEnum.BeRestApiGeneralError, e);
- logger.error(EELFLoggerDelegate.errorLogger,
- "Exception occurred while making the GET REST API call", e);
- }
- return response;
- }
-
- public <T> T get(Class<T> clazz, long appId, String restPath) throws HTTPException {
- T t = null;
- Response response = getResponse(appId, restPath);
-
- if (response != null) {
- //verifyResponse(response);
- verifyResponse(response, restPath);
+ private static final String PASSWORD_HEADER = "password";
+ private static final String APP_USERNAME_HEADER = "username";
+ private static final String BASIC_AUTHENTICATION_HEADER = "Authorization";
+
+ private static EELFLoggerDelegate logger = EELFLoggerDelegate.getLogger(ApplicationsRestClientService.class);
+
+ private Gson gson = null;
+
+ private final ObjectMapper mapper = new ObjectMapper();
+
+ private final AppsCacheService appsCacheService;
+
+ @Autowired
+ public ApplicationsRestClientService(AppsCacheService appsCacheService) {
+ this.appsCacheService = appsCacheService;
+ }
+
+ private static boolean isHttpSuccess(int status) {
+ return status / 100 == 2;
+ }
+
+ @EPMetricsLog
+ private void verifyResponse(Response response, String restPath) throws HTTPException {
+ int status = response.getStatus();
+ logger.debug(EELFLoggerDelegate.debugLogger, "http response status=" + status);
+ MDC.put(EPCommonSystemProperties.EXTERNAL_API_RESPONSE_CODE, Integer.toString(status));
+ if (!isHttpSuccess(status)) {
+ String errMsg =
+ "Failed. Status=" + status + restPath + "; [" + response.getStatusInfo()
+ .getReasonPhrase()
+ + "]";
+ URL url = null;
+ try {
+ // must not be null to avoid NPE in HTTPException constructor
+ url = new URL("http://null");
+ if (response.getLocation() != null) {
+ url = response.getLocation().toURL();
+ }
+ } catch (MalformedURLException e) {
+ // never mind. it is only for the debug message.
+ logger.warn(EELFLoggerDelegate.errorLogger, "Failed to build URL", e);
+ }
+ logger.error(EELFLoggerDelegate.errorLogger,
+ "http response failed. " + restPath + errMsg + "; url=" + url);
+ EPLogUtil.logEcompError(logger, EPAppMessagesEnum.BeIncorrectHttpStatusError);
+ throw new HTTPException(status, errMsg, url);
+ }
+ }
+
+ private WebClient createClientForApp(long appId, String restPath) {
+ return createClientFor(appId, restPath, SystemType.APPLICATION);
+ }
+
+ private static WebClient createClientForPath(String baseUri, String path) {
+ logger.info(EELFLoggerDelegate.debugLogger, "Creating web client for " + baseUri + " + " + path);
+ WebClient client = WebClient.create(baseUri);
+ client.type(MediaType.APPLICATION_JSON).accept(MediaType.APPLICATION_JSON);
+ client.path(path);
+ return client;
+ }
+
+ //TODO Need to implement the mylogins once the endpoint is confirmed
+ @EPMetricsLog
+ private WebClient createClientFor(long appSystemId, String restPath, SystemType type) {
+ logger.debug(EELFLoggerDelegate.debugLogger,
+ "creating client for appId=" + appSystemId + "; restPath=" + restPath);
+ FnApp externalApp = null;
+
+ if (type == SystemType.APPLICATION) {
+ externalApp = appsCacheService.getApp(appSystemId);
+ }
+
+ if (externalApp != null) {
+ String appBaseUri = (type == SystemType.APPLICATION) ? externalApp.getAppRestEndpoint() : "";
+ String username = (type == SystemType.APPLICATION) ? externalApp.getAppUsername() : "";
+ String encriptedPwd = (type == SystemType.APPLICATION) ? externalApp.getAppPassword() : "";
+
+ String appName = (type == SystemType.APPLICATION) ? externalApp.getAppName() : "";
+ String decreptedAppPwd = StringUtils.EMPTY;
+
+ // Set local context
+ MDC.put(EPCommonSystemProperties.PROTOCOL, EPCommonSystemProperties.HTTP);
+ if (appBaseUri != null && appBaseUri.contains("https")) {
+ MDC.put(EPCommonSystemProperties.PROTOCOL, EPCommonSystemProperties.HTTPS);
+ }
+ MDC.put(EPCommonSystemProperties.FULL_URL, appBaseUri + restPath);
+ MDC.put(EPCommonSystemProperties.TARGET_ENTITY, appName);
+ MDC.put(EPCommonSystemProperties.TARGET_SERVICE_NAME, restPath);
+
+ try {
+ decreptedAppPwd = CipherUtil.decryptPKC(encriptedPwd,
+ SystemProperties.getProperty(SystemProperties.Decryption_Key));
+ } catch (Exception e) {
+ logger.error(EELFLoggerDelegate.errorLogger, "createClientFor failed to decrypt", e);
+ }
+ WebClient client = createClientForPath(appBaseUri, restPath);
+
+ if (externalApp.getAppPassword().isEmpty() || externalApp.getAppPassword() == null) {
+ logger.debug(EELFLoggerDelegate.debugLogger,
+ "Entering in the externalApp get app password contains null : {}");
+
+ externalApp = appsCacheService.getApp(1L);
+ logger.debug(EELFLoggerDelegate.debugLogger, "external App Information : {}", externalApp);
+
+ String mechidUsername = externalApp.getAppUsername();
+ logger.debug(EELFLoggerDelegate.debugLogger, "external App mechidUsername Information : {}",
+ mechidUsername);
+
+ String password = externalApp.getAppPassword();
+ String decreptedexternalAppPwd = StringUtils.EMPTY;
+ try {
+ decreptedexternalAppPwd = CipherUtil.decryptPKC(password,
+ SystemProperties.getProperty(SystemProperties.Decryption_Key));
+ } catch (CipherUtilException e) {
+ logger.error(EELFLoggerDelegate.errorLogger,
+ "failed to decreptedexternalAppPwd when external app pwd is null", e);
+ }
+
+ username = mechidUsername;
+ decreptedAppPwd = decreptedexternalAppPwd;
+
+ } else {
+ logger.debug(EELFLoggerDelegate.debugLogger,
+ "Entering in the externalApp get app password is not null : {}");
+
+ // support basic authentication for some partners
+ String encoding = Base64.getEncoder()
+ .encodeToString((username + ":" + decreptedAppPwd).getBytes());
+ String encodingStr = "Basic " + encoding;
+ client.header(BASIC_AUTHENTICATION_HEADER, encodingStr);
+ }
+
+ // But still keep code downward compatible for non compliant apps
+ client.header(APP_USERNAME_HEADER, username);
+ client.header(PASSWORD_HEADER, decreptedAppPwd);
+
+ String encoding = Base64.getEncoder()
+ .encodeToString((username + ":" + decreptedAppPwd).getBytes());
+ String encodingStr = "Basic " + encoding;
+ client.header(BASIC_AUTHENTICATION_HEADER, encodingStr);
+ client.header(SystemProperties.ECOMP_REQUEST_ID, MDC.get(MDC_KEY_REQUEST_ID));
+ client.header(SystemProperties.USERAGENT_NAME, EPCommonSystemProperties.ECOMP_PORTAL_BE);
+ logger.debug(EELFLoggerDelegate.debugLogger,
+ String.format(
+ "check the partner application URL App %d found, baseUri=[%s], Headers: [%s=%s]",
+ appSystemId, appBaseUri,
+ APP_USERNAME_HEADER, username));
+ return client;
+ }
+ return null;
+ }
+
+ public <T> T post(Class<T> clazz, long appId, Object payload, String restPath, SystemType type)
+ throws HTTPException {
+ WebClient client;
+ Response response = null;
+ T t = null;
+
+ client = createClientFor(appId, restPath, type);
+ EcompPortalUtils.logAndSerializeObject(logger, restPath, "POST request =", payload);
+
+ try {
+ if (client != null) {
+ response = client.post(payload);
+ } else {
+ logger.error(EELFLoggerDelegate.errorLogger,
+ "Unable to create the Webclient to make the '" + restPath + "' API call.");
+ }
+ } catch (Exception e) {
+ MDC.put(EPCommonSystemProperties.EXTERNAL_API_RESPONSE_CODE,
+ Integer.toString(HttpServletResponse.SC_INTERNAL_SERVER_ERROR));
+ EPLogUtil.logEcompError(logger, EPAppMessagesEnum.BeRestApiGeneralError, e);
+ logger.error(EELFLoggerDelegate.errorLogger,
+ "Exception occurred while making the POST REST API call", e);
+ }
+
+ if (response != null) {
+ verifyResponse(response, restPath);
+ if (clazz != null) {
+ String str = response.readEntity(String.class);
+ EcompPortalUtils.logAndSerializeObject(logger, restPath, "POST result =", str);
+ try {
+ t = gson.fromJson(str, clazz);
+ } catch (Exception e) {
+ EPLogUtil.logEcompError(logger, EPAppMessagesEnum.BeInvalidJsonInput, e);
+ }
+ }
+ }
+ return t;
+ }
+
+ public <T> T post(Class<T> clazz, long appId, Object payload, String restPath) throws HTTPException {
+ return post(clazz, appId, payload, restPath, SystemType.APPLICATION);
+ }
+
+ public <T> T put(Class<T> clazz, long appId, Object payload, String restPath) throws HTTPException {
+ WebClient client;
+ Response response = null;
+ T t = null;
+
+ logger.debug(EELFLoggerDelegate.debugLogger,
+ "Entering to createClientForApp method for payload: {} and restPath: {} and appId: {}",
+ payload.toString(), restPath, appId);
+
+ client = createClientForApp(appId, restPath);
+ EcompPortalUtils.logAndSerializeObject(logger, restPath, "PUT request =", payload);
+
+ logger.debug(EELFLoggerDelegate.debugLogger,
+ "Finished createClientForApp method for payload: {} and restPath: {} and appId: {}",
+ payload.toString(), restPath, appId);
+
+ try {
+ if (client != null) {
+ logger.debug(EELFLoggerDelegate.debugLogger,
+ "Entering to PUT for payload: {} and restPath: {} and appId: {}",
+ payload.toString(), restPath, appId);
+
+ response = client.put(payload);
+
+ logger.debug(EELFLoggerDelegate.debugLogger,
+ "Finished to PUT for payload: {} and restPath: {} and appId: {}",
+ payload.toString(), restPath, appId);
+
+ } else {
+ logger.error(EELFLoggerDelegate.errorLogger,
+ "Unable to create the Webclient to make the '" + restPath + "' API call.");
+ }
+ } catch (Exception e) {
+ MDC.put(EPCommonSystemProperties.EXTERNAL_API_RESPONSE_CODE,
+ Integer.toString(HttpServletResponse.SC_INTERNAL_SERVER_ERROR));
+ EPLogUtil.logEcompError(logger, EPAppMessagesEnum.BeRestApiGeneralError, e);
+ logger.error(EELFLoggerDelegate.errorLogger,
+ "Exception occurred while making the PUT REST API call", e);
+ }
+
+ if (response != null) {
+ verifyResponse(response, restPath);
+ String str = response.readEntity(String.class);
+ EcompPortalUtils.logAndSerializeObject(logger, restPath, "PUT result =", str);
+ try {
+ t = gson.fromJson(str, clazz);
+ } catch (Exception e) {
+ EPLogUtil.logEcompError(logger, EPAppMessagesEnum.BeInvalidJsonInput, e);
+ }
+ }
+ return t;
+ }
+
+ private Response getResponse(long appId, String restPath) {
+ WebClient webClient;
+ Response response = null;
+
+ webClient = createClientForApp(appId, restPath);
+ EcompPortalUtils.logAndSerializeObject(logger, restPath, "GET request =", "no-payload");
+
+ try {
+ if (webClient != null) {
+ response = webClient.get();
+ } else {
+ logger.error(EELFLoggerDelegate.errorLogger,
+ "Unable to create the Webclient to make the '" + restPath + "' API call.");
+ }
+ } catch (Exception e) {
+ MDC.put(EPCommonSystemProperties.EXTERNAL_API_RESPONSE_CODE,
+ Integer.toString(HttpServletResponse.SC_INTERNAL_SERVER_ERROR));
+ EPLogUtil.logEcompError(logger, EPAppMessagesEnum.BeRestApiGeneralError, e);
+ logger.error(EELFLoggerDelegate.errorLogger,
+ "Exception occurred while making the GET REST API call", e);
+ }
+ return response;
+ }
+
+ public <T> T get(Class<T> clazz, long appId, String restPath) throws HTTPException {
+ T t = null;
+ Response response = getResponse(appId, restPath);
+
+ if (response != null) {
+ //verifyResponse(response);
+ verifyResponse(response, restPath);
/* It is not recommendable to use the implementation class org.apache.cxf.jaxrs.impl.ResponseImpl in the code,
but had to force this in-order to prevent conflict with the ResponseImpl class of Jersey Client which
doesn't work as expected. Created Portal-253 for tracking */
- String str = ((ResponseImpl) response).readEntity(String.class);
+ String str = response.readEntity(String.class);
- EcompPortalUtils.logAndSerializeObject(logger, restPath, "GET result =", str);
- try {
- t = gson.fromJson(str, clazz);
- } catch (Exception e) {
- EPLogUtil.logEcompError(logger, EPAppMessagesEnum.BeInvalidJsonInput, e);
- }
- }
+ EcompPortalUtils.logAndSerializeObject(logger, restPath, "GET result =", str);
+ try {
+ t = gson.fromJson(str, clazz);
+ } catch (Exception e) {
+ EPLogUtil.logEcompError(logger, EPAppMessagesEnum.BeInvalidJsonInput, e);
+ }
+ }
- return t;
- }
+ return t;
+ }
- public String getIncomingJsonString(final Long appId, final String restPath) throws HTTPException {
- Response response = getResponse(appId, restPath);
+ public String getIncomingJsonString(final Long appId, final String restPath) throws HTTPException {
+ Response response = getResponse(appId, restPath);
- if (response != null) {
- //verifyResponse(response);
- verifyResponse(response,restPath);
+ if (response != null) {
+ //verifyResponse(response);
+ verifyResponse(response, restPath);
/* It is not recommendable to use the implementation class org.apache.cxf.jaxrs.impl.ResponseImpl in the code,
but had to force this in-order to prevent conflict with the ResponseImpl class of Jersey Client which
doesn't work as expected. Created Portal-253 for tracking */
- String incomingJson = ((ResponseImpl)response).readEntity(String.class);
- return incomingJson;
- }
+ return (response).readEntity(String.class);
+ }
+
+ return "";
+ }
+
+ public <T> T get(Class<T> clazz, Long appId, String restPath, boolean useJacksonMapper) throws HTTPException {
+
+ if (!useJacksonMapper) {
+ return get(clazz, appId, restPath);
+ }
+
+ T t = null;
+ Response response = getResponse(appId, restPath);
+
+ if (response != null) {
+ //verifyResponse(response);
+ verifyResponse(response, restPath);
+ String str = (response).readEntity(String.class);
+ EcompPortalUtils.logAndSerializeObject(logger, restPath, "GET result =", str);
+
+ try {
+ t = mapper.readValue(str, clazz);
+ } catch (Exception e) {
+ e.printStackTrace();
+ EPLogUtil.logEcompError(logger, EPAppMessagesEnum.BeInvalidJsonInput, e);
+ }
+ }
+
+ return t;
+ }
- return "";
- }
}
diff --git a/portal-BE/src/main/java/org/onap/portal/service/AppsCacheService.java b/portal-BE/src/main/java/org/onap/portal/service/AppsCacheService.java
new file mode 100644
index 00000000..6274f9a6
--- /dev/null
+++ b/portal-BE/src/main/java/org/onap/portal/service/AppsCacheService.java
@@ -0,0 +1,174 @@
+/*
+ * ============LICENSE_START==========================================
+ * ONAP Portal
+ * ===================================================================
+ * Copyright (C) 2019 AT&T Intellectual Property. All rights reserved.
+ * ===================================================================
+ * Modifications Copyright (c) 2019 Samsung
+ * ===================================================================
+ *
+ * Unless otherwise specified, all software contained herein is licensed
+ * under the Apache License, Version 2.0 (the "License");
+ * you may not use this software except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ * Unless otherwise specified, all documentation contained herein is licensed
+ * under the Creative Commons License, Attribution 4.0 Intl. (the "License");
+ * you may not use this documentation except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * https://creativecommons.org/licenses/by/4.0/
+ *
+ * Unless required by applicable law or agreed to in writing, documentation
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ * ============LICENSE_END============================================
+ *
+ *
+ */
+
+package org.onap.portal.service;
+
+import java.util.ArrayList;
+import java.util.HashMap;
+import java.util.List;
+import java.util.Map;
+import java.util.stream.Collectors;
+import javax.annotation.PostConstruct;
+import org.onap.portal.domain.db.fn.FnApp;
+import org.onap.portal.domain.dto.transport.OnboardingApp;
+import org.onap.portal.service.fn.FnAppService;
+import org.onap.portalsdk.core.logging.logic.EELFLoggerDelegate;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.stereotype.Service;
+
+@Service
+public class AppsCacheService {
+
+
+ private final FnAppService appsService;
+
+ private EELFLoggerDelegate logger = EELFLoggerDelegate.getLogger(AppsCacheService.class);
+
+ @Autowired
+ public AppsCacheService(FnAppService appsService) {
+ this.appsService = appsService;
+ }
+
+ final class CacheConfiguration {
+
+ private long updateTime;
+ private final int updateInterval;
+
+ CacheConfiguration(long updateTime, int updateInterval) {
+ this.updateTime = updateTime;
+ this.updateInterval = updateInterval;
+ }
+ }
+
+ private CacheConfiguration quickRefreshCacheConf = null;
+ private CacheConfiguration slowRefreshCacheConf = null;
+
+
+ private static volatile Map<Long, FnApp> appsMap;
+ private static volatile Map<String, FnApp> uebAppsMap;
+
+ @PostConstruct
+ public void init() {
+ quickRefreshCacheConf = new CacheConfiguration(0, 120);
+ slowRefreshCacheConf = new CacheConfiguration(0, 3600);
+
+ this.refreshAppsMap(quickRefreshCacheConf);
+ }
+
+ private void refreshAppsMap(CacheConfiguration conf) {
+ long now = System.currentTimeMillis();
+
+ if (noNeedToUpdate(now, conf)) {
+ return;
+ }
+
+ synchronized (this) {
+ if (noNeedToUpdate(now, conf)) {
+ return;
+ }
+ List<FnApp> allApps = appsService.getAppsFullList();
+ Map<Long, FnApp> newAppsMap = new HashMap<>();
+ for (FnApp app : allApps) {
+ newAppsMap.put(app.getId(), app);
+ }
+
+ Map<String, FnApp> newUebAppsMap = new HashMap<>();
+ for (FnApp app : allApps) {
+ newUebAppsMap.put(app.getUebKey(), app);
+ }
+ // Switch cache with the new one.
+ appsMap = newAppsMap;
+ uebAppsMap = newUebAppsMap;
+ conf.updateTime = now;
+ }
+
+ }
+
+ private boolean noNeedToUpdate(long now, CacheConfiguration conf) {
+ long secondsPassed = (now - conf.updateTime) / 1000;
+ if (secondsPassed < conf.updateInterval) {
+ logger.debug(EELFLoggerDelegate.debugLogger,
+ "no need to refresh yet, seconds since last refresh: " + secondsPassed + ", refresh interval (sec) = "
+ + conf.updateInterval);
+ return true; // no need to update cache
+ }
+ return false; // its time to update
+ }
+
+ public String getAppEndpoint(Long appId) {
+ refreshAppsMap(quickRefreshCacheConf);
+ FnApp app = appsMap.get(appId);
+ if (app != null) {
+ return app.getAppRestEndpoint();
+ }
+ return null;
+ }
+
+ public List<OnboardingApp> getAppsFullList() {
+ refreshAppsMap(quickRefreshCacheConf);
+ List<FnApp> appList = new ArrayList<>(appsMap.values());
+ appList.removeIf(app -> app.getId() == 1);
+ List<FnApp> appsFinalList = appList.stream()
+ .filter(app -> app.getEnabled() && !app.getOpen()).collect(Collectors.toList());
+
+ List<OnboardingApp> onboardingAppsList = new ArrayList<OnboardingApp>();
+ for (FnApp app : appsFinalList) {
+ OnboardingApp onboardingApp = new OnboardingApp();
+ appsService.createOnboardingFromApp(app, onboardingApp);
+ onboardingAppsList.add(onboardingApp);
+ }
+ return onboardingAppsList;
+ }
+
+ public FnApp getApp(Long appId) {
+ refreshAppsMap(quickRefreshCacheConf);
+ return appsMap.get(appId);
+ }
+
+ public FnApp getAppFromUeb(String appKey) {
+ return getAppFromUeb(appKey, 0);
+ }
+
+ public FnApp getAppFromUeb(String appKey, Integer quickCacheRefresh) {
+ refreshAppsMap(quickCacheRefresh == 1 ? quickRefreshCacheConf : slowRefreshCacheConf);
+ return uebAppsMap.get(appKey);
+ }
+
+}
diff --git a/portal-BE/src/main/java/org/onap/portal/service/EcompUserAppRolesService.java b/portal-BE/src/main/java/org/onap/portal/service/EcompUserAppRolesService.java
new file mode 100644
index 00000000..2a8415c3
--- /dev/null
+++ b/portal-BE/src/main/java/org/onap/portal/service/EcompUserAppRolesService.java
@@ -0,0 +1,86 @@
+/*
+ * ============LICENSE_START==========================================
+ * ONAP Portal
+ * ===================================================================
+ * Copyright (C) 2019 AT&T Intellectual Property. All rights reserved.
+ * ===================================================================
+ * Modifications Copyright (c) 2019 Samsung
+ * ===================================================================
+ *
+ * Unless otherwise specified, all software contained herein is licensed
+ * under the Apache License, Version 2.0 (the "License");
+ * you may not use this software except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ * Unless otherwise specified, all documentation contained herein is licensed
+ * under the Creative Commons License, Attribution 4.0 Intl. (the "License");
+ * you may not use this documentation except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * https://creativecommons.org/licenses/by/4.0/
+ *
+ * Unless required by applicable law or agreed to in writing, documentation
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ * ============LICENSE_END============================================
+ *
+ *
+ */
+
+package org.onap.portal.service;
+
+import java.util.List;
+import java.util.stream.Collectors;
+import javax.persistence.EntityManager;
+import javax.persistence.Tuple;
+import org.onap.portal.domain.dto.transport.EcompUserAppRoles;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.stereotype.Service;
+
+@Service
+public class EcompUserAppRolesService {
+
+ private final static String QUERY = "select\n"
+ + " fr.role_name as roleName,\n"
+ + " fu.app_id as appId,\n"
+ + " fu.user_id as userId,\n"
+ + " fu.priority as priority,\n"
+ + " fu.role_id as roleId\n"
+ + " from\n"
+ + " fn_user_role fu\n"
+ + " left outer join fn_role fr on fu.role_id = fr.role_id\n"
+ + " where\n"
+ + " fu.user_id = :userId\n"
+ + " and fu.app_id = :appId";
+
+ private final EntityManager entityManager;
+
+ @Autowired
+ public EcompUserAppRolesService(EntityManager entityManager) {
+ this.entityManager = entityManager;
+ }
+
+
+ public List<EcompUserAppRoles> getUserAppExistingRoles(final Long appId, final Long userId){
+ List<Tuple> tuples = entityManager.createQuery(QUERY, Tuple.class)
+ .setParameter("appId", appId)
+ .setParameter("userId", userId)
+ .getResultList();
+ return tuples.stream().map(this::tupleToEcompUserAppRoles).collect(Collectors.toList());
+ }
+
+ private EcompUserAppRoles tupleToEcompUserAppRoles(Tuple tuple){
+ return new EcompUserAppRoles((String)tuple.get("appId"), (Long) tuple.get("userId"), (Integer) tuple.get("priority"), (Long) tuple.get("roleId"), (String) tuple.get("roleName"));
+ }
+}
diff --git a/portal-BE/src/main/java/org/onap/portal/service/ExternalAccessRolesService.java b/portal-BE/src/main/java/org/onap/portal/service/ExternalAccessRolesService.java
new file mode 100644
index 00000000..e1ad4305
--- /dev/null
+++ b/portal-BE/src/main/java/org/onap/portal/service/ExternalAccessRolesService.java
@@ -0,0 +1,223 @@
+/*
+ * ============LICENSE_START==========================================
+ * ONAP Portal
+ * ===================================================================
+ * Copyright (C) 2019 AT&T Intellectual Property. All rights reserved.
+ * ===================================================================
+ * Modifications Copyright (c) 2019 Samsung
+ * ===================================================================
+ *
+ * Unless otherwise specified, all software contained herein is licensed
+ * under the Apache License, Version 2.0 (the "License");
+ * you may not use this software except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ * Unless otherwise specified, all documentation contained herein is licensed
+ * under the Creative Commons License, Attribution 4.0 Intl. (the "License");
+ * you may not use this documentation except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * https://creativecommons.org/licenses/by/4.0/
+ *
+ * Unless required by applicable law or agreed to in writing, documentation
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ * ============LICENSE_END============================================
+ *
+ *
+ */
+
+package org.onap.portal.service;
+
+import java.util.HashMap;
+import java.util.List;
+import java.util.Map;
+import java.util.SortedSet;
+import java.util.TreeSet;
+import org.onap.portal.domain.db.ep.EpAppFunction;
+import org.onap.portal.domain.db.fn.FnApp;
+import org.onap.portal.domain.db.fn.FnRole;
+import org.onap.portal.domain.dto.transport.CentralV2Role;
+import org.onap.portal.exception.RoleFunctionException;
+import org.onap.portal.logging.logic.EPLogUtil;
+import org.onap.portal.service.ep.EpAppFunctionService;
+import org.onap.portal.service.fn.FnRoleService;
+import org.onap.portal.utils.EPCommonSystemProperties;
+import org.onap.portal.utils.EPUserUtils;
+import org.onap.portal.utils.EcompPortalUtils;
+import org.onap.portal.utils.PortalConstants;
+import org.onap.portalsdk.core.logging.logic.EELFLoggerDelegate;
+import org.onap.portalsdk.core.util.SystemProperties;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.http.HttpEntity;
+import org.springframework.http.HttpMethod;
+import org.springframework.http.ResponseEntity;
+import org.springframework.stereotype.Service;
+import org.springframework.web.client.RestTemplate;
+
+@Service
+public class ExternalAccessRolesService {
+
+ private static final String APP_ROLE_NAME_PARAM = "appRoleName";
+ private static final String GET_ROLE_TO_UPDATE_IN_EXTERNAL_AUTH_SYSTEM = "getRoletoUpdateInExternalAuthSystem";
+ private static final String GET_PORTAL_APP_ROLES_QUERY = "getPortalAppRoles";
+ private static final String GET_ROLE_FUNCTION_QUERY = "getRoleFunction";
+ private static final String FUNCTION_CODE_PARAMS = "functionCode";
+ private static final String AND_FUNCTION_CD_EQUALS = " and function_cd = '";
+ private static final String OWNER = ".owner";
+ private static final String ADMIN = ".admin";
+ private static final String ACCOUNT_ADMINISTRATOR = ".Account_Administrator";
+ private static final String FUNCTION_PIPE = "|";
+ private static final String EXTERNAL_AUTH_PERMS = "perms";
+ private static final String EXTERNAL_AUTH_ROLE_DESCRIPTION = "description";
+ private static final String IS_EMPTY_JSON_STRING = "{}";
+ private static final String CONNECTING_TO_EXTERNAL_AUTH_SYSTEM_LOG_MESSAGE = "Connecting to External Auth system";
+ private static final String APP_ID = "appId";
+ private static final String ROLE_NAME = "name";
+ private static final String APP_ID_EQUALS = " app_id = ";
+
+ private static EELFLoggerDelegate logger = EELFLoggerDelegate.getLogger(ExternalAccessRolesService.class);
+ private RestTemplate template = new RestTemplate();
+
+ private final FnRoleService fnRoleService;
+ private final EpAppFunctionService epAppFunctionService;
+
+ @Autowired
+ public ExternalAccessRolesService(FnRoleService fnRoleService,
+ EpAppFunctionService epAppFunctionService) {
+ this.fnRoleService = fnRoleService;
+ this.epAppFunctionService = epAppFunctionService;
+ }
+
+ public String getFunctionCodeType(String roleFuncItem) {
+ String type = null;
+ if ((roleFuncItem.contains(FUNCTION_PIPE) && roleFuncItem.contains("menu"))
+ || (!roleFuncItem.contains(FUNCTION_PIPE) && roleFuncItem.contains("menu"))) {
+ type = "menu";
+ } else if (checkIfCodeHasNoPipesAndHasTypeUrl(roleFuncItem) || checkIfCodeHasPipesAndHasTypeUrl(roleFuncItem)
+ || checkIfCodeHasNoPipesAndHasNoTypeUrl(roleFuncItem)) {
+ type = "url";
+ } else if (roleFuncItem.contains(FUNCTION_PIPE)
+ && (!roleFuncItem.contains("menu") || roleFuncItem.contains("url"))) {
+ type = EcompPortalUtils.getFunctionType(roleFuncItem);
+ }
+ return type;
+ }
+
+ private boolean checkIfCodeHasNoPipesAndHasTypeUrl(String roleFuncItem) {
+ return !roleFuncItem.contains(FUNCTION_PIPE) && roleFuncItem.contains("url");
+ }
+
+ private boolean checkIfCodeHasPipesAndHasTypeUrl(String roleFuncItem) {
+ return roleFuncItem.contains(FUNCTION_PIPE) && roleFuncItem.contains("url");
+ }
+
+ private boolean checkIfCodeHasNoPipesAndHasNoTypeUrl(String roleFuncItem) {
+ return !roleFuncItem.contains(FUNCTION_PIPE) && !roleFuncItem.contains("url");
+ }
+
+ public List<FnRole> getPortalAppRoleInfo(Long roleId) {
+ return fnRoleService.retrieveAppRoleByRoleIdWhereAppIdIsNull(roleId);
+ }
+
+ public ResponseEntity<String> getUserRolesFromExtAuthSystem(String name, HttpEntity<String> getUserRolesEntity) {
+ logger.debug(EELFLoggerDelegate.debugLogger, "Connecting to external system to get current user roles");
+ ResponseEntity<String> getResponse = template
+ .exchange(SystemProperties.getProperty(EPCommonSystemProperties.EXTERNAL_CENTRAL_ACCESS_URL)
+ + "roles/user/" + name, HttpMethod.GET, getUserRolesEntity, String.class);
+ if (getResponse.getStatusCode().value() == 200) {
+ logger.debug(EELFLoggerDelegate.debugLogger,
+ "getAllUserRoleFromExtAuthSystem: Finished GET user roles from external system and received user roles {}",
+ getResponse.getBody());
+ } else {
+ logger.error(EELFLoggerDelegate.errorLogger,
+ "getAllUserRoleFromExtAuthSystem: Failed GET user roles from external system and received user roles {}",
+ getResponse.getBody());
+ EPLogUtil.logExternalAuthAccessAlarm(logger, getResponse.getStatusCode());
+ }
+ return getResponse;
+ }
+
+ public Map<String, FnRole> getAppRoleNamesWithUnderscoreMap(FnApp app) {
+ final Map<String, FnRole> currentRolesInDB = new HashMap<>();
+ List<FnRole> getCurrentRoleList = null;
+ final Map<String, Long> appParams = new HashMap<>();
+ if (app.getId().equals(PortalConstants.PORTAL_APP_ID)) {
+ getCurrentRoleList = fnRoleService.retrieveAppRolesWhereAppIdIsNull();
+ } else {
+ appParams.put("appId", app.getId());
+ getCurrentRoleList = fnRoleService.retrieveAppRolesByAppId(app.getId());
+ }
+ for (FnRole role : getCurrentRoleList) {
+ currentRolesInDB.put(role.getRoleName()
+ .replaceAll(EcompPortalUtils.EXTERNAL_CENTRAL_AUTH_ROLE_HANDLE_SPECIAL_CHARACTERS, "_"), role);
+ }
+ return currentRolesInDB;
+ }
+
+ public List<CentralV2Role> createCentralRoleObject(List<FnApp> app, List<FnRole> roleInfo,
+ List<CentralV2Role> roleList) throws RoleFunctionException {
+ for (FnRole role : roleInfo) {
+ List<EpAppFunction> cenRoleFuncList = epAppFunctionService
+ .getAppRoleFunctionList(role.getId(), app.get(0).getId());
+ SortedSet<EpAppFunction> roleFunctionSet = new TreeSet<>();
+ for (EpAppFunction roleFunc : cenRoleFuncList) {
+ String functionCode = EcompPortalUtils.getFunctionCode(roleFunc.getFunctionCd());
+ functionCode = EPUserUtils.decodeFunctionCode(functionCode);
+ String type = getFunctionCodeType(roleFunc.getFunctionCd());
+ String action = getFunctionCodeAction(roleFunc.getFunctionCd());
+ EpAppFunction cenRoleFunc = new EpAppFunction(role.getId(), functionCode,
+ roleFunc.getFunctionName(), null, type, action, null);
+ roleFunctionSet.add(cenRoleFunc);
+ }
+ SortedSet<CentralV2Role> childRoles = new TreeSet<>();
+ SortedSet<CentralV2Role> parentRoles = new TreeSet<>();
+ CentralV2Role cenRole;
+ if (role.getAppRoleId() == null) {
+ cenRole = CentralV2Role.builder().id(role.getId()).created(role.getCreated())
+ .modified(role.getModified()).createdId(role.getCreatedId().getUserId())
+ .modifiedId(role.getModifiedId().getUserId()).rowNum(role.getRowNum()).name(role.getRoleName())
+ .active(role.getActiveYn()).priority(role.getPriority()).roleFunctions(roleFunctionSet)
+ .childRoles(childRoles).parentRoles(parentRoles).build();
+ } else {
+ cenRole = CentralV2Role.builder().id(role.getAppRoleId())
+ .created(role.getCreated()).modified(role.getModified()).createdId(role.getCreatedId().getUserId())
+ .modifiedId(role.getModifiedId().getUserId()).rowNum(role.getRowNum()).name(role.getRoleName())
+ .active(role.getActiveYn()).priority(role.getPriority()).roleFunctions(roleFunctionSet)
+ .childRoles(childRoles).parentRoles(parentRoles).build();
+ }
+ roleList.add(cenRole);
+ }
+ return roleList;
+ }
+
+ private String getFunctionCodeAction(String roleFuncItem) {
+ return (!roleFuncItem.contains(FUNCTION_PIPE)) ? "*" : EcompPortalUtils.getFunctionAction(roleFuncItem);
+ }
+
+ public List<FnRole> getAppRoles(Long appId) {
+ List<FnRole> applicationRoles;
+ try {
+ if (appId == 1) {
+ applicationRoles = fnRoleService.retrieveAppRolesWhereAppIdIsNull();
+ } else {
+ applicationRoles = fnRoleService.retrieveAppRolesByAppId(appId);
+ }
+ } catch (Exception e) {
+ logger.error(EELFLoggerDelegate.errorLogger, "getAppRoles: failed", e);
+ throw e;
+ }
+ return applicationRoles;
+ }
+}
diff --git a/portal-BE/src/main/java/org/onap/portal/service/ep/EpAppFunctionService.java b/portal-BE/src/main/java/org/onap/portal/service/ep/EpAppFunctionService.java
new file mode 100644
index 00000000..b3691fce
--- /dev/null
+++ b/portal-BE/src/main/java/org/onap/portal/service/ep/EpAppFunctionService.java
@@ -0,0 +1,62 @@
+/*
+ * ============LICENSE_START==========================================
+ * ONAP Portal
+ * ===================================================================
+ * Copyright (C) 2019 AT&T Intellectual Property. All rights reserved.
+ * ===================================================================
+ * Modifications Copyright (c) 2019 Samsung
+ * ===================================================================
+ *
+ * Unless otherwise specified, all software contained herein is licensed
+ * under the Apache License, Version 2.0 (the "License");
+ * you may not use this software except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ * Unless otherwise specified, all documentation contained herein is licensed
+ * under the Creative Commons License, Attribution 4.0 Intl. (the "License");
+ * you may not use this documentation except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * https://creativecommons.org/licenses/by/4.0/
+ *
+ * Unless required by applicable law or agreed to in writing, documentation
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ * ============LICENSE_END============================================
+ *
+ *
+ */
+
+package org.onap.portal.service.ep;
+
+import java.util.List;
+import org.onap.portal.dao.ep.EpAppFunctionDao;
+import org.onap.portal.domain.db.ep.EpAppFunction;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.stereotype.Service;
+
+@Service
+public class EpAppFunctionService {
+
+ private final EpAppFunctionDao epAppFunctionDao;
+
+ @Autowired
+ public EpAppFunctionService(EpAppFunctionDao epAppFunctionDao) {
+ this.epAppFunctionDao = epAppFunctionDao;
+ }
+
+ public List<EpAppFunction> getAppRoleFunctionList(final Long roleId, final Long appId) {
+ return epAppFunctionDao.getAppRoleFunctionList(roleId, appId);
+ }
+}
diff --git a/portal-BE/src/main/java/org/onap/portal/service/ep/EpUserRolesRequestDetService.java b/portal-BE/src/main/java/org/onap/portal/service/ep/EpUserRolesRequestDetService.java
index 52e4527f..11c78b46 100644
--- a/portal-BE/src/main/java/org/onap/portal/service/ep/EpUserRolesRequestDetService.java
+++ b/portal-BE/src/main/java/org/onap/portal/service/ep/EpUserRolesRequestDetService.java
@@ -40,6 +40,9 @@
package org.onap.portal.service.ep;
+import java.util.ArrayList;
+import java.util.List;
+import java.util.Optional;
import org.onap.portal.dao.ep.EpUserRolesRequestDetDao;
import org.onap.portal.domain.db.ep.EpUserRolesRequestDet;
import org.springframework.beans.factory.annotation.Autowired;
@@ -59,4 +62,8 @@ public class EpUserRolesRequestDetService {
public EpUserRolesRequestDet saveOne(EpUserRolesRequestDet epUserRolesRequestDet){
return epUserRolesRequestDetDao.save(epUserRolesRequestDet);
}
+
+ public List<EpUserRolesRequestDet> appRolesRequestDetailList(final Long reqId){
+ return Optional.of(epUserRolesRequestDetDao.appRolesRequestDetailList(reqId)).orElse(new ArrayList<>());
+ }
}
diff --git a/portal-BE/src/main/java/org/onap/portal/service/ep/EpUserRolesRequestService.java b/portal-BE/src/main/java/org/onap/portal/service/ep/EpUserRolesRequestService.java
index 3acd40e9..4f5326d7 100644
--- a/portal-BE/src/main/java/org/onap/portal/service/ep/EpUserRolesRequestService.java
+++ b/portal-BE/src/main/java/org/onap/portal/service/ep/EpUserRolesRequestService.java
@@ -40,6 +40,9 @@
package org.onap.portal.service.ep;
+import java.util.ArrayList;
+import java.util.List;
+import java.util.Optional;
import org.onap.portal.dao.ep.EpUserRolesRequestDao;
import org.onap.portal.domain.db.ep.EpUserRolesRequest;
import org.springframework.beans.factory.annotation.Autowired;
@@ -59,4 +62,8 @@ public class EpUserRolesRequestService {
public EpUserRolesRequest saveOne(EpUserRolesRequest epUserRolesRequest){
return epUserRolesRequestDao.save(epUserRolesRequest);
}
+
+ public List<EpUserRolesRequest> userAppRolesRequestList(final Long userId, final Long appId){
+ return Optional.of(epUserRolesRequestDao.userAppRolesRequestList(userId, appId)).orElse(new ArrayList<>());
+ }
}
diff --git a/portal-BE/src/main/java/org/onap/portal/service/fn/FnAppService.java b/portal-BE/src/main/java/org/onap/portal/service/fn/FnAppService.java
index d8d88c97..a3920e31 100644
--- a/portal-BE/src/main/java/org/onap/portal/service/fn/FnAppService.java
+++ b/portal-BE/src/main/java/org/onap/portal/service/fn/FnAppService.java
@@ -40,9 +40,13 @@
package org.onap.portal.service.fn;
+import java.util.ArrayList;
import java.util.List;
import java.util.Optional;
+import java.util.TreeSet;
import javax.persistence.EntityExistsException;
+import javax.persistence.EntityManager;
+import javax.persistence.Query;
import org.onap.portal.dao.fn.FnAppDao;
import org.onap.portal.domain.db.fn.FnApp;
import org.onap.portal.domain.dto.transport.OnboardingApp;
@@ -56,56 +60,72 @@ import org.springframework.stereotype.Service;
@Service
public class FnAppService {
- private EELFLoggerDelegate logger = EELFLoggerDelegate.getLogger(FnAppService.class);
+ private static final String SUPER_ADMIN_ROLE_ID = "1";
- private final FnAppDao fnAppDao;
+ private EELFLoggerDelegate logger = EELFLoggerDelegate.getLogger(FnAppService.class);
- @Autowired
- public FnAppService(final FnAppDao fnAppDao) {
- this.fnAppDao = fnAppDao;
- }
+ private final FnAppDao fnAppDao;
+ private final EntityManager entityManager;
- public List<FnApp> getAppsFullList() {
- return fnAppDao.findAll();
- }
+ @Autowired
+ public FnAppService(final FnAppDao fnAppDao, EntityManager entityManager) {
+ this.fnAppDao = fnAppDao;
+ this.entityManager = entityManager;
+ }
- public FnApp getById(final Long id){
- return Optional.of(fnAppDao.getOne(id)).orElseThrow(EntityExistsException::new);
- }
+ public List<FnApp> getAppsFullList() {
+ return fnAppDao.findAll();
+ }
- public void createOnboardingFromApp(FnApp app, OnboardingApp onboardingApp) {
- onboardingApp.setId(app.getId());
- onboardingApp.setName(app.getAppName());
- onboardingApp.setImageUrl(app.getAppImageUrl());
- onboardingApp.setDescription(app.getAppDescription());
- onboardingApp.setNotes(app.getAppNotes());
- onboardingApp.setUrl(app.getAppUrl());
- onboardingApp.setAlternateUrl(app.getAppAlternateUrl());
- onboardingApp.setRestUrl(app.getAppRestEndpoint());
- onboardingApp.setIsOpen(app.getOpen());
- onboardingApp.setIsEnabled(app.getEnabled());
- onboardingApp.setUsername(app.getAppUsername());
- onboardingApp.setAppPassword((app.getAppPassword().equals(EPCommonSystemProperties.APP_DISPLAY_PASSWORD))
- ? EPCommonSystemProperties.APP_DISPLAY_PASSWORD : decryptedPassword(app.getAppPassword(), app));
- onboardingApp.setUebTopicName(app.getUebTopicName());
- onboardingApp.setUebKey(app.getUebKey());
- onboardingApp.setUebSecret(app.getUebSecret());
- onboardingApp.setIsCentralAuth(app.getAuthCentral());
- onboardingApp.setNameSpace(app.getAuthNamespace());
- onboardingApp.setRestrictedApp(app.isRestrictedApp());
- }
+ public FnApp getById(final Long id) {
+ return Optional.of(fnAppDao.getOne(id)).orElseThrow(EntityExistsException::new);
+ }
- private String decryptedPassword(String encryptedAppPwd, FnApp app) {
- String result = "";
- if (encryptedAppPwd != null && !encryptedAppPwd.isEmpty()) {
- try {
- result = CipherUtil.decryptPKC(encryptedAppPwd,
- SystemProperties.getProperty(SystemProperties.Decryption_Key));
- } catch (Exception e) {
- logger.error(EELFLoggerDelegate.errorLogger,
- "decryptedPassword failed for app " + app.getAppName(), e);
- }
- }
- return result;
- }
+ public void createOnboardingFromApp(FnApp app, OnboardingApp onboardingApp) {
+ onboardingApp.setId(app.getId());
+ onboardingApp.setName(app.getAppName());
+ onboardingApp.setImageUrl(app.getAppImageUrl());
+ onboardingApp.setDescription(app.getAppDescription());
+ onboardingApp.setNotes(app.getAppNotes());
+ onboardingApp.setUrl(app.getAppUrl());
+ onboardingApp.setAlternateUrl(app.getAppAlternateUrl());
+ onboardingApp.setRestUrl(app.getAppRestEndpoint());
+ onboardingApp.setIsOpen(app.getOpen());
+ onboardingApp.setIsEnabled(app.getEnabled());
+ onboardingApp.setUsername(app.getAppUsername());
+ onboardingApp.setAppPassword((app.getAppPassword().equals(EPCommonSystemProperties.APP_DISPLAY_PASSWORD))
+ ? EPCommonSystemProperties.APP_DISPLAY_PASSWORD : decryptedPassword(app.getAppPassword(), app));
+ onboardingApp.setUebTopicName(app.getUebTopicName());
+ onboardingApp.setUebKey(app.getUebKey());
+ onboardingApp.setUebSecret(app.getUebSecret());
+ onboardingApp.setIsCentralAuth(app.getAuthCentral());
+ onboardingApp.setNameSpace(app.getAuthNamespace());
+ onboardingApp.setRestrictedApp(app.isRestrictedApp());
+ }
+
+ private String decryptedPassword(String encryptedAppPwd, FnApp app) {
+ String result = "";
+ if (encryptedAppPwd != null && !encryptedAppPwd.isEmpty()) {
+ try {
+ result = CipherUtil.decryptPKC(encryptedAppPwd,
+ SystemProperties.getProperty(SystemProperties.Decryption_Key));
+ } catch (Exception e) {
+ logger.error(EELFLoggerDelegate.errorLogger,
+ "decryptedPassword failed for app " + app.getAppName(), e);
+ }
+ }
+ return result;
+ }
+
+ List<FnApp> getUserRemoteApps(String id) {
+/* StringBuilder sb = new StringBuilder();
+ sb.append("SELECT * FROM FnApp join FN_USER_ROLE ON FN_USER_ROLE.APP_ID = FN_APP.APP_ID where ");
+ sb.append("FN_USER_ROLE.USER_ID = ").append(id).append(" AND FN_USER_ROLE.ROLE_ID != ")
+ .append(SUPER_ADMIN_ROLE_ID);
+ sb.append(" AND FN_APP.ENABLED = 'Y'");
+
+ Query query = entityManager.createQuery(sb.toString());
+ List<FnApp> adminApps = query.getResultList();*/
+ return new ArrayList<>();
+ }
}
diff --git a/portal-BE/src/main/java/org/onap/portal/service/fn/FnRoleService.java b/portal-BE/src/main/java/org/onap/portal/service/fn/FnRoleService.java
index cabefcc3..aa859dbd 100644
--- a/portal-BE/src/main/java/org/onap/portal/service/fn/FnRoleService.java
+++ b/portal-BE/src/main/java/org/onap/portal/service/fn/FnRoleService.java
@@ -54,42 +54,60 @@ import org.springframework.transaction.annotation.Transactional;
@Service
@Transactional
public class FnRoleService {
- private EELFLoggerDelegate logger = EELFLoggerDelegate.getLogger(FnRoleService.class);
+ private EELFLoggerDelegate logger = EELFLoggerDelegate.getLogger(FnRoleService.class);
- private final FnRoleDao fnRoleDao;
- @Autowired
- public FnRoleService(FnRoleDao fnRoleDao) {
- this.fnRoleDao = fnRoleDao;
- }
+ private final FnRoleDao fnRoleDao;
- public FnRole getById(final Long id) {
- return fnRoleDao.findById(id).orElseThrow(EntityExistsException::new);
- }
+ @Autowired
+ public FnRoleService(FnRoleDao fnRoleDao) {
+ this.fnRoleDao = fnRoleDao;
+ }
- public FnRole getRole(final Long appId, final Long appRoleId) {
+ public FnRole getById(final Long id) {
+ return fnRoleDao.findById(id).orElseThrow(EntityExistsException::new);
+ }
- String sql = "SELECT * FROM fn_role where APP_ID = :appId AND APP_ROLE_ID = :appRoleId";
+ public FnRole getRole(final Long appId, final Long appRoleId) {
- List<FnRole> roles = Optional.of(fnRoleDao.retrieveAppRoleByAppRoleIdAndByAppId(appId, appRoleId)).orElse(new ArrayList<>());
- if (!roles.isEmpty()) {
- logger.error(EELFLoggerDelegate.errorLogger,
- String.format(
- "search by appId=%s, appRoleid=%s should have returned 0 or 1 results. Got %d. This is an internal server error.",
- appId, appRoleId, roles.size()));
- logger.error(EELFLoggerDelegate.errorLogger,
- "Trying to recover from duplicates by returning the first search result. This issue should be treated, it is probably not critical because duplicate roles should be similar.");
- return roles.get(0);
- }
- return null;
- }
+ String sql = "SELECT * FROM fn_role where APP_ID = :appId AND APP_ROLE_ID = :appRoleId";
- public List<FnRole> retrieveAppRoleByAppRoleIdAndByAppId(Long appId, Long appRoleId){
- return Optional.of(fnRoleDao.retrieveAppRoleByAppRoleIdAndByAppId(appId, appRoleId)).orElse(new ArrayList<>());
- }
+ List<FnRole> roles = Optional.of(fnRoleDao.retrieveAppRoleByAppRoleIdAndByAppId(appId, appRoleId))
+ .orElse(new ArrayList<>());
+ if (!roles.isEmpty()) {
+ logger.error(EELFLoggerDelegate.errorLogger,
+ String.format(
+ "search by appId=%s, appRoleid=%s should have returned 0 or 1 results. Got %d. This is an internal server error.",
+ appId, appRoleId, roles.size()));
+ logger.error(EELFLoggerDelegate.errorLogger,
+ "Trying to recover from duplicates by returning the first search result. This issue should be treated, it is probably not critical because duplicate roles should be similar.");
+ return roles.get(0);
+ }
+ return null;
+ }
- public List<FnRole> getUserRoleOnUserIdAndAppId(final Long userId, final Long appId) {
- return Optional.of(fnRoleDao.getUserRoleOnUserIdAndAppId(userId, appId)).orElse(new ArrayList<>());
- }
+ public List<FnRole> retrieveAppRoleByAppRoleIdAndByAppId(final Long appId, final Long appRoleId) {
+ return Optional.of(fnRoleDao.retrieveAppRoleByAppRoleIdAndByAppId(appId, appRoleId)).orElse(new ArrayList<>());
+ }
+
+ public List<FnRole> getUserRoleOnUserIdAndAppId(final Long userId, final Long appId) {
+ return Optional.of(fnRoleDao.getUserRoleOnUserIdAndAppId(userId, appId)).orElse(new ArrayList<>());
+ }
+
+ public List<FnRole> retrieveAppRoleByRoleIdWhereAppIdIsNull(final Long roleId) {
+ return Optional.of(fnRoleDao.retrieveAppRoleByRoleIdWhereAppIdIsNull(roleId)).orElse(new ArrayList<>());
+ }
+
+ public List<FnRole> retrieveAppRolesWhereAppIdIsNull() {
+ return Optional.of(fnRoleDao.retrieveAppRolesWhereAppIdIsNull()).orElse(new ArrayList<>());
+ }
+
+ public List<FnRole> retrieveAppRolesByAppId(final Long id) {
+ return Optional.of(fnRoleDao.retrieveAppRolesByAppId(id)).orElse(new ArrayList<>());
+ }
+
+ public List<FnRole> retrieveAppRolesByRoleNameAndByAppId(final String roleName, final Long appId) {
+ return Optional.of(fnRoleDao.retrieveAppRolesByRoleNameAndByAppId(roleName, appId)).orElse(new ArrayList<>());
+ }
}
diff --git a/portal-BE/src/main/java/org/onap/portal/service/fn/FnUserRoleService.java b/portal-BE/src/main/java/org/onap/portal/service/fn/FnUserRoleService.java
index 6c1b9fa0..7772c8f0 100644
--- a/portal-BE/src/main/java/org/onap/portal/service/fn/FnUserRoleService.java
+++ b/portal-BE/src/main/java/org/onap/portal/service/fn/FnUserRoleService.java
@@ -47,6 +47,7 @@ import java.io.IOException;
import java.time.LocalDateTime;
import java.util.ArrayList;
import java.util.Arrays;
+import java.util.Collection;
import java.util.HashMap;
import java.util.LinkedHashSet;
import java.util.List;
@@ -56,9 +57,14 @@ import java.util.Set;
import java.util.SortedSet;
import java.util.stream.Collectors;
import javax.persistence.EntityManager;
+import javax.persistence.Query;
import javax.persistence.Tuple;
import javax.servlet.http.HttpServletResponse;
+import org.apache.commons.lang.StringUtils;
import org.apache.cxf.transport.http.HTTPException;
+import org.hibernate.Session;
+import org.hibernate.SessionFactory;
+import org.hibernate.Transaction;
import org.onap.portal.dao.fn.FnUserRoleDao;
import org.onap.portal.domain.db.ep.EpUserRolesRequest;
import org.onap.portal.domain.db.ep.EpUserRolesRequestDet;
@@ -69,325 +75,409 @@ import org.onap.portal.domain.db.fn.FnUserRole;
import org.onap.portal.domain.dto.ecomp.EPUserAppCatalogRoles;
import org.onap.portal.domain.dto.ecomp.ExternalSystemAccess;
import org.onap.portal.domain.dto.transport.AppWithRolesForUser;
+import org.onap.portal.domain.dto.transport.ExternalAccessUserRoleDetail;
import org.onap.portal.domain.dto.transport.FieldsValidator;
import org.onap.portal.domain.dto.transport.RemoteRole;
import org.onap.portal.domain.dto.transport.RemoteUserWithRoles;
import org.onap.portal.domain.dto.transport.RoleInAppForUser;
import org.onap.portal.domain.dto.transport.UserApplicationRoles;
+import org.onap.portal.exception.SyncUserRolesException;
+import org.onap.portal.logging.format.EPAppMessagesEnum;
+import org.onap.portal.logging.logic.EPLogUtil;
import org.onap.portal.service.ApplicationsRestClientService;
+import org.onap.portal.service.ExternalAccessRolesService;
import org.onap.portal.service.ep.EpUserRolesRequestDetService;
import org.onap.portal.service.ep.EpUserRolesRequestService;
import org.onap.portal.utils.EPCommonSystemProperties;
+import org.onap.portal.utils.EcompPortalUtils;
import org.onap.portal.utils.PortalConstants;
import org.onap.portalsdk.core.logging.logic.EELFLoggerDelegate;
+import org.onap.portalsdk.core.restful.domain.EcompRole;
import org.onap.portalsdk.core.util.SystemProperties;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Service;
import org.springframework.transaction.annotation.Transactional;
+import org.springframework.web.client.RestTemplate;
@Service
@Transactional
public class FnUserRoleService {
- private static final String USER_APP_CATALOG_ROLES =
- "select\n"
- + " A.reqId as reqId,\n"
- + " B.requestedRoleId.roleId as requestedRoleId,\n"
- + " A.requestStatus as requestStatus,\n"
- + " A.appId.appId as appId,\n"
- + " (\n"
- + " select\n"
- + " roleName\n"
- + " from\n"
- + " FnRole\n"
- + " where\n"
- + " roleId = B.requestedRoleId.roleId\n"
- + " ) as roleName\n"
- + "from\n"
- + " EpUserRolesRequest A\n"
- + " left join EpUserRolesRequestDet B on A.reqId = B.reqId.reqId\n"
- + "where\n"
- + " A.userId.userId = :userid\n"
- + " and A.appId IN (\n"
- + " select\n"
- + " appId\n"
- + " from\n"
- + " FnApp\n"
- + " where\n"
- + " appName = :appName\n"
- + " )\n"
- + " and A.requestStatus = 'P'\n";
-
- private EELFLoggerDelegate logger = EELFLoggerDelegate.getLogger(FnUserRoleService.class);
- private final FnUserRoleDao fnUserRoleDao;
- private final FnAppService fnAppService;
- private final FnRoleService fnRoleService;
- private final FnUserService fnUserService;
- private final EpUserRolesRequestService epUserRolesRequestService;
- private final EpUserRolesRequestDetService epUserRolesRequestDetService;
- private final EntityManager entityManager;
- private final ApplicationsRestClientService applicationsRestClientService;
-
- @Autowired
- public FnUserRoleService(FnUserRoleDao fnUserRoleDao, FnAppService fnAppService,
- FnRoleService fnRoleService,
- FnUserService fnUserService,
- EpUserRolesRequestService epUserRolesRequestService,
- EpUserRolesRequestDetService epUserRolesRequestDetService,
- EntityManager entityManager,
- ApplicationsRestClientService applicationsRestClientService) {
- this.fnUserRoleDao = fnUserRoleDao;
- this.fnAppService = fnAppService;
- this.fnRoleService = fnRoleService;
- this.fnUserService = fnUserService;
- this.epUserRolesRequestService = epUserRolesRequestService;
- this.epUserRolesRequestDetService = epUserRolesRequestDetService;
- this.entityManager = entityManager;
- this.applicationsRestClientService = applicationsRestClientService;
- }
-
- public List<FnUserRole> getAdminUserRoles(final Long userId, final Long roleId, final Long appId) {
- return fnUserRoleDao.getAdminUserRoles(userId, roleId, appId).orElse(new ArrayList<>());
- }
-
- public boolean isSuperAdmin(final String orgUserId, final Long roleId, final Long appId) {
- List<FnUserRole> roles = getUserRolesForRoleIdAndAppId(roleId, appId).stream()
- .filter(role -> role.getUserId().getOrgUserId().equals(orgUserId)).collect(Collectors.toList());
- return !roles.isEmpty();
- }
-
- private List<FnUserRole> getUserRolesForRoleIdAndAppId(final Long roleId, final Long appId) {
- return Optional.of(fnUserRoleDao.getUserRolesForRoleIdAndAppId(roleId, appId)).orElse(new ArrayList<>());
- }
-
- public FnUserRole saveOne(final FnUserRole fnUserRole) {
- return fnUserRoleDao.save(fnUserRole);
- }
-
- public ExternalSystemAccess getExternalRequestAccess() {
- ExternalSystemAccess res = null;
- try {
- res = new ExternalSystemAccess(EPCommonSystemProperties.EXTERNAL_ACCESS_ENABLE,
- Boolean.parseBoolean(
- SystemProperties.getProperty(EPCommonSystemProperties.EXTERNAL_ACCESS_ENABLE)));
- } catch (Exception e) {
- logger.error(EELFLoggerDelegate.errorLogger, "getExternalRequestAccess failed" + e.getMessage());
- }
- return res;
- }
-
- public List<EPUserAppCatalogRoles> getUserAppCatalogRoles(FnUser userid, String appName) {
- List<Tuple> tuples = entityManager.createQuery(USER_APP_CATALOG_ROLES, Tuple.class)
- .setParameter("userid", userid.getUserId())
- .setParameter("appName", appName)
- .getResultList();
- return tuples.stream().map(this::tupleToEPUserAppCatalogRoles).collect(Collectors.toList());
- }
-
- private EPUserAppCatalogRoles tupleToEPUserAppCatalogRoles(Tuple tuple) {
- return new EPUserAppCatalogRoles((Long) tuple.get("reqId"), (Long) tuple.get("requestedRoleId"),
- (String) tuple.get("roleName"), (String) tuple.get("requestStatus"), (Long) tuple.get("appId"));
- }
-
- private boolean postUserRolesToMylogins(AppWithRolesForUser userAppRolesData,
- ApplicationsRestClientService applicationsRestClientService, Long appId, Long userId)
- throws JsonProcessingException, HTTPException {
- boolean result = false;
- ObjectMapper mapper = new ObjectMapper();
- mapper.configure(DeserializationFeature.FAIL_ON_UNKNOWN_PROPERTIES, false);
- String userRolesAsString = mapper.writeValueAsString(userAppRolesData);
- logger.error(EELFLoggerDelegate.errorLogger,
- "Should not be reached here, as the endpoint is not defined yet from the Mylogins");
- applicationsRestClientService.post(AppWithRolesForUser.class, appId, userRolesAsString,
- String.format("/user/%s/myLoginroles", userId));
- return result;
- }
-
- public FieldsValidator putUserAppRolesRequest(AppWithRolesForUser newAppRolesForUser, FnUser user) {
- FieldsValidator fieldsValidator = new FieldsValidator();
- List<FnRole> appRole;
- try {
- logger.error(EELFLoggerDelegate.errorLogger,
- "Should not be reached here, still the endpoint is yet to be defined");
- boolean result = postUserRolesToMylogins(newAppRolesForUser, applicationsRestClientService,
- newAppRolesForUser.getAppId(), user.getId());
- logger.debug(EELFLoggerDelegate.debugLogger, "putUserAppRolesRequest: result {}", result);
- FnApp app = fnAppService.getById(newAppRolesForUser.getAppId());
- EpUserRolesRequest epUserRolesRequest = new EpUserRolesRequest();
- epUserRolesRequest.setCreatedDate(LocalDateTime.now());
- epUserRolesRequest.setUpdatedDate(LocalDateTime.now());
- epUserRolesRequest.setUserId(user);
- epUserRolesRequest.setAppId(app);
- epUserRolesRequest.setRequestStatus("P");
- List<RoleInAppForUser> appRoleIdList = newAppRolesForUser.getAppRoles();
- Set<EpUserRolesRequestDet> appRoleDetails = new LinkedHashSet<>();
- epUserRolesRequestService.saveOne(epUserRolesRequest);
- for (RoleInAppForUser userAppRoles : appRoleIdList) {
- Boolean isAppliedVal = userAppRoles.getIsApplied();
- if (isAppliedVal) {
- appRole = fnRoleService
- .retrieveAppRoleByAppRoleIdAndByAppId(newAppRolesForUser.getAppId(),
- userAppRoles.getRoleId());
- if (!appRole.isEmpty()) {
- EpUserRolesRequestDet epAppRoleDetail = new EpUserRolesRequestDet();
- epAppRoleDetail.setRequestedRoleId(appRole.get(0));
- epAppRoleDetail.setRequestType("P");
- epAppRoleDetail.setReqId(epUserRolesRequest);
- epUserRolesRequestDetService.saveOne(epAppRoleDetail);
- }
- }
- }
- epUserRolesRequest.setEpRequestIdDetail(appRoleDetails);
- fieldsValidator.setHttpStatusCode((long) HttpServletResponse.SC_OK);
-
- } catch (Exception e) {
- logger.error(EELFLoggerDelegate.errorLogger, "putUserAppRolesRequest failed", e);
- fieldsValidator.setHttpStatusCode((long) HttpServletResponse.SC_INTERNAL_SERVER_ERROR);
- }
- return fieldsValidator;
- }
-
- public List<FnRole> importRolesFromRemoteApplication(Long appId) throws HTTPException {
- FnRole[] appRolesFull = applicationsRestClientService.get(FnRole[].class, appId, "/rolesFull");
- List<FnRole> rolesList = Arrays.asList(appRolesFull);
- for (FnRole externalAppRole : rolesList) {
-
- // Try to find an existing extern role for the app in the local
- // onap DB. If so, then use its id to update the existing external
- // application role record.
- Long externAppId = externalAppRole.getId();
- FnRole existingAppRole = fnRoleService.getRole(appId, externAppId);
- if (existingAppRole != null) {
- logger.debug(EELFLoggerDelegate.debugLogger,
- String.format(
- "ecomp role already exists for app=%s; appRoleId=%s. No need to import this one.",
- appId, externAppId));
- continue;
- }
- // persistExternalRoleInEcompDb(externalAppRole, appId,
- // roleService);
- }
-
- return rolesList;
- }
-
- public List<UserApplicationRoles> getUsersFromAppEndpoint(Long appId) throws HTTPException {
- ArrayList<UserApplicationRoles> userApplicationRoles = new ArrayList<>();
-
- FnApp app = fnAppService.getById(appId);
- //If local or centralized application
- if (PortalConstants.PORTAL_APP_ID.equals(appId) || app.getAuthCentral()) {
- List<FnUser> userList = fnUserService.getActiveUsers();
- for (FnUser user : userList) {
- UserApplicationRoles userWithAppRoles = convertToUserApplicationRoles(appId, user, app);
- if (userWithAppRoles.getRoles() != null && userWithAppRoles.getRoles().size() > 0) {
- userApplicationRoles.add(userWithAppRoles);
- }
- }
-
- }
- // remote app
- else {
- RemoteUserWithRoles[] remoteUsers = null;
- String remoteUsersString = applicationsRestClientService.getIncomingJsonString(appId, "/users");
-
- remoteUsers = doGetUsers(isAppUpgradeVersion(app), remoteUsersString);
-
- userApplicationRoles = new ArrayList<>();
- for (RemoteUserWithRoles remoteUser : remoteUsers) {
- UserApplicationRoles userWithRemoteAppRoles = convertToUserApplicationRoles(appId,
- remoteUser);
- if (userWithRemoteAppRoles.getRoles() != null
- && userWithRemoteAppRoles.getRoles().size() > 0) {
- userApplicationRoles.add(userWithRemoteAppRoles);
- } else {
- logger.debug(EELFLoggerDelegate.debugLogger,
- "User " + userWithRemoteAppRoles.getOrgUserId()
- + " doesn't have any roles assigned to any app.");
- }
- }
- }
-
- return userApplicationRoles;
- }
-
- private UserApplicationRoles convertToUserApplicationRoles(Long appId, RemoteUserWithRoles remoteUser) {
- UserApplicationRoles userWithRemoteAppRoles = new UserApplicationRoles();
- userWithRemoteAppRoles.setAppId(appId);
- userWithRemoteAppRoles.setOrgUserId(remoteUser.getOrgUserId());
- userWithRemoteAppRoles.setFirstName(remoteUser.getFirstName());
- userWithRemoteAppRoles.setLastName(remoteUser.getLastName());
- userWithRemoteAppRoles.setRoles(remoteUser.getRoles());
- return userWithRemoteAppRoles;
- }
-
- private boolean isAppUpgradeVersion(FnApp app) {
- return true;
- }
-
- private RemoteUserWithRoles[] doGetUsers(boolean postOpenSource, String remoteUsersString) {
-
- ObjectMapper mapper = new ObjectMapper();
- try {
- return mapper.readValue(remoteUsersString, RemoteUserWithRoles[].class);
- } catch (IOException e) {
- logger.error(EELFLoggerDelegate.errorLogger,
- "doGetUsers : Failed : Unexpected property in incoming JSON",
- e);
- logger.error(EELFLoggerDelegate.errorLogger,
- "doGetUsers : Incoming JSON that caused it --> " + remoteUsersString);
- }
-
- return new RemoteUserWithRoles[0];
- }
-
- private UserApplicationRoles convertToUserApplicationRoles(Long appId, FnUser user, FnApp app) {
- UserApplicationRoles userWithRemoteAppRoles = new UserApplicationRoles();
- userWithRemoteAppRoles.setAppId(appId);
- userWithRemoteAppRoles.setOrgUserId(user.getOrgUserId());
- userWithRemoteAppRoles.setFirstName(user.getFirstName());
- userWithRemoteAppRoles.setLastName(user.getLastName());
- userWithRemoteAppRoles.setRoles(convertToRemoteRoleList(user, app));
- return userWithRemoteAppRoles;
- }
-
- private List<RemoteRole> convertToRemoteRoleList(FnUser user, FnApp app) {
- List<RemoteRole> roleList = new ArrayList<>();
- SortedSet<FnRole> roleSet = user.getAppEPRoles(app);
- for (FnRole role : roleSet) {
- logger.debug(EELFLoggerDelegate.debugLogger, "In convertToRemoteRoleList() - for user {}, found Name {}", user.getOrgUserId(), role.getRoleName());
- RemoteRole rRole = new RemoteRole();
- rRole.setId(role.getId());
- rRole.setName(role.getRoleName());
- roleList.add(rRole);
- }
-
- //Get the active roles of user for that application using query
- List<FnRole> userEpRoleList = fnRoleService.getUserRoleOnUserIdAndAppId(user.getId(), app.getId());
-
- for (FnRole remoteUserRoleList : userEpRoleList) {
-
- RemoteRole remoteRoleListId = roleList.stream().filter(x -> remoteUserRoleList.getId().equals(x.getId()))
- .findAny().orElse(null);
- if (remoteRoleListId == null) {
- logger.debug(EELFLoggerDelegate.debugLogger,
- "Adding the role to the rolelist () - for user {}, found Name {}", user.getOrgUserId(),
-
- remoteUserRoleList.getRoleName());
- RemoteRole role = new RemoteRole();
- role.setId(remoteUserRoleList.getId());
- role.setName(remoteUserRoleList.getRoleName());
-
- roleList.add(role);
- }
-
- }
-
- logger.debug(EELFLoggerDelegate.debugLogger, "rolelist size of the USER() - for user {}, found RoleListSize {}", user.getOrgUserId(), roleList.size());
-
- return roleList;
-
-
-
- }
+ private static final String GET_ROLE_FUNCTIONS_OF_USERFOR_ALLTHE_APPLICATIONS =
+ "select\n"
+ + " distinct ep.function_cd functionCd\n"
+ + "from\n"
+ + " fn_user_role fu,\n"
+ + " ep_app_role_function ep,\n"
+ + " ep_app_function ea\n"
+ + "where\n"
+ + " fu.role_id = ep.role_id\n"
+ + " and fu.app_id = ep.app_id\n"
+ + " and fu.user_id = 'userId'\n"
+ + " and ea.function_cd = ep.function_cd\n"
+ + " and exists (\n"
+ + " select\n"
+ + " fa.app_id\n"
+ + " from\n"
+ + " fn_user fu,\n"
+ + " fn_user_role ur,\n"
+ + " fn_app fa\n"
+ + " where\n"
+ + " fu.user_id = 'userId'\n"
+ + " and fu.user_id = ur.user_id\n"
+ + " and ur.app_id = fa.app_id\n"
+ + " and fa.enabled = 'Y'\n"
+ + " )";
+
+ private static final String USER_APP_CATALOG_ROLES =
+ "select\n"
+ + " A.reqId as reqId,\n"
+ + " B.requestedRoleId.roleId as requestedRoleId,\n"
+ + " A.requestStatus as requestStatus,\n"
+ + " A.appId.appId as appId,\n"
+ + " (\n"
+ + " select\n"
+ + " roleName\n"
+ + " from\n"
+ + " FnRole\n"
+ + " where\n"
+ + " roleId = B.requestedRoleId.roleId\n"
+ + " ) as roleName\n"
+ + "from\n"
+ + " EpUserRolesRequest A\n"
+ + " left join EpUserRolesRequestDet B on A.reqId = B.reqId.reqId\n"
+ + "where\n"
+ + " A.userId.userId = :userid\n"
+ + " and A.appId IN (\n"
+ + " select\n"
+ + " appId\n"
+ + " from\n"
+ + " FnApp\n"
+ + " where\n"
+ + " appName = :appName\n"
+ + " )\n"
+ + " and A.requestStatus = 'P'\n";
+
+ private EELFLoggerDelegate logger = EELFLoggerDelegate.getLogger(FnUserRoleService.class);
+
+ private final FnUserRoleDao fnUserRoleDao;
+ private final FnAppService fnAppService;
+ private final FnRoleService fnRoleService;
+ private final FnUserService fnUserService;
+ private final EpUserRolesRequestService epUserRolesRequestService;
+ private final EpUserRolesRequestDetService epUserRolesRequestDetService;
+ private final EntityManager entityManager;
+ private final ApplicationsRestClientService applicationsRestClientService;
+
+ @Autowired
+ public FnUserRoleService(FnUserRoleDao
+ fnUserRoleDao,
+ FnAppService fnAppService,
+ FnRoleService fnRoleService,
+ FnUserService fnUserService,
+ EpUserRolesRequestService epUserRolesRequestService,
+ EpUserRolesRequestDetService epUserRolesRequestDetService,
+ EntityManager entityManager,
+ ApplicationsRestClientService applicationsRestClientService) {
+ this.fnUserRoleDao = fnUserRoleDao;
+ this.fnAppService = fnAppService;
+ this.fnRoleService = fnRoleService;
+ this.fnUserService = fnUserService;
+ this.epUserRolesRequestService = epUserRolesRequestService;
+ this.epUserRolesRequestDetService = epUserRolesRequestDetService;
+ this.entityManager = entityManager;
+ this.applicationsRestClientService = applicationsRestClientService;
+ }
+
+ public List<FnUserRole> getAdminUserRoles(final Long userId, final Long roleId, final Long appId) {
+ return fnUserRoleDao.getAdminUserRoles(userId, roleId, appId).orElse(new ArrayList<>());
+ }
+
+ public boolean isSuperAdmin(final String orgUserId, final Long roleId, final Long appId) {
+ List<FnUserRole> roles = getUserRolesForRoleIdAndAppId(roleId, appId).stream()
+ .filter(role -> role.getUserId().getOrgUserId().equals(orgUserId)).collect(Collectors.toList());
+ return !roles.isEmpty();
+ }
+
+ private List<FnUserRole> getUserRolesForRoleIdAndAppId(final Long roleId, final Long appId) {
+ return Optional.of(fnUserRoleDao.getUserRolesForRoleIdAndAppId(roleId, appId)).orElse(new ArrayList<>());
+ }
+
+ public FnUserRole saveOne(final FnUserRole fnUserRole) {
+ return fnUserRoleDao.save(fnUserRole);
+ }
+
+ public ExternalSystemAccess getExternalRequestAccess() {
+ ExternalSystemAccess res = null;
+ try {
+ res = new ExternalSystemAccess(EPCommonSystemProperties.EXTERNAL_ACCESS_ENABLE,
+ Boolean.parseBoolean(
+ SystemProperties.getProperty(EPCommonSystemProperties.EXTERNAL_ACCESS_ENABLE)));
+ } catch (Exception e) {
+ logger.error(EELFLoggerDelegate.errorLogger, "getExternalRequestAccess failed" + e.getMessage());
+ }
+ return res;
+ }
+
+ public List<EPUserAppCatalogRoles> getUserAppCatalogRoles(FnUser userid, String appName) {
+ List<Tuple> tuples = entityManager.createQuery(USER_APP_CATALOG_ROLES, Tuple.class)
+ .setParameter("userid", userid.getUserId())
+ .setParameter("appName", appName)
+ .getResultList();
+ return Optional.of(tuples.stream().map(this::tupleToEPUserAppCatalogRoles).collect(Collectors.toList()))
+ .orElse(new ArrayList<>());
+ }
+
+ private EPUserAppCatalogRoles tupleToEPUserAppCatalogRoles(Tuple tuple) {
+ return new EPUserAppCatalogRoles((Long) tuple.get("reqId"), (Long) tuple.get("requestedRoleId"),
+ (String) tuple.get("roleName"), (String) tuple.get("requestStatus"), (Long) tuple.get("appId"));
+ }
+
+ private boolean postUserRolesToMylogins(AppWithRolesForUser userAppRolesData,
+ ApplicationsRestClientService applicationsRestClientService, Long appId, Long userId)
+ throws JsonProcessingException, HTTPException {
+ boolean result = false;
+ ObjectMapper mapper = new ObjectMapper();
+ mapper.configure(DeserializationFeature.FAIL_ON_UNKNOWN_PROPERTIES, false);
+ String userRolesAsString = mapper.writeValueAsString(userAppRolesData);
+ logger.error(EELFLoggerDelegate.errorLogger,
+ "Should not be reached here, as the endpoint is not defined yet from the Mylogins");
+ applicationsRestClientService.post(AppWithRolesForUser.class, appId, userRolesAsString,
+ String.format("/user/%s/myLoginroles", userId));
+ return result;
+ }
+
+ public FieldsValidator putUserAppRolesRequest(AppWithRolesForUser newAppRolesForUser, FnUser user) {
+ FieldsValidator fieldsValidator = new FieldsValidator();
+ List<FnRole> appRole;
+ try {
+ logger.error(EELFLoggerDelegate.errorLogger,
+ "Should not be reached here, still the endpoint is yet to be defined");
+ boolean result = postUserRolesToMylogins(newAppRolesForUser, applicationsRestClientService,
+ newAppRolesForUser.getAppId(), user.getId());
+ logger.debug(EELFLoggerDelegate.debugLogger, "putUserAppRolesRequest: result {}", result);
+ FnApp app = fnAppService.getById(newAppRolesForUser.getAppId());
+ EpUserRolesRequest epUserRolesRequest = new EpUserRolesRequest();
+ epUserRolesRequest.setCreatedDate(LocalDateTime.now());
+ epUserRolesRequest.setUpdatedDate(LocalDateTime.now());
+ epUserRolesRequest.setUserId(user);
+ epUserRolesRequest.setAppId(app);
+ epUserRolesRequest.setRequestStatus("P");
+ List<RoleInAppForUser> appRoleIdList = newAppRolesForUser.getAppRoles();
+ Set<EpUserRolesRequestDet> appRoleDetails = new LinkedHashSet<>();
+ epUserRolesRequestService.saveOne(epUserRolesRequest);
+ for (RoleInAppForUser userAppRoles : appRoleIdList) {
+ Boolean isAppliedVal = userAppRoles.getIsApplied();
+ if (isAppliedVal) {
+ appRole = fnRoleService
+ .retrieveAppRoleByAppRoleIdAndByAppId(newAppRolesForUser.getAppId(),
+ userAppRoles.getRoleId());
+ if (!appRole.isEmpty()) {
+ EpUserRolesRequestDet epAppRoleDetail = new EpUserRolesRequestDet();
+ epAppRoleDetail.setRequestedRoleId(appRole.get(0));
+ epAppRoleDetail.setRequestType("P");
+ epAppRoleDetail.setReqId(epUserRolesRequest);
+ epUserRolesRequestDetService.saveOne(epAppRoleDetail);
+ }
+ }
+ }
+ epUserRolesRequest.setEpRequestIdDetail(appRoleDetails);
+ fieldsValidator.setHttpStatusCode((long) HttpServletResponse.SC_OK);
+
+ } catch (Exception e) {
+ logger.error(EELFLoggerDelegate.errorLogger, "putUserAppRolesRequest failed", e);
+ fieldsValidator.setHttpStatusCode((long) HttpServletResponse.SC_INTERNAL_SERVER_ERROR);
+ }
+ return fieldsValidator;
+ }
+
+ public List<FnRole> importRolesFromRemoteApplication(Long appId) throws HTTPException {
+ FnRole[] appRolesFull = applicationsRestClientService.get(FnRole[].class, appId, "/rolesFull");
+ List<FnRole> rolesList = Arrays.asList(appRolesFull);
+ for (FnRole externalAppRole : rolesList) {
+
+ // Try to find an existing extern role for the app in the local
+ // onap DB. If so, then use its id to update the existing external
+ // application role record.
+ Long externAppId = externalAppRole.getId();
+ FnRole existingAppRole = fnRoleService.getRole(appId, externAppId);
+ if (existingAppRole != null) {
+ logger.debug(EELFLoggerDelegate.debugLogger,
+ String.format(
+ "ecomp role already exists for app=%s; appRoleId=%s. No need to import this one.",
+ appId, externAppId));
+ }
+ }
+
+ return rolesList;
+ }
+
+ public List<UserApplicationRoles> getUsersFromAppEndpoint(Long appId) throws HTTPException {
+ ArrayList<UserApplicationRoles> userApplicationRoles = new ArrayList<>();
+
+ FnApp app = fnAppService.getById(appId);
+ //If local or centralized application
+ if (PortalConstants.PORTAL_APP_ID.equals(appId) || app.getAuthCentral()) {
+ List<FnUser> userList = fnUserService.getActiveUsers();
+ for (FnUser user : userList) {
+ UserApplicationRoles userWithAppRoles = convertToUserApplicationRoles(appId, user, app);
+ if (userWithAppRoles.getRoles() != null && userWithAppRoles.getRoles().size() > 0) {
+ userApplicationRoles.add(userWithAppRoles);
+ }
+ }
+
+ }
+ // remote app
+ else {
+ RemoteUserWithRoles[] remoteUsers;
+ String remoteUsersString = applicationsRestClientService.getIncomingJsonString(appId, "/users");
+
+ remoteUsers = doGetUsers(remoteUsersString);
+
+ userApplicationRoles = new ArrayList<>();
+ for (RemoteUserWithRoles remoteUser : remoteUsers) {
+ UserApplicationRoles userWithRemoteAppRoles = convertToUserApplicationRoles(appId,
+ remoteUser);
+ if (userWithRemoteAppRoles.getRoles() != null
+ && userWithRemoteAppRoles.getRoles().size() > 0) {
+ userApplicationRoles.add(userWithRemoteAppRoles);
+ } else {
+ logger.debug(EELFLoggerDelegate.debugLogger,
+ "User " + userWithRemoteAppRoles.getOrgUserId()
+ + " doesn't have any roles assigned to any app.");
+ }
+ }
+ }
+
+ return userApplicationRoles;
+ }
+
+ private UserApplicationRoles convertToUserApplicationRoles(Long appId, RemoteUserWithRoles remoteUser) {
+ UserApplicationRoles userWithRemoteAppRoles = new UserApplicationRoles();
+ userWithRemoteAppRoles.setAppId(appId);
+ userWithRemoteAppRoles.setOrgUserId(remoteUser.getOrgUserId());
+ userWithRemoteAppRoles.setFirstName(remoteUser.getFirstName());
+ userWithRemoteAppRoles.setLastName(remoteUser.getLastName());
+ userWithRemoteAppRoles.setRoles(remoteUser.getRoles());
+ return userWithRemoteAppRoles;
+ }
+
+ private RemoteUserWithRoles[] doGetUsers(String remoteUsersString) {
+
+ ObjectMapper mapper = new ObjectMapper();
+ try {
+ return mapper.readValue(remoteUsersString, RemoteUserWithRoles[].class);
+ } catch (IOException e) {
+ logger.error(EELFLoggerDelegate.errorLogger,
+ "doGetUsers : Failed : Unexpected property in incoming JSON",
+ e);
+ logger.error(EELFLoggerDelegate.errorLogger,
+ "doGetUsers : Incoming JSON that caused it --> " + remoteUsersString);
+ }
+
+ return new RemoteUserWithRoles[0];
+ }
+
+ private UserApplicationRoles convertToUserApplicationRoles(Long appId, FnUser user, FnApp app) {
+ UserApplicationRoles userWithRemoteAppRoles = new UserApplicationRoles();
+ userWithRemoteAppRoles.setAppId(appId);
+ userWithRemoteAppRoles.setOrgUserId(user.getOrgUserId());
+ userWithRemoteAppRoles.setFirstName(user.getFirstName());
+ userWithRemoteAppRoles.setLastName(user.getLastName());
+ userWithRemoteAppRoles.setRoles(convertToRemoteRoleList(user, app));
+ return userWithRemoteAppRoles;
+ }
+
+ private List<RemoteRole> convertToRemoteRoleList(FnUser user, FnApp app) {
+ List<RemoteRole> roleList = new ArrayList<>();
+ SortedSet<FnRole> roleSet = user.getAppEPRoles(app);
+ for (FnRole role : roleSet) {
+ logger.debug(EELFLoggerDelegate.debugLogger,
+ "In convertToRemoteRoleList() - for user {}, found Name {}", user.getOrgUserId(),
+ role.getRoleName());
+ RemoteRole rRole = new RemoteRole();
+ rRole.setId(role.getId());
+ rRole.setName(role.getRoleName());
+ roleList.add(rRole);
+ }
+
+ //Get the active roles of user for that application using query
+ List<FnRole> userEpRoleList = fnRoleService.getUserRoleOnUserIdAndAppId(user.getId(), app.getId());
+
+ for (FnRole remoteUserRoleList : userEpRoleList) {
+
+ RemoteRole remoteRoleListId = roleList.stream()
+ .filter(x -> remoteUserRoleList.getId().equals(x.getId()))
+ .findAny().orElse(null);
+ if (remoteRoleListId == null) {
+ logger.debug(EELFLoggerDelegate.debugLogger,
+ "Adding the role to the rolelist () - for user {}, found Name {}",
+ user.getOrgUserId(),
+
+ remoteUserRoleList.getRoleName());
+ RemoteRole role = new RemoteRole();
+ role.setId(remoteUserRoleList.getId());
+ role.setName(remoteUserRoleList.getRoleName());
+
+ roleList.add(role);
+ }
+
+ }
+
+ logger.debug(EELFLoggerDelegate.debugLogger,
+ "rolelist size of the USER() - for user {}, found RoleListSize {}", user.getOrgUserId(),
+ roleList.size());
+ return roleList;
+ }
+
+ public List getRoleFunctionsOfUserforAlltheApplications(Long userId) {
+ List<Tuple> tuples = entityManager
+ .createQuery(GET_ROLE_FUNCTIONS_OF_USERFOR_ALLTHE_APPLICATIONS, Tuple.class)
+ .setParameter("userid", userId)
+ .getResultList();
+ return Optional.of(tuples.stream().map(tuple -> tuple.get("functionCd")).collect(Collectors.toList()))
+ .orElse(new ArrayList<>());
+ }
+
+ public List<FnUserRole> retrieveByAppIdAndUserId(final Long appId, final String userId) {
+ return Optional.of(fnUserRoleDao.retrieveByAppIdAndUserId(appId, userId)).orElse(new ArrayList<>());
+ }
+
+ public String updateRemoteUserProfile(String orgUserId, long appId) {
+ ObjectMapper mapper = new ObjectMapper();
+ mapper.configure(DeserializationFeature.FAIL_ON_UNKNOWN_PROPERTIES, false);
+ FnUser client = fnUserService.loadUserByUsername(orgUserId);
+ FnUser newUser = new FnUser();
+ newUser.setActiveYn(client.getActiveYn());
+ newUser.setFirstName(client.getFirstName());
+ newUser.setLastName(client.getLastName());
+ newUser.setLoginId(client.getLoginId());
+ newUser.setLoginPwd(client.getLoginPwd());
+ newUser.setMiddleName(client.getMiddleName());
+ newUser.setEmail(client.getEmail());
+ newUser.setOrgUserId(client.getLoginId());
+ try {
+ String userAsString = mapper.writeValueAsString(newUser);
+ List<FnApp> appList = fnAppService.getUserRemoteApps(client.getId().toString());
+ // applicationsRestClientService.post(EPUser.class, appId,
+ // userAsString, String.format("/user", orgUserId));
+ for (FnApp eachApp : appList) {
+ try {
+ applicationsRestClientService.post(FnUser.class, eachApp.getId(), userAsString,
+ String.format("/user/%s", orgUserId));
+ } catch (Exception e) {
+ logger.error(EELFLoggerDelegate.errorLogger, "Failed to update user: " + client.getOrgUserId()
+ + " in remote app. appId = " + eachApp.getId());
+ }
+ }
+ } catch (Exception e) {
+ logger.error(EELFLoggerDelegate.errorLogger, "updateRemoteUserProfile failed", e);
+ return "failure";
+ }
+ return "success";
+ }
+
+ public void deleteById(final Long id) {
+ fnUserRoleDao.deleteById(id);
+ }
}
diff --git a/portal-BE/src/main/java/org/onap/portal/service/fn/FnUserService.java b/portal-BE/src/main/java/org/onap/portal/service/fn/FnUserService.java
index 5c1c84b5..01da50de 100644
--- a/portal-BE/src/main/java/org/onap/portal/service/fn/FnUserService.java
+++ b/portal-BE/src/main/java/org/onap/portal/service/fn/FnUserService.java
@@ -40,17 +40,11 @@
package org.onap.portal.service.fn;
-import com.fasterxml.jackson.core.JsonProcessingException;
-import com.fasterxml.jackson.databind.ObjectMapper;
-import java.security.Principal;
import java.util.ArrayList;
import java.util.List;
import java.util.Optional;
-import org.onap.portal.controller.UserRolesController;
import org.onap.portal.dao.fn.FnUserDao;
import org.onap.portal.domain.db.fn.FnUser;
-import org.onap.portal.domain.dto.transport.UserWithNameSurnameTitle;
-import org.onap.portal.utils.EcompPortalUtils;
import org.onap.portalsdk.core.logging.logic.EELFLoggerDelegate;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.EnableAspectJAutoProxy;
@@ -73,7 +67,7 @@ public class FnUserService implements UserDetailsService {
this.fnUserDao = fnUserDao;
}
- public FnUser saveFnUser(final Principal principal, final FnUser fnUser) {
+ public FnUser saveFnUser(final FnUser fnUser) {
return fnUserDao.save(fnUser);
}
@@ -91,7 +85,7 @@ public class FnUserService implements UserDetailsService {
return Optional.of(fnUserDao.getOne(id));
}
- List<FnUser> getUserWithOrgUserId(final String orgUserIdValue) {
+ public List<FnUser> getUserWithOrgUserId(final String orgUserIdValue) {
return fnUserDao.getUserWithOrgUserId(orgUserIdValue).orElse(new ArrayList<>());
}
diff --git a/portal-BE/src/main/java/org/onap/portal/service/fn/old/AppsCacheService.java b/portal-BE/src/main/java/org/onap/portal/service/fn/old/AppsCacheService.java
deleted file mode 100644
index 7703420b..00000000
--- a/portal-BE/src/main/java/org/onap/portal/service/fn/old/AppsCacheService.java
+++ /dev/null
@@ -1,170 +0,0 @@
-/*
- * ============LICENSE_START==========================================
- * ONAP Portal
- * ===================================================================
- * Copyright (C) 2019 AT&T Intellectual Property. All rights reserved.
- * ===================================================================
- * Modifications Copyright (c) 2019 Samsung
- * ===================================================================
- *
- * Unless otherwise specified, all software contained herein is licensed
- * under the Apache License, Version 2.0 (the "License");
- * you may not use this software except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- *
- * Unless otherwise specified, all documentation contained herein is licensed
- * under the Creative Commons License, Attribution 4.0 Intl. (the "License");
- * you may not use this documentation except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * https://creativecommons.org/licenses/by/4.0/
- *
- * Unless required by applicable law or agreed to in writing, documentation
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- *
- * ============LICENSE_END============================================
- *
- *
- */
-
-package org.onap.portal.service.fn.old;
-
-import java.util.ArrayList;
-import java.util.HashMap;
-import java.util.List;
-import java.util.Map;
-import java.util.stream.Collectors;
-import javax.annotation.PostConstruct;
-import org.onap.portal.domain.db.fn.FnApp;
-import org.onap.portal.domain.dto.transport.OnboardingApp;
-import org.onap.portal.service.fn.FnAppService;
-import org.onap.portalsdk.core.logging.logic.EELFLoggerDelegate;
-import org.springframework.beans.factory.annotation.Autowired;
-import org.springframework.context.annotation.Configuration;
-import org.springframework.context.annotation.EnableAspectJAutoProxy;
-import org.springframework.stereotype.Service;
-
-@Service("appsCacheService")
-@Configuration
-@EnableAspectJAutoProxy
-public class AppsCacheService {
- @Autowired
- private
- FnAppService appsService;
-
- private EELFLoggerDelegate logger = EELFLoggerDelegate.getLogger(AppsCacheService.class);
-
- final class CacheConfiguration {
-
- private long updateTime = 0;
- private int updateInterval = 10;
-
- public CacheConfiguration (long _updateTime, int _updateInterval) {
- updateTime = _updateTime;
- updateInterval = _updateInterval;
- }
- }
-
- private CacheConfiguration quickRefreshCacheConf = null;
- private CacheConfiguration slowRefreshCacheConf = null;
-
-
- private static volatile Map<Long, FnApp> appsMap;
- private static volatile Map<String, FnApp> uebAppsMap;
-
- @PostConstruct
- public void init() {
- quickRefreshCacheConf = new CacheConfiguration(0, 120);
- slowRefreshCacheConf = new CacheConfiguration(0, 3600);
-
- this.refreshAppsMap(quickRefreshCacheConf);
- }
-
- private void refreshAppsMap(CacheConfiguration conf) {
- long now = System.currentTimeMillis();
-
- if(noNeedToUpdate(now, conf))
- return;
-
- synchronized (this) {
- if(noNeedToUpdate(now, conf))
- return;
- List<FnApp> allApps = appsService.getAppsFullList();
- Map<Long, FnApp> newAppsMap = new HashMap<>();
- for (FnApp app : allApps) {
- newAppsMap.put(app.getId(), app);
- }
-
- Map<String, FnApp> newUebAppsMap = new HashMap<>();
- for (FnApp app : allApps) {
- newUebAppsMap.put(app.getUebKey(), app);
- }
- // Switch cache with the new one.
- appsMap = newAppsMap;
- uebAppsMap = newUebAppsMap;
- conf.updateTime = now;
- }
-
- }
-
- private boolean noNeedToUpdate(long now, CacheConfiguration conf) {
- long secondsPassed = (now - conf.updateTime)/1000;
- if(secondsPassed < conf.updateInterval){
- logger.debug(EELFLoggerDelegate.debugLogger, "no need to refresh yet, seconds since last refresh: " + secondsPassed + ", refresh interval (sec) = " + conf.updateInterval);
- return true; // no need to update cache
- }
- return false; // its time to update
- }
-
- public String getAppEndpoint(Long appId) {
- refreshAppsMap(quickRefreshCacheConf);
- FnApp app = appsMap.get(appId);
- if(app != null)
- return app.getAppRestEndpoint();
- return null;
- }
-
- public List<OnboardingApp> getAppsFullList() {
- refreshAppsMap(quickRefreshCacheConf);
- List<FnApp> appList = new ArrayList<>(appsMap.values());
- appList.removeIf(app -> app.getId() == 1);
- List<FnApp> appsFinalList = appList.stream()
- .filter(app -> app.getEnabled() && !app.getOpen()).collect(Collectors.toList());
-
- List<OnboardingApp> onboardingAppsList = new ArrayList<>();
- for (FnApp app : appsFinalList) {
- OnboardingApp onboardingApp = new OnboardingApp();
- appsService.createOnboardingFromApp(app, onboardingApp);
- onboardingAppsList.add(onboardingApp);
- }
- return onboardingAppsList;
- }
-
- public FnApp getApp(Long appId) {
- refreshAppsMap(quickRefreshCacheConf);
- FnApp app = appsMap.get(appId);
- return app;
- }
-
- public FnApp getAppFromUeb(String appKey) {
- return getAppFromUeb(appKey,0);
- }
-
- public FnApp getAppFromUeb(String appKey, Integer quickCacheRefresh) {
- refreshAppsMap(quickCacheRefresh == 1 ? quickRefreshCacheConf:slowRefreshCacheConf);
- FnApp app = uebAppsMap.get(appKey);
- return app;
- }
-
-}
diff --git a/portal-BE/src/main/java/org/onap/portal/utils/EPUserUtils.java b/portal-BE/src/main/java/org/onap/portal/utils/EPUserUtils.java
index b72a8297..968e64f4 100644
--- a/portal-BE/src/main/java/org/onap/portal/utils/EPUserUtils.java
+++ b/portal-BE/src/main/java/org/onap/portal/utils/EPUserUtils.java
@@ -58,6 +58,7 @@ import lombok.NoArgsConstructor;
import org.apache.commons.codec.DecoderException;
import org.apache.commons.codec.binary.Hex;
import org.onap.portal.domain.db.fn.FnRole;
+import org.onap.portal.domain.db.fn.FnRoleComposite;
import org.onap.portal.domain.db.fn.FnUser;
import org.onap.portal.domain.db.fn.FnUserRole;
import org.onap.portal.exception.RoleFunctionException;
@@ -249,7 +250,7 @@ public class EPUserUtils {
// Additionally; the account admin role is overloaded between onap
// portal and partners; lets also include that
- for (FnUserRole epUserApp : user.getFnUserRoles()) {
+ for (FnUserRole epUserApp : user.getUserApps()) {
FnRole role = epUserApp.getRoleId();
if (role.getActiveYn() && role.getRoleId().equals(ACCOUNT_ADMIN_ROLE_ID)) {
@@ -272,8 +273,8 @@ public class EPUserUtils {
*/
@SuppressWarnings({"rawtypes", "unchecked"})
private static void addChildRoles(FnRole role, HashMap roles) {
- Set<FnRole> childRoles = role.getFnRoles();
- if (childRoles != null && !childRoles.isEmpty()) {
+ Set<FnRole> childRoles = role.getChildRoles().stream().map(FnRoleComposite::getChildRoles).collect(Collectors.toSet());
+ if (!childRoles.isEmpty()) {
for (Object o : childRoles) {
FnRole childRole = (FnRole) o;
if (childRole.getActiveYn()) {