summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--portal-BE/pom.xml18
-rw-r--r--portal-BE/src/main/java/org/onap/portal/controller/SchedulerController.java398
-rw-r--r--portal-BE/src/main/java/org/onap/portal/scheduler/SchedulerProperties.java147
-rw-r--r--portal-BE/src/main/java/org/onap/portal/scheduler/SchedulerResponseWrapper.java119
-rw-r--r--portal-BE/src/main/java/org/onap/portal/scheduler/SchedulerRestInt.java54
-rw-r--r--portal-BE/src/main/java/org/onap/portal/scheduler/SchedulerRestInterface.java301
-rw-r--r--portal-BE/src/main/java/org/onap/portal/scheduler/SchedulerUtil.java136
-rw-r--r--portal-BE/src/main/java/org/onap/portal/scheduler/client/HttpBasicClient.java73
-rw-r--r--portal-BE/src/main/java/org/onap/portal/scheduler/client/HttpsBasicClient.java113
-rw-r--r--portal-BE/src/main/java/org/onap/portal/scheduler/policy/rest/RequestDetails.java127
-rw-r--r--portal-BE/src/main/java/org/onap/portal/scheduler/restobjects/GetTimeSlotsRestObject.java44
-rw-r--r--portal-BE/src/main/java/org/onap/portal/scheduler/restobjects/PostCreateNewVnfRestObject.java50
-rw-r--r--portal-BE/src/main/java/org/onap/portal/scheduler/restobjects/PostSubmitVnfChangeRestObject.java45
-rw-r--r--portal-BE/src/main/java/org/onap/portal/scheduler/restobjects/RestObject.java65
-rw-r--r--portal-BE/src/main/java/org/onap/portal/scheduler/util/CustomJacksonJaxBJsonProvider.java80
-rw-r--r--portal-BE/src/main/java/org/onap/portal/scheduler/wrapper/GetTimeSlotsWrapper.java42
-rw-r--r--portal-BE/src/main/java/org/onap/portal/scheduler/wrapper/PostCreateNewVnfWrapper.java82
-rw-r--r--portal-BE/src/main/java/org/onap/portal/scheduler/wrapper/PostSubmitVnfChangeTimeSlotsWrapper.java82
-rw-r--r--portal-BE/src/main/java/org/onap/portal/scheduler/wrapper/SchedulerResponseWrapper.java105
-rw-r--r--portal-BE/src/main/java/org/onap/portal/service/AdminRolesService.java3256
-rw-r--r--portal-BE/src/main/java/org/onap/portal/utils/DateUtil.java58
-rw-r--r--portal-BE/src/main/resources/conf/scheduler.properties61
22 files changed, 3853 insertions, 1603 deletions
diff --git a/portal-BE/pom.xml b/portal-BE/pom.xml
index 94340971..77336be7 100644
--- a/portal-BE/pom.xml
+++ b/portal-BE/pom.xml
@@ -158,6 +158,24 @@
<version>1.5.13</version>
<scope>compile</scope>
</dependency>
+ <dependency>
+ <groupId>org.glassfish.jersey.core</groupId>
+ <artifactId>jersey-client</artifactId>
+ <version>2.29.1</version>
+ <scope>compile</scope>
+ </dependency>
+ <dependency>
+ <groupId>org.eclipse.jetty</groupId>
+ <artifactId>jetty-util</artifactId>
+ <version>9.4.18.v20190429</version>
+ <scope>compile</scope>
+ </dependency>
+ <dependency>
+ <groupId>com.fasterxml.jackson.jaxrs</groupId>
+ <artifactId>jackson-jaxrs-json-provider</artifactId>
+ <version>2.10.0</version>
+ <scope>compile</scope>
+ </dependency>
</dependencies>
<properties>
<docker.image.prefix>portal</docker.image.prefix>
diff --git a/portal-BE/src/main/java/org/onap/portal/controller/SchedulerController.java b/portal-BE/src/main/java/org/onap/portal/controller/SchedulerController.java
new file mode 100644
index 00000000..abc6a12e
--- /dev/null
+++ b/portal-BE/src/main/java/org/onap/portal/controller/SchedulerController.java
@@ -0,0 +1,398 @@
+/*
+ * ============LICENSE_START==========================================
+ * ONAP Portal
+ * ===================================================================
+ * Copyright (C) 2019 AT&T Intellectual Property. All rights reserved.
+ * ===================================================================
+ * Modifications Copyright (c) 2019 Samsung
+ * ===================================================================
+ *
+ * Unless otherwise specified, all software contained herein is licensed
+ * under the Apache License, Version 2.0 (the "License");
+ * you may not use this software except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ * Unless otherwise specified, all documentation contained herein is licensed
+ * under the Creative Commons License, Attribution 4.0 Intl. (the "License");
+ * you may not use this documentation except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * https://creativecommons.org/licenses/by/4.0/
+ *
+ * Unless required by applicable law or agreed to in writing, documentation
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ * ============LICENSE_END============================================
+ *
+ *
+ */
+
+package org.onap.portal.controller;
+
+import java.text.DateFormat;
+import java.text.SimpleDateFormat;
+import java.util.Date;
+import java.util.HashMap;
+import java.util.Map;
+import java.util.Set;
+import java.util.UUID;
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+import org.json.JSONObject;
+import org.onap.portal.domain.db.fn.FnUser;
+import org.onap.portal.domain.dto.PortalRestResponse;
+import org.onap.portal.domain.dto.PortalRestStatusEnum;
+import org.onap.portal.logging.aop.EPAuditLog;
+import org.onap.portal.logging.logic.EPLogUtil;
+import org.onap.portal.scheduler.SchedulerProperties;
+import org.onap.portal.scheduler.SchedulerRestInterface;
+import org.onap.portal.scheduler.SchedulerUtil;
+import org.onap.portal.scheduler.restobjects.GetTimeSlotsRestObject;
+import org.onap.portal.scheduler.restobjects.PostCreateNewVnfRestObject;
+import org.onap.portal.scheduler.restobjects.PostSubmitVnfChangeRestObject;
+import org.onap.portal.scheduler.wrapper.GetTimeSlotsWrapper;
+import org.onap.portal.scheduler.wrapper.PostCreateNewVnfWrapper;
+import org.onap.portal.scheduler.wrapper.PostSubmitVnfChangeTimeSlotsWrapper;
+import org.onap.portal.service.AdminRolesService;
+import org.onap.portal.utils.EPUserUtils;
+import org.onap.portal.utils.PortalConstants;
+import org.onap.portalsdk.core.logging.logic.EELFLoggerDelegate;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.context.annotation.EnableAspectJAutoProxy;
+import org.springframework.http.HttpStatus;
+import org.springframework.http.ResponseEntity;
+import org.springframework.web.bind.annotation.PathVariable;
+import org.springframework.web.bind.annotation.RequestBody;
+import org.springframework.web.bind.annotation.RequestMapping;
+import org.springframework.web.bind.annotation.RequestMethod;
+import org.springframework.web.bind.annotation.RestController;
+
+@EPAuditLog
+@RestController
+@EnableAspectJAutoProxy
+@RequestMapping(PortalConstants.PORTAL_AUX_API)
+public class SchedulerController {
+
+ private static final String USER_IS_UNAUTHORIZED_TO_MAKE_THIS_CALL = "User is unauthorized to make this call";
+
+ private static final EELFLoggerDelegate logger = EELFLoggerDelegate.getLogger(SchedulerController.class);
+ private static final DateFormat requestDateFormat = new SimpleDateFormat("EEE, dd MMM YYYY HH:mm:ss z");
+
+ private SchedulerRestInterface schedulerRestController;
+ private AdminRolesService adminRolesService;
+
+ @Autowired
+ public SchedulerController(
+ final SchedulerRestInterface schedulerRestController,
+ final AdminRolesService adminRolesService) {
+ this.schedulerRestController = schedulerRestController;
+ this.adminRolesService = adminRolesService;
+ }
+
+ @RequestMapping(value = "/get_time_slots/{scheduler_request}", method = RequestMethod.GET, produces = "application/json")
+ public ResponseEntity<String> getTimeSlots(HttpServletRequest request,
+ @PathVariable("scheduler_request") String schedulerRequest) throws Exception {
+ if (checkIfUserISValidToMakeSchedule(request)) {
+ try {
+ Date startingTime = new Date();
+ String startTimeRequest = requestDateFormat.format(startingTime);
+ logger.debug(EELFLoggerDelegate.debugLogger,
+ "Controller Scheduler GET Timeslots for startTimeRequest: ", startTimeRequest);
+ logger.debug(EELFLoggerDelegate.debugLogger, "Original Request = {} ", schedulerRequest);
+
+ String path = SchedulerProperties.getProperty(SchedulerProperties.SCHEDULER_GET_TIME_SLOTS)
+ + schedulerRequest;
+
+ GetTimeSlotsWrapper schedulerResWrapper = getTimeSlots(path, schedulerRequest);
+
+ Date endTime = new Date();
+ String endTimeRequest = requestDateFormat.format(endTime);
+ logger.debug(EELFLoggerDelegate.debugLogger, "Controller Scheduler - GET for EndTimeRequest = {}",
+ endTimeRequest);
+ return (new ResponseEntity<>(schedulerResWrapper.getResponse(),
+ HttpStatus.valueOf(schedulerResWrapper.getStatus())));
+ } catch (Exception e) {
+ GetTimeSlotsWrapper schedulerResWrapper = new GetTimeSlotsWrapper();
+ schedulerResWrapper.setStatus(HttpStatus.INTERNAL_SERVER_ERROR.value());
+ schedulerResWrapper.setEntity(e.getMessage());
+ logger.error(EELFLoggerDelegate.errorLogger, "Exception with getTimeslots", e);
+ return (new ResponseEntity<>(schedulerResWrapper.getResponse(),
+ HttpStatus.INTERNAL_SERVER_ERROR));
+ }
+ } else {
+ return (new ResponseEntity<>(USER_IS_UNAUTHORIZED_TO_MAKE_THIS_CALL, HttpStatus.UNAUTHORIZED));
+ }
+ }
+
+ @RequestMapping(value = "/post_create_new_vnf_change", method = RequestMethod.POST, produces = "application/json")
+ public ResponseEntity<String> postCreateNewVNFChange(HttpServletRequest request,
+ @RequestBody JSONObject schedulerRequest) throws Exception {
+ if (checkIfUserISValidToMakeSchedule(request)) {
+ try {
+ Date startingTime = new Date();
+ String startTimeRequest = requestDateFormat.format(startingTime);
+
+ logger.debug(EELFLoggerDelegate.debugLogger, "Controller Scheduler POST : post_create_new_vnf_change",
+ startTimeRequest);
+
+ // Generating uuid
+ String uuid = UUID.randomUUID().toString();
+
+ schedulerRequest.put("scheduleId", uuid);
+ logger.debug(EELFLoggerDelegate.debugLogger, "UUID = {} ", uuid);
+
+ // adding uuid to the request payload
+ schedulerRequest.put("scheduleId", uuid);
+ logger.debug(EELFLoggerDelegate.debugLogger, "Original Request = {}", schedulerRequest.toString());
+
+ String path = SchedulerProperties
+ .getProperty(SchedulerProperties.SCHEDULER_CREATE_NEW_VNF_CHANGE_INSTANCE_VAL) + uuid;
+
+ PostCreateNewVnfWrapper responseWrapper = postSchedulingRequest(schedulerRequest, path, uuid);
+
+ Date endTime = new Date();
+ String endTimeRequest = requestDateFormat.format(endTime);
+ logger.debug(EELFLoggerDelegate.debugLogger, "Controller Scheduler - POST= {}", endTimeRequest);
+
+ return new ResponseEntity<>(responseWrapper.getResponse(),
+ HttpStatus.valueOf(responseWrapper.getStatus()));
+ } catch (Exception e) {
+ PostCreateNewVnfWrapper responseWrapper = new PostCreateNewVnfWrapper();
+ responseWrapper.setStatus(HttpStatus.INTERNAL_SERVER_ERROR.value());
+ responseWrapper.setEntity(e.getMessage());
+ logger.error(EELFLoggerDelegate.errorLogger, "Exception with postCreateNewVNFChange ", e);
+ return (new ResponseEntity<>(responseWrapper.getResponse(), HttpStatus.INTERNAL_SERVER_ERROR));
+
+ }
+ } else {
+ return (new ResponseEntity<>(USER_IS_UNAUTHORIZED_TO_MAKE_THIS_CALL, HttpStatus.UNAUTHORIZED));
+ }
+ }
+
+ @RequestMapping(value = "/submit_vnf_change_timeslots", method = RequestMethod.POST, produces = "application/json")
+ public ResponseEntity<String> postSubmitVnfChangeTimeslots(HttpServletRequest request,
+ @RequestBody JSONObject schedulerRequest) throws Exception {
+ if (checkIfUserISValidToMakeSchedule(request)) {
+ try {
+ Date startingTime = new Date();
+ String startTimeRequest = requestDateFormat.format(startingTime);
+ logger.debug(EELFLoggerDelegate.debugLogger,
+ " Controller Scheduler POST : submit_vnf_change_timeslots = {}",
+ startTimeRequest);
+
+ // Generating uuid
+ String uuid = (String) schedulerRequest.get("scheduleId");
+ logger.debug(EELFLoggerDelegate.debugLogger, "UUID = {} ", uuid);
+
+ schedulerRequest.remove("scheduleId");
+ logger.debug(EELFLoggerDelegate.debugLogger, "Original Request for the schedulerId= {} ",
+ schedulerRequest.toString());
+
+ String path = SchedulerProperties.getProperty(SchedulerProperties.SCHEDULER_SUBMIT_NEW_VNF_CHANGE)
+ .replace("{scheduleId}", uuid);
+
+ PostSubmitVnfChangeTimeSlotsWrapper responseWrapper = postSubmitSchedulingRequest(schedulerRequest,
+ path,
+ uuid);
+
+ Date endTime = new Date();
+ String endTimeRequest = requestDateFormat.format(endTime);
+ logger.debug(EELFLoggerDelegate.debugLogger,
+ " Controller Scheduler - POST Submit for end time request= {}",
+ endTimeRequest);
+
+ return (new ResponseEntity<>(responseWrapper.getResponse(),
+ HttpStatus.valueOf(responseWrapper.getStatus())));
+ } catch (Exception e) {
+ PostSubmitVnfChangeTimeSlotsWrapper responseWrapper = new PostSubmitVnfChangeTimeSlotsWrapper();
+ responseWrapper.setStatus(HttpStatus.INTERNAL_SERVER_ERROR.value());
+ responseWrapper.setEntity(e.getMessage());
+ logger.error(EELFLoggerDelegate.errorLogger, "Exception with Post submit Vnf change Timeslots", e);
+ return (new ResponseEntity<>(responseWrapper.getResponse(), HttpStatus.INTERNAL_SERVER_ERROR));
+
+ }
+ } else {
+ return (new ResponseEntity<>(USER_IS_UNAUTHORIZED_TO_MAKE_THIS_CALL, HttpStatus.UNAUTHORIZED));
+ }
+ }
+
+ @RequestMapping(value = "/get_scheduler_constant", method = RequestMethod.GET, produces = "application/json")
+ public PortalRestResponse<Map<String, String>> getSchedulerConstant(HttpServletRequest request,
+ HttpServletResponse response) throws Exception {
+ logger.debug(EELFLoggerDelegate.debugLogger, "get scheduler constant");
+
+ PortalRestResponse<Map<String, String>> portalRestResponse;
+
+ if (checkIfUserISValidToMakeSchedule(request)) {
+ String errorMsg = " is not defined in property file. Please check the property file and make sure all the schedule constant values are defined";
+ HashMap<String, String> constantMap = new HashMap<>();
+ constantMap.put(SchedulerProperties.SCHEDULER_DOMAIN_NAME, "domainName");
+ constantMap.put(SchedulerProperties.SCHEDULER_SCHEDULE_NAME, "scheduleName");
+ constantMap.put(SchedulerProperties.SCHEDULER_WORKFLOW_NAME, "workflowName");
+ constantMap.put(SchedulerProperties.SCHEDULER_CALLBACK_URL, "callbackUrl");
+ constantMap.put(SchedulerProperties.SCHEDULER_APPROVAL_TYPE, "approvalType");
+ constantMap.put(SchedulerProperties.SCHEDULER_APPROVAL_SUBMIT_STATUS, "approvalSubmitStatus");
+ constantMap.put(SchedulerProperties.SCHEDULER_APPROVAL_REJECT_STATUS, "approvalRejectStatus");
+ constantMap.put(SchedulerProperties.SCHEDULER_POLICY_NAME, "policyName");
+ constantMap.put(SchedulerProperties.SCHEDULER_INTERVAL_GET_TIMESLOT_RATE, "intervalRate");
+ constantMap.put(SchedulerProperties.SCHEDULER_GROUP_ID, "groupId");
+ try {
+ Map<String, String> map = new HashMap<>();
+ for (Map.Entry<String, String> entry : constantMap.entrySet()) {
+ if (SchedulerProperties.containsProperty(entry.getKey())) {
+ map.put(entry.getValue(), SchedulerProperties.getProperty(entry.getKey()));
+ } else {
+ throw new Exception(entry.getKey() + errorMsg);
+ }
+ }
+ logger.debug(EELFLoggerDelegate.debugLogger, " portalRestResponse - getSchedulerConstant= {}", map);
+ portalRestResponse = new PortalRestResponse<>(PortalRestStatusEnum.OK, "success",
+ map);
+
+ } catch (Exception e) {
+ logger.error(EELFLoggerDelegate.errorLogger, "getSchedulerConstant failed", e);
+ portalRestResponse = new PortalRestResponse<>(PortalRestStatusEnum.ERROR,
+ e.getMessage(), null);
+ }
+
+ } else {
+ logger.error(EELFLoggerDelegate.errorLogger,
+ "getSchedulerConstant failed: User unauthorized to make this call");
+ portalRestResponse = new PortalRestResponse<>(PortalRestStatusEnum.ERROR, "failed : Unauthorized", null);
+ }
+ return portalRestResponse;
+ }
+
+ private GetTimeSlotsWrapper getTimeSlots(String path, String uuid) throws Exception {
+
+ try {
+ logger.debug(EELFLoggerDelegate.debugLogger, "Get Time Slots Request START");
+
+ GetTimeSlotsRestObject<String> restObjStr = new GetTimeSlotsRestObject<>();
+ String str = "";
+
+ restObjStr.setT(str);
+
+ schedulerRestController.get(str, uuid, path, restObjStr);
+ GetTimeSlotsWrapper schedulerRespWrapper = SchedulerUtil.getTimeSlotsWrapResponse(restObjStr);
+ logger.debug(EELFLoggerDelegate.debugLogger, "Get Time Slots Request END : Response: {}",
+ schedulerRespWrapper.getResponse());
+ if (schedulerRespWrapper.getStatus() != 200 && schedulerRespWrapper.getStatus() != 204
+ && schedulerRespWrapper.getStatus() != 202) {
+ String message = String.format(
+ " getTimeslots Information failed . SchedulerResponseWrapper for gettimeslots: {}",
+ schedulerRespWrapper.getResponse());
+ logger.error(EELFLoggerDelegate.errorLogger, message);
+ EPLogUtil.schedulerAccessAlarm(logger, schedulerRespWrapper.getStatus());
+
+ }
+ return schedulerRespWrapper;
+
+ } catch (Exception e) {
+ logger.error(EELFLoggerDelegate.errorLogger, "Get Time Slots Request ERROR : Exception:", e);
+ throw e;
+ }
+ }
+
+ private PostCreateNewVnfWrapper postSchedulingRequest(JSONObject request, String path, String uuid)
+ throws Exception {
+
+ try {
+ PostCreateNewVnfRestObject<String> restObjStr = new PostCreateNewVnfRestObject<>();
+ String str = "";
+
+ restObjStr.setT(str);
+ schedulerRestController.post(str, request, path, restObjStr);
+
+ int status = restObjStr.getStatusCode();
+ if (status >= 200 && status <= 299) {
+ restObjStr.setUuid(uuid);
+ }
+
+ PostCreateNewVnfWrapper responseWrapper = SchedulerUtil.postCreateNewVnfWrapResponse(restObjStr);
+
+ logger.debug(EELFLoggerDelegate.debugLogger, " Post Create New Vnf Scheduling Request END : Response = {}",
+ responseWrapper.getResponse());
+ if (responseWrapper.getStatus() != 200 && responseWrapper.getStatus() != 202
+ && responseWrapper.getStatus() != 204) {
+ logger.error(EELFLoggerDelegate.errorLogger, "PostCreateNewVnfWrapper Information failed",
+ responseWrapper.getResponse());
+ EPLogUtil.schedulerAccessAlarm(logger, responseWrapper.getStatus());
+
+ }
+ return responseWrapper;
+
+ } catch (Exception e) {
+ logger.error(EELFLoggerDelegate.errorLogger,
+ "PostCreateNewVnfWrapper failed . Post Create New Vnf Scheduling Request ERROR :", e);
+ throw e;
+ }
+ }
+
+ private PostSubmitVnfChangeTimeSlotsWrapper postSubmitSchedulingRequest(JSONObject request, String path,
+ String uuid) throws Exception {
+
+ try {
+ PostSubmitVnfChangeRestObject<String> restObjStr = new PostSubmitVnfChangeRestObject<>();
+ String str = "";
+
+ restObjStr.setT(str);
+ schedulerRestController.post(str, request, path, restObjStr);
+
+ int status = restObjStr.getStatusCode();
+ if (status >= 200 && status <= 299) {
+ status = (status == 204) ? 200 : status;
+ restObjStr.setStatusCode(status);
+ restObjStr.setUuid(uuid);
+ }
+
+ PostSubmitVnfChangeTimeSlotsWrapper responseWrapper = SchedulerUtil
+ .postSubmitNewVnfWrapResponse(restObjStr);
+ logger.debug(EELFLoggerDelegate.debugLogger, "Post Submit Scheduling Request END : Response = {}",
+ responseWrapper.getResponse());
+ if (responseWrapper.getStatus() != 200 && responseWrapper.getStatus() != 202
+ && responseWrapper.getStatus() != 204) {
+ logger.error(EELFLoggerDelegate.errorLogger, "PostCreateNewVnfWrapper Information failed",
+ responseWrapper.getResponse());
+ EPLogUtil.schedulerAccessAlarm(logger, responseWrapper.getStatus());
+
+ }
+ return responseWrapper;
+
+ } catch (Exception e) {
+ logger.error(EELFLoggerDelegate.errorLogger,
+ " PostCreateNewVnfWrapper failed . Post Submit Scheduling Request ERROR :", e);
+ throw e;
+ }
+ }
+
+ private String getPath(HttpServletRequest request) {
+ String requestURI = request.getRequestURI();
+ String portalApiPath = "";
+ if (requestURI != null) {
+ String[] uriArray = requestURI.split("/portalApi/");
+ if (uriArray.length > 1) {
+ portalApiPath = uriArray[1];
+ }
+ }
+ return portalApiPath;
+ }
+
+ private boolean checkIfUserISValidToMakeSchedule(HttpServletRequest request) throws Exception {
+ FnUser user = EPUserUtils.getUserSession(request);
+ String portalApiPath = getPath(request);
+ Set<String> functionCodeList = adminRolesService.getAllAppsFunctionsOfUser(user.getId().toString());
+ return EPUserUtils.matchRoleFunctions(portalApiPath, functionCodeList);
+ }
+}
diff --git a/portal-BE/src/main/java/org/onap/portal/scheduler/SchedulerProperties.java b/portal-BE/src/main/java/org/onap/portal/scheduler/SchedulerProperties.java
new file mode 100644
index 00000000..74669abb
--- /dev/null
+++ b/portal-BE/src/main/java/org/onap/portal/scheduler/SchedulerProperties.java
@@ -0,0 +1,147 @@
+/*
+ * ============LICENSE_START==========================================
+ * ONAP Portal
+ * ===================================================================
+ * Copyright (C) 2019 AT&T Intellectual Property. All rights reserved.
+ * ===================================================================
+ * Modifications Copyright (c) 2019 Samsung
+ * ===================================================================
+ *
+ * Unless otherwise specified, all software contained herein is licensed
+ * under the Apache License, Version 2.0 (the "License");
+ * you may not use this software except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ * Unless otherwise specified, all documentation contained herein is licensed
+ * under the Creative Commons License, Attribution 4.0 Intl. (the "License");
+ * you may not use this documentation except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * https://creativecommons.org/licenses/by/4.0/
+ *
+ * Unless required by applicable law or agreed to in writing, documentation
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ * ============LICENSE_END============================================
+ *
+ *
+ */
+
+package org.onap.portal.scheduler;
+
+import org.onap.portalsdk.core.logging.logic.EELFLoggerDelegate;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.context.annotation.Configuration;
+import org.springframework.context.annotation.PropertySource;
+import org.springframework.core.env.Environment;
+
+@Configuration
+@PropertySource(value = { "classpath:/conf/scheduler.properties" })
+public class SchedulerProperties {
+
+ private static EELFLoggerDelegate logger = EELFLoggerDelegate.getLogger(SchedulerProperties.class);
+
+ private static Environment environment;
+
+
+ public SchedulerProperties() {
+ }
+
+ protected Environment getEnvironment() {
+ return environment;
+ }
+
+ @Autowired
+ public void setEnvironment(Environment environment) {
+ SchedulerProperties.environment = environment;
+ }
+
+ public static boolean containsProperty(String key) {
+ return environment.containsProperty(key);
+ }
+
+ public static String getProperty(String key) {
+ String value = "";
+ if (environment == null) {
+ logger.error(EELFLoggerDelegate.errorLogger, "getProperty: environment is null, should never happen!");
+ } else {
+ value = environment.getRequiredProperty(key);
+ if (value != null)
+ value = value.trim();
+ }
+ return value;
+ }
+
+ public static final String SCHEDULER_USER_NAME_VAL = "scheduler.user.name";
+
+ public static final String SCHEDULER_PASSWORD_VAL = "scheduler.password";
+
+ public static final String SCHEDULER_SERVER_URL_VAL = "scheduler.server.url";
+
+ public static final String SCHEDULER_CREATE_NEW_VNF_CHANGE_INSTANCE_VAL = "scheduler.create.new.vnf.change.instance";
+
+ public static final String SCHEDULER_GET_TIME_SLOTS = "scheduler.get.time.slots";
+
+ public static final String SCHEDULER_SUBMIT_NEW_VNF_CHANGE = "scheduler.submit.new.vnf.change";
+
+ public static final String SCHEDULERAUX_CLIENTAUTH_VAL = "scheduleraux.ClientAuth";
+
+ public static final String SCHEDULERAUX_CLIENT_MECHID_VAL = "scheduleraux.client.mechId";
+
+ public static final String SCHEDULERAUX_CLIENT_PASSWORD_VAL = "scheduleraux.client.password";
+
+ public static final String SCHEDULERAUX_USERNAME_VAL = "scheduleraux.username";
+
+ public static final String SCHEDULERAUX_PASSWORD_VAL = "scheduleraux.password";
+
+ public static final String SCHEDULERAUX_AUTHORIZATION_VAL = "scheduleraux.Authorization";
+
+ public static final String SCHEDULERAUX_SERVER_URL_VAL = "scheduleraux.server.url";
+
+ public static final String SCHEDULERAUX_ENVIRONMENT_VAL = "scheduleraux.environment";
+
+ public static final String SCHEDULERAUX_GET_CONFIG_VAL = "scheduleraux.get.config";
+
+
+ /** The Constant VID_TRUSTSTORE_FILENAME. */
+ public static final String VID_TRUSTSTORE_FILENAME = "vid.truststore.filename";
+
+ /** The Constant VID_TRUSTSTORE_PASSWD_X. */
+ public static final String VID_TRUSTSTORE_PASSWD_X = "vid.truststore.passwd.x";
+
+ /** The Constant FILESEPARATOR. */
+ public static final String FILESEPARATOR = (System.getProperty("file.separator") == null) ? "/" : System.getProperty("file.separator");
+
+ /** Scheduler UI constant **/
+ public static final String SCHEDULER_DOMAIN_NAME = "scheduler.domain.name";
+
+ public static final String SCHEDULER_SCHEDULE_NAME = "scheduler.schedule.name";
+
+ public static final String SCHEDULER_WORKFLOW_NAME = "scheduler.workflow.name";
+
+ public static final String SCHEDULER_CALLBACK_URL = "scheduler.callback.url";
+
+ public static final String SCHEDULER_APPROVAL_TYPE = "scheduler.approval.type";
+
+ public static final String SCHEDULER_APPROVAL_SUBMIT_STATUS = "scheduler.approval.submit.status";
+
+ public static final String SCHEDULER_APPROVAL_REJECT_STATUS = "scheduler.approval.reject.status";
+
+ public static final String SCHEDULER_INTERVAL_GET_TIMESLOT_RATE = "scheduler.interval.get.timeslot.rate";
+
+ public static final String SCHEDULER_POLICY_NAME = "scheduler.policy.name";
+
+ public static final String SCHEDULER_GROUP_ID = "scheduler.group.id";
+
+}
diff --git a/portal-BE/src/main/java/org/onap/portal/scheduler/SchedulerResponseWrapper.java b/portal-BE/src/main/java/org/onap/portal/scheduler/SchedulerResponseWrapper.java
new file mode 100644
index 00000000..4e9c6995
--- /dev/null
+++ b/portal-BE/src/main/java/org/onap/portal/scheduler/SchedulerResponseWrapper.java
@@ -0,0 +1,119 @@
+/*
+ * ============LICENSE_START==========================================
+ * ONAP Portal
+ * ===================================================================
+ * Copyright (C) 2019 AT&T Intellectual Property. All rights reserved.
+ * ===================================================================
+ * Modifications Copyright (c) 2019 Samsung
+ * ===================================================================
+ *
+ * Unless otherwise specified, all software contained herein is licensed
+ * under the Apache License, Version 2.0 (the "License");
+ * you may not use this software except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ * Unless otherwise specified, all documentation contained herein is licensed
+ * under the Creative Commons License, Attribution 4.0 Intl. (the "License");
+ * you may not use this documentation except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * https://creativecommons.org/licenses/by/4.0/
+ *
+ * Unless required by applicable law or agreed to in writing, documentation
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ * ============LICENSE_END============================================
+ *
+ *
+ */
+
+package org.onap.portal.scheduler;
+
+import com.fasterxml.jackson.annotation.JsonInclude;
+import com.fasterxml.jackson.annotation.JsonProperty;
+import com.fasterxml.jackson.annotation.JsonPropertyOrder;
+import com.fasterxml.jackson.core.JsonProcessingException;
+import com.fasterxml.jackson.databind.ObjectMapper;
+import java.io.IOException;
+import java.util.LinkedHashMap;
+import java.util.Map;
+import org.apache.commons.lang.builder.ToStringBuilder;
+
+/**
+ * This wrapper encapsulates the Scheduler response
+ */
+@JsonInclude(JsonInclude.Include.NON_NULL)
+@JsonPropertyOrder({
+ "status",
+ "entity",
+ "uuid"
+})
+
+public class SchedulerResponseWrapper {
+
+ @JsonProperty("status")
+ private int status;
+
+ @JsonProperty("entity")
+ private String entity;
+
+ @JsonProperty("uuid")
+ private String uuid;
+
+ @JsonProperty("entity")
+ public String getEntity() {
+ return entity;
+ }
+
+ @JsonProperty("status")
+ public int getStatus() {
+ return status;
+ }
+
+ @JsonProperty("uuid")
+ public String getUuid() {
+ return uuid;
+ }
+
+ @JsonProperty("status")
+ public void setStatus(int v) {
+ this.status = v;
+ }
+
+ @JsonProperty("entity")
+ public void setEntity(String v) {
+ this.entity = v;
+ }
+
+ @JsonProperty("uuid")
+ public void setUuid(String v) {
+ this.uuid = v;
+ }
+
+ @Override
+ public String toString() {
+ return ToStringBuilder.reflectionToString(this);
+ }
+
+ public String getResponse () throws JsonProcessingException,IOException {
+ Map<String, Object> map = new LinkedHashMap<>();
+ map.put("status", getStatus());
+ map.put("entity", getEntity());
+ map.put("uuid", getUuid());
+ ObjectMapper objectMapper = new ObjectMapper();
+ String jsonResponse = objectMapper.writeValueAsString(map);
+ return jsonResponse;
+ }
+
+}
diff --git a/portal-BE/src/main/java/org/onap/portal/scheduler/SchedulerRestInt.java b/portal-BE/src/main/java/org/onap/portal/scheduler/SchedulerRestInt.java
new file mode 100644
index 00000000..7f914038
--- /dev/null
+++ b/portal-BE/src/main/java/org/onap/portal/scheduler/SchedulerRestInt.java
@@ -0,0 +1,54 @@
+/*
+ * ============LICENSE_START==========================================
+ * ONAP Portal
+ * ===================================================================
+ * Copyright (C) 2019 AT&T Intellectual Property. All rights reserved.
+ * ===================================================================
+ * Modifications Copyright (c) 2019 Samsung
+ * ===================================================================
+ *
+ * Unless otherwise specified, all software contained herein is licensed
+ * under the Apache License, Version 2.0 (the "License");
+ * you may not use this software except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ * Unless otherwise specified, all documentation contained herein is licensed
+ * under the Creative Commons License, Attribution 4.0 Intl. (the "License");
+ * you may not use this documentation except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * https://creativecommons.org/licenses/by/4.0/
+ *
+ * Unless required by applicable law or agreed to in writing, documentation
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ * ============LICENSE_END============================================
+ *
+ *
+ */
+
+package org.onap.portal.scheduler;
+
+import org.onap.portal.utils.DateUtil;
+import org.onap.portalsdk.core.logging.logic.EELFLoggerDelegate;
+
+public class SchedulerRestInt {
+
+ /** The logger. */
+ EELFLoggerDelegate logger = EELFLoggerDelegate.getLogger(SchedulerRestInterface.class);
+
+ public SchedulerRestInt() {
+ DateUtil.getRequestDateFormat().setTimeZone(java.util.TimeZone.getTimeZone("GMT"));
+ }
+}
diff --git a/portal-BE/src/main/java/org/onap/portal/scheduler/SchedulerRestInterface.java b/portal-BE/src/main/java/org/onap/portal/scheduler/SchedulerRestInterface.java
new file mode 100644
index 00000000..a6066fdb
--- /dev/null
+++ b/portal-BE/src/main/java/org/onap/portal/scheduler/SchedulerRestInterface.java
@@ -0,0 +1,301 @@
+/*
+ * ============LICENSE_START==========================================
+ * ONAP Portal
+ * ===================================================================
+ * Copyright (C) 2019 AT&T Intellectual Property. All rights reserved.
+ * ===================================================================
+ * Modifications Copyright (c) 2019 Samsung
+ * ===================================================================
+ *
+ * Unless otherwise specified, all software contained herein is licensed
+ * under the Apache License, Version 2.0 (the "License");
+ * you may not use this software except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ * Unless otherwise specified, all documentation contained herein is licensed
+ * under the Creative Commons License, Attribution 4.0 Intl. (the "License");
+ * you may not use this documentation except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * https://creativecommons.org/licenses/by/4.0/
+ *
+ * Unless required by applicable law or agreed to in writing, documentation
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ * ============LICENSE_END============================================
+ *
+ *
+ */
+
+package org.onap.portal.scheduler;
+
+import com.google.gson.Gson;
+import com.google.gson.GsonBuilder;
+import com.google.gson.JsonDeserializer;
+import java.util.Collections;
+import java.util.Date;
+import javax.security.auth.login.CredentialException;
+import javax.ws.rs.client.Client;
+import javax.ws.rs.client.Entity;
+import javax.ws.rs.core.MediaType;
+import javax.ws.rs.core.MultivaluedHashMap;
+import javax.ws.rs.core.Response;
+import lombok.NoArgsConstructor;
+import org.apache.commons.codec.binary.Base64;
+import org.apache.commons.lang.StringUtils;
+import org.eclipse.jetty.util.security.Password;
+import org.json.JSONObject;
+import org.onap.portal.logging.format.EPAppMessagesEnum;
+import org.onap.portal.logging.logic.EPLogUtil;
+import org.onap.portal.scheduler.client.HttpBasicClient;
+import org.onap.portal.scheduler.client.HttpsBasicClient;
+import org.onap.portal.scheduler.restobjects.GetTimeSlotsRestObject;
+import org.onap.portal.scheduler.restobjects.RestObject;
+import org.onap.portalsdk.core.logging.logic.EELFLoggerDelegate;
+import org.springframework.http.HttpStatus;
+import org.springframework.stereotype.Service;
+import org.springframework.web.client.HttpClientErrorException;
+
+@SuppressWarnings("MalformedFormatString")
+@Service
+@NoArgsConstructor
+public class SchedulerRestInterface {
+
+ private static final String APPLICATION_JSON = "application/json";
+ private static final String PASSWORD_IS_EMPTY = "Password is Empty";
+ private static final String HTTP_CLIENT_ERROR = " HttpClientErrorException: Exception For the POST ."
+ + " MethodName: %APPLICATION_JSON, Url: %APPLICATION_JSON";
+
+ private static final EELFLoggerDelegate logger = EELFLoggerDelegate.getLogger(SchedulerRestInterface.class);
+ private static Client client = null;
+ private static Gson gson = null;
+
+ private MultivaluedHashMap<String, Object> commonHeaders;
+
+ private static void init() {
+ logger.debug(EELFLoggerDelegate.debugLogger, "initializing");
+ GsonBuilder builder = new GsonBuilder();
+
+ // Register an adapter to manage the date types as long values
+ builder.registerTypeAdapter(Date.class,
+ (JsonDeserializer<Date>) (json, typeOfT, context) -> new Date(json.getAsJsonPrimitive().getAsLong()));
+
+ gson = builder.create();
+ }
+
+ public void initRestClient() {
+ logger.debug(EELFLoggerDelegate.debugLogger, "Starting to initialize rest client");
+
+ init();
+
+ final String username;
+ final String password;
+
+ /* Setting user name based on properties */
+ String retrievedUsername = SchedulerProperties.getProperty(SchedulerProperties.SCHEDULER_USER_NAME_VAL);
+ if (retrievedUsername.isEmpty()) {
+ username = "";
+ } else {
+ username = retrievedUsername;
+ }
+
+ /* Setting password based on properties */
+ String retrievedPassword = SchedulerProperties.getProperty(SchedulerProperties.SCHEDULER_PASSWORD_VAL);
+ if (retrievedPassword.isEmpty()) {
+ password = StringUtils.EMPTY;
+ } else {
+ if (retrievedPassword.contains("OBF:")) {
+ password = Password.deobfuscate(retrievedPassword);
+ } else {
+ password = retrievedPassword;
+ }
+ }
+ try {
+ if (StringUtils.isBlank(password)) {
+ throw new CredentialException(PASSWORD_IS_EMPTY);
+ }
+ } catch (Exception ex) {
+ logger.error(EELFLoggerDelegate.errorLogger, "Unable to initialize rest client", ex);
+ }
+ String authString = username + ":" + password;
+ byte[] authEncBytes = Base64.encodeBase64(authString.getBytes());
+ String authStringEnc = new String(authEncBytes);
+
+ commonHeaders = new MultivaluedHashMap<>();
+ commonHeaders.put("Authorization", Collections.singletonList(("Basic " + authStringEnc)));
+
+ try {
+ if (!username.isEmpty()) {
+
+ client = HttpBasicClient.getClient();
+ } else {
+
+ client = HttpsBasicClient.getClient();
+ }
+ } catch (Exception e) {
+ logger.debug(EELFLoggerDelegate.debugLogger, "Unable to initialize rest client", e.getMessage());
+
+ }
+ logger.debug(EELFLoggerDelegate.debugLogger, "Client Initialized");
+
+ }
+
+ public <T> void get(String t, String sourceId, String path, GetTimeSlotsRestObject<String> restObject) {
+
+ String methodName = "Get";
+ String url = SchedulerProperties.getProperty(SchedulerProperties.SCHEDULER_SERVER_URL_VAL) + path;
+
+ logger.debug(EELFLoggerDelegate.debugLogger, "URL FOR GET : ", url);
+ try {
+ initRestClient();
+
+ final Response cres = client.target(url).request().accept(APPLICATION_JSON).headers(commonHeaders).get();
+
+ int status = cres.getStatus();
+ restObject.setStatusCode(status);
+
+ if (cres.getEntity() != null) {
+ try {
+ String str = (cres).readEntity(String.class);
+ if (t.getClass().getName().equals(String.class.getName())) {
+ t = str;
+ } else {
+ t = gson.fromJson(str, t.getClass());
+ }
+
+ } catch (Exception e) {
+ EPLogUtil.logEcompError(logger, EPAppMessagesEnum.BeInvalidJsonInput, e);
+ }
+ } else {
+ t = null;
+ restObject.setT(null);
+ }
+
+ if ("".equals(t)) {
+ restObject.setT(null);
+ } else {
+ restObject.setT(t);
+ }
+ } catch (HttpClientErrorException e) {
+ String message = String.format(
+ HTTP_CLIENT_ERROR, methodName, url);
+ logger.error(EELFLoggerDelegate.errorLogger, message, e);
+ EPLogUtil.schedulerAccessAlarm(logger, e.getStatusCode().value());
+ } catch (Exception e) {
+ String message = String
+ .format("Exception For the POST . MethodName: %APPLICATION_JSON, Url: %APPLICATION_JSON", methodName,
+ url);
+
+ logger.error(EELFLoggerDelegate.errorLogger, message, e);
+ EPLogUtil.schedulerAccessAlarm(logger, HttpStatus.INTERNAL_SERVER_ERROR.value());
+
+ throw e;
+
+ }
+
+ }
+
+ public <T> void post(String t, JSONObject requestDetails, String path, RestObject<String> restObject) {
+
+ String methodName = "Post";
+ String url = SchedulerProperties.getProperty(SchedulerProperties.SCHEDULER_SERVER_URL_VAL) + path;
+ logger.debug(EELFLoggerDelegate.debugLogger, "URL FOR POST : " + url);
+
+ try {
+
+ initRestClient();
+
+ // Change the content length
+ final Response cres = client.target(url).request().accept(APPLICATION_JSON).headers(commonHeaders)
+ .post(Entity.entity(requestDetails, MediaType.APPLICATION_JSON));
+
+ if (cres != null && cres.getEntity() != null) {
+
+ try {
+ String str = (cres).readEntity(String.class);
+ if (t.getClass().getName().equals(String.class.getName())) {
+ t = str;
+
+ } else {
+ t = gson.fromJson(str, t.getClass());
+ }
+
+ } catch (Exception e) {
+ EPLogUtil.logEcompError(logger, EPAppMessagesEnum.BeInvalidJsonInput, e);
+ }
+ restObject.setT(t);
+ } else {
+ restObject.setT(null);
+ }
+
+ int status = cres != null ? cres.getStatus() : 0;
+ restObject.setStatusCode(status);
+
+ if (status >= 200 && status <= 299) {
+ String message = String.format(" REST api POST was successful!", methodName);
+ logger.debug(EELFLoggerDelegate.debugLogger, message);
+
+ } else {
+ String message = String.format(
+ " FAILED with http status . MethodName: %APPLICATION_JSON, Status: %APPLICATION_JSON, Url: %APPLICATION_JSON",
+ methodName, status, url);
+ logger.debug(EELFLoggerDelegate.debugLogger, message);
+ }
+
+ } catch (HttpClientErrorException e) {
+ String message = String.format(
+ HTTP_CLIENT_ERROR, methodName, url);
+ logger.error(EELFLoggerDelegate.errorLogger, message, e);
+ EPLogUtil.schedulerAccessAlarm(logger, e.getStatusCode().value());
+ } catch (Exception e) {
+ String message = String.format(
+ HTTP_CLIENT_ERROR, methodName, url);
+ logger.error(EELFLoggerDelegate.errorLogger, message, e);
+ EPLogUtil.schedulerAccessAlarm(logger, HttpStatus.INTERNAL_SERVER_ERROR.value());
+ throw e;
+ }
+ }
+
+ public <T> void delete(String t, JSONObject requestDetails, String sourceID, String path, RestObject<String> restObject) {
+
+ String methodName = "Delete";
+ String url = "";
+ Response cres;
+
+ try {
+ initRestClient();
+
+ url = SchedulerProperties.getProperty(SchedulerProperties.SCHEDULER_SERVER_URL_VAL) + path;
+
+ cres = client.target(url).request().accept(APPLICATION_JSON).headers(commonHeaders)
+ .build("DELETE", Entity.entity(requestDetails, MediaType.APPLICATION_JSON)).invoke();
+
+ int status = cres.getStatus();
+ restObject.setStatusCode(status);
+ if (cres.getEntity() != null) {
+ t = cres.readEntity(t.getClass());
+ restObject.setT(t);
+ }
+
+ } catch (HttpClientErrorException e) {
+ logger.error(EELFLoggerDelegate.errorLogger, " HttpClientErrorException:Exception For the Delete",
+ methodName, url, e);
+ EPLogUtil.schedulerAccessAlarm(logger, e.getStatusCode().value());
+ } catch (Exception e) {
+ logger.error(EELFLoggerDelegate.errorLogger, "Exception For the Delete", methodName, url, e);
+ EPLogUtil.schedulerAccessAlarm(logger, HttpStatus.INTERNAL_SERVER_ERROR.value());
+ throw e;
+ }
+ }
+}
diff --git a/portal-BE/src/main/java/org/onap/portal/scheduler/SchedulerUtil.java b/portal-BE/src/main/java/org/onap/portal/scheduler/SchedulerUtil.java
new file mode 100644
index 00000000..ba55f477
--- /dev/null
+++ b/portal-BE/src/main/java/org/onap/portal/scheduler/SchedulerUtil.java
@@ -0,0 +1,136 @@
+/*
+ * ============LICENSE_START==========================================
+ * ONAP Portal
+ * ===================================================================
+ * Copyright (C) 2019 AT&T Intellectual Property. All rights reserved.
+ * ===================================================================
+ * Modifications Copyright (c) 2019 Samsung
+ * ===================================================================
+ *
+ * Unless otherwise specified, all software contained herein is licensed
+ * under the Apache License, Version 2.0 (the "License");
+ * you may not use this software except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ * Unless otherwise specified, all documentation contained herein is licensed
+ * under the Creative Commons License, Attribution 4.0 Intl. (the "License");
+ * you may not use this documentation except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * https://creativecommons.org/licenses/by/4.0/
+ *
+ * Unless required by applicable law or agreed to in writing, documentation
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ * ============LICENSE_END============================================
+ *
+ *
+ */
+
+package org.onap.portal.scheduler;
+
+import com.fasterxml.jackson.databind.ObjectMapper;
+import java.util.Date;
+import org.onap.portal.scheduler.restobjects.GetTimeSlotsRestObject;
+import org.onap.portal.scheduler.restobjects.PostCreateNewVnfRestObject;
+import org.onap.portal.scheduler.restobjects.PostSubmitVnfChangeRestObject;
+import org.onap.portal.scheduler.wrapper.GetTimeSlotsWrapper;
+import org.onap.portal.scheduler.wrapper.PostCreateNewVnfWrapper;
+import org.onap.portal.scheduler.wrapper.PostSubmitVnfChangeTimeSlotsWrapper;
+import org.onap.portal.utils.DateUtil;
+import org.onap.portalsdk.core.logging.logic.EELFLoggerDelegate;
+
+public class SchedulerUtil {
+
+ private static EELFLoggerDelegate logger = EELFLoggerDelegate.getLogger(SchedulerUtil.class);
+
+ public static GetTimeSlotsWrapper getTimeSlotsWrapResponse(GetTimeSlotsRestObject<String> rs) {
+
+ String resp_str = "";
+ int status = 0;
+
+ if (rs != null) {
+ resp_str = rs.getT();
+ status = rs.getStatusCode();
+ }
+
+ GetTimeSlotsWrapper w = new GetTimeSlotsWrapper();
+
+ w.setEntity(resp_str);
+ w.setStatus(status);
+
+ return (w);
+ }
+
+ public static PostSubmitVnfChangeTimeSlotsWrapper postSubmitNewVnfWrapResponse(
+ PostSubmitVnfChangeRestObject<String> rs) {
+
+ String resp_str = "";
+ int status = 0;
+ String uuid = "";
+
+ if (rs != null) {
+ resp_str = rs.getT();
+ status = rs.getStatusCode();
+ uuid = rs.getUuid();
+ }
+
+ PostSubmitVnfChangeTimeSlotsWrapper w = new PostSubmitVnfChangeTimeSlotsWrapper();
+
+ w.setEntity(resp_str);
+ w.setStatus(status);
+ w.setUuid(uuid);
+
+ return (w);
+ }
+
+ public static PostCreateNewVnfWrapper postCreateNewVnfWrapResponse(PostCreateNewVnfRestObject<String> rs) {
+
+ String resp_str = "";
+ int status = 0;
+ String uuid = "";
+
+ if (rs != null) {
+ resp_str = rs.getT();
+ status = rs.getStatusCode();
+ uuid = rs.getUUID();
+ }
+
+ PostCreateNewVnfWrapper w = new PostCreateNewVnfWrapper();
+
+ w.setEntity(resp_str);
+ w.setStatus(status);
+ w.setUuid(uuid);
+
+ return (w);
+ }
+
+ public static <T> String convertPojoToString(T t) throws com.fasterxml.jackson.core.JsonProcessingException {
+
+ String methodName = "convertPojoToString";
+ ObjectMapper mapper = new ObjectMapper();
+ String r_json_str = "";
+ if (t != null) {
+ try {
+ r_json_str = mapper.writeValueAsString(t);
+ } catch (com.fasterxml.jackson.core.JsonProcessingException j) {
+ logger.debug(EELFLoggerDelegate.debugLogger,
+ DateUtil.getDateFormat().format(new Date()) + "<== " + methodName + " Unable " + "to "
+ + "parse object as json");
+ }
+ }
+ return (r_json_str);
+ }
+
+}
diff --git a/portal-BE/src/main/java/org/onap/portal/scheduler/client/HttpBasicClient.java b/portal-BE/src/main/java/org/onap/portal/scheduler/client/HttpBasicClient.java
new file mode 100644
index 00000000..c09aa12b
--- /dev/null
+++ b/portal-BE/src/main/java/org/onap/portal/scheduler/client/HttpBasicClient.java
@@ -0,0 +1,73 @@
+/*
+ * ============LICENSE_START==========================================
+ * ONAP Portal
+ * ===================================================================
+ * Copyright (C) 2019 AT&T Intellectual Property. All rights reserved.
+ * ===================================================================
+ * Modifications Copyright (c) 2019 Samsung
+ * ===================================================================
+ *
+ * Unless otherwise specified, all software contained herein is licensed
+ * under the Apache License, Version 2.0 (the "License");
+ * you may not use this software except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ * Unless otherwise specified, all documentation contained herein is licensed
+ * under the Creative Commons License, Attribution 4.0 Intl. (the "License");
+ * you may not use this documentation except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * https://creativecommons.org/licenses/by/4.0/
+ *
+ * Unless required by applicable law or agreed to in writing, documentation
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ * ============LICENSE_END============================================
+ *
+ *
+ */
+package org.onap.portal.scheduler.client;
+
+
+import javax.servlet.ServletContext;
+import javax.ws.rs.client.Client;
+import javax.ws.rs.client.ClientBuilder;
+import org.glassfish.jersey.client.ClientConfig;
+import org.glassfish.jersey.client.ClientProperties;
+import org.onap.portal.scheduler.util.CustomJacksonJaxBJsonProvider;
+import org.onap.portalsdk.core.logging.logic.EELFLoggerDelegate;
+import org.springframework.beans.factory.annotation.Autowired;
+
+public class HttpBasicClient{
+
+ @Autowired
+ private ServletContext servletContext;
+
+ /** The logger. */
+ EELFLoggerDelegate logger = EELFLoggerDelegate.getLogger(HttpBasicClient.class);
+ /**
+ * Obtain a basic HTTP client .
+ *
+ * @return Client client object
+ * @throws Exception the exception
+ */
+ public static Client getClient() throws Exception {
+
+ ClientConfig config = new ClientConfig();
+ config.property(ClientProperties.SUPPRESS_HTTP_COMPLIANCE_VALIDATION, true);
+
+ return ClientBuilder.newClient(config)
+ .register(CustomJacksonJaxBJsonProvider.class);
+ }
+}
diff --git a/portal-BE/src/main/java/org/onap/portal/scheduler/client/HttpsBasicClient.java b/portal-BE/src/main/java/org/onap/portal/scheduler/client/HttpsBasicClient.java
new file mode 100644
index 00000000..1f44525b
--- /dev/null
+++ b/portal-BE/src/main/java/org/onap/portal/scheduler/client/HttpsBasicClient.java
@@ -0,0 +1,113 @@
+/*
+ * ============LICENSE_START==========================================
+ * ONAP Portal
+ * ===================================================================
+ * Copyright (C) 2019 AT&T Intellectual Property. All rights reserved.
+ * ===================================================================
+ * Modifications Copyright (c) 2019 Samsung
+ * ===================================================================
+ *
+ * Unless otherwise specified, all software contained herein is licensed
+ * under the Apache License, Version 2.0 (the "License");
+ * you may not use this software except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ * Unless otherwise specified, all documentation contained herein is licensed
+ * under the Creative Commons License, Attribution 4.0 Intl. (the "License");
+ * you may not use this documentation except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * https://creativecommons.org/licenses/by/4.0/
+ *
+ * Unless required by applicable law or agreed to in writing, documentation
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ * ============LICENSE_END============================================
+ *
+ *
+ */
+
+package org.onap.portal.scheduler.client;
+
+import java.io.File;
+import java.text.SimpleDateFormat;
+import java.util.Date;
+import javax.net.ssl.HostnameVerifier;
+import javax.net.ssl.HttpsURLConnection;
+import javax.net.ssl.SSLContext;
+import javax.net.ssl.SSLSession;
+import javax.ws.rs.client.Client;
+import javax.ws.rs.client.ClientBuilder;
+import org.glassfish.jersey.client.ClientConfig;
+import org.glassfish.jersey.client.ClientProperties;
+import org.onap.portal.scheduler.SchedulerProperties;
+import org.eclipse.jetty.util.security.Password;
+import org.onap.portal.scheduler.util.CustomJacksonJaxBJsonProvider;
+import org.onap.portal.utils.DateUtil;
+import org.onap.portalsdk.core.logging.logic.EELFLoggerDelegate;
+
+public class HttpsBasicClient {
+
+ static EELFLoggerDelegate logger = EELFLoggerDelegate.getLogger(HttpsBasicClient.class);
+
+ public static Client getClient() throws Exception {
+ String methodName = "getClient";
+ ClientConfig config = new ClientConfig();
+
+ SSLContext ctx = null;
+
+ try {
+
+ SimpleDateFormat dateFormat = DateUtil.getDateFormat();
+ config.property(ClientProperties.SUPPRESS_HTTP_COMPLIANCE_VALIDATION, true);
+
+ String truststore_path = SchedulerProperties.getProperty(SchedulerProperties.VID_TRUSTSTORE_FILENAME);
+ logger.debug(EELFLoggerDelegate.debugLogger, dateFormat.format(new Date()) + " " + methodName + " "
+ + "truststore_path=" +
+ truststore_path);
+ String truststore_password = SchedulerProperties.getProperty(SchedulerProperties.VID_TRUSTSTORE_PASSWD_X);
+
+ String decrypted_truststore_password = Password.deobfuscate(truststore_password);
+
+ File tr = new File(truststore_path);
+ logger.debug(EELFLoggerDelegate.debugLogger, dateFormat.format(new Date()) + " " + methodName + " absolute "
+ + "truststore path=" + tr.getAbsolutePath());
+ System.setProperty("javax.net.ssl.trustStore", truststore_path);
+ System.setProperty("javax.net.ssl.trustStorePassword", decrypted_truststore_password);
+ HttpsURLConnection.setDefaultHostnameVerifier(new HostnameVerifier() {
+ public boolean verify(String string, SSLSession ssls) {
+ return true;
+ }
+ });
+ ctx = SSLContext.getInstance("TLSv1.2");
+ ctx.init(null, null, null);
+
+ return ClientBuilder.newBuilder()
+ .sslContext(ctx)
+ .hostnameVerifier(new HostnameVerifier() {
+ @Override
+ public boolean verify(String s, SSLSession sslSession) {
+ return true;
+ }
+ }).withConfig(config)
+ .build()
+ .register(CustomJacksonJaxBJsonProvider.class);
+
+ } catch (Exception e) {
+ logger.debug(EELFLoggerDelegate.debugLogger, "Error setting up config: exiting");
+ e.printStackTrace();
+ return null;
+ }
+ }
+}
diff --git a/portal-BE/src/main/java/org/onap/portal/scheduler/policy/rest/RequestDetails.java b/portal-BE/src/main/java/org/onap/portal/scheduler/policy/rest/RequestDetails.java
new file mode 100644
index 00000000..5dc1b8cf
--- /dev/null
+++ b/portal-BE/src/main/java/org/onap/portal/scheduler/policy/rest/RequestDetails.java
@@ -0,0 +1,127 @@
+/*
+ * ============LICENSE_START==========================================
+ * ONAP Portal
+ * ===================================================================
+ * Copyright (C) 2019 AT&T Intellectual Property. All rights reserved.
+ * ===================================================================
+ * Modifications Copyright (c) 2019 Samsung
+ * ===================================================================
+ *
+ * Unless otherwise specified, all software contained herein is licensed
+ * under the Apache License, Version 2.0 (the "License");
+ * you may not use this software except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ * Unless otherwise specified, all documentation contained herein is licensed
+ * under the Creative Commons License, Attribution 4.0 Intl. (the "License");
+ * you may not use this documentation except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * https://creativecommons.org/licenses/by/4.0/
+ *
+ * Unless required by applicable law or agreed to in writing, documentation
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ * ============LICENSE_END============================================
+ *
+ *
+ */
+
+package org.onap.portal.scheduler.policy.rest;
+
+import com.fasterxml.jackson.annotation.JsonInclude;
+import com.fasterxml.jackson.annotation.JsonProperty;
+import com.fasterxml.jackson.annotation.JsonPropertyOrder;
+
+/*
+ [
+ {
+ "policyConfigMessage": "Config Retrieved! ",
+ "policyConfigStatus": "CONFIG_RETRIEVED",
+ "type": "JSON",
+ "config": "{\"service\":\"TimeLimitAndVerticalTopology\",\"policyName\":\"SNIRO_CM_1707.Demo_TimeLimitAndVerticalTopology_zone_localTime\",\"description\":\"dev instance\",\"templateVersion\":\"1702.03\",\"version\":\"1707\",\"priority\":\"4\",\"riskType\":\"test\",\"riskLevel\":\"3\",\"guard\":\"False\",\"content\":{\"serviceType\":\"networkOnDemand\",\"identity\":\"vnf_upgrade_policy\",\"policyScope\":{\"serviceType\":[\"networkOnDemand\"],\"aicZone\":[\" \"],\"entityType\":[\"vnf\"]},\"timeSchedule\":{\"allowedPeriodicTime\":[{\"day\":\"weekday\",\"timeRange\":[{\"start_time\":\"04:00:00\",\"end_time\":\"13:00:00\"}]}]},\"nodeType\":[\"vnf\"],\"type\":\"timeLimitAndVerticalTopology\",\"conflictScope\":\"vnf_zone\"}}",
+ "policyName": "SNIRO_CM_1707.Config_MS_Demo_TimeLimitAndVerticalTopology_zone_localTime.1.xml",
+ "policyVersion": "1",
+ "matchingConditions": {
+ "ECOMPName": "SNIRO-Placement",
+ "ConfigName": "",
+ "service": "TimeLimitAndVerticalTopology",
+ "uuid": "",
+ "Location": ""
+ },
+ "responseAttributes": {},
+ "property": null
+ },
+ {
+ "policyConfigMessage": "Config Retrieved! ",
+ "policyConfigStatus": "CONFIG_RETRIEVED",
+ "type": "JSON",
+ "config": "{\"service\":\"TimeLimitAndVerticalTopology\",\"policyName\":\"SNIRO_CM_1707.Demo_TimeLimitAndVerticalTopology_pserver_localTime\",\"description\":\"dev instance\",\"templateVersion\":\"1702.03\",\"version\":\"1707\",\"priority\":\"4\",\"riskType\":\"test\",\"riskLevel\":\"3\",\"guard\":\"False\",\"content\":{\"serviceType\":\"networkOnDemand\",\"identity\":\"vnf_upgrade_policy\",\"policyScope\":{\"serviceType\":[\"networkOnDemand\"],\"aicZone\":[\" \"],\"entityType\":[\"vnf\"]},\"timeSchedule\":{\"allowedPeriodicTime\":[{\"day\":\"weekday\",\"timeRange\":[{\"start_time\":\"04:00:00\",\"end_time\":\"13:00:00\"}]}]},\"nodeType\":[\"vnf\"],\"type\":\"timeLimitAndVerticalTopology\",\"conflictScope\":\"vnf_pserver\"}}",
+ "policyName": "SNIRO_CM_1707.Config_MS_Demo_TimeLimitAndVerticalTopology_pserver_localTime.1.xml",
+ "policyVersion": "1",
+ "matchingConditions": {
+ "ECOMPName": "SNIRO-Placement",
+ "ConfigName": "",
+ "service": "TimeLimitAndVerticalTopology",
+ "uuid": "",
+ "Location": ""
+ },
+ "responseAttributes": {},
+ "property": null
+ },
+ {
+ "policyConfigMessage": "Config Retrieved! ",
+ "policyConfigStatus": "CONFIG_RETRIEVED",
+ "type": "JSON",
+ "config": "{\"service\":\"TimeLimitAndVerticalTopology\",\"policyName\":\"SNIRO_CM_1707.Demo_TimeLimitAndVerticalTopology_vnf_localTime\",\"description\":\"dev instance\",\"templateVersion\":\"1702.03\",\"version\":\"1707\",\"priority\":\"4\",\"riskType\":\"test\",\"riskLevel\":\"3\",\"guard\":\"False\",\"content\":{\"serviceType\":\"networkOnDemand\",\"identity\":\"vnf_upgrade_policy\",\"policyScope\":{\"serviceType\":[\"networkOnDemand\"],\"aicZone\":[\" \"],\"entityType\":[\"vnf\"]},\"timeSchedule\":{\"allowedPeriodicTime\":[{\"day\":\"weekday\",\"timeRange\":[{\"start_time\":\"04:00:00\",\"end_time\":\"13:00:00\"}]}]},\"nodeType\":[\"vnf\"],\"type\":\"timeLimitAndVerticalTopology\",\"conflictScope\":\"vnf\"}}",
+ "policyName": "SNIRO_CM_1707.Config_MS_Demo_TimeLimitAndVerticalTopology_vnf_localTime.1.xml",
+ "policyVersion": "1",
+ "matchingConditions": {
+ "ECOMPName": "SNIRO-Placement",
+ "ConfigName": "",
+ "service": "TimeLimitAndVerticalTopology",
+ "uuid": "",
+ "Location": ""
+ },
+ "responseAttributes": {},
+ "property": null
+ }
+ ]
+*/
+@JsonInclude(JsonInclude.Include.NON_NULL)
+@JsonPropertyOrder({
+ "policyConfigMessage",
+ "policyConfigStatus",
+ "type",
+ "config",
+ "policyName",
+ "policyVersion",
+ "matchingConditions"
+})
+public class RequestDetails {
+
+ @JsonProperty("policyName")
+ private String policyName;
+
+ @JsonProperty("policyName")
+ public String getPolicyName() {
+ return policyName;
+ }
+
+ @JsonProperty("policyName")
+ public void setPolicyName(String policyName) {
+ this.policyName = policyName;
+ }
+
+}
diff --git a/portal-BE/src/main/java/org/onap/portal/scheduler/restobjects/GetTimeSlotsRestObject.java b/portal-BE/src/main/java/org/onap/portal/scheduler/restobjects/GetTimeSlotsRestObject.java
new file mode 100644
index 00000000..9b58266b
--- /dev/null
+++ b/portal-BE/src/main/java/org/onap/portal/scheduler/restobjects/GetTimeSlotsRestObject.java
@@ -0,0 +1,44 @@
+/*
+ * ============LICENSE_START==========================================
+ * ONAP Portal
+ * ===================================================================
+ * Copyright (C) 2019 AT&T Intellectual Property. All rights reserved.
+ * ===================================================================
+ * Modifications Copyright (c) 2019 Samsung
+ * ===================================================================
+ *
+ * Unless otherwise specified, all software contained herein is licensed
+ * under the Apache License, Version 2.0 (the "License");
+ * you may not use this software except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ * Unless otherwise specified, all documentation contained herein is licensed
+ * under the Creative Commons License, Attribution 4.0 Intl. (the "License");
+ * you may not use this documentation except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * https://creativecommons.org/licenses/by/4.0/
+ *
+ * Unless required by applicable law or agreed to in writing, documentation
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ * ============LICENSE_END============================================
+ *
+ *
+ */
+
+package org.onap.portal.scheduler.restobjects;
+
+public class GetTimeSlotsRestObject<T> extends RestObject<T> {
+}
diff --git a/portal-BE/src/main/java/org/onap/portal/scheduler/restobjects/PostCreateNewVnfRestObject.java b/portal-BE/src/main/java/org/onap/portal/scheduler/restobjects/PostCreateNewVnfRestObject.java
new file mode 100644
index 00000000..c6aadd58
--- /dev/null
+++ b/portal-BE/src/main/java/org/onap/portal/scheduler/restobjects/PostCreateNewVnfRestObject.java
@@ -0,0 +1,50 @@
+/*
+ * ============LICENSE_START==========================================
+ * ONAP Portal
+ * ===================================================================
+ * Copyright (C) 2019 AT&T Intellectual Property. All rights reserved.
+ * ===================================================================
+ * Modifications Copyright (c) 2019 Samsung
+ * ===================================================================
+ *
+ * Unless otherwise specified, all software contained herein is licensed
+ * under the Apache License, Version 2.0 (the "License");
+ * you may not use this software except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ * Unless otherwise specified, all documentation contained herein is licensed
+ * under the Creative Commons License, Attribution 4.0 Intl. (the "License");
+ * you may not use this documentation except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * https://creativecommons.org/licenses/by/4.0/
+ *
+ * Unless required by applicable law or agreed to in writing, documentation
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ * ============LICENSE_END============================================
+ *
+ *
+ */
+
+package org.onap.portal.scheduler.restobjects;
+
+public class PostCreateNewVnfRestObject<T> extends RestObject<T> {
+
+ private String uuid;
+
+ public void setUUID(String uuid) { this.uuid = uuid; }
+
+ public String getUUID() { return this.uuid; }
+}
diff --git a/portal-BE/src/main/java/org/onap/portal/scheduler/restobjects/PostSubmitVnfChangeRestObject.java b/portal-BE/src/main/java/org/onap/portal/scheduler/restobjects/PostSubmitVnfChangeRestObject.java
new file mode 100644
index 00000000..5e180865
--- /dev/null
+++ b/portal-BE/src/main/java/org/onap/portal/scheduler/restobjects/PostSubmitVnfChangeRestObject.java
@@ -0,0 +1,45 @@
+
+/*
+ * ============LICENSE_START==========================================
+ * ONAP Portal
+ * ===================================================================
+ * Copyright (C) 2019 AT&T Intellectual Property. All rights reserved.
+ * ===================================================================
+ * Modifications Copyright (c) 2019 Samsung
+ * ===================================================================
+ *
+ * Unless otherwise specified, all software contained herein is licensed
+ * under the Apache License, Version 2.0 (the "License");
+ * you may not use this software except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ * Unless otherwise specified, all documentation contained herein is licensed
+ * under the Creative Commons License, Attribution 4.0 Intl. (the "License");
+ * you may not use this documentation except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * https://creativecommons.org/licenses/by/4.0/
+ *
+ * Unless required by applicable law or agreed to in writing, documentation
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ * ============LICENSE_END============================================
+ *
+ *
+ */
+
+package org.onap.portal.scheduler.restobjects;
+
+public class PostSubmitVnfChangeRestObject<T> extends RestObject<T> {
+}
diff --git a/portal-BE/src/main/java/org/onap/portal/scheduler/restobjects/RestObject.java b/portal-BE/src/main/java/org/onap/portal/scheduler/restobjects/RestObject.java
new file mode 100644
index 00000000..f0a67ae8
--- /dev/null
+++ b/portal-BE/src/main/java/org/onap/portal/scheduler/restobjects/RestObject.java
@@ -0,0 +1,65 @@
+/*
+ * ============LICENSE_START==========================================
+ * ONAP Portal
+ * ===================================================================
+ * Copyright (C) 2019 AT&T Intellectual Property. All rights reserved.
+ * ===================================================================
+ * Modifications Copyright (c) 2019 Samsung
+ * ===================================================================
+ *
+ * Unless otherwise specified, all software contained herein is licensed
+ * under the Apache License, Version 2.0 (the "License");
+ * you may not use this software except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ * Unless otherwise specified, all documentation contained herein is licensed
+ * under the Creative Commons License, Attribution 4.0 Intl. (the "License");
+ * you may not use this documentation except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * https://creativecommons.org/licenses/by/4.0/
+ *
+ * Unless required by applicable law or agreed to in writing, documentation
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ * ============LICENSE_END============================================
+ *
+ *
+ */
+
+package org.onap.portal.scheduler.restobjects;
+
+import lombok.AllArgsConstructor;
+import lombok.Getter;
+import lombok.NoArgsConstructor;
+import lombok.Setter;
+
+@Getter
+@Setter
+@NoArgsConstructor
+@AllArgsConstructor
+public class RestObject<T> {
+
+ private T t;
+ private int statusCode= 0;
+ private String uuid;
+
+ public T getT() {
+ return t;
+ }
+ public void setT(T t) {
+ this.t = t;
+ }
+}
+
diff --git a/portal-BE/src/main/java/org/onap/portal/scheduler/util/CustomJacksonJaxBJsonProvider.java b/portal-BE/src/main/java/org/onap/portal/scheduler/util/CustomJacksonJaxBJsonProvider.java
new file mode 100644
index 00000000..e26975e6
--- /dev/null
+++ b/portal-BE/src/main/java/org/onap/portal/scheduler/util/CustomJacksonJaxBJsonProvider.java
@@ -0,0 +1,80 @@
+/*
+ * ============LICENSE_START==========================================
+ * ONAP Portal
+ * ===================================================================
+ * Copyright (C) 2019 AT&T Intellectual Property. All rights reserved.
+ * ===================================================================
+ * Modifications Copyright (c) 2019 Samsung
+ * ===================================================================
+ *
+ * Unless otherwise specified, all software contained herein is licensed
+ * under the Apache License, Version 2.0 (the "License");
+ * you may not use this software except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ * Unless otherwise specified, all documentation contained herein is licensed
+ * under the Creative Commons License, Attribution 4.0 Intl. (the "License");
+ * you may not use this documentation except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * https://creativecommons.org/licenses/by/4.0/
+ *
+ * Unless required by applicable law or agreed to in writing, documentation
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ * ============LICENSE_END============================================
+ *
+ *
+ */
+
+package org.onap.portal.scheduler.util;
+
+
+import com.fasterxml.jackson.annotation.JsonInclude;
+import com.fasterxml.jackson.databind.DeserializationFeature;
+import com.fasterxml.jackson.databind.ObjectMapper;
+import com.fasterxml.jackson.databind.SerializationFeature;
+import com.fasterxml.jackson.jaxrs.json.JacksonJaxbJsonProvider;
+import com.fasterxml.jackson.module.jaxb.JaxbAnnotationModule;
+import javax.ws.rs.ext.Provider;
+
+@Provider
+public class CustomJacksonJaxBJsonProvider extends JacksonJaxbJsonProvider {
+
+ private static ObjectMapper commonMapper = null;
+
+ public CustomJacksonJaxBJsonProvider() {
+ if (commonMapper == null) {
+ ObjectMapper mapper = new ObjectMapper();
+
+ mapper.setSerializationInclusion(JsonInclude.Include.NON_NULL);
+
+ mapper.configure(SerializationFeature.WRITE_DATES_AS_TIMESTAMPS, false);
+ mapper.configure(SerializationFeature.INDENT_OUTPUT, false);
+ mapper.configure(SerializationFeature.WRAP_ROOT_VALUE, false);
+
+ mapper.configure(DeserializationFeature.FAIL_ON_UNKNOWN_PROPERTIES, false);
+ mapper.configure(DeserializationFeature.UNWRAP_ROOT_VALUE, false);
+
+ mapper.registerModule(new JaxbAnnotationModule());
+
+ commonMapper = mapper;
+ }
+ super.setMapper(commonMapper);
+ }
+
+ public ObjectMapper getMapper() {
+ return commonMapper;
+ }
+}
diff --git a/portal-BE/src/main/java/org/onap/portal/scheduler/wrapper/GetTimeSlotsWrapper.java b/portal-BE/src/main/java/org/onap/portal/scheduler/wrapper/GetTimeSlotsWrapper.java
new file mode 100644
index 00000000..8ebb6217
--- /dev/null
+++ b/portal-BE/src/main/java/org/onap/portal/scheduler/wrapper/GetTimeSlotsWrapper.java
@@ -0,0 +1,42 @@
+/*-
+ * ============LICENSE_START==========================================
+ * ONAP Portal
+ * ===================================================================
+ * Copyright (C) 2017 AT&T Intellectual Property. All rights reserved.
+ * ===================================================================
+ *
+ * Unless otherwise specified, all software contained herein is licensed
+ * under the Apache License, Version 2.0 (the "License");
+ * you may not use this software except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ * Unless otherwise specified, all documentation contained herein is licensed
+ * under the Creative Commons License, Attribution 4.0 Intl. (the "License");
+ * you may not use this documentation except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * https://creativecommons.org/licenses/by/4.0/
+ *
+ * Unless required by applicable law or agreed to in writing, documentation
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ * ============LICENSE_END============================================
+ *
+ *
+ */
+package org.onap.portal.scheduler.wrapper;
+
+public class GetTimeSlotsWrapper extends SchedulerResponseWrapper {
+
+}
diff --git a/portal-BE/src/main/java/org/onap/portal/scheduler/wrapper/PostCreateNewVnfWrapper.java b/portal-BE/src/main/java/org/onap/portal/scheduler/wrapper/PostCreateNewVnfWrapper.java
new file mode 100644
index 00000000..1e13c4c5
--- /dev/null
+++ b/portal-BE/src/main/java/org/onap/portal/scheduler/wrapper/PostCreateNewVnfWrapper.java
@@ -0,0 +1,82 @@
+/*-
+ * ============LICENSE_START==========================================
+ * ONAP Portal
+ * ===================================================================
+ * Copyright (C) 2017 AT&T Intellectual Property. All rights reserved.
+ * ===================================================================
+ *
+ * Unless otherwise specified, all software contained herein is licensed
+ * under the Apache License, Version 2.0 (the "License");
+ * you may not use this software except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ * Unless otherwise specified, all documentation contained herein is licensed
+ * under the Creative Commons License, Attribution 4.0 Intl. (the "License");
+ * you may not use this documentation except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * https://creativecommons.org/licenses/by/4.0/
+ *
+ * Unless required by applicable law or agreed to in writing, documentation
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ * ============LICENSE_END============================================
+ *
+ *
+ */
+package org.onap.portal.scheduler.wrapper;
+
+import com.fasterxml.jackson.annotation.JsonInclude;
+import com.fasterxml.jackson.annotation.JsonProperty;
+import com.fasterxml.jackson.annotation.JsonPropertyOrder;
+import com.fasterxml.jackson.core.JsonProcessingException;
+import com.fasterxml.jackson.databind.ObjectMapper;
+import java.io.IOException;
+import java.util.LinkedHashMap;
+import java.util.Map;
+import org.apache.commons.lang.builder.ToStringBuilder;
+
+@JsonInclude(JsonInclude.Include.NON_NULL)
+@JsonPropertyOrder({ "uuid" })
+public class PostCreateNewVnfWrapper extends SchedulerResponseWrapper {
+
+ @JsonProperty("uuid")
+ private String uuid;
+
+ @JsonProperty("uuid")
+ public String getUuid() {
+ return uuid;
+ }
+
+ @JsonProperty("uuid")
+ public void setUuid(String v) {
+ this.uuid = v;
+ }
+
+ @Override
+ public String toString() {
+ return ToStringBuilder.reflectionToString(this);
+ }
+
+ public String getResponse() throws JsonProcessingException, IOException {
+
+ Map<String, Object> map = new LinkedHashMap<>();
+ map.put("status", getStatus());
+ map.put("entity", getEntity());
+ map.put("uuid", getUuid());
+ ObjectMapper objectMapper = new ObjectMapper();
+ String jsonResponse = objectMapper.writeValueAsString(map);
+ return jsonResponse;
+ }
+}
diff --git a/portal-BE/src/main/java/org/onap/portal/scheduler/wrapper/PostSubmitVnfChangeTimeSlotsWrapper.java b/portal-BE/src/main/java/org/onap/portal/scheduler/wrapper/PostSubmitVnfChangeTimeSlotsWrapper.java
new file mode 100644
index 00000000..b323b28d
--- /dev/null
+++ b/portal-BE/src/main/java/org/onap/portal/scheduler/wrapper/PostSubmitVnfChangeTimeSlotsWrapper.java
@@ -0,0 +1,82 @@
+/*-
+ * ============LICENSE_START==========================================
+ * ONAP Portal
+ * ===================================================================
+ * Copyright (C) 2017 AT&T Intellectual Property. All rights reserved.
+ * ===================================================================
+ *
+ * Unless otherwise specified, all software contained herein is licensed
+ * under the Apache License, Version 2.0 (the "License");
+ * you may not use this software except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ * Unless otherwise specified, all documentation contained herein is licensed
+ * under the Creative Commons License, Attribution 4.0 Intl. (the "License");
+ * you may not use this documentation except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * https://creativecommons.org/licenses/by/4.0/
+ *
+ * Unless required by applicable law or agreed to in writing, documentation
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ * ============LICENSE_END============================================
+ *
+ *
+ */
+package org.onap.portal.scheduler.wrapper;
+
+import com.fasterxml.jackson.annotation.JsonInclude;
+import com.fasterxml.jackson.annotation.JsonProperty;
+import com.fasterxml.jackson.annotation.JsonPropertyOrder;
+import com.fasterxml.jackson.core.JsonProcessingException;
+import com.fasterxml.jackson.databind.ObjectMapper;
+import java.io.IOException;
+import java.util.LinkedHashMap;
+import java.util.Map;
+import org.apache.commons.lang.builder.ToStringBuilder;
+
+@JsonInclude(JsonInclude.Include.NON_NULL)
+@JsonPropertyOrder({ "uuid" })
+public class PostSubmitVnfChangeTimeSlotsWrapper extends SchedulerResponseWrapper {
+ @JsonProperty("uuid")
+ private String uuid;
+
+ @JsonProperty("uuid")
+ public String getUuid() {
+ return uuid;
+ }
+
+ @JsonProperty("uuid")
+ public void setUuid(String v) {
+ this.uuid = v;
+ }
+
+ @Override
+ public String toString() {
+ return ToStringBuilder.reflectionToString(this);
+ }
+
+ public String getResponse() throws JsonProcessingException, IOException {
+
+ Map<String, Object> map = new LinkedHashMap<>();
+ map.put("status", getStatus());
+ map.put("entity", getEntity());
+ map.put("uuid", getUuid());
+ ObjectMapper objectMapper = new ObjectMapper();
+ String jsonResponse = objectMapper.writeValueAsString(map);
+ return jsonResponse;
+
+ }
+}
diff --git a/portal-BE/src/main/java/org/onap/portal/scheduler/wrapper/SchedulerResponseWrapper.java b/portal-BE/src/main/java/org/onap/portal/scheduler/wrapper/SchedulerResponseWrapper.java
new file mode 100644
index 00000000..20c828be
--- /dev/null
+++ b/portal-BE/src/main/java/org/onap/portal/scheduler/wrapper/SchedulerResponseWrapper.java
@@ -0,0 +1,105 @@
+/*-
+ * ============LICENSE_START==========================================
+ * ONAP Portal
+ * ===================================================================
+ * Copyright (C) 2017 AT&T Intellectual Property. All rights reserved.
+ * ===================================================================
+ *
+ * Unless otherwise specified, all software contained herein is licensed
+ * under the Apache License, Version 2.0 (the "License");
+ * you may not use this software except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ * Unless otherwise specified, all documentation contained herein is licensed
+ * under the Creative Commons License, Attribution 4.0 Intl. (the "License");
+ * you may not use this documentation except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * https://creativecommons.org/licenses/by/4.0/
+ *
+ * Unless required by applicable law or agreed to in writing, documentation
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ * ============LICENSE_END============================================
+ *
+ *
+ */
+package org.onap.portal.scheduler.wrapper;
+
+import com.fasterxml.jackson.annotation.JsonInclude;
+import com.fasterxml.jackson.annotation.JsonProperty;
+import com.fasterxml.jackson.annotation.JsonPropertyOrder;
+import com.fasterxml.jackson.core.JsonProcessingException;
+import com.fasterxml.jackson.databind.ObjectMapper;
+import java.io.IOException;
+import java.util.LinkedHashMap;
+import java.util.Map;
+import org.apache.commons.lang.builder.ToStringBuilder;
+
+/**
+ * This wrapper encapsulates the Scheduler response
+ */
+@JsonInclude(JsonInclude.Include.NON_NULL)
+@JsonPropertyOrder({ "status", "entity" })
+
+public class SchedulerResponseWrapper {
+
+ @JsonProperty("status")
+ private int status;
+
+ @JsonProperty("entity")
+ private String entity;
+
+ @JsonProperty("entity")
+ public String getEntity() {
+ return entity;
+ }
+
+ @JsonProperty("status")
+ public int getStatus() {
+ return status;
+ }
+
+ @JsonProperty("status")
+ public void setStatus(int v) {
+ this.status = v;
+ }
+
+ @JsonProperty("entity")
+ public void setEntity(String v) {
+ this.entity = v;
+ }
+
+ @Override
+ public String toString() {
+ return ToStringBuilder.reflectionToString(this);
+ }
+
+ public String getResponse() throws JsonProcessingException, IOException {
+ /*
+ * StringBuilder b = new StringBuilder ("{ \"status\": ");
+ *
+ * b.append(getStatus()).append(", \"entity\": "
+ * ).append(this.getEntity()).append("}"); return (b.toString());
+ */
+
+ Map<String, Object> map = new LinkedHashMap<>();
+ map.put("status", getStatus());
+ map.put("entity", getEntity());
+ ObjectMapper objectMapper = new ObjectMapper();
+ String jsonResponse = objectMapper.writeValueAsString(map);
+ return jsonResponse;
+
+ }
+}
diff --git a/portal-BE/src/main/java/org/onap/portal/service/AdminRolesService.java b/portal-BE/src/main/java/org/onap/portal/service/AdminRolesService.java
index 059979d2..5b721836 100644
--- a/portal-BE/src/main/java/org/onap/portal/service/AdminRolesService.java
+++ b/portal-BE/src/main/java/org/onap/portal/service/AdminRolesService.java
@@ -92,6 +92,7 @@ import org.onap.portal.domain.dto.transport.Role;
import org.onap.portal.domain.dto.transport.RoleInAppForUser;
import org.onap.portal.domain.dto.transport.RolesInAppForUser;
import org.onap.portal.exception.DeleteDomainObjectFailedException;
+import org.onap.portal.exception.RoleFunctionException;
import org.onap.portal.exception.SyncUserRolesException;
import org.onap.portal.logging.format.EPAppMessagesEnum;
import org.onap.portal.logging.logic.EPLogUtil;
@@ -127,1750 +128,1799 @@ import org.springframework.web.client.RestTemplate;
@Transactional
public class AdminRolesService {
- private final EELFLoggerDelegate logger = EELFLoggerDelegate.getLogger(AdminRolesService.class);
- private static final Object syncRests = new Object();
- private final RestTemplate template = new RestTemplate();
-
- private Long SYS_ADMIN_ROLE_ID = 38L;
- private final Long ACCOUNT_ADMIN_ROLE_ID = 999L;
- private final Long ECOMP_APP_ID = 1L;
- private final String ADMIN_ACCOUNT = "Is account admin for user {}";
-
- private final AppsCacheService appsCacheService;
- private final EntityManager entityManager;
- private final FnUserService fnUserService;
- private final FnRoleService fnRoleService;
- private final FnAppService fnAppService;
- private final FnMenuFunctionalService fnMenuFunctionalService;
- private final FnUserRoleService fnUserRoleService;
- private final EpAppFunctionService epAppFunctionService;
- private final EcompUserAppRolesService ecompUserAppRolesService;
- private final FnMenuFunctionalRolesService fnMenuFunctionalRolesService;
- private final ApplicationsRestClientService applicationsRestClientService;
- private final EpUserRolesRequestDetService epUserRolesRequestDetService;
- private final ExternalAccessRolesService externalAccessRolesService;
- private final EpUserRolesRequestService epUserRolesRequestService;
-
- @Autowired
- public AdminRolesService(AppsCacheService appsCacheService,
- final EntityManager entityManager,
- final FnUserService fnUserService, FnRoleService fnRoleService,
- FnAppService fnAppService,
- FnMenuFunctionalService fnMenuFunctionalService,
- final FnUserRoleService fnUserRoleService,
- EpAppFunctionService epAppFunctionService,
- EcompUserAppRolesService ecompUserAppRolesService,
- FnMenuFunctionalRolesService fnMenuFunctionalRolesService,
- ApplicationsRestClientService applicationsRestClientService,
- EpUserRolesRequestDetService epUserRolesRequestDetService,
- ExternalAccessRolesService externalAccessRolesService,
- EpUserRolesRequestService epUserRolesRequestService) {
- this.appsCacheService = appsCacheService;
- this.entityManager = entityManager;
- this.fnUserService = fnUserService;
- this.fnRoleService = fnRoleService;
- this.fnAppService = fnAppService;
- this.fnMenuFunctionalService = fnMenuFunctionalService;
- this.fnUserRoleService = fnUserRoleService;
- this.epAppFunctionService = epAppFunctionService;
- this.ecompUserAppRolesService = ecompUserAppRolesService;
- this.fnMenuFunctionalRolesService = fnMenuFunctionalRolesService;
- this.applicationsRestClientService = applicationsRestClientService;
- this.epUserRolesRequestDetService = epUserRolesRequestDetService;
- this.externalAccessRolesService = externalAccessRolesService;
- this.epUserRolesRequestService = epUserRolesRequestService;
- }
-
- public boolean isSuperAdmin(final String loginId) {
- boolean isSuperAdmin;
- try {
- isSuperAdmin = fnUserRoleService
- .isSuperAdmin(loginId, SYS_ADMIN_ROLE_ID, ECOMP_APP_ID);
- } catch (Exception e) {
- logger.error("isSuperAdmin exception: " + e.toString());
- throw e;
+ private final EELFLoggerDelegate logger = EELFLoggerDelegate.getLogger(AdminRolesService.class);
+ private static final Object syncRests = new Object();
+ private final RestTemplate template = new RestTemplate();
+
+ private Long SYS_ADMIN_ROLE_ID = 38L;
+ private final Long ACCOUNT_ADMIN_ROLE_ID = 999L;
+ private final Long ECOMP_APP_ID = 1L;
+ private final String ADMIN_ACCOUNT = "Is account admin for user {}";
+
+ private final AppsCacheService appsCacheService;
+ private final EntityManager entityManager;
+ private final FnUserService fnUserService;
+ private final FnRoleService fnRoleService;
+ private final FnAppService fnAppService;
+ private final FnMenuFunctionalService fnMenuFunctionalService;
+ private final FnUserRoleService fnUserRoleService;
+ private final EpAppFunctionService epAppFunctionService;
+ private final EcompUserAppRolesService ecompUserAppRolesService;
+ private final FnMenuFunctionalRolesService fnMenuFunctionalRolesService;
+ private final ApplicationsRestClientService applicationsRestClientService;
+ private final EpUserRolesRequestDetService epUserRolesRequestDetService;
+ private final ExternalAccessRolesService externalAccessRolesService;
+ private final EpUserRolesRequestService epUserRolesRequestService;
+
+ @Autowired
+ public AdminRolesService(AppsCacheService appsCacheService,
+ final EntityManager entityManager,
+ final FnUserService fnUserService, FnRoleService fnRoleService,
+ FnAppService fnAppService,
+ FnMenuFunctionalService fnMenuFunctionalService,
+ final FnUserRoleService fnUserRoleService,
+ EpAppFunctionService epAppFunctionService,
+ EcompUserAppRolesService ecompUserAppRolesService,
+ FnMenuFunctionalRolesService fnMenuFunctionalRolesService,
+ ApplicationsRestClientService applicationsRestClientService,
+ EpUserRolesRequestDetService epUserRolesRequestDetService,
+ ExternalAccessRolesService externalAccessRolesService,
+ EpUserRolesRequestService epUserRolesRequestService) {
+ this.appsCacheService = appsCacheService;
+ this.entityManager = entityManager;
+ this.fnUserService = fnUserService;
+ this.fnRoleService = fnRoleService;
+ this.fnAppService = fnAppService;
+ this.fnMenuFunctionalService = fnMenuFunctionalService;
+ this.fnUserRoleService = fnUserRoleService;
+ this.epAppFunctionService = epAppFunctionService;
+ this.ecompUserAppRolesService = ecompUserAppRolesService;
+ this.fnMenuFunctionalRolesService = fnMenuFunctionalRolesService;
+ this.applicationsRestClientService = applicationsRestClientService;
+ this.epUserRolesRequestDetService = epUserRolesRequestDetService;
+ this.externalAccessRolesService = externalAccessRolesService;
+ this.epUserRolesRequestService = epUserRolesRequestService;
}
- logger.info("isSuperAdmin " + isSuperAdmin);
- return isSuperAdmin;
- }
-
- public boolean isAccountAdmin(final long userId, final String orgUserId, final Set<FnUserRole> userApps) {
- try {
- logger.debug(EELFLoggerDelegate.debugLogger, ADMIN_ACCOUNT, userId);
- List<Integer> userAdminApps = getAdminAppsForTheUser(userId);
- logger.debug(EELFLoggerDelegate.debugLogger,
- "Is account admin for userAdminApps() - for user {}, found userAdminAppsSize {}",
- orgUserId, userAdminApps.size());
-
- for (FnUserRole userApp : userApps) {
- if (userApp.getRoleId().getId().equals(ACCOUNT_ADMIN_ROLE_ID) || (
- userAdminApps.size() > 1)) {
- logger.debug(EELFLoggerDelegate.debugLogger,
- "Is account admin for userAdminApps() - for user {}, found Id {}",
- orgUserId, userApp.getRoleId().getId());
- return true;
+
+ public boolean isSuperAdmin(final String loginId) {
+ boolean isSuperAdmin;
+ try {
+ isSuperAdmin = fnUserRoleService
+ .isSuperAdmin(loginId, SYS_ADMIN_ROLE_ID, ECOMP_APP_ID);
+ } catch (Exception e) {
+ logger.error("isSuperAdmin exception: " + e.toString());
+ throw e;
}
- }
- } catch (Exception e) {
- EPLogUtil.logEcompError(logger, EPAppMessagesEnum.BeDaoSystemError, e);
- logger.error(EELFLoggerDelegate.errorLogger,
- "Exception occurred while executing isAccountAdmin operation",
- e);
+ logger.info("isSuperAdmin " + isSuperAdmin);
+ return isSuperAdmin;
}
- return false;
- }
-
- public boolean isUser(final long userId) {
- try {
- FnUser currentUser = fnUserService.getUser(userId).orElseThrow(Exception::new);
- if (currentUser != null && currentUser.getId() != null) {
- for (FnUserRole userApp : currentUser.getUserApps()) {
- if (!userApp.getFnAppId().getId().equals(ECOMP_APP_ID)) {
- FnRole role = userApp.getRoleId();
- if (!role.getId().equals(SYS_ADMIN_ROLE_ID) && !role.getId()
- .equals(ACCOUNT_ADMIN_ROLE_ID)) {
- if (role.getActiveYn()) {
- return true;
- }
+
+ public boolean isAccountAdmin(final long userId, final String orgUserId, final Set<FnUserRole> userApps) {
+ try {
+ logger.debug(EELFLoggerDelegate.debugLogger, ADMIN_ACCOUNT, userId);
+ List<Integer> userAdminApps = getAdminAppsForTheUser(userId);
+ logger.debug(EELFLoggerDelegate.debugLogger,
+ "Is account admin for userAdminApps() - for user {}, found userAdminAppsSize {}",
+ orgUserId, userAdminApps.size());
+
+ for (FnUserRole userApp : userApps) {
+ if (userApp.getRoleId().getId().equals(ACCOUNT_ADMIN_ROLE_ID) || (
+ userAdminApps.size() > 1)) {
+ logger.debug(EELFLoggerDelegate.debugLogger,
+ "Is account admin for userAdminApps() - for user {}, found Id {}",
+ orgUserId, userApp.getRoleId().getId());
+ return true;
+ }
}
- }
+ } catch (Exception e) {
+ EPLogUtil.logEcompError(logger, EPAppMessagesEnum.BeDaoSystemError, e);
+ logger.error(EELFLoggerDelegate.errorLogger,
+ "Exception occurred while executing isAccountAdmin operation",
+ e);
}
- }
- } catch (Exception e) {
- EPLogUtil.logEcompError(logger, EPAppMessagesEnum.BeDaoSystemError, e);
- logger.error(EELFLoggerDelegate.errorLogger, "Exception occurred while executing isUser operation",
- e);
+ return false;
}
- return false;
- }
-
- public boolean isRoleAdmin(Long userId) {
- try {
- logger.debug(EELFLoggerDelegate.debugLogger, "Checking if user has isRoleAdmin access");
- List getRoleFuncListOfUser = fnUserRoleService.getRoleFunctionsOfUserforAlltheApplications(userId);
- logger.debug(EELFLoggerDelegate.debugLogger,
- "Checking if user has isRoleAdmin access :: getRoleFuncListOfUser", getRoleFuncListOfUser);
- Set<String> getRoleFuncListOfPortalSet = new HashSet<>(getRoleFuncListOfUser);
- Set<String> getRoleFuncListOfPortalSet1 = new HashSet<>();
- Set<String> roleFunSet;
- roleFunSet = getRoleFuncListOfPortalSet.stream().filter(x -> x.contains("|"))
- .collect(Collectors.toSet());
- if (!roleFunSet.isEmpty()) {
- for (String roleFunction : roleFunSet) {
- String type = externalAccessRolesService.getFunctionCodeType(roleFunction);
- getRoleFuncListOfPortalSet1.add(type);
- }
- }
-
- boolean checkIfFunctionsExits = getRoleFuncListOfPortalSet1.stream()
- .anyMatch(roleFunction -> roleFunction.equalsIgnoreCase("Approver"));
- logger.debug(EELFLoggerDelegate.debugLogger, "Checking if user has approver rolefunction",
- checkIfFunctionsExits);
- return checkIfFunctionsExits;
-
- } catch (Exception e) {
- EPLogUtil.logEcompError(logger, EPAppMessagesEnum.BeDaoSystemError, e);
- logger.error(EELFLoggerDelegate.errorLogger,
- "Exception occurred while executing isRoleAdmin operation",
- e);
- }
- return false;
- }
-
- private boolean isAccountAdminOfApplication(Long userId, FnApp app) {
- boolean isApplicationAccountAdmin = false;
- try {
- logger.debug(EELFLoggerDelegate.debugLogger, ADMIN_ACCOUNT, userId);
- List<Integer> userAdminApps = getAdminAppsForTheUser(userId);
- if (!userAdminApps.isEmpty()) {
- isApplicationAccountAdmin = userAdminApps.contains(app.getId());
- logger.debug(EELFLoggerDelegate.debugLogger, "Is account admin for user is true{} ,appId {}", userId,
- app.getId());
- }
- } catch (Exception e) {
- EPLogUtil.logEcompError(logger, EPAppMessagesEnum.BeDaoSystemError, e);
- logger.error(EELFLoggerDelegate.errorLogger,
- "Exception occurred while executing isAccountAdminOfApplication operation", e);
- }
- logger.debug(EELFLoggerDelegate.debugLogger,
- "In AdminRolesServiceImpl() - isAccountAdminOfApplication = {} and userId ={} ", isApplicationAccountAdmin,
- userId);
- return isApplicationAccountAdmin;
-
- }
-
- private List<Integer> getAdminAppsForTheUser(final Long userId) {
- String query = "select fa.app_id from fn_user_role ur,fn_app fa where ur.user_id =:userId and ur.app_id=fa.app_id and ur.role_id= 999 and (fa.enabled = 'Y' || fa.app_id=1)";
- return entityManager.createQuery(query, Integer.class)
- .setParameter("userId", userId).getResultList();
- }
-
- public ExternalRequestFieldsValidator setAppWithUserRoleStateForUser(FnUser user,
- AppWithRolesForUser newAppRolesForUser) {
- boolean result = false;
- boolean epRequestValue = false;
- String userId = "";
- String reqMessage = "";
- if (newAppRolesForUser != null && newAppRolesForUser.getOrgUserId() != null) {
- userId = newAppRolesForUser.getOrgUserId().trim();
- }
- Long appId = newAppRolesForUser.getAppId();
- List<RoleInAppForUser> roleInAppForUserList = newAppRolesForUser.getAppRoles();
-
- if (userId.length() > 0) {
- ObjectMapper mapper = new ObjectMapper();
- mapper.configure(DeserializationFeature.FAIL_ON_UNKNOWN_PROPERTIES, false);
-
- try {
- FnApp app = fnAppService.getById(appId);
-
- boolean checkIfUserisApplicationAccAdmin = isAccountAdminOfApplication(user.getId(),
- app);
- Set<EcompRole> rolesGotDeletedFromApprover = new TreeSet<>();
-
- boolean checkIfUserIsOnlyRoleAdmin =
- isRoleAdmin(user.getId()) && !checkIfUserisApplicationAccAdmin;
- if (checkIfUserIsOnlyRoleAdmin) {
- for (RoleInAppForUser roleInAppForUser : roleInAppForUserList) {
- if (!roleInAppForUser.getIsApplied()) {
- EcompRole ecompRole = new EcompRole();
- ecompRole.setId(roleInAppForUser.getRoleId());
- ecompRole.setName(roleInAppForUser.getRoleName());
- rolesGotDeletedFromApprover.add(ecompRole);
+ public boolean isUser(final long userId) {
+ try {
+ FnUser currentUser = fnUserService.getUser(userId).orElseThrow(Exception::new);
+ if (currentUser != null && currentUser.getId() != null) {
+ for (FnUserRole userApp : currentUser.getUserApps()) {
+ if (!userApp.getFnAppId().getId().equals(ECOMP_APP_ID)) {
+ FnRole role = userApp.getRoleId();
+ if (!role.getId().equals(SYS_ADMIN_ROLE_ID) && !role.getId()
+ .equals(ACCOUNT_ADMIN_ROLE_ID)) {
+ if (role.getActiveYn()) {
+ return true;
+ }
+ }
+ }
+ }
}
- }
+ } catch (Exception e) {
+ EPLogUtil.logEcompError(logger, EPAppMessagesEnum.BeDaoSystemError, e);
+ logger.error(EELFLoggerDelegate.errorLogger, "Exception occurred while executing isUser operation",
+ e);
}
+ return false;
+ }
- applyChangesToUserAppRolesForMyLoginsRequest(user, appId);
-
- boolean systemUser = newAppRolesForUser.isSystemUser();
-
- if ((app.getAuthCentral() || app.getId().equals(PortalConstants.PORTAL_APP_ID))
- && systemUser) {
-
- Set<EcompRole> userRolesInLocalApp = postUsersRolesToLocalApp(roleInAppForUserList);
- RolesInAppForUser rolesInAppForUser = constructRolesInAppForUserUpdate(userId, appId,
- userRolesInLocalApp);
- List<RoleInAppForUser> roleAppUserList = rolesInAppForUser.getRoles();
- Set<EcompRole> rolesGotDeletedByApprover = new TreeSet<>();
- if (EcompPortalUtils.checkIfRemoteCentralAccessAllowed()) {
- // Apply changes in external Access system
-
- updateUserRolesInExternalSystem(app, rolesInAppForUser.getOrgUserId(),
- roleAppUserList,
- epRequestValue, systemUser, rolesGotDeletedByApprover, false);
- }
- result = applyChangesInUserRolesForAppToEcompDB(rolesInAppForUser, epRequestValue,
- "Portal",
- systemUser, rolesGotDeletedByApprover, false);
-
- } else if (!app.getAuthCentral() && systemUser) {
- throw new Exception("For non-centralized application we cannot add systemUser");
- } else { // if centralized app
- if (app.getAuthCentral()) {
- if (!app.getId().equals(PortalConstants.PORTAL_APP_ID)) {
- pushRemoteUser(roleInAppForUserList, userId, app, mapper,
- applicationsRestClientService, false);
+ public boolean isRoleAdmin(Long userId) {
+ try {
+ logger.debug(EELFLoggerDelegate.debugLogger, "Checking if user has isRoleAdmin access");
+ List getRoleFuncListOfUser = fnUserRoleService.getRoleFunctionsOfUserforAlltheApplications(userId);
+ logger.debug(EELFLoggerDelegate.debugLogger,
+ "Checking if user has isRoleAdmin access :: getRoleFuncListOfUser", getRoleFuncListOfUser);
+ Set<String> getRoleFuncListOfPortalSet = new HashSet<>(getRoleFuncListOfUser);
+ Set<String> getRoleFuncListOfPortalSet1 = new HashSet<>();
+ Set<String> roleFunSet;
+ roleFunSet = getRoleFuncListOfPortalSet.stream().filter(x -> x.contains("|"))
+ .collect(Collectors.toSet());
+ if (!roleFunSet.isEmpty()) {
+ for (String roleFunction : roleFunSet) {
+ String type = externalAccessRolesService.getFunctionCodeType(roleFunction);
+ getRoleFuncListOfPortalSet1.add(type);
+ }
}
- Set<EcompRole> userRolesInLocalApp = postUsersRolesToLocalApp(
- roleInAppForUserList);
- RolesInAppForUser rolesInAppForUser = constructRolesInAppForUserUpdate(userId,
- appId,
- userRolesInLocalApp);
- List<RoleInAppForUser> roleAppUserList = rolesInAppForUser.getRoles();
- if (EcompPortalUtils.checkIfRemoteCentralAccessAllowed()) {
+ boolean checkIfFunctionsExits = getRoleFuncListOfPortalSet1.stream()
+ .anyMatch(roleFunction -> roleFunction.equalsIgnoreCase("Approver"));
+ logger.debug(EELFLoggerDelegate.debugLogger, "Checking if user has approver rolefunction",
+ checkIfFunctionsExits);
- // Apply changes in external Access system
- updateUserRolesInExternalSystem(app, rolesInAppForUser.getOrgUserId(),
- roleAppUserList,
- epRequestValue, false, rolesGotDeletedFromApprover,
- checkIfUserIsOnlyRoleAdmin);
- }
- result = applyChangesInUserRolesForAppToEcompDB(rolesInAppForUser,
- epRequestValue, "Portal", systemUser, rolesGotDeletedFromApprover,
- checkIfUserIsOnlyRoleAdmin);
- }
- // In case if portal is not centralized then follow existing approach
- else if (!app.getAuthCentral() && app.getId()
- .equals(PortalConstants.PORTAL_APP_ID)) {
- Set<EcompRole> userRolesInLocalApp = postUsersRolesToLocalApp(
- roleInAppForUserList);
- RolesInAppForUser rolesInAppForUser = constructRolesInAppForUserUpdate(userId,
- appId,
- userRolesInLocalApp);
- Set<EcompRole> rolesGotDeletedByApprover = new TreeSet<>();
- result = applyChangesInUserRolesForAppToEcompDB(rolesInAppForUser,
- epRequestValue, "Portal", false, rolesGotDeletedByApprover, false);
- } else {// remote app
- FnUser remoteAppUser;
- if (!app.getAuthCentral() && !app.getId()
- .equals(PortalConstants.PORTAL_APP_ID)) {
-
- remoteAppUser = checkIfRemoteUserExits(userId, app,
- applicationsRestClientService);
-
- if (remoteAppUser == null) {
- addRemoteUser(roleInAppForUserList, userId, app,
- mapper, applicationsRestClientService);
- }
- Set<EcompRole> userRolesInRemoteApp = postUsersRolesToRemoteApp(
- roleInAppForUserList, mapper,
- applicationsRestClientService, appId, userId);
- RolesInAppForUser rolesInAppForUser = constructRolesInAppForUserUpdate(
- userId, appId,
- userRolesInRemoteApp);
- Set<EcompRole> rolesGotDeletedByApprover = new TreeSet<>();
- result = applyChangesInUserRolesForAppToEcompDB(rolesInAppForUser,
- epRequestValue, null, false, rolesGotDeletedByApprover, false);
-
- // If no roles remain, request app to set user inactive.
- if (userRolesInRemoteApp.size() == 0) {
- logger.debug(EELFLoggerDelegate.debugLogger,
- "setAppWithUserRoleStateForUser: no roles in app {}, set user {} to inactive",
- app,
- userId);
- postUserToRemoteApp(userId, app,
- applicationsRestClientService);
- }
- }
- }
+ return checkIfFunctionsExits;
+
+ } catch (Exception e) {
+ EPLogUtil.logEcompError(logger, EPAppMessagesEnum.BeDaoSystemError, e);
+ logger.error(EELFLoggerDelegate.errorLogger,
+ "Exception occurred while executing isRoleAdmin operation",
+ e);
}
- } catch (Exception e) {
- String message = String.format(
- "Failed to create user or update user roles for User %s, AppId %s",
- userId, Long.toString(appId));
- logger.error(EELFLoggerDelegate.errorLogger, message, e);
- result = false;
- reqMessage = e.getMessage();
- }
+ return false;
}
- //return result;
- return new ExternalRequestFieldsValidator(result, reqMessage);
- }
+ private boolean isAccountAdminOfApplication(Long userId, FnApp app) {
+ boolean isApplicationAccountAdmin = false;
+ try {
+ logger.debug(EELFLoggerDelegate.debugLogger, ADMIN_ACCOUNT, userId);
+ List<Integer> userAdminApps = getAdminAppsForTheUser(userId);
+ if (!userAdminApps.isEmpty()) {
+ isApplicationAccountAdmin = userAdminApps.contains(app.getId());
+ logger.debug(EELFLoggerDelegate.debugLogger, "Is account admin for user is true{} ,appId {}", userId,
+ app.getId());
+ }
+ } catch (Exception e) {
+ EPLogUtil.logEcompError(logger, EPAppMessagesEnum.BeDaoSystemError, e);
+ logger.error(EELFLoggerDelegate.errorLogger,
+ "Exception occurred while executing isAccountAdminOfApplication operation", e);
+ }
+ logger.debug(EELFLoggerDelegate.debugLogger,
+ "In AdminRolesServiceImpl() - isAccountAdminOfApplication = {} and userId ={} ", isApplicationAccountAdmin,
+ userId);
+ return isApplicationAccountAdmin;
- private void pushRemoteUser(List<RoleInAppForUser> roleInAppForUserList, String userId, FnApp app,
- ObjectMapper mapper, ApplicationsRestClientService applicationsRestClientService, boolean appRoleIdUsed)
- throws Exception {
- pushUserOnRemoteApp(userId, app, applicationsRestClientService, mapper,
- roleInAppForUserList, appRoleIdUsed);
- }
+ }
+ private List<Integer> getAdminAppsForTheUser(final Long userId) {
+ String query = "select fa.app_id from fn_user_role ur,fn_app fa where ur.user_id =:userId and ur.app_id=fa.app_id and ur.role_id= 999 and (fa.enabled = 'Y' || fa.app_id=1)";
+ return entityManager.createQuery(query, Integer.class)
+ .setParameter("userId", userId).getResultList();
+ }
- private void postUserToRemoteApp(String userId, FnApp app,
- ApplicationsRestClientService applicationsRestClientService) throws HTTPException {
+ public ExternalRequestFieldsValidator setAppWithUserRoleStateForUser(FnUser user,
+ AppWithRolesForUser newAppRolesForUser) {
+ boolean result = false;
+ boolean epRequestValue = false;
+ String userId = "";
+ String reqMessage = "";
+ if (newAppRolesForUser != null && newAppRolesForUser.getOrgUserId() != null) {
+ userId = newAppRolesForUser.getOrgUserId().trim();
+ }
+ Long appId = newAppRolesForUser.getAppId();
+ List<RoleInAppForUser> roleInAppForUserList = newAppRolesForUser.getAppRoles();
- getUser(userId, app, applicationsRestClientService);
+ if (userId.length() > 0) {
+ ObjectMapper mapper = new ObjectMapper();
+ mapper.configure(DeserializationFeature.FAIL_ON_UNKNOWN_PROPERTIES, false);
- }
+ try {
+ FnApp app = fnAppService.getById(appId);
+
+ boolean checkIfUserisApplicationAccAdmin = isAccountAdminOfApplication(user.getId(),
+ app);
+ Set<EcompRole> rolesGotDeletedFromApprover = new TreeSet<>();
+
+ boolean checkIfUserIsOnlyRoleAdmin =
+ isRoleAdmin(user.getId()) && !checkIfUserisApplicationAccAdmin;
+ if (checkIfUserIsOnlyRoleAdmin) {
+ for (RoleInAppForUser roleInAppForUser : roleInAppForUserList) {
+ if (!roleInAppForUser.getIsApplied()) {
+ EcompRole ecompRole = new EcompRole();
+ ecompRole.setId(roleInAppForUser.getRoleId());
+ ecompRole.setName(roleInAppForUser.getRoleName());
+ rolesGotDeletedFromApprover.add(ecompRole);
+ }
+ }
+ }
- private FnUser getUser(String userId, FnApp app, ApplicationsRestClientService applicationsRestClientService)
- throws HTTPException {
- return applicationsRestClientService.get(FnUser.class, app.getId(), String.format("/user/%s", userId), true);
+ applyChangesToUserAppRolesForMyLoginsRequest(user, appId);
- }
+ boolean systemUser = newAppRolesForUser.isSystemUser();
- private void pushUserOnRemoteApp(String userId, FnApp app,
- ApplicationsRestClientService applicationsRestClientService,
- ObjectMapper mapper, List<RoleInAppForUser> roleInAppForUserList, boolean appRoleIdUsed)
- throws Exception {
+ if ((app.getAuthCentral() || app.getId().equals(PortalConstants.PORTAL_APP_ID))
+ && systemUser) {
- FnUser client;
- client = fnUserService.loadUserByUsername(userId);
+ Set<EcompRole> userRolesInLocalApp = postUsersRolesToLocalApp(roleInAppForUserList);
+ RolesInAppForUser rolesInAppForUser = constructRolesInAppForUserUpdate(userId, appId,
+ userRolesInLocalApp);
+ List<RoleInAppForUser> roleAppUserList = rolesInAppForUser.getRoles();
+ Set<EcompRole> rolesGotDeletedByApprover = new TreeSet<>();
+ if (EcompPortalUtils.checkIfRemoteCentralAccessAllowed()) {
+ // Apply changes in external Access system
- mapper.configure(DeserializationFeature.FAIL_ON_UNKNOWN_PROPERTIES, false);
- if (client == null) {
- String msg = "cannot create user " + userId + ", because he/she cannot be found in directory.";
- logger.error(EELFLoggerDelegate.errorLogger, msg);
- List<FnUser> userList = fnUserService.getUserWithOrgUserId(userId);
- if (!userList.isEmpty()) {
- logger.debug(EELFLoggerDelegate.debugLogger,
- userList.get(0).getOrgUserId() + " User was found in Portal");
- client = userList.get(0);
- client.setUserApps(Collections.EMPTY_SET);
- client.setIsSystemUser(false);
- } else {
- logger.error(EELFLoggerDelegate.errorLogger, "user cannot be found be in directory or in portal");
- throw new Exception(msg);
- }
+ updateUserRolesInExternalSystem(app, rolesInAppForUser.getOrgUserId(),
+ roleAppUserList,
+ epRequestValue, systemUser, rolesGotDeletedByApprover, false);
+ }
+ result = applyChangesInUserRolesForAppToEcompDB(rolesInAppForUser, epRequestValue,
+ "Portal",
+ systemUser, rolesGotDeletedByApprover, false);
+
+ } else if (!app.getAuthCentral() && systemUser) {
+ throw new Exception("For non-centralized application we cannot add systemUser");
+ } else { // if centralized app
+ if (app.getAuthCentral()) {
+ if (!app.getId().equals(PortalConstants.PORTAL_APP_ID)) {
+ pushRemoteUser(roleInAppForUserList, userId, app, mapper,
+ applicationsRestClientService, false);
+ }
+
+ Set<EcompRole> userRolesInLocalApp = postUsersRolesToLocalApp(
+ roleInAppForUserList);
+ RolesInAppForUser rolesInAppForUser = constructRolesInAppForUserUpdate(userId,
+ appId,
+ userRolesInLocalApp);
+ List<RoleInAppForUser> roleAppUserList = rolesInAppForUser.getRoles();
+ if (EcompPortalUtils.checkIfRemoteCentralAccessAllowed()) {
+
+ // Apply changes in external Access system
+ updateUserRolesInExternalSystem(app, rolesInAppForUser.getOrgUserId(),
+ roleAppUserList,
+ epRequestValue, false, rolesGotDeletedFromApprover,
+ checkIfUserIsOnlyRoleAdmin);
+ }
+ result = applyChangesInUserRolesForAppToEcompDB(rolesInAppForUser,
+ epRequestValue, "Portal", systemUser, rolesGotDeletedFromApprover,
+ checkIfUserIsOnlyRoleAdmin);
+ }
+ // In case if portal is not centralized then follow existing approach
+ else if (!app.getAuthCentral() && app.getId()
+ .equals(PortalConstants.PORTAL_APP_ID)) {
+ Set<EcompRole> userRolesInLocalApp = postUsersRolesToLocalApp(
+ roleInAppForUserList);
+ RolesInAppForUser rolesInAppForUser = constructRolesInAppForUserUpdate(userId,
+ appId,
+ userRolesInLocalApp);
+ Set<EcompRole> rolesGotDeletedByApprover = new TreeSet<>();
+ result = applyChangesInUserRolesForAppToEcompDB(rolesInAppForUser,
+ epRequestValue, "Portal", false, rolesGotDeletedByApprover, false);
+ } else {// remote app
+ FnUser remoteAppUser;
+ if (!app.getAuthCentral() && !app.getId()
+ .equals(PortalConstants.PORTAL_APP_ID)) {
+
+ remoteAppUser = checkIfRemoteUserExits(userId, app,
+ applicationsRestClientService);
+
+ if (remoteAppUser == null) {
+ addRemoteUser(roleInAppForUserList, userId, app,
+ mapper, applicationsRestClientService);
+ }
+ Set<EcompRole> userRolesInRemoteApp = postUsersRolesToRemoteApp(
+ roleInAppForUserList, mapper,
+ applicationsRestClientService, appId, userId);
+ RolesInAppForUser rolesInAppForUser = constructRolesInAppForUserUpdate(
+ userId, appId,
+ userRolesInRemoteApp);
+ Set<EcompRole> rolesGotDeletedByApprover = new TreeSet<>();
+ result = applyChangesInUserRolesForAppToEcompDB(rolesInAppForUser,
+ epRequestValue, null, false, rolesGotDeletedByApprover, false);
+
+ // If no roles remain, request app to set user inactive.
+ if (userRolesInRemoteApp.size() == 0) {
+ logger.debug(EELFLoggerDelegate.debugLogger,
+ "setAppWithUserRoleStateForUser: no roles in app {}, set user {} to inactive",
+ app,
+ userId);
+ postUserToRemoteApp(userId, app,
+ applicationsRestClientService);
+ }
+ }
+ }
+ }
+ } catch (Exception e) {
+ String message = String.format(
+ "Failed to create user or update user roles for User %s, AppId %s",
+ userId, Long.toString(appId));
+ logger.error(EELFLoggerDelegate.errorLogger, message, e);
+ result = false;
+ reqMessage = e.getMessage();
+ }
+ }
+ return new ExternalRequestFieldsValidator(result, reqMessage);
}
- client.setLoginId(userId);
- client.setActiveYn(true);
- client.setOrgUserId(userId);
+ private void pushRemoteUser(List<RoleInAppForUser> roleInAppForUserList, String userId, FnApp app,
+ ObjectMapper mapper, ApplicationsRestClientService applicationsRestClientService, boolean appRoleIdUsed)
+ throws Exception {
+ pushUserOnRemoteApp(userId, app, applicationsRestClientService, mapper,
+ roleInAppForUserList, appRoleIdUsed);
+ }
- roleInAppForUserList.removeIf(role -> role.getIsApplied().equals(false));
- SortedSet<Role> roles = new TreeSet<>();
- List<FnRole> getAppRoles = fnRoleService.getAppRoles(app.getId());
- List<FnApp> appList = new ArrayList<>();
- appList.add(app);
- List<CentralV2Role> roleList = new ArrayList<>();
+ private void postUserToRemoteApp(String userId, FnApp app,
+ ApplicationsRestClientService applicationsRestClientService) throws HTTPException {
- List<FnRole> userRoles = new ArrayList<>();
+ getUser(userId, app, applicationsRestClientService);
- for (RoleInAppForUser roleInappForUser : roleInAppForUserList) {
- FnRole role = new FnRole();
- role.setId(roleInappForUser.getRoleId());
- role.setRoleName(roleInappForUser.getRoleName());
- userRoles.add(role);
}
- if (appRoleIdUsed) {
- List<FnRole> userAppRoles = new ArrayList<>();
- for (FnRole role : userRoles) {
- FnRole appRole = getAppRoles.stream()
- .filter(applicationRole -> role.getId().equals(applicationRole.getAppRoleId())).findAny()
- .orElse(null);
- FnRole epRole = new FnRole();
- if (appRole != null) {
- epRole.setId(appRole.getId());
- epRole.setRoleName(appRole.getRoleName());
- }
- userAppRoles.add(epRole);
- }
- userRoles = new ArrayList<>(userAppRoles);
- }
- roleList = externalAccessRolesService.createCentralRoleObject(appList, userRoles, roleList);
-
- for (CentralV2Role epRole : roleList) {
- Role role = new Role();
- FnRole appRole = getAppRoles.stream()
- .filter(applicationRole -> epRole.getId().equals(applicationRole.getId())).findAny().orElse(null);
- if (appRole != null) {
- role.setId(appRole.getAppRoleId());
- role.setRoleName(epRole.getName());
- role.setFnRoleFunctions(epRole.getRoleFunctions());
- }
- roles.add(role);
- }
- client.setRoles(roles.stream().map(this::roleToFnRole).collect(Collectors.toSet()));
- String userInString;
- userInString = mapper.writerFor(FnUser.class).writeValueAsString(client);
- logger.debug(EELFLoggerDelegate.debugLogger,
- "about to post a client to remote application, users json = " + userInString);
- applicationsRestClientService.post(FnUser.class, app.getId(), userInString, String.format("/user/%s", userId));
- }
-
- private FnRole roleToFnRole(Role role) {
- return FnRole.builder()
- .id(role.getId())
- .roleName(role.getRoleName())
- .activeYn(role.getActiveYn())
- .priority(role.getPriority())
- .fnRoleFunctions(role.getFnRoleFunctions())
- .childRoles(role.getChildRoles())
- .parentRoles(role.getParentRoles())
- .build();
- }
-
- private Set<EcompRole> postUsersRolesToRemoteApp(List<RoleInAppForUser> roleInAppForUserList, ObjectMapper mapper,
- ApplicationsRestClientService applicationsRestClientService, Long appId, String userId)
- throws JsonProcessingException, HTTPException {
- Set<EcompRole> updatedUserRolesinRemote = constructUsersRemoteAppRoles(roleInAppForUserList);
- Set<EcompRole> updateUserRolesInEcomp = constructUsersEcompRoles(roleInAppForUserList);
- String userRolesAsString = mapper.writeValueAsString(updatedUserRolesinRemote);
- FnApp externalApp;
- externalApp = appsCacheService.getApp(appId);
- String appBaseUri = null;
- Set<RemoteRoleV1> updatedUserRolesinRemoteV1 = new TreeSet<>();
- if (externalApp != null) {
- appBaseUri = externalApp.getAppRestEndpoint();
- }
- if (appBaseUri != null && appBaseUri.endsWith("/api")) {
- for (EcompRole eprole : updatedUserRolesinRemote) {
- RemoteRoleV1 role = new RemoteRoleV1();
- role.setId(eprole.getId());
- role.setName(eprole.getName());
- updatedUserRolesinRemoteV1.add(role);
- }
- userRolesAsString = mapper.writeValueAsString(updatedUserRolesinRemoteV1);
- }
- applicationsRestClientService.post(EcompRole.class, appId, userRolesAsString,
- String.format("/user/%s/roles", userId));
- return updateUserRolesInEcomp;
- }
-
- private void addRemoteUser(List<RoleInAppForUser> roleInAppForUserList, String userId, FnApp app,
- ObjectMapper mapper, ApplicationsRestClientService applicationsRestClientService) throws Exception {
- if (remoteUserShouldBeCreated(roleInAppForUserList)) {
- createNewUserOnRemoteApp(userId, app, applicationsRestClientService, mapper);
+ private FnUser getUser(String userId, FnApp app, ApplicationsRestClientService applicationsRestClientService)
+ throws HTTPException {
+ return applicationsRestClientService.get(FnUser.class, app.getId(), String.format("/user/%s", userId), true);
+
}
- }
- private void createNewUserOnRemoteApp(String userId, FnApp app,
- ApplicationsRestClientService applicationsRestClientService, ObjectMapper mapper)
- throws Exception {
+ private void pushUserOnRemoteApp(String userId, FnApp app,
+ ApplicationsRestClientService applicationsRestClientService,
+ ObjectMapper mapper, List<RoleInAppForUser> roleInAppForUserList, boolean appRoleIdUsed)
+ throws Exception {
- FnUser client = fnUserService.loadUserByUsername(userId);
+ FnUser client;
+ client = fnUserService.loadUserByUsername(userId);
- mapper.configure(DeserializationFeature.FAIL_ON_UNKNOWN_PROPERTIES, false);
+ mapper.configure(DeserializationFeature.FAIL_ON_UNKNOWN_PROPERTIES, false);
+ if (client == null) {
+ String msg = "cannot create user " + userId + ", because he/she cannot be found in directory.";
+ logger.error(EELFLoggerDelegate.errorLogger, msg);
+ List<FnUser> userList = fnUserService.getUserWithOrgUserId(userId);
+ if (!userList.isEmpty()) {
+ logger.debug(EELFLoggerDelegate.debugLogger,
+ userList.get(0).getOrgUserId() + " User was found in Portal");
+ client = userList.get(0);
+ client.setUserApps(Collections.EMPTY_SET);
+ client.setIsSystemUser(false);
+ } else {
+ logger.error(EELFLoggerDelegate.errorLogger, "user cannot be found be in directory or in portal");
+ throw new Exception(msg);
+ }
- if (client == null) {
- String msg = "cannot create user " + userId + ", because he/she cannot be found in phonebook.";
- logger.error(EELFLoggerDelegate.errorLogger, msg);
- throw new Exception(msg);
- }
+ }
- client.setLoginId(userId);
- client.setActiveYn(true);
+ client.setLoginId(userId);
+ client.setActiveYn(true);
+ client.setOrgUserId(userId);
- String userInString;
- userInString = mapper.writerFor(FnUser.class).writeValueAsString(client);
- logger.debug(EELFLoggerDelegate.debugLogger,
- "about to post new client to remote application, users json = " + userInString);
- applicationsRestClientService.post(FnUser.class, app.getId(), userInString, String.format("/user", userId));
+ roleInAppForUserList.removeIf(role -> role.getIsApplied().equals(false));
+ SortedSet<Role> roles = new TreeSet<>();
- }
+ List<FnRole> getAppRoles = fnRoleService.getAppRoles(app.getId());
+ List<FnApp> appList = new ArrayList<>();
+ appList.add(app);
+ List<CentralV2Role> roleList = new ArrayList<>();
- private boolean remoteUserShouldBeCreated(List<RoleInAppForUser> roleInAppForUserList) {
- for (RoleInAppForUser roleInAppForUser : roleInAppForUserList) {
- if (roleInAppForUser.getIsApplied()) {
- return true;
- }
- }
- return false;
- }
-
- private Set<EcompRole> constructUsersRemoteAppRoles(List<RoleInAppForUser> roleInAppForUserList) {
- Set<EcompRole> existingUserRoles = new TreeSet<>();
- for (RoleInAppForUser roleInAppForUser : roleInAppForUserList) {
- if (roleInAppForUser.getIsApplied() && !roleInAppForUser.getRoleId()
- .equals(PortalConstants.ACCOUNT_ADMIN_ROLE_ID)) {
- EcompRole ecompRole = new EcompRole();
- ecompRole.setId(roleInAppForUser.getRoleId());
- ecompRole.setName(roleInAppForUser.getRoleName());
- existingUserRoles.add(ecompRole);
- }
- }
- return existingUserRoles;
- }
-
- private void applyChangesToUserAppRolesForMyLoginsRequest(FnUser user, Long appId) {
- List<EpUserRolesRequest> epRequestIdVal;
- try {
- epRequestIdVal = epUserRolesRequestService.userAppRolesRequestList(user.getId(), appId);
- if (epRequestIdVal.size() > 0) {
- EpUserRolesRequest epAppRolesRequestData = epRequestIdVal.get(0);
- epAppRolesRequestData.setUpdatedDate(LocalDateTime.now());
- epAppRolesRequestData.setRequestStatus("O");
- epAppRolesRequestData.setUserId(user);
- epUserRolesRequestService.saveOne(epAppRolesRequestData);
- List<EpUserRolesRequestDet> epUserAppRolesDetailList = epUserRolesRequestDetService
- .appRolesRequestDetailList(epAppRolesRequestData.getReqId());
- if (epUserAppRolesDetailList.size() > 0) {
- for (EpUserRolesRequestDet epRequestUpdateList : epUserAppRolesDetailList) {
- epRequestUpdateList.setRequestType("O");
- epRequestUpdateList.setReqId(epAppRolesRequestData);
- epRequestUpdateList.setReqId(epAppRolesRequestData);
- epUserRolesRequestDetService.saveOne(epRequestUpdateList);
- }
- logger.debug(EELFLoggerDelegate.debugLogger,
- "User App roles request from User Page is overridden");
+ List<FnRole> userRoles = new ArrayList<>();
+
+ for (RoleInAppForUser roleInappForUser : roleInAppForUserList) {
+ FnRole role = new FnRole();
+ role.setId(roleInappForUser.getRoleId());
+ role.setRoleName(roleInappForUser.getRoleName());
+ userRoles.add(role);
}
- }
- } catch (Exception e) {
- logger.error(EELFLoggerDelegate.errorLogger, "applyChangesToUserAppRolesRequest failed", e);
- }
- }
-
- private Set<EcompRole> postUsersRolesToLocalApp(List<RoleInAppForUser> roleInAppForUserList) {
- return constructUsersEcompRoles(roleInAppForUserList);
- }
-
- private Set<EcompRole> constructUsersEcompRoles(List<RoleInAppForUser> roleInAppForUserList) {
- Set<EcompRole> existingUserRoles = new TreeSet<>();
- for (RoleInAppForUser roleInAppForUser : roleInAppForUserList) {
- if (roleInAppForUser.getIsApplied()) {
- EcompRole ecompRole = new EcompRole();
- ecompRole.setId(roleInAppForUser.getRoleId());
- ecompRole.setName(roleInAppForUser.getRoleName());
- existingUserRoles.add(ecompRole);
- }
- }
- return existingUserRoles;
- }
-
- public RolesInAppForUser constructRolesInAppForUserUpdate(String userId, Long appId,
- Set<EcompRole> userRolesInRemoteApp) {
- RolesInAppForUser result;
- result = new RolesInAppForUser();
- result.setAppId(appId);
- result.setOrgUserId(userId);
-
- for (EcompRole role : userRolesInRemoteApp) {
- RoleInAppForUser roleInAppForUser = new RoleInAppForUser();
- roleInAppForUser.setRoleId(role.getId());
- roleInAppForUser.setRoleName(role.getName());
- roleInAppForUser.setIsApplied(true);
- result.getRoles().add(roleInAppForUser);
- }
- return result;
- }
-
- private void updateUserRolesInExternalSystem(FnApp app, String orgUserId, List<RoleInAppForUser> roleInAppUser,
- boolean isPortalRequest, boolean isSystemUser, Set<EcompRole> deletedRolesByApprover,
- boolean isLoggedInUserRoleAdminofApp) throws Exception {
- try {
- List<FnUser> userInfo = checkIfUserExists(orgUserId);
- if (userInfo.isEmpty()) {
- createLocalUserIfNecessary(orgUserId, isSystemUser);
- }
- String name;
- if (EPCommonSystemProperties
- .containsProperty(EPCommonSystemProperties.EXTERNAL_CENTRAL_ACCESS_USER_DOMAIN)
- && !isSystemUser) {
- name = orgUserId
- + SystemProperties
- .getProperty(EPCommonSystemProperties.EXTERNAL_CENTRAL_ACCESS_USER_DOMAIN);
- } else {
- name = orgUserId;
- }
- ObjectMapper mapper = new ObjectMapper();
- HttpHeaders headers = EcompPortalUtils.base64encodeKeyForAAFBasicAuth();
- HttpEntity<String> getUserRolesEntity = new HttpEntity<>(headers);
- ResponseEntity<String> getResponse = externalAccessRolesService
- .getUserRolesFromExtAuthSystem(name, getUserRolesEntity);
-
- List<ExternalAccessUserRoleDetail> userRoleDetailList = new ArrayList<>();
- String res = getResponse.getBody();
- JSONObject jsonObj;
- JSONArray extRoles = null;
- if (!res.equals("{}")) {
- jsonObj = new JSONObject(res);
- extRoles = jsonObj.getJSONArray("role");
- }
- ExternalAccessUserRoleDetail userRoleDetail;
- if (extRoles != null) {
- for (int i = 0; i < extRoles.length(); i++) {
- if (extRoles.getJSONObject(i).getString("name").startsWith(app.getAuthNamespace() + ".")
- && !extRoles.getJSONObject(i).getString("name")
- .equals(app.getAuthNamespace() + ".admin")
- && !extRoles.getJSONObject(i).getString("name")
- .equals(app.getAuthNamespace() + ".owner")) {
- if (extRoles.getJSONObject(i).has("description")) {
- ExternalRoleDescription desc = new ExternalRoleDescription(
- extRoles.getJSONObject(i).getString("description"));
- userRoleDetail = new ExternalAccessUserRoleDetail(
- extRoles.getJSONObject(i).getString("name"), desc);
- userRoleDetailList.add(userRoleDetail);
- } else {
- userRoleDetail = new ExternalAccessUserRoleDetail(
- extRoles.getJSONObject(i).getString("name"), null);
- userRoleDetailList.add(userRoleDetail);
+ if (appRoleIdUsed) {
+ List<FnRole> userAppRoles = new ArrayList<>();
+ for (FnRole role : userRoles) {
+ FnRole appRole = getAppRoles.stream()
+ .filter(applicationRole -> role.getId().equals(applicationRole.getAppRoleId())).findAny()
+ .orElse(null);
+ FnRole epRole = new FnRole();
+ if (appRole != null) {
+ epRole.setId(appRole.getId());
+ epRole.setRoleName(appRole.getRoleName());
+ }
+ userAppRoles.add(epRole);
}
-
- }
+ userRoles = new ArrayList<>(userAppRoles);
}
- }
-
- List<ExternalAccessUserRoleDetail> userRoleListMatchingInExtAuthAndLocal = checkIfRoleAreMatchingInUserRoleDetailList(
- userRoleDetailList, app);
-
- List<EcompUserAppRoles> userAppList;
- // If request coming from portal not from external role approval system then we have to check if user already
- // have account admin or system admin as GUI will not send these roles
- if (!isPortalRequest) {
- FnUser user = fnUserService.getUserWithOrgUserId(orgUserId).get(0);
- userAppList = ecompUserAppRolesService.getUserAppExistingRoles(app.getId(), user.getId());
- if (!roleInAppUser.isEmpty()) {
- for (EcompUserAppRoles userApp : userAppList) {
- if (userApp.getRoleId().equals(PortalConstants.SYS_ADMIN_ROLE_ID)
- || userApp.getRoleId()
- .equals(PortalConstants.ACCOUNT_ADMIN_ROLE_ID)) {
- RoleInAppForUser addSpecialRole = new RoleInAppForUser();
- addSpecialRole.setIsApplied(true);
- addSpecialRole.setRoleId(userApp.getRoleId());
- addSpecialRole.setRoleName(userApp.getRoleName());
- roleInAppUser.add(addSpecialRole);
+ roleList = externalAccessRolesService.createCentralRoleObject(appList, userRoles, roleList);
+
+ for (CentralV2Role epRole : roleList) {
+ Role role = new Role();
+ FnRole appRole = getAppRoles.stream()
+ .filter(applicationRole -> epRole.getId().equals(applicationRole.getId())).findAny().orElse(null);
+ if (appRole != null) {
+ role.setId(appRole.getAppRoleId());
+ role.setRoleName(epRole.getName());
+ role.setFnRoleFunctions(epRole.getRoleFunctions());
}
- }
+ roles.add(role);
}
- }
- List<RoleInAppForUser> roleInAppUserNonDupls = roleInAppUser.stream().distinct()
- .collect(Collectors.toList());
- Map<String, RoleInAppForUser> currentUserRolesToUpdate = new HashMap<>();
- for (RoleInAppForUser roleInAppUserNew : roleInAppUserNonDupls) {
- currentUserRolesToUpdate.put(roleInAppUserNew.getRoleName()
- .replaceAll(EcompPortalUtils.EXTERNAL_CENTRAL_AUTH_ROLE_HANDLE_SPECIAL_CHARACTERS,
- "_"), roleInAppUserNew);
- }
- final Map<String, ExternalAccessUserRoleDetail> currentUserRolesInExternalSystem = new HashMap<>();
- for (ExternalAccessUserRoleDetail extAccessUserRole : userRoleListMatchingInExtAuthAndLocal) {
- currentUserRolesInExternalSystem.put(extAccessUserRole.getName(), extAccessUserRole);
- }
-
- if (isLoggedInUserRoleAdminofApp) {
- if (deletedRolesByApprover.size() > 0) {
- List<ExternalAccessUserRoleDetail> newUpdatedRoles = new ArrayList<>();
- for (ExternalAccessUserRoleDetail userRole : userRoleListMatchingInExtAuthAndLocal) {
- for (EcompRole role : deletedRolesByApprover) {
- if ((userRole.getName().substring(app.getAuthNamespace().length() + 1))
- .equals(role.getName())) {
- newUpdatedRoles.add(userRole);
- }
- }
- }
- if (newUpdatedRoles.size() > 0) {
- userRoleListMatchingInExtAuthAndLocal = new ArrayList<>(newUpdatedRoles);
- } else {
- userRoleListMatchingInExtAuthAndLocal = new ArrayList<>();
- currentUserRolesToUpdate = new HashMap<>();
-
- }
+ client.setRoles(roles.stream().map(this::roleToFnRole).collect(Collectors.toSet()));
+ String userInString;
+ userInString = mapper.writerFor(FnUser.class).writeValueAsString(client);
+ logger.debug(EELFLoggerDelegate.debugLogger,
+ "about to post a client to remote application, users json = " + userInString);
+ applicationsRestClientService.post(FnUser.class, app.getId(), userInString, String.format("/user/%s", userId));
+ }
- } else {
- userRoleListMatchingInExtAuthAndLocal = new ArrayList<>();
- currentUserRolesToUpdate = new HashMap<>();
+ private FnRole roleToFnRole(Role role) {
+ return FnRole.builder()
+ .id(role.getId())
+ .roleName(role.getRoleName())
+ .activeYn(role.getActiveYn())
+ .priority(role.getPriority())
+ .fnRoleFunctions(role.getFnRoleFunctions())
+ .childRoles(role.getChildRoles())
+ .parentRoles(role.getParentRoles())
+ .build();
+ }
+ private Set<EcompRole> postUsersRolesToRemoteApp(List<RoleInAppForUser> roleInAppForUserList, ObjectMapper mapper,
+ ApplicationsRestClientService applicationsRestClientService, Long appId, String userId)
+ throws JsonProcessingException, HTTPException {
+ Set<EcompRole> updatedUserRolesinRemote = constructUsersRemoteAppRoles(roleInAppForUserList);
+ Set<EcompRole> updateUserRolesInEcomp = constructUsersEcompRoles(roleInAppForUserList);
+ String userRolesAsString = mapper.writeValueAsString(updatedUserRolesinRemote);
+ FnApp externalApp;
+ externalApp = appsCacheService.getApp(appId);
+ String appBaseUri = null;
+ Set<RemoteRoleV1> updatedUserRolesinRemoteV1 = new TreeSet<>();
+ if (externalApp != null) {
+ appBaseUri = externalApp.getAppRestEndpoint();
}
- }
-
- // Check if user roles does not exists in local but still there in External Central Auth System delete them all
- for (ExternalAccessUserRoleDetail userRole : userRoleListMatchingInExtAuthAndLocal) {
- if (!(currentUserRolesToUpdate
- .containsKey(userRole.getName().substring(app.getAuthNamespace().length() + 1)))) {
- HttpEntity<String> entity = new HttpEntity<>(headers);
- logger.debug(EELFLoggerDelegate.debugLogger,
- "updateUserRolesInExternalSystem: Connecting to external system to DELETE user role {}",
- userRole.getName());
- ResponseEntity<String> deleteResponse = template.exchange(
- SystemProperties
- .getProperty(EPCommonSystemProperties.EXTERNAL_CENTRAL_ACCESS_URL)
- + "userRole/" + name + "/" + userRole.getName(),
- HttpMethod.DELETE, entity, String.class);
- logger.debug(EELFLoggerDelegate.debugLogger,
- "updateUserRolesInExternalSystem: Finished DELETE operation in external system for user role {} and the response is {}",
- userRole.getName(), deleteResponse.getBody());
- }
- }
- // Check if user roles does not exists in External Central Auth System add them all
- for (RoleInAppForUser addUserRole : roleInAppUserNonDupls) {
- if (!(currentUserRolesInExternalSystem
- .containsKey(app.getAuthNamespace() + "." + addUserRole.getRoleName().replaceAll(
- EcompPortalUtils.EXTERNAL_CENTRAL_AUTH_ROLE_HANDLE_SPECIAL_CHARACTERS,
- "_")))) {
- ExternalAccessUser extUser = new ExternalAccessUser(name,
- app.getAuthNamespace() + "." + addUserRole.getRoleName().replaceAll(
- EcompPortalUtils.EXTERNAL_CENTRAL_AUTH_ROLE_HANDLE_SPECIAL_CHARACTERS,
- "_"));
- String formattedUserRole = mapper.writeValueAsString(extUser);
- HttpEntity<String> entity = new HttpEntity<>(formattedUserRole, headers);
- logger.debug(EELFLoggerDelegate.debugLogger,
- "updateUserRolesInExternalSystem: Connecting to external system for user {} and POST {}",
- name, addUserRole.getRoleName());
- ResponseEntity<String> addResponse = template
- .exchange(SystemProperties
- .getProperty(EPCommonSystemProperties.EXTERNAL_CENTRAL_ACCESS_URL)
- + "userRole", HttpMethod.POST, entity, String.class);
- logger.debug(EELFLoggerDelegate.debugLogger,
- "updateUserRolesInExternalSystem: Finished adding user role in external system {} and added user role {}",
- addResponse.getBody(), addUserRole.getRoleName());
- if (addResponse.getStatusCode().value() != 201
- && addResponse.getStatusCode().value() != 404) {
- logger.debug(EELFLoggerDelegate.debugLogger,
- "Finished POST operation in external system but unable to save user role",
- addResponse.getBody(),
- addUserRole.getRoleName());
- throw new Exception(addResponse.getBody());
- }
+ if (appBaseUri != null && appBaseUri.endsWith("/api")) {
+ for (EcompRole eprole : updatedUserRolesinRemote) {
+ RemoteRoleV1 role = new RemoteRoleV1();
+ role.setId(eprole.getId());
+ role.setName(eprole.getName());
+ updatedUserRolesinRemoteV1.add(role);
+ }
+ userRolesAsString = mapper.writeValueAsString(updatedUserRolesinRemoteV1);
}
- }
- } catch (HttpClientErrorException e) {
- logger.error(EELFLoggerDelegate.errorLogger,
- "updateUserRolesInExternalSystem: Failed to add user role for application {} due to {}",
- app.getId(), e);
- if (e.getStatusCode() == HttpStatus.FORBIDDEN) {
- logger.error(EELFLoggerDelegate.errorLogger, "Please enter the valid systemUser",
- orgUserId);
- throw new HttpClientErrorException(HttpStatus.FORBIDDEN,
- "Please enter the valid systemUser");
- }
- if (e.getStatusCode() == HttpStatus.NOT_FOUND) {
- logger.error(EELFLoggerDelegate.errorLogger, "Please enter the valid role");
- throw new HttpClientErrorException(HttpStatus.NOT_FOUND, "Please enter the valid role");
- }
- EPLogUtil.logExternalAuthAccessAlarm(logger, HttpStatus.BAD_REQUEST);
- throw e;
- } catch (Exception e) {
- logger.error(EELFLoggerDelegate.errorLogger,
- "updateUserRolesInExternalSystem: Failed to add user role for application {} due to {}",
- app.getId(), e);
- EPLogUtil.logExternalAuthAccessAlarm(logger, HttpStatus.BAD_REQUEST);
- throw e;
- }
- }
-
- private List<ExternalAccessUserRoleDetail> checkIfRoleAreMatchingInUserRoleDetailList(
- List<ExternalAccessUserRoleDetail> userRoleDetailList, FnApp app) {
- Map<String, FnRole> epRoleList = externalAccessRolesService.getAppRoleNamesWithUnderscoreMap(app);
- //Add Account Admin role for partner app to prevent conflict
- if (!PortalConstants.PORTAL_APP_ID.equals(app.getId())) {
- FnRole role = new FnRole();
- role.setRoleName(PortalConstants.ADMIN_ROLE
- .replaceAll(EcompPortalUtils.EXTERNAL_CENTRAL_AUTH_ROLE_HANDLE_SPECIAL_CHARACTERS, "_"));
- epRoleList.put(role.getRoleName(), role);
+ applicationsRestClientService.post(EcompRole.class, appId, userRolesAsString,
+ String.format("/user/%s/roles", userId));
+ return updateUserRolesInEcomp;
}
- userRoleDetailList.removeIf(
- userRoleDetail -> !epRoleList
- .containsKey(userRoleDetail.getName().substring(app.getAuthNamespace().length() + 1)));
- return userRoleDetailList;
- }
-
- private List<FnUser> checkIfUserExists(String userParams) {
- return fnUserService.getUserWithOrgUserId(userParams);
- }
-
- @Transactional
- private void createLocalUserIfNecessary(String userId, boolean isSystemUser) {
- if (StringUtils.isEmpty(userId)) {
- logger.error(EELFLoggerDelegate.errorLogger, "createLocalUserIfNecessary : empty userId!");
- return;
- }
- try {
- List<FnUser> userList = fnUserService.getUserWithOrgUserId(userId);
- if (userList.size() == 0) {
- FnUser client;
- if (!isSystemUser) {
- client = fnUserService.loadUserByUsername(userId);
- } else {
- client = new FnUser();
- client.setOrgUserId(userId);
- client.setIsSystemUser(true);
- client.setFirstName(userId.substring(0, userId.indexOf("@")));
+
+ private void addRemoteUser(List<RoleInAppForUser> roleInAppForUserList, String userId, FnApp app,
+ ObjectMapper mapper, ApplicationsRestClientService applicationsRestClientService) throws Exception {
+ if (remoteUserShouldBeCreated(roleInAppForUserList)) {
+ createNewUserOnRemoteApp(userId, app, applicationsRestClientService, mapper);
}
+ }
+
+ private void createNewUserOnRemoteApp(String userId, FnApp app,
+ ApplicationsRestClientService applicationsRestClientService, ObjectMapper mapper)
+ throws Exception {
+
+ FnUser client = fnUserService.loadUserByUsername(userId);
+
+ mapper.configure(DeserializationFeature.FAIL_ON_UNKNOWN_PROPERTIES, false);
+
if (client == null) {
- String msg = "createLocalUserIfNecessary: cannot create user " + userId
- + ", because not found in phonebook";
- logger.error(EELFLoggerDelegate.errorLogger, msg);
- } else {
- client.setLoginId(userId);
- client.setActiveYn(true);
+ String msg = "cannot create user " + userId + ", because he/she cannot be found in phonebook.";
+ logger.error(EELFLoggerDelegate.errorLogger, msg);
+ throw new Exception(msg);
}
- fnUserService.saveFnUser(client);
- }
- } catch (Exception e) {
- EPLogUtil.logEcompError(logger, EPAppMessagesEnum.BeDaoSystemError, e);
- }
- }
+ client.setLoginId(userId);
+ client.setActiveYn(true);
- private FnUser checkIfRemoteUserExits(String userId, FnApp app,
- ApplicationsRestClientService applicationsRestClientService) throws HTTPException {
- FnUser checkRemoteUser = null;
- try {
- checkRemoteUser = getUserFromApp(userId, app, applicationsRestClientService);
- } catch (HTTPException e) {
- // Some apps are returning 400 if user is not found.
- if (e.getResponseCode() == 400) {
- logger.debug(EELFLoggerDelegate.debugLogger,
- "setAppWithUserRoleStateForUser: getuserFromApp threw exception with response code 400; continuing",
- e);
- } else if (e.getResponseCode() == 404) {
+ String userInString;
+ userInString = mapper.writerFor(FnUser.class).writeValueAsString(client);
logger.debug(EELFLoggerDelegate.debugLogger,
- "setAppWithUserRoleStateForUser: getuserFromApp threw exception with response code 404; continuing",
- e);
- } else {
- // Other response code, let it come thru.
- throw e;
- }
- }
- return checkRemoteUser;
- }
-
- private FnUser getUserFromApp(String userId, FnApp app, ApplicationsRestClientService applicationsRestClientService)
- throws HTTPException {
- if (PortalConstants.PORTAL_APP_ID.equals(app.getId())) {
- List<FnUser> userList = fnUserService.getUserWithOrgUserId(userId);
- if (userList != null && !userList.isEmpty()) {
- return userList.get(0);
- } else {
- return null;
- }
+ "about to post new client to remote application, users json = " + userInString);
+ applicationsRestClientService.post(FnUser.class, app.getId(), userInString, String.format("/user", userId));
+
}
- return getUser(userId, app, applicationsRestClientService);
- }
-
- private boolean applyChangesInUserRolesForAppToEcompDB(RolesInAppForUser rolesInAppForUser,
- boolean externalSystemRequest, String reqType, boolean isSystemUser,
- Set<EcompRole> rolesDeletedByApprover, boolean isLoggedInUserRoleAdminOfApp) throws Exception {
- boolean result = false;
- String userId = rolesInAppForUser.getOrgUserId();
- Long appId = rolesInAppForUser.getAppId();
- synchronized (syncRests) {
- createLocalUserIfNecessary(userId, isSystemUser);
-
- EcompRole[] userAppRoles = new EcompRole[(int) rolesInAppForUser.getRoles().stream().distinct().count()];
- for (int i = 0;
- i < rolesInAppForUser.getRoles().stream().distinct().count(); i++) {
- RoleInAppForUser roleInAppForUser = rolesInAppForUser.getRoles().get(i);
- EcompRole role = new EcompRole();
- role.setId(roleInAppForUser.getRoleId());
- role.setName(roleInAppForUser.getRoleName());
- userAppRoles[i] = role;
- }
- try {
- EcompRole[] applicationRoles = null;
-
- if (isLoggedInUserRoleAdminOfApp) {
- List<EcompRole> roles = Arrays.stream(userAppRoles)
- .collect(Collectors.toList());
- List<EcompRole> roles1 = new ArrayList<>(rolesDeletedByApprover);
- roles.addAll(roles1);
- applicationRoles = roles.toArray(new EcompRole[0]);
- }
- syncUserRoles(userId, appId, userAppRoles, externalSystemRequest,
- reqType, isLoggedInUserRoleAdminOfApp, applicationRoles);
- result = true;
- } catch (Exception e) {
- logger.error(EELFLoggerDelegate.errorLogger,
- "applyChangesInUserRolesForAppToEcompDB: failed to syncUserRoles for orgUserId "
- + userId, e);
- if ("DELETE".equals(reqType)) {
- throw new Exception(e.getMessage());
+ private boolean remoteUserShouldBeCreated(List<RoleInAppForUser> roleInAppForUserList) {
+ for (RoleInAppForUser roleInAppForUser : roleInAppForUserList) {
+ if (roleInAppForUser.getIsApplied()) {
+ return true;
+ }
}
- }
- }
- return result;
- }
-
- private void syncUserRoles(String userId, Long appId,
- EcompRole[] userAppRoles, Boolean extRequestValue, String reqType, boolean checkIfUserisRoleAdmin,
- EcompRole[] appRoles) throws Exception {
-
- Transaction transaction = null;
- String roleActive;
- HashMap<Long, EcompRole> newUserAppRolesMap = hashMapFromEcompRoles(userAppRoles);
- List<FnRole> roleInfo = externalAccessRolesService
- .getPortalAppRoleInfo(PortalConstants.ACCOUNT_ADMIN_ROLE_ID);
- FnRole adminRole = new FnRole();
- if (roleInfo.size() > 0) {
- adminRole = roleInfo.get(0);
- logger.debug(EELFLoggerDelegate.debugLogger, "Admin RoleName form DB: " + adminRole.getRoleName());
+ return false;
}
- try {
- List<FnUser> userList = fnUserService.getUserWithOrgUserId(userId);
- if (userList.size() > 0) {
- FnUser client = userList.get(0);
- roleActive = ("DELETE".equals(reqType)) ? "" : " and role.active = 'Y'";
- List<FnUserRole> userRoles = fnUserRoleService.retrieveByAppIdAndUserId(appId, userId);
- entityManager
- .createQuery("from EPUserApp where app.id=:appId and userId=:userId" + roleActive)
- .setParameter("appId", appId)
- .setParameter("userId", client.getId())
- .getResultList();
-
- if ("DELETE".equals(reqType)) {
- for (FnUserRole userAppRoleList : userRoles) {
- List<FnRole> rolesList =
- (!userAppRoleList.getRoleId().getRoleName()
- .equals(adminRole.getRoleName()))
- ? fnRoleService.retrieveAppRolesByRoleNameAndByAppId
- (userAppRoleList.getRoleId().getRoleName(), appId)
- : fnRoleService.retrieveAppRolesWhereAppIdIsNull();
- if (!rolesList.isEmpty()) {
- checkIfRoleInactive(rolesList.get(0));
+
+ private Set<EcompRole> constructUsersRemoteAppRoles(List<RoleInAppForUser> roleInAppForUserList) {
+ Set<EcompRole> existingUserRoles = new TreeSet<>();
+ for (RoleInAppForUser roleInAppForUser : roleInAppForUserList) {
+ if (roleInAppForUser.getIsApplied() && !roleInAppForUser.getRoleId()
+ .equals(PortalConstants.ACCOUNT_ADMIN_ROLE_ID)) {
+ EcompRole ecompRole = new EcompRole();
+ ecompRole.setId(roleInAppForUser.getRoleId());
+ ecompRole.setName(roleInAppForUser.getRoleName());
+ existingUserRoles.add(ecompRole);
}
- }
}
+ return existingUserRoles;
+ }
- if (appRoles != null) {
- List<EcompRole> appRolesList = Arrays.stream(appRoles).collect(Collectors.toList());
- List<FnUserRole> finalUserRolesList = new ArrayList<>();
- if (checkIfUserisRoleAdmin) {
- for (EcompRole role : appRolesList) {
- for (FnUserRole userAppRoleList : userRoles) {
- if (userAppRoleList.getRoleId().getRoleName()
- .equals(role.getName())) {
- finalUserRolesList.add(userAppRoleList);
+ private void applyChangesToUserAppRolesForMyLoginsRequest(FnUser user, Long appId) {
+ List<EpUserRolesRequest> epRequestIdVal;
+ try {
+ epRequestIdVal = epUserRolesRequestService.userAppRolesRequestList(user.getId(), appId);
+ if (epRequestIdVal.size() > 0) {
+ EpUserRolesRequest epAppRolesRequestData = epRequestIdVal.get(0);
+ epAppRolesRequestData.setUpdatedDate(LocalDateTime.now());
+ epAppRolesRequestData.setRequestStatus("O");
+ epAppRolesRequestData.setUserId(user);
+ epUserRolesRequestService.saveOne(epAppRolesRequestData);
+ List<EpUserRolesRequestDet> epUserAppRolesDetailList = epUserRolesRequestDetService
+ .appRolesRequestDetailList(epAppRolesRequestData.getReqId());
+ if (epUserAppRolesDetailList.size() > 0) {
+ for (EpUserRolesRequestDet epRequestUpdateList : epUserAppRolesDetailList) {
+ epRequestUpdateList.setRequestType("O");
+ epRequestUpdateList.setReqId(epAppRolesRequestData);
+ epRequestUpdateList.setReqId(epAppRolesRequestData);
+ epUserRolesRequestDetService.saveOne(epRequestUpdateList);
+ }
+ logger.debug(EELFLoggerDelegate.debugLogger,
+ "User App roles request from User Page is overridden");
}
+ }
- }
+ } catch (Exception e) {
+ logger.error(EELFLoggerDelegate.errorLogger, "applyChangesToUserAppRolesRequest failed", e);
+ }
+ }
+
+ private Set<EcompRole> postUsersRolesToLocalApp(List<RoleInAppForUser> roleInAppForUserList) {
+ return constructUsersEcompRoles(roleInAppForUserList);
+ }
+
+ private Set<EcompRole> constructUsersEcompRoles(List<RoleInAppForUser> roleInAppForUserList) {
+ Set<EcompRole> existingUserRoles = new TreeSet<>();
+ for (RoleInAppForUser roleInAppForUser : roleInAppForUserList) {
+ if (roleInAppForUser.getIsApplied()) {
+ EcompRole ecompRole = new EcompRole();
+ ecompRole.setId(roleInAppForUser.getRoleId());
+ ecompRole.setName(roleInAppForUser.getRoleName());
+ existingUserRoles.add(ecompRole);
}
- userRoles = new ArrayList<>(finalUserRolesList);
- }
}
+ return existingUserRoles;
+ }
- for (FnUserRole userRole : userRoles) {
- if (!PortalConstants.ACCOUNT_ADMIN_ROLE_ID.equals(userRole.getRoleId().getId())
- && !PortalConstants.SYS_ADMIN_ROLE_ID
- .equals(userRole.getRoleId().getId())
- && !extRequestValue) {
- syncUserRolesExtension(userRole, appId,
- newUserAppRolesMap);
- } else if (extRequestValue && ("PUT".equals(reqType) || "POST".equals(reqType)
- || "DELETE".equals(reqType))) {
- syncUserRolesExtension(userRole, appId,
- newUserAppRolesMap);
- } else if (extRequestValue && !PortalConstants.ACCOUNT_ADMIN_ROLE_ID
- .equals(userRole.getRoleId().getId())) {
- syncUserRolesExtension(userRole, appId,
- newUserAppRolesMap);
- }
+ public RolesInAppForUser constructRolesInAppForUserUpdate(String userId, Long appId,
+ Set<EcompRole> userRolesInRemoteApp) {
+ RolesInAppForUser result;
+ result = new RolesInAppForUser();
+ result.setAppId(appId);
+ result.setOrgUserId(userId);
+
+ for (EcompRole role : userRolesInRemoteApp) {
+ RoleInAppForUser roleInAppForUser = new RoleInAppForUser();
+ roleInAppForUser.setRoleId(role.getId());
+ roleInAppForUser.setRoleName(role.getName());
+ roleInAppForUser.setIsApplied(true);
+ result.getRoles().add(roleInAppForUser);
}
+ return result;
+ }
+
+ private void updateUserRolesInExternalSystem(FnApp app, String orgUserId, List<RoleInAppForUser> roleInAppUser,
+ boolean isPortalRequest, boolean isSystemUser, Set<EcompRole> deletedRolesByApprover,
+ boolean isLoggedInUserRoleAdminofApp) throws Exception {
+ try {
+ List<FnUser> userInfo = checkIfUserExists(orgUserId);
+ if (userInfo.isEmpty()) {
+ createLocalUserIfNecessary(orgUserId, isSystemUser);
+ }
+ String name;
+ if (EPCommonSystemProperties
+ .containsProperty(EPCommonSystemProperties.EXTERNAL_CENTRAL_ACCESS_USER_DOMAIN)
+ && !isSystemUser) {
+ name = orgUserId
+ + SystemProperties
+ .getProperty(EPCommonSystemProperties.EXTERNAL_CENTRAL_ACCESS_USER_DOMAIN);
+ } else {
+ name = orgUserId;
+ }
+ ObjectMapper mapper = new ObjectMapper();
+ HttpHeaders headers = EcompPortalUtils.base64encodeKeyForAAFBasicAuth();
+ HttpEntity<String> getUserRolesEntity = new HttpEntity<>(headers);
+ ResponseEntity<String> getResponse = externalAccessRolesService
+ .getUserRolesFromExtAuthSystem(name, getUserRolesEntity);
+
+ List<ExternalAccessUserRoleDetail> userRoleDetailList = new ArrayList<>();
+ String res = getResponse.getBody();
+ JSONObject jsonObj;
+ JSONArray extRoles = null;
+ if (!res.equals("{}")) {
+ jsonObj = new JSONObject(res);
+ extRoles = jsonObj.getJSONArray("role");
+ }
+ ExternalAccessUserRoleDetail userRoleDetail;
+ if (extRoles != null) {
+ for (int i = 0; i < extRoles.length(); i++) {
+ if (extRoles.getJSONObject(i).getString("name").startsWith(app.getAuthNamespace() + ".")
+ && !extRoles.getJSONObject(i).getString("name")
+ .equals(app.getAuthNamespace() + ".admin")
+ && !extRoles.getJSONObject(i).getString("name")
+ .equals(app.getAuthNamespace() + ".owner")) {
+ if (extRoles.getJSONObject(i).has("description")) {
+ ExternalRoleDescription desc = new ExternalRoleDescription(
+ extRoles.getJSONObject(i).getString("description"));
+ userRoleDetail = new ExternalAccessUserRoleDetail(
+ extRoles.getJSONObject(i).getString("name"), desc);
+ userRoleDetailList.add(userRoleDetail);
+ } else {
+ userRoleDetail = new ExternalAccessUserRoleDetail(
+ extRoles.getJSONObject(i).getString("name"), null);
+ userRoleDetailList.add(userRoleDetail);
+ }
- Collection<EcompRole> newRolesToAdd = newUserAppRolesMap.values();
- if (newRolesToAdd.size() > 0) {
- FnApp app = fnAppService.getById(appId);
+ }
+ }
+ }
- HashMap<Long, FnRole> rolesMap = new HashMap<>();
- if (appId.equals(PortalConstants.PORTAL_APP_ID)) { // local app
- String appIdValue = "";
- if (!extRequestValue) {
- appIdValue = "and id != " + PortalConstants.SYS_ADMIN_ROLE_ID;
+ List<ExternalAccessUserRoleDetail> userRoleListMatchingInExtAuthAndLocal = checkIfRoleAreMatchingInUserRoleDetailList(
+ userRoleDetailList, app);
+
+ List<EcompUserAppRoles> userAppList;
+ // If request coming from portal not from external role approval system then we have to check if user already
+ // have account admin or system admin as GUI will not send these roles
+ if (!isPortalRequest) {
+ FnUser user = fnUserService.getUserWithOrgUserId(orgUserId).get(0);
+ userAppList = ecompUserAppRolesService.getUserAppExistingRoles(app.getId(), user.getId());
+ if (!roleInAppUser.isEmpty()) {
+ for (EcompUserAppRoles userApp : userAppList) {
+ if (userApp.getRoleId().equals(PortalConstants.SYS_ADMIN_ROLE_ID)
+ || userApp.getRoleId()
+ .equals(PortalConstants.ACCOUNT_ADMIN_ROLE_ID)) {
+ RoleInAppForUser addSpecialRole = new RoleInAppForUser();
+ addSpecialRole.setIsApplied(true);
+ addSpecialRole.setRoleId(userApp.getRoleId());
+ addSpecialRole.setRoleName(userApp.getRoleName());
+ roleInAppUser.add(addSpecialRole);
+ }
+ }
+ }
}
- @SuppressWarnings("unchecked")
- List<FnRole> roles = entityManager
- .createQuery(
- "from " + FnRole.class.getName() + " where appId is null "
- + appIdValue).getResultList();
- for (FnRole role : roles) {
- role.setAppId(1L);
- rolesMap.put(role.getId(), role);
+ List<RoleInAppForUser> roleInAppUserNonDupls = roleInAppUser.stream().distinct()
+ .collect(Collectors.toList());
+ Map<String, RoleInAppForUser> currentUserRolesToUpdate = new HashMap<>();
+ for (RoleInAppForUser roleInAppUserNew : roleInAppUserNonDupls) {
+ currentUserRolesToUpdate.put(roleInAppUserNew.getRoleName()
+ .replaceAll(EcompPortalUtils.EXTERNAL_CENTRAL_AUTH_ROLE_HANDLE_SPECIAL_CHARACTERS,
+ "_"), roleInAppUserNew);
}
- } else { // remote app
- @SuppressWarnings("unchecked")
- List<FnRole> roles = entityManager
- .createQuery("from EPRole where appId=:appId")
- .setParameter("appId", appId)
- .getResultList();
- for (FnRole role : roles) {
- if (!extRequestValue && app.getAuthCentral()) {
- rolesMap.put(role.getId(), role);
- } else {
- rolesMap.put(role.getAppRoleId(), role);
- }
+ final Map<String, ExternalAccessUserRoleDetail> currentUserRolesInExternalSystem = new HashMap<>();
+ for (ExternalAccessUserRoleDetail extAccessUserRole : userRoleListMatchingInExtAuthAndLocal) {
+ currentUserRolesInExternalSystem.put(extAccessUserRole.getName(), extAccessUserRole);
}
- }
-
- FnRole role;
- for (EcompRole userRole : newRolesToAdd) {
- FnUserRole userApp = new FnUserRole();
- if (("PUT".equals(reqType) || "POST".equals(reqType)) && userRole.getName()
- .equals(adminRole.getRoleName())) {
- role = fnRoleService.getById(PortalConstants.ACCOUNT_ADMIN_ROLE_ID);
- userApp.setRoleId(role);
- } else if ((userRole.getId().equals(PortalConstants.ACCOUNT_ADMIN_ROLE_ID))
- && !extRequestValue) {
- continue;
- } else if ((userRole.getId().equals(PortalConstants.SYS_ADMIN_ROLE_ID)) && app
- .getId().equals(PortalConstants.PORTAL_APP_ID) && !extRequestValue) {
- continue;
- } else {
- userApp.setRoleId(rolesMap.get(userRole.getId()));
+
+ if (isLoggedInUserRoleAdminofApp) {
+ if (deletedRolesByApprover.size() > 0) {
+ List<ExternalAccessUserRoleDetail> newUpdatedRoles = new ArrayList<>();
+ for (ExternalAccessUserRoleDetail userRole : userRoleListMatchingInExtAuthAndLocal) {
+ for (EcompRole role : deletedRolesByApprover) {
+ if ((userRole.getName().substring(app.getAuthNamespace().length() + 1))
+ .equals(role.getName())) {
+ newUpdatedRoles.add(userRole);
+ }
+ }
+ }
+ if (newUpdatedRoles.size() > 0) {
+ userRoleListMatchingInExtAuthAndLocal = new ArrayList<>(newUpdatedRoles);
+ } else {
+ userRoleListMatchingInExtAuthAndLocal = new ArrayList<>();
+ currentUserRolesToUpdate = new HashMap<>();
+
+ }
+
+ } else {
+ userRoleListMatchingInExtAuthAndLocal = new ArrayList<>();
+ currentUserRolesToUpdate = new HashMap<>();
+
+ }
}
- userApp.setUserId(client);
- userApp.setFnAppId(app);
- fnUserRoleService.saveOne(userApp);
- }
-
- if (PortalConstants.PORTAL_APP_ID.equals(appId)) {
- /*
- * for local app -- hack - always make sure fn_role
- * table's app_id is null and not 1 for primary app in
- * this case being onap portal app; reason: hibernate
- * is rightly setting this to 1 while persisting to
- * fn_role as per the mapping but SDK role management
- * code expects the app_id to be null as there is no
- * concept of App_id in SDK
- */
- Query query = entityManager.createQuery("update fn_role set app_id = null where app_id = 1 ");
- query.executeUpdate();
- }
+ // Check if user roles does not exists in local but still there in External Central Auth System delete them all
+ for (ExternalAccessUserRoleDetail userRole : userRoleListMatchingInExtAuthAndLocal) {
+ if (!(currentUserRolesToUpdate
+ .containsKey(userRole.getName().substring(app.getAuthNamespace().length() + 1)))) {
+ HttpEntity<String> entity = new HttpEntity<>(headers);
+ logger.debug(EELFLoggerDelegate.debugLogger,
+ "updateUserRolesInExternalSystem: Connecting to external system to DELETE user role {}",
+ userRole.getName());
+ ResponseEntity<String> deleteResponse = template.exchange(
+ SystemProperties
+ .getProperty(EPCommonSystemProperties.EXTERNAL_CENTRAL_ACCESS_URL)
+ + "userRole/" + name + "/" + userRole.getName(),
+ HttpMethod.DELETE, entity, String.class);
+ logger.debug(EELFLoggerDelegate.debugLogger,
+ "updateUserRolesInExternalSystem: Finished DELETE operation in external system for user role {} and the response is {}",
+ userRole.getName(), deleteResponse.getBody());
+ }
+ }
+ // Check if user roles does not exists in External Central Auth System add them all
+ for (RoleInAppForUser addUserRole : roleInAppUserNonDupls) {
+ if (!(currentUserRolesInExternalSystem
+ .containsKey(app.getAuthNamespace() + "." + addUserRole.getRoleName().replaceAll(
+ EcompPortalUtils.EXTERNAL_CENTRAL_AUTH_ROLE_HANDLE_SPECIAL_CHARACTERS,
+ "_")))) {
+ ExternalAccessUser extUser = new ExternalAccessUser(name,
+ app.getAuthNamespace() + "." + addUserRole.getRoleName().replaceAll(
+ EcompPortalUtils.EXTERNAL_CENTRAL_AUTH_ROLE_HANDLE_SPECIAL_CHARACTERS,
+ "_"));
+ String formattedUserRole = mapper.writeValueAsString(extUser);
+ HttpEntity<String> entity = new HttpEntity<>(formattedUserRole, headers);
+ logger.debug(EELFLoggerDelegate.debugLogger,
+ "updateUserRolesInExternalSystem: Connecting to external system for user {} and POST {}",
+ name, addUserRole.getRoleName());
+ ResponseEntity<String> addResponse = template
+ .exchange(SystemProperties
+ .getProperty(EPCommonSystemProperties.EXTERNAL_CENTRAL_ACCESS_URL)
+ + "userRole", HttpMethod.POST, entity, String.class);
+ logger.debug(EELFLoggerDelegate.debugLogger,
+ "updateUserRolesInExternalSystem: Finished adding user role in external system {} and added user role {}",
+ addResponse.getBody(), addUserRole.getRoleName());
+ if (addResponse.getStatusCode().value() != 201
+ && addResponse.getStatusCode().value() != 404) {
+ logger.debug(EELFLoggerDelegate.debugLogger,
+ "Finished POST operation in external system but unable to save user role",
+ addResponse.getBody(),
+ addUserRole.getRoleName());
+ throw new Exception(addResponse.getBody());
+ }
+ }
+ }
+ } catch (HttpClientErrorException e) {
+ logger.error(EELFLoggerDelegate.errorLogger,
+ "updateUserRolesInExternalSystem: Failed to add user role for application {} due to {}",
+ app.getId(), e);
+ if (e.getStatusCode() == HttpStatus.FORBIDDEN) {
+ logger.error(EELFLoggerDelegate.errorLogger, "Please enter the valid systemUser",
+ orgUserId);
+ throw new HttpClientErrorException(HttpStatus.FORBIDDEN,
+ "Please enter the valid systemUser");
+ }
+ if (e.getStatusCode() == HttpStatus.NOT_FOUND) {
+ logger.error(EELFLoggerDelegate.errorLogger, "Please enter the valid role");
+ throw new HttpClientErrorException(HttpStatus.NOT_FOUND, "Please enter the valid role");
+ }
+ EPLogUtil.logExternalAuthAccessAlarm(logger, HttpStatus.BAD_REQUEST);
+ throw e;
+ } catch (Exception e) {
+ logger.error(EELFLoggerDelegate.errorLogger,
+ "updateUserRolesInExternalSystem: Failed to add user role for application {} due to {}",
+ app.getId(), e);
+ EPLogUtil.logExternalAuthAccessAlarm(logger, HttpStatus.BAD_REQUEST);
+ throw e;
}
- }
- transaction.commit();
- } catch (Exception e) {
- logger.error(EELFLoggerDelegate.errorLogger, "syncUserRoles failed", e);
- EPLogUtil.logEcompError(logger, EPAppMessagesEnum.BeDaoSystemError, e);
- EcompPortalUtils.rollbackTransaction(transaction,
- "Exception occurred in syncUserRoles, Details: " + e.toString());
- if ("DELETE".equals(reqType)) {
- throw new SyncUserRolesException(e.getMessage());
- }
}
- }
-
- private static HashMap<Long, EcompRole> hashMapFromEcompRoles(EcompRole[] ecompRoles) {
- HashMap<Long, EcompRole> result = new HashMap<>();
- if (ecompRoles != null) {
- for (EcompRole ecompRole : ecompRoles) {
- if (ecompRole.getId() != null) {
- result.put(ecompRole.getId(), ecompRole);
+
+ private List<ExternalAccessUserRoleDetail> checkIfRoleAreMatchingInUserRoleDetailList(
+ List<ExternalAccessUserRoleDetail> userRoleDetailList, FnApp app) {
+ Map<String, FnRole> epRoleList = externalAccessRolesService.getAppRoleNamesWithUnderscoreMap(app);
+ //Add Account Admin role for partner app to prevent conflict
+ if (!PortalConstants.PORTAL_APP_ID.equals(app.getId())) {
+ FnRole role = new FnRole();
+ role.setRoleName(PortalConstants.ADMIN_ROLE
+ .replaceAll(EcompPortalUtils.EXTERNAL_CENTRAL_AUTH_ROLE_HANDLE_SPECIAL_CHARACTERS, "_"));
+ epRoleList.put(role.getRoleName(), role);
}
- }
+ userRoleDetailList.removeIf(
+ userRoleDetail -> !epRoleList
+ .containsKey(userRoleDetail.getName().substring(app.getAuthNamespace().length() + 1)));
+ return userRoleDetailList;
+ }
+
+ private List<FnUser> checkIfUserExists(String userParams) {
+ return fnUserService.getUserWithOrgUserId(userParams);
}
- return result;
- }
- private void syncUserRolesExtension(FnUserRole userRole, Long appId,
- HashMap<Long, EcompRole> newUserAppRolesMap) {
+ @Transactional
+ private void createLocalUserIfNecessary(String userId, boolean isSystemUser) {
+ if (StringUtils.isEmpty(userId)) {
+ logger.error(EELFLoggerDelegate.errorLogger, "createLocalUserIfNecessary : empty userId!");
+ return;
+ }
+ try {
+ List<FnUser> userList = fnUserService.getUserWithOrgUserId(userId);
+ if (userList.size() == 0) {
+ FnUser client;
+ if (!isSystemUser) {
+ client = fnUserService.loadUserByUsername(userId);
+ } else {
+ client = new FnUser();
+ client.setOrgUserId(userId);
+ client.setIsSystemUser(true);
+ client.setFirstName(userId.substring(0, userId.indexOf("@")));
+ }
+ if (client == null) {
+ String msg = "createLocalUserIfNecessary: cannot create user " + userId
+ + ", because not found in phonebook";
+ logger.error(EELFLoggerDelegate.errorLogger, msg);
+ } else {
+ client.setLoginId(userId);
+ client.setActiveYn(true);
+ }
+ fnUserService.saveFnUser(client);
+ }
+ } catch (Exception e) {
+ EPLogUtil.logEcompError(logger, EPAppMessagesEnum.BeDaoSystemError, e);
+ }
- Long userAppRoleId;
- if (PortalConstants.PORTAL_APP_ID.equals(appId)) { // local app
- userAppRoleId = userRole.getRoleId().getId();
- } else { // remote app
- userAppRoleId = userRole.getId();
}
- if (!newUserAppRolesMap.containsKey(userAppRoleId)) {
- fnUserRoleService.deleteById(userRole.getId());
- } else {
- newUserAppRolesMap.remove(userAppRoleId);
+ private FnUser checkIfRemoteUserExits(String userId, FnApp app,
+ ApplicationsRestClientService applicationsRestClientService) throws HTTPException {
+ FnUser checkRemoteUser = null;
+ try {
+ checkRemoteUser = getUserFromApp(userId, app, applicationsRestClientService);
+ } catch (HTTPException e) {
+ // Some apps are returning 400 if user is not found.
+ if (e.getResponseCode() == 400) {
+ logger.debug(EELFLoggerDelegate.debugLogger,
+ "setAppWithUserRoleStateForUser: getuserFromApp threw exception with response code 400; continuing",
+ e);
+ } else if (e.getResponseCode() == 404) {
+ logger.debug(EELFLoggerDelegate.debugLogger,
+ "setAppWithUserRoleStateForUser: getuserFromApp threw exception with response code 404; continuing",
+ e);
+ } else {
+ // Other response code, let it come thru.
+ throw e;
+ }
+ }
+ return checkRemoteUser;
}
- }
-
- private Role fnRoleToRole(final FnRole role) {
- return new Role(null, null, null, null, null, null, null, null, null, role.getRoleName(), null, role.getActiveYn(),
- role.getPriority(), role.getFnRoleFunctions(), role.getChildRoles(), role.getParentRoles());
- }
-
- @SuppressWarnings("unchecked")
- public List<RoleInAppForUser> getAppRolesForUser(Long appId, String orgUserId, Boolean extRequestValue, Long userId) {
- List<RoleInAppForUser> rolesInAppForUser = null;
- FnApp app = fnAppService.getById(appId);
- logger.debug(EELFLoggerDelegate.debugLogger, "In getAppRolesForUser() - app = {}", app);
- try {
- // for onap portal app, no need to make a remote call
- List<Role> roleList = new ArrayList<>();
- if (!PortalConstants.PORTAL_APP_ID.equals(appId)) {
- if (app.getAuthCentral()) {
- List<CentralV2Role> cenRoleList = externalAccessRolesService.getRolesForApp(app.getUebKey());
- for (CentralV2Role cenRole : cenRoleList) {
- Role role = new Role();
- role.setActiveYn(cenRole.isActive());
- role.setId(cenRole.getId());
- role.setRoleName(cenRole.getName());
- role.setPriority(cenRole.getPriority());
- roleList.add(role);
- }
- } else {
- Optional<FnUser> user = fnUserService.getUser(userId);
- if (user.isPresent()) {
- roleList = user.get().getFnRoles().stream().map(this::fnRoleToRole).collect(Collectors.toList());
- }
+
+ private FnUser getUserFromApp(String userId, FnApp app, ApplicationsRestClientService applicationsRestClientService)
+ throws HTTPException {
+ if (PortalConstants.PORTAL_APP_ID.equals(app.getId())) {
+ List<FnUser> userList = fnUserService.getUserWithOrgUserId(userId);
+ if (userList != null && !userList.isEmpty()) {
+ return userList.get(0);
+ } else {
+ return null;
+ }
}
- List<Role> activeRoleList = new ArrayList<>();
- for (Role role : roleList) {
- if (role.getActiveYn()) {
- if (role.getId() != 1) { // prevent portal admin from being added
- activeRoleList.add(role);
- } else if (extRequestValue) {
- activeRoleList.add(role);
+ return getUser(userId, app, applicationsRestClientService);
+ }
+
+ private boolean applyChangesInUserRolesForAppToEcompDB(RolesInAppForUser rolesInAppForUser,
+ boolean externalSystemRequest, String reqType, boolean isSystemUser,
+ Set<EcompRole> rolesDeletedByApprover, boolean isLoggedInUserRoleAdminOfApp) throws Exception {
+ boolean result = false;
+ String userId = rolesInAppForUser.getOrgUserId();
+ Long appId = rolesInAppForUser.getAppId();
+ synchronized (syncRests) {
+ createLocalUserIfNecessary(userId, isSystemUser);
+
+ EcompRole[] userAppRoles = new EcompRole[(int) rolesInAppForUser.getRoles().stream().distinct().count()];
+ for (int i = 0;
+ i < rolesInAppForUser.getRoles().stream().distinct().count(); i++) {
+ RoleInAppForUser roleInAppForUser = rolesInAppForUser.getRoles().get(i);
+ EcompRole role = new EcompRole();
+ role.setId(roleInAppForUser.getRoleId());
+ role.setName(roleInAppForUser.getRoleName());
+ userAppRoles[i] = role;
}
- }
+ try {
+ EcompRole[] applicationRoles = null;
+
+ if (isLoggedInUserRoleAdminOfApp) {
+ List<EcompRole> roles = Arrays.stream(userAppRoles)
+ .collect(Collectors.toList());
+ List<EcompRole> roles1 = new ArrayList<>(rolesDeletedByApprover);
+ roles.addAll(roles1);
+ applicationRoles = roles.toArray(new EcompRole[0]);
+ }
+ syncUserRoles(userId, appId, userAppRoles, externalSystemRequest,
+ reqType, isLoggedInUserRoleAdminOfApp, applicationRoles);
+ result = true;
+ } catch (Exception e) {
+ logger.error(EELFLoggerDelegate.errorLogger,
+ "applyChangesInUserRolesForAppToEcompDB: failed to syncUserRoles for orgUserId "
+ + userId, e);
+ if ("DELETE".equals(reqType)) {
+ throw new Exception(e.getMessage());
+ }
+ }
}
- FnUser localUser = getUserFromApp(Long.toString(userId), app, applicationsRestClientService);
- // If localUser does not exists return roles
- Set<FnRole> roleSet = null;
- FnRole[] roleSetList = null;
- if (localUser != null) {
- roleSet = localUser.getAppEPRoles(app);
- roleSetList = roleSet.toArray(new FnRole[0]);
+ return result;
+ }
+
+ private void syncUserRoles(String userId, Long appId,
+ EcompRole[] userAppRoles, Boolean extRequestValue, String reqType, boolean checkIfUserisRoleAdmin,
+ EcompRole[] appRoles) throws Exception {
+
+ Transaction transaction = null;
+ String roleActive;
+ HashMap<Long, EcompRole> newUserAppRolesMap = hashMapFromEcompRoles(userAppRoles);
+ List<FnRole> roleInfo = externalAccessRolesService
+ .getPortalAppRoleInfo(PortalConstants.ACCOUNT_ADMIN_ROLE_ID);
+ FnRole adminRole = new FnRole();
+ if (roleInfo.size() > 0) {
+ adminRole = roleInfo.get(0);
+ logger.debug(EELFLoggerDelegate.debugLogger, "Admin RoleName form DB: " + adminRole.getRoleName());
}
- rolesInAppForUser = fnUserRoleService
- .constructRolesInAppForUserGet(activeRoleList, roleSetList, extRequestValue);
- return rolesInAppForUser;
- }
-
- EcompRole[] appRoles = null;
- boolean checkIfUserIsApplicationAccAdmin = false;
- List<EcompRole> roles = new ArrayList<>();
- if (app.getAuthCentral()) {
- List<FnRole> applicationRoles = fnRoleService.retrieveActiveRolesOfApplication(app.getId());
- FnApp application = fnAppService.getById(appId);
- checkIfUserIsApplicationAccAdmin = isAccountAdminOfApplication(userId,
- application);
-
- List<FnRole> roleSetWithFunctioncds = new ArrayList<>();
- for (FnRole role : applicationRoles) {
- List<EpAppFunction> cenRoleFuncList = epAppFunctionService.getAppRoleFunctionList(role.getId(), app.getId());
- for (EpAppFunction roleFunc : cenRoleFuncList) {
-
- String functionCode = EcompPortalUtils.getFunctionCode(roleFunc.getFunctionCd());
- functionCode = EPUserUtils.decodeFunctionCode(functionCode);
- String type = externalAccessRolesService.getFunctionCodeType(roleFunc.getFunctionCd());
- String action = externalAccessRolesService.getFunctionCodeAction(roleFunc.getFunctionCd());
- String name = roleFunc.getFunctionName();
-
- FnFunction function = new FnFunction();
- function.setAction(action);
- function.setType(type);
- function.setCode(functionCode);
- function.setName(name);
- role.getFnRoleFunctions().add(new FnRoleFunction(role, function));
-
- }
- roleSetWithFunctioncds.add(role);
+ try {
+ List<FnUser> userList = fnUserService.getUserWithOrgUserId(userId);
+ if (userList.size() > 0) {
+ FnUser client = userList.get(0);
+ roleActive = ("DELETE".equals(reqType)) ? "" : " and role.active = 'Y'";
+ List<FnUserRole> userRoles = fnUserRoleService.retrieveByAppIdAndUserId(appId, userId);
+ entityManager
+ .createQuery("from EPUserApp where app.id=:appId and userId=:userId" + roleActive)
+ .setParameter("appId", appId)
+ .setParameter("userId", client.getId())
+ .getResultList();
+
+ if ("DELETE".equals(reqType)) {
+ for (FnUserRole userAppRoleList : userRoles) {
+ List<FnRole> rolesList =
+ (!userAppRoleList.getRoleId().getRoleName()
+ .equals(adminRole.getRoleName()))
+ ? fnRoleService.retrieveAppRolesByRoleNameAndByAppId
+ (userAppRoleList.getRoleId().getRoleName(), appId)
+ : fnRoleService.retrieveAppRolesWhereAppIdIsNull();
+ if (!rolesList.isEmpty()) {
+ checkIfRoleInactive(rolesList.get(0));
+ }
+ }
+ }
+
+ if (appRoles != null) {
+ List<EcompRole> appRolesList = Arrays.stream(appRoles).collect(Collectors.toList());
+ List<FnUserRole> finalUserRolesList = new ArrayList<>();
+ if (checkIfUserisRoleAdmin) {
+ for (EcompRole role : appRolesList) {
+ for (FnUserRole userAppRoleList : userRoles) {
+ if (userAppRoleList.getRoleId().getRoleName()
+ .equals(role.getName())) {
+ finalUserRolesList.add(userAppRoleList);
+ }
+
+ }
+ }
+ userRoles = new ArrayList<>(finalUserRolesList);
+ }
+ }
+ for (FnUserRole userRole : userRoles) {
+ if (!PortalConstants.ACCOUNT_ADMIN_ROLE_ID.equals(userRole.getRoleId().getId())
+ && !PortalConstants.SYS_ADMIN_ROLE_ID
+ .equals(userRole.getRoleId().getId())
+ && !extRequestValue) {
+ syncUserRolesExtension(userRole, appId,
+ newUserAppRolesMap);
+ } else if (extRequestValue && ("PUT".equals(reqType) || "POST".equals(reqType)
+ || "DELETE".equals(reqType))) {
+ syncUserRolesExtension(userRole, appId,
+ newUserAppRolesMap);
+ } else if (extRequestValue && !PortalConstants.ACCOUNT_ADMIN_ROLE_ID
+ .equals(userRole.getRoleId().getId())) {
+ syncUserRolesExtension(userRole, appId,
+ newUserAppRolesMap);
+ }
+ }
- }
+ Collection<EcompRole> newRolesToAdd = newUserAppRolesMap.values();
+ if (newRolesToAdd.size() > 0) {
+ FnApp app = fnAppService.getById(appId);
+
+ HashMap<Long, FnRole> rolesMap = new HashMap<>();
+ if (appId.equals(PortalConstants.PORTAL_APP_ID)) { // local app
+ String appIdValue = "";
+ if (!extRequestValue) {
+ appIdValue = "and id != " + PortalConstants.SYS_ADMIN_ROLE_ID;
+ }
+ @SuppressWarnings("unchecked")
+ List<FnRole> roles = entityManager
+ .createQuery(
+ "from " + FnRole.class.getName() + " where appId is null "
+ + appIdValue).getResultList();
+ for (FnRole role : roles) {
+ role.setAppId(1L);
+ rolesMap.put(role.getId(), role);
+ }
+ } else { // remote app
+ @SuppressWarnings("unchecked")
+ List<FnRole> roles = entityManager
+ .createQuery("from EPRole where appId=:appId")
+ .setParameter("appId", appId)
+ .getResultList();
+ for (FnRole role : roles) {
+ if (!extRequestValue && app.getAuthCentral()) {
+ rolesMap.put(role.getId(), role);
+ } else {
+ rolesMap.put(role.getAppRoleId(), role);
+ }
+ }
+ }
- for (FnRole role1 : roleSetWithFunctioncds) {
- EcompRole ecompRole = new EcompRole();
- ecompRole.setId(role1.getId());
- ecompRole.setName(role1.getRoleName());
- ecompRole.setRoleFunctions(role1.getRoleFunctions());
- roles.add(ecompRole);
+ FnRole role;
+ for (EcompRole userRole : newRolesToAdd) {
+ FnUserRole userApp = new FnUserRole();
+ if (("PUT".equals(reqType) || "POST".equals(reqType)) && userRole.getName()
+ .equals(adminRole.getRoleName())) {
+ role = fnRoleService.getById(PortalConstants.ACCOUNT_ADMIN_ROLE_ID);
+ userApp.setRoleId(role);
+ } else if ((userRole.getId().equals(PortalConstants.ACCOUNT_ADMIN_ROLE_ID))
+ && !extRequestValue) {
+ continue;
+ } else if ((userRole.getId().equals(PortalConstants.SYS_ADMIN_ROLE_ID)) && app
+ .getId().equals(PortalConstants.PORTAL_APP_ID) && !extRequestValue) {
+ continue;
+ } else {
+ userApp.setRoleId(rolesMap.get(userRole.getId()));
+ }
+
+ userApp.setUserId(client);
+ userApp.setFnAppId(app);
+ fnUserRoleService.saveOne(userApp);
+ }
- }
- if (checkIfUserIsApplicationAccAdmin) {
- appRoles = roles.toArray(new EcompRole[roles.size()]);
- logger.debug(EELFLoggerDelegate.debugLogger,
- "In getAppRolesForUser() If Logged in user checkIfUserisApplicationAccAdmin- appRoles = {}", appRoles);
- } else if (isRoleAdmin(userId) && !checkIfUserIsApplicationAccAdmin) {
- List<EcompRole> roleAdminAppRoles = new ArrayList<>();
- List<String> roleAdminAppRolesNames = new ArrayList<>();
- String QUERY =
- "select distinct fr.role_name as roleName from fn_user_role fu, ep_app_role_function ep, ep_app_function ea, fn_role fr"
- + " where fu.role_id = ep.role_id"
- + " and fu.app_id = ep.app_id"
- + " and fu.user_id = :userId"
- + " and fu.role_id = fr.role_id and fr.active_yn='Y'"
- + " and ea.function_cd = ep.function_cd and ea.function_cd like 'approver|%'"
- + " and exists"
- + " ("
- + " select fa.app_id from fn_user fu, fn_user_role ur, fn_app fa where fu.user_id =:userId and fu.user_id = ur.user_id"
- + " and ur.app_id = fa.app_id and fa.enabled = 'Y')";
- List<Tuple> tuples = entityManager.createNativeQuery(QUERY, Tuple.class)
- .setParameter("userId", userId)
- .getResultList();
- List<String> getUserApproverRoles = tuples.stream().map(tuple -> (String) tuple.get("roleName"))
- .collect(Collectors.toList());
-
- List<EcompRole> userapproverRolesList = new ArrayList<>();
- for (String str : getUserApproverRoles) {
- EcompRole epRole = roles.stream().filter(x -> str.equals(x.getName())).findAny().orElse(null);
- if (epRole != null) {
- userapproverRolesList.add(epRole);
+ if (PortalConstants.PORTAL_APP_ID.equals(appId)) {
+ /*
+ * for local app -- hack - always make sure fn_role
+ * table's app_id is null and not 1 for primary app in
+ * this case being onap portal app; reason: hibernate
+ * is rightly setting this to 1 while persisting to
+ * fn_role as per the mapping but SDK role management
+ * code expects the app_id to be null as there is no
+ * concept of App_id in SDK
+ */
+ Query query = entityManager.createQuery("update fn_role set app_id = null where app_id = 1 ");
+ query.executeUpdate();
+ }
+ }
}
- }
- for (EcompRole role : userapproverRolesList) {
-
- List<RoleFunction> roleFunList = new ArrayList<>(role.getRoleFunctions());
- boolean checkIfFunctionsExits = roleFunList.stream()
- .anyMatch(roleFunction -> roleFunction.getType().equalsIgnoreCase("Approver"));
- if (checkIfFunctionsExits) {
- roleAdminAppRoles.add(role);
- List<RoleFunction> filteredList = roleFunList.stream()
- .filter(x -> "Approver".equalsIgnoreCase(x.getType())).collect(Collectors.toList());
- roleAdminAppRolesNames.addAll(filteredList.stream().map(RoleFunction::getCode)
- .collect(Collectors.toList()));
+ transaction.commit();
+ } catch (Exception e) {
+ logger.error(EELFLoggerDelegate.errorLogger, "syncUserRoles failed", e);
+ EPLogUtil.logEcompError(logger, EPAppMessagesEnum.BeDaoSystemError, e);
+ EcompPortalUtils.rollbackTransaction(transaction,
+ "Exception occurred in syncUserRoles, Details: " + e.toString());
+ if ("DELETE".equals(reqType)) {
+ throw new SyncUserRolesException(e.getMessage());
+ }
+ }
+ }
+
+ private static HashMap<Long, EcompRole> hashMapFromEcompRoles(EcompRole[] ecompRoles) {
+ HashMap<Long, EcompRole> result = new HashMap<>();
+ if (ecompRoles != null) {
+ for (EcompRole ecompRole : ecompRoles) {
+ if (ecompRole.getId() != null) {
+ result.put(ecompRole.getId(), ecompRole);
+ }
}
- }
- for (String name : roleAdminAppRolesNames) {
- roles.stream().filter(x -> name.equals(x.getName())).findAny().ifPresent(roleAdminAppRoles::add);
+ }
+ return result;
+ }
- }
- appRoles = roleAdminAppRoles.toArray(new EcompRole[0]);
+ private void syncUserRolesExtension(FnUserRole userRole, Long appId,
+ HashMap<Long, EcompRole> newUserAppRolesMap) {
+ Long userAppRoleId;
+ if (PortalConstants.PORTAL_APP_ID.equals(appId)) { // local app
+ userAppRoleId = userRole.getRoleId().getId();
+ } else { // remote app
+ userAppRoleId = userRole.getId();
}
- } else {
- appRoles = applicationsRestClientService.get(EcompRole[].class, appId, "/roles");
- }
- // Test this error case, for generating an internal ONAP Portal
- // error
- // EcompRole[] appRoles = null;
- // If there is an exception in the rest client api, then null will
- // be returned.
- if (appRoles != null) {
- if (!app.getAuthCentral()) {
- syncAppRoles(appId, appRoles);
+
+ if (!newUserAppRolesMap.containsKey(userAppRoleId)) {
+ fnUserRoleService.deleteById(userRole.getId());
+ } else {
+ newUserAppRolesMap.remove(userAppRoleId);
}
- EcompRole[] userAppRoles = null;
+ }
+
+ private Role fnRoleToRole(final FnRole role) {
+ return new Role(null, null, null, null, null, null, null, null, null, role.getRoleName(), null,
+ role.getActiveYn(),
+ role.getPriority(), role.getFnRoleFunctions(), role.getChildRoles(), role.getParentRoles());
+ }
+
+ @SuppressWarnings("unchecked")
+ public List<RoleInAppForUser> getAppRolesForUser(Long appId, String orgUserId, Boolean extRequestValue,
+ Long userId) {
+ List<RoleInAppForUser> rolesInAppForUser = null;
+ FnApp app = fnAppService.getById(appId);
+ logger.debug(EELFLoggerDelegate.debugLogger, "In getAppRolesForUser() - app = {}", app);
try {
- try {
- if (app.getAuthCentral()) {
- List<FnUser> actualUser = fnUserService.getUserWithOrgUserId(Long.toString(userId));
- List<EPUserAppCurrentRoles> userAppsRolesList = entityManager
- .createNamedQuery("EPUserAppCurrentRoles")
- .setParameter("appId", app.getId())
- .setParameter("userId", actualUser.get(0).getId())
- .getResultList();
- List<EcompRole> setUserRoles = new ArrayList<>();
- for (EPUserAppCurrentRoles role : userAppsRolesList) {
- logger.debug(EELFLoggerDelegate.debugLogger,
- "In getAppRolesForUser() - userAppsRolesList get userRolename = {}", role.getRoleName());
- EcompRole ecompRole = new EcompRole();
- ecompRole.setId(role.getRoleId());
- ecompRole.setName(role.getRoleName());
- setUserRoles.add(ecompRole);
- }
-
- boolean checkIfUserisAccAdmin = setUserRoles.stream()
- .anyMatch(ecompRole -> ecompRole.getId() == 999L);
-
- if (!checkIfUserisAccAdmin) {
- List<EcompRole> appRolesList = Arrays.asList(appRoles);
- Set<EcompRole> finalUserAppRolesList = new HashSet<>();
-
- List<String> roleNames = new ArrayList<>();
- for (EcompRole role : setUserRoles) {
- EcompRole epRole = appRolesList.stream()
- .filter(x -> role.getName().equals(x.getName())).findAny().orElse(null);
- List<RoleFunction> roleFunList = new ArrayList<>();
-
- if (epRole != null) {
- if (epRole.getRoleFunctions().size() > 0) {
- roleFunList.addAll(epRole.getRoleFunctions());
+ // for onap portal app, no need to make a remote call
+ List<Role> roleList = new ArrayList<>();
+ if (!PortalConstants.PORTAL_APP_ID.equals(appId)) {
+ if (app.getAuthCentral()) {
+ List<CentralV2Role> cenRoleList = externalAccessRolesService.getRolesForApp(app.getUebKey());
+ for (CentralV2Role cenRole : cenRoleList) {
+ Role role = new Role();
+ role.setActiveYn(cenRole.isActive());
+ role.setId(cenRole.getId());
+ role.setRoleName(cenRole.getName());
+ role.setPriority(cenRole.getPriority());
+ roleList.add(role);
}
- boolean checkIfFunctionsExits = roleFunList.stream().anyMatch(
- roleFunction -> roleFunction.getType().equalsIgnoreCase("Approver"));
- if (checkIfFunctionsExits) {
- finalUserAppRolesList.add(role);
- List<RoleFunction> filteredList = roleFunList.stream()
- .filter(x -> "Approver".equalsIgnoreCase(x.getType()))
- .collect(Collectors.toList());
- roleNames = filteredList.stream().map(RoleFunction::getCode)
- .collect(Collectors.toList());
- } else {
- roleNames.add(epRole.getName());
+ } else {
+ Optional<FnUser> user = fnUserService.getUser(userId);
+ if (user.isPresent()) {
+ roleList = user.get().getFnRoles().stream().map(this::fnRoleToRole)
+ .collect(Collectors.toList());
}
- }
- for (String name : roleNames) {
- EcompRole ecompRole = appRolesList.stream()
- .filter(x -> name.equals(x.getName())).findAny().orElse(null);
- if (ecompRole != null) {
- finalUserAppRolesList.add(ecompRole);
+ }
+ List<Role> activeRoleList = new ArrayList<>();
+ for (Role role : roleList) {
+ if (role.getActiveYn()) {
+ if (role.getId() != 1) { // prevent portal admin from being added
+ activeRoleList.add(role);
+ } else if (extRequestValue) {
+ activeRoleList.add(role);
+ }
}
- }
+
}
- for (String name : roleNames) {
- boolean checkIfFunctionsExits = userAppsRolesList.stream().anyMatch(
- role -> role.getRoleName().equalsIgnoreCase(name));
- if (checkIfFunctionsExits) {
- appRolesList.stream().filter(x -> name.equals(x.getName()))
- .findAny().ifPresent(setUserRoles::add);
- }
+ FnUser localUser = getUserFromApp(Long.toString(userId), app, applicationsRestClientService);
+ // If localUser does not exists return roles
+ Set<FnRole> roleSet = null;
+ FnRole[] roleSetList = null;
+ if (localUser != null) {
+ roleSet = localUser.getAppEPRoles(app);
+ roleSetList = roleSet.toArray(new FnRole[0]);
}
- userAppRoles = setUserRoles.toArray(new EcompRole[0]);
- }
- } else {
- userAppRoles = applicationsRestClientService.get(EcompRole[].class, appId,
- String.format("/user/%s/roles", userId));
+ rolesInAppForUser = fnUserRoleService
+ .constructRolesInAppForUserGet(activeRoleList, roleSetList, extRequestValue);
+ return rolesInAppForUser;
}
- } catch (HTTPException e) {
- // Some apps are returning 400 if user is not found.
- if (e.getResponseCode() == 400) {
- logger.debug(EELFLoggerDelegate.debugLogger,
- "getAppRolesForUser caught exception with response code 400; continuing", e);
+
+ EcompRole[] appRoles = null;
+ boolean checkIfUserIsApplicationAccAdmin = false;
+ List<EcompRole> roles = new ArrayList<>();
+ if (app.getAuthCentral()) {
+ List<FnRole> applicationRoles = fnRoleService.retrieveActiveRolesOfApplication(app.getId());
+ FnApp application = fnAppService.getById(appId);
+ checkIfUserIsApplicationAccAdmin = isAccountAdminOfApplication(userId,
+ application);
+
+ List<FnRole> roleSetWithFunctioncds = new ArrayList<>();
+ for (FnRole role : applicationRoles) {
+ List<EpAppFunction> cenRoleFuncList = epAppFunctionService
+ .getAppRoleFunctionList(role.getId(), app.getId());
+ for (EpAppFunction roleFunc : cenRoleFuncList) {
+
+ String functionCode = EcompPortalUtils.getFunctionCode(roleFunc.getFunctionCd());
+ functionCode = EPUserUtils.decodeFunctionCode(functionCode);
+ String type = externalAccessRolesService.getFunctionCodeType(roleFunc.getFunctionCd());
+ String action = externalAccessRolesService.getFunctionCodeAction(roleFunc.getFunctionCd());
+ String name = roleFunc.getFunctionName();
+
+ FnFunction function = new FnFunction();
+ function.setAction(action);
+ function.setType(type);
+ function.setCode(functionCode);
+ function.setName(name);
+ role.getFnRoleFunctions().add(new FnRoleFunction(role, function));
+
+ }
+ roleSetWithFunctioncds.add(role);
+
+
+ }
+
+ for (FnRole role1 : roleSetWithFunctioncds) {
+ EcompRole ecompRole = new EcompRole();
+ ecompRole.setId(role1.getId());
+ ecompRole.setName(role1.getRoleName());
+ ecompRole.setRoleFunctions(role1.getRoleFunctions());
+ roles.add(ecompRole);
+
+ }
+ if (checkIfUserIsApplicationAccAdmin) {
+ appRoles = roles.toArray(new EcompRole[roles.size()]);
+ logger.debug(EELFLoggerDelegate.debugLogger,
+ "In getAppRolesForUser() If Logged in user checkIfUserisApplicationAccAdmin- appRoles = {}",
+ appRoles);
+ } else if (isRoleAdmin(userId) && !checkIfUserIsApplicationAccAdmin) {
+ List<EcompRole> roleAdminAppRoles = new ArrayList<>();
+ List<String> roleAdminAppRolesNames = new ArrayList<>();
+ String QUERY =
+ "select distinct fr.role_name as roleName from fn_user_role fu, ep_app_role_function ep, ep_app_function ea, fn_role fr"
+ + " where fu.role_id = ep.role_id"
+ + " and fu.app_id = ep.app_id"
+ + " and fu.user_id = :userId"
+ + " and fu.role_id = fr.role_id and fr.active_yn='Y'"
+ + " and ea.function_cd = ep.function_cd and ea.function_cd like 'approver|%'"
+ + " and exists"
+ + " ("
+ + " select fa.app_id from fn_user fu, fn_user_role ur, fn_app fa where fu.user_id =:userId and fu.user_id = ur.user_id"
+ + " and ur.app_id = fa.app_id and fa.enabled = 'Y')";
+ List<Tuple> tuples = entityManager.createNativeQuery(QUERY, Tuple.class)
+ .setParameter("userId", userId)
+ .getResultList();
+ List<String> getUserApproverRoles = tuples.stream().map(tuple -> (String) tuple.get("roleName"))
+ .collect(Collectors.toList());
+
+ List<EcompRole> userapproverRolesList = new ArrayList<>();
+ for (String str : getUserApproverRoles) {
+ EcompRole epRole = roles.stream().filter(x -> str.equals(x.getName())).findAny().orElse(null);
+ if (epRole != null) {
+ userapproverRolesList.add(epRole);
+ }
+ }
+ for (EcompRole role : userapproverRolesList) {
+
+ List<RoleFunction> roleFunList = new ArrayList<>(role.getRoleFunctions());
+ boolean checkIfFunctionsExits = roleFunList.stream()
+ .anyMatch(roleFunction -> roleFunction.getType().equalsIgnoreCase("Approver"));
+ if (checkIfFunctionsExits) {
+ roleAdminAppRoles.add(role);
+ List<RoleFunction> filteredList = roleFunList.stream()
+ .filter(x -> "Approver".equalsIgnoreCase(x.getType())).collect(Collectors.toList());
+ roleAdminAppRolesNames.addAll(filteredList.stream().map(RoleFunction::getCode)
+ .collect(Collectors.toList()));
+ }
+ }
+ for (String name : roleAdminAppRolesNames) {
+ roles.stream().filter(x -> name.equals(x.getName())).findAny()
+ .ifPresent(roleAdminAppRoles::add);
+
+ }
+ appRoles = roleAdminAppRoles.toArray(new EcompRole[0]);
+
+ }
} else {
- // Other response code, let it come thru.
- throw e;
+ appRoles = applicationsRestClientService.get(EcompRole[].class, appId, "/roles");
}
- }
- if (userAppRoles == null) {
- if (EcompPortalUtils.getExternalAppResponseCode() == 400) {
- EcompPortalUtils.setExternalAppResponseCode(200);
- String message = String.format(
- "getAppRolesForUser: App %s, User %, endpoint /user/{userid}/roles returned 400, "
- + "assuming user doesn't exist, app is framework SDK based, and things are ok. "
- + "Overriding to 200 until framework SDK returns a useful response.",
- Long.toString(appId), userId);
- logger.warn(EELFLoggerDelegate.applicationLogger, message);
- }
- }
+ // Test this error case, for generating an internal ONAP Portal
+ // error
+ // EcompRole[] appRoles = null;
+ // If there is an exception in the rest client api, then null will
+ // be returned.
+ if (appRoles != null) {
+ if (!app.getAuthCentral()) {
+ syncAppRoles(appId, appRoles);
+ }
+ EcompRole[] userAppRoles = null;
+ try {
+ try {
+ if (app.getAuthCentral()) {
+ List<FnUser> actualUser = fnUserService.getUserWithOrgUserId(Long.toString(userId));
+ List<EPUserAppCurrentRoles> userAppsRolesList = entityManager
+ .createNamedQuery("EPUserAppCurrentRoles")
+ .setParameter("appId", app.getId())
+ .setParameter("userId", actualUser.get(0).getId())
+ .getResultList();
+ List<EcompRole> setUserRoles = new ArrayList<>();
+ for (EPUserAppCurrentRoles role : userAppsRolesList) {
+ logger.debug(EELFLoggerDelegate.debugLogger,
+ "In getAppRolesForUser() - userAppsRolesList get userRolename = {}",
+ role.getRoleName());
+ EcompRole ecompRole = new EcompRole();
+ ecompRole.setId(role.getRoleId());
+ ecompRole.setName(role.getRoleName());
+ setUserRoles.add(ecompRole);
+ }
+
+ boolean checkIfUserisAccAdmin = setUserRoles.stream()
+ .anyMatch(ecompRole -> ecompRole.getId() == 999L);
+
+ if (!checkIfUserisAccAdmin) {
+ List<EcompRole> appRolesList = Arrays.asList(appRoles);
+ Set<EcompRole> finalUserAppRolesList = new HashSet<>();
+
+ List<String> roleNames = new ArrayList<>();
+ for (EcompRole role : setUserRoles) {
+ EcompRole epRole = appRolesList.stream()
+ .filter(x -> role.getName().equals(x.getName())).findAny().orElse(null);
+ List<RoleFunction> roleFunList = new ArrayList<>();
+
+ if (epRole != null) {
+ if (epRole.getRoleFunctions().size() > 0) {
+ roleFunList.addAll(epRole.getRoleFunctions());
+ }
+ boolean checkIfFunctionsExits = roleFunList.stream().anyMatch(
+ roleFunction -> roleFunction.getType().equalsIgnoreCase("Approver"));
+ if (checkIfFunctionsExits) {
+ finalUserAppRolesList.add(role);
+ List<RoleFunction> filteredList = roleFunList.stream()
+ .filter(x -> "Approver".equalsIgnoreCase(x.getType()))
+ .collect(Collectors.toList());
+ roleNames = filteredList.stream().map(RoleFunction::getCode)
+ .collect(Collectors.toList());
+ } else {
+ roleNames.add(epRole.getName());
+ }
+ }
+ for (String name : roleNames) {
+ EcompRole ecompRole = appRolesList.stream()
+ .filter(x -> name.equals(x.getName())).findAny().orElse(null);
+ if (ecompRole != null) {
+ finalUserAppRolesList.add(ecompRole);
+ }
+ }
+ }
+ for (String name : roleNames) {
+ boolean checkIfFunctionsExits = userAppsRolesList.stream().anyMatch(
+ role -> role.getRoleName().equalsIgnoreCase(name));
+ if (checkIfFunctionsExits) {
+ appRolesList.stream().filter(x -> name.equals(x.getName()))
+ .findAny().ifPresent(setUserRoles::add);
+ }
+ }
+ userAppRoles = setUserRoles.toArray(new EcompRole[0]);
+ }
+ } else {
+ userAppRoles = applicationsRestClientService.get(EcompRole[].class, appId,
+ String.format("/user/%s/roles", userId));
+ }
+ } catch (HTTPException e) {
+ // Some apps are returning 400 if user is not found.
+ if (e.getResponseCode() == 400) {
+ logger.debug(EELFLoggerDelegate.debugLogger,
+ "getAppRolesForUser caught exception with response code 400; continuing", e);
+ } else {
+ // Other response code, let it come thru.
+ throw e;
+ }
+ }
+ if (userAppRoles == null) {
+ if (EcompPortalUtils.getExternalAppResponseCode() == 400) {
+ EcompPortalUtils.setExternalAppResponseCode(200);
+ String message = String.format(
+ "getAppRolesForUser: App %s, User %, endpoint /user/{userid}/roles returned 400, "
+ + "assuming user doesn't exist, app is framework SDK based, and things are ok. "
+ + "Overriding to 200 until framework SDK returns a useful response.",
+ Long.toString(appId), userId);
+ logger.warn(EELFLoggerDelegate.applicationLogger, message);
+ }
+ }
- HashMap<Long, EcompRole> appRolesActiveMap = hashMapFromEcompRoles(appRoles);
- ArrayList<EcompRole> activeRoles = new ArrayList<>();
- if (userAppRoles != null) {
- for (EcompRole userAppRole : userAppRoles) {
- if (appRolesActiveMap.containsKey(userAppRole.getId())) {
- EcompRole role = new EcompRole();
- role.setId(userAppRole.getId());
- role.setName(userAppRole.getName());
- activeRoles.add(role);
- }
- }
- }
- EcompRole[] userAppRolesActive = activeRoles.toArray(new EcompRole[0]);
+ HashMap<Long, EcompRole> appRolesActiveMap = hashMapFromEcompRoles(appRoles);
+ ArrayList<EcompRole> activeRoles = new ArrayList<>();
+ if (userAppRoles != null) {
+ for (EcompRole userAppRole : userAppRoles) {
+ if (appRolesActiveMap.containsKey(userAppRole.getId())) {
+ EcompRole role = new EcompRole();
+ role.setId(userAppRole.getId());
+ role.setName(userAppRole.getName());
+ activeRoles.add(role);
+ }
+ }
+ }
+ EcompRole[] userAppRolesActive = activeRoles.toArray(new EcompRole[0]);
- boolean checkIfUserisRoleAdmin = isRoleAdmin(userId) && !checkIfUserIsApplicationAccAdmin;
+ boolean checkIfUserisRoleAdmin = isRoleAdmin(userId) && !checkIfUserIsApplicationAccAdmin;
- // If the remote application isn't down we MUST sync user
- // roles here in case we have this user here!
- syncUserRoles(Long.toString(userId), appId, userAppRolesActive, extRequestValue, null, checkIfUserisRoleAdmin,
- appRoles);
+ // If the remote application isn't down we MUST sync user
+ // roles here in case we have this user here!
+ syncUserRoles(Long.toString(userId), appId, userAppRolesActive, extRequestValue, null,
+ checkIfUserisRoleAdmin,
+ appRoles);
+ } catch (Exception e) {
+ // TODO: we may need to check if user exists, maybe remote
+ // app is down.
+ String message = String.format(
+ "getAppRolesForUser: user %s does not exist in remote application %s", userId,
+ Long.toString(appId));
+ logger.error(EELFLoggerDelegate.errorLogger, message, e);
+ userAppRoles = new EcompRole[0];
+ }
+ rolesInAppForUser = fnUserRoleService.constructRolesInAppForUserGet(appRoles, userAppRoles);
+ }
} catch (Exception e) {
- // TODO: we may need to check if user exists, maybe remote
- // app is down.
- String message = String.format(
- "getAppRolesForUser: user %s does not exist in remote application %s", userId,
- Long.toString(appId));
- logger.error(EELFLoggerDelegate.errorLogger, message, e);
- userAppRoles = new EcompRole[0];
+ String message = String.format("getAppRolesForUser: failed for User %s, AppId %s", userId,
+ Long.toString(appId));
+ logger.error(EELFLoggerDelegate.errorLogger, message, e);
}
- rolesInAppForUser = fnUserRoleService.constructRolesInAppForUserGet(appRoles, userAppRoles);
- }
- } catch (Exception e) {
- String message = String.format("getAppRolesForUser: failed for User %s, AppId %s", userId,
- Long.toString(appId));
- logger.error(EELFLoggerDelegate.errorLogger, message, e);
+ return rolesInAppForUser;
}
- return rolesInAppForUser;
- }
-
- private void syncAppRoles(Long appId, EcompRole[] appRoles) throws Exception {
- logger.debug(EELFLoggerDelegate.debugLogger, "entering syncAppRoles for appId: " + appId);
- HashMap<Long, EcompRole> newRolesMap = hashMapFromEcompRoles(appRoles);
- try {
- List<FnRole> currentAppRoles = fnRoleService.retrieveAppRolesByAppId(appId);
-
- List<FnRole> obsoleteRoles = new ArrayList<>();
- for (FnRole oldAppRole : currentAppRoles) {
- if (oldAppRole.getAppRoleId() != null) {
- EcompRole role;
- role = newRolesMap.get(oldAppRole.getAppRoleId());
- if (role != null) {
- if (!(role.getName() == null || oldAppRole.getRoleName().equals(role.getName()))) {
- oldAppRole.setRoleName(role.getName());
+
+ private void syncAppRoles(Long appId, EcompRole[] appRoles) throws Exception {
+ logger.debug(EELFLoggerDelegate.debugLogger, "entering syncAppRoles for appId: " + appId);
+ HashMap<Long, EcompRole> newRolesMap = hashMapFromEcompRoles(appRoles);
+ try {
+ List<FnRole> currentAppRoles = fnRoleService.retrieveAppRolesByAppId(appId);
+
+ List<FnRole> obsoleteRoles = new ArrayList<>();
+ for (FnRole oldAppRole : currentAppRoles) {
+ if (oldAppRole.getAppRoleId() != null) {
+ EcompRole role;
+ role = newRolesMap.get(oldAppRole.getAppRoleId());
+ if (role != null) {
+ if (!(role.getName() == null || oldAppRole.getRoleName().equals(role.getName()))) {
+ oldAppRole.setRoleName(role.getName());
+ }
+ oldAppRole.setActiveYn(true);
+ newRolesMap.remove(oldAppRole.getAppRoleId());
+ } else {
+ obsoleteRoles.add(oldAppRole);
+ }
+ } else {
+ obsoleteRoles.add(oldAppRole);
+ }
}
- oldAppRole.setActiveYn(true);
- newRolesMap.remove(oldAppRole.getAppRoleId());
- } else {
- obsoleteRoles.add(oldAppRole);
- }
- } else {
- obsoleteRoles.add(oldAppRole);
- }
- }
- Collection<EcompRole> newRolesToAdd = newRolesMap.values();
- if (obsoleteRoles.size() > 0) {
- logger.debug(EELFLoggerDelegate.debugLogger, "syncAppRoles: we have obsolete roles to delete");
- for (FnRole role : obsoleteRoles) {
- logger.debug(EELFLoggerDelegate.debugLogger, "syncAppRoles: obsolete role: " + role.toString());
- Long roleId = role.getId();
- List<FnUserRole> userRoles = fnUserRoleService.getUserRolesForRoleIdAndAppId(roleId, appId);
-
- logger.debug(EELFLoggerDelegate.debugLogger,
- "syncAppRoles: number of userRoles to delete: " + userRoles.size());
- for (FnUserRole userRole : userRoles) {
- logger.debug(EELFLoggerDelegate.debugLogger,
- "syncAppRoles: about to delete userRole: " + userRole.toString());
- fnUserRoleService.deleteById(userRole.getId());
- logger.debug(EELFLoggerDelegate.debugLogger,
- "syncAppRoles: finished deleting userRole: " + userRole.toString());
- }
- List<FnMenuFunctionalRoles> funcMenuRoles = fnMenuFunctionalRolesService.retrieveByroleId(roleId);
- int numMenuRoles = funcMenuRoles.size();
- logger.debug(EELFLoggerDelegate.debugLogger,
- "syncAppRoles: number of funcMenuRoles for roleId: " + roleId + ": " + numMenuRoles);
- for (FnMenuFunctionalRoles funcMenuRole : funcMenuRoles) {
- Long menuId = funcMenuRole.getMenuId().getMenuId();
- // If this is the only role for this menu item, then the
- // app and roles will be gone,
- // so must null out the url too, to be consistent
- List<FnMenuFunctionalRoles> funcMenuRoles2 = fnMenuFunctionalRolesService.retrieveByMenuId(menuId);
- int numMenuRoles2 = funcMenuRoles2.size();
- logger.debug(EELFLoggerDelegate.debugLogger,
- "syncAppRoles: number of funcMenuRoles for menuId: " + menuId + ": " + numMenuRoles2);
- fnMenuFunctionalRolesService.delete(funcMenuRole);
-
- if (numMenuRoles2 == 1) {
- // If this is the only role for this menu item, then
- // the app and roles will be gone,
- // so must null out the url too, to be consistent
- logger.debug(EELFLoggerDelegate.debugLogger,
- "syncAppRoles: There is exactly 1 menu item for this role, so emptying the url");
- List<FnMenuFunctional> funcMenuItems = fnMenuFunctionalService.retrieveByMenuId(menuId);
- if (funcMenuItems.size() > 0) {
- logger.debug(EELFLoggerDelegate.debugLogger, "got the menu item");
- FnMenuFunctional funcMenuItem = funcMenuItems.get(0);
- funcMenuItem.setUrl("");
- }
+ Collection<EcompRole> newRolesToAdd = newRolesMap.values();
+ if (obsoleteRoles.size() > 0) {
+ logger.debug(EELFLoggerDelegate.debugLogger, "syncAppRoles: we have obsolete roles to delete");
+ for (FnRole role : obsoleteRoles) {
+ logger.debug(EELFLoggerDelegate.debugLogger, "syncAppRoles: obsolete role: " + role.toString());
+ Long roleId = role.getId();
+ List<FnUserRole> userRoles = fnUserRoleService.getUserRolesForRoleIdAndAppId(roleId, appId);
+
+ logger.debug(EELFLoggerDelegate.debugLogger,
+ "syncAppRoles: number of userRoles to delete: " + userRoles.size());
+ for (FnUserRole userRole : userRoles) {
+ logger.debug(EELFLoggerDelegate.debugLogger,
+ "syncAppRoles: about to delete userRole: " + userRole.toString());
+ fnUserRoleService.deleteById(userRole.getId());
+ logger.debug(EELFLoggerDelegate.debugLogger,
+ "syncAppRoles: finished deleting userRole: " + userRole.toString());
+ }
+ List<FnMenuFunctionalRoles> funcMenuRoles = fnMenuFunctionalRolesService.retrieveByroleId(roleId);
+ int numMenuRoles = funcMenuRoles.size();
+ logger.debug(EELFLoggerDelegate.debugLogger,
+ "syncAppRoles: number of funcMenuRoles for roleId: " + roleId + ": " + numMenuRoles);
+ for (FnMenuFunctionalRoles funcMenuRole : funcMenuRoles) {
+ Long menuId = funcMenuRole.getMenuId().getMenuId();
+ // If this is the only role for this menu item, then the
+ // app and roles will be gone,
+ // so must null out the url too, to be consistent
+ List<FnMenuFunctionalRoles> funcMenuRoles2 = fnMenuFunctionalRolesService
+ .retrieveByMenuId(menuId);
+ int numMenuRoles2 = funcMenuRoles2.size();
+ logger.debug(EELFLoggerDelegate.debugLogger,
+ "syncAppRoles: number of funcMenuRoles for menuId: " + menuId + ": " + numMenuRoles2);
+ fnMenuFunctionalRolesService.delete(funcMenuRole);
+
+ if (numMenuRoles2 == 1) {
+ // If this is the only role for this menu item, then
+ // the app and roles will be gone,
+ // so must null out the url too, to be consistent
+ logger.debug(EELFLoggerDelegate.debugLogger,
+ "syncAppRoles: There is exactly 1 menu item for this role, so emptying the url");
+ List<FnMenuFunctional> funcMenuItems = fnMenuFunctionalService.retrieveByMenuId(menuId);
+ if (funcMenuItems.size() > 0) {
+ logger.debug(EELFLoggerDelegate.debugLogger, "got the menu item");
+ FnMenuFunctional funcMenuItem = funcMenuItems.get(0);
+ funcMenuItem.setUrl("");
+ }
+ }
+ }
+ boolean isPortalRequest = true;
+ deleteRoleDependencyRecords(roleId, appId, isPortalRequest);
+ logger.debug(EELFLoggerDelegate.debugLogger,
+ "syncAppRoles: about to delete the role: " + role.toString());
+ fnRoleService.delete(role);
+ logger.debug(EELFLoggerDelegate.debugLogger, "syncAppRoles: deleted the role");
+ }
}
- }
- boolean isPortalRequest = true;
- deleteRoleDependencyRecords(roleId, appId, isPortalRequest);
- logger.debug(EELFLoggerDelegate.debugLogger, "syncAppRoles: about to delete the role: " + role.toString());
- fnRoleService.delete(role);
- logger.debug(EELFLoggerDelegate.debugLogger, "syncAppRoles: deleted the role");
+ for (EcompRole role : newRolesToAdd) {
+ logger.debug(EELFLoggerDelegate.debugLogger,
+ "syncAppRoles: about to add missing role: " + role.toString());
+ FnRole newRole = new FnRole();
+ // Attention! All roles from remote application supposed to be
+ // active!
+ newRole.setActiveYn(true);
+ newRole.setRoleName(role.getName());
+ newRole.setAppId(appId);
+ newRole.setAppRoleId(role.getId());
+ fnRoleService.saveOne(newRole);
+ }
+ logger.debug(EELFLoggerDelegate.debugLogger, "syncAppRoles: about to commit the transaction");
+ logger.debug(EELFLoggerDelegate.debugLogger, "syncAppRoles: committed the transaction");
+ } catch (Exception e) {
+ logger.error(EELFLoggerDelegate.errorLogger, "syncAppRoles failed", e);
+ EPLogUtil.logEcompError(logger, EPAppMessagesEnum.BeDaoSystemError, e);
+ throw new Exception(e);
}
- }
- for (EcompRole role : newRolesToAdd) {
- logger.debug(EELFLoggerDelegate.debugLogger, "syncAppRoles: about to add missing role: " + role.toString());
- FnRole newRole = new FnRole();
- // Attention! All roles from remote application supposed to be
- // active!
- newRole.setActiveYn(true);
- newRole.setRoleName(role.getName());
- newRole.setAppId(appId);
- newRole.setAppRoleId(role.getId());
- fnRoleService.saveOne(newRole);
- }
- logger.debug(EELFLoggerDelegate.debugLogger, "syncAppRoles: about to commit the transaction");
- logger.debug(EELFLoggerDelegate.debugLogger, "syncAppRoles: committed the transaction");
- } catch (Exception e) {
- logger.error(EELFLoggerDelegate.errorLogger, "syncAppRoles failed", e);
- EPLogUtil.logEcompError(logger, EPAppMessagesEnum.BeDaoSystemError, e);
- throw new Exception(e);
}
- }
-
- private void deleteRoleDependencyRecords(Long roleId, Long appId, boolean isPortalRequest)
- throws Exception {
- Session localSession = entityManager.unwrap(Session.class);
- try {
- String sql;
- Query query;
- // It should delete only when it portal's roleId
- if (appId.equals(PortalConstants.PORTAL_APP_ID)) {
- // Delete from fn_role_function
- sql = "DELETE FROM fn_role_function WHERE role_id=" + roleId;
- logger.debug(EELFLoggerDelegate.debugLogger, "Executing query: " + sql);
- query = localSession.createSQLQuery(sql);
- query.executeUpdate();
- // Delete from fn_role_composite
- sql = "DELETE FROM fn_role_composite WHERE parent_role_id=" + roleId + " OR child_role_id=" + roleId;
- logger.debug(EELFLoggerDelegate.debugLogger, "Executing query: " + sql);
- query = localSession.createSQLQuery(sql);
- query.executeUpdate();
- }
- // Delete from ep_app_role_function
- sql = "DELETE FROM ep_app_role_function WHERE role_id=" + roleId;
- logger.debug(EELFLoggerDelegate.debugLogger, "Executing query: " + sql);
- query = localSession.createSQLQuery(sql);
- query.executeUpdate();
- // Delete from ep_role_notification
- sql = "DELETE FROM ep_role_notification WHERE role_id=" + roleId;
- logger.debug(EELFLoggerDelegate.debugLogger, "Executing query: " + sql);
- query = localSession.createSQLQuery(sql);
- query.executeUpdate();
- // Delete from fn_user_pseudo_role
- sql = "DELETE FROM fn_user_pseudo_role WHERE pseudo_role_id=" + roleId;
- logger.debug(EELFLoggerDelegate.debugLogger, "Executing query: " + sql);
- query = localSession.createSQLQuery(sql);
- query.executeUpdate();
- // Delete form EP_WIDGET_CATALOG_ROLE
- sql = "DELETE FROM EP_WIDGET_CATALOG_ROLE WHERE role_id=" + roleId;
- logger.debug(EELFLoggerDelegate.debugLogger, "Executing query: " + sql);
- query = localSession.createSQLQuery(sql);
- query.executeUpdate();
- // Delete form EP_WIDGET_CATALOG_ROLE
- sql = "DELETE FROM ep_user_roles_request_det WHERE requested_role_id=" + roleId;
- logger.debug(EELFLoggerDelegate.debugLogger, "Executing query: " + sql);
- query = localSession.createSQLQuery(sql);
- query.executeUpdate();
- if (!isPortalRequest) {
- // Delete form fn_menu_functional_roles
- sql = "DELETE FROM fn_menu_functional_roles WHERE role_id=" + roleId;
- logger.debug(EELFLoggerDelegate.debugLogger, "Executing query: " + sql);
- query = localSession.createSQLQuery(sql);
- query.executeUpdate();
- }
- } catch (Exception e) {
- logger.debug(EELFLoggerDelegate.debugLogger, "deleteRoleDependeciesRecord: failed ", e);
- throw new DeleteDomainObjectFailedException("delete Failed" + e.getMessage());
- }
- }
- private void checkIfRoleInactive(FnRole epRole) throws Exception {
- if (!epRole.getActiveYn()) {
- throw new Exception(epRole.getRoleName() + " role is unavailable");
- }
- }
-
- public boolean setAppsWithAdminRoleStateForUser(AppsListWithAdminRole newAppsListWithAdminRoles) {
- boolean result = false;
- // No changes if no new roles list or no userId.
- if (!org.apache.cxf.common.util.StringUtils.isEmpty(newAppsListWithAdminRoles.getOrgUserId())
- && newAppsListWithAdminRoles.getAppsRoles() != null) {
- synchronized (syncRests) {
- List<FnApp> apps = fnAppService.getAppsFullList();
- HashMap<Long, FnApp> enabledApps = new HashMap<>();
- for (FnApp app : apps) {
- enabledApps.put(app.getId(), app);
- }
- List<AppNameIdIsAdmin> newAppsWhereUserIsAdmin = new ArrayList<>();
- for (AppNameIdIsAdmin adminRole : newAppsListWithAdminRoles.getAppsRoles()) {
- // user Admin role may be added only for enabled apps
- if (adminRole.getIsAdmin() && enabledApps.containsKey(adminRole.getId())) {
- newAppsWhereUserIsAdmin.add(adminRole);
- }
- }
- FnUser user = null;
- boolean createNewUser = false;
- String orgUserId = newAppsListWithAdminRoles.getOrgUserId().trim();
- List<FnUser> localUserList = fnUserService.getUserWithOrgUserId(orgUserId);
- List<FnUserRole> oldAppsWhereUserIsAdmin = new ArrayList<>();
- if (localUserList.size() > 0) {
- FnUser tmpUser = localUserList.get(0);
- oldAppsWhereUserIsAdmin = fnUserRoleService.retrieveByUserIdAndRoleId(tmpUser.getId(), ACCOUNT_ADMIN_ROLE_ID);
- if (oldAppsWhereUserIsAdmin.size() > 0 || newAppsWhereUserIsAdmin.size() > 0) {
- user = tmpUser;
- }
- } else if (newAppsWhereUserIsAdmin.size() > 0) {
- // we create new user only if he has Admin Role for any App
- createNewUser = true;
+ private void deleteRoleDependencyRecords(Long roleId, Long appId, boolean isPortalRequest)
+ throws Exception {
+ Session localSession = entityManager.unwrap(Session.class);
+ try {
+ String sql;
+ Query query;
+ // It should delete only when it portal's roleId
+ if (appId.equals(PortalConstants.PORTAL_APP_ID)) {
+ // Delete from fn_role_function
+ sql = "DELETE FROM fn_role_function WHERE role_id=" + roleId;
+ logger.debug(EELFLoggerDelegate.debugLogger, "Executing query: " + sql);
+ query = localSession.createSQLQuery(sql);
+ query.executeUpdate();
+ // Delete from fn_role_composite
+ sql = "DELETE FROM fn_role_composite WHERE parent_role_id=" + roleId + " OR child_role_id=" + roleId;
+ logger.debug(EELFLoggerDelegate.debugLogger, "Executing query: " + sql);
+ query = localSession.createSQLQuery(sql);
+ query.executeUpdate();
+ }
+ // Delete from ep_app_role_function
+ sql = "DELETE FROM ep_app_role_function WHERE role_id=" + roleId;
+ logger.debug(EELFLoggerDelegate.debugLogger, "Executing query: " + sql);
+ query = localSession.createSQLQuery(sql);
+ query.executeUpdate();
+ // Delete from ep_role_notification
+ sql = "DELETE FROM ep_role_notification WHERE role_id=" + roleId;
+ logger.debug(EELFLoggerDelegate.debugLogger, "Executing query: " + sql);
+ query = localSession.createSQLQuery(sql);
+ query.executeUpdate();
+ // Delete from fn_user_pseudo_role
+ sql = "DELETE FROM fn_user_pseudo_role WHERE pseudo_role_id=" + roleId;
+ logger.debug(EELFLoggerDelegate.debugLogger, "Executing query: " + sql);
+ query = localSession.createSQLQuery(sql);
+ query.executeUpdate();
+ // Delete form EP_WIDGET_CATALOG_ROLE
+ sql = "DELETE FROM EP_WIDGET_CATALOG_ROLE WHERE role_id=" + roleId;
+ logger.debug(EELFLoggerDelegate.debugLogger, "Executing query: " + sql);
+ query = localSession.createSQLQuery(sql);
+ query.executeUpdate();
+ // Delete form EP_WIDGET_CATALOG_ROLE
+ sql = "DELETE FROM ep_user_roles_request_det WHERE requested_role_id=" + roleId;
+ logger.debug(EELFLoggerDelegate.debugLogger, "Executing query: " + sql);
+ query = localSession.createSQLQuery(sql);
+ query.executeUpdate();
+ if (!isPortalRequest) {
+ // Delete form fn_menu_functional_roles
+ sql = "DELETE FROM fn_menu_functional_roles WHERE role_id=" + roleId;
+ logger.debug(EELFLoggerDelegate.debugLogger, "Executing query: " + sql);
+ query = localSession.createSQLQuery(sql);
+ query.executeUpdate();
+ }
+ } catch (Exception e) {
+ logger.debug(EELFLoggerDelegate.debugLogger, "deleteRoleDependeciesRecord: failed ", e);
+ throw new DeleteDomainObjectFailedException("delete Failed" + e.getMessage());
}
- result = isResult(result, enabledApps, newAppsWhereUserIsAdmin, user, createNewUser, orgUserId,
- oldAppsWhereUserIsAdmin);
- }
}
- return result;
- }
-
- @Transactional
- public boolean isResult(boolean result, HashMap<Long, FnApp> enabledApps,
- List<AppNameIdIsAdmin> newAppsWhereUserIsAdmin, FnUser user, boolean createNewUser, String orgUserId,
- List<FnUserRole> oldAppsWhereUserIsAdmin) {
- if (user != null || createNewUser) {
- if (createNewUser) {
- user = fnUserService.getUserWithOrgUserId(orgUserId).stream().findFirst().get();
- if (user != null) {
- user.setActiveYn(true);
- }
- }
- for (FnUserRole oldUserApp : oldAppsWhereUserIsAdmin) {
- // user Admin role may be deleted only for enabled
- // apps
- if (enabledApps.containsKey(oldUserApp.getFnAppId())) {
- fnUserRoleService.saveOne(oldUserApp);
+ private void checkIfRoleInactive(FnRole epRole) throws Exception {
+ if (!epRole.getActiveYn()) {
+ throw new Exception(epRole.getRoleName() + " role is unavailable");
}
- }
- for (AppNameIdIsAdmin appNameIdIsAdmin : newAppsWhereUserIsAdmin) {
- FnApp app = fnAppService.getById(appNameIdIsAdmin.getId());
- FnRole role = fnRoleService.getById(ACCOUNT_ADMIN_ROLE_ID);
- FnUserRole newUserApp = new FnUserRole();
- newUserApp.setUserId(user);
- newUserApp.setFnAppId(app);
- newUserApp.setRoleId(role);
- fnUserRoleService.saveOne(newUserApp);
- }
- if (EcompPortalUtils.checkIfRemoteCentralAccessAllowed()) {
- addAdminRoleInExternalSystem(user, newAppsWhereUserIsAdmin);
- result = true;
- }
}
- return result;
- }
-
- @Transactional()
- public boolean addAdminRoleInExternalSystem(FnUser user, List<AppNameIdIsAdmin> newAppsWhereUserIsAdmin) {
- boolean result = false;
- try {
- // Reset All admin role for centralized applications
- List<FnApp> appList = fnAppService.getCentralizedApps();
- HttpHeaders headers = EcompPortalUtils.base64encodeKeyForAAFBasicAuth();
- for (FnApp app : appList) {
- String name = "";
- if (EPCommonSystemProperties
- .containsProperty(EPCommonSystemProperties.EXTERNAL_CENTRAL_ACCESS_USER_DOMAIN)) {
- name = user.getOrgUserId() + SystemProperties
- .getProperty(EPCommonSystemProperties.EXTERNAL_CENTRAL_ACCESS_USER_DOMAIN);
+
+ public boolean setAppsWithAdminRoleStateForUser(AppsListWithAdminRole newAppsListWithAdminRoles) {
+ boolean result = false;
+ // No changes if no new roles list or no userId.
+ if (!org.apache.cxf.common.util.StringUtils.isEmpty(newAppsListWithAdminRoles.getOrgUserId())
+ && newAppsListWithAdminRoles.getAppsRoles() != null) {
+ synchronized (syncRests) {
+ List<FnApp> apps = fnAppService.getAppsFullList();
+ HashMap<Long, FnApp> enabledApps = new HashMap<>();
+ for (FnApp app : apps) {
+ enabledApps.put(app.getId(), app);
+ }
+ List<AppNameIdIsAdmin> newAppsWhereUserIsAdmin = new ArrayList<>();
+ for (AppNameIdIsAdmin adminRole : newAppsListWithAdminRoles.getAppsRoles()) {
+ // user Admin role may be added only for enabled apps
+ if (adminRole.getIsAdmin() && enabledApps.containsKey(adminRole.getId())) {
+ newAppsWhereUserIsAdmin.add(adminRole);
+ }
+ }
+ FnUser user = null;
+ boolean createNewUser = false;
+ String orgUserId = newAppsListWithAdminRoles.getOrgUserId().trim();
+ List<FnUser> localUserList = fnUserService.getUserWithOrgUserId(orgUserId);
+ List<FnUserRole> oldAppsWhereUserIsAdmin = new ArrayList<>();
+ if (localUserList.size() > 0) {
+ FnUser tmpUser = localUserList.get(0);
+ oldAppsWhereUserIsAdmin = fnUserRoleService
+ .retrieveByUserIdAndRoleId(tmpUser.getId(), ACCOUNT_ADMIN_ROLE_ID);
+ if (oldAppsWhereUserIsAdmin.size() > 0 || newAppsWhereUserIsAdmin.size() > 0) {
+ user = tmpUser;
+ }
+ } else if (newAppsWhereUserIsAdmin.size() > 0) {
+ // we create new user only if he has Admin Role for any App
+ createNewUser = true;
+ }
+ result = isResult(result, enabledApps, newAppsWhereUserIsAdmin, user, createNewUser, orgUserId,
+ oldAppsWhereUserIsAdmin);
+ }
}
- String extRole = app.getAuthNamespace() + "." + PortalConstants.ADMIN_ROLE.replaceAll(" ", "_");
- HttpEntity<String> entity = new HttpEntity<>(headers);
- logger.debug(EELFLoggerDelegate.debugLogger, "Connecting to External Access system");
- try {
- ResponseEntity<String> getResponse = template
- .exchange(SystemProperties.getProperty(EPCommonSystemProperties.EXTERNAL_CENTRAL_ACCESS_URL)
- + "roles/" + extRole, HttpMethod.GET, entity, String.class);
-
- if (getResponse.getBody().equals("{}")) {
- String addDesc = "{\"name\":\"" + extRole + "\"}";
- HttpEntity<String> roleEntity = new HttpEntity<>(addDesc, headers);
- template.exchange(
- SystemProperties.getProperty(EPCommonSystemProperties.EXTERNAL_CENTRAL_ACCESS_URL)
- + "role",
- HttpMethod.POST, roleEntity, String.class);
- } else {
- try {
- HttpEntity<String> deleteUserRole = new HttpEntity<>(headers);
- template.exchange(
- SystemProperties.getProperty(EPCommonSystemProperties.EXTERNAL_CENTRAL_ACCESS_URL)
- + "userRole/" + name + "/" + extRole,
- HttpMethod.DELETE, deleteUserRole, String.class);
- } catch (Exception e) {
- logger.error(EELFLoggerDelegate.errorLogger,
- " Role not found for this user may be it gets deleted before", e);
+
+ return result;
+ }
+
+ @Transactional
+ public boolean isResult(boolean result, HashMap<Long, FnApp> enabledApps,
+ List<AppNameIdIsAdmin> newAppsWhereUserIsAdmin, FnUser user, boolean createNewUser, String orgUserId,
+ List<FnUserRole> oldAppsWhereUserIsAdmin) {
+ if (user != null || createNewUser) {
+ if (createNewUser) {
+ user = fnUserService.getUserWithOrgUserId(orgUserId).stream().findFirst().get();
+ if (user != null) {
+ user.setActiveYn(true);
+ }
+ }
+ for (FnUserRole oldUserApp : oldAppsWhereUserIsAdmin) {
+ // user Admin role may be deleted only for enabled
+ // apps
+ if (enabledApps.containsKey(oldUserApp.getFnAppId())) {
+ fnUserRoleService.saveOne(oldUserApp);
+ }
+ }
+ for (AppNameIdIsAdmin appNameIdIsAdmin : newAppsWhereUserIsAdmin) {
+ FnApp app = fnAppService.getById(appNameIdIsAdmin.getId());
+ FnRole role = fnRoleService.getById(ACCOUNT_ADMIN_ROLE_ID);
+ FnUserRole newUserApp = new FnUserRole();
+ newUserApp.setUserId(user);
+ newUserApp.setFnAppId(app);
+ newUserApp.setRoleId(role);
+ fnUserRoleService.saveOne(newUserApp);
+ }
+ if (EcompPortalUtils.checkIfRemoteCentralAccessAllowed()) {
+ addAdminRoleInExternalSystem(user, newAppsWhereUserIsAdmin);
+ result = true;
}
- }
- } catch (Exception e) {
- if (e.getMessage().equalsIgnoreCase("404 Not Found")) {
- logger.debug(EELFLoggerDelegate.debugLogger, "Application Not found for app {}",
- app.getAuthNamespace(), e.getMessage());
- } else {
- logger.error(EELFLoggerDelegate.errorLogger, "Application Not found for app {}",
- app.getAuthNamespace(), e);
- }
}
- }
- for (AppNameIdIsAdmin appNameIdIsAdmin : newAppsWhereUserIsAdmin) {
- FnApp app = fnAppService.getById(appNameIdIsAdmin.getId());
+ return result;
+ }
+
+ public boolean addAdminRoleInExternalSystem(FnUser user, List<AppNameIdIsAdmin> newAppsWhereUserIsAdmin) {
+ boolean result = false;
try {
- if (app.getAuthCentral()) {
- String extRole = app.getAuthNamespace() + "." + PortalConstants.ADMIN_ROLE.replaceAll(" ", "_");
- HttpEntity<String> entity = new HttpEntity<>(headers);
- String name = "";
- if (EPCommonSystemProperties
- .containsProperty(EPCommonSystemProperties.EXTERNAL_CENTRAL_ACCESS_USER_DOMAIN)) {
- name = user.getOrgUserId() + SystemProperties
- .getProperty(EPCommonSystemProperties.EXTERNAL_CENTRAL_ACCESS_USER_DOMAIN);
- }
- logger.debug(EELFLoggerDelegate.debugLogger, "Connecting to External Access system");
- ResponseEntity<String> getUserRolesResponse = template.exchange(
- SystemProperties.getProperty(EPCommonSystemProperties.EXTERNAL_CENTRAL_ACCESS_URL)
- + "userRoles/user/" + name,
- HttpMethod.GET, entity, String.class);
- logger.debug(EELFLoggerDelegate.debugLogger, "Connected to External Access system");
- if (!getUserRolesResponse.getBody().equals("{}")) {
- JSONObject jsonObj = new JSONObject(getUserRolesResponse.getBody());
- JSONArray extRoles = jsonObj.getJSONArray("userRole");
- final Map<String, JSONObject> extUserRoles = new HashMap<>();
- for (int i = 0; i < extRoles.length(); i++) {
- String userRole = extRoles.getJSONObject(i).getString("role");
- if (userRole.startsWith(app.getAuthNamespace() + ".")
- && !userRole.equals(app.getAuthNamespace() + ".admin")
- && !userRole.equals(app.getAuthNamespace() + ".owner")) {
-
- extUserRoles.put(userRole, extRoles.getJSONObject(i));
+ // Reset All admin role for centralized applications
+ List<FnApp> appList = fnAppService.getCentralizedApps();
+ HttpHeaders headers = EcompPortalUtils.base64encodeKeyForAAFBasicAuth();
+ for (FnApp app : appList) {
+ String name = "";
+ if (EPCommonSystemProperties
+ .containsProperty(EPCommonSystemProperties.EXTERNAL_CENTRAL_ACCESS_USER_DOMAIN)) {
+ name = user.getOrgUserId() + SystemProperties
+ .getProperty(EPCommonSystemProperties.EXTERNAL_CENTRAL_ACCESS_USER_DOMAIN);
}
- }
- if (!extUserRoles.containsKey(extRole)) {
- // Assign with new apps user admin
+ String extRole = app.getAuthNamespace() + "." + PortalConstants.ADMIN_ROLE.replaceAll(" ", "_");
+ HttpEntity<String> entity = new HttpEntity<>(headers);
+ logger.debug(EELFLoggerDelegate.debugLogger, "Connecting to External Access system");
try {
- ExternalAccessUser extUser = new ExternalAccessUser(name, extRole);
- // Assign user role for an application in external access system
- ObjectMapper addUserRoleMapper = new ObjectMapper();
- String userRole = addUserRoleMapper.writeValueAsString(extUser);
- HttpEntity<String> addUserRole = new HttpEntity<>(userRole, headers);
- template.exchange(
- SystemProperties.getProperty(
- EPCommonSystemProperties.EXTERNAL_CENTRAL_ACCESS_URL) + "userRole",
- HttpMethod.POST, addUserRole, String.class);
+ ResponseEntity<String> getResponse = template
+ .exchange(SystemProperties.getProperty(EPCommonSystemProperties.EXTERNAL_CENTRAL_ACCESS_URL)
+ + "roles/" + extRole, HttpMethod.GET, entity, String.class);
+
+ if (getResponse.getBody().equals("{}")) {
+ String addDesc = "{\"name\":\"" + extRole + "\"}";
+ HttpEntity<String> roleEntity = new HttpEntity<>(addDesc, headers);
+ template.exchange(
+ SystemProperties.getProperty(EPCommonSystemProperties.EXTERNAL_CENTRAL_ACCESS_URL)
+ + "role",
+ HttpMethod.POST, roleEntity, String.class);
+ } else {
+ try {
+ HttpEntity<String> deleteUserRole = new HttpEntity<>(headers);
+ template.exchange(
+ SystemProperties.getProperty(EPCommonSystemProperties.EXTERNAL_CENTRAL_ACCESS_URL)
+ + "userRole/" + name + "/" + extRole,
+ HttpMethod.DELETE, deleteUserRole, String.class);
+ } catch (Exception e) {
+ logger.error(EELFLoggerDelegate.errorLogger,
+ " Role not found for this user may be it gets deleted before", e);
+ }
+ }
} catch (Exception e) {
- logger.error(EELFLoggerDelegate.errorLogger, "Failed to add user admin role", e);
+ if (e.getMessage().equalsIgnoreCase("404 Not Found")) {
+ logger.debug(EELFLoggerDelegate.debugLogger, "Application Not found for app {}",
+ app.getAuthNamespace(), e.getMessage());
+ } else {
+ logger.error(EELFLoggerDelegate.errorLogger, "Application Not found for app {}",
+ app.getAuthNamespace(), e);
+ }
+ }
+ }
+ for (AppNameIdIsAdmin appNameIdIsAdmin : newAppsWhereUserIsAdmin) {
+ FnApp app = fnAppService.getById(appNameIdIsAdmin.getId());
+ try {
+ if (app.getAuthCentral()) {
+ String extRole = app.getAuthNamespace() + "." + PortalConstants.ADMIN_ROLE.replaceAll(" ", "_");
+ HttpEntity<String> entity = new HttpEntity<>(headers);
+ String name = "";
+ if (EPCommonSystemProperties
+ .containsProperty(EPCommonSystemProperties.EXTERNAL_CENTRAL_ACCESS_USER_DOMAIN)) {
+ name = user.getOrgUserId() + SystemProperties
+ .getProperty(EPCommonSystemProperties.EXTERNAL_CENTRAL_ACCESS_USER_DOMAIN);
+ }
+ logger.debug(EELFLoggerDelegate.debugLogger, "Connecting to External Access system");
+ ResponseEntity<String> getUserRolesResponse = template.exchange(
+ SystemProperties.getProperty(EPCommonSystemProperties.EXTERNAL_CENTRAL_ACCESS_URL)
+ + "userRoles/user/" + name,
+ HttpMethod.GET, entity, String.class);
+ logger.debug(EELFLoggerDelegate.debugLogger, "Connected to External Access system");
+ if (!getUserRolesResponse.getBody().equals("{}")) {
+ JSONObject jsonObj = new JSONObject(getUserRolesResponse.getBody());
+ JSONArray extRoles = jsonObj.getJSONArray("userRole");
+ final Map<String, JSONObject> extUserRoles = new HashMap<>();
+ for (int i = 0; i < extRoles.length(); i++) {
+ String userRole = extRoles.getJSONObject(i).getString("role");
+ if (userRole.startsWith(app.getAuthNamespace() + ".")
+ && !userRole.equals(app.getAuthNamespace() + ".admin")
+ && !userRole.equals(app.getAuthNamespace() + ".owner")) {
+
+ extUserRoles.put(userRole, extRoles.getJSONObject(i));
+ }
+ }
+ if (!extUserRoles.containsKey(extRole)) {
+ // Assign with new apps user admin
+ try {
+ ExternalAccessUser extUser = new ExternalAccessUser(name, extRole);
+ // Assign user role for an application in external access system
+ ObjectMapper addUserRoleMapper = new ObjectMapper();
+ String userRole = addUserRoleMapper.writeValueAsString(extUser);
+ HttpEntity<String> addUserRole = new HttpEntity<>(userRole, headers);
+ template.exchange(
+ SystemProperties.getProperty(
+ EPCommonSystemProperties.EXTERNAL_CENTRAL_ACCESS_URL) + "userRole",
+ HttpMethod.POST, addUserRole, String.class);
+ } catch (Exception e) {
+ logger.error(EELFLoggerDelegate.errorLogger, "Failed to add user admin role", e);
+ }
+
+ }
+ }
+ }
+ result = true;
+ } catch (Exception e) {
+ if (e.getMessage().equalsIgnoreCase("404 Not Found")) {
+ logger.debug(EELFLoggerDelegate.errorLogger,
+ "Application name space not found in External system for app {} due to bad rquest name space ",
+ app.getAuthNamespace(), e.getMessage());
+ } else {
+ logger.error(EELFLoggerDelegate.errorLogger, "Failed to assign admin role for application {}",
+ app.getAuthNamespace(), e);
+ result = false;
+ }
}
-
- }
}
- }
- result = true;
} catch (Exception e) {
- if (e.getMessage().equalsIgnoreCase("404 Not Found")) {
- logger.debug(EELFLoggerDelegate.errorLogger,
- "Application name space not found in External system for app {} due to bad rquest name space ",
- app.getAuthNamespace(), e.getMessage());
- } else {
- logger.error(EELFLoggerDelegate.errorLogger, "Failed to assign admin role for application {}",
- app.getAuthNamespace(), e);
result = false;
- }
+ logger.error(EELFLoggerDelegate.errorLogger, "Failed to assign admin roles operation", e);
+ }
+ return result;
+ }
+
+ public Set<String> getAllAppsFunctionsOfUser(String OrgUserId) throws RoleFunctionException {
+ final String getAllAppsFunctionsOfUser =
+ "select distinct ep.function_cd from fn_user_role fu, ep_app_role_function ep, ep_app_function ea, fn_app fa , fn_role fr\n"
+ + " where fu.role_id = ep.role_id \n"
+ + " and fu.app_id = ep.app_id\n"
+ + " and fu.user_id =:userId\n"
+ + " and ea.function_cd = ep.function_cd\n"
+ + " and ((fu.app_id = fa.app_id and fa.enabled = 'Y' ) or (fa.app_id = 1))\n"
+ + " and fr.role_id = fu.role_id and fr.active_yn='Y' \n"
+ + " union\n"
+ + " select distinct app_r_f.function_cd from ep_app_role_function app_r_f, ep_app_function a_f\n"
+ + " where role_id = 999\n"
+ + " and app_r_f.function_cd = a_f.function_cd\n"
+ + " and exists\n"
+ + " (\n"
+ + " select fa.app_id from fn_user fu, fn_user_role ur, fn_app fa where fu.user_id =:userId and fu.user_id = ur.user_id\n"
+ + " and ur.role_id = 999 and ur.app_id = fa.app_id and fa.enabled = 'Y'\n"
+ + " )";
+ List getRoleFuncListOfPortal = entityManager.createNativeQuery(getAllAppsFunctionsOfUser)
+ .setParameter("userId", OrgUserId).getResultList();
+ Set<String> getRoleFuncListOfPortalSet = new HashSet<>(getRoleFuncListOfPortal);
+ Set<String> roleFunSet = getRoleFuncListOfPortalSet.stream().filter(x -> x.contains("|"))
+ .collect(Collectors.toSet());
+ if (!roleFunSet.isEmpty()) {
+ for (String roleFunction : roleFunSet) {
+ String roleFun = EcompPortalUtils.getFunctionCode(roleFunction);
+ getRoleFuncListOfPortalSet.remove(roleFunction);
+ getRoleFuncListOfPortalSet.add(roleFun);
+ }
}
- }
- } catch (Exception e) {
- result = false;
- logger.error(EELFLoggerDelegate.errorLogger, "Failed to assign admin roles operation", e);
+
+ Set<String> finalRoleFunctionSet = new HashSet<>();
+ for (String roleFn : getRoleFuncListOfPortalSet) {
+ finalRoleFunctionSet.add(EPUserUtils.decodeFunctionCode(roleFn));
+ }
+
+ return finalRoleFunctionSet;
}
- return result;
- }
}
diff --git a/portal-BE/src/main/java/org/onap/portal/utils/DateUtil.java b/portal-BE/src/main/java/org/onap/portal/utils/DateUtil.java
new file mode 100644
index 00000000..dc7164bc
--- /dev/null
+++ b/portal-BE/src/main/java/org/onap/portal/utils/DateUtil.java
@@ -0,0 +1,58 @@
+/*
+ * ============LICENSE_START==========================================
+ * ONAP Portal
+ * ===================================================================
+ * Copyright (C) 2019 AT&T Intellectual Property. All rights reserved.
+ * ===================================================================
+ * Modifications Copyright (c) 2019 Samsung
+ * ===================================================================
+ *
+ * Unless otherwise specified, all software contained herein is licensed
+ * under the Apache License, Version 2.0 (the "License");
+ * you may not use this software except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ * Unless otherwise specified, all documentation contained herein is licensed
+ * under the Creative Commons License, Attribution 4.0 Intl. (the "License");
+ * you may not use this documentation except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * https://creativecommons.org/licenses/by/4.0/
+ *
+ * Unless required by applicable law or agreed to in writing, documentation
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ * ============LICENSE_END============================================
+ *
+ *
+ */
+
+package org.onap.portal.utils;
+
+import java.text.SimpleDateFormat;
+
+public class DateUtil {
+
+ private DateUtil() {
+ throw new IllegalStateException("Utility class");
+ }
+
+ public static SimpleDateFormat getDateFormat() {
+ return new SimpleDateFormat("HH:mm:ss:SSSS");
+ }
+
+ public static SimpleDateFormat getRequestDateFormat(){
+ return new SimpleDateFormat("EEE, dd MMM YYYY HH:mm:ss z");
+ }
+}
diff --git a/portal-BE/src/main/resources/conf/scheduler.properties b/portal-BE/src/main/resources/conf/scheduler.properties
new file mode 100644
index 00000000..ce52554c
--- /dev/null
+++ b/portal-BE/src/main/resources/conf/scheduler.properties
@@ -0,0 +1,61 @@
+###
+# ============LICENSE_START==========================================
+# ONAP Portal
+# ===================================================================
+# Copyright (C) 2017 AT&T Intellectual Property. All rights reserved.
+# ===================================================================
+#
+# Unless otherwise specified, all software contained herein is licensed
+# under the Apache License, Version 2.0 (the "License");
+# you may not use this software except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+# Unless otherwise specified, all documentation contained herein is licensed
+# under the Creative Commons License, Attribution 4.0 Intl. (the "License");
+# you may not use this documentation except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# https://creativecommons.org/licenses/by/4.0/
+#
+# Unless required by applicable law or agreed to in writing, documentation
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+# ============LICENSE_END============================================
+#
+#
+###
+
+
+##scheduler authentication credentials
+scheduler.user.name=test1
+scheduler.password=test2
+#scheduler properties
+scheduler.server.url=http://mtanjv9sdlg10.aic.cip.onap.com:8989/scheduler
+scheduler.create.new.vnf.change.instance=/v1/ChangeManagement/schedules/
+scheduler.get.time.slots=/v1/ChangeManagement/schedules/
+scheduler.submit.new.vnf.change=/v1/ChangeManagement/schedules/{scheduleId}/approvals
+vid.truststore.filename=C:\\Temp\\vid_keystore.jks
+vid.truststore.passwd.x=OBF:1wgg1wfq1uus1uui1x131x0r1x1v1x1j1uvo1uve1wg81wfi
+
+#scheduler-policy properties
+policy.server.url=https://policypdp-conexus-e2e.ecomp.cci.onap.com:8081/pdp
+policy.get.config=/api/getConfig
+policy.ClientAuth=UHlQRFBTZXJ2ZXI6dGVzdA==
+policy.client.mechId=m06814@controller.dcae.ecomp.onap.com
+policy.client.password=OBF:1ffu1qvu1t2z1l161fuk1i801nz91ro41xf71xfv1rqi1nx51i7y1fuq1kxw1t371qxw1fh0
+policy.username=testpdp
+policy.password=OBF:1igd1kft1l1a1sw61svs1kxs1kcl1idt
+policy.Authorization=dGVzdHBkcDphbHBoYTEyMw==
+policy.environment=TEST
+