diff options
38 files changed, 1778 insertions, 277 deletions
diff --git a/deliveries/.env b/deliveries/.env index 76f9b620..32ccb94e 100644 --- a/deliveries/.env +++ b/deliveries/.env @@ -6,6 +6,8 @@ EP_IMG_NAME=onap/portal-app SDK_IMG_NAME=onap/portal-sdk DB_IMG_NAME=onap/portal-db +CDR_IMG_NAME=onap/music/cassandra_music +ZK_IMG_NAME=zookeeper WMS_IMG_NAME=onap/portal-wms # Deployed with portal; built elsewhere CLI_IMG_NAME=onap/cli diff --git a/deliveries/Apps_Users_OnBoarding_Script.sql b/deliveries/Apps_Users_OnBoarding_Script.sql index 14e9ff2d..75a36abc 100644 --- a/deliveries/Apps_Users_OnBoarding_Script.sql +++ b/deliveries/Apps_Users_OnBoarding_Script.sql @@ -6,7 +6,7 @@ SET FOREIGN_KEY_CHECKS=1; -- Apps; note that the IDs are used below. INSERT INTO `fn_app` (`app_id`, `app_name`, `app_image_url`, `app_description`, `app_notes`, `app_url`, `app_alternate_url`, `app_rest_endpoint`, `ml_app_name`, `ml_app_admin_id`, `mots_id`, `app_password`, `open`, `enabled`, `thumbnail`, `app_username`, `ueb_key`, `ueb_secret`, `ueb_topic_name`, `app_type`,`auth_central`,`auth_namespace`) VALUES -(2, 'xDemo App', 'images/cache/portal-222865671_37476.png', NULL, NULL, 'http://portal.api.simpledemo.onap.org:8989/ONAPPORTALSDK/welcome.htm', NULL, 'http://portal.api.simpledemo.onap.org:8989/ONAPPORTALSDK/api/v2', '', '', NULL, '2VxipM8Z3SETg32m3Gp0FvKS6zZ2uCbCw46WDyK6T5E=', 'N', 'Y', NULL, 'Default', 'ueb_key', 'ueb_secret', 'ECOMP-PORTAL-OUTBOX', 1,'N',NULL), +(2, 'xDemo App', 'images/cache/portal-222865671_37476.png', NULL, NULL, 'http://portal.api.simpledemo.onap.org:8990/ONAPPORTALSDK/welcome.htm', NULL, 'http://portal.api.simpledemo.onap.org:8989/ONAPPORTALSDK/api/v2', '', '', NULL, '2VxipM8Z3SETg32m3Gp0FvKS6zZ2uCbCw46WDyK6T5E=', 'N', 'Y', NULL, 'Default', 'ueb_key', 'ueb_secret', 'ECOMP-PORTAL-OUTBOX', 1,'N',NULL), (3, 'DMaaP Bus Ctrl', 'images/cache/portal944583064_80711.png', NULL, NULL, 'http://portal.api.simpledemo.onap.org:8989/ECOMPDBCAPP/dbc#/dmaap', NULL, 'http://portal.api.simpledemo.onap.org:8989/ECOMPDBCAPP/api/v2', '', '', NULL, 'okYTaDrhzibcbGVq5mjkVQ==', 'N', 'N', NULL, 'Default', 'ueb_key', 'ueb_secret', 'ECOMP-PORTAL-OUTBOX', 1,'N',NULL), (4, 'SDC', 'images/cache/portal956868231_53879.png', NULL, NULL, 'http://sdc.api.simpledemo.onap.org:8181/sdc1/portal', NULL, 'http://sdc.api.simpledemo.onap.org:8080/api/v2', '', '', NULL, '78ot0W94rpB0o4FYzVoIOg==', 'N', 'Y', NULL, 'Default', 'ueb_key', 'ueb_secret', 'ECOMP-PORTAL-OUTBOX', 1,'N',NULL), (5, 'Policy', 'images/cache/portal1470452815_67021.png', NULL, NULL, 'http://policy.api.simpledemo.onap.org:8443/onap/policy', NULL, 'http://policy.api.simpledemo.onap.org:8443/onap/api/v2', '', '', NULL, 'okYTaDrhzibcbGVq5mjkVQ==', 'N', 'Y', NULL, 'Default', 'ueb_key', 'ueb_secret', 'ECOMP-PORTAL-OUTBOX', 1,'N',NULL), diff --git a/deliveries/build_portalapps_dockers.sh b/deliveries/build_portalapps_dockers.sh index d4f8968e..f7510acc 100755 --- a/deliveries/build_portalapps_dockers.sh +++ b/deliveries/build_portalapps_dockers.sh @@ -119,6 +119,14 @@ DB_DOCKER_CMD=" " $DB_DOCKER_CMD +# Copy cassandra scripts to required directories +# Portal +cp $BASEDIR/ecomp-portal-DB-common/*.cql ${DELIVDIR} +# SDK app +cp $BASEDIR/sdk/ecomp-sdk/epsdk-app-common/db-scripts/*.cql ${DELIVDIR} + + + echo "Build portal docker image" PORTAL_DOCKER_CMD=" docker build -t ${EP_IMG_NAME}:${PORTAL_TAG} ${PROXY_ARGS} diff --git a/deliveries/cassandra/cassandra.yaml b/deliveries/cassandra/cassandra.yaml new file mode 100644 index 00000000..291d1d73 --- /dev/null +++ b/deliveries/cassandra/cassandra.yaml @@ -0,0 +1,1001 @@ +# Cassandra storage config YAML + +# NOTE: +# See http://wiki.apache.org/cassandra/StorageConfiguration for +# full explanations of configuration directives +# /NOTE + +# The name of the cluster. This is mainly used to prevent machines in +# one logical cluster from joining another. +cluster_name: 'Portal Cluster' + +# This defines the number of tokens randomly assigned to this node on the ring +# The more tokens, relative to other nodes, the larger the proportion of data +# that this node will store. You probably want all nodes to have the same number +# of tokens assuming they have equal hardware capability. +# +# If you leave this unspecified, Cassandra will use the default of 1 token for legacy compatibility, +# and will use the initial_token as described below. +# +# Specifying initial_token will override this setting on the node's initial start, +# on subsequent starts, this setting will apply even if initial token is set. +# +# If you already have a cluster with 1 token per node, and wish to migrate to +# multiple tokens per node, see http://wiki.apache.org/cassandra/Operations +num_tokens: 256 + +# Triggers automatic allocation of num_tokens tokens for this node. The allocation +# algorithm attempts to choose tokens in a way that optimizes replicated load over +# the nodes in the datacenter for the replication strategy used by the specified +# keyspace. +# +# The load assigned to each node will be close to proportional to its number of +# vnodes. +# +# Only supported with the Murmur3Partitioner. +# allocate_tokens_for_keyspace: KEYSPACE + +# initial_token allows you to specify tokens manually. While you can use # it with +# vnodes (num_tokens > 1, above) -- in which case you should provide a +# comma-separated list -- it's primarily used when adding nodes # to legacy clusters +# that do not have vnodes enabled. +# initial_token: + +# See http://wiki.apache.org/cassandra/HintedHandoff +# May either be "true" or "false" to enable globally +hinted_handoff_enabled: true +# When hinted_handoff_enabled is true, a black list of data centers that will not +# perform hinted handoff +#hinted_handoff_disabled_datacenters: +# - DC1 +# - DC2 +# this defines the maximum amount of time a dead host will have hints +# generated. After it has been dead this long, new hints for it will not be +# created until it has been seen alive and gone down again. +max_hint_window_in_ms: 10800000 # 3 hours + +# Maximum throttle in KBs per second, per delivery thread. This will be +# reduced proportionally to the number of nodes in the cluster. (If there +# are two nodes in the cluster, each delivery thread will use the maximum +# rate; if there are three, each will throttle to half of the maximum, +# since we expect two nodes to be delivering hints simultaneously.) +hinted_handoff_throttle_in_kb: 1024 + +# Number of threads with which to deliver hints; +# Consider increasing this number when you have multi-dc deployments, since +# cross-dc handoff tends to be slower +max_hints_delivery_threads: 2 + +# Directory where Cassandra should store hints. +# If not set, the default directory is $CASSANDRA_HOME/data/hints. +# hints_directory: /var/lib/cassandra/hints + +# How often hints should be flushed from the internal buffers to disk. +# Will *not* trigger fsync. +hints_flush_period_in_ms: 10000 + +# Maximum size for a single hints file, in megabytes. +max_hints_file_size_in_mb: 128 + +# Compression to apply to the hint files. If omitted, hints files +# will be written uncompressed. LZ4, Snappy, and Deflate compressors +# are supported. +#hints_compression: +# - class_name: LZ4Compressor +# parameters: +# - + +# Maximum throttle in KBs per second, total. This will be +# reduced proportionally to the number of nodes in the cluster. +batchlog_replay_throttle_in_kb: 1024 + +# Authentication backend, implementing IAuthenticator; used to identify users +# Out of the box, Cassandra provides org.apache.cassandra.auth.{AllowAllAuthenticator, +# PasswordAuthenticator}. +# +# - AllowAllAuthenticator performs no checks - set it to disable authentication. +# - PasswordAuthenticator relies on username/password pairs to authenticate +# users. It keeps usernames and hashed passwords in system_auth.roles table. +# Please increase system_auth keyspace replication factor if you use this authenticator. +# If using PasswordAuthenticator, CassandraRoleManager must also be used (see below) +authenticator: PasswordAuthenticator + +# Authorization backend, implementing IAuthorizer; used to limit access/provide permissions +# Out of the box, Cassandra provides org.apache.cassandra.auth.{AllowAllAuthorizer, +# CassandraAuthorizer}. +# +# - AllowAllAuthorizer allows any action to any user - set it to disable authorization. +# - CassandraAuthorizer stores permissions in system_auth.role_permissions table. Please +# increase system_auth keyspace replication factor if you use this authorizer. +authorizer: CassandraAuthorizer + +# Part of the Authentication & Authorization backend, implementing IRoleManager; used +# to maintain grants and memberships between roles. +# Out of the box, Cassandra provides org.apache.cassandra.auth.CassandraRoleManager, +# which stores role information in the system_auth keyspace. Most functions of the +# IRoleManager require an authenticated login, so unless the configured IAuthenticator +# actually implements authentication, most of this functionality will be unavailable. +# +# - CassandraRoleManager stores role data in the system_auth keyspace. Please +# increase system_auth keyspace replication factor if you use this role manager. +role_manager: CassandraRoleManager + +# Validity period for roles cache (fetching permissions can be an +# expensive operation depending on the authorizer). Granted roles are cached for +# authenticated sessions in AuthenticatedUser and after the period specified +# here, become eligible for (async) reload. +# Defaults to 2000, set to 0 to disable. +# Will be disabled automatically for AllowAllAuthenticator. +roles_validity_in_ms: 2000 + +# Refresh interval for roles cache (if enabled). +# After this interval, cache entries become eligible for refresh. Upon next +# access, an async reload is scheduled and the old value returned until it +# completes. If roles_validity_in_ms is non-zero, then this must be +# also. +# Defaults to the same value as roles_validity_in_ms. +# roles_update_interval_in_ms: 1000 + +# Validity period for permissions cache (fetching permissions can be an +# expensive operation depending on the authorizer, CassandraAuthorizer is +# one example). Defaults to 2000, set to 0 to disable. +# Will be disabled automatically for AllowAllAuthorizer. +permissions_validity_in_ms: 2000 + +# Refresh interval for permissions cache (if enabled). +# After this interval, cache entries become eligible for refresh. Upon next +# access, an async reload is scheduled and the old value returned until it +# completes. If permissions_validity_in_ms is non-zero, then this must be +# also. +# Defaults to the same value as permissions_validity_in_ms. +# permissions_update_interval_in_ms: 1000 + +# The partitioner is responsible for distributing groups of rows (by +# partition key) across nodes in the cluster. You should leave this +# alone for new clusters. The partitioner can NOT be changed without +# reloading all data, so when upgrading you should set this to the +# same partitioner you were already using. +# +# Besides Murmur3Partitioner, partitioners included for backwards +# compatibility include RandomPartitioner, ByteOrderedPartitioner, and +# OrderPreservingPartitioner. +# +partitioner: org.apache.cassandra.dht.Murmur3Partitioner + +# Directories where Cassandra should store data on disk. Cassandra +# will spread data evenly across them, subject to the granularity of +# the configured compaction strategy. +# If not set, the default directory is $CASSANDRA_HOME/data/data. +data_file_directories: + - /var/lib/cassandra/data + +# commit log. when running on magnetic HDD, this should be a +# separate spindle than the data directories. +# If not set, the default directory is $CASSANDRA_HOME/data/commitlog. +commitlog_directory: /var/lib/cassandra/commitlog + +# policy for data disk failures: +# die: shut down gossip and client transports and kill the JVM for any fs errors or +# single-sstable errors, so the node can be replaced. +# stop_paranoid: shut down gossip and client transports even for single-sstable errors, +# kill the JVM for errors during startup. +# stop: shut down gossip and client transports, leaving the node effectively dead, but +# can still be inspected via JMX, kill the JVM for errors during startup. +# best_effort: stop using the failed disk and respond to requests based on +# remaining available sstables. This means you WILL see obsolete +# data at CL.ONE! +# ignore: ignore fatal errors and let requests fail, as in pre-1.2 Cassandra +disk_failure_policy: stop + +# policy for commit disk failures: +# die: shut down gossip and Thrift and kill the JVM, so the node can be replaced. +# stop: shut down gossip and Thrift, leaving the node effectively dead, but +# can still be inspected via JMX. +# stop_commit: shutdown the commit log, letting writes collect but +# continuing to service reads, as in pre-2.0.5 Cassandra +# ignore: ignore fatal errors and let the batches fail +commit_failure_policy: stop + +# Maximum size of the key cache in memory. +# +# Each key cache hit saves 1 seek and each row cache hit saves 2 seeks at the +# minimum, sometimes more. The key cache is fairly tiny for the amount of +# time it saves, so it's worthwhile to use it at large numbers. +# The row cache saves even more time, but must contain the entire row, +# so it is extremely space-intensive. It's best to only use the +# row cache if you have hot rows or static rows. +# +# NOTE: if you reduce the size, you may not get you hottest keys loaded on startup. +# +# Default value is empty to make it "auto" (min(5% of Heap (in MB), 100MB)). Set to 0 to disable key cache. +key_cache_size_in_mb: + +# Duration in seconds after which Cassandra should +# save the key cache. Caches are saved to saved_caches_directory as +# specified in this configuration file. +# +# Saved caches greatly improve cold-start speeds, and is relatively cheap in +# terms of I/O for the key cache. Row cache saving is much more expensive and +# has limited use. +# +# Default is 14400 or 4 hours. +key_cache_save_period: 14400 + +# Number of keys from the key cache to save +# Disabled by default, meaning all keys are going to be saved +# key_cache_keys_to_save: 100 + +# Row cache implementation class name. +# Available implementations: +# org.apache.cassandra.cache.OHCProvider Fully off-heap row cache implementation (default). +# org.apache.cassandra.cache.SerializingCacheProvider This is the row cache implementation availabile +# in previous releases of Cassandra. +# row_cache_class_name: org.apache.cassandra.cache.OHCProvider + +# Maximum size of the row cache in memory. +# Please note that OHC cache implementation requires some additional off-heap memory to manage +# the map structures and some in-flight memory during operations before/after cache entries can be +# accounted against the cache capacity. This overhead is usually small compared to the whole capacity. +# Do not specify more memory that the system can afford in the worst usual situation and leave some +# headroom for OS block level cache. Do never allow your system to swap. +# +# Default value is 0, to disable row caching. +row_cache_size_in_mb: 0 + +# Duration in seconds after which Cassandra should save the row cache. +# Caches are saved to saved_caches_directory as specified in this configuration file. +# +# Saved caches greatly improve cold-start speeds, and is relatively cheap in +# terms of I/O for the key cache. Row cache saving is much more expensive and +# has limited use. +# +# Default is 0 to disable saving the row cache. +row_cache_save_period: 0 + +# Number of keys from the row cache to save. +# Specify 0 (which is the default), meaning all keys are going to be saved +# row_cache_keys_to_save: 100 + +# Maximum size of the counter cache in memory. +# +# Counter cache helps to reduce counter locks' contention for hot counter cells. +# In case of RF = 1 a counter cache hit will cause Cassandra to skip the read before +# write entirely. With RF > 1 a counter cache hit will still help to reduce the duration +# of the lock hold, helping with hot counter cell updates, but will not allow skipping +# the read entirely. Only the local (clock, count) tuple of a counter cell is kept +# in memory, not the whole counter, so it's relatively cheap. +# +# NOTE: if you reduce the size, you may not get you hottest keys loaded on startup. +# +# Default value is empty to make it "auto" (min(2.5% of Heap (in MB), 50MB)). Set to 0 to disable counter cache. +# NOTE: if you perform counter deletes and rely on low gcgs, you should disable the counter cache. +counter_cache_size_in_mb: + +# Duration in seconds after which Cassandra should +# save the counter cache (keys only). Caches are saved to saved_caches_directory as +# specified in this configuration file. +# +# Default is 7200 or 2 hours. +counter_cache_save_period: 7200 + +# Number of keys from the counter cache to save +# Disabled by default, meaning all keys are going to be saved +# counter_cache_keys_to_save: 100 + +# saved caches +# If not set, the default directory is $CASSANDRA_HOME/data/saved_caches. +saved_caches_directory: /var/lib/cassandra/saved_caches + +# commitlog_sync may be either "periodic" or "batch." +# +# When in batch mode, Cassandra won't ack writes until the commit log +# has been fsynced to disk. It will wait +# commitlog_sync_batch_window_in_ms milliseconds between fsyncs. +# This window should be kept short because the writer threads will +# be unable to do extra work while waiting. (You may need to increase +# concurrent_writes for the same reason.) +# +# commitlog_sync: batch +# commitlog_sync_batch_window_in_ms: 2 +# +# the other option is "periodic" where writes may be acked immediately +# and the CommitLog is simply synced every commitlog_sync_period_in_ms +# milliseconds. +commitlog_sync: periodic +commitlog_sync_period_in_ms: 10000 + +# The size of the individual commitlog file segments. A commitlog +# segment may be archived, deleted, or recycled once all the data +# in it (potentially from each columnfamily in the system) has been +# flushed to sstables. +# +# The default size is 32, which is almost always fine, but if you are +# archiving commitlog segments (see commitlog_archiving.properties), +# then you probably want a finer granularity of archiving; 8 or 16 MB +# is reasonable. +# Max mutation size is also configurable via max_mutation_size_in_kb setting in +# cassandra.yaml. The default is half the size commitlog_segment_size_in_mb * 1024. +# This should be positive and less than 2048. +# +# NOTE: If max_mutation_size_in_kb is set explicitly then commitlog_segment_size_in_mb must +# be set to at least twice the size of max_mutation_size_in_kb / 1024 +# +commitlog_segment_size_in_mb: 32 + +# Compression to apply to the commit log. If omitted, the commit log +# will be written uncompressed. LZ4, Snappy, and Deflate compressors +# are supported. +#commitlog_compression: +# - class_name: LZ4Compressor +# parameters: +# - + +# any class that implements the SeedProvider interface and has a +# constructor that takes a Map<String, String> of parameters will do. +seed_provider: + # Addresses of hosts that are deemed contact points. + # Cassandra nodes use this list of hosts to find each other and learn + # the topology of the ring. You must change this if you are running + # multiple nodes! + - class_name: org.apache.cassandra.locator.SimpleSeedProvider + parameters: + # seeds is actually a comma-delimited list of addresses. + # Ex: "<ip1>,<ip2>,<ip3>" + - seeds: "127.0.0.1" + +# For workloads with more data than can fit in memory, Cassandra's +# bottleneck will be reads that need to fetch data from +# disk. "concurrent_reads" should be set to (16 * number_of_drives) in +# order to allow the operations to enqueue low enough in the stack +# that the OS and drives can reorder them. Same applies to +# "concurrent_counter_writes", since counter writes read the current +# values before incrementing and writing them back. +# +# On the other hand, since writes are almost never IO bound, the ideal +# number of "concurrent_writes" is dependent on the number of cores in +# your system; (8 * number_of_cores) is a good rule of thumb. +concurrent_reads: 32 +concurrent_writes: 32 +concurrent_counter_writes: 32 + +# For materialized view writes, as there is a read involved, so this should +# be limited by the less of concurrent reads or concurrent writes. +concurrent_materialized_view_writes: 32 + +# Maximum memory to use for pooling sstable buffers. Defaults to the smaller +# of 1/4 of heap or 512MB. This pool is allocated off-heap, so is in addition +# to the memory allocated for heap. Memory is only allocated as needed. +# file_cache_size_in_mb: 512 + +# Flag indicating whether to allocate on or off heap when the sstable buffer +# pool is exhausted, that is when it has exceeded the maximum memory +# file_cache_size_in_mb, beyond which it will not cache buffers but allocate on request. + +# buffer_pool_use_heap_if_exhausted: true + +# The strategy for optimizing disk read +# Possible values are: +# ssd (for solid state disks, the default) +# spinning (for spinning disks) +# disk_optimization_strategy: ssd + +# Total permitted memory to use for memtables. Cassandra will stop +# accepting writes when the limit is exceeded until a flush completes, +# and will trigger a flush based on memtable_cleanup_threshold +# If omitted, Cassandra will set both to 1/4 the size of the heap. +# memtable_heap_space_in_mb: 2048 +# memtable_offheap_space_in_mb: 2048 + +# Ratio of occupied non-flushing memtable size to total permitted size +# that will trigger a flush of the largest memtable. Larger mct will +# mean larger flushes and hence less compaction, but also less concurrent +# flush activity which can make it difficult to keep your disks fed +# under heavy write load. +# +# memtable_cleanup_threshold defaults to 1 / (memtable_flush_writers + 1) +# memtable_cleanup_threshold: 0.11 + +# Specify the way Cassandra allocates and manages memtable memory. +# Options are: +# heap_buffers: on heap nio buffers +# +# Note: offheap_buffers are not supported in Cassandra 3.0 - 3.3. +# They have been re-introduced in Cassandra 3.4. For details see +# https://issues.apache.org/jira/browse/CASSANDRA-9472 and +# https://issues.apache.org/jira/browse/CASSANDRA-11039 +memtable_allocation_type: heap_buffers + +# Total space to use for commit logs on disk. +# +# If space gets above this value, Cassandra will flush every dirty CF +# in the oldest segment and remove it. So a small total commitlog space +# will tend to cause more flush activity on less-active columnfamilies. +# +# The default value is the smaller of 8192, and 1/4 of the total space +# of the commitlog volume. +# +# commitlog_total_space_in_mb: 8192 + +# This sets the amount of memtable flush writer threads. These will +# be blocked by disk io, and each one will hold a memtable in memory +# while blocked. +# +# memtable_flush_writers defaults to the smaller of (number of disks, +# number of cores), with a minimum of 2 and a maximum of 8. +# +# If your data directories are backed by SSD, you should increase this +# to the number of cores. +#memtable_flush_writers: 8 + +# A fixed memory pool size in MB for for SSTable index summaries. If left +# empty, this will default to 5% of the heap size. If the memory usage of +# all index summaries exceeds this limit, SSTables with low read rates will +# shrink their index summaries in order to meet this limit. However, this +# is a best-effort process. In extreme conditions Cassandra may need to use +# more than this amount of memory. +index_summary_capacity_in_mb: + +# How frequently index summaries should be resampled. This is done +# periodically to redistribute memory from the fixed-size pool to sstables +# proportional their recent read rates. Setting to -1 will disable this +# process, leaving existing index summaries at their current sampling level. +index_summary_resize_interval_in_minutes: 60 + +# Whether to, when doing sequential writing, fsync() at intervals in +# order to force the operating system to flush the dirty +# buffers. Enable this to avoid sudden dirty buffer flushing from +# impacting read latencies. Almost always a good idea on SSDs; not +# necessarily on platters. +trickle_fsync: false +trickle_fsync_interval_in_kb: 10240 + +# TCP port, for commands and data +# For security reasons, you should not expose this port to the internet. Firewall it if needed. +storage_port: 7000 + +# SSL port, for encrypted communication. Unused unless enabled in +# encryption_options +# For security reasons, you should not expose this port to the internet. Firewall it if needed. +ssl_storage_port: 7001 + +# Address or interface to bind to and tell other Cassandra nodes to connect to. +# You _must_ change this if you want multiple nodes to be able to communicate! +# +# Set listen_address OR listen_interface, not both. Interfaces must correspond +# to a single address, IP aliasing is not supported. +# +# Leaving it blank leaves it up to InetAddress.getLocalHost(). This +# will always do the Right Thing _if_ the node is properly configured +# (hostname, name resolution, etc), and the Right Thing is to use the +# address associated with the hostname (it might not be). +# +# Setting listen_address to 0.0.0.0 is always wrong. +# +# If you choose to specify the interface by name and the interface has an ipv4 and an ipv6 address +# you can specify which should be chosen using listen_interface_prefer_ipv6. If false the first ipv4 +# address will be used. If true the first ipv6 address will be used. Defaults to false preferring +# ipv4. If there is only one address it will be selected regardless of ipv4/ipv6. +listen_address: localhost +# listen_interface: eth0 +# listen_interface_prefer_ipv6: false + +# Address to broadcast to other Cassandra nodes +# Leaving this blank will set it to the same value as listen_address +# broadcast_address: 1.2.3.4 + +# When using multiple physical network interfaces, set this +# to true to listen on broadcast_address in addition to +# the listen_address, allowing nodes to communicate in both +# interfaces. +# Ignore this property if the network configuration automatically +# routes between the public and private networks such as EC2. +# listen_on_broadcast_address: false + +# Internode authentication backend, implementing IInternodeAuthenticator; +# used to allow/disallow connections from peer nodes. +# internode_authenticator: org.apache.cassandra.auth.AllowAllInternodeAuthenticator + +# Whether to start the native transport server. +# Please note that the address on which the native transport is bound is the +# same as the rpc_address. The port however is different and specified below. +start_native_transport: true +# port for the CQL native transport to listen for clients on +# For security reasons, you should not expose this port to the internet. Firewall it if needed. +native_transport_port: 9042 +# Enabling native transport encryption in client_encryption_options allows you to either use +# encryption for the standard port or to use a dedicated, additional port along with the unencrypted +# standard native_transport_port. +# Enabling client encryption and keeping native_transport_port_ssl disabled will use encryption +# for native_transport_port. Setting native_transport_port_ssl to a different value +# from native_transport_port will use encryption for native_transport_port_ssl while +# keeping native_transport_port unencrypted. +# native_transport_port_ssl: 9142 +# The maximum threads for handling requests when the native transport is used. +# This is similar to rpc_max_threads though the default differs slightly (and +# there is no native_transport_min_threads, idle threads will always be stopped +# after 30 seconds). +# native_transport_max_threads: 128 +# +# The maximum size of allowed frame. Frame (requests) larger than this will +# be rejected as invalid. The default is 256MB. If you're changing this parameter, +# you may want to adjust max_value_size_in_mb accordingly. This should be positive and less than 2048. +# native_transport_max_frame_size_in_mb: 256 + +# The maximum number of concurrent client connections. +# The default is -1, which means unlimited. +# native_transport_max_concurrent_connections: -1 + +# The maximum number of concurrent client connections per source ip. +# The default is -1, which means unlimited. +# native_transport_max_concurrent_connections_per_ip: -1 + +# Whether to start the thrift rpc server. +start_rpc: false + +# The address or interface to bind the Thrift RPC service and native transport +# server to. +# +# Set rpc_address OR rpc_interface, not both. Interfaces must correspond +# to a single address, IP aliasing is not supported. +# +# Leaving rpc_address blank has the same effect as on listen_address +# (i.e. it will be based on the configured hostname of the node). +# +# Note that unlike listen_address, you can specify 0.0.0.0, but you must also +# set broadcast_rpc_address to a value other than 0.0.0.0. +# +# For security reasons, you should not expose this port to the internet. Firewall it if needed. +# +# If you choose to specify the interface by name and the interface has an ipv4 and an ipv6 address +# you can specify which should be chosen using rpc_interface_prefer_ipv6. If false the first ipv4 +# address will be used. If true the first ipv6 address will be used. Defaults to false preferring +# ipv4. If there is only one address it will be selected regardless of ipv4/ipv6. +rpc_address: localhost +# rpc_interface: eth1 +# rpc_interface_prefer_ipv6: false + +# port for Thrift to listen for clients on +rpc_port: 9160 + +# RPC address to broadcast to drivers and other Cassandra nodes. This cannot +# be set to 0.0.0.0. If left blank, this will be set to the value of +# rpc_address. If rpc_address is set to 0.0.0.0, broadcast_rpc_address must +# be set. +# broadcast_rpc_address: 1.2.3.4 + +# enable or disable keepalive on rpc/native connections +rpc_keepalive: true + +# Cassandra provides two out-of-the-box options for the RPC Server: +# +# sync -> One thread per thrift connection. For a very large number of clients, memory +# will be your limiting factor. On a 64 bit JVM, 180KB is the minimum stack size +# per thread, and that will correspond to your use of virtual memory (but physical memory +# may be limited depending on use of stack space). +# +# hsha -> Stands for "half synchronous, half asynchronous." All thrift clients are handled +# asynchronously using a small number of threads that does not vary with the amount +# of thrift clients (and thus scales well to many clients). The rpc requests are still +# synchronous (one thread per active request). If hsha is selected then it is essential +# that rpc_max_threads is changed from the default value of unlimited. +# +# The default is sync because on Windows hsha is about 30% slower. On Linux, +# sync/hsha performance is about the same, with hsha of course using less memory. +# +# Alternatively, can provide your own RPC server by providing the fully-qualified class name +# of an o.a.c.t.TServerFactory that can create an instance of it. +rpc_server_type: sync + +# Uncomment rpc_min|max_thread to set request pool size limits. +# +# Regardless of your choice of RPC server (see above), the number of maximum requests in the +# RPC thread pool dictates how many concurrent requests are possible (but if you are using the sync +# RPC server, it also dictates the number of clients that can be connected at all). +# +# The default is unlimited and thus provides no protection against clients overwhelming the server. You are +# encouraged to set a maximum that makes sense for you in production, but do keep in mind that +# rpc_max_threads represents the maximum number of client requests this server may execute concurrently. +# +# rpc_min_threads: 16 +# rpc_max_threads: 2048 + +# uncomment to set socket buffer sizes on rpc connections +# rpc_send_buff_size_in_bytes: +# rpc_recv_buff_size_in_bytes: + +# Uncomment to set socket buffer size for internode communication +# Note that when setting this, the buffer size is limited by net.core.wmem_max +# and when not setting it it is defined by net.ipv4.tcp_wmem +# See: +# /proc/sys/net/core/wmem_max +# /proc/sys/net/core/rmem_max +# /proc/sys/net/ipv4/tcp_wmem +# /proc/sys/net/ipv4/tcp_wmem +# and: man tcp +# internode_send_buff_size_in_bytes: +# internode_recv_buff_size_in_bytes: + +# Frame size for thrift (maximum message length). +thrift_framed_transport_size_in_mb: 15 + +# Set to true to have Cassandra create a hard link to each sstable +# flushed or streamed locally in a backups/ subdirectory of the +# keyspace data. Removing these links is the operator's +# responsibility. +incremental_backups: false + +# Whether or not to take a snapshot before each compaction. Be +# careful using this option, since Cassandra won't clean up the +# snapshots for you. Mostly useful if you're paranoid when there +# is a data format change. +snapshot_before_compaction: false + +# Whether or not a snapshot is taken of the data before keyspace truncation +# or dropping of column families. The STRONGLY advised default of true +# should be used to provide data safety. If you set this flag to false, you will +# lose data on truncation or drop. +auto_snapshot: true + +# When executing a scan, within or across a partition, we need to keep the +# tombstones seen in memory so we can return them to the coordinator, which +# will use them to make sure other replicas also know about the deleted rows. +# With workloads that generate a lot of tombstones, this can cause performance +# problems and even exaust the server heap. +# (http://www.datastax.com/dev/blog/cassandra-anti-patterns-queues-and-queue-like-datasets) +# Adjust the thresholds here if you understand the dangers and want to +# scan more tombstones anyway. These thresholds may also be adjusted at runtime +# using the StorageService mbean. +tombstone_warn_threshold: 1000 +tombstone_failure_threshold: 100000 + +# Granularity of the collation index of rows within a partition. +# Increase if your rows are large, or if you have a very large +# number of rows per partition. The competing goals are these: +# 1) a smaller granularity means more index entries are generated +# and looking up rows withing the partition by collation column +# is faster +# 2) but, Cassandra will keep the collation index in memory for hot +# rows (as part of the key cache), so a larger granularity means +# you can cache more hot rows +column_index_size_in_kb: 64 + + +# Log WARN on any batch size exceeding this value. 5kb per batch by default. +# Caution should be taken on increasing the size of this threshold as it can lead to node instability. +batch_size_warn_threshold_in_kb: 5 + +# Fail any batch exceeding this value. 50kb (10x warn threshold) by default. +batch_size_fail_threshold_in_kb: 50 + +# Log WARN on any batches not of type LOGGED than span across more partitions than this limit +unlogged_batch_across_partitions_warn_threshold: 10 + +# Number of simultaneous compactions to allow, NOT including +# validation "compactions" for anti-entropy repair. Simultaneous +# compactions can help preserve read performance in a mixed read/write +# workload, by mitigating the tendency of small sstables to accumulate +# during a single long running compactions. The default is usually +# fine and if you experience problems with compaction running too +# slowly or too fast, you should look at +# compaction_throughput_mb_per_sec first. +# +# concurrent_compactors defaults to the smaller of (number of disks, +# number of cores), with a minimum of 2 and a maximum of 8. +# +# If your data directories are backed by SSD, you should increase this +# to the number of cores. +#concurrent_compactors: 1 + +# Throttles compaction to the given total throughput across the entire +# system. The faster you insert data, the faster you need to compact in +# order to keep the sstable count down, but in general, setting this to +# 16 to 32 times the rate you are inserting data is more than sufficient. +# Setting this to 0 disables throttling. Note that this account for all types +# of compaction, including validation compaction. +compaction_throughput_mb_per_sec: 16 + +# Log a warning when compacting partitions larger than this value +compaction_large_partition_warning_threshold_mb: 100 + +# When compacting, the replacement sstable(s) can be opened before they +# are completely written, and used in place of the prior sstables for +# any range that has been written. This helps to smoothly transfer reads +# between the sstables, reducing page cache churn and keeping hot rows hot +sstable_preemptive_open_interval_in_mb: 50 + +# Throttles all outbound streaming file transfers on this node to the +# given total throughput in Mbps. This is necessary because Cassandra does +# mostly sequential IO when streaming data during bootstrap or repair, which +# can lead to saturating the network connection and degrading rpc performance. +# When unset, the default is 200 Mbps or 25 MB/s. +# stream_throughput_outbound_megabits_per_sec: 200 + +# Throttles all streaming file transfer between the datacenters, +# this setting allows users to throttle inter dc stream throughput in addition +# to throttling all network stream traffic as configured with +# stream_throughput_outbound_megabits_per_sec +# When unset, the default is 200 Mbps or 25 MB/s +# inter_dc_stream_throughput_outbound_megabits_per_sec: 200 + +# How long the coordinator should wait for read operations to complete +read_request_timeout_in_ms: 5000 +# How long the coordinator should wait for seq or index scans to complete +range_request_timeout_in_ms: 10000 +# How long the coordinator should wait for writes to complete +write_request_timeout_in_ms: 2000 +# How long the coordinator should wait for counter writes to complete +counter_write_request_timeout_in_ms: 5000 +# How long a coordinator should continue to retry a CAS operation +# that contends with other proposals for the same row +cas_contention_timeout_in_ms: 1000 +# How long the coordinator should wait for truncates to complete +# (This can be much longer, because unless auto_snapshot is disabled +# we need to flush first so we can snapshot before removing the data.) +truncate_request_timeout_in_ms: 60000 +# The default timeout for other, miscellaneous operations +request_timeout_in_ms: 10000 + +# Enable operation timeout information exchange between nodes to accurately +# measure request timeouts. If disabled, replicas will assume that requests +# were forwarded to them instantly by the coordinator, which means that +# under overload conditions we will waste that much extra time processing +# already-timed-out requests. +# +# Warning: before enabling this property make sure to ntp is installed +# and the times are synchronized between the nodes. +cross_node_timeout: false + +# Set socket timeout for streaming operation. +# The stream session is failed if no data/ack is received by any of the participants +# within that period, which means this should also be sufficient to stream a large +# sstable or rebuild table indexes. +# Default value is 86400000ms, which means stale streams timeout after 24 hours. +# A value of zero means stream sockets should never time out. +# streaming_socket_timeout_in_ms: 86400000 + +# phi value that must be reached for a host to be marked down. +# most users should never need to adjust this. +# phi_convict_threshold: 8 + +# endpoint_snitch -- Set this to a class that implements +# IEndpointSnitch. The snitch has two functions: +# - it teaches Cassandra enough about your network topology to route +# requests efficiently +# - it allows Cassandra to spread replicas around your cluster to avoid +# correlated failures. It does this by grouping machines into +# "datacenters" and "racks." Cassandra will do its best not to have +# more than one replica on the same "rack" (which may not actually +# be a physical location) +# +# CASSANDRA WILL NOT ALLOW YOU TO SWITCH TO AN INCOMPATIBLE SNITCH +# ONCE DATA IS INSERTED INTO THE CLUSTER. This would cause data loss. +# This means that if you start with the default SimpleSnitch, which +# locates every node on "rack1" in "datacenter1", your only options +# if you need to add another datacenter are GossipingPropertyFileSnitch +# (and the older PFS). From there, if you want to migrate to an +# incompatible snitch like Ec2Snitch you can do it by adding new nodes +# under Ec2Snitch (which will locate them in a new "datacenter") and +# decommissioning the old ones. +# +# Out of the box, Cassandra provides +# - SimpleSnitch: +# Treats Strategy order as proximity. This can improve cache +# locality when disabling read repair. Only appropriate for +# single-datacenter deployments. +# - GossipingPropertyFileSnitch +# This should be your go-to snitch for production use. The rack +# and datacenter for the local node are defined in +# cassandra-rackdc.properties and propagated to other nodes via +# gossip. If cassandra-topology.properties exists, it is used as a +# fallback, allowing migration from the PropertyFileSnitch. +# - PropertyFileSnitch: +# Proximity is determined by rack and data center, which are +# explicitly configured in cassandra-topology.properties. +# - Ec2Snitch: +# Appropriate for EC2 deployments in a single Region. Loads Region +# and Availability Zone information from the EC2 API. The Region is +# treated as the datacenter, and the Availability Zone as the rack. +# Only private IPs are used, so this will not work across multiple +# Regions. +# - Ec2MultiRegionSnitch: +# Uses public IPs as broadcast_address to allow cross-region +# connectivity. (Thus, you should set seed addresses to the public +# IP as well.) You will need to open the storage_port or +# ssl_storage_port on the public IP firewall. (For intra-Region +# traffic, Cassandra will switch to the private IP after +# establishing a connection.) +# - RackInferringSnitch: +# Proximity is determined by rack and data center, which are +# assumed to correspond to the 3rd and 2nd octet of each node's IP +# address, respectively. Unless this happens to match your +# deployment conventions, this is best used as an example of +# writing a custom Snitch class and is provided in that spirit. +# +# You can use a custom Snitch by setting this to the full class name +# of the snitch, which will be assumed to be on your classpath. +endpoint_snitch: SimpleSnitch + +# controls how often to perform the more expensive part of host score +# calculation +dynamic_snitch_update_interval_in_ms: 100 +# controls how often to reset all host scores, allowing a bad host to +# possibly recover +dynamic_snitch_reset_interval_in_ms: 600000 +# if set greater than zero and read_repair_chance is < 1.0, this will allow +# 'pinning' of replicas to hosts in order to increase cache capacity. +# The badness threshold will control how much worse the pinned host has to be +# before the dynamic snitch will prefer other replicas over it. This is +# expressed as a double which represents a percentage. Thus, a value of +# 0.2 means Cassandra would continue to prefer the static snitch values +# until the pinned host was 20% worse than the fastest. +dynamic_snitch_badness_threshold: 0.1 + +# request_scheduler -- Set this to a class that implements +# RequestScheduler, which will schedule incoming client requests +# according to the specific policy. This is useful for multi-tenancy +# with a single Cassandra cluster. +# NOTE: This is specifically for requests from the client and does +# not affect inter node communication. +# org.apache.cassandra.scheduler.NoScheduler - No scheduling takes place +# org.apache.cassandra.scheduler.RoundRobinScheduler - Round robin of +# client requests to a node with a separate queue for each +# request_scheduler_id. The scheduler is further customized by +# request_scheduler_options as described below. +request_scheduler: org.apache.cassandra.scheduler.NoScheduler + +# Scheduler Options vary based on the type of scheduler +# NoScheduler - Has no options +# RoundRobin +# - throttle_limit -- The throttle_limit is the number of in-flight +# requests per client. Requests beyond +# that limit are queued up until +# running requests can complete. +# The value of 80 here is twice the number of +# concurrent_reads + concurrent_writes. +# - default_weight -- default_weight is optional and allows for +# overriding the default which is 1. +# - weights -- Weights are optional and will default to 1 or the +# overridden default_weight. The weight translates into how +# many requests are handled during each turn of the +# RoundRobin, based on the scheduler id. +# +# request_scheduler_options: +# throttle_limit: 80 +# default_weight: 5 +# weights: +# Keyspace1: 1 +# Keyspace2: 5 + +# request_scheduler_id -- An identifier based on which to perform +# the request scheduling. Currently the only valid option is keyspace. +# request_scheduler_id: keyspace + +# Enable or disable inter-node encryption +# Default settings are TLS v1, RSA 1024-bit keys (it is imperative that +# users generate their own keys) TLS_RSA_WITH_AES_128_CBC_SHA as the cipher +# suite for authentication, key exchange and encryption of the actual data transfers. +# Use the DHE/ECDHE ciphers if running in FIPS 140 compliant mode. +# NOTE: No custom encryption options are enabled at the moment +# The available internode options are : all, none, dc, rack +# +# If set to dc cassandra will encrypt the traffic between the DCs +# If set to rack cassandra will encrypt the traffic between the racks +# +# The passwords used in these options must match the passwords used when generating +# the keystore and truststore. For instructions on generating these files, see: +# http://download.oracle.com/javase/6/docs/technotes/guides/security/jsse/JSSERefGuide.html#CreateKeystore +# +server_encryption_options: + internode_encryption: none + keystore: conf/.keystore + keystore_password: cassandra + truststore: conf/.truststore + truststore_password: cassandra + # More advanced defaults below: + # protocol: TLS + # algorithm: SunX509 + # store_type: JKS + # cipher_suites: [TLS_RSA_WITH_AES_128_CBC_SHA,TLS_RSA_WITH_AES_256_CBC_SHA,TLS_DHE_RSA_WITH_AES_128_CBC_SHA,TLS_DHE_RSA_WITH_AES_256_CBC_SHA,TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA,TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA] + # require_client_auth: false + +# enable or disable client/server encryption. +client_encryption_options: + enabled: false + # If enabled and optional is set to true encrypted and unencrypted connections are handled. + optional: false + keystore: conf/.keystore + keystore_password: cassandra + # require_client_auth: false + # Set trustore and truststore_password if require_client_auth is true + # truststore: conf/.truststore + # truststore_password: cassandra + # More advanced defaults below: + # protocol: TLS + # algorithm: SunX509 + # store_type: JKS + # cipher_suites: [TLS_RSA_WITH_AES_128_CBC_SHA,TLS_RSA_WITH_AES_256_CBC_SHA,TLS_DHE_RSA_WITH_AES_128_CBC_SHA,TLS_DHE_RSA_WITH_AES_256_CBC_SHA,TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA,TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA] + +# internode_compression controls whether traffic between nodes is +# compressed. +# can be: all - all traffic is compressed +# dc - traffic between different datacenters is compressed +# none - nothing is compressed. +internode_compression: all + +# Enable or disable tcp_nodelay for inter-dc communication. +# Disabling it will result in larger (but fewer) network packets being sent, +# reducing overhead from the TCP protocol itself, at the cost of increasing +# latency if you block for cross-datacenter responses. +inter_dc_tcp_nodelay: false + +# TTL for different trace types used during logging of the repair process. +tracetype_query_ttl: 86400 +tracetype_repair_ttl: 604800 + +# By default, Cassandra logs GC Pauses greater than 200 ms at INFO level +# This threshold can be adjusted to minimize logging if necessary +# gc_log_threshold_in_ms: 200 + +# GC Pauses greater than gc_warn_threshold_in_ms will be logged at WARN level +# If unset, all GC Pauses greater than gc_log_threshold_in_ms will log at +# INFO level +# Adjust the threshold based on your application throughput requirement +gc_warn_threshold_in_ms: 1000 + +# UDFs (user defined functions) are disabled by default. +# As of Cassandra 3.0 there is a sandbox in place that should prevent execution of evil code. +enable_user_defined_functions: false + +# Enables scripted UDFs (JavaScript UDFs). +# Java UDFs are always enabled, if enable_user_defined_functions is true. +# Enable this option to be able to use UDFs with "language javascript" or any custom JSR-223 provider. +# This option has no effect, if enable_user_defined_functions is false. +enable_scripted_user_defined_functions: false + +# The default Windows kernel timer and scheduling resolution is 15.6ms for power conservation. +# Lowering this value on Windows can provide much tighter latency and better throughput, however +# some virtualized environments may see a negative performance impact from changing this setting +# below their system default. The sysinternals 'clockres' tool can confirm your system's default +# setting. +windows_timer_interval: 1 + +# Maximum size of any value in SSTables. Safety measure to detect SSTable corruption +# early. Any value size larger than this threshold will result into marking an SSTable +# as corrupted. This should be positive and less than 2048. +# max_value_size_in_mb: 256 + +# Coalescing Strategies # +# Coalescing multiples messages turns out to significantly boost message processing throughput (think doubling or more). +# On bare metal, the floor for packet processing throughput is high enough that many applications won't notice, but in +# virtualized environments, the point at which an application can be bound by network packet processing can be +# surprisingly low compared to the throughput of task processing that is possible inside a VM. It's not that bare metal +# doesn't benefit from coalescing messages, it's that the number of packets a bare metal network interface can process +# is sufficient for many applications such that no load starvation is experienced even without coalescing. +# There are other benefits to coalescing network messages that are harder to isolate with a simple metric like messages +# per second. By coalescing multiple tasks together, a network thread can process multiple messages for the cost of one +# trip to read from a socket, and all the task submission work can be done at the same time reducing context switching +# and increasing cache friendliness of network message processing. +# See CASSANDRA-8692 for details. + +# Strategy to use for coalescing messages in OutboundTcpConnection. +# Can be fixed, movingaverage, timehorizon (default), disabled. +# You can also specify a subclass of CoalescingStrategies.CoalescingStrategy by name. +# otc_coalescing_strategy: TIMEHORIZON + +# How many microseconds to wait for coalescing. For fixed strategy this is the amount of time after the first +# message is received before it will be sent with any accompanying messages. For moving average this is the +# maximum amount of time that will be waited as well as the interval at which messages must arrive on average +# for coalescing to be enabled. +# otc_coalescing_window_us: 200 + +# Do not try to coalesce messages if we already got that many messages. This should be more than 2 and less than 128. +# otc_coalescing_enough_coalesced_messages: 8 + +# How many milliseconds to wait between two expiration runs on the backlog (queue) of the OutboundTcpConnection. +# Expiration is done if messages are piling up in the backlog. Droppable messages are expired to free the memory +# taken by expired messages. The interval should be between 0 and 1000, and in most installations the default value +# will be appropriate. A smaller value could potentially expire messages slightly sooner at the expense of more CPU +# time and queue contention while iterating the backlog of messages. +# An interval of 0 disables any wait time, which is the behavior of former Cassandra versions. +# +# otc_backlog_expiration_interval_ms: 200 diff --git a/deliveries/cassandra/docker-entrypoint.sh b/deliveries/cassandra/docker-entrypoint.sh new file mode 100644 index 00000000..e46dea9f --- /dev/null +++ b/deliveries/cassandra/docker-entrypoint.sh @@ -0,0 +1,73 @@ +#!/bin/bash +set -e + +# first arg is `-f` or `--some-option` +# or there are no args +if [ "$#" -eq 0 ] || [ "${1#-}" != "$1" ]; then + set -- cassandra -f "$@" +fi + +# allow the container to be started with `--user` +if [ "$1" = 'cassandra' -a "$(id -u)" = '0' ]; then + chown -R cassandra /var/lib/cassandra /var/log/cassandra "$CASSANDRA_CONFIG" + exec gosu cassandra "$BASH_SOURCE" "$@" +fi + +if [ "$1" = 'cassandra' ]; then + : ${CASSANDRA_RPC_ADDRESS='0.0.0.0'} + + : ${CASSANDRA_LISTEN_ADDRESS='auto'} + if [ "$CASSANDRA_LISTEN_ADDRESS" = 'auto' ]; then + CASSANDRA_LISTEN_ADDRESS="$(hostname --ip-address)" + fi + + : ${CASSANDRA_BROADCAST_ADDRESS="$CASSANDRA_LISTEN_ADDRESS"} + + if [ "$CASSANDRA_BROADCAST_ADDRESS" = 'auto' ]; then + CASSANDRA_BROADCAST_ADDRESS="$(hostname --ip-address)" + fi + : ${CASSANDRA_BROADCAST_RPC_ADDRESS:=$CASSANDRA_BROADCAST_ADDRESS} + + if [ -n "${CASSANDRA_NAME:+1}" ]; then + : ${CASSANDRA_SEEDS:="cassandra"} + fi + : ${CASSANDRA_SEEDS:="$CASSANDRA_BROADCAST_ADDRESS"} + + sed -ri 's/(- seeds:).*/\1 "'"$CASSANDRA_SEEDS"'"/' "$CASSANDRA_CONFIG/cassandra.yaml" + + for yaml in \ + broadcast_address \ + broadcast_rpc_address \ + cluster_name \ + endpoint_snitch \ + listen_address \ + num_tokens \ + rpc_address \ + start_rpc \ + ; do + var="CASSANDRA_${yaml^^}" + val="${!var}" + if [ "$val" ]; then + sed -ri 's/^(# )?('"$yaml"':).*/\2 '"$val"'/' "$CASSANDRA_CONFIG/cassandra.yaml" + fi + done + + for rackdc in dc rack; do + var="CASSANDRA_${rackdc^^}" + val="${!var}" + if [ "$val" ]; then + sed -ri 's/^('"$rackdc"'=).*/\1 '"$val"'/' "$CASSANDRA_CONFIG/cassandra-rackdc.properties" + fi + done +fi +echo "################################ Let run Scripts ##############################" +for f in /docker-entrypoint-initdb.d/*; do + case "$f" in + *.cql) echo "$0: running $f" && until cqlsh -u cassandra -p cassandra -f "$f"; do >&2 echo "Cassandra is unavailable - sleeping"; sleep 2; done & ;; + *) echo "$0: ignoring $f" ;; + esac + echo +done +echo "################################ Let run Scripts End ##############################" + +exec "$@" diff --git a/deliveries/docker-compose.yml b/deliveries/docker-compose.yml index 4e5879e7..29a2cce6 100644 --- a/deliveries/docker-compose.yml +++ b/deliveries/docker-compose.yml @@ -38,6 +38,41 @@ services: test: [ "CMD", "mysqladmin", "ping", "-h", "localhost" ] timeout: 10s retries: 30 + + # Config files may use hostname "portal-cassandra" + portal-cassandra: + image: ${CDR_IMG_NAME}:${PORTAL_TAG} + environment: + - CASSUSER=root + - CASSPASS=Aa123456 + expose: + - 7000 + - 7001 + - 7199 + - 9042 + - 9160 + ports: + - 7000:7000 + - 7001:7001 + - 7199:7199 + - 9042:9042 + - 9160:9160 + volumes: + - ./portal.cql:/docker-entrypoint-initdb.d/zzz_portal.cql + - ./portalsdk.cql:/docker-entrypoint-initdb.d/zzz_portalsdk.cql + links: + - portal-db + depends_on: + portal-db: + condition: service_healthy + + # Config files may use hostname "portal-zk" + portal-zk: + image: ${ZK_IMG_NAME}:${PORTAL_TAG} + expose: + - 2181 + ports: + - 2181:2181 # The app config file uses the docker name above portal-wms: @@ -75,6 +110,7 @@ services: - ${PROPS_DIR}/ONAPPORTAL/system.properties:${WEBAPPS_DIR}/ONAPPORTAL/WEB-INF/conf/system.properties - ${PROPS_DIR}/ONAPPORTAL/fusion.properties:${WEBAPPS_DIR}/ONAPPORTAL/WEB-INF/fusion/conf/fusion.properties - ${PROPS_DIR}/ONAPPORTAL/portal.properties:${WEBAPPS_DIR}/ONAPPORTAL/WEB-INF/classes/portal.properties + - ${PROPS_DIR}/ONAPPORTAL/music.properties:${WEBAPPS_DIR}/ONAPPORTAL/WEB-INF/classes/music.properties - ${PROPS_DIR}/ONAPPORTAL/openid-connect.properties:${WEBAPPS_DIR}/ONAPPORTAL/WEB-INF/classes/openid-connect.properties - ${PROPS_DIR}/ONAPPORTAL/logback.xml:${WEBAPPS_DIR}/ONAPPORTAL/WEB-INF/classes/logback.xml - ${LOGS_DIR}:/opt/apache-tomcat-8.0.37/logs @@ -102,6 +138,7 @@ services: - ${PROPS_DIR}/ONAPPORTALSDK/fusion.properties:${WEBAPPS_DIR}/ONAPPORTALSDK/WEB-INF/fusion/conf/fusion.properties - ${PROPS_DIR}/ONAPPORTALSDK/system.properties:${WEBAPPS_DIR}/ONAPPORTALSDK/WEB-INF/conf/system.properties - ${PROPS_DIR}/ONAPPORTALSDK/portal.properties:${WEBAPPS_DIR}/ONAPPORTALSDK/WEB-INF/classes/portal.properties + - ${PROPS_DIR}/ONAPPORTALSDK/music.properties:${WEBAPPS_DIR}/ONAPPORTALSDK/WEB-INF/classes/music.properties - ${PROPS_DIR}/ONAPPORTALSDK/logback.xml:${WEBAPPS_DIR}/ONAPPORTALSDK/WEB-INF/classes/logback.xml - ${LOGS_DIR}:/opt/apache-tomcat-8.0.37/logs command: diff --git a/deliveries/local-dev-host-start.sh b/deliveries/local-dev-host-start.sh index 4230c393..7268dcf7 100644 --- a/deliveries/local-dev-host-start.sh +++ b/deliveries/local-dev-host-start.sh @@ -20,6 +20,8 @@ echo "Using properties directory $PROPS_DIR" # Constants as of Oct 2017, Amsterdam release NEXUS_REPO=nexus3.onap.org:10001 CLI_IMG_VERSION=1.1-STAGING-latest +CDR_IMG_VERSION=latest +ZK_IMG_VERSION=3.4 # Pull and tag the CLI image, which is provided elsewhere. # Authenticate like this; the username and password are NOT stored here. @@ -27,6 +29,14 @@ docker login -u username -p password $NEXUS_REPO docker pull $NEXUS_REPO/$CLI_IMG_NAME:${CLI_IMG_VERSION} docker tag $NEXUS_REPO/$CLI_IMG_NAME:${CLI_IMG_VERSION} $CLI_IMG_NAME:$PORTAL_TAG +# Pull and tag the Music Cassandra image. +docker pull $NEXUS_REPO/$CDR_IMG_NAME:${CDR_IMG_VERSION} +docker tag $NEXUS_REPO/$CDR_IMG_NAME:${CDR_IMG_VERSION} $CDR_IMG_NAME:$PORTAL_TAG + +# Pull and tag the ZK image. +docker pull library/$ZK_IMG_NAME:${ZK_IMG_VERSION} +docker tag library/$ZK_IMG_NAME:${ZK_IMG_VERSION} $ZK_IMG_NAME:$PORTAL_TAG + # Create local logs directory # The leading "./" is required for docker-compose export LOGS_DIR=./logs @@ -38,4 +48,4 @@ export EXTRA_HOST_NAME="portal.api.simpledemo.onap.org" # (re)start containers docker-compose down -docker-compose up -d +docker-compose up -d
\ No newline at end of file diff --git a/deliveries/os_docker_base.sh b/deliveries/os_docker_base.sh index 2c4a3912..94832ff5 100755 --- a/deliveries/os_docker_base.sh +++ b/deliveries/os_docker_base.sh @@ -24,17 +24,22 @@ NEXUS_REPO=nexus3.onap.org:10003 # Establish environment variables source $(dirname $0)/.env -APPS_VERSION="${NEXUS_REPO}/${EP_IMG_NAME}:${VERSION}" +APP_VERSION="${NEXUS_REPO}/${EP_IMG_NAME}:${VERSION}" +SDK_VERSION="${NEXUS_REPO}/${SDK_IMG_NAME}:${VERSION}" DB_VERSION="${NEXUS_REPO}/${DB_IMG_NAME}:${VERSION}" WMS_VERSION="${NEXUS_REPO}/${WMS_IMG_NAME}:${VERSION}" -APPS_LATEST="${NEXUS_REPO}/${EP_IMG_NAME}:${LATEST}" +APP_LATEST="${NEXUS_REPO}/${EP_IMG_NAME}:${LATEST}" +SDK_LATEST="${NEXUS_REPO}/${SDK_IMG_NAME}:${LATEST}" DB_LATEST="${NEXUS_REPO}/${DB_IMG_NAME}:${LATEST}" WMS_LATEST="${NEXUS_REPO}/${WMS_IMG_NAME}:${LATEST}" # tag versions -docker tag ${EP_IMG_NAME}:${PORTAL_TAG} ${APPS_VERSION} -docker tag ${EP_IMG_NAME}:${PORTAL_TAG} ${APPS_LATEST} +docker tag ${EP_IMG_NAME}:${PORTAL_TAG} ${APP_VERSION} +docker tag ${EP_IMG_NAME}:${PORTAL_TAG} ${APP_LATEST} + +docker tag ${SDK_IMG_NAME}:${PORTAL_TAG} ${SDK_VERSION} +docker tag ${SDK_IMG_NAME}:${PORTAL_TAG} ${SDK_LATEST} docker tag ${DB_IMG_NAME}:${PORTAL_TAG} ${DB_VERSION} docker tag ${DB_IMG_NAME}:${PORTAL_TAG} ${DB_LATEST} @@ -43,8 +48,11 @@ docker tag ${WMS_IMG_NAME}:${PORTAL_TAG} ${WMS_VERSION} docker tag ${WMS_IMG_NAME}:${PORTAL_TAG} ${WMS_LATEST} # push to registry -docker push ${APPS_VERSION} -docker push ${APPS_LATEST} +docker push ${APP_VERSION} +docker push ${APP_LATEST} + +docker push ${SDK_VERSION} +docker push ${SDK_LATEST} docker push ${DB_VERSION} docker push ${DB_LATEST} diff --git a/deliveries/properties_simpledemo/ONAPPORTAL/music.properties b/deliveries/properties_simpledemo/ONAPPORTAL/music.properties new file mode 100644 index 00000000..8d0b3253 --- /dev/null +++ b/deliveries/properties_simpledemo/ONAPPORTAL/music.properties @@ -0,0 +1,20 @@ +music.version = v2 +music.keyspace = keyspaces +music.session.keyspace = portal +music.tables = tables +music.session.attr.tables = spring_session_attributes +music.session.meta.tables = spring_session +music.consistency.info = type +music.consistency.info.value = eventual +music.cache = false +music.session.max.inactive.interval.seconds = 1800 +music.serialize.compress = true + +#By default it's eventual +music.atomic.get = false +music.atomic.put = true + +cassandra.host=portal.api.simpledemo.onap.org +zookeeper.host=portal.api.simpledemo.onap.org +cassandra.user=root +cassandra.password=Aa123456
\ No newline at end of file diff --git a/deliveries/properties_simpledemo/ONAPPORTAL/system.properties b/deliveries/properties_simpledemo/ONAPPORTAL/system.properties index 865a6139..bee40fc6 100644 --- a/deliveries/properties_simpledemo/ONAPPORTAL/system.properties +++ b/deliveries/properties_simpledemo/ONAPPORTAL/system.properties @@ -13,7 +13,7 @@ hb.idle_connection_test_period = 3600 app_display_name = Portal files_path = /tmp -context_root = ECOMPPORTAL +context_root = ONAPPORTAL # menu settings menu_query_name = menuData menu_properties_file_location = /WEB-INF/fusion/menu/ @@ -46,8 +46,6 @@ sessiontimeout_feed_cron = 0 0/5 * * * ? * #Front end URL frontend_url = http://portal.api.simpledemo.onap.org:8989/ONAPPORTAL/applicationsHome -#cookie domain -cookie_domain = onap.org # An Unqiue 128-bit value defined to indentify a specific version of # ECOMP Portal deployed on a specific virtual machine. @@ -86,7 +84,7 @@ notification_update_duration = 900 microservices.widget.protocol = http microservices.widget.hostname = portal-wms microservices.widget.username = widget_user -microservices.widget.password = KpuqIB08YHg+btG+pjX+sA== +microservices.widget.password = M+KcrCMVrR1rAxtiFE49n1uXC3FCkNBqFgeYsubEC/U= #This property won't be needed after consul is functional on VMs - microservices.widget.local.port = 8082 microservices.m-learn.local.port = 8083 @@ -98,3 +96,15 @@ auditlog_del_day_from = 365 #External system notification URL external_system_notification_url= https://jira.onap.org/browse/ + +# External Access System Basic Auth Credentials & Rest endpoint(These credentials doesn't work as these are place holders for now) +ext_central_access_user_name = m00468@portal.onap.org +ext_central_access_password = ByC0BEX2v5+4HBv2GA4S+Mi2iML+GrGNJ5Gxo/V/iWM= +ext_central_access_url = https://aaftest.test.onap.org:8095/proxy/authz/ +ext_central_access_user_domain = @csp.onap.org + +# External Central Auth system access +remote_centralized_system_access = false + +#cookie domain +cookie_domain = onag.org diff --git a/deliveries/properties_simpledemo/ONAPPORTALSDK/music.properties b/deliveries/properties_simpledemo/ONAPPORTALSDK/music.properties new file mode 100644 index 00000000..53fddee5 --- /dev/null +++ b/deliveries/properties_simpledemo/ONAPPORTALSDK/music.properties @@ -0,0 +1,20 @@ +music.version = v2 +music.keyspace = keyspaces +music.session.keyspace = portalsdk +music.tables = tables +music.session.attr.tables = spring_session_attributes +music.session.meta.tables = spring_session +music.consistency.info = type +music.consistency.info.value = eventual +music.cache = false +music.session.max.inactive.interval.seconds = 1800 +music.serialize.compress = true + +#By default it's eventual +music.atomic.get = false +music.atomic.put = true + +cassandra.host=portal.api.simpledemo.onap.org +zookeeper.host=portal.api.simpledemo.onap.org +cassandra.user=root +cassandra.password=Aa123456
\ No newline at end of file diff --git a/ecomp-portal-BE-common/pom.xml b/ecomp-portal-BE-common/pom.xml index 320e77ad..7cdc7968 100644 --- a/ecomp-portal-BE-common/pom.xml +++ b/ecomp-portal-BE-common/pom.xml @@ -291,6 +291,12 @@ <groupId>org.elasticsearch</groupId> <artifactId>elasticsearch</artifactId> <version>2.2.0</version> + <exclusions> + <exclusion> + <groupId>org.apache.lucene</groupId> + <artifactId>lucene-queryparser</artifactId> + </exclusion> + </exclusions> </dependency> <dependency> <groupId>io.searchbox</groupId> @@ -441,6 +447,10 @@ <groupId>org.slf4j</groupId> <artifactId>slf4j-log4j12</artifactId> </exclusion> + <exclusion> + <groupId>org.apache.httpcomponents</groupId> + <artifactId>httpclient</artifactId> + </exclusion> </exclusions> </dependency> <dependency> @@ -505,7 +515,7 @@ <dependency> <groupId>org.apache.httpcomponents</groupId> <artifactId>httpclient</artifactId> - <version>4.5.2</version> + <version>4.5.3</version> </dependency> <!-- for testing --> <dependency> @@ -578,7 +588,7 @@ <dependency> <groupId>com.fasterxml.jackson.jaxrs</groupId> <artifactId>jackson-jaxrs-json-provider</artifactId> - <version>2.9.2</version> + <version>2.8.10</version> </dependency> <dependency> <groupId>org.glassfish.jersey.connectors</groupId> @@ -601,6 +611,10 @@ <groupId>commons-beanutils</groupId> <artifactId>commons-beanutils-core</artifactId> </exclusion> + <exclusion> + <groupId>commons-httpclient</groupId> + <artifactId>commons-httpclient</artifactId> + </exclusion> </exclusions> </dependency> <dependency> @@ -643,7 +657,16 @@ <artifactId>logback-classic</artifactId> <version>1.2.3</version> </dependency> - + <dependency> + <groupId>commons-collections</groupId> + <artifactId>commons-collections</artifactId> + <version>3.2.2</version> + </dependency> + <dependency> + <groupId>xalan</groupId> + <artifactId>xalan</artifactId> + <version>2.7.2</version> + </dependency> </dependencies> diff --git a/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/controller/AuditLogController.java b/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/controller/AuditLogController.java index e0232850..e8fb71a6 100644 --- a/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/controller/AuditLogController.java +++ b/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/controller/AuditLogController.java @@ -37,6 +37,10 @@ */ package org.onap.portalapp.portal.controller; +import java.text.SimpleDateFormat; +import java.util.Date; +import java.util.UUID; + import javax.servlet.http.HttpServletRequest; import org.slf4j.MDC; @@ -45,6 +49,9 @@ import org.springframework.web.bind.annotation.RequestMapping; import org.springframework.web.bind.annotation.RequestMethod; import org.springframework.web.bind.annotation.RequestParam; import org.springframework.web.bind.annotation.RestController; + +import com.att.eelf.configuration.Configuration; + import org.onap.portalapp.controller.EPRestrictedBaseController; import org.onap.portalapp.portal.domain.EPUser; import org.onap.portalapp.portal.logging.aop.EPEELFLoggerAdvice; @@ -56,6 +63,7 @@ import org.onap.portalapp.util.EPUserUtils; import org.onap.portalsdk.core.domain.AuditLog; import org.onap.portalsdk.core.logging.logic.EELFLoggerDelegate; import org.onap.portalsdk.core.service.AuditService; +import org.onap.portalsdk.core.util.SystemProperties; @RestController @RequestMapping("/portalApi/auditLog") @@ -103,19 +111,34 @@ public class AuditLogController extends EPRestrictedBaseController { AuditLog auditLog = new AuditLog(); auditLog.setActivityCode(cd_type); /* - * Check affectedAppId and comment and see if these two values are valid + * Check affectedAppId and comment and see if these two values + * are valid */ if (comment != null && !comment.equals("") && !comment.equals("undefined")) - auditLog.setComments(EcompPortalUtils.truncateString(comment, PortalConstants.AUDIT_LOG_COMMENT_SIZE)); + auditLog.setComments( + EcompPortalUtils.truncateString(comment, PortalConstants.AUDIT_LOG_COMMENT_SIZE)); if (affectedAppId != null && !affectedAppId.equals("") && !affectedAppId.equals("undefined")) auditLog.setAffectedRecordId(affectedAppId); long userId = EPUserUtils.getUserId(request); auditLog.setUserId(userId); - auditService.logActivity(auditLog, null); - - // Log file MDC.put(EPCommonSystemProperties.AUDITLOG_BEGIN_TIMESTAMP, EPEELFLoggerAdvice.getCurrentDateTimeUTC()); + MDC.put(EPCommonSystemProperties.PARTNER_NAME, EPCommonSystemProperties.ECOMP_PORTAL_FE); + MDC.put(Configuration.MDC_SERVICE_NAME, EPCommonSystemProperties.ECOMP_PORTAL_BE); + if (MDC.get(Configuration.MDC_KEY_REQUEST_ID) == null) { + String requestId = UUID.randomUUID().toString(); + MDC.put(Configuration.MDC_KEY_REQUEST_ID, requestId); + } + // Log file MDC.put(EPCommonSystemProperties.AUDITLOG_END_TIMESTAMP, EPEELFLoggerAdvice.getCurrentDateTimeUTC()); + SimpleDateFormat ecompLogDateFormat = new SimpleDateFormat("yyyy-MM-dd'T'HH:mm:ss.SSSXXX"); + String beginDateTime = MDC.get(EPCommonSystemProperties.AUDITLOG_BEGIN_TIMESTAMP); + Date beginDate = ecompLogDateFormat.parse(beginDateTime); + auditService.logActivity(auditLog, null); + String endDateTime = MDC.get(EPCommonSystemProperties.AUDITLOG_END_TIMESTAMP); + Date endDate = ecompLogDateFormat.parse(endDateTime); + String timeDifference = String.format("%d", endDate.getTime() - beginDate.getTime()); + MDC.put(SystemProperties.MDC_TIMER, timeDifference); + MDC.put(EPCommonSystemProperties.STATUS_CODE, "COMPLETE"); logger.info(EELFLoggerDelegate.auditLogger, EPLogUtil.formatAuditLogMessage( "AuditLogController.auditLog", cd_type, user.getOrgUserId(), affectedAppId, comment)); MDC.remove(EPCommonSystemProperties.AUDITLOG_BEGIN_TIMESTAMP); @@ -123,6 +146,13 @@ public class AuditLogController extends EPRestrictedBaseController { } } catch (Exception e) { logger.error(EELFLoggerDelegate.errorLogger, "auditLog failed", e); + MDC.put(EPCommonSystemProperties.STATUS_CODE, "ERROR"); + } finally{ + MDC.remove(Configuration.MDC_SERVICE_NAME); + MDC.remove(EPCommonSystemProperties.PARTNER_NAME); + MDC.remove(SystemProperties.MDC_TIMER); + MDC.remove(Configuration.MDC_KEY_REQUEST_ID); + MDC.remove(EPCommonSystemProperties.STATUS_CODE); } } diff --git a/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/controller/DashboardController.java b/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/controller/DashboardController.java index 4b364995..964ccb5b 100644 --- a/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/controller/DashboardController.java +++ b/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/controller/DashboardController.java @@ -273,19 +273,26 @@ public class DashboardController extends EPRestrictedBaseController { auditLog.setUserId(user.getId()); auditLog.setActivityCode(EcompAuditLog.CD_ACTIVITY_SEARCH); auditLog.setComments(EcompPortalUtils.truncateString(searchString, PortalConstants.AUDIT_LOG_COMMENT_SIZE)); - MDC.put(EPCommonSystemProperties.AUDITLOG_BEGIN_TIMESTAMP,EPEELFLoggerAdvice.getCurrentDateTimeUTC()); + MDC.put(EPCommonSystemProperties.AUDITLOG_BEGIN_TIMESTAMP,EPEELFLoggerAdvice.getCurrentDateTimeUTC()); + MDC.put(EPCommonSystemProperties.PARTNER_NAME, EPCommonSystemProperties.ECOMP_PORTAL_FE); + MDC.put(com.att.eelf.configuration.Configuration.MDC_SERVICE_NAME, EPCommonSystemProperties.ECOMP_PORTAL_BE); auditService.logActivity(auditLog, null); MDC.put(EPCommonSystemProperties.AUDITLOG_END_TIMESTAMP,EPEELFLoggerAdvice.getCurrentDateTimeUTC()); + + MDC.put(EPCommonSystemProperties.STATUS_CODE, "COMPLETE"); EcompPortalUtils.calculateDateTimeDifferenceForLog(MDC.get(EPCommonSystemProperties.AUDITLOG_BEGIN_TIMESTAMP),MDC.get(EPCommonSystemProperties.AUDITLOG_END_TIMESTAMP)); logger.info(EELFLoggerDelegate.auditLogger, EPLogUtil.formatAuditLogMessage("DashboardController.PortalRestResponse", EcompAuditLog.CD_ACTIVITY_SEARCH, user.getOrgUserId(), null, searchString)); MDC.remove(EPCommonSystemProperties.AUDITLOG_BEGIN_TIMESTAMP); MDC.remove(EPCommonSystemProperties.AUDITLOG_END_TIMESTAMP); MDC.remove(SystemProperties.MDC_TIMER); + MDC.remove(EPCommonSystemProperties.STATUS_CODE); return new PortalRestResponse<>(PortalRestStatusEnum.OK, "success", results); } } catch (Exception e) { logger.error(EELFLoggerDelegate.errorLogger, "searchPortal failed", e); + MDC.put(EPCommonSystemProperties.STATUS_CODE, "ERROR"); + MDC.remove(EPCommonSystemProperties.STATUS_CODE); return new PortalRestResponse<>(PortalRestStatusEnum.ERROR, e.getMessage() + " - check logs.", new HashMap<String, List<SearchResultItem>>()); } diff --git a/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/controller/ExternalAccessRolesController.java b/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/controller/ExternalAccessRolesController.java index 1e955c8b..f846253f 100644 --- a/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/controller/ExternalAccessRolesController.java +++ b/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/controller/ExternalAccessRolesController.java @@ -209,10 +209,10 @@ public class ExternalAccessRolesController implements BasicAuthenticationControl @ApiOperation(value = "Gets all role functions for an application for older version.", response = CentralRoleFunction.class, responseContainer="Json") @RequestMapping(value = { "/functions" }, method = RequestMethod.GET, produces = "application/json") - public List<RoleFunction> getRoleFunctionsList(HttpServletRequest request, HttpServletResponse response) + public List<CentralRoleFunction> getRoleFunctionsList(HttpServletRequest request, HttpServletResponse response) throws Exception { List<CentralV2RoleFunction> answer = null; - List<RoleFunction> roleFuncList = null; + List<CentralRoleFunction> roleFuncList = null; logger.debug(EELFLoggerDelegate.debugLogger, "Request received for getRoleFunctionsList"); try { fieldsValidation(request); @@ -253,6 +253,7 @@ public class ExternalAccessRolesController implements BasicAuthenticationControl logger.debug(EELFLoggerDelegate.debugLogger, "Request completed for getV2RoleFunctionsList"); return cenRoleFuncList; } + @ApiOperation(value = "Gets role information for an application.", response = CentralRole.class, responseContainer="Json") @RequestMapping(value = { @@ -572,16 +573,32 @@ public class ExternalAccessRolesController implements BasicAuthenticationControl return new PortalRestResponse<String>(PortalRestStatusEnum.OK, SUCCESSFULLY_DELETED, "Success"); } - @ApiOperation(value = "Gets active roles for an application.", response = CentralV2Role.class, responseContainer = "Json") + @ApiOperation(value = "Gets active roles for an application.", response = CentralRole.class, responseContainer = "Json") @RequestMapping(value = { "/activeRoles" }, method = RequestMethod.GET, produces = "application/json") - public List<CentralV2Role> getActiveRoles(HttpServletRequest request, HttpServletResponse response) throws Exception { + public List<CentralRole> getActiveRoles(HttpServletRequest request, HttpServletResponse response) throws Exception { + List<CentralRole> roles = null; + try { + fieldsValidation(request); + List<CentralV2Role> cenRoles= externalAccessRolesService.getActiveRoles(request.getHeader(UEBKEY)); + roles = externalAccessRolesService.convertV2CentralRoleListToOldVerisonCentralRoleList(cenRoles); + } catch (Exception e) { + sendErrorResponse(response, e); + logger.error(EELFLoggerDelegate.errorLogger, "getActiveRoles failed", e); + } + return roles; + + } + + @ApiOperation(value = "Gets active roles for an application.", response = CentralV2Role.class, responseContainer = "Json") + @RequestMapping(value = { "/v1/activeRoles" }, method = RequestMethod.GET, produces = "application/json") + public List<CentralV2Role> getV2ActiveRoles(HttpServletRequest request, HttpServletResponse response) throws Exception { List<CentralV2Role> cenRole = null; try { fieldsValidation(request); cenRole = externalAccessRolesService.getActiveRoles(request.getHeader(UEBKEY)); } catch (Exception e) { sendErrorResponse(response, e); - logger.error(EELFLoggerDelegate.errorLogger, "getActiveRoles failed", e); + logger.error(EELFLoggerDelegate.errorLogger, "getV2ActiveRoles failed", e); } return cenRole; @@ -831,13 +848,12 @@ public class ExternalAccessRolesController implements BasicAuthenticationControl @PathVariable("loginId") String loginId) throws Exception { EcompUser user = null; ObjectMapper mapper = new ObjectMapper(); - CentralUser answer = null; + String answer = null; try { fieldsValidation(request); - answer = externalAccessRolesService.getUserRoles(loginId, request.getHeader(UEBKEY)); + answer = externalAccessRolesService.getV2UserWithRoles(loginId, request.getHeader(UEBKEY)); if (answer != null) { - String res = mapper.writeValueAsString(answer); - User ecompUser = userservice.userMapper(res); + User ecompUser = userservice.userMapper(answer); user = UserUtils.convertToEcompUser(ecompUser); } } catch (Exception e) { diff --git a/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/controller/RoleManageController.java b/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/controller/RoleManageController.java index 8f0558aa..dbea91f5 100644 --- a/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/controller/RoleManageController.java +++ b/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/controller/RoleManageController.java @@ -78,6 +78,7 @@ import org.onap.portalapp.portal.utils.PortalConstants; import org.onap.portalapp.util.EPUserUtils; import org.onap.portalsdk.core.domain.AuditLog; import org.onap.portalsdk.core.domain.Role; +import org.onap.portalsdk.core.domain.RoleFunction; import org.onap.portalsdk.core.logging.logic.EELFLoggerDelegate; import org.onap.portalsdk.core.service.AuditService; import org.onap.portalsdk.core.util.SystemProperties; diff --git a/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/logging/aop/EPEELFLoggerAdvice.java b/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/logging/aop/EPEELFLoggerAdvice.java index c1127758..30795c0e 100644 --- a/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/logging/aop/EPEELFLoggerAdvice.java +++ b/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/logging/aop/EPEELFLoggerAdvice.java @@ -38,6 +38,7 @@ package org.onap.portalapp.portal.logging.aop; import java.net.InetAddress; +import java.text.ParseException; import java.text.SimpleDateFormat; import java.util.Date; import java.util.UUID; @@ -104,7 +105,7 @@ public class EPEELFLoggerAdvice { String className = ""; if (passOnArgs.length > 0 && passOnArgs[0] != null) className = passOnArgs[0].toString(); - String methodName = ""; + String methodName = EPCommonSystemProperties.ECOMP_PORTAL_BE; if (passOnArgs.length > 1 && passOnArgs[1] != null) methodName = passOnArgs[1].toString(); @@ -112,7 +113,7 @@ public class EPEELFLoggerAdvice { MDC.put(className + methodName + EPCommonSystemProperties.METRICSLOG_BEGIN_TIMESTAMP, getCurrentDateTimeUTC()); MDC.put(EPCommonSystemProperties.TARGET_ENTITY, EPCommonSystemProperties.ECOMP_PORTAL_BE); MDC.put(EPCommonSystemProperties.TARGET_SERVICE_NAME, methodName); - if (MDC.get(Configuration.MDC_KEY_REQUEST_ID) == null || MDC.get(Configuration.MDC_KEY_REQUEST_ID).isEmpty()){ + if (MDC.get(Configuration.MDC_KEY_REQUEST_ID) == null||MDC.get(Configuration.MDC_KEY_REQUEST_ID).isEmpty()){ String requestId = UUID.randomUUID().toString(); MDC.put(Configuration.MDC_KEY_REQUEST_ID, requestId); } @@ -149,7 +150,7 @@ public class EPEELFLoggerAdvice { if (passOnArgs.length > 0 && passOnArgs[0] != null) className = passOnArgs[0].toString(); // Method Name - String methodName = ""; + String methodName = EPCommonSystemProperties.ECOMP_PORTAL_BE; if (passOnArgs.length > 1 && passOnArgs[1] != null) methodName = passOnArgs[1].toString(); @@ -160,6 +161,14 @@ public class EPEELFLoggerAdvice { if (MDC.get(EPCommonSystemProperties.TARGET_ENTITY) == null || MDC.get(EPCommonSystemProperties.TARGET_ENTITY) == "") MDC.put(EPCommonSystemProperties.TARGET_ENTITY, EPCommonSystemProperties.ECOMP_PORTAL_BE); + + if (MDC.get(Configuration.MDC_KEY_REQUEST_ID) == null||MDC.get(Configuration.MDC_KEY_REQUEST_ID).isEmpty()){ + String requestId = UUID.randomUUID().toString(); + MDC.put(Configuration.MDC_KEY_REQUEST_ID, requestId); + } + MDC.put(EPCommonSystemProperties.PARTNER_NAME, "Unknown"); + MDC.put(Configuration.MDC_SERVICE_NAME, EPCommonSystemProperties.ECOMP_PORTAL_BE); + MDC.put(EPCommonSystemProperties.METRICSLOG_BEGIN_TIMESTAMP, MDC.get(className + methodName + EPCommonSystemProperties.METRICSLOG_BEGIN_TIMESTAMP)); @@ -173,7 +182,7 @@ public class EPEELFLoggerAdvice { if (securityEventType != null && args.length > 0 && args[0] != null && args[0] instanceof HttpServletRequest && securityEventType == SecurityEventTypeEnum.INCOMING_REST_MESSAGE && (MDC.get(EPCommonSystemProperties.FULL_URL) == null - || MDC.get(EPCommonSystemProperties.FULL_URL).isEmpty())) { + || MDC.get(EPCommonSystemProperties.FULL_URL).isEmpty())) { HttpServletRequest req = (HttpServletRequest) args[0]; this.setHttpRequestBasedDefaultsIntoGlobalLoggingContext(req, securityEventType, methodName); } @@ -308,13 +317,12 @@ public class EPEELFLoggerAdvice { MDC.put(Configuration.MDC_KEY_REQUEST_ID, requestId); // Load user agent into MDC context, if available. - String accessingClient = "Unknown"; - accessingClient = req.getHeader(SystemProperties.USERAGENT_NAME); + String accessingClient = req.getHeader(SystemProperties.USERAGENT_NAME); + accessingClient = (accessingClient == null || accessingClient.trim().length()==0)?"Unknown":accessingClient; if (accessingClient != null && accessingClient.trim().length()==0 && (accessingClient.contains("Mozilla") || accessingClient.contains("Chrome") || accessingClient.contains("Safari"))) { accessingClient = EPCommonSystemProperties.ECOMP_PORTAL_FE; - }else if(accessingClient==null || accessingClient.isEmpty()) - accessingClient = "Unknown"; + } MDC.put(EPCommonSystemProperties.PARTNER_NAME, accessingClient); // Load loginId into MDC context. @@ -333,7 +341,8 @@ public class EPEELFLoggerAdvice { MDC.put(EPCommonSystemProperties.FULL_URL, EPCommonSystemProperties.UNKNOWN); MDC.put(EPCommonSystemProperties.PROTOCOL, EPCommonSystemProperties.HTTP); restURL = UserUtils.getFullURL(req); - if (restURL != null && restURL != "") { + //if (restURL != null && restURL != "") { + if (restURL != null && restURL.trim().length()>0) { MDC.put(EPCommonSystemProperties.FULL_URL, restURL); if (restURL.toLowerCase().contains("https")) { MDC.put(EPCommonSystemProperties.PROTOCOL, EPCommonSystemProperties.HTTPS); @@ -341,9 +350,11 @@ public class EPEELFLoggerAdvice { } // Rest Path - MDC.put(Configuration.MDC_SERVICE_NAME, (restMethod==null || restMethod.isEmpty()) ? "Unknown" : restMethod); + MDC.put(Configuration.MDC_SERVICE_NAME, restMethod); String restPath = req.getServletPath(); - if (restPath != null && !restPath.isEmpty()) { + //if (restPath != null && restPath != "") { + if (restPath != null && restPath.trim().length()>0) { + MDC.put(Configuration.MDC_SERVICE_NAME, restPath); } @@ -360,7 +371,7 @@ public class EPEELFLoggerAdvice { MDC.put(EPCommonSystemProperties.TARGET_SERVICE_NAME, "search"); } } else { - MDC.put(Configuration.MDC_SERVICE_NAME, (restMethod==null || restMethod.isEmpty()) ? "Unknown" : restMethod); + MDC.put(Configuration.MDC_SERVICE_NAME, restMethod); MDC.put(EPCommonSystemProperties.PARTNER_NAME, EPCommonSystemProperties.ECOMP_PORTAL_FE); } @@ -398,4 +409,5 @@ public class EPEELFLoggerAdvice { public String getInternalResponseCode() { return MDC.get(EPCommonSystemProperties.RESPONSE_CODE); } + } diff --git a/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/service/EPLdapServiceImpl.java b/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/service/EPLdapServiceImpl.java index 941acaf6..0e566a99 100644 --- a/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/service/EPLdapServiceImpl.java +++ b/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/service/EPLdapServiceImpl.java @@ -193,7 +193,7 @@ public class EPLdapServiceImpl extends FusionService implements EPLdapService { for (NamingEnumeration e = resultAttributes.getAll(); e.hasMore();) { // why the nested loop? Attribute attribute = (Attribute) e.next(); for (NamingEnumeration ie = attribute.getAll(); ie.hasMore();) { - if (attribute.getID().equalsIgnoreCase("nickname")) { + if (attribute.getID().equalsIgnoreCase("givenName")) { user.setFirstName((String) ie.next()); } else if (attribute.getID().equalsIgnoreCase("initials")) { user.setMiddleInitial((String) ie.next()); diff --git a/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/service/ExternalAccessRolesService.java b/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/service/ExternalAccessRolesService.java index bcf806b2..2f72bab2 100644 --- a/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/service/ExternalAccessRolesService.java +++ b/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/service/ExternalAccessRolesService.java @@ -51,6 +51,7 @@ import org.onap.portalapp.portal.domain.EPUser; import org.onap.portalapp.portal.domain.ExternalRoleDetails; import org.onap.portalapp.portal.exceptions.InvalidUserException; import org.onap.portalapp.portal.transport.CentralRole; +import org.onap.portalapp.portal.transport.CentralRoleFunction; import org.onap.portalapp.portal.transport.CentralUser; import org.onap.portalapp.portal.transport.CentralV2Role; import org.onap.portalapp.portal.transport.ExternalRequestFieldsValidator; @@ -132,11 +133,11 @@ public interface ExternalAccessRolesService { CentralV2Role getRoleInfo(Long roleId, String uebkey) throws Exception; /** - * It returns the CentralRoleFunction object + * It returns the CentralV2RoleFunction object * * @param functionCode * @param uebkey - * @return CentralRoleFunction + * @return CentralV2RoleFunction * @throws Exception */ public CentralV2RoleFunction getRoleFunction(String functionCode, String uebkey) throws Exception; @@ -150,7 +151,7 @@ public interface ExternalAccessRolesService { * @throws Exception */ public boolean saveCentralRoleFunction(CentralV2RoleFunction domainCentralRoleFunction, EPApp requestedApp) throws Exception; - + /** * It deletes role function in the DB * @@ -335,11 +336,11 @@ public interface ExternalAccessRolesService { public List<EPRole> getGlobalRolesOfPortal(); /** - * It converts list of CentralRoleFunction objects to RoleFunction objects + * It converts list of CentralV2RoleFunction objects to older version of CentralRoleFunction objects * @param answer contains list of CentralRoleFunction objects - * @return List of RoleFunction objects + * @return List of CentralRoleFunction objects */ - public List<RoleFunction> convertCentralRoleFunctionToRoleFunctionObject(List<CentralV2RoleFunction> answer); + public List<CentralRoleFunction> convertCentralRoleFunctionToRoleFunctionObject(List<CentralV2RoleFunction> answer); /** * diff --git a/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/service/ExternalAccessRolesServiceImpl.java b/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/service/ExternalAccessRolesServiceImpl.java index 39bd92d6..678672b1 100644 --- a/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/service/ExternalAccessRolesServiceImpl.java +++ b/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/service/ExternalAccessRolesServiceImpl.java @@ -107,6 +107,7 @@ import org.onap.portalsdk.core.domain.Role; import org.onap.portalsdk.core.domain.RoleFunction; import org.onap.portalsdk.core.logging.logic.EELFLoggerDelegate; import org.onap.portalsdk.core.restful.domain.EcompRole; +import org.onap.portalsdk.core.restful.domain.EcompRoleFunction; import org.onap.portalsdk.core.restful.domain.EcompUser; import org.onap.portalsdk.core.service.DataAccessService; import org.onap.portalsdk.core.util.SystemProperties; @@ -1324,8 +1325,10 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic SortedSet<CentralV2RoleFunction> roleFunctionSet = new TreeSet<>(); for (CentralV2RoleFunction roleFunc : appRoleFunctionList) { String functionCode = EcompPortalUtils.getFunctionCode(roleFunc.getCode()); + String type = getFunctionCodeType(roleFunc.getCode()); + String action = getFunctionCodeAction(roleFunc.getCode()); CentralV2RoleFunction cenRoleFunc = new CentralV2RoleFunction(roleFunc.getId(), - functionCode, roleFunc.getName(), null, null); + functionCode, roleFunc.getName(), null, type, action, null); roleFunctionSet.add(cenRoleFunc); } Long userRoleId = null; @@ -3080,79 +3083,116 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic @Override public List<String> getMenuFunctionsList(String uebkey) throws Exception { List<String> appMenuFunctionsList = null; + List<String> appMenuFunctionsFinalList = new ArrayList<>(); try { EPApp app = getApp(uebkey).get(0); final Map<String, Long> appParams = new HashMap<>(); appParams.put(APP_ID, app.getId()); appMenuFunctionsList = dataAccessService.executeNamedQuery("getMenuFunctions", appParams, null); + for(String appMenuFunction : appMenuFunctionsList) { + if(appMenuFunction.contains(FUNCTION_PIPE)) { + appMenuFunctionsFinalList.add(EcompPortalUtils.getFunctionCode(appMenuFunction)); + } else { + appMenuFunctionsFinalList.add(appMenuFunction); + } + } } catch (Exception e) { logger.error(EELFLoggerDelegate.errorLogger, "getMenuFunctionsList: Failed", e); - return appMenuFunctionsList; + return appMenuFunctionsFinalList; } - return appMenuFunctionsList; + return appMenuFunctionsFinalList; } @SuppressWarnings({ "unchecked"}) @Override public List<EcompUser> getAllAppUsers(String uebkey) throws Exception { List<String> usersList = new ArrayList<>(); - List<EcompUser> usersfinalList = new ArrayList<>(); - try { - EPApp app = getApp(uebkey).get(0); - final Map<String, Long> appParams = new HashMap<>(); - appParams.put("appId", app.getId()); - List<EcompUserRoles> userList = (List<EcompUserRoles>) dataAccessService - .executeNamedQuery("ApplicationUserRoles", appParams, null); - for (EcompUserRoles ecompUserRole : userList) { - boolean found = false; - Set<EcompRole> roles = null; - for (EcompUser user : usersfinalList) { - if (user.getOrgUserId().equals(ecompUserRole.getOrgUserId())) { - EcompRole ecompRole = new EcompRole(); - ecompRole.setId(ecompUserRole.getRoleId()); - ecompRole.setName(ecompUserRole.getRoleName()); - roles = user.getRoles(); - roles.add(ecompRole); - user.setRoles(roles); - found = true; - break; - } - } + List<EcompUser> usersfinalList = new ArrayList<>(); + try { + EPApp app = getApp(uebkey).get(0); + final Map<String, Long> appParams = new HashMap<>(); + appParams.put("appId", app.getId()); + List<EcompUserRoles> userList = (List<EcompUserRoles>) dataAccessService + .executeNamedQuery("ApplicationUserRoles", appParams, null); + for (EcompUserRoles ecompUserRole : userList) { + boolean found = false; + Set<EcompRole> roles = null; + for (EcompUser user : usersfinalList) { + if (user.getOrgUserId().equals(ecompUserRole.getOrgUserId())) { + EcompRole ecompRole = new EcompRole(); + ecompRole.setId(ecompUserRole.getRoleId()); + ecompRole.setName(ecompUserRole.getRoleName()); + roles = user.getRoles(); + EcompRole role = roles.stream().filter(x -> x.getName().equals(ecompUserRole.getRoleName())).findAny() + .orElse(null); + SortedSet<EcompRoleFunction> roleFunctionSet = new TreeSet<>(); + if(role != null) + { + roleFunctionSet = (SortedSet<EcompRoleFunction>) role.getRoleFunctions(); + } + + String functionCode = EcompPortalUtils.getFunctionCode(ecompUserRole.getFunctionCode()); + functionCode = EPUserUtils.decodeFunctionCode(functionCode); + EcompRoleFunction epRoleFunction = new EcompRoleFunction(); + epRoleFunction.setName(ecompUserRole.getFunctionName()); + epRoleFunction.setCode(EPUserUtils.decodeFunctionCode(functionCode)); + epRoleFunction.setType(getFunctionCodeType(ecompUserRole.getFunctionCode())); + epRoleFunction.setAction(getFunctionCodeAction(ecompUserRole.getFunctionCode())); + roleFunctionSet.add(epRoleFunction); + ecompRole.setRoleFunctions(roleFunctionSet); + roles.add(ecompRole); + user.setRoles(roles); + found = true; + break; + } + } + + if (!found) { + EcompUser epUser = new EcompUser(); + epUser.setOrgId(ecompUserRole.getOrgId()); + epUser.setManagerId(ecompUserRole.getManagerId()); + epUser.setFirstName(ecompUserRole.getFirstName()); + epUser.setLastName(ecompUserRole.getLastName()); + epUser.setPhone(ecompUserRole.getPhone()); + epUser.setEmail(ecompUserRole.getEmail()); + epUser.setOrgUserId(ecompUserRole.getOrgUserId()); + epUser.setOrgCode(ecompUserRole.getOrgCode()); + epUser.setOrgManagerUserId(ecompUserRole.getOrgManagerUserId()); + epUser.setJobTitle(ecompUserRole.getJobTitle()); + epUser.setLoginId(ecompUserRole.getLoginId()); + epUser.setActive(true); + roles = new HashSet<>(); + EcompRole ecompRole = new EcompRole(); + ecompRole.setId(ecompUserRole.getRoleId()); + ecompRole.setName(ecompUserRole.getRoleName()); + SortedSet<EcompRoleFunction> roleFunctionSet = new TreeSet<>(); + + String functionCode = EcompPortalUtils.getFunctionCode(ecompUserRole.getFunctionCode()); + functionCode = EPUserUtils.decodeFunctionCode(functionCode); + EcompRoleFunction epRoleFunction = new EcompRoleFunction(); + epRoleFunction.setName(ecompUserRole.getFunctionName()); + epRoleFunction.setCode(EPUserUtils.decodeFunctionCode(functionCode)); + epRoleFunction.setType(getFunctionCodeType(ecompUserRole.getFunctionCode())); + epRoleFunction.setAction(getFunctionCodeAction(ecompUserRole.getFunctionCode())); + roleFunctionSet.add(epRoleFunction); + ecompRole.setRoleFunctions(roleFunctionSet); + roles.add(ecompRole); + epUser.setRoles(roles); + usersfinalList.add(epUser); + } + } + ObjectMapper mapper = new ObjectMapper(); + + for (EcompUser u1 : usersfinalList) { + String str = mapper.writeValueAsString(u1); + usersList.add(str); + } + } catch (Exception e) { + logger.error(EELFLoggerDelegate.errorLogger, "getAllUsers failed", e); + throw e; + } + return usersfinalList; - if (!found) { - EcompUser epUser = new EcompUser(); - epUser.setOrgId(ecompUserRole.getOrgId()); - epUser.setManagerId(ecompUserRole.getManagerId()); - epUser.setFirstName(ecompUserRole.getFirstName()); - epUser.setLastName(ecompUserRole.getLastName()); - epUser.setPhone(ecompUserRole.getPhone()); - epUser.setEmail(ecompUserRole.getEmail()); - epUser.setOrgUserId(ecompUserRole.getOrgUserId()); - epUser.setOrgCode(ecompUserRole.getOrgCode()); - epUser.setOrgManagerUserId(ecompUserRole.getOrgManagerUserId()); - epUser.setJobTitle(ecompUserRole.getJobTitle()); - epUser.setLoginId(ecompUserRole.getLoginId()); - epUser.setActive(true); - roles = new HashSet<>(); - EcompRole ecompRole = new EcompRole(); - ecompRole.setId(ecompUserRole.getRoleId()); - ecompRole.setName(ecompUserRole.getRoleName()); - roles.add(ecompRole); - epUser.setRoles(roles); - usersfinalList.add(epUser); - } - } - ObjectMapper mapper = new ObjectMapper(); - - for (EcompUser u1 : usersfinalList) { - String str = mapper.writeValueAsString(u1); - usersList.add(str); - } - } catch (Exception e) { - logger.error(EELFLoggerDelegate.errorLogger, "getAllUsers failed", e); - throw e; - } - return usersfinalList; } @@ -3304,10 +3344,10 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic } @Override - public List<RoleFunction> convertCentralRoleFunctionToRoleFunctionObject(List<CentralV2RoleFunction> answer) { - List<RoleFunction> addRoleFuncList = new ArrayList<>(); + public List<CentralRoleFunction> convertCentralRoleFunctionToRoleFunctionObject(List<CentralV2RoleFunction> answer) { + List<CentralRoleFunction> addRoleFuncList = new ArrayList<>(); for(CentralV2RoleFunction cenRoleFunc : answer){ - RoleFunction setRoleFunc = new RoleFunction(); + CentralRoleFunction setRoleFunc = new CentralRoleFunction(); setRoleFunc.setCode(cenRoleFunc.getCode()); setRoleFunc.setName(cenRoleFunc.getName()); addRoleFuncList.add(setRoleFunc); @@ -3324,6 +3364,7 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic sendUserRoles = convertV2UserRolesToOlderVersion(cenV2User); } catch (Exception e) { logger.error(EELFLoggerDelegate.errorLogger, "getUserRoles: failed", e); + throw e; } return sendUserRoles; } diff --git a/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/transport/CentralRole.java b/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/transport/CentralRole.java index dc1a78fe..7214f80a 100644 --- a/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/transport/CentralRole.java +++ b/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/transport/CentralRole.java @@ -42,6 +42,8 @@ import java.util.Date; import java.util.SortedSet; import java.util.TreeSet; +import org.onap.portalsdk.core.domain.RoleFunction; + public class CentralRole implements Serializable { private static final long serialVersionUID = -9210905386086213882L; diff --git a/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/transport/CentralRoleFunction.java b/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/transport/CentralRoleFunction.java index 6cc474a1..6d982c27 100644 --- a/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/transport/CentralRoleFunction.java +++ b/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/transport/CentralRoleFunction.java @@ -248,4 +248,4 @@ public class CentralRoleFunction implements Serializable, Comparable { return true; } -} +}
\ No newline at end of file diff --git a/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/transport/EcompUserRoles.java b/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/transport/EcompUserRoles.java index 73409ede..a1d2ae30 100644 --- a/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/transport/EcompUserRoles.java +++ b/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/transport/EcompUserRoles.java @@ -97,7 +97,27 @@ public class EcompUserRoles implements Serializable{ @Id @Column(name = "active_yn") private boolean active; + + @Id + @Column(name = "function_cd") + private String functionCode; + @Id + @Column(name = "function_name") + private String functionName; + + public String getFunctionCode() { + return functionCode; + } + public void setFunctionCode(String functionCode) { + this.functionCode = functionCode; + } + public String getFunctionName() { + return functionName; + } + public void setFunctionName(String functionName) { + this.functionName = functionName; + } public Long getOrgId() { return orgId; } diff --git a/ecomp-portal-BE-common/src/main/webapp/WEB-INF/fusion/orm/EP.hbm.xml b/ecomp-portal-BE-common/src/main/webapp/WEB-INF/fusion/orm/EP.hbm.xml index 5968b3ce..60174075 100644 --- a/ecomp-portal-BE-common/src/main/webapp/WEB-INF/fusion/orm/EP.hbm.xml +++ b/ecomp-portal-BE-common/src/main/webapp/WEB-INF/fusion/orm/EP.hbm.xml @@ -2101,17 +2101,16 @@ where fn_role.app_id = fn_app.app_id and fn_app.enabled='Y' and fn_role.active_y <sql-query name="ApplicationUserRoles"> <return alias="ApplicationUserRoles" class="org.onap.portalapp.portal.transport.EcompUserRoles" /> <![CDATA[ - select distinct fu.org_id, fu.manager_id, fu.first_name, fu.middle_name, fu.last_name, fu.phone, fu.email, fu.hrid, fu.org_user_id, fu.org_code, fu.org_manager_userid, fu.job_title, fu.login_id, - fu.active_yn , fr.app_role_id, fr.role_name - from fn_user fu, fn_role fr, fn_user_role fur - where fu.user_id = fur.user_id and fu.active_yn='Y' and fur.role_id = fr.role_id and fr.app_id =:appId and fr.active_yn='Y' - union - select distinct fu.org_id, fu.manager_id, fu.first_name, fu.middle_name, fu.last_name, fu.phone, - fu.email, fu.hrid, fu.org_user_id, fu.org_code, fu.org_manager_userid, fu.job_title, - fu.login_id, fu.active_yn , fr.role_id, fr.role_name - from fn_user_role a, fn_role fr, fn_user fu - where a.role_id in (select b.role_id from ep_app_role_function b where b.role_app_id = 1 and b.app_id =:appId) and a.user_id =fu.user_id and a.role_id = fr.role_id and fr.active_yn='Y' and fu.active_yn='Y' - ; + select distinct fu.org_id, fu.manager_id, fu.first_name, fu.middle_name, fu.last_name, fu.phone, fu.email, fu.hrid, fu.org_user_id, fu.org_code, fu.org_manager_userid, fu.job_title, fu.login_id, + fu.active_yn , fr.app_role_id, fr.role_name, epr.function_cd , epf.function_name + from fn_user fu, fn_role fr, fn_user_role fur, ep_app_role_function epr , ep_app_function epf + where fu.user_id = fur.user_id and fu.active_yn='Y' and fur.role_id = fr.role_id and fr.app_id =:appId and fr.active_yn='Y' and epr.function_cd= epf.function_cd and epf.app_id=epr.app_id and fur.role_id=epr.role_id + union + select distinct fu.org_id, fu.manager_id, fu.first_name, fu.middle_name, fu.last_name, fu.phone, fu.email, fu.hrid, fu.org_user_id, fu.org_code, fu.org_manager_userid, fu.job_title, + fu.login_id, fu.active_yn , fr.role_id, fr.role_name, earf.function_cd , eaf.function_name + from fn_user_role a, fn_role fr, fn_user fu , ep_app_role_function earf, ep_app_function eaf + where a.role_id in (select b.role_id from ep_app_role_function b where b.role_app_id = 1 and b.app_id =:appId) and a.user_id =fu.user_id and a.role_id = fr.role_id and fr.active_yn='Y' and fu.active_yn='Y' + and earf.role_id = a.role_id and earf.function_cd = eaf.function_cd and earf.app_id = eaf.app_id and earf.role_app_id = 1 and fr.active_yn='Y' and fu.active_yn='Y'; ]]> </sql-query> diff --git a/ecomp-portal-BE-common/src/test/java/org/onap/portalapp/portal/controller/ExternalAccessRolesControllerTest.java b/ecomp-portal-BE-common/src/test/java/org/onap/portalapp/portal/controller/ExternalAccessRolesControllerTest.java index 47a1394e..ecfd88f5 100644 --- a/ecomp-portal-BE-common/src/test/java/org/onap/portalapp/portal/controller/ExternalAccessRolesControllerTest.java +++ b/ecomp-portal-BE-common/src/test/java/org/onap/portalapp/portal/controller/ExternalAccessRolesControllerTest.java @@ -52,8 +52,8 @@ import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import org.junit.Before; -import org.junit.Ignore; import org.junit.Test; +import org.junit.runner.RunWith; import org.mockito.InjectMocks; import org.mockito.Matchers; import org.mockito.Mock; @@ -68,13 +68,25 @@ import org.onap.portalapp.portal.ecomp.model.PortalRestStatusEnum; import org.onap.portalapp.portal.framework.MockitoTestSuite; import org.onap.portalapp.portal.service.ExternalAccessRolesService; import org.onap.portalapp.portal.service.ExternalAccessRolesServiceImpl; +import org.onap.portalapp.portal.transport.CentralRole; import org.onap.portalapp.portal.transport.CentralRoleFunction; import org.onap.portalapp.portal.transport.CentralV2Role; import org.onap.portalapp.portal.transport.ExternalRequestFieldsValidator; +import org.onap.portalapp.portal.utils.EPCommonSystemProperties; +import org.onap.portalapp.portal.utils.EcompPortalUtils; +import org.onap.portalapp.portal.utils.PortalConstants; import org.onap.portalsdk.core.domain.AuditLog; import org.onap.portalsdk.core.domain.Role; +import org.onap.portalsdk.core.domain.User; +import org.onap.portalsdk.core.restful.domain.EcompRole; import org.onap.portalsdk.core.restful.domain.EcompUser; -import org.springframework.beans.BeanUtils; +import org.onap.portalsdk.core.service.AuditService; +import org.onap.portalsdk.core.service.UserService; +import org.onap.portalsdk.core.service.UserServiceCentalizedImpl; +import org.onap.portalsdk.core.util.SystemProperties; +import org.powermock.api.mockito.PowerMockito; +import org.powermock.core.classloader.annotations.PrepareForTest; +import org.powermock.modules.junit4.PowerMockRunner; import org.springframework.http.HttpStatus; import org.springframework.http.ResponseEntity; import org.springframework.web.client.HttpClientErrorException; @@ -82,6 +94,9 @@ import org.springframework.web.client.HttpClientErrorException; import com.fasterxml.jackson.core.JsonProcessingException; import com.fasterxml.jackson.databind.ObjectMapper; +@RunWith(PowerMockRunner.class) +@PrepareForTest({ EcompPortalUtils.class, PortalConstants.class, SystemProperties.class, + EPCommonSystemProperties.class }) public class ExternalAccessRolesControllerTest { @Mock @@ -89,6 +104,11 @@ public class ExternalAccessRolesControllerTest { @InjectMocks ExternalAccessRolesController externalAccessRolesController = new ExternalAccessRolesController(); + @Mock + UserService userservice = new UserServiceCentalizedImpl(); + + @Mock + AuditService auditService; @Before public void setup() { @@ -234,20 +254,27 @@ public class ExternalAccessRolesControllerTest { @Test public void getRoleFunctionTest() throws Exception { - String reason = getInvalidKeyJson(); + EPApp mockApp = mockApp(); + mockApp.setCentralAuth(true); + List<EPApp> mockAppList = new ArrayList<>(); + mockAppList.add(mockApp); StringWriter sw = new StringWriter(); PrintWriter writer = new PrintWriter(sw); Mockito.when(mockedResponse.getWriter()).thenReturn(writer); - CentralV2RoleFunction centralV2RoleFunction = new CentralV2RoleFunction(); - CentralRoleFunction centralRoleFunction = new CentralRoleFunction(); + CentralV2RoleFunction roleFunction1 = new CentralV2RoleFunction(); + CentralRoleFunction roleFunction2 = new CentralRoleFunction(); + roleFunction1.setCode("test2"); String code = "test_menu"; - Mockito.when(externalAccessRolesService.getRoleFunction(code, mockedRequest.getHeader(uebKey))) - .thenReturn(centralV2RoleFunction); + Mockito.when(mockedRequest.getHeader("uebkey")).thenReturn(uebKey); + Mockito.when(externalAccessRolesService.getApp(mockedRequest.getHeader("uebkey"))).thenReturn(mockAppList); + ResponseEntity<String> response = new ResponseEntity<>(HttpStatus.FOUND); + Mockito.when(externalAccessRolesService.getNameSpaceIfExists(mockAppList.get(0))).thenReturn(response); + Mockito.when(externalAccessRolesService.getRoleFunction(code, mockedRequest.getHeader("uebkey"))) + .thenReturn(roleFunction1); CentralRoleFunction returnedValue = externalAccessRolesController.getRoleFunction(mockedRequest, mockedResponse, code); - BeanUtils.copyProperties(centralV2RoleFunction, centralRoleFunction, "type","action"); - assertEquals(returnedValue,centralRoleFunction); + assertEquals(returnedValue, roleFunction2); String result = sw.getBuffer().toString().trim(); - assertEquals(reason, result); + assertEquals("", result); } @Test @@ -319,19 +346,31 @@ public class ExternalAccessRolesControllerTest { } @Test - @Ignore public void deleteRoleFunctionTest() throws Exception { + PowerMockito.mockStatic(EcompPortalUtils.class); + PowerMockito.mockStatic(SystemProperties.class); + PowerMockito.mockStatic(EPCommonSystemProperties.class); + PowerMockito.mockStatic(PortalConstants.class); PortalRestResponse<String> portalRestResponse = null; PortalRestResponse<String> expectedportalRestResponse = new PortalRestResponse<String>(); expectedportalRestResponse.setMessage("Successfully Deleted"); expectedportalRestResponse.setResponse("Success"); PortalRestStatusEnum portalRestStatusEnum = null; EPUser user = mockUser.mockEPUser(); + List<EPUser> userList = new ArrayList<>(); + userList.add(user); EPApp app = mockApp(); + app.setCentralAuth(true); + List<EPApp> appList = new ArrayList<>(); + appList.add(app); expectedportalRestResponse.setStatus(portalRestStatusEnum.OK); String code ="testNew"; - Mockito.when(externalAccessRolesService.getUser(mockedRequest.getHeader("LOGIN_ID"))).thenReturn((List<EPUser>) user); - Mockito.when(externalAccessRolesService.getApp(mockedRequest.getHeader("UEBKEY")).get(0)).thenReturn(app); + Mockito.when(mockedRequest.getHeader("LoginId")).thenReturn("guestT"); + Mockito.when(mockedRequest.getHeader("uebkey")).thenReturn(uebKey); + Mockito.when(externalAccessRolesService.getApp(mockedRequest.getHeader("uebkey"))).thenReturn(appList); + ResponseEntity<String> response = new ResponseEntity<>(HttpStatus.FOUND); + Mockito.when(externalAccessRolesService.getNameSpaceIfExists(appList.get(0))).thenReturn(response); + Mockito.when(externalAccessRolesService.getUser(mockedRequest.getHeader("LoginId"))).thenReturn(userList); Mockito.when(externalAccessRolesService.deleteCentralRoleFunction(code, app)).thenReturn(true); portalRestResponse = externalAccessRolesController.deleteRoleFunction(mockedRequest, mockedResponse, code); assertEquals(portalRestResponse, expectedportalRestResponse); @@ -344,7 +383,7 @@ public class ExternalAccessRolesControllerTest { PrintWriter writer = new PrintWriter(sw); Mockito.when(mockedResponse.getWriter()).thenReturn(writer); Mockito.when(externalAccessRolesService.getActiveRoles(mockedRequest.getHeader(uebKey))).thenReturn(null); - List<CentralV2Role> expectedCenRole = externalAccessRolesController.getActiveRoles(mockedRequest, mockedResponse); + List<CentralRole> expectedCenRole = externalAccessRolesController.getActiveRoles(mockedRequest, mockedResponse); assertNull(expectedCenRole); String result = sw.getBuffer().toString().trim(); assertEquals(reason, result); @@ -719,4 +758,106 @@ public class ExternalAccessRolesControllerTest { PortalRestResponse<String> actualResponse = externalAccessRolesController.deleteRole(mockedRequest, mockedResponse, (long)1); assertEquals(actualResponse, null); } + + @Test + public void getEpUserNullTest() throws Exception{ + List<EPApp> applicationList = new ArrayList<EPApp>(); + EPApp app = mockApp(); + app.setUebKey("uebKey"); + app.setCentralAuth(true); + applicationList.add(app); + Mockito.when(externalAccessRolesService.getApp(mockedRequest.getHeader(uebKey))).thenReturn(applicationList); + ResponseEntity<String> response = new ResponseEntity<>(HttpStatus.OK); + Mockito.when(externalAccessRolesService.getNameSpaceIfExists(app)).thenReturn(response); + assertNull(externalAccessRolesController.getEcompUser(mockedRequest, mockedResponse, "test12")); + } + + @Test + public void getEpUserTest() throws Exception{ + List<EPApp> applicationList = new ArrayList<EPApp>(); + EPApp app = mockApp(); + app.setUebKey("uebKey"); + app.setCentralAuth(true); + applicationList.add(app); + Mockito.when(externalAccessRolesService.getApp(mockedRequest.getHeader(uebKey))).thenReturn(applicationList); + ResponseEntity<String> response = new ResponseEntity<>(HttpStatus.OK); + Mockito.when(externalAccessRolesService.getNameSpaceIfExists(app)).thenReturn(response); + String user = "{\"id\":null,\"created\":null,\"modified\":null,\"createdId\":null,\"modifiedId\":null,\"rowNum\":null,\"auditUserId\":null,\"auditTrail\":null,\"orgId\":null,\"managerId\":null,\"firstName\":\"test\",\"middleInitial\":null,\"lastName\":null,\"phone\":null,\"fax\":null,\"cellular\":null,\"email\":null,\"addressId\":null,\"alertMethodCd\":null,\"hrid\":null,\"orgUserId\":null,\"orgCode\":null,\"address1\":null,\"address2\":null,\"city\":null,\"state\":null,\"zipCode\":null,\"country\":null,\"orgManagerUserId\":null,\"locationClli\":null,\"businessCountryCode\":null,\"businessCountryName\":null,\"businessUnit\":null,\"businessUnitName\":null,\"department\":null,\"departmentName\":null,\"companyCode\":null,\"company\":null,\"zipCodeSuffix\":null,\"jobTitle\":null,\"commandChain\":null,\"siloStatus\":null,\"costCenter\":null,\"financialLocCode\":null,\"loginId\":null,\"loginPwd\":null,\"lastLoginDate\":null,\"active\":false,\"internal\":false,\"selectedProfileId\":null,\"timeZoneId\":null,\"online\":false,\"chatId\":null,\"userApps\":[],\"pseudoRoles\":[],\"defaultUserApp\":null,\"roles\":[],\"fullName\":\"test null\"}"; + Mockito.when(externalAccessRolesService.getV2UserWithRoles("test12", mockedRequest.getHeader(uebKey))).thenReturn(user); + User EPuser = new User(); + EPuser.setFirstName("test"); + Mockito.when(userservice.userMapper(user)).thenReturn(EPuser); + String res = "{\"orgId\":null,\"managerId\":null,\"firstName\":\"test\",\"middleInitial\":null,\"lastName\":null,\"phone\":null,\"email\":null,\"hrid\":null,\"orgUserId\":null,\"orgCode\":null,\"orgManagerUserId\":null,\"jobTitle\":null,\"loginId\":null,\"active\":false,\"roles\":[]}"; + assertEquals(externalAccessRolesController.getEcompUser(mockedRequest, mockedResponse, "test12"),res); + } + + @Test + public void getEpUserExceptionTest() throws Exception{ + List<EPApp> applicationList = new ArrayList<EPApp>(); + EPApp app = mockApp(); + app.setCentralAuth(true); + Mockito.when(externalAccessRolesService.getApp(mockedRequest.getHeader(uebKey))).thenReturn(applicationList); + StringWriter sw = new StringWriter(); + PrintWriter writer = new PrintWriter(sw); + Mockito.when(mockedResponse.getWriter()).thenReturn(writer); + assertNull(externalAccessRolesController.getEcompUser(mockedRequest, mockedResponse, "test12")); + } + + @Test + public void getEPRolesOfApplicationTest() throws Exception + { + List<EPApp> applicationList = new ArrayList<EPApp>(); + EPApp app = mockApp(); + app.setUebKey("uebKey"); + app.setCentralAuth(true); + applicationList.add(app); + Mockito.when(externalAccessRolesService.getApp(mockedRequest.getHeader(uebKey))).thenReturn(applicationList); + ResponseEntity<String> response = new ResponseEntity<>(HttpStatus.OK); + Mockito.when(externalAccessRolesService.getNameSpaceIfExists(app)).thenReturn(response); + Mockito.doNothing().when(externalAccessRolesService).syncApplicationRolesWithEcompDB(app); + List<CentralV2Role> cenRoleList = new ArrayList<>(); + CentralV2Role role = new CentralV2Role(); + role.setName("test"); + cenRoleList.add(role); + Mockito.when(externalAccessRolesService.getActiveRoles(mockedRequest.getHeader(uebKey))).thenReturn(cenRoleList); + List<EcompRole> ecompRoles = new ArrayList<>(); + EcompRole eprole = new EcompRole(); + eprole.setName("test"); + ecompRoles.add(eprole); + assertEquals(ecompRoles,externalAccessRolesController.getEcompRolesOfApplication(mockedRequest, mockedResponse)); + } + @Test + public void getEPRolesOfApplicationNullTest() throws Exception + { + List<EPApp> applicationList = new ArrayList<EPApp>(); + EPApp app = mockApp(); + app.setUebKey("uebKey"); + app.setCentralAuth(true); + applicationList.add(app); + Mockito.when(externalAccessRolesService.getApp(mockedRequest.getHeader(uebKey))).thenReturn(applicationList); + ResponseEntity<String> response = new ResponseEntity<>(HttpStatus.OK); + Mockito.when(externalAccessRolesService.getNameSpaceIfExists(app)).thenReturn(response); + Mockito.doNothing().when(externalAccessRolesService).syncApplicationRolesWithEcompDB(app); + List<CentralV2Role> cenRoleList = new ArrayList<>(); + CentralV2Role role = new CentralV2Role(); + role.setName("test"); + cenRoleList.add(role); + Mockito.when(externalAccessRolesService.getActiveRoles(mockedRequest.getHeader(uebKey))).thenReturn(null); + assertNull(externalAccessRolesController.getEcompRolesOfApplication(mockedRequest, mockedResponse)); + + } + + @Test + public void getEPRolesOfApplicationExceptionTest() throws Exception + { + List<EPApp> applicationList = new ArrayList<EPApp>(); + EPApp app = mockApp(); + app.setCentralAuth(true); + Mockito.when(externalAccessRolesService.getApp(mockedRequest.getHeader(uebKey))).thenReturn(applicationList); + StringWriter sw = new StringWriter(); + PrintWriter writer = new PrintWriter(sw); + Mockito.when(mockedResponse.getWriter()).thenReturn(writer); + assertNull(externalAccessRolesController.getEcompRolesOfApplication(mockedRequest, mockedResponse)); + + } } diff --git a/ecomp-portal-BE-common/src/test/java/org/onap/portalapp/portal/controller/MicroserviceProxyControllerTest.java b/ecomp-portal-BE-common/src/test/java/org/onap/portalapp/portal/controller/MicroserviceProxyControllerTest.java index 6f9ce496..ca94c8ce 100644 --- a/ecomp-portal-BE-common/src/test/java/org/onap/portalapp/portal/controller/MicroserviceProxyControllerTest.java +++ b/ecomp-portal-BE-common/src/test/java/org/onap/portalapp/portal/controller/MicroserviceProxyControllerTest.java @@ -107,7 +107,7 @@ public class MicroserviceProxyControllerTest extends MockitoTestSuite { Mockito.when(microserviceProxyService.proxyToDestination(1, user, mockedRequest)) .thenThrow(httpClientErrorException); String acutualString = microserviceProxyController.getMicroserviceProxy(mockedRequest, getMockedResponse(), 1); - assertEquals("", acutualString); + assertTrue(acutualString.equals("{\"error\":\"\"}")); } @Test @@ -139,6 +139,6 @@ public class MicroserviceProxyControllerTest extends MockitoTestSuite { .thenThrow(httpClientErrorException); String acutualString = microserviceProxyController.getMicroserviceProxyByWidgetId(mockedRequest, getMockedResponse(), 1); - assertEquals("", acutualString); + assertTrue(acutualString.equals("{\"error\":\"\"}")); } } diff --git a/ecomp-portal-BE-common/src/test/java/org/onap/portalapp/portal/service/ExternalAccessRolesServiceImplTest.java b/ecomp-portal-BE-common/src/test/java/org/onap/portalapp/portal/service/ExternalAccessRolesServiceImplTest.java index 172b9421..bb408b26 100644 --- a/ecomp-portal-BE-common/src/test/java/org/onap/portalapp/portal/service/ExternalAccessRolesServiceImplTest.java +++ b/ecomp-portal-BE-common/src/test/java/org/onap/portalapp/portal/service/ExternalAccessRolesServiceImplTest.java @@ -114,7 +114,7 @@ import org.springframework.web.client.RestTemplate; import com.fasterxml.jackson.databind.ObjectMapper; @RunWith(PowerMockRunner.class) -@PrepareForTest({ EcompPortalUtils.class, Criterion.class, Restrictions.class, SystemProperties.class, +@PrepareForTest({ EcompPortalUtils.class, Criterion.class, EPUserUtils.class, Restrictions.class, SystemProperties.class, EPCommonSystemProperties.class }) public class ExternalAccessRolesServiceImplTest { @Mock @@ -717,6 +717,8 @@ public class ExternalAccessRolesServiceImplTest { @SuppressWarnings("deprecation") @Test public void getAllAppUsersTest() throws Exception { + PowerMockito.mockStatic(EcompPortalUtils.class); + PowerMockito.mockStatic(EPUserUtils.class); EPApp app = new EPApp(); app.setEnabled(true); app.setId((long) 10); @@ -737,13 +739,23 @@ public class ExternalAccessRolesServiceImplTest { ecompUserRoles.setOrgUserId("guestT"); ecompUserRoles.setRoleId((long) 1); ecompUserRoles.setRoleName("test"); + ecompUserRoles.setFunctionCode("test_type|test_instance|test_action"); + ecompUserRoles.setFunctionName("test1"); EcompUserRoles ecompUserRoles2 = new EcompUserRoles(); ecompUserRoles2.setOrgUserId("guestT"); ecompUserRoles2.setRoleId((long) 2); ecompUserRoles2.setRoleName("test new"); + ecompUserRoles2.setFunctionCode("test_instance2"); + ecompUserRoles2.setFunctionName("test2"); userList.add(ecompUserRoles); userList.add(ecompUserRoles2); - Mockito.when(dataAccessService.executeNamedQuery("ApplicationUserRoles", appParams, null)).thenReturn(userList); + Mockito.when(EcompPortalUtils.getFunctionCode(ecompUserRoles.getFunctionCode())).thenReturn("test_instance"); + Mockito.when(EPUserUtils.decodeFunctionCode("test_instance")).thenReturn("test_instance"); + Mockito.when(EcompPortalUtils.getFunctionCode(ecompUserRoles2.getFunctionCode())).thenReturn("test_instance2"); + Mockito.when(EPUserUtils.decodeFunctionCode("test_instance2")).thenReturn("test_instance2"); + Mockito.when(EcompPortalUtils.getFunctionType("test_type|test_instance|test_action")).thenReturn("test_type"); + Mockito.when(EcompPortalUtils.getFunctionAction("test_type|test_instance|test_action")).thenReturn("test_action"); + Mockito.when(dataAccessService.executeNamedQuery("ApplicationUserRoles", appParams, null)).thenReturn(userList); List<EcompUser> usersfinalList = externalAccessRolesServiceImpl.getAllAppUsers(app.getUebKey()); assertEquals(usersfinalList.get(0).getRoles().size(), 2); } diff --git a/ecomp-portal-BE-os/pom.xml b/ecomp-portal-BE-os/pom.xml index 41722611..3eae6860 100644 --- a/ecomp-portal-BE-os/pom.xml +++ b/ecomp-portal-BE-os/pom.xml @@ -318,17 +318,17 @@ <dependency> <groupId>com.fasterxml.jackson.core</groupId> <artifactId>jackson-annotations</artifactId> - <version>2.9.2</version> + <version>2.8.10</version> </dependency> <dependency> <groupId>com.fasterxml.jackson.core</groupId> <artifactId>jackson-core</artifactId> - <version>2.9.2</version> + <version>2.8.10</version> </dependency> <dependency> <groupId>com.fasterxml.jackson.core</groupId> <artifactId>jackson-databind</artifactId> - <version>2.9.2</version> + <version>2.8.10</version> </dependency> <dependency> <groupId>com.fasterxml</groupId> @@ -346,6 +346,12 @@ <groupId>org.elasticsearch</groupId> <artifactId>elasticsearch</artifactId> <version>2.2.0</version> + <exclusions> + <exclusion> + <groupId>org.apache.lucene</groupId> + <artifactId>lucene-queryparser</artifactId> + </exclusion> + </exclusions> </dependency> <dependency> <groupId>io.searchbox</groupId> @@ -570,7 +576,7 @@ <dependency> <groupId>org.apache.httpcomponents</groupId> <artifactId>httpclient</artifactId> - <version>4.5.2</version> + <version>4.5.3</version> </dependency> <!-- for testing --> <dependency> @@ -645,6 +651,18 @@ <version>${jacocoVersion}</version> <classifier>runtime</classifier> </dependency> + <!-- Music --> + <dependency> + <groupId>org.onap.portal.sdk</groupId> + <artifactId>epsdk-music</artifactId> + <version>${epsdk.version}</version> + <exclusions> + <exclusion> + <groupId>org.onap.music</groupId> + <artifactId>*</artifactId> + </exclusion> + </exclusions> + </dependency> </dependencies> <reporting> diff --git a/ecomp-portal-BE-os/src/main/java/org/onap/portalapp/conf/ExternalAppConfig.java b/ecomp-portal-BE-os/src/main/java/org/onap/portalapp/conf/ExternalAppConfig.java index 06657301..c059a01c 100644 --- a/ecomp-portal-BE-os/src/main/java/org/onap/portalapp/conf/ExternalAppConfig.java +++ b/ecomp-portal-BE-os/src/main/java/org/onap/portalapp/conf/ExternalAppConfig.java @@ -61,6 +61,7 @@ import org.onap.portalapp.authentication.OpenIdConnectLoginStrategy; import org.onap.portalapp.authentication.SimpleLoginStrategy; import org.onap.portalapp.controller.core.LogoutController; import org.onap.portalapp.controller.core.SDKLoginController; +import org.onap.portalapp.music.conf.MusicSessionConfig; import org.onap.portalapp.portal.domain.EPApp; import org.onap.portalapp.portal.domain.EPUser; import org.onap.portalapp.portal.domain.EPUserApp; @@ -100,6 +101,7 @@ import org.springframework.context.annotation.ComponentScan; import org.springframework.context.annotation.ComponentScan.Filter; import org.springframework.context.annotation.Configuration; import org.springframework.context.annotation.FilterType; +import org.springframework.context.annotation.Import; import org.springframework.context.annotation.Profile; import org.springframework.scheduling.annotation.EnableAsync; import org.springframework.scheduling.annotation.EnableScheduling; @@ -119,7 +121,7 @@ import com.google.gson.Gson; @Profile("src") @EnableAsync @EnableScheduling - +@Import({ MusicSessionConfig.class }) public class ExternalAppConfig extends AppConfig implements Configurable { private static final EELFLoggerDelegate logger = EELFLoggerDelegate.getLogger(ExternalAppConfig.class); diff --git a/ecomp-portal-BE-os/src/main/resources/cache.ccf b/ecomp-portal-BE-os/src/main/resources/cache.ccf index d21404b0..5c1296ae 100644 --- a/ecomp-portal-BE-os/src/main/resources/cache.ccf +++ b/ecomp-portal-BE-os/src/main/resources/cache.ccf @@ -1,9 +1,9 @@ # DEFAULT CACHE REGION jcs.default=DC -jcs.default.cacheattributes=org.apache.jcs.engine.CompositeCacheAttributes +jcs.default.cacheattributes=org.apache.commons.jcs.engine.CompositeCacheAttributes jcs.default.cacheattributes.MaxObjects=1000 -jcs.default.cacheattributes.MemoryCacheName=org.apache.jcs.engine.memory.lru.LRUMemoryCache -jcs.default.elementattributes=org.apache.jcs.engine.ElementAttributes +jcs.default.cacheattributes.MemoryCacheName=org.apache.commons.jcs.engine.memory.lru.LRUMemoryCache +jcs.default.elementattributes=org.apache.commons.jcs.engine.ElementAttributes jcs.default.elementattributes.IsEternal=true jcs.default.elementattributes.IsSpool=true @@ -13,18 +13,18 @@ jcs.default.elementattributes.IsSpool=true #jcs.default.cacheattributes.MaxMemoryIdleTimeSeconds=3600 #jcs.default.cacheattributes.ShrinkerIntervalSeconds=60 #jcs.default.cacheattributes.MaxSpoolPerRun=500 -#jcs.default.elementattributes=org.apache.jcs.engine.ElementAttributes +#jcs.default.elementattributes=org.apache.commons.jcs.engine.ElementAttributes #jcs.default.elementattributes.IsEternal=false # AUXILLARY CACHE CONFIGURATION -jcs.auxiliary.DC=org.apache.jcs.auxiliary.disk.indexed.IndexedDiskCacheFactory -jcs.auxiliary.DC.attributes=org.apache.jcs.auxiliary.disk.indexed.IndexedDiskCacheAttributes +jcs.auxiliary.DC=org.apache.commons.jcs.auxiliary.disk.indexed.IndexedDiskCacheFactory +jcs.auxiliary.DC.attributes=org.apache.commons.jcs.auxiliary.disk.indexed.IndexedDiskCacheAttributes jcs.auxiliary.DC.attributes.DiskPath=/tmp # PRE-DEFINED REGION FOR LOOKUP DATA jcs.region.lookUpObjectCache=DC -jcs.region.lookUpObjectCache.cacheattributes=org.apache.jcs.engine.CompositeCacheAttributes +jcs.region.lookUpObjectCache.cacheattributes=org.apache.commons.jcs.engine.CompositeCacheAttributes jcs.region.lookUpObjectCache.cacheattributes.MaxObjects=4000 -jcs.region.lookUpObjectCache.cacheattributes.MemoryCacheName=org.apache.jcs.engine.memory.lru.LRUMemoryCache +jcs.region.lookUpObjectCache.cacheattributes.MemoryCacheName=org.apache.commons.jcs.engine.memory.lru.LRUMemoryCache diff --git a/ecomp-portal-BE-os/src/main/resources/music.properties b/ecomp-portal-BE-os/src/main/resources/music.properties new file mode 100644 index 00000000..22d0a02d --- /dev/null +++ b/ecomp-portal-BE-os/src/main/resources/music.properties @@ -0,0 +1,27 @@ +music.endpoint = http://vm-ep-dev4.research.att.com/MUSIC/rest/ +music.version = v2 +music.keyspace = keyspaces +music.session.keyspace = test_session +music.tables = tables +music.session.attr.tables = spring_session_attributes +music.session.meta.tables = spring_session +music.rows = rows +music.sesion.rows = +music.x.minor.version = 3 +music.x.patch.version = 0 +music.aid = +music.ns = com.att.ecomp.portal.demeter +music.user.id = m00468@portal.ecomp.att.com +music.password = friedG33nS- +music.consistency.info = type +music.consistency.info.value = eventual +music.cache = false +music.session.max.inactive.interval.seconds = 1800 +#By default it's eventual +music.atomic.get = false +music.atomic.put = true + +cassandra.host=135.197.226.103 +zookeeper.host=135.197.226.103 +cassandra.user=cassandra +cassandra.password=cassandra
\ No newline at end of file diff --git a/ecomp-portal-BE-os/src/main/webapp/WEB-INF/web.xml b/ecomp-portal-BE-os/src/main/webapp/WEB-INF/web.xml index ee60d326..d31739f7 100644 --- a/ecomp-portal-BE-os/src/main/webapp/WEB-INF/web.xml +++ b/ecomp-portal-BE-os/src/main/webapp/WEB-INF/web.xml @@ -69,7 +69,16 @@ <listener> <listener-class>org.onap.portalapp.portal.listener.UserSessionListener</listener-class> </listener> - + <filter> + <filter-name>springSessionRepositoryFilter</filter-name> + <filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class> + </filter> + <filter-mapping> + <filter-name>springSessionRepositoryFilter</filter-name> + <url-pattern>/*</url-pattern> + <dispatcher>REQUEST</dispatcher> + <dispatcher>ERROR</dispatcher> + </filter-mapping> <filter> <filter-name>CorsFilter</filter-name> <filter-class>org.apache.catalina.filters.CorsFilter</filter-class> diff --git a/ecomp-portal-DB-common/portal.cql b/ecomp-portal-DB-common/portal.cql new file mode 100644 index 00000000..6cb62713 --- /dev/null +++ b/ecomp-portal-DB-common/portal.cql @@ -0,0 +1,54 @@ +CREATE KEYSPACE IF NOT EXISTS portal + WITH REPLICATION = { + 'class' : 'SimpleStrategy', + 'replication_factor': 1 + } + AND DURABLE_WRITES = true; + + +CREATE TABLE portal.spring_session ( + primary_id text PRIMARY KEY, + creation_time text, + expiry_time text, + last_access_time text, + max_inactive_interval text, + principal_name text, + session_id text, + vector_ts text +) WITH bloom_filter_fp_chance = 0.01 + AND caching = {'keys': 'ALL', 'rows_per_partition': '10'} + AND comment = '' + AND compaction = {'class': 'org.apache.cassandra.db.compaction.SizeTieredCompactionStrategy', 'max_threshold': '32', 'min_threshold': '4'} + AND compression = {'chunk_length_in_kb': '64', 'class': 'org.apache.cassandra.io.compress.LZ4Compressor'} + AND crc_check_chance = 1.0 + AND dclocal_read_repair_chance = 0.1 + AND default_time_to_live = 0 + AND gc_grace_seconds = 864000 + AND max_index_interval = 2048 + AND memtable_flush_period_in_ms = 0 + AND min_index_interval = 128 + AND read_repair_chance = 0.0 + AND speculative_retry = '99PERCENTILE'; + + +CREATE TABLE portal.spring_session_attributes ( + primary_id text, + attribute_name text, + attribute_bytes blob, + vector_ts text, + PRIMARY KEY (primary_id, attribute_name) +) WITH CLUSTERING ORDER BY (attribute_name ASC) + AND bloom_filter_fp_chance = 0.01 + AND caching = {'keys': 'ALL', 'rows_per_partition': '1'} + AND comment = '' + AND compaction = {'class': 'org.apache.cassandra.db.compaction.SizeTieredCompactionStrategy', 'max_threshold': '32', 'min_threshold': '4'} + AND compression = {'chunk_length_in_kb': '64', 'class': 'org.apache.cassandra.io.compress.LZ4Compressor'} + AND crc_check_chance = 1.0 + AND dclocal_read_repair_chance = 0.1 + AND default_time_to_live = 0 + AND gc_grace_seconds = 864000 + AND max_index_interval = 2048 + AND memtable_flush_period_in_ms = 0 + AND min_index_interval = 128 + AND read_repair_chance = 0.0 + AND speculative_retry = '99PERCENTILE'; diff --git a/ecomp-portal-FE-common/client/app/views/role/role-create-edit-popup-controller.js b/ecomp-portal-FE-common/client/app/views/role/role-create-edit-popup-controller.js index 6475a83d..d06262b0 100644 --- a/ecomp-portal-FE-common/client/app/views/role/role-create-edit-popup-controller.js +++ b/ecomp-portal-FE-common/client/app/views/role/role-create-edit-popup-controller.js @@ -57,7 +57,9 @@ app.controller('roleCreateEditController',function($scope, conf, $http, $modalIn var availableRoleFunction = $scope.roleFunctions[i]; availableRoleFunction.selected = false; for(var j=0; j< $scope.role.roleFunctions.length; j++){ - if($scope.roleFunctions[i].code === $scope.role.roleFunctions[j].code) { + if($scope.roleFunctions[i].code === $scope.role.roleFunctions[j].code + && $scope.roleFunctions[i].type === $scope.role.roleFunctions[j].type + && $scope.roleFunctions[i].action === $scope.role.roleFunctions[j].action) { availableRoleFunction.selected = true; console.log(availableRoleFunction.selected); } @@ -77,7 +79,9 @@ app.controller('roleCreateEditController',function($scope, conf, $http, $modalIn if(!selected) { for(var i=0; i<$scope.finalSelectedRoleFunctions.length; i++){ var availableRoleFunction = $scope.finalSelectedRoleFunctions[i]; - if(availableRoleFunction.code == selectedRoleFunction.code){ + if(availableRoleFunction.code == selectedRoleFunction.code + && availableRoleFunction.type == selectedRoleFunction.type + && availableRoleFunction.action == selectedRoleFunction.action){ $scope.finalSelectedRoleFunctions.splice(i, 1); } } diff --git a/ecomp-portal-FE-common/client/app/views/user-notifications-admin/user.notifications.Json.details.controller.js b/ecomp-portal-FE-common/client/app/views/user-notifications-admin/user.notifications.Json.details.controller.js deleted file mode 100644 index 11bc9b38..00000000 --- a/ecomp-portal-FE-common/client/app/views/user-notifications-admin/user.notifications.Json.details.controller.js +++ /dev/null @@ -1,59 +0,0 @@ -/*- - * ============LICENSE_START========================================== - * ONAP Portal - * =================================================================== - * Copyright (C) 2017 AT&T Intellectual Property. All rights reserved. - * =================================================================== - * - * Unless otherwise specified, all software contained herein is licensed - * under the Apache License, Version 2.0 (the "License"); - * you may not use this software except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * - * Unless otherwise specified, all documentation contained herein is licensed - * under the Creative Commons License, Attribution 4.0 Intl. (the "License"); - * you may not use this documentation except in compliance with the License. - * You may obtain a copy of the License at - * - * https://creativecommons.org/licenses/by/4.0/ - * - * Unless required by applicable law or agreed to in writing, documentation - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * - * ============LICENSE_END============================================ - * - * ECOMP is a trademark and service mark of AT&T Intellectual Property. - */ -'use strict'; - -(function () { - - class userNotificationCtrl { - constructor($scope, ngDialog,items) { - $scope.messageData=items.text; - $scope.messageObject=items.messageObject; - $scope.selectedAdminNotification=items.selectedAdminNotification; - $scope.messageRecipients=items.messageRecipients; - $scope.notifiHyperlink=function(ticket){ - window.open(ticket); - } - } - } - userNotificationCtrl.$inject = ['$scope','ngDialog','items']; - angular.module('ecompApp').controller('userNotificationCtrl', userNotificationCtrl); -})(); - - - - diff --git a/ecomp-portal-FE-common/client/app/views/user-notifications-admin/user.notifications.json.details.controller.js b/ecomp-portal-FE-common/client/app/views/user-notifications-admin/user.notifications.json.details.controller.js deleted file mode 100644 index 11bc9b38..00000000 --- a/ecomp-portal-FE-common/client/app/views/user-notifications-admin/user.notifications.json.details.controller.js +++ /dev/null @@ -1,59 +0,0 @@ -/*- - * ============LICENSE_START========================================== - * ONAP Portal - * =================================================================== - * Copyright (C) 2017 AT&T Intellectual Property. All rights reserved. - * =================================================================== - * - * Unless otherwise specified, all software contained herein is licensed - * under the Apache License, Version 2.0 (the "License"); - * you may not use this software except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * - * Unless otherwise specified, all documentation contained herein is licensed - * under the Creative Commons License, Attribution 4.0 Intl. (the "License"); - * you may not use this documentation except in compliance with the License. - * You may obtain a copy of the License at - * - * https://creativecommons.org/licenses/by/4.0/ - * - * Unless required by applicable law or agreed to in writing, documentation - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * - * ============LICENSE_END============================================ - * - * ECOMP is a trademark and service mark of AT&T Intellectual Property. - */ -'use strict'; - -(function () { - - class userNotificationCtrl { - constructor($scope, ngDialog,items) { - $scope.messageData=items.text; - $scope.messageObject=items.messageObject; - $scope.selectedAdminNotification=items.selectedAdminNotification; - $scope.messageRecipients=items.messageRecipients; - $scope.notifiHyperlink=function(ticket){ - window.open(ticket); - } - } - } - userNotificationCtrl.$inject = ['$scope','ngDialog','items']; - angular.module('ecompApp').controller('userNotificationCtrl', userNotificationCtrl); -})(); - - - - diff --git a/ecomp-portal-widget-ms/widget-ms/pom.xml b/ecomp-portal-widget-ms/widget-ms/pom.xml index 16e0a75a..a3c5546e 100644 --- a/ecomp-portal-widget-ms/widget-ms/pom.xml +++ b/ecomp-portal-widget-ms/widget-ms/pom.xml @@ -142,6 +142,16 @@ <artifactId>tomcat-embed-core</artifactId> <version>8.5.13</version> </dependency> + <dependency> + <groupId>ch.qos.logback</groupId> + <artifactId>logback-core</artifactId> + <version>1.2.3</version> + </dependency> + <dependency> + <groupId>ch.qos.logback</groupId> + <artifactId>logback-classic</artifactId> + <version>1.2.3</version> + </dependency> </dependencies> <build> @@ -27,10 +27,10 @@ <properties> <!-- Jenkins should invoke mvn with argument -Dbuild.number=${BUILD_NUMBER} --> <build.number>0</build.number> - <epsdk.version>2.1.0</epsdk.version> + <epsdk.version>2.2.0-SNAPSHOT</epsdk.version> <springframework.version>4.2.2.RELEASE</springframework.version> <hibernate.version>4.3.11.Final</hibernate.version> - <fasterxml.version>2.9.2</fasterxml.version> + <fasterxml.version>2.8.10</fasterxml.version> <eelf.version>1.0.0</eelf.version> <!-- NOT provided by OParent, unfortunately --> <jacocoVersion>0.7.6.201602180812</jacocoVersion> @@ -38,6 +38,7 @@ <encoding>UTF-8</encoding> <sonar.exclusions>**/scripts/**/*,**.js</sonar.exclusions> <sonar.test.exclusions>**/test/**/*,**/tests/**/*</sonar.test.exclusions> + <enforcer.skip>true</enforcer.skip> </properties> <!-- Specify the repositories here to avoid coordination of ~/.m2/settings.xml |