summaryrefslogtreecommitdiffstats
path: root/ecomp-portal-BE-common/src/main
diff options
context:
space:
mode:
Diffstat (limited to 'ecomp-portal-BE-common/src/main')
-rw-r--r--ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/controller/AppsController.java25
-rw-r--r--ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/controller/AuxApiRequestMapperController.java28
-rw-r--r--ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/controller/ExternalAccessRolesController.java12
-rw-r--r--ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/controller/HealthCheckController.java12
-rw-r--r--ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/controller/RoleManageController.java4
-rw-r--r--ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/controller/RolesController.java41
-rw-r--r--ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/controller/SchedulerController.java30
-rw-r--r--ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/controller/UserRolesController.java42
-rw-r--r--ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/controller/WebAnalyticsExtAppController.java43
-rw-r--r--ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/domain/EPUser.java5
-rw-r--r--ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/domain/EPUserApp.java8
-rw-r--r--ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/interceptor/PortalResourceInterceptor.java212
-rw-r--r--ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/listener/HealthMonitor.java57
-rw-r--r--ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/scheduleraux/SchedulerAuxUtil.java3
-rw-r--r--ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/service/AdminRolesService.java4
-rw-r--r--ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/service/AdminRolesServiceImpl.java105
-rw-r--r--ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/service/ApplicationsRestClientServiceImpl.java71
-rw-r--r--ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/service/EPAppCommonServiceImpl.java98
-rw-r--r--ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/service/EPLeftMenuServiceImpl.java22
-rw-r--r--ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/service/ExternalAccessRolesService.java36
-rw-r--r--ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/service/ExternalAccessRolesServiceImpl.java1537
-rw-r--r--ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/service/UserRolesCommonServiceImpl.java673
-rw-r--r--ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/service/UserRolesService.java5
-rw-r--r--ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/transport/CentralUserApp.java6
-rw-r--r--ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/transport/CentralV2UserApp.java6
-rw-r--r--ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/transport/EPUserAppCurrentRoles.java6
-rw-r--r--ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/transport/EcompUserAppRoles.java6
-rw-r--r--ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/transport/ExternalRoleDescription.java19
-rw-r--r--ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/utils/EPCommonSystemProperties.java1
-rw-r--r--ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/utils/EcompPortalUtils.java9
-rw-r--r--ecomp-portal-BE-common/src/main/webapp/WEB-INF/fusion/orm/EP.hbm.xml96
31 files changed, 2065 insertions, 1157 deletions
diff --git a/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/controller/AppsController.java b/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/controller/AppsController.java
index c7246de0..289c8279 100644
--- a/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/controller/AppsController.java
+++ b/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/controller/AppsController.java
@@ -80,6 +80,9 @@ import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod;
import org.springframework.web.bind.annotation.RestController;
+import com.fasterxml.jackson.core.JsonProcessingException;
+import com.fasterxml.jackson.databind.ObjectMapper;
+
@RestController
@EnableAspectJAutoProxy
@EPAuditLog
@@ -174,8 +177,8 @@ public class AppsController extends EPRestrictedBaseController {
EPUser user = EPUserUtils.getUserSession(request);
List<AppIdAndNameTransportModel> adminApps = null;
- try {
- if (!adminRolesService.isAccountAdmin(user)) {
+ try {
+ if (!adminRolesService.isAccountAdmin(user) && !adminRolesService.isRoleAdmin(user) ) {
EcompPortalUtils.setBadPermissions(user, response, "getAdminApps");
} else {
adminApps = appService.getAdminApps(user);
@@ -206,7 +209,7 @@ public class AppsController extends EPRestrictedBaseController {
List<AppIdAndNameTransportModel> adminApps = null;
try {
- if (!adminRolesService.isSuperAdmin(user) && !adminRolesService.isAccountAdmin(user)) {
+ if (!adminRolesService.isSuperAdmin(user) && !adminRolesService.isAccountAdmin(user) && !adminRolesService.isRoleAdmin(user) ) {
EcompPortalUtils.setBadPermissions(user, response, "getAdminApps");
} else {
adminApps = appService.getAppsForSuperAdminAndAccountAdmin(user);
@@ -689,11 +692,14 @@ public class AppsController extends EPRestrictedBaseController {
public FieldsValidator putOnboardingApp(HttpServletRequest request,
@RequestBody OnboardingApp modifiedOnboardingApp, HttpServletResponse response) {
FieldsValidator fieldsValidator = null;
+ EPUser user = null;
+ EPApp oldEPApp = null;
try {
- EPUser user = EPUserUtils.getUserSession(request);
+ user = EPUserUtils.getUserSession(request);
if (!adminRolesService.isSuperAdmin(user)) {
EcompPortalUtils.setBadPermissions(user, response, "putOnboardingApp");
} else {
+ oldEPApp = appService.getApp(modifiedOnboardingApp.id);
modifiedOnboardingApp.normalize();
fieldsValidator = appService.modifyOnboardingApp(modifiedOnboardingApp, user);
response.setStatus(fieldsValidator.httpStatusCode.intValue());
@@ -701,7 +707,16 @@ public class AppsController extends EPRestrictedBaseController {
} catch (Exception e) {
logger.error(EELFLoggerDelegate.errorLogger, "putOnboardingApps failed", e);
}
-
+ if(response.getStatus()==200) {
+ try {
+ String oldvaluesAsJson = new ObjectMapper().writeValueAsString(oldEPApp);
+ String newvaluesAsJson = new ObjectMapper().writeValueAsString(modifiedOnboardingApp);
+ logger.info(EELFLoggerDelegate.auditLogger, "/portalApi/onboardingApps, old values ="+oldvaluesAsJson);
+ logger.info(EELFLoggerDelegate.auditLogger, "/portalApi/onboardingApps, loginId="+user.getLoginId()+", new values ="+newvaluesAsJson);
+ } catch (JsonProcessingException e) {
+ logger.error(EELFLoggerDelegate.errorLogger, "putOnboardingApps failed", e);
+ }
+ }
EcompPortalUtils.logAndSerializeObject(logger, "/portalApi/onboardingApps", "PUT result =",
response.getStatus());
return fieldsValidator;
diff --git a/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/controller/AuxApiRequestMapperController.java b/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/controller/AuxApiRequestMapperController.java
index 60c25c65..fe2c349f 100644
--- a/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/controller/AuxApiRequestMapperController.java
+++ b/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/controller/AuxApiRequestMapperController.java
@@ -51,6 +51,7 @@ import java.util.regex.Pattern;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
+import org.onap.aaf.cadi.aaf.AAFPermission;
import org.onap.portalapp.annotation.ApiVersion;
import org.onap.portalapp.externalsystemapproval.model.ExternalSystemUser;
import org.onap.portalapp.portal.domain.CentralV2RoleFunction;
@@ -887,4 +888,31 @@ public class AuxApiRequestMapperController implements ApplicationContextAware, B
return fnMenuItems;
}
+
+ @ApiOperation(value = "Gets MechId roles", response = String.class, responseContainer = "List")
+ @RequestMapping(value = { "/v3/systemUser" }, method = RequestMethod.GET, produces = "application/json")
+ public List<AAFPermission> getSystemUserPerms(HttpServletRequest request, HttpServletResponse response) throws Exception {
+ List<AAFPermission> permsList = null;
+ Map<String, Object> res = getMethod(request, response);
+ try {
+ permsList = (List<AAFPermission>) invokeMethod(res, request, response);
+ } catch (Exception e) {
+ logger.error(EELFLoggerDelegate.errorLogger, "getSystemUserPerms failed", e);
+ }
+ return permsList;
+ }
+
+ @ApiOperation(value = "Update role description in external auth system for an application.", response = PortalRestResponse.class, responseContainer = "Json")
+ @RequestMapping(value = { "/v3/update/app/roleDescription" }, method = RequestMethod.PUT, produces = "application/json")
+ public PortalRestResponse<String> updateAppRoleDescription(HttpServletRequest request, HttpServletResponse response) throws Exception {
+ PortalRestResponse<String> result = null;
+ Map<String, Object> res = getMethod(request, response);
+ try {
+ result = (PortalRestResponse<String>) invokeMethod(res, request, response);
+ return result;
+ } catch (Exception e) {
+ logger.error(EELFLoggerDelegate.errorLogger, "updateAppRoleDescription failed", e);
+ return new PortalRestResponse<String>(PortalRestStatusEnum.ERROR, e.getMessage(), "Failed");
+ }
+ }
}
diff --git a/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/controller/ExternalAccessRolesController.java b/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/controller/ExternalAccessRolesController.java
index 4a5e0331..5f6818f1 100644
--- a/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/controller/ExternalAccessRolesController.java
+++ b/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/controller/ExternalAccessRolesController.java
@@ -43,6 +43,8 @@ import java.util.ArrayList;
import java.util.HashMap;
import java.util.List;
import java.util.Map;
+import java.util.Set;
+import java.util.TreeSet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
@@ -107,7 +109,7 @@ public class ExternalAccessRolesController implements BasicAuthenticationControl
private static final String SUCCESSFULLY_DELETED = "Successfully Deleted";
- private static final String INVALID_UEB_KEY = "Invalid uebkey!";
+ private static final String INVALID_UEB_KEY = "Invalid credentials!";
private static final String LOGIN_ID = "LoginId";
@@ -770,7 +772,7 @@ public class ExternalAccessRolesController implements BasicAuthenticationControl
addedRoleFunctions = externalAccessRolesService.bulkUploadPartnerRoleFunctions(request.getHeader(UEBKEY));
} catch (Exception e) {
response.setStatus(HttpServletResponse.SC_INTERNAL_SERVER_ERROR);
- logger.error(EELFLoggerDelegate.errorLogger, "bulkUploadRoles failed", e);
+ logger.error(EELFLoggerDelegate.errorLogger, "bulkUploadPartnerRoleFunctions failed", e);
return new PortalRestResponse<String>(PortalRestStatusEnum.ERROR, "Failed to bulkUploadPartnerRoleFunctions", "Failed");
}
return new PortalRestResponse<String>(PortalRestStatusEnum.OK, "Successfully added: '"+addedRoleFunctions + "' role functions", "Success");
@@ -859,10 +861,16 @@ public class ExternalAccessRolesController implements BasicAuthenticationControl
String answer = null;
try {
fieldsValidation(request);
+
answer = externalAccessRolesService.getV2UserWithRoles(loginId, request.getHeader(UEBKEY));
if (answer != null) {
User ecompUser = userservice.userMapper(answer);
user = UserUtils.convertToEcompUser(ecompUser);
+ List<EcompRole> missingRolesOfUser = externalAccessRolesService.missingUserApplicationRoles(request.getHeader(UEBKEY), loginId, user.getRoles());
+ if (missingRolesOfUser.size() > 0) {
+ Set<EcompRole> roles = new TreeSet<EcompRole>(missingRolesOfUser);
+ user.getRoles().addAll(roles);
+ }
}
} catch (Exception e) {
sendErrorResponse(response, e);
diff --git a/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/controller/HealthCheckController.java b/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/controller/HealthCheckController.java
index 811e10ce..cecbd9bd 100644
--- a/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/controller/HealthCheckController.java
+++ b/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/controller/HealthCheckController.java
@@ -164,12 +164,12 @@ public class HealthCheckController extends EPUnRestrictedBaseController {
EPLogUtil.logEcompError(logger, EPAppMessagesEnum.BeDaoSystemError);
}
- if (!HealthMonitor.isClusterStatusOk()) {
- dbInfo.dbClusterStatus = "Problem, check the logs for more details";
- EPLogUtil.logEcompError(logger, EPAppMessagesEnum.BeDaoSystemError);
- } else {
- dbInfo.dbClusterStatus = statusOk;
- }
+// if (!HealthMonitor.isClusterStatusOk()) {
+// dbInfo.dbClusterStatus = "Problem, check the logs for more details";
+// EPLogUtil.logEcompError(logger, EPAppMessagesEnum.BeDaoSystemError);
+// } else {
+// dbInfo.dbClusterStatus = statusOk;
+// }
if (!HealthMonitor.isDatabasePermissionsOk()) {
dbInfo.dbPermissions = "Problem, check the logs for more details";
diff --git a/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/controller/RoleManageController.java b/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/controller/RoleManageController.java
index 4956e3fd..c6849cd8 100644
--- a/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/controller/RoleManageController.java
+++ b/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/controller/RoleManageController.java
@@ -656,7 +656,7 @@ public class RoleManageController extends EPRestrictedBaseController {
public List<CentralizedApp> getCentralizedAppRoles(HttpServletRequest request, HttpServletResponse response, String userId) throws IOException {
EPUser user = EPUserUtils.getUserSession(request);
List<CentralizedApp> applicationsList = null;
- if (adminRolesService.isAccountAdmin(user) || adminRolesService.isSuperAdmin(user)) {
+ if (adminRolesService.isAccountAdmin(user) || adminRolesService.isSuperAdmin(user) || adminRolesService.isRoleAdmin(user)) {
applicationsList = externalAccessRolesService.getCentralizedAppsOfUser(userId);
} else {
logger.info(EELFLoggerDelegate.auditLogger,
@@ -769,7 +769,7 @@ public class RoleManageController extends EPRestrictedBaseController {
app.getUebKey();
List<EPApp> appInfo = externalAccessRolesService.getApp(app.getUebKey());
if(appInfo.isEmpty()){
- throw new InvalidApplicationException("Invalid uebkey");
+ throw new InvalidApplicationException("Invalid credentials");
}
if(!appInfo.isEmpty() && EcompPortalUtils.checkIfRemoteCentralAccessAllowed() && appInfo.get(0).getCentralAuth()){
ResponseEntity<String> response = externalAccessRolesService.getNameSpaceIfExists(appInfo.get(0));
diff --git a/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/controller/RolesController.java b/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/controller/RolesController.java
index c61fb43b..c976629a 100644
--- a/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/controller/RolesController.java
+++ b/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/controller/RolesController.java
@@ -41,21 +41,21 @@ import java.util.List;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
+import org.onap.aaf.cadi.aaf.AAFPermission;
import org.onap.portalapp.annotation.ApiVersion;
import org.onap.portalapp.portal.domain.CentralV2RoleFunction;
import org.onap.portalapp.portal.ecomp.model.PortalRestResponse;
+import org.onap.portalapp.portal.ecomp.model.PortalRestStatusEnum;
import org.onap.portalapp.portal.logging.aop.EPAuditLog;
-import org.onap.portalapp.portal.transport.CentralUser;
+import org.onap.portalapp.portal.service.ExternalAccessRolesService;
import org.onap.portalapp.portal.transport.CentralV2Role;
import org.onap.portalsdk.core.domain.Role;
-import org.onap.portalsdk.core.domain.RoleFunction;
+import org.onap.portalsdk.core.logging.logic.EELFLoggerDelegate;
+import org.onap.portalsdk.core.onboarding.util.AuthUtil;
import org.onap.portalsdk.core.restful.domain.EcompRole;
import org.onap.portalsdk.core.restful.domain.EcompUser;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.EnableAspectJAutoProxy;
-import org.springframework.web.bind.annotation.PathVariable;
-import org.springframework.web.bind.annotation.RequestMapping;
-import org.springframework.web.bind.annotation.RequestMethod;
import io.swagger.annotations.ApiOperation;
@@ -64,14 +64,23 @@ import io.swagger.annotations.ApiOperation;
@EPAuditLog
@ApiVersion
public class RolesController implements BasicAuthenticationController {
+
+ private static EELFLoggerDelegate logger = EELFLoggerDelegate.getLogger(RolesController.class);
+
final String LOGINID_PATTERN = "/v3/user/[a-zA-Z0-9]{1,25}$";
final String FUNCTION_CD_PATTERN = "/v3/function/[a-zA-Z0-9_-]{1,75}$";
final String DELETE_ROLEFUNCTION = "/v3/roleFunction/[a-zA-Z0-9_-]{1,75}$";
+
+ private static final String UEBKEY = "uebkey";
+
+ @Autowired
+ private ExternalAccessRolesService externalAccessRolesService;
@Autowired
ExternalAccessRolesController externalAccessRolesController = new ExternalAccessRolesController();
+
@ApiOperation(value = "Gets roles for an application which is upgraded to newer version.", response = CentralV2Role.class, responseContainer = "Json")
@ApiVersion(max = "v3", service = "/v3/roles", min = 0, method = "GET")
@@ -192,6 +201,22 @@ public class RolesController implements BasicAuthenticationController {
public List<String> getMenuFunctions(HttpServletRequest request, HttpServletResponse response) throws Exception {
return externalAccessRolesController.getMenuFunctions(request, response);
}
+
+ @ApiVersion(max = "v3", service = "/v3/update/app/roleDescription", min = 0, method = "PUT")
+ public PortalRestResponse<String> updateAppRoleDescription(HttpServletRequest request, HttpServletResponse response)
+ throws Exception {
+ Integer updatedRoleDesc = 0;
+ try {
+ updatedRoleDesc = externalAccessRolesService.updateAppRoleDescription(request.getHeader(UEBKEY));
+ } catch (Exception e) {
+ response.setStatus(HttpServletResponse.SC_INTERNAL_SERVER_ERROR);
+ logger.error(EELFLoggerDelegate.errorLogger, "updateAppRoleDescription: failed!", e);
+ return new PortalRestResponse<String>(PortalRestStatusEnum.ERROR,
+ "updateAppRoleDescription: " + e.getMessage(), "Failure");
+ }
+ return new PortalRestResponse<String>(PortalRestStatusEnum.OK,
+ "Successfully updated app role descriptions: '" + updatedRoleDesc + "'", "Success");
+ }
@ApiVersion(max = "v4", service = "/v4/user/[a-zA-Z0-9]{1,25}$", min = 0, method = "GET")
public String getEcompUser(HttpServletRequest request, HttpServletResponse response, String loginId)
@@ -204,4 +229,10 @@ public class RolesController implements BasicAuthenticationController {
throws Exception {
return externalAccessRolesController.getEcompRolesOfApplication(request, response);
}
+
+ @ApiVersion(max = "v3", service = "/v3/systemUser", min = 0, method = "GET")
+ public List<AAFPermission> getSystemUser(HttpServletRequest request, HttpServletResponse response)
+ throws Exception {
+ return AuthUtil.getAAFPermissions(request);
+ }
}
diff --git a/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/controller/SchedulerController.java b/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/controller/SchedulerController.java
index cb7c0d44..0be83c97 100644
--- a/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/controller/SchedulerController.java
+++ b/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/controller/SchedulerController.java
@@ -99,7 +99,8 @@ public class SchedulerController extends EPRestrictedBaseController {
String startTimeRequest = requestDateFormat.format(startingTime);
logger.debug(EELFLoggerDelegate.debugLogger, "Controller Scheduler GET Timeslots for startTimeRequest: ",
startTimeRequest);
- logger.debug(EELFLoggerDelegate.debugLogger, "Original Request : \n ", scheduler_request);
+ logger.debug(EELFLoggerDelegate.debugLogger, "Original Request = {} ", scheduler_request);
+
String path = SchedulerProperties.getProperty(SchedulerProperties.SCHEDULER_GET_TIME_SLOTS)
+ scheduler_request;
@@ -107,7 +108,7 @@ public class SchedulerController extends EPRestrictedBaseController {
Date endTime = new Date();
String endTimeRequest = requestDateFormat.format(endTime);
- logger.debug(EELFLoggerDelegate.debugLogger, "Controller Scheduler - GET for EndTimeRequest",
+ logger.debug(EELFLoggerDelegate.debugLogger, "Controller Scheduler - GET for EndTimeRequest = {}",
endTimeRequest);
return (new ResponseEntity<String>(schedulerResWrapper.getResponse(),
HttpStatus.valueOf(schedulerResWrapper.getStatus())));
@@ -134,12 +135,12 @@ public class SchedulerController extends EPRestrictedBaseController {
schedulerRestController.Get(str, uuid, path, restObjStr);
GetTimeSlotsWrapper schedulerRespWrapper = SchedulerUtil.getTimeSlotsWrapResponse(restObjStr);
- logger.debug(EELFLoggerDelegate.debugLogger, "Get Time Slots Request END : Response: ",
+ logger.debug(EELFLoggerDelegate.debugLogger, "Get Time Slots Request END : Response: {}",
schedulerRespWrapper.getResponse());
if (schedulerRespWrapper.getStatus() != 200 && schedulerRespWrapper.getStatus() != 204
&& schedulerRespWrapper.getStatus() != 202) {
String message = String.format(
- " getTimeslots Information failed . SchedulerResponseWrapper for gettimeslots: %s", schedulerRespWrapper.getResponse());
+ " getTimeslots Information failed . SchedulerResponseWrapper for gettimeslots: {}", schedulerRespWrapper.getResponse());
logger.error(EELFLoggerDelegate.errorLogger, message);
EPLogUtil.schedulerAccessAlarm(logger, schedulerRespWrapper.getStatus());
@@ -167,11 +168,11 @@ public class SchedulerController extends EPRestrictedBaseController {
String uuid = UUID.randomUUID().toString();
scheduler_request.put("scheduleId", uuid);
- logger.debug(EELFLoggerDelegate.debugLogger, "UUID : ", uuid);
+ logger.debug(EELFLoggerDelegate.debugLogger, "UUID = {} ", uuid);
// adding uuid to the request payload
scheduler_request.put("scheduleId", uuid);
- logger.debug(EELFLoggerDelegate.debugLogger, "Original Request ", scheduler_request.toString());
+ logger.debug(EELFLoggerDelegate.debugLogger, "Original Request = {}", scheduler_request.toString());
String path = SchedulerProperties
.getProperty(SchedulerProperties.SCHEDULER_CREATE_NEW_VNF_CHANGE_INSTANCE_VAL) + uuid;
@@ -180,7 +181,7 @@ public class SchedulerController extends EPRestrictedBaseController {
Date endTime = new Date();
String endTimeRequest = requestDateFormat.format(endTime);
- logger.debug(EELFLoggerDelegate.debugLogger, "Controller Scheduler - POST", endTimeRequest);
+ logger.debug(EELFLoggerDelegate.debugLogger, "Controller Scheduler - POST= {}", endTimeRequest);
return new ResponseEntity<String>(responseWrapper.getResponse(),
HttpStatus.valueOf(responseWrapper.getStatus()));
@@ -214,7 +215,7 @@ public class SchedulerController extends EPRestrictedBaseController {
PostCreateNewVnfWrapper responseWrapper = SchedulerUtil.postCreateNewVnfWrapResponse(restObjStr);
- logger.debug(EELFLoggerDelegate.debugLogger, " Post Create New Vnf Scheduling Request END : Response: ",
+ logger.debug(EELFLoggerDelegate.debugLogger, " Post Create New Vnf Scheduling Request END : Response = {}",
responseWrapper.getResponse());
if (responseWrapper.getStatus() != 200 && responseWrapper.getStatus() != 202 && responseWrapper.getStatus() != 204) {
logger.error(EELFLoggerDelegate.errorLogger, "PostCreateNewVnfWrapper Information failed", responseWrapper.getResponse());
@@ -235,15 +236,15 @@ public class SchedulerController extends EPRestrictedBaseController {
try {
Date startingTime = new Date();
String startTimeRequest = requestDateFormat.format(startingTime);
- logger.debug(EELFLoggerDelegate.debugLogger, " Controller Scheduler POST : submit_vnf_change_timeslots",
+ logger.debug(EELFLoggerDelegate.debugLogger, " Controller Scheduler POST : submit_vnf_change_timeslots = {}",
startTimeRequest);
// Generating uuid
String uuid = (String) scheduler_request.get("scheduleId");
- logger.debug(EELFLoggerDelegate.debugLogger, "UUID : ", uuid);
+ logger.debug(EELFLoggerDelegate.debugLogger, "UUID = {} ", uuid);
scheduler_request.remove("scheduleId");
- logger.debug(EELFLoggerDelegate.debugLogger, "Original Request for the schedulerId: ",
+ logger.debug(EELFLoggerDelegate.debugLogger, "Original Request for the schedulerId= {} ",
scheduler_request.toString());
String path = SchedulerProperties.getProperty(SchedulerProperties.SCHEDULER_SUBMIT_NEW_VNF_CHANGE)
@@ -254,7 +255,7 @@ public class SchedulerController extends EPRestrictedBaseController {
Date endTime = new Date();
String endTimeRequest = requestDateFormat.format(endTime);
- logger.debug(EELFLoggerDelegate.debugLogger, " Controller Scheduler - POST Submit for end time request",
+ logger.debug(EELFLoggerDelegate.debugLogger, " Controller Scheduler - POST Submit for end time request= {}",
endTimeRequest);
return (new ResponseEntity<String>(responseWrapper.getResponse(),HttpStatus.valueOf(responseWrapper.getStatus())));
@@ -289,7 +290,7 @@ public class SchedulerController extends EPRestrictedBaseController {
PostSubmitVnfChangeTimeSlotsWrapper responseWrapper = SchedulerUtil
.postSubmitNewVnfWrapResponse(restObjStr);
- logger.debug(EELFLoggerDelegate.debugLogger, "Post Submit Scheduling Request END : Response = ",
+ logger.debug(EELFLoggerDelegate.debugLogger, "Post Submit Scheduling Request END : Response = {}",
responseWrapper.getResponse());
if (responseWrapper.getStatus() != 200 && responseWrapper.getStatus() != 202
&& responseWrapper.getStatus() != 204) {
@@ -336,7 +337,10 @@ public class SchedulerController extends EPRestrictedBaseController {
else
throw new Exception(entry.getKey() + errorMsg);
}
+ logger.debug(EELFLoggerDelegate.debugLogger, " portalRestResponse - getSchedulerConstant= {}",
+ map);
portalRestResponse = new PortalRestResponse<Map<String, String>>(PortalRestStatusEnum.OK, "success", map);
+
} catch (Exception e) {
logger.error(EELFLoggerDelegate.errorLogger, "getSchedulerConstant failed", e);
portalRestResponse = new PortalRestResponse<Map<String, String>>(PortalRestStatusEnum.ERROR, e.getMessage(),
diff --git a/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/controller/UserRolesController.java b/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/controller/UserRolesController.java
index f5113264..72ae07da 100644
--- a/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/controller/UserRolesController.java
+++ b/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/controller/UserRolesController.java
@@ -65,6 +65,8 @@ import org.onap.portalapp.portal.service.UserRolesService;
import org.onap.portalapp.portal.transport.AppNameIdIsAdmin;
import org.onap.portalapp.portal.transport.AppWithRolesForUser;
import org.onap.portalapp.portal.transport.AppsListWithAdminRole;
+import org.onap.portalapp.portal.transport.EpNotificationItem;
+import org.onap.portalapp.portal.transport.ExternalRequestFieldsValidator;
import org.onap.portalapp.portal.transport.FieldsValidator;
import org.onap.portalapp.portal.transport.RoleInAppForUser;
import org.onap.portalapp.portal.transport.UserApplicationRoles;
@@ -80,6 +82,7 @@ import org.onap.portalsdk.core.util.SystemProperties;
import org.slf4j.MDC;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.EnableAspectJAutoProxy;
+import org.springframework.http.ResponseEntity;
import org.springframework.web.bind.annotation.PathVariable;
import org.springframework.web.bind.annotation.RequestBody;
import org.springframework.web.bind.annotation.RequestMapping;
@@ -123,7 +126,7 @@ public class UserRolesController extends EPRestrictedBaseController {
HttpServletResponse response) {
EPUser user = EPUserUtils.getUserSession(request);
String searchResult = null;
- if (!adminRolesService.isSuperAdmin(user) && !adminRolesService.isAccountAdmin(user)) {
+ if (!adminRolesService.isSuperAdmin(user) && !adminRolesService.isAccountAdmin(user) && !adminRolesService.isRoleAdmin(user) ) {
EcompPortalUtils.setBadPermissions(user, response, "getPhoneBookSearchResult");
} else {
searchString = searchString.trim();
@@ -227,6 +230,7 @@ public class UserRolesController extends EPRestrictedBaseController {
}
}else{
logger.error(EELFLoggerDelegate.errorLogger, "putAppWithUserRoleStateForUser: putAppsWithAdminRoleStateForUser result is null");
+ fieldsValidator.httpStatusCode = new Long(HttpServletResponse.SC_INTERNAL_SERVER_ERROR);
}
logger.info(EELFLoggerDelegate.errorLogger, newAppRoles.toString());
@@ -286,12 +290,14 @@ public class UserRolesController extends EPRestrictedBaseController {
EPUser user = EPUserUtils.getUserSession(request);
List<RoleInAppForUser> result = null;
String feErrorString = "";
- if (!adminRolesService.isAccountAdmin(user)) {
+ if (!adminRolesService.isAccountAdmin(user) && !adminRolesService.isRoleAdmin(user) ) {
+ logger.debug(EELFLoggerDelegate.debugLogger, "getAppRolesForUser: Accountadminpermissioncheck {}, RoleAdmincheck {}", adminRolesService.isAccountAdmin(user) , adminRolesService.isRoleAdmin(user));
EcompPortalUtils.setBadPermissions(user, response, "getAppRolesForUser");
feErrorString = EcompPortalUtils.getFEErrorString(true, response.getStatus());
} else {
if (EcompPortalUtils.legitimateUserId(orgUserId)) {
- result = userRolesService.getAppRolesForUser(appid, orgUserId, extRequestValue);
+ result = userRolesService.getAppRolesForUser(appid, orgUserId, extRequestValue, user);
+ logger.debug(EELFLoggerDelegate.debugLogger, "getAppRolesForUser: result {}, appId {}", result , appid);
int responseCode = EcompPortalUtils.getExternalAppResponseCode();
if (responseCode != 0 && responseCode != 200) {
// external error
@@ -342,9 +348,10 @@ public class UserRolesController extends EPRestrictedBaseController {
@RequestMapping(value = { "/portalApi/userAppRoles" }, method = {
RequestMethod.PUT }, produces = "application/json")
- public FieldsValidator putAppWithUserRoleStateForUser(HttpServletRequest request,
+ public PortalRestResponse<String> putAppWithUserRoleStateForUser(HttpServletRequest request,
@RequestBody AppWithRolesForUser newAppRolesForUser, HttpServletResponse response) {
- FieldsValidator fieldsValidator = new FieldsValidator();
+ //FieldsValidator fieldsValidator = new FieldsValidator();
+ PortalRestResponse<String> portalResponse = new PortalRestResponse<>();
StringBuilder sbUserApps = new StringBuilder();
if (newAppRolesForUser != null) {
sbUserApps.append("User '" + newAppRolesForUser.orgUserId);
@@ -364,14 +371,17 @@ public class UserRolesController extends EPRestrictedBaseController {
logger.info(EELFLoggerDelegate.applicationLogger, "putAppWithUserRoleStateForUser: {}", sbUserApps.toString());
EPUser user = EPUserUtils.getUserSession(request);
- boolean changesApplied = false;
- if (!adminRolesService.isAccountAdmin(user)) {
+ //boolean changesApplied = false;
+ ExternalRequestFieldsValidator changesApplied = null;
+
+ if (!adminRolesService.isAccountAdmin(user) && !adminRolesService.isRoleAdmin(user) ) {
EcompPortalUtils.setBadPermissions(user, response, "putAppWithUserRoleStateForUser");
} else if(newAppRolesForUser==null){
logger.error(EELFLoggerDelegate.errorLogger, "putAppWithUserRoleStateForUser: newAppRolesForUser is null");
} else{
- changesApplied = userRolesService.setAppWithUserRoleStateForUser(user, newAppRolesForUser);
- if (changesApplied) {
+ changesApplied= userRolesService.setAppWithUserRoleStateForUser(user, newAppRolesForUser);
+ try{
+ if (changesApplied.isResult()) {
logger.info(EELFLoggerDelegate.applicationLogger,
"putAppWithUserRoleStateForUser: succeeded for app {}, user {}", newAppRolesForUser.appId,
newAppRolesForUser.orgUserId);
@@ -395,17 +405,25 @@ public class UserRolesController extends EPRestrictedBaseController {
MDC.remove(EPCommonSystemProperties.AUDITLOG_BEGIN_TIMESTAMP);
MDC.remove(EPCommonSystemProperties.AUDITLOG_END_TIMESTAMP);
MDC.remove(SystemProperties.MDC_TIMER);
- } else {
+ portalResponse = new PortalRestResponse<>(PortalRestStatusEnum.OK,"success",null);
+
+ }
+ if (!changesApplied.isResult())
+ throw new Exception(changesApplied.getDetailMessage());
+
+ }catch (Exception e){
logger.error(EELFLoggerDelegate.errorLogger,
"putAppWithUserRoleStateForUser: failed for app {}, user {}", newAppRolesForUser.appId,
newAppRolesForUser.orgUserId);
+ portalResponse = new PortalRestResponse<>(PortalRestStatusEnum.ERROR, e.getMessage(), null);
}
}
EcompPortalUtils.logAndSerializeObject(logger, "/portalApi/userAppRoles", "put result =", changesApplied);
- return fieldsValidator;
+ return portalResponse;
}
-
+
+
@RequestMapping(value = { "/portalApi/updateRemoteUserProfile" }, method = {
RequestMethod.GET }, produces = "application/json")
public PortalRestResponse<String> updateRemoteUserProfile(HttpServletRequest request,
diff --git a/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/controller/WebAnalyticsExtAppController.java b/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/controller/WebAnalyticsExtAppController.java
index afde8bc5..743cbc9a 100644
--- a/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/controller/WebAnalyticsExtAppController.java
+++ b/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/controller/WebAnalyticsExtAppController.java
@@ -45,6 +45,7 @@ import java.util.Map;
import javax.servlet.http.HttpServletRequest;
import org.apache.commons.io.IOUtils;
+import org.apache.commons.lang.StringUtils;
import org.onap.portalapp.controller.EPRestrictedRESTfulBaseController;
import org.onap.portalapp.portal.domain.EPApp;
import org.onap.portalapp.portal.domain.EcompAuditLog;
@@ -138,6 +139,25 @@ public class WebAnalyticsExtAppController extends EPRestrictedRESTfulBaseControl
@RequestMapping(value = { "/analytics" }, method = RequestMethod.GET, produces = "application/javascript")
public String getAnalyticsScript(HttpServletRequest request) throws Exception {
String responseText = "";
+ EPApp app = null;
+ String version = "";
+ try {
+ app = getApp(request);
+ } catch (Exception e) {
+ logger.error(EELFLoggerDelegate.errorLogger,
+ " Error retrieving Application to capture app name for analytics; Proceeding with empty app name");
+ }
+ if (app != null) {
+ String restEndPoint = app.getAppRestEndpoint();
+ if(restEndPoint.indexOf("/api")!=-1) {
+ version = restEndPoint.substring(restEndPoint.indexOf("/api")+4);
+ }
+ }
+ String END_POINT = "/storeAnalytics";
+ if(StringUtils.isNotBlank(version)) {
+ END_POINT = version + "/storeAnalytics";
+ }
+
final String fileName = "analytics.txt";
InputStream analyticsFileStream = null;
try {
@@ -152,8 +172,8 @@ public class WebAnalyticsExtAppController extends EPRestrictedRESTfulBaseControl
String feURLContext = SystemProperties.getProperty("frontend_url");
String feURL = feURLContext.substring(0, feURLContext.lastIndexOf('/'));
-
responseText = responseText.replace("PORTAL_ENV_URL", feURL);
+ responseText = responseText.replace("$END_POINT", END_POINT);
return responseText;
}
@@ -215,18 +235,23 @@ public class WebAnalyticsExtAppController extends EPRestrictedRESTfulBaseControl
}
protected String getAppName(HttpServletRequest request, String appName) {
+
+ EPApp appRecord = getApp(request);
+ if (appRecord != null) {
+ appName = appRecord.getName();
+ }
+ return appName;
+ }
+
+ protected EPApp getApp(HttpServletRequest request) {
String appKeyValue = request.getHeader(APP_KEY);
+ EPApp appRecord = null;
if (appKeyValue == null || appKeyValue.equals("")) {
logger.error(EELFLoggerDelegate.errorLogger, " App Key unavailable; Proceeding with null app name");
} else {
- EPApp appRecord = appCacheService.getAppFromUeb(appKeyValue);
- if (appRecord == null) {
- logger.error(EELFLoggerDelegate.errorLogger, " App could not be found for the key " + appKeyValue);
- } else
- appName = appRecord.getName();
-
+ appRecord = appCacheService.getAppFromUeb(appKeyValue);
}
- return appName;
+ return appRecord;
}
protected void storeAuxAnalytics(Analytics analyticsMap, String appName) {
@@ -253,5 +278,5 @@ public class WebAnalyticsExtAppController extends EPRestrictedRESTfulBaseControl
HttpMethod.POST, entity, String.class);
out.addCallback(successCallback, failureCallback);
}
-
+
}
diff --git a/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/domain/EPUser.java b/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/domain/EPUser.java
index 0b43b5d9..d7cce0ec 100644
--- a/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/domain/EPUser.java
+++ b/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/domain/EPUser.java
@@ -538,9 +538,10 @@ public class EPUser extends User {
SortedSet<EPRole> roles = new TreeSet<EPRole>();
SortedSet<EPUserApp> userAppRoles = getEPUserApps();
- logger.debug(EELFLoggerDelegate.debugLogger, "In EPUser.getAppEPRoles() - userApps = ", userAppRoles.size());
+ logger.debug(EELFLoggerDelegate.debugLogger, "In EPUser.getAppEPRoles() - userApps = {} ", userAppRoles.size());
Iterator<EPUserApp> userAppRolesIterator = userAppRoles.iterator();
+
EPUserApp userAppRole = null;
// getting default app
while (userAppRolesIterator.hasNext()) {
@@ -561,7 +562,7 @@ public class EPUser extends User {
}
}
}
- logger.debug(EELFLoggerDelegate.debugLogger, "In EPUser.getAppEPRoles() - roles = ", roles.size());
+ logger.debug(EELFLoggerDelegate.debugLogger, "In EPUser.getAppEPRoles() - roles = {}" , roles.size());
return roles;
}
diff --git a/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/domain/EPUserApp.java b/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/domain/EPUserApp.java
index f0dd7b2b..3470a9e3 100644
--- a/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/domain/EPUserApp.java
+++ b/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/domain/EPUserApp.java
@@ -47,7 +47,7 @@ public class EPUserApp extends DomainVo implements java.io.Serializable, Compara
private Long userId;
private EPApp app;
private EPRole role;
- private Short priority;
+ private Integer priority;
public EPUserApp() {
}
@@ -94,11 +94,11 @@ public class EPUserApp extends DomainVo implements java.io.Serializable, Compara
this.role = role;
}
- public Short getPriority() {
- return this.priority;
+ public Integer getPriority() {
+ return (this.priority == null) ? 1 : priority;
}
- public void setPriority(Short priority) {
+ public void setPriority(Integer priority) {
this.priority = priority;
}
diff --git a/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/interceptor/PortalResourceInterceptor.java b/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/interceptor/PortalResourceInterceptor.java
index ab88dd6e..b1439060 100644
--- a/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/interceptor/PortalResourceInterceptor.java
+++ b/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/interceptor/PortalResourceInterceptor.java
@@ -39,9 +39,7 @@
*/
package org.onap.portalapp.portal.interceptor;
-import java.nio.charset.Charset;
import java.util.ArrayList;
-import java.util.Base64;
import java.util.List;
import java.util.Set;
import java.util.regex.Matcher;
@@ -51,6 +49,8 @@ import java.util.stream.Collectors;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
+import org.mockito.internal.stubbing.answers.ThrowsException;
+import org.onap.aaf.cadi.CadiWrap;
import org.onap.portalapp.controller.sessionmgt.SessionCommunicationController;
import org.onap.portalapp.portal.controller.BasicAuthenticationController;
import org.onap.portalapp.portal.controller.ExternalAppsRestfulController;
@@ -63,6 +63,7 @@ import org.onap.portalapp.portal.domain.EPUser;
import org.onap.portalapp.portal.logging.aop.EPEELFLoggerAdvice;
import org.onap.portalapp.portal.logging.format.EPAppMessagesEnum;
import org.onap.portalapp.portal.logging.logic.EPLogUtil;
+import org.onap.portalapp.portal.service.AdminRolesService;
import org.onap.portalapp.portal.service.AppsCacheService;
import org.onap.portalapp.portal.service.BasicAuthenticationCredentialService;
import org.onap.portalapp.portal.service.ExternalAccessRolesService;
@@ -76,7 +77,10 @@ import org.onap.portalsdk.core.exception.UrlAccessRestrictedException;
import org.onap.portalsdk.core.interceptor.ResourceInterceptor;
import org.onap.portalsdk.core.logging.logic.EELFLoggerDelegate;
import org.onap.portalsdk.core.onboarding.listener.PortalTimeoutHandler;
+import org.onap.portalsdk.core.onboarding.util.AuthUtil;
import org.onap.portalsdk.core.onboarding.util.CipherUtil;
+import org.onap.portalsdk.core.onboarding.util.PortalApiConstants;
+import org.onap.portalsdk.core.onboarding.util.PortalApiProperties;
import org.onap.portalsdk.core.util.SystemProperties;
import org.onap.portalsdk.core.util.SystemProperties.SecurityEventTypeEnum;
import org.springframework.beans.factory.annotation.Autowired;
@@ -97,11 +101,12 @@ public class PortalResourceInterceptor extends ResourceInterceptor {
@Autowired
private EPEELFLoggerAdvice epAdvice;
+
+ @Autowired
+ private AdminRolesService adminRolesService;
@Autowired
private BasicAuthenticationCredentialService basicAuthService;
- @Autowired
- private ExternalAccessRolesService externalAccessRolesService;
@SuppressWarnings("unchecked")
@Override
@@ -145,10 +150,12 @@ public class PortalResourceInterceptor extends ResourceInterceptor {
// trivial
// call; otherwise, if it is, then check for the
// access
- if (matchRoleFunctions(portalApiPath, allRoleFunctions)
- && !matchRoleFunctions(portalApiPath, roleFunctions)) {
- EPUser user = (EPUser) request.getSession().getAttribute(
- SystemProperties.getProperty(SystemProperties.USER_ATTRIBUTE_NAME));
+ EPUser user = (EPUser) request.getSession().getAttribute(
+ SystemProperties.getProperty(SystemProperties.USER_ATTRIBUTE_NAME));
+ //RoleAdmin check is being added because the role belongs to partner application
+ //inorder to access portal api's, bypassing this with isRoleAdmin Check
+ if ((matchRoleFunctions(portalApiPath, allRoleFunctions)
+ && !matchRoleFunctions(portalApiPath, roleFunctions)) && !adminRolesService.isRoleAdmin(user)) {
logger.error(EELFLoggerDelegate.errorLogger,
"preHandle: User {} not authorized for path {} ", user.getOrgUserId(),
portalApiPath);
@@ -234,90 +241,132 @@ public class PortalResourceInterceptor extends ResourceInterceptor {
final String authHeader = request.getHeader(EPCommonSystemProperties.AUTHORIZATION);
final String uebkey = request.getHeader(EPCommonSystemProperties.UEB_KEY);
-
- // Unauthorized access due to missing HTTP Authorization request header
- if (authHeader == null) {
- final String msg = "no authorization found";
- logger.debug(EELFLoggerDelegate.debugLogger, "checkBasicAuth: {}", msg);
- sendErrorResponse(response, HttpServletResponse.SC_UNAUTHORIZED, msg);
- return false;
- }
+ try{
+ CadiWrap wrapReq = (CadiWrap) request;
+ logger.debug(EELFLoggerDelegate.debugLogger, "Entering in the loop as the uri contains auxapi : {}");
+ String nameSpace=PortalApiProperties.getProperty(PortalApiConstants.AUTH_NAMESPACE);
+ logger.debug(EELFLoggerDelegate.debugLogger, "namespace form the portal properties : {}",nameSpace);
+ Boolean accessallowed=AuthUtil.isAccessAllowed(request, nameSpace);
+ logger.debug(EELFLoggerDelegate.debugLogger, "AccessAllowed for the request and namespace : {}",accessallowed);
+ if(accessallowed){
+ logger.debug(EELFLoggerDelegate.debugLogger, "AccessAllowed is allowed: {}",accessallowed);
+
+ //String[] accountNamePassword = EcompPortalUtils.getUserNamePassword(authHeader);
+ //check ueb condition
+ if(uebkey !=null && !uebkey.isEmpty())
+ {
+ EPApp application = appCacheService.getAppFromUeb(uebkey,1);
+ if (application == null) {
+ throw new Exception("Invalid credentials!");
+ }
+ else {
+ final String appUsername = application.getUsername();
+ logger.debug(EELFLoggerDelegate.debugLogger, "appUsername : {}",appUsername);
- String[] accountNamePassword = EcompPortalUtils.getUserNamePassword(authHeader);
- if (accountNamePassword == null || accountNamePassword.length != 2) {
- final String msg = "failed to get username and password from Atuhorization header";
- logger.debug(EELFLoggerDelegate.debugLogger, "checkBasicAuth: {}", msg);
- sendErrorResponse(response, HttpServletResponse.SC_UNAUTHORIZED, msg);
- return false;
- }
+ String[] accountNamePassword = EcompPortalUtils.getUserNamePassword(authHeader);
+ logger.debug(EELFLoggerDelegate.debugLogger, "accountNamePassword : {}",accountNamePassword);
- if(uebkey !=null && !uebkey.isEmpty())
- {
- EPApp application = appCacheService.getAppFromUeb(uebkey,1);
- if (application == null) {
- throw new Exception("Invalid uebkey!");
+ if (accountNamePassword == null || accountNamePassword.length != 2) {
+ final String msg = "failed to get username and password from Atuhorization header";
+ logger.debug(EELFLoggerDelegate.debugLogger, "checkBasicAuth Username and password failed to get: {}", msg);
+ sendErrorResponse(response, HttpServletResponse.SC_UNAUTHORIZED, msg);
+ return false;
+ }
+ if (appUsername.equals(accountNamePassword[0])) {
+ return true;
+ }else{
+ final String msg = "failed to match the UserName from the application ";
+ logger.debug(EELFLoggerDelegate.debugLogger, "failed to match the UserName from the application checkBasicAuth Username and password failed to get: {}", msg);
+ sendErrorResponse(response, HttpServletResponse.SC_UNAUTHORIZED, msg);
+ return false;
+ }
+ }
+ }
+
+ return true;
+ }
+ if(!accessallowed){
+ final String msg = "no authorization found";
+ logger.debug(EELFLoggerDelegate.debugLogger, "checkBasicAuth when no accessallowed: {}", msg);
+ sendErrorResponse(response, HttpServletResponse.SC_UNAUTHORIZED, msg);
+ return false;
+ }
+ return false;
+
+ }catch(ClassCastException e){
+ logger.debug(EELFLoggerDelegate.debugLogger, "Entering in the classcastexception block if the UN is not the mechid : {}");
+
+
+ // Unauthorized access due to missing HTTP Authorization request header
+ if (authHeader == null) {
+ final String msg = "no authorization found";
+ logger.debug(EELFLoggerDelegate.debugLogger, "checkBasicAuth: {}", msg);
+ sendErrorResponse(response, HttpServletResponse.SC_UNAUTHORIZED, msg);
+ return false;
}
- else {
- final String appUsername = application.getUsername();
- final String dbDecryptedPwd = CipherUtil.decryptPKC(application.getAppPassword());
- if (appUsername.equals(accountNamePassword[0]) && dbDecryptedPwd.equals(accountNamePassword[1])) {
- return true;
+
+ String[] accountNamePassword = EcompPortalUtils.getUserNamePassword(authHeader);
+ if (accountNamePassword == null || accountNamePassword.length != 2) {
+ final String msg = "failed to get username and password from Atuhorization header";
+ logger.debug(EELFLoggerDelegate.debugLogger, "checkBasicAuth: {}", msg);
+ sendErrorResponse(response, HttpServletResponse.SC_UNAUTHORIZED, msg);
+ return false;
+ }
+
+ if(uebkey !=null && !uebkey.isEmpty())
+ {
+ EPApp application = appCacheService.getAppFromUeb(uebkey,1);
+ if (application == null) {
+ throw new Exception("Invalid credentials!");
+ }
+ else {
+ final String appUsername = application.getUsername();
+ final String dbDecryptedPwd = CipherUtil.decryptPKC(application.getAppPassword());
+ if (appUsername.equals(accountNamePassword[0]) && dbDecryptedPwd.equals(accountNamePassword[1])) {
+ return true;
+ }
}
}
- }
-
- BasicAuthCredentials creds;
- try {
- creds = basicAuthService.getBasicAuthCredentialByUsernameAndPassword(accountNamePassword[0],
- accountNamePassword[1]);
- } catch (Exception e) {
- logger.error(EELFLoggerDelegate.errorLogger, "checkBasicAuth failed to get credentials", e);
- final String msg = "Failed while getting basic authentication credential: ";
- sendErrorResponse(response, HttpServletResponse.SC_INTERNAL_SERVER_ERROR, msg);
- throw e;
- }
+
+ BasicAuthCredentials creds;
+ try {
+ creds = basicAuthService.getBasicAuthCredentialByUsernameAndPassword(accountNamePassword[0],
+ accountNamePassword[1]);
+ } catch (Exception e1) {
+ logger.error(EELFLoggerDelegate.errorLogger, "checkBasicAuth failed to get credentials", e1);
+ final String msg = "Failed while getting basic authentication credential: ";
+ sendErrorResponse(response, HttpServletResponse.SC_INTERNAL_SERVER_ERROR, msg);
+ throw e1;
+ }
- // Unauthorized access due to invalid credentials (username and
- // password)
- if (creds == null || !creds.getUsername().equals(accountNamePassword[0])) {
- final String msg = "Unauthorized: Access denied";
- logger.debug(EELFLoggerDelegate.debugLogger, "checkBasicAuth: {}", msg);
- sendErrorResponse(response, HttpServletResponse.SC_UNAUTHORIZED, msg);
- return false;
- }
+ // Unauthorized access due to invalid credentials (username and
+ // password)
+ if (creds == null || !creds.getUsername().equals(accountNamePassword[0])) {
+ final String msg = "Unauthorized: Access denied";
+ logger.debug(EELFLoggerDelegate.debugLogger, "checkBasicAuth: {}", msg);
+ sendErrorResponse(response, HttpServletResponse.SC_UNAUTHORIZED, msg);
+ return false;
+ }
- // Unauthorized access due to inactive account
- if (creds.getIsActive().equals("N")) {
- final String msg = "Unauthorized: The account is inactive";
- logger.debug(EELFLoggerDelegate.debugLogger, "checkBasicAuth: {}", msg);
- sendErrorResponse(response, HttpServletResponse.SC_UNAUTHORIZED, msg);
- return false;
- }
- boolean isAllowedEp = false;
- for (EPEndpoint ep : creds.getEndpoints()) {
- if (ep.getName().equals(uri)) {
- isAllowedEp = true;
- break;
+ // Unauthorized access due to inactive account
+ if (creds.getIsActive().equals("N")) {
+ final String msg = "Unauthorized: The account is inactive";
+ logger.debug(EELFLoggerDelegate.debugLogger, "checkBasicAuth: {}", msg);
+ sendErrorResponse(response, HttpServletResponse.SC_UNAUTHORIZED, msg);
+ return false;
}
+
+ }catch (Exception e2) {
+ logger.error(EELFLoggerDelegate.errorLogger, "checkBasicAuth failed to get credentials for some other exception", e2);
+ final String msg = "Failed while getting basic authentication credential for some other exception: ";
+ sendErrorResponse(response, HttpServletResponse.SC_INTERNAL_SERVER_ERROR, msg);
+ throw e2;
}
+ return true;
- // If user doesn't specify any endpoint, allow all endpoints for that
- // account
- if (creds.getEndpoints().size() == 0)
- isAllowedEp = true;
-
- // Unauthorized access due to the invalid endpoints
- if (!isAllowedEp) {
- final String msg = "Unauthorized: Endpoint access denied";
- logger.debug(EELFLoggerDelegate.debugLogger, "checkBasicAuth: {}", msg);
- sendErrorResponse(response, HttpServletResponse.SC_UNAUTHORIZED, msg);
- return false;
- }
- // Made it to the end!
- return true;
- }
+}
@SuppressWarnings("unused")
private String decrypted(String encrypted) throws Exception {
@@ -380,8 +429,11 @@ public class PortalResourceInterceptor extends ResourceInterceptor {
}
return false;
}
+
+
protected void handleSessionUpdates(HttpServletRequest request) {
PortalTimeoutHandler.handleSessionUpdatesNative(request, null, null, null, null, manageService);
}
+
}
diff --git a/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/listener/HealthMonitor.java b/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/listener/HealthMonitor.java
index 6df4f9bd..891da3b7 100644
--- a/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/listener/HealthMonitor.java
+++ b/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/listener/HealthMonitor.java
@@ -86,7 +86,6 @@ public class HealthMonitor {
private static boolean uebUp;
private static boolean frontEndUp;
private static boolean backEndUp;
- private static boolean dbClusterStatusOk;
private static boolean dbPermissionsOk;
private static boolean zookeeperStatusOk;
private static boolean cassandraStatusOk;
@@ -106,10 +105,6 @@ public class HealthMonitor {
return databaseUp;
}
- public static boolean isClusterStatusOk() {
- return dbClusterStatusOk;
- }
-
public static boolean isDatabasePermissionsOk() {
return dbPermissionsOk;
}
@@ -143,6 +138,7 @@ public class HealthMonitor {
int numIntervalsCassandraNotHealthy = 0;
logger.debug(EELFLoggerDelegate.debugLogger, "monitorEPHealth thread started");
+
long sleepInterval = (Long
.valueOf(SystemProperties.getProperty(EPCommonSystemProperties.HEALTH_POLL_INTERVAL_SECONDS)) * 1000);
@@ -151,8 +147,10 @@ public class HealthMonitor {
logger.debug(EELFLoggerDelegate.debugLogger,
"monitorEPHealth: Polling health every " + sleepInterval + " milliseconds. Alerting every "
+ (sleepInterval * numIntervalsBetweenAlerts) / 1000 + " seconds when component remains down.");
-
+
while (true) {
+ logger.debug(EELFLoggerDelegate.debugLogger,
+ "monitorEPHealth: Test Connection to all");
//
// Get DB status. If down, signal alert once every X intervals.
//
@@ -169,18 +167,6 @@ public class HealthMonitor {
}
}
- dbClusterStatusOk = this.checkClusterStatus();
- if (dbClusterStatusOk == false) {
- if ((numIntervalsClusterNotHealthy % numIntervalsBetweenAlerts) == 0) {
- logger.debug(EELFLoggerDelegate.debugLogger,
- "monitorEPHealth: cluster nodes down, logging to error log to trigger alert.");
- EPLogUtil.logEcompError(logger, EPAppMessagesEnum.BeHealthCheckMySqlError);
- numIntervalsClusterNotHealthy++;
- } else {
- numIntervalsClusterNotHealthy = 0;
- }
- }
-
dbPermissionsOk = this.checkDatabasePermissions();
if (dbPermissionsOk == false) {
if ((numIntervalsDatabasePermissionsIncorrect % numIntervalsBetweenAlerts) == 0) {
@@ -194,7 +180,9 @@ public class HealthMonitor {
}
org.onap.portalapp.music.util.MusicUtil MusicUtilSDK = new org.onap.portalapp.music.util.MusicUtil();
if(MusicUtilSDK.isMusicEnable()){
+
zookeeperStatusOk = this.checkZookeeperStatus();
+
if (zookeeperStatusOk == false) {
if ((numIntervalsZookeeperNotHealthy % numIntervalsBetweenAlerts) == 0) {
logger.debug(EELFLoggerDelegate.debugLogger,
@@ -279,7 +267,8 @@ public class HealthMonitor {
monitorEPHealth();
} catch (InterruptedException e) {
logger.debug(EELFLoggerDelegate.debugLogger, "healthMonitorThread interrupted", e);
- } catch (Exception e) {
+ }
+ catch (Exception e) {
logger.error(EELFLoggerDelegate.errorLogger, "healthMonitorThread failed", e);
}
}
@@ -327,36 +316,6 @@ public class HealthMonitor {
return isUp;
}
- private boolean checkClusterStatus() {
- boolean isUp = false;
- Session localSession = null;
- try {
- localSession = sessionFactory.openSession();
- if (localSession != null) {
- // If all nodes are unhealthy in a cluster, this will throw an
- // exception
- String sql = "select * from mysql.user";
- Query query = localSession.createSQLQuery(sql);
- @SuppressWarnings("unchecked")
- List<String> queryList = query.list();
- if (queryList != null) {
- isUp = true;
- }
- }
- } catch (Exception e) {
- logger.error(EELFLoggerDelegate.errorLogger, "checkClusterStatus failed", e);
- if ((e.getCause() != null) && (e.getCause().getMessage() != null)) {
- logger.error(EELFLoggerDelegate.errorLogger, "checkClusterStatus failure cause", e.getCause());
- }
- isUp = false;
- } finally {
- if (localSession != null) {
- localSession.close();
- }
- }
- return isUp;
- }
-
private boolean checkZookeeperStatus() {
String[] zookeeperNodes = MusicUtil.getMyZkHost().split(",");
diff --git a/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/scheduleraux/SchedulerAuxUtil.java b/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/scheduleraux/SchedulerAuxUtil.java
index 4e470462..4a4c9283 100644
--- a/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/scheduleraux/SchedulerAuxUtil.java
+++ b/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/scheduleraux/SchedulerAuxUtil.java
@@ -39,13 +39,10 @@ package org.onap.portalapp.portal.scheduleraux;
import java.text.DateFormat;
import java.text.SimpleDateFormat;
-import java.util.Date;
import org.glassfish.jersey.client.ClientResponse;
import org.onap.portalsdk.core.logging.logic.EELFLoggerDelegate;
-import com.fasterxml.jackson.databind.ObjectMapper;
-
public class SchedulerAuxUtil {
private static EELFLoggerDelegate logger = EELFLoggerDelegate.getLogger(SchedulerAuxUtil.class);
diff --git a/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/service/AdminRolesService.java b/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/service/AdminRolesService.java
index e61f87a2..a9d55fc8 100644
--- a/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/service/AdminRolesService.java
+++ b/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/service/AdminRolesService.java
@@ -64,6 +64,10 @@ public interface AdminRolesService {
*/
public boolean isAccountAdmin(EPUser user);
+
+ public boolean isRoleAdmin(EPUser user);
+
+
/**
* Attention! User roles in ONAP PORTAL cannot be managed by this function.
* @param user
diff --git a/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/service/AdminRolesServiceImpl.java b/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/service/AdminRolesServiceImpl.java
index 981b9ce7..c8e04f4f 100644
--- a/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/service/AdminRolesServiceImpl.java
+++ b/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/service/AdminRolesServiceImpl.java
@@ -38,10 +38,15 @@
package org.onap.portalapp.portal.service;
import java.util.ArrayList;
+import java.util.Arrays;
import java.util.HashMap;
+import java.util.HashSet;
import java.util.List;
import java.util.Map;
+import java.util.Set;
import java.util.SortedSet;
+import java.util.TreeSet;
+import java.util.stream.Collectors;
import javax.annotation.PostConstruct;
@@ -51,6 +56,7 @@ import org.hibernate.SessionFactory;
import org.hibernate.Transaction;
import org.json.JSONArray;
import org.json.JSONObject;
+import org.onap.portalapp.portal.domain.CentralV2RoleFunction;
import org.onap.portalapp.portal.domain.EPApp;
import org.onap.portalapp.portal.domain.EPRole;
import org.onap.portalapp.portal.domain.EPUser;
@@ -62,11 +68,15 @@ import org.onap.portalapp.portal.logging.format.EPAppMessagesEnum;
import org.onap.portalapp.portal.logging.logic.EPLogUtil;
import org.onap.portalapp.portal.transport.AppNameIdIsAdmin;
import org.onap.portalapp.portal.transport.AppsListWithAdminRole;
+import org.onap.portalapp.portal.transport.EPUserAppCurrentRoles;
import org.onap.portalapp.portal.transport.ExternalAccessUser;
import org.onap.portalapp.portal.utils.EPCommonSystemProperties;
import org.onap.portalapp.portal.utils.EcompPortalUtils;
import org.onap.portalapp.portal.utils.PortalConstants;
+import org.onap.portalapp.util.EPUserUtils;
+import org.onap.portalsdk.core.domain.RoleFunction;
import org.onap.portalsdk.core.logging.logic.EELFLoggerDelegate;
+import org.onap.portalsdk.core.restful.domain.EcompRole;
import org.onap.portalsdk.core.service.DataAccessService;
import org.onap.portalsdk.core.util.SystemProperties;
import org.springframework.beans.factory.annotation.Autowired;
@@ -91,6 +101,7 @@ public class AdminRolesServiceImpl implements AdminRolesService {
private Long SYS_ADMIN_ROLE_ID = 1L;
private Long ACCOUNT_ADMIN_ROLE_ID = 999L;
private Long ECOMP_APP_ID = 1L;
+ public static final String TYPE_APPROVER = "approver";
private EELFLoggerDelegate logger = EELFLoggerDelegate.getLogger(AdminRolesServiceImpl.class);
@@ -102,6 +113,8 @@ public class AdminRolesServiceImpl implements AdminRolesService {
private SearchService searchService;
@Autowired
private EPAppService appsService;
+ @Autowired
+ private ExternalAccessRolesService externalAccessRolesService;
private RestTemplate template = new RestTemplate();
@@ -434,9 +447,22 @@ public class AdminRolesServiceImpl implements AdminRolesService {
EPUser currentUser = user != null
? (EPUser) dataAccessService.getDomainObject(EPUser.class, user.getId(), null)
: null;
+
+ final Map<String, Long> userParams = new HashMap<>();
+ userParams.put("userId", user.getId());
+ logger.debug(EELFLoggerDelegate.debugLogger, "Is account admin for user {}", user.getId());
+ List<Integer> userAdminApps = new ArrayList<>();
+
+ userAdminApps =dataAccessService.executeNamedQuery("getAdminAppsForTheUser", userParams, null);
+ logger.debug(EELFLoggerDelegate.debugLogger, "Is account admin for userAdminApps() - for user {}, found userAdminAppsSize {}", user.getOrgUserId(), userAdminApps.size());
+
+
if (currentUser != null && currentUser.getId() != null) {
for (EPUserApp userApp : currentUser.getEPUserApps()) {
- if (userApp.getRole().getId().equals(ACCOUNT_ADMIN_ROLE_ID)) {
+
+
+ if (userApp.getRole().getId().equals(ACCOUNT_ADMIN_ROLE_ID)||(userAdminApps.size()>1)) {
+ logger.debug(EELFLoggerDelegate.debugLogger, "Is account admin for userAdminApps() - for user {}, found Id {}", user.getOrgUserId(), userApp.getRole().getId());
// Account Administrator sees only the applications
// he/she is Administrator
return true;
@@ -450,6 +476,55 @@ public class AdminRolesServiceImpl implements AdminRolesService {
}
return false;
}
+
+
+ public boolean isRoleAdmin(EPUser user) {
+ try {
+ logger.debug(EELFLoggerDelegate.debugLogger, "Checking if user has isRoleAdmin access");
+
+ EPUser currentUser = user != null
+ ? (EPUser) dataAccessService.getDomainObject(EPUser.class, user.getId(), null)
+ : null;
+ final Map<String, Long> userParams = new HashMap<>();
+ userParams.put("userId", user.getId());
+ List<RoleFunction> roleFunctionSet = new ArrayList<>();
+
+ List getRoleFuncListOfUser = dataAccessService.executeNamedQuery("getRoleFunctionsOfUserforAlltheApplications", userParams, null);
+ logger.debug(EELFLoggerDelegate.debugLogger, "Checking if user has isRoleAdmin access :: getRoleFuncListOfUser" , getRoleFuncListOfUser);
+ Set<String> getRoleFuncListOfPortalSet = new HashSet<>(getRoleFuncListOfUser);
+ Set<String> getRoleFuncListOfPortalSet1=new HashSet<>();
+ Set<String> roleFunSet = new HashSet<>();
+ roleFunSet = getRoleFuncListOfPortalSet.stream().filter(x -> x.contains("|")).collect(Collectors.toSet());
+ if (roleFunSet.size() > 0)
+ for (String roleFunction : roleFunSet) {
+ //String roleFun = EcompPortalUtils.getFunctionCode(roleFunction);
+ String roleFun = EcompPortalUtils.getFunctionCode(roleFunction);
+ String type = externalAccessRolesService.getFunctionCodeType(roleFunction);
+ //getRoleFuncListOfPortalSet.remove(roleFunction);
+ getRoleFuncListOfPortalSet1.add(type);
+ }
+
+
+
+ for (String rolefunc : getRoleFuncListOfPortalSet1) {
+ logger.debug(EELFLoggerDelegate.debugLogger, "Checking if user has approver rolefunction" , rolefunc);
+ if (rolefunc.equalsIgnoreCase(TYPE_APPROVER)) {
+ logger.debug(EELFLoggerDelegate.debugLogger, "Checking if user has approver rolefunction" , rolefunc);
+ return true;
+ }else{
+ return false;
+
+ }
+ }
+
+
+ } catch (Exception e) {
+ EPLogUtil.logEcompError(logger, EPAppMessagesEnum.BeDaoSystemError, e);
+ logger.error(EELFLoggerDelegate.errorLogger, "Exception occurred while executing isRoleAdmin operation",
+ e);
+ }
+ return false;
+ }
public boolean isUser(EPUser user) {
try {
@@ -490,24 +565,24 @@ public class AdminRolesServiceImpl implements AdminRolesService {
@Override
public boolean isAccountAdminOfApplication(EPUser user, EPApp app) {
+ Boolean isApplicationAccountAdmin=false;
try {
- EPUser currentUser = user != null
- ? (EPUser) dataAccessService.getDomainObject(EPUser.class, user.getId(), null) : null;
- if (currentUser != null && currentUser.getId() != null) {
- SortedSet<EPUserApp> userApps = currentUser.getEPUserApps();
- EPUserApp userApp = userApps.stream()
- .filter(x -> x.getRole().getId().equals(PortalConstants.ACCOUNT_ADMIN_ROLE_ID)
- && x.getApp().getId().equals(app.getId()))
- .findAny().orElse(null);
- if (userApp != null) {
- return true;
- }
- }
- } catch (Exception e) {
+ final Map<String, Long> userParams = new HashMap<>();
+ userParams.put("userId", user.getId());
+ logger.debug(EELFLoggerDelegate.debugLogger, "Is account admin for user {}", user.getId());
+ List<Integer> userAdminApps = new ArrayList<>();
+ userAdminApps =dataAccessService.executeNamedQuery("getAdminAppsForTheUser", userParams, null);
+ if(userAdminApps.size()>=1){
+ isApplicationAccountAdmin=userAdminApps.contains((int) (long) app.getId());
+ logger.debug(EELFLoggerDelegate.debugLogger, "Is account admin for user is true{} ,appId {}", user.getId(),app.getId());
+ }
+ } catch (Exception e) {
EPLogUtil.logEcompError(logger, EPAppMessagesEnum.BeDaoSystemError, e);
logger.error(EELFLoggerDelegate.errorLogger,
"Exception occurred while executing isAccountAdminOfApplication operation", e);
}
- return false;
+ logger.debug(EELFLoggerDelegate.debugLogger, "In AdminRolesServiceImpl() - isAccountAdminOfApplication = {} and userId ={} ", isApplicationAccountAdmin, user.getOrgUserId());
+ return isApplicationAccountAdmin;
+
}
}
diff --git a/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/service/ApplicationsRestClientServiceImpl.java b/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/service/ApplicationsRestClientServiceImpl.java
index 54b915fe..fd6610c2 100644
--- a/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/service/ApplicationsRestClientServiceImpl.java
+++ b/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/service/ApplicationsRestClientServiceImpl.java
@@ -63,6 +63,7 @@ import org.onap.portalapp.portal.utils.EPCommonSystemProperties;
import org.onap.portalapp.portal.utils.EcompPortalUtils;
import org.onap.portalapp.util.SystemType;
import org.onap.portalsdk.core.logging.logic.EELFLoggerDelegate;
+import org.onap.portalsdk.core.onboarding.exception.CipherUtilException;
import org.onap.portalsdk.core.onboarding.util.CipherUtil;
import org.onap.portalsdk.core.util.SystemProperties;
import org.slf4j.MDC;
@@ -125,12 +126,12 @@ public class ApplicationsRestClientServiceImpl implements ApplicationsRestClient
}
@EPMetricsLog
- private void verifyResponse(Response response) throws HTTPException {
+ private void verifyResponse(Response response,String restPath) throws HTTPException {
int status = response.getStatus();
logger.debug(EELFLoggerDelegate.debugLogger, "http response status=" + status);
MDC.put(EPCommonSystemProperties.EXTERNAL_API_RESPONSE_CODE, Integer.toString(status));
if (!isHttpSuccess(status)) {
- String errMsg = "Failed. Status=" + status + "; [" + ((ResponseImpl)response).getStatusInfo().getReasonPhrase().toString()
+ String errMsg = "Failed. Status=" + status + restPath +"; [" + ((ResponseImpl)response).getStatusInfo().getReasonPhrase().toString()
+ "]";
URL url = null;
try {
@@ -142,7 +143,7 @@ public class ApplicationsRestClientServiceImpl implements ApplicationsRestClient
// never mind. it is only for the debug message.
logger.warn(EELFLoggerDelegate.errorLogger, "Failed to build URL", e);
}
- logger.error(EELFLoggerDelegate.errorLogger, "http response failed. " + errMsg + "; url=" + url);
+ logger.error(EELFLoggerDelegate.errorLogger, "http response failed. " + restPath + errMsg + "; url=" + url);
EPLogUtil.logEcompError(logger, EPAppMessagesEnum.BeIncorrectHttpStatusError);
throw new HTTPException(status, errMsg, url);
}
@@ -157,6 +158,8 @@ public class ApplicationsRestClientServiceImpl implements ApplicationsRestClient
return createClientFor(appId, restPath, SystemType.APPLICATION);
}
+
+
//TODO Need to implement the mylogins once the endpoint is confirmed
@EPMetricsLog
private WebClient createClientFor(long appSystemId, String restPath, SystemType type) {
@@ -173,6 +176,7 @@ public class ApplicationsRestClientServiceImpl implements ApplicationsRestClient
String appBaseUri = (type == SystemType.APPLICATION) ? externalApp.getAppRestEndpoint() : "";
String username = (type == SystemType.APPLICATION) ? externalApp.getUsername(): "";
String encriptedPwd = (type == SystemType.APPLICATION) ? externalApp.getAppPassword(): "";
+
String appName = (type == SystemType.APPLICATION) ? externalApp.getName(): "";
String decreptedAppPwd = StringUtils.EMPTY;
@@ -185,31 +189,59 @@ public class ApplicationsRestClientServiceImpl implements ApplicationsRestClient
MDC.put(EPCommonSystemProperties.TARGET_ENTITY, appName);
MDC.put(EPCommonSystemProperties.TARGET_SERVICE_NAME, restPath);
+ if(!encriptedPwd.isEmpty() || encriptedPwd != null || StringUtils.isEmpty(encriptedPwd)){
try {
decreptedAppPwd = CipherUtil.decryptPKC(encriptedPwd,
SystemProperties.getProperty(SystemProperties.Decryption_Key));
} catch (Exception e) {
logger.error(EELFLoggerDelegate.errorLogger, "createClientFor failed to decrypt", e);
}
-
+ }
WebClient client = createClientForPath(appBaseUri, restPath);
+
+
+ if(externalApp.getAppPassword().isEmpty() || externalApp.getAppPassword()==null){
+ logger.debug(EELFLoggerDelegate.debugLogger, "Entering in the externalApp get app password contains null : {}");
+
+ externalApp = appsCacheService.getApp(1L);
+ logger.debug(EELFLoggerDelegate.debugLogger, "external App Information : {}",externalApp);
+
+ String mechidUsername=externalApp.getUsername();
+ logger.debug(EELFLoggerDelegate.debugLogger, "external App mechidUsername Information : {}",mechidUsername);
+
+ String password=externalApp.getAppPassword();
+ String decreptedexternalAppPwd = StringUtils.EMPTY;
+ try {
+ decreptedexternalAppPwd = CipherUtil.decryptPKC(password,
+ SystemProperties.getProperty(SystemProperties.Decryption_Key));
+ } catch (CipherUtilException e) {
+ logger.error(EELFLoggerDelegate.errorLogger, "failed to decreptedexternalAppPwd when external app pwd is null", e);
+ }
+
+ username =mechidUsername;
+ decreptedAppPwd = decreptedexternalAppPwd;
+
+ }else{
+ logger.debug(EELFLoggerDelegate.debugLogger, "Entering in the externalApp get app password is not null : {}" );
// support basic authentication for some partners
String encoding = Base64.getEncoder().encodeToString((username + ":" + decreptedAppPwd).getBytes());
String encodingStr = "Basic " + encoding;
client.header(BASIC_AUTHENTICATION_HEADER, encodingStr);
-
+ }
+
// But still keep code downward compatible for non compliant apps
client.header(APP_USERNAME_HEADER, username);
client.header(PASSWORD_HEADER, decreptedAppPwd);
+ String encoding = Base64.getEncoder().encodeToString((username + ":" + decreptedAppPwd).getBytes());
+ String encodingStr = "Basic " + encoding;
+ client.header(BASIC_AUTHENTICATION_HEADER, encodingStr);
client.header(SystemProperties.ECOMP_REQUEST_ID, MDC.get(MDC_KEY_REQUEST_ID));
client.header(SystemProperties.USERAGENT_NAME, EPCommonSystemProperties.ECOMP_PORTAL_BE);
-
logger.debug(EELFLoggerDelegate.debugLogger,
- String.format("App %d found, baseUri=[%s], Headers: [%s=%s]", appSystemId, appBaseUri,
+ String.format("check the partner application URL App %d found, baseUri=[%s], Headers: [%s=%s]", appSystemId, appBaseUri,
APP_USERNAME_HEADER, username));
-
return client;
}
return null;
@@ -221,8 +253,8 @@ public class ApplicationsRestClientServiceImpl implements ApplicationsRestClient
Response response = getResponse(appId, restPath);
if (response != null) {
- verifyResponse(response);
-
+ //verifyResponse(response);
+ verifyResponse(response,restPath);
/* It is not recommendable to use the implementation class org.apache.cxf.jaxrs.impl.ResponseImpl in the code,
but had to force this in-order to prevent conflict with the ResponseImpl class of Jersey Client which
doesn't work as expected. Created Portal-253 for tracking */
@@ -244,8 +276,8 @@ public class ApplicationsRestClientServiceImpl implements ApplicationsRestClient
Response response = getResponse(appId, restPath);
if (response != null) {
- verifyResponse(response);
-
+ //verifyResponse(response);
+ verifyResponse(response,restPath);
/* It is not recommendable to use the implementation class org.apache.cxf.jaxrs.impl.ResponseImpl in the code,
but had to force this in-order to prevent conflict with the ResponseImpl class of Jersey Client which
doesn't work as expected. Created Portal-253 for tracking */
@@ -274,7 +306,8 @@ public class ApplicationsRestClientServiceImpl implements ApplicationsRestClient
Response response = getResponse(appId, restPath);
if (response != null) {
- verifyResponse(response);
+ //verifyResponse(response);
+ verifyResponse(response,restPath);
String str = ((ResponseImpl)response).readEntity(String.class);
EcompPortalUtils.logAndSerializeObject(logger, restPath, "GET result =", str);
@@ -313,6 +346,7 @@ public class ApplicationsRestClientServiceImpl implements ApplicationsRestClient
}
+ @SuppressWarnings({ "unchecked", "null" })
@Override
public <T> T post(Class<T> clazz, long appId, Object payload, String restPath, SystemType type) throws HTTPException {
WebClient client = null;
@@ -337,14 +371,16 @@ public class ApplicationsRestClientServiceImpl implements ApplicationsRestClient
}
if (response != null) {
- verifyResponse(response);
-
+ //verifyResponse(response);
+ verifyResponse(response,restPath);
// String contentType = response.getHeaderString("Content-Type");
if (clazz != null) {
String str = ((ResponseImpl)response).readEntity(String.class);
EcompPortalUtils.logAndSerializeObject(logger, restPath, "POST result =", str);
try {
- t = gson.fromJson(str, clazz);
+ t = (T) gson.fromJson(str, t.getClass());
+
+ //t = gson.fromJson(str, clazz);
} catch (Exception e) {
EPLogUtil.logEcompError(logger, EPAppMessagesEnum.BeInvalidJsonInput, e);
}
@@ -392,7 +428,8 @@ public class ApplicationsRestClientServiceImpl implements ApplicationsRestClient
}
if (response != null) {
- verifyResponse(response);
+ //verifyResponse(response);
+ verifyResponse(response,restPath);
String str = ((ResponseImpl)response).readEntity(String.class);
EcompPortalUtils.logAndSerializeObject(logger, restPath, "PUT result =", str);
try {
diff --git a/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/service/EPAppCommonServiceImpl.java b/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/service/EPAppCommonServiceImpl.java
index 24572fb2..5c3c51bf 100644
--- a/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/service/EPAppCommonServiceImpl.java
+++ b/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/service/EPAppCommonServiceImpl.java
@@ -63,6 +63,7 @@ import org.onap.portalapp.portal.domain.AdminUserApplications;
import org.onap.portalapp.portal.domain.AppIdAndNameTransportModel;
import org.onap.portalapp.portal.domain.AppsResponse;
import org.onap.portalapp.portal.domain.EPApp;
+import org.onap.portalapp.portal.domain.EPRole;
import org.onap.portalapp.portal.domain.EPUser;
import org.onap.portalapp.portal.domain.EPUserAppRolesRequest;
import org.onap.portalapp.portal.domain.EPUserAppRolesRequestDetail;
@@ -143,12 +144,15 @@ public class EPAppCommonServiceImpl implements EPAppService {
EPLogUtil.logEcompError(logger, EPAppMessagesEnum.BeDaoSystemError, e);
return null;
}
+
} else {
logger.error(EELFLoggerDelegate.errorLogger,
"getUserAsAdminApps: only Account Admin may invoke this function!");
return new ArrayList<EPApp>();
}
}
+
+
@Override
public List<EPApp> getUserByOrgUserIdAsAdminApps(String orgUserId) {
@@ -195,7 +199,7 @@ public class EPAppCommonServiceImpl implements EPAppService {
ecompApp.setUrl(app.getUrl());
ecompApp.setAlternateUrl(app.getAlternateUrl());
ecompApp.setUebTopicName(app.getUebTopicName());
- ecompApp.setUebKey(app.getUebKey());
+ //ecompApp.setUebKey(app.getUebKey());
ecompApp.setUebSecret(app.getUebSecret());
ecompApp.setEnabled(app.getEnabled());
ecompApp.setCentralAuth(app.getCentralAuth());
@@ -216,25 +220,66 @@ public class EPAppCommonServiceImpl implements EPAppService {
}
}
+
+
@SuppressWarnings("unchecked")
@Override
public List<AppIdAndNameTransportModel> getAdminApps(EPUser user) {
- if (adminRolesService.isAccountAdmin(user)) {
- String format = "SELECT app.APP_ID, app.APP_NAME, app.APP_TYPE FROM FN_APP app inner join FN_USER_ROLE userrole ON userrole.APP_ID=app.APP_ID "
- + "where userrole.USER_ID = %d AND userrole.ROLE_ID=" + ACCOUNT_ADMIN_ROLE_ID
- + " AND (app.ENABLED = 'Y' OR app.APP_ID=1)";
- String sql = String.format(format, user.getId());
- // sql += " AND app.APP_REST_ENDPOINT IS NOT NULL AND
- // app.APP_REST_ENDPOINT <> ''";
- logQuery(sql);
+
+ if (adminRolesService.isAccountAdmin(user) && adminRolesService.isRoleAdmin(user)) {
+ final Map<String, Long> params = new HashMap<>();
+ params.put("userId", user.getId());
+ List applicationRoleswithAccountandRoleadmin = dataAccessService
+ .executeNamedQuery("getApplicationsofTheUserwithAdminAndRoleAdmin", params, null);
try {
- return dataAccessService.executeSQLQuery(sql, AppIdAndNameTransportModel.class, null);
+ return applicationRoleswithAccountandRoleadmin;
} catch (Exception e) {
EPLogUtil.logEcompError(logger, EPAppMessagesEnum.BeDaoSystemError, e);
logger.error(EELFLoggerDelegate.errorLogger,
- "Exception occurred while fetching the adminApps for user " + user.getLoginId(), e);
+ "Exception occurred while fetching the list of user who has type account and role approver "
+ + user.getLoginId(),
+ e);
+ }
+ }
+
+ else {
+ if (adminRolesService.isAccountAdmin(user)) {
+ String format = "SELECT app.APP_ID, app.APP_NAME, app.APP_TYPE FROM FN_APP app inner join FN_USER_ROLE userrole ON userrole.APP_ID=app.APP_ID "
+ + "where userrole.USER_ID = %d AND userrole.ROLE_ID=" + ACCOUNT_ADMIN_ROLE_ID
+ + " AND (app.ENABLED = 'Y' OR app.APP_ID=1)";
+ String sql = String.format(format, user.getId());
+ logQuery(sql);
+ try {
+ return dataAccessService.executeSQLQuery(sql, AppIdAndNameTransportModel.class, null);
+ } catch (Exception e) {
+ EPLogUtil.logEcompError(logger, EPAppMessagesEnum.BeDaoSystemError, e);
+ logger.error(EELFLoggerDelegate.errorLogger,
+ "Exception occurred while fetching the adminApps for user " + user.getLoginId(), e);
+ }
+
+ }
+
+ if (adminRolesService.isRoleAdmin(user)) {
+ final Map<String, Long> params = new HashMap<>();
+ params.put("userId", user.getId());
+ List applicationRoles = dataAccessService.executeNamedQuery("getApplicationsofTheUserContainsApprover",
+ params, null);
+
+ try {
+ return applicationRoles;
+ } catch (Exception e) {
+ EPLogUtil.logEcompError(logger, EPAppMessagesEnum.BeDaoSystemError, e);
+ logger.error(EELFLoggerDelegate.errorLogger,
+ "Exception occurred while fetching the list of user who has type approver "
+ + user.getLoginId(),
+ e);
+ }
+
}
}
+ // sql += " AND app.APP_REST_ENDPOINT IS NOT NULL AND
+ // app.APP_REST_ENDPOINT <> ''";
+
return new ArrayList<AppIdAndNameTransportModel>();
}
@@ -444,18 +489,41 @@ public class EPAppCommonServiceImpl implements EPAppService {
protected FieldsValidator onboardingAppFieldsChecker(OnboardingApp onboardingApp) {
FieldsValidator fieldsValidator = new FieldsValidator();
+ if(onboardingApp.isCentralAuth){
if (onboardingApp.name == null || onboardingApp.name.length() == 0 || onboardingApp.url == null
|| onboardingApp.url.length() == 0 || onboardingApp.restrictedApp == null
|| onboardingApp.isOpen == null || onboardingApp.isEnabled == null
|| (onboardingApp.id != null && onboardingApp.id.equals(ECOMP_APP_ID))
- // For a normal app (appType==1), these fields must be filled
+ // For a normal app (appType == PortalConstants.PortalAppId),
+ // these fields must be filled
// in.
// For a restricted app (appType==2), they will be empty.
- || ((!onboardingApp.restrictedApp)
- && (onboardingApp.username == null || onboardingApp.username.length() == 0
- || onboardingApp.appPassword == null || onboardingApp.appPassword.length() == 0))) {
+ || ((!onboardingApp.restrictedApp) && (onboardingApp.myLoginsAppName == null
+ || onboardingApp.myLoginsAppName.length() == 0 || onboardingApp.myLoginsAppOwner == null
+ || onboardingApp.myLoginsAppOwner.length() == 0 || onboardingApp.username == null
+ || onboardingApp.username.length() == 0 ))) {
fieldsValidator.httpStatusCode = new Long(HttpServletResponse.SC_BAD_REQUEST);
}
+ }else{
+
+ if (onboardingApp.name == null || onboardingApp.name.length() == 0 || onboardingApp.url == null
+ || onboardingApp.url.length() == 0 || onboardingApp.restrictedApp == null
+ || onboardingApp.isOpen == null || onboardingApp.isEnabled == null
+ || (onboardingApp.id != null && onboardingApp.id.equals(ECOMP_APP_ID))
+ // For a normal app (appType == PortalConstants.PortalAppId),
+ // these fields must be filled
+ // in.
+ // For a restricted app (appType==2), they will be empty.
+ || ((!onboardingApp.restrictedApp) && (onboardingApp.myLoginsAppName == null
+ || onboardingApp.myLoginsAppName.length() == 0 || onboardingApp.myLoginsAppOwner == null
+ || onboardingApp.myLoginsAppOwner.length() == 0 || onboardingApp.username == null
+ || onboardingApp.username.length() == 0 || onboardingApp.appPassword == null
+ || onboardingApp.appPassword.length() == 0))) {
+ fieldsValidator.httpStatusCode = new Long(HttpServletResponse.SC_BAD_REQUEST);
+ }
+
+
+ }
return fieldsValidator;
}
diff --git a/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/service/EPLeftMenuServiceImpl.java b/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/service/EPLeftMenuServiceImpl.java
index f661163d..97c2b74c 100644
--- a/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/service/EPLeftMenuServiceImpl.java
+++ b/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/service/EPLeftMenuServiceImpl.java
@@ -37,8 +37,10 @@
*/
package org.onap.portalapp.portal.service;
+import java.util.ArrayList;
import java.util.Collection;
import java.util.Comparator;
+import java.util.HashMap;
import java.util.LinkedHashMap;
import java.util.List;
import java.util.Map;
@@ -53,6 +55,7 @@ import org.onap.portalapp.portal.domain.EPUser;
import org.onap.portalapp.portal.logging.aop.EPMetricsLog;
import org.onap.portalsdk.core.domain.MenuData;
import org.onap.portalsdk.core.logging.logic.EELFLoggerDelegate;
+import org.onap.portalsdk.core.service.DataAccessService;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.EnableAspectJAutoProxy;
import org.springframework.stereotype.Service;
@@ -71,6 +74,9 @@ public class EPLeftMenuServiceImpl implements EPLeftMenuService {
@Autowired
private ExternalAccessRolesService externalAccessRolesService;
+ @Autowired
+ private DataAccessService dataAccessService;
+
/*
* (non-Javadoc)
*
@@ -83,6 +89,7 @@ public class EPLeftMenuServiceImpl implements EPLeftMenuService {
final Map<String, JSONObject> defaultNavMap = new LinkedHashMap<String, JSONObject>();
resetNavMap(defaultNavMap);
loadDefaultNavMap(defaultNavMap);
+ loadNavMapByUserAdminRole(defaultNavMap,user);
loadNavMapByRole(defaultNavMap, fullMenuSet , user);
return convertToSideBarModel(defaultNavMap);
}
@@ -175,5 +182,20 @@ public class EPLeftMenuServiceImpl implements EPLeftMenuService {
defaultNavMap.put("root.widgetCatalog", navItemsDetails3);
}
+
+ @SuppressWarnings("unchecked")
+ private void loadNavMapByUserAdminRole(Map<String, JSONObject> defaultNavMap, EPUser user) {
+ List<String> applicationsList = new ArrayList<>();
+ final Map<String, Long> appParams = new HashMap<>();
+ appParams.put("userId", user.getId());
+ applicationsList = dataAccessService.executeNamedQuery("getAprroverRoleFunctionsOfUser", appParams, null);
+ if (applicationsList.size() > 0) {
+ JSONObject navItemsDetails = new JSONObject();
+ navItemsDetails.put("name", "Users");
+ navItemsDetails.put("state", "root.users");
+ navItemsDetails.put("imageSrc", "icon-user");
+ defaultNavMap.put("root.users", navItemsDetails);
+ }
+ }
}
diff --git a/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/service/ExternalAccessRolesService.java b/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/service/ExternalAccessRolesService.java
index 170d4323..ee960c40 100644
--- a/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/service/ExternalAccessRolesService.java
+++ b/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/service/ExternalAccessRolesService.java
@@ -40,6 +40,7 @@ package org.onap.portalapp.portal.service;
import java.io.IOException;
import java.util.List;
import java.util.Map;
+import java.util.Set;
import org.hibernate.Session;
import org.json.JSONArray;
@@ -51,12 +52,14 @@ import org.onap.portalapp.portal.domain.EPUser;
import org.onap.portalapp.portal.domain.ExternalRoleDetails;
import org.onap.portalapp.portal.ecomp.model.UploadRoleFunctionExtSystem;
import org.onap.portalapp.portal.exceptions.InvalidUserException;
+import org.onap.portalapp.portal.exceptions.RoleFunctionException;
import org.onap.portalapp.portal.transport.CentralRole;
import org.onap.portalapp.portal.transport.CentralRoleFunction;
import org.onap.portalapp.portal.transport.CentralUser;
import org.onap.portalapp.portal.transport.CentralV2Role;
import org.onap.portalapp.portal.transport.ExternalRequestFieldsValidator;
import org.onap.portalsdk.core.domain.Role;
+import org.onap.portalsdk.core.restful.domain.EcompRole;
import org.onap.portalsdk.core.restful.domain.EcompUser;
import org.springframework.http.HttpEntity;
import org.springframework.http.ResponseEntity;
@@ -387,7 +390,7 @@ public interface ExternalAccessRolesService {
* @param app
* @return List of EPRole objects
*/
- Map<String, EPRole> getCurrentRolesInDB(EPApp app);
+ Map<String, EPRole> getAppRoleNamesWithUnderscoreMap(EPApp app);
/**
@@ -482,4 +485,35 @@ public interface ExternalAccessRolesService {
*/
ResponseEntity<String> getUserRolesFromExtAuthSystem(String orgUserId, HttpEntity<String> getUserRolesEntity) throws Exception;
+ /**
+ *
+ * Updates app role description in external auth system
+ *
+ * @param uebkey
+ * @return number of updates
+ */
+ public Integer updateAppRoleDescription(String uebkey);
+
+ /**
+ * Creates centralRoleObject
+ * @param app
+ * @param roleInfo
+ * @param roleList
+ * @param params
+ * @return returns List<CentralV2Role>
+ * @throws RoleFunctionException
+ */
+ public List<CentralV2Role> createCentralRoleObject(List<EPApp> app, List<EPRole> roleInfo,
+ List<CentralV2Role> roleList, Map<String, Long> params) throws RoleFunctionException;
+
+ /**
+ *
+ * @param uebkey
+ * @param loginId
+ * @param CurrentUserRoles
+ * @return returns list of user roles
+ * @throws Exception
+ */
+ public List<EcompRole> missingUserApplicationRoles(String uebkey, String loginId, Set<EcompRole> CurrentUserRoles) throws Exception;
+
}
diff --git a/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/service/ExternalAccessRolesServiceImpl.java b/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/service/ExternalAccessRolesServiceImpl.java
index 29cd6444..3a86952b 100644
--- a/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/service/ExternalAccessRolesServiceImpl.java
+++ b/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/service/ExternalAccessRolesServiceImpl.java
@@ -89,6 +89,7 @@ import org.onap.portalapp.portal.transport.CentralV2Role;
import org.onap.portalapp.portal.transport.CentralV2User;
import org.onap.portalapp.portal.transport.CentralV2UserApp;
import org.onap.portalapp.portal.transport.CentralizedAppRoles;
+import org.onap.portalapp.portal.transport.EPUserAppCurrentRoles;
import org.onap.portalapp.portal.transport.EcompUserRoles;
import org.onap.portalapp.portal.transport.ExternalAccessPerms;
import org.onap.portalapp.portal.transport.ExternalAccessPermsDetail;
@@ -133,64 +134,40 @@ import com.fasterxml.jackson.databind.type.TypeFactory;
@EPMetricsLog
@EPAuditLog
public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesService {
-
private static final String APP_ROLE_NAME_PARAM = "appRoleName";
-
private static final String GET_ROLE_TO_UPDATE_IN_EXTERNAL_AUTH_SYSTEM = "getRoletoUpdateInExternalAuthSystem";
-
private static final String GET_PORTAL_APP_ROLES_QUERY = "getPortalAppRoles";
-
private static final String GET_ROLE_FUNCTION_QUERY = "getRoleFunction";
-
private static final String FUNCTION_CODE_PARAMS = "functionCode";
-
private static final String AND_FUNCTION_CD_EQUALS = " and function_cd = '";
-
private static final String OWNER = ".owner";
-
private static final String ADMIN = ".admin";
-
private static final String ACCOUNT_ADMINISTRATOR = ".Account_Administrator";
-
private static final String FUNCTION_PIPE = "|";
-
private static final String EXTERNAL_AUTH_PERMS = "perms";
-
private static final String EXTERNAL_AUTH_ROLE_DESCRIPTION = "description";
-
private static final String IS_EMPTY_JSON_STRING = "{}";
-
private static final String CONNECTING_TO_EXTERNAL_AUTH_SYSTEM_LOG_MESSAGE = "Connecting to External Auth system";
-
private static final String APP_ID = "appId";
-
private static final String ROLE_NAME = "name";
-
private static final String APP_ID_EQUALS = " app_id = ";
-
private static EELFLoggerDelegate logger = EELFLoggerDelegate.getLogger(ExternalAccessRolesServiceImpl.class);
-
@Autowired
private DataAccessService dataAccessService;
-
@Autowired
private EPAppService epAppService;
-
@Autowired
private SessionFactory sessionFactory;
-
@Autowired
EPRoleService ePRoleService;
-
RestTemplate template = new RestTemplate();
-
-
// These decode values are based on HexDecoder
static final String decodeValueOfForwardSlash = "2f";
static final String decodeValueOfHiphen = "2d";
static final String decodeValueOfStar = "2a";
@SuppressWarnings("unchecked")
+ @Override
public List<EPRole> getAppRoles(Long appId) throws Exception {
List<EPRole> applicationRoles = null;
final Map<String, Long> appParams = new HashMap<>();
@@ -216,8 +193,9 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic
final Map<String, String> appUebkeyParams = new HashMap<>();
appUebkeyParams.put("appKey", uebkey);
app = dataAccessService.executeNamedQuery("getMyAppDetailsByUebKey", appUebkeyParams, null);
- if(!app.isEmpty() && !app.get(0).getEnabled() && !app.get(0).getId().equals(PortalConstants.PORTAL_APP_ID)){
- throw new InactiveApplicationException("Application:"+app.get(0).getName()+" is Unavailable");
+ if (!app.isEmpty() && !app.get(0).getEnabled()
+ && !app.get(0).getId().equals(PortalConstants.PORTAL_APP_ID)) {
+ throw new InactiveApplicationException("Application:" + app.get(0).getName() + " is Unavailable");
}
} catch (Exception e) {
logger.error(EELFLoggerDelegate.errorLogger, "getApp: failed", e);
@@ -227,7 +205,8 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic
}
/**
- * It returns single application role from external auth system
+ * It returns single application role from external auth system
+ *
* @param addRole
* @param app
* @return JSON string which contains application role details
@@ -264,11 +243,14 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic
HttpMethod.POST, entity, String.class);
if (addResponse.getStatusCode().value() == 201) {
response = true;
- logger.debug(EELFLoggerDelegate.debugLogger, "addRole: Finished adding role in the External Auth system and response code: {} ", addResponse.getStatusCode().value());
+ logger.debug(EELFLoggerDelegate.debugLogger,
+ "addRole: Finished adding role in the External Auth system and response code: {} ",
+ addResponse.getStatusCode().value());
}
if (addResponse.getStatusCode().value() == 406) {
logger.error(EELFLoggerDelegate.errorLogger,
- "addRole: Failed to add in the External Auth system due to {} and status code: {}", addResponse.getBody(), addResponse.getStatusCode().value());
+ "addRole: Failed to add in the External Auth system due to {} and status code: {}",
+ addResponse.getBody(), addResponse.getStatusCode().value());
}
return response;
}
@@ -278,18 +260,21 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic
* It deletes record in external auth system
*
* @param delRole
- * @return JSON String which has status code and response body
+ * @return JSON String which has status code and response body
* @throws Exception
*/
private ResponseEntity<String> deleteRoleInExternalSystem(String delRole) throws Exception {
ResponseEntity<String> delResponse = null;
HttpHeaders headers = EcompPortalUtils.base64encodeKeyForAAFBasicAuth();
HttpEntity<String> entity = new HttpEntity<>(delRole, headers);
- logger.debug(EELFLoggerDelegate.debugLogger, "deleteRoleInExternalSystem: {} for DELETE: {}" , CONNECTING_TO_EXTERNAL_AUTH_SYSTEM_LOG_MESSAGE, delRole);
+ logger.debug(EELFLoggerDelegate.debugLogger, "deleteRoleInExternalSystem: {} for DELETE: {}",
+ CONNECTING_TO_EXTERNAL_AUTH_SYSTEM_LOG_MESSAGE, delRole);
delResponse = template.exchange(
SystemProperties.getProperty(EPCommonSystemProperties.EXTERNAL_CENTRAL_ACCESS_URL) + "role?force=true",
HttpMethod.DELETE, entity, String.class);
- logger.debug(EELFLoggerDelegate.debugLogger, "deleteRoleInExternalSystem: Finished DELETE operation in the External Auth system {} and status code: {} ", delRole, delResponse.getStatusCode().value());
+ logger.debug(EELFLoggerDelegate.debugLogger,
+ "deleteRoleInExternalSystem: Finished DELETE operation in the External Auth system {} and status code: {} ",
+ delRole, delResponse.getStatusCode().value());
return delResponse;
}
@@ -300,7 +285,8 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic
* @param app
* @return true if success else false
* @throws Exception
- * If updateRoleInExternalSystem fails we catch it in logger for detail message
+ * If updateRoleInExternalSystem fails we catch it in logger for
+ * detail message
*/
private boolean updateRoleInExternalSystem(Role updateExtRole, EPApp app, boolean isGlobalRole) throws Exception {
boolean response = false;
@@ -352,13 +338,15 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic
isRoleNameChanged = true;
deleteRoleInExtSystem(mapper, name);
addRole(updateExtRole, app.getUebKey());
- // add partner functions to the global role in External Auth System
+ // add partner functions to the global role in External
+ // Auth System
if (!list.isEmpty() && isGlobalRole) {
addPartnerHasRoleFunctionsToGlobalRole(list, mapper, app, updateExtRole);
}
list.removeIf(
perm -> EcompPortalUtils.checkNameSpaceMatching(perm.getType(), app.getNameSpace()));
- // if role name is changes please ignore the previous functions in External Auth
+ // if role name is changes please ignore the previous
+ // functions in External Auth
// and update with user requested functions
addRemoveFunctionsToRole(updateExtRole, app, mapper, roleFunctionListNew, name, list);
}
@@ -423,21 +411,22 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic
HttpHeaders headers = EcompPortalUtils.base64encodeKeyForAAFBasicAuth();
if (!list.isEmpty()) {
for (ExternalAccessPerms perm : list) {
- RoleFunction roleFunc = updateRoleFunc.get(perm.getType().substring(app.getNameSpace().length()+1) + FUNCTION_PIPE + perm.getInstance() + FUNCTION_PIPE + perm.getAction());
- if (roleFunc==null) {
- RoleFunction roleFuncPipeFilter = updateRoleFunc.get(perm.getInstance());
- if(roleFuncPipeFilter == null)
- removePermForRole(perm, mapper, name, headers);
+ RoleFunction roleFunc = updateRoleFunc.get(perm.getType().substring(app.getNameSpace().length() + 1)
+ + FUNCTION_PIPE + perm.getInstance() + FUNCTION_PIPE + perm.getAction());
+ if (roleFunc == null) {
+ RoleFunction roleFuncPipeFilter = updateRoleFunc.get(perm.getInstance());
+ if (roleFuncPipeFilter == null)
+ removePermForRole(perm, mapper, name, headers);
}
extRolePermMap.put(perm.getInstance(), perm);
- extRolePermMapPipes.put(
- perm.getType().substring(app.getNameSpace().length()+1) + FUNCTION_PIPE + perm.getInstance() + FUNCTION_PIPE + perm.getAction(), perm);
+ extRolePermMapPipes.put(perm.getType().substring(app.getNameSpace().length() + 1) + FUNCTION_PIPE
+ + perm.getInstance() + FUNCTION_PIPE + perm.getAction(), perm);
}
}
response = true;
if (!roleFunctionListNew.isEmpty()) {
for (RoleFunction roleFunc : roleFunctionListNew) {
- if(roleFunc.getCode().contains(FUNCTION_PIPE)) {
+ if (roleFunc.getCode().contains(FUNCTION_PIPE)) {
ExternalAccessPerms perm = extRolePermMapPipes.get(roleFunc.getCode());
if (perm == null) {
response = addFunctionsToRoleInExternalAuthSystem(updateExtRole, app, mapper, headers,
@@ -453,9 +442,10 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic
}
return response;
}
-
+
/*
- * Adds function to the role in the external auth system while editing a role or updating new functions to a role
+ * Adds function to the role in the external auth system while editing a
+ * role or updating new functions to a role
*
*/
private boolean addFunctionsToRoleInExternalAuthSystem(Role updateExtRole, EPApp app, ObjectMapper mapper,
@@ -468,7 +458,7 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic
String action = "";
if (roleFunc.getCode().contains(FUNCTION_PIPE)) {
code = EcompPortalUtils.getFunctionCode(roleFunc.getCode());
- type = getFunctionCodeType(roleFunc.getCode());
+ type = EcompPortalUtils.getFunctionType(roleFunc.getCode());
action = getFunctionCodeAction(roleFunc.getCode());
} else {
code = roleFunc.getCode();
@@ -476,25 +466,20 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic
action = "*";
}
extPerms = new ExternalAccessPerms(app.getNameSpace() + "." + type, code, action);
- extRolePerms = new ExternalAccessRolePerms(extPerms,
- app.getNameSpace() + "."
- + updateExtRole.getName().replaceAll(
- EcompPortalUtils.EXTERNAL_CENTRAL_AUTH_ROLE_HANDLE_SPECIAL_CHARACTERS,
- "_"));
+ extRolePerms = new ExternalAccessRolePerms(extPerms, app.getNameSpace() + "." + updateExtRole.getName()
+ .replaceAll(EcompPortalUtils.EXTERNAL_CENTRAL_AUTH_ROLE_HANDLE_SPECIAL_CHARACTERS, "_"));
String updateRolePerms = mapper.writeValueAsString(extRolePerms);
HttpEntity<String> entity = new HttpEntity<>(updateRolePerms, headers);
logger.debug(EELFLoggerDelegate.debugLogger, "updateRoleInExternalSystem: {} for POST: {}",
CONNECTING_TO_EXTERNAL_AUTH_SYSTEM_LOG_MESSAGE, updateRolePerms);
ResponseEntity<String> addResponse = template.exchange(
- SystemProperties.getProperty(
- EPCommonSystemProperties.EXTERNAL_CENTRAL_ACCESS_URL) + "role/perm",
+ SystemProperties.getProperty(EPCommonSystemProperties.EXTERNAL_CENTRAL_ACCESS_URL) + "role/perm",
HttpMethod.POST, entity, String.class);
- if (addResponse.getStatusCode().value() != 201 && addResponse.getStatusCode().value()!= 409) {
+ if (addResponse.getStatusCode().value() != 201 && addResponse.getStatusCode().value() != 409) {
response = false;
logger.debug(EELFLoggerDelegate.debugLogger,
"updateRoleInExternalSystem: Connected to External Auth system but something went wrong! due to {} and statuscode: {}",
- addResponse.getStatusCode().getReasonPhrase(),
- addResponse.getStatusCode().value());
+ addResponse.getStatusCode().getReasonPhrase(), addResponse.getStatusCode().value());
} else {
response = true;
logger.debug(EELFLoggerDelegate.debugLogger,
@@ -503,7 +488,7 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic
}
return response;
}
-
+
private void addPartnerHasRoleFunctionsToGlobalRole(List<ExternalAccessPerms> permslist, ObjectMapper mapper,
EPApp app, Role updateExtRole) throws Exception {
for (ExternalAccessPerms perm : permslist) {
@@ -533,19 +518,20 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic
addResponse.getStatusCode().value());
}
} catch (Exception e) {
- logger.error(EELFLoggerDelegate.errorLogger, "addPartnerHasRoleFunctionsToGlobalRole: Failed for POST request: {} due to ",
- addPerms, e);
+ logger.error(EELFLoggerDelegate.errorLogger,
+ "addPartnerHasRoleFunctionsToGlobalRole: Failed for POST request: {} due to ", addPerms, e);
}
}
}
}
@SuppressWarnings("unchecked")
- private void addFunctionsTOGlobalRole(List<EPRole> epRoleList, Role updateExtRole, List<RoleFunction> roleFunctionListNew, ObjectMapper mapper, EPApp app, EPApp portalAppInfo)
+ private void addFunctionsTOGlobalRole(List<EPRole> epRoleList, Role updateExtRole,
+ List<RoleFunction> roleFunctionListNew, ObjectMapper mapper, EPApp app, EPApp portalAppInfo)
throws Exception {
try {
logger.debug(EELFLoggerDelegate.debugLogger, "Entering into addFunctionsTOGlobalRole");
- //GET Permissions from External Auth System
+ // GET Permissions from External Auth System
JSONArray extPerms = getExtAuthPermissions(app);
List<ExternalAccessPermsDetail> permsDetailList = getExtAuthPerrmissonList(app, extPerms);
final Map<String, ExternalAccessPermsDetail> existingPermsWithRoles = new HashMap<>();
@@ -555,99 +541,108 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic
for (ExternalAccessPermsDetail permDetail : permsDetailList) {
existingPermsWithRoles.put(EcompPortalUtils.getFunctionCode(permDetail.getInstance()), permDetail);
existingPermsWithRolesWithPipes.put(permDetail.getInstance(), permDetail);
-
}
// Add If function does not exists for role in External Auth System
for (RoleFunction roleFunc : roleFunctionListNew) {
String roleFuncCode = "";
ExternalAccessPermsDetail permsDetail;
- if(roleFunc.getCode().contains(FUNCTION_PIPE)) {
+ if (roleFunc.getCode().contains(FUNCTION_PIPE)) {
roleFuncCode = roleFunc.getCode();
permsDetail = existingPermsWithRolesWithPipes.get(roleFunc.getCode());
} else {
roleFuncCode = EcompPortalUtils.getFunctionCode(roleFunc.getCode());
permsDetail = existingPermsWithRoles.get(roleFuncCode);
}
- if (null == permsDetail.getRoles() || !permsDetail.getRoles()
- .contains(portalAppInfo.getNameSpace() + FUNCTION_PIPE + epRoleList.get(0).getName().replaceAll(
- EcompPortalUtils.EXTERNAL_CENTRAL_AUTH_ROLE_HANDLE_SPECIAL_CHARACTERS, "_"))) {
+ if (null == permsDetail.getRoles()
+ || !permsDetail.getRoles()
+ .contains(portalAppInfo.getNameSpace() + FUNCTION_PIPE
+ + epRoleList.get(0).getName().replaceAll(
+ EcompPortalUtils.EXTERNAL_CENTRAL_AUTH_ROLE_HANDLE_SPECIAL_CHARACTERS,
+ "_"))) {
addRoleFunctionsToGlobalRoleInExternalSystem(roleFunc, updateExtRole, mapper, app, portalAppInfo);
}
userRquestedFunctionsMap.put(roleFuncCode, roleFunc);
userRquestedFunctionsMapPipesFilter.put(EcompPortalUtils.getFunctionCode(roleFuncCode), roleFunc);
- }
- // Delete functions if exists in External Auth System but not in incoming request
- final Map<String, Long> epAppRoleFuncParams = new HashMap<>();
+ }
+ // Delete functions if exists in External Auth System but not in
+ // incoming
+ // request
+ final Map<String, Long> epAppRoleFuncParams = new HashMap<>();
epAppRoleFuncParams.put("requestedAppId", app.getId());
- epAppRoleFuncParams.put("roleId",updateExtRole.getId());
- List<GlobalRoleWithApplicationRoleFunction> globalRoleFunctionList = dataAccessService.executeNamedQuery("getGlobalRoleForRequestedApp", epAppRoleFuncParams, null);
- for(GlobalRoleWithApplicationRoleFunction globalRoleFunc: globalRoleFunctionList){
+ epAppRoleFuncParams.put("roleId", updateExtRole.getId());
+ List<GlobalRoleWithApplicationRoleFunction> globalRoleFunctionList = dataAccessService
+ .executeNamedQuery("getGlobalRoleForRequestedApp", epAppRoleFuncParams, null);
+ for (GlobalRoleWithApplicationRoleFunction globalRoleFunc : globalRoleFunctionList) {
String globalRoleFuncWithoutPipes = "";
RoleFunction roleFunc = null;
- if(globalRoleFunc.getFunctionCd().contains(FUNCTION_PIPE)) {
+ if (globalRoleFunc.getFunctionCd().contains(FUNCTION_PIPE)) {
globalRoleFuncWithoutPipes = globalRoleFunc.getFunctionCd();
roleFunc = userRquestedFunctionsMap.get(globalRoleFuncWithoutPipes);
- }else {
- globalRoleFuncWithoutPipes = EcompPortalUtils.getFunctionCode(globalRoleFunc.getFunctionCd());
+ } else {
+ globalRoleFuncWithoutPipes = EcompPortalUtils.getFunctionCode(globalRoleFunc.getFunctionCd());
roleFunc = userRquestedFunctionsMapPipesFilter.get(globalRoleFuncWithoutPipes);
}
- if(roleFunc == null){
- ExternalAccessPermsDetail permDetailFromMap = globalRoleFunc.getFunctionCd().contains(FUNCTION_PIPE) ? existingPermsWithRolesWithPipes.get(globalRoleFuncWithoutPipes) : existingPermsWithRoles.get(globalRoleFuncWithoutPipes);
- ExternalAccessPerms perm = new ExternalAccessPerms(permDetailFromMap.getType(), EcompPortalUtils.getFunctionCode(permDetailFromMap.getInstance()), permDetailFromMap.getAction());
- String roleName = portalAppInfo.getNameSpace()+"."+globalRoleFunc.getRoleName().replaceAll(EcompPortalUtils.EXTERNAL_CENTRAL_AUTH_ROLE_HANDLE_SPECIAL_CHARACTERS, "_");
+ if (roleFunc == null) {
+ ExternalAccessPermsDetail permDetailFromMap = globalRoleFunc.getFunctionCd().contains(FUNCTION_PIPE)
+ ? existingPermsWithRolesWithPipes.get(globalRoleFuncWithoutPipes)
+ : existingPermsWithRoles.get(globalRoleFuncWithoutPipes);
+ ExternalAccessPerms perm = new ExternalAccessPerms(permDetailFromMap.getType(),
+ EcompPortalUtils.getFunctionCode(permDetailFromMap.getInstance()),
+ permDetailFromMap.getAction());
+ String roleName = portalAppInfo.getNameSpace() + "." + globalRoleFunc.getRoleName()
+ .replaceAll(EcompPortalUtils.EXTERNAL_CENTRAL_AUTH_ROLE_HANDLE_SPECIAL_CHARACTERS, "_");
HttpHeaders headers = EcompPortalUtils.base64encodeKeyForAAFBasicAuth();
removePermForRole(perm, mapper, roleName, headers);
}
}
logger.debug(EELFLoggerDelegate.debugLogger, "Finished addFunctionsTOGlobalRole");
} catch (Exception e) {
- logger.error(EELFLoggerDelegate.errorLogger, "addFunctionsTOGlobalRole: Failed",e);
+ logger.error(EELFLoggerDelegate.errorLogger, "addFunctionsTOGlobalRole: Failed", e);
throw e;
}
}
- private void addRoleFunctionsToGlobalRoleInExternalSystem(RoleFunction addFunction, Role globalRole, ObjectMapper mapper, EPApp app,
- EPApp portalAppInfo) throws Exception {
+ private void addRoleFunctionsToGlobalRoleInExternalSystem(RoleFunction addFunction, Role globalRole,
+ ObjectMapper mapper, EPApp app, EPApp portalAppInfo) throws Exception {
try {
logger.debug(EELFLoggerDelegate.debugLogger, "Entering into addRoleFunctionsToGlobalRoleInExternalSystem");
ExternalAccessRolePerms extAddRolePerms = null;
ExternalAccessPerms extAddPerms = null;
HttpHeaders headers = EcompPortalUtils.base64encodeKeyForAAFBasicAuth();
- String code = "";
- String type = "";
- String action = "";
- if (addFunction.getCode().contains(FUNCTION_PIPE)) {
- code = EcompPortalUtils.getFunctionCode(addFunction.getCode());
- type = getFunctionCodeType(addFunction.getCode());
- action = getFunctionCodeAction(addFunction.getCode());
- } else {
- code = addFunction.getCode();
- type = addFunction.getCode().contains("menu") ? "menu" : "url";
- action = "*";
- }
- extAddPerms = new ExternalAccessPerms(app.getNameSpace() + "." + type, code, action);
- extAddRolePerms = new ExternalAccessRolePerms(extAddPerms,
- portalAppInfo.getNameSpace() + "." + globalRole.getName().replaceAll(
- EcompPortalUtils.EXTERNAL_CENTRAL_AUTH_ROLE_HANDLE_SPECIAL_CHARACTERS, "_"));
- String updateRolePerms = mapper.writeValueAsString(extAddRolePerms);
- HttpEntity<String> entity = new HttpEntity<>(updateRolePerms, headers);
- logger.debug(EELFLoggerDelegate.debugLogger, "addRoleFunctionsInExternalSystem: {} ",
- CONNECTING_TO_EXTERNAL_AUTH_SYSTEM_LOG_MESSAGE);
- ResponseEntity<String> addResponse = template
- .exchange(SystemProperties.getProperty(EPCommonSystemProperties.EXTERNAL_CENTRAL_ACCESS_URL)
- + "role/perm", HttpMethod.POST, entity, String.class);
- if (addResponse.getStatusCode().value() != 201) {
- logger.debug(EELFLoggerDelegate.debugLogger,
- "addRoleFunctionsInExternalSystem: While adding permission to the role in External Auth system something went wrong! due to {} and statuscode: {}",
- addResponse.getStatusCode().getReasonPhrase(), addResponse.getStatusCode().value());
- } else {
- logger.debug(EELFLoggerDelegate.debugLogger,
- "addRoleFunctionsInExternalSystem: Finished adding permissions to roles in External Auth system and status code: {} ",
- addResponse.getStatusCode().value());
- }
+ String code = "";
+ String type = "";
+ String action = "";
+ if (addFunction.getCode().contains(FUNCTION_PIPE)) {
+ code = EcompPortalUtils.getFunctionCode(addFunction.getCode());
+ type = getFunctionCodeType(addFunction.getCode());
+ action = getFunctionCodeAction(addFunction.getCode());
+ } else {
+ code = addFunction.getCode();
+ type = addFunction.getCode().contains("menu") ? "menu" : "url";
+ action = "*";
+ }
+ extAddPerms = new ExternalAccessPerms(app.getNameSpace() + "." + type, code, action);
+ extAddRolePerms = new ExternalAccessRolePerms(extAddPerms, portalAppInfo.getNameSpace() + "." + globalRole
+ .getName().replaceAll(EcompPortalUtils.EXTERNAL_CENTRAL_AUTH_ROLE_HANDLE_SPECIAL_CHARACTERS, "_"));
+ String updateRolePerms = mapper.writeValueAsString(extAddRolePerms);
+ HttpEntity<String> entity = new HttpEntity<>(updateRolePerms, headers);
+ logger.debug(EELFLoggerDelegate.debugLogger, "addRoleFunctionsInExternalSystem: {} ",
+ CONNECTING_TO_EXTERNAL_AUTH_SYSTEM_LOG_MESSAGE);
+ ResponseEntity<String> addResponse = template.exchange(
+ SystemProperties.getProperty(EPCommonSystemProperties.EXTERNAL_CENTRAL_ACCESS_URL) + "role/perm",
+ HttpMethod.POST, entity, String.class);
+ if (addResponse.getStatusCode().value() != 201) {
+ logger.debug(EELFLoggerDelegate.debugLogger,
+ "addRoleFunctionsInExternalSystem: While adding permission to the role in External Auth system something went wrong! due to {} and statuscode: {}",
+ addResponse.getStatusCode().getReasonPhrase(), addResponse.getStatusCode().value());
+ } else {
+ logger.debug(EELFLoggerDelegate.debugLogger,
+ "addRoleFunctionsInExternalSystem: Finished adding permissions to roles in External Auth system and status code: {} ",
+ addResponse.getStatusCode().value());
+ }
logger.debug(EELFLoggerDelegate.debugLogger, "Finished addRoleFunctionsToGlobalRoleInExternalSystem");
- }catch(Exception e){
- logger.error(EELFLoggerDelegate.errorLogger, "addRoleFunctionsToGlobalRoleInExternalSystem: Failed",e);
+ } catch (Exception e) {
+ logger.error(EELFLoggerDelegate.errorLogger, "addRoleFunctionsToGlobalRoleInExternalSystem: Failed", e);
throw e;
}
}
@@ -657,7 +652,8 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic
boolean response;
String updateRolePerms = addPermsMapper.writeValueAsString(extAddRolePerms);
HttpEntity<String> entity = new HttpEntity<>(updateRolePerms, headers);
- logger.debug(EELFLoggerDelegate.debugLogger, "addRoleFunctionsInExternalSystem: {} for POST: {} " , CONNECTING_TO_EXTERNAL_AUTH_SYSTEM_LOG_MESSAGE, updateRolePerms);
+ logger.debug(EELFLoggerDelegate.debugLogger, "addRoleFunctionsInExternalSystem: {} for POST: {} ",
+ CONNECTING_TO_EXTERNAL_AUTH_SYSTEM_LOG_MESSAGE, updateRolePerms);
ResponseEntity<String> addResponse = template.exchange(
SystemProperties.getProperty(EPCommonSystemProperties.EXTERNAL_CENTRAL_ACCESS_URL) + "role/perm",
HttpMethod.POST, entity, String.class);
@@ -668,17 +664,20 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic
addResponse.getStatusCode().getReasonPhrase(), addResponse.getStatusCode().value());
} else {
response = true;
- logger.debug(EELFLoggerDelegate.debugLogger, "addRoleFunctionsInExternalSystem: Finished adding permissions to roles in External Auth system {} and status code: {} ", updateRolePerms, addResponse.getStatusCode().value());
+ logger.debug(EELFLoggerDelegate.debugLogger,
+ "addRoleFunctionsInExternalSystem: Finished adding permissions to roles in External Auth system {} and status code: {} ",
+ updateRolePerms, addResponse.getStatusCode().value());
}
return response;
}
/**
*
- * It converts list of functions in updateExtRole parameter to the RoleFunction object
+ * It converts list of functions in updateExtRole parameter to the
+ * RoleFunction object
*
* @param updateExtRole
- * @return list of functions
+ * @return list of functions
*/
@SuppressWarnings("unchecked")
private List<RoleFunction> convertSetToListOfRoleFunctions(Role updateExtRole) {
@@ -701,28 +700,31 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic
* @param permMapper
* @param name
* @param headers
- * @throws JsonProcessingException
+ * @throws JsonProcessingException
* @throws Exception
*/
private void removePermForRole(ExternalAccessPerms perm, ObjectMapper permMapper, String name, HttpHeaders headers)
throws ExternalAuthSystemException, JsonProcessingException {
ExternalAccessRolePerms extAccessRolePerms = new ExternalAccessRolePerms(perm, name);
String permDetails = permMapper.writeValueAsString(extAccessRolePerms);
- try{
- HttpEntity<String> deleteEntity = new HttpEntity<>(permDetails, headers);
- logger.debug(EELFLoggerDelegate.debugLogger, "removePermForRole: {} for DELETE: {} " , CONNECTING_TO_EXTERNAL_AUTH_SYSTEM_LOG_MESSAGE, permDetails);
- ResponseEntity<String> deletePermResponse = template
- .exchange(SystemProperties.getProperty(EPCommonSystemProperties.EXTERNAL_CENTRAL_ACCESS_URL) + "role/"
- + name + "/perm", HttpMethod.DELETE, deleteEntity, String.class);
- if (deletePermResponse.getStatusCode().value() != 200) {
- throw new ExternalAuthSystemException(deletePermResponse.getBody());
- }
- logger.debug(EELFLoggerDelegate.debugLogger, "removePermForRole: Finished deleting permission to role in External Auth system: {} and status code: {}",
- permDetails, deletePermResponse.getStatusCode().value());
- } catch(Exception e){
- if(e.getMessage().contains("404")){
- logger.error(EELFLoggerDelegate.errorLogger, "Failed to add role for DELETE request: {} due to {}", permDetails, e.getMessage());
- } else{
+ try {
+ HttpEntity<String> deleteEntity = new HttpEntity<>(permDetails, headers);
+ logger.debug(EELFLoggerDelegate.debugLogger, "removePermForRole: {} for DELETE: {} ",
+ CONNECTING_TO_EXTERNAL_AUTH_SYSTEM_LOG_MESSAGE, permDetails);
+ ResponseEntity<String> deletePermResponse = template
+ .exchange(SystemProperties.getProperty(EPCommonSystemProperties.EXTERNAL_CENTRAL_ACCESS_URL)
+ + "role/" + name + "/perm", HttpMethod.DELETE, deleteEntity, String.class);
+ if (deletePermResponse.getStatusCode().value() != 200) {
+ throw new ExternalAuthSystemException(deletePermResponse.getBody());
+ }
+ logger.debug(EELFLoggerDelegate.debugLogger,
+ "removePermForRole: Finished deleting permission to role in External Auth system: {} and status code: {}",
+ permDetails, deletePermResponse.getStatusCode().value());
+ } catch (Exception e) {
+ if (e.getMessage().contains("404")) {
+ logger.error(EELFLoggerDelegate.errorLogger, "Failed to add role for DELETE request: {} due to {}",
+ permDetails, e.getMessage());
+ } else {
throw e;
}
}
@@ -737,29 +739,32 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic
* @throws Exception
* If fails to add role in the system
*/
- private void addNewRoleInExternalSystem(List<EPRole> newRole, EPApp app) throws Exception, HttpClientErrorException {
- try{
- HttpHeaders headers = EcompPortalUtils.base64encodeKeyForAAFBasicAuth();
- ObjectMapper mapper = new ObjectMapper();
- String addNewRole = "";
- ExternalAccessRole extRole = new ExternalAccessRole();
- extRole.setName(app.getNameSpace() + "." + newRole.get(0).getName().replaceAll(EcompPortalUtils.EXTERNAL_CENTRAL_AUTH_ROLE_HANDLE_SPECIAL_CHARACTERS, "_"));
- extRole.setDescription(String.valueOf(newRole.get(0).getName()));
- addNewRole = mapper.writeValueAsString(extRole);
- HttpEntity<String> postEntity = new HttpEntity<>(addNewRole, headers);
- logger.debug(EELFLoggerDelegate.debugLogger, "addNewRoleInExternalSystem: {} for POST: {} " , CONNECTING_TO_EXTERNAL_AUTH_SYSTEM_LOG_MESSAGE, addNewRole);
- ResponseEntity<String> addNewRoleInExternalSystem = template.exchange(
- SystemProperties.getProperty(EPCommonSystemProperties.EXTERNAL_CENTRAL_ACCESS_URL) + "role",
- HttpMethod.POST, postEntity, String.class);
+ private void addNewRoleInExternalSystem(List<EPRole> newRole, EPApp app)
+ throws Exception, HttpClientErrorException {
+ try {
+ HttpHeaders headers = EcompPortalUtils.base64encodeKeyForAAFBasicAuth();
+ ObjectMapper mapper = new ObjectMapper();
+ String addNewRole = "";
+ ExternalAccessRole extRole = new ExternalAccessRole();
+ extRole.setName(app.getNameSpace() + "." + newRole.get(0).getName()
+ .replaceAll(EcompPortalUtils.EXTERNAL_CENTRAL_AUTH_ROLE_HANDLE_SPECIAL_CHARACTERS, "_"));
+ extRole.setDescription(String.valueOf(newRole.get(0).getName()));
+ addNewRole = mapper.writeValueAsString(extRole);
+ HttpEntity<String> postEntity = new HttpEntity<>(addNewRole, headers);
+ logger.debug(EELFLoggerDelegate.debugLogger, "addNewRoleInExternalSystem: {} for POST: {} ",
+ CONNECTING_TO_EXTERNAL_AUTH_SYSTEM_LOG_MESSAGE, addNewRole);
+ ResponseEntity<String> addNewRoleInExternalSystem = template.exchange(
+ SystemProperties.getProperty(EPCommonSystemProperties.EXTERNAL_CENTRAL_ACCESS_URL) + "role",
+ HttpMethod.POST, postEntity, String.class);
if (addNewRoleInExternalSystem.getStatusCode().value() == 201) {
logger.debug(EELFLoggerDelegate.debugLogger,
"addNewRoleInExternalSystem: Finished adding into External Auth system for POST: {} and status code: {}",
addNewRole, addNewRoleInExternalSystem.getStatusCode().value());
}
- }catch(HttpClientErrorException ht){
- dataAccessService.deleteDomainObjects(EPRole.class, " role_id = "+ newRole.get(0).getId(), null);
- logger.error(EELFLoggerDelegate.debugLogger, "addNewRoleInExternalSystem: Failed to add in External Auth system and status code: {}",
- ht);
+ } catch (HttpClientErrorException ht) {
+ dataAccessService.deleteDomainObjects(EPRole.class, " role_id = " + newRole.get(0).getId(), null);
+ logger.error(EELFLoggerDelegate.debugLogger,
+ "addNewRoleInExternalSystem: Failed to add in External Auth system and status code: {}", ht);
throw new HttpClientErrorException(ht.getStatusCode());
}
}
@@ -778,14 +783,15 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic
ObjectMapper mapper = new ObjectMapper();
String addNewRole = "";
ExternalAccessRole extRole = new ExternalAccessRole();
- extRole.setName(app.getNameSpace() + "." + addRole.getName().replaceAll(EcompPortalUtils.EXTERNAL_CENTRAL_AUTH_ROLE_HANDLE_SPECIAL_CHARACTERS, "_"));
+ extRole.setName(app.getNameSpace() + "." + addRole.getName()
+ .replaceAll(EcompPortalUtils.EXTERNAL_CENTRAL_AUTH_ROLE_HANDLE_SPECIAL_CHARACTERS, "_"));
extRole.setDescription(String.valueOf(addRole.getName()));
addNewRole = mapper.writeValueAsString(extRole);
return addNewRole;
}
/**
- * It create a role in the external auth system and then in our local
+ * It create a role in the external auth system and then in our local
*
* @param addRoleInDB
* @param app
@@ -794,7 +800,7 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic
*/
@SuppressWarnings("unchecked")
@Transactional(rollbackFor = Exception.class)
- public boolean addRoleInEcompDB(Role addRoleInDB, EPApp app) throws Exception {
+ public boolean addRoleInEcompDB(Role addRoleInDB, EPApp app) throws Exception {
boolean result = false;
EPRole epRole = null;
Set<RoleFunction> roleFunctionList = addRoleInDB.getRoleFunctions();
@@ -823,19 +829,22 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic
}
dataAccessService.saveDomainObject(epRoleNew, null);
List<EPRole> getRoleCreated = null;
- final Map<String, String> epAppRoleParams = new HashMap<>();
- final Map<String, String> epAppPortalRoleParams = new HashMap<>();
+ final Map<String, String> epAppRoleParams = new HashMap<>();
+ final Map<String, String> epAppPortalRoleParams = new HashMap<>();
if (!app.getId().equals(PortalConstants.PORTAL_APP_ID)) {
epAppRoleParams.put("appId", String.valueOf(app.getId()));
epAppRoleParams.put(APP_ROLE_NAME_PARAM, addRoleInDB.getName());
- List<EPRole> roleCreated = dataAccessService.executeNamedQuery(GET_ROLE_TO_UPDATE_IN_EXTERNAL_AUTH_SYSTEM, epAppRoleParams, null);
+ List<EPRole> roleCreated = dataAccessService
+ .executeNamedQuery(GET_ROLE_TO_UPDATE_IN_EXTERNAL_AUTH_SYSTEM, epAppRoleParams, null);
EPRole epUpdateRole = roleCreated.get(0);
epUpdateRole.setAppRoleId(epUpdateRole.getId());
dataAccessService.saveDomainObject(epUpdateRole, null);
- getRoleCreated = dataAccessService.executeNamedQuery(GET_ROLE_TO_UPDATE_IN_EXTERNAL_AUTH_SYSTEM, epAppRoleParams, null);
+ getRoleCreated = dataAccessService.executeNamedQuery(GET_ROLE_TO_UPDATE_IN_EXTERNAL_AUTH_SYSTEM,
+ epAppRoleParams, null);
} else {
epAppPortalRoleParams.put(APP_ROLE_NAME_PARAM, addRoleInDB.getName());
- getRoleCreated = dataAccessService.executeNamedQuery(GET_PORTAL_APP_ROLES_QUERY, epAppPortalRoleParams, null);
+ getRoleCreated = dataAccessService.executeNamedQuery(GET_PORTAL_APP_ROLES_QUERY,
+ epAppPortalRoleParams, null);
}
// Add role in External Auth system
if (EcompPortalUtils.checkIfRemoteCentralAccessAllowed()) {
@@ -905,19 +914,23 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic
* @param checkRole
* @param app
* @throws Exception
- * If role exits
+ * If role exits
*/
private void checkIfRoleExitsInExternalSystem(Role checkRole, EPApp app) throws Exception {
getNameSpaceIfExists(app);
HttpHeaders headers = EcompPortalUtils.base64encodeKeyForAAFBasicAuth();
- String roleName = app.getNameSpace() + "." + checkRole.getName().replaceAll(EcompPortalUtils.EXTERNAL_CENTRAL_AUTH_ROLE_HANDLE_SPECIAL_CHARACTERS, "_");
+ String roleName = app.getNameSpace() + "." + checkRole.getName()
+ .replaceAll(EcompPortalUtils.EXTERNAL_CENTRAL_AUTH_ROLE_HANDLE_SPECIAL_CHARACTERS, "_");
HttpEntity<String> checkRoleEntity = new HttpEntity<>(headers);
- logger.debug(EELFLoggerDelegate.debugLogger, "checkIfRoleExitsInExternalSystem: {} " , CONNECTING_TO_EXTERNAL_AUTH_SYSTEM_LOG_MESSAGE);
+ logger.debug(EELFLoggerDelegate.debugLogger, "checkIfRoleExitsInExternalSystem: {} ",
+ CONNECTING_TO_EXTERNAL_AUTH_SYSTEM_LOG_MESSAGE);
ResponseEntity<String> checkRoleInExternalSystem = template
.exchange(SystemProperties.getProperty(EPCommonSystemProperties.EXTERNAL_CENTRAL_ACCESS_URL) + "roles/"
+ roleName, HttpMethod.GET, checkRoleEntity, String.class);
if (!checkRoleInExternalSystem.getBody().equals(IS_EMPTY_JSON_STRING)) {
- logger.debug("checkIfRoleExitsInExternalSystem: Role already exists in external system {} and status code: {} ", checkRoleInExternalSystem.getBody(), checkRoleInExternalSystem.getStatusCode().value());
+ logger.debug(
+ "checkIfRoleExitsInExternalSystem: Role already exists in external system {} and status code: {} ",
+ checkRoleInExternalSystem.getBody(), checkRoleInExternalSystem.getStatusCode().value());
throw new ExternalAuthSystemException(" Role already exists in external system");
}
}
@@ -931,10 +944,9 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic
* @throws Exception
*/
@SuppressWarnings("unchecked")
- private void saveRoleFunction(List<RoleFunction> roleFunctionListNew, EPApp app, List<EPRole> applicationRoles ,Long roleAppId)
- throws Exception {
- final Map<String, String> getAppFunctionParams = new HashMap<>();
-
+ private void saveRoleFunction(List<RoleFunction> roleFunctionListNew, EPApp app, List<EPRole> applicationRoles,
+ Long roleAppId) throws Exception {
+ final Map<String, String> getAppFunctionParams = new HashMap<>();
for (RoleFunction roleFunc : roleFunctionListNew) {
String code = EcompPortalUtils.getFunctionCode(roleFunc.getCode());
EPAppRoleFunction appRoleFunc = new EPAppRoleFunction();
@@ -944,45 +956,46 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic
getAppFunctionParams.put("appId", String.valueOf(app.getId()));
getAppFunctionParams.put(FUNCTION_CODE_PARAMS, roleFunc.getCode());
// query to check if function code has pipes
- List<CentralV2RoleFunction> roleFunction = dataAccessService.executeNamedQuery(GET_ROLE_FUNCTION_QUERY, getAppFunctionParams, null);
- if(roleFunction.isEmpty()){
+ List<CentralV2RoleFunction> roleFunction = dataAccessService.executeNamedQuery(GET_ROLE_FUNCTION_QUERY,
+ getAppFunctionParams, null);
+ if (roleFunction.isEmpty()) {
getAppFunctionParams.put(FUNCTION_CODE_PARAMS, code);
roleFunction = dataAccessService.executeNamedQuery(GET_ROLE_FUNCTION_QUERY, getAppFunctionParams, null);
}
- if(roleFunction.size() > 1){
+ if (roleFunction.size() > 1) {
CentralV2RoleFunction getExactFunctionCode = appFunctionListFilter(code, roleFunction);
appRoleFunc.setCode(getExactFunctionCode.getCode());
- } else{
+ } else {
appRoleFunc.setCode(roleFunction.get(0).getCode());
}
-
dataAccessService.saveDomainObject(appRoleFunc, null);
}
}
/**
*
- * It filters the app functions which starts with similar name in the result set
+ * It filters the app functions which starts with similar name in the result
+ * set
*
* @param roleFunc
* @param roleFunction
- * @return CentralRoleFunction
+ * @return CentralRoleFunction
*/
private CentralV2RoleFunction appFunctionListFilter(String roleFuncCode, List<CentralV2RoleFunction> roleFunction) {
- final Map<String, CentralV2RoleFunction> appFunctionsFilter = new HashMap<>();
- final Map<String, CentralV2RoleFunction> appFunctionsFilterPipes = new HashMap<>();
+ final Map<String, CentralV2RoleFunction> appFunctionsFilter = new HashMap<>();
+ final Map<String, CentralV2RoleFunction> appFunctionsFilterPipes = new HashMap<>();
CentralV2RoleFunction getExactFunctionCode = null;
- for(CentralV2RoleFunction cenRoleFunction : roleFunction){
+ for (CentralV2RoleFunction cenRoleFunction : roleFunction) {
appFunctionsFilter.put(cenRoleFunction.getCode(), cenRoleFunction);
appFunctionsFilterPipes.put(EcompPortalUtils.getFunctionCode(cenRoleFunction.getCode()), cenRoleFunction);
}
getExactFunctionCode = appFunctionsFilter.get(roleFuncCode);
- if(getExactFunctionCode == null){
+ if (getExactFunctionCode == null) {
getExactFunctionCode = appFunctionsFilterPipes.get(roleFuncCode);
}
return getExactFunctionCode;
}
-
+
/**
* It deletes all EPAppRoleFunction records in the portal
*
@@ -994,17 +1007,18 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic
final Map<String, Long> appRoleFuncsParams = new HashMap<>();
appRoleFuncsParams.put("appId", app.getId());
appRoleFuncsParams.put("roleId", role.get(0).getId());
- List<EPAppRoleFunction> appRoleFunctionList = dataAccessService.executeNamedQuery("getAppRoleFunctionOnRoleIdandAppId", appRoleFuncsParams, null);
+ List<EPAppRoleFunction> appRoleFunctionList = dataAccessService
+ .executeNamedQuery("getAppRoleFunctionOnRoleIdandAppId", appRoleFuncsParams, null);
if (!appRoleFunctionList.isEmpty()) {
for (EPAppRoleFunction approleFunction : appRoleFunctionList) {
dataAccessService.deleteDomainObject(approleFunction, null);
}
}
}
-
+
@Override
@SuppressWarnings("unchecked")
- public List<EPUser> getUser(String loginId) throws InvalidUserException{
+ public List<EPUser> getUser(String loginId) throws InvalidUserException {
final Map<String, String> userParams = new HashMap<>();
userParams.put("org_user_id", loginId);
List<EPUser> userList = dataAccessService.executeNamedQuery("getEPUserByOrgUserId", userParams, null);
@@ -1051,10 +1065,10 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic
List<EPApp> app = getApp(uebkey);
List<EPRole> appRolesList = getAppRoles(app.get(0).getId());
roleList = createCentralRoleObject(app, appRolesList, roleList, params);
- if(app.get(0).getId() != PortalConstants.PORTAL_APP_ID){
- List<CentralV2Role> globalRoleList = getGlobalRolesOfApplication(app.get(0).getId());
+ if (app.get(0).getId() != PortalConstants.PORTAL_APP_ID) {
+ List<CentralV2Role> globalRoleList = getGlobalRolesOfApplication(app.get(0).getId());
List<EPRole> globalRolesList = getGlobalRolesOfPortal();
- List<CentralV2Role> portalsGlobalRolesFinlaList = new ArrayList<>();
+ List<CentralV2Role> portalsGlobalRolesFinlaList = new ArrayList<>();
if (!globalRolesList.isEmpty()) {
for (EPRole eprole : globalRolesList) {
CentralV2Role cenRole = convertRoleToCentralV2Role(eprole);
@@ -1062,10 +1076,10 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic
}
roleList.addAll(globalRoleList);
for (CentralV2Role role : portalsGlobalRolesFinlaList) {
- CentralV2Role result = roleList.stream()
- .filter(x -> role.getId().equals(x.getId())).findAny().orElse(null);
- if (result == null)
- roleList.add(role);
+ CentralV2Role result = roleList.stream().filter(x -> role.getId().equals(x.getId())).findAny()
+ .orElse(null);
+ if (result == null)
+ roleList.add(role);
}
} else {
for (EPRole role : globalRolesList) {
@@ -1089,10 +1103,15 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic
List<CentralV2RoleFunction> finalRoleList = new ArrayList<>();
final Map<String, Long> params = new HashMap<>();
params.put(APP_ID, app.getId());
- List<CentralV2RoleFunction> getRoleFuncList = dataAccessService.executeNamedQuery("getAllRoleFunctions", params, null);
+ List<CentralV2RoleFunction> getRoleFuncList = dataAccessService.executeNamedQuery("getAllRoleFunctions", params,
+ null);
for (CentralV2RoleFunction roleFuncItem : getRoleFuncList) {
String code = EcompPortalUtils.getFunctionCode(roleFuncItem.getCode());
- String type = getFunctionCodeType(roleFuncItem.getCode());
+ String type = "";
+ if (roleFuncItem.getCode().contains("|"))
+ type = EcompPortalUtils.getFunctionType(roleFuncItem.getCode());
+ else
+ type = getFunctionCodeType(roleFuncItem.getCode());
String action = getFunctionCodeAction(roleFuncItem.getCode());
roleFuncItem.setCode(EPUserUtils.decodeFunctionCode(code));
roleFuncItem.setType(type);
@@ -1102,11 +1121,9 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic
return finalRoleList;
}
-
@Override
public String getFunctionCodeAction(String roleFuncItem) {
- return (!roleFuncItem.contains(FUNCTION_PIPE)) ? "*"
- : EcompPortalUtils.getFunctionAction(roleFuncItem);
+ return (!roleFuncItem.contains(FUNCTION_PIPE)) ? "*" : EcompPortalUtils.getFunctionAction(roleFuncItem);
}
@Override
@@ -1115,9 +1132,8 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic
if ((roleFuncItem.contains(FUNCTION_PIPE) && roleFuncItem.contains("menu"))
|| (!roleFuncItem.contains(FUNCTION_PIPE) && roleFuncItem.contains("menu"))) {
type = "menu";
- } else if (checkIfCodeHasNoPipesAndHasTypeUrl(roleFuncItem)
- ||checkIfCodeHasPipesAndHasTypeUrl(roleFuncItem)
- ||checkIfCodeHasNoPipesAndHasNoTypeUrl(roleFuncItem)) {
+ } else if (checkIfCodeHasNoPipesAndHasTypeUrl(roleFuncItem) || checkIfCodeHasPipesAndHasTypeUrl(roleFuncItem)
+ || checkIfCodeHasNoPipesAndHasNoTypeUrl(roleFuncItem)) {
type = "url";
} else if (roleFuncItem.contains(FUNCTION_PIPE)
&& (!roleFuncItem.contains("menu") || roleFuncItem.contains("url"))) {
@@ -1136,10 +1152,10 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic
private boolean checkIfCodeHasNoPipesAndHasNoTypeUrl(String roleFuncItem) {
return !roleFuncItem.contains(FUNCTION_PIPE) && !roleFuncItem.contains("url");
}
-
+
/**
*
- * It check whether function code has pipes and url string in it
+ * It check whether function code has pipes and url string in it
*
* @param roleFuncItem
* @return true or false
@@ -1150,7 +1166,7 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic
/**
*
- * It check whether function code has no pipes and has url string in it
+ * It check whether function code has no pipes and has url string in it
*
* @param roleFuncItem
* @return true or false
@@ -1160,7 +1176,8 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic
}
/**
- * It returns user detail information which is deep copy of EPUser.class object
+ * It returns user detail information which is deep copy of EPUser.class
+ * object
*
* @param userInfo
* @param userAppSet
@@ -1200,6 +1217,7 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic
String.valueOf(epApp.getOpen()), String.valueOf(epApp.getEnabled()),
epApp.getThumbnail(), epApp.getUsername(), epApp.getUebKey(), epApp.getUebSecret(),
epApp.getUebTopicName());
+ cenApp.setAppPassword(EPCommonSystemProperties.APP_DISPLAY_PASSWORD);
cua.setApp(cenApp);
Long appId = null;
if (globalRole.toLowerCase().startsWith("global_")
@@ -1242,12 +1260,10 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic
userApp.getRole().getName(), userApp.getRole().getActive(),
userApp.getRole().getPriority(), roleFunctionSet, null, null);
cua.setRole(cenRole);
-
userAppList.getUserApps().add(cua);
}
}
}
-
user1 = new CentralV2User(null, userInfo.getCreated(), userInfo.getModified(), userInfo.getCreatedId(),
userInfo.getModifiedId(), userInfo.getRowNum(), userInfo.getOrgId(), userInfo.getManagerId(),
userInfo.getFirstName(), userInfo.getMiddleInitial(), userInfo.getLastName(), userInfo.getPhone(),
@@ -1301,11 +1317,9 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic
if (roleList.isEmpty()) {
return cenRole;
}
-
} catch (Exception e) {
logger.error(EELFLoggerDelegate.errorLogger, "getRoleInfo: failed", e);
throw e;
-
}
return roleList.get(0);
}
@@ -1315,9 +1329,9 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic
List<EPRole> roleInfo;
final Map<String, Long> getPartnerAppRoleParams = new HashMap<>();
getPartnerAppRoleParams.put("appRoleId", roleId);
- getPartnerAppRoleParams.put("appId", app.getId());
+ getPartnerAppRoleParams.put("appId", app.getId());
roleInfo = dataAccessService.executeNamedQuery("getPartnerAppRoleByRoleId", getPartnerAppRoleParams, null);
- if(roleInfo.isEmpty()) {
+ if (roleInfo.isEmpty()) {
getPartnerAppRoleParams.put("appRoleId", roleId);
roleInfo = dataAccessService.executeNamedQuery("getPartnerAppRoleById", getPartnerAppRoleParams, null);
}
@@ -1332,20 +1346,22 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic
roleInfo = dataAccessService.executeNamedQuery("getPortalAppRoleByRoleId", getPortalAppRoleParams, null);
return roleInfo;
}
-
+
/**
*
- * It returns list of app roles along with role functions and which went through deep copy
+ * It returns list of app roles along with role functions and which went
+ * through deep copy
*
* @param app
* @param roleInfo
* @param roleList
* @param params
* @return
- * @throws DecoderException
+ * @throws DecoderException
*/
@SuppressWarnings("unchecked")
- private List<CentralV2Role> createCentralRoleObject(List<EPApp> app, List<EPRole> roleInfo,
+ @Override
+ public List<CentralV2Role> createCentralRoleObject(List<EPApp> app, List<EPRole> roleInfo,
List<CentralV2Role> roleList, Map<String, Long> params) throws RoleFunctionException {
for (EPRole role : roleInfo) {
params.put("roleId", role.getId());
@@ -1427,29 +1443,29 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic
String newfunctionTypeFormat = EcompPortalUtils.getFunctionType(functionCodeFormat);
String newfunctionActionFormat = EcompPortalUtils.getFunctionAction(functionCodeFormat);
roleFunc = new CentralV2RoleFunction(getRoleFuncList.getId(), newfunctionCodeFormat,
- getRoleFuncList.getName(), getRoleFuncList.getAppId(), newfunctionTypeFormat, newfunctionActionFormat,
- getRoleFuncList.getEditUrl());
+ getRoleFuncList.getName(), getRoleFuncList.getAppId(), newfunctionTypeFormat,
+ newfunctionActionFormat, getRoleFuncList.getEditUrl());
} else {
- roleFunc = new CentralV2RoleFunction(getRoleFuncList.getId(), functionCodeFormat,
- getRoleFuncList.getName(), getRoleFuncList.getAppId(),
- getRoleFuncList.getEditUrl());
+ roleFunc = new CentralV2RoleFunction(getRoleFuncList.getId(), functionCodeFormat, getRoleFuncList.getName(),
+ getRoleFuncList.getAppId(), getRoleFuncList.getEditUrl());
}
return roleFunc;
}
@Override
- public boolean saveCentralRoleFunction(CentralV2RoleFunction domainCentralRoleFunction, EPApp app) throws Exception {
+ public boolean saveCentralRoleFunction(CentralV2RoleFunction domainCentralRoleFunction, EPApp app)
+ throws Exception {
boolean saveOrUpdateFunction = false;
try {
domainCentralRoleFunction.setCode(encodeFunctionCode(domainCentralRoleFunction.getCode()));
final Map<String, String> functionParams = new HashMap<>();
functionParams.put("appId", String.valueOf(app.getId()));
- if(EcompPortalUtils.checkIfRemoteCentralAccessAllowed()) {
- addRoleFunctionInExternalSystem(domainCentralRoleFunction, app);
+ if (EcompPortalUtils.checkIfRemoteCentralAccessAllowed()) {
+ addRoleFunctionInExternalSystem(domainCentralRoleFunction, app);
}
- if(domainCentralRoleFunction.getType() != null && domainCentralRoleFunction.getAction() != null){
- domainCentralRoleFunction.setCode(domainCentralRoleFunction.getType()+
- FUNCTION_PIPE+domainCentralRoleFunction.getCode()+FUNCTION_PIPE+domainCentralRoleFunction.getAction());
+ if (domainCentralRoleFunction.getType() != null && domainCentralRoleFunction.getAction() != null) {
+ domainCentralRoleFunction.setCode(domainCentralRoleFunction.getType() + FUNCTION_PIPE
+ + domainCentralRoleFunction.getCode() + FUNCTION_PIPE + domainCentralRoleFunction.getAction());
}
domainCentralRoleFunction.setAppId(app.getId());
dataAccessService.saveDomainObject(domainCentralRoleFunction, null);
@@ -1460,7 +1476,7 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic
}
return saveOrUpdateFunction;
}
-
+
/**
* It creates application permission in external auth system
*
@@ -1472,24 +1488,32 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic
throws Exception {
ObjectMapper mapper = new ObjectMapper();
ExternalAccessPerms extPerms = new ExternalAccessPerms();
- HttpHeaders headers = EcompPortalUtils.base64encodeKeyForAAFBasicAuth();
+ HttpHeaders headers = EcompPortalUtils.base64encodeKeyForAAFBasicAuth();
String type = "";
String instance = "";
String action = "";
- if((domainCentralRoleFunction.getType()!=null && domainCentralRoleFunction.getAction()!=null) || domainCentralRoleFunction.getCode().contains(FUNCTION_PIPE)){
- type = domainCentralRoleFunction.getCode().contains(FUNCTION_PIPE) ? EcompPortalUtils.getFunctionType(domainCentralRoleFunction.getCode()) : domainCentralRoleFunction.getType();
- instance = domainCentralRoleFunction.getCode().contains(FUNCTION_PIPE) ? EcompPortalUtils.getFunctionCode(domainCentralRoleFunction.getCode()) : domainCentralRoleFunction.getCode();
- action = domainCentralRoleFunction.getCode().contains(FUNCTION_PIPE) ? EcompPortalUtils.getFunctionAction(domainCentralRoleFunction.getCode()) : domainCentralRoleFunction.getAction();
- } else{
+ if ((domainCentralRoleFunction.getType() != null && domainCentralRoleFunction.getAction() != null)
+ || domainCentralRoleFunction.getCode().contains(FUNCTION_PIPE)) {
+ type = domainCentralRoleFunction.getCode().contains(FUNCTION_PIPE)
+ ? EcompPortalUtils.getFunctionType(domainCentralRoleFunction.getCode())
+ : domainCentralRoleFunction.getType();
+ instance = domainCentralRoleFunction.getCode().contains(FUNCTION_PIPE)
+ ? EcompPortalUtils.getFunctionCode(domainCentralRoleFunction.getCode())
+ : domainCentralRoleFunction.getCode();
+ action = domainCentralRoleFunction.getCode().contains(FUNCTION_PIPE)
+ ? EcompPortalUtils.getFunctionAction(domainCentralRoleFunction.getCode())
+ : domainCentralRoleFunction.getAction();
+ } else {
type = domainCentralRoleFunction.getCode().contains("menu") ? "menu" : "url";
instance = domainCentralRoleFunction.getCode();
- action = "*";
- }
+ action = "*";
+ }
// get Permissions from External Auth System
JSONArray extPermsList = getExtAuthPermissions(app);
List<ExternalAccessPermsDetail> permsDetailList = getExtAuthPerrmissonList(app, extPermsList);
- String requestedPerm = type+FUNCTION_PIPE+instance+FUNCTION_PIPE+action;
- boolean checkIfFunctionsExits = permsDetailList.stream().anyMatch(permsDetail -> permsDetail.getInstance().equals(requestedPerm));
+ String requestedPerm = type + FUNCTION_PIPE + instance + FUNCTION_PIPE + action;
+ boolean checkIfFunctionsExits = permsDetailList.stream()
+ .anyMatch(permsDetail -> permsDetail.getInstance().equals(requestedPerm));
if (!checkIfFunctionsExits) {
try {
extPerms.setAction(action);
@@ -1498,18 +1522,22 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic
extPerms.setDescription(domainCentralRoleFunction.getName());
String addFunction = mapper.writeValueAsString(extPerms);
HttpEntity<String> entity = new HttpEntity<>(addFunction, headers);
- logger.debug(EELFLoggerDelegate.debugLogger, "addRoleFunctionInExternalSystem: {} for POST: {}" , CONNECTING_TO_EXTERNAL_AUTH_SYSTEM_LOG_MESSAGE, addFunction);
- ResponseEntity<String> addPermResponse= template.exchange(
+ logger.debug(EELFLoggerDelegate.debugLogger, "addRoleFunctionInExternalSystem: {} for POST: {}",
+ CONNECTING_TO_EXTERNAL_AUTH_SYSTEM_LOG_MESSAGE, addFunction);
+ ResponseEntity<String> addPermResponse = template.exchange(
SystemProperties.getProperty(EPCommonSystemProperties.EXTERNAL_CENTRAL_ACCESS_URL) + "perm",
HttpMethod.POST, entity, String.class);
- logger.debug(EELFLoggerDelegate.debugLogger, "addRoleFunctionInExternalSystem: Finished adding permission for POST: {} and status code: {} ", addPermResponse.getStatusCode().value(), addFunction);
- } catch(HttpClientErrorException e){
- logger.error(EELFLoggerDelegate.errorLogger, "HttpClientErrorException - Failed to add function in external central auth system", e);
+ logger.debug(EELFLoggerDelegate.debugLogger,
+ "addRoleFunctionInExternalSystem: Finished adding permission for POST: {} and status code: {} ",
+ addPermResponse.getStatusCode().value(), addFunction);
+ } catch (HttpClientErrorException e) {
+ logger.error(EELFLoggerDelegate.errorLogger,
+ "HttpClientErrorException - Failed to add function in external central auth system", e);
EPLogUtil.logExternalAuthAccessAlarm(logger, e.getStatusCode());
throw e;
- }catch (Exception e) {
- logger.error(EELFLoggerDelegate.errorLogger, "addRoleFunctionInExternalSystem: Failed to add fucntion in external central auth system",
- e);
+ } catch (Exception e) {
+ logger.error(EELFLoggerDelegate.errorLogger,
+ "addRoleFunctionInExternalSystem: Failed to add fucntion in external central auth system", e);
throw e;
}
} else {
@@ -1520,17 +1548,23 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic
extPerms.setDescription(domainCentralRoleFunction.getName());
String updateRoleFunction = mapper.writeValueAsString(extPerms);
HttpEntity<String> entity = new HttpEntity<>(updateRoleFunction, headers);
- logger.debug(EELFLoggerDelegate.debugLogger, "addRoleFunctionInExternalSystem: {} for PUT: {}" , CONNECTING_TO_EXTERNAL_AUTH_SYSTEM_LOG_MESSAGE, updateRoleFunction);
+ logger.debug(EELFLoggerDelegate.debugLogger, "addRoleFunctionInExternalSystem: {} for PUT: {}",
+ CONNECTING_TO_EXTERNAL_AUTH_SYSTEM_LOG_MESSAGE, updateRoleFunction);
ResponseEntity<String> updatePermResponse = template.exchange(
SystemProperties.getProperty(EPCommonSystemProperties.EXTERNAL_CENTRAL_ACCESS_URL) + "perm",
HttpMethod.PUT, entity, String.class);
- logger.debug(EELFLoggerDelegate.debugLogger, "addRoleFunctionInExternalSystem: Finished updating permission in External Auth system {} and response: {} ", updateRoleFunction, updatePermResponse.getStatusCode().value());
- } catch(HttpClientErrorException e){
- logger.error(EELFLoggerDelegate.errorLogger, "HttpClientErrorException - Failed to add function in external central auth system", e);
+ logger.debug(EELFLoggerDelegate.debugLogger,
+ "addRoleFunctionInExternalSystem: Finished updating permission in External Auth system {} and response: {} ",
+ updateRoleFunction, updatePermResponse.getStatusCode().value());
+ } catch (HttpClientErrorException e) {
+ logger.error(EELFLoggerDelegate.errorLogger,
+ "HttpClientErrorException - Failed to add function in external central auth system", e);
EPLogUtil.logExternalAuthAccessAlarm(logger, e.getStatusCode());
throw e;
} catch (Exception e) {
- logger.error(EELFLoggerDelegate.errorLogger, "addRoleFunctionInExternalSystem: Failed to update function in external central auth system",e);
+ logger.error(EELFLoggerDelegate.errorLogger,
+ "addRoleFunctionInExternalSystem: Failed to update function in external central auth system",
+ e);
throw e;
}
}
@@ -1562,7 +1596,7 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic
}
/**
- * It deletes app function record in portal
+ * It deletes app function record in portal
*
* @param code
* @param app
@@ -1571,10 +1605,10 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic
dataAccessService.deleteDomainObjects(EPAppRoleFunction.class,
APP_ID_EQUALS + app.getId() + AND_FUNCTION_CD_EQUALS + code + "'", null);
}
-
+
/**
*
- * It deletes permission in the external auth system
+ * It deletes permission in the external auth system
*
* @param domainCentralRoleFunction
* @param app
@@ -1603,8 +1637,9 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic
logger.debug(EELFLoggerDelegate.debugLogger,
"deleteRoleFunctionInExternalSystem: Finished deleting permission in External Auth system {} and status code: {} ",
deleteRoleFunction, delPermResponse.getStatusCode().value());
- } catch(HttpClientErrorException e){
- logger.error(EELFLoggerDelegate.errorLogger, "HttpClientErrorException - Failed to delete functions in External System", e);
+ } catch (HttpClientErrorException e) {
+ logger.error(EELFLoggerDelegate.errorLogger,
+ "HttpClientErrorException - Failed to delete functions in External System", e);
EPLogUtil.logExternalAuthAccessAlarm(logger, e.getStatusCode());
} catch (Exception e) {
if (e.getMessage().equalsIgnoreCase("404 Not Found")) {
@@ -1612,7 +1647,8 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic
" deleteRoleFunctionInExternalSystem: It seems like function is already deleted in external central auth system but exists in local DB",
e.getMessage());
} else {
- logger.error(EELFLoggerDelegate.errorLogger, "deleteRoleFunctionInExternalSystem: Failed to delete functions in External System", e);
+ logger.error(EELFLoggerDelegate.errorLogger,
+ "deleteRoleFunctionInExternalSystem: Failed to delete functions in External System", e);
}
}
}
@@ -1629,7 +1665,7 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic
message = e.getMessage();
logger.error(EELFLoggerDelegate.errorLogger, "saveRoleForApplication failed", e);
}
- return new ExternalRequestFieldsValidator(response,message);
+ return new ExternalRequestFieldsValidator(response, message);
}
@SuppressWarnings("unchecked")
@@ -1647,7 +1683,8 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic
epRoleList = dataAccessService.executeNamedQuery(GET_PORTAL_APP_ROLES_QUERY, deleteRoleParams, null);
} else {
deleteRoleParams.put(APP_ID, String.valueOf(app.getId()));
- epRoleList = dataAccessService.executeNamedQuery(GET_ROLE_TO_UPDATE_IN_EXTERNAL_AUTH_SYSTEM, deleteRoleParams, null);
+ epRoleList = dataAccessService.executeNamedQuery(GET_ROLE_TO_UPDATE_IN_EXTERNAL_AUTH_SYSTEM,
+ deleteRoleParams, null);
}
if (!epRoleList.isEmpty()) {
transaction = localSession.beginTransaction();
@@ -1674,31 +1711,30 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic
}
return result;
}
-
+
/**
*
- * It deletes role for application in external auth system
+ * It deletes role for application in external auth system
*
* @param epRoleList contains role information
- * @param app contains application information
+ * @param app contains application information
* @throws Exception
*/
private void deleteRoleInExternalAuthSystem(List<EPRole> epRoleList, EPApp app) throws Exception {
ResponseEntity<String> deleteResponse;
ResponseEntity<String> res = getNameSpaceIfExists(app);
if (res.getStatusCode() == HttpStatus.OK) {
- // Delete Role in External System
- String deleteRoleKey = "{\"name\":\"" + app.getNameSpace() + "." + epRoleList.get(0).getName()
- .replaceAll(EcompPortalUtils.EXTERNAL_CENTRAL_AUTH_ROLE_HANDLE_SPECIAL_CHARACTERS, "_") + "\"}";
- deleteResponse = deleteRoleInExternalSystem(deleteRoleKey);
- if (deleteResponse.getStatusCode().value() != 200 && deleteResponse.getStatusCode().value() != 404) {
- EPLogUtil.logExternalAuthAccessAlarm(logger, deleteResponse.getStatusCode());
- logger.error(EELFLoggerDelegate.errorLogger,
- "deleteRoleForApplication: Failed to delete role in external auth system! due to {} ",
- deleteResponse.getBody());
- }
- logger.debug(EELFLoggerDelegate.debugLogger,
- "deleteRoleForApplication: about to commit the transaction");
+ // Delete Role in External System
+ String deleteRoleKey = "{\"name\":\"" + app.getNameSpace() + "." + epRoleList.get(0).getName()
+ .replaceAll(EcompPortalUtils.EXTERNAL_CENTRAL_AUTH_ROLE_HANDLE_SPECIAL_CHARACTERS, "_") + "\"}";
+ deleteResponse = deleteRoleInExternalSystem(deleteRoleKey);
+ if (deleteResponse.getStatusCode().value() != 200 && deleteResponse.getStatusCode().value() != 404) {
+ EPLogUtil.logExternalAuthAccessAlarm(logger, deleteResponse.getStatusCode());
+ logger.error(EELFLoggerDelegate.errorLogger,
+ "deleteRoleForApplication: Failed to delete role in external auth system! due to {} ",
+ deleteResponse.getBody());
+ }
+ logger.debug(EELFLoggerDelegate.debugLogger, "deleteRoleForApplication: about to commit the transaction");
}
}
@@ -1715,35 +1751,41 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic
HttpHeaders headers = EcompPortalUtils.base64encodeKeyForAAFBasicAuth();
HttpEntity<String> entity = new HttpEntity<>(headers);
getNameSpaceIfExists(app);
- logger.debug(EELFLoggerDelegate.debugLogger,"deleteUserRoleInExternalSystem: {} " , CONNECTING_TO_EXTERNAL_AUTH_SYSTEM_LOG_MESSAGE);
- ResponseEntity<String> getResponse = template
- .exchange(
- SystemProperties.getProperty(EPCommonSystemProperties.EXTERNAL_CENTRAL_ACCESS_URL) + "userRole/"
- + LoginId
- + SystemProperties
- .getProperty(EPCommonSystemProperties.EXTERNAL_CENTRAL_ACCESS_USER_DOMAIN)
- + "/" + app.getNameSpace() + "." + role.getName().replaceAll(EcompPortalUtils.EXTERNAL_CENTRAL_AUTH_ROLE_HANDLE_SPECIAL_CHARACTERS, "_"),
- HttpMethod.GET, entity, String.class);
- logger.debug(EELFLoggerDelegate.debugLogger, "deleteUserRoleInExternalSystem: Finished GET user roles from External Auth system and response: {} ", getResponse.getBody());
+ logger.debug(EELFLoggerDelegate.debugLogger, "deleteUserRoleInExternalSystem: {} ",
+ CONNECTING_TO_EXTERNAL_AUTH_SYSTEM_LOG_MESSAGE);
+ ResponseEntity<String> getResponse = template.exchange(
+ SystemProperties.getProperty(EPCommonSystemProperties.EXTERNAL_CENTRAL_ACCESS_URL) + "userRole/"
+ + LoginId
+ + SystemProperties.getProperty(EPCommonSystemProperties.EXTERNAL_CENTRAL_ACCESS_USER_DOMAIN)
+ + "/" + app.getNameSpace() + "."
+ + role.getName()
+ .replaceAll(EcompPortalUtils.EXTERNAL_CENTRAL_AUTH_ROLE_HANDLE_SPECIAL_CHARACTERS, "_"),
+ HttpMethod.GET, entity, String.class);
+ logger.debug(EELFLoggerDelegate.debugLogger,
+ "deleteUserRoleInExternalSystem: Finished GET user roles from External Auth system and response: {} ",
+ getResponse.getBody());
if (getResponse.getStatusCode().value() != 200) {
throw new ExternalAuthSystemException(getResponse.getBody());
}
String res = getResponse.getBody();
if (!res.equals(IS_EMPTY_JSON_STRING)) {
HttpEntity<String> userRoleentity = new HttpEntity<>(headers);
- logger.debug(EELFLoggerDelegate.debugLogger, "deleteUserRoleInExternalSystem: {} " , CONNECTING_TO_EXTERNAL_AUTH_SYSTEM_LOG_MESSAGE);
- ResponseEntity<String> deleteResponse = template
- .exchange(
- SystemProperties.getProperty(EPCommonSystemProperties.EXTERNAL_CENTRAL_ACCESS_URL)
- + "userRole/" + LoginId
- + SystemProperties
- .getProperty(EPCommonSystemProperties.EXTERNAL_CENTRAL_ACCESS_USER_DOMAIN)
- + "/" + app.getNameSpace() + "." + role.getName().replaceAll(EcompPortalUtils.EXTERNAL_CENTRAL_AUTH_ROLE_HANDLE_SPECIAL_CHARACTERS, "_"),
- HttpMethod.DELETE, userRoleentity, String.class);
+ logger.debug(EELFLoggerDelegate.debugLogger, "deleteUserRoleInExternalSystem: {} ",
+ CONNECTING_TO_EXTERNAL_AUTH_SYSTEM_LOG_MESSAGE);
+ ResponseEntity<String> deleteResponse = template.exchange(
+ SystemProperties.getProperty(EPCommonSystemProperties.EXTERNAL_CENTRAL_ACCESS_URL) + "userRole/"
+ + LoginId
+ + SystemProperties.getProperty(EPCommonSystemProperties.EXTERNAL_CENTRAL_ACCESS_USER_DOMAIN)
+ + "/" + app.getNameSpace() + "."
+ + role.getName().replaceAll(
+ EcompPortalUtils.EXTERNAL_CENTRAL_AUTH_ROLE_HANDLE_SPECIAL_CHARACTERS, "_"),
+ HttpMethod.DELETE, userRoleentity, String.class);
if (deleteResponse.getStatusCode().value() != 200) {
throw new ExternalAuthSystemException("Failed to delete user role");
}
- logger.debug(EELFLoggerDelegate.debugLogger, "deleteUserRoleInExternalSystem: Finished deleting user role in External Auth system and status code: {} ", deleteResponse.getStatusCode().value());
+ logger.debug(EELFLoggerDelegate.debugLogger,
+ "deleteUserRoleInExternalSystem: Finished deleting user role in External Auth system and status code: {} ",
+ deleteResponse.getStatusCode().value());
}
}
@@ -1778,12 +1820,12 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic
throw e;
}
return roleList;
-
}
@Override
@Transactional(rollbackFor = Exception.class)
- public ExternalRequestFieldsValidator deleteDependencyRoleRecord(Long roleId, String uebkey, String LoginId) throws Exception {
+ public ExternalRequestFieldsValidator deleteDependencyRoleRecord(Long roleId, String uebkey, String LoginId)
+ throws Exception {
Session localSession = sessionFactory.openSession();
String message = "";
Transaction transaction = null;
@@ -1793,14 +1835,14 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic
transaction = localSession.beginTransaction();
List<EPRole> epRoleList = null;
app = getApp(uebkey).get(0);
- if(app.getId().equals(PortalConstants.PORTAL_APP_ID)){
+ if (app.getId().equals(PortalConstants.PORTAL_APP_ID)) {
epRoleList = getPortalAppRoleInfo(roleId);
- } else{
+ } else {
epRoleList = getPartnerAppRoleInfo(roleId, app);
}
- if(EcompPortalUtils.checkIfRemoteCentralAccessAllowed()) {
+ if (EcompPortalUtils.checkIfRemoteCentralAccessAllowed()) {
// Delete User Role in External System before deleting role
- deleteUserRoleInExternalSystem(epRoleList.get(0), app, LoginId);
+ deleteUserRoleInExternalSystem(epRoleList.get(0), app, LoginId);
}
// Delete user app roles
dataAccessService.deleteDomainObjects(EPUserApp.class,
@@ -1809,13 +1851,14 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic
deleteRoleDependencyRecords(localSession, epRoleList.get(0).getId(), app.getId(), isPortalRequest);
transaction.commit();
if (EcompPortalUtils.checkIfRemoteCentralAccessAllowed()) {
- // Final call to delete role once all dependencies has been deleted
+ // Final call to delete role once all dependencies has been
+ // deleted
deleteRoleInExternalAuthSystem(epRoleList, app);
}
- dataAccessService.deleteDomainObjects(EPRole.class, " role_id = "+ epRoleList.get(0).getId(), null);
+ dataAccessService.deleteDomainObjects(EPRole.class, " role_id = " + epRoleList.get(0).getId(), null);
logger.debug(EELFLoggerDelegate.debugLogger, "deleteDependencyRoleRecord: committed the transaction");
response = true;
- } catch(HttpClientErrorException e){
+ } catch (HttpClientErrorException e) {
logger.error(EELFLoggerDelegate.errorLogger, "deleteDependencyRoleRecord: HttpClientErrorException", e);
EPLogUtil.logExternalAuthAccessAlarm(logger, e.getStatusCode());
message = e.getMessage();
@@ -1827,42 +1870,39 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic
} finally {
localSession.close();
}
- return new ExternalRequestFieldsValidator(response,message);
+ return new ExternalRequestFieldsValidator(response, message);
}
-
+
@Override
@SuppressWarnings("unchecked")
@Transactional
public void syncRoleFunctionFromExternalAccessSystem(EPApp app) {
try {
-
// get Permissions from External Auth System
JSONArray extPerms = getExtAuthPermissions(app);
List<ExternalAccessPermsDetail> permsDetailList = getExtAuthPerrmissonList(app, extPerms);
-
// get functions in DB
final Map<String, Long> params = new HashMap<>();
final Map<String, CentralV2RoleFunction> roleFuncMap = new HashMap<>();
params.put(APP_ID, app.getId());
- List<CentralV2RoleFunction> appFunctions = dataAccessService.executeNamedQuery("getAllRoleFunctions", params,
- null);
+ List<CentralV2RoleFunction> appFunctions = dataAccessService.executeNamedQuery("getAllRoleFunctions",
+ params, null);
if (!appFunctions.isEmpty()) {
for (CentralV2RoleFunction roleFunc : appFunctions) {
roleFuncMap.put(roleFunc.getCode(), roleFunc);
}
}
-
// get Roles for portal in DB
List<EPRole> portalRoleList = getGlobalRolesOfPortal();
final Map<String, EPRole> existingPortalRolesMap = new HashMap<>();
- for(EPRole epRole : portalRoleList){
- existingPortalRolesMap.put(epRole.getName().replaceAll(EcompPortalUtils.EXTERNAL_CENTRAL_AUTH_ROLE_HANDLE_SPECIAL_CHARACTERS, "_"), epRole);
+ for (EPRole epRole : portalRoleList) {
+ existingPortalRolesMap.put(epRole.getName().replaceAll(
+ EcompPortalUtils.EXTERNAL_CENTRAL_AUTH_ROLE_HANDLE_SPECIAL_CHARACTERS, "_"), epRole);
}
-
// get Roles in DB
- final Map<String, EPRole> currentRolesInDB = getCurrentRolesInDB(app);
-
- // store External Permissions with Pipe and without Pipe (just instance)
+ final Map<String, EPRole> currentRolesInDB = getAppRoleNamesWithUnderscoreMap(app);
+ // store External Permissions with Pipe and without Pipe (just
+ // instance)
final Map<String, ExternalAccessPermsDetail> extAccessPermsContainsPipeMap = new HashMap<>();
final Map<String, ExternalAccessPermsDetail> extAccessPermsMap = new HashMap<>();
for (ExternalAccessPermsDetail permsDetailInfoWithPipe : permsDetailList) {
@@ -1870,7 +1910,6 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic
String finalFunctionCodeVal = EcompPortalUtils.getFunctionCode(permsDetailInfoWithPipe.getInstance());
extAccessPermsMap.put(finalFunctionCodeVal, permsDetailInfoWithPipe);
}
-
// Add if new functions and app role functions were added in
// external auth system
for (ExternalAccessPermsDetail permsDetail : permsDetailList) {
@@ -1882,10 +1921,10 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic
if (roles != null) {
// Check if function has any roles and which does not exist
// in External Auth System. If exists delete in local
- addRemoveIfFunctionsRolesIsSyncWithExternalAuth(app, currentRolesInDB, roleFunctionList, roles, existingPortalRolesMap);
+ addRemoveIfFunctionsRolesIsSyncWithExternalAuth(app, currentRolesInDB, roleFunctionList, roles,
+ existingPortalRolesMap);
}
}
-
// Check if function does exits in External Auth System but exits in
// local then delete function and its dependencies
for (CentralV2RoleFunction roleFunc : appFunctions) {
@@ -1901,23 +1940,20 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic
} catch (Exception e) {
logger.error(EELFLoggerDelegate.errorLogger,
"syncRoleFunctionFromExternalAccessSystem: Failed to delete function", e);
-
}
}
-
logger.debug(EELFLoggerDelegate.debugLogger,
"syncRoleFunctionFromExternalAccessSystem: Finished syncRoleFunctionFromExternalAccessSystem");
} catch (Exception e) {
logger.error(EELFLoggerDelegate.errorLogger,
"syncRoleFunctionFromExternalAccessSystem: Failed syncRoleFunctionFromExternalAccessSystem", e);
-
}
}
@SuppressWarnings("unchecked")
private void addRemoveIfFunctionsRolesIsSyncWithExternalAuth(EPApp app, final Map<String, EPRole> currentRolesInDB,
- List<CentralV2RoleFunction> roleFunctionList, List<String> roles, Map<String, EPRole> existingPortalRolesMap)
- throws Exception {
+ List<CentralV2RoleFunction> roleFunctionList, List<String> roles,
+ Map<String, EPRole> existingPortalRolesMap) throws Exception {
if (!roleFunctionList.isEmpty()) {
final Map<String, String> appRoleFuncParams = new HashMap<>();
final Map<String, LocalRole> currentAppRoleFunctionsMap = new HashMap<>();
@@ -1931,11 +1967,12 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic
EcompPortalUtils.EXTERNAL_CENTRAL_AUTH_ROLE_HANDLE_SPECIAL_CHARACTERS, "_"), localRole);
}
for (String addRole : roles) {
- currentRolesInExtSystem.put(addRole.substring(addRole.indexOf(FUNCTION_PIPE)+1), addRole);
+ currentRolesInExtSystem.put(addRole.substring(addRole.indexOf(FUNCTION_PIPE) + 1), addRole);
}
for (String extAuthrole : roles) {
String roleNameSpace = extAuthrole.substring(0, extAuthrole.indexOf(FUNCTION_PIPE));
- boolean isNameSpaceMatching = EcompPortalUtils.checkNameSpaceMatching(roleNameSpace, app.getNameSpace());
+ boolean isNameSpaceMatching = EcompPortalUtils.checkNameSpaceMatching(roleNameSpace,
+ app.getNameSpace());
if (isNameSpaceMatching) {
if (!currentAppRoleFunctionsMap
.containsKey(extAuthrole.substring(app.getNameSpace().length() + 1))) {
@@ -1961,8 +1998,11 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic
EPAppRoleFunction addGlobalRoleFunctions = new EPAppRoleFunction();
params.put("appId", app.getId());
params.put("roleId", role.getId());
- List<EPAppRoleFunction> currentGlobalRoleFunctionsList = dataAccessService.executeNamedQuery("getAppRoleFunctionOnRoleIdandAppId", params, null);
- boolean checkIfRoleFunctionExists = currentGlobalRoleFunctionsList.stream().anyMatch(currentGlobalRoleFunction -> currentGlobalRoleFunction.getCode().equals(roleFunctionList.get(0).getCode()));
+ List<EPAppRoleFunction> currentGlobalRoleFunctionsList = dataAccessService
+ .executeNamedQuery("getAppRoleFunctionOnRoleIdandAppId", params, null);
+ boolean checkIfRoleFunctionExists = currentGlobalRoleFunctionsList.stream()
+ .anyMatch(currentGlobalRoleFunction -> currentGlobalRoleFunction.getCode()
+ .equals(roleFunctionList.get(0).getCode()));
if (role != null && !checkIfRoleFunctionExists) {
addGlobalRoleFunctions.setAppId(app.getId());
addGlobalRoleFunctions.setRoleId(role.getId());
@@ -1991,31 +2031,24 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic
private void deleteAppRoleFuncDoesNotExitsInExtSystem(EPApp app, CentralV2RoleFunction roleFunc) {
logger.debug(EELFLoggerDelegate.debugLogger,
- "syncRoleFunctionFromExternalAccessSystem: Deleting app role function {}",
- roleFunc.getCode());
+ "syncRoleFunctionFromExternalAccessSystem: Deleting app role function {}", roleFunc.getCode());
dataAccessService.deleteDomainObjects(EPAppRoleFunction.class,
- APP_ID_EQUALS + app.getId() + AND_FUNCTION_CD_EQUALS + roleFunc.getCode() +"'", null);
+ APP_ID_EQUALS + app.getId() + AND_FUNCTION_CD_EQUALS + roleFunc.getCode() + "'", null);
logger.debug(EELFLoggerDelegate.debugLogger,
- "syncRoleFunctionFromExternalAccessSystem: Deleted app role function {}",
- roleFunc.getCode());
-
+ "syncRoleFunctionFromExternalAccessSystem: Deleted app role function {}", roleFunc.getCode());
logger.debug(EELFLoggerDelegate.debugLogger,
- "syncRoleFunctionFromExternalAccessSystem: Deleting app function {}",
- roleFunc.getCode());
+ "syncRoleFunctionFromExternalAccessSystem: Deleting app function {}", roleFunc.getCode());
dataAccessService.deleteDomainObjects(CentralV2RoleFunction.class,
- APP_ID_EQUALS + app.getId() + AND_FUNCTION_CD_EQUALS + roleFunc.getCode() +"'", null);
+ APP_ID_EQUALS + app.getId() + AND_FUNCTION_CD_EQUALS + roleFunc.getCode() + "'", null);
logger.debug(EELFLoggerDelegate.debugLogger,
- "syncRoleFunctionFromExternalAccessSystem: Deleted app function {}",
- roleFunc.getCode());
+ "syncRoleFunctionFromExternalAccessSystem: Deleted app function {}", roleFunc.getCode());
}
private void checkAndAddRoleInDB(EPApp app, final Map<String, EPRole> currentRolesInDB,
List<CentralV2RoleFunction> roleFunctionList, String roleList) throws Exception {
- if (!currentRolesInDB.containsKey(
- roleList.substring(app.getNameSpace().length() + 1))) {
- Role role = addRoleInDBIfDoesNotExists(app,
- roleList.substring(app.getNameSpace().length() + 1));
- addIfRoleDescriptionNotExitsInExtSystem(role, app);
+ if (!currentRolesInDB.containsKey(roleList.substring(app.getNameSpace().length() + 1))) {
+ Role role = addRoleInDBIfDoesNotExists(app, roleList.substring(app.getNameSpace().length() + 1));
+ addRoleDescriptionInExtSystem(role, app);
if (!roleFunctionList.isEmpty()) {
try {
if (!roleFunctionList.isEmpty()) {
@@ -2027,16 +2060,16 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic
}
} catch (Exception e) {
logger.error(EELFLoggerDelegate.errorLogger,
- "syncRoleFunctionFromExternalAccessSystem: Failed to save app role function ",
- e);
+ "syncRoleFunctionFromExternalAccessSystem: Failed to save app role function ", e);
}
}
}
}
@SuppressWarnings("unchecked")
- private List<CentralV2RoleFunction> addGetLocalFunction(EPApp app, final Map<String, CentralV2RoleFunction> roleFuncMap,
- ExternalAccessPermsDetail permsDetail, String code, CentralV2RoleFunction getFunctionCodeKey) {
+ private List<CentralV2RoleFunction> addGetLocalFunction(EPApp app,
+ final Map<String, CentralV2RoleFunction> roleFuncMap, ExternalAccessPermsDetail permsDetail, String code,
+ CentralV2RoleFunction getFunctionCodeKey) {
String finalFunctionCodeVal = addToLocalIfFunctionNotExists(app, roleFuncMap, permsDetail, code,
getFunctionCodeKey);
final Map<String, String> appSyncFuncsParams = new HashMap<>();
@@ -2054,9 +2087,8 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic
}
private String addToLocalIfFunctionNotExists(EPApp app, final Map<String, CentralV2RoleFunction> roleFuncMap,
- ExternalAccessPermsDetail permsDetail, String code, CentralV2RoleFunction getFunctionCodeKey
- ) {
- String finalFunctionCodeVal = "";
+ ExternalAccessPermsDetail permsDetail, String code, CentralV2RoleFunction getFunctionCodeKey) {
+ String finalFunctionCodeVal = "";
if (null == getFunctionCodeKey) {
finalFunctionCodeVal = EcompPortalUtils.getFunctionCode(permsDetail.getInstance());
CentralV2RoleFunction checkIfCodeStillExits = roleFuncMap.get(finalFunctionCodeVal);
@@ -2074,7 +2106,7 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic
@SuppressWarnings("unchecked")
@Override
- public Map<String, EPRole> getCurrentRolesInDB(EPApp app) {
+ public Map<String, EPRole> getAppRoleNamesWithUnderscoreMap(EPApp app) {
final Map<String, EPRole> currentRolesInDB = new HashMap<>();
List<EPRole> getCurrentRoleList = null;
final Map<String, Long> appParams = new HashMap<>();
@@ -2091,8 +2123,24 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic
return currentRolesInDB;
}
- private List<ExternalAccessPermsDetail> getExtAuthPerrmissonList(EPApp app, JSONArray extPerms)
- throws IOException{
+ @SuppressWarnings("unchecked")
+ private Map<String, EPRole> getAppRoleNamesMap(EPApp app) {
+ final Map<String, EPRole> currentRolesInDB = new HashMap<>();
+ List<EPRole> getCurrentRoleList = null;
+ final Map<String, Long> appParams = new HashMap<>();
+ if (app.getId().equals(PortalConstants.PORTAL_APP_ID)) {
+ getCurrentRoleList = dataAccessService.executeNamedQuery("getPortalAppRolesList", null, null);
+ } else {
+ appParams.put("appId", app.getId());
+ getCurrentRoleList = dataAccessService.executeNamedQuery("getPartnerAppRolesList", appParams, null);
+ }
+ for (EPRole role : getCurrentRoleList) {
+ currentRolesInDB.put(role.getName(), role);
+ }
+ return currentRolesInDB;
+ }
+
+ private List<ExternalAccessPermsDetail> getExtAuthPerrmissonList(EPApp app, JSONArray extPerms) throws IOException {
ExternalAccessPermsDetail permDetails = null;
List<ExternalAccessPermsDetail> permsDetailList = new ArrayList<>();
for (int i = 0; i < extPerms.length(); i++) {
@@ -2100,8 +2148,9 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic
if (extPerms.getJSONObject(i).has("description")) {
description = extPerms.getJSONObject(i).getString(EXTERNAL_AUTH_ROLE_DESCRIPTION);
} else {
- description = extPerms.getJSONObject(i).getString("type")+"|"+extPerms.getJSONObject(i).getString("instance")
- +"|"+extPerms.getJSONObject(i).getString("action");
+ description = extPerms.getJSONObject(i).getString("type") + "|"
+ + extPerms.getJSONObject(i).getString("instance") + "|"
+ + extPerms.getJSONObject(i).getString("action");
}
if (extPerms.getJSONObject(i).has("roles")) {
ObjectMapper rolesListMapper = new ObjectMapper();
@@ -2132,10 +2181,8 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic
HttpEntity<String> entity = new HttpEntity<>(headers);
logger.debug(EELFLoggerDelegate.debugLogger, "syncRoleFunctionFromExternalAccessSystem: {} ",
CONNECTING_TO_EXTERNAL_AUTH_SYSTEM_LOG_MESSAGE);
- response = template
- .exchange(SystemProperties.getProperty(EPCommonSystemProperties.EXTERNAL_CENTRAL_ACCESS_URL)
- + "perms/ns/" + app.getNameSpace(), HttpMethod.GET, entity, String.class);
-
+ response = template.exchange(SystemProperties.getProperty(EPCommonSystemProperties.EXTERNAL_CENTRAL_ACCESS_URL)
+ + "perms/ns/" + app.getNameSpace(), HttpMethod.GET, entity, String.class);
String res = response.getBody();
logger.debug(EELFLoggerDelegate.debugLogger,
"syncRoleFunctionFromExternalAccessSystem: Finished GET permissions from External Auth system and response: {} ",
@@ -2150,7 +2197,7 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic
}
return extPerms;
}
-
+
/**
*
* Add function into local DB
@@ -2160,13 +2207,13 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic
* @param code
*/
private void addFunctionInEcompDB(EPApp app, ExternalAccessPermsDetail permsDetail, String code) {
- try{
- CentralV2RoleFunction addFunction = new CentralV2RoleFunction();
- addFunction.setAppId(app.getId());
- addFunction.setCode(code);
- addFunction.setName(permsDetail.getDescription());
- dataAccessService.saveDomainObject(addFunction, null);
- } catch(Exception e){
+ try {
+ CentralV2RoleFunction addFunction = new CentralV2RoleFunction();
+ addFunction.setAppId(app.getId());
+ addFunction.setCode(code);
+ addFunction.setName(permsDetail.getDescription());
+ dataAccessService.saveDomainObject(addFunction, null);
+ } catch (Exception e) {
logger.error(EELFLoggerDelegate.errorLogger, "addFunctionInEcompDB: Failed to add function", e);
}
}
@@ -2179,27 +2226,30 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic
* @param app
* @throws Exception
*/
- private void addIfRoleDescriptionNotExitsInExtSystem(Role role, EPApp app) throws Exception {
- String addRoleNew = updateExistingRoleInExternalSystem(role, app);
- HttpHeaders headers = EcompPortalUtils.base64encodeKeyForAAFBasicAuth();
+ private boolean addRoleDescriptionInExtSystem(Role role, EPApp app) throws Exception {
+ boolean status = false;
try {
+ String addRoleNew = updateExistingRoleInExternalSystem(role, app);
+ HttpHeaders headers = EcompPortalUtils.base64encodeKeyForAAFBasicAuth();
HttpEntity<String> entity = new HttpEntity<>(addRoleNew, headers);
template.exchange(
SystemProperties.getProperty(EPCommonSystemProperties.EXTERNAL_CENTRAL_ACCESS_URL) + "role",
HttpMethod.PUT, entity, String.class);
+ status = true;
} catch (HttpClientErrorException e) {
- logger.error(EELFLoggerDelegate.errorLogger, "HttpClientErrorException - Failed to addIfRoleDescriptionNotExitsInExtSystem",
- e);
+ logger.error(EELFLoggerDelegate.errorLogger,
+ "HttpClientErrorException - Failed to addRoleDescriptionInExtSystem", e);
EPLogUtil.logExternalAuthAccessAlarm(logger, e.getStatusCode());
} catch (Exception e) {
- logger.error(EELFLoggerDelegate.errorLogger, "addIfRoleDescriptionNotExitsInExtSystem: Failed",
- e);
+ logger.error(EELFLoggerDelegate.errorLogger, "addRoleDescriptionInExtSystem: Failed", e);
}
+ return status;
}
/**
*
- * While sync functions form external auth system if new role found we should add in local and return Role.class object
+ * While sync functions form external auth system if new role found we
+ * should add in local and return Role.class object
*
* @param app
* @param role
@@ -2209,7 +2259,8 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic
private Role addRoleInDBIfDoesNotExists(EPApp app, String role) {
Role setNewRole = new Role();
try {
- // functions can have new role created in External Auth System prevent
+ // functions can have new role created in External Auth System
+ // prevent
// duplication here
boolean isCreated = checkIfRoleExitsElseCreateInSyncFunctions(role, app);
final Map<String, String> getRoleByNameParams = new HashMap<>();
@@ -2252,8 +2303,7 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic
roleParams.put(APP_ROLE_NAME_PARAM, role);
List<EPRole> roleCreated = null;
if (app.getId().equals(PortalConstants.PORTAL_APP_ID)) {
- roleCreated = dataAccessService.executeNamedQuery(GET_PORTAL_APP_ROLES_QUERY, roleParams,
- null);
+ roleCreated = dataAccessService.executeNamedQuery(GET_PORTAL_APP_ROLES_QUERY, roleParams, null);
} else {
roleParams.put("appId", String.valueOf(app.getId()));
roleCreated = dataAccessService.executeNamedQuery(GET_ROLE_TO_UPDATE_IN_EXTERNAL_AUTH_SYSTEM, roleParams,
@@ -2290,7 +2340,7 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic
addRoleFunctionInExternalSystem(cenRoleFunc, app);
functionsAdded++;
}
- } catch(HttpClientErrorException e){
+ } catch (HttpClientErrorException e) {
logger.error(EELFLoggerDelegate.errorLogger, "HttpClientErrorException - bulkUploadFunctions failed", e);
EPLogUtil.logExternalAuthAccessAlarm(logger, e.getStatusCode());
} catch (Exception e) {
@@ -2368,14 +2418,17 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic
template.exchange(
SystemProperties.getProperty(EPCommonSystemProperties.EXTERNAL_CENTRAL_ACCESS_URL) + "role",
HttpMethod.POST, entity, String.class);
- } catch(HttpClientErrorException e){
- logger.error(EELFLoggerDelegate.errorLogger, "HttpClientErrorException - Failed to addRoleInExternalSystem", e);
+ } catch (HttpClientErrorException e) {
+ logger.error(EELFLoggerDelegate.errorLogger, "HttpClientErrorException - Failed to addRoleInExternalSystem",
+ e);
EPLogUtil.logExternalAuthAccessAlarm(logger, e.getStatusCode());
} catch (Exception e) {
if (e.getMessage().equalsIgnoreCase("409 Conflict")) {
- logger.error(EELFLoggerDelegate.errorLogger, "addRoleInExternalSystem: Role already exits but does not break functionality", e);
+ logger.error(EELFLoggerDelegate.errorLogger,
+ "addRoleInExternalSystem: Role already exits but does not break functionality", e);
} else {
- logger.error(EELFLoggerDelegate.errorLogger, "addRoleInExternalSystem: Failed to addRoleInExternalSystem", e.getMessage());
+ logger.error(EELFLoggerDelegate.errorLogger,
+ "addRoleInExternalSystem: Failed to addRoleInExternalSystem", e.getMessage());
}
}
}
@@ -2399,15 +2452,16 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic
}
}
}
- } catch(HttpClientErrorException e){
- logger.error(EELFLoggerDelegate.errorLogger, "HttpClientErrorException - Failed to bulkUploadRolesFunctions", e);
+ } catch (HttpClientErrorException e) {
+ logger.error(EELFLoggerDelegate.errorLogger,
+ "HttpClientErrorException - Failed to bulkUploadRolesFunctions", e);
EPLogUtil.logExternalAuthAccessAlarm(logger, e.getStatusCode());
} catch (Exception e) {
logger.error(EELFLoggerDelegate.errorLogger, "bulkUploadRolesFunctions: failed", e);
}
return roleFunctions;
}
-
+
/**
* Its adding a role function while doing bulk upload
*
@@ -2419,14 +2473,14 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic
String type = "";
String instance = "";
String action = "";
- if(addRoleFunc.getFunctionCd().contains(FUNCTION_PIPE)){
- type = EcompPortalUtils.getFunctionType(addRoleFunc.getFunctionCd());
+ if (addRoleFunc.getFunctionCd().contains(FUNCTION_PIPE)) {
+ type = EcompPortalUtils.getFunctionType(addRoleFunc.getFunctionCd());
instance = EcompPortalUtils.getFunctionCode(addRoleFunc.getFunctionCd());
action = EcompPortalUtils.getFunctionAction(addRoleFunc.getFunctionCd());
- } else{
+ } else {
type = addRoleFunc.getFunctionCd().contains("menu") ? "menu" : "url";
instance = addRoleFunc.getFunctionCd();
- action = "*";
+ action = "*";
}
ExternalAccessRolePerms extRolePerms = null;
ExternalAccessPerms extPerms = null;
@@ -2435,8 +2489,8 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic
HttpHeaders headers = EcompPortalUtils.base64encodeKeyForAAFBasicAuth();
extPerms = new ExternalAccessPerms(app.getNameSpace() + "." + type, instance, action,
addRoleFunc.getFunctionName());
- extRolePerms = new ExternalAccessRolePerms(extPerms,
- app.getNameSpace() + "." + role.getName().replaceAll(EcompPortalUtils.EXTERNAL_CENTRAL_AUTH_ROLE_HANDLE_SPECIAL_CHARACTERS, "_"));
+ extRolePerms = new ExternalAccessRolePerms(extPerms, app.getNameSpace() + "." + role.getName()
+ .replaceAll(EcompPortalUtils.EXTERNAL_CENTRAL_AUTH_ROLE_HANDLE_SPECIAL_CHARACTERS, "_"));
String updateRolePerms = mapper.writeValueAsString(extRolePerms);
HttpEntity<String> entity = new HttpEntity<>(updateRolePerms, headers);
template.exchange(
@@ -2445,10 +2499,11 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic
} catch (Exception e) {
if (e.getMessage().equalsIgnoreCase("409 Conflict")) {
logger.error(EELFLoggerDelegate.errorLogger,
- "addRoleFunctionsInExternalSystem: RoleFunction already exits but does not break functionality", e);
+ "addRoleFunctionsInExternalSystem: RoleFunction already exits but does not break functionality",
+ e);
} else {
- logger.error(EELFLoggerDelegate.errorLogger, "addRoleFunctionsInExternalSystem: Failed to addRoleFunctionsInExternalSystem",
- e.getMessage());
+ logger.error(EELFLoggerDelegate.errorLogger,
+ "addRoleFunctionsInExternalSystem: Failed to addRoleFunctionsInExternalSystem", e.getMessage());
}
}
}
@@ -2468,7 +2523,8 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic
functionsAdded++;
}
} catch (HttpClientErrorException e) {
- logger.error(EELFLoggerDelegate.errorLogger, "HttpClientErrorException - bulkUploadPartnerFunctions failed", e);
+ logger.error(EELFLoggerDelegate.errorLogger, "HttpClientErrorException - bulkUploadPartnerFunctions failed",
+ e);
EPLogUtil.logExternalAuthAccessAlarm(logger, e.getStatusCode());
} catch (Exception e) {
logger.error(EELFLoggerDelegate.errorLogger, "bulkUploadPartnerFunctions: failed", e.getMessage(), e);
@@ -2518,7 +2574,7 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic
"addFunctionInExternalSystem: Failed to add fucntion in external central auth system", e);
throw e;
}
- }
+ }
@Override
public void bulkUploadPartnerRoles(String uebkey, List<Role> roleList) throws Exception {
@@ -2538,8 +2594,8 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic
try {
for (EPRole role : roles) {
params.put("roleId", role.getId());
- List<BulkUploadRoleFunction> appRoleFunc = dataAccessService.executeNamedQuery("uploadPartnerRoleFunctions",
- params, null);
+ List<BulkUploadRoleFunction> appRoleFunc = dataAccessService
+ .executeNamedQuery("uploadPartnerRoleFunctions", params, null);
if (!appRoleFunc.isEmpty()) {
for (BulkUploadRoleFunction addRoleFunc : appRoleFunc) {
addRoleFunctionsInExternalSystem(addRoleFunc, role, app);
@@ -2548,11 +2604,12 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic
}
}
// upload global role functions to ext auth system
- if(!app.getId().equals(PortalConstants.PORTAL_APP_ID)) {
+ if (!app.getId().equals(PortalConstants.PORTAL_APP_ID)) {
roleFunctions = bulkUploadGlobalRoleFunctions(app, roleFunctions);
}
- } catch(HttpClientErrorException e){
- logger.error(EELFLoggerDelegate.errorLogger, "HttpClientErrorException - Failed to bulkUploadRolesFunctions", e);
+ } catch (HttpClientErrorException e) {
+ logger.error(EELFLoggerDelegate.errorLogger,
+ "HttpClientErrorException - Failed to bulkUploadRolesFunctions", e);
EPLogUtil.logExternalAuthAccessAlarm(logger, e.getStatusCode());
} catch (Exception e) {
logger.error(EELFLoggerDelegate.errorLogger, "bulkUploadRolesFunctions: failed", e);
@@ -2586,8 +2643,9 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic
action = "*";
}
extPerms = new ExternalAccessPerms(app.getNameSpace() + "." + type, instance, action);
- extRolePerms = new ExternalAccessRolePerms(extPerms, portalApp.getNameSpace() + "." + globalRoleFunc.getRoleName()
- .replaceAll(EcompPortalUtils.EXTERNAL_CENTRAL_AUTH_ROLE_HANDLE_SPECIAL_CHARACTERS, "_"));
+ extRolePerms = new ExternalAccessRolePerms(extPerms,
+ portalApp.getNameSpace() + "." + globalRoleFunc.getRoleName().replaceAll(
+ EcompPortalUtils.EXTERNAL_CENTRAL_AUTH_ROLE_HANDLE_SPECIAL_CHARACTERS, "_"));
String updateRolePerms = mapper.writeValueAsString(extRolePerms);
HttpEntity<String> entity = new HttpEntity<>(updateRolePerms, headers);
updateRoleFunctionInExternalSystem(updateRolePerms, entity);
@@ -2611,48 +2669,44 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic
public void syncApplicationRolesWithEcompDB(EPApp app) {
try {
logger.debug(EELFLoggerDelegate.debugLogger, "syncRoleFunctionFromExternalAccessSystem: Started");
- //Sync functions and roles assigned to it which also creates new roles if does not exits in portal
+ // Sync functions and roles assigned to it which also creates new roles if does
+ // not exits in portal
syncRoleFunctionFromExternalAccessSystem(app);
- logger.debug(EELFLoggerDelegate.debugLogger, "syncRoleFunctionFromExternalAccessSystem: Finished");
-
+ logger.debug(EELFLoggerDelegate.debugLogger, "syncRoleFunctionFromExternalAccessSystem: Finished");
ObjectMapper mapper = new ObjectMapper();
logger.debug(EELFLoggerDelegate.debugLogger, "Entering to getAppRolesJSONFromExtAuthSystem");
// Get Permissions from External Auth System
JSONArray extRole = getAppRolesJSONFromExtAuthSystem(app);
-
logger.debug(EELFLoggerDelegate.debugLogger, "Entering into getExternalRoleDetailsList");
- List<ExternalRoleDetails> externalRoleDetailsList = getExternalRoleDetailsList(app,
- mapper, extRole);
-
+ // refactoring done
+ List<ExternalRoleDetails> externalRoleDetailsList = getExternalRoleDetailsList(app, mapper, extRole);
List<EPRole> finalRoleList = new ArrayList<>();
for (ExternalRoleDetails externalRole : externalRoleDetailsList) {
EPRole ecompRole = convertExternalRoleDetailstoEpRole(externalRole);
finalRoleList.add(ecompRole);
}
-
List<EPRole> applicationRolesList;
applicationRolesList = getAppRoles(app.getId());
List<String> applicationRoleIdList = new ArrayList<>();
for (EPRole applicationRole : applicationRolesList) {
- applicationRoleIdList.add(applicationRole.getName().replaceAll(EcompPortalUtils.EXTERNAL_CENTRAL_AUTH_ROLE_HANDLE_SPECIAL_CHARACTERS, "_"));
+ applicationRoleIdList.add(applicationRole.getName());
}
-
List<EPRole> roleListToBeAddInEcompDB = new ArrayList<>();
for (EPRole aafRole : finalRoleList) {
if (!applicationRoleIdList.contains(aafRole.getName())) {
roleListToBeAddInEcompDB.add(aafRole);
}
}
-
logger.debug(EELFLoggerDelegate.debugLogger, "Entering into inactiveRolesNotInExternalAuthSystem");
// Check if roles exits in external Access system and if not make inactive in DB
inactiveRolesNotInExternalAuthSystem(app, finalRoleList, applicationRolesList);
logger.debug(EELFLoggerDelegate.debugLogger, "Entering into addNewRoleInEcompDBUpdateDescInExtAuthSystem");
- // Add new roles in DB and updates role description in External Auth System
+ // Add new roles in DB and updates role description in External Auth System
addNewRoleInEcompDBUpdateDescInExtAuthSystem(app, roleListToBeAddInEcompDB);
logger.debug(EELFLoggerDelegate.debugLogger, "syncApplicationRolesWithEcompDB: Finished");
} catch (HttpClientErrorException e) {
- logger.error(EELFLoggerDelegate.errorLogger, "syncApplicationRolesWithEcompDB: Failed due to the External Auth System", e);
+ logger.error(EELFLoggerDelegate.errorLogger,
+ "syncApplicationRolesWithEcompDB: Failed due to the External Auth System", e);
EPLogUtil.logExternalAuthAccessAlarm(logger, e.getStatusCode());
} catch (Exception e) {
logger.error(EELFLoggerDelegate.errorLogger, "syncApplicationRolesWithEcompDB: Failed ", e);
@@ -2681,14 +2735,14 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic
final Map<String, String> globalRoleParams = new HashMap<>();
globalRoleParams.put("appId", String.valueOf(app.getId()));
globalRoleParams.put("appRoleName", roleToBeAddedInEcompDB.getName());
- getRoleCreatedInSync = dataAccessService.executeNamedQuery(GET_ROLE_TO_UPDATE_IN_EXTERNAL_AUTH_SYSTEM, globalRoleParams, null);
+ getRoleCreatedInSync = dataAccessService
+ .executeNamedQuery(GET_ROLE_TO_UPDATE_IN_EXTERNAL_AUTH_SYSTEM, globalRoleParams, null);
EPRole epUpdateRole = getRoleCreatedInSync.get(0);
epUpdateRole.setAppRoleId(epUpdateRole.getId());
dataAccessService.saveDomainObject(epUpdateRole, null);
}
List<EPRole> roleList = new ArrayList<>();
final Map<String, String> params = new HashMap<>();
-
params.put(APP_ROLE_NAME_PARAM, roleToBeAddedInEcompDB.getName());
boolean isPortalRole = false;
if (app.getId() == 1) {
@@ -2697,7 +2751,8 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic
} else {
isPortalRole = false;
params.put(APP_ID, app.getId().toString());
- roleList = dataAccessService.executeNamedQuery(GET_ROLE_TO_UPDATE_IN_EXTERNAL_AUTH_SYSTEM, params, null);
+ roleList = dataAccessService.executeNamedQuery(GET_ROLE_TO_UPDATE_IN_EXTERNAL_AUTH_SYSTEM, params,
+ null);
}
EPRole role = roleList.get(0);
Role aaFrole = new Role();
@@ -2715,11 +2770,63 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic
/**
*
- * It de-activates application roles in DB if not present in External Auth system
+ * It checks description in External Auth System if found any
+ * changes updates in DB
+ *
+ * @param app
+ * @param finalRoleList
+ * contains list of External Auth System roles list which is
+ * converted to EPRole
+ */
+ @SuppressWarnings("unchecked")
+ private void checkAndUpdateRoleInDB(EPApp app, List<EPRole> finalRoleList) {
+ for (EPRole roleItem : finalRoleList) {
+ final Map<String, String> roleParams = new HashMap<>();
+ List<EPRole> currentList = null;
+ roleParams.put(APP_ROLE_NAME_PARAM, roleItem.getName());
+ if (app.getId() == 1) {
+ currentList = dataAccessService.executeNamedQuery(GET_PORTAL_APP_ROLES_QUERY, roleParams, null);
+ } else {
+ roleParams.put(APP_ID, app.getId().toString());
+ currentList = dataAccessService.executeNamedQuery(GET_ROLE_TO_UPDATE_IN_EXTERNAL_AUTH_SYSTEM,
+ roleParams, null);
+ }
+ if (!currentList.isEmpty()) {
+ try {
+ Boolean aafRoleActive;
+ Boolean localRoleActive;
+ boolean result;
+ aafRoleActive = Boolean.valueOf(roleItem.getActive());
+ localRoleActive = Boolean.valueOf(currentList.get(0).getActive());
+ result = aafRoleActive.equals(localRoleActive);
+ EPRole updateRole = currentList.get(0);
+ if (!result) {
+ updateRole.setActive(roleItem.getActive());
+ dataAccessService.saveDomainObject(updateRole, null);
+ }
+ if (roleItem.getPriority() != null
+ && !currentList.get(0).getPriority().equals(roleItem.getPriority())) {
+ updateRole.setPriority(roleItem.getPriority());
+ dataAccessService.saveDomainObject(updateRole, null);
+ }
+ } catch (Exception e) {
+ logger.error(EELFLoggerDelegate.errorLogger,
+ "syncApplicationRolesWithEcompDB: Failed to update role ", e);
+ }
+ }
+ }
+ }
+
+ /**
+ *
+ * It de-activates application roles in DB if not present in External Auth
+ * system
*
* @param app
- * @param finalRoleList contains list of current roles present in External Auth System
- * @param applicationRolesList contains list of current roles present in DB
+ * @param finalRoleList
+ * contains list of current roles present in External Auth System
+ * @param applicationRolesList
+ * contains list of current roles present in DB
*/
@SuppressWarnings("unchecked")
private void inactiveRolesNotInExternalAuthSystem(EPApp app, List<EPRole> finalRoleList,
@@ -2733,14 +2840,16 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic
final Map<String, String> extRoleParams = new HashMap<>();
List<EPRole> roleList = null;
extRoleParams.put(APP_ROLE_NAME_PARAM, role.getName());
- if (!checkRolesInactive.containsKey(role.getName().replaceAll(EcompPortalUtils.EXTERNAL_CENTRAL_AUTH_ROLE_HANDLE_SPECIAL_CHARACTERS, "_"))) {
+ if (!checkRolesInactive.containsKey(role.getName()
+ .replaceAll(EcompPortalUtils.EXTERNAL_CENTRAL_AUTH_ROLE_HANDLE_SPECIAL_CHARACTERS, "_"))) {
if (app.getId() == 1) {
roleList = dataAccessService.executeNamedQuery(GET_PORTAL_APP_ROLES_QUERY, extRoleParams, null);
} else {
extRoleParams.put(APP_ID, app.getId().toString());
- roleList = dataAccessService.executeNamedQuery(GET_ROLE_TO_UPDATE_IN_EXTERNAL_AUTH_SYSTEM, extRoleParams, null);
+ roleList = dataAccessService.executeNamedQuery(GET_ROLE_TO_UPDATE_IN_EXTERNAL_AUTH_SYSTEM,
+ extRoleParams, null);
}
- if(!roleList.isEmpty()) {
+ if (!roleList.isEmpty()) {
EPRole updateRoleInactive = roleList.get(0);
updateRoleInactive.setActive(false);
dataAccessService.saveDomainObject(updateRoleInactive, null);
@@ -2752,22 +2861,25 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic
}
}
}
-
+
@Override
@SuppressWarnings("unchecked")
- public List<ExternalRoleDetails> getExternalRoleDetailsList(EPApp app,
- ObjectMapper mapper, JSONArray extRole)
+ public List<ExternalRoleDetails> getExternalRoleDetailsList(EPApp app, ObjectMapper mapper, JSONArray extRole)
throws IOException {
List<ExternalRoleDetails> externalRoleDetailsList = new ArrayList<>();
ExternalAccessPerms externalAccessPerms = new ExternalAccessPerms();
List<String> functionCodelist = new ArrayList<>();
- Map<String, EPRole> curRolesMap = getCurrentRolesInDB(app);
+ Map<String, EPRole> curRolesMap = getAppRoleNamesMap(app);
+ Map<String, EPRole> curRolesUnderscoreMap = getAppRoleNamesWithUnderscoreMap(app);
for (int i = 0; i < extRole.length(); i++) {
ExternalRoleDetails externalRoleDetail = new ExternalRoleDetails();
EPAppRoleFunction ePAppRoleFunction = new EPAppRoleFunction();
JSONObject Role = (JSONObject) extRole.get(i);
String name = extRole.getJSONObject(i).getString(ROLE_NAME);
- String actualRoleName = name.substring(app.getNameSpace().length() + 1);
+ String actualRoleName = name.substring(app.getNameSpace().length() + 1);
+ if (extRole.getJSONObject(i).has(EXTERNAL_AUTH_ROLE_DESCRIPTION)) {
+ actualRoleName = extRole.getJSONObject(i).getString(EXTERNAL_AUTH_ROLE_DESCRIPTION);
+ }
SortedSet<ExternalAccessPerms> externalAccessPermsOfRole = new TreeSet<>();
if (extRole.getJSONObject(i).has(EXTERNAL_AUTH_PERMS)) {
JSONArray extPerm = (JSONArray) Role.get(EXTERNAL_AUTH_PERMS);
@@ -2782,7 +2894,6 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic
functionCodelist.add(ePAppRoleFunction.getCode());
externalAccessPermsOfRole.add(externalAccessPerms);
}
-
}
}
externalRoleDetail.setActive(true);
@@ -2792,18 +2903,19 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic
} else {
externalRoleDetail.setAppId(app.getId());
}
- // get role functions from DB
- EPRole currRole = curRolesMap.get(actualRoleName
- .replaceAll(EcompPortalUtils.EXTERNAL_CENTRAL_AUTH_ROLE_HANDLE_SPECIAL_CHARACTERS, "_"));
+ EPRole currRole = null;
+ currRole = (!extRole.getJSONObject(i).has(EXTERNAL_AUTH_ROLE_DESCRIPTION))
+ ? curRolesUnderscoreMap.get(actualRoleName)
+ : curRolesMap.get(actualRoleName);
Long roleId = null;
if (currRole != null)
roleId = currRole.getId();
- // get role functions from DB
final Map<String, EPAppRoleFunction> roleFunctionsMap = new HashMap<>();
final Map<String, Long> appRoleFuncsParams = new HashMap<>();
if (roleId != null) {
appRoleFuncsParams.put("appId", app.getId());
appRoleFuncsParams.put("roleId", roleId);
+ // get role functions from DB
List<EPAppRoleFunction> appRoleFunctions = dataAccessService
.executeNamedQuery("getAppRoleFunctionOnRoleIdandAppId", appRoleFuncsParams, null);
if (!appRoleFunctions.isEmpty()) {
@@ -2864,9 +2976,8 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic
HttpEntity<String> entity = new HttpEntity<>(headers);
logger.debug(EELFLoggerDelegate.debugLogger, "syncApplicationRolesWithEcompDB: {} ",
CONNECTING_TO_EXTERNAL_AUTH_SYSTEM_LOG_MESSAGE);
- response = template
- .exchange(SystemProperties.getProperty(EPCommonSystemProperties.EXTERNAL_CENTRAL_ACCESS_URL)
- + "roles/ns/" + app.getNameSpace(), HttpMethod.GET, entity, String.class);
+ response = template.exchange(SystemProperties.getProperty(EPCommonSystemProperties.EXTERNAL_CENTRAL_ACCESS_URL)
+ + "roles/ns/" + app.getNameSpace(), HttpMethod.GET, entity, String.class);
String res = response.getBody();
logger.debug(EELFLoggerDelegate.debugLogger,
"syncApplicationRolesWithEcompDB: Finished GET roles from External Auth system and the result is :",
@@ -2880,31 +2991,28 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic
&& !app.getId().equals(PortalConstants.PORTAL_APP_ID))) {
extRole.remove(i);
i--;
- }
+ }
}
return extRole;
}
-
+
@Override
- public JSONArray getAllUsersByRole(String roleName) throws Exception{
+ public JSONArray getAllUsersByRole(String roleName) throws Exception {
ResponseEntity<String> response = null;
HttpHeaders headers = EcompPortalUtils.base64encodeKeyForAAFBasicAuth();
HttpEntity<String> entity = new HttpEntity<>(headers);
logger.debug(EELFLoggerDelegate.debugLogger, "getAllUsersByRole: {} ",
CONNECTING_TO_EXTERNAL_AUTH_SYSTEM_LOG_MESSAGE);
- response = template
- .exchange(SystemProperties.getProperty(EPCommonSystemProperties.EXTERNAL_CENTRAL_ACCESS_URL)
- + "userRoles/role/" + roleName, HttpMethod.GET, entity, String.class);
+ response = template.exchange(SystemProperties.getProperty(EPCommonSystemProperties.EXTERNAL_CENTRAL_ACCESS_URL)
+ + "userRoles/role/" + roleName, HttpMethod.GET, entity, String.class);
String res = response.getBody();
logger.debug(EELFLoggerDelegate.debugLogger,
"syncApplicationRolesWithEcompDB: Finished GET roles from External Auth system and the result is :",
res);
- if(res == null || res.trim().isEmpty())
+ if (res == null || res.trim().isEmpty())
return null;
-
JSONObject jsonObj = new JSONObject(res);
JSONArray extRole = jsonObj.getJSONArray("userRole");
-
return extRole;
}
@@ -2936,7 +3044,7 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic
if (app.getCentralAuth()) {
userRolesList = dataAccessService.executeNamedQuery("getBulkUserRoles", params, null);
for (BulkUploadUserRoles userRolesUpload : userRolesList) {
- if(!userRolesUpload.getOrgUserId().equals("su1234")){
+ if (!userRolesUpload.getOrgUserId().equals("su1234")) {
addUserRoleInExternalSystem(userRolesUpload);
userRolesAdded++;
}
@@ -2946,7 +3054,7 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic
}
/**
- * Its adding a user role in external auth system while doing bulk upload
+ * Its adding a user role in external auth system while doing bulk upload
*
* @param userRolesUpload
*/
@@ -2960,90 +3068,86 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic
+ SystemProperties.getProperty(EPCommonSystemProperties.EXTERNAL_CENTRAL_ACCESS_USER_DOMAIN);
}
ExternalAccessUser extUser = new ExternalAccessUser(name,
- userRolesUpload.getAppNameSpace() + "." + userRolesUpload.getRoleName().replaceAll(EcompPortalUtils.EXTERNAL_CENTRAL_AUTH_ROLE_HANDLE_SPECIAL_CHARACTERS, "_"));
+ userRolesUpload.getAppNameSpace() + "." + userRolesUpload.getRoleName()
+ .replaceAll(EcompPortalUtils.EXTERNAL_CENTRAL_AUTH_ROLE_HANDLE_SPECIAL_CHARACTERS, "_"));
String userRole = mapper.writeValueAsString(extUser);
HttpHeaders headers = EcompPortalUtils.base64encodeKeyForAAFBasicAuth();
HttpEntity<String> entity = new HttpEntity<>(userRole, headers);
template.exchange(
SystemProperties.getProperty(EPCommonSystemProperties.EXTERNAL_CENTRAL_ACCESS_URL) + "userRole",
HttpMethod.POST, entity, String.class);
- } catch(HttpClientErrorException e){
- logger.error(EELFLoggerDelegate.errorLogger, "HttpClientErrorException - Failed to addUserRoleInExternalSystem", e);
+ } catch (HttpClientErrorException e) {
+ logger.error(EELFLoggerDelegate.errorLogger,
+ "HttpClientErrorException - Failed to addUserRoleInExternalSystem", e);
EPLogUtil.logExternalAuthAccessAlarm(logger, e.getStatusCode());
} catch (Exception e) {
if (e.getMessage().equalsIgnoreCase("409 Conflict")) {
- logger.error(EELFLoggerDelegate.errorLogger, "addUserRoleInExternalSystem: UserRole already exits but does not break functionality");
+ logger.error(EELFLoggerDelegate.errorLogger,
+ "addUserRoleInExternalSystem: UserRole already exits but does not break functionality");
} else {
- logger.error(EELFLoggerDelegate.errorLogger, "addUserRoleInExternalSystem: Failed to addUserRoleInExternalSystem", e);
+ logger.error(EELFLoggerDelegate.errorLogger,
+ "addUserRoleInExternalSystem: Failed to addUserRoleInExternalSystem", e);
}
}
}
@Override
- public void deleteRoleDependencyRecords(Session localSession, Long roleId, Long appId, boolean isPortalRequest) throws Exception {
+ public void deleteRoleDependencyRecords(Session localSession, Long roleId, Long appId, boolean isPortalRequest)
+ throws Exception {
try {
- String sql = "";
+ String sql = "";
Query query = null;
-
- //It should delete only when it portal's roleId
- if(appId.equals(PortalConstants.PORTAL_APP_ID)){
- // Delete from fn_role_function
- sql = "DELETE FROM fn_role_function WHERE role_id=" + roleId;
- logger.debug(EELFLoggerDelegate.debugLogger, "Executing query: " + sql);
- query = localSession.createSQLQuery(sql);
- query.executeUpdate();
-
- // Delete from fn_role_composite
- sql = "DELETE FROM fn_role_composite WHERE parent_role_id=" + roleId + " OR child_role_id=" + roleId;
- logger.debug(EELFLoggerDelegate.debugLogger, "Executing query: " + sql);
- query = localSession.createSQLQuery(sql);
- query.executeUpdate();
+ // It should delete only when it portal's roleId
+ if (appId.equals(PortalConstants.PORTAL_APP_ID)) {
+ // Delete from fn_role_function
+ sql = "DELETE FROM fn_role_function WHERE role_id=" + roleId;
+ logger.debug(EELFLoggerDelegate.debugLogger, "Executing query: " + sql);
+ query = localSession.createSQLQuery(sql);
+ query.executeUpdate();
+ // Delete from fn_role_composite
+ sql = "DELETE FROM fn_role_composite WHERE parent_role_id=" + roleId + " OR child_role_id=" + roleId;
+ logger.debug(EELFLoggerDelegate.debugLogger, "Executing query: " + sql);
+ query = localSession.createSQLQuery(sql);
+ query.executeUpdate();
}
-
// Delete from ep_app_role_function
sql = "DELETE FROM ep_app_role_function WHERE role_id=" + roleId;
logger.debug(EELFLoggerDelegate.debugLogger, "Executing query: " + sql);
query = localSession.createSQLQuery(sql);
query.executeUpdate();
-
// Delete from ep_role_notification
sql = "DELETE FROM ep_role_notification WHERE role_id=" + roleId;
logger.debug(EELFLoggerDelegate.debugLogger, "Executing query: " + sql);
query = localSession.createSQLQuery(sql);
query.executeUpdate();
-
// Delete from fn_user_pseudo_role
sql = "DELETE FROM fn_user_pseudo_role WHERE pseudo_role_id=" + roleId;
logger.debug(EELFLoggerDelegate.debugLogger, "Executing query: " + sql);
query = localSession.createSQLQuery(sql);
query.executeUpdate();
-
// Delete form EP_WIDGET_CATALOG_ROLE
sql = "DELETE FROM EP_WIDGET_CATALOG_ROLE WHERE role_id=" + roleId;
logger.debug(EELFLoggerDelegate.debugLogger, "Executing query: " + sql);
query = localSession.createSQLQuery(sql);
query.executeUpdate();
-
// Delete form EP_WIDGET_CATALOG_ROLE
sql = "DELETE FROM ep_user_roles_request_det WHERE requested_role_id=" + roleId;
logger.debug(EELFLoggerDelegate.debugLogger, "Executing query: " + sql);
query = localSession.createSQLQuery(sql);
query.executeUpdate();
-
- if(!isPortalRequest) {
+ if (!isPortalRequest) {
// Delete form fn_menu_functional_roles
sql = "DELETE FROM fn_menu_functional_roles WHERE role_id=" + roleId;
logger.debug(EELFLoggerDelegate.debugLogger, "Executing query: " + sql);
query = localSession.createSQLQuery(sql);
- query.executeUpdate();
+ query.executeUpdate();
}
} catch (Exception e) {
logger.debug(EELFLoggerDelegate.debugLogger, "deleteRoleDependeciesRecord: failed ", e);
throw new DeleteDomainObjectFailedException("delete Failed" + e.getMessage());
}
-
}
-
+
@SuppressWarnings("unchecked")
@Override
public List<String> getMenuFunctionsList(String uebkey) throws Exception {
@@ -3054,8 +3158,8 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic
final Map<String, Long> appParams = new HashMap<>();
appParams.put(APP_ID, app.getId());
appMenuFunctionsList = dataAccessService.executeNamedQuery("getMenuFunctions", appParams, null);
- for(String appMenuFunction : appMenuFunctionsList) {
- if(appMenuFunction.contains(FUNCTION_PIPE)) {
+ for (String appMenuFunction : appMenuFunctionsList) {
+ if (appMenuFunction.contains(FUNCTION_PIPE)) {
appMenuFunctionsFinalList.add(EcompPortalUtils.getFunctionCode(appMenuFunction));
} else {
appMenuFunctionsFinalList.add(appMenuFunction);
@@ -3068,98 +3172,91 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic
return appMenuFunctionsFinalList;
}
- @SuppressWarnings({ "unchecked"})
+ @SuppressWarnings({ "unchecked" })
@Override
public List<EcompUser> getAllAppUsers(String uebkey) throws Exception {
List<String> usersList = new ArrayList<>();
- List<EcompUser> usersfinalList = new ArrayList<>();
- try {
- EPApp app = getApp(uebkey).get(0);
- final Map<String, Long> appParams = new HashMap<>();
- appParams.put("appId", app.getId());
- List<EcompUserRoles> userList = (List<EcompUserRoles>) dataAccessService
- .executeNamedQuery("ApplicationUserRoles", appParams, null);
- for (EcompUserRoles ecompUserRole : userList) {
- boolean found = false;
- Set<EcompRole> roles = null;
- for (EcompUser user : usersfinalList) {
- if (user.getOrgUserId().equals(ecompUserRole.getOrgUserId())) {
- EcompRole ecompRole = new EcompRole();
- ecompRole.setId(ecompUserRole.getRoleId());
- ecompRole.setName(ecompUserRole.getRoleName());
- roles = user.getRoles();
- EcompRole role = roles.stream().filter(x -> x.getName().equals(ecompUserRole.getRoleName())).findAny()
- .orElse(null);
- SortedSet<EcompRoleFunction> roleFunctionSet = new TreeSet<>();
- if(role != null)
- {
- roleFunctionSet = (SortedSet<EcompRoleFunction>) role.getRoleFunctions();
- }
-
- String functionCode = EcompPortalUtils.getFunctionCode(ecompUserRole.getFunctionCode());
- functionCode = EPUserUtils.decodeFunctionCode(functionCode);
- EcompRoleFunction epRoleFunction = new EcompRoleFunction();
- epRoleFunction.setName(ecompUserRole.getFunctionName());
- epRoleFunction.setCode(EPUserUtils.decodeFunctionCode(functionCode));
- epRoleFunction.setType(getFunctionCodeType(ecompUserRole.getFunctionCode()));
- epRoleFunction.setAction(getFunctionCodeAction(ecompUserRole.getFunctionCode()));
- roleFunctionSet.add(epRoleFunction);
- ecompRole.setRoleFunctions(roleFunctionSet);
- roles.add(ecompRole);
- user.setRoles(roles);
- found = true;
- break;
- }
- }
-
- if (!found) {
- EcompUser epUser = new EcompUser();
- epUser.setOrgId(ecompUserRole.getOrgId());
- epUser.setManagerId(ecompUserRole.getManagerId());
- epUser.setFirstName(ecompUserRole.getFirstName());
- epUser.setLastName(ecompUserRole.getLastName());
- epUser.setPhone(ecompUserRole.getPhone());
- epUser.setEmail(ecompUserRole.getEmail());
- epUser.setOrgUserId(ecompUserRole.getOrgUserId());
- epUser.setOrgCode(ecompUserRole.getOrgCode());
- epUser.setOrgManagerUserId(ecompUserRole.getOrgManagerUserId());
- epUser.setJobTitle(ecompUserRole.getJobTitle());
- epUser.setLoginId(ecompUserRole.getLoginId());
- epUser.setActive(true);
- roles = new HashSet<>();
- EcompRole ecompRole = new EcompRole();
- ecompRole.setId(ecompUserRole.getRoleId());
- ecompRole.setName(ecompUserRole.getRoleName());
- SortedSet<EcompRoleFunction> roleFunctionSet = new TreeSet<>();
-
- String functionCode = EcompPortalUtils.getFunctionCode(ecompUserRole.getFunctionCode());
- functionCode = EPUserUtils.decodeFunctionCode(functionCode);
- EcompRoleFunction epRoleFunction = new EcompRoleFunction();
- epRoleFunction.setName(ecompUserRole.getFunctionName());
- epRoleFunction.setCode(EPUserUtils.decodeFunctionCode(functionCode));
- epRoleFunction.setType(getFunctionCodeType(ecompUserRole.getFunctionCode()));
- epRoleFunction.setAction(getFunctionCodeAction(ecompUserRole.getFunctionCode()));
- roleFunctionSet.add(epRoleFunction);
- ecompRole.setRoleFunctions(roleFunctionSet);
- roles.add(ecompRole);
- epUser.setRoles(roles);
- usersfinalList.add(epUser);
- }
- }
- ObjectMapper mapper = new ObjectMapper();
-
- for (EcompUser u1 : usersfinalList) {
- String str = mapper.writeValueAsString(u1);
- usersList.add(str);
- }
- } catch (Exception e) {
- logger.error(EELFLoggerDelegate.errorLogger, "getAllUsers failed", e);
- throw e;
- }
- return usersfinalList;
-
- }
-
+ List<EcompUser> usersfinalList = new ArrayList<>();
+ try {
+ EPApp app = getApp(uebkey).get(0);
+ final Map<String, Long> appParams = new HashMap<>();
+ appParams.put("appId", app.getId());
+ List<EcompUserRoles> userList = (List<EcompUserRoles>) dataAccessService
+ .executeNamedQuery("ApplicationUserRoles", appParams, null);
+ for (EcompUserRoles ecompUserRole : userList) {
+ boolean found = false;
+ Set<EcompRole> roles = null;
+ for (EcompUser user : usersfinalList) {
+ if (user.getOrgUserId().equals(ecompUserRole.getOrgUserId())) {
+ EcompRole ecompRole = new EcompRole();
+ ecompRole.setId(ecompUserRole.getRoleId());
+ ecompRole.setName(ecompUserRole.getRoleName());
+ roles = user.getRoles();
+ EcompRole role = roles.stream().filter(x -> x.getName().equals(ecompUserRole.getRoleName()))
+ .findAny().orElse(null);
+ SortedSet<EcompRoleFunction> roleFunctionSet = new TreeSet<>();
+ if (role != null) {
+ roleFunctionSet = (SortedSet<EcompRoleFunction>) role.getRoleFunctions();
+ }
+ String functionCode = EcompPortalUtils.getFunctionCode(ecompUserRole.getFunctionCode());
+ functionCode = EPUserUtils.decodeFunctionCode(functionCode);
+ EcompRoleFunction epRoleFunction = new EcompRoleFunction();
+ epRoleFunction.setName(ecompUserRole.getFunctionName());
+ epRoleFunction.setCode(EPUserUtils.decodeFunctionCode(functionCode));
+ epRoleFunction.setType(getFunctionCodeType(ecompUserRole.getFunctionCode()));
+ epRoleFunction.setAction(getFunctionCodeAction(ecompUserRole.getFunctionCode()));
+ roleFunctionSet.add(epRoleFunction);
+ ecompRole.setRoleFunctions(roleFunctionSet);
+ roles.add(ecompRole);
+ user.setRoles(roles);
+ found = true;
+ break;
+ }
+ }
+ if (!found) {
+ EcompUser epUser = new EcompUser();
+ epUser.setOrgId(ecompUserRole.getOrgId());
+ epUser.setManagerId(ecompUserRole.getManagerId());
+ epUser.setFirstName(ecompUserRole.getFirstName());
+ epUser.setLastName(ecompUserRole.getLastName());
+ epUser.setPhone(ecompUserRole.getPhone());
+ epUser.setEmail(ecompUserRole.getEmail());
+ epUser.setOrgUserId(ecompUserRole.getOrgUserId());
+ epUser.setOrgCode(ecompUserRole.getOrgCode());
+ epUser.setOrgManagerUserId(ecompUserRole.getOrgManagerUserId());
+ epUser.setJobTitle(ecompUserRole.getJobTitle());
+ epUser.setLoginId(ecompUserRole.getLoginId());
+ epUser.setActive(true);
+ roles = new HashSet<>();
+ EcompRole ecompRole = new EcompRole();
+ ecompRole.setId(ecompUserRole.getRoleId());
+ ecompRole.setName(ecompUserRole.getRoleName());
+ SortedSet<EcompRoleFunction> roleFunctionSet = new TreeSet<>();
+ String functionCode = EcompPortalUtils.getFunctionCode(ecompUserRole.getFunctionCode());
+ functionCode = EPUserUtils.decodeFunctionCode(functionCode);
+ EcompRoleFunction epRoleFunction = new EcompRoleFunction();
+ epRoleFunction.setName(ecompUserRole.getFunctionName());
+ epRoleFunction.setCode(EPUserUtils.decodeFunctionCode(functionCode));
+ epRoleFunction.setType(getFunctionCodeType(ecompUserRole.getFunctionCode()));
+ epRoleFunction.setAction(getFunctionCodeAction(ecompUserRole.getFunctionCode()));
+ roleFunctionSet.add(epRoleFunction);
+ ecompRole.setRoleFunctions(roleFunctionSet);
+ roles.add(ecompRole);
+ epUser.setRoles(roles);
+ usersfinalList.add(epUser);
+ }
+ }
+ ObjectMapper mapper = new ObjectMapper();
+ for (EcompUser u1 : usersfinalList) {
+ String str = mapper.writeValueAsString(u1);
+ usersList.add(str);
+ }
+ } catch (Exception e) {
+ logger.error(EELFLoggerDelegate.errorLogger, "getAllUsers failed", e);
+ throw e;
+ }
+ return usersfinalList;
+ }
@Override
public Role ConvertCentralRoleToRole(String result) {
@@ -3185,17 +3282,16 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic
}
return newRole;
}
-
+
@Override
@SuppressWarnings("unchecked")
public List<CentralizedApp> getCentralizedAppsOfUser(String userId) {
Map<String, String> params = new HashMap<>();
params.put("userId", userId);
List<CentralizedApp> centralizedAppsList = new ArrayList<>();
- try{
- centralizedAppsList = dataAccessService
- .executeNamedQuery("getCentralizedAppsOfUser", params, null);
- }catch (Exception e) {
+ try {
+ centralizedAppsList = dataAccessService.executeNamedQuery("getCentralizedAppsOfUser", params, null);
+ } catch (Exception e) {
logger.error(EELFLoggerDelegate.errorLogger, "getCentralizedAppsOfUser failed", e);
}
return centralizedAppsList;
@@ -3276,15 +3372,16 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic
String type;
String action;
CentralV2RoleFunction cenRoleFun;
- if(role.getFunctionCd().contains(FUNCTION_PIPE)){
+ if (role.getFunctionCd().contains(FUNCTION_PIPE)) {
instance = EcompPortalUtils.getFunctionCode(role.getFunctionCd());
type = EcompPortalUtils.getFunctionType(role.getFunctionCd());
action = EcompPortalUtils.getFunctionAction(role.getFunctionCd());
cenRoleFun = new CentralV2RoleFunction(null, instance, role.getFunctionName(), null, type, action, null);
- } else{
+ } else {
type = getFunctionCodeType(role.getFunctionCd());
action = getFunctionCodeAction(role.getFunctionCd());
- cenRoleFun = new CentralV2RoleFunction(null, role.getFunctionCd(), role.getFunctionName(), null, type, action, null);
+ cenRoleFun = new CentralV2RoleFunction(null, role.getFunctionCd(), role.getFunctionName(), null, type,
+ action, null);
}
return cenRoleFun;
}
@@ -3302,28 +3399,27 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic
}
private CentralV2Role convertRoleToCentralV2Role(EPRole role) {
- return new CentralV2Role(role.getId(), role.getCreated(), role.getModified(), role.getCreatedId(),
+ return new CentralV2Role(role.getId(), role.getCreated(), role.getModified(), role.getCreatedId(),
role.getModifiedId(), role.getRowNum(), role.getName(), role.getActive(), role.getPriority(),
new TreeSet<>(), new TreeSet<>(), new TreeSet<>());
-
}
-
+
@Override
- public List<CentralRoleFunction> convertCentralRoleFunctionToRoleFunctionObject(List<CentralV2RoleFunction> answer) {
+ public List<CentralRoleFunction> convertCentralRoleFunctionToRoleFunctionObject(
+ List<CentralV2RoleFunction> answer) {
List<CentralRoleFunction> addRoleFuncList = new ArrayList<>();
- for(CentralV2RoleFunction cenRoleFunc : answer){
+ for (CentralV2RoleFunction cenRoleFunc : answer) {
CentralRoleFunction setRoleFunc = new CentralRoleFunction();
setRoleFunc.setCode(cenRoleFunc.getCode());
setRoleFunc.setName(cenRoleFunc.getName());
addRoleFuncList.add(setRoleFunc);
- }
+ }
return addRoleFuncList;
}
@Override
public CentralUser getUserRoles(String loginId, String uebkey) throws Exception {
CentralUser sendUserRoles = null;
-
try {
CentralV2User cenV2User = getV2UserAppRoles(loginId, uebkey);
sendUserRoles = convertV2UserRolesToOlderVersion(cenV2User);
@@ -3354,6 +3450,80 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic
return createEPUser(user, userAppSet, app);
}
+ private List<EcompRole> getUserAppRoles(EPApp app, EPUser user) {
+ final Map<String, Long> userParams = new HashMap<>();
+ userParams.put("appId", app.getId());
+ userParams.put("userId", user.getId());
+ @SuppressWarnings("unchecked")
+ List<EPUserAppCurrentRoles> userAppsRolesList = dataAccessService.executeNamedQuery("getUserAppCurrentRoles",
+ userParams, null);
+ List<EcompRole> setUserRoles = new ArrayList<>();
+ for (EPUserAppCurrentRoles role : userAppsRolesList) {
+ logger.debug(EELFLoggerDelegate.debugLogger, "In getUserAppRoles()- get userRolename = {}",
+ role.getRoleName());
+ EcompRole ecompRole = new EcompRole();
+ ecompRole.setId(role.getRoleId());
+ ecompRole.setName(role.getRoleName());
+ setUserRoles.add(ecompRole);
+ }
+ logger.debug(EELFLoggerDelegate.debugLogger, "In getUserAppRoles()- get userrole list size = {}",
+ setUserRoles.size());
+ return setUserRoles;
+ }
+
+ @Override
+ public List<EcompRole> missingUserApplicationRoles(String uebkey, String loginId, Set<EcompRole> CurrentUserRoles)
+ throws Exception {
+ List<EPApp> appList = getApp(uebkey);
+ EPApp app = appList.get(0);
+ List<EPUser> epUserList;
+ epUserList = getUser(loginId);
+ List<EcompRole> missingUserAppRoles = new ArrayList<>();
+ List<String> roleNamesList = CurrentUserRoles.stream().map(EcompRole::getName).collect(Collectors.toList());
+ logger.debug(EELFLoggerDelegate.debugLogger, "Roles of User from hibernate :" + roleNamesList);
+ List<EcompRole> userApplicationsRolesfromDB = getUserAppRoles(app, epUserList.get(0));
+ if (userApplicationsRolesfromDB.size() > 0) {
+ missingUserAppRoles = userApplicationsRolesfromDB.stream().filter(x -> !roleNamesList.contains(x.getName()))
+ .collect(Collectors.toList());
+ }
+ List<String> MissingroleNamesList = missingUserAppRoles.stream().map(EcompRole::getName)
+ .collect(Collectors.toList());
+ logger.debug(EELFLoggerDelegate.debugLogger, "MissingUserAppRoles():" + MissingroleNamesList);
+
+ List<EcompRole> finalMissingRoleList = new ArrayList<>();
+ if (missingUserAppRoles.size() > 0) {
+ final Map<String, Long> params = new HashMap<>();
+ for (EcompRole role : missingUserAppRoles) {
+ params.put("roleId", role.getId());
+ params.put(APP_ID, app.getId());
+
+ EcompRole epRole = new EcompRole();
+ epRole.setId(role.getId());
+ epRole.setName(role.getName());
+ @SuppressWarnings("unchecked")
+ List<CentralV2RoleFunction> appRoleFunctionList = dataAccessService
+ .executeNamedQuery("getAppRoleFunctionList", params, null);
+ SortedSet<EcompRoleFunction> roleFunctionSet = new TreeSet<>();
+ for (CentralV2RoleFunction roleFunc : appRoleFunctionList) {
+ String functionCode = EcompPortalUtils.getFunctionCode(roleFunc.getCode());
+ String type = getFunctionCodeType(roleFunc.getCode());
+ String action = getFunctionCodeAction(roleFunc.getCode());
+ EcompRoleFunction fun = new EcompRoleFunction();
+ fun.setAction(action);
+ fun.setCode(functionCode);
+ fun.setType(type);
+ fun.setName(roleFunc.getName());
+ roleFunctionSet.add(fun);
+
+ }
+ epRole.setRoleFunctions(roleFunctionSet);
+ finalMissingRoleList.add(epRole);
+ }
+ }
+
+ return finalMissingRoleList;
+ }
+
/**
* It converts V2 CentralUser object to old version CentralUser object
*
@@ -3361,56 +3531,59 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic
* @return EPUser object
*/
private CentralUser convertV2UserRolesToOlderVersion(CentralV2User cenV2User) {
- Set<CentralV2UserApp> userV2Apps = cenV2User.getUserApps();
- Set<CentralUserApp> userApps = new TreeSet<>();
- for(CentralV2UserApp userApp : userV2Apps){
- CentralApp app = userApp.getApp();
- CentralUserApp cua = new CentralUserApp();
- cua.setUserId(null);
- cua.setApp(app);
- SortedSet<CentralRoleFunction> cenRoleFunction = new TreeSet<>();
- for(CentralV2RoleFunction cenV2RoleFunc : userApp.getRole().getRoleFunctions() ){
- CentralRoleFunction cenRoleFunc = new CentralRoleFunction(cenV2RoleFunc.getCode(), cenV2RoleFunc.getName());
- cenRoleFunction.add(cenRoleFunc);
- }
- CentralRole role = new CentralRole(userApp.getRole().getId(), userApp.getRole().getName(), userApp.getRole().getActive(), userApp.getRole().getPriority(),
- cenRoleFunction);
- cua.setRole(role);
- userApps.add(cua);
- }
- return new CentralUser(cenV2User.getId(), cenV2User.getCreated(), cenV2User.getModified(),
- cenV2User.getCreatedId(),cenV2User.getModifiedId(),
- cenV2User.getRowNum(), cenV2User.getOrgId(), cenV2User.getManagerId(), cenV2User.getFirstName(),
- cenV2User.getMiddleInitial(), cenV2User.getLastName(), cenV2User.getPhone(), cenV2User.getFax(),
- cenV2User.getCellular(),cenV2User.getEmail(),cenV2User.getAddressId(),cenV2User.getAlertMethodCd(),
- cenV2User.getHrid(),cenV2User.getOrgUserId(),cenV2User.getOrgCode(),cenV2User.getAddress1(),
- cenV2User.getAddress2(),cenV2User.getCity(),cenV2User.getState(),cenV2User.getZipCode(),cenV2User.getCountry(),
- cenV2User.getOrgManagerUserId(),cenV2User.getLocationClli(),cenV2User.getBusinessCountryCode(),
- cenV2User.getBusinessCountryName(),cenV2User.getBusinessUnit(),cenV2User.getBusinessUnitName(),
- cenV2User.getDepartment(),cenV2User.getDepartmentName(),cenV2User.getCompanyCode(),
- cenV2User.getCompany(),cenV2User.getZipCodeSuffix(),cenV2User.getJobTitle(),
- cenV2User.getCommandChain(),cenV2User.getSiloStatus(),cenV2User.getCostCenter(),
- cenV2User.getFinancialLocCode(),cenV2User.getLoginId(),cenV2User.getLoginPwd(),
- cenV2User.getLastLoginDate(),cenV2User.isActive(),cenV2User.isInternal(),cenV2User.getSelectedProfileId(),cenV2User.getTimeZoneId(),
- cenV2User.isOnline(),cenV2User.getChatId(),
- userApps);
+ Set<CentralV2UserApp> userV2Apps = cenV2User.getUserApps();
+ Set<CentralUserApp> userApps = new TreeSet<>();
+ for (CentralV2UserApp userApp : userV2Apps) {
+ CentralApp app = userApp.getApp();
+ CentralUserApp cua = new CentralUserApp();
+ cua.setUserId(null);
+ cua.setApp(app);
+ SortedSet<CentralRoleFunction> cenRoleFunction = new TreeSet<>();
+ for (CentralV2RoleFunction cenV2RoleFunc : userApp.getRole().getRoleFunctions()) {
+ CentralRoleFunction cenRoleFunc = new CentralRoleFunction(cenV2RoleFunc.getCode(),
+ cenV2RoleFunc.getName());
+ cenRoleFunction.add(cenRoleFunc);
+ }
+ CentralRole role = new CentralRole(userApp.getRole().getId(), userApp.getRole().getName(),
+ userApp.getRole().getActive(), userApp.getRole().getPriority(), cenRoleFunction);
+ cua.setRole(role);
+ userApps.add(cua);
+ }
+ return new CentralUser(cenV2User.getId(), cenV2User.getCreated(), cenV2User.getModified(),
+ cenV2User.getCreatedId(), cenV2User.getModifiedId(), cenV2User.getRowNum(), cenV2User.getOrgId(),
+ cenV2User.getManagerId(), cenV2User.getFirstName(), cenV2User.getMiddleInitial(),
+ cenV2User.getLastName(), cenV2User.getPhone(), cenV2User.getFax(), cenV2User.getCellular(),
+ cenV2User.getEmail(), cenV2User.getAddressId(), cenV2User.getAlertMethodCd(), cenV2User.getHrid(),
+ cenV2User.getOrgUserId(), cenV2User.getOrgCode(), cenV2User.getAddress1(), cenV2User.getAddress2(),
+ cenV2User.getCity(), cenV2User.getState(), cenV2User.getZipCode(), cenV2User.getCountry(),
+ cenV2User.getOrgManagerUserId(), cenV2User.getLocationClli(), cenV2User.getBusinessCountryCode(),
+ cenV2User.getBusinessCountryName(), cenV2User.getBusinessUnit(), cenV2User.getBusinessUnitName(),
+ cenV2User.getDepartment(), cenV2User.getDepartmentName(), cenV2User.getCompanyCode(),
+ cenV2User.getCompany(), cenV2User.getZipCodeSuffix(), cenV2User.getJobTitle(),
+ cenV2User.getCommandChain(), cenV2User.getSiloStatus(), cenV2User.getCostCenter(),
+ cenV2User.getFinancialLocCode(), cenV2User.getLoginId(), cenV2User.getLoginPwd(),
+ cenV2User.getLastLoginDate(), cenV2User.isActive(), cenV2User.isInternal(),
+ cenV2User.getSelectedProfileId(), cenV2User.getTimeZoneId(), cenV2User.isOnline(),
+ cenV2User.getChatId(), userApps);
}
@Override
public List<CentralRole> convertV2CentralRoleListToOldVerisonCentralRoleList(List<CentralV2Role> v2CenRoleList) {
List<CentralRole> cenRoleList = new ArrayList<>();
- for(CentralV2Role v2CenRole : v2CenRoleList){
- SortedSet<CentralRoleFunction> cenRoleFuncList = new TreeSet<>();
- for(CentralV2RoleFunction v2CenRoleFunc: v2CenRole.getRoleFunctions()){
- CentralRoleFunction roleFunc = new CentralRoleFunction(v2CenRoleFunc.getCode(), v2CenRoleFunc.getName());
- cenRoleFuncList.add(roleFunc);
- }
- CentralRole role = new CentralRole(v2CenRole.getId(), v2CenRole.getName(), v2CenRole.getActive(), v2CenRole.getPriority(), cenRoleFuncList);
- cenRoleList.add(role);
- }
+ for (CentralV2Role v2CenRole : v2CenRoleList) {
+ SortedSet<CentralRoleFunction> cenRoleFuncList = new TreeSet<>();
+ for (CentralV2RoleFunction v2CenRoleFunc : v2CenRole.getRoleFunctions()) {
+ CentralRoleFunction roleFunc = new CentralRoleFunction(v2CenRoleFunc.getCode(),
+ v2CenRoleFunc.getName());
+ cenRoleFuncList.add(roleFunc);
+ }
+ CentralRole role = new CentralRole(v2CenRole.getId(), v2CenRole.getName(), v2CenRole.getActive(),
+ v2CenRole.getPriority(), cenRoleFuncList);
+ cenRoleList.add(role);
+ }
return cenRoleList;
}
-
+
@Override
public ResponseEntity<String> getNameSpaceIfExists(EPApp app) throws Exception {
HttpHeaders headers = EcompPortalUtils.base64encodeKeyForAAFBasicAuth();
@@ -3433,7 +3606,7 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic
}
return response;
}
-
+
@Override
public CentralRole convertV2CentralRoleToOldVerisonCentralRole(CentralV2Role v2CenRole) {
SortedSet<CentralRoleFunction> cenRoleFuncList = new TreeSet<>();
@@ -3458,17 +3631,17 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic
userRolesList = dataAccessService.executeNamedQuery("getBulkUsersForSingleRole", params, null);
for (BulkUploadUserRoles userRolesUpload : userRolesList) {
userRolesUpload.setRoleName(modifiedRoleName);
- if(!userRolesUpload.getOrgUserId().equals("su1234")){
+ if (!userRolesUpload.getOrgUserId().equals("su1234")) {
addUserRoleInExternalSystem(userRolesUpload);
userRolesAdded++;
}
}
}
return userRolesAdded;
- }
-
+ }
+
@Override
- public String encodeFunctionCode(String funCode){
+ public String encodeFunctionCode(String funCode) {
String encodedString = funCode;
List<Pattern> encodingList = new ArrayList<>();
encodingList.add(Pattern.compile("/"));
@@ -3476,11 +3649,11 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic
for (Pattern xssInputPattern : encodingList) {
encodedString = xssInputPattern.matcher(encodedString)
.replaceAll("%" + Hex.encodeHexString(xssInputPattern.toString().getBytes()));
- }
- encodedString = encodedString.replaceAll("\\*", "%"+ Hex.encodeHexString("*".getBytes()));
+ }
+ encodedString = encodedString.replaceAll("\\*", "%" + Hex.encodeHexString("*".getBytes()));
return encodedString;
}
-
+
@Override
public void bulkUploadRoleFunc(UploadRoleFunctionExtSystem data, EPApp app) throws Exception {
ObjectMapper mapper = new ObjectMapper();
@@ -3488,18 +3661,16 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic
try {
ExternalAccessRolePerms extRolePerms;
ExternalAccessPerms extPerms;
- extPerms = new ExternalAccessPerms(app.getNameSpace() + "." + data.getType(), encodeFunctionCode(data.getInstance()), data.getAction());
+ extPerms = new ExternalAccessPerms(app.getNameSpace() + "." + data.getType(),
+ encodeFunctionCode(data.getInstance()), data.getAction());
String appNameSpace = "";
- if(data.getIsGlobalRolePartnerFunc()) {
- appNameSpace = epAppService.getApp(1l).getNameSpace();
+ if (data.getIsGlobalRolePartnerFunc()) {
+ appNameSpace = epAppService.getApp(1l).getNameSpace();
} else {
- appNameSpace = app.getNameSpace();
+ appNameSpace = app.getNameSpace();
}
- extRolePerms = new ExternalAccessRolePerms(extPerms,
- appNameSpace + "."
- + data.getRoleName().replaceAll(
- EcompPortalUtils.EXTERNAL_CENTRAL_AUTH_ROLE_HANDLE_SPECIAL_CHARACTERS,
- "_"));
+ extRolePerms = new ExternalAccessRolePerms(extPerms, appNameSpace + "." + data.getRoleName()
+ .replaceAll(EcompPortalUtils.EXTERNAL_CENTRAL_AUTH_ROLE_HANDLE_SPECIAL_CHARACTERS, "_"));
String updateRolePerms = mapper.writeValueAsString(extRolePerms);
HttpEntity<String> entity = new HttpEntity<>(updateRolePerms, headers);
updateRoleFunctionInExternalSystem(updateRolePerms, entity);
@@ -3513,7 +3684,6 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic
"addFunctionInExternalSystem: Failed to add role fucntion in external central auth system", e);
throw e;
}
-
}
private void updateRoleFunctionInExternalSystem(String updateRolePerms, HttpEntity<String> entity) {
@@ -3526,7 +3696,7 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic
"bulkUploadRoleFunc: Finished adding permission for POST: {} and status code: {} ",
addPermResponse.getStatusCode().value(), updateRolePerms);
}
-
+
@Override
public void syncApplicationUserRolesFromExtAuthSystem(String loginId) throws Exception {
String name = "";
@@ -3587,7 +3757,8 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic
if (!currentCentralizedUserAppRolesMap.containsKey(extUserRoleDetail.getName())) {
CentralizedAppRoles getCenAppRole = cenAppRolesMap.get(extUserRoleDetail.getName());
if (getCenAppRole != null) {
- logger.debug(EELFLoggerDelegate.debugLogger, "addUserRolesInLocal: Adding user role from external auth system {}",
+ logger.debug(EELFLoggerDelegate.debugLogger,
+ "addUserRolesInLocal: Adding user role from external auth system {}",
extUserRoleDetail.toString());
EPUserApp userApp = new EPUserApp();
EPApp app = new EPApp();
@@ -3598,14 +3769,17 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic
userApp.setUserId(user.getId());
userApp.setRole(epRole);
dataAccessService.saveDomainObject(userApp, null);
- logger.debug(EELFLoggerDelegate.debugLogger, "addUserRolesInLocal: Finished user role from external auth system {}",
+ logger.debug(EELFLoggerDelegate.debugLogger,
+ "addUserRolesInLocal: Finished user role from external auth system {}",
extUserRoleDetail.toString());
- } else if (getCenAppRole == null // check if user has app account admin role
+ } else if (getCenAppRole == null // check if user has app
+ // account admin role
&& extUserRoleDetail.getName().endsWith(PortalConstants.ADMIN_ROLE.replaceAll(
EcompPortalUtils.EXTERNAL_CENTRAL_AUTH_ROLE_HANDLE_SPECIAL_CHARACTERS, "_"))) {
EPApp app = centralisedAppsMap.get(extUserRoleDetail.getName());
if (app != null) {
- logger.debug(EELFLoggerDelegate.debugLogger, "addUserRolesInLocal: Adding user role from external auth system {}",
+ logger.debug(EELFLoggerDelegate.debugLogger,
+ "addUserRolesInLocal: Adding user role from external auth system {}",
extUserRoleDetail.toString());
EPUserApp userApp = new EPUserApp();
EPRole epRole = new EPRole();
@@ -3614,7 +3788,8 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic
userApp.setUserId(user.getId());
userApp.setRole(epRole);
dataAccessService.saveDomainObject(userApp, null);
- logger.debug(EELFLoggerDelegate.debugLogger, "addUserRolesInLocal: Finished user role from external auth system {}",
+ logger.debug(EELFLoggerDelegate.debugLogger,
+ "addUserRolesInLocal: Finished user role from external auth system {}",
extUserRoleDetail.toString());
}
}
@@ -3629,13 +3804,14 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic
@SuppressWarnings("unchecked")
private HashMap<String, EPApp> getCentralizedAdminAppsInfo() {
- List<EPApp> centralizedApps = dataAccessService
- .executeNamedQuery("getCentralizedApps", null, null);
+ List<EPApp> centralizedApps = dataAccessService.executeNamedQuery("getCentralizedApps", null, null);
HashMap<String, EPApp> centralisedAppsMap = new HashMap<>();
for (EPApp cenApp : centralizedApps) {
- centralisedAppsMap.put(cenApp.getNameSpace()+ "." +
- PortalConstants.ADMIN_ROLE.replaceAll(
- EcompPortalUtils.EXTERNAL_CENTRAL_AUTH_ROLE_HANDLE_SPECIAL_CHARACTERS, "_"), cenApp);
+ centralisedAppsMap.put(
+ cenApp.getNameSpace() + "."
+ + PortalConstants.ADMIN_ROLE.replaceAll(
+ EcompPortalUtils.EXTERNAL_CENTRAL_AUTH_ROLE_HANDLE_SPECIAL_CHARACTERS, "_"),
+ cenApp);
}
return centralisedAppsMap;
}
@@ -3645,9 +3821,10 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic
HashMap<String, CentralizedAppRoles> currentCentralizedUserAppRolesMap = new HashMap<>();
for (CentralizedAppRoles cenAppUserRole : currentUserAppRoles) {
currentCentralizedUserAppRolesMap.put(
- cenAppUserRole.getAppNameSpace() + "." + cenAppUserRole.getRoleName()
- .replaceAll(EcompPortalUtils.EXTERNAL_CENTRAL_AUTH_ROLE_HANDLE_SPECIAL_CHARACTERS, "_"),
- cenAppUserRole);
+ cenAppUserRole.getAppNameSpace() + "."
+ + cenAppUserRole.getRoleName().replaceAll(
+ EcompPortalUtils.EXTERNAL_CENTRAL_AUTH_ROLE_HANDLE_SPECIAL_CHARACTERS, "_"),
+ cenAppUserRole);
}
return currentCentralizedUserAppRolesMap;
}
@@ -3659,13 +3836,14 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic
HashMap<String, CentralizedAppRoles> cenAppRolesMap = new HashMap<>();
for (CentralizedAppRoles CentralizedAppRole : centralizedAppRoles) {
cenAppRolesMap.put(
- CentralizedAppRole.getAppNameSpace() + "." + CentralizedAppRole.getRoleName()
- .replaceAll(EcompPortalUtils.EXTERNAL_CENTRAL_AUTH_ROLE_HANDLE_SPECIAL_CHARACTERS, "_"),
+ CentralizedAppRole.getAppNameSpace() + "."
+ + CentralizedAppRole.getRoleName().replaceAll(
+ EcompPortalUtils.EXTERNAL_CENTRAL_AUTH_ROLE_HANDLE_SPECIAL_CHARACTERS, "_"),
CentralizedAppRole);
}
return cenAppRolesMap;
}
-
+
@Override
public ResponseEntity<String> getUserRolesFromExtAuthSystem(String name, HttpEntity<String> getUserRolesEntity) {
logger.debug(EELFLoggerDelegate.debugLogger, "Connecting to external system to get current user roles");
@@ -3673,14 +3851,35 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic
.exchange(SystemProperties.getProperty(EPCommonSystemProperties.EXTERNAL_CENTRAL_ACCESS_URL)
+ "roles/user/" + name, HttpMethod.GET, getUserRolesEntity, String.class);
if (getResponse.getStatusCode().value() == 200) {
- logger.debug(EELFLoggerDelegate.debugLogger, "getAllUserRoleFromExtAuthSystem: Finished GET user roles from external system and received user roles {}",
+ logger.debug(EELFLoggerDelegate.debugLogger,
+ "getAllUserRoleFromExtAuthSystem: Finished GET user roles from external system and received user roles {}",
+ getResponse.getBody());
+ } else {
+ logger.error(EELFLoggerDelegate.errorLogger,
+ "getAllUserRoleFromExtAuthSystem: Failed GET user roles from external system and received user roles {}",
getResponse.getBody());
-
- }else{
- logger.error(EELFLoggerDelegate.errorLogger, "getAllUserRoleFromExtAuthSystem: Failed GET user roles from external system and received user roles {}",getResponse.getBody() );
EPLogUtil.logExternalAuthAccessAlarm(logger, getResponse.getStatusCode());
}
return getResponse;
}
+ @Override
+ public Integer updateAppRoleDescription(String uebkey) {
+ Integer roleDescUpdated = 0;
+ EPApp app;
+ try {
+ app = getApp(uebkey).get(0);
+ List<EPRole> roles = getAppRoles(app.getId());
+ for (EPRole epRole : roles) {
+ Role role = new Role();
+ role.setName(epRole.getName());
+ boolean status = addRoleDescriptionInExtSystem(role, app);
+ if (status)
+ roleDescUpdated++;
+ }
+ } catch (Exception e) {
+ logger.error(EELFLoggerDelegate.errorLogger, "updateAppRoleDescription: Failed! ", e);
+ }
+ return roleDescUpdated;
+ }
}
diff --git a/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/service/UserRolesCommonServiceImpl.java b/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/service/UserRolesCommonServiceImpl.java
index b0dd4a21..5d9761ce 100644
--- a/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/service/UserRolesCommonServiceImpl.java
+++ b/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/service/UserRolesCommonServiceImpl.java
@@ -65,6 +65,7 @@ import org.json.JSONArray;
import org.json.JSONObject;
import org.onap.portalapp.externalsystemapproval.model.ExternalSystemRoleApproval;
import org.onap.portalapp.externalsystemapproval.model.ExternalSystemUser;
+import org.onap.portalapp.portal.domain.CentralV2RoleFunction;
import org.onap.portalapp.portal.domain.EPApp;
import org.onap.portalapp.portal.domain.EPRole;
import org.onap.portalapp.portal.domain.EPUser;
@@ -98,8 +99,10 @@ import org.onap.portalapp.portal.transport.UserApplicationRoles;
import org.onap.portalapp.portal.utils.EPCommonSystemProperties;
import org.onap.portalapp.portal.utils.EcompPortalUtils;
import org.onap.portalapp.portal.utils.PortalConstants;
+import org.onap.portalapp.util.EPUserUtils;
import org.onap.portalapp.util.SystemType;
import org.onap.portalsdk.core.domain.Role;
+import org.onap.portalsdk.core.domain.RoleFunction;
import org.onap.portalsdk.core.logging.logic.EELFLoggerDelegate;
import org.onap.portalsdk.core.restful.domain.EcompRole;
import org.onap.portalsdk.core.service.DataAccessService;
@@ -123,6 +126,8 @@ public class UserRolesCommonServiceImpl {
private static EELFLoggerDelegate logger = EELFLoggerDelegate.getLogger(UserRolesCommonServiceImpl.class);
private static final Object syncRests = new Object();
+
+ private static final String APP_ID = "appId";
@Autowired
private DataAccessService dataAccessService;
@@ -138,7 +143,10 @@ public class UserRolesCommonServiceImpl {
private EPRoleService epRoleService;
@Autowired
private RoleService roleService;
-
+ @Autowired
+ private AdminRolesService adminRolesService;
+ @Autowired
+ private EPAppService appService;
@Autowired
private ExternalAccessRolesService externalAccessRolesService;
@@ -428,18 +436,25 @@ public class UserRolesCommonServiceImpl {
for (EPRole ecompRole : userAppRoles) {
userAppRolesMap.add(ecompRole.getId());
}
+ logger.debug(EELFLoggerDelegate.debugLogger, "In constructRolesInAppForUserGet() - userAppRolesMap = {}", userAppRolesMap);
+
} else {
logger.error(EELFLoggerDelegate.errorLogger,
"constructRolesInAppForUserGet has received userAppRoles list empty.");
}
if (appRoles != null) {
+
for (Role ecompRole : appRoles) {
+ logger.debug(EELFLoggerDelegate.debugLogger, "In constructRolesInAppForUserGet() - appRoles not null = {}", ecompRole);
+
if (ecompRole.getId().equals(PortalConstants.ACCOUNT_ADMIN_ROLE_ID) && !extRequestValue)
continue;
RoleInAppForUser roleForUser = new RoleInAppForUser(ecompRole.getId(), ecompRole.getName());
roleForUser.isApplied = userAppRolesMap.contains(ecompRole.getId());
rolesInAppForUser.add(roleForUser);
+ logger.debug(EELFLoggerDelegate.debugLogger, "In constructRolesInAppForUserGet() - rolesInAppForUser = {}", rolesInAppForUser);
+
}
} else {
logger.error(EELFLoggerDelegate.errorLogger,
@@ -815,29 +830,31 @@ public class UserRolesCommonServiceImpl {
* @return
* @throws Exception
*/
- private EPUser addRemoteUser(List<RoleInAppForUser> roleInAppForUserList, String userId, EPApp app, ObjectMapper mapper, SearchService searchService, ApplicationsRestClientService applicationsRestClientService) throws Exception{
+ private EPUser addRemoteUser(List<RoleInAppForUser> roleInAppForUserList, String userId, EPApp app,
+ ObjectMapper mapper, SearchService searchService,
+ ApplicationsRestClientService applicationsRestClientService) throws Exception {
EPUser addRemoteUser = null;
if (remoteUserShouldBeCreated(roleInAppForUserList)) {
- createNewUserOnRemoteApp(userId, app, applicationsRestClientService, searchService, mapper, isAppUpgradeVersion(app));
+ createNewUserOnRemoteApp(userId, app, applicationsRestClientService, searchService, mapper,
+ isAppUpgradeVersion(app));
}
return addRemoteUser;
}
-
private EPUser pushRemoteUser(List<RoleInAppForUser> roleInAppForUserList, String userId, EPApp app,
ObjectMapper mapper, SearchService searchService,
- ApplicationsRestClientService applicationsRestClientService) throws Exception {
+ ApplicationsRestClientService applicationsRestClientService,boolean appRoleIdUsed) throws Exception {
EPUser addRemoteUser = null;
- if (remoteUserShouldBeCreated(roleInAppForUserList)) {
+// if (remoteUserShouldBeCreated(roleInAppForUserList)) {
pushUserOnRemoteApp(userId, app, applicationsRestClientService, searchService, mapper,
- isAppUpgradeVersion(app), roleInAppForUserList);
- }
+ isAppUpgradeVersion(app), roleInAppForUserList, appRoleIdUsed);
+// }
return addRemoteUser;
}
protected void pushUserOnRemoteApp(String userId, EPApp app,
ApplicationsRestClientService applicationsRestClientService, SearchService searchService,
- ObjectMapper mapper, boolean postOpenSource, List<RoleInAppForUser> roleInAppForUserList) throws Exception {
+ ObjectMapper mapper, boolean postOpenSource, List<RoleInAppForUser> roleInAppForUserList,boolean appRoleIdUsed) throws Exception {
EPUser client = searchService.searchUserByUserId(userId);
@@ -852,18 +869,50 @@ public class UserRolesCommonServiceImpl {
client.setLoginId(userId);
client.setActive(true);
roleInAppForUserList.removeIf(role -> role.isApplied.equals(false));
- Set<EcompRole> userRolesInRemoteApp = constructUsersRemoteAppRoles(roleInAppForUserList);
SortedSet<Role> roles = new TreeSet<>();
- List<EPRole> getAppRoles = getAppRoles(app.getId());
- for (EcompRole epRole : userRolesInRemoteApp) {
+
+ List<EPRole> getAppRoles = externalAccessRolesService.getAppRoles(app.getId());
+ List<EPApp> appList = new ArrayList<>();
+ appList.add(app);
+ List<CentralV2Role> roleList = new ArrayList<>();
+ Map<String, Long> params = new HashMap<>();
+
+ List<EPRole> userRoles = new ArrayList<>();
+
+ for (RoleInAppForUser roleInappForUser : roleInAppForUserList) {
+ EPRole role = new EPRole();
+ role.setId(roleInappForUser.getRoleId());
+ role.setName(roleInappForUser.getRoleName());
+ userRoles.add(role);
+ }
+
+ if (appRoleIdUsed) {
+ List<EPRole> userAppRoles = new ArrayList<>();
+ for (EPRole role : userRoles) {
+ EPRole appRole = getAppRoles.stream()
+ .filter(applicationRole -> role.getId().equals(applicationRole.getAppRoleId())).findAny()
+ .orElse(null);
+ EPRole epRole = new EPRole();
+ if (appRole != null) {
+ epRole.setId(appRole.getId());
+ epRole.setName(appRole.getName());
+ }
+ userAppRoles.add(epRole);
+ }
+ userRoles = new ArrayList<>();
+ userRoles.addAll(userAppRoles);
+ }
+ roleList = externalAccessRolesService.createCentralRoleObject(appList, userRoles, roleList, params);
+
+ for (CentralV2Role epRole : roleList) {
Role role = new Role();
EPRole appRole = getAppRoles.stream()
- .filter(applicationRole -> epRole.getId().equals(applicationRole.getId()))
- .findAny()
- .orElse(null);
- if(appRole != null)
- role.setId(appRole.getAppRoleId());
+ .filter(applicationRole -> epRole.getId().equals(applicationRole.getId())).findAny().orElse(null);
+ if (appRole != null){
+ role.setId(appRole.getAppRoleId());
role.setName(epRole.getName());
+ role.setRoleFunctions(epRole.getRoleFunctions());
+ }
roles.add(role);
}
client.setRoles(roles);
@@ -872,23 +921,8 @@ public class UserRolesCommonServiceImpl {
logger.debug(EELFLoggerDelegate.debugLogger,
"about to post a client to remote application, users json = " + userInString);
applicationsRestClientService.post(EPUser.class, app.getId(), userInString, String.format("/user/%s", userId));
-
- }
-
-
- public List<EPRole> getAppRoles(Long appId) throws Exception {
- List<EPRole> applicationRoles = null;
- final Map<String, Long> appParams = new HashMap<>();
- try {
- appParams.put("appId", appId);
- applicationRoles = dataAccessService.executeNamedQuery("getPartnerAppRolesList", appParams, null);
- } catch (Exception e) {
- logger.error(EELFLoggerDelegate.errorLogger, "getAppRoles: failed", e);
- throw e;
- }
- return applicationRoles;
}
-
+
/**
* It checks whether the remote user exists or not
* if exits returns user object else null
@@ -929,10 +963,11 @@ public class UserRolesCommonServiceImpl {
* setAppWithUserRoleStateForUser(org.onap.portalapp.portal.domain.
* EPUser, org.onap.portalapp.portal.transport.AppWithRolesForUser)
*/
- public boolean setAppWithUserRoleStateForUser(EPUser user, AppWithRolesForUser newAppRolesForUser) {
+ public ExternalRequestFieldsValidator setAppWithUserRoleStateForUser(EPUser user, AppWithRolesForUser newAppRolesForUser) {
boolean result = false;
boolean epRequestValue = false;
String userId = "";
+ String reqMessage = "";
if (newAppRolesForUser != null && newAppRolesForUser.orgUserId != null) {
userId = newAppRolesForUser.orgUserId.trim();
}
@@ -949,11 +984,10 @@ public class UserRolesCommonServiceImpl {
// if centralized app
if (app.getCentralAuth()) {
if (!app.getId().equals(PortalConstants.PORTAL_APP_ID)) {
- pushRemoteUser(roleInAppForUserList, userId, app, mapper, searchService,
- applicationsRestClientService);
+ pushRemoteUser(roleInAppForUserList, userId, app, mapper, searchService,
+ applicationsRestClientService,false);
}
-
Set<EcompRole> userRolesInLocalApp = postUsersRolesToLocalApp(roleInAppForUserList, mapper,
applicationsRestClientService, appId, userId);
RolesInAppForUser rolesInAppForUser = constructRolesInAppForUserUpdate(userId, appId,
@@ -982,8 +1016,7 @@ public class UserRolesCommonServiceImpl {
if (remoteAppUser == null) {
remoteAppUser = addRemoteUser(roleInAppForUserList, userId, app, mapper, searchService, applicationsRestClientService);
}
- if (remoteAppUser != null) {
- Set<EcompRole> userRolesInRemoteApp = postUsersRolesToRemoteApp(roleInAppForUserList, mapper,
+ Set<EcompRole> userRolesInRemoteApp = postUsersRolesToRemoteApp(roleInAppForUserList, mapper,
applicationsRestClientService, appId, userId);
RolesInAppForUser rolesInAppForUser = constructRolesInAppForUserUpdate(userId, appId,
userRolesInRemoteApp);
@@ -994,22 +1027,32 @@ public class UserRolesCommonServiceImpl {
logger.debug(EELFLoggerDelegate.debugLogger,
"setAppWithUserRoleStateForUser: no roles in app {}, set user {} to inactive", app,
userId);
- remoteAppUser.setActive(false);
+ //remoteAppUser.setActive(false);
postUserToRemoteApp(userId, user, app, applicationsRestClientService);
- }
}
}
}
} catch (Exception e) {
+ /*String message = String.format(
+ "Failed to create user or update user roles for User %s, AppId %s",
+ userId, Long.toString(appId));
+ logger.error(EELFLoggerDelegate.errorLogger, message, e);
+ result = false;*/
+
String message = String.format(
"Failed to create user or update user roles for User %s, AppId %s",
userId, Long.toString(appId));
logger.error(EELFLoggerDelegate.errorLogger, message, e);
result = false;
+ reqMessage = e.getMessage();
+
+
}
}
- return result;
+ //return result;
+ return new ExternalRequestFieldsValidator(result, reqMessage);
+
}
/**
* It adds user roles in External system and also make data consistent in both local and in External System
@@ -1053,10 +1096,8 @@ public class UserRolesCommonServiceImpl {
if (extRoles.getJSONObject(i).getString("name").startsWith(app.getNameSpace() + ".")
&& !extRoles.getJSONObject(i).getString("name").equals(app.getNameSpace() + ".admin")
&& !extRoles.getJSONObject(i).getString("name").equals(app.getNameSpace() + ".owner")) {
- ObjectMapper descMapper = new ObjectMapper();
- if (extRoles.getJSONObject(i).has("description") && EcompPortalUtils.isJSONValid(extRoles.getJSONObject(i).getString("description"))) {
- ExternalRoleDescription desc = descMapper.readValue(
- extRoles.getJSONObject(i).getString("description"), ExternalRoleDescription.class);
+ if (extRoles.getJSONObject(i).has("description")) {
+ ExternalRoleDescription desc = new ExternalRoleDescription(extRoles.getJSONObject(i).getString("description"));
userRoleDetail = new ExternalAccessUserRoleDetail(
extRoles.getJSONObject(i).getString("name"), desc);
userRoleDetailList.add(userRoleDetail);
@@ -1157,7 +1198,7 @@ public class UserRolesCommonServiceImpl {
private List<ExternalAccessUserRoleDetail> CheckIfRoleAreMatchingInUserRoleDetailList(
List<ExternalAccessUserRoleDetail> userRoleDetailList, EPApp app) {
- Map<String, EPRole> epRoleList = externalAccessRolesService.getCurrentRolesInDB(app);
+ Map<String, EPRole> epRoleList = externalAccessRolesService.getAppRoleNamesWithUnderscoreMap(app);
//Add Account Admin role for partner app to prevent conflict
if(!app.getId().equals(PortalConstants.PORTAL_APP_ID)) {
EPRole role = new EPRole();
@@ -1352,7 +1393,7 @@ public class UserRolesCommonServiceImpl {
final Map<String, Long> params = new HashMap<>();
final Map<String, String> userParams = new HashMap<>();
List<EPUser> userInfo = null;
- EPUser userId = null;
+ EPUser user = null;
List<EPUserAppRolesRequest> epRequestId = null;
String orgUserId = "";
String updateStatus = "";
@@ -1377,9 +1418,9 @@ public class UserRolesCommonServiceImpl {
}
if (userInfo.size() != 0 || !userInfo.isEmpty()) {
validateExternalRequestFields(userInfo, app);
- userId = userInfo.get(0);
+ user = userInfo.get(0);
params.put("appId", app.getId());
- params.put("userId", userId.getId());
+ params.put("userId", user.getId());
epRequestId = (List<EPUserAppRolesRequest>) dataAccessService
.executeNamedQuery("userAppRolesRequestList", params, null);
epRequestIdSize = epRequestId.size();
@@ -1399,7 +1440,7 @@ public class UserRolesCommonServiceImpl {
List<EcompUserAppRoles> userRoleList = null;
if(!userInfo.isEmpty()){
final Map<String, Long> appParams = new HashMap<>();
- appParams.put("userId", userId.getId());
+ appParams.put("userId", user.getId());
appParams.put("appId", app.getId());
userRoleList = dataAccessService.executeNamedQuery("getUserAppExistingRoles", appParams, null);
}
@@ -1416,17 +1457,20 @@ public class UserRolesCommonServiceImpl {
if (app.getCentralAuth()) {
// We should add If user does not exist in remote application
try {
- // If adding just account admin role dont make remote application user call
- if (!app.getId().equals(PortalConstants.PORTAL_APP_ID) && !(checkIfAdminRoleExists
- && reqType.equals("DELETE")) && roleInAppForUserList.size() > 1) {
- EPUser remoteAppUser = null;
- remoteAppUser = checkIfRemoteUserExits(orgUserId, app,
- applicationsRestClientService);
- if (remoteAppUser == null) {
- addRemoteUser(roleInAppForUserList, orgUserId, app, mapper, searchService,
- applicationsRestClientService);
- reqMessage = "Saved Successfully";
- }
+ // If adding just account admin role dont make remote application user call or
+ // if request has only single non admin role then make remote call
+ if (!(app.getId().equals(PortalConstants.PORTAL_APP_ID) && reqType.equals("DELETE"))
+ && ((checkIfAdminRoleExists && roleInAppForUserList.size() > 1)
+ || (!checkIfAdminRoleExists && roleInAppForUserList.size() >= 1))) {
+ // check if admin role exist then delete
+ List<RoleInAppForUser> remoteUserRoles = roleInAppForUserList.stream()
+ .collect(Collectors.toList());
+ remoteUserRoles.removeIf(role -> {
+ return (role.getRoleId().equals(PortalConstants.ACCOUNT_ADMIN_ROLE_ID));
+ });
+ String orgUserIdNewOrExist = (userInfo.size() != 0 || !userInfo.isEmpty()) ? user.getOrgUserId() : orgUserId;
+ pushRemoteUser(remoteUserRoles, orgUserIdNewOrExist , app, mapper, searchService,
+ applicationsRestClientService,true);
}
} catch (Exception e) {
reqMessage = e.getMessage();
@@ -1455,34 +1499,35 @@ public class UserRolesCommonServiceImpl {
result = applyChangesInUserRolesForAppToEcompDB(rolesInAppForUser, externalSystemRequest, reqType);
} else {// remote app
// If adding just account admin role don't do remote application user call
- if(!((roleInAppForUserList.size() == 1 || reqType.equals("DELETE")) && checkIfAdminRoleExists)){
- EPUser remoteAppUser = null;
+ if (!((roleInAppForUserList.size() == 1 || reqType.equals("DELETE")) && checkIfAdminRoleExists)) {
+ EPUser remoteAppUser = null;
remoteAppUser = checkIfRemoteUserExits(orgUserId, app, applicationsRestClientService);
- if (remoteAppUser == null) {
- remoteAppUser = addRemoteUser(roleInAppForUserList, orgUserId, app, mapper, searchService, applicationsRestClientService);
- reqMessage = "Saved Successfully";
- }
- if (remoteAppUser != null) {
- Set<EcompRole> userRolesInRemoteApp = postUsersRolesToRemoteApp(roleInAppForUserList,
- mapper, applicationsRestClientService, app.getId(), orgUserId);
-
- RolesInAppForUser rolesInAppForUser = constructRolesInAppForUserUpdate(orgUserId,
- app.getId(), userRolesInRemoteApp);
- logger.info(EELFLoggerDelegate.debugLogger, "setExternalRequestUserAppRole: {} user app roles: for app {}, user {}",
- logMessage, newAppRolesForUser.getApplicationName(),
- newAppRolesForUser.getLoginId());
- result = applyChangesInUserRolesForAppToEcompDB(rolesInAppForUser, externalSystemRequest,
- reqType);
- // If no roles remain, request app to set user inactive.
- /*if (userRolesInRemoteApp.size() == 0) {
- logger.debug(EELFLoggerDelegate.debugLogger,
- "setAppWithUserRoleStateForUser: no roles in app {}, set user {} to inactive", app,
- orgUserId);
- //TODO Need to fix the logged in user is not set to inactive
- remoteAppUser.setActive(false);
- postUserToRemoteApp(orgUserId, user, app, applicationsRestClientService);
- }*/
+ if (remoteAppUser == null) {
+ addRemoteUser(roleInAppForUserList, orgUserId, app, mapper, searchService,
+ applicationsRestClientService);
+ reqMessage = "Saved Successfully";
}
+
+ Set<EcompRole> userRolesInRemoteApp = postUsersRolesToRemoteApp(roleInAppForUserList, mapper,
+ applicationsRestClientService, app.getId(), orgUserId);
+
+ RolesInAppForUser rolesInAppForUser = constructRolesInAppForUserUpdate(orgUserId, app.getId(),
+ userRolesInRemoteApp);
+ logger.info(EELFLoggerDelegate.debugLogger,
+ "setExternalRequestUserAppRole: {} user app roles: for app {}, user {}", logMessage,
+ newAppRolesForUser.getApplicationName(), newAppRolesForUser.getLoginId());
+ result = applyChangesInUserRolesForAppToEcompDB(rolesInAppForUser, externalSystemRequest,
+ reqType);
+ // If no roles remain, request app to set user inactive.
+ /*
+ * if (userRolesInRemoteApp.size() == 0) {
+ * logger.debug(EELFLoggerDelegate.debugLogger,
+ * "setAppWithUserRoleStateForUser: no roles in app {}, set user {} to inactive"
+ * , app, orgUserId); //TODO Need to fix the logged in user is not set to
+ * inactive remoteAppUser.setActive(false); postUserToRemoteApp(orgUserId, user,
+ * app, applicationsRestClientService); }
+ */
+
} else {
// Here we are adding only we have single account admin in roleInAppForUserList and this should not add in remote
if(!(reqType.equals("DELETE")) && userInfo.isEmpty()){
@@ -1502,7 +1547,7 @@ public class UserRolesCommonServiceImpl {
}
if (epRequestIdSize > 0 && !userInfo.isEmpty()) {
updateStatus = "C";
- applyChangesToAppRolesRequest(app.getId(), userId.getId(), updateStatus, epRequestId.get(0));
+ applyChangesToAppRolesRequest(app.getId(), user.getId(), updateStatus, epRequestId.get(0));
}
}
} catch (Exception e) {
@@ -1513,7 +1558,7 @@ public class UserRolesCommonServiceImpl {
reqMessage = e.getMessage();
if(epRequestIdSize > 0 && userInfo!=null && !userInfo.isEmpty()){
updateStatus = "F";
- applyChangesToAppRolesRequest(app.getId(), userId.getId(),
+ applyChangesToAppRolesRequest(app.getId(), user.getId(),
updateStatus, epRequestId.get(0));
}
}
@@ -1634,157 +1679,290 @@ public class UserRolesCommonServiceImpl {
* getAppRolesForUser(java.lang.Long, java.lang.String)
*/
@SuppressWarnings("unchecked")
- public List<RoleInAppForUser> getAppRolesForUser(Long appId, String userId, Boolean extRequestValue) {
-
- List<RoleInAppForUser> rolesInAppForUser = null;
- EPApp app = appsService.getApp(appId);
- try {
- // for onap portal app, no need to make a remote call
- List<Role> roleList = new ArrayList<>();
- if (appId == PortalConstants.PORTAL_APP_ID) {
- if(app.getCentralAuth()){
- List<CentralV2Role> cenRoleList = externalAccessRolesService.getRolesForApp(app.getUebKey());
- for(CentralV2Role cenRole : cenRoleList){
- Role role = new Role();
- role.setActive(cenRole.getActive());
- role.setId(cenRole.getId());
- role.setName(cenRole.getName());
- role.setPriority(cenRole.getPriority());
- roleList.add(role);
- }
- }else{
- roleList = roleService.getAvailableRoles(userId);
+ public List<RoleInAppForUser> getAppRolesForUser(Long appId, String userId, Boolean extRequestValue,EPUser user) {
+ List<RoleInAppForUser> rolesInAppForUser = null;
+ EPApp app = appsService.getApp(appId);
+ logger.debug(EELFLoggerDelegate.debugLogger, "In getAppRolesForUser() - app = {}", app);
+ try {
+ // for onap portal app, no need to make a remote call
+ List<Role> roleList = new ArrayList<>();
+ if (appId == PortalConstants.PORTAL_APP_ID) {
+ if(app.getCentralAuth()){
+ List<CentralV2Role> cenRoleList = externalAccessRolesService.getRolesForApp(app.getUebKey());
+ for(CentralV2Role cenRole : cenRoleList){
+ Role role = new Role();
+ role.setActive(cenRole.getActive());
+ role.setId(cenRole.getId());
+ role.setName(cenRole.getName());
+ role.setPriority(cenRole.getPriority());
+ roleList.add(role);
}
- List<Role> activeRoleList = new ArrayList<Role>();
- for(Role role: roleList) {
- if(role.getActive()) {
- if(role.getId() != 1){ // prevent portal admin from being added
- activeRoleList.add(role);
- } else if(extRequestValue){
- activeRoleList.add(role);
- }
+ }else{
+ roleList = roleService.getAvailableRoles(userId);
+ }
+ List<Role> activeRoleList = new ArrayList<Role>();
+ for(Role role: roleList) {
+ if(role.getActive()) {
+ if(role.getId() != 1){ // prevent portal admin from being added
+ activeRoleList.add(role);
+ } else if(extRequestValue){
+ activeRoleList.add(role);
}
-
- }
- EPUser localUser = getUserFromApp(userId, app, applicationsRestClientService);
- // If localUser does not exists return roles
- Set<EPRole> roleSet = null;
- EPRole[] roleSetList = null;
- if(localUser != null){
- roleSet = localUser.getAppEPRoles(app);
- roleSetList = roleSet.toArray(new EPRole[0]);
}
- rolesInAppForUser = constructRolesInAppForUserGet(activeRoleList, roleSetList, extRequestValue);
- return rolesInAppForUser;
+
}
-
- EcompRole[] appRoles = null;
- List<EcompRole> roles = new ArrayList<>();
- if(app.getCentralAuth()){
- final Map<String, Long> appParams = new HashMap<>();
+ EPUser localUser = getUserFromApp(userId, app, applicationsRestClientService);
+ // If localUser does not exists return roles
+ Set<EPRole> roleSet = null;
+ EPRole[] roleSetList = null;
+ if(localUser != null){
+ roleSet = localUser.getAppEPRoles(app);
+ roleSetList = roleSet.toArray(new EPRole[0]);
+ }
+ rolesInAppForUser = constructRolesInAppForUserGet(activeRoleList, roleSetList, extRequestValue);
+ return rolesInAppForUser;
+ }
+
+ EcompRole[] appRoles = null;
+ List<EcompRole> roles = new ArrayList<>();
+ if (app.getCentralAuth()) {
+ final Map<String, Long> appParams = new HashMap<>();
appParams.put("appId", app.getId());
- List<EPRole> applicationRoles = dataAccessService.executeNamedQuery("getActiveRolesOfApplication", appParams, null);
- for(EPRole role : applicationRoles){
+ List<EPRole> applicationRoles = dataAccessService.executeNamedQuery("getActiveRolesOfApplication",
+ appParams, null);
+
+ EPApp application = appService.getApp(appId);
+ boolean checkIfUserisApplicationAccAdmin = adminRolesService.isAccountAdminOfApplication(user,
+ application);
+
+ List<EPRole> rolesetwithfunctioncds = new ArrayList<EPRole>();
+ for (EPRole role : applicationRoles) {
+ Map<String, Long> params = new HashMap<>();
+ params.put("roleId", role.getId());
+ params.put(APP_ID, app.getId());
+ List<CentralV2RoleFunction> cenRoleFuncList = dataAccessService
+ .executeNamedQuery("getAppRoleFunctionList", params, null);
+
+ // SortedSet<CentralV2RoleFunction> roleFunctionSet =
+ // new TreeSet<>();
+ SortedSet<RoleFunction> roleFunctionSet = new TreeSet<>();
+ for (CentralV2RoleFunction roleFunc : cenRoleFuncList) {
+
+ String functionCode = EcompPortalUtils.getFunctionCode(roleFunc.getCode());
+ functionCode = EPUserUtils.decodeFunctionCode(functionCode);
+ String type = externalAccessRolesService.getFunctionCodeType(roleFunc.getCode());
+ String action = externalAccessRolesService.getFunctionCodeAction(roleFunc.getCode());
+ String name = roleFunc.getName();
+
+ RoleFunction function = new RoleFunction();
+ function.setAction(action);
+ function.setType(type);
+ function.setCode(functionCode);
+ function.setName(name);
+ roleFunctionSet.add(function);
+ role.setRoleFunctions(roleFunctionSet);
+
+ }
+ rolesetwithfunctioncds.add(role);
+
+
+ }
+
+ for (EPRole role1 : rolesetwithfunctioncds) {
EcompRole ecompRole = new EcompRole();
- ecompRole.setId(role.getId());
- ecompRole.setName(role.getName());
+ ecompRole.setId(role1.getId());
+ ecompRole.setName(role1.getName());
+ ecompRole.setRoleFunctions(role1.getRoleFunctions());
roles.add(ecompRole);
+
+ }
+ if (checkIfUserisApplicationAccAdmin) {
+ appRoles = roles.toArray(new EcompRole[roles.size()]);
+ logger.debug(EELFLoggerDelegate.debugLogger, "In getAppRolesForUser() If Logged in user checkIfUserisApplicationAccAdmin- appRoles = {}", appRoles);
+ } else if (adminRolesService.isRoleAdmin(user) && !checkIfUserisApplicationAccAdmin) {
+ List<EcompRole> roleAdminAppRoles = new ArrayList<>();
+ List<String> roleAdminAppRolesNames = new ArrayList<>();
+ final Map<String, Long> userParams = new HashMap<>();
+ userParams.put("userId", user.getId());
+ List<String> getUserApproverRoles = dataAccessService.executeNamedQuery("getUserApproverRoles", userParams, null);
+
+ List<EcompRole> userapproverRolesList = new ArrayList<>();
+ for (String str : getUserApproverRoles) {
+ EcompRole epRole = roles.stream().filter(x -> str.equals(x.getName())).findAny().orElse(null);
+ if (epRole != null)
+ userapproverRolesList.add(epRole);
+ }
+// roles.removeAll(userapproverRolesList);
+ for (EcompRole role : userapproverRolesList) {
+
+ List<RoleFunction> roleFunList = new ArrayList<>();
+ roleFunList.addAll(role.getRoleFunctions());
+ boolean checkIfFunctionsExits = roleFunList.stream()
+ .anyMatch(roleFunction -> roleFunction.getType().equalsIgnoreCase("Approver"));
+ if (checkIfFunctionsExits) {
+ roleAdminAppRoles.add(role);
+ List<RoleFunction> filteredList = roleFunList.stream()
+ .filter(x -> "Approver".equalsIgnoreCase(x.getType())).collect(Collectors.toList());
+ roleAdminAppRolesNames.addAll(filteredList.stream().map(RoleFunction::getCode)
+ .collect(Collectors.toList()));
+// roleAdminAppRolesNames = filteredList.stream().map(RoleFunction::getCode)
+// .collect(Collectors.toList());
+ }
+ }
+ for (String name : roleAdminAppRolesNames) {
+ EcompRole ecompRole = roles.stream().filter(x -> name.equals(x.getName())).findAny()
+ .orElse(null);
+ if (ecompRole != null)
+ roleAdminAppRoles.add(ecompRole);
+
+ }
+ appRoles = roleAdminAppRoles.toArray(new EcompRole[roleAdminAppRoles.size()]);
+
}
- appRoles = roles.toArray(new EcompRole[roles.size()]);
} else{
- appRoles = applicationsRestClientService.get(EcompRole[].class, appId, "/roles");
+ appRoles = applicationsRestClientService.get(EcompRole[].class, appId, "/roles");
+ }
+ // Test this error case, for generating an internal ONAP Portal
+ // error
+ // EcompRole[] appRoles = null;
+ // If there is an exception in the rest client api, then null will
+ // be returned.
+ if (appRoles != null) {
+ if(!app.getCentralAuth()) {
+ syncAppRoles(sessionFactory, appId, appRoles);
}
- // Test this error case, for generating an internal ONAP Portal
- // error
- // EcompRole[] appRoles = null;
- // If there is an exception in the rest client api, then null will
- // be returned.
- if (appRoles != null) {
- if(!app.getCentralAuth()) {
- syncAppRoles(sessionFactory, appId, appRoles);
- }
- EcompRole[] userAppRoles = null;
+ EcompRole[] userAppRoles = null;
+ try {
try {
- try {
- if(app.getCentralAuth()){
- final Map<String, String> params = new HashMap<>();
- final Map<String, Long> userParams = new HashMap<>();
- params.put("orgUserIdValue", userId);
- List<EPUser> user = dataAccessService.executeNamedQuery("epUserAppId", params, null);
- userParams.put("appId", app.getId());
- userParams.put("userId", user.get(0).getId());
- List<EPUserAppCurrentRoles> userAppsRolesList = dataAccessService.executeNamedQuery("getUserAppCurrentRoles", userParams, null);
- List<EcompRole> setUserRoles = new ArrayList<>();
- for(EPUserAppCurrentRoles role : userAppsRolesList){
- EcompRole ecompRole = new EcompRole();
- ecompRole.setId(role.getRoleId());
- ecompRole.setName(role.getRoleName());
- setUserRoles.add(ecompRole);
+
+ if(app.getCentralAuth()){
+ final Map<String, String> params = new HashMap<>();
+ final Map<String, Long> userParams = new HashMap<>();
+ params.put("orgUserIdValue", userId);
+ List<EPUser> actualUser = dataAccessService.executeNamedQuery("epUserAppId", params, null);
+ userParams.put("appId", app.getId());
+ userParams.put("userId", actualUser.get(0).getId());
+ List<EPUserAppCurrentRoles> userAppsRolesList = dataAccessService.executeNamedQuery("getUserAppCurrentRoles", userParams, null);
+
+ List<EcompRole> setUserRoles = new ArrayList<>();
+ for(EPUserAppCurrentRoles role : userAppsRolesList){
+ logger.debug(EELFLoggerDelegate.debugLogger, "In getAppRolesForUser() - userAppsRolesList get userRolename = {}", role.getRoleName());
+ EcompRole ecompRole = new EcompRole();
+ ecompRole.setId(role.getRoleId());
+ ecompRole.setName(role.getRoleName());
+ setUserRoles.add(ecompRole);
+ }
+
+ boolean checkIfUserisAccAdmin = setUserRoles.stream()
+ .anyMatch(ecompRole -> ecompRole.getId() == 999L);
+
+ if (!checkIfUserisAccAdmin) {
+ List<EcompRole> userApplicationRolesList = setUserRoles;
+ List<EcompRole> appRolesList = Arrays.asList(appRoles);
+ Set<EcompRole> finalUserAppRolesList = new HashSet<>();
+
+ List<String> roleNames = new ArrayList<>();
+ for (EcompRole role : userApplicationRolesList) {
+ EcompRole epRole = appRolesList.stream()
+ .filter(x -> role.getName().equals(x.getName())).findAny().orElse(null);
+ List<RoleFunction> roleFunList = new ArrayList<>();
+ if(epRole.getRoleFunctions().size()>0)
+ roleFunList.addAll(epRole.getRoleFunctions());
+ boolean checkIfFunctionsExits = roleFunList.stream().anyMatch(
+ roleFunction -> roleFunction.getType().equalsIgnoreCase("Approver"));
+ if (checkIfFunctionsExits) {
+ finalUserAppRolesList.add(role);
+ List<RoleFunction> filteredList = roleFunList.stream()
+ .filter(x -> "Approver".equalsIgnoreCase(x.getType()))
+ .collect(Collectors.toList());
+ roleNames = filteredList.stream().map(RoleFunction::getCode)
+ .collect(Collectors.toList());
+ }
+
+ for (String name : roleNames) {
+ EcompRole ecompRole = appRolesList.stream()
+ .filter(x -> name.equals(x.getName())).findAny().orElse(null);
+ if (ecompRole != null)
+ finalUserAppRolesList.add(ecompRole);
+ }
}
- userAppRoles = setUserRoles.toArray(new EcompRole[setUserRoles.size()]);
- rolesInAppForUser = constructRolesInAppForUserGet(appRoles, userAppRoles);
- return rolesInAppForUser;
- }else{
- userAppRoles = applicationsRestClientService.get(EcompRole[].class, appId,
- String.format("/user/%s/roles", userId));
- }
- } catch (HTTPException e) {
- // Some apps are returning 400 if user is not found.
- if (e.getResponseCode() == 400) {
- logger.debug(EELFLoggerDelegate.debugLogger,
- "getAppRolesForUser caught exception with response code 400; continuing", e);
- } else {
- // Other response code, let it come thru.
- throw e;
- }
+
+
+ for (String name : roleNames) {
+
+ boolean checkIfFunctionsExits = userAppsRolesList.stream().anyMatch(
+ role -> role.getRoleName().equalsIgnoreCase(name));
+ if(checkIfFunctionsExits)
+ {
+ EcompRole epRole = appRolesList.stream().filter(x -> name.equals(x.getName()))
+ .findAny().orElse(null);
+ if(epRole != null)
+ setUserRoles.add(epRole);
+ }
+
+ }
+ userAppRoles = setUserRoles.toArray(new EcompRole[setUserRoles.size()]);
+ }
+ }else{
+ userAppRoles = applicationsRestClientService.get(EcompRole[].class, appId,
+ String.format("/user/%s/roles", userId));
}
- if (userAppRoles == null) {
- if (EcompPortalUtils.getExternalAppResponseCode() == 400) {
- EcompPortalUtils.setExternalAppResponseCode(200);
- String message = String.format(
- "getAppRolesForUser: App %s, User %, endpoint /user/{userid}/roles returned 400, "
- + "assuming user doesn't exist, app is framework SDK based, and things are ok. "
- + "Overriding to 200 until framework SDK returns a useful response.",
- Long.toString(appId), userId);
- logger.warn(EELFLoggerDelegate.applicationLogger, message);
- }
+ } catch (HTTPException e) {
+ // Some apps are returning 400 if user is not found.
+ if (e.getResponseCode() == 400) {
+ logger.debug(EELFLoggerDelegate.debugLogger,
+ "getAppRolesForUser caught exception with response code 400; continuing", e);
+ } else {
+ // Other response code, let it come thru.
+ throw e;
}
-
- HashMap<Long, EcompRole> appRolesActiveMap =hashMapFromEcompRoles(appRoles);
- ArrayList<EcompRole> activeRoles = new ArrayList<EcompRole>();
- if(userAppRoles != null){
- for (int i = 0; i < userAppRoles.length; i++) {
- if (appRolesActiveMap.containsKey(userAppRoles[i].getId())) {
- EcompRole role = new EcompRole();
- role.setId(userAppRoles[i].getId());
- role.setName(userAppRoles[i].getName());
- activeRoles.add(role);
- }
+ }
+ if (userAppRoles == null) {
+ if (EcompPortalUtils.getExternalAppResponseCode() == 400) {
+ EcompPortalUtils.setExternalAppResponseCode(200);
+ String message = String.format(
+ "getAppRolesForUser: App %s, User %, endpoint /user/{userid}/roles returned 400, "
+ + "assuming user doesn't exist, app is framework SDK based, and things are ok. "
+ + "Overriding to 200 until framework SDK returns a useful response.",
+ Long.toString(appId), userId);
+ logger.warn(EELFLoggerDelegate.applicationLogger, message);
+ }
+ }
+
+ HashMap<Long, EcompRole> appRolesActiveMap =hashMapFromEcompRoles(appRoles);
+ ArrayList<EcompRole> activeRoles = new ArrayList<EcompRole>();
+ if(userAppRoles != null){
+ for (int i = 0; i < userAppRoles.length; i++) {
+ if (appRolesActiveMap.containsKey(userAppRoles[i].getId())) {
+ EcompRole role = new EcompRole();
+ role.setId(userAppRoles[i].getId());
+ role.setName(userAppRoles[i].getName());
+ activeRoles.add(role);
}
}
- EcompRole[] userAppRolesActive = activeRoles.toArray(new EcompRole[activeRoles.size()]);
-
- // If the remote application isn't down we MUST sync user
- // roles here in case we have this user here!
- syncUserRoles(sessionFactory, userId, appId, userAppRolesActive, extRequestValue, null);
- } catch (Exception e) {
- // TODO: we may need to check if user exists, maybe remote
- // app is down.
- String message = String.format(
- "getAppRolesForUser: user %s does not exist in remote application %s", userId,
- Long.toString(appId));
- logger.error(EELFLoggerDelegate.errorLogger, message, e);
- userAppRoles = new EcompRole[0];
- }
- rolesInAppForUser = constructRolesInAppForUserGet(appRoles, userAppRoles);
+ }
+ EcompRole[] userAppRolesActive = activeRoles.toArray(new EcompRole[activeRoles.size()]);
+
+ // If the remote application isn't down we MUST sync user
+ // roles here in case we have this user here!
+ syncUserRoles(sessionFactory, userId, appId, userAppRolesActive, extRequestValue, null);
+ } catch (Exception e) {
+ // TODO: we may need to check if user exists, maybe remote
+ // app is down.
+ String message = String.format(
+ "getAppRolesForUser: user %s does not exist in remote application %s", userId,
+ Long.toString(appId));
+ logger.error(EELFLoggerDelegate.errorLogger, message, e);
+ userAppRoles = new EcompRole[0];
}
- } catch (Exception e) {
- String message = String.format("getAppRolesForUser: failed for User %s, AppId %s", userId,
- Long.toString(appId));
- logger.error(EELFLoggerDelegate.errorLogger, message, e);
+ rolesInAppForUser = constructRolesInAppForUserGet(appRoles, userAppRoles);
}
- return rolesInAppForUser;
-
+ } catch (Exception e) {
+ String message = String.format("getAppRolesForUser: failed for User %s, AppId %s", userId,
+ Long.toString(appId));
+ logger.error(EELFLoggerDelegate.errorLogger, message, e);
+ }
+ return rolesInAppForUser;
}
private boolean postUserRolesToMylogins(AppWithRolesForUser userAppRolesData,
@@ -1974,16 +2152,49 @@ public class UserRolesCommonServiceImpl {
* @param app
* @return
*/
+ @SuppressWarnings("unchecked")
private List<RemoteRole> convertToRemoteRoleList(EPUser user, EPApp app) {
List<RemoteRole> roleList = new ArrayList<RemoteRole>();
SortedSet<EPRole> roleSet = user.getAppEPRoles(app);
for (EPRole role : roleSet) {
+ logger.debug(EELFLoggerDelegate.debugLogger, "In convertToRemoteRoleList() - for user {}, found Name {}", user.getOrgUserId(), role.getName());
RemoteRole rRole = new RemoteRole();
rRole.setId(role.getId());
rRole.setName(role.getName());
roleList.add(rRole);
}
+
+ //Get the active roles of user for that application using query
+ List<EPRole> userEpRoleList = new ArrayList<>();
+ final Map<String, Long> params = new HashMap<>();
+ params.put("appId", app.getId());
+ params.put("userId", user.getId());
+ userEpRoleList = dataAccessService.executeNamedQuery("getUserRoleOnUserIdAndAppId", params, null);
+
+ for (EPRole remoteUserRoleList : userEpRoleList) {
+
+ RemoteRole remoteRoleListId = roleList.stream().filter(x -> remoteUserRoleList.getId().equals(x.getId()))
+ .findAny().orElse(null);
+ if (remoteRoleListId == null) {
+ logger.debug(EELFLoggerDelegate.debugLogger,
+ "Adding the role to the rolelist () - for user {}, found Name {}", user.getOrgUserId(),
+
+ remoteUserRoleList.getName());
+ RemoteRole role = new RemoteRole();
+ role.setId(remoteUserRoleList.getId());
+ role.setName(remoteUserRoleList.getName());
+
+ roleList.add(role);
+ }
+
+ }
+
+ logger.debug(EELFLoggerDelegate.debugLogger, "rolelist size of the USER() - for user {}, found RoleListSize {}", user.getOrgUserId(), roleList.size());
+
return roleList;
+
+
+
}
public RemoteUserWithRoles[] doGetUsers(boolean postOpenSource, String remoteUsersString) {
@@ -2013,4 +2224,20 @@ public class UserRolesCommonServiceImpl {
return userRoleList;
}
+
+ /*public static void main(String[] args) {
+ List<EcompRole> str1 = new ArrayList<String>();
+ str1.add("A");
+ str1.add("B");
+ str1.add("C");
+ str1.add("D");
+
+ List<String> str2 = new ArrayList<String>();
+ str2.add("D");
+ str2.add("E");
+
+ List<EcompRole> userApplicationRolesList = setUserRoles;
+ List<EcompRole> appRolesList = Arrays.asList(appRoles);
+
+ }*/
}
diff --git a/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/service/UserRolesService.java b/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/service/UserRolesService.java
index bbae4a6a..49a50117 100644
--- a/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/service/UserRolesService.java
+++ b/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/service/UserRolesService.java
@@ -64,11 +64,12 @@ public interface UserRolesService {
* ID of row in fn_user
* @param extRequestValue
* set to false if request is from users page otherwise true
+ * @param
* @return List<RoleInAppForUser>
*/
- public List<RoleInAppForUser> getAppRolesForUser(Long appId, String userId, Boolean extRequestValue);
+ public List<RoleInAppForUser> getAppRolesForUser(Long appId, String userId, Boolean extRequestValue, EPUser user );
- public boolean setAppWithUserRoleStateForUser(EPUser user, AppWithRolesForUser newAppRolesForUser);
+ public ExternalRequestFieldsValidator setAppWithUserRoleStateForUser(EPUser user, AppWithRolesForUser newAppRolesForUser);
public List<UserApplicationRoles> getUsersFromAppEndpoint(Long appId) throws HTTPException;
diff --git a/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/transport/CentralUserApp.java b/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/transport/CentralUserApp.java
index 1eb27e7f..6d960043 100644
--- a/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/transport/CentralUserApp.java
+++ b/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/transport/CentralUserApp.java
@@ -46,7 +46,7 @@ public class CentralUserApp implements Serializable, Comparable {
private Long userId;
private CentralApp app;
private CentralRole role;
- private Short priority;
+ private Integer priority;
/**
* @return the userId
@@ -96,7 +96,7 @@ public class CentralUserApp implements Serializable, Comparable {
/**
* @return the priority
*/
- public Short getPriority() {
+ public Integer getPriority() {
return priority;
}
@@ -104,7 +104,7 @@ public class CentralUserApp implements Serializable, Comparable {
* @param priority
* the priority to set
*/
- public void setPriority(Short priority) {
+ public void setPriority(Integer priority) {
this.priority = priority;
}
diff --git a/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/transport/CentralV2UserApp.java b/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/transport/CentralV2UserApp.java
index 0f4bc783..2ada8ed1 100644
--- a/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/transport/CentralV2UserApp.java
+++ b/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/transport/CentralV2UserApp.java
@@ -49,7 +49,7 @@ public class CentralV2UserApp implements Serializable, Comparable{
private Long userId;
private CentralApp app;
private CentralV2Role role;
- private Short priority;
+ private Integer priority;
@@ -89,13 +89,13 @@ public class CentralV2UserApp implements Serializable, Comparable{
- public Short getPriority() {
+ public Integer getPriority() {
return priority;
}
- public void setPriority(Short priority) {
+ public void setPriority(Integer priority) {
this.priority = priority;
}
diff --git a/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/transport/EPUserAppCurrentRoles.java b/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/transport/EPUserAppCurrentRoles.java
index dbf48301..6a0f19d3 100644
--- a/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/transport/EPUserAppCurrentRoles.java
+++ b/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/transport/EPUserAppCurrentRoles.java
@@ -59,7 +59,7 @@ public class EPUserAppCurrentRoles implements Serializable{
private Long userId;
@Id
@Column(name="priority")
- private String priority ;
+ private Integer priority ;
@Id
@Column(name="role_id")
private Long roleId;
@@ -75,10 +75,10 @@ public class EPUserAppCurrentRoles implements Serializable{
public void setUserId(Long userId) {
this.userId = userId;
}
- public String getPriority() {
+ public Integer getPriority() {
return priority;
}
- public void setPriority(String priority) {
+ public void setPriority(Integer priority) {
this.priority = priority;
}
public Long getRoleId() {
diff --git a/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/transport/EcompUserAppRoles.java b/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/transport/EcompUserAppRoles.java
index 9d25c7c1..a7446f6f 100644
--- a/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/transport/EcompUserAppRoles.java
+++ b/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/transport/EcompUserAppRoles.java
@@ -59,7 +59,7 @@ public class EcompUserAppRoles implements Serializable {
private Long userId;
@Id
@Column(name="priority")
- private String priority ;
+ private Integer priority ;
@Id
@Column(name="role_id")
private Long roleId;
@@ -78,10 +78,10 @@ public class EcompUserAppRoles implements Serializable {
public void setUserId(Long userId) {
this.userId = userId;
}
- public String getPriority() {
+ public Integer getPriority() {
return priority;
}
- public void setPriority(String priority) {
+ public void setPriority(Integer priority) {
this.priority = priority;
}
public Long getRoleId() {
diff --git a/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/transport/ExternalRoleDescription.java b/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/transport/ExternalRoleDescription.java
index b9781071..47a1978c 100644
--- a/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/transport/ExternalRoleDescription.java
+++ b/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/transport/ExternalRoleDescription.java
@@ -39,11 +39,20 @@ package org.onap.portalapp.portal.transport;
public class ExternalRoleDescription {
- private String name;
-
+ private String name;
+
+ public ExternalRoleDescription() {
+ super();
+ }
+
+ public ExternalRoleDescription(String name) {
+ this.name = name;
+ }
+
public String getName() {
return name;
}
+
public void setName(String name) {
this.name = name;
}
@@ -55,6 +64,7 @@ public class ExternalRoleDescription {
result = prime * result + ((name == null) ? 0 : name.hashCode());
return result;
}
+
@Override
public boolean equals(Object obj) {
if (this == obj)
@@ -71,8 +81,5 @@ public class ExternalRoleDescription {
return false;
return true;
}
-
-
-
-
+
}
diff --git a/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/utils/EPCommonSystemProperties.java b/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/utils/EPCommonSystemProperties.java
index 2c619af8..80501e39 100644
--- a/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/utils/EPCommonSystemProperties.java
+++ b/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/utils/EPCommonSystemProperties.java
@@ -99,5 +99,6 @@ public class EPCommonSystemProperties extends SystemProperties {
public static final String UEB_KEY = "uebkey";
public static final String AUTHORIZATION = "Authorization";
public static final String USERNAME = "username";
+ public static final String PASSWORD = "password";
}
diff --git a/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/utils/EcompPortalUtils.java b/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/utils/EcompPortalUtils.java
index f8d1116b..1b5613ca 100644
--- a/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/utils/EcompPortalUtils.java
+++ b/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/utils/EcompPortalUtils.java
@@ -43,6 +43,7 @@ import java.net.UnknownHostException;
import java.nio.charset.Charset;
import java.text.SimpleDateFormat;
import java.util.ArrayList;
+import java.util.Arrays;
import java.util.Base64;
import java.util.Date;
import java.util.List;
@@ -247,9 +248,13 @@ public class EcompPortalUtils {
// This method might be just for testing purposes.
public static void setExternalAppResponseCode(int responseCode) {
try {
- String code = String.valueOf(responseCode);
+ /*String code = String.valueOf(responseCode);
MDC.put(EPCommonSystemProperties.EXTERNAL_API_RESPONSE_CODE,code );
- code=StringUtils.EMPTY;
+ code=StringUtils.EMPTY;*/
+ String code = Integer.toString(responseCode);
+ MDC.put(EPCommonSystemProperties.EXTERNAL_API_RESPONSE_CODE,code );
+ char[] chars=code.toCharArray();
+ Arrays.fill(chars, ' ');
} catch (Exception e) {
logger.error(EELFLoggerDelegate.errorLogger, "setExternalAppResponseCode failed", e);
}
diff --git a/ecomp-portal-BE-common/src/main/webapp/WEB-INF/fusion/orm/EP.hbm.xml b/ecomp-portal-BE-common/src/main/webapp/WEB-INF/fusion/orm/EP.hbm.xml
index e4b81448..50264215 100644
--- a/ecomp-portal-BE-common/src/main/webapp/WEB-INF/fusion/orm/EP.hbm.xml
+++ b/ecomp-portal-BE-common/src/main/webapp/WEB-INF/fusion/orm/EP.hbm.xml
@@ -287,8 +287,8 @@
<key-many-to-one name="role"
class="org.onap.portalapp.portal.domain.EPRole" column="role_id" />
</composite-id>
- <property name="priority" type="java.lang.Short">
- <column name="priority" precision="4" scale="0" />
+ <property name="priority">
+ <column name="priority" default="1" precision="4" scale="0" />
</property>
</class>
@@ -1947,7 +1947,7 @@ where fn_role.app_id = fn_app.app_id and fn_app.enabled='Y' and fn_role.active_y
class="org.onap.portalapp.portal.transport.EPUserAppCurrentRoles" />
<![CDATA[
- select distinct fu.role_id, fr.user_id, fu.role_name, fu.priority from fn_role fu left outer join fn_user_role fr ON fu.role_id = fr.role_id and fu.app_id = fr.app_id and fr.role_id != 999 where fu.app_id =:appId and fr.user_id =:userId
+ select distinct fu.role_id, fr.user_id, fu.role_name, fu.priority from fn_role fu left outer join fn_user_role fr ON fu.role_id = fr.role_id and fu.app_id = fr.app_id and fr.role_id != 999 where fu.app_id =:appId and fr.user_id =:userId and fu.active_yn='Y'
;
]]>
</sql-query>
@@ -2078,6 +2078,51 @@ where fn_role.app_id = fn_app.app_id and fn_app.enabled='Y' and fn_role.active_y
]]>
</sql-query>
+ <sql-query name="getRoleFunctionsOfUserforAlltheApplications">
+ <![CDATA[
+ select distinct ep.function_cd from fn_user_role fu, ep_app_role_function ep, ep_app_function ea
+ where fu.role_id = ep.role_id
+ and fu.app_id = ep.app_id
+ and fu.user_id =:userId
+ and ea.function_cd = ep.function_cd
+ and exists
+ (
+ select fa.app_id from fn_user fu, fn_user_role ur, fn_app fa where fu.user_id =:userId and fu.user_id = ur.user_id
+ and ur.app_id = fa.app_id and fa.enabled = 'Y'
+ );
+ ]]>
+ </sql-query>
+
+ <sql-query name="getApplicationsofTheUserwithAdminAndRoleAdmin">
+ <return alias="getApplicationsofTheUserwithAdminAndRoleAdmin" class="org.onap.portalapp.portal.domain.AppIdAndNameTransportModel" />
+ <![CDATA[
+ SELECT app.APP_ID, app.APP_NAME, app.APP_TYPE FROM FN_APP app
+ inner join FN_USER_ROLE userrole ON userrole.APP_ID=app.APP_ID
+ where userrole.USER_ID = :userId AND userrole.ROLE_ID=999 AND (app.ENABLED = 'Y' OR app.APP_ID=1)
+ UNION
+ SELECT DISTINCT app.APP_ID, app.app_name, app.APP_TYPE FROM fn_user user
+ INNER JOIN fn_user_role user_role ON user.USER_ID = user_role.USER_ID
+ INNER JOIN fn_role role ON role.ROLE_ID = user_role.ROLE_ID
+ INNER JOIN fn_app app ON app.app_id= user_role.app_id and (app.enabled='Y' or app.app_id=1)
+ INNER JOIN ep_app_role_function appfunction ON appfunction.app_id = app.app_id and appfunction.role_id=role.ROLE_ID and (appfunction.function_cd like '%APPROVER%')
+ WHERE user.user_id = :userId ;
+ ]]>
+ </sql-query>
+
+ <sql-query name="getApplicationsofTheUserContainsApprover">
+ <return alias="getApplicationsofTheUserContainsApprover" class="org.onap.portalapp.portal.domain.AppIdAndNameTransportModel" />
+ <![CDATA[
+ SELECT DISTINCT app.APP_ID, app.APP_TYPE, app.app_name FROM fn_user user
+ INNER JOIN fn_user_role user_role ON user.USER_ID = user_role.USER_ID
+ INNER JOIN fn_role role ON role.ROLE_ID = user_role.ROLE_ID
+ INNER JOIN fn_app app ON app.app_id= user_role.app_id and (app.enabled='Y' or app.app_id=1)
+ INNER JOIN ep_app_role_function appfunction ON appfunction.app_id = app.app_id and appfunction.role_id=role.ROLE_ID and (appfunction.function_cd like '%APPROVER%')
+ WHERE user.user_id = :userId ;
+ ]]>
+ </sql-query>
+
+
+
<sql-query name="getUserRolesForLeftMenu">
<return alias="getUserRolesListForLeftMenu" class="org.onap.portalapp.portal.domain.UserRole" />
@@ -2414,5 +2459,50 @@ where fn_role.app_id = fn_app.app_id and fn_app.enabled='Y' and fn_role.active_y
order by role_id;
]]>
</sql-query>
+ <sql-query name="getAprroverRoleFunctionsOfUser">
+ <![CDATA[
+ select distinct ep.function_cd from fn_user_role fu, ep_app_role_function ep, ep_app_function ea
+ where fu.role_id = ep.role_id
+ and fu.app_id = ep.app_id
+ and fu.user_id =:userId
+ and ea.function_cd = ep.function_cd and ea.function_cd like 'approver|%'
+ and exists
+ (
+ select fa.app_id from fn_user fu, fn_user_role ur, fn_app fa where fu.user_id =:userId and fu.user_id = ur.user_id
+ and ur.app_id = fa.app_id and fa.enabled = 'Y'
+ );
+ ]]>
+</sql-query>
+<sql-query name="getUserApproverRoles">
+ <![CDATA[
+ select distinct fr.role_name from fn_user_role fu, ep_app_role_function ep, ep_app_function ea, fn_role fr
+ where fu.role_id = ep.role_id
+ and fu.app_id = ep.app_id
+ and fu.user_id = :userId
+ and fu.role_id = fr.role_id and fr.active_yn='Y'
+ and ea.function_cd = ep.function_cd and ea.function_cd like 'approver|%'
+ and exists
+ (
+ select fa.app_id from fn_user fu, fn_user_role ur, fn_app fa where fu.user_id =:userId and fu.user_id = ur.user_id
+ and ur.app_id = fa.app_id and fa.enabled = 'Y'
+ );
+ ]]>
+</sql-query>
+<sql-query name="getAdminAppsForTheUser">
+ <![CDATA[
+ select fa.app_id from fn_user_role ur,fn_app fa where ur.user_id =:userId and ur.app_id=fa.app_id and ur.role_id= 999 and (fa.enabled = 'Y' || fa.app_id=1)
+
+ ]]>
+</sql-query>
+
+
+<sql-query name="getUserRoleOnUserIdAndAppId">
+ <return alias="getUserRoleOnUserIdAndAppId" class="org.onap.portalapp.portal.domain.EPRole" />
+ <![CDATA[
+
+ select fr.role_id , fr.role_name ,fr.active_yn, fr.priority, fr.app_id, fr.app_role_id FROM fn_role fr, fn_user_role fur WHERE fr.role_id = fur.role_id AND fur.user_id= :userId AND fur.app_id = :appId AND fr.active_yn='Y'
+
+ ]]>
+ </sql-query>
</hibernate-mapping>