diff options
Diffstat (limited to 'portal-BE/src/main/java/org/onap/portal/controller/UserRolesController.java')
-rw-r--r-- | portal-BE/src/main/java/org/onap/portal/controller/UserRolesController.java | 598 |
1 files changed, 312 insertions, 286 deletions
diff --git a/portal-BE/src/main/java/org/onap/portal/controller/UserRolesController.java b/portal-BE/src/main/java/org/onap/portal/controller/UserRolesController.java index fdd1de24..ce7cf1f9 100644 --- a/portal-BE/src/main/java/org/onap/portal/controller/UserRolesController.java +++ b/portal-BE/src/main/java/org/onap/portal/controller/UserRolesController.java @@ -41,14 +41,34 @@ package org.onap.portal.controller; import java.security.Principal; +import java.util.ArrayList; +import java.util.Arrays; +import java.util.Comparator; +import java.util.List; +import javax.servlet.http.HttpServletRequest; +import javax.servlet.http.HttpServletResponse; +import org.apache.cxf.transport.http.HTTPException; +import org.onap.portal.domain.db.fn.FnRole; import org.onap.portal.domain.db.fn.FnUser; +import org.onap.portal.domain.dto.ecomp.EPUserAppCatalogRoles; +import org.onap.portal.domain.dto.ecomp.ExternalSystemAccess; +import org.onap.portal.domain.dto.transport.AppWithRolesForUser; +import org.onap.portal.domain.dto.transport.FieldsValidator; +import org.onap.portal.domain.dto.transport.UserApplicationRoles; import org.onap.portal.service.AdminRolesService; +import org.onap.portal.service.ApplicationsRestClientService; +import org.onap.portal.service.fn.FnUserRoleService; import org.onap.portal.service.fn.FnUserService; +import org.onap.portal.utils.EcompPortalUtils; import org.onap.portalsdk.core.logging.logic.EELFLoggerDelegate; +import org.onap.portalsdk.core.restful.domain.EcompRole; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.context.annotation.Configuration; +import org.springframework.web.bind.annotation.PathVariable; +import org.springframework.web.bind.annotation.RequestBody; import org.springframework.web.bind.annotation.RequestMapping; import org.springframework.web.bind.annotation.RequestMethod; +import org.springframework.web.bind.annotation.RequestParam; import org.springframework.web.bind.annotation.RestController; @RestController @@ -58,12 +78,12 @@ public class UserRolesController { private EELFLoggerDelegate logger = EELFLoggerDelegate.getLogger(UserRolesController.class); private final FnUserService fnUserService; + private final FnUserRoleService fnUserRoleService; private final AdminRolesService adminRolesService; - + private final ApplicationsRestClientService applicationsRestClientService; /* private final UserRolesService userRolesService; - private final ApplicationsRestClientService applicationsRestClientService; private final SearchService searchService;*/ @@ -71,339 +91,343 @@ public class UserRolesController { @Autowired public UserRolesController(final FnUserService fnUserService, - final AdminRolesService adminRolesService) { + FnUserRoleService fnUserRoleService, + final AdminRolesService adminRolesService, + ApplicationsRestClientService applicationsRestClientService) { this.fnUserService = fnUserService; + this.fnUserRoleService = fnUserRoleService; this.adminRolesService = adminRolesService; + this.applicationsRestClientService = applicationsRestClientService; } -/* - @RequestMapping(value = {"/portalApi/queryUsers"}, method = RequestMethod.GET, produces = "application/json") - @PreAuthorize("hasRole('System_Administrator') and hasRole('Account_Administrator')") - public String getPhoneBookSearchResult(Principal principal, @RequestParam("search") String searchString, - HttpServletResponse response) { - FnUser user = fnUserService.loadUserByUsername(principal.getName()); + /* + @RequestMapping(value = {"/portalApi/queryUsers"}, method = RequestMethod.GET, produces = "application/json") + @PreAuthorize("hasRole('System_Administrator') and hasRole('Account_Administrator')") + public String getPhoneBookSearchResult(Principal principal, @RequestParam("search") String searchString, + HttpServletResponse response) { + FnUser user = fnUserService.loadUserByUsername(principal.getName()); - String searchResult = null; - if (!adminRolesService.isSuperAdmin(user) && !adminRolesService.isAccountAdmin(user) - && !adminRolesService.isRoleAdmin(user)) { - EcompPortalUtils.setBadPermissions(user, response, "getPhoneBookSearchResult"); - } else { - searchString = searchString.trim(); - if (searchString.length() > 2) { - searchResult = searchService.searchUsersInPhoneBook(searchString); + String searchResult = null; + if (!adminRolesService.isSuperAdmin(user) && !adminRolesService.isAccountAdmin(user) + && !adminRolesService.isRoleAdmin(user)) { + EcompPortalUtils.setBadPermissions(user, response, "getPhoneBookSearchResult"); } else { - logger.info(EELFLoggerDelegate.errorLogger, - "getPhoneBookSearchResult - too short search string: " + searchString); + searchString = searchString.trim(); + if (searchString.length() > 2) { + searchResult = searchService.searchUsersInPhoneBook(searchString); + } else { + logger.info(EELFLoggerDelegate.errorLogger, + "getPhoneBookSearchResult - too short search string: " + searchString); + } } + EcompPortalUtils.logAndSerializeObject(logger, "/portalApi/queryUsers", "result =", searchResult); + + return searchResult; } - EcompPortalUtils.logAndSerializeObject(logger, "/portalApi/queryUsers", "result =", searchResult); - return searchResult; - } - @RequestMapping(value = {"/portalApi/adminAppsRoles"}, method = { - RequestMethod.GET}, produces = "application/json") - public AppsListWithAdminRole getAppsWithAdminRoleStateForUser(Principal principal, - @RequestParam("user") String orgUserId, HttpServletResponse response) { + @RequestMapping(value = {"/portalApi/adminAppsRoles"}, method = { + RequestMethod.GET}, produces = "application/json") + public AppsListWithAdminRole getAppsWithAdminRoleStateForUser(Principal principal, + @RequestParam("user") String orgUserId, HttpServletResponse response) { - FnUser user = fnUserService.loadUserByUsername(principal.getName()); + FnUser user = fnUserService.loadUserByUsername(principal.getName()); - AppsListWithAdminRole result = null; - if (!adminRolesService.isSuperAdmin(user)) { - EcompPortalUtils.setBadPermissions(user, response, "getAppsWithAdminRoleStateForUser"); - } else { - if (EcompPortalUtils.legitimateUserId(orgUserId)) { - result = adminRolesService.getAppsWithAdminRoleStateForUser(orgUserId); + AppsListWithAdminRole result = null; + if (!adminRolesService.isSuperAdmin(user)) { + EcompPortalUtils.setBadPermissions(user, response, "getAppsWithAdminRoleStateForUser"); } else { - logger.info(EELFLoggerDelegate.errorLogger, - "getAppsWithAdminRoleStateForUser - parms error, no Organization User ID"); - response.setStatus(HttpServletResponse.SC_BAD_REQUEST); + if (EcompPortalUtils.legitimateUserId(orgUserId)) { + result = adminRolesService.getAppsWithAdminRoleStateForUser(orgUserId); + } else { + logger.info(EELFLoggerDelegate.errorLogger, + "getAppsWithAdminRoleStateForUser - parms error, no Organization User ID"); + response.setStatus(HttpServletResponse.SC_BAD_REQUEST); + } } - } - StringBuilder adminAppRoles = new StringBuilder(); - if (result != null) { - if (!result.appsRoles.isEmpty()) { - adminAppRoles.append("User '" + result.orgUserId + "' has admin role to the apps = {"); - for (AppNameIdIsAdmin adminAppRole : result.appsRoles) { - if (adminAppRole.isAdmin) { - adminAppRoles.append(adminAppRole.appName + ", "); + StringBuilder adminAppRoles = new StringBuilder(); + if (result != null) { + if (!result.appsRoles.isEmpty()) { + adminAppRoles.append("User '" + result.orgUserId + "' has admin role to the apps = {"); + for (AppNameIdIsAdmin adminAppRole : result.appsRoles) { + if (adminAppRole.isAdmin) { + adminAppRoles.append(adminAppRole.appName + ", "); + } } + adminAppRoles.append("}."); + } else { + adminAppRoles.append("User '" + result.orgUserId + "' has no Apps with Admin Role."); } - adminAppRoles.append("}."); } else { - adminAppRoles.append("User '" + result.orgUserId + "' has no Apps with Admin Role."); + logger.error(EELFLoggerDelegate.errorLogger, + "putAppWithUserRoleStateForUser: getAppsWithAdminRoleStateForUser result is null"); } - } else { - logger.error(EELFLoggerDelegate.errorLogger, - "putAppWithUserRoleStateForUser: getAppsWithAdminRoleStateForUser result is null"); - } - logger.info(EELFLoggerDelegate.errorLogger, adminAppRoles.toString()); + logger.info(EELFLoggerDelegate.errorLogger, adminAppRoles.toString()); - EcompPortalUtils.logAndSerializeObject(logger, "/portalApi/adminAppsRoles", "get result =", result); + EcompPortalUtils.logAndSerializeObject(logger, "/portalApi/adminAppsRoles", "get result =", result); - return result; - } + return result; + } - @RequestMapping(value = {"/portalApi/adminAppsRoles"}, method = { - RequestMethod.PUT}, produces = "application/json") - public FieldsValidator putAppsWithAdminRoleStateForUser(Principal principal, - @RequestBody AppsListWithAdminRole newAppsListWithAdminRoles, HttpServletResponse response) { - - // newAppsListWithAdminRoles.appsRoles - FieldsValidator fieldsValidator = new FieldsValidator(); - StringBuilder newAppRoles = new StringBuilder(); - if (newAppsListWithAdminRoles != null) { - if (!newAppsListWithAdminRoles.appsRoles.isEmpty()) { - newAppRoles - .append("User '" + newAppsListWithAdminRoles.orgUserId - + "' has admin role to the apps = { "); - for (AppNameIdIsAdmin adminAppRole : newAppsListWithAdminRoles.appsRoles) { - if (adminAppRole.isAdmin) { - newAppRoles.append(adminAppRole.appName + " ,"); + @RequestMapping(value = {"/portalApi/adminAppsRoles"}, method = { + RequestMethod.PUT}, produces = "application/json") + public FieldsValidator putAppsWithAdminRoleStateForUser(Principal principal, + @RequestBody AppsListWithAdminRole newAppsListWithAdminRoles, HttpServletResponse response) { + + // newAppsListWithAdminRoles.appsRoles + FieldsValidator fieldsValidator = new FieldsValidator(); + StringBuilder newAppRoles = new StringBuilder(); + if (newAppsListWithAdminRoles != null) { + if (!newAppsListWithAdminRoles.appsRoles.isEmpty()) { + newAppRoles + .append("User '" + newAppsListWithAdminRoles.orgUserId + + "' has admin role to the apps = { "); + for (AppNameIdIsAdmin adminAppRole : newAppsListWithAdminRoles.appsRoles) { + if (adminAppRole.isAdmin) { + newAppRoles.append(adminAppRole.appName + " ,"); + } } + newAppRoles.deleteCharAt(newAppRoles.length() - 1); + newAppRoles.append("}."); + } else { + newAppRoles.append("User '" + newAppsListWithAdminRoles.orgUserId + + "' has no Apps with Admin Role."); } - newAppRoles.deleteCharAt(newAppRoles.length() - 1); - newAppRoles.append("}."); } else { - newAppRoles.append("User '" + newAppsListWithAdminRoles.orgUserId - + "' has no Apps with Admin Role."); + logger.error(EELFLoggerDelegate.errorLogger, + "putAppWithUserRoleStateForUser: putAppsWithAdminRoleStateForUser result is null"); + fieldsValidator.setHttpStatusCode((long) HttpServletResponse.SC_INTERNAL_SERVER_ERROR); } - } else { - logger.error(EELFLoggerDelegate.errorLogger, - "putAppWithUserRoleStateForUser: putAppsWithAdminRoleStateForUser result is null"); - fieldsValidator.setHttpStatusCode((long) HttpServletResponse.SC_INTERNAL_SERVER_ERROR); - } - logger.info(EELFLoggerDelegate.errorLogger, newAppRoles.toString()); + logger.info(EELFLoggerDelegate.errorLogger, newAppRoles.toString()); - FnUser user = fnUserService.loadUserByUsername(principal.getName()); + FnUser user = fnUserService.loadUserByUsername(principal.getName()); - boolean changesApplied = false; + boolean changesApplied = false; - if (!adminRolesService.isSuperAdmin(user)) { - EcompPortalUtils.setBadPermissions(user, response, "putAppsWithAdminRoleStateForUser"); - } else { - changesApplied = adminRolesService.setAppsWithAdminRoleStateForUser(newAppsListWithAdminRoles); - AuditLog auditLog = new AuditLog(); - auditLog.setUserId(user.getId()); - auditLog.setActivityCode(EcompAuditLog.CD_ACTIVITY_UPDATE_ACCOUNT_ADMIN); - if (newAppsListWithAdminRoles != null) { - auditLog.setAffectedRecordId(newAppsListWithAdminRoles.orgUserId); - } - auditLog.setComments( - EcompPortalUtils - .truncateString(newAppRoles.toString(), PortalConstants.AUDIT_LOG_COMMENT_SIZE)); - auditService.logActivity(auditLog, null); - - MDC.put(EPCommonSystemProperties.AUDITLOG_BEGIN_TIMESTAMP, - EPEELFLoggerAdvice.getCurrentDateTimeUTC()); - MDC.put(EPCommonSystemProperties.AUDITLOG_END_TIMESTAMP, - EPEELFLoggerAdvice.getCurrentDateTimeUTC()); - EcompPortalUtils.calculateDateTimeDifferenceForLog( - MDC.get(EPCommonSystemProperties.AUDITLOG_BEGIN_TIMESTAMP), - MDC.get(EPCommonSystemProperties.AUDITLOG_END_TIMESTAMP)); - if (newAppsListWithAdminRoles != null) { - logger.info(EELFLoggerDelegate.auditLogger, - EPLogUtil.formatAuditLogMessage( - "UserRolesController.putAppsWithAdminRoleStateForUser", - EcompAuditLog.CD_ACTIVITY_UPDATE_ACCOUNT_ADMIN, user.getOrgUserId(), - newAppsListWithAdminRoles.orgUserId, newAppRoles.toString())); + if (!adminRolesService.isSuperAdmin(user)) { + EcompPortalUtils.setBadPermissions(user, response, "putAppsWithAdminRoleStateForUser"); + } else { + changesApplied = adminRolesService.setAppsWithAdminRoleStateForUser(newAppsListWithAdminRoles); + AuditLog auditLog = new AuditLog(); + auditLog.setUserId(user.getId()); + auditLog.setActivityCode(EcompAuditLog.CD_ACTIVITY_UPDATE_ACCOUNT_ADMIN); + if (newAppsListWithAdminRoles != null) { + auditLog.setAffectedRecordId(newAppsListWithAdminRoles.orgUserId); + } + auditLog.setComments( + EcompPortalUtils + .truncateString(newAppRoles.toString(), PortalConstants.AUDIT_LOG_COMMENT_SIZE)); + auditService.logActivity(auditLog, null); + + MDC.put(EPCommonSystemProperties.AUDITLOG_BEGIN_TIMESTAMP, + EPEELFLoggerAdvice.getCurrentDateTimeUTC()); + MDC.put(EPCommonSystemProperties.AUDITLOG_END_TIMESTAMP, + EPEELFLoggerAdvice.getCurrentDateTimeUTC()); + EcompPortalUtils.calculateDateTimeDifferenceForLog( + MDC.get(EPCommonSystemProperties.AUDITLOG_BEGIN_TIMESTAMP), + MDC.get(EPCommonSystemProperties.AUDITLOG_END_TIMESTAMP)); + if (newAppsListWithAdminRoles != null) { + logger.info(EELFLoggerDelegate.auditLogger, + EPLogUtil.formatAuditLogMessage( + "UserRolesController.putAppsWithAdminRoleStateForUser", + EcompAuditLog.CD_ACTIVITY_UPDATE_ACCOUNT_ADMIN, user.getOrgUserId(), + newAppsListWithAdminRoles.orgUserId, newAppRoles.toString())); + } + MDC.remove(EPCommonSystemProperties.AUDITLOG_BEGIN_TIMESTAMP); + MDC.remove(EPCommonSystemProperties.AUDITLOG_END_TIMESTAMP); + MDC.remove(SystemProperties.MDC_TIMER); } - MDC.remove(EPCommonSystemProperties.AUDITLOG_BEGIN_TIMESTAMP); - MDC.remove(EPCommonSystemProperties.AUDITLOG_END_TIMESTAMP); - MDC.remove(SystemProperties.MDC_TIMER); - } - EcompPortalUtils - .logAndSerializeObject(logger, "/portalApi/adminAppsRoles", "put result =", changesApplied); + EcompPortalUtils + .logAndSerializeObject(logger, "/portalApi/adminAppsRoles", "put result =", changesApplied); - return fieldsValidator; - } + return fieldsValidator; + } - @RequestMapping(value = {"/portalApi/userAppRoles"}, method = { - RequestMethod.GET}, produces = "application/json") - public List<RoleInAppForUser> getAppRolesForUser(Principal principal, - @RequestParam("user") String orgUserId, - @RequestParam("app") Long appid, @RequestParam("externalRequest") Boolean extRequestValue, - @RequestParam("isSystemUser") Boolean isSystemUser, - HttpServletResponse response) { - FnUser user = fnUserService.loadUserByUsername(principal.getName()); - List<RoleInAppForUser> result = null; - String feErrorString = ""; - if (!adminRolesService.isAccountAdmin(user) && !adminRolesService.isRoleAdmin(user)) { - logger.debug(EELFLoggerDelegate.debugLogger, - "getAppRolesForUser: Accountadminpermissioncheck {}, RoleAdmincheck {}", - adminRolesService.isAccountAdmin(user), adminRolesService.isRoleAdmin(user)); - EcompPortalUtils.setBadPermissions(user, response, "getAppRolesForUser"); - feErrorString = EcompPortalUtils.getFEErrorString(true, response.getStatus()); - } else { - if ((!isSystemUser && EcompPortalUtils.legitimateUserId(orgUserId)) || isSystemUser) { - result = userRolesService.getAppRolesForUser(appid, orgUserId, extRequestValue, user); - logger.debug(EELFLoggerDelegate.debugLogger, "getAppRolesForUser: result {}, appId {}", - result, appid); - int responseCode = EcompPortalUtils.getExternalAppResponseCode(); - if (responseCode != 0 && responseCode != 200) { - // external error - response.setStatus(responseCode); - feErrorString = EcompPortalUtils.getFEErrorString(false, responseCode); - } else if (result == null) { - // If the result is null, there was an internal onap error - // in the service call. - response.setStatus(HttpServletResponse.SC_INTERNAL_SERVER_ERROR); - feErrorString = EcompPortalUtils.getFEErrorString(true, - HttpServletResponse.SC_INTERNAL_SERVER_ERROR); - } + @RequestMapping(value = {"/portalApi/userAppRoles"}, method = { + RequestMethod.GET}, produces = "application/json") + public List<RoleInAppForUser> getAppRolesForUser(Principal principal, + @RequestParam("user") String orgUserId, + @RequestParam("app") Long appid, @RequestParam("externalRequest") Boolean extRequestValue, + @RequestParam("isSystemUser") Boolean isSystemUser, + HttpServletResponse response) { + FnUser user = fnUserService.loadUserByUsername(principal.getName()); + List<RoleInAppForUser> result = null; + String feErrorString = ""; + if (!adminRolesService.isAccountAdmin(user) && !adminRolesService.isRoleAdmin(user)) { + logger.debug(EELFLoggerDelegate.debugLogger, + "getAppRolesForUser: Accountadminpermissioncheck {}, RoleAdmincheck {}", + adminRolesService.isAccountAdmin(user), adminRolesService.isRoleAdmin(user)); + EcompPortalUtils.setBadPermissions(user, response, "getAppRolesForUser"); + feErrorString = EcompPortalUtils.getFEErrorString(true, response.getStatus()); } else { - logger.info(EELFLoggerDelegate.errorLogger, "getAppRolesForUser - no Organization User ID"); - response.setStatus(HttpServletResponse.SC_BAD_REQUEST); - feErrorString = EcompPortalUtils.getFEErrorString(true, HttpServletResponse.SC_BAD_REQUEST); + if ((!isSystemUser && EcompPortalUtils.legitimateUserId(orgUserId)) || isSystemUser) { + result = userRolesService.getAppRolesForUser(appid, orgUserId, extRequestValue, user); + logger.debug(EELFLoggerDelegate.debugLogger, "getAppRolesForUser: result {}, appId {}", + result, appid); + int responseCode = EcompPortalUtils.getExternalAppResponseCode(); + if (responseCode != 0 && responseCode != 200) { + // external error + response.setStatus(responseCode); + feErrorString = EcompPortalUtils.getFEErrorString(false, responseCode); + } else if (result == null) { + // If the result is null, there was an internal onap error + // in the service call. + response.setStatus(HttpServletResponse.SC_INTERNAL_SERVER_ERROR); + feErrorString = EcompPortalUtils.getFEErrorString(true, + HttpServletResponse.SC_INTERNAL_SERVER_ERROR); + } + } else { + logger.info(EELFLoggerDelegate.errorLogger, "getAppRolesForUser - no Organization User ID"); + response.setStatus(HttpServletResponse.SC_BAD_REQUEST); + feErrorString = EcompPortalUtils.getFEErrorString(true, HttpServletResponse.SC_BAD_REQUEST); + } } - } - StringBuilder sbUserApps = new StringBuilder(); - if (result != null && !result.isEmpty()) { - sbUserApps.append("User '" + orgUserId + "' has Roles={"); - for (RoleInAppForUser appRole : result) { - if (appRole.isApplied) { - sbUserApps.append(appRole.roleName + ", "); + StringBuilder sbUserApps = new StringBuilder(); + if (result != null && !result.isEmpty()) { + sbUserApps.append("User '" + orgUserId + "' has Roles={"); + for (RoleInAppForUser appRole : result) { + if (appRole.isApplied) { + sbUserApps.append(appRole.roleName + ", "); + } } + sbUserApps.append("} assigned to the appId '" + appid + "'."); + } else { + // Not sure creating an empty object will make any difference + // but would like to give it a shot for defect #DE221057 + if (result == null) { + result = new ArrayList<>(); + } + sbUserApps.append("User '" + orgUserId + "' and appid " + appid + " has no roles"); } - sbUserApps.append("} assigned to the appId '" + appid + "'."); - } else { - // Not sure creating an empty object will make any difference - // but would like to give it a shot for defect #DE221057 - if (result == null) { - result = new ArrayList<>(); - } - sbUserApps.append("User '" + orgUserId + "' and appid " + appid + " has no roles"); - } - logger.info(EELFLoggerDelegate.errorLogger, sbUserApps.toString()); + logger.info(EELFLoggerDelegate.errorLogger, sbUserApps.toString()); - EcompPortalUtils.logAndSerializeObject(logger, "/portalApi/userAppRoles", "get result =", result); - if (feErrorString != "") { - logger.debug(EELFLoggerDelegate.debugLogger, "LR: FEErrorString to header: " + feErrorString); + EcompPortalUtils.logAndSerializeObject(logger, "/portalApi/userAppRoles", "get result =", result); + if (feErrorString != "") { + logger.debug(EELFLoggerDelegate.debugLogger, "LR: FEErrorString to header: " + feErrorString); - response.addHeader("FEErrorString", feErrorString); - response.addHeader("Access-Control-Expose-Headers", "FEErrorString"); + response.addHeader("FEErrorString", feErrorString); + response.addHeader("Access-Control-Expose-Headers", "FEErrorString"); + } + return result; } - return result; - } - @RequestMapping(value = {"/portalApi/userAppRoles"}, method = { - RequestMethod.PUT}, produces = "application/json") - public PortalRestResponse<String> putAppWithUserRoleStateForUser(Principal principal, - @RequestBody AppWithRolesForUser newAppRolesForUser, HttpServletResponse response) { - // FieldsValidator fieldsValidator = new FieldsValidator(); - PortalRestResponse<String> portalResponse = new PortalRestResponse<>(); - StringBuilder sbUserApps = new StringBuilder(); - if (newAppRolesForUser != null) { - sbUserApps.append("User '" + newAppRolesForUser.getOrgUserId()); - if (newAppRolesForUser.getAppId() != null && !newAppRolesForUser.getAppRoles().isEmpty()) { - sbUserApps.append("' has roles = { "); - for (RoleInAppForUser appRole : newAppRolesForUser.getAppRoles()) { - if (appRole.isApplied) { - sbUserApps.append(appRole.roleName + " ,"); + @RequestMapping(value = {"/portalApi/userAppRoles"}, method = { + RequestMethod.PUT}, produces = "application/json") + public PortalRestResponse<String> putAppWithUserRoleStateForUser(Principal principal, + @RequestBody AppWithRolesForUser newAppRolesForUser, HttpServletResponse response) { + // FieldsValidator fieldsValidator = new FieldsValidator(); + PortalRestResponse<String> portalResponse = new PortalRestResponse<>(); + StringBuilder sbUserApps = new StringBuilder(); + if (newAppRolesForUser != null) { + sbUserApps.append("User '" + newAppRolesForUser.getOrgUserId()); + if (newAppRolesForUser.getAppId() != null && !newAppRolesForUser.getAppRoles().isEmpty()) { + sbUserApps.append("' has roles = { "); + for (RoleInAppForUser appRole : newAppRolesForUser.getAppRoles()) { + if (appRole.isApplied) { + sbUserApps.append(appRole.roleName + " ,"); + } } + sbUserApps.deleteCharAt(sbUserApps.length() - 1); + sbUserApps.append("} assigned for the app " + newAppRolesForUser.getAppId()); + } else { + sbUserApps.append("' has no roles assigned for app " + newAppRolesForUser.getAppId()); } - sbUserApps.deleteCharAt(sbUserApps.length() - 1); - sbUserApps.append("} assigned for the app " + newAppRolesForUser.getAppId()); - } else { - sbUserApps.append("' has no roles assigned for app " + newAppRolesForUser.getAppId()); } - } - logger.info(EELFLoggerDelegate.applicationLogger, "putAppWithUserRoleStateForUser: {}", - sbUserApps.toString()); + logger.info(EELFLoggerDelegate.applicationLogger, "putAppWithUserRoleStateForUser: {}", + sbUserApps.toString()); - FnUser user = fnUserService.loadUserByUsername(principal.getName()); - // boolean changesApplied = false; - ExternalRequestFieldsValidator changesApplied = null; + FnUser user = fnUserService.loadUserByUsername(principal.getName()); + // boolean changesApplied = false; + ExternalRequestFieldsValidator changesApplied = null; - if (!adminRolesService.isAccountAdmin(user) && !adminRolesService.isRoleAdmin(user)) { - EcompPortalUtils.setBadPermissions(user, response, "putAppWithUserRoleStateForUser"); - } else if (newAppRolesForUser == null) { - logger.error(EELFLoggerDelegate.errorLogger, - "putAppWithUserRoleStateForUser: newAppRolesForUser is null"); - } else { - changesApplied = userRolesService.setAppWithUserRoleStateForUser(user, newAppRolesForUser); - try { - if (changesApplied.isResult()) { - logger.info(EELFLoggerDelegate.applicationLogger, - "putAppWithUserRoleStateForUser: succeeded for app {}, user {}", - newAppRolesForUser.getAppId(), - newAppRolesForUser.getAppId()); - - MDC.put(EPCommonSystemProperties.AUDITLOG_BEGIN_TIMESTAMP, - EPEELFLoggerAdvice.getCurrentDateTimeUTC()); - AuditLog auditLog = new AuditLog(); - auditLog.setUserId(user.getId()); - auditLog.setActivityCode(EcompAuditLog.CD_ACTIVITY_UPDATE_USER); - auditLog.setAffectedRecordId(newAppRolesForUser.getOrgUserId()); - auditLog.setComments(EcompPortalUtils.truncateString(sbUserApps.toString(), - PortalConstants.AUDIT_LOG_COMMENT_SIZE)); - auditService.logActivity(auditLog, null); - - MDC.put(EPCommonSystemProperties.AUDITLOG_END_TIMESTAMP, - EPEELFLoggerAdvice.getCurrentDateTimeUTC()); - EcompPortalUtils.calculateDateTimeDifferenceForLog( - MDC.get(EPCommonSystemProperties.AUDITLOG_BEGIN_TIMESTAMP), - MDC.get(EPCommonSystemProperties.AUDITLOG_END_TIMESTAMP)); - logger.info(EELFLoggerDelegate.auditLogger, - EPLogUtil.formatAuditLogMessage( - "UserRolesController.putAppWithUserRoleStateForUser", - EcompAuditLog.CD_ACTIVITY_UPDATE_USER, user.getOrgUserId(), - newAppRolesForUser.getOrgUserId(), sbUserApps.toString())); - MDC.remove(EPCommonSystemProperties.AUDITLOG_BEGIN_TIMESTAMP); - MDC.remove(EPCommonSystemProperties.AUDITLOG_END_TIMESTAMP); - MDC.remove(SystemProperties.MDC_TIMER); - portalResponse = new PortalRestResponse<>(PortalRestStatusEnum.OK, "success", null); + if (!adminRolesService.isAccountAdmin(user) && !adminRolesService.isRoleAdmin(user)) { + EcompPortalUtils.setBadPermissions(user, response, "putAppWithUserRoleStateForUser"); + } else if (newAppRolesForUser == null) { + logger.error(EELFLoggerDelegate.errorLogger, + "putAppWithUserRoleStateForUser: newAppRolesForUser is null"); + } else { + changesApplied = userRolesService.setAppWithUserRoleStateForUser(user, newAppRolesForUser); + try { + if (changesApplied.isResult()) { + logger.info(EELFLoggerDelegate.applicationLogger, + "putAppWithUserRoleStateForUser: succeeded for app {}, user {}", + newAppRolesForUser.getAppId(), + newAppRolesForUser.getAppId()); + + MDC.put(EPCommonSystemProperties.AUDITLOG_BEGIN_TIMESTAMP, + EPEELFLoggerAdvice.getCurrentDateTimeUTC()); + AuditLog auditLog = new AuditLog(); + auditLog.setUserId(user.getId()); + auditLog.setActivityCode(EcompAuditLog.CD_ACTIVITY_UPDATE_USER); + auditLog.setAffectedRecordId(newAppRolesForUser.getOrgUserId()); + auditLog.setComments(EcompPortalUtils.truncateString(sbUserApps.toString(), + PortalConstants.AUDIT_LOG_COMMENT_SIZE)); + auditService.logActivity(auditLog, null); + + MDC.put(EPCommonSystemProperties.AUDITLOG_END_TIMESTAMP, + EPEELFLoggerAdvice.getCurrentDateTimeUTC()); + EcompPortalUtils.calculateDateTimeDifferenceForLog( + MDC.get(EPCommonSystemProperties.AUDITLOG_BEGIN_TIMESTAMP), + MDC.get(EPCommonSystemProperties.AUDITLOG_END_TIMESTAMP)); + logger.info(EELFLoggerDelegate.auditLogger, + EPLogUtil.formatAuditLogMessage( + "UserRolesController.putAppWithUserRoleStateForUser", + EcompAuditLog.CD_ACTIVITY_UPDATE_USER, user.getOrgUserId(), + newAppRolesForUser.getOrgUserId(), sbUserApps.toString())); + MDC.remove(EPCommonSystemProperties.AUDITLOG_BEGIN_TIMESTAMP); + MDC.remove(EPCommonSystemProperties.AUDITLOG_END_TIMESTAMP); + MDC.remove(SystemProperties.MDC_TIMER); + portalResponse = new PortalRestResponse<>(PortalRestStatusEnum.OK, "success", null); - } - if (!changesApplied.isResult()) { - throw new Exception(changesApplied.getDetailMessage()); - } + } + if (!changesApplied.isResult()) { + throw new Exception(changesApplied.getDetailMessage()); + } - } catch (Exception e) { - logger.error(EELFLoggerDelegate.errorLogger, - "putAppWithUserRoleStateForUser: failed for app {}, user {}", - newAppRolesForUser.getAppId(), - newAppRolesForUser.getOrgUserId(), e); - portalResponse = new PortalRestResponse<>(PortalRestStatusEnum.ERROR, e.getMessage(), null); + } catch (Exception e) { + logger.error(EELFLoggerDelegate.errorLogger, + "putAppWithUserRoleStateForUser: failed for app {}, user {}", + newAppRolesForUser.getAppId(), + newAppRolesForUser.getOrgUserId(), e); + portalResponse = new PortalRestResponse<>(PortalRestStatusEnum.ERROR, e.getMessage(), null); + } } + + EcompPortalUtils.logAndSerializeObject(logger, "/portalApi/userAppRoles", "put result =", changesApplied); + return portalResponse; } - EcompPortalUtils.logAndSerializeObject(logger, "/portalApi/userAppRoles", "put result =", changesApplied); - return portalResponse; - } + @RequestMapping(value = {"/portalApi/updateRemoteUserProfile"}, method = { + RequestMethod.GET}, produces = "application/json") + public PortalRestResponse<String> updateRemoteUserProfile(HttpServletRequest request) { - @RequestMapping(value = {"/portalApi/updateRemoteUserProfile"}, method = { - RequestMethod.GET}, produces = "application/json") - public PortalRestResponse<String> updateRemoteUserProfile(HttpServletRequest request) { + String updateRemoteUserFlag = FAILURE; + try { + // saveNewUser = userService.saveNewUser(newUser); + String orgUserId = request.getParameter("loginId"); + Long appId = Long.parseLong(request.getParameter("appId")); + userRolesService.updateRemoteUserProfile(orgUserId, appId); - String updateRemoteUserFlag = FAILURE; - try { - // saveNewUser = userService.saveNewUser(newUser); - String orgUserId = request.getParameter("loginId"); - Long appId = Long.parseLong(request.getParameter("appId")); - userRolesService.updateRemoteUserProfile(orgUserId, appId); + } catch (Exception e) { + logger.error(EELFLoggerDelegate.errorLogger, "updateRemoteUserProfile failed", e); + return new PortalRestResponse<>(PortalRestStatusEnum.OK, updateRemoteUserFlag, e.getMessage()); + } + return new PortalRestResponse<>(PortalRestStatusEnum.ERROR, updateRemoteUserFlag, ""); - } catch (Exception e) { - logger.error(EELFLoggerDelegate.errorLogger, "updateRemoteUserProfile failed", e); - return new PortalRestResponse<>(PortalRestStatusEnum.OK, updateRemoteUserFlag, e.getMessage()); } - return new PortalRestResponse<>(PortalRestStatusEnum.ERROR, updateRemoteUserFlag, ""); - - } - + */ @RequestMapping(value = {"/portalApi/app/{appId}/users"}, method = { RequestMethod.GET}, produces = "application/json") - public List<UserApplicationRoles> getUsersFromAppEndpoint(HttpServletRequest request, - @PathVariable("appId") Long appId) throws HTTPException { + public List<UserApplicationRoles> getUsersFromAppEndpoint(@PathVariable("appId") Long appId) { try { logger.debug(EELFLoggerDelegate.debugLogger, "/portalApi/app/{}/users was invoked", appId); - return userRolesService.getUsersFromAppEndpoint(appId); + return fnUserRoleService.getUsersFromAppEndpoint(appId); } catch (Exception e) { logger.error(EELFLoggerDelegate.errorLogger, "getUsersFromAppEndpoint failed", e); return new ArrayList<>(); @@ -423,21 +447,21 @@ public class UserRolesController { return rolesList; } + @RequestMapping(value = {"/portalApi/admin/import/app/{appId}/roles"}, method = { RequestMethod.GET}, produces = "application/json") - public List<FnRole> importRolesFromRemoteApplication(HttpServletRequest request, - @PathVariable("appId") Long appId) - throws HTTPException { - List<FnRole> rolesList = userRolesService.importRolesFromRemoteApplication(appId); + public List<FnRole> importRolesFromRemoteApplication(@PathVariable("appId") Long appId) throws HTTPException { + List<FnRole> rolesList = fnUserRoleService.importRolesFromRemoteApplication(appId); EcompPortalUtils.logAndSerializeObject(logger, "/portalApi/admin/import/app/{appId}/roles", "response for appId=" + appId, rolesList); return rolesList; } + @RequestMapping(value = {"/portalApi/app/{appId}/user/{orgUserId}/roles"}, method = { RequestMethod.GET}, produces = "application/json") - public EcompRole testGetRoles(HttpServletRequest request, @PathVariable("appId") Long appId, + public EcompRole testGetRoles(@PathVariable("appId") Long appId, @PathVariable("orgUserId") String orgUserId) throws Exception { if (!EcompPortalUtils.legitimateUserId(orgUserId)) { String msg = "Error /user/<user>/roles not legitimate orgUserId = " + orgUserId; @@ -458,6 +482,7 @@ public class UserRolesController { return roles[0]; } + @RequestMapping(value = {"/portalApi/saveUserAppRoles"}, method = { RequestMethod.PUT}, produces = "application/json") public FieldsValidator putAppWithUserRoleRequest(Principal principal, @@ -466,8 +491,8 @@ public class UserRolesController { try { FnUser user = fnUserService.loadUserByUsername(principal.getName()); - fieldsValidator = userRolesService.putUserAppRolesRequest(newAppRolesForUser, user); - response.setStatus(fieldsValidator.httpStatusCode.intValue()); + fieldsValidator = fnUserRoleService.putUserAppRolesRequest(newAppRolesForUser, user); + response.setStatus(0); } catch (Exception e) { logger.error(EELFLoggerDelegate.errorLogger, "putAppWithUserRoleRequest failed", e); @@ -479,6 +504,7 @@ public class UserRolesController { return fieldsValidator; } + @RequestMapping(value = {"/portalApi/appCatalogRoles"}, method = { RequestMethod.GET}, produces = "application/json") public List<EPUserAppCatalogRoles> getUserAppCatalogRoles(Principal principal, @@ -486,12 +512,12 @@ public class UserRolesController { FnUser user = fnUserService.loadUserByUsername(principal.getName()); List<EPUserAppCatalogRoles> userAppRoleList = null; try { - userAppRoleList = userRolesService.getUserAppCatalogRoles(user, appName); + userAppRoleList = fnUserRoleService.getUserAppCatalogRoles(user, appName); } catch (Exception e) { logger.error(EELFLoggerDelegate.errorLogger, "putUserWidgetsSortPref failed", e); } - Collections.sort(userAppRoleList, getUserAppCatalogRolesComparator); + userAppRoleList.sort(getUserAppCatalogRolesComparator); EcompPortalUtils .logAndSerializeObject(logger, "/portalApi/userApplicationRoles", "result =", userAppRoleList); @@ -499,15 +525,16 @@ public class UserRolesController { } + private Comparator<EPUserAppCatalogRoles> getUserAppCatalogRolesComparator = - Comparator.comparing(EPUserAppCatalogRoles::getRolename); + Comparator.comparing(EPUserAppCatalogRoles::getRoleName); @RequestMapping(value = "/portalApi/externalRequestAccessSystem", method = RequestMethod.GET, produces = "application/json") - public ExternalSystemAccess readExternalRequestAccess(HttpServletRequest request) { + public ExternalSystemAccess readExternalRequestAccess() { ExternalSystemAccess result = null; try { - result = userRolesService.getExternalRequestAccess(); + result = fnUserRoleService.getExternalRequestAccess(); EcompPortalUtils .logAndSerializeObject(logger, "/portalApi/externalRequestAccessSystem", "GET result =", result); @@ -516,9 +543,8 @@ public class UserRolesController { "readExternalRequestAccess failed: " + e.getMessage()); } return result; - } -*/ + } @RequestMapping(value = {"/portalApi/checkIfUserIsSuperAdmin"}, method = RequestMethod.GET, produces = "application/json") |