diff options
Diffstat (limited to 'portal-BE/src')
21 files changed, 3835 insertions, 1603 deletions
diff --git a/portal-BE/src/main/java/org/onap/portal/controller/SchedulerController.java b/portal-BE/src/main/java/org/onap/portal/controller/SchedulerController.java new file mode 100644 index 00000000..abc6a12e --- /dev/null +++ b/portal-BE/src/main/java/org/onap/portal/controller/SchedulerController.java @@ -0,0 +1,398 @@ +/* + * ============LICENSE_START========================================== + * ONAP Portal + * =================================================================== + * Copyright (C) 2019 AT&T Intellectual Property. All rights reserved. + * =================================================================== + * Modifications Copyright (c) 2019 Samsung + * =================================================================== + * + * Unless otherwise specified, all software contained herein is licensed + * under the Apache License, Version 2.0 (the "License"); + * you may not use this software except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + * Unless otherwise specified, all documentation contained herein is licensed + * under the Creative Commons License, Attribution 4.0 Intl. (the "License"); + * you may not use this documentation except in compliance with the License. + * You may obtain a copy of the License at + * + * https://creativecommons.org/licenses/by/4.0/ + * + * Unless required by applicable law or agreed to in writing, documentation + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + * ============LICENSE_END============================================ + * + * + */ + +package org.onap.portal.controller; + +import java.text.DateFormat; +import java.text.SimpleDateFormat; +import java.util.Date; +import java.util.HashMap; +import java.util.Map; +import java.util.Set; +import java.util.UUID; +import javax.servlet.http.HttpServletRequest; +import javax.servlet.http.HttpServletResponse; +import org.json.JSONObject; +import org.onap.portal.domain.db.fn.FnUser; +import org.onap.portal.domain.dto.PortalRestResponse; +import org.onap.portal.domain.dto.PortalRestStatusEnum; +import org.onap.portal.logging.aop.EPAuditLog; +import org.onap.portal.logging.logic.EPLogUtil; +import org.onap.portal.scheduler.SchedulerProperties; +import org.onap.portal.scheduler.SchedulerRestInterface; +import org.onap.portal.scheduler.SchedulerUtil; +import org.onap.portal.scheduler.restobjects.GetTimeSlotsRestObject; +import org.onap.portal.scheduler.restobjects.PostCreateNewVnfRestObject; +import org.onap.portal.scheduler.restobjects.PostSubmitVnfChangeRestObject; +import org.onap.portal.scheduler.wrapper.GetTimeSlotsWrapper; +import org.onap.portal.scheduler.wrapper.PostCreateNewVnfWrapper; +import org.onap.portal.scheduler.wrapper.PostSubmitVnfChangeTimeSlotsWrapper; +import org.onap.portal.service.AdminRolesService; +import org.onap.portal.utils.EPUserUtils; +import org.onap.portal.utils.PortalConstants; +import org.onap.portalsdk.core.logging.logic.EELFLoggerDelegate; +import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.context.annotation.EnableAspectJAutoProxy; +import org.springframework.http.HttpStatus; +import org.springframework.http.ResponseEntity; +import org.springframework.web.bind.annotation.PathVariable; +import org.springframework.web.bind.annotation.RequestBody; +import org.springframework.web.bind.annotation.RequestMapping; +import org.springframework.web.bind.annotation.RequestMethod; +import org.springframework.web.bind.annotation.RestController; + +@EPAuditLog +@RestController +@EnableAspectJAutoProxy +@RequestMapping(PortalConstants.PORTAL_AUX_API) +public class SchedulerController { + + private static final String USER_IS_UNAUTHORIZED_TO_MAKE_THIS_CALL = "User is unauthorized to make this call"; + + private static final EELFLoggerDelegate logger = EELFLoggerDelegate.getLogger(SchedulerController.class); + private static final DateFormat requestDateFormat = new SimpleDateFormat("EEE, dd MMM YYYY HH:mm:ss z"); + + private SchedulerRestInterface schedulerRestController; + private AdminRolesService adminRolesService; + + @Autowired + public SchedulerController( + final SchedulerRestInterface schedulerRestController, + final AdminRolesService adminRolesService) { + this.schedulerRestController = schedulerRestController; + this.adminRolesService = adminRolesService; + } + + @RequestMapping(value = "/get_time_slots/{scheduler_request}", method = RequestMethod.GET, produces = "application/json") + public ResponseEntity<String> getTimeSlots(HttpServletRequest request, + @PathVariable("scheduler_request") String schedulerRequest) throws Exception { + if (checkIfUserISValidToMakeSchedule(request)) { + try { + Date startingTime = new Date(); + String startTimeRequest = requestDateFormat.format(startingTime); + logger.debug(EELFLoggerDelegate.debugLogger, + "Controller Scheduler GET Timeslots for startTimeRequest: ", startTimeRequest); + logger.debug(EELFLoggerDelegate.debugLogger, "Original Request = {} ", schedulerRequest); + + String path = SchedulerProperties.getProperty(SchedulerProperties.SCHEDULER_GET_TIME_SLOTS) + + schedulerRequest; + + GetTimeSlotsWrapper schedulerResWrapper = getTimeSlots(path, schedulerRequest); + + Date endTime = new Date(); + String endTimeRequest = requestDateFormat.format(endTime); + logger.debug(EELFLoggerDelegate.debugLogger, "Controller Scheduler - GET for EndTimeRequest = {}", + endTimeRequest); + return (new ResponseEntity<>(schedulerResWrapper.getResponse(), + HttpStatus.valueOf(schedulerResWrapper.getStatus()))); + } catch (Exception e) { + GetTimeSlotsWrapper schedulerResWrapper = new GetTimeSlotsWrapper(); + schedulerResWrapper.setStatus(HttpStatus.INTERNAL_SERVER_ERROR.value()); + schedulerResWrapper.setEntity(e.getMessage()); + logger.error(EELFLoggerDelegate.errorLogger, "Exception with getTimeslots", e); + return (new ResponseEntity<>(schedulerResWrapper.getResponse(), + HttpStatus.INTERNAL_SERVER_ERROR)); + } + } else { + return (new ResponseEntity<>(USER_IS_UNAUTHORIZED_TO_MAKE_THIS_CALL, HttpStatus.UNAUTHORIZED)); + } + } + + @RequestMapping(value = "/post_create_new_vnf_change", method = RequestMethod.POST, produces = "application/json") + public ResponseEntity<String> postCreateNewVNFChange(HttpServletRequest request, + @RequestBody JSONObject schedulerRequest) throws Exception { + if (checkIfUserISValidToMakeSchedule(request)) { + try { + Date startingTime = new Date(); + String startTimeRequest = requestDateFormat.format(startingTime); + + logger.debug(EELFLoggerDelegate.debugLogger, "Controller Scheduler POST : post_create_new_vnf_change", + startTimeRequest); + + // Generating uuid + String uuid = UUID.randomUUID().toString(); + + schedulerRequest.put("scheduleId", uuid); + logger.debug(EELFLoggerDelegate.debugLogger, "UUID = {} ", uuid); + + // adding uuid to the request payload + schedulerRequest.put("scheduleId", uuid); + logger.debug(EELFLoggerDelegate.debugLogger, "Original Request = {}", schedulerRequest.toString()); + + String path = SchedulerProperties + .getProperty(SchedulerProperties.SCHEDULER_CREATE_NEW_VNF_CHANGE_INSTANCE_VAL) + uuid; + + PostCreateNewVnfWrapper responseWrapper = postSchedulingRequest(schedulerRequest, path, uuid); + + Date endTime = new Date(); + String endTimeRequest = requestDateFormat.format(endTime); + logger.debug(EELFLoggerDelegate.debugLogger, "Controller Scheduler - POST= {}", endTimeRequest); + + return new ResponseEntity<>(responseWrapper.getResponse(), + HttpStatus.valueOf(responseWrapper.getStatus())); + } catch (Exception e) { + PostCreateNewVnfWrapper responseWrapper = new PostCreateNewVnfWrapper(); + responseWrapper.setStatus(HttpStatus.INTERNAL_SERVER_ERROR.value()); + responseWrapper.setEntity(e.getMessage()); + logger.error(EELFLoggerDelegate.errorLogger, "Exception with postCreateNewVNFChange ", e); + return (new ResponseEntity<>(responseWrapper.getResponse(), HttpStatus.INTERNAL_SERVER_ERROR)); + + } + } else { + return (new ResponseEntity<>(USER_IS_UNAUTHORIZED_TO_MAKE_THIS_CALL, HttpStatus.UNAUTHORIZED)); + } + } + + @RequestMapping(value = "/submit_vnf_change_timeslots", method = RequestMethod.POST, produces = "application/json") + public ResponseEntity<String> postSubmitVnfChangeTimeslots(HttpServletRequest request, + @RequestBody JSONObject schedulerRequest) throws Exception { + if (checkIfUserISValidToMakeSchedule(request)) { + try { + Date startingTime = new Date(); + String startTimeRequest = requestDateFormat.format(startingTime); + logger.debug(EELFLoggerDelegate.debugLogger, + " Controller Scheduler POST : submit_vnf_change_timeslots = {}", + startTimeRequest); + + // Generating uuid + String uuid = (String) schedulerRequest.get("scheduleId"); + logger.debug(EELFLoggerDelegate.debugLogger, "UUID = {} ", uuid); + + schedulerRequest.remove("scheduleId"); + logger.debug(EELFLoggerDelegate.debugLogger, "Original Request for the schedulerId= {} ", + schedulerRequest.toString()); + + String path = SchedulerProperties.getProperty(SchedulerProperties.SCHEDULER_SUBMIT_NEW_VNF_CHANGE) + .replace("{scheduleId}", uuid); + + PostSubmitVnfChangeTimeSlotsWrapper responseWrapper = postSubmitSchedulingRequest(schedulerRequest, + path, + uuid); + + Date endTime = new Date(); + String endTimeRequest = requestDateFormat.format(endTime); + logger.debug(EELFLoggerDelegate.debugLogger, + " Controller Scheduler - POST Submit for end time request= {}", + endTimeRequest); + + return (new ResponseEntity<>(responseWrapper.getResponse(), + HttpStatus.valueOf(responseWrapper.getStatus()))); + } catch (Exception e) { + PostSubmitVnfChangeTimeSlotsWrapper responseWrapper = new PostSubmitVnfChangeTimeSlotsWrapper(); + responseWrapper.setStatus(HttpStatus.INTERNAL_SERVER_ERROR.value()); + responseWrapper.setEntity(e.getMessage()); + logger.error(EELFLoggerDelegate.errorLogger, "Exception with Post submit Vnf change Timeslots", e); + return (new ResponseEntity<>(responseWrapper.getResponse(), HttpStatus.INTERNAL_SERVER_ERROR)); + + } + } else { + return (new ResponseEntity<>(USER_IS_UNAUTHORIZED_TO_MAKE_THIS_CALL, HttpStatus.UNAUTHORIZED)); + } + } + + @RequestMapping(value = "/get_scheduler_constant", method = RequestMethod.GET, produces = "application/json") + public PortalRestResponse<Map<String, String>> getSchedulerConstant(HttpServletRequest request, + HttpServletResponse response) throws Exception { + logger.debug(EELFLoggerDelegate.debugLogger, "get scheduler constant"); + + PortalRestResponse<Map<String, String>> portalRestResponse; + + if (checkIfUserISValidToMakeSchedule(request)) { + String errorMsg = " is not defined in property file. Please check the property file and make sure all the schedule constant values are defined"; + HashMap<String, String> constantMap = new HashMap<>(); + constantMap.put(SchedulerProperties.SCHEDULER_DOMAIN_NAME, "domainName"); + constantMap.put(SchedulerProperties.SCHEDULER_SCHEDULE_NAME, "scheduleName"); + constantMap.put(SchedulerProperties.SCHEDULER_WORKFLOW_NAME, "workflowName"); + constantMap.put(SchedulerProperties.SCHEDULER_CALLBACK_URL, "callbackUrl"); + constantMap.put(SchedulerProperties.SCHEDULER_APPROVAL_TYPE, "approvalType"); + constantMap.put(SchedulerProperties.SCHEDULER_APPROVAL_SUBMIT_STATUS, "approvalSubmitStatus"); + constantMap.put(SchedulerProperties.SCHEDULER_APPROVAL_REJECT_STATUS, "approvalRejectStatus"); + constantMap.put(SchedulerProperties.SCHEDULER_POLICY_NAME, "policyName"); + constantMap.put(SchedulerProperties.SCHEDULER_INTERVAL_GET_TIMESLOT_RATE, "intervalRate"); + constantMap.put(SchedulerProperties.SCHEDULER_GROUP_ID, "groupId"); + try { + Map<String, String> map = new HashMap<>(); + for (Map.Entry<String, String> entry : constantMap.entrySet()) { + if (SchedulerProperties.containsProperty(entry.getKey())) { + map.put(entry.getValue(), SchedulerProperties.getProperty(entry.getKey())); + } else { + throw new Exception(entry.getKey() + errorMsg); + } + } + logger.debug(EELFLoggerDelegate.debugLogger, " portalRestResponse - getSchedulerConstant= {}", map); + portalRestResponse = new PortalRestResponse<>(PortalRestStatusEnum.OK, "success", + map); + + } catch (Exception e) { + logger.error(EELFLoggerDelegate.errorLogger, "getSchedulerConstant failed", e); + portalRestResponse = new PortalRestResponse<>(PortalRestStatusEnum.ERROR, + e.getMessage(), null); + } + + } else { + logger.error(EELFLoggerDelegate.errorLogger, + "getSchedulerConstant failed: User unauthorized to make this call"); + portalRestResponse = new PortalRestResponse<>(PortalRestStatusEnum.ERROR, "failed : Unauthorized", null); + } + return portalRestResponse; + } + + private GetTimeSlotsWrapper getTimeSlots(String path, String uuid) throws Exception { + + try { + logger.debug(EELFLoggerDelegate.debugLogger, "Get Time Slots Request START"); + + GetTimeSlotsRestObject<String> restObjStr = new GetTimeSlotsRestObject<>(); + String str = ""; + + restObjStr.setT(str); + + schedulerRestController.get(str, uuid, path, restObjStr); + GetTimeSlotsWrapper schedulerRespWrapper = SchedulerUtil.getTimeSlotsWrapResponse(restObjStr); + logger.debug(EELFLoggerDelegate.debugLogger, "Get Time Slots Request END : Response: {}", + schedulerRespWrapper.getResponse()); + if (schedulerRespWrapper.getStatus() != 200 && schedulerRespWrapper.getStatus() != 204 + && schedulerRespWrapper.getStatus() != 202) { + String message = String.format( + " getTimeslots Information failed . SchedulerResponseWrapper for gettimeslots: {}", + schedulerRespWrapper.getResponse()); + logger.error(EELFLoggerDelegate.errorLogger, message); + EPLogUtil.schedulerAccessAlarm(logger, schedulerRespWrapper.getStatus()); + + } + return schedulerRespWrapper; + + } catch (Exception e) { + logger.error(EELFLoggerDelegate.errorLogger, "Get Time Slots Request ERROR : Exception:", e); + throw e; + } + } + + private PostCreateNewVnfWrapper postSchedulingRequest(JSONObject request, String path, String uuid) + throws Exception { + + try { + PostCreateNewVnfRestObject<String> restObjStr = new PostCreateNewVnfRestObject<>(); + String str = ""; + + restObjStr.setT(str); + schedulerRestController.post(str, request, path, restObjStr); + + int status = restObjStr.getStatusCode(); + if (status >= 200 && status <= 299) { + restObjStr.setUuid(uuid); + } + + PostCreateNewVnfWrapper responseWrapper = SchedulerUtil.postCreateNewVnfWrapResponse(restObjStr); + + logger.debug(EELFLoggerDelegate.debugLogger, " Post Create New Vnf Scheduling Request END : Response = {}", + responseWrapper.getResponse()); + if (responseWrapper.getStatus() != 200 && responseWrapper.getStatus() != 202 + && responseWrapper.getStatus() != 204) { + logger.error(EELFLoggerDelegate.errorLogger, "PostCreateNewVnfWrapper Information failed", + responseWrapper.getResponse()); + EPLogUtil.schedulerAccessAlarm(logger, responseWrapper.getStatus()); + + } + return responseWrapper; + + } catch (Exception e) { + logger.error(EELFLoggerDelegate.errorLogger, + "PostCreateNewVnfWrapper failed . Post Create New Vnf Scheduling Request ERROR :", e); + throw e; + } + } + + private PostSubmitVnfChangeTimeSlotsWrapper postSubmitSchedulingRequest(JSONObject request, String path, + String uuid) throws Exception { + + try { + PostSubmitVnfChangeRestObject<String> restObjStr = new PostSubmitVnfChangeRestObject<>(); + String str = ""; + + restObjStr.setT(str); + schedulerRestController.post(str, request, path, restObjStr); + + int status = restObjStr.getStatusCode(); + if (status >= 200 && status <= 299) { + status = (status == 204) ? 200 : status; + restObjStr.setStatusCode(status); + restObjStr.setUuid(uuid); + } + + PostSubmitVnfChangeTimeSlotsWrapper responseWrapper = SchedulerUtil + .postSubmitNewVnfWrapResponse(restObjStr); + logger.debug(EELFLoggerDelegate.debugLogger, "Post Submit Scheduling Request END : Response = {}", + responseWrapper.getResponse()); + if (responseWrapper.getStatus() != 200 && responseWrapper.getStatus() != 202 + && responseWrapper.getStatus() != 204) { + logger.error(EELFLoggerDelegate.errorLogger, "PostCreateNewVnfWrapper Information failed", + responseWrapper.getResponse()); + EPLogUtil.schedulerAccessAlarm(logger, responseWrapper.getStatus()); + + } + return responseWrapper; + + } catch (Exception e) { + logger.error(EELFLoggerDelegate.errorLogger, + " PostCreateNewVnfWrapper failed . Post Submit Scheduling Request ERROR :", e); + throw e; + } + } + + private String getPath(HttpServletRequest request) { + String requestURI = request.getRequestURI(); + String portalApiPath = ""; + if (requestURI != null) { + String[] uriArray = requestURI.split("/portalApi/"); + if (uriArray.length > 1) { + portalApiPath = uriArray[1]; + } + } + return portalApiPath; + } + + private boolean checkIfUserISValidToMakeSchedule(HttpServletRequest request) throws Exception { + FnUser user = EPUserUtils.getUserSession(request); + String portalApiPath = getPath(request); + Set<String> functionCodeList = adminRolesService.getAllAppsFunctionsOfUser(user.getId().toString()); + return EPUserUtils.matchRoleFunctions(portalApiPath, functionCodeList); + } +} diff --git a/portal-BE/src/main/java/org/onap/portal/scheduler/SchedulerProperties.java b/portal-BE/src/main/java/org/onap/portal/scheduler/SchedulerProperties.java new file mode 100644 index 00000000..74669abb --- /dev/null +++ b/portal-BE/src/main/java/org/onap/portal/scheduler/SchedulerProperties.java @@ -0,0 +1,147 @@ +/* + * ============LICENSE_START========================================== + * ONAP Portal + * =================================================================== + * Copyright (C) 2019 AT&T Intellectual Property. All rights reserved. + * =================================================================== + * Modifications Copyright (c) 2019 Samsung + * =================================================================== + * + * Unless otherwise specified, all software contained herein is licensed + * under the Apache License, Version 2.0 (the "License"); + * you may not use this software except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + * Unless otherwise specified, all documentation contained herein is licensed + * under the Creative Commons License, Attribution 4.0 Intl. (the "License"); + * you may not use this documentation except in compliance with the License. + * You may obtain a copy of the License at + * + * https://creativecommons.org/licenses/by/4.0/ + * + * Unless required by applicable law or agreed to in writing, documentation + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + * ============LICENSE_END============================================ + * + * + */ + +package org.onap.portal.scheduler; + +import org.onap.portalsdk.core.logging.logic.EELFLoggerDelegate; +import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.context.annotation.Configuration; +import org.springframework.context.annotation.PropertySource; +import org.springframework.core.env.Environment; + +@Configuration +@PropertySource(value = { "classpath:/conf/scheduler.properties" }) +public class SchedulerProperties { + + private static EELFLoggerDelegate logger = EELFLoggerDelegate.getLogger(SchedulerProperties.class); + + private static Environment environment; + + + public SchedulerProperties() { + } + + protected Environment getEnvironment() { + return environment; + } + + @Autowired + public void setEnvironment(Environment environment) { + SchedulerProperties.environment = environment; + } + + public static boolean containsProperty(String key) { + return environment.containsProperty(key); + } + + public static String getProperty(String key) { + String value = ""; + if (environment == null) { + logger.error(EELFLoggerDelegate.errorLogger, "getProperty: environment is null, should never happen!"); + } else { + value = environment.getRequiredProperty(key); + if (value != null) + value = value.trim(); + } + return value; + } + + public static final String SCHEDULER_USER_NAME_VAL = "scheduler.user.name"; + + public static final String SCHEDULER_PASSWORD_VAL = "scheduler.password"; + + public static final String SCHEDULER_SERVER_URL_VAL = "scheduler.server.url"; + + public static final String SCHEDULER_CREATE_NEW_VNF_CHANGE_INSTANCE_VAL = "scheduler.create.new.vnf.change.instance"; + + public static final String SCHEDULER_GET_TIME_SLOTS = "scheduler.get.time.slots"; + + public static final String SCHEDULER_SUBMIT_NEW_VNF_CHANGE = "scheduler.submit.new.vnf.change"; + + public static final String SCHEDULERAUX_CLIENTAUTH_VAL = "scheduleraux.ClientAuth"; + + public static final String SCHEDULERAUX_CLIENT_MECHID_VAL = "scheduleraux.client.mechId"; + + public static final String SCHEDULERAUX_CLIENT_PASSWORD_VAL = "scheduleraux.client.password"; + + public static final String SCHEDULERAUX_USERNAME_VAL = "scheduleraux.username"; + + public static final String SCHEDULERAUX_PASSWORD_VAL = "scheduleraux.password"; + + public static final String SCHEDULERAUX_AUTHORIZATION_VAL = "scheduleraux.Authorization"; + + public static final String SCHEDULERAUX_SERVER_URL_VAL = "scheduleraux.server.url"; + + public static final String SCHEDULERAUX_ENVIRONMENT_VAL = "scheduleraux.environment"; + + public static final String SCHEDULERAUX_GET_CONFIG_VAL = "scheduleraux.get.config"; + + + /** The Constant VID_TRUSTSTORE_FILENAME. */ + public static final String VID_TRUSTSTORE_FILENAME = "vid.truststore.filename"; + + /** The Constant VID_TRUSTSTORE_PASSWD_X. */ + public static final String VID_TRUSTSTORE_PASSWD_X = "vid.truststore.passwd.x"; + + /** The Constant FILESEPARATOR. */ + public static final String FILESEPARATOR = (System.getProperty("file.separator") == null) ? "/" : System.getProperty("file.separator"); + + /** Scheduler UI constant **/ + public static final String SCHEDULER_DOMAIN_NAME = "scheduler.domain.name"; + + public static final String SCHEDULER_SCHEDULE_NAME = "scheduler.schedule.name"; + + public static final String SCHEDULER_WORKFLOW_NAME = "scheduler.workflow.name"; + + public static final String SCHEDULER_CALLBACK_URL = "scheduler.callback.url"; + + public static final String SCHEDULER_APPROVAL_TYPE = "scheduler.approval.type"; + + public static final String SCHEDULER_APPROVAL_SUBMIT_STATUS = "scheduler.approval.submit.status"; + + public static final String SCHEDULER_APPROVAL_REJECT_STATUS = "scheduler.approval.reject.status"; + + public static final String SCHEDULER_INTERVAL_GET_TIMESLOT_RATE = "scheduler.interval.get.timeslot.rate"; + + public static final String SCHEDULER_POLICY_NAME = "scheduler.policy.name"; + + public static final String SCHEDULER_GROUP_ID = "scheduler.group.id"; + +} diff --git a/portal-BE/src/main/java/org/onap/portal/scheduler/SchedulerResponseWrapper.java b/portal-BE/src/main/java/org/onap/portal/scheduler/SchedulerResponseWrapper.java new file mode 100644 index 00000000..4e9c6995 --- /dev/null +++ b/portal-BE/src/main/java/org/onap/portal/scheduler/SchedulerResponseWrapper.java @@ -0,0 +1,119 @@ +/* + * ============LICENSE_START========================================== + * ONAP Portal + * =================================================================== + * Copyright (C) 2019 AT&T Intellectual Property. All rights reserved. + * =================================================================== + * Modifications Copyright (c) 2019 Samsung + * =================================================================== + * + * Unless otherwise specified, all software contained herein is licensed + * under the Apache License, Version 2.0 (the "License"); + * you may not use this software except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + * Unless otherwise specified, all documentation contained herein is licensed + * under the Creative Commons License, Attribution 4.0 Intl. (the "License"); + * you may not use this documentation except in compliance with the License. + * You may obtain a copy of the License at + * + * https://creativecommons.org/licenses/by/4.0/ + * + * Unless required by applicable law or agreed to in writing, documentation + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + * ============LICENSE_END============================================ + * + * + */ + +package org.onap.portal.scheduler; + +import com.fasterxml.jackson.annotation.JsonInclude; +import com.fasterxml.jackson.annotation.JsonProperty; +import com.fasterxml.jackson.annotation.JsonPropertyOrder; +import com.fasterxml.jackson.core.JsonProcessingException; +import com.fasterxml.jackson.databind.ObjectMapper; +import java.io.IOException; +import java.util.LinkedHashMap; +import java.util.Map; +import org.apache.commons.lang.builder.ToStringBuilder; + +/** + * This wrapper encapsulates the Scheduler response + */ +@JsonInclude(JsonInclude.Include.NON_NULL) +@JsonPropertyOrder({ + "status", + "entity", + "uuid" +}) + +public class SchedulerResponseWrapper { + + @JsonProperty("status") + private int status; + + @JsonProperty("entity") + private String entity; + + @JsonProperty("uuid") + private String uuid; + + @JsonProperty("entity") + public String getEntity() { + return entity; + } + + @JsonProperty("status") + public int getStatus() { + return status; + } + + @JsonProperty("uuid") + public String getUuid() { + return uuid; + } + + @JsonProperty("status") + public void setStatus(int v) { + this.status = v; + } + + @JsonProperty("entity") + public void setEntity(String v) { + this.entity = v; + } + + @JsonProperty("uuid") + public void setUuid(String v) { + this.uuid = v; + } + + @Override + public String toString() { + return ToStringBuilder.reflectionToString(this); + } + + public String getResponse () throws JsonProcessingException,IOException { + Map<String, Object> map = new LinkedHashMap<>(); + map.put("status", getStatus()); + map.put("entity", getEntity()); + map.put("uuid", getUuid()); + ObjectMapper objectMapper = new ObjectMapper(); + String jsonResponse = objectMapper.writeValueAsString(map); + return jsonResponse; + } + +} diff --git a/portal-BE/src/main/java/org/onap/portal/scheduler/SchedulerRestInt.java b/portal-BE/src/main/java/org/onap/portal/scheduler/SchedulerRestInt.java new file mode 100644 index 00000000..7f914038 --- /dev/null +++ b/portal-BE/src/main/java/org/onap/portal/scheduler/SchedulerRestInt.java @@ -0,0 +1,54 @@ +/* + * ============LICENSE_START========================================== + * ONAP Portal + * =================================================================== + * Copyright (C) 2019 AT&T Intellectual Property. All rights reserved. + * =================================================================== + * Modifications Copyright (c) 2019 Samsung + * =================================================================== + * + * Unless otherwise specified, all software contained herein is licensed + * under the Apache License, Version 2.0 (the "License"); + * you may not use this software except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + * Unless otherwise specified, all documentation contained herein is licensed + * under the Creative Commons License, Attribution 4.0 Intl. (the "License"); + * you may not use this documentation except in compliance with the License. + * You may obtain a copy of the License at + * + * https://creativecommons.org/licenses/by/4.0/ + * + * Unless required by applicable law or agreed to in writing, documentation + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + * ============LICENSE_END============================================ + * + * + */ + +package org.onap.portal.scheduler; + +import org.onap.portal.utils.DateUtil; +import org.onap.portalsdk.core.logging.logic.EELFLoggerDelegate; + +public class SchedulerRestInt { + + /** The logger. */ + EELFLoggerDelegate logger = EELFLoggerDelegate.getLogger(SchedulerRestInterface.class); + + public SchedulerRestInt() { + DateUtil.getRequestDateFormat().setTimeZone(java.util.TimeZone.getTimeZone("GMT")); + } +} diff --git a/portal-BE/src/main/java/org/onap/portal/scheduler/SchedulerRestInterface.java b/portal-BE/src/main/java/org/onap/portal/scheduler/SchedulerRestInterface.java new file mode 100644 index 00000000..a6066fdb --- /dev/null +++ b/portal-BE/src/main/java/org/onap/portal/scheduler/SchedulerRestInterface.java @@ -0,0 +1,301 @@ +/* + * ============LICENSE_START========================================== + * ONAP Portal + * =================================================================== + * Copyright (C) 2019 AT&T Intellectual Property. All rights reserved. + * =================================================================== + * Modifications Copyright (c) 2019 Samsung + * =================================================================== + * + * Unless otherwise specified, all software contained herein is licensed + * under the Apache License, Version 2.0 (the "License"); + * you may not use this software except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + * Unless otherwise specified, all documentation contained herein is licensed + * under the Creative Commons License, Attribution 4.0 Intl. (the "License"); + * you may not use this documentation except in compliance with the License. + * You may obtain a copy of the License at + * + * https://creativecommons.org/licenses/by/4.0/ + * + * Unless required by applicable law or agreed to in writing, documentation + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + * ============LICENSE_END============================================ + * + * + */ + +package org.onap.portal.scheduler; + +import com.google.gson.Gson; +import com.google.gson.GsonBuilder; +import com.google.gson.JsonDeserializer; +import java.util.Collections; +import java.util.Date; +import javax.security.auth.login.CredentialException; +import javax.ws.rs.client.Client; +import javax.ws.rs.client.Entity; +import javax.ws.rs.core.MediaType; +import javax.ws.rs.core.MultivaluedHashMap; +import javax.ws.rs.core.Response; +import lombok.NoArgsConstructor; +import org.apache.commons.codec.binary.Base64; +import org.apache.commons.lang.StringUtils; +import org.eclipse.jetty.util.security.Password; +import org.json.JSONObject; +import org.onap.portal.logging.format.EPAppMessagesEnum; +import org.onap.portal.logging.logic.EPLogUtil; +import org.onap.portal.scheduler.client.HttpBasicClient; +import org.onap.portal.scheduler.client.HttpsBasicClient; +import org.onap.portal.scheduler.restobjects.GetTimeSlotsRestObject; +import org.onap.portal.scheduler.restobjects.RestObject; +import org.onap.portalsdk.core.logging.logic.EELFLoggerDelegate; +import org.springframework.http.HttpStatus; +import org.springframework.stereotype.Service; +import org.springframework.web.client.HttpClientErrorException; + +@SuppressWarnings("MalformedFormatString") +@Service +@NoArgsConstructor +public class SchedulerRestInterface { + + private static final String APPLICATION_JSON = "application/json"; + private static final String PASSWORD_IS_EMPTY = "Password is Empty"; + private static final String HTTP_CLIENT_ERROR = " HttpClientErrorException: Exception For the POST ." + + " MethodName: %APPLICATION_JSON, Url: %APPLICATION_JSON"; + + private static final EELFLoggerDelegate logger = EELFLoggerDelegate.getLogger(SchedulerRestInterface.class); + private static Client client = null; + private static Gson gson = null; + + private MultivaluedHashMap<String, Object> commonHeaders; + + private static void init() { + logger.debug(EELFLoggerDelegate.debugLogger, "initializing"); + GsonBuilder builder = new GsonBuilder(); + + // Register an adapter to manage the date types as long values + builder.registerTypeAdapter(Date.class, + (JsonDeserializer<Date>) (json, typeOfT, context) -> new Date(json.getAsJsonPrimitive().getAsLong())); + + gson = builder.create(); + } + + public void initRestClient() { + logger.debug(EELFLoggerDelegate.debugLogger, "Starting to initialize rest client"); + + init(); + + final String username; + final String password; + + /* Setting user name based on properties */ + String retrievedUsername = SchedulerProperties.getProperty(SchedulerProperties.SCHEDULER_USER_NAME_VAL); + if (retrievedUsername.isEmpty()) { + username = ""; + } else { + username = retrievedUsername; + } + + /* Setting password based on properties */ + String retrievedPassword = SchedulerProperties.getProperty(SchedulerProperties.SCHEDULER_PASSWORD_VAL); + if (retrievedPassword.isEmpty()) { + password = StringUtils.EMPTY; + } else { + if (retrievedPassword.contains("OBF:")) { + password = Password.deobfuscate(retrievedPassword); + } else { + password = retrievedPassword; + } + } + try { + if (StringUtils.isBlank(password)) { + throw new CredentialException(PASSWORD_IS_EMPTY); + } + } catch (Exception ex) { + logger.error(EELFLoggerDelegate.errorLogger, "Unable to initialize rest client", ex); + } + String authString = username + ":" + password; + byte[] authEncBytes = Base64.encodeBase64(authString.getBytes()); + String authStringEnc = new String(authEncBytes); + + commonHeaders = new MultivaluedHashMap<>(); + commonHeaders.put("Authorization", Collections.singletonList(("Basic " + authStringEnc))); + + try { + if (!username.isEmpty()) { + + client = HttpBasicClient.getClient(); + } else { + + client = HttpsBasicClient.getClient(); + } + } catch (Exception e) { + logger.debug(EELFLoggerDelegate.debugLogger, "Unable to initialize rest client", e.getMessage()); + + } + logger.debug(EELFLoggerDelegate.debugLogger, "Client Initialized"); + + } + + public <T> void get(String t, String sourceId, String path, GetTimeSlotsRestObject<String> restObject) { + + String methodName = "Get"; + String url = SchedulerProperties.getProperty(SchedulerProperties.SCHEDULER_SERVER_URL_VAL) + path; + + logger.debug(EELFLoggerDelegate.debugLogger, "URL FOR GET : ", url); + try { + initRestClient(); + + final Response cres = client.target(url).request().accept(APPLICATION_JSON).headers(commonHeaders).get(); + + int status = cres.getStatus(); + restObject.setStatusCode(status); + + if (cres.getEntity() != null) { + try { + String str = (cres).readEntity(String.class); + if (t.getClass().getName().equals(String.class.getName())) { + t = str; + } else { + t = gson.fromJson(str, t.getClass()); + } + + } catch (Exception e) { + EPLogUtil.logEcompError(logger, EPAppMessagesEnum.BeInvalidJsonInput, e); + } + } else { + t = null; + restObject.setT(null); + } + + if ("".equals(t)) { + restObject.setT(null); + } else { + restObject.setT(t); + } + } catch (HttpClientErrorException e) { + String message = String.format( + HTTP_CLIENT_ERROR, methodName, url); + logger.error(EELFLoggerDelegate.errorLogger, message, e); + EPLogUtil.schedulerAccessAlarm(logger, e.getStatusCode().value()); + } catch (Exception e) { + String message = String + .format("Exception For the POST . MethodName: %APPLICATION_JSON, Url: %APPLICATION_JSON", methodName, + url); + + logger.error(EELFLoggerDelegate.errorLogger, message, e); + EPLogUtil.schedulerAccessAlarm(logger, HttpStatus.INTERNAL_SERVER_ERROR.value()); + + throw e; + + } + + } + + public <T> void post(String t, JSONObject requestDetails, String path, RestObject<String> restObject) { + + String methodName = "Post"; + String url = SchedulerProperties.getProperty(SchedulerProperties.SCHEDULER_SERVER_URL_VAL) + path; + logger.debug(EELFLoggerDelegate.debugLogger, "URL FOR POST : " + url); + + try { + + initRestClient(); + + // Change the content length + final Response cres = client.target(url).request().accept(APPLICATION_JSON).headers(commonHeaders) + .post(Entity.entity(requestDetails, MediaType.APPLICATION_JSON)); + + if (cres != null && cres.getEntity() != null) { + + try { + String str = (cres).readEntity(String.class); + if (t.getClass().getName().equals(String.class.getName())) { + t = str; + + } else { + t = gson.fromJson(str, t.getClass()); + } + + } catch (Exception e) { + EPLogUtil.logEcompError(logger, EPAppMessagesEnum.BeInvalidJsonInput, e); + } + restObject.setT(t); + } else { + restObject.setT(null); + } + + int status = cres != null ? cres.getStatus() : 0; + restObject.setStatusCode(status); + + if (status >= 200 && status <= 299) { + String message = String.format(" REST api POST was successful!", methodName); + logger.debug(EELFLoggerDelegate.debugLogger, message); + + } else { + String message = String.format( + " FAILED with http status . MethodName: %APPLICATION_JSON, Status: %APPLICATION_JSON, Url: %APPLICATION_JSON", + methodName, status, url); + logger.debug(EELFLoggerDelegate.debugLogger, message); + } + + } catch (HttpClientErrorException e) { + String message = String.format( + HTTP_CLIENT_ERROR, methodName, url); + logger.error(EELFLoggerDelegate.errorLogger, message, e); + EPLogUtil.schedulerAccessAlarm(logger, e.getStatusCode().value()); + } catch (Exception e) { + String message = String.format( + HTTP_CLIENT_ERROR, methodName, url); + logger.error(EELFLoggerDelegate.errorLogger, message, e); + EPLogUtil.schedulerAccessAlarm(logger, HttpStatus.INTERNAL_SERVER_ERROR.value()); + throw e; + } + } + + public <T> void delete(String t, JSONObject requestDetails, String sourceID, String path, RestObject<String> restObject) { + + String methodName = "Delete"; + String url = ""; + Response cres; + + try { + initRestClient(); + + url = SchedulerProperties.getProperty(SchedulerProperties.SCHEDULER_SERVER_URL_VAL) + path; + + cres = client.target(url).request().accept(APPLICATION_JSON).headers(commonHeaders) + .build("DELETE", Entity.entity(requestDetails, MediaType.APPLICATION_JSON)).invoke(); + + int status = cres.getStatus(); + restObject.setStatusCode(status); + if (cres.getEntity() != null) { + t = cres.readEntity(t.getClass()); + restObject.setT(t); + } + + } catch (HttpClientErrorException e) { + logger.error(EELFLoggerDelegate.errorLogger, " HttpClientErrorException:Exception For the Delete", + methodName, url, e); + EPLogUtil.schedulerAccessAlarm(logger, e.getStatusCode().value()); + } catch (Exception e) { + logger.error(EELFLoggerDelegate.errorLogger, "Exception For the Delete", methodName, url, e); + EPLogUtil.schedulerAccessAlarm(logger, HttpStatus.INTERNAL_SERVER_ERROR.value()); + throw e; + } + } +} diff --git a/portal-BE/src/main/java/org/onap/portal/scheduler/SchedulerUtil.java b/portal-BE/src/main/java/org/onap/portal/scheduler/SchedulerUtil.java new file mode 100644 index 00000000..ba55f477 --- /dev/null +++ b/portal-BE/src/main/java/org/onap/portal/scheduler/SchedulerUtil.java @@ -0,0 +1,136 @@ +/* + * ============LICENSE_START========================================== + * ONAP Portal + * =================================================================== + * Copyright (C) 2019 AT&T Intellectual Property. All rights reserved. + * =================================================================== + * Modifications Copyright (c) 2019 Samsung + * =================================================================== + * + * Unless otherwise specified, all software contained herein is licensed + * under the Apache License, Version 2.0 (the "License"); + * you may not use this software except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + * Unless otherwise specified, all documentation contained herein is licensed + * under the Creative Commons License, Attribution 4.0 Intl. (the "License"); + * you may not use this documentation except in compliance with the License. + * You may obtain a copy of the License at + * + * https://creativecommons.org/licenses/by/4.0/ + * + * Unless required by applicable law or agreed to in writing, documentation + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + * ============LICENSE_END============================================ + * + * + */ + +package org.onap.portal.scheduler; + +import com.fasterxml.jackson.databind.ObjectMapper; +import java.util.Date; +import org.onap.portal.scheduler.restobjects.GetTimeSlotsRestObject; +import org.onap.portal.scheduler.restobjects.PostCreateNewVnfRestObject; +import org.onap.portal.scheduler.restobjects.PostSubmitVnfChangeRestObject; +import org.onap.portal.scheduler.wrapper.GetTimeSlotsWrapper; +import org.onap.portal.scheduler.wrapper.PostCreateNewVnfWrapper; +import org.onap.portal.scheduler.wrapper.PostSubmitVnfChangeTimeSlotsWrapper; +import org.onap.portal.utils.DateUtil; +import org.onap.portalsdk.core.logging.logic.EELFLoggerDelegate; + +public class SchedulerUtil { + + private static EELFLoggerDelegate logger = EELFLoggerDelegate.getLogger(SchedulerUtil.class); + + public static GetTimeSlotsWrapper getTimeSlotsWrapResponse(GetTimeSlotsRestObject<String> rs) { + + String resp_str = ""; + int status = 0; + + if (rs != null) { + resp_str = rs.getT(); + status = rs.getStatusCode(); + } + + GetTimeSlotsWrapper w = new GetTimeSlotsWrapper(); + + w.setEntity(resp_str); + w.setStatus(status); + + return (w); + } + + public static PostSubmitVnfChangeTimeSlotsWrapper postSubmitNewVnfWrapResponse( + PostSubmitVnfChangeRestObject<String> rs) { + + String resp_str = ""; + int status = 0; + String uuid = ""; + + if (rs != null) { + resp_str = rs.getT(); + status = rs.getStatusCode(); + uuid = rs.getUuid(); + } + + PostSubmitVnfChangeTimeSlotsWrapper w = new PostSubmitVnfChangeTimeSlotsWrapper(); + + w.setEntity(resp_str); + w.setStatus(status); + w.setUuid(uuid); + + return (w); + } + + public static PostCreateNewVnfWrapper postCreateNewVnfWrapResponse(PostCreateNewVnfRestObject<String> rs) { + + String resp_str = ""; + int status = 0; + String uuid = ""; + + if (rs != null) { + resp_str = rs.getT(); + status = rs.getStatusCode(); + uuid = rs.getUUID(); + } + + PostCreateNewVnfWrapper w = new PostCreateNewVnfWrapper(); + + w.setEntity(resp_str); + w.setStatus(status); + w.setUuid(uuid); + + return (w); + } + + public static <T> String convertPojoToString(T t) throws com.fasterxml.jackson.core.JsonProcessingException { + + String methodName = "convertPojoToString"; + ObjectMapper mapper = new ObjectMapper(); + String r_json_str = ""; + if (t != null) { + try { + r_json_str = mapper.writeValueAsString(t); + } catch (com.fasterxml.jackson.core.JsonProcessingException j) { + logger.debug(EELFLoggerDelegate.debugLogger, + DateUtil.getDateFormat().format(new Date()) + "<== " + methodName + " Unable " + "to " + + "parse object as json"); + } + } + return (r_json_str); + } + +} diff --git a/portal-BE/src/main/java/org/onap/portal/scheduler/client/HttpBasicClient.java b/portal-BE/src/main/java/org/onap/portal/scheduler/client/HttpBasicClient.java new file mode 100644 index 00000000..c09aa12b --- /dev/null +++ b/portal-BE/src/main/java/org/onap/portal/scheduler/client/HttpBasicClient.java @@ -0,0 +1,73 @@ +/* + * ============LICENSE_START========================================== + * ONAP Portal + * =================================================================== + * Copyright (C) 2019 AT&T Intellectual Property. All rights reserved. + * =================================================================== + * Modifications Copyright (c) 2019 Samsung + * =================================================================== + * + * Unless otherwise specified, all software contained herein is licensed + * under the Apache License, Version 2.0 (the "License"); + * you may not use this software except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + * Unless otherwise specified, all documentation contained herein is licensed + * under the Creative Commons License, Attribution 4.0 Intl. (the "License"); + * you may not use this documentation except in compliance with the License. + * You may obtain a copy of the License at + * + * https://creativecommons.org/licenses/by/4.0/ + * + * Unless required by applicable law or agreed to in writing, documentation + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + * ============LICENSE_END============================================ + * + * + */ +package org.onap.portal.scheduler.client; + + +import javax.servlet.ServletContext; +import javax.ws.rs.client.Client; +import javax.ws.rs.client.ClientBuilder; +import org.glassfish.jersey.client.ClientConfig; +import org.glassfish.jersey.client.ClientProperties; +import org.onap.portal.scheduler.util.CustomJacksonJaxBJsonProvider; +import org.onap.portalsdk.core.logging.logic.EELFLoggerDelegate; +import org.springframework.beans.factory.annotation.Autowired; + +public class HttpBasicClient{ + + @Autowired + private ServletContext servletContext; + + /** The logger. */ + EELFLoggerDelegate logger = EELFLoggerDelegate.getLogger(HttpBasicClient.class); + /** + * Obtain a basic HTTP client . + * + * @return Client client object + * @throws Exception the exception + */ + public static Client getClient() throws Exception { + + ClientConfig config = new ClientConfig(); + config.property(ClientProperties.SUPPRESS_HTTP_COMPLIANCE_VALIDATION, true); + + return ClientBuilder.newClient(config) + .register(CustomJacksonJaxBJsonProvider.class); + } +} diff --git a/portal-BE/src/main/java/org/onap/portal/scheduler/client/HttpsBasicClient.java b/portal-BE/src/main/java/org/onap/portal/scheduler/client/HttpsBasicClient.java new file mode 100644 index 00000000..1f44525b --- /dev/null +++ b/portal-BE/src/main/java/org/onap/portal/scheduler/client/HttpsBasicClient.java @@ -0,0 +1,113 @@ +/* + * ============LICENSE_START========================================== + * ONAP Portal + * =================================================================== + * Copyright (C) 2019 AT&T Intellectual Property. All rights reserved. + * =================================================================== + * Modifications Copyright (c) 2019 Samsung + * =================================================================== + * + * Unless otherwise specified, all software contained herein is licensed + * under the Apache License, Version 2.0 (the "License"); + * you may not use this software except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + * Unless otherwise specified, all documentation contained herein is licensed + * under the Creative Commons License, Attribution 4.0 Intl. (the "License"); + * you may not use this documentation except in compliance with the License. + * You may obtain a copy of the License at + * + * https://creativecommons.org/licenses/by/4.0/ + * + * Unless required by applicable law or agreed to in writing, documentation + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + * ============LICENSE_END============================================ + * + * + */ + +package org.onap.portal.scheduler.client; + +import java.io.File; +import java.text.SimpleDateFormat; +import java.util.Date; +import javax.net.ssl.HostnameVerifier; +import javax.net.ssl.HttpsURLConnection; +import javax.net.ssl.SSLContext; +import javax.net.ssl.SSLSession; +import javax.ws.rs.client.Client; +import javax.ws.rs.client.ClientBuilder; +import org.glassfish.jersey.client.ClientConfig; +import org.glassfish.jersey.client.ClientProperties; +import org.onap.portal.scheduler.SchedulerProperties; +import org.eclipse.jetty.util.security.Password; +import org.onap.portal.scheduler.util.CustomJacksonJaxBJsonProvider; +import org.onap.portal.utils.DateUtil; +import org.onap.portalsdk.core.logging.logic.EELFLoggerDelegate; + +public class HttpsBasicClient { + + static EELFLoggerDelegate logger = EELFLoggerDelegate.getLogger(HttpsBasicClient.class); + + public static Client getClient() throws Exception { + String methodName = "getClient"; + ClientConfig config = new ClientConfig(); + + SSLContext ctx = null; + + try { + + SimpleDateFormat dateFormat = DateUtil.getDateFormat(); + config.property(ClientProperties.SUPPRESS_HTTP_COMPLIANCE_VALIDATION, true); + + String truststore_path = SchedulerProperties.getProperty(SchedulerProperties.VID_TRUSTSTORE_FILENAME); + logger.debug(EELFLoggerDelegate.debugLogger, dateFormat.format(new Date()) + " " + methodName + " " + + "truststore_path=" + + truststore_path); + String truststore_password = SchedulerProperties.getProperty(SchedulerProperties.VID_TRUSTSTORE_PASSWD_X); + + String decrypted_truststore_password = Password.deobfuscate(truststore_password); + + File tr = new File(truststore_path); + logger.debug(EELFLoggerDelegate.debugLogger, dateFormat.format(new Date()) + " " + methodName + " absolute " + + "truststore path=" + tr.getAbsolutePath()); + System.setProperty("javax.net.ssl.trustStore", truststore_path); + System.setProperty("javax.net.ssl.trustStorePassword", decrypted_truststore_password); + HttpsURLConnection.setDefaultHostnameVerifier(new HostnameVerifier() { + public boolean verify(String string, SSLSession ssls) { + return true; + } + }); + ctx = SSLContext.getInstance("TLSv1.2"); + ctx.init(null, null, null); + + return ClientBuilder.newBuilder() + .sslContext(ctx) + .hostnameVerifier(new HostnameVerifier() { + @Override + public boolean verify(String s, SSLSession sslSession) { + return true; + } + }).withConfig(config) + .build() + .register(CustomJacksonJaxBJsonProvider.class); + + } catch (Exception e) { + logger.debug(EELFLoggerDelegate.debugLogger, "Error setting up config: exiting"); + e.printStackTrace(); + return null; + } + } +} diff --git a/portal-BE/src/main/java/org/onap/portal/scheduler/policy/rest/RequestDetails.java b/portal-BE/src/main/java/org/onap/portal/scheduler/policy/rest/RequestDetails.java new file mode 100644 index 00000000..5dc1b8cf --- /dev/null +++ b/portal-BE/src/main/java/org/onap/portal/scheduler/policy/rest/RequestDetails.java @@ -0,0 +1,127 @@ +/* + * ============LICENSE_START========================================== + * ONAP Portal + * =================================================================== + * Copyright (C) 2019 AT&T Intellectual Property. All rights reserved. + * =================================================================== + * Modifications Copyright (c) 2019 Samsung + * =================================================================== + * + * Unless otherwise specified, all software contained herein is licensed + * under the Apache License, Version 2.0 (the "License"); + * you may not use this software except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + * Unless otherwise specified, all documentation contained herein is licensed + * under the Creative Commons License, Attribution 4.0 Intl. (the "License"); + * you may not use this documentation except in compliance with the License. + * You may obtain a copy of the License at + * + * https://creativecommons.org/licenses/by/4.0/ + * + * Unless required by applicable law or agreed to in writing, documentation + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + * ============LICENSE_END============================================ + * + * + */ + +package org.onap.portal.scheduler.policy.rest; + +import com.fasterxml.jackson.annotation.JsonInclude; +import com.fasterxml.jackson.annotation.JsonProperty; +import com.fasterxml.jackson.annotation.JsonPropertyOrder; + +/* + [ + { + "policyConfigMessage": "Config Retrieved! ", + "policyConfigStatus": "CONFIG_RETRIEVED", + "type": "JSON", + "config": "{\"service\":\"TimeLimitAndVerticalTopology\",\"policyName\":\"SNIRO_CM_1707.Demo_TimeLimitAndVerticalTopology_zone_localTime\",\"description\":\"dev instance\",\"templateVersion\":\"1702.03\",\"version\":\"1707\",\"priority\":\"4\",\"riskType\":\"test\",\"riskLevel\":\"3\",\"guard\":\"False\",\"content\":{\"serviceType\":\"networkOnDemand\",\"identity\":\"vnf_upgrade_policy\",\"policyScope\":{\"serviceType\":[\"networkOnDemand\"],\"aicZone\":[\" \"],\"entityType\":[\"vnf\"]},\"timeSchedule\":{\"allowedPeriodicTime\":[{\"day\":\"weekday\",\"timeRange\":[{\"start_time\":\"04:00:00\",\"end_time\":\"13:00:00\"}]}]},\"nodeType\":[\"vnf\"],\"type\":\"timeLimitAndVerticalTopology\",\"conflictScope\":\"vnf_zone\"}}", + "policyName": "SNIRO_CM_1707.Config_MS_Demo_TimeLimitAndVerticalTopology_zone_localTime.1.xml", + "policyVersion": "1", + "matchingConditions": { + "ECOMPName": "SNIRO-Placement", + "ConfigName": "", + "service": "TimeLimitAndVerticalTopology", + "uuid": "", + "Location": "" + }, + "responseAttributes": {}, + "property": null + }, + { + "policyConfigMessage": "Config Retrieved! ", + "policyConfigStatus": "CONFIG_RETRIEVED", + "type": "JSON", + "config": "{\"service\":\"TimeLimitAndVerticalTopology\",\"policyName\":\"SNIRO_CM_1707.Demo_TimeLimitAndVerticalTopology_pserver_localTime\",\"description\":\"dev instance\",\"templateVersion\":\"1702.03\",\"version\":\"1707\",\"priority\":\"4\",\"riskType\":\"test\",\"riskLevel\":\"3\",\"guard\":\"False\",\"content\":{\"serviceType\":\"networkOnDemand\",\"identity\":\"vnf_upgrade_policy\",\"policyScope\":{\"serviceType\":[\"networkOnDemand\"],\"aicZone\":[\" \"],\"entityType\":[\"vnf\"]},\"timeSchedule\":{\"allowedPeriodicTime\":[{\"day\":\"weekday\",\"timeRange\":[{\"start_time\":\"04:00:00\",\"end_time\":\"13:00:00\"}]}]},\"nodeType\":[\"vnf\"],\"type\":\"timeLimitAndVerticalTopology\",\"conflictScope\":\"vnf_pserver\"}}", + "policyName": "SNIRO_CM_1707.Config_MS_Demo_TimeLimitAndVerticalTopology_pserver_localTime.1.xml", + "policyVersion": "1", + "matchingConditions": { + "ECOMPName": "SNIRO-Placement", + "ConfigName": "", + "service": "TimeLimitAndVerticalTopology", + "uuid": "", + "Location": "" + }, + "responseAttributes": {}, + "property": null + }, + { + "policyConfigMessage": "Config Retrieved! ", + "policyConfigStatus": "CONFIG_RETRIEVED", + "type": "JSON", + "config": "{\"service\":\"TimeLimitAndVerticalTopology\",\"policyName\":\"SNIRO_CM_1707.Demo_TimeLimitAndVerticalTopology_vnf_localTime\",\"description\":\"dev instance\",\"templateVersion\":\"1702.03\",\"version\":\"1707\",\"priority\":\"4\",\"riskType\":\"test\",\"riskLevel\":\"3\",\"guard\":\"False\",\"content\":{\"serviceType\":\"networkOnDemand\",\"identity\":\"vnf_upgrade_policy\",\"policyScope\":{\"serviceType\":[\"networkOnDemand\"],\"aicZone\":[\" \"],\"entityType\":[\"vnf\"]},\"timeSchedule\":{\"allowedPeriodicTime\":[{\"day\":\"weekday\",\"timeRange\":[{\"start_time\":\"04:00:00\",\"end_time\":\"13:00:00\"}]}]},\"nodeType\":[\"vnf\"],\"type\":\"timeLimitAndVerticalTopology\",\"conflictScope\":\"vnf\"}}", + "policyName": "SNIRO_CM_1707.Config_MS_Demo_TimeLimitAndVerticalTopology_vnf_localTime.1.xml", + "policyVersion": "1", + "matchingConditions": { + "ECOMPName": "SNIRO-Placement", + "ConfigName": "", + "service": "TimeLimitAndVerticalTopology", + "uuid": "", + "Location": "" + }, + "responseAttributes": {}, + "property": null + } + ] +*/ +@JsonInclude(JsonInclude.Include.NON_NULL) +@JsonPropertyOrder({ + "policyConfigMessage", + "policyConfigStatus", + "type", + "config", + "policyName", + "policyVersion", + "matchingConditions" +}) +public class RequestDetails { + + @JsonProperty("policyName") + private String policyName; + + @JsonProperty("policyName") + public String getPolicyName() { + return policyName; + } + + @JsonProperty("policyName") + public void setPolicyName(String policyName) { + this.policyName = policyName; + } + +} diff --git a/portal-BE/src/main/java/org/onap/portal/scheduler/restobjects/GetTimeSlotsRestObject.java b/portal-BE/src/main/java/org/onap/portal/scheduler/restobjects/GetTimeSlotsRestObject.java new file mode 100644 index 00000000..9b58266b --- /dev/null +++ b/portal-BE/src/main/java/org/onap/portal/scheduler/restobjects/GetTimeSlotsRestObject.java @@ -0,0 +1,44 @@ +/* + * ============LICENSE_START========================================== + * ONAP Portal + * =================================================================== + * Copyright (C) 2019 AT&T Intellectual Property. All rights reserved. + * =================================================================== + * Modifications Copyright (c) 2019 Samsung + * =================================================================== + * + * Unless otherwise specified, all software contained herein is licensed + * under the Apache License, Version 2.0 (the "License"); + * you may not use this software except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + * Unless otherwise specified, all documentation contained herein is licensed + * under the Creative Commons License, Attribution 4.0 Intl. (the "License"); + * you may not use this documentation except in compliance with the License. + * You may obtain a copy of the License at + * + * https://creativecommons.org/licenses/by/4.0/ + * + * Unless required by applicable law or agreed to in writing, documentation + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + * ============LICENSE_END============================================ + * + * + */ + +package org.onap.portal.scheduler.restobjects; + +public class GetTimeSlotsRestObject<T> extends RestObject<T> { +} diff --git a/portal-BE/src/main/java/org/onap/portal/scheduler/restobjects/PostCreateNewVnfRestObject.java b/portal-BE/src/main/java/org/onap/portal/scheduler/restobjects/PostCreateNewVnfRestObject.java new file mode 100644 index 00000000..c6aadd58 --- /dev/null +++ b/portal-BE/src/main/java/org/onap/portal/scheduler/restobjects/PostCreateNewVnfRestObject.java @@ -0,0 +1,50 @@ +/* + * ============LICENSE_START========================================== + * ONAP Portal + * =================================================================== + * Copyright (C) 2019 AT&T Intellectual Property. All rights reserved. + * =================================================================== + * Modifications Copyright (c) 2019 Samsung + * =================================================================== + * + * Unless otherwise specified, all software contained herein is licensed + * under the Apache License, Version 2.0 (the "License"); + * you may not use this software except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + * Unless otherwise specified, all documentation contained herein is licensed + * under the Creative Commons License, Attribution 4.0 Intl. (the "License"); + * you may not use this documentation except in compliance with the License. + * You may obtain a copy of the License at + * + * https://creativecommons.org/licenses/by/4.0/ + * + * Unless required by applicable law or agreed to in writing, documentation + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + * ============LICENSE_END============================================ + * + * + */ + +package org.onap.portal.scheduler.restobjects; + +public class PostCreateNewVnfRestObject<T> extends RestObject<T> { + + private String uuid; + + public void setUUID(String uuid) { this.uuid = uuid; } + + public String getUUID() { return this.uuid; } +} diff --git a/portal-BE/src/main/java/org/onap/portal/scheduler/restobjects/PostSubmitVnfChangeRestObject.java b/portal-BE/src/main/java/org/onap/portal/scheduler/restobjects/PostSubmitVnfChangeRestObject.java new file mode 100644 index 00000000..5e180865 --- /dev/null +++ b/portal-BE/src/main/java/org/onap/portal/scheduler/restobjects/PostSubmitVnfChangeRestObject.java @@ -0,0 +1,45 @@ + +/* + * ============LICENSE_START========================================== + * ONAP Portal + * =================================================================== + * Copyright (C) 2019 AT&T Intellectual Property. All rights reserved. + * =================================================================== + * Modifications Copyright (c) 2019 Samsung + * =================================================================== + * + * Unless otherwise specified, all software contained herein is licensed + * under the Apache License, Version 2.0 (the "License"); + * you may not use this software except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + * Unless otherwise specified, all documentation contained herein is licensed + * under the Creative Commons License, Attribution 4.0 Intl. (the "License"); + * you may not use this documentation except in compliance with the License. + * You may obtain a copy of the License at + * + * https://creativecommons.org/licenses/by/4.0/ + * + * Unless required by applicable law or agreed to in writing, documentation + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + * ============LICENSE_END============================================ + * + * + */ + +package org.onap.portal.scheduler.restobjects; + +public class PostSubmitVnfChangeRestObject<T> extends RestObject<T> { +} diff --git a/portal-BE/src/main/java/org/onap/portal/scheduler/restobjects/RestObject.java b/portal-BE/src/main/java/org/onap/portal/scheduler/restobjects/RestObject.java new file mode 100644 index 00000000..f0a67ae8 --- /dev/null +++ b/portal-BE/src/main/java/org/onap/portal/scheduler/restobjects/RestObject.java @@ -0,0 +1,65 @@ +/* + * ============LICENSE_START========================================== + * ONAP Portal + * =================================================================== + * Copyright (C) 2019 AT&T Intellectual Property. All rights reserved. + * =================================================================== + * Modifications Copyright (c) 2019 Samsung + * =================================================================== + * + * Unless otherwise specified, all software contained herein is licensed + * under the Apache License, Version 2.0 (the "License"); + * you may not use this software except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + * Unless otherwise specified, all documentation contained herein is licensed + * under the Creative Commons License, Attribution 4.0 Intl. (the "License"); + * you may not use this documentation except in compliance with the License. + * You may obtain a copy of the License at + * + * https://creativecommons.org/licenses/by/4.0/ + * + * Unless required by applicable law or agreed to in writing, documentation + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + * ============LICENSE_END============================================ + * + * + */ + +package org.onap.portal.scheduler.restobjects; + +import lombok.AllArgsConstructor; +import lombok.Getter; +import lombok.NoArgsConstructor; +import lombok.Setter; + +@Getter +@Setter +@NoArgsConstructor +@AllArgsConstructor +public class RestObject<T> { + + private T t; + private int statusCode= 0; + private String uuid; + + public T getT() { + return t; + } + public void setT(T t) { + this.t = t; + } +} + diff --git a/portal-BE/src/main/java/org/onap/portal/scheduler/util/CustomJacksonJaxBJsonProvider.java b/portal-BE/src/main/java/org/onap/portal/scheduler/util/CustomJacksonJaxBJsonProvider.java new file mode 100644 index 00000000..e26975e6 --- /dev/null +++ b/portal-BE/src/main/java/org/onap/portal/scheduler/util/CustomJacksonJaxBJsonProvider.java @@ -0,0 +1,80 @@ +/* + * ============LICENSE_START========================================== + * ONAP Portal + * =================================================================== + * Copyright (C) 2019 AT&T Intellectual Property. All rights reserved. + * =================================================================== + * Modifications Copyright (c) 2019 Samsung + * =================================================================== + * + * Unless otherwise specified, all software contained herein is licensed + * under the Apache License, Version 2.0 (the "License"); + * you may not use this software except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + * Unless otherwise specified, all documentation contained herein is licensed + * under the Creative Commons License, Attribution 4.0 Intl. (the "License"); + * you may not use this documentation except in compliance with the License. + * You may obtain a copy of the License at + * + * https://creativecommons.org/licenses/by/4.0/ + * + * Unless required by applicable law or agreed to in writing, documentation + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + * ============LICENSE_END============================================ + * + * + */ + +package org.onap.portal.scheduler.util; + + +import com.fasterxml.jackson.annotation.JsonInclude; +import com.fasterxml.jackson.databind.DeserializationFeature; +import com.fasterxml.jackson.databind.ObjectMapper; +import com.fasterxml.jackson.databind.SerializationFeature; +import com.fasterxml.jackson.jaxrs.json.JacksonJaxbJsonProvider; +import com.fasterxml.jackson.module.jaxb.JaxbAnnotationModule; +import javax.ws.rs.ext.Provider; + +@Provider +public class CustomJacksonJaxBJsonProvider extends JacksonJaxbJsonProvider { + + private static ObjectMapper commonMapper = null; + + public CustomJacksonJaxBJsonProvider() { + if (commonMapper == null) { + ObjectMapper mapper = new ObjectMapper(); + + mapper.setSerializationInclusion(JsonInclude.Include.NON_NULL); + + mapper.configure(SerializationFeature.WRITE_DATES_AS_TIMESTAMPS, false); + mapper.configure(SerializationFeature.INDENT_OUTPUT, false); + mapper.configure(SerializationFeature.WRAP_ROOT_VALUE, false); + + mapper.configure(DeserializationFeature.FAIL_ON_UNKNOWN_PROPERTIES, false); + mapper.configure(DeserializationFeature.UNWRAP_ROOT_VALUE, false); + + mapper.registerModule(new JaxbAnnotationModule()); + + commonMapper = mapper; + } + super.setMapper(commonMapper); + } + + public ObjectMapper getMapper() { + return commonMapper; + } +} diff --git a/portal-BE/src/main/java/org/onap/portal/scheduler/wrapper/GetTimeSlotsWrapper.java b/portal-BE/src/main/java/org/onap/portal/scheduler/wrapper/GetTimeSlotsWrapper.java new file mode 100644 index 00000000..8ebb6217 --- /dev/null +++ b/portal-BE/src/main/java/org/onap/portal/scheduler/wrapper/GetTimeSlotsWrapper.java @@ -0,0 +1,42 @@ +/*- + * ============LICENSE_START========================================== + * ONAP Portal + * =================================================================== + * Copyright (C) 2017 AT&T Intellectual Property. All rights reserved. + * =================================================================== + * + * Unless otherwise specified, all software contained herein is licensed + * under the Apache License, Version 2.0 (the "License"); + * you may not use this software except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + * Unless otherwise specified, all documentation contained herein is licensed + * under the Creative Commons License, Attribution 4.0 Intl. (the "License"); + * you may not use this documentation except in compliance with the License. + * You may obtain a copy of the License at + * + * https://creativecommons.org/licenses/by/4.0/ + * + * Unless required by applicable law or agreed to in writing, documentation + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + * ============LICENSE_END============================================ + * + * + */ +package org.onap.portal.scheduler.wrapper; + +public class GetTimeSlotsWrapper extends SchedulerResponseWrapper { + +} diff --git a/portal-BE/src/main/java/org/onap/portal/scheduler/wrapper/PostCreateNewVnfWrapper.java b/portal-BE/src/main/java/org/onap/portal/scheduler/wrapper/PostCreateNewVnfWrapper.java new file mode 100644 index 00000000..1e13c4c5 --- /dev/null +++ b/portal-BE/src/main/java/org/onap/portal/scheduler/wrapper/PostCreateNewVnfWrapper.java @@ -0,0 +1,82 @@ +/*- + * ============LICENSE_START========================================== + * ONAP Portal + * =================================================================== + * Copyright (C) 2017 AT&T Intellectual Property. All rights reserved. + * =================================================================== + * + * Unless otherwise specified, all software contained herein is licensed + * under the Apache License, Version 2.0 (the "License"); + * you may not use this software except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + * Unless otherwise specified, all documentation contained herein is licensed + * under the Creative Commons License, Attribution 4.0 Intl. (the "License"); + * you may not use this documentation except in compliance with the License. + * You may obtain a copy of the License at + * + * https://creativecommons.org/licenses/by/4.0/ + * + * Unless required by applicable law or agreed to in writing, documentation + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + * ============LICENSE_END============================================ + * + * + */ +package org.onap.portal.scheduler.wrapper; + +import com.fasterxml.jackson.annotation.JsonInclude; +import com.fasterxml.jackson.annotation.JsonProperty; +import com.fasterxml.jackson.annotation.JsonPropertyOrder; +import com.fasterxml.jackson.core.JsonProcessingException; +import com.fasterxml.jackson.databind.ObjectMapper; +import java.io.IOException; +import java.util.LinkedHashMap; +import java.util.Map; +import org.apache.commons.lang.builder.ToStringBuilder; + +@JsonInclude(JsonInclude.Include.NON_NULL) +@JsonPropertyOrder({ "uuid" }) +public class PostCreateNewVnfWrapper extends SchedulerResponseWrapper { + + @JsonProperty("uuid") + private String uuid; + + @JsonProperty("uuid") + public String getUuid() { + return uuid; + } + + @JsonProperty("uuid") + public void setUuid(String v) { + this.uuid = v; + } + + @Override + public String toString() { + return ToStringBuilder.reflectionToString(this); + } + + public String getResponse() throws JsonProcessingException, IOException { + + Map<String, Object> map = new LinkedHashMap<>(); + map.put("status", getStatus()); + map.put("entity", getEntity()); + map.put("uuid", getUuid()); + ObjectMapper objectMapper = new ObjectMapper(); + String jsonResponse = objectMapper.writeValueAsString(map); + return jsonResponse; + } +} diff --git a/portal-BE/src/main/java/org/onap/portal/scheduler/wrapper/PostSubmitVnfChangeTimeSlotsWrapper.java b/portal-BE/src/main/java/org/onap/portal/scheduler/wrapper/PostSubmitVnfChangeTimeSlotsWrapper.java new file mode 100644 index 00000000..b323b28d --- /dev/null +++ b/portal-BE/src/main/java/org/onap/portal/scheduler/wrapper/PostSubmitVnfChangeTimeSlotsWrapper.java @@ -0,0 +1,82 @@ +/*- + * ============LICENSE_START========================================== + * ONAP Portal + * =================================================================== + * Copyright (C) 2017 AT&T Intellectual Property. All rights reserved. + * =================================================================== + * + * Unless otherwise specified, all software contained herein is licensed + * under the Apache License, Version 2.0 (the "License"); + * you may not use this software except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + * Unless otherwise specified, all documentation contained herein is licensed + * under the Creative Commons License, Attribution 4.0 Intl. (the "License"); + * you may not use this documentation except in compliance with the License. + * You may obtain a copy of the License at + * + * https://creativecommons.org/licenses/by/4.0/ + * + * Unless required by applicable law or agreed to in writing, documentation + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + * ============LICENSE_END============================================ + * + * + */ +package org.onap.portal.scheduler.wrapper; + +import com.fasterxml.jackson.annotation.JsonInclude; +import com.fasterxml.jackson.annotation.JsonProperty; +import com.fasterxml.jackson.annotation.JsonPropertyOrder; +import com.fasterxml.jackson.core.JsonProcessingException; +import com.fasterxml.jackson.databind.ObjectMapper; +import java.io.IOException; +import java.util.LinkedHashMap; +import java.util.Map; +import org.apache.commons.lang.builder.ToStringBuilder; + +@JsonInclude(JsonInclude.Include.NON_NULL) +@JsonPropertyOrder({ "uuid" }) +public class PostSubmitVnfChangeTimeSlotsWrapper extends SchedulerResponseWrapper { + @JsonProperty("uuid") + private String uuid; + + @JsonProperty("uuid") + public String getUuid() { + return uuid; + } + + @JsonProperty("uuid") + public void setUuid(String v) { + this.uuid = v; + } + + @Override + public String toString() { + return ToStringBuilder.reflectionToString(this); + } + + public String getResponse() throws JsonProcessingException, IOException { + + Map<String, Object> map = new LinkedHashMap<>(); + map.put("status", getStatus()); + map.put("entity", getEntity()); + map.put("uuid", getUuid()); + ObjectMapper objectMapper = new ObjectMapper(); + String jsonResponse = objectMapper.writeValueAsString(map); + return jsonResponse; + + } +} diff --git a/portal-BE/src/main/java/org/onap/portal/scheduler/wrapper/SchedulerResponseWrapper.java b/portal-BE/src/main/java/org/onap/portal/scheduler/wrapper/SchedulerResponseWrapper.java new file mode 100644 index 00000000..20c828be --- /dev/null +++ b/portal-BE/src/main/java/org/onap/portal/scheduler/wrapper/SchedulerResponseWrapper.java @@ -0,0 +1,105 @@ +/*- + * ============LICENSE_START========================================== + * ONAP Portal + * =================================================================== + * Copyright (C) 2017 AT&T Intellectual Property. All rights reserved. + * =================================================================== + * + * Unless otherwise specified, all software contained herein is licensed + * under the Apache License, Version 2.0 (the "License"); + * you may not use this software except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + * Unless otherwise specified, all documentation contained herein is licensed + * under the Creative Commons License, Attribution 4.0 Intl. (the "License"); + * you may not use this documentation except in compliance with the License. + * You may obtain a copy of the License at + * + * https://creativecommons.org/licenses/by/4.0/ + * + * Unless required by applicable law or agreed to in writing, documentation + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + * ============LICENSE_END============================================ + * + * + */ +package org.onap.portal.scheduler.wrapper; + +import com.fasterxml.jackson.annotation.JsonInclude; +import com.fasterxml.jackson.annotation.JsonProperty; +import com.fasterxml.jackson.annotation.JsonPropertyOrder; +import com.fasterxml.jackson.core.JsonProcessingException; +import com.fasterxml.jackson.databind.ObjectMapper; +import java.io.IOException; +import java.util.LinkedHashMap; +import java.util.Map; +import org.apache.commons.lang.builder.ToStringBuilder; + +/** + * This wrapper encapsulates the Scheduler response + */ +@JsonInclude(JsonInclude.Include.NON_NULL) +@JsonPropertyOrder({ "status", "entity" }) + +public class SchedulerResponseWrapper { + + @JsonProperty("status") + private int status; + + @JsonProperty("entity") + private String entity; + + @JsonProperty("entity") + public String getEntity() { + return entity; + } + + @JsonProperty("status") + public int getStatus() { + return status; + } + + @JsonProperty("status") + public void setStatus(int v) { + this.status = v; + } + + @JsonProperty("entity") + public void setEntity(String v) { + this.entity = v; + } + + @Override + public String toString() { + return ToStringBuilder.reflectionToString(this); + } + + public String getResponse() throws JsonProcessingException, IOException { + /* + * StringBuilder b = new StringBuilder ("{ \"status\": "); + * + * b.append(getStatus()).append(", \"entity\": " + * ).append(this.getEntity()).append("}"); return (b.toString()); + */ + + Map<String, Object> map = new LinkedHashMap<>(); + map.put("status", getStatus()); + map.put("entity", getEntity()); + ObjectMapper objectMapper = new ObjectMapper(); + String jsonResponse = objectMapper.writeValueAsString(map); + return jsonResponse; + + } +} diff --git a/portal-BE/src/main/java/org/onap/portal/service/AdminRolesService.java b/portal-BE/src/main/java/org/onap/portal/service/AdminRolesService.java index 059979d2..5b721836 100644 --- a/portal-BE/src/main/java/org/onap/portal/service/AdminRolesService.java +++ b/portal-BE/src/main/java/org/onap/portal/service/AdminRolesService.java @@ -92,6 +92,7 @@ import org.onap.portal.domain.dto.transport.Role; import org.onap.portal.domain.dto.transport.RoleInAppForUser; import org.onap.portal.domain.dto.transport.RolesInAppForUser; import org.onap.portal.exception.DeleteDomainObjectFailedException; +import org.onap.portal.exception.RoleFunctionException; import org.onap.portal.exception.SyncUserRolesException; import org.onap.portal.logging.format.EPAppMessagesEnum; import org.onap.portal.logging.logic.EPLogUtil; @@ -127,1750 +128,1799 @@ import org.springframework.web.client.RestTemplate; @Transactional public class AdminRolesService { - private final EELFLoggerDelegate logger = EELFLoggerDelegate.getLogger(AdminRolesService.class); - private static final Object syncRests = new Object(); - private final RestTemplate template = new RestTemplate(); - - private Long SYS_ADMIN_ROLE_ID = 38L; - private final Long ACCOUNT_ADMIN_ROLE_ID = 999L; - private final Long ECOMP_APP_ID = 1L; - private final String ADMIN_ACCOUNT = "Is account admin for user {}"; - - private final AppsCacheService appsCacheService; - private final EntityManager entityManager; - private final FnUserService fnUserService; - private final FnRoleService fnRoleService; - private final FnAppService fnAppService; - private final FnMenuFunctionalService fnMenuFunctionalService; - private final FnUserRoleService fnUserRoleService; - private final EpAppFunctionService epAppFunctionService; - private final EcompUserAppRolesService ecompUserAppRolesService; - private final FnMenuFunctionalRolesService fnMenuFunctionalRolesService; - private final ApplicationsRestClientService applicationsRestClientService; - private final EpUserRolesRequestDetService epUserRolesRequestDetService; - private final ExternalAccessRolesService externalAccessRolesService; - private final EpUserRolesRequestService epUserRolesRequestService; - - @Autowired - public AdminRolesService(AppsCacheService appsCacheService, - final EntityManager entityManager, - final FnUserService fnUserService, FnRoleService fnRoleService, - FnAppService fnAppService, - FnMenuFunctionalService fnMenuFunctionalService, - final FnUserRoleService fnUserRoleService, - EpAppFunctionService epAppFunctionService, - EcompUserAppRolesService ecompUserAppRolesService, - FnMenuFunctionalRolesService fnMenuFunctionalRolesService, - ApplicationsRestClientService applicationsRestClientService, - EpUserRolesRequestDetService epUserRolesRequestDetService, - ExternalAccessRolesService externalAccessRolesService, - EpUserRolesRequestService epUserRolesRequestService) { - this.appsCacheService = appsCacheService; - this.entityManager = entityManager; - this.fnUserService = fnUserService; - this.fnRoleService = fnRoleService; - this.fnAppService = fnAppService; - this.fnMenuFunctionalService = fnMenuFunctionalService; - this.fnUserRoleService = fnUserRoleService; - this.epAppFunctionService = epAppFunctionService; - this.ecompUserAppRolesService = ecompUserAppRolesService; - this.fnMenuFunctionalRolesService = fnMenuFunctionalRolesService; - this.applicationsRestClientService = applicationsRestClientService; - this.epUserRolesRequestDetService = epUserRolesRequestDetService; - this.externalAccessRolesService = externalAccessRolesService; - this.epUserRolesRequestService = epUserRolesRequestService; - } - - public boolean isSuperAdmin(final String loginId) { - boolean isSuperAdmin; - try { - isSuperAdmin = fnUserRoleService - .isSuperAdmin(loginId, SYS_ADMIN_ROLE_ID, ECOMP_APP_ID); - } catch (Exception e) { - logger.error("isSuperAdmin exception: " + e.toString()); - throw e; + private final EELFLoggerDelegate logger = EELFLoggerDelegate.getLogger(AdminRolesService.class); + private static final Object syncRests = new Object(); + private final RestTemplate template = new RestTemplate(); + + private Long SYS_ADMIN_ROLE_ID = 38L; + private final Long ACCOUNT_ADMIN_ROLE_ID = 999L; + private final Long ECOMP_APP_ID = 1L; + private final String ADMIN_ACCOUNT = "Is account admin for user {}"; + + private final AppsCacheService appsCacheService; + private final EntityManager entityManager; + private final FnUserService fnUserService; + private final FnRoleService fnRoleService; + private final FnAppService fnAppService; + private final FnMenuFunctionalService fnMenuFunctionalService; + private final FnUserRoleService fnUserRoleService; + private final EpAppFunctionService epAppFunctionService; + private final EcompUserAppRolesService ecompUserAppRolesService; + private final FnMenuFunctionalRolesService fnMenuFunctionalRolesService; + private final ApplicationsRestClientService applicationsRestClientService; + private final EpUserRolesRequestDetService epUserRolesRequestDetService; + private final ExternalAccessRolesService externalAccessRolesService; + private final EpUserRolesRequestService epUserRolesRequestService; + + @Autowired + public AdminRolesService(AppsCacheService appsCacheService, + final EntityManager entityManager, + final FnUserService fnUserService, FnRoleService fnRoleService, + FnAppService fnAppService, + FnMenuFunctionalService fnMenuFunctionalService, + final FnUserRoleService fnUserRoleService, + EpAppFunctionService epAppFunctionService, + EcompUserAppRolesService ecompUserAppRolesService, + FnMenuFunctionalRolesService fnMenuFunctionalRolesService, + ApplicationsRestClientService applicationsRestClientService, + EpUserRolesRequestDetService epUserRolesRequestDetService, + ExternalAccessRolesService externalAccessRolesService, + EpUserRolesRequestService epUserRolesRequestService) { + this.appsCacheService = appsCacheService; + this.entityManager = entityManager; + this.fnUserService = fnUserService; + this.fnRoleService = fnRoleService; + this.fnAppService = fnAppService; + this.fnMenuFunctionalService = fnMenuFunctionalService; + this.fnUserRoleService = fnUserRoleService; + this.epAppFunctionService = epAppFunctionService; + this.ecompUserAppRolesService = ecompUserAppRolesService; + this.fnMenuFunctionalRolesService = fnMenuFunctionalRolesService; + this.applicationsRestClientService = applicationsRestClientService; + this.epUserRolesRequestDetService = epUserRolesRequestDetService; + this.externalAccessRolesService = externalAccessRolesService; + this.epUserRolesRequestService = epUserRolesRequestService; } - logger.info("isSuperAdmin " + isSuperAdmin); - return isSuperAdmin; - } - - public boolean isAccountAdmin(final long userId, final String orgUserId, final Set<FnUserRole> userApps) { - try { - logger.debug(EELFLoggerDelegate.debugLogger, ADMIN_ACCOUNT, userId); - List<Integer> userAdminApps = getAdminAppsForTheUser(userId); - logger.debug(EELFLoggerDelegate.debugLogger, - "Is account admin for userAdminApps() - for user {}, found userAdminAppsSize {}", - orgUserId, userAdminApps.size()); - - for (FnUserRole userApp : userApps) { - if (userApp.getRoleId().getId().equals(ACCOUNT_ADMIN_ROLE_ID) || ( - userAdminApps.size() > 1)) { - logger.debug(EELFLoggerDelegate.debugLogger, - "Is account admin for userAdminApps() - for user {}, found Id {}", - orgUserId, userApp.getRoleId().getId()); - return true; + + public boolean isSuperAdmin(final String loginId) { + boolean isSuperAdmin; + try { + isSuperAdmin = fnUserRoleService + .isSuperAdmin(loginId, SYS_ADMIN_ROLE_ID, ECOMP_APP_ID); + } catch (Exception e) { + logger.error("isSuperAdmin exception: " + e.toString()); + throw e; } - } - } catch (Exception e) { - EPLogUtil.logEcompError(logger, EPAppMessagesEnum.BeDaoSystemError, e); - logger.error(EELFLoggerDelegate.errorLogger, - "Exception occurred while executing isAccountAdmin operation", - e); + logger.info("isSuperAdmin " + isSuperAdmin); + return isSuperAdmin; } - return false; - } - - public boolean isUser(final long userId) { - try { - FnUser currentUser = fnUserService.getUser(userId).orElseThrow(Exception::new); - if (currentUser != null && currentUser.getId() != null) { - for (FnUserRole userApp : currentUser.getUserApps()) { - if (!userApp.getFnAppId().getId().equals(ECOMP_APP_ID)) { - FnRole role = userApp.getRoleId(); - if (!role.getId().equals(SYS_ADMIN_ROLE_ID) && !role.getId() - .equals(ACCOUNT_ADMIN_ROLE_ID)) { - if (role.getActiveYn()) { - return true; - } + + public boolean isAccountAdmin(final long userId, final String orgUserId, final Set<FnUserRole> userApps) { + try { + logger.debug(EELFLoggerDelegate.debugLogger, ADMIN_ACCOUNT, userId); + List<Integer> userAdminApps = getAdminAppsForTheUser(userId); + logger.debug(EELFLoggerDelegate.debugLogger, + "Is account admin for userAdminApps() - for user {}, found userAdminAppsSize {}", + orgUserId, userAdminApps.size()); + + for (FnUserRole userApp : userApps) { + if (userApp.getRoleId().getId().equals(ACCOUNT_ADMIN_ROLE_ID) || ( + userAdminApps.size() > 1)) { + logger.debug(EELFLoggerDelegate.debugLogger, + "Is account admin for userAdminApps() - for user {}, found Id {}", + orgUserId, userApp.getRoleId().getId()); + return true; + } } - } + } catch (Exception e) { + EPLogUtil.logEcompError(logger, EPAppMessagesEnum.BeDaoSystemError, e); + logger.error(EELFLoggerDelegate.errorLogger, + "Exception occurred while executing isAccountAdmin operation", + e); } - } - } catch (Exception e) { - EPLogUtil.logEcompError(logger, EPAppMessagesEnum.BeDaoSystemError, e); - logger.error(EELFLoggerDelegate.errorLogger, "Exception occurred while executing isUser operation", - e); + return false; } - return false; - } - - public boolean isRoleAdmin(Long userId) { - try { - logger.debug(EELFLoggerDelegate.debugLogger, "Checking if user has isRoleAdmin access"); - List getRoleFuncListOfUser = fnUserRoleService.getRoleFunctionsOfUserforAlltheApplications(userId); - logger.debug(EELFLoggerDelegate.debugLogger, - "Checking if user has isRoleAdmin access :: getRoleFuncListOfUser", getRoleFuncListOfUser); - Set<String> getRoleFuncListOfPortalSet = new HashSet<>(getRoleFuncListOfUser); - Set<String> getRoleFuncListOfPortalSet1 = new HashSet<>(); - Set<String> roleFunSet; - roleFunSet = getRoleFuncListOfPortalSet.stream().filter(x -> x.contains("|")) - .collect(Collectors.toSet()); - if (!roleFunSet.isEmpty()) { - for (String roleFunction : roleFunSet) { - String type = externalAccessRolesService.getFunctionCodeType(roleFunction); - getRoleFuncListOfPortalSet1.add(type); - } - } - - boolean checkIfFunctionsExits = getRoleFuncListOfPortalSet1.stream() - .anyMatch(roleFunction -> roleFunction.equalsIgnoreCase("Approver")); - logger.debug(EELFLoggerDelegate.debugLogger, "Checking if user has approver rolefunction", - checkIfFunctionsExits); - return checkIfFunctionsExits; - - } catch (Exception e) { - EPLogUtil.logEcompError(logger, EPAppMessagesEnum.BeDaoSystemError, e); - logger.error(EELFLoggerDelegate.errorLogger, - "Exception occurred while executing isRoleAdmin operation", - e); - } - return false; - } - - private boolean isAccountAdminOfApplication(Long userId, FnApp app) { - boolean isApplicationAccountAdmin = false; - try { - logger.debug(EELFLoggerDelegate.debugLogger, ADMIN_ACCOUNT, userId); - List<Integer> userAdminApps = getAdminAppsForTheUser(userId); - if (!userAdminApps.isEmpty()) { - isApplicationAccountAdmin = userAdminApps.contains(app.getId()); - logger.debug(EELFLoggerDelegate.debugLogger, "Is account admin for user is true{} ,appId {}", userId, - app.getId()); - } - } catch (Exception e) { - EPLogUtil.logEcompError(logger, EPAppMessagesEnum.BeDaoSystemError, e); - logger.error(EELFLoggerDelegate.errorLogger, - "Exception occurred while executing isAccountAdminOfApplication operation", e); - } - logger.debug(EELFLoggerDelegate.debugLogger, - "In AdminRolesServiceImpl() - isAccountAdminOfApplication = {} and userId ={} ", isApplicationAccountAdmin, - userId); - return isApplicationAccountAdmin; - - } - - private List<Integer> getAdminAppsForTheUser(final Long userId) { - String query = "select fa.app_id from fn_user_role ur,fn_app fa where ur.user_id =:userId and ur.app_id=fa.app_id and ur.role_id= 999 and (fa.enabled = 'Y' || fa.app_id=1)"; - return entityManager.createQuery(query, Integer.class) - .setParameter("userId", userId).getResultList(); - } - - public ExternalRequestFieldsValidator setAppWithUserRoleStateForUser(FnUser user, - AppWithRolesForUser newAppRolesForUser) { - boolean result = false; - boolean epRequestValue = false; - String userId = ""; - String reqMessage = ""; - if (newAppRolesForUser != null && newAppRolesForUser.getOrgUserId() != null) { - userId = newAppRolesForUser.getOrgUserId().trim(); - } - Long appId = newAppRolesForUser.getAppId(); - List<RoleInAppForUser> roleInAppForUserList = newAppRolesForUser.getAppRoles(); - - if (userId.length() > 0) { - ObjectMapper mapper = new ObjectMapper(); - mapper.configure(DeserializationFeature.FAIL_ON_UNKNOWN_PROPERTIES, false); - - try { - FnApp app = fnAppService.getById(appId); - - boolean checkIfUserisApplicationAccAdmin = isAccountAdminOfApplication(user.getId(), - app); - Set<EcompRole> rolesGotDeletedFromApprover = new TreeSet<>(); - - boolean checkIfUserIsOnlyRoleAdmin = - isRoleAdmin(user.getId()) && !checkIfUserisApplicationAccAdmin; - if (checkIfUserIsOnlyRoleAdmin) { - for (RoleInAppForUser roleInAppForUser : roleInAppForUserList) { - if (!roleInAppForUser.getIsApplied()) { - EcompRole ecompRole = new EcompRole(); - ecompRole.setId(roleInAppForUser.getRoleId()); - ecompRole.setName(roleInAppForUser.getRoleName()); - rolesGotDeletedFromApprover.add(ecompRole); + public boolean isUser(final long userId) { + try { + FnUser currentUser = fnUserService.getUser(userId).orElseThrow(Exception::new); + if (currentUser != null && currentUser.getId() != null) { + for (FnUserRole userApp : currentUser.getUserApps()) { + if (!userApp.getFnAppId().getId().equals(ECOMP_APP_ID)) { + FnRole role = userApp.getRoleId(); + if (!role.getId().equals(SYS_ADMIN_ROLE_ID) && !role.getId() + .equals(ACCOUNT_ADMIN_ROLE_ID)) { + if (role.getActiveYn()) { + return true; + } + } + } + } } - } + } catch (Exception e) { + EPLogUtil.logEcompError(logger, EPAppMessagesEnum.BeDaoSystemError, e); + logger.error(EELFLoggerDelegate.errorLogger, "Exception occurred while executing isUser operation", + e); } + return false; + } - applyChangesToUserAppRolesForMyLoginsRequest(user, appId); - - boolean systemUser = newAppRolesForUser.isSystemUser(); - - if ((app.getAuthCentral() || app.getId().equals(PortalConstants.PORTAL_APP_ID)) - && systemUser) { - - Set<EcompRole> userRolesInLocalApp = postUsersRolesToLocalApp(roleInAppForUserList); - RolesInAppForUser rolesInAppForUser = constructRolesInAppForUserUpdate(userId, appId, - userRolesInLocalApp); - List<RoleInAppForUser> roleAppUserList = rolesInAppForUser.getRoles(); - Set<EcompRole> rolesGotDeletedByApprover = new TreeSet<>(); - if (EcompPortalUtils.checkIfRemoteCentralAccessAllowed()) { - // Apply changes in external Access system - - updateUserRolesInExternalSystem(app, rolesInAppForUser.getOrgUserId(), - roleAppUserList, - epRequestValue, systemUser, rolesGotDeletedByApprover, false); - } - result = applyChangesInUserRolesForAppToEcompDB(rolesInAppForUser, epRequestValue, - "Portal", - systemUser, rolesGotDeletedByApprover, false); - - } else if (!app.getAuthCentral() && systemUser) { - throw new Exception("For non-centralized application we cannot add systemUser"); - } else { // if centralized app - if (app.getAuthCentral()) { - if (!app.getId().equals(PortalConstants.PORTAL_APP_ID)) { - pushRemoteUser(roleInAppForUserList, userId, app, mapper, - applicationsRestClientService, false); + public boolean isRoleAdmin(Long userId) { + try { + logger.debug(EELFLoggerDelegate.debugLogger, "Checking if user has isRoleAdmin access"); + List getRoleFuncListOfUser = fnUserRoleService.getRoleFunctionsOfUserforAlltheApplications(userId); + logger.debug(EELFLoggerDelegate.debugLogger, + "Checking if user has isRoleAdmin access :: getRoleFuncListOfUser", getRoleFuncListOfUser); + Set<String> getRoleFuncListOfPortalSet = new HashSet<>(getRoleFuncListOfUser); + Set<String> getRoleFuncListOfPortalSet1 = new HashSet<>(); + Set<String> roleFunSet; + roleFunSet = getRoleFuncListOfPortalSet.stream().filter(x -> x.contains("|")) + .collect(Collectors.toSet()); + if (!roleFunSet.isEmpty()) { + for (String roleFunction : roleFunSet) { + String type = externalAccessRolesService.getFunctionCodeType(roleFunction); + getRoleFuncListOfPortalSet1.add(type); + } } - Set<EcompRole> userRolesInLocalApp = postUsersRolesToLocalApp( - roleInAppForUserList); - RolesInAppForUser rolesInAppForUser = constructRolesInAppForUserUpdate(userId, - appId, - userRolesInLocalApp); - List<RoleInAppForUser> roleAppUserList = rolesInAppForUser.getRoles(); - if (EcompPortalUtils.checkIfRemoteCentralAccessAllowed()) { + boolean checkIfFunctionsExits = getRoleFuncListOfPortalSet1.stream() + .anyMatch(roleFunction -> roleFunction.equalsIgnoreCase("Approver")); + logger.debug(EELFLoggerDelegate.debugLogger, "Checking if user has approver rolefunction", + checkIfFunctionsExits); - // Apply changes in external Access system - updateUserRolesInExternalSystem(app, rolesInAppForUser.getOrgUserId(), - roleAppUserList, - epRequestValue, false, rolesGotDeletedFromApprover, - checkIfUserIsOnlyRoleAdmin); - } - result = applyChangesInUserRolesForAppToEcompDB(rolesInAppForUser, - epRequestValue, "Portal", systemUser, rolesGotDeletedFromApprover, - checkIfUserIsOnlyRoleAdmin); - } - // In case if portal is not centralized then follow existing approach - else if (!app.getAuthCentral() && app.getId() - .equals(PortalConstants.PORTAL_APP_ID)) { - Set<EcompRole> userRolesInLocalApp = postUsersRolesToLocalApp( - roleInAppForUserList); - RolesInAppForUser rolesInAppForUser = constructRolesInAppForUserUpdate(userId, - appId, - userRolesInLocalApp); - Set<EcompRole> rolesGotDeletedByApprover = new TreeSet<>(); - result = applyChangesInUserRolesForAppToEcompDB(rolesInAppForUser, - epRequestValue, "Portal", false, rolesGotDeletedByApprover, false); - } else {// remote app - FnUser remoteAppUser; - if (!app.getAuthCentral() && !app.getId() - .equals(PortalConstants.PORTAL_APP_ID)) { - - remoteAppUser = checkIfRemoteUserExits(userId, app, - applicationsRestClientService); - - if (remoteAppUser == null) { - addRemoteUser(roleInAppForUserList, userId, app, - mapper, applicationsRestClientService); - } - Set<EcompRole> userRolesInRemoteApp = postUsersRolesToRemoteApp( - roleInAppForUserList, mapper, - applicationsRestClientService, appId, userId); - RolesInAppForUser rolesInAppForUser = constructRolesInAppForUserUpdate( - userId, appId, - userRolesInRemoteApp); - Set<EcompRole> rolesGotDeletedByApprover = new TreeSet<>(); - result = applyChangesInUserRolesForAppToEcompDB(rolesInAppForUser, - epRequestValue, null, false, rolesGotDeletedByApprover, false); - - // If no roles remain, request app to set user inactive. - if (userRolesInRemoteApp.size() == 0) { - logger.debug(EELFLoggerDelegate.debugLogger, - "setAppWithUserRoleStateForUser: no roles in app {}, set user {} to inactive", - app, - userId); - postUserToRemoteApp(userId, app, - applicationsRestClientService); - } - } - } + return checkIfFunctionsExits; + + } catch (Exception e) { + EPLogUtil.logEcompError(logger, EPAppMessagesEnum.BeDaoSystemError, e); + logger.error(EELFLoggerDelegate.errorLogger, + "Exception occurred while executing isRoleAdmin operation", + e); } - } catch (Exception e) { - String message = String.format( - "Failed to create user or update user roles for User %s, AppId %s", - userId, Long.toString(appId)); - logger.error(EELFLoggerDelegate.errorLogger, message, e); - result = false; - reqMessage = e.getMessage(); - } + return false; } - //return result; - return new ExternalRequestFieldsValidator(result, reqMessage); - } + private boolean isAccountAdminOfApplication(Long userId, FnApp app) { + boolean isApplicationAccountAdmin = false; + try { + logger.debug(EELFLoggerDelegate.debugLogger, ADMIN_ACCOUNT, userId); + List<Integer> userAdminApps = getAdminAppsForTheUser(userId); + if (!userAdminApps.isEmpty()) { + isApplicationAccountAdmin = userAdminApps.contains(app.getId()); + logger.debug(EELFLoggerDelegate.debugLogger, "Is account admin for user is true{} ,appId {}", userId, + app.getId()); + } + } catch (Exception e) { + EPLogUtil.logEcompError(logger, EPAppMessagesEnum.BeDaoSystemError, e); + logger.error(EELFLoggerDelegate.errorLogger, + "Exception occurred while executing isAccountAdminOfApplication operation", e); + } + logger.debug(EELFLoggerDelegate.debugLogger, + "In AdminRolesServiceImpl() - isAccountAdminOfApplication = {} and userId ={} ", isApplicationAccountAdmin, + userId); + return isApplicationAccountAdmin; - private void pushRemoteUser(List<RoleInAppForUser> roleInAppForUserList, String userId, FnApp app, - ObjectMapper mapper, ApplicationsRestClientService applicationsRestClientService, boolean appRoleIdUsed) - throws Exception { - pushUserOnRemoteApp(userId, app, applicationsRestClientService, mapper, - roleInAppForUserList, appRoleIdUsed); - } + } + private List<Integer> getAdminAppsForTheUser(final Long userId) { + String query = "select fa.app_id from fn_user_role ur,fn_app fa where ur.user_id =:userId and ur.app_id=fa.app_id and ur.role_id= 999 and (fa.enabled = 'Y' || fa.app_id=1)"; + return entityManager.createQuery(query, Integer.class) + .setParameter("userId", userId).getResultList(); + } - private void postUserToRemoteApp(String userId, FnApp app, - ApplicationsRestClientService applicationsRestClientService) throws HTTPException { + public ExternalRequestFieldsValidator setAppWithUserRoleStateForUser(FnUser user, + AppWithRolesForUser newAppRolesForUser) { + boolean result = false; + boolean epRequestValue = false; + String userId = ""; + String reqMessage = ""; + if (newAppRolesForUser != null && newAppRolesForUser.getOrgUserId() != null) { + userId = newAppRolesForUser.getOrgUserId().trim(); + } + Long appId = newAppRolesForUser.getAppId(); + List<RoleInAppForUser> roleInAppForUserList = newAppRolesForUser.getAppRoles(); - getUser(userId, app, applicationsRestClientService); + if (userId.length() > 0) { + ObjectMapper mapper = new ObjectMapper(); + mapper.configure(DeserializationFeature.FAIL_ON_UNKNOWN_PROPERTIES, false); - } + try { + FnApp app = fnAppService.getById(appId); + + boolean checkIfUserisApplicationAccAdmin = isAccountAdminOfApplication(user.getId(), + app); + Set<EcompRole> rolesGotDeletedFromApprover = new TreeSet<>(); + + boolean checkIfUserIsOnlyRoleAdmin = + isRoleAdmin(user.getId()) && !checkIfUserisApplicationAccAdmin; + if (checkIfUserIsOnlyRoleAdmin) { + for (RoleInAppForUser roleInAppForUser : roleInAppForUserList) { + if (!roleInAppForUser.getIsApplied()) { + EcompRole ecompRole = new EcompRole(); + ecompRole.setId(roleInAppForUser.getRoleId()); + ecompRole.setName(roleInAppForUser.getRoleName()); + rolesGotDeletedFromApprover.add(ecompRole); + } + } + } - private FnUser getUser(String userId, FnApp app, ApplicationsRestClientService applicationsRestClientService) - throws HTTPException { - return applicationsRestClientService.get(FnUser.class, app.getId(), String.format("/user/%s", userId), true); + applyChangesToUserAppRolesForMyLoginsRequest(user, appId); - } + boolean systemUser = newAppRolesForUser.isSystemUser(); - private void pushUserOnRemoteApp(String userId, FnApp app, - ApplicationsRestClientService applicationsRestClientService, - ObjectMapper mapper, List<RoleInAppForUser> roleInAppForUserList, boolean appRoleIdUsed) - throws Exception { + if ((app.getAuthCentral() || app.getId().equals(PortalConstants.PORTAL_APP_ID)) + && systemUser) { - FnUser client; - client = fnUserService.loadUserByUsername(userId); + Set<EcompRole> userRolesInLocalApp = postUsersRolesToLocalApp(roleInAppForUserList); + RolesInAppForUser rolesInAppForUser = constructRolesInAppForUserUpdate(userId, appId, + userRolesInLocalApp); + List<RoleInAppForUser> roleAppUserList = rolesInAppForUser.getRoles(); + Set<EcompRole> rolesGotDeletedByApprover = new TreeSet<>(); + if (EcompPortalUtils.checkIfRemoteCentralAccessAllowed()) { + // Apply changes in external Access system - mapper.configure(DeserializationFeature.FAIL_ON_UNKNOWN_PROPERTIES, false); - if (client == null) { - String msg = "cannot create user " + userId + ", because he/she cannot be found in directory."; - logger.error(EELFLoggerDelegate.errorLogger, msg); - List<FnUser> userList = fnUserService.getUserWithOrgUserId(userId); - if (!userList.isEmpty()) { - logger.debug(EELFLoggerDelegate.debugLogger, - userList.get(0).getOrgUserId() + " User was found in Portal"); - client = userList.get(0); - client.setUserApps(Collections.EMPTY_SET); - client.setIsSystemUser(false); - } else { - logger.error(EELFLoggerDelegate.errorLogger, "user cannot be found be in directory or in portal"); - throw new Exception(msg); - } + updateUserRolesInExternalSystem(app, rolesInAppForUser.getOrgUserId(), + roleAppUserList, + epRequestValue, systemUser, rolesGotDeletedByApprover, false); + } + result = applyChangesInUserRolesForAppToEcompDB(rolesInAppForUser, epRequestValue, + "Portal", + systemUser, rolesGotDeletedByApprover, false); + + } else if (!app.getAuthCentral() && systemUser) { + throw new Exception("For non-centralized application we cannot add systemUser"); + } else { // if centralized app + if (app.getAuthCentral()) { + if (!app.getId().equals(PortalConstants.PORTAL_APP_ID)) { + pushRemoteUser(roleInAppForUserList, userId, app, mapper, + applicationsRestClientService, false); + } + + Set<EcompRole> userRolesInLocalApp = postUsersRolesToLocalApp( + roleInAppForUserList); + RolesInAppForUser rolesInAppForUser = constructRolesInAppForUserUpdate(userId, + appId, + userRolesInLocalApp); + List<RoleInAppForUser> roleAppUserList = rolesInAppForUser.getRoles(); + if (EcompPortalUtils.checkIfRemoteCentralAccessAllowed()) { + + // Apply changes in external Access system + updateUserRolesInExternalSystem(app, rolesInAppForUser.getOrgUserId(), + roleAppUserList, + epRequestValue, false, rolesGotDeletedFromApprover, + checkIfUserIsOnlyRoleAdmin); + } + result = applyChangesInUserRolesForAppToEcompDB(rolesInAppForUser, + epRequestValue, "Portal", systemUser, rolesGotDeletedFromApprover, + checkIfUserIsOnlyRoleAdmin); + } + // In case if portal is not centralized then follow existing approach + else if (!app.getAuthCentral() && app.getId() + .equals(PortalConstants.PORTAL_APP_ID)) { + Set<EcompRole> userRolesInLocalApp = postUsersRolesToLocalApp( + roleInAppForUserList); + RolesInAppForUser rolesInAppForUser = constructRolesInAppForUserUpdate(userId, + appId, + userRolesInLocalApp); + Set<EcompRole> rolesGotDeletedByApprover = new TreeSet<>(); + result = applyChangesInUserRolesForAppToEcompDB(rolesInAppForUser, + epRequestValue, "Portal", false, rolesGotDeletedByApprover, false); + } else {// remote app + FnUser remoteAppUser; + if (!app.getAuthCentral() && !app.getId() + .equals(PortalConstants.PORTAL_APP_ID)) { + + remoteAppUser = checkIfRemoteUserExits(userId, app, + applicationsRestClientService); + + if (remoteAppUser == null) { + addRemoteUser(roleInAppForUserList, userId, app, + mapper, applicationsRestClientService); + } + Set<EcompRole> userRolesInRemoteApp = postUsersRolesToRemoteApp( + roleInAppForUserList, mapper, + applicationsRestClientService, appId, userId); + RolesInAppForUser rolesInAppForUser = constructRolesInAppForUserUpdate( + userId, appId, + userRolesInRemoteApp); + Set<EcompRole> rolesGotDeletedByApprover = new TreeSet<>(); + result = applyChangesInUserRolesForAppToEcompDB(rolesInAppForUser, + epRequestValue, null, false, rolesGotDeletedByApprover, false); + + // If no roles remain, request app to set user inactive. + if (userRolesInRemoteApp.size() == 0) { + logger.debug(EELFLoggerDelegate.debugLogger, + "setAppWithUserRoleStateForUser: no roles in app {}, set user {} to inactive", + app, + userId); + postUserToRemoteApp(userId, app, + applicationsRestClientService); + } + } + } + } + } catch (Exception e) { + String message = String.format( + "Failed to create user or update user roles for User %s, AppId %s", + userId, Long.toString(appId)); + logger.error(EELFLoggerDelegate.errorLogger, message, e); + result = false; + reqMessage = e.getMessage(); + } + } + return new ExternalRequestFieldsValidator(result, reqMessage); } - client.setLoginId(userId); - client.setActiveYn(true); - client.setOrgUserId(userId); + private void pushRemoteUser(List<RoleInAppForUser> roleInAppForUserList, String userId, FnApp app, + ObjectMapper mapper, ApplicationsRestClientService applicationsRestClientService, boolean appRoleIdUsed) + throws Exception { + pushUserOnRemoteApp(userId, app, applicationsRestClientService, mapper, + roleInAppForUserList, appRoleIdUsed); + } - roleInAppForUserList.removeIf(role -> role.getIsApplied().equals(false)); - SortedSet<Role> roles = new TreeSet<>(); - List<FnRole> getAppRoles = fnRoleService.getAppRoles(app.getId()); - List<FnApp> appList = new ArrayList<>(); - appList.add(app); - List<CentralV2Role> roleList = new ArrayList<>(); + private void postUserToRemoteApp(String userId, FnApp app, + ApplicationsRestClientService applicationsRestClientService) throws HTTPException { - List<FnRole> userRoles = new ArrayList<>(); + getUser(userId, app, applicationsRestClientService); - for (RoleInAppForUser roleInappForUser : roleInAppForUserList) { - FnRole role = new FnRole(); - role.setId(roleInappForUser.getRoleId()); - role.setRoleName(roleInappForUser.getRoleName()); - userRoles.add(role); } - if (appRoleIdUsed) { - List<FnRole> userAppRoles = new ArrayList<>(); - for (FnRole role : userRoles) { - FnRole appRole = getAppRoles.stream() - .filter(applicationRole -> role.getId().equals(applicationRole.getAppRoleId())).findAny() - .orElse(null); - FnRole epRole = new FnRole(); - if (appRole != null) { - epRole.setId(appRole.getId()); - epRole.setRoleName(appRole.getRoleName()); - } - userAppRoles.add(epRole); - } - userRoles = new ArrayList<>(userAppRoles); - } - roleList = externalAccessRolesService.createCentralRoleObject(appList, userRoles, roleList); - - for (CentralV2Role epRole : roleList) { - Role role = new Role(); - FnRole appRole = getAppRoles.stream() - .filter(applicationRole -> epRole.getId().equals(applicationRole.getId())).findAny().orElse(null); - if (appRole != null) { - role.setId(appRole.getAppRoleId()); - role.setRoleName(epRole.getName()); - role.setFnRoleFunctions(epRole.getRoleFunctions()); - } - roles.add(role); - } - client.setRoles(roles.stream().map(this::roleToFnRole).collect(Collectors.toSet())); - String userInString; - userInString = mapper.writerFor(FnUser.class).writeValueAsString(client); - logger.debug(EELFLoggerDelegate.debugLogger, - "about to post a client to remote application, users json = " + userInString); - applicationsRestClientService.post(FnUser.class, app.getId(), userInString, String.format("/user/%s", userId)); - } - - private FnRole roleToFnRole(Role role) { - return FnRole.builder() - .id(role.getId()) - .roleName(role.getRoleName()) - .activeYn(role.getActiveYn()) - .priority(role.getPriority()) - .fnRoleFunctions(role.getFnRoleFunctions()) - .childRoles(role.getChildRoles()) - .parentRoles(role.getParentRoles()) - .build(); - } - - private Set<EcompRole> postUsersRolesToRemoteApp(List<RoleInAppForUser> roleInAppForUserList, ObjectMapper mapper, - ApplicationsRestClientService applicationsRestClientService, Long appId, String userId) - throws JsonProcessingException, HTTPException { - Set<EcompRole> updatedUserRolesinRemote = constructUsersRemoteAppRoles(roleInAppForUserList); - Set<EcompRole> updateUserRolesInEcomp = constructUsersEcompRoles(roleInAppForUserList); - String userRolesAsString = mapper.writeValueAsString(updatedUserRolesinRemote); - FnApp externalApp; - externalApp = appsCacheService.getApp(appId); - String appBaseUri = null; - Set<RemoteRoleV1> updatedUserRolesinRemoteV1 = new TreeSet<>(); - if (externalApp != null) { - appBaseUri = externalApp.getAppRestEndpoint(); - } - if (appBaseUri != null && appBaseUri.endsWith("/api")) { - for (EcompRole eprole : updatedUserRolesinRemote) { - RemoteRoleV1 role = new RemoteRoleV1(); - role.setId(eprole.getId()); - role.setName(eprole.getName()); - updatedUserRolesinRemoteV1.add(role); - } - userRolesAsString = mapper.writeValueAsString(updatedUserRolesinRemoteV1); - } - applicationsRestClientService.post(EcompRole.class, appId, userRolesAsString, - String.format("/user/%s/roles", userId)); - return updateUserRolesInEcomp; - } - - private void addRemoteUser(List<RoleInAppForUser> roleInAppForUserList, String userId, FnApp app, - ObjectMapper mapper, ApplicationsRestClientService applicationsRestClientService) throws Exception { - if (remoteUserShouldBeCreated(roleInAppForUserList)) { - createNewUserOnRemoteApp(userId, app, applicationsRestClientService, mapper); + private FnUser getUser(String userId, FnApp app, ApplicationsRestClientService applicationsRestClientService) + throws HTTPException { + return applicationsRestClientService.get(FnUser.class, app.getId(), String.format("/user/%s", userId), true); + } - } - private void createNewUserOnRemoteApp(String userId, FnApp app, - ApplicationsRestClientService applicationsRestClientService, ObjectMapper mapper) - throws Exception { + private void pushUserOnRemoteApp(String userId, FnApp app, + ApplicationsRestClientService applicationsRestClientService, + ObjectMapper mapper, List<RoleInAppForUser> roleInAppForUserList, boolean appRoleIdUsed) + throws Exception { - FnUser client = fnUserService.loadUserByUsername(userId); + FnUser client; + client = fnUserService.loadUserByUsername(userId); - mapper.configure(DeserializationFeature.FAIL_ON_UNKNOWN_PROPERTIES, false); + mapper.configure(DeserializationFeature.FAIL_ON_UNKNOWN_PROPERTIES, false); + if (client == null) { + String msg = "cannot create user " + userId + ", because he/she cannot be found in directory."; + logger.error(EELFLoggerDelegate.errorLogger, msg); + List<FnUser> userList = fnUserService.getUserWithOrgUserId(userId); + if (!userList.isEmpty()) { + logger.debug(EELFLoggerDelegate.debugLogger, + userList.get(0).getOrgUserId() + " User was found in Portal"); + client = userList.get(0); + client.setUserApps(Collections.EMPTY_SET); + client.setIsSystemUser(false); + } else { + logger.error(EELFLoggerDelegate.errorLogger, "user cannot be found be in directory or in portal"); + throw new Exception(msg); + } - if (client == null) { - String msg = "cannot create user " + userId + ", because he/she cannot be found in phonebook."; - logger.error(EELFLoggerDelegate.errorLogger, msg); - throw new Exception(msg); - } + } - client.setLoginId(userId); - client.setActiveYn(true); + client.setLoginId(userId); + client.setActiveYn(true); + client.setOrgUserId(userId); - String userInString; - userInString = mapper.writerFor(FnUser.class).writeValueAsString(client); - logger.debug(EELFLoggerDelegate.debugLogger, - "about to post new client to remote application, users json = " + userInString); - applicationsRestClientService.post(FnUser.class, app.getId(), userInString, String.format("/user", userId)); + roleInAppForUserList.removeIf(role -> role.getIsApplied().equals(false)); + SortedSet<Role> roles = new TreeSet<>(); - } + List<FnRole> getAppRoles = fnRoleService.getAppRoles(app.getId()); + List<FnApp> appList = new ArrayList<>(); + appList.add(app); + List<CentralV2Role> roleList = new ArrayList<>(); - private boolean remoteUserShouldBeCreated(List<RoleInAppForUser> roleInAppForUserList) { - for (RoleInAppForUser roleInAppForUser : roleInAppForUserList) { - if (roleInAppForUser.getIsApplied()) { - return true; - } - } - return false; - } - - private Set<EcompRole> constructUsersRemoteAppRoles(List<RoleInAppForUser> roleInAppForUserList) { - Set<EcompRole> existingUserRoles = new TreeSet<>(); - for (RoleInAppForUser roleInAppForUser : roleInAppForUserList) { - if (roleInAppForUser.getIsApplied() && !roleInAppForUser.getRoleId() - .equals(PortalConstants.ACCOUNT_ADMIN_ROLE_ID)) { - EcompRole ecompRole = new EcompRole(); - ecompRole.setId(roleInAppForUser.getRoleId()); - ecompRole.setName(roleInAppForUser.getRoleName()); - existingUserRoles.add(ecompRole); - } - } - return existingUserRoles; - } - - private void applyChangesToUserAppRolesForMyLoginsRequest(FnUser user, Long appId) { - List<EpUserRolesRequest> epRequestIdVal; - try { - epRequestIdVal = epUserRolesRequestService.userAppRolesRequestList(user.getId(), appId); - if (epRequestIdVal.size() > 0) { - EpUserRolesRequest epAppRolesRequestData = epRequestIdVal.get(0); - epAppRolesRequestData.setUpdatedDate(LocalDateTime.now()); - epAppRolesRequestData.setRequestStatus("O"); - epAppRolesRequestData.setUserId(user); - epUserRolesRequestService.saveOne(epAppRolesRequestData); - List<EpUserRolesRequestDet> epUserAppRolesDetailList = epUserRolesRequestDetService - .appRolesRequestDetailList(epAppRolesRequestData.getReqId()); - if (epUserAppRolesDetailList.size() > 0) { - for (EpUserRolesRequestDet epRequestUpdateList : epUserAppRolesDetailList) { - epRequestUpdateList.setRequestType("O"); - epRequestUpdateList.setReqId(epAppRolesRequestData); - epRequestUpdateList.setReqId(epAppRolesRequestData); - epUserRolesRequestDetService.saveOne(epRequestUpdateList); - } - logger.debug(EELFLoggerDelegate.debugLogger, - "User App roles request from User Page is overridden"); + List<FnRole> userRoles = new ArrayList<>(); + + for (RoleInAppForUser roleInappForUser : roleInAppForUserList) { + FnRole role = new FnRole(); + role.setId(roleInappForUser.getRoleId()); + role.setRoleName(roleInappForUser.getRoleName()); + userRoles.add(role); } - } - } catch (Exception e) { - logger.error(EELFLoggerDelegate.errorLogger, "applyChangesToUserAppRolesRequest failed", e); - } - } - - private Set<EcompRole> postUsersRolesToLocalApp(List<RoleInAppForUser> roleInAppForUserList) { - return constructUsersEcompRoles(roleInAppForUserList); - } - - private Set<EcompRole> constructUsersEcompRoles(List<RoleInAppForUser> roleInAppForUserList) { - Set<EcompRole> existingUserRoles = new TreeSet<>(); - for (RoleInAppForUser roleInAppForUser : roleInAppForUserList) { - if (roleInAppForUser.getIsApplied()) { - EcompRole ecompRole = new EcompRole(); - ecompRole.setId(roleInAppForUser.getRoleId()); - ecompRole.setName(roleInAppForUser.getRoleName()); - existingUserRoles.add(ecompRole); - } - } - return existingUserRoles; - } - - public RolesInAppForUser constructRolesInAppForUserUpdate(String userId, Long appId, - Set<EcompRole> userRolesInRemoteApp) { - RolesInAppForUser result; - result = new RolesInAppForUser(); - result.setAppId(appId); - result.setOrgUserId(userId); - - for (EcompRole role : userRolesInRemoteApp) { - RoleInAppForUser roleInAppForUser = new RoleInAppForUser(); - roleInAppForUser.setRoleId(role.getId()); - roleInAppForUser.setRoleName(role.getName()); - roleInAppForUser.setIsApplied(true); - result.getRoles().add(roleInAppForUser); - } - return result; - } - - private void updateUserRolesInExternalSystem(FnApp app, String orgUserId, List<RoleInAppForUser> roleInAppUser, - boolean isPortalRequest, boolean isSystemUser, Set<EcompRole> deletedRolesByApprover, - boolean isLoggedInUserRoleAdminofApp) throws Exception { - try { - List<FnUser> userInfo = checkIfUserExists(orgUserId); - if (userInfo.isEmpty()) { - createLocalUserIfNecessary(orgUserId, isSystemUser); - } - String name; - if (EPCommonSystemProperties - .containsProperty(EPCommonSystemProperties.EXTERNAL_CENTRAL_ACCESS_USER_DOMAIN) - && !isSystemUser) { - name = orgUserId - + SystemProperties - .getProperty(EPCommonSystemProperties.EXTERNAL_CENTRAL_ACCESS_USER_DOMAIN); - } else { - name = orgUserId; - } - ObjectMapper mapper = new ObjectMapper(); - HttpHeaders headers = EcompPortalUtils.base64encodeKeyForAAFBasicAuth(); - HttpEntity<String> getUserRolesEntity = new HttpEntity<>(headers); - ResponseEntity<String> getResponse = externalAccessRolesService - .getUserRolesFromExtAuthSystem(name, getUserRolesEntity); - - List<ExternalAccessUserRoleDetail> userRoleDetailList = new ArrayList<>(); - String res = getResponse.getBody(); - JSONObject jsonObj; - JSONArray extRoles = null; - if (!res.equals("{}")) { - jsonObj = new JSONObject(res); - extRoles = jsonObj.getJSONArray("role"); - } - ExternalAccessUserRoleDetail userRoleDetail; - if (extRoles != null) { - for (int i = 0; i < extRoles.length(); i++) { - if (extRoles.getJSONObject(i).getString("name").startsWith(app.getAuthNamespace() + ".") - && !extRoles.getJSONObject(i).getString("name") - .equals(app.getAuthNamespace() + ".admin") - && !extRoles.getJSONObject(i).getString("name") - .equals(app.getAuthNamespace() + ".owner")) { - if (extRoles.getJSONObject(i).has("description")) { - ExternalRoleDescription desc = new ExternalRoleDescription( - extRoles.getJSONObject(i).getString("description")); - userRoleDetail = new ExternalAccessUserRoleDetail( - extRoles.getJSONObject(i).getString("name"), desc); - userRoleDetailList.add(userRoleDetail); - } else { - userRoleDetail = new ExternalAccessUserRoleDetail( - extRoles.getJSONObject(i).getString("name"), null); - userRoleDetailList.add(userRoleDetail); + if (appRoleIdUsed) { + List<FnRole> userAppRoles = new ArrayList<>(); + for (FnRole role : userRoles) { + FnRole appRole = getAppRoles.stream() + .filter(applicationRole -> role.getId().equals(applicationRole.getAppRoleId())).findAny() + .orElse(null); + FnRole epRole = new FnRole(); + if (appRole != null) { + epRole.setId(appRole.getId()); + epRole.setRoleName(appRole.getRoleName()); + } + userAppRoles.add(epRole); } - - } + userRoles = new ArrayList<>(userAppRoles); } - } - - List<ExternalAccessUserRoleDetail> userRoleListMatchingInExtAuthAndLocal = checkIfRoleAreMatchingInUserRoleDetailList( - userRoleDetailList, app); - - List<EcompUserAppRoles> userAppList; - // If request coming from portal not from external role approval system then we have to check if user already - // have account admin or system admin as GUI will not send these roles - if (!isPortalRequest) { - FnUser user = fnUserService.getUserWithOrgUserId(orgUserId).get(0); - userAppList = ecompUserAppRolesService.getUserAppExistingRoles(app.getId(), user.getId()); - if (!roleInAppUser.isEmpty()) { - for (EcompUserAppRoles userApp : userAppList) { - if (userApp.getRoleId().equals(PortalConstants.SYS_ADMIN_ROLE_ID) - || userApp.getRoleId() - .equals(PortalConstants.ACCOUNT_ADMIN_ROLE_ID)) { - RoleInAppForUser addSpecialRole = new RoleInAppForUser(); - addSpecialRole.setIsApplied(true); - addSpecialRole.setRoleId(userApp.getRoleId()); - addSpecialRole.setRoleName(userApp.getRoleName()); - roleInAppUser.add(addSpecialRole); + roleList = externalAccessRolesService.createCentralRoleObject(appList, userRoles, roleList); + + for (CentralV2Role epRole : roleList) { + Role role = new Role(); + FnRole appRole = getAppRoles.stream() + .filter(applicationRole -> epRole.getId().equals(applicationRole.getId())).findAny().orElse(null); + if (appRole != null) { + role.setId(appRole.getAppRoleId()); + role.setRoleName(epRole.getName()); + role.setFnRoleFunctions(epRole.getRoleFunctions()); } - } + roles.add(role); } - } - List<RoleInAppForUser> roleInAppUserNonDupls = roleInAppUser.stream().distinct() - .collect(Collectors.toList()); - Map<String, RoleInAppForUser> currentUserRolesToUpdate = new HashMap<>(); - for (RoleInAppForUser roleInAppUserNew : roleInAppUserNonDupls) { - currentUserRolesToUpdate.put(roleInAppUserNew.getRoleName() - .replaceAll(EcompPortalUtils.EXTERNAL_CENTRAL_AUTH_ROLE_HANDLE_SPECIAL_CHARACTERS, - "_"), roleInAppUserNew); - } - final Map<String, ExternalAccessUserRoleDetail> currentUserRolesInExternalSystem = new HashMap<>(); - for (ExternalAccessUserRoleDetail extAccessUserRole : userRoleListMatchingInExtAuthAndLocal) { - currentUserRolesInExternalSystem.put(extAccessUserRole.getName(), extAccessUserRole); - } - - if (isLoggedInUserRoleAdminofApp) { - if (deletedRolesByApprover.size() > 0) { - List<ExternalAccessUserRoleDetail> newUpdatedRoles = new ArrayList<>(); - for (ExternalAccessUserRoleDetail userRole : userRoleListMatchingInExtAuthAndLocal) { - for (EcompRole role : deletedRolesByApprover) { - if ((userRole.getName().substring(app.getAuthNamespace().length() + 1)) - .equals(role.getName())) { - newUpdatedRoles.add(userRole); - } - } - } - if (newUpdatedRoles.size() > 0) { - userRoleListMatchingInExtAuthAndLocal = new ArrayList<>(newUpdatedRoles); - } else { - userRoleListMatchingInExtAuthAndLocal = new ArrayList<>(); - currentUserRolesToUpdate = new HashMap<>(); - - } + client.setRoles(roles.stream().map(this::roleToFnRole).collect(Collectors.toSet())); + String userInString; + userInString = mapper.writerFor(FnUser.class).writeValueAsString(client); + logger.debug(EELFLoggerDelegate.debugLogger, + "about to post a client to remote application, users json = " + userInString); + applicationsRestClientService.post(FnUser.class, app.getId(), userInString, String.format("/user/%s", userId)); + } - } else { - userRoleListMatchingInExtAuthAndLocal = new ArrayList<>(); - currentUserRolesToUpdate = new HashMap<>(); + private FnRole roleToFnRole(Role role) { + return FnRole.builder() + .id(role.getId()) + .roleName(role.getRoleName()) + .activeYn(role.getActiveYn()) + .priority(role.getPriority()) + .fnRoleFunctions(role.getFnRoleFunctions()) + .childRoles(role.getChildRoles()) + .parentRoles(role.getParentRoles()) + .build(); + } + private Set<EcompRole> postUsersRolesToRemoteApp(List<RoleInAppForUser> roleInAppForUserList, ObjectMapper mapper, + ApplicationsRestClientService applicationsRestClientService, Long appId, String userId) + throws JsonProcessingException, HTTPException { + Set<EcompRole> updatedUserRolesinRemote = constructUsersRemoteAppRoles(roleInAppForUserList); + Set<EcompRole> updateUserRolesInEcomp = constructUsersEcompRoles(roleInAppForUserList); + String userRolesAsString = mapper.writeValueAsString(updatedUserRolesinRemote); + FnApp externalApp; + externalApp = appsCacheService.getApp(appId); + String appBaseUri = null; + Set<RemoteRoleV1> updatedUserRolesinRemoteV1 = new TreeSet<>(); + if (externalApp != null) { + appBaseUri = externalApp.getAppRestEndpoint(); } - } - - // Check if user roles does not exists in local but still there in External Central Auth System delete them all - for (ExternalAccessUserRoleDetail userRole : userRoleListMatchingInExtAuthAndLocal) { - if (!(currentUserRolesToUpdate - .containsKey(userRole.getName().substring(app.getAuthNamespace().length() + 1)))) { - HttpEntity<String> entity = new HttpEntity<>(headers); - logger.debug(EELFLoggerDelegate.debugLogger, - "updateUserRolesInExternalSystem: Connecting to external system to DELETE user role {}", - userRole.getName()); - ResponseEntity<String> deleteResponse = template.exchange( - SystemProperties - .getProperty(EPCommonSystemProperties.EXTERNAL_CENTRAL_ACCESS_URL) - + "userRole/" + name + "/" + userRole.getName(), - HttpMethod.DELETE, entity, String.class); - logger.debug(EELFLoggerDelegate.debugLogger, - "updateUserRolesInExternalSystem: Finished DELETE operation in external system for user role {} and the response is {}", - userRole.getName(), deleteResponse.getBody()); - } - } - // Check if user roles does not exists in External Central Auth System add them all - for (RoleInAppForUser addUserRole : roleInAppUserNonDupls) { - if (!(currentUserRolesInExternalSystem - .containsKey(app.getAuthNamespace() + "." + addUserRole.getRoleName().replaceAll( - EcompPortalUtils.EXTERNAL_CENTRAL_AUTH_ROLE_HANDLE_SPECIAL_CHARACTERS, - "_")))) { - ExternalAccessUser extUser = new ExternalAccessUser(name, - app.getAuthNamespace() + "." + addUserRole.getRoleName().replaceAll( - EcompPortalUtils.EXTERNAL_CENTRAL_AUTH_ROLE_HANDLE_SPECIAL_CHARACTERS, - "_")); - String formattedUserRole = mapper.writeValueAsString(extUser); - HttpEntity<String> entity = new HttpEntity<>(formattedUserRole, headers); - logger.debug(EELFLoggerDelegate.debugLogger, - "updateUserRolesInExternalSystem: Connecting to external system for user {} and POST {}", - name, addUserRole.getRoleName()); - ResponseEntity<String> addResponse = template - .exchange(SystemProperties - .getProperty(EPCommonSystemProperties.EXTERNAL_CENTRAL_ACCESS_URL) - + "userRole", HttpMethod.POST, entity, String.class); - logger.debug(EELFLoggerDelegate.debugLogger, - "updateUserRolesInExternalSystem: Finished adding user role in external system {} and added user role {}", - addResponse.getBody(), addUserRole.getRoleName()); - if (addResponse.getStatusCode().value() != 201 - && addResponse.getStatusCode().value() != 404) { - logger.debug(EELFLoggerDelegate.debugLogger, - "Finished POST operation in external system but unable to save user role", - addResponse.getBody(), - addUserRole.getRoleName()); - throw new Exception(addResponse.getBody()); - } + if (appBaseUri != null && appBaseUri.endsWith("/api")) { + for (EcompRole eprole : updatedUserRolesinRemote) { + RemoteRoleV1 role = new RemoteRoleV1(); + role.setId(eprole.getId()); + role.setName(eprole.getName()); + updatedUserRolesinRemoteV1.add(role); + } + userRolesAsString = mapper.writeValueAsString(updatedUserRolesinRemoteV1); } - } - } catch (HttpClientErrorException e) { - logger.error(EELFLoggerDelegate.errorLogger, - "updateUserRolesInExternalSystem: Failed to add user role for application {} due to {}", - app.getId(), e); - if (e.getStatusCode() == HttpStatus.FORBIDDEN) { - logger.error(EELFLoggerDelegate.errorLogger, "Please enter the valid systemUser", - orgUserId); - throw new HttpClientErrorException(HttpStatus.FORBIDDEN, - "Please enter the valid systemUser"); - } - if (e.getStatusCode() == HttpStatus.NOT_FOUND) { - logger.error(EELFLoggerDelegate.errorLogger, "Please enter the valid role"); - throw new HttpClientErrorException(HttpStatus.NOT_FOUND, "Please enter the valid role"); - } - EPLogUtil.logExternalAuthAccessAlarm(logger, HttpStatus.BAD_REQUEST); - throw e; - } catch (Exception e) { - logger.error(EELFLoggerDelegate.errorLogger, - "updateUserRolesInExternalSystem: Failed to add user role for application {} due to {}", - app.getId(), e); - EPLogUtil.logExternalAuthAccessAlarm(logger, HttpStatus.BAD_REQUEST); - throw e; - } - } - - private List<ExternalAccessUserRoleDetail> checkIfRoleAreMatchingInUserRoleDetailList( - List<ExternalAccessUserRoleDetail> userRoleDetailList, FnApp app) { - Map<String, FnRole> epRoleList = externalAccessRolesService.getAppRoleNamesWithUnderscoreMap(app); - //Add Account Admin role for partner app to prevent conflict - if (!PortalConstants.PORTAL_APP_ID.equals(app.getId())) { - FnRole role = new FnRole(); - role.setRoleName(PortalConstants.ADMIN_ROLE - .replaceAll(EcompPortalUtils.EXTERNAL_CENTRAL_AUTH_ROLE_HANDLE_SPECIAL_CHARACTERS, "_")); - epRoleList.put(role.getRoleName(), role); + applicationsRestClientService.post(EcompRole.class, appId, userRolesAsString, + String.format("/user/%s/roles", userId)); + return updateUserRolesInEcomp; } - userRoleDetailList.removeIf( - userRoleDetail -> !epRoleList - .containsKey(userRoleDetail.getName().substring(app.getAuthNamespace().length() + 1))); - return userRoleDetailList; - } - - private List<FnUser> checkIfUserExists(String userParams) { - return fnUserService.getUserWithOrgUserId(userParams); - } - - @Transactional - private void createLocalUserIfNecessary(String userId, boolean isSystemUser) { - if (StringUtils.isEmpty(userId)) { - logger.error(EELFLoggerDelegate.errorLogger, "createLocalUserIfNecessary : empty userId!"); - return; - } - try { - List<FnUser> userList = fnUserService.getUserWithOrgUserId(userId); - if (userList.size() == 0) { - FnUser client; - if (!isSystemUser) { - client = fnUserService.loadUserByUsername(userId); - } else { - client = new FnUser(); - client.setOrgUserId(userId); - client.setIsSystemUser(true); - client.setFirstName(userId.substring(0, userId.indexOf("@"))); + + private void addRemoteUser(List<RoleInAppForUser> roleInAppForUserList, String userId, FnApp app, + ObjectMapper mapper, ApplicationsRestClientService applicationsRestClientService) throws Exception { + if (remoteUserShouldBeCreated(roleInAppForUserList)) { + createNewUserOnRemoteApp(userId, app, applicationsRestClientService, mapper); } + } + + private void createNewUserOnRemoteApp(String userId, FnApp app, + ApplicationsRestClientService applicationsRestClientService, ObjectMapper mapper) + throws Exception { + + FnUser client = fnUserService.loadUserByUsername(userId); + + mapper.configure(DeserializationFeature.FAIL_ON_UNKNOWN_PROPERTIES, false); + if (client == null) { - String msg = "createLocalUserIfNecessary: cannot create user " + userId - + ", because not found in phonebook"; - logger.error(EELFLoggerDelegate.errorLogger, msg); - } else { - client.setLoginId(userId); - client.setActiveYn(true); + String msg = "cannot create user " + userId + ", because he/she cannot be found in phonebook."; + logger.error(EELFLoggerDelegate.errorLogger, msg); + throw new Exception(msg); } - fnUserService.saveFnUser(client); - } - } catch (Exception e) { - EPLogUtil.logEcompError(logger, EPAppMessagesEnum.BeDaoSystemError, e); - } - } + client.setLoginId(userId); + client.setActiveYn(true); - private FnUser checkIfRemoteUserExits(String userId, FnApp app, - ApplicationsRestClientService applicationsRestClientService) throws HTTPException { - FnUser checkRemoteUser = null; - try { - checkRemoteUser = getUserFromApp(userId, app, applicationsRestClientService); - } catch (HTTPException e) { - // Some apps are returning 400 if user is not found. - if (e.getResponseCode() == 400) { - logger.debug(EELFLoggerDelegate.debugLogger, - "setAppWithUserRoleStateForUser: getuserFromApp threw exception with response code 400; continuing", - e); - } else if (e.getResponseCode() == 404) { + String userInString; + userInString = mapper.writerFor(FnUser.class).writeValueAsString(client); logger.debug(EELFLoggerDelegate.debugLogger, - "setAppWithUserRoleStateForUser: getuserFromApp threw exception with response code 404; continuing", - e); - } else { - // Other response code, let it come thru. - throw e; - } - } - return checkRemoteUser; - } - - private FnUser getUserFromApp(String userId, FnApp app, ApplicationsRestClientService applicationsRestClientService) - throws HTTPException { - if (PortalConstants.PORTAL_APP_ID.equals(app.getId())) { - List<FnUser> userList = fnUserService.getUserWithOrgUserId(userId); - if (userList != null && !userList.isEmpty()) { - return userList.get(0); - } else { - return null; - } + "about to post new client to remote application, users json = " + userInString); + applicationsRestClientService.post(FnUser.class, app.getId(), userInString, String.format("/user", userId)); + } - return getUser(userId, app, applicationsRestClientService); - } - - private boolean applyChangesInUserRolesForAppToEcompDB(RolesInAppForUser rolesInAppForUser, - boolean externalSystemRequest, String reqType, boolean isSystemUser, - Set<EcompRole> rolesDeletedByApprover, boolean isLoggedInUserRoleAdminOfApp) throws Exception { - boolean result = false; - String userId = rolesInAppForUser.getOrgUserId(); - Long appId = rolesInAppForUser.getAppId(); - synchronized (syncRests) { - createLocalUserIfNecessary(userId, isSystemUser); - - EcompRole[] userAppRoles = new EcompRole[(int) rolesInAppForUser.getRoles().stream().distinct().count()]; - for (int i = 0; - i < rolesInAppForUser.getRoles().stream().distinct().count(); i++) { - RoleInAppForUser roleInAppForUser = rolesInAppForUser.getRoles().get(i); - EcompRole role = new EcompRole(); - role.setId(roleInAppForUser.getRoleId()); - role.setName(roleInAppForUser.getRoleName()); - userAppRoles[i] = role; - } - try { - EcompRole[] applicationRoles = null; - - if (isLoggedInUserRoleAdminOfApp) { - List<EcompRole> roles = Arrays.stream(userAppRoles) - .collect(Collectors.toList()); - List<EcompRole> roles1 = new ArrayList<>(rolesDeletedByApprover); - roles.addAll(roles1); - applicationRoles = roles.toArray(new EcompRole[0]); - } - syncUserRoles(userId, appId, userAppRoles, externalSystemRequest, - reqType, isLoggedInUserRoleAdminOfApp, applicationRoles); - result = true; - } catch (Exception e) { - logger.error(EELFLoggerDelegate.errorLogger, - "applyChangesInUserRolesForAppToEcompDB: failed to syncUserRoles for orgUserId " - + userId, e); - if ("DELETE".equals(reqType)) { - throw new Exception(e.getMessage()); + private boolean remoteUserShouldBeCreated(List<RoleInAppForUser> roleInAppForUserList) { + for (RoleInAppForUser roleInAppForUser : roleInAppForUserList) { + if (roleInAppForUser.getIsApplied()) { + return true; + } } - } - } - return result; - } - - private void syncUserRoles(String userId, Long appId, - EcompRole[] userAppRoles, Boolean extRequestValue, String reqType, boolean checkIfUserisRoleAdmin, - EcompRole[] appRoles) throws Exception { - - Transaction transaction = null; - String roleActive; - HashMap<Long, EcompRole> newUserAppRolesMap = hashMapFromEcompRoles(userAppRoles); - List<FnRole> roleInfo = externalAccessRolesService - .getPortalAppRoleInfo(PortalConstants.ACCOUNT_ADMIN_ROLE_ID); - FnRole adminRole = new FnRole(); - if (roleInfo.size() > 0) { - adminRole = roleInfo.get(0); - logger.debug(EELFLoggerDelegate.debugLogger, "Admin RoleName form DB: " + adminRole.getRoleName()); + return false; } - try { - List<FnUser> userList = fnUserService.getUserWithOrgUserId(userId); - if (userList.size() > 0) { - FnUser client = userList.get(0); - roleActive = ("DELETE".equals(reqType)) ? "" : " and role.active = 'Y'"; - List<FnUserRole> userRoles = fnUserRoleService.retrieveByAppIdAndUserId(appId, userId); - entityManager - .createQuery("from EPUserApp where app.id=:appId and userId=:userId" + roleActive) - .setParameter("appId", appId) - .setParameter("userId", client.getId()) - .getResultList(); - - if ("DELETE".equals(reqType)) { - for (FnUserRole userAppRoleList : userRoles) { - List<FnRole> rolesList = - (!userAppRoleList.getRoleId().getRoleName() - .equals(adminRole.getRoleName())) - ? fnRoleService.retrieveAppRolesByRoleNameAndByAppId - (userAppRoleList.getRoleId().getRoleName(), appId) - : fnRoleService.retrieveAppRolesWhereAppIdIsNull(); - if (!rolesList.isEmpty()) { - checkIfRoleInactive(rolesList.get(0)); + + private Set<EcompRole> constructUsersRemoteAppRoles(List<RoleInAppForUser> roleInAppForUserList) { + Set<EcompRole> existingUserRoles = new TreeSet<>(); + for (RoleInAppForUser roleInAppForUser : roleInAppForUserList) { + if (roleInAppForUser.getIsApplied() && !roleInAppForUser.getRoleId() + .equals(PortalConstants.ACCOUNT_ADMIN_ROLE_ID)) { + EcompRole ecompRole = new EcompRole(); + ecompRole.setId(roleInAppForUser.getRoleId()); + ecompRole.setName(roleInAppForUser.getRoleName()); + existingUserRoles.add(ecompRole); } - } } + return existingUserRoles; + } - if (appRoles != null) { - List<EcompRole> appRolesList = Arrays.stream(appRoles).collect(Collectors.toList()); - List<FnUserRole> finalUserRolesList = new ArrayList<>(); - if (checkIfUserisRoleAdmin) { - for (EcompRole role : appRolesList) { - for (FnUserRole userAppRoleList : userRoles) { - if (userAppRoleList.getRoleId().getRoleName() - .equals(role.getName())) { - finalUserRolesList.add(userAppRoleList); + private void applyChangesToUserAppRolesForMyLoginsRequest(FnUser user, Long appId) { + List<EpUserRolesRequest> epRequestIdVal; + try { + epRequestIdVal = epUserRolesRequestService.userAppRolesRequestList(user.getId(), appId); + if (epRequestIdVal.size() > 0) { + EpUserRolesRequest epAppRolesRequestData = epRequestIdVal.get(0); + epAppRolesRequestData.setUpdatedDate(LocalDateTime.now()); + epAppRolesRequestData.setRequestStatus("O"); + epAppRolesRequestData.setUserId(user); + epUserRolesRequestService.saveOne(epAppRolesRequestData); + List<EpUserRolesRequestDet> epUserAppRolesDetailList = epUserRolesRequestDetService + .appRolesRequestDetailList(epAppRolesRequestData.getReqId()); + if (epUserAppRolesDetailList.size() > 0) { + for (EpUserRolesRequestDet epRequestUpdateList : epUserAppRolesDetailList) { + epRequestUpdateList.setRequestType("O"); + epRequestUpdateList.setReqId(epAppRolesRequestData); + epRequestUpdateList.setReqId(epAppRolesRequestData); + epUserRolesRequestDetService.saveOne(epRequestUpdateList); + } + logger.debug(EELFLoggerDelegate.debugLogger, + "User App roles request from User Page is overridden"); } + } - } + } catch (Exception e) { + logger.error(EELFLoggerDelegate.errorLogger, "applyChangesToUserAppRolesRequest failed", e); + } + } + + private Set<EcompRole> postUsersRolesToLocalApp(List<RoleInAppForUser> roleInAppForUserList) { + return constructUsersEcompRoles(roleInAppForUserList); + } + + private Set<EcompRole> constructUsersEcompRoles(List<RoleInAppForUser> roleInAppForUserList) { + Set<EcompRole> existingUserRoles = new TreeSet<>(); + for (RoleInAppForUser roleInAppForUser : roleInAppForUserList) { + if (roleInAppForUser.getIsApplied()) { + EcompRole ecompRole = new EcompRole(); + ecompRole.setId(roleInAppForUser.getRoleId()); + ecompRole.setName(roleInAppForUser.getRoleName()); + existingUserRoles.add(ecompRole); } - userRoles = new ArrayList<>(finalUserRolesList); - } } + return existingUserRoles; + } - for (FnUserRole userRole : userRoles) { - if (!PortalConstants.ACCOUNT_ADMIN_ROLE_ID.equals(userRole.getRoleId().getId()) - && !PortalConstants.SYS_ADMIN_ROLE_ID - .equals(userRole.getRoleId().getId()) - && !extRequestValue) { - syncUserRolesExtension(userRole, appId, - newUserAppRolesMap); - } else if (extRequestValue && ("PUT".equals(reqType) || "POST".equals(reqType) - || "DELETE".equals(reqType))) { - syncUserRolesExtension(userRole, appId, - newUserAppRolesMap); - } else if (extRequestValue && !PortalConstants.ACCOUNT_ADMIN_ROLE_ID - .equals(userRole.getRoleId().getId())) { - syncUserRolesExtension(userRole, appId, - newUserAppRolesMap); - } + public RolesInAppForUser constructRolesInAppForUserUpdate(String userId, Long appId, + Set<EcompRole> userRolesInRemoteApp) { + RolesInAppForUser result; + result = new RolesInAppForUser(); + result.setAppId(appId); + result.setOrgUserId(userId); + + for (EcompRole role : userRolesInRemoteApp) { + RoleInAppForUser roleInAppForUser = new RoleInAppForUser(); + roleInAppForUser.setRoleId(role.getId()); + roleInAppForUser.setRoleName(role.getName()); + roleInAppForUser.setIsApplied(true); + result.getRoles().add(roleInAppForUser); } + return result; + } + + private void updateUserRolesInExternalSystem(FnApp app, String orgUserId, List<RoleInAppForUser> roleInAppUser, + boolean isPortalRequest, boolean isSystemUser, Set<EcompRole> deletedRolesByApprover, + boolean isLoggedInUserRoleAdminofApp) throws Exception { + try { + List<FnUser> userInfo = checkIfUserExists(orgUserId); + if (userInfo.isEmpty()) { + createLocalUserIfNecessary(orgUserId, isSystemUser); + } + String name; + if (EPCommonSystemProperties + .containsProperty(EPCommonSystemProperties.EXTERNAL_CENTRAL_ACCESS_USER_DOMAIN) + && !isSystemUser) { + name = orgUserId + + SystemProperties + .getProperty(EPCommonSystemProperties.EXTERNAL_CENTRAL_ACCESS_USER_DOMAIN); + } else { + name = orgUserId; + } + ObjectMapper mapper = new ObjectMapper(); + HttpHeaders headers = EcompPortalUtils.base64encodeKeyForAAFBasicAuth(); + HttpEntity<String> getUserRolesEntity = new HttpEntity<>(headers); + ResponseEntity<String> getResponse = externalAccessRolesService + .getUserRolesFromExtAuthSystem(name, getUserRolesEntity); + + List<ExternalAccessUserRoleDetail> userRoleDetailList = new ArrayList<>(); + String res = getResponse.getBody(); + JSONObject jsonObj; + JSONArray extRoles = null; + if (!res.equals("{}")) { + jsonObj = new JSONObject(res); + extRoles = jsonObj.getJSONArray("role"); + } + ExternalAccessUserRoleDetail userRoleDetail; + if (extRoles != null) { + for (int i = 0; i < extRoles.length(); i++) { + if (extRoles.getJSONObject(i).getString("name").startsWith(app.getAuthNamespace() + ".") + && !extRoles.getJSONObject(i).getString("name") + .equals(app.getAuthNamespace() + ".admin") + && !extRoles.getJSONObject(i).getString("name") + .equals(app.getAuthNamespace() + ".owner")) { + if (extRoles.getJSONObject(i).has("description")) { + ExternalRoleDescription desc = new ExternalRoleDescription( + extRoles.getJSONObject(i).getString("description")); + userRoleDetail = new ExternalAccessUserRoleDetail( + extRoles.getJSONObject(i).getString("name"), desc); + userRoleDetailList.add(userRoleDetail); + } else { + userRoleDetail = new ExternalAccessUserRoleDetail( + extRoles.getJSONObject(i).getString("name"), null); + userRoleDetailList.add(userRoleDetail); + } - Collection<EcompRole> newRolesToAdd = newUserAppRolesMap.values(); - if (newRolesToAdd.size() > 0) { - FnApp app = fnAppService.getById(appId); + } + } + } - HashMap<Long, FnRole> rolesMap = new HashMap<>(); - if (appId.equals(PortalConstants.PORTAL_APP_ID)) { // local app - String appIdValue = ""; - if (!extRequestValue) { - appIdValue = "and id != " + PortalConstants.SYS_ADMIN_ROLE_ID; + List<ExternalAccessUserRoleDetail> userRoleListMatchingInExtAuthAndLocal = checkIfRoleAreMatchingInUserRoleDetailList( + userRoleDetailList, app); + + List<EcompUserAppRoles> userAppList; + // If request coming from portal not from external role approval system then we have to check if user already + // have account admin or system admin as GUI will not send these roles + if (!isPortalRequest) { + FnUser user = fnUserService.getUserWithOrgUserId(orgUserId).get(0); + userAppList = ecompUserAppRolesService.getUserAppExistingRoles(app.getId(), user.getId()); + if (!roleInAppUser.isEmpty()) { + for (EcompUserAppRoles userApp : userAppList) { + if (userApp.getRoleId().equals(PortalConstants.SYS_ADMIN_ROLE_ID) + || userApp.getRoleId() + .equals(PortalConstants.ACCOUNT_ADMIN_ROLE_ID)) { + RoleInAppForUser addSpecialRole = new RoleInAppForUser(); + addSpecialRole.setIsApplied(true); + addSpecialRole.setRoleId(userApp.getRoleId()); + addSpecialRole.setRoleName(userApp.getRoleName()); + roleInAppUser.add(addSpecialRole); + } + } + } } - @SuppressWarnings("unchecked") - List<FnRole> roles = entityManager - .createQuery( - "from " + FnRole.class.getName() + " where appId is null " - + appIdValue).getResultList(); - for (FnRole role : roles) { - role.setAppId(1L); - rolesMap.put(role.getId(), role); + List<RoleInAppForUser> roleInAppUserNonDupls = roleInAppUser.stream().distinct() + .collect(Collectors.toList()); + Map<String, RoleInAppForUser> currentUserRolesToUpdate = new HashMap<>(); + for (RoleInAppForUser roleInAppUserNew : roleInAppUserNonDupls) { + currentUserRolesToUpdate.put(roleInAppUserNew.getRoleName() + .replaceAll(EcompPortalUtils.EXTERNAL_CENTRAL_AUTH_ROLE_HANDLE_SPECIAL_CHARACTERS, + "_"), roleInAppUserNew); } - } else { // remote app - @SuppressWarnings("unchecked") - List<FnRole> roles = entityManager - .createQuery("from EPRole where appId=:appId") - .setParameter("appId", appId) - .getResultList(); - for (FnRole role : roles) { - if (!extRequestValue && app.getAuthCentral()) { - rolesMap.put(role.getId(), role); - } else { - rolesMap.put(role.getAppRoleId(), role); - } + final Map<String, ExternalAccessUserRoleDetail> currentUserRolesInExternalSystem = new HashMap<>(); + for (ExternalAccessUserRoleDetail extAccessUserRole : userRoleListMatchingInExtAuthAndLocal) { + currentUserRolesInExternalSystem.put(extAccessUserRole.getName(), extAccessUserRole); } - } - - FnRole role; - for (EcompRole userRole : newRolesToAdd) { - FnUserRole userApp = new FnUserRole(); - if (("PUT".equals(reqType) || "POST".equals(reqType)) && userRole.getName() - .equals(adminRole.getRoleName())) { - role = fnRoleService.getById(PortalConstants.ACCOUNT_ADMIN_ROLE_ID); - userApp.setRoleId(role); - } else if ((userRole.getId().equals(PortalConstants.ACCOUNT_ADMIN_ROLE_ID)) - && !extRequestValue) { - continue; - } else if ((userRole.getId().equals(PortalConstants.SYS_ADMIN_ROLE_ID)) && app - .getId().equals(PortalConstants.PORTAL_APP_ID) && !extRequestValue) { - continue; - } else { - userApp.setRoleId(rolesMap.get(userRole.getId())); + + if (isLoggedInUserRoleAdminofApp) { + if (deletedRolesByApprover.size() > 0) { + List<ExternalAccessUserRoleDetail> newUpdatedRoles = new ArrayList<>(); + for (ExternalAccessUserRoleDetail userRole : userRoleListMatchingInExtAuthAndLocal) { + for (EcompRole role : deletedRolesByApprover) { + if ((userRole.getName().substring(app.getAuthNamespace().length() + 1)) + .equals(role.getName())) { + newUpdatedRoles.add(userRole); + } + } + } + if (newUpdatedRoles.size() > 0) { + userRoleListMatchingInExtAuthAndLocal = new ArrayList<>(newUpdatedRoles); + } else { + userRoleListMatchingInExtAuthAndLocal = new ArrayList<>(); + currentUserRolesToUpdate = new HashMap<>(); + + } + + } else { + userRoleListMatchingInExtAuthAndLocal = new ArrayList<>(); + currentUserRolesToUpdate = new HashMap<>(); + + } } - userApp.setUserId(client); - userApp.setFnAppId(app); - fnUserRoleService.saveOne(userApp); - } - - if (PortalConstants.PORTAL_APP_ID.equals(appId)) { - /* - * for local app -- hack - always make sure fn_role - * table's app_id is null and not 1 for primary app in - * this case being onap portal app; reason: hibernate - * is rightly setting this to 1 while persisting to - * fn_role as per the mapping but SDK role management - * code expects the app_id to be null as there is no - * concept of App_id in SDK - */ - Query query = entityManager.createQuery("update fn_role set app_id = null where app_id = 1 "); - query.executeUpdate(); - } + // Check if user roles does not exists in local but still there in External Central Auth System delete them all + for (ExternalAccessUserRoleDetail userRole : userRoleListMatchingInExtAuthAndLocal) { + if (!(currentUserRolesToUpdate + .containsKey(userRole.getName().substring(app.getAuthNamespace().length() + 1)))) { + HttpEntity<String> entity = new HttpEntity<>(headers); + logger.debug(EELFLoggerDelegate.debugLogger, + "updateUserRolesInExternalSystem: Connecting to external system to DELETE user role {}", + userRole.getName()); + ResponseEntity<String> deleteResponse = template.exchange( + SystemProperties + .getProperty(EPCommonSystemProperties.EXTERNAL_CENTRAL_ACCESS_URL) + + "userRole/" + name + "/" + userRole.getName(), + HttpMethod.DELETE, entity, String.class); + logger.debug(EELFLoggerDelegate.debugLogger, + "updateUserRolesInExternalSystem: Finished DELETE operation in external system for user role {} and the response is {}", + userRole.getName(), deleteResponse.getBody()); + } + } + // Check if user roles does not exists in External Central Auth System add them all + for (RoleInAppForUser addUserRole : roleInAppUserNonDupls) { + if (!(currentUserRolesInExternalSystem + .containsKey(app.getAuthNamespace() + "." + addUserRole.getRoleName().replaceAll( + EcompPortalUtils.EXTERNAL_CENTRAL_AUTH_ROLE_HANDLE_SPECIAL_CHARACTERS, + "_")))) { + ExternalAccessUser extUser = new ExternalAccessUser(name, + app.getAuthNamespace() + "." + addUserRole.getRoleName().replaceAll( + EcompPortalUtils.EXTERNAL_CENTRAL_AUTH_ROLE_HANDLE_SPECIAL_CHARACTERS, + "_")); + String formattedUserRole = mapper.writeValueAsString(extUser); + HttpEntity<String> entity = new HttpEntity<>(formattedUserRole, headers); + logger.debug(EELFLoggerDelegate.debugLogger, + "updateUserRolesInExternalSystem: Connecting to external system for user {} and POST {}", + name, addUserRole.getRoleName()); + ResponseEntity<String> addResponse = template + .exchange(SystemProperties + .getProperty(EPCommonSystemProperties.EXTERNAL_CENTRAL_ACCESS_URL) + + "userRole", HttpMethod.POST, entity, String.class); + logger.debug(EELFLoggerDelegate.debugLogger, + "updateUserRolesInExternalSystem: Finished adding user role in external system {} and added user role {}", + addResponse.getBody(), addUserRole.getRoleName()); + if (addResponse.getStatusCode().value() != 201 + && addResponse.getStatusCode().value() != 404) { + logger.debug(EELFLoggerDelegate.debugLogger, + "Finished POST operation in external system but unable to save user role", + addResponse.getBody(), + addUserRole.getRoleName()); + throw new Exception(addResponse.getBody()); + } + } + } + } catch (HttpClientErrorException e) { + logger.error(EELFLoggerDelegate.errorLogger, + "updateUserRolesInExternalSystem: Failed to add user role for application {} due to {}", + app.getId(), e); + if (e.getStatusCode() == HttpStatus.FORBIDDEN) { + logger.error(EELFLoggerDelegate.errorLogger, "Please enter the valid systemUser", + orgUserId); + throw new HttpClientErrorException(HttpStatus.FORBIDDEN, + "Please enter the valid systemUser"); + } + if (e.getStatusCode() == HttpStatus.NOT_FOUND) { + logger.error(EELFLoggerDelegate.errorLogger, "Please enter the valid role"); + throw new HttpClientErrorException(HttpStatus.NOT_FOUND, "Please enter the valid role"); + } + EPLogUtil.logExternalAuthAccessAlarm(logger, HttpStatus.BAD_REQUEST); + throw e; + } catch (Exception e) { + logger.error(EELFLoggerDelegate.errorLogger, + "updateUserRolesInExternalSystem: Failed to add user role for application {} due to {}", + app.getId(), e); + EPLogUtil.logExternalAuthAccessAlarm(logger, HttpStatus.BAD_REQUEST); + throw e; } - } - transaction.commit(); - } catch (Exception e) { - logger.error(EELFLoggerDelegate.errorLogger, "syncUserRoles failed", e); - EPLogUtil.logEcompError(logger, EPAppMessagesEnum.BeDaoSystemError, e); - EcompPortalUtils.rollbackTransaction(transaction, - "Exception occurred in syncUserRoles, Details: " + e.toString()); - if ("DELETE".equals(reqType)) { - throw new SyncUserRolesException(e.getMessage()); - } } - } - - private static HashMap<Long, EcompRole> hashMapFromEcompRoles(EcompRole[] ecompRoles) { - HashMap<Long, EcompRole> result = new HashMap<>(); - if (ecompRoles != null) { - for (EcompRole ecompRole : ecompRoles) { - if (ecompRole.getId() != null) { - result.put(ecompRole.getId(), ecompRole); + + private List<ExternalAccessUserRoleDetail> checkIfRoleAreMatchingInUserRoleDetailList( + List<ExternalAccessUserRoleDetail> userRoleDetailList, FnApp app) { + Map<String, FnRole> epRoleList = externalAccessRolesService.getAppRoleNamesWithUnderscoreMap(app); + //Add Account Admin role for partner app to prevent conflict + if (!PortalConstants.PORTAL_APP_ID.equals(app.getId())) { + FnRole role = new FnRole(); + role.setRoleName(PortalConstants.ADMIN_ROLE + .replaceAll(EcompPortalUtils.EXTERNAL_CENTRAL_AUTH_ROLE_HANDLE_SPECIAL_CHARACTERS, "_")); + epRoleList.put(role.getRoleName(), role); } - } + userRoleDetailList.removeIf( + userRoleDetail -> !epRoleList + .containsKey(userRoleDetail.getName().substring(app.getAuthNamespace().length() + 1))); + return userRoleDetailList; + } + + private List<FnUser> checkIfUserExists(String userParams) { + return fnUserService.getUserWithOrgUserId(userParams); } - return result; - } - private void syncUserRolesExtension(FnUserRole userRole, Long appId, - HashMap<Long, EcompRole> newUserAppRolesMap) { + @Transactional + private void createLocalUserIfNecessary(String userId, boolean isSystemUser) { + if (StringUtils.isEmpty(userId)) { + logger.error(EELFLoggerDelegate.errorLogger, "createLocalUserIfNecessary : empty userId!"); + return; + } + try { + List<FnUser> userList = fnUserService.getUserWithOrgUserId(userId); + if (userList.size() == 0) { + FnUser client; + if (!isSystemUser) { + client = fnUserService.loadUserByUsername(userId); + } else { + client = new FnUser(); + client.setOrgUserId(userId); + client.setIsSystemUser(true); + client.setFirstName(userId.substring(0, userId.indexOf("@"))); + } + if (client == null) { + String msg = "createLocalUserIfNecessary: cannot create user " + userId + + ", because not found in phonebook"; + logger.error(EELFLoggerDelegate.errorLogger, msg); + } else { + client.setLoginId(userId); + client.setActiveYn(true); + } + fnUserService.saveFnUser(client); + } + } catch (Exception e) { + EPLogUtil.logEcompError(logger, EPAppMessagesEnum.BeDaoSystemError, e); + } - Long userAppRoleId; - if (PortalConstants.PORTAL_APP_ID.equals(appId)) { // local app - userAppRoleId = userRole.getRoleId().getId(); - } else { // remote app - userAppRoleId = userRole.getId(); } - if (!newUserAppRolesMap.containsKey(userAppRoleId)) { - fnUserRoleService.deleteById(userRole.getId()); - } else { - newUserAppRolesMap.remove(userAppRoleId); + private FnUser checkIfRemoteUserExits(String userId, FnApp app, + ApplicationsRestClientService applicationsRestClientService) throws HTTPException { + FnUser checkRemoteUser = null; + try { + checkRemoteUser = getUserFromApp(userId, app, applicationsRestClientService); + } catch (HTTPException e) { + // Some apps are returning 400 if user is not found. + if (e.getResponseCode() == 400) { + logger.debug(EELFLoggerDelegate.debugLogger, + "setAppWithUserRoleStateForUser: getuserFromApp threw exception with response code 400; continuing", + e); + } else if (e.getResponseCode() == 404) { + logger.debug(EELFLoggerDelegate.debugLogger, + "setAppWithUserRoleStateForUser: getuserFromApp threw exception with response code 404; continuing", + e); + } else { + // Other response code, let it come thru. + throw e; + } + } + return checkRemoteUser; } - } - - private Role fnRoleToRole(final FnRole role) { - return new Role(null, null, null, null, null, null, null, null, null, role.getRoleName(), null, role.getActiveYn(), - role.getPriority(), role.getFnRoleFunctions(), role.getChildRoles(), role.getParentRoles()); - } - - @SuppressWarnings("unchecked") - public List<RoleInAppForUser> getAppRolesForUser(Long appId, String orgUserId, Boolean extRequestValue, Long userId) { - List<RoleInAppForUser> rolesInAppForUser = null; - FnApp app = fnAppService.getById(appId); - logger.debug(EELFLoggerDelegate.debugLogger, "In getAppRolesForUser() - app = {}", app); - try { - // for onap portal app, no need to make a remote call - List<Role> roleList = new ArrayList<>(); - if (!PortalConstants.PORTAL_APP_ID.equals(appId)) { - if (app.getAuthCentral()) { - List<CentralV2Role> cenRoleList = externalAccessRolesService.getRolesForApp(app.getUebKey()); - for (CentralV2Role cenRole : cenRoleList) { - Role role = new Role(); - role.setActiveYn(cenRole.isActive()); - role.setId(cenRole.getId()); - role.setRoleName(cenRole.getName()); - role.setPriority(cenRole.getPriority()); - roleList.add(role); - } - } else { - Optional<FnUser> user = fnUserService.getUser(userId); - if (user.isPresent()) { - roleList = user.get().getFnRoles().stream().map(this::fnRoleToRole).collect(Collectors.toList()); - } + + private FnUser getUserFromApp(String userId, FnApp app, ApplicationsRestClientService applicationsRestClientService) + throws HTTPException { + if (PortalConstants.PORTAL_APP_ID.equals(app.getId())) { + List<FnUser> userList = fnUserService.getUserWithOrgUserId(userId); + if (userList != null && !userList.isEmpty()) { + return userList.get(0); + } else { + return null; + } } - List<Role> activeRoleList = new ArrayList<>(); - for (Role role : roleList) { - if (role.getActiveYn()) { - if (role.getId() != 1) { // prevent portal admin from being added - activeRoleList.add(role); - } else if (extRequestValue) { - activeRoleList.add(role); + return getUser(userId, app, applicationsRestClientService); + } + + private boolean applyChangesInUserRolesForAppToEcompDB(RolesInAppForUser rolesInAppForUser, + boolean externalSystemRequest, String reqType, boolean isSystemUser, + Set<EcompRole> rolesDeletedByApprover, boolean isLoggedInUserRoleAdminOfApp) throws Exception { + boolean result = false; + String userId = rolesInAppForUser.getOrgUserId(); + Long appId = rolesInAppForUser.getAppId(); + synchronized (syncRests) { + createLocalUserIfNecessary(userId, isSystemUser); + + EcompRole[] userAppRoles = new EcompRole[(int) rolesInAppForUser.getRoles().stream().distinct().count()]; + for (int i = 0; + i < rolesInAppForUser.getRoles().stream().distinct().count(); i++) { + RoleInAppForUser roleInAppForUser = rolesInAppForUser.getRoles().get(i); + EcompRole role = new EcompRole(); + role.setId(roleInAppForUser.getRoleId()); + role.setName(roleInAppForUser.getRoleName()); + userAppRoles[i] = role; } - } + try { + EcompRole[] applicationRoles = null; + + if (isLoggedInUserRoleAdminOfApp) { + List<EcompRole> roles = Arrays.stream(userAppRoles) + .collect(Collectors.toList()); + List<EcompRole> roles1 = new ArrayList<>(rolesDeletedByApprover); + roles.addAll(roles1); + applicationRoles = roles.toArray(new EcompRole[0]); + } + syncUserRoles(userId, appId, userAppRoles, externalSystemRequest, + reqType, isLoggedInUserRoleAdminOfApp, applicationRoles); + result = true; + } catch (Exception e) { + logger.error(EELFLoggerDelegate.errorLogger, + "applyChangesInUserRolesForAppToEcompDB: failed to syncUserRoles for orgUserId " + + userId, e); + if ("DELETE".equals(reqType)) { + throw new Exception(e.getMessage()); + } + } } - FnUser localUser = getUserFromApp(Long.toString(userId), app, applicationsRestClientService); - // If localUser does not exists return roles - Set<FnRole> roleSet = null; - FnRole[] roleSetList = null; - if (localUser != null) { - roleSet = localUser.getAppEPRoles(app); - roleSetList = roleSet.toArray(new FnRole[0]); + return result; + } + + private void syncUserRoles(String userId, Long appId, + EcompRole[] userAppRoles, Boolean extRequestValue, String reqType, boolean checkIfUserisRoleAdmin, + EcompRole[] appRoles) throws Exception { + + Transaction transaction = null; + String roleActive; + HashMap<Long, EcompRole> newUserAppRolesMap = hashMapFromEcompRoles(userAppRoles); + List<FnRole> roleInfo = externalAccessRolesService + .getPortalAppRoleInfo(PortalConstants.ACCOUNT_ADMIN_ROLE_ID); + FnRole adminRole = new FnRole(); + if (roleInfo.size() > 0) { + adminRole = roleInfo.get(0); + logger.debug(EELFLoggerDelegate.debugLogger, "Admin RoleName form DB: " + adminRole.getRoleName()); } - rolesInAppForUser = fnUserRoleService - .constructRolesInAppForUserGet(activeRoleList, roleSetList, extRequestValue); - return rolesInAppForUser; - } - - EcompRole[] appRoles = null; - boolean checkIfUserIsApplicationAccAdmin = false; - List<EcompRole> roles = new ArrayList<>(); - if (app.getAuthCentral()) { - List<FnRole> applicationRoles = fnRoleService.retrieveActiveRolesOfApplication(app.getId()); - FnApp application = fnAppService.getById(appId); - checkIfUserIsApplicationAccAdmin = isAccountAdminOfApplication(userId, - application); - - List<FnRole> roleSetWithFunctioncds = new ArrayList<>(); - for (FnRole role : applicationRoles) { - List<EpAppFunction> cenRoleFuncList = epAppFunctionService.getAppRoleFunctionList(role.getId(), app.getId()); - for (EpAppFunction roleFunc : cenRoleFuncList) { - - String functionCode = EcompPortalUtils.getFunctionCode(roleFunc.getFunctionCd()); - functionCode = EPUserUtils.decodeFunctionCode(functionCode); - String type = externalAccessRolesService.getFunctionCodeType(roleFunc.getFunctionCd()); - String action = externalAccessRolesService.getFunctionCodeAction(roleFunc.getFunctionCd()); - String name = roleFunc.getFunctionName(); - - FnFunction function = new FnFunction(); - function.setAction(action); - function.setType(type); - function.setCode(functionCode); - function.setName(name); - role.getFnRoleFunctions().add(new FnRoleFunction(role, function)); - - } - roleSetWithFunctioncds.add(role); + try { + List<FnUser> userList = fnUserService.getUserWithOrgUserId(userId); + if (userList.size() > 0) { + FnUser client = userList.get(0); + roleActive = ("DELETE".equals(reqType)) ? "" : " and role.active = 'Y'"; + List<FnUserRole> userRoles = fnUserRoleService.retrieveByAppIdAndUserId(appId, userId); + entityManager + .createQuery("from EPUserApp where app.id=:appId and userId=:userId" + roleActive) + .setParameter("appId", appId) + .setParameter("userId", client.getId()) + .getResultList(); + + if ("DELETE".equals(reqType)) { + for (FnUserRole userAppRoleList : userRoles) { + List<FnRole> rolesList = + (!userAppRoleList.getRoleId().getRoleName() + .equals(adminRole.getRoleName())) + ? fnRoleService.retrieveAppRolesByRoleNameAndByAppId + (userAppRoleList.getRoleId().getRoleName(), appId) + : fnRoleService.retrieveAppRolesWhereAppIdIsNull(); + if (!rolesList.isEmpty()) { + checkIfRoleInactive(rolesList.get(0)); + } + } + } + + if (appRoles != null) { + List<EcompRole> appRolesList = Arrays.stream(appRoles).collect(Collectors.toList()); + List<FnUserRole> finalUserRolesList = new ArrayList<>(); + if (checkIfUserisRoleAdmin) { + for (EcompRole role : appRolesList) { + for (FnUserRole userAppRoleList : userRoles) { + if (userAppRoleList.getRoleId().getRoleName() + .equals(role.getName())) { + finalUserRolesList.add(userAppRoleList); + } + + } + } + userRoles = new ArrayList<>(finalUserRolesList); + } + } + for (FnUserRole userRole : userRoles) { + if (!PortalConstants.ACCOUNT_ADMIN_ROLE_ID.equals(userRole.getRoleId().getId()) + && !PortalConstants.SYS_ADMIN_ROLE_ID + .equals(userRole.getRoleId().getId()) + && !extRequestValue) { + syncUserRolesExtension(userRole, appId, + newUserAppRolesMap); + } else if (extRequestValue && ("PUT".equals(reqType) || "POST".equals(reqType) + || "DELETE".equals(reqType))) { + syncUserRolesExtension(userRole, appId, + newUserAppRolesMap); + } else if (extRequestValue && !PortalConstants.ACCOUNT_ADMIN_ROLE_ID + .equals(userRole.getRoleId().getId())) { + syncUserRolesExtension(userRole, appId, + newUserAppRolesMap); + } + } - } + Collection<EcompRole> newRolesToAdd = newUserAppRolesMap.values(); + if (newRolesToAdd.size() > 0) { + FnApp app = fnAppService.getById(appId); + + HashMap<Long, FnRole> rolesMap = new HashMap<>(); + if (appId.equals(PortalConstants.PORTAL_APP_ID)) { // local app + String appIdValue = ""; + if (!extRequestValue) { + appIdValue = "and id != " + PortalConstants.SYS_ADMIN_ROLE_ID; + } + @SuppressWarnings("unchecked") + List<FnRole> roles = entityManager + .createQuery( + "from " + FnRole.class.getName() + " where appId is null " + + appIdValue).getResultList(); + for (FnRole role : roles) { + role.setAppId(1L); + rolesMap.put(role.getId(), role); + } + } else { // remote app + @SuppressWarnings("unchecked") + List<FnRole> roles = entityManager + .createQuery("from EPRole where appId=:appId") + .setParameter("appId", appId) + .getResultList(); + for (FnRole role : roles) { + if (!extRequestValue && app.getAuthCentral()) { + rolesMap.put(role.getId(), role); + } else { + rolesMap.put(role.getAppRoleId(), role); + } + } + } - for (FnRole role1 : roleSetWithFunctioncds) { - EcompRole ecompRole = new EcompRole(); - ecompRole.setId(role1.getId()); - ecompRole.setName(role1.getRoleName()); - ecompRole.setRoleFunctions(role1.getRoleFunctions()); - roles.add(ecompRole); + FnRole role; + for (EcompRole userRole : newRolesToAdd) { + FnUserRole userApp = new FnUserRole(); + if (("PUT".equals(reqType) || "POST".equals(reqType)) && userRole.getName() + .equals(adminRole.getRoleName())) { + role = fnRoleService.getById(PortalConstants.ACCOUNT_ADMIN_ROLE_ID); + userApp.setRoleId(role); + } else if ((userRole.getId().equals(PortalConstants.ACCOUNT_ADMIN_ROLE_ID)) + && !extRequestValue) { + continue; + } else if ((userRole.getId().equals(PortalConstants.SYS_ADMIN_ROLE_ID)) && app + .getId().equals(PortalConstants.PORTAL_APP_ID) && !extRequestValue) { + continue; + } else { + userApp.setRoleId(rolesMap.get(userRole.getId())); + } + + userApp.setUserId(client); + userApp.setFnAppId(app); + fnUserRoleService.saveOne(userApp); + } - } - if (checkIfUserIsApplicationAccAdmin) { - appRoles = roles.toArray(new EcompRole[roles.size()]); - logger.debug(EELFLoggerDelegate.debugLogger, - "In getAppRolesForUser() If Logged in user checkIfUserisApplicationAccAdmin- appRoles = {}", appRoles); - } else if (isRoleAdmin(userId) && !checkIfUserIsApplicationAccAdmin) { - List<EcompRole> roleAdminAppRoles = new ArrayList<>(); - List<String> roleAdminAppRolesNames = new ArrayList<>(); - String QUERY = - "select distinct fr.role_name as roleName from fn_user_role fu, ep_app_role_function ep, ep_app_function ea, fn_role fr" - + " where fu.role_id = ep.role_id" - + " and fu.app_id = ep.app_id" - + " and fu.user_id = :userId" - + " and fu.role_id = fr.role_id and fr.active_yn='Y'" - + " and ea.function_cd = ep.function_cd and ea.function_cd like 'approver|%'" - + " and exists" - + " (" - + " select fa.app_id from fn_user fu, fn_user_role ur, fn_app fa where fu.user_id =:userId and fu.user_id = ur.user_id" - + " and ur.app_id = fa.app_id and fa.enabled = 'Y')"; - List<Tuple> tuples = entityManager.createNativeQuery(QUERY, Tuple.class) - .setParameter("userId", userId) - .getResultList(); - List<String> getUserApproverRoles = tuples.stream().map(tuple -> (String) tuple.get("roleName")) - .collect(Collectors.toList()); - - List<EcompRole> userapproverRolesList = new ArrayList<>(); - for (String str : getUserApproverRoles) { - EcompRole epRole = roles.stream().filter(x -> str.equals(x.getName())).findAny().orElse(null); - if (epRole != null) { - userapproverRolesList.add(epRole); + if (PortalConstants.PORTAL_APP_ID.equals(appId)) { + /* + * for local app -- hack - always make sure fn_role + * table's app_id is null and not 1 for primary app in + * this case being onap portal app; reason: hibernate + * is rightly setting this to 1 while persisting to + * fn_role as per the mapping but SDK role management + * code expects the app_id to be null as there is no + * concept of App_id in SDK + */ + Query query = entityManager.createQuery("update fn_role set app_id = null where app_id = 1 "); + query.executeUpdate(); + } + } } - } - for (EcompRole role : userapproverRolesList) { - - List<RoleFunction> roleFunList = new ArrayList<>(role.getRoleFunctions()); - boolean checkIfFunctionsExits = roleFunList.stream() - .anyMatch(roleFunction -> roleFunction.getType().equalsIgnoreCase("Approver")); - if (checkIfFunctionsExits) { - roleAdminAppRoles.add(role); - List<RoleFunction> filteredList = roleFunList.stream() - .filter(x -> "Approver".equalsIgnoreCase(x.getType())).collect(Collectors.toList()); - roleAdminAppRolesNames.addAll(filteredList.stream().map(RoleFunction::getCode) - .collect(Collectors.toList())); + transaction.commit(); + } catch (Exception e) { + logger.error(EELFLoggerDelegate.errorLogger, "syncUserRoles failed", e); + EPLogUtil.logEcompError(logger, EPAppMessagesEnum.BeDaoSystemError, e); + EcompPortalUtils.rollbackTransaction(transaction, + "Exception occurred in syncUserRoles, Details: " + e.toString()); + if ("DELETE".equals(reqType)) { + throw new SyncUserRolesException(e.getMessage()); + } + } + } + + private static HashMap<Long, EcompRole> hashMapFromEcompRoles(EcompRole[] ecompRoles) { + HashMap<Long, EcompRole> result = new HashMap<>(); + if (ecompRoles != null) { + for (EcompRole ecompRole : ecompRoles) { + if (ecompRole.getId() != null) { + result.put(ecompRole.getId(), ecompRole); + } } - } - for (String name : roleAdminAppRolesNames) { - roles.stream().filter(x -> name.equals(x.getName())).findAny().ifPresent(roleAdminAppRoles::add); + } + return result; + } - } - appRoles = roleAdminAppRoles.toArray(new EcompRole[0]); + private void syncUserRolesExtension(FnUserRole userRole, Long appId, + HashMap<Long, EcompRole> newUserAppRolesMap) { + Long userAppRoleId; + if (PortalConstants.PORTAL_APP_ID.equals(appId)) { // local app + userAppRoleId = userRole.getRoleId().getId(); + } else { // remote app + userAppRoleId = userRole.getId(); } - } else { - appRoles = applicationsRestClientService.get(EcompRole[].class, appId, "/roles"); - } - // Test this error case, for generating an internal ONAP Portal - // error - // EcompRole[] appRoles = null; - // If there is an exception in the rest client api, then null will - // be returned. - if (appRoles != null) { - if (!app.getAuthCentral()) { - syncAppRoles(appId, appRoles); + + if (!newUserAppRolesMap.containsKey(userAppRoleId)) { + fnUserRoleService.deleteById(userRole.getId()); + } else { + newUserAppRolesMap.remove(userAppRoleId); } - EcompRole[] userAppRoles = null; + } + + private Role fnRoleToRole(final FnRole role) { + return new Role(null, null, null, null, null, null, null, null, null, role.getRoleName(), null, + role.getActiveYn(), + role.getPriority(), role.getFnRoleFunctions(), role.getChildRoles(), role.getParentRoles()); + } + + @SuppressWarnings("unchecked") + public List<RoleInAppForUser> getAppRolesForUser(Long appId, String orgUserId, Boolean extRequestValue, + Long userId) { + List<RoleInAppForUser> rolesInAppForUser = null; + FnApp app = fnAppService.getById(appId); + logger.debug(EELFLoggerDelegate.debugLogger, "In getAppRolesForUser() - app = {}", app); try { - try { - if (app.getAuthCentral()) { - List<FnUser> actualUser = fnUserService.getUserWithOrgUserId(Long.toString(userId)); - List<EPUserAppCurrentRoles> userAppsRolesList = entityManager - .createNamedQuery("EPUserAppCurrentRoles") - .setParameter("appId", app.getId()) - .setParameter("userId", actualUser.get(0).getId()) - .getResultList(); - List<EcompRole> setUserRoles = new ArrayList<>(); - for (EPUserAppCurrentRoles role : userAppsRolesList) { - logger.debug(EELFLoggerDelegate.debugLogger, - "In getAppRolesForUser() - userAppsRolesList get userRolename = {}", role.getRoleName()); - EcompRole ecompRole = new EcompRole(); - ecompRole.setId(role.getRoleId()); - ecompRole.setName(role.getRoleName()); - setUserRoles.add(ecompRole); - } - - boolean checkIfUserisAccAdmin = setUserRoles.stream() - .anyMatch(ecompRole -> ecompRole.getId() == 999L); - - if (!checkIfUserisAccAdmin) { - List<EcompRole> appRolesList = Arrays.asList(appRoles); - Set<EcompRole> finalUserAppRolesList = new HashSet<>(); - - List<String> roleNames = new ArrayList<>(); - for (EcompRole role : setUserRoles) { - EcompRole epRole = appRolesList.stream() - .filter(x -> role.getName().equals(x.getName())).findAny().orElse(null); - List<RoleFunction> roleFunList = new ArrayList<>(); - - if (epRole != null) { - if (epRole.getRoleFunctions().size() > 0) { - roleFunList.addAll(epRole.getRoleFunctions()); + // for onap portal app, no need to make a remote call + List<Role> roleList = new ArrayList<>(); + if (!PortalConstants.PORTAL_APP_ID.equals(appId)) { + if (app.getAuthCentral()) { + List<CentralV2Role> cenRoleList = externalAccessRolesService.getRolesForApp(app.getUebKey()); + for (CentralV2Role cenRole : cenRoleList) { + Role role = new Role(); + role.setActiveYn(cenRole.isActive()); + role.setId(cenRole.getId()); + role.setRoleName(cenRole.getName()); + role.setPriority(cenRole.getPriority()); + roleList.add(role); } - boolean checkIfFunctionsExits = roleFunList.stream().anyMatch( - roleFunction -> roleFunction.getType().equalsIgnoreCase("Approver")); - if (checkIfFunctionsExits) { - finalUserAppRolesList.add(role); - List<RoleFunction> filteredList = roleFunList.stream() - .filter(x -> "Approver".equalsIgnoreCase(x.getType())) - .collect(Collectors.toList()); - roleNames = filteredList.stream().map(RoleFunction::getCode) - .collect(Collectors.toList()); - } else { - roleNames.add(epRole.getName()); + } else { + Optional<FnUser> user = fnUserService.getUser(userId); + if (user.isPresent()) { + roleList = user.get().getFnRoles().stream().map(this::fnRoleToRole) + .collect(Collectors.toList()); } - } - for (String name : roleNames) { - EcompRole ecompRole = appRolesList.stream() - .filter(x -> name.equals(x.getName())).findAny().orElse(null); - if (ecompRole != null) { - finalUserAppRolesList.add(ecompRole); + } + List<Role> activeRoleList = new ArrayList<>(); + for (Role role : roleList) { + if (role.getActiveYn()) { + if (role.getId() != 1) { // prevent portal admin from being added + activeRoleList.add(role); + } else if (extRequestValue) { + activeRoleList.add(role); + } } - } + } - for (String name : roleNames) { - boolean checkIfFunctionsExits = userAppsRolesList.stream().anyMatch( - role -> role.getRoleName().equalsIgnoreCase(name)); - if (checkIfFunctionsExits) { - appRolesList.stream().filter(x -> name.equals(x.getName())) - .findAny().ifPresent(setUserRoles::add); - } + FnUser localUser = getUserFromApp(Long.toString(userId), app, applicationsRestClientService); + // If localUser does not exists return roles + Set<FnRole> roleSet = null; + FnRole[] roleSetList = null; + if (localUser != null) { + roleSet = localUser.getAppEPRoles(app); + roleSetList = roleSet.toArray(new FnRole[0]); } - userAppRoles = setUserRoles.toArray(new EcompRole[0]); - } - } else { - userAppRoles = applicationsRestClientService.get(EcompRole[].class, appId, - String.format("/user/%s/roles", userId)); + rolesInAppForUser = fnUserRoleService + .constructRolesInAppForUserGet(activeRoleList, roleSetList, extRequestValue); + return rolesInAppForUser; } - } catch (HTTPException e) { - // Some apps are returning 400 if user is not found. - if (e.getResponseCode() == 400) { - logger.debug(EELFLoggerDelegate.debugLogger, - "getAppRolesForUser caught exception with response code 400; continuing", e); + + EcompRole[] appRoles = null; + boolean checkIfUserIsApplicationAccAdmin = false; + List<EcompRole> roles = new ArrayList<>(); + if (app.getAuthCentral()) { + List<FnRole> applicationRoles = fnRoleService.retrieveActiveRolesOfApplication(app.getId()); + FnApp application = fnAppService.getById(appId); + checkIfUserIsApplicationAccAdmin = isAccountAdminOfApplication(userId, + application); + + List<FnRole> roleSetWithFunctioncds = new ArrayList<>(); + for (FnRole role : applicationRoles) { + List<EpAppFunction> cenRoleFuncList = epAppFunctionService + .getAppRoleFunctionList(role.getId(), app.getId()); + for (EpAppFunction roleFunc : cenRoleFuncList) { + + String functionCode = EcompPortalUtils.getFunctionCode(roleFunc.getFunctionCd()); + functionCode = EPUserUtils.decodeFunctionCode(functionCode); + String type = externalAccessRolesService.getFunctionCodeType(roleFunc.getFunctionCd()); + String action = externalAccessRolesService.getFunctionCodeAction(roleFunc.getFunctionCd()); + String name = roleFunc.getFunctionName(); + + FnFunction function = new FnFunction(); + function.setAction(action); + function.setType(type); + function.setCode(functionCode); + function.setName(name); + role.getFnRoleFunctions().add(new FnRoleFunction(role, function)); + + } + roleSetWithFunctioncds.add(role); + + + } + + for (FnRole role1 : roleSetWithFunctioncds) { + EcompRole ecompRole = new EcompRole(); + ecompRole.setId(role1.getId()); + ecompRole.setName(role1.getRoleName()); + ecompRole.setRoleFunctions(role1.getRoleFunctions()); + roles.add(ecompRole); + + } + if (checkIfUserIsApplicationAccAdmin) { + appRoles = roles.toArray(new EcompRole[roles.size()]); + logger.debug(EELFLoggerDelegate.debugLogger, + "In getAppRolesForUser() If Logged in user checkIfUserisApplicationAccAdmin- appRoles = {}", + appRoles); + } else if (isRoleAdmin(userId) && !checkIfUserIsApplicationAccAdmin) { + List<EcompRole> roleAdminAppRoles = new ArrayList<>(); + List<String> roleAdminAppRolesNames = new ArrayList<>(); + String QUERY = + "select distinct fr.role_name as roleName from fn_user_role fu, ep_app_role_function ep, ep_app_function ea, fn_role fr" + + " where fu.role_id = ep.role_id" + + " and fu.app_id = ep.app_id" + + " and fu.user_id = :userId" + + " and fu.role_id = fr.role_id and fr.active_yn='Y'" + + " and ea.function_cd = ep.function_cd and ea.function_cd like 'approver|%'" + + " and exists" + + " (" + + " select fa.app_id from fn_user fu, fn_user_role ur, fn_app fa where fu.user_id =:userId and fu.user_id = ur.user_id" + + " and ur.app_id = fa.app_id and fa.enabled = 'Y')"; + List<Tuple> tuples = entityManager.createNativeQuery(QUERY, Tuple.class) + .setParameter("userId", userId) + .getResultList(); + List<String> getUserApproverRoles = tuples.stream().map(tuple -> (String) tuple.get("roleName")) + .collect(Collectors.toList()); + + List<EcompRole> userapproverRolesList = new ArrayList<>(); + for (String str : getUserApproverRoles) { + EcompRole epRole = roles.stream().filter(x -> str.equals(x.getName())).findAny().orElse(null); + if (epRole != null) { + userapproverRolesList.add(epRole); + } + } + for (EcompRole role : userapproverRolesList) { + + List<RoleFunction> roleFunList = new ArrayList<>(role.getRoleFunctions()); + boolean checkIfFunctionsExits = roleFunList.stream() + .anyMatch(roleFunction -> roleFunction.getType().equalsIgnoreCase("Approver")); + if (checkIfFunctionsExits) { + roleAdminAppRoles.add(role); + List<RoleFunction> filteredList = roleFunList.stream() + .filter(x -> "Approver".equalsIgnoreCase(x.getType())).collect(Collectors.toList()); + roleAdminAppRolesNames.addAll(filteredList.stream().map(RoleFunction::getCode) + .collect(Collectors.toList())); + } + } + for (String name : roleAdminAppRolesNames) { + roles.stream().filter(x -> name.equals(x.getName())).findAny() + .ifPresent(roleAdminAppRoles::add); + + } + appRoles = roleAdminAppRoles.toArray(new EcompRole[0]); + + } } else { - // Other response code, let it come thru. - throw e; + appRoles = applicationsRestClientService.get(EcompRole[].class, appId, "/roles"); } - } - if (userAppRoles == null) { - if (EcompPortalUtils.getExternalAppResponseCode() == 400) { - EcompPortalUtils.setExternalAppResponseCode(200); - String message = String.format( - "getAppRolesForUser: App %s, User %, endpoint /user/{userid}/roles returned 400, " - + "assuming user doesn't exist, app is framework SDK based, and things are ok. " - + "Overriding to 200 until framework SDK returns a useful response.", - Long.toString(appId), userId); - logger.warn(EELFLoggerDelegate.applicationLogger, message); - } - } + // Test this error case, for generating an internal ONAP Portal + // error + // EcompRole[] appRoles = null; + // If there is an exception in the rest client api, then null will + // be returned. + if (appRoles != null) { + if (!app.getAuthCentral()) { + syncAppRoles(appId, appRoles); + } + EcompRole[] userAppRoles = null; + try { + try { + if (app.getAuthCentral()) { + List<FnUser> actualUser = fnUserService.getUserWithOrgUserId(Long.toString(userId)); + List<EPUserAppCurrentRoles> userAppsRolesList = entityManager + .createNamedQuery("EPUserAppCurrentRoles") + .setParameter("appId", app.getId()) + .setParameter("userId", actualUser.get(0).getId()) + .getResultList(); + List<EcompRole> setUserRoles = new ArrayList<>(); + for (EPUserAppCurrentRoles role : userAppsRolesList) { + logger.debug(EELFLoggerDelegate.debugLogger, + "In getAppRolesForUser() - userAppsRolesList get userRolename = {}", + role.getRoleName()); + EcompRole ecompRole = new EcompRole(); + ecompRole.setId(role.getRoleId()); + ecompRole.setName(role.getRoleName()); + setUserRoles.add(ecompRole); + } + + boolean checkIfUserisAccAdmin = setUserRoles.stream() + .anyMatch(ecompRole -> ecompRole.getId() == 999L); + + if (!checkIfUserisAccAdmin) { + List<EcompRole> appRolesList = Arrays.asList(appRoles); + Set<EcompRole> finalUserAppRolesList = new HashSet<>(); + + List<String> roleNames = new ArrayList<>(); + for (EcompRole role : setUserRoles) { + EcompRole epRole = appRolesList.stream() + .filter(x -> role.getName().equals(x.getName())).findAny().orElse(null); + List<RoleFunction> roleFunList = new ArrayList<>(); + + if (epRole != null) { + if (epRole.getRoleFunctions().size() > 0) { + roleFunList.addAll(epRole.getRoleFunctions()); + } + boolean checkIfFunctionsExits = roleFunList.stream().anyMatch( + roleFunction -> roleFunction.getType().equalsIgnoreCase("Approver")); + if (checkIfFunctionsExits) { + finalUserAppRolesList.add(role); + List<RoleFunction> filteredList = roleFunList.stream() + .filter(x -> "Approver".equalsIgnoreCase(x.getType())) + .collect(Collectors.toList()); + roleNames = filteredList.stream().map(RoleFunction::getCode) + .collect(Collectors.toList()); + } else { + roleNames.add(epRole.getName()); + } + } + for (String name : roleNames) { + EcompRole ecompRole = appRolesList.stream() + .filter(x -> name.equals(x.getName())).findAny().orElse(null); + if (ecompRole != null) { + finalUserAppRolesList.add(ecompRole); + } + } + } + for (String name : roleNames) { + boolean checkIfFunctionsExits = userAppsRolesList.stream().anyMatch( + role -> role.getRoleName().equalsIgnoreCase(name)); + if (checkIfFunctionsExits) { + appRolesList.stream().filter(x -> name.equals(x.getName())) + .findAny().ifPresent(setUserRoles::add); + } + } + userAppRoles = setUserRoles.toArray(new EcompRole[0]); + } + } else { + userAppRoles = applicationsRestClientService.get(EcompRole[].class, appId, + String.format("/user/%s/roles", userId)); + } + } catch (HTTPException e) { + // Some apps are returning 400 if user is not found. + if (e.getResponseCode() == 400) { + logger.debug(EELFLoggerDelegate.debugLogger, + "getAppRolesForUser caught exception with response code 400; continuing", e); + } else { + // Other response code, let it come thru. + throw e; + } + } + if (userAppRoles == null) { + if (EcompPortalUtils.getExternalAppResponseCode() == 400) { + EcompPortalUtils.setExternalAppResponseCode(200); + String message = String.format( + "getAppRolesForUser: App %s, User %, endpoint /user/{userid}/roles returned 400, " + + "assuming user doesn't exist, app is framework SDK based, and things are ok. " + + "Overriding to 200 until framework SDK returns a useful response.", + Long.toString(appId), userId); + logger.warn(EELFLoggerDelegate.applicationLogger, message); + } + } - HashMap<Long, EcompRole> appRolesActiveMap = hashMapFromEcompRoles(appRoles); - ArrayList<EcompRole> activeRoles = new ArrayList<>(); - if (userAppRoles != null) { - for (EcompRole userAppRole : userAppRoles) { - if (appRolesActiveMap.containsKey(userAppRole.getId())) { - EcompRole role = new EcompRole(); - role.setId(userAppRole.getId()); - role.setName(userAppRole.getName()); - activeRoles.add(role); - } - } - } - EcompRole[] userAppRolesActive = activeRoles.toArray(new EcompRole[0]); + HashMap<Long, EcompRole> appRolesActiveMap = hashMapFromEcompRoles(appRoles); + ArrayList<EcompRole> activeRoles = new ArrayList<>(); + if (userAppRoles != null) { + for (EcompRole userAppRole : userAppRoles) { + if (appRolesActiveMap.containsKey(userAppRole.getId())) { + EcompRole role = new EcompRole(); + role.setId(userAppRole.getId()); + role.setName(userAppRole.getName()); + activeRoles.add(role); + } + } + } + EcompRole[] userAppRolesActive = activeRoles.toArray(new EcompRole[0]); - boolean checkIfUserisRoleAdmin = isRoleAdmin(userId) && !checkIfUserIsApplicationAccAdmin; + boolean checkIfUserisRoleAdmin = isRoleAdmin(userId) && !checkIfUserIsApplicationAccAdmin; - // If the remote application isn't down we MUST sync user - // roles here in case we have this user here! - syncUserRoles(Long.toString(userId), appId, userAppRolesActive, extRequestValue, null, checkIfUserisRoleAdmin, - appRoles); + // If the remote application isn't down we MUST sync user + // roles here in case we have this user here! + syncUserRoles(Long.toString(userId), appId, userAppRolesActive, extRequestValue, null, + checkIfUserisRoleAdmin, + appRoles); + } catch (Exception e) { + // TODO: we may need to check if user exists, maybe remote + // app is down. + String message = String.format( + "getAppRolesForUser: user %s does not exist in remote application %s", userId, + Long.toString(appId)); + logger.error(EELFLoggerDelegate.errorLogger, message, e); + userAppRoles = new EcompRole[0]; + } + rolesInAppForUser = fnUserRoleService.constructRolesInAppForUserGet(appRoles, userAppRoles); + } } catch (Exception e) { - // TODO: we may need to check if user exists, maybe remote - // app is down. - String message = String.format( - "getAppRolesForUser: user %s does not exist in remote application %s", userId, - Long.toString(appId)); - logger.error(EELFLoggerDelegate.errorLogger, message, e); - userAppRoles = new EcompRole[0]; + String message = String.format("getAppRolesForUser: failed for User %s, AppId %s", userId, + Long.toString(appId)); + logger.error(EELFLoggerDelegate.errorLogger, message, e); } - rolesInAppForUser = fnUserRoleService.constructRolesInAppForUserGet(appRoles, userAppRoles); - } - } catch (Exception e) { - String message = String.format("getAppRolesForUser: failed for User %s, AppId %s", userId, - Long.toString(appId)); - logger.error(EELFLoggerDelegate.errorLogger, message, e); + return rolesInAppForUser; } - return rolesInAppForUser; - } - - private void syncAppRoles(Long appId, EcompRole[] appRoles) throws Exception { - logger.debug(EELFLoggerDelegate.debugLogger, "entering syncAppRoles for appId: " + appId); - HashMap<Long, EcompRole> newRolesMap = hashMapFromEcompRoles(appRoles); - try { - List<FnRole> currentAppRoles = fnRoleService.retrieveAppRolesByAppId(appId); - - List<FnRole> obsoleteRoles = new ArrayList<>(); - for (FnRole oldAppRole : currentAppRoles) { - if (oldAppRole.getAppRoleId() != null) { - EcompRole role; - role = newRolesMap.get(oldAppRole.getAppRoleId()); - if (role != null) { - if (!(role.getName() == null || oldAppRole.getRoleName().equals(role.getName()))) { - oldAppRole.setRoleName(role.getName()); + + private void syncAppRoles(Long appId, EcompRole[] appRoles) throws Exception { + logger.debug(EELFLoggerDelegate.debugLogger, "entering syncAppRoles for appId: " + appId); + HashMap<Long, EcompRole> newRolesMap = hashMapFromEcompRoles(appRoles); + try { + List<FnRole> currentAppRoles = fnRoleService.retrieveAppRolesByAppId(appId); + + List<FnRole> obsoleteRoles = new ArrayList<>(); + for (FnRole oldAppRole : currentAppRoles) { + if (oldAppRole.getAppRoleId() != null) { + EcompRole role; + role = newRolesMap.get(oldAppRole.getAppRoleId()); + if (role != null) { + if (!(role.getName() == null || oldAppRole.getRoleName().equals(role.getName()))) { + oldAppRole.setRoleName(role.getName()); + } + oldAppRole.setActiveYn(true); + newRolesMap.remove(oldAppRole.getAppRoleId()); + } else { + obsoleteRoles.add(oldAppRole); + } + } else { + obsoleteRoles.add(oldAppRole); + } } - oldAppRole.setActiveYn(true); - newRolesMap.remove(oldAppRole.getAppRoleId()); - } else { - obsoleteRoles.add(oldAppRole); - } - } else { - obsoleteRoles.add(oldAppRole); - } - } - Collection<EcompRole> newRolesToAdd = newRolesMap.values(); - if (obsoleteRoles.size() > 0) { - logger.debug(EELFLoggerDelegate.debugLogger, "syncAppRoles: we have obsolete roles to delete"); - for (FnRole role : obsoleteRoles) { - logger.debug(EELFLoggerDelegate.debugLogger, "syncAppRoles: obsolete role: " + role.toString()); - Long roleId = role.getId(); - List<FnUserRole> userRoles = fnUserRoleService.getUserRolesForRoleIdAndAppId(roleId, appId); - - logger.debug(EELFLoggerDelegate.debugLogger, - "syncAppRoles: number of userRoles to delete: " + userRoles.size()); - for (FnUserRole userRole : userRoles) { - logger.debug(EELFLoggerDelegate.debugLogger, - "syncAppRoles: about to delete userRole: " + userRole.toString()); - fnUserRoleService.deleteById(userRole.getId()); - logger.debug(EELFLoggerDelegate.debugLogger, - "syncAppRoles: finished deleting userRole: " + userRole.toString()); - } - List<FnMenuFunctionalRoles> funcMenuRoles = fnMenuFunctionalRolesService.retrieveByroleId(roleId); - int numMenuRoles = funcMenuRoles.size(); - logger.debug(EELFLoggerDelegate.debugLogger, - "syncAppRoles: number of funcMenuRoles for roleId: " + roleId + ": " + numMenuRoles); - for (FnMenuFunctionalRoles funcMenuRole : funcMenuRoles) { - Long menuId = funcMenuRole.getMenuId().getMenuId(); - // If this is the only role for this menu item, then the - // app and roles will be gone, - // so must null out the url too, to be consistent - List<FnMenuFunctionalRoles> funcMenuRoles2 = fnMenuFunctionalRolesService.retrieveByMenuId(menuId); - int numMenuRoles2 = funcMenuRoles2.size(); - logger.debug(EELFLoggerDelegate.debugLogger, - "syncAppRoles: number of funcMenuRoles for menuId: " + menuId + ": " + numMenuRoles2); - fnMenuFunctionalRolesService.delete(funcMenuRole); - - if (numMenuRoles2 == 1) { - // If this is the only role for this menu item, then - // the app and roles will be gone, - // so must null out the url too, to be consistent - logger.debug(EELFLoggerDelegate.debugLogger, - "syncAppRoles: There is exactly 1 menu item for this role, so emptying the url"); - List<FnMenuFunctional> funcMenuItems = fnMenuFunctionalService.retrieveByMenuId(menuId); - if (funcMenuItems.size() > 0) { - logger.debug(EELFLoggerDelegate.debugLogger, "got the menu item"); - FnMenuFunctional funcMenuItem = funcMenuItems.get(0); - funcMenuItem.setUrl(""); - } + Collection<EcompRole> newRolesToAdd = newRolesMap.values(); + if (obsoleteRoles.size() > 0) { + logger.debug(EELFLoggerDelegate.debugLogger, "syncAppRoles: we have obsolete roles to delete"); + for (FnRole role : obsoleteRoles) { + logger.debug(EELFLoggerDelegate.debugLogger, "syncAppRoles: obsolete role: " + role.toString()); + Long roleId = role.getId(); + List<FnUserRole> userRoles = fnUserRoleService.getUserRolesForRoleIdAndAppId(roleId, appId); + + logger.debug(EELFLoggerDelegate.debugLogger, + "syncAppRoles: number of userRoles to delete: " + userRoles.size()); + for (FnUserRole userRole : userRoles) { + logger.debug(EELFLoggerDelegate.debugLogger, + "syncAppRoles: about to delete userRole: " + userRole.toString()); + fnUserRoleService.deleteById(userRole.getId()); + logger.debug(EELFLoggerDelegate.debugLogger, + "syncAppRoles: finished deleting userRole: " + userRole.toString()); + } + List<FnMenuFunctionalRoles> funcMenuRoles = fnMenuFunctionalRolesService.retrieveByroleId(roleId); + int numMenuRoles = funcMenuRoles.size(); + logger.debug(EELFLoggerDelegate.debugLogger, + "syncAppRoles: number of funcMenuRoles for roleId: " + roleId + ": " + numMenuRoles); + for (FnMenuFunctionalRoles funcMenuRole : funcMenuRoles) { + Long menuId = funcMenuRole.getMenuId().getMenuId(); + // If this is the only role for this menu item, then the + // app and roles will be gone, + // so must null out the url too, to be consistent + List<FnMenuFunctionalRoles> funcMenuRoles2 = fnMenuFunctionalRolesService + .retrieveByMenuId(menuId); + int numMenuRoles2 = funcMenuRoles2.size(); + logger.debug(EELFLoggerDelegate.debugLogger, + "syncAppRoles: number of funcMenuRoles for menuId: " + menuId + ": " + numMenuRoles2); + fnMenuFunctionalRolesService.delete(funcMenuRole); + + if (numMenuRoles2 == 1) { + // If this is the only role for this menu item, then + // the app and roles will be gone, + // so must null out the url too, to be consistent + logger.debug(EELFLoggerDelegate.debugLogger, + "syncAppRoles: There is exactly 1 menu item for this role, so emptying the url"); + List<FnMenuFunctional> funcMenuItems = fnMenuFunctionalService.retrieveByMenuId(menuId); + if (funcMenuItems.size() > 0) { + logger.debug(EELFLoggerDelegate.debugLogger, "got the menu item"); + FnMenuFunctional funcMenuItem = funcMenuItems.get(0); + funcMenuItem.setUrl(""); + } + } + } + boolean isPortalRequest = true; + deleteRoleDependencyRecords(roleId, appId, isPortalRequest); + logger.debug(EELFLoggerDelegate.debugLogger, + "syncAppRoles: about to delete the role: " + role.toString()); + fnRoleService.delete(role); + logger.debug(EELFLoggerDelegate.debugLogger, "syncAppRoles: deleted the role"); + } } - } - boolean isPortalRequest = true; - deleteRoleDependencyRecords(roleId, appId, isPortalRequest); - logger.debug(EELFLoggerDelegate.debugLogger, "syncAppRoles: about to delete the role: " + role.toString()); - fnRoleService.delete(role); - logger.debug(EELFLoggerDelegate.debugLogger, "syncAppRoles: deleted the role"); + for (EcompRole role : newRolesToAdd) { + logger.debug(EELFLoggerDelegate.debugLogger, + "syncAppRoles: about to add missing role: " + role.toString()); + FnRole newRole = new FnRole(); + // Attention! All roles from remote application supposed to be + // active! + newRole.setActiveYn(true); + newRole.setRoleName(role.getName()); + newRole.setAppId(appId); + newRole.setAppRoleId(role.getId()); + fnRoleService.saveOne(newRole); + } + logger.debug(EELFLoggerDelegate.debugLogger, "syncAppRoles: about to commit the transaction"); + logger.debug(EELFLoggerDelegate.debugLogger, "syncAppRoles: committed the transaction"); + } catch (Exception e) { + logger.error(EELFLoggerDelegate.errorLogger, "syncAppRoles failed", e); + EPLogUtil.logEcompError(logger, EPAppMessagesEnum.BeDaoSystemError, e); + throw new Exception(e); } - } - for (EcompRole role : newRolesToAdd) { - logger.debug(EELFLoggerDelegate.debugLogger, "syncAppRoles: about to add missing role: " + role.toString()); - FnRole newRole = new FnRole(); - // Attention! All roles from remote application supposed to be - // active! - newRole.setActiveYn(true); - newRole.setRoleName(role.getName()); - newRole.setAppId(appId); - newRole.setAppRoleId(role.getId()); - fnRoleService.saveOne(newRole); - } - logger.debug(EELFLoggerDelegate.debugLogger, "syncAppRoles: about to commit the transaction"); - logger.debug(EELFLoggerDelegate.debugLogger, "syncAppRoles: committed the transaction"); - } catch (Exception e) { - logger.error(EELFLoggerDelegate.errorLogger, "syncAppRoles failed", e); - EPLogUtil.logEcompError(logger, EPAppMessagesEnum.BeDaoSystemError, e); - throw new Exception(e); } - } - - private void deleteRoleDependencyRecords(Long roleId, Long appId, boolean isPortalRequest) - throws Exception { - Session localSession = entityManager.unwrap(Session.class); - try { - String sql; - Query query; - // It should delete only when it portal's roleId - if (appId.equals(PortalConstants.PORTAL_APP_ID)) { - // Delete from fn_role_function - sql = "DELETE FROM fn_role_function WHERE role_id=" + roleId; - logger.debug(EELFLoggerDelegate.debugLogger, "Executing query: " + sql); - query = localSession.createSQLQuery(sql); - query.executeUpdate(); - // Delete from fn_role_composite - sql = "DELETE FROM fn_role_composite WHERE parent_role_id=" + roleId + " OR child_role_id=" + roleId; - logger.debug(EELFLoggerDelegate.debugLogger, "Executing query: " + sql); - query = localSession.createSQLQuery(sql); - query.executeUpdate(); - } - // Delete from ep_app_role_function - sql = "DELETE FROM ep_app_role_function WHERE role_id=" + roleId; - logger.debug(EELFLoggerDelegate.debugLogger, "Executing query: " + sql); - query = localSession.createSQLQuery(sql); - query.executeUpdate(); - // Delete from ep_role_notification - sql = "DELETE FROM ep_role_notification WHERE role_id=" + roleId; - logger.debug(EELFLoggerDelegate.debugLogger, "Executing query: " + sql); - query = localSession.createSQLQuery(sql); - query.executeUpdate(); - // Delete from fn_user_pseudo_role - sql = "DELETE FROM fn_user_pseudo_role WHERE pseudo_role_id=" + roleId; - logger.debug(EELFLoggerDelegate.debugLogger, "Executing query: " + sql); - query = localSession.createSQLQuery(sql); - query.executeUpdate(); - // Delete form EP_WIDGET_CATALOG_ROLE - sql = "DELETE FROM EP_WIDGET_CATALOG_ROLE WHERE role_id=" + roleId; - logger.debug(EELFLoggerDelegate.debugLogger, "Executing query: " + sql); - query = localSession.createSQLQuery(sql); - query.executeUpdate(); - // Delete form EP_WIDGET_CATALOG_ROLE - sql = "DELETE FROM ep_user_roles_request_det WHERE requested_role_id=" + roleId; - logger.debug(EELFLoggerDelegate.debugLogger, "Executing query: " + sql); - query = localSession.createSQLQuery(sql); - query.executeUpdate(); - if (!isPortalRequest) { - // Delete form fn_menu_functional_roles - sql = "DELETE FROM fn_menu_functional_roles WHERE role_id=" + roleId; - logger.debug(EELFLoggerDelegate.debugLogger, "Executing query: " + sql); - query = localSession.createSQLQuery(sql); - query.executeUpdate(); - } - } catch (Exception e) { - logger.debug(EELFLoggerDelegate.debugLogger, "deleteRoleDependeciesRecord: failed ", e); - throw new DeleteDomainObjectFailedException("delete Failed" + e.getMessage()); - } - } - private void checkIfRoleInactive(FnRole epRole) throws Exception { - if (!epRole.getActiveYn()) { - throw new Exception(epRole.getRoleName() + " role is unavailable"); - } - } - - public boolean setAppsWithAdminRoleStateForUser(AppsListWithAdminRole newAppsListWithAdminRoles) { - boolean result = false; - // No changes if no new roles list or no userId. - if (!org.apache.cxf.common.util.StringUtils.isEmpty(newAppsListWithAdminRoles.getOrgUserId()) - && newAppsListWithAdminRoles.getAppsRoles() != null) { - synchronized (syncRests) { - List<FnApp> apps = fnAppService.getAppsFullList(); - HashMap<Long, FnApp> enabledApps = new HashMap<>(); - for (FnApp app : apps) { - enabledApps.put(app.getId(), app); - } - List<AppNameIdIsAdmin> newAppsWhereUserIsAdmin = new ArrayList<>(); - for (AppNameIdIsAdmin adminRole : newAppsListWithAdminRoles.getAppsRoles()) { - // user Admin role may be added only for enabled apps - if (adminRole.getIsAdmin() && enabledApps.containsKey(adminRole.getId())) { - newAppsWhereUserIsAdmin.add(adminRole); - } - } - FnUser user = null; - boolean createNewUser = false; - String orgUserId = newAppsListWithAdminRoles.getOrgUserId().trim(); - List<FnUser> localUserList = fnUserService.getUserWithOrgUserId(orgUserId); - List<FnUserRole> oldAppsWhereUserIsAdmin = new ArrayList<>(); - if (localUserList.size() > 0) { - FnUser tmpUser = localUserList.get(0); - oldAppsWhereUserIsAdmin = fnUserRoleService.retrieveByUserIdAndRoleId(tmpUser.getId(), ACCOUNT_ADMIN_ROLE_ID); - if (oldAppsWhereUserIsAdmin.size() > 0 || newAppsWhereUserIsAdmin.size() > 0) { - user = tmpUser; - } - } else if (newAppsWhereUserIsAdmin.size() > 0) { - // we create new user only if he has Admin Role for any App - createNewUser = true; + private void deleteRoleDependencyRecords(Long roleId, Long appId, boolean isPortalRequest) + throws Exception { + Session localSession = entityManager.unwrap(Session.class); + try { + String sql; + Query query; + // It should delete only when it portal's roleId + if (appId.equals(PortalConstants.PORTAL_APP_ID)) { + // Delete from fn_role_function + sql = "DELETE FROM fn_role_function WHERE role_id=" + roleId; + logger.debug(EELFLoggerDelegate.debugLogger, "Executing query: " + sql); + query = localSession.createSQLQuery(sql); + query.executeUpdate(); + // Delete from fn_role_composite + sql = "DELETE FROM fn_role_composite WHERE parent_role_id=" + roleId + " OR child_role_id=" + roleId; + logger.debug(EELFLoggerDelegate.debugLogger, "Executing query: " + sql); + query = localSession.createSQLQuery(sql); + query.executeUpdate(); + } + // Delete from ep_app_role_function + sql = "DELETE FROM ep_app_role_function WHERE role_id=" + roleId; + logger.debug(EELFLoggerDelegate.debugLogger, "Executing query: " + sql); + query = localSession.createSQLQuery(sql); + query.executeUpdate(); + // Delete from ep_role_notification + sql = "DELETE FROM ep_role_notification WHERE role_id=" + roleId; + logger.debug(EELFLoggerDelegate.debugLogger, "Executing query: " + sql); + query = localSession.createSQLQuery(sql); + query.executeUpdate(); + // Delete from fn_user_pseudo_role + sql = "DELETE FROM fn_user_pseudo_role WHERE pseudo_role_id=" + roleId; + logger.debug(EELFLoggerDelegate.debugLogger, "Executing query: " + sql); + query = localSession.createSQLQuery(sql); + query.executeUpdate(); + // Delete form EP_WIDGET_CATALOG_ROLE + sql = "DELETE FROM EP_WIDGET_CATALOG_ROLE WHERE role_id=" + roleId; + logger.debug(EELFLoggerDelegate.debugLogger, "Executing query: " + sql); + query = localSession.createSQLQuery(sql); + query.executeUpdate(); + // Delete form EP_WIDGET_CATALOG_ROLE + sql = "DELETE FROM ep_user_roles_request_det WHERE requested_role_id=" + roleId; + logger.debug(EELFLoggerDelegate.debugLogger, "Executing query: " + sql); + query = localSession.createSQLQuery(sql); + query.executeUpdate(); + if (!isPortalRequest) { + // Delete form fn_menu_functional_roles + sql = "DELETE FROM fn_menu_functional_roles WHERE role_id=" + roleId; + logger.debug(EELFLoggerDelegate.debugLogger, "Executing query: " + sql); + query = localSession.createSQLQuery(sql); + query.executeUpdate(); + } + } catch (Exception e) { + logger.debug(EELFLoggerDelegate.debugLogger, "deleteRoleDependeciesRecord: failed ", e); + throw new DeleteDomainObjectFailedException("delete Failed" + e.getMessage()); } - result = isResult(result, enabledApps, newAppsWhereUserIsAdmin, user, createNewUser, orgUserId, - oldAppsWhereUserIsAdmin); - } } - return result; - } - - @Transactional - public boolean isResult(boolean result, HashMap<Long, FnApp> enabledApps, - List<AppNameIdIsAdmin> newAppsWhereUserIsAdmin, FnUser user, boolean createNewUser, String orgUserId, - List<FnUserRole> oldAppsWhereUserIsAdmin) { - if (user != null || createNewUser) { - if (createNewUser) { - user = fnUserService.getUserWithOrgUserId(orgUserId).stream().findFirst().get(); - if (user != null) { - user.setActiveYn(true); - } - } - for (FnUserRole oldUserApp : oldAppsWhereUserIsAdmin) { - // user Admin role may be deleted only for enabled - // apps - if (enabledApps.containsKey(oldUserApp.getFnAppId())) { - fnUserRoleService.saveOne(oldUserApp); + private void checkIfRoleInactive(FnRole epRole) throws Exception { + if (!epRole.getActiveYn()) { + throw new Exception(epRole.getRoleName() + " role is unavailable"); } - } - for (AppNameIdIsAdmin appNameIdIsAdmin : newAppsWhereUserIsAdmin) { - FnApp app = fnAppService.getById(appNameIdIsAdmin.getId()); - FnRole role = fnRoleService.getById(ACCOUNT_ADMIN_ROLE_ID); - FnUserRole newUserApp = new FnUserRole(); - newUserApp.setUserId(user); - newUserApp.setFnAppId(app); - newUserApp.setRoleId(role); - fnUserRoleService.saveOne(newUserApp); - } - if (EcompPortalUtils.checkIfRemoteCentralAccessAllowed()) { - addAdminRoleInExternalSystem(user, newAppsWhereUserIsAdmin); - result = true; - } } - return result; - } - - @Transactional() - public boolean addAdminRoleInExternalSystem(FnUser user, List<AppNameIdIsAdmin> newAppsWhereUserIsAdmin) { - boolean result = false; - try { - // Reset All admin role for centralized applications - List<FnApp> appList = fnAppService.getCentralizedApps(); - HttpHeaders headers = EcompPortalUtils.base64encodeKeyForAAFBasicAuth(); - for (FnApp app : appList) { - String name = ""; - if (EPCommonSystemProperties - .containsProperty(EPCommonSystemProperties.EXTERNAL_CENTRAL_ACCESS_USER_DOMAIN)) { - name = user.getOrgUserId() + SystemProperties - .getProperty(EPCommonSystemProperties.EXTERNAL_CENTRAL_ACCESS_USER_DOMAIN); + + public boolean setAppsWithAdminRoleStateForUser(AppsListWithAdminRole newAppsListWithAdminRoles) { + boolean result = false; + // No changes if no new roles list or no userId. + if (!org.apache.cxf.common.util.StringUtils.isEmpty(newAppsListWithAdminRoles.getOrgUserId()) + && newAppsListWithAdminRoles.getAppsRoles() != null) { + synchronized (syncRests) { + List<FnApp> apps = fnAppService.getAppsFullList(); + HashMap<Long, FnApp> enabledApps = new HashMap<>(); + for (FnApp app : apps) { + enabledApps.put(app.getId(), app); + } + List<AppNameIdIsAdmin> newAppsWhereUserIsAdmin = new ArrayList<>(); + for (AppNameIdIsAdmin adminRole : newAppsListWithAdminRoles.getAppsRoles()) { + // user Admin role may be added only for enabled apps + if (adminRole.getIsAdmin() && enabledApps.containsKey(adminRole.getId())) { + newAppsWhereUserIsAdmin.add(adminRole); + } + } + FnUser user = null; + boolean createNewUser = false; + String orgUserId = newAppsListWithAdminRoles.getOrgUserId().trim(); + List<FnUser> localUserList = fnUserService.getUserWithOrgUserId(orgUserId); + List<FnUserRole> oldAppsWhereUserIsAdmin = new ArrayList<>(); + if (localUserList.size() > 0) { + FnUser tmpUser = localUserList.get(0); + oldAppsWhereUserIsAdmin = fnUserRoleService + .retrieveByUserIdAndRoleId(tmpUser.getId(), ACCOUNT_ADMIN_ROLE_ID); + if (oldAppsWhereUserIsAdmin.size() > 0 || newAppsWhereUserIsAdmin.size() > 0) { + user = tmpUser; + } + } else if (newAppsWhereUserIsAdmin.size() > 0) { + // we create new user only if he has Admin Role for any App + createNewUser = true; + } + result = isResult(result, enabledApps, newAppsWhereUserIsAdmin, user, createNewUser, orgUserId, + oldAppsWhereUserIsAdmin); + } } - String extRole = app.getAuthNamespace() + "." + PortalConstants.ADMIN_ROLE.replaceAll(" ", "_"); - HttpEntity<String> entity = new HttpEntity<>(headers); - logger.debug(EELFLoggerDelegate.debugLogger, "Connecting to External Access system"); - try { - ResponseEntity<String> getResponse = template - .exchange(SystemProperties.getProperty(EPCommonSystemProperties.EXTERNAL_CENTRAL_ACCESS_URL) - + "roles/" + extRole, HttpMethod.GET, entity, String.class); - - if (getResponse.getBody().equals("{}")) { - String addDesc = "{\"name\":\"" + extRole + "\"}"; - HttpEntity<String> roleEntity = new HttpEntity<>(addDesc, headers); - template.exchange( - SystemProperties.getProperty(EPCommonSystemProperties.EXTERNAL_CENTRAL_ACCESS_URL) - + "role", - HttpMethod.POST, roleEntity, String.class); - } else { - try { - HttpEntity<String> deleteUserRole = new HttpEntity<>(headers); - template.exchange( - SystemProperties.getProperty(EPCommonSystemProperties.EXTERNAL_CENTRAL_ACCESS_URL) - + "userRole/" + name + "/" + extRole, - HttpMethod.DELETE, deleteUserRole, String.class); - } catch (Exception e) { - logger.error(EELFLoggerDelegate.errorLogger, - " Role not found for this user may be it gets deleted before", e); + + return result; + } + + @Transactional + public boolean isResult(boolean result, HashMap<Long, FnApp> enabledApps, + List<AppNameIdIsAdmin> newAppsWhereUserIsAdmin, FnUser user, boolean createNewUser, String orgUserId, + List<FnUserRole> oldAppsWhereUserIsAdmin) { + if (user != null || createNewUser) { + if (createNewUser) { + user = fnUserService.getUserWithOrgUserId(orgUserId).stream().findFirst().get(); + if (user != null) { + user.setActiveYn(true); + } + } + for (FnUserRole oldUserApp : oldAppsWhereUserIsAdmin) { + // user Admin role may be deleted only for enabled + // apps + if (enabledApps.containsKey(oldUserApp.getFnAppId())) { + fnUserRoleService.saveOne(oldUserApp); + } + } + for (AppNameIdIsAdmin appNameIdIsAdmin : newAppsWhereUserIsAdmin) { + FnApp app = fnAppService.getById(appNameIdIsAdmin.getId()); + FnRole role = fnRoleService.getById(ACCOUNT_ADMIN_ROLE_ID); + FnUserRole newUserApp = new FnUserRole(); + newUserApp.setUserId(user); + newUserApp.setFnAppId(app); + newUserApp.setRoleId(role); + fnUserRoleService.saveOne(newUserApp); + } + if (EcompPortalUtils.checkIfRemoteCentralAccessAllowed()) { + addAdminRoleInExternalSystem(user, newAppsWhereUserIsAdmin); + result = true; } - } - } catch (Exception e) { - if (e.getMessage().equalsIgnoreCase("404 Not Found")) { - logger.debug(EELFLoggerDelegate.debugLogger, "Application Not found for app {}", - app.getAuthNamespace(), e.getMessage()); - } else { - logger.error(EELFLoggerDelegate.errorLogger, "Application Not found for app {}", - app.getAuthNamespace(), e); - } } - } - for (AppNameIdIsAdmin appNameIdIsAdmin : newAppsWhereUserIsAdmin) { - FnApp app = fnAppService.getById(appNameIdIsAdmin.getId()); + return result; + } + + public boolean addAdminRoleInExternalSystem(FnUser user, List<AppNameIdIsAdmin> newAppsWhereUserIsAdmin) { + boolean result = false; try { - if (app.getAuthCentral()) { - String extRole = app.getAuthNamespace() + "." + PortalConstants.ADMIN_ROLE.replaceAll(" ", "_"); - HttpEntity<String> entity = new HttpEntity<>(headers); - String name = ""; - if (EPCommonSystemProperties - .containsProperty(EPCommonSystemProperties.EXTERNAL_CENTRAL_ACCESS_USER_DOMAIN)) { - name = user.getOrgUserId() + SystemProperties - .getProperty(EPCommonSystemProperties.EXTERNAL_CENTRAL_ACCESS_USER_DOMAIN); - } - logger.debug(EELFLoggerDelegate.debugLogger, "Connecting to External Access system"); - ResponseEntity<String> getUserRolesResponse = template.exchange( - SystemProperties.getProperty(EPCommonSystemProperties.EXTERNAL_CENTRAL_ACCESS_URL) - + "userRoles/user/" + name, - HttpMethod.GET, entity, String.class); - logger.debug(EELFLoggerDelegate.debugLogger, "Connected to External Access system"); - if (!getUserRolesResponse.getBody().equals("{}")) { - JSONObject jsonObj = new JSONObject(getUserRolesResponse.getBody()); - JSONArray extRoles = jsonObj.getJSONArray("userRole"); - final Map<String, JSONObject> extUserRoles = new HashMap<>(); - for (int i = 0; i < extRoles.length(); i++) { - String userRole = extRoles.getJSONObject(i).getString("role"); - if (userRole.startsWith(app.getAuthNamespace() + ".") - && !userRole.equals(app.getAuthNamespace() + ".admin") - && !userRole.equals(app.getAuthNamespace() + ".owner")) { - - extUserRoles.put(userRole, extRoles.getJSONObject(i)); + // Reset All admin role for centralized applications + List<FnApp> appList = fnAppService.getCentralizedApps(); + HttpHeaders headers = EcompPortalUtils.base64encodeKeyForAAFBasicAuth(); + for (FnApp app : appList) { + String name = ""; + if (EPCommonSystemProperties + .containsProperty(EPCommonSystemProperties.EXTERNAL_CENTRAL_ACCESS_USER_DOMAIN)) { + name = user.getOrgUserId() + SystemProperties + .getProperty(EPCommonSystemProperties.EXTERNAL_CENTRAL_ACCESS_USER_DOMAIN); } - } - if (!extUserRoles.containsKey(extRole)) { - // Assign with new apps user admin + String extRole = app.getAuthNamespace() + "." + PortalConstants.ADMIN_ROLE.replaceAll(" ", "_"); + HttpEntity<String> entity = new HttpEntity<>(headers); + logger.debug(EELFLoggerDelegate.debugLogger, "Connecting to External Access system"); try { - ExternalAccessUser extUser = new ExternalAccessUser(name, extRole); - // Assign user role for an application in external access system - ObjectMapper addUserRoleMapper = new ObjectMapper(); - String userRole = addUserRoleMapper.writeValueAsString(extUser); - HttpEntity<String> addUserRole = new HttpEntity<>(userRole, headers); - template.exchange( - SystemProperties.getProperty( - EPCommonSystemProperties.EXTERNAL_CENTRAL_ACCESS_URL) + "userRole", - HttpMethod.POST, addUserRole, String.class); + ResponseEntity<String> getResponse = template + .exchange(SystemProperties.getProperty(EPCommonSystemProperties.EXTERNAL_CENTRAL_ACCESS_URL) + + "roles/" + extRole, HttpMethod.GET, entity, String.class); + + if (getResponse.getBody().equals("{}")) { + String addDesc = "{\"name\":\"" + extRole + "\"}"; + HttpEntity<String> roleEntity = new HttpEntity<>(addDesc, headers); + template.exchange( + SystemProperties.getProperty(EPCommonSystemProperties.EXTERNAL_CENTRAL_ACCESS_URL) + + "role", + HttpMethod.POST, roleEntity, String.class); + } else { + try { + HttpEntity<String> deleteUserRole = new HttpEntity<>(headers); + template.exchange( + SystemProperties.getProperty(EPCommonSystemProperties.EXTERNAL_CENTRAL_ACCESS_URL) + + "userRole/" + name + "/" + extRole, + HttpMethod.DELETE, deleteUserRole, String.class); + } catch (Exception e) { + logger.error(EELFLoggerDelegate.errorLogger, + " Role not found for this user may be it gets deleted before", e); + } + } } catch (Exception e) { - logger.error(EELFLoggerDelegate.errorLogger, "Failed to add user admin role", e); + if (e.getMessage().equalsIgnoreCase("404 Not Found")) { + logger.debug(EELFLoggerDelegate.debugLogger, "Application Not found for app {}", + app.getAuthNamespace(), e.getMessage()); + } else { + logger.error(EELFLoggerDelegate.errorLogger, "Application Not found for app {}", + app.getAuthNamespace(), e); + } + } + } + for (AppNameIdIsAdmin appNameIdIsAdmin : newAppsWhereUserIsAdmin) { + FnApp app = fnAppService.getById(appNameIdIsAdmin.getId()); + try { + if (app.getAuthCentral()) { + String extRole = app.getAuthNamespace() + "." + PortalConstants.ADMIN_ROLE.replaceAll(" ", "_"); + HttpEntity<String> entity = new HttpEntity<>(headers); + String name = ""; + if (EPCommonSystemProperties + .containsProperty(EPCommonSystemProperties.EXTERNAL_CENTRAL_ACCESS_USER_DOMAIN)) { + name = user.getOrgUserId() + SystemProperties + .getProperty(EPCommonSystemProperties.EXTERNAL_CENTRAL_ACCESS_USER_DOMAIN); + } + logger.debug(EELFLoggerDelegate.debugLogger, "Connecting to External Access system"); + ResponseEntity<String> getUserRolesResponse = template.exchange( + SystemProperties.getProperty(EPCommonSystemProperties.EXTERNAL_CENTRAL_ACCESS_URL) + + "userRoles/user/" + name, + HttpMethod.GET, entity, String.class); + logger.debug(EELFLoggerDelegate.debugLogger, "Connected to External Access system"); + if (!getUserRolesResponse.getBody().equals("{}")) { + JSONObject jsonObj = new JSONObject(getUserRolesResponse.getBody()); + JSONArray extRoles = jsonObj.getJSONArray("userRole"); + final Map<String, JSONObject> extUserRoles = new HashMap<>(); + for (int i = 0; i < extRoles.length(); i++) { + String userRole = extRoles.getJSONObject(i).getString("role"); + if (userRole.startsWith(app.getAuthNamespace() + ".") + && !userRole.equals(app.getAuthNamespace() + ".admin") + && !userRole.equals(app.getAuthNamespace() + ".owner")) { + + extUserRoles.put(userRole, extRoles.getJSONObject(i)); + } + } + if (!extUserRoles.containsKey(extRole)) { + // Assign with new apps user admin + try { + ExternalAccessUser extUser = new ExternalAccessUser(name, extRole); + // Assign user role for an application in external access system + ObjectMapper addUserRoleMapper = new ObjectMapper(); + String userRole = addUserRoleMapper.writeValueAsString(extUser); + HttpEntity<String> addUserRole = new HttpEntity<>(userRole, headers); + template.exchange( + SystemProperties.getProperty( + EPCommonSystemProperties.EXTERNAL_CENTRAL_ACCESS_URL) + "userRole", + HttpMethod.POST, addUserRole, String.class); + } catch (Exception e) { + logger.error(EELFLoggerDelegate.errorLogger, "Failed to add user admin role", e); + } + + } + } + } + result = true; + } catch (Exception e) { + if (e.getMessage().equalsIgnoreCase("404 Not Found")) { + logger.debug(EELFLoggerDelegate.errorLogger, + "Application name space not found in External system for app {} due to bad rquest name space ", + app.getAuthNamespace(), e.getMessage()); + } else { + logger.error(EELFLoggerDelegate.errorLogger, "Failed to assign admin role for application {}", + app.getAuthNamespace(), e); + result = false; + } } - - } } - } - result = true; } catch (Exception e) { - if (e.getMessage().equalsIgnoreCase("404 Not Found")) { - logger.debug(EELFLoggerDelegate.errorLogger, - "Application name space not found in External system for app {} due to bad rquest name space ", - app.getAuthNamespace(), e.getMessage()); - } else { - logger.error(EELFLoggerDelegate.errorLogger, "Failed to assign admin role for application {}", - app.getAuthNamespace(), e); result = false; - } + logger.error(EELFLoggerDelegate.errorLogger, "Failed to assign admin roles operation", e); + } + return result; + } + + public Set<String> getAllAppsFunctionsOfUser(String OrgUserId) throws RoleFunctionException { + final String getAllAppsFunctionsOfUser = + "select distinct ep.function_cd from fn_user_role fu, ep_app_role_function ep, ep_app_function ea, fn_app fa , fn_role fr\n" + + " where fu.role_id = ep.role_id \n" + + " and fu.app_id = ep.app_id\n" + + " and fu.user_id =:userId\n" + + " and ea.function_cd = ep.function_cd\n" + + " and ((fu.app_id = fa.app_id and fa.enabled = 'Y' ) or (fa.app_id = 1))\n" + + " and fr.role_id = fu.role_id and fr.active_yn='Y' \n" + + " union\n" + + " select distinct app_r_f.function_cd from ep_app_role_function app_r_f, ep_app_function a_f\n" + + " where role_id = 999\n" + + " and app_r_f.function_cd = a_f.function_cd\n" + + " and exists\n" + + " (\n" + + " select fa.app_id from fn_user fu, fn_user_role ur, fn_app fa where fu.user_id =:userId and fu.user_id = ur.user_id\n" + + " and ur.role_id = 999 and ur.app_id = fa.app_id and fa.enabled = 'Y'\n" + + " )"; + List getRoleFuncListOfPortal = entityManager.createNativeQuery(getAllAppsFunctionsOfUser) + .setParameter("userId", OrgUserId).getResultList(); + Set<String> getRoleFuncListOfPortalSet = new HashSet<>(getRoleFuncListOfPortal); + Set<String> roleFunSet = getRoleFuncListOfPortalSet.stream().filter(x -> x.contains("|")) + .collect(Collectors.toSet()); + if (!roleFunSet.isEmpty()) { + for (String roleFunction : roleFunSet) { + String roleFun = EcompPortalUtils.getFunctionCode(roleFunction); + getRoleFuncListOfPortalSet.remove(roleFunction); + getRoleFuncListOfPortalSet.add(roleFun); + } } - } - } catch (Exception e) { - result = false; - logger.error(EELFLoggerDelegate.errorLogger, "Failed to assign admin roles operation", e); + + Set<String> finalRoleFunctionSet = new HashSet<>(); + for (String roleFn : getRoleFuncListOfPortalSet) { + finalRoleFunctionSet.add(EPUserUtils.decodeFunctionCode(roleFn)); + } + + return finalRoleFunctionSet; } - return result; - } } diff --git a/portal-BE/src/main/java/org/onap/portal/utils/DateUtil.java b/portal-BE/src/main/java/org/onap/portal/utils/DateUtil.java new file mode 100644 index 00000000..dc7164bc --- /dev/null +++ b/portal-BE/src/main/java/org/onap/portal/utils/DateUtil.java @@ -0,0 +1,58 @@ +/* + * ============LICENSE_START========================================== + * ONAP Portal + * =================================================================== + * Copyright (C) 2019 AT&T Intellectual Property. All rights reserved. + * =================================================================== + * Modifications Copyright (c) 2019 Samsung + * =================================================================== + * + * Unless otherwise specified, all software contained herein is licensed + * under the Apache License, Version 2.0 (the "License"); + * you may not use this software except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + * Unless otherwise specified, all documentation contained herein is licensed + * under the Creative Commons License, Attribution 4.0 Intl. (the "License"); + * you may not use this documentation except in compliance with the License. + * You may obtain a copy of the License at + * + * https://creativecommons.org/licenses/by/4.0/ + * + * Unless required by applicable law or agreed to in writing, documentation + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + * ============LICENSE_END============================================ + * + * + */ + +package org.onap.portal.utils; + +import java.text.SimpleDateFormat; + +public class DateUtil { + + private DateUtil() { + throw new IllegalStateException("Utility class"); + } + + public static SimpleDateFormat getDateFormat() { + return new SimpleDateFormat("HH:mm:ss:SSSS"); + } + + public static SimpleDateFormat getRequestDateFormat(){ + return new SimpleDateFormat("EEE, dd MMM YYYY HH:mm:ss z"); + } +} diff --git a/portal-BE/src/main/resources/conf/scheduler.properties b/portal-BE/src/main/resources/conf/scheduler.properties new file mode 100644 index 00000000..ce52554c --- /dev/null +++ b/portal-BE/src/main/resources/conf/scheduler.properties @@ -0,0 +1,61 @@ +### +# ============LICENSE_START========================================== +# ONAP Portal +# =================================================================== +# Copyright (C) 2017 AT&T Intellectual Property. All rights reserved. +# =================================================================== +# +# Unless otherwise specified, all software contained herein is licensed +# under the Apache License, Version 2.0 (the "License"); +# you may not use this software except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# Unless otherwise specified, all documentation contained herein is licensed +# under the Creative Commons License, Attribution 4.0 Intl. (the "License"); +# you may not use this documentation except in compliance with the License. +# You may obtain a copy of the License at +# +# https://creativecommons.org/licenses/by/4.0/ +# +# Unless required by applicable law or agreed to in writing, documentation +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# ============LICENSE_END============================================ +# +# +### + + +##scheduler authentication credentials +scheduler.user.name=test1 +scheduler.password=test2 +#scheduler properties +scheduler.server.url=http://mtanjv9sdlg10.aic.cip.onap.com:8989/scheduler +scheduler.create.new.vnf.change.instance=/v1/ChangeManagement/schedules/ +scheduler.get.time.slots=/v1/ChangeManagement/schedules/ +scheduler.submit.new.vnf.change=/v1/ChangeManagement/schedules/{scheduleId}/approvals +vid.truststore.filename=C:\\Temp\\vid_keystore.jks +vid.truststore.passwd.x=OBF:1wgg1wfq1uus1uui1x131x0r1x1v1x1j1uvo1uve1wg81wfi + +#scheduler-policy properties +policy.server.url=https://policypdp-conexus-e2e.ecomp.cci.onap.com:8081/pdp +policy.get.config=/api/getConfig +policy.ClientAuth=UHlQRFBTZXJ2ZXI6dGVzdA== +policy.client.mechId=m06814@controller.dcae.ecomp.onap.com +policy.client.password=OBF:1ffu1qvu1t2z1l161fuk1i801nz91ro41xf71xfv1rqi1nx51i7y1fuq1kxw1t371qxw1fh0 +policy.username=testpdp +policy.password=OBF:1igd1kft1l1a1sw61svs1kxs1kcl1idt +policy.Authorization=dGVzdHBkcDphbHBoYTEyMw== +policy.environment=TEST + |