From 47bcf09a62fb260a60b90d4f6c8406d956ab5a8a Mon Sep 17 00:00:00 2001 From: "Kotta, Shireesha (sk434m)" Date: Tue, 9 Oct 2018 11:28:41 -0400 Subject: Add roles to user Issue-ID: PORTAL-432 add roles to user when the app is centralized Change-Id: I46a782be24ea1804597dc7205bf98170731ffe4d Signed-off-by: Kotta, Shireesha (sk434m) --- .../service/ApplicationsRestClientServiceImpl.java | 4 +- .../service/ExternalAccessRolesServiceImpl.java | 237 +++++++-------------- .../portal/service/UserRolesCommonServiceImpl.java | 76 ++++++- .../portal/transport/ExternalRoleDescription.java | 68 +----- 4 files changed, 148 insertions(+), 237 deletions(-) (limited to 'ecomp-portal-BE-common/src/main/java/org') diff --git a/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/service/ApplicationsRestClientServiceImpl.java b/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/service/ApplicationsRestClientServiceImpl.java index 5a354f3a..54b915fe 100644 --- a/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/service/ApplicationsRestClientServiceImpl.java +++ b/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/service/ApplicationsRestClientServiceImpl.java @@ -207,8 +207,8 @@ public class ApplicationsRestClientServiceImpl implements ApplicationsRestClient client.header(SystemProperties.USERAGENT_NAME, EPCommonSystemProperties.ECOMP_PORTAL_BE); logger.debug(EELFLoggerDelegate.debugLogger, - String.format("App %d found, baseUri=[%s], Headers: [%s=%s, %s=%s, %s=%s]", appSystemId, appBaseUri, - APP_USERNAME_HEADER, username, PASSWORD_HEADER, encriptedPwd, BASIC_AUTHENTICATION_HEADER, encodingStr)); + String.format("App %d found, baseUri=[%s], Headers: [%s=%s]", appSystemId, appBaseUri, + APP_USERNAME_HEADER, username)); return client; } diff --git a/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/service/ExternalAccessRolesServiceImpl.java b/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/service/ExternalAccessRolesServiceImpl.java index a77b9589..f83a8e34 100644 --- a/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/service/ExternalAccessRolesServiceImpl.java +++ b/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/service/ExternalAccessRolesServiceImpl.java @@ -2,7 +2,7 @@ * ============LICENSE_START========================================== * ONAP Portal * =================================================================== - * Copyright (C) 2017 AT&T Intellectual Property. All rights reserved. + * Copyright (C) 2017-2018 AT&T Intellectual Property. All rights reserved. * =================================================================== * * Unless otherwise specified, all software contained herein is licensed @@ -42,7 +42,6 @@ import java.util.ArrayList; import java.util.HashMap; import java.util.HashSet; import java.util.Iterator; -import java.util.LinkedHashMap; import java.util.List; import java.util.Map; import java.util.Set; @@ -53,7 +52,6 @@ import java.util.stream.Collectors; import org.apache.commons.codec.DecoderException; import org.apache.commons.codec.binary.Hex; -import org.apache.commons.lang.StringUtils; import org.hibernate.Query; import org.hibernate.Session; import org.hibernate.SessionFactory; @@ -99,7 +97,6 @@ import org.onap.portalapp.portal.transport.ExternalAccessRolePerms; import org.onap.portalapp.portal.transport.ExternalAccessUser; import org.onap.portalapp.portal.transport.ExternalAccessUserRoleDetail; import org.onap.portalapp.portal.transport.ExternalRequestFieldsValidator; -import org.onap.portalapp.portal.transport.ExternalRoleDescription; import org.onap.portalapp.portal.transport.GlobalRoleWithApplicationRoleFunction; import org.onap.portalapp.portal.transport.LocalRole; import org.onap.portalapp.portal.utils.EPCommonSystemProperties; @@ -157,8 +154,6 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic private static final String FUNCTION_PIPE = "|"; - private static final String IS_NULL_STRING = "null"; - private static final String EXTERNAL_AUTH_PERMS = "perms"; private static final String EXTERNAL_AUTH_ROLE_DESCRIPTION = "description"; @@ -167,18 +162,10 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic private static final String CONNECTING_TO_EXTERNAL_AUTH_SYSTEM_LOG_MESSAGE = "Connecting to External Auth system"; - private static final String APP_ROLE_ID = "appRoleId"; - private static final String APP_ID = "appId"; - private static final String PRIORITY = "priority"; - - private static final String ACTIVE = "active"; - private static final String ROLE_NAME = "name"; - private static final String ID = "id"; - private static final String APP_ID_EQUALS = " app_id = "; private static EELFLoggerDelegate logger = EELFLoggerDelegate.getLogger(ExternalAccessRolesServiceImpl.class); @@ -315,12 +302,10 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic * @throws Exception * If updateRoleInExternalSystem fails we catch it in logger for detail message */ - @SuppressWarnings("unchecked") private boolean updateRoleInExternalSystem(Role updateExtRole, EPApp app, boolean isGlobalRole) throws Exception { boolean response = false; ObjectMapper mapper = new ObjectMapper(); ResponseEntity deleteResponse = null; - HttpHeaders headers = EcompPortalUtils.base64encodeKeyForAAFBasicAuth(); List epRoleList = null; if (app.getId().equals(PortalConstants.PORTAL_APP_ID) || (isGlobalRole && !app.getId().equals(PortalConstants.PORTAL_APP_ID))) { @@ -328,7 +313,6 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic } else { epRoleList = getPartnerAppRoleInfo(updateExtRole.getId(), app); } - // Assigning functions to global role if ((isGlobalRole && !app.getId().equals(PortalConstants.PORTAL_APP_ID))) { List globalRoleFunctionListNew = convertSetToListOfRoleFunctions(updateExtRole); @@ -360,86 +344,29 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic list = mapper.readValue(perms.toString(), TypeFactory.defaultInstance() .constructCollectionType(List.class, ExternalAccessPerms.class)); } - ExternalRoleDescription sysRoleList = mapper.readValue(desc, ExternalRoleDescription.class); // If role name or role functions are updated then delete // record in External System and add new record to avoid // conflicts - Boolean existingRoleActive; - boolean isActiveValueChanged; - // check role active status - existingRoleActive = new Boolean(sysRoleList.getActive()); - isActiveValueChanged = existingRoleActive.equals(updateExtRole.getActive()); boolean isRoleNameChanged = false; - if (!sysRoleList.getName().equals(updateExtRole.getName())) { + if (!desc.equals(updateExtRole.getName())) { isRoleNameChanged = true; - Map delRoleKeyMapper = new HashMap<>(); - delRoleKeyMapper.put(ROLE_NAME, name); - String delRoleKeyValue = mapper.writeValueAsString(delRoleKeyMapper); - deleteResponse = deleteRoleInExternalSystem(delRoleKeyValue); - if (deleteResponse.getStatusCode().value() != 200) { - logger.error(EELFLoggerDelegate.errorLogger, - "updateRoleInExternalSystem: Failed to delete role in external system due to {} ", - deleteResponse.getBody()); - throw new ExternalAuthSystemException(deleteResponse.getBody()); - } + deleteRoleInExtSystem(mapper, name); addRole(updateExtRole, app.getUebKey()); // add partner functions to the global role in External Auth System - if(!list.isEmpty() && isGlobalRole){ - addPartnerHasRoleFunctionsToGlobalRole(list, mapper, app, updateExtRole); + if (!list.isEmpty() && isGlobalRole) { + addPartnerHasRoleFunctionsToGlobalRole(list, mapper, app, updateExtRole); } - list.removeIf(perm -> EcompPortalUtils.checkNameSpaceMatching(perm.getType(), app.getNameSpace())); - // if role name is changes please ignore the previous functions in External Auth and update with user requested functions - addRemoveFunctionsToRole(updateExtRole, app, mapper, roleFunctionListNew, name, - list); + list.removeIf( + perm -> EcompPortalUtils.checkNameSpaceMatching(perm.getType(), app.getNameSpace())); + // if role name is changes please ignore the previous functions in External Auth + // and update with user requested functions + addRemoveFunctionsToRole(updateExtRole, app, mapper, roleFunctionListNew, name, list); } - boolean checkPriorityStatus = StringUtils.equals(String.valueOf(sysRoleList.getPriority()), - String.valueOf(updateExtRole.getPriority())); - ExternalAccessRole updateRole = new ExternalAccessRole(); - if (!isActiveValueChanged || !checkPriorityStatus || sysRoleList.getId().equals(IS_NULL_STRING) - || !sysRoleList.getId().equals(String.valueOf(epRoleList.get(0).getId()))) { - String updateDesc = ""; - List getRole; - final Map getAppRoleByName = new HashMap<>(); - getAppRoleByName.put(APP_ROLE_NAME_PARAM, updateExtRole.getName()); - if (app.getId().equals(PortalConstants.PORTAL_APP_ID)) { - getRole = dataAccessService.executeNamedQuery(GET_PORTAL_APP_ROLES_QUERY, getAppRoleByName, - null); - } else { - getAppRoleByName.put("appId", String.valueOf(app.getId())); - getRole = dataAccessService.executeNamedQuery(GET_ROLE_TO_UPDATE_IN_EXTERNAL_AUTH_SYSTEM, - getAppRoleByName, null); - } - Map extSystemUpdateRoleJsonMapper = new LinkedHashMap<>(); - extSystemUpdateRoleJsonMapper.put(ID, String.valueOf(getRole.get(0).getId())); - extSystemUpdateRoleJsonMapper.put(ROLE_NAME, String.valueOf(updateExtRole.getName())); - extSystemUpdateRoleJsonMapper.put(ACTIVE, String.valueOf(updateExtRole.getActive())); - extSystemUpdateRoleJsonMapper.put(PRIORITY, String.valueOf(updateExtRole.getPriority())); - if (app.getId().equals(PortalConstants.PORTAL_APP_ID)) { - extSystemUpdateRoleJsonMapper.put(APP_ID, "null"); - extSystemUpdateRoleJsonMapper.put(APP_ROLE_ID, "null"); - } else { - extSystemUpdateRoleJsonMapper.put(APP_ID, String.valueOf(app.getId())); - extSystemUpdateRoleJsonMapper.put(APP_ROLE_ID, - String.valueOf(getRole.get(0).getAppRoleId())); - - } - updateDesc = mapper.writeValueAsString(extSystemUpdateRoleJsonMapper); - updateRole.setName(app.getNameSpace() + "." + updateExtRole.getName().replaceAll( - EcompPortalUtils.EXTERNAL_CENTRAL_AUTH_ROLE_HANDLE_SPECIAL_CHARACTERS, "_")); - updateRole.setDescription(updateDesc); - String updateRoleDesc = mapper.writeValueAsString(updateRole); - HttpEntity entity = new HttpEntity<>(updateRoleDesc, headers); - logger.debug(EELFLoggerDelegate.debugLogger, "updateRoleInExternalSystem: {} for PUT: {}", - CONNECTING_TO_EXTERNAL_AUTH_SYSTEM_LOG_MESSAGE, updateRoleDesc); - ResponseEntity updatePermsResponse = template.exchange( - SystemProperties.getProperty(EPCommonSystemProperties.EXTERNAL_CENTRAL_ACCESS_URL) - + "role", - HttpMethod.PUT, entity, String.class); - logger.debug(EELFLoggerDelegate.debugLogger, - "updateRoleInExternalSystem: Finished updating in External Auth system {} and status code: {} ", - updateRoleDesc, updatePermsResponse.getStatusCode().value()); + // Delete role in External System if role is inactive + if (!updateExtRole.getActive()) { + deleteRoleInExtSystem(mapper, name); } - if(!isRoleNameChanged) { + if (!isRoleNameChanged) { response = addRemoveFunctionsToRole(updateExtRole, app, mapper, roleFunctionListNew, name, list); } @@ -447,17 +374,41 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic } else { // It seems like role exists in local DB but not in External // Access system - addRole(updateExtRole, app.getUebKey()); - List roleFunctionListUpdate = convertSetToListOfRoleFunctions(updateExtRole); - response = true; - if (!roleFunctionListUpdate.isEmpty()) { - addRoleFunctionsInExternalSystem(updateExtRole, mapper, app); + if (updateExtRole.getActive()) { + addRole(updateExtRole, app.getUebKey()); + ExternalAccessRolePerms extAddRolePerms = null; + ExternalAccessPerms extAddPerms = null; + List roleFunctionListAdd = convertSetToListOfRoleFunctions(updateExtRole); + HttpHeaders headers = EcompPortalUtils.base64encodeKeyForAAFBasicAuth(); + for (RoleFunction roleFunc : roleFunctionListAdd) { + extAddPerms = new ExternalAccessPerms(app.getNameSpace() + "." + roleFunc.getType(), + roleFunc.getCode(), roleFunc.getAction()); + extAddRolePerms = new ExternalAccessRolePerms(extAddPerms, + app.getNameSpace() + "." + updateExtRole.getName().replaceAll( + EcompPortalUtils.EXTERNAL_CENTRAL_AUTH_ROLE_HANDLE_SPECIAL_CHARACTERS, "_")); + response = addRoleFuncExtSysRestAPI(mapper, extAddRolePerms, headers); + } } } } return response; } + private void deleteRoleInExtSystem(ObjectMapper mapper, String name) + throws JsonProcessingException, Exception, ExternalAuthSystemException { + ResponseEntity deleteResponse; + Map delRoleKeyMapper = new HashMap<>(); + delRoleKeyMapper.put(ROLE_NAME, name); + String delRoleKeyValue = mapper.writeValueAsString(delRoleKeyMapper); + deleteResponse = deleteRoleInExternalSystem(delRoleKeyValue); + if (deleteResponse.getStatusCode().value() != 200) { + logger.error(EELFLoggerDelegate.errorLogger, + "updateRoleInExternalSystem: Failed to delete role in external system due to {} ", + deleteResponse.getBody()); + throw new ExternalAuthSystemException(deleteResponse.getBody()); + } + } + private boolean addRemoveFunctionsToRole(Role updateExtRole, EPApp app, ObjectMapper mapper, List roleFunctionListNew, String name, List list) throws Exception { boolean response; @@ -701,54 +652,23 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic } } - /** - * - * It adds functions to the role in external auth system - * - * @param updateExtRole - * @param addPermsMapper - * @param app - * @return true if success else false - * @throws Exception - */ - private boolean addRoleFunctionsInExternalSystem(Role updateExtRole, ObjectMapper addPermsMapper, EPApp app) - throws Exception { - boolean response = false; - ExternalAccessRolePerms extAddRolePerms = null; - ExternalAccessPerms extAddPerms = null; - List roleFunctionListAdd = convertSetToListOfRoleFunctions(updateExtRole); - HttpHeaders headers = EcompPortalUtils.base64encodeKeyForAAFBasicAuth(); - for (RoleFunction roleFunc : roleFunctionListAdd) { - String code = ""; - String type= ""; - String action = ""; - if (roleFunc.getCode().contains(FUNCTION_PIPE)) { - code = EcompPortalUtils.getFunctionCode(roleFunc.getCode()); - type = getFunctionCodeType(roleFunc.getCode()); - action = getFunctionCodeAction(roleFunc.getCode()); - } else { - code = roleFunc.getCode(); - type = roleFunc.getCode().contains("menu") ? "menu" : "url"; - action = "*"; - } - extAddPerms = new ExternalAccessPerms(app.getNameSpace() + "." + type, code, action); - extAddRolePerms = new ExternalAccessRolePerms(extAddPerms, - app.getNameSpace() + "." + updateExtRole.getName().replaceAll(EcompPortalUtils.EXTERNAL_CENTRAL_AUTH_ROLE_HANDLE_SPECIAL_CHARACTERS, "_")); - String updateRolePerms = addPermsMapper.writeValueAsString(extAddRolePerms); - HttpEntity entity = new HttpEntity<>(updateRolePerms, headers); - logger.debug(EELFLoggerDelegate.debugLogger, "addRoleFunctionsInExternalSystem: {} for POST: {} " , CONNECTING_TO_EXTERNAL_AUTH_SYSTEM_LOG_MESSAGE, updateRolePerms); - ResponseEntity addResponse = template.exchange( - SystemProperties.getProperty(EPCommonSystemProperties.EXTERNAL_CENTRAL_ACCESS_URL) + "role/perm", - HttpMethod.POST, entity, String.class); - if (addResponse.getStatusCode().value() != 201) { - response = false; - logger.debug(EELFLoggerDelegate.debugLogger, - "addRoleFunctionsInExternalSystem: While adding permission to the role in External Auth system something went wrong! due to {} and statuscode: {}", - addResponse.getStatusCode().getReasonPhrase(), addResponse.getStatusCode().value()); - } else { - response = true; - logger.debug(EELFLoggerDelegate.debugLogger, "addRoleFunctionsInExternalSystem: Finished adding permissions to roles in External Auth system {} and status code: {} ", updateRolePerms, addResponse.getStatusCode().value()); - } + private boolean addRoleFuncExtSysRestAPI(ObjectMapper addPermsMapper, ExternalAccessRolePerms extAddRolePerms, + HttpHeaders headers) throws JsonProcessingException { + boolean response; + String updateRolePerms = addPermsMapper.writeValueAsString(extAddRolePerms); + HttpEntity entity = new HttpEntity<>(updateRolePerms, headers); + logger.debug(EELFLoggerDelegate.debugLogger, "addRoleFunctionsInExternalSystem: {} for POST: {} " , CONNECTING_TO_EXTERNAL_AUTH_SYSTEM_LOG_MESSAGE, updateRolePerms); + ResponseEntity addResponse = template.exchange( + SystemProperties.getProperty(EPCommonSystemProperties.EXTERNAL_CENTRAL_ACCESS_URL) + "role/perm", + HttpMethod.POST, entity, String.class); + if (addResponse.getStatusCode().value() != 201 && addResponse.getStatusCode().value() != 409) { + response = false; + logger.debug(EELFLoggerDelegate.debugLogger, + "addRoleFunctionsInExternalSystem: While adding permission to the role in External Auth system something went wrong! due to {} and statuscode: {}", + addResponse.getStatusCode().getReasonPhrase(), addResponse.getStatusCode().value()); + } else { + response = true; + logger.debug(EELFLoggerDelegate.debugLogger, "addRoleFunctionsInExternalSystem: Finished adding permissions to roles in External Auth system {} and status code: {} ", updateRolePerms, addResponse.getStatusCode().value()); } return response; } @@ -823,17 +743,8 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic ObjectMapper mapper = new ObjectMapper(); String addNewRole = ""; ExternalAccessRole extRole = new ExternalAccessRole(); - String addDesc = null; - Map extSystemJsonMapper = new LinkedHashMap<>(); - extSystemJsonMapper.put(ID, String.valueOf(newRole.get(0).getId())); - extSystemJsonMapper.put(ROLE_NAME, String.valueOf(newRole.get(0).getName())); - extSystemJsonMapper.put(ACTIVE, String.valueOf(newRole.get(0).getActive())); - extSystemJsonMapper.put(PRIORITY, String.valueOf(newRole.get(0).getPriority())); - extSystemJsonMapper.put(APP_ID, String.valueOf(newRole.get(0).getAppId())); - extSystemJsonMapper.put(APP_ROLE_ID, String.valueOf(newRole.get(0).getAppRoleId())); - addDesc = mapper.writeValueAsString(extSystemJsonMapper); extRole.setName(app.getNameSpace() + "." + newRole.get(0).getName().replaceAll(EcompPortalUtils.EXTERNAL_CENTRAL_AUTH_ROLE_HANDLE_SPECIAL_CHARACTERS, "_")); - extRole.setDescription(addDesc); + extRole.setDescription(String.valueOf(newRole.get(0).getName())); addNewRole = mapper.writeValueAsString(extRole); HttpEntity postEntity = new HttpEntity<>(addNewRole, headers); logger.debug(EELFLoggerDelegate.debugLogger, "addNewRoleInExternalSystem: {} for POST: {} " , CONNECTING_TO_EXTERNAL_AUTH_SYSTEM_LOG_MESSAGE, addNewRole); @@ -1258,13 +1169,11 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic */ @SuppressWarnings("unchecked") private CentralV2User createEPUser(EPUser userInfo, Set userAppSet, EPApp app) throws Exception { - final Map params = new HashMap<>(); CentralV2User userAppList = new CentralV2User(); CentralV2User user1 = null; final Map params1 = new HashMap<>(); List globalRoleList = new ArrayList<>(); - try { if (app.getId() != PortalConstants.PORTAL_APP_ID) { params1.put("userId", userInfo.getId()); @@ -1781,7 +1690,7 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic String deleteRoleKey = "{\"name\":\"" + app.getNameSpace() + "." + epRoleList.get(0).getName() .replaceAll(EcompPortalUtils.EXTERNAL_CENTRAL_AUTH_ROLE_HANDLE_SPECIAL_CHARACTERS, "_") + "\"}"; deleteResponse = deleteRoleInExternalSystem(deleteRoleKey); - if (deleteResponse.getStatusCode().value() != 200 || deleteResponse.getStatusCode().value() != 404) { + if (deleteResponse.getStatusCode().value() != 200 && deleteResponse.getStatusCode().value() != 404) { EPLogUtil.logExternalAuthAccessAlarm(logger, deleteResponse.getStatusCode()); logger.error(EELFLoggerDelegate.errorLogger, "deleteRoleForApplication: Failed to delete role in external auth system! due to {} ", @@ -2190,7 +2099,8 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic if (extPerms.getJSONObject(i).has("description")) { description = extPerms.getJSONObject(i).getString(EXTERNAL_AUTH_ROLE_DESCRIPTION); } else { - description = extPerms.getJSONObject(i).getString("instance"); + description = extPerms.getJSONObject(i).getString("type")+"|"+extPerms.getJSONObject(i).getString("instance") + +"|"+extPerms.getJSONObject(i).getString("action"); } if (extPerms.getJSONObject(i).has("roles")) { ObjectMapper rolesListMapper = new ObjectMapper(); @@ -2341,7 +2251,7 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic roleParams.put(APP_ROLE_NAME_PARAM, role); List roleCreated = null; if (app.getId().equals(PortalConstants.PORTAL_APP_ID)) { - roleCreated = dataAccessService.executeNamedQuery(GET_ROLE_TO_UPDATE_IN_EXTERNAL_AUTH_SYSTEM, roleParams, + roleCreated = dataAccessService.executeNamedQuery(GET_PORTAL_APP_ROLES_QUERY, roleParams, null); } else { roleParams.put("appId", String.valueOf(app.getId())); @@ -2710,6 +2620,7 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic JSONArray extRole = getAppRolesJSONFromExtAuthSystem(app); logger.debug(EELFLoggerDelegate.debugLogger, "Entering into getExternalRoleDetailsList"); + //refactoring done List externalRoleDetailsList = getExternalRoleDetailsList(app, mapper, extRole); @@ -2899,20 +2810,17 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic ObjectMapper mapper, JSONArray extRole) throws IOException { List externalRoleDetailsList = new ArrayList<>(); - ExternalRoleDescription ApplicationRole = new ExternalRoleDescription(); ExternalAccessPerms externalAccessPerms = new ExternalAccessPerms(); List functionCodelist = new ArrayList<>(); Map curRolesMap = getCurrentRolesInDB(app); - for (int i = 0; i < extRole.length(); i++) { ExternalRoleDetails externalRoleDetail = new ExternalRoleDetails(); EPAppRoleFunction ePAppRoleFunction = new EPAppRoleFunction(); JSONObject Role = (JSONObject) extRole.get(i); - String roleName = extRole.getJSONObject(i).getString(ROLE_NAME); - ApplicationRole.setName(roleName.substring(app.getNameSpace().length() + 1)); + String name = extRole.getJSONObject(i).getString(ROLE_NAME); + String actualRoleName = name.substring(app.getNameSpace().length() + 1); if (extRole.getJSONObject(i).has(EXTERNAL_AUTH_ROLE_DESCRIPTION)) { - String desc = extRole.getJSONObject(i).getString(EXTERNAL_AUTH_ROLE_DESCRIPTION); - ApplicationRole.setName(desc); + actualRoleName = extRole.getJSONObject(i).getString(EXTERNAL_AUTH_ROLE_DESCRIPTION); } SortedSet externalAccessPermsOfRole = new TreeSet<>(); if (extRole.getJSONObject(i).has(EXTERNAL_AUTH_PERMS)) { @@ -2932,14 +2840,14 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic } } externalRoleDetail.setActive(true); - externalRoleDetail.setName(ApplicationRole.getName()); + externalRoleDetail.setName(actualRoleName); if (app.getId() == 1) { externalRoleDetail.setAppId(null); } else { externalRoleDetail.setAppId(app.getId()); } // get role functions from DB - EPRole currRole = curRolesMap.get(ApplicationRole.getName() + EPRole currRole = curRolesMap.get(actualRoleName .replaceAll(EcompPortalUtils.EXTERNAL_CENTRAL_AUTH_ROLE_HANDLE_SPECIAL_CHARACTERS, "_")); Long roleId = null; if (currRole != null) @@ -3045,6 +2953,9 @@ public class ExternalAccessRolesServiceImpl implements ExternalAccessRolesServic logger.debug(EELFLoggerDelegate.debugLogger, "syncApplicationRolesWithEcompDB: Finished GET roles from External Auth system and the result is :", res); + if(res == null || res.trim().isEmpty()) + return null; + JSONObject jsonObj = new JSONObject(res); JSONArray extRole = jsonObj.getJSONArray("userRole"); diff --git a/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/service/UserRolesCommonServiceImpl.java b/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/service/UserRolesCommonServiceImpl.java index 2eb7c948..b0dd4a21 100644 --- a/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/service/UserRolesCommonServiceImpl.java +++ b/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/service/UserRolesCommonServiceImpl.java @@ -823,6 +823,72 @@ public class UserRolesCommonServiceImpl { return addRemoteUser; } + + private EPUser pushRemoteUser(List roleInAppForUserList, String userId, EPApp app, + ObjectMapper mapper, SearchService searchService, + ApplicationsRestClientService applicationsRestClientService) throws Exception { + EPUser addRemoteUser = null; + if (remoteUserShouldBeCreated(roleInAppForUserList)) { + pushUserOnRemoteApp(userId, app, applicationsRestClientService, searchService, mapper, + isAppUpgradeVersion(app), roleInAppForUserList); + } + return addRemoteUser; + } + + protected void pushUserOnRemoteApp(String userId, EPApp app, + ApplicationsRestClientService applicationsRestClientService, SearchService searchService, + ObjectMapper mapper, boolean postOpenSource, List roleInAppForUserList) throws Exception { + + EPUser client = searchService.searchUserByUserId(userId); + + mapper.configure(DeserializationFeature.FAIL_ON_UNKNOWN_PROPERTIES, false); + + if (client == null) { + String msg = "cannot create user " + userId + ", because he/she cannot be found in phonebook."; + logger.error(EELFLoggerDelegate.errorLogger, msg); + throw new Exception(msg); + } + + client.setLoginId(userId); + client.setActive(true); + roleInAppForUserList.removeIf(role -> role.isApplied.equals(false)); + Set userRolesInRemoteApp = constructUsersRemoteAppRoles(roleInAppForUserList); + SortedSet roles = new TreeSet<>(); + List getAppRoles = getAppRoles(app.getId()); + for (EcompRole epRole : userRolesInRemoteApp) { + Role role = new Role(); + EPRole appRole = getAppRoles.stream() + .filter(applicationRole -> epRole.getId().equals(applicationRole.getId())) + .findAny() + .orElse(null); + if(appRole != null) + role.setId(appRole.getAppRoleId()); + role.setName(epRole.getName()); + roles.add(role); + } + client.setRoles(roles); + String userInString = null; + userInString = mapper.writerFor(EPUser.class).writeValueAsString(client); + logger.debug(EELFLoggerDelegate.debugLogger, + "about to post a client to remote application, users json = " + userInString); + applicationsRestClientService.post(EPUser.class, app.getId(), userInString, String.format("/user/%s", userId)); + + } + + + public List getAppRoles(Long appId) throws Exception { + List applicationRoles = null; + final Map appParams = new HashMap<>(); + try { + appParams.put("appId", appId); + applicationRoles = dataAccessService.executeNamedQuery("getPartnerAppRolesList", appParams, null); + } catch (Exception e) { + logger.error(EELFLoggerDelegate.errorLogger, "getAppRoles: failed", e); + throw e; + } + return applicationRoles; + } + /** * It checks whether the remote user exists or not * if exits returns user object else null @@ -883,16 +949,12 @@ public class UserRolesCommonServiceImpl { // if centralized app if (app.getCentralAuth()) { if (!app.getId().equals(PortalConstants.PORTAL_APP_ID)) { - try { - addRemoteUser(roleInAppForUserList, userId, app, mapper, searchService, + pushRemoteUser(roleInAppForUserList, userId, app, mapper, searchService, applicationsRestClientService); - } catch (Exception e) { - String message=e.getMessage(); - logger.error(EELFLoggerDelegate.errorLogger, message, e); - } } - Set userRolesInLocalApp = postUsersRolesToLocalApp(roleInAppForUserList, mapper, + + Set userRolesInLocalApp = postUsersRolesToLocalApp(roleInAppForUserList, mapper, applicationsRestClientService, appId, userId); RolesInAppForUser rolesInAppForUser = constructRolesInAppForUserUpdate(userId, appId, userRolesInLocalApp); diff --git a/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/transport/ExternalRoleDescription.java b/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/transport/ExternalRoleDescription.java index dd013c78..b9781071 100644 --- a/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/transport/ExternalRoleDescription.java +++ b/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/transport/ExternalRoleDescription.java @@ -39,59 +39,20 @@ package org.onap.portalapp.portal.transport; public class ExternalRoleDescription { - private String id; private String name; - private String active; - private String priority; - private String appId; - private String appRoleId; - public String getId() { - return id; - } - public void setId(String id) { - this.id = id; - } public String getName() { return name; } public void setName(String name) { this.name = name; } - public String getActive() { - return active; - } - public void setActive(String active) { - this.active = active; - } - public String getPriority() { - return priority; - } - public void setPriority(String priority) { - this.priority = priority; - } - public String getAppId() { - return appId; - } - public void setAppId(String appId) { - this.appId = appId; - } - public String getAppRoleId() { - return appRoleId; - } - public void setAppRoleId(String appRoleId) { - this.appRoleId = appRoleId; - } + @Override public int hashCode() { final int prime = 31; int result = 1; - result = prime * result + ((active == null) ? 0 : active.hashCode()); - result = prime * result + ((appId == null) ? 0 : appId.hashCode()); - result = prime * result + ((appRoleId == null) ? 0 : appRoleId.hashCode()); - result = prime * result + ((id == null) ? 0 : id.hashCode()); result = prime * result + ((name == null) ? 0 : name.hashCode()); - result = prime * result + ((priority == null) ? 0 : priority.hashCode()); return result; } @Override @@ -103,38 +64,15 @@ public class ExternalRoleDescription { if (getClass() != obj.getClass()) return false; ExternalRoleDescription other = (ExternalRoleDescription) obj; - if (active == null) { - if (other.active != null) - return false; - } else if (!active.equals(other.active)) - return false; - if (appId == null) { - if (other.appId != null) - return false; - } else if (!appId.equals(other.appId)) - return false; - if (appRoleId == null) { - if (other.appRoleId != null) - return false; - } else if (!appRoleId.equals(other.appRoleId)) - return false; - if (id == null) { - if (other.id != null) - return false; - } else if (!id.equals(other.id)) - return false; if (name == null) { if (other.name != null) return false; } else if (!name.equals(other.name)) return false; - if (priority == null) { - if (other.priority != null) - return false; - } else if (!priority.equals(other.priority)) - return false; return true; } + + } -- cgit 1.2.3-korg