From 72bff4d6db3a055c453b76ef82f0ec013edf55ca Mon Sep 17 00:00:00 2001
From: Sudarshan Kumar <sudarshan.kumar@att.com>
Date: Mon, 30 Mar 2020 16:59:58 +0530
Subject: Changes made for Role assignment

Support Addition of Roles to Non Human User Id

Issue-ID: PORTAL-866
Change-Id: Ib45f4f56ca97c89e3305090dc5c61a9960049a54
Signed-off-by: Sudarshan Kumar <sudarshan.kumar@att.com>
---
 .../portal/controller/UserRolesController.java     | 38 +++++++++++++++++++++-
 .../portal/service/UserRolesCommonServiceImpl.java | 20 ++++++++----
 2 files changed, 51 insertions(+), 7 deletions(-)

(limited to 'ecomp-portal-BE-common')

diff --git a/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/controller/UserRolesController.java b/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/controller/UserRolesController.java
index 852e2bb8..aa180b0e 100644
--- a/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/controller/UserRolesController.java
+++ b/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/controller/UserRolesController.java
@@ -2,7 +2,7 @@
  * ============LICENSE_START==========================================
  * ONAP Portal
  * ===================================================================
- * Copyright (C) 2019 AT&T Intellectual Property. All rights reserved.
+ * Copyright (C) 2020 AT&T Intellectual Property. All rights reserved.
  * ===================================================================
  *
  * Unless otherwise specified, all software contained herein is licensed
@@ -46,6 +46,7 @@ import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
 import org.apache.cxf.transport.http.HTTPException;
 import org.onap.portalapp.controller.EPRestrictedBaseController;
+import org.onap.portalapp.portal.domain.EPApp;
 import org.onap.portalapp.portal.domain.EPRole;
 import org.onap.portalapp.portal.domain.EPUser;
 import org.onap.portalapp.portal.domain.EPUserAppCatalogRoles;
@@ -58,6 +59,7 @@ import org.onap.portalapp.portal.logging.aop.EPEELFLoggerAdvice;
 import org.onap.portalapp.portal.logging.logic.EPLogUtil;
 import org.onap.portalapp.portal.service.AdminRolesService;
 import org.onap.portalapp.portal.service.ApplicationsRestClientService;
+import org.onap.portalapp.portal.service.EPAppService;
 import org.onap.portalapp.portal.service.SearchService;
 import org.onap.portalapp.portal.service.UserRolesService;
 import org.onap.portalapp.portal.transport.AppNameIdIsAdmin;
@@ -75,6 +77,7 @@ import org.onap.portalsdk.core.domain.AuditLog;
 import org.onap.portalsdk.core.logging.logic.EELFLoggerDelegate;
 import org.onap.portalsdk.core.restful.domain.EcompRole;
 import org.onap.portalsdk.core.service.AuditService;
+import org.onap.portalsdk.core.service.DataAccessService;
 import org.onap.portalsdk.core.util.SystemProperties;
 import org.slf4j.MDC;
 import org.springframework.beans.factory.annotation.Autowired;
@@ -103,6 +106,8 @@ public class UserRolesController extends EPRestrictedBaseController {
     private ApplicationsRestClientService applicationsRestClientService;
     @Autowired
     private AuditService auditService;
+    @Autowired
+	private DataAccessService dataAccessService;
 
     private static final String FAILURE = "failure";
 
@@ -288,6 +293,18 @@ public class UserRolesController extends EPRestrictedBaseController {
             EcompPortalUtils.setBadPermissions(user, response, "getAppRolesForUser");
             feErrorString = EcompPortalUtils.getFEErrorString(true, response.getStatus());
         } else {
+        	try {
+        		if(orgUserId!=null) {
+	        		EPUser localUser  = getUserInfo(orgUserId,applicationsRestClientService);
+	        		if(localUser !=null) {
+	        			if(localUser.isSystemUser()) {
+	        				isSystemUser = true;
+	        			}
+	        		}
+        		}
+			} catch (Exception e) {
+				logger.error(EELFLoggerDelegate.errorLogger, "isSystemUser update failed", e);
+			}
             if ((!isSystemUser && EcompPortalUtils.legitimateUserId(orgUserId)) || isSystemUser) {
                 result = userRolesService.getAppRolesForUser(appid, orgUserId, extRequestValue, user);
                 logger.debug(EELFLoggerDelegate.debugLogger, "getAppRolesForUser: result {}, appId {}", result, appid);
@@ -572,4 +589,23 @@ public class UserRolesController extends EPRestrictedBaseController {
         }
         return isSuperAdmin;
     }
+    
+    /**
+	 * 
+	 * @param userId
+	 * @param app
+	 * @param applicationsRestClientService
+	 * @return EPUser
+	 * @throws HTTPException
+	 */
+	protected EPUser getUserInfo(String userId, ApplicationsRestClientService applicationsRestClientService)
+			throws HTTPException {
+		@SuppressWarnings("unchecked")
+		List<EPUser> userList = (List<EPUser>) dataAccessService
+				.executeQuery("from EPUser where orgUserId='" + userId + "'", null);
+		if (userList != null && !userList.isEmpty())
+			return userList.get(0);
+		else
+			return null;
+	}
 }
diff --git a/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/service/UserRolesCommonServiceImpl.java b/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/service/UserRolesCommonServiceImpl.java
index ab688820..e5ce2068 100644
--- a/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/service/UserRolesCommonServiceImpl.java
+++ b/ecomp-portal-BE-common/src/main/java/org/onap/portalapp/portal/service/UserRolesCommonServiceImpl.java
@@ -2,7 +2,7 @@
  * ============LICENSE_START==========================================
  * ONAP Portal
  * ===================================================================
- * Copyright (C) 2019 AT&T Intellectual Property. All rights reserved.
+ * Copyright (C) 2020 AT&T Intellectual Property. All rights reserved.
  * ===================================================================
  *
  * Unless otherwise specified, all software contained herein is licensed
@@ -1192,7 +1192,7 @@ public class UserRolesCommonServiceImpl  {
 	 * @param roleInAppUser Contains list of active roles 
 	 */
 	@SuppressWarnings("unchecked")
-	private void updateUserRolesInExternalSystem(EPApp app, String orgUserId, List<RoleInAppForUser> roleInAppUser, boolean isPortalRequest,boolean isSystemUser,Set<EcompRole> deletedRolesByApprover,boolean isLoggedInUserRoleAdminofApp) throws Exception
+	private void updateUserRolesInExternalSystem(EPApp app, String orgUserId, List<RoleInAppForUser> roleInAppUser, boolean isPortalRequest,boolean nonHumanUserId,Set<EcompRole> deletedRolesByApprover,boolean isLoggedInUserRoleAdminofApp) throws Exception
 	{
 		try {
 			// check if user exists
@@ -1200,15 +1200,23 @@ public class UserRolesCommonServiceImpl  {
 			userParams.put("orgUserIdValue", orgUserId);
 			List<EPUser> userInfo = checkIfUserExists(userParams);
 			if (userInfo.isEmpty()) {
-				createLocalUserIfNecessary(orgUserId, isSystemUser);
+				createLocalUserIfNecessary(orgUserId, nonHumanUserId);
 			}
 			String name = "";
 			if (EPCommonSystemProperties
-					.containsProperty(EPCommonSystemProperties.EXTERNAL_CENTRAL_ACCESS_USER_DOMAIN) && !isSystemUser) {
-				name = orgUserId
-						+ SystemProperties.getProperty(EPCommonSystemProperties.EXTERNAL_CENTRAL_ACCESS_USER_DOMAIN);
+					.containsProperty(EPCommonSystemProperties.EXTERNAL_CENTRAL_ACCESS_USER_DOMAIN) && !nonHumanUserId) {
+				if(orgUserId.indexOf("@") ==-1) {
+					name = orgUserId + SystemProperties.getProperty(EPCommonSystemProperties.EXTERNAL_CENTRAL_ACCESS_USER_DOMAIN);
+				}else {
+					name = orgUserId;
+				}
 			} else {
 				name = orgUserId;
+				if(nonHumanUserId && orgUserId!=null) {
+            		if(orgUserId.indexOf("@") ==-1) {
+            			name = orgUserId + SystemProperties.getProperty(EPCommonSystemProperties.EXTERNAL_CENTRAL_ACCESS_USER_DOMAIN);
+            		}           		
+            	}
 			}
 			ObjectMapper mapper = new ObjectMapper();
 			HttpHeaders headers = EcompPortalUtils.base64encodeKeyForAAFBasicAuth();
-- 
cgit 1.2.3-korg