From 627badaf69987c01811c477219fd943757a635f5 Mon Sep 17 00:00:00 2001 From: "Christopher Lott (Christopher) (cl778h)" Date: Mon, 12 Jun 2017 09:49:00 -0400 Subject: [PORTAL-16 PORTAL-18] Widget ms; staging Remove staging repositories from poms. Add widget microservice code base. Add portal unit tests. Repair defects. Normalize line endings. Change-Id: Ia5e48da2a3141b352439ecd548cddf918f4df585 Signed-off-by: Christopher Lott (cl778h) --- .../portalapp/conf/ExternalAppConfig.java | 1 + .../portalapp/controller/ONAPLoginController.java | 162 +++--- .../portalapp/portal/service/EPAppServiceImpl.java | 10 + .../portalapp/portal/service/UserRolesService.java | 58 -- .../portal/service/UserRolesServiceImpl.java | 605 +-------------------- .../portalapp/util/SessionCookieUtil.java | 129 +++++ 6 files changed, 224 insertions(+), 741 deletions(-) delete mode 100644 ecomp-portal-BE-os/src/main/java/org/openecomp/portalapp/portal/service/UserRolesService.java create mode 100644 ecomp-portal-BE-os/src/main/java/org/openecomp/portalapp/util/SessionCookieUtil.java (limited to 'ecomp-portal-BE-os/src/main/java') diff --git a/ecomp-portal-BE-os/src/main/java/org/openecomp/portalapp/conf/ExternalAppConfig.java b/ecomp-portal-BE-os/src/main/java/org/openecomp/portalapp/conf/ExternalAppConfig.java index 971c671a..a16cf56b 100644 --- a/ecomp-portal-BE-os/src/main/java/org/openecomp/portalapp/conf/ExternalAppConfig.java +++ b/ecomp-portal-BE-os/src/main/java/org/openecomp/portalapp/conf/ExternalAppConfig.java @@ -97,6 +97,7 @@ public class ExternalAppConfig extends AppConfig implements Configurable { @Override public void addResourceHandlers(ResourceHandlerRegistry registry) { + registry.addResourceHandler("/app/fusion/**").addResourceLocations("/app/fusion/"); registry.addResourceHandler("/static/**").addResourceLocations("/static/"); registry.addResourceHandler("/images/**").addResourceLocations("/images/"); registry.addResourceHandler("/**").addResourceLocations("/public/"); diff --git a/ecomp-portal-BE-os/src/main/java/org/openecomp/portalapp/controller/ONAPLoginController.java b/ecomp-portal-BE-os/src/main/java/org/openecomp/portalapp/controller/ONAPLoginController.java index 1f45d982..67f79b8b 100644 --- a/ecomp-portal-BE-os/src/main/java/org/openecomp/portalapp/controller/ONAPLoginController.java +++ b/ecomp-portal-BE-os/src/main/java/org/openecomp/portalapp/controller/ONAPLoginController.java @@ -1,81 +1,81 @@ -/*- - * ================================================================================ - * ECOMP Portal SDK - * ================================================================================ - * Copyright (C) 2017 AT&T Intellectual Property - * ================================================================================ - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * ================================================================================ - */ -package org.openecomp.portalapp.controller; - -import java.util.HashMap; -import java.util.Map; - -import javax.servlet.http.HttpServletRequest; -import javax.servlet.http.HttpServletResponse; - -import org.openecomp.portalsdk.core.auth.LoginStrategy; -import org.openecomp.portalsdk.core.controller.UnRestrictedBaseController; -import org.openecomp.portalsdk.core.onboarding.listener.PortalTimeoutHandler; -import org.openecomp.portalsdk.core.service.LoginService; -import org.openecomp.portalsdk.core.service.ProfileService; -import org.openecomp.portalsdk.core.web.support.AppUtils; -import org.springframework.beans.factory.annotation.Autowired; -import org.springframework.stereotype.Controller; -import org.springframework.web.bind.annotation.RequestMapping; -import org.springframework.web.bind.annotation.RequestMethod; -import org.springframework.web.servlet.ModelAndView; - -@Controller -@RequestMapping("/") -public class ONAPLoginController extends UnRestrictedBaseController { - @Autowired - ProfileService service; - @Autowired - private LoginService loginService; - @Autowired - private LoginStrategy loginStrategy; - String viewName; - - @RequestMapping(value = { "/doLogin" }, method = RequestMethod.GET) - public ModelAndView doLogin(HttpServletRequest request, HttpServletResponse response) throws Exception { - return loginStrategy.doLogin(request, response); - } - - public String getJessionId(HttpServletRequest request) { - return request.getSession().getId(); - } - - protected void initateSessionMgtHandler(HttpServletRequest request) { - String jSessionId = getJessionId(request); - PortalTimeoutHandler.sessionCreated(jSessionId, jSessionId, AppUtils.getSession(request)); - } - - public String getViewName() { - return viewName; - } - - public void setViewName(String viewName) { - this.viewName = viewName; - } - - public LoginService getLoginService() { - return loginService; - } - - public void setLoginService(LoginService loginService) { - this.loginService = loginService; - } - -} +/*- + * ================================================================================ + * ECOMP Portal SDK + * ================================================================================ + * Copyright (C) 2017 AT&T Intellectual Property + * ================================================================================ + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * ================================================================================ + */ +package org.openecomp.portalapp.controller; + +import java.util.HashMap; +import java.util.Map; + +import javax.servlet.http.HttpServletRequest; +import javax.servlet.http.HttpServletResponse; + +import org.openecomp.portalsdk.core.auth.LoginStrategy; +import org.openecomp.portalsdk.core.controller.UnRestrictedBaseController; +import org.openecomp.portalsdk.core.onboarding.listener.PortalTimeoutHandler; +import org.openecomp.portalsdk.core.service.LoginService; +import org.openecomp.portalsdk.core.service.ProfileService; +import org.openecomp.portalsdk.core.web.support.AppUtils; +import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.stereotype.Controller; +import org.springframework.web.bind.annotation.RequestMapping; +import org.springframework.web.bind.annotation.RequestMethod; +import org.springframework.web.servlet.ModelAndView; + +@Controller +@RequestMapping("/") +public class ONAPLoginController extends UnRestrictedBaseController { + @Autowired + ProfileService service; + @Autowired + private LoginService loginService; + @Autowired + private LoginStrategy loginStrategy; + String viewName; + + @RequestMapping(value = { "/doLogin" }, method = RequestMethod.GET) + public ModelAndView doLogin(HttpServletRequest request, HttpServletResponse response) throws Exception { + return loginStrategy.doLogin(request, response); + } + + public String getJessionId(HttpServletRequest request) { + return request.getSession().getId(); + } + + protected void initateSessionMgtHandler(HttpServletRequest request) { + String jSessionId = getJessionId(request); + PortalTimeoutHandler.sessionCreated(jSessionId, jSessionId, AppUtils.getSession(request)); + } + + public String getViewName() { + return viewName; + } + + public void setViewName(String viewName) { + this.viewName = viewName; + } + + public LoginService getLoginService() { + return loginService; + } + + public void setLoginService(LoginService loginService) { + this.loginService = loginService; + } + +} diff --git a/ecomp-portal-BE-os/src/main/java/org/openecomp/portalapp/portal/service/EPAppServiceImpl.java b/ecomp-portal-BE-os/src/main/java/org/openecomp/portalapp/portal/service/EPAppServiceImpl.java index 074821f6..1f829380 100644 --- a/ecomp-portal-BE-os/src/main/java/org/openecomp/portalapp/portal/service/EPAppServiceImpl.java +++ b/ecomp-portal-BE-os/src/main/java/org/openecomp/portalapp/portal/service/EPAppServiceImpl.java @@ -20,7 +20,9 @@ package org.openecomp.portalapp.portal.service; +import java.security.GeneralSecurityException; import java.util.ArrayList; +import java.util.LinkedList; import java.util.List; import java.util.TreeSet; @@ -33,6 +35,9 @@ import org.springframework.context.annotation.EnableAspectJAutoProxy; import org.springframework.stereotype.Service; import org.springframework.transaction.annotation.Transactional; +import com.att.nsa.cambria.client.CambriaClientFactory; +import com.att.nsa.cambria.client.CambriaTopicManager; + @Service("epAppService") @Transactional @org.springframework.context.annotation.Configuration @@ -68,4 +73,9 @@ public class EPAppServiceImpl extends EPAppCommonServiceImpl implements EPAppSer return userApps; } + + public CambriaTopicManager getTopicManager(LinkedList urlList, String key, String secret) throws GeneralSecurityException, Exception{ + return CambriaClientFactory.createTopicManager( null, urlList, key, secret); + } + } \ No newline at end of file diff --git a/ecomp-portal-BE-os/src/main/java/org/openecomp/portalapp/portal/service/UserRolesService.java b/ecomp-portal-BE-os/src/main/java/org/openecomp/portalapp/portal/service/UserRolesService.java deleted file mode 100644 index b285051c..00000000 --- a/ecomp-portal-BE-os/src/main/java/org/openecomp/portalapp/portal/service/UserRolesService.java +++ /dev/null @@ -1,58 +0,0 @@ -/*- - * ================================================================================ - * ECOMP Portal - * ================================================================================ - * Copyright (C) 2017 AT&T Intellectual Property - * ================================================================================ - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * ================================================================================ - */ -package org.openecomp.portalapp.portal.service; - -import java.util.List; - -import org.apache.cxf.transport.http.HTTPException; -import org.openecomp.portalapp.portal.domain.EPRole; -import org.openecomp.portalapp.portal.domain.EPUser; -import org.openecomp.portalapp.portal.domain.EPUserApp; -import org.openecomp.portalapp.portal.transport.AppWithRolesForUser; -import org.openecomp.portalapp.portal.transport.RoleInAppForUser; -import org.openecomp.portalapp.portal.transport.UserApplicationRoles; - -public interface UserRolesService { - - public List getAppRolesForUser(Long appId, String userId); - - public boolean setAppWithUserRoleStateForUser(EPUser user, AppWithRolesForUser newAppRolesForUser); - - public List getUsersFromAppEndpoint(Long appId) throws HTTPException; - - public List importRolesFromRemoteApplication(Long appId) throws HTTPException; - - - /** - * Gets entries from the local fn_user_role table for the specified user and - * app. - * - * @param appId - * ID of row in fn_app - * @param userid - * ID of row in fn_user - * @return List of EPRole; empty if none found. - */ - public List getCachedAppRolesForUser(Long appId, Long userId); - - public String updateRemoteUserProfile(String orgUserId, Long appId); - - -} diff --git a/ecomp-portal-BE-os/src/main/java/org/openecomp/portalapp/portal/service/UserRolesServiceImpl.java b/ecomp-portal-BE-os/src/main/java/org/openecomp/portalapp/portal/service/UserRolesServiceImpl.java index a0aac922..1f98e752 100644 --- a/ecomp-portal-BE-os/src/main/java/org/openecomp/portalapp/portal/service/UserRolesServiceImpl.java +++ b/ecomp-portal-BE-os/src/main/java/org/openecomp/portalapp/portal/service/UserRolesServiceImpl.java @@ -20,49 +20,23 @@ package org.openecomp.portalapp.portal.service; import java.util.ArrayList; -import java.util.Arrays; -import java.util.Collection; -import java.util.HashMap; -import java.util.HashSet; import java.util.List; -import java.util.Set; -import java.util.TreeSet; -import javax.annotation.PostConstruct; - -import org.apache.commons.lang.StringUtils; import org.apache.cxf.transport.http.HTTPException; -import org.hibernate.Query; -import org.hibernate.Session; -import org.hibernate.SessionFactory; -import org.hibernate.Transaction; import org.openecomp.portalapp.portal.domain.EPApp; import org.openecomp.portalapp.portal.domain.EPRole; import org.openecomp.portalapp.portal.domain.EPUser; import org.openecomp.portalapp.portal.domain.EPUserApp; import org.openecomp.portalapp.portal.logging.aop.EPMetricsLog; -import org.openecomp.portalapp.portal.logging.format.EPAppMessagesEnum; -import org.openecomp.portalapp.portal.logging.logic.EPLogUtil; -import org.openecomp.portalapp.portal.transport.AppWithRolesForUser; -import org.openecomp.portalapp.portal.transport.FunctionalMenuItem; -import org.openecomp.portalapp.portal.transport.FunctionalMenuRole; import org.openecomp.portalapp.portal.transport.RemoteUserWithRoles; -import org.openecomp.portalapp.portal.transport.RoleInAppForUser; -import org.openecomp.portalapp.portal.transport.RolesInAppForUser; import org.openecomp.portalapp.portal.transport.UserApplicationRoles; -import org.openecomp.portalapp.portal.utils.EPSystemProperties; -import org.openecomp.portalapp.portal.utils.EcompPortalUtils; import org.openecomp.portalsdk.core.logging.logic.EELFLoggerDelegate; -import org.openecomp.portalsdk.core.restful.domain.EcompRole; import org.openecomp.portalsdk.core.service.DataAccessService; -import org.openecomp.portalsdk.core.service.UserProfileService; -import org.openecomp.portalsdk.core.util.SystemProperties; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.context.annotation.EnableAspectJAutoProxy; import org.springframework.stereotype.Service; import org.springframework.transaction.annotation.Transactional; -import com.fasterxml.jackson.core.JsonProcessingException; import com.fasterxml.jackson.databind.DeserializationFeature; import com.fasterxml.jackson.databind.ObjectMapper; @@ -71,398 +45,14 @@ import com.fasterxml.jackson.databind.ObjectMapper; @org.springframework.context.annotation.Configuration @EnableAspectJAutoProxy @EPMetricsLog -public class UserRolesServiceImpl implements UserRolesService { - private static Long ACCOUNT_ADMIN_ROLE_ID = 999L; +public class UserRolesServiceImpl extends UserRolesCommonServiceImpl implements UserRolesService { private static EELFLoggerDelegate logger = EELFLoggerDelegate.getLogger(UserRolesServiceImpl.class); - @Autowired - private SessionFactory sessionFactory; @Autowired private DataAccessService dataAccessService; @Autowired - SearchService searchService; - @Autowired - EPAppService appsService; - @Autowired - EPLdapService ldapService; - @Autowired - ApplicationsRestClientService applicationsRestClientService; - @Autowired - EPRoleService epRoleService; - @Autowired - UserProfileService userProfileService; - - @PostConstruct - private void init() { - try { - ACCOUNT_ADMIN_ROLE_ID = Long - .valueOf(SystemProperties.getProperty(EPSystemProperties.ACCOUNT_ADMIN_ROLE_ID)); - } catch (Exception e) { - logger.error(EELFLoggerDelegate.errorLogger, EcompPortalUtils.getStackTrace(e)); - } - } - - private static HashMap hashMapFromEcompRoles(EcompRole[] ecompRoles) { - HashMap result = new HashMap(); - if (ecompRoles != null) { - for (int i = 0; i < ecompRoles.length; i++) { - if (ecompRoles[i].getId() != null) { - result.put(ecompRoles[i].getId(), ecompRoles[i]); - } - } - } - return result; - } - - private void createLocalUserIfNecessary(String orgUserId) { - if (StringUtils.isEmpty(orgUserId)) { - logger.error(EELFLoggerDelegate.errorLogger, "createLocalUserIfNecessary : empty orgUserId!"); - return; - } - Session localSession = null; - Transaction transaction = null; - try { - localSession = sessionFactory.openSession(); - transaction = localSession.beginTransaction(); - @SuppressWarnings("unchecked") - List userList = localSession - .createQuery("from " + EPUser.class.getName() + " where org_user_id='" + orgUserId + "'").list(); - if (userList.size() == 0) { - EPUser client = searchService.searchUserByUserId(orgUserId); - if (client == null) { - String msg = "cannot create user " + orgUserId + ", because he cannot be found in phonebook"; - logger.error(EELFLoggerDelegate.errorLogger, msg); - } else { - client.setLoginId(orgUserId); - client.setActive(true); - localSession.save(client); - } - } - transaction.commit(); - } catch (Exception e) { - EPLogUtil.logEcompError(EPAppMessagesEnum.BeDaoSystemError); - EcompPortalUtils.rollbackTransaction(transaction, "searchOrCreateUser rollback, exception = " + e); - } finally { - EcompPortalUtils.closeLocalSession(localSession, "searchOrCreateUser"); - } - } - - private static void syncUserRoles(SessionFactory sessionFactory, String orgUserId, Long appId, - EcompRole[] userAppRoles) throws Exception { - HashMap newUserAppRolesMap = hashMapFromEcompRoles(userAppRoles); - boolean result = false; - Session localSession = null; - Transaction transaction = null; - - try { - localSession = sessionFactory.openSession(); - transaction = localSession.beginTransaction(); - @SuppressWarnings("unchecked") - List userList = localSession - .createQuery("from " + EPUser.class.getName() + " where org_user_id='" + orgUserId + "'").list(); - if (userList.size() > 0) { - EPUser client = userList.get(0); - @SuppressWarnings("unchecked") - List userRoles = localSession.createQuery("from " + EPUserApp.class.getName() - + " where app.id=" + appId + " and userId=" + client.getId()).list(); - for (EPUserApp userRole : userRoles) { - if (!userRole.getRoleId().equals(ACCOUNT_ADMIN_ROLE_ID)) { - - Long userAppRoleId = userRole.getAppRoleId(); - if (!newUserAppRolesMap.containsKey(userAppRoleId)) { - localSession.delete(userRole); - } else { - newUserAppRolesMap.remove(userAppRoleId); - } - } - } - Collection newRolesToAdd = newUserAppRolesMap.values(); - if (newRolesToAdd.size() > 0) { - EPApp app = (EPApp) localSession.get(EPApp.class, appId); - @SuppressWarnings("unchecked") - List roles = localSession - .createQuery("from " + EPRole.class.getName() + " where appId=" + appId).list(); - HashMap rolesMap = new HashMap(); - for (EPRole role : roles) { - rolesMap.put(role.getAppRoleId(), role); - } - for (EcompRole userRole : newRolesToAdd) { - EPUserApp userApp = new EPUserApp(); - userApp.setUserId(client.getId()); - userApp.setApp(app); - userApp.setRole(rolesMap.get(userRole.getId())); - localSession.save(userApp); - } - } - } - transaction.commit(); - result = true; - } catch (Exception e) { - EPLogUtil.logEcompError(EPAppMessagesEnum.BeDaoSystemError); - EcompPortalUtils.rollbackTransaction(transaction, - "Exception occurred in syncUserRoles, Details: " + EcompPortalUtils.getStackTrace(e)); - } finally { - localSession.close(); - if (!result) { - throw new Exception( - "Exception occurred in syncUserRoles while closing database session for app: '" + appId + "'."); - } - } - } - - // Called when getting the list of roles for the user - private List constructRolesInAppForUserGet(EcompRole[] appRoles, EcompRole[] userAppRoles) { - List rolesInAppForUser = new ArrayList(); - - Set userAppRolesMap = new HashSet(); - if (userAppRoles != null) { - for (EcompRole ecompRole : userAppRoles) { - userAppRolesMap.add(ecompRole.getId()); - } - } else { - String message = String - .format("UserRolesServiceImpl.constructRolesInAppForUserGet has received userAppRoles list empty."); - logger.info(EELFLoggerDelegate.errorLogger, message); - } - - if (appRoles != null) { - for (EcompRole ecompRole : appRoles) { - RoleInAppForUser roleForUser = new RoleInAppForUser(ecompRole.getId(), ecompRole.getName()); - roleForUser.isApplied = userAppRolesMap.contains(ecompRole.getId()); - rolesInAppForUser.add(roleForUser); - } - } else { - String message = String - .format("UserRolesServiceImpl.constructRolesInAppForUser has received appRoles list empty."); - logger.info(EELFLoggerDelegate.errorLogger, message); - } - return rolesInAppForUser; - } - - public List getAppRolesForUser(Long appId, String orgUserId) { - List rolesInAppForUser = null; - try { - EcompRole[] appRoles = applicationsRestClientService.get(EcompRole[].class, appId, "/roles"); - - // Test this error case, for generating an internal Ecomp Portal - // error - // EcompRole[] appRoles = null; - // If there is an exception in the rest client api, then null will - // be returned. - if (appRoles != null) { - syncAppRoles(sessionFactory, appId, appRoles); - EcompRole[] userAppRoles; - try { - userAppRoles = applicationsRestClientService.get(EcompRole[].class, appId, - String.format("/user/%s/roles", orgUserId)); - if (userAppRoles == null) { - if (EcompPortalUtils.getExternalAppResponseCode() == 400) { - EcompPortalUtils.setExternalAppResponseCode(200); - logger.error(EELFLoggerDelegate.errorLogger, - "400 returned from /user/{userid}/roles, assuming user doesn't exist, app is framework SDK based, and things are ok. Overriding to 200 until framework SDK returns a useful response."); - logger.debug(EELFLoggerDelegate.debugLogger, - "400 returned from /user/{userid}/roles, assuming user doesn't exist, app is framework SDK based, and things are ok. Overriding to 200 until framework SDK returns a useful response."); - } - } - // If the remote application isn't down we MUST to sync user - // roles here in case we have this user here! - syncUserRoles(sessionFactory, orgUserId, appId, userAppRoles); - } catch (Exception e) { - // TODO: we may need to check if user exists, maybe remote - // app is down. - logger.error(EELFLoggerDelegate.errorLogger, EcompPortalUtils.getStackTrace(e)); - logger.error(EELFLoggerDelegate.errorLogger, - "LR: user " + orgUserId + " does not exist in remote application: " + appId + "."); - userAppRoles = new EcompRole[0]; - } - rolesInAppForUser = constructRolesInAppForUserGet(appRoles, userAppRoles); - // Test this error case, for generating an external app error - // EcompPortalUtils.setResponseCode(404); - } - } catch (Exception e) { - String message = String.format( - "Received an exception while performing getAppRolesForUser for the User %s, and for the AppId %s, Details: %s", - orgUserId, Long.toString(appId), EcompPortalUtils.getStackTrace(e)); - logger.error(EELFLoggerDelegate.errorLogger, message); - } - return rolesInAppForUser; - - } - - // copies of methods in GetAppsWithUserRoleState - private void syncAppRoles(SessionFactory sessionFactory, Long appId, EcompRole[] appRoles) throws Exception { - logger.debug(EELFLoggerDelegate.debugLogger, "entering syncAppRoles for appId: " + appId); - HashMap newRolesMap = hashMapFromEcompRoles(appRoles); - boolean result = false; - Session localSession = null; - Transaction transaction = null; - - try { - localSession = sessionFactory.openSession(); - transaction = localSession.beginTransaction(); - // Attention! All roles from remote application supposed to be - // active! - @SuppressWarnings("unchecked") - List currentAppRoles = localSession - .createQuery("from " + EPRole.class.getName() + " where appId=" + appId).list(); - List obsoleteRoles = new ArrayList(); - for (int i = 0; i < currentAppRoles.size(); i++) { - EPRole oldAppRole = currentAppRoles.get(i); - if (oldAppRole.getAppRoleId() != null) { - EcompRole role = null; - role = newRolesMap.get(oldAppRole.getAppRoleId()); - if (role != null) { - if (!(role.getName() == null || oldAppRole.getName().equals(role.getName()))) { - oldAppRole.setName(role.getName()); - localSession.update(oldAppRole); - } - newRolesMap.remove(oldAppRole.getAppRoleId()); - } else { - obsoleteRoles.add(oldAppRole); - } - } else { - obsoleteRoles.add(oldAppRole); - } - } - Collection newRolesToAdd = newRolesMap.values(); - for (EcompRole role : newRolesToAdd) { - logger.debug(EELFLoggerDelegate.debugLogger, "about to add missing role: " + role.toString()); - EPRole newRole = new EPRole(); - // Attention! All roles from remote application supposed to be - // active! - newRole.setActive(true); - newRole.setName(role.getName()); - newRole.setAppId(appId); - newRole.setAppRoleId(role.getId()); - localSession.save(newRole); - } - if (obsoleteRoles.size() > 0) { - logger.debug(EELFLoggerDelegate.debugLogger, "we have obsolete roles to delete"); - for (EPRole role : obsoleteRoles) { - logger.debug(EELFLoggerDelegate.debugLogger, "obsolete role: " + role.toString()); - Long roleId = role.getId(); - // delete obsolete roles here - // Must delete all records with foreign key constraints on - // fn_role: - // fn_user_role, fn_role_composite, fn_role_function, - // fn_user_pseudo_role, fn_menu_functional_roles. - // And for fn_menu_functional, if no other roles for that - // menu item, remove the url. - - // Delete from fn_user_role - @SuppressWarnings("unchecked") - List userRoles = localSession.createQuery( - "from " + EPUserApp.class.getName() + " where app.id=" + appId + " and role_id=" + roleId) - .list(); - - logger.debug(EELFLoggerDelegate.debugLogger, "number of userRoles to delete: " + userRoles.size()); - for (EPUserApp userRole : userRoles) { - logger.debug(EELFLoggerDelegate.debugLogger, - "about to delete userRole: " + userRole.toString()); - localSession.delete(userRole); - logger.debug(EELFLoggerDelegate.debugLogger, - "finished deleting userRole: " + userRole.toString()); - } - - // Delete from fn_menu_functional_roles - @SuppressWarnings("unchecked") - List funcMenuRoles = localSession - .createQuery("from " + FunctionalMenuRole.class.getName() + " where roleId=" + roleId) - .list(); - int numMenuRoles = funcMenuRoles.size(); - logger.debug(EELFLoggerDelegate.debugLogger, - "number of funcMenuRoles for roleId: " + roleId + ": " + numMenuRoles); - for (FunctionalMenuRole funcMenuRole : funcMenuRoles) { - Long menuId = funcMenuRole.menuId; - // If this is the only role for this menu item, then the - // app and roles will be gone, - // so must null out the url too, to be consistent - @SuppressWarnings("unchecked") - List funcMenuRoles2 = localSession - .createQuery("from " + FunctionalMenuRole.class.getName() + " where menuId=" + menuId) - .list(); - int numMenuRoles2 = funcMenuRoles2.size(); - logger.debug(EELFLoggerDelegate.debugLogger, - "number of funcMenuRoles for menuId: " + menuId + ": " + numMenuRoles2); - localSession.delete(funcMenuRole); - if (numMenuRoles2 == 1) { - // If this is the only role for this menu item, then - // the app and roles will be gone, - // so must null out the url too, to be consistent - logger.debug(EELFLoggerDelegate.debugLogger, - "There is exactly 1 menu item for this role, so emptying the url"); - @SuppressWarnings("unchecked") - List funcMenuItems = localSession - .createQuery( - "from " + FunctionalMenuItem.class.getName() + " where menuId=" + menuId) - .list(); - if (funcMenuItems.size() > 0) { - logger.debug(EELFLoggerDelegate.debugLogger, "got the menu item"); - FunctionalMenuItem funcMenuItem = funcMenuItems.get(0); - funcMenuItem.url = ""; - localSession.update(funcMenuItem); - } - } - } - - // Delete from fn_role_function - String sql = "DELETE FROM fn_role_function WHERE role_id=" + roleId; - logger.debug(EELFLoggerDelegate.debugLogger, "Executing query: " + sql); - Query query = localSession.createSQLQuery(sql); - query.executeUpdate(); - - // Delete from fn_role_composite - sql = "DELETE FROM fn_role_composite WHERE parent_role_id=" + roleId + " OR child_role_id=" - + roleId; - logger.debug(EELFLoggerDelegate.debugLogger, "Executing query: " + sql); - query = localSession.createSQLQuery(sql); - query.executeUpdate(); - - // Delete from fn_user_pseudo_role - sql = "DELETE FROM fn_user_pseudo_role WHERE pseudo_role_id=" + roleId; - logger.debug(EELFLoggerDelegate.debugLogger, "Executing query: " + sql); - query = localSession.createSQLQuery(sql); - query.executeUpdate(); - - logger.debug(EELFLoggerDelegate.debugLogger, "about to delete the role: " + role.toString()); - localSession.delete(role); - logger.debug(EELFLoggerDelegate.debugLogger, "deleted the role"); - } - } - logger.debug(EELFLoggerDelegate.debugLogger, "about to commit the transaction"); - transaction.commit(); - logger.debug(EELFLoggerDelegate.debugLogger, "committed the transaction"); - result = true; - } catch (Exception e) { - EPLogUtil.logEcompError(EPAppMessagesEnum.BeDaoSystemError); - EcompPortalUtils.rollbackTransaction(transaction, - "Exception occurred in syncAppRoles, Details: " + EcompPortalUtils.getStackTrace(e)); - } finally { - localSession.close(); - if (!result) { - throw new Exception( - "Exception occurred in syncAppRoles while closing database session for app: '" + appId + "'."); - } - } - } - - // Called when updating the list of roles for the user - private RolesInAppForUser constructRolesInAppForUserUpdate(String orgUserId, Long appId, - Set userRolesInRemoteApp) { - RolesInAppForUser result; - result = new RolesInAppForUser(); - result.appId = appId; - result.orgUserId = orgUserId; - for (EcompRole role : userRolesInRemoteApp) { - RoleInAppForUser roleInAppForUser = new RoleInAppForUser(); - roleInAppForUser.roleId = role.getId(); - roleInAppForUser.roleName = role.getName(); - roleInAppForUser.isApplied = new Boolean(true); - result.roles.add(roleInAppForUser); - } - return result; - } + private ApplicationsRestClientService applicationsRestClientService; private EPUser getUserFromRemoteApp(String orgUserId, EPApp app, ApplicationsRestClientService applicationsRestClientService) throws HTTPException { @@ -471,41 +61,6 @@ public class UserRolesServiceImpl implements UserRolesService { return user; } - private boolean remoteUserShouldBeCreated(List roleInAppForUserList) { - for (RoleInAppForUser roleInAppForUser : roleInAppForUserList) { - if (roleInAppForUser.isApplied.booleanValue()) { - return true; - } - } - return false; - } - - private Set postUsersRolesToRemoteApp(List roleInAppForUserList, ObjectMapper mapper, - ApplicationsRestClientService applicationsRestClientService, Long appId, String orgUserId) - throws JsonProcessingException, HTTPException { - Set updatedUserRoles = constructUsersEcompRoles(roleInAppForUserList); - String userRolesAsString = mapper.writeValueAsString(updatedUserRoles); - applicationsRestClientService.post(EcompRole.class, appId, userRolesAsString, - String.format("/user/%s/roles", orgUserId)); - // TODO: We should add code that verifies that the post operation did - // succeed. Because the SDK may still return 200 OK with an html page - // even when it fails! - return updatedUserRoles; - } - - private Set constructUsersEcompRoles(List roleInAppForUserList) { - Set existingUserRoles = new TreeSet(); - for (RoleInAppForUser roleInAppForUser : roleInAppForUserList) { - if (roleInAppForUser.isApplied) { - EcompRole ecompRole = new EcompRole(); - ecompRole.setId(roleInAppForUser.roleId); - ecompRole.setName(roleInAppForUser.roleName); - existingUserRoles.add(ecompRole); - } - } - return existingUserRoles; - } - private static void createNewUserOnRemoteApp(String orgUserId, EPApp app, ApplicationsRestClientService applicationsRestClientService, SearchService searchService, ObjectMapper mapper) throws Exception { @@ -527,126 +82,6 @@ public class UserRolesServiceImpl implements UserRolesService { applicationsRestClientService.post(EPUser.class, app.getId(), userAsString, String.format("/user", orgUserId)); } - public String updateRemoteUserProfile(String orgUserId, Long appId) { - - ObjectMapper mapper = new ObjectMapper(); - mapper.configure(DeserializationFeature.FAIL_ON_UNKNOWN_PROPERTIES, false); - EPUser client = searchService.searchUserByUserId(orgUserId); - EPUser newUser = new EPUser(); - newUser.setActive(client.getActive()); - newUser.setFirstName(client.getFirstName()); - newUser.setLastName(client.getLastName()); - newUser.setLoginId(client.getLoginId()); - newUser.setLoginPwd(client.getLoginPwd()); - newUser.setMiddleInitial(client.getMiddleInitial()); - newUser.setEmail(client.getEmail()); - newUser.setOrgUserId(client.getLoginId()); - try { - String userAsString = mapper.writeValueAsString(newUser); - List appList = appsService.getUserRemoteApps(client.getId().toString()); - // applicationsRestClientService.post(EPUser.class, appId, - // userAsString, String.format("/user", orgUserId)); - for (EPApp eachApp : appList) { - try { - applicationsRestClientService.post(EPUser.class, eachApp.getId(), userAsString, - String.format("/user/%s", orgUserId)); - } catch (Exception e) { - logger.error(EELFLoggerDelegate.errorLogger, "Failed to update user: " + client.getOrgUserId() - + " in remote app. appId = " + eachApp.getId()); - } - } - } catch (Exception e) { - // TODO Auto-generated catch block - e.printStackTrace(); - return "failure"; - } - - return "success"; - - } - - private static final Object syncRests = new Object(); - - @Override - public boolean setAppWithUserRoleStateForUser(EPUser user, AppWithRolesForUser newAppRolesForUser) { - boolean result = false; - String orgUserId = ""; - if (newAppRolesForUser != null && newAppRolesForUser.orgUserId != null) { - orgUserId = newAppRolesForUser.orgUserId.trim(); - } - Long appId = newAppRolesForUser.appId; - List roleInAppForUserList = newAppRolesForUser.appRoles; - if (orgUserId.length() > 0) { - ObjectMapper mapper = new ObjectMapper(); - mapper.configure(DeserializationFeature.FAIL_ON_UNKNOWN_PROPERTIES, false); - - try { - EPApp app = appsService.getApp(appId); - EPUser remoteAppUser = getUserFromRemoteApp(orgUserId, app, applicationsRestClientService); - if (remoteAppUser == null) { - if (remoteUserShouldBeCreated(roleInAppForUserList)) { - createNewUserOnRemoteApp(orgUserId, app, applicationsRestClientService, searchService, mapper); - // If we succeed, we know that the new user was - // persisted on remote app. - remoteAppUser = getUserFromRemoteApp(orgUserId, app, applicationsRestClientService); - if (remoteAppUser == null) { - logger.error(EELFLoggerDelegate.errorLogger, - "Failed to persist new user: " + orgUserId + " in remote app. appId = " + appId); - // return null; - } - } - } - if (remoteAppUser != null) { - Set userRolesInRemoteApp = postUsersRolesToRemoteApp(roleInAppForUserList, mapper, - applicationsRestClientService, appId, orgUserId); - RolesInAppForUser rolesInAppForUser = constructRolesInAppForUserUpdate(orgUserId, appId, - userRolesInRemoteApp); - result = applyChangesInUserRolesForAppToEcompDB(rolesInAppForUser); - } - } catch (Exception e) { - String message = String.format( - "Failed to create user or update user roles for the User %s, and for the AppId %s, Details: %s", - orgUserId, Long.toString(appId), EcompPortalUtils.getStackTrace(e)); - logger.error(EELFLoggerDelegate.errorLogger, message); - result = false; - } - - } - return result; - } - - // This is for a single app - private boolean applyChangesInUserRolesForAppToEcompDB(RolesInAppForUser rolesInAppForUser) { - boolean result = false; - String orgUserId = rolesInAppForUser.orgUserId; - Long appId = rolesInAppForUser.appId; - synchronized (syncRests) { - if (rolesInAppForUser != null) { - createLocalUserIfNecessary(orgUserId); - } - - if (rolesInAppForUser != null) { - EcompRole[] userAppRoles = new EcompRole[rolesInAppForUser.roles.size()]; - for (int i = 0; i < rolesInAppForUser.roles.size(); i++) { - RoleInAppForUser roleInAppForUser = rolesInAppForUser.roles.get(i); - EcompRole role = new EcompRole(); - role.setId(roleInAppForUser.roleId); - role.setName(roleInAppForUser.roleName); - userAppRoles[i] = role; - } - try { - syncUserRoles(sessionFactory, orgUserId, appId, userAppRoles); - result = true; - } catch (Exception e) { - logger.error(EELFLoggerDelegate.errorLogger, - "applyChangesInUserRolesForAppToEcompDB syncUserRoles, orgUserId = " + orgUserId); - logger.error(EELFLoggerDelegate.errorLogger, EcompPortalUtils.getStackTrace(e)); - } - } - } - return result; - } - @Override public List getUsersFromAppEndpoint(Long appId) throws HTTPException { RemoteUserWithRoles[] remoteUsers = applicationsRestClientService.get(RemoteUserWithRoles[].class, appId, @@ -654,7 +89,7 @@ public class UserRolesServiceImpl implements UserRolesService { ArrayList userApplicationRoles = new ArrayList(); for (RemoteUserWithRoles remoteUser : remoteUsers) { UserApplicationRoles userWithRemoteAppRoles = convertToUserApplicationRoles(appId, remoteUser); - if(userWithRemoteAppRoles.getRoles()!=null && userWithRemoteAppRoles.getRoles().size()>0) { + if (userWithRemoteAppRoles.getRoles() != null && userWithRemoteAppRoles.getRoles().size() > 0) { userApplicationRoles.add(userWithRemoteAppRoles); } else { logger.debug(EELFLoggerDelegate.debugLogger, "User " + userWithRemoteAppRoles.getOrgUserId() @@ -666,16 +101,6 @@ public class UserRolesServiceImpl implements UserRolesService { return userApplicationRoles; } - private UserApplicationRoles convertToUserApplicationRoles(Long appId, RemoteUserWithRoles remoteUser) { - UserApplicationRoles userWithRemoteAppRoles = new UserApplicationRoles(); - userWithRemoteAppRoles.setAppId(appId); - userWithRemoteAppRoles.setOrgUserId(remoteUser.getLoginId()); - userWithRemoteAppRoles.setFirstName(remoteUser.getFirstName()); - userWithRemoteAppRoles.setLastName(remoteUser.getLastName()); - userWithRemoteAppRoles.setRoles(remoteUser.getRoles()); - return userWithRemoteAppRoles; - } - public static void persistExternalRoleInEcompDb(EPRole externalAppRole, Long appId, EPRoleService roleService) { externalAppRole.setAppId(appId); externalAppRole.setAppRoleId(externalAppRole.getId()); @@ -689,30 +114,6 @@ public class UserRolesServiceImpl implements UserRolesService { externalAppRole.getAppRoleId(), externalAppRole.getName())); } - @Override - public List importRolesFromRemoteApplication(Long appId) throws HTTPException { - EPRole[] appRolesFull = applicationsRestClientService.get(EPRole[].class, appId, "/rolesFull"); - List rolesList = Arrays.asList(appRolesFull); - for (EPRole externalAppRole : rolesList) { - - // Try to find an existing extern role for the app in the local - // ecomp DB. If so, then use its id to update the existing external - // application role record. - Long externAppId = externalAppRole.getId(); - EPRole existingAppRole = epRoleService.getRole(appId, externAppId); - if (existingAppRole != null) { - logger.debug(EELFLoggerDelegate.debugLogger, - String.format("ecomp role already exists for app=%s; appRoleId=%s. No need to import this one.", - appId, externAppId)); - continue; - } - // persistExternalRoleInEcompDb(externalAppRole, appId, - // roleService); - } - - return rolesList; - } - @Override public List getCachedAppRolesForUser(Long appId, Long userId) { // Find the records for this user-app combo, if any diff --git a/ecomp-portal-BE-os/src/main/java/org/openecomp/portalapp/util/SessionCookieUtil.java b/ecomp-portal-BE-os/src/main/java/org/openecomp/portalapp/util/SessionCookieUtil.java new file mode 100644 index 00000000..1ef44a44 --- /dev/null +++ b/ecomp-portal-BE-os/src/main/java/org/openecomp/portalapp/util/SessionCookieUtil.java @@ -0,0 +1,129 @@ +/*- + * ================================================================================ + * ECOMP Portal + * ================================================================================ + * Copyright (C) 2017 AT&T Intellectual Property + * ================================================================================ + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * ================================================================================ + */ +package org.openecomp.portalapp.util; + +import javax.servlet.http.Cookie; +import javax.servlet.http.HttpServletRequest; +import javax.servlet.http.HttpServletResponse; +import javax.servlet.http.HttpSession; + +import org.openecomp.portalapp.portal.utils.EPCommonSystemProperties; +import org.openecomp.portalapp.portal.utils.EcompPortalUtils; +import org.openecomp.portalsdk.core.logging.logic.EELFLoggerDelegate; +import org.openecomp.portalsdk.core.onboarding.util.PortalApiConstants; +import org.openecomp.portalsdk.core.onboarding.listener.PortalTimeoutHandler; +import org.openecomp.portalsdk.core.onboarding.util.CipherUtil; +import org.openecomp.portalsdk.core.util.SystemProperties; +import org.openecomp.portalsdk.core.web.support.AppUtils; + +public class SessionCookieUtil { + + //private static final String JSESSIONID = "JSESSIONID"; + private static final String EP_SERVICE = "EPService"; + private static final String USER_ID = "UserId"; + private static Integer cookieMaxAge = -1; + private static EELFLoggerDelegate logger = EELFLoggerDelegate.getLogger(SessionCookieUtil.class); + + public static void preSetUp(HttpServletRequest request, + HttpServletResponse response) { + initateSessionMgtHandler(request); + //set up EPService cookie + setUpEPServiceCookie(request, response); + } + + public static void setUpEPServiceCookie(HttpServletRequest request, + HttpServletResponse response) { + String jSessionId = getJessionId(request); + Cookie cookie1 = new Cookie(EP_SERVICE, jSessionId); + cookie1.setMaxAge(cookieMaxAge); + cookie1.setDomain(EPCommonSystemProperties.getProperty(EPCommonSystemProperties.COOKIE_DOMAIN)); + cookie1.setPath("/"); + response.addCookie(cookie1); + } + + public static void setUpUserIdCookie(HttpServletRequest request, + HttpServletResponse response,String userId) throws Exception { + logger.info("************** session cookie util set up UserId cookie begins"); + userId = CipherUtil.encrypt(userId, + SystemProperties.getProperty(SystemProperties.Decryption_Key)); + Cookie cookie1 = new Cookie(USER_ID, userId); + cookie1.setMaxAge(cookieMaxAge); + cookie1.setDomain(EPCommonSystemProperties.getProperty(EPCommonSystemProperties.COOKIE_DOMAIN)); + cookie1.setPath("/"); + response.addCookie(cookie1); + logger.info("************** session cookie util set up EP cookie completed"); + } + + public static String getUserIdFromCookie(HttpServletRequest request, + HttpServletResponse response) throws Exception { + String userId = ""; + Cookie[] cookies = request.getCookies(); + Cookie userIdcookie = null; + if (cookies != null) + for (Cookie cookie : cookies) + if (cookie.getName().equals(USER_ID)) + userIdcookie = cookie; + if(userIdcookie!=null){ + userId = CipherUtil.decrypt(userIdcookie.getValue(), + SystemProperties.getProperty(SystemProperties.Decryption_Key)); + } + + logger.info("************** session cookie util set up EP cookie completed"); + return userId; + } + + public static String getJessionId(HttpServletRequest request){ + + return request.getSession().getId(); + /* + Cookie ep = WebUtils.getCookie(request, JSESSIONID); + if(ep==null){ + return request.getSession().getId(); + } + return ep.getValue(); + */ + } + + protected static void initateSessionMgtHandler(HttpServletRequest request) { + String jSessionId = getJessionId(request); + storeMaxInactiveTime(request); + PortalTimeoutHandler.sessionCreated(jSessionId, jSessionId, AppUtils.getSession(request)); + } + + protected static void storeMaxInactiveTime(HttpServletRequest request) { + HttpSession session = AppUtils.getSession(request); + if(session.getAttribute(PortalApiConstants.GLOBAL_SESSION_MAX_IDLE_TIME) == null) + session.setAttribute(PortalApiConstants.GLOBAL_SESSION_MAX_IDLE_TIME,session.getMaxInactiveInterval()); + } + + public static void resetSessionMaxIdleTimeOut(HttpServletRequest request) { + try { + HttpSession session = AppUtils.getSession(request); + final Object maxIdleAttribute = session.getAttribute(PortalApiConstants.GLOBAL_SESSION_MAX_IDLE_TIME); + if(session != null && maxIdleAttribute != null) { + session.setMaxInactiveInterval(Integer.parseInt(maxIdleAttribute.toString())); + } + } catch (Exception e) { + logger.error(EELFLoggerDelegate.errorLogger, "Could not reset the session timeout. Details: " + EcompPortalUtils.getStackTrace(e)); + } + + } + +} -- cgit 1.2.3-korg