diff options
author | Kishore Reddy, Gujja (kg811t) <kg811t@research.att.com> | 2018-08-15 08:39:30 -0400 |
---|---|---|
committer | Kishore Reddy, Gujja (kg811t) <kg811t@research.att.com> | 2018-08-15 11:21:38 -0400 |
commit | ecfe375994b7561d37a07f8879740b1c85f260a2 (patch) | |
tree | 2876499d2adeecea4af8641662722a3a3627338d /ecomp-sdk/epsdk-aaf/src/main | |
parent | 2e2ec498ce80d674c08ef8909adb5e1138b710bd (diff) |
Modified User Auth and permission aaf services
Issue-ID: PORTAL-334
Change-Id: I461fd5a61879434e9c105c7598e9948004a5f608
Signed-off-by: Kishore Reddy, Gujja (kg811t) <kg811t@research.att.com>
Diffstat (limited to 'ecomp-sdk/epsdk-aaf/src/main')
-rw-r--r-- | ecomp-sdk/epsdk-aaf/src/main/java/org/onap/portalsdk/external/authorization/domain/ExternalAccessRole.java | 68 | ||||
-rw-r--r-- | ecomp-sdk/epsdk-aaf/src/main/java/org/onap/portalsdk/external/authorization/domain/ExternalAccessRoleDescription.java (renamed from ecomp-sdk/epsdk-aaf/src/main/java/org/onap/portalsdk/external/authorization/domain/ExternalRoleDescription.java) | 18 | ||||
-rw-r--r-- | ecomp-sdk/epsdk-aaf/src/main/java/org/onap/portalsdk/external/authorization/domain/ExternalAccessRolePerms.java | 66 | ||||
-rw-r--r-- | ecomp-sdk/epsdk-aaf/src/main/java/org/onap/portalsdk/external/authorization/domain/ExternalAccessUserRoleDetail.java | 51 | ||||
-rw-r--r-- | ecomp-sdk/epsdk-aaf/src/main/java/org/onap/portalsdk/external/authorization/service/UserApiServiceImpl.java | 108 |
5 files changed, 121 insertions, 190 deletions
diff --git a/ecomp-sdk/epsdk-aaf/src/main/java/org/onap/portalsdk/external/authorization/domain/ExternalAccessRole.java b/ecomp-sdk/epsdk-aaf/src/main/java/org/onap/portalsdk/external/authorization/domain/ExternalAccessRole.java index 8c191181..2c6f3ff7 100644 --- a/ecomp-sdk/epsdk-aaf/src/main/java/org/onap/portalsdk/external/authorization/domain/ExternalAccessRole.java +++ b/ecomp-sdk/epsdk-aaf/src/main/java/org/onap/portalsdk/external/authorization/domain/ExternalAccessRole.java @@ -2,7 +2,7 @@ * ============LICENSE_START========================================== * ONAP Portal SDK * =================================================================== - * Copyright (C) 2017 AT&T Intellectual Property. All rights reserved. + * Copyright (C) 2017-2018 AT&T Intellectual Property. All rights reserved. * =================================================================== * * Unless otherwise specified, all software contained herein is licensed @@ -38,23 +38,25 @@ package org.onap.portalsdk.external.authorization.domain; import java.io.Serializable; +import java.util.List; public class ExternalAccessRole implements Serializable { - /** - * - */ private static final long serialVersionUID = 3439986826362436339L; + public String name; - public String description; + private List<ExternalAccessPerms> perms; + public ExternalAccessRoleDescription description; - public ExternalAccessRole() { + public ExternalAccessRole() { + super(); } - - public ExternalAccessRole(String name, String description) { + + public ExternalAccessRole(String name, List<ExternalAccessPerms> ecPerms, ExternalAccessRoleDescription description) { super(); this.name = name; + this.perms = ecPerms; this.description = description; } @@ -65,12 +67,58 @@ public class ExternalAccessRole implements Serializable { public void setName(String name) { this.name = name; } + + public List<ExternalAccessPerms> getPerms() { + return perms; + } - public String getDescription() { + public void setPerms(List<ExternalAccessPerms> perms) { + this.perms = perms; + } + + public ExternalAccessRoleDescription getDescription() { return description; } - public void setDescription(String description) { + public void setDescription(ExternalAccessRoleDescription description) { this.description = description; } + + @Override + public int hashCode() { + final int prime = 31; + int result = 1; + result = prime * result + ((description == null) ? 0 : description.hashCode()); + result = prime * result + ((name == null) ? 0 : name.hashCode()); + result = prime * result + ((perms == null) ? 0 : perms.hashCode()); + return result; + } + + @Override + public boolean equals(Object obj) { + if (this == obj) + return true; + if (obj == null) + return false; + if (getClass() != obj.getClass()) + return false; + ExternalAccessRole other = (ExternalAccessRole) obj; + if (description == null) { + if (other.description != null) + return false; + } else if (!description.equals(other.description)) + return false; + if (name == null) { + if (other.name != null) + return false; + } else if (!name.equals(other.name)) + return false; + if (perms == null) { + if (other.perms != null) + return false; + } else if (!perms.equals(other.perms)) + return false; + return true; + } + } diff --git a/ecomp-sdk/epsdk-aaf/src/main/java/org/onap/portalsdk/external/authorization/domain/ExternalRoleDescription.java b/ecomp-sdk/epsdk-aaf/src/main/java/org/onap/portalsdk/external/authorization/domain/ExternalAccessRoleDescription.java index 68effb0c..e7e18749 100644 --- a/ecomp-sdk/epsdk-aaf/src/main/java/org/onap/portalsdk/external/authorization/domain/ExternalRoleDescription.java +++ b/ecomp-sdk/epsdk-aaf/src/main/java/org/onap/portalsdk/external/authorization/domain/ExternalAccessRoleDescription.java @@ -2,7 +2,7 @@ * ============LICENSE_START========================================== * ONAP Portal SDK * =================================================================== - * Copyright (C) 2017 AT&T Intellectual Property. All rights reserved. + * Copyright (C) 2017-2018 AT&T Intellectual Property. All rights reserved. * =================================================================== * * Unless otherwise specified, all software contained herein is licensed @@ -37,9 +37,7 @@ */ package org.onap.portalsdk.external.authorization.domain; -import java.util.List; - -public class ExternalRoleDescription { +public class ExternalAccessRoleDescription { private String id; private String name; @@ -47,7 +45,6 @@ public class ExternalRoleDescription { private String priority; private String appId; private String appRoleId; - private List<ExternalAccessPerms> permissions; public String getId() { return id; @@ -85,13 +82,6 @@ public class ExternalRoleDescription { public void setAppRoleId(String appRoleId) { this.appRoleId = appRoleId; } - - public List<ExternalAccessPerms> getPermissions() { - return permissions; - } - public void setPermissions(List<ExternalAccessPerms> permissions) { - this.permissions = permissions; - } @Override public int hashCode() { final int prime = 31; @@ -112,7 +102,7 @@ public class ExternalRoleDescription { return false; if (getClass() != obj.getClass()) return false; - ExternalRoleDescription other = (ExternalRoleDescription) obj; + ExternalAccessRoleDescription other = (ExternalAccessRoleDescription) obj; if (active == null) { if (other.active != null) return false; @@ -146,5 +136,7 @@ public class ExternalRoleDescription { return true; } + + } diff --git a/ecomp-sdk/epsdk-aaf/src/main/java/org/onap/portalsdk/external/authorization/domain/ExternalAccessRolePerms.java b/ecomp-sdk/epsdk-aaf/src/main/java/org/onap/portalsdk/external/authorization/domain/ExternalAccessRolePerms.java deleted file mode 100644 index 95b4f0c4..00000000 --- a/ecomp-sdk/epsdk-aaf/src/main/java/org/onap/portalsdk/external/authorization/domain/ExternalAccessRolePerms.java +++ /dev/null @@ -1,66 +0,0 @@ -/*- - * ============LICENSE_START========================================== - * ONAP Portal SDK - * =================================================================== - * Copyright (C) 2017 AT&T Intellectual Property. All rights reserved. - * =================================================================== - * - * Unless otherwise specified, all software contained herein is licensed - * under the Apache License, Version 2.0 (the "License"); - * you may not use this software except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * - * Unless otherwise specified, all documentation contained herein is licensed - * under the Creative Commons License, Attribution 4.0 Intl. (the "License"); - * you may not use this documentation except in compliance with the License. - * You may obtain a copy of the License at - * - * https://creativecommons.org/licenses/by/4.0/ - * - * Unless required by applicable law or agreed to in writing, documentation - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * - * ============LICENSE_END============================================ - * - * - */ -package org.onap.portalsdk.external.authorization.domain; - -public class ExternalAccessRolePerms { - - private ExternalAccessPerms perm; - private String role; - - - public ExternalAccessRolePerms(ExternalAccessPerms perm, String role) { - super(); - this.perm = perm; - this.role = role; - } - - public ExternalAccessPerms getPerm() { - return perm; - } - public void setPerm(ExternalAccessPerms perm) { - this.perm = perm; - } - public String getRole() { - return role; - } - public void setRole(String role) { - this.role = role; - } - - -} diff --git a/ecomp-sdk/epsdk-aaf/src/main/java/org/onap/portalsdk/external/authorization/domain/ExternalAccessUserRoleDetail.java b/ecomp-sdk/epsdk-aaf/src/main/java/org/onap/portalsdk/external/authorization/domain/ExternalAccessUserRoleDetail.java index 929bd351..5e189e5c 100644 --- a/ecomp-sdk/epsdk-aaf/src/main/java/org/onap/portalsdk/external/authorization/domain/ExternalAccessUserRoleDetail.java +++ b/ecomp-sdk/epsdk-aaf/src/main/java/org/onap/portalsdk/external/authorization/domain/ExternalAccessUserRoleDetail.java @@ -2,7 +2,7 @@ * ============LICENSE_START========================================== * ONAP Portal SDK * =================================================================== - * Copyright (C) 2017 AT&T Intellectual Property. All rights reserved. + * Copyright (C) 2017-2018 AT&T Intellectual Property. All rights reserved. * =================================================================== * * Unless otherwise specified, all software contained herein is licensed @@ -39,42 +39,30 @@ package org.onap.portalsdk.external.authorization.domain; public class ExternalAccessUserRoleDetail { - private String name; - private ExternalRoleDescription description; - + private ExternalAccessRole role; + + public ExternalAccessRole getRole() { + return role; + } + + public void setRole(ExternalAccessRole role) { + this.role = role; + } - /** - * - */ public ExternalAccessUserRoleDetail() { super(); - } + } - public ExternalAccessUserRoleDetail(String name, ExternalRoleDescription description) { + public ExternalAccessUserRoleDetail(ExternalAccessRole role) { super(); - this.name = name; - this.description = description; - } - - public String getName() { - return name; - } - public void setName(String name) { - this.name = name; - } - public ExternalRoleDescription getDescription() { - return description; - } - public void setDescription(ExternalRoleDescription description) { - this.description = description; + this.role = role; } @Override public int hashCode() { final int prime = 31; int result = 1; - result = prime * result + ((description == null) ? 0 : description.hashCode()); - result = prime * result + ((name == null) ? 0 : name.hashCode()); + result = prime * result + ((role == null) ? 0 : role.hashCode()); return result; } @@ -87,15 +75,10 @@ public class ExternalAccessUserRoleDetail { if (getClass() != obj.getClass()) return false; ExternalAccessUserRoleDetail other = (ExternalAccessUserRoleDetail) obj; - if (description == null) { - if (other.description != null) - return false; - } else if (!description.equals(other.description)) - return false; - if (name == null) { - if (other.name != null) + if (role == null) { + if (other.role != null) return false; - } else if (!name.equals(other.name)) + } else if (!role.equals(other.role)) return false; return true; } diff --git a/ecomp-sdk/epsdk-aaf/src/main/java/org/onap/portalsdk/external/authorization/service/UserApiServiceImpl.java b/ecomp-sdk/epsdk-aaf/src/main/java/org/onap/portalsdk/external/authorization/service/UserApiServiceImpl.java index 3eac97b5..14d8a5e2 100644 --- a/ecomp-sdk/epsdk-aaf/src/main/java/org/onap/portalsdk/external/authorization/service/UserApiServiceImpl.java +++ b/ecomp-sdk/epsdk-aaf/src/main/java/org/onap/portalsdk/external/authorization/service/UserApiServiceImpl.java @@ -2,7 +2,7 @@ * ============LICENSE_START========================================== * ONAP Portal SDK * =================================================================== - * Copyright (C) 2017 AT&T Intellectual Property. All rights reserved. + * Copyright (C) 2017-2018 AT&T Intellectual Property. All rights reserved. * =================================================================== * * Unless otherwise specified, all software contained herein is licensed @@ -61,8 +61,9 @@ import org.onap.portalsdk.core.service.DataAccessService; import org.onap.portalsdk.core.service.LdapService; import org.onap.portalsdk.core.service.PostSearchService; import org.onap.portalsdk.external.authorization.domain.ExternalAccessPerms; +import org.onap.portalsdk.external.authorization.domain.ExternalAccessRole; +import org.onap.portalsdk.external.authorization.domain.ExternalAccessRoleDescription; import org.onap.portalsdk.external.authorization.domain.ExternalAccessUserRoleDetail; -import org.onap.portalsdk.external.authorization.domain.ExternalRoleDescription; import org.onap.portalsdk.external.authorization.exception.UserNotFoundException; import org.onap.portalsdk.external.authorization.util.EcompExternalAuthProperties; import org.onap.portalsdk.external.authorization.util.EcompExternalAuthUtils; @@ -133,7 +134,7 @@ public class UserApiServiceImpl implements UserApiService { } String userRoles = getResponse.getBody(); ObjectMapper mapper = new ObjectMapper(); - List<ExternalAccessUserRoleDetail> userRoleDetailList = setExterbalAccessUserRoles(namespace, userRoles, + List<ExternalAccessUserRoleDetail> userRoleDetailList = setExternalAccessUserRoles(namespace, userRoles, mapper); if (userRoleDetailList.isEmpty()) { @@ -148,7 +149,7 @@ public class UserApiServiceImpl implements UserApiService { } - private List<ExternalAccessUserRoleDetail> setExterbalAccessUserRoles(String namespace, String userRoles, + private List<ExternalAccessUserRoleDetail> setExternalAccessUserRoles(String namespace, String userRoles, ObjectMapper mapper) throws IOException, JsonParseException, JsonMappingException, UserNotFoundException { JSONObject userJsonObj; JSONArray userJsonArray; @@ -163,20 +164,21 @@ public class UserApiServiceImpl implements UserApiService { .endsWith(EcompExternalAuthUtils.EXT_ROLE_FIELD_ADMIN) && !role.getString(EcompExternalAuthUtils.EXT_ROLE_FIELD_NAME) .endsWith(EcompExternalAuthUtils.EXT_ROLE_FIELD_OWNER)) { - ExternalRoleDescription desc = new ExternalRoleDescription(); + ExternalAccessRoleDescription ecDesc = new ExternalAccessRoleDescription(); if (role.has(EcompExternalAuthUtils.EXT_FIELD_DESCRIPTION) && EcompExternalAuthUtils .isJSONValid(role.getString(EcompExternalAuthUtils.EXT_FIELD_DESCRIPTION))) { - desc = mapper.readValue(role.getString(EcompExternalAuthUtils.EXT_FIELD_DESCRIPTION), - ExternalRoleDescription.class); + ecDesc = mapper.readValue(role.getString(EcompExternalAuthUtils.EXT_FIELD_DESCRIPTION), + ExternalAccessRoleDescription.class); } + List<ExternalAccessPerms> ecPerms = new ArrayList<>(); if (role.has(EcompExternalAuthUtils.EXT_FIELD_PERMS)) { JSONArray perms = role.getJSONArray(EcompExternalAuthUtils.EXT_FIELD_PERMS); - List<ExternalAccessPerms> permsList = mapper.readValue(perms.toString(), TypeFactory - .defaultInstance().constructCollectionType(List.class, ExternalAccessPerms.class)); - desc.setPermissions(permsList); + ecPerms = mapper.readValue(perms.toString(), TypeFactory.defaultInstance() + .constructCollectionType(List.class, ExternalAccessPerms.class)); } - userRoleDetail = new ExternalAccessUserRoleDetail( - role.getString(EcompExternalAuthUtils.EXT_ROLE_FIELD_NAME), desc); + ExternalAccessRole ecRole = new ExternalAccessRole( + role.getString(EcompExternalAuthUtils.EXT_ROLE_FIELD_NAME), ecPerms, ecDesc); + userRoleDetail = new ExternalAccessUserRoleDetail(ecRole); userRoleDetailList.add(userRoleDetail); } } @@ -216,47 +218,31 @@ public class UserApiServiceImpl implements UserApiService { App app) { Set userApps = new TreeSet(); for (ExternalAccessUserRoleDetail userRoleDetail : userRoleDetailList) { - ExternalRoleDescription roleDesc = userRoleDetail.getDescription(); + ExternalAccessRole ecRole = userRoleDetail.getRole(); + ExternalAccessRoleDescription roleDesc = ecRole.getDescription(); UserApp userApp = new UserApp(); Role role = new Role(); Set roleFunctions = new TreeSet<>(); - if (roleDesc != null) { - if (roleDesc.getName() == null) { - role.setActive(true); - role.setName(userRoleDetail.getName()); - } else { - role.setActive(Boolean.valueOf(roleDesc.getActive())); - role.setId(Long.valueOf(roleDesc.getAppRoleId())); - role.setName(roleDesc.getName()); - if (!roleDesc.getPriority().equals(EcompExternalAuthUtils.EXT_NULL_VALUE)) { - role.setPriority(Integer.valueOf(roleDesc.getPriority())); - } + if (roleDesc.getName() == null) { + role.setActive(true); + role.setName(ecRole.getName()); + } else { + role.setActive(Boolean.valueOf(roleDesc.getActive())); + role.setId(Long.valueOf(roleDesc.getAppRoleId())); + role.setName(roleDesc.getName()); + if (!roleDesc.getPriority().equals(EcompExternalAuthUtils.EXT_NULL_VALUE)) { + role.setPriority(Integer.valueOf(roleDesc.getPriority())); } - if (roleDesc.getPermissions() != null) { - for (ExternalAccessPerms extPerm : roleDesc.getPermissions()) { - RoleFunction roleFunction = new RoleFunction(); - roleFunction.setCode(extPerm.getInstance()); - roleFunction.setAction(extPerm.getAction()); - if (extPerm.getDescription() != null - && EcompExternalAuthUtils.checkNameSpaceMatching(extPerm.getType(), namespace)) { - roleFunction.setName(extPerm.getDescription()); - } else if (extPerm.getDescription() == null - && EcompExternalAuthUtils.checkNameSpaceMatching(extPerm.getType(), namespace)) { - roleFunction.setName(extPerm.getType().substring(namespace.length() + 1) + "|" - + extPerm.getInstance() + "|" + extPerm.getAction()); - } else if (extPerm.getDescription() == null - && !EcompExternalAuthUtils.checkNameSpaceMatching(extPerm.getType(), namespace)) { - roleFunction.setName( - extPerm.getType() + "|" + extPerm.getInstance() + "|" + extPerm.getAction()); - } - if (EcompExternalAuthUtils.checkNameSpaceMatching(extPerm.getType(), namespace)) { - roleFunction.setType(extPerm.getType().substring(namespace.length() + 1)); - } else { - roleFunction.setType(extPerm.getType()); - } - roleFunctions.add(roleFunction); - } + } + for (ExternalAccessPerms extPerm : ecRole.getPerms()) { + RoleFunction roleFunction = new RoleFunction(); + roleFunction.setCode(extPerm.getInstance()); + roleFunction.setAction(extPerm.getAction()); + if (extPerm.getDescription() != null) { + roleFunction.setName(extPerm.getDescription()); } + roleFunction.setType(extPerm.getType()); + roleFunctions.add(roleFunction); } role.setRoleFunctions(roleFunctions); userApp.setApp(app); @@ -336,22 +322,10 @@ public class UserApiServiceImpl implements UserApiService { RoleFunction roleFunction = new RoleFunction(); roleFunction.setCode(extPerm.getInstance()); roleFunction.setAction(extPerm.getAction()); - if (extPerm.getDescription() != null - && EcompExternalAuthUtils.checkNameSpaceMatching(extPerm.getType(), namespace)) { + if (extPerm.getDescription() != null) { roleFunction.setName(extPerm.getDescription()); - } else if (extPerm.getDescription() == null - && EcompExternalAuthUtils.checkNameSpaceMatching(extPerm.getType(), namespace)) { - roleFunction.setName(extPerm.getType().substring(namespace.length() + 1) + "|" + extPerm.getInstance() - + "|" + extPerm.getAction()); - } else if (extPerm.getDescription() == null - && !EcompExternalAuthUtils.checkNameSpaceMatching(extPerm.getType(), namespace)) { - roleFunction.setName(extPerm.getType() + "|" + extPerm.getInstance() + "|" + extPerm.getAction()); - } - if (EcompExternalAuthUtils.checkNameSpaceMatching(extPerm.getType(), namespace)) { - roleFunction.setType(extPerm.getType().substring(namespace.length() + 1)); - } else { - roleFunction.setType(extPerm.getType()); } + roleFunction.setType(extPerm.getType()); roleFunctions.add(roleFunction); } return roleFunctions; @@ -377,9 +351,9 @@ public class UserApiServiceImpl implements UserApiService { HttpEntity<String> entity = new HttpEntity<>(credentials.toString(), headers); logger.debug(EELFLoggerDelegate.debugLogger, "checkUserExists: Connecting to external auth system for user {}", username); - ResponseEntity<String> getResponse = template.exchange(EcompExternalAuthProperties - .getProperty(EcompExternalAuthProperties.EXTERNAL_AUTH_URL) - + EXTERNAL_AUTH_POST_CREDENTIALS_ENDPOINT, HttpMethod.POST, entity, String.class); + ResponseEntity<String> getResponse = template + .exchange(EcompExternalAuthProperties.getProperty(EcompExternalAuthProperties.EXTERNAL_AUTH_URL) + + EXTERNAL_AUTH_POST_CREDENTIALS_ENDPOINT, HttpMethod.POST, entity, String.class); if (getResponse.getStatusCode().value() == 200) { logger.debug(EELFLoggerDelegate.debugLogger, "checkUserExists: Finished POST from external auth system to validate credentials and status: {}", @@ -390,8 +364,8 @@ public class UserApiServiceImpl implements UserApiService { private String changeIfUserDomainNotAppended(String username) { if (!EcompExternalAuthUtils.validate(username)) { - username = username + EcompExternalAuthProperties - .getProperty(EcompExternalAuthProperties.EXTERNAL_AUTH_USER_DOMAIN); + username = username + + EcompExternalAuthProperties.getProperty(EcompExternalAuthProperties.EXTERNAL_AUTH_USER_DOMAIN); } return username; } |