diff options
author | Christopher Lott (cl778h) <clott@research.att.com> | 2017-07-07 07:21:10 -0400 |
---|---|---|
committer | Christopher Lott (cl778h) <clott@research.att.com> | 2017-07-07 07:22:13 -0400 |
commit | 3e7145fc12ed8475ba10bb2a3c63004d41aa42bc (patch) | |
tree | c205d84c80e4786708caa705683a56de37c5ed2d /ecomp-sdk/epsdk-core | |
parent | 952895873b6179857c6773086a4d2b55f086bd61 (diff) |
[PORTAL-25] Role Centralization
Bump EP SDK version to 1.3.0-SNAPSHOT
Support Role Centralization & Common Set of Roles across All ONAP On-Boarded Applications
Change-Id: Icfc1bbfddaf2c7c7176b4cf7bb7017d853c63100
Signed-off-by: Christopher Lott (cl778h) <clott@research.att.com>
Diffstat (limited to 'ecomp-sdk/epsdk-core')
26 files changed, 1265 insertions, 97 deletions
diff --git a/ecomp-sdk/epsdk-core/pom.xml b/ecomp-sdk/epsdk-core/pom.xml index f37bdc85..9a88f73a 100644 --- a/ecomp-sdk/epsdk-core/pom.xml +++ b/ecomp-sdk/epsdk-core/pom.xml @@ -5,7 +5,7 @@ <parent> <groupId>org.openecomp.ecompsdkos</groupId> <artifactId>epsdk-project</artifactId> - <version>1.1.0</version> + <version>1.3.0-SNAPSHOT</version> </parent> <!-- GroupId is inherited from parent --> diff --git a/ecomp-sdk/epsdk-core/src/main/java/org/openecomp/portalsdk/core/auth/LoginStrategy.java b/ecomp-sdk/epsdk-core/src/main/java/org/openecomp/portalsdk/core/auth/LoginStrategy.java index 0378101a..673201fb 100644 --- a/ecomp-sdk/epsdk-core/src/main/java/org/openecomp/portalsdk/core/auth/LoginStrategy.java +++ b/ecomp-sdk/epsdk-core/src/main/java/org/openecomp/portalsdk/core/auth/LoginStrategy.java @@ -20,6 +20,7 @@ package org.openecomp.portalsdk.core.auth; import java.util.HashMap; +import java.util.List; import java.util.Map; import javax.servlet.http.Cookie; @@ -27,10 +28,12 @@ import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import org.openecomp.portalsdk.core.command.LoginBean; +import org.openecomp.portalsdk.core.domain.RoleFunction; import org.openecomp.portalsdk.core.menu.MenuProperties; import org.openecomp.portalsdk.core.onboarding.exception.PortalAPIException; import org.openecomp.portalsdk.core.onboarding.listener.PortalTimeoutHandler; import org.openecomp.portalsdk.core.service.LoginService; +import org.openecomp.portalsdk.core.service.RoleService; import org.openecomp.portalsdk.core.util.SystemProperties; import org.openecomp.portalsdk.core.web.support.AppUtils; import org.openecomp.portalsdk.core.web.support.UserUtils; @@ -50,6 +53,9 @@ public abstract class LoginStrategy { @Autowired private LoginService loginService; + + @Autowired + RoleService roleService; public abstract ModelAndView doLogin(HttpServletRequest request, HttpServletResponse response) throws Exception; @@ -77,6 +83,9 @@ public abstract class LoginStrategy { **/ commandBean = loginService.findUser(commandBean, (String) request.getAttribute(MenuProperties.MENU_PROPERTIES_FILENAME_KEY), additionalParamsMap); + List<RoleFunction> roleFunctionList= roleService.getRoleFunctions(loginId); + + if (commandBean.getUser() == null) { String loginErrorMessage = (commandBean.getLoginErrorMessage() != null) ? commandBean.getLoginErrorMessage() @@ -92,7 +101,7 @@ public abstract class LoginStrategy { // store the currently logged in user's information in the session UserUtils.setUserSession(request, commandBean.getUser(), commandBean.getMenu(), commandBean.getBusinessDirectMenu(), - SystemProperties.getProperty(SystemProperties.LOGIN_METHOD_BACKDOOR)); + SystemProperties.getProperty(SystemProperties.LOGIN_METHOD_BACKDOOR), roleFunctionList); initateSessionMgtHandler(request); // user has been authenticated, now take them to the welcome page diff --git a/ecomp-sdk/epsdk-core/src/main/java/org/openecomp/portalsdk/core/conf/AppConfig.java b/ecomp-sdk/epsdk-core/src/main/java/org/openecomp/portalsdk/core/conf/AppConfig.java index 10d71872..fac79bc4 100644 --- a/ecomp-sdk/epsdk-core/src/main/java/org/openecomp/portalsdk/core/conf/AppConfig.java +++ b/ecomp-sdk/epsdk-core/src/main/java/org/openecomp/portalsdk/core/conf/AppConfig.java @@ -33,13 +33,17 @@ import org.openecomp.portalsdk.core.menu.MenuBuilder; import org.openecomp.portalsdk.core.onboarding.util.CipherUtil; import org.openecomp.portalsdk.core.service.DataAccessService; import org.openecomp.portalsdk.core.service.DataAccessServiceImpl; +import org.openecomp.portalsdk.core.service.LocalAccessCondition; +import org.openecomp.portalsdk.core.service.RestApiRequestBuilder; import org.openecomp.portalsdk.core.util.SystemProperties; import org.openecomp.portalsdk.core.web.support.AppUtils; import org.openecomp.portalsdk.core.web.support.UserUtils; import org.springframework.beans.BeansException; +import org.springframework.beans.factory.annotation.Autowired; import org.springframework.context.ApplicationContext; import org.springframework.context.ApplicationContextAware; import org.springframework.context.annotation.Bean; +import org.springframework.context.annotation.Conditional; import org.springframework.web.servlet.ViewResolver; import org.springframework.web.servlet.config.annotation.InterceptorRegistry; import org.springframework.web.servlet.config.annotation.ResourceHandlerRegistry; @@ -135,14 +139,15 @@ public class AppConfig extends WebMvcConfigurerAdapter implements Configurable, public MenuBuilder menuBuilder() { return new MenuBuilder(); } - + /** * Creates and returns a new instance of a {@link UserUtils} class. * * @return New instance of {@link UserUtils}. */ @Bean - public UserUtils userUtil() { + public UserUtils userUtil() + { return new UserUtils(); } diff --git a/ecomp-sdk/epsdk-core/src/main/java/org/openecomp/portalsdk/core/domain/Role.java b/ecomp-sdk/epsdk-core/src/main/java/org/openecomp/portalsdk/core/domain/Role.java index a56fe672..cc9f0f8a 100644 --- a/ecomp-sdk/epsdk-core/src/main/java/org/openecomp/portalsdk/core/domain/Role.java +++ b/ecomp-sdk/epsdk-core/src/main/java/org/openecomp/portalsdk/core/domain/Role.java @@ -170,5 +170,5 @@ public class Role extends DomainVo { return (c1 == null || c2 == null) ? 1 : c1.compareTo(c2); } - + } diff --git a/ecomp-sdk/epsdk-core/src/main/java/org/openecomp/portalsdk/core/domain/RoleFunction.java b/ecomp-sdk/epsdk-core/src/main/java/org/openecomp/portalsdk/core/domain/RoleFunction.java index e6735763..9fee520f 100644 --- a/ecomp-sdk/epsdk-core/src/main/java/org/openecomp/portalsdk/core/domain/RoleFunction.java +++ b/ecomp-sdk/epsdk-core/src/main/java/org/openecomp/portalsdk/core/domain/RoleFunction.java @@ -66,6 +66,6 @@ public class RoleFunction extends DomainVo { private String code; private String name; - private String editUrl; - + private String editUrl; + } diff --git a/ecomp-sdk/epsdk-core/src/main/java/org/openecomp/portalsdk/core/interceptor/ResourceInterceptor.java b/ecomp-sdk/epsdk-core/src/main/java/org/openecomp/portalsdk/core/interceptor/ResourceInterceptor.java index ec6e4b6c..5a631198 100644 --- a/ecomp-sdk/epsdk-core/src/main/java/org/openecomp/portalsdk/core/interceptor/ResourceInterceptor.java +++ b/ecomp-sdk/epsdk-core/src/main/java/org/openecomp/portalsdk/core/interceptor/ResourceInterceptor.java @@ -38,9 +38,9 @@ import org.openecomp.portalsdk.core.onboarding.util.PortalApiConstants; import org.openecomp.portalsdk.core.onboarding.util.PortalApiProperties; import org.openecomp.portalsdk.core.service.DataAccessService; import org.openecomp.portalsdk.core.service.LoginService; +import org.openecomp.portalsdk.core.service.UrlAccessService; import org.openecomp.portalsdk.core.service.WebServiceCallService; import org.openecomp.portalsdk.core.util.SystemProperties; -import org.openecomp.portalsdk.core.web.support.UserUtils; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.web.method.HandlerMethod; import org.springframework.web.servlet.handler.HandlerInterceptorAdapter; @@ -59,6 +59,9 @@ public class ResourceInterceptor extends HandlerInterceptorAdapter { private AbstractCacheManager cacheManager; + @Autowired + UrlAccessService urlAccessService; + @Override public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception { @@ -87,7 +90,7 @@ public class ResourceInterceptor extends HandlerInterceptorAdapter { return false; } } - if (!UserUtils.isUrlAccessible(request, url)) { + if (!urlAccessService.isUrlAccessible(request, url)) { logger.error(EELFLoggerDelegate.errorLogger, "Error accesing URL. Un-authorized",AlarmSeverityEnum.MINOR); throw new UrlAccessRestrictedException(); } diff --git a/ecomp-sdk/epsdk-core/src/main/java/org/openecomp/portalsdk/core/service/AccessConfiguration.java b/ecomp-sdk/epsdk-core/src/main/java/org/openecomp/portalsdk/core/service/AccessConfiguration.java new file mode 100644 index 00000000..ae6bd309 --- /dev/null +++ b/ecomp-sdk/epsdk-core/src/main/java/org/openecomp/portalsdk/core/service/AccessConfiguration.java @@ -0,0 +1,132 @@ +package org.openecomp.portalsdk.core.service; + +import org.springframework.context.annotation.Bean; +import org.springframework.context.annotation.Conditional; +import org.springframework.context.annotation.Configuration; + +@Configuration +public class AccessConfiguration { + + + + /** + * + * @returns RoleServiceImpl bean if LocalAccessCondition is true + */ + @Bean + @Conditional(LocalAccessCondition.class) + public RoleService roleServiceImpl() { + return new RoleServiceImpl(); + } + + + /** + * + * @returns RoleServiceCentralizedAccess bean if CentralAccessCondition is true + */ + @Bean + @Conditional(CentralAccessCondition.class) + public RoleService roleServiceCentralizedAccess() { + return new RoleServiceCentralizedAccess(); + } + + + /** + * + * @returns LoginServiceImpl bean if LocalAccessCondition is true + */ + @Bean + @Conditional(LocalAccessCondition.class) + public LoginService loginServiceImpl() { + return new LoginServiceImpl(); + } + + + /** + * + * @returns LoginServiceCentralizedImpl bean if CentralAccessCondition is true + */ + @Bean + @Conditional(CentralAccessCondition.class) + public LoginService loginServiceCEntralizedImpl() { + return new LoginServiceCentralizedImpl(); + } + + /** + * + * @returns UserProfileServiceImpl bean if LocalAccessCondition is true + */ + @Bean + @Conditional(LocalAccessCondition.class) + public UserProfileService userProfileServiceImpl() { + return new UserProfileServiceImpl(); + } + + + /** + * + * @returns returns UserProfileServiceCentalizedImpl bean if CentralAccessCondition is true + */ + @Bean + @Conditional(CentralAccessCondition.class) + public UserProfileService userProfileServiceCentalizedImpl() { + return new UserProfileServiceCentalizedImpl(); + } + + + + /** + * + * @returns returns ProfileServiceImpl bean if LocalAccessCondition is true + */ + @Bean + @Conditional(LocalAccessCondition.class) + public ProfileService profileServiceImpl() { + return new ProfileServiceImpl(); + } + + + /** + * + * @returns returns ProfileServiceCentralizedImpl bean if CentralAccessCondition is true + */ + + @Bean + @Conditional(CentralAccessCondition.class) + public ProfileService profileServiceCentralizedImpl() { + return new ProfileServiceCentralizedImpl(); + } + + /** + * + * @returns returns UrlAccessCentalizedImpl bean if CentralAccessCondition is true + */ + @Bean + @Conditional(CentralAccessCondition.class) + public UrlAccessService userUtilsCentalizedImpl() { + return new UrlAccessCentalizedImpl(); + } + + + /** + * + * @returns returns UrlAccessImpl bean if LocalAccessCondition is true + */ + @Bean + @Conditional(LocalAccessCondition.class) + public UrlAccessService urlAccessImpl() { + return new UrlAccessImpl(); + } + + + /** + * + * @returns returns RestApiRequestBuilder bean if CentralAccessCondition is true + */ + @Bean + @Conditional(CentralAccessCondition.class) + public RestApiRequestBuilder restApiRequestBuilder() { + return new RestApiRequestBuilder(); + } + +} diff --git a/ecomp-sdk/epsdk-core/src/main/java/org/openecomp/portalsdk/core/service/CentralAccessCondition.java b/ecomp-sdk/epsdk-core/src/main/java/org/openecomp/portalsdk/core/service/CentralAccessCondition.java new file mode 100644 index 00000000..9cefd5e1 --- /dev/null +++ b/ecomp-sdk/epsdk-core/src/main/java/org/openecomp/portalsdk/core/service/CentralAccessCondition.java @@ -0,0 +1,30 @@ +package org.openecomp.portalsdk.core.service; + +import org.openecomp.portalsdk.core.onboarding.util.PortalApiConstants; +import org.openecomp.portalsdk.core.onboarding.util.PortalApiProperties; +import org.springframework.context.annotation.Condition; +import org.springframework.context.annotation.ConditionContext; +import org.springframework.core.type.AnnotatedTypeMetadata; + + +public class CentralAccessCondition implements Condition { + + /** + * returns true if the application is centralized + */ + + @Override + public boolean matches(ConditionContext context, AnnotatedTypeMetadata metadata) { + boolean isRemote = false; + + if(PortalApiProperties.getProperty(PortalApiConstants.ROLE_ACCESS_CENTRALIZED) == null) + { + isRemote = false; + } + else if(PortalApiProperties.getProperty(PortalApiConstants.ROLE_ACCESS_CENTRALIZED) != null && PortalApiProperties.getProperty(PortalApiConstants.ROLE_ACCESS_CENTRALIZED).equals("remote")){ + isRemote = true; + } + + return isRemote; + } +}
\ No newline at end of file diff --git a/ecomp-sdk/epsdk-core/src/main/java/org/openecomp/portalsdk/core/service/LocalAccessCondition.java b/ecomp-sdk/epsdk-core/src/main/java/org/openecomp/portalsdk/core/service/LocalAccessCondition.java new file mode 100644 index 00000000..68a9626a --- /dev/null +++ b/ecomp-sdk/epsdk-core/src/main/java/org/openecomp/portalsdk/core/service/LocalAccessCondition.java @@ -0,0 +1,19 @@ +package org.openecomp.portalsdk.core.service; + +import org.openecomp.portalsdk.core.onboarding.util.PortalApiConstants; +import org.openecomp.portalsdk.core.onboarding.util.PortalApiProperties; +import org.springframework.context.annotation.Condition; +import org.springframework.context.annotation.ConditionContext; +import org.springframework.core.type.AnnotatedTypeMetadata; + +public class LocalAccessCondition implements Condition{ + + /** + * returns true if the application is not centralized + */ + @Override + public boolean matches(ConditionContext context, AnnotatedTypeMetadata metadata) { + return PortalApiProperties.getProperty(PortalApiConstants.ROLE_ACCESS_CENTRALIZED) == null || (PortalApiProperties.getProperty(PortalApiConstants.ROLE_ACCESS_CENTRALIZED) != null && ! PortalApiProperties.getProperty(PortalApiConstants.ROLE_ACCESS_CENTRALIZED).equals("remote")); + } + +} diff --git a/ecomp-sdk/epsdk-core/src/main/java/org/openecomp/portalsdk/core/service/LoginService.java b/ecomp-sdk/epsdk-core/src/main/java/org/openecomp/portalsdk/core/service/LoginService.java index 4f004108..5baa86ef 100644 --- a/ecomp-sdk/epsdk-core/src/main/java/org/openecomp/portalsdk/core/service/LoginService.java +++ b/ecomp-sdk/epsdk-core/src/main/java/org/openecomp/portalsdk/core/service/LoginService.java @@ -27,10 +27,28 @@ import org.openecomp.portalsdk.core.command.*; public interface LoginService { + /** + * + * @param bean + * @param menuPropertiesFilename + * @param additionalParams + * @return returns login user bean + * @throws Exception + */ // validate user exists in the system @SuppressWarnings("rawtypes") LoginBean findUser(LoginBean bean, String menuPropertiesFilename, HashMap additionalParams) throws Exception; + + /** + * + * @param bean + * @param menuPropertiesFilename + * @param additionalParams + * @param matchPassword + * @return returns login user bean + * @throws Exception + */ @SuppressWarnings("rawtypes") LoginBean findUser(LoginBean bean, String menuPropertiesFilename, HashMap additionalParams, boolean matchPassword) throws Exception; } diff --git a/ecomp-sdk/epsdk-core/src/main/java/org/openecomp/portalsdk/core/service/LoginServiceCentralizedImpl.java b/ecomp-sdk/epsdk-core/src/main/java/org/openecomp/portalsdk/core/service/LoginServiceCentralizedImpl.java new file mode 100644 index 00000000..45eff80c --- /dev/null +++ b/ecomp-sdk/epsdk-core/src/main/java/org/openecomp/portalsdk/core/service/LoginServiceCentralizedImpl.java @@ -0,0 +1,221 @@ +package org.openecomp.portalsdk.core.service; + +import java.util.Date; +import java.util.HashMap; +import java.util.HashSet; +import java.util.Iterator; +import java.util.List; +import java.util.Set; +import java.util.SortedSet; +import java.util.TreeSet; + +import org.openecomp.portalsdk.core.command.LoginBean; +import org.openecomp.portalsdk.core.domain.Role; +import org.openecomp.portalsdk.core.domain.RoleFunction; +import org.openecomp.portalsdk.core.domain.User; +import org.openecomp.portalsdk.core.domain.UserApp; +import org.openecomp.portalsdk.core.logging.logic.EELFLoggerDelegate; +import org.openecomp.portalsdk.core.menu.MenuBuilder; +import org.openecomp.portalsdk.core.service.support.FusionService; +import org.openecomp.portalsdk.core.util.SystemProperties; +import org.openecomp.portalsdk.core.web.support.AppUtils; +import org.openecomp.portalsdk.core.web.support.UserUtils; +import org.springframework.beans.factory.annotation.Autowired; + +import com.fasterxml.jackson.databind.ObjectMapper; + +public class LoginServiceCentralizedImpl extends FusionService implements LoginService { + + private EELFLoggerDelegate logger = EELFLoggerDelegate.getLogger(LoginServiceCentralizedImpl.class); + + @Autowired + AppService appService; + + @Autowired + private DataAccessService dataAccessService; + + @Autowired + RestApiRequestBuilder restApiRequestBuilder; + + @SuppressWarnings("unused") + private MenuBuilder menuBuilder; + + @Override + public LoginBean findUser(LoginBean bean, String menuPropertiesFilename, HashMap additionalParams) + throws Exception { + return findUser(bean, menuPropertiesFilename, additionalParams, true); + } + + @SuppressWarnings("rawtypes") + public LoginBean findUser(LoginBean bean, String menuPropertiesFilename, HashMap additionalParams, + boolean matchPassword) throws Exception { + User user = null; + User userCopy = null; + + if (bean.getUserid() != null && bean.getUserid() != null) { + user = (User) findUser(bean); + } else { + if (matchPassword) + user = (User) findUser(bean.getLoginId(), bean.getLoginPwd()); + else + user = (User) findUserWithoutPwd(bean.getLoginId()); + } + + if (user != null) { + + if (AppUtils.isApplicationLocked() + && !UserUtils.hasRole(user, SystemProperties.getProperty(SystemProperties.SYS_ADMIN_ROLE_ID))) { + bean.setLoginErrorMessage(SystemProperties.MESSAGE_KEY_LOGIN_ERROR_APPLICATION_LOCKED); + } + + // raise an error if the user is inactive + if (!user.getActive()) { + bean.setLoginErrorMessage(SystemProperties.MESSAGE_KEY_LOGIN_ERROR_USER_INACTIVE); + } + + if (!userHasActiveRoles(user)) { + bean.setLoginErrorMessage(SystemProperties.MESSAGE_KEY_LOGIN_ERROR_USER_INACTIVE); + } + // only login the user if no errors have occurred + if (bean.getLoginErrorMessage() == null) { + + // this will be a snapshot of the user's information as + // retrieved from the database + userCopy = (User) user.clone(); + + User appuser = getUser(userCopy); + + appuser.setLastLoginDate(new Date()); + + // update the last logged in date for the user + // user.setLastLoginDate(new Date()); + getDataAccessService().saveDomainObject(appuser, additionalParams); + + // update the audit log of the user + // Check for the client device type and set log attributes + // appropriately + + // save the above changes to the User and their audit trail + + // create the application menu based on the user's privileges + + Set appMenu = getMenuBuilder().getMenu( + SystemProperties.getProperty(SystemProperties.APPLICATION_MENU_SET_NAME), dataAccessService); + bean.setMenu(appMenu != null ? appMenu : new HashSet()); + System.out.println(appMenu); + Set businessDirectMenu = getMenuBuilder().getMenu( + SystemProperties.getProperty(SystemProperties.BUSINESS_DIRECT_MENU_SET_NAME), + dataAccessService); + bean.setBusinessDirectMenu(businessDirectMenu != null ? businessDirectMenu : new HashSet()); + + bean.setUser(userCopy); + } + } + + return bean; + } + + private boolean userHasActiveRoles(User user) { + boolean hasActiveRole = false; + Iterator roles = user.getRoles().iterator(); + while (roles.hasNext()) { + Role role = (Role) roles.next(); + if (role.getActive()) { + hasActiveRole = true; + break; + } + } + return hasActiveRole; + } + + @SuppressWarnings("null") + public User findUser(LoginBean bean) throws Exception { + + User user = null; + + ObjectMapper mapper = new ObjectMapper(); + HashSet<RoleFunction> rolefun = null; + + String repsonse = restApiRequestBuilder.getViaREST("/getUser/" + bean.getUserid(), true, bean.getUserid()); + + user = mapper.readValue(repsonse, User.class); + + @SuppressWarnings("unchecked") + Set<UserApp> setAppsObj = user.getUserApps(); + + Iterator<UserApp> it = setAppsObj.iterator(); + while (it.hasNext()) { + Object next = it.next(); + + UserApp nextApp = mapper.convertValue(next, UserApp.class); + rolefun = new HashSet<>(); + Role role = nextApp.getRole(); + + Set<RoleFunction> roleFunctionList = role.getRoleFunctions(); + Set<RoleFunction> roleFunctionListNew = new HashSet<>(); + Iterator<RoleFunction> itetaror = roleFunctionList.iterator(); + while (itetaror.hasNext()) { + Object nextValue = itetaror.next(); + RoleFunction roleFunction = mapper.convertValue(nextValue, RoleFunction.class); + roleFunctionListNew.add(roleFunction); + } + + role.setRoleFunctions(roleFunctionListNew); + nextApp.setRole(role); + nextApp.getRole().getRoleFunctions(); + SortedSet<UserApp> UserAppSet = new TreeSet<>(); + UserAppSet.add(nextApp); + user.setUserApps(UserAppSet); + } + + return user; + } + + public User findUser(String loginId, String password) { + + List list = null; + + StringBuffer criteria = new StringBuffer(); + criteria.append(" where login_id = '").append(loginId).append("'").append(" and login_pwd = '").append(password) + .append("'"); + + list = getDataAccessService().getList(User.class, criteria.toString(), null, null); + return (list == null || list.size() == 0) ? null : (User) list.get(0); + } + + private User findUserWithoutPwd(String loginId) { + List list = null; + StringBuffer criteria = new StringBuffer(); + criteria.append(" where login_id = '").append(loginId).append("'"); + list = getDataAccessService().getList(User.class, criteria.toString(), null, null); + return (list == null || list.size() == 0) ? null : (User) list.get(0); + } + + public DataAccessService getDataAccessService() { + return dataAccessService; + } + + public void setDataAccessService(DataAccessService dataAccessService) { + this.dataAccessService = dataAccessService; + } + + public MenuBuilder getMenuBuilder() { + return new MenuBuilder(); + } + + public void setMenuBuilder(MenuBuilder menuBuilder) { + this.menuBuilder = menuBuilder; + } + + public User getUser(User user) { + List list = null; + + StringBuffer criteria = new StringBuffer(); + criteria.append(" where login_id = '").append(user.getLoginId()).append("'"); + + list = getDataAccessService().getList(User.class, criteria.toString(), null, null); + return (list == null || list.size() == 0) ? null : (User) list.get(0); + + } + +} diff --git a/ecomp-sdk/epsdk-core/src/main/java/org/openecomp/portalsdk/core/service/LoginServiceImpl.java b/ecomp-sdk/epsdk-core/src/main/java/org/openecomp/portalsdk/core/service/LoginServiceImpl.java index e0a4b7c6..a38a16ff 100644 --- a/ecomp-sdk/epsdk-core/src/main/java/org/openecomp/portalsdk/core/service/LoginServiceImpl.java +++ b/ecomp-sdk/epsdk-core/src/main/java/org/openecomp/portalsdk/core/service/LoginServiceImpl.java @@ -29,17 +29,14 @@ import java.util.Set; import org.openecomp.portalsdk.core.command.LoginBean; import org.openecomp.portalsdk.core.domain.Role; import org.openecomp.portalsdk.core.domain.User; -import org.openecomp.portalsdk.core.domain.UserApp; import org.openecomp.portalsdk.core.menu.MenuBuilder; import org.openecomp.portalsdk.core.service.support.FusionService; import org.openecomp.portalsdk.core.util.SystemProperties; import org.openecomp.portalsdk.core.web.support.AppUtils; import org.openecomp.portalsdk.core.web.support.UserUtils; import org.springframework.beans.factory.annotation.Autowired; -import org.springframework.stereotype.Service; import org.springframework.transaction.annotation.Transactional; -@Service("loginService") @Transactional public class LoginServiceImpl extends FusionService implements LoginService { @@ -113,9 +110,6 @@ public class LoginServiceImpl extends FusionService implements LoginService { // save the above changes to the User and their audit trail - - - // create the application menu based on the user's privileges Set appMenu = getMenuBuilder().getMenu(SystemProperties.getProperty(SystemProperties.APPLICATION_MENU_SET_NAME),dataAccessService); @@ -133,7 +127,8 @@ public class LoginServiceImpl extends FusionService implements LoginService { private boolean userHasActiveRoles(User user) { boolean hasActiveRole = false; - Iterator roles = user.getRoles().iterator(); + @SuppressWarnings("rawtypes") + Iterator roles = user.getRoles().iterator(); while (roles.hasNext()) { Role role = (Role)roles.next(); if (role.getActive()) { diff --git a/ecomp-sdk/epsdk-core/src/main/java/org/openecomp/portalsdk/core/service/ProfileService.java b/ecomp-sdk/epsdk-core/src/main/java/org/openecomp/portalsdk/core/service/ProfileService.java index 61bd3b6e..3eda4cfc 100644 --- a/ecomp-sdk/epsdk-core/src/main/java/org/openecomp/portalsdk/core/service/ProfileService.java +++ b/ecomp-sdk/epsdk-core/src/main/java/org/openecomp/portalsdk/core/service/ProfileService.java @@ -26,11 +26,35 @@ import org.openecomp.portalsdk.core.domain.User; public interface ProfileService { - List<Profile> findAll(); - Profile getProfile(int id); + /** + * + * @return returns list of profiles + * @throws Exception + */ + List<Profile> findAll() throws Exception; - User getUser(String id); + /** + * + * @param id + * @return returns profile of requested ID + * @throws Exception + */ + Profile getProfile(int id) throws Exception; + + /** + * + * @param id loginId + * @return returns User info of requested ID + * @throws Exception + */ + User getUser(String id) throws Exception; + + /** + * + * @param user + *saveUser method saves the user object + */ void saveUser(User user); } diff --git a/ecomp-sdk/epsdk-core/src/main/java/org/openecomp/portalsdk/core/service/ProfileServiceCentralizedImpl.java b/ecomp-sdk/epsdk-core/src/main/java/org/openecomp/portalsdk/core/service/ProfileServiceCentralizedImpl.java new file mode 100644 index 00000000..c4da3338 --- /dev/null +++ b/ecomp-sdk/epsdk-core/src/main/java/org/openecomp/portalsdk/core/service/ProfileServiceCentralizedImpl.java @@ -0,0 +1,73 @@ +package org.openecomp.portalsdk.core.service; + +import java.util.List; + +import org.openecomp.portalsdk.core.domain.Profile; +import org.openecomp.portalsdk.core.domain.User; +import org.openecomp.portalsdk.core.logging.logic.EELFLoggerDelegate; +import org.springframework.beans.factory.annotation.Autowired; + +import com.fasterxml.jackson.databind.ObjectMapper; +import com.fasterxml.jackson.databind.type.TypeFactory; + +public class ProfileServiceCentralizedImpl implements ProfileService{ + + private EELFLoggerDelegate logger = EELFLoggerDelegate.getLogger(ProfileServiceCentralizedImpl.class); + + @Autowired + AppService appService; + + @Autowired + private DataAccessService dataAccessService; + + public DataAccessService getDataAccessService() { + return dataAccessService; + } + + public void setDataAccessService(DataAccessService dataAccessService) { + this.dataAccessService = dataAccessService; + } + + @Autowired + RestApiRequestBuilder restApiRequestBuilder ; + + @Override + public List<Profile> findAll() throws Exception{ + + List<Profile> profileList =null; + ObjectMapper mapper = new ObjectMapper(); + + String user = restApiRequestBuilder.getViaREST("/findAllProfiles", true,null); + profileList = mapper.readValue(user, + TypeFactory.defaultInstance().constructCollectionType(List.class, Profile.class)); + return profileList; + } + + @Override + public Profile getProfile(int id) throws Exception{ + ObjectMapper mapper = new ObjectMapper(); + Profile user = null; + String responseString = restApiRequestBuilder.getViaREST("/getProfile/" + id, true,Integer.toString(id)); + user = mapper.readValue(responseString, Profile.class); + return user; + } + + @Override + public User getUser(String id) throws Exception{ + ObjectMapper mapper = new ObjectMapper(); + User user = new User(); + String responseString =restApiRequestBuilder.getViaREST("/getUser/" + id, true,id); + user = mapper.readValue(responseString, User.class); + + return user; + } + + @Override + public void saveUser(User user) { + try { + getDataAccessService().saveDomainObject(user, null); + } catch (Exception e) { + logger.error(EELFLoggerDelegate.errorLogger, "saveUser failed", e); + } + } +} diff --git a/ecomp-sdk/epsdk-core/src/main/java/org/openecomp/portalsdk/core/service/ProfileServiceImpl.java b/ecomp-sdk/epsdk-core/src/main/java/org/openecomp/portalsdk/core/service/ProfileServiceImpl.java index 2d6fcfee..e0785567 100644 --- a/ecomp-sdk/epsdk-core/src/main/java/org/openecomp/portalsdk/core/service/ProfileServiceImpl.java +++ b/ecomp-sdk/epsdk-core/src/main/java/org/openecomp/portalsdk/core/service/ProfileServiceImpl.java @@ -24,12 +24,9 @@ import java.util.List; import org.openecomp.portalsdk.core.dao.ProfileDao; import org.openecomp.portalsdk.core.domain.Profile; import org.openecomp.portalsdk.core.domain.User; -import org.openecomp.portalsdk.core.service.DataAccessService; import org.springframework.beans.factory.annotation.Autowired; -import org.springframework.stereotype.Service; import org.springframework.transaction.annotation.Transactional; -@Service("profileService") @Transactional public class ProfileServiceImpl implements ProfileService{ diff --git a/ecomp-sdk/epsdk-core/src/main/java/org/openecomp/portalsdk/core/service/RestApiRequestBuilder.java b/ecomp-sdk/epsdk-core/src/main/java/org/openecomp/portalsdk/core/service/RestApiRequestBuilder.java new file mode 100644 index 00000000..6a2f7a47 --- /dev/null +++ b/ecomp-sdk/epsdk-core/src/main/java/org/openecomp/portalsdk/core/service/RestApiRequestBuilder.java @@ -0,0 +1,136 @@ +package org.openecomp.portalsdk.core.service; + +import static com.att.eelf.configuration.Configuration.MDC_KEY_REQUEST_ID; + +import org.openecomp.portalsdk.core.domain.App; +import org.openecomp.portalsdk.core.logging.logic.EELFLoggerDelegate; +import org.openecomp.portalsdk.core.onboarding.rest.RestWebServiceClient; +import org.openecomp.portalsdk.core.onboarding.util.CipherUtil; +import org.openecomp.portalsdk.core.util.SystemProperties; +import org.slf4j.MDC; +import org.springframework.beans.factory.annotation.Autowired; + +public class RestApiRequestBuilder { + + private EELFLoggerDelegate logger = EELFLoggerDelegate.getLogger(RoleServiceCentralizedAccess.class); + + @Autowired + AppService appService; + + public static String content_type = "application/json"; + + public String getViaREST(String restEndPoint, boolean isBasicAuth,String userId) { + String appName = ""; + String requestId = ""; + String appUserName = ""; + String decryptedPwd = ""; + + logger.info(EELFLoggerDelegate.debugLogger, "Making use of REST API communication for GET" + restEndPoint); + + App app = appService.getDefaultApp(); + + if (app != null) { + appName = app.getName(); + appUserName = app.getUsername(); + try { + decryptedPwd = CipherUtil.decrypt(app.getAppPassword(), + SystemProperties.getProperty(SystemProperties.Decryption_Key)); + } catch (Exception e) { + logger.error(EELFLoggerDelegate.errorLogger, + "Exception occurred in WebServiceCallServiceImpl.get while decrypting the password. Details: " + + e.toString()); + } + } else { + logger.warn(EELFLoggerDelegate.errorLogger, "Unable to locate the app information from the database."); + appName = SystemProperties.SDK_NAME; + } + requestId = MDC.get(MDC_KEY_REQUEST_ID); + + String response = null; + try { + response = RestWebServiceClient.getInstance().getPortalContent(restEndPoint, userId,appName, requestId, appUserName, + decryptedPwd, isBasicAuth); + } catch (Exception ex) { + response = "Failed to get roles " + ex.toString(); + } + logger.debug(EELFLoggerDelegate.debugLogger, "getRoles response: {}", response); + return response; + } + + public void postViaREST(String restEndPoint, boolean isBasicAuth, String content,String userId) { + String appName = ""; + String requestId = ""; + String appUserName = ""; + String decryptedPwd = ""; + + logger.info(EELFLoggerDelegate.debugLogger, "Making use of REST API communication for POST" + restEndPoint); + + App app = appService.getDefaultApp(); + + if (app != null) { + appName = app.getName(); + appUserName = app.getUsername(); + try { + decryptedPwd = CipherUtil.decrypt(app.getAppPassword(), + SystemProperties.getProperty(SystemProperties.Decryption_Key)); + } catch (Exception e) { + logger.error(EELFLoggerDelegate.errorLogger, + "Exception occurred in WebServiceCallServiceImpl.get while decrypting the password. Details: " + + e.toString()); + } + } else { + logger.warn(EELFLoggerDelegate.errorLogger, "Unable to locate the app information from the database."); + appName = SystemProperties.SDK_NAME; + } + requestId = MDC.get(MDC_KEY_REQUEST_ID); + + + try { + RestWebServiceClient.getInstance().postPortalContent(restEndPoint, userId, appName, requestId, appUserName, + decryptedPwd, content_type, content, isBasicAuth); + } catch (Exception ex) { + logger.error(EELFLoggerDelegate.debugLogger, "POST response: {}", ex); + } + logger.debug(EELFLoggerDelegate.debugLogger, "POST response: {}"); + + } + + public void deleteViaRest(String restEndPoint, boolean isBasicAuth, String content, String filter , String userId) { + String appName = ""; + String requestId = ""; + String appUserName = ""; + String decryptedPwd = ""; + + logger.info(EELFLoggerDelegate.debugLogger, "Making use of REST API communication for DELETE" + restEndPoint); + + App app = appService.getDefaultApp(); + + if (app != null) { + appName = app.getName(); + appUserName = app.getUsername(); + try { + decryptedPwd = CipherUtil.decrypt(app.getAppPassword(), + SystemProperties.getProperty(SystemProperties.Decryption_Key)); + } catch (Exception e) { + logger.error(EELFLoggerDelegate.errorLogger, + "Exception occurred in WebServiceCallServiceImpl.get while decrypting the password. Details: " + + e.toString()); + } + } else { + logger.warn(EELFLoggerDelegate.errorLogger, "Unable to locate the app information from the database."); + appName = SystemProperties.SDK_NAME; + } + requestId = MDC.get(MDC_KEY_REQUEST_ID); + + + try { + RestWebServiceClient.getInstance().deletePortalContent(restEndPoint, userId, appName, requestId, appUserName, + decryptedPwd, content_type, content, isBasicAuth, filter); + } catch (Exception ex) { + logger.error(EELFLoggerDelegate.debugLogger, "DELETE response: {}", ex); + } + logger.debug(EELFLoggerDelegate.debugLogger, "DELETE response: {}"); + + } + +} diff --git a/ecomp-sdk/epsdk-core/src/main/java/org/openecomp/portalsdk/core/service/RoleService.java b/ecomp-sdk/epsdk-core/src/main/java/org/openecomp/portalsdk/core/service/RoleService.java index 01367ecd..f05adf64 100644 --- a/ecomp-sdk/epsdk-core/src/main/java/org/openecomp/portalsdk/core/service/RoleService.java +++ b/ecomp-sdk/epsdk-core/src/main/java/org/openecomp/portalsdk/core/service/RoleService.java @@ -26,25 +26,104 @@ import org.openecomp.portalsdk.core.domain.RoleFunction; public interface RoleService { - List<RoleFunction> getRoleFunctions(); + /** + * + * @param requestedLoginId loginId + * @return returns List of RoleFunction + * @throws Exception + * Method getRoleFunctions returns list of Role Functions + */ + List<RoleFunction> getRoleFunctions(String requestedLoginId) throws Exception; - List<Role> getAvailableChildRoles(Long roleId); - Role getRole(Long id); + /** + * + * @param requestedLoginId + * @param roleId + * @return returns List of Role + * @throws Exception + * Method getAvailableChildRoles returns list of avialable child roles + */ + List<Role> getAvailableChildRoles(String requestedLoginId,Long roleId) throws Exception; - void saveRole(Role domainRole); - void deleteRole(Role domainRole); + /** + * + * @param requestedLoginId + * @param id roleId + * @return returns role + * @throws Exception + * Method getRole returns Role object if requested roleID + */ + Role getRole(String requestedLoginId,Long id) throws Exception; - List<Role> getAvailableRoles(); + /** + * + * @param requestedLoginId + * @param domainRole Object to be saved + * Method saveRole saves the Role Object + */ + void saveRole(String requestedLoginId,Role domainRole); - List<Role> getActiveRoles(); + /** + * + * @param requestedLoginId + * @param domainRole Object to be removed + * Method deleteRole deletes the requested Role Object + */ + void deleteRole(String requestedLoginId,Role domainRole); + + /** + * + * @param requestedLoginId + * @return returns list of available roles + * @throws Exception + * Method getAvailableRoles gets the list of available roles + */ + + List<Role> getAvailableRoles(String requestedLoginId) throws Exception; + + /** + * + * @param requestedLoginId + * @return + * @throws Exception + * Method getActiveRoles gets the list of active roles of application + * + */ + List<Role> getActiveRoles(String requestedLoginId) throws Exception; - RoleFunction getRoleFunction(String code); + /** + * + * @param requestedLoginId + * @param code function code + * @return + * @throws Exception + * Method getRoleFunction returns RoleFunction of requested function code + */ + RoleFunction getRoleFunction(String requestedLoginId,String code) throws Exception; - void saveRoleFunction(RoleFunction domainRoleFunction); + /** + * + * @param requestedLoginId + * @param domainRoleFunction + * Method saveRoleFunction saves the requested RoleFunction object + */ + void saveRoleFunction(String requestedLoginId,RoleFunction domainRoleFunction); - void deleteRoleFunction(RoleFunction domainRoleFunction); + /** + * + * @param requestedLoginId + * @param domainRoleFunction + * Method deleteRoleFunction deletes the requested RoleFunction object + */ + void deleteRoleFunction(String requestedLoginId,RoleFunction domainRoleFunction); - void deleteDependcyRoleRecord(Long id); + /** + * + * @param requestedLoginId + * @param id + * Method deleteDependcyRoleRecord deletes the requested object + */ + void deleteDependcyRoleRecord(String requestedLoginId,Long id); } diff --git a/ecomp-sdk/epsdk-core/src/main/java/org/openecomp/portalsdk/core/service/RoleServiceCentralizedAccess.java b/ecomp-sdk/epsdk-core/src/main/java/org/openecomp/portalsdk/core/service/RoleServiceCentralizedAccess.java new file mode 100644 index 00000000..f507a7fc --- /dev/null +++ b/ecomp-sdk/epsdk-core/src/main/java/org/openecomp/portalsdk/core/service/RoleServiceCentralizedAccess.java @@ -0,0 +1,169 @@ +package org.openecomp.portalsdk.core.service; + +import java.util.Iterator; +import java.util.List; +import java.util.Set; +import java.util.TreeSet; + +import org.openecomp.portalsdk.core.domain.Role; +import org.openecomp.portalsdk.core.domain.RoleFunction; +import org.openecomp.portalsdk.core.logging.logic.EELFLoggerDelegate; +import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.transaction.annotation.Transactional; + +import com.fasterxml.jackson.databind.ObjectMapper; +import com.fasterxml.jackson.databind.type.TypeFactory; + +@Transactional +public class RoleServiceCentralizedAccess implements RoleService { + + private EELFLoggerDelegate logger = EELFLoggerDelegate.getLogger(RoleServiceCentralizedAccess.class); + + @Autowired + AppService appService; + + @Autowired + RestApiRequestBuilder restApiRequestBuilder; + + @Override + public List<RoleFunction> getRoleFunctions(String loginId) throws Exception { + + List<RoleFunction> roleFunctionList = null; + String role_function_list = ""; + role_function_list = restApiRequestBuilder.getViaREST("/getAllRoleFunctions", true, loginId); + ObjectMapper mapper = new ObjectMapper(); + roleFunctionList = mapper.readValue(role_function_list, + TypeFactory.defaultInstance().constructCollectionType(List.class, RoleFunction.class)); + return roleFunctionList; + } + + @Override + public List<Role> getAvailableChildRoles(String loginId, Long roleId) throws Exception { + List<Role> availableChildRoles = getAvailableRoles(loginId); + if (roleId == null || roleId == 0) { + return availableChildRoles; + } + + Role currentRole = getRole(loginId, roleId); + Set<Role> allParentRoles = new TreeSet<Role>(); + allParentRoles = getAllParentRolesAsList(loginId, currentRole, allParentRoles); + + Iterator<Role> availableChildRolesIterator = availableChildRoles.iterator(); + while (availableChildRolesIterator.hasNext()) { + Role role = availableChildRolesIterator.next(); + if (!role.getActive() || allParentRoles.contains(role) || role.getId().equals(roleId)) { + availableChildRolesIterator.remove(); + } + } + return availableChildRoles; + } + + @SuppressWarnings("unchecked") + private Set<Role> getAllParentRolesAsList(String loginId, Role role, Set<Role> allParentRoles) { + Set<Role> parentRoles = role.getParentRoles(); + allParentRoles.addAll(parentRoles); + Iterator<Role> parentRolesIterator = parentRoles.iterator(); + while (parentRolesIterator.hasNext()) { + getAllParentRolesAsList(loginId, parentRolesIterator.next(), allParentRoles); + } + return allParentRoles; + } + + @Override + public Role getRole(String loginId, Long id) throws Exception { + ObjectMapper mapper = new ObjectMapper(); + + String roleString = restApiRequestBuilder.getViaREST("/role/" + id, true, loginId); + Role role = null; + + role = mapper.readValue(roleString, Role.class); + + logger.info(EELFLoggerDelegate.applicationLogger, "role_id" + role.getId()); + return role; + + } + + @Override + public void saveRole(String loginId, Role domainRole) { + try { + restApiRequestBuilder.postViaREST("/saveRole", true, domainRole.toString(), loginId); + } catch (Exception e) { + logger.error(EELFLoggerDelegate.errorLogger, "saveRole Failed", e); + } + } + + @Override + public void deleteRole(String loginId, Role domainRole) { + + String filter = " where active_yn = 'Y' "; + try { + restApiRequestBuilder.deleteViaRest("/deleteRole", true, domainRole.toString(), filter, loginId); + } catch (Exception e) { + logger.error(EELFLoggerDelegate.errorLogger, "deleteRole Failed", e); + } + } + + @Override + public List<Role> getAvailableRoles(String requestedLoginId) throws Exception { + ObjectMapper mapper = new ObjectMapper(); + + String roleList = restApiRequestBuilder.getViaREST("/getRoles", true, requestedLoginId); + List<Role> roles = null; + roles = mapper.readValue(roleList, + TypeFactory.defaultInstance().constructCollectionType(List.class, Role.class)); + return roles; + } + + @Override + public List<Role> getActiveRoles(String requestedLoginId) throws Exception { + ObjectMapper mapper = new ObjectMapper(); + String roleString = restApiRequestBuilder.getViaREST("/activeRoles?active_yn = 'Y'", true, requestedLoginId); + List<Role> roles = null; + roles = mapper.readValue(roleString, + TypeFactory.defaultInstance().constructCollectionType(List.class, Role.class)); + return roles; + + } + + @Override + public RoleFunction getRoleFunction(String requestedLoginId, String code) throws Exception { + + ObjectMapper mapper = new ObjectMapper(); + String responseString = restApiRequestBuilder.getViaREST("/getRoleFunction/" + code, true, requestedLoginId); + RoleFunction roleFunction = null; + roleFunction = mapper.readValue(responseString, RoleFunction.class); + return roleFunction; + } + + @Override + public void saveRoleFunction(String requestedLoginId, RoleFunction domainRoleFunction) { + try { + restApiRequestBuilder.postViaREST("/saveRoleFunction", true, domainRoleFunction.toString(), + requestedLoginId); + } catch (Exception e) { + logger.error(EELFLoggerDelegate.errorLogger, "saveRoleFunction Failed", e); + } + } + + @Override + public void deleteRoleFunction(String requestedLoginId, RoleFunction domainRoleFunction) { + + try { + restApiRequestBuilder.deleteViaRest("/deleteRoleFucntion", true, domainRoleFunction.toString(), null, + requestedLoginId); + } catch (Exception e) { + logger.error(EELFLoggerDelegate.errorLogger, "deleteRoleFunction Failed", e); + } + } + + @Override + public void deleteDependcyRoleRecord(String requestedLoginId, Long id) { + + try { + restApiRequestBuilder.deleteViaRest("/deleteDependcyRoleRecord/" + id, true, null, null, requestedLoginId); + } catch (Exception e) { + logger.error(EELFLoggerDelegate.errorLogger, "deleteDependcyRoleRecord Failed", e); + } + } + +} diff --git a/ecomp-sdk/epsdk-core/src/main/java/org/openecomp/portalsdk/core/service/RoleServiceImpl.java b/ecomp-sdk/epsdk-core/src/main/java/org/openecomp/portalsdk/core/service/RoleServiceImpl.java index 2e780998..eab20f56 100644 --- a/ecomp-sdk/epsdk-core/src/main/java/org/openecomp/portalsdk/core/service/RoleServiceImpl.java +++ b/ecomp-sdk/epsdk-core/src/main/java/org/openecomp/portalsdk/core/service/RoleServiceImpl.java @@ -33,10 +33,8 @@ import org.openecomp.portalsdk.core.domain.Role; import org.openecomp.portalsdk.core.domain.RoleFunction; import org.openecomp.portalsdk.core.logging.logic.EELFLoggerDelegate; import org.springframework.beans.factory.annotation.Autowired; -import org.springframework.stereotype.Service; import org.springframework.transaction.annotation.Transactional; -@Service("roleService") @Transactional public class RoleServiceImpl implements RoleService { @@ -57,13 +55,13 @@ public class RoleServiceImpl implements RoleService { } @SuppressWarnings("unchecked") - public List<RoleFunction> getRoleFunctions() { + public List<RoleFunction> getRoleFunctions(String loginId) { // List msgDB = getDataAccessService().getList(Profile.class, null); return getDataAccessService().getList(RoleFunction.class, null); } @SuppressWarnings("unchecked") - public List<Role> getAvailableChildRoles(Long roleId) { + public List<Role> getAvailableChildRoles(String loginId,Long roleId) { List<Role> availableChildRoles = (List<Role>) getDataAccessService().getList(Role.class, null); if (roleId == null || roleId == 0) { return availableChildRoles; @@ -71,7 +69,7 @@ public class RoleServiceImpl implements RoleService { Role currentRole = (Role) getDataAccessService().getDomainObject(Role.class, roleId, null); Set<Role> allParentRoles = new TreeSet<Role>(); - allParentRoles = getAllParentRolesAsList(currentRole, allParentRoles); + allParentRoles = getAllParentRolesAsList(loginId,currentRole, allParentRoles); Iterator<Role> availableChildRolesIterator = availableChildRoles.iterator(); while (availableChildRolesIterator.hasNext()) { @@ -84,48 +82,48 @@ public class RoleServiceImpl implements RoleService { } @SuppressWarnings("unchecked") - private Set<Role> getAllParentRolesAsList(Role role, Set<Role> allParentRoles) { + private Set<Role> getAllParentRolesAsList(String loginId,Role role, Set<Role> allParentRoles) { Set<Role> parentRoles = role.getParentRoles(); allParentRoles.addAll(parentRoles); Iterator<Role> parentRolesIterator = parentRoles.iterator(); while (parentRolesIterator.hasNext()) { - getAllParentRolesAsList(parentRolesIterator.next(), allParentRoles); + getAllParentRolesAsList( loginId,parentRolesIterator.next(), allParentRoles); } return allParentRoles; } - public RoleFunction getRoleFunction(String code) { + public RoleFunction getRoleFunction(String loginId,String code) { return (RoleFunction) getDataAccessService().getDomainObject(RoleFunction.class, code, null); } - public void saveRoleFunction(RoleFunction domainRoleFunction) { + public void saveRoleFunction(String loginId,RoleFunction domainRoleFunction) { getDataAccessService().saveDomainObject(domainRoleFunction, null); } - public void deleteRoleFunction(RoleFunction domainRoleFunction) { + public void deleteRoleFunction(String loginId,RoleFunction domainRoleFunction) { getDataAccessService().deleteDomainObject(domainRoleFunction, null); } - public Role getRole(Long id) { + public Role getRole(String loginId,Long id) { return (Role) getDataAccessService().getDomainObject(Role.class, id, null); } - public void saveRole(Role domainRole) { + public void saveRole(String loginId,Role domainRole) { getDataAccessService().saveDomainObject(domainRole, null); } - public void deleteRole(Role domainRole) { + public void deleteRole(String loginId,Role domainRole) { getDataAccessService().deleteDomainObject(domainRole, null); } @SuppressWarnings("unchecked") - public List<Role> getAvailableRoles() { + public List<Role> getAvailableRoles(String loginId) { return getDataAccessService().getList(Role.class, null); } @SuppressWarnings("unchecked") @Override - public List<Role> getActiveRoles() { + public List<Role> getActiveRoles(String loginId) { String filter = " where active_yn = 'Y' "; return getDataAccessService().getList(Role.class, filter, null, null); } @@ -139,7 +137,7 @@ public class RoleServiceImpl implements RoleService { } @Override - public void deleteDependcyRoleRecord(Long id) { + public void deleteDependcyRoleRecord(String loginId,Long id) { Connection conn = null; Statement stmt = null; try { diff --git a/ecomp-sdk/epsdk-core/src/main/java/org/openecomp/portalsdk/core/service/UrlAccessCentalizedImpl.java b/ecomp-sdk/epsdk-core/src/main/java/org/openecomp/portalsdk/core/service/UrlAccessCentalizedImpl.java new file mode 100644 index 00000000..c0275b87 --- /dev/null +++ b/ecomp-sdk/epsdk-core/src/main/java/org/openecomp/portalsdk/core/service/UrlAccessCentalizedImpl.java @@ -0,0 +1,77 @@ +package org.openecomp.portalsdk.core.service; + +import java.util.ArrayList; +import java.util.List; +import java.util.Set; + +import javax.servlet.http.HttpServletRequest; +import javax.servlet.http.HttpSession; + +import org.openecomp.portalsdk.core.domain.RoleFunction; +import org.openecomp.portalsdk.core.domain.User; +import org.openecomp.portalsdk.core.exception.SessionExpiredException; +import org.openecomp.portalsdk.core.util.SystemProperties; +import org.openecomp.portalsdk.core.web.support.AppUtils; +import org.openecomp.portalsdk.core.web.support.UserUtils; +import org.springframework.beans.factory.annotation.Autowired; + +public class UrlAccessCentalizedImpl implements UrlAccessService { + + @Autowired + AppService appService; + + @Autowired + RoleService roleService; + + + @Override + public boolean isUrlAccessible(HttpServletRequest request, String currentUrl) { + + boolean isAccessible = false; + User user = UserUtils.getUserSession(request); + + + HttpSession session = AppUtils.getSession(request); + + if (session == null) { + throw new SessionExpiredException(); + } + + @SuppressWarnings("unchecked") + List<RoleFunction> allRoleFunctionsList = (List<RoleFunction>) session.getAttribute(SystemProperties.getProperty(SystemProperties.ROLE_FUNCTION_LIST)); + + List<String> allUrls = new ArrayList<String>(); + + for (int i = 0; i < allRoleFunctionsList.size(); i++) { + if (allRoleFunctionsList.get(i).getCode() != null && ((String) allRoleFunctionsList.get(i).getCode()).substring(0, 4).toUpperCase().equals("url_".toUpperCase())) { + String functionCd = ((String) allRoleFunctionsList.get(i).getCode()).substring(4).toUpperCase(); + allUrls.add(functionCd); + } + } + + @SuppressWarnings("unchecked") + Set<RoleFunction> roleFunction = UserUtils.getRoleFunctions(request); + List list = new ArrayList<>(roleFunction); + List<String> UserURLlist = new ArrayList<String>(); + + if (list != null && list.size() > 0) { + for (int i = 0; i < list.size(); i++) { + if (list.get(i) != null && ((String) list.get(i)).substring(0, 4).toUpperCase().equals("url_".toUpperCase())) { + String functionCd = ((String) list.get(i)).substring(4).toUpperCase(); + UserURLlist.add(functionCd); + } + } + } + + if((!UserURLlist.contains(currentUrl) && !allUrls.contains(currentUrl)) || (UserURLlist.contains(currentUrl) && allUrls.contains(currentUrl))) + { + isAccessible = true; + }else { + isAccessible = false; + } + return isAccessible; + + } + + +} diff --git a/ecomp-sdk/epsdk-core/src/main/java/org/openecomp/portalsdk/core/service/UrlAccessImpl.java b/ecomp-sdk/epsdk-core/src/main/java/org/openecomp/portalsdk/core/service/UrlAccessImpl.java new file mode 100644 index 00000000..e01abfbb --- /dev/null +++ b/ecomp-sdk/epsdk-core/src/main/java/org/openecomp/portalsdk/core/service/UrlAccessImpl.java @@ -0,0 +1,48 @@ +package org.openecomp.portalsdk.core.service; + +import java.util.HashMap; +import java.util.List; +import java.util.Map; + +import javax.servlet.http.HttpServletRequest; + +import org.openecomp.portalsdk.core.domain.UrlsAccessible; +import org.openecomp.portalsdk.core.web.support.UserUtils; +import org.springframework.beans.factory.annotation.Autowired; + +public class UrlAccessImpl implements UrlAccessService{ + + @Autowired + DataAccessService dataAccessService; + + + + @Override + public boolean isUrlAccessible(HttpServletRequest request, String currentUrl) { + boolean isAccessible = false; + Map<String, String> params = new HashMap<>(); + params.put("current_url", currentUrl); + List list = dataAccessService.executeNamedQuery("restrictedUrls", params, null); + + // loop through the list of restricted URL's + if (list != null && list.size() > 0) { + for (int i = 0; i < list.size(); i++) { + /* + * Object[] restrictedUrl = (Object[])list.get(i); + * + * String url = (String)restrictedUrl[0]; String functionCd = + * (String)restrictedUrl[1]; + */ + UrlsAccessible urlFunctions = (UrlsAccessible) list.get(i); + // String url = (String) urlFunctions.getUrl(); + String functionCd = (String) urlFunctions.getFunctionCd(); + if (UserUtils.isAccessible(request, functionCd)) { + isAccessible = true; + } + } + return isAccessible; + } + return true; + } + +} diff --git a/ecomp-sdk/epsdk-core/src/main/java/org/openecomp/portalsdk/core/service/UrlAccessService.java b/ecomp-sdk/epsdk-core/src/main/java/org/openecomp/portalsdk/core/service/UrlAccessService.java new file mode 100644 index 00000000..bb815f5d --- /dev/null +++ b/ecomp-sdk/epsdk-core/src/main/java/org/openecomp/portalsdk/core/service/UrlAccessService.java @@ -0,0 +1,15 @@ +package org.openecomp.portalsdk.core.service; + +import javax.servlet.http.HttpServletRequest; + +public interface UrlAccessService { + + /** + * Answers whether the specified URL is accessible. + * + * @param request + * @param currentUrl + * @return true if yes, false if no. + */ + public boolean isUrlAccessible(HttpServletRequest request, String currentUrl); +} diff --git a/ecomp-sdk/epsdk-core/src/main/java/org/openecomp/portalsdk/core/service/UserProfileServiceCentalizedImpl.java b/ecomp-sdk/epsdk-core/src/main/java/org/openecomp/portalsdk/core/service/UserProfileServiceCentalizedImpl.java new file mode 100644 index 00000000..3e7b2b14 --- /dev/null +++ b/ecomp-sdk/epsdk-core/src/main/java/org/openecomp/portalsdk/core/service/UserProfileServiceCentalizedImpl.java @@ -0,0 +1,137 @@ +package org.openecomp.portalsdk.core.service; + +import java.io.IOException; +import java.util.ArrayList; +import java.util.HashSet; +import java.util.Iterator; +import java.util.List; +import java.util.SortedSet; + +import org.openecomp.portalsdk.core.domain.Role; +import org.openecomp.portalsdk.core.domain.User; +import org.openecomp.portalsdk.core.domain.support.CollaborateList; +import org.openecomp.portalsdk.core.logging.logic.EELFLoggerDelegate; +import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.transaction.annotation.Transactional; + +import com.fasterxml.jackson.core.JsonParseException; +import com.fasterxml.jackson.databind.JsonMappingException; +import com.fasterxml.jackson.databind.ObjectMapper; +import com.fasterxml.jackson.databind.type.TypeFactory; + + +@Transactional +public class UserProfileServiceCentalizedImpl implements UserProfileService { + + private EELFLoggerDelegate logger = EELFLoggerDelegate.getLogger(UserProfileServiceCentalizedImpl.class); + + @Autowired + AppService appService; + + @Autowired + RestApiRequestBuilder restApiRequestBuilder; + + @Autowired + private DataAccessService dataAccessService; + + public DataAccessService getDataAccessService() { + return dataAccessService; + } + + public void setDataAccessService(DataAccessService dataAccessService) { + this.dataAccessService = dataAccessService; + } + + @Override + public List<User> findAll() { + List<User> roles = new ArrayList<>(); + ObjectMapper mapper = new ObjectMapper(); + + String user = restApiRequestBuilder.getViaREST("/findAll", true,null); + try { + roles = mapper.readValue(user, + TypeFactory.defaultInstance().constructCollectionType(List.class, User.class)); + } catch (JsonParseException e) { + logger.error(EELFLoggerDelegate.errorLogger, "Json parsing failed", e); + } catch (JsonMappingException e) { + logger.error(EELFLoggerDelegate.errorLogger, "Json mapping failed", e); + } catch (IOException e) { + logger.error(EELFLoggerDelegate.errorLogger, "IO exception", e); + } + + return roles; + } + + @Override + public User getUser(String id) { + ObjectMapper mapper = new ObjectMapper(); + User user = new User(); + String responseString = restApiRequestBuilder.getViaREST("/getUser/" + id, true,id); + try { + + user = mapper.readValue(responseString, User.class); + } catch (JsonParseException e) { + logger.error(EELFLoggerDelegate.errorLogger, "Json parsing failed", e); + } catch (JsonMappingException e) { + logger.error(EELFLoggerDelegate.errorLogger, "Json mapping failed", e); + } catch (IOException e) { + logger.error(EELFLoggerDelegate.errorLogger, "IO exception", e); + } + + return user; + } + + @Override + public User getUserByLoginId(String loginId) { + return getUser(loginId); + } + + @Override + public void saveUser(User user) { + try { + getDataAccessService().saveDomainObject(user, null); + } catch (Exception e) { + logger.error(EELFLoggerDelegate.errorLogger, "saveUser Failed", e); + } + } + + @Override + public List<User> findAllUserWithOnOffline(String originOrgUserId) { + HashSet<String> onlineUser = CollaborateList.getInstance().getAllUserName(); + List<User> users = findAll(); + for (User u : users) { + if (onlineUser.contains(u.getOrgUserId())) + u.setOnline(true); + if (u.getOrgUserId() != null) { + if (originOrgUserId.compareTo(u.getOrgUserId()) > 0) { + u.setChatId(originOrgUserId + "-" + u.getOrgUserId()); + } else + u.setChatId(u.getOrgUserId() + "-" + originOrgUserId); + } + } + return users; + } + + @Override + public List<User> findAllActive() { + List<User> users = findAll(); + Iterator<User> itr = users.iterator(); + while (itr.hasNext()) { + User u = (User) itr.next(); + if (!u.getActive()) + itr.remove();// if not active remove user from list + else { + SortedSet<Role> roles = u.getRoles(); + Iterator<Role> itrRoles = roles.iterator(); + while (itrRoles.hasNext()) { + Role role = (Role) itrRoles.next(); + if (!role.getActive()) + u.removeRole(role.getId());// if not active remove role + // from list + } + } + } + return users; + } + +} diff --git a/ecomp-sdk/epsdk-core/src/main/java/org/openecomp/portalsdk/core/service/UserProfileServiceImpl.java b/ecomp-sdk/epsdk-core/src/main/java/org/openecomp/portalsdk/core/service/UserProfileServiceImpl.java index 2d134725..866318c5 100644 --- a/ecomp-sdk/epsdk-core/src/main/java/org/openecomp/portalsdk/core/service/UserProfileServiceImpl.java +++ b/ecomp-sdk/epsdk-core/src/main/java/org/openecomp/portalsdk/core/service/UserProfileServiceImpl.java @@ -31,10 +31,8 @@ import org.openecomp.portalsdk.core.domain.Role; import org.openecomp.portalsdk.core.domain.User; import org.openecomp.portalsdk.core.domain.support.CollaborateList; import org.springframework.beans.factory.annotation.Autowired; -import org.springframework.stereotype.Service; import org.springframework.transaction.annotation.Transactional; -@Service("userProfileService") @Transactional public class UserProfileServiceImpl implements UserProfileService{ @@ -42,6 +40,7 @@ public class UserProfileServiceImpl implements UserProfileService{ @Autowired private DataAccessService dataAccessService; + @SuppressWarnings("unchecked") public List<User> findAll() { return getDataAccessService().getList(User.class, null); } @@ -94,6 +93,7 @@ public class UserProfileServiceImpl implements UserProfileService{ } public List<User> findAllActive() { + @SuppressWarnings("unchecked") List<User> users = getDataAccessService().getList(User.class, null); Iterator<User> itr = users.iterator(); while(itr.hasNext()){ diff --git a/ecomp-sdk/epsdk-core/src/main/java/org/openecomp/portalsdk/core/util/SystemProperties.java b/ecomp-sdk/epsdk-core/src/main/java/org/openecomp/portalsdk/core/util/SystemProperties.java index 2dacae84..20dfec90 100644 --- a/ecomp-sdk/epsdk-core/src/main/java/org/openecomp/portalsdk/core/util/SystemProperties.java +++ b/ecomp-sdk/epsdk-core/src/main/java/org/openecomp/portalsdk/core/util/SystemProperties.java @@ -209,6 +209,8 @@ public class SystemProperties { public static final String LOGIN_METHOD_WEB_JUNCTION = "login_method_web_junction"; public static final String LOGIN_METHOD_BACKDOOR = "login_method_backdoor"; public static final String LOGIN_METHOD_ATTRIBUTE_NAME = "login_method_attribute_name"; + public static final String ROLE_FUNCTION_LIST = "role_function_list"; + // login error message keys public static final String MESSAGE_KEY_LOGIN_ERROR_COOKIE_EMPTY = "login.error.hrid.empty"; diff --git a/ecomp-sdk/epsdk-core/src/main/java/org/openecomp/portalsdk/core/web/support/UserUtils.java b/ecomp-sdk/epsdk-core/src/main/java/org/openecomp/portalsdk/core/web/support/UserUtils.java index 37eaccad..6b3dc4dc 100644 --- a/ecomp-sdk/epsdk-core/src/main/java/org/openecomp/portalsdk/core/web/support/UserUtils.java +++ b/ecomp-sdk/epsdk-core/src/main/java/org/openecomp/portalsdk/core/web/support/UserUtils.java @@ -46,12 +46,13 @@ import org.openecomp.portalsdk.core.menu.MenuBuilder; import org.openecomp.portalsdk.core.restful.domain.EcompRole; import org.openecomp.portalsdk.core.restful.domain.EcompUser; import org.openecomp.portalsdk.core.service.DataAccessService; +import org.openecomp.portalsdk.core.service.UrlAccessService; import org.openecomp.portalsdk.core.util.SystemProperties; import org.springframework.beans.factory.annotation.Autowired; @SuppressWarnings("rawtypes") public class UserUtils { - + static EELFLoggerDelegate logger = EELFLoggerDelegate.getLogger(UserUtils.class); public static final String KEY_USER_ROLES_CACHE = "userRoles"; @@ -59,7 +60,7 @@ public class UserUtils { private static DataAccessService dataAccessService; public static void setUserSession(HttpServletRequest request, User user, Set applicationMenuData, - Set businessDirectMenuData, String loginMethod) { + Set businessDirectMenuData, String loginMethod , List<RoleFunction> roleFunctionList) { HttpSession session = request.getSession(true); UserUtils.clearUserSession(request); // let's clear the current user @@ -77,6 +78,8 @@ public class UserUtils { session.setAttribute(SystemProperties.getProperty(SystemProperties.USER_NAME), user.getFullName()); session.setAttribute(SystemProperties.FIRST_NAME, user.getFirstName()); session.setAttribute(SystemProperties.LAST_NAME, user.getLastName()); + session.setAttribute(SystemProperties.ROLE_FUNCTION_LIST, roleFunctionList); + ServletContext context = session.getServletContext(); int licenseVarificationFlag = 3; try { @@ -125,12 +128,14 @@ public class UserUtils { session.removeAttribute(SystemProperties.getProperty(SystemProperties.ROLES_ATTRIBUTE_NAME)); session.removeAttribute(SystemProperties.getProperty(SystemProperties.ROLE_FUNCTIONS_ATTRIBUTE_NAME)); session.removeAttribute(SystemProperties.getProperty(SystemProperties.LOGIN_METHOD_ATTRIBUTE_NAME)); + session.removeAttribute(SystemProperties.getProperty(SystemProperties.ROLE_FUNCTION_LIST)); + } @SuppressWarnings("unchecked") public static Set getRoleFunctions(HttpServletRequest request) { HashSet roleFunctions = null; - +// HashSet<RoleFunction> rolefun = null; HttpSession session = request.getSession(); roleFunctions = (HashSet) session .getAttribute(SystemProperties.getProperty(SystemProperties.ROLE_FUNCTIONS_ATTRIBUTE_NAME)); @@ -152,11 +157,12 @@ public class UserUtils { roleFunctions.add(function.getCode()); } } - session.setAttribute(SystemProperties.getProperty(SystemProperties.ROLE_FUNCTIONS_ATTRIBUTE_NAME), roleFunctions); } - + + + return roleFunctions; } @@ -228,38 +234,7 @@ public class UserUtils { } - /** - * Answers whether the specified URL is accessible. - * - * @param request - * @param currentUrl - * @return true if yes, false if no. - */ - public static boolean isUrlAccessible(HttpServletRequest request, String currentUrl) { - boolean isAccessible = false; - Map<String,String> params = new HashMap<>(); - params.put("current_url", currentUrl); - List list = getDataAccessService().executeNamedQuery("restrictedUrls", params, null); - // loop through the list of restricted URL's - if (list != null && list.size() > 0) { - for (int i = 0; i < list.size(); i++) { - /* - * Object[] restrictedUrl = (Object[])list.get(i); - * - * String url = (String)restrictedUrl[0]; String functionCd = - * (String)restrictedUrl[1]; - */ - UrlsAccessible urlFunctions = (UrlsAccessible) list.get(i); - // String url = (String) urlFunctions.getUrl(); - String functionCd = (String) urlFunctions.getFunctionCd(); - if (UserUtils.isAccessible(request, functionCd)) { - isAccessible = true; - } - } - return isAccessible; - } - return true; - } + public static boolean hasRole(HttpServletRequest request, String roleKey) { return getRoles(request).keySet().contains(new Long(roleKey)); @@ -308,10 +283,11 @@ public class UserUtils { return userId; } - private static final Object stackTraceLock = new Object(); + /** - * Serializes a stack trace of the specified throwable and returns it as a string. + * Serializes a stack trace of the specified throwable and returns it as a + * string. * * TODO: why is synchronization required? * @@ -328,7 +304,8 @@ public class UserUtils { } /** - * Gets the full URL of the request by joining the request and any query string. + * Gets the full URL of the request by joining the request and any query + * string. * * @param request * @return Full URL of the request including query parameters @@ -362,8 +339,8 @@ public class UserUtils { while (headerNames.hasMoreElements()) { String headerName = (String) headerNames.nextElement(); if (logger.isTraceEnabled()) - logger.trace(EELFLoggerDelegate.debugLogger, - "getRequestId: header {} = {}", headerName, request.getHeader(headerName)); + logger.trace(EELFLoggerDelegate.debugLogger, "getRequestId: header {} = {}", headerName, + request.getHeader(headerName)); if (headerName.equalsIgnoreCase(SystemProperties.ECOMP_REQUEST_ID)) { requestId = request.getHeader(headerName); break; @@ -380,7 +357,8 @@ public class UserUtils { } /** - * Converts a Hibernate-mapped User object to a JSON-serializable EcompUser object. + * Converts a Hibernate-mapped User object to a JSON-serializable EcompUser + * object. * * @param user * @return EcompUser with a subset of fields. @@ -408,7 +386,8 @@ public class UserUtils { } /** - * Converts a Hibernate-mapped Role object to a JSON-serializable EcompRole object. + * Converts a Hibernate-mapped Role object to a JSON-serializable EcompRole + * object. * * @param role * @return EcompRole with a subset of fields: ID and name @@ -419,5 +398,7 @@ public class UserUtils { ecompRole.setName(role.getName()); return ecompRole; } - -} + + } + + |