summaryrefslogtreecommitdiffstats
path: root/ecomp-sdk/epsdk-core/src/main/java/org/onap/portalsdk/core/service/LoginExternalAuthServiceImpl.java
diff options
context:
space:
mode:
Diffstat (limited to 'ecomp-sdk/epsdk-core/src/main/java/org/onap/portalsdk/core/service/LoginExternalAuthServiceImpl.java')
-rw-r--r--ecomp-sdk/epsdk-core/src/main/java/org/onap/portalsdk/core/service/LoginExternalAuthServiceImpl.java254
1 files changed, 254 insertions, 0 deletions
diff --git a/ecomp-sdk/epsdk-core/src/main/java/org/onap/portalsdk/core/service/LoginExternalAuthServiceImpl.java b/ecomp-sdk/epsdk-core/src/main/java/org/onap/portalsdk/core/service/LoginExternalAuthServiceImpl.java
new file mode 100644
index 00000000..c31ef75e
--- /dev/null
+++ b/ecomp-sdk/epsdk-core/src/main/java/org/onap/portalsdk/core/service/LoginExternalAuthServiceImpl.java
@@ -0,0 +1,254 @@
+/*-
+ * ============LICENSE_START==========================================
+ * ONAP Portal SDK
+ * ===================================================================
+ * Copyright (C) 2017 AT&T Intellectual Property. All rights reserved.
+ * ===================================================================
+ *
+ * Unless otherwise specified, all software contained herein is licensed
+ * under the Apache License, Version 2.0 (the "License");
+ * you may not use this software except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ * Unless otherwise specified, all documentation contained herein is licensed
+ * under the Creative Commons License, Attribution 4.0 Intl. (the "License");
+ * you may not use this documentation except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * https://creativecommons.org/licenses/by/4.0/
+ *
+ * Unless required by applicable law or agreed to in writing, documentation
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ * ============LICENSE_END============================================
+ *
+ *
+ */
+package org.onap.portalsdk.core.service;
+
+import java.util.Date;
+import java.util.HashMap;
+import java.util.HashSet;
+import java.util.Iterator;
+import java.util.List;
+import java.util.Map;
+import java.util.Set;
+
+import javax.servlet.http.HttpServletRequest;
+
+import org.onap.portalsdk.core.command.LoginBean;
+import org.onap.portalsdk.core.domain.Role;
+import org.onap.portalsdk.core.domain.User;
+import org.onap.portalsdk.core.logging.logic.EELFLoggerDelegate;
+import org.onap.portalsdk.core.menu.MenuBuilder;
+import org.onap.portalsdk.core.service.DataAccessService;
+import org.onap.portalsdk.core.service.LoginServiceCentralizedImpl;
+import org.onap.portalsdk.core.util.SystemProperties;
+import org.onap.portalsdk.core.web.support.AppUtils;
+import org.onap.portalsdk.core.web.support.UserUtils;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.stereotype.Service;
+import org.springframework.transaction.annotation.Transactional;
+
+@Service("loginExternalAuthService")
+public class LoginExternalAuthServiceImpl implements LoginExternalAuthService {
+
+ private static final EELFLoggerDelegate logger = EELFLoggerDelegate.getLogger(LoginServiceCentralizedImpl.class);
+
+ @Autowired
+ private DataAccessService dataAccessService;
+
+ @Autowired
+ private UserApiService userApiService;
+
+ @Override
+ public LoginBean findUser(LoginBean bean, String menuPropertiesFilename,
+ @SuppressWarnings("rawtypes") Map additionalParams, HttpServletRequest request) throws Exception {
+ return findUser(bean, menuPropertiesFilename, additionalParams, true, request);
+ }
+
+ @Override
+ @SuppressWarnings("rawtypes")
+ @Transactional
+ public LoginBean findUser(LoginBean bean, String menuPropertiesFilename, Map additionalParams,
+ boolean matchPassword, HttpServletRequest request) throws Exception {
+
+ User user;
+ if (bean.getUserid() != null) {
+ user = findUser(bean, request);
+ } else {
+ if (matchPassword)
+ user = findUser(bean.getLoginId(), bean.getLoginPwd());
+ else
+ user = findUserWithoutPwd(bean.getLoginId());
+ }
+
+ if (user != null) {
+ if (AppUtils.isApplicationLocked()
+ && !UserUtils.hasRole(user, SystemProperties.getProperty(SystemProperties.SYS_ADMIN_ROLE_ID))) {
+ bean.setLoginErrorMessage(SystemProperties.MESSAGE_KEY_LOGIN_ERROR_APPLICATION_LOCKED);
+ }
+
+ // raise an error if the user is inactive
+ if (!user.getActive()) {
+ bean.setLoginErrorMessage(SystemProperties.MESSAGE_KEY_LOGIN_ERROR_USER_INACTIVE);
+ }
+
+ if (!userHasActiveRoles(user)) {
+ bean.setLoginErrorMessage(SystemProperties.MESSAGE_KEY_LOGIN_ERROR_USER_INACTIVE);
+ }
+ // only login the user if no errors have occurred
+ if (bean.getLoginErrorMessage() == null) {
+
+ // this will be a snapshot of the user's information as
+ // retrieved from the database
+ User userCopy = null;
+ try {
+ userCopy = (User) user.clone();
+ } catch (CloneNotSupportedException ex) {
+ // Never happens
+ logger.error(EELFLoggerDelegate.errorLogger, "findUser failed", ex);
+ }
+
+ User appuser = findUserWithoutPwd(user.getLoginId());
+
+ if (appuser == null && userHasRoleFunctions(user)) {
+ createUserIfNecessary(user);
+ } else {
+ appuser.setLastLoginDate(new Date());
+
+ // update the last logged in date for the user
+ dataAccessService.saveDomainObject(appuser, additionalParams);
+ }
+ // update the audit log of the user
+ // Check for the client device type and set log attributes
+ // appropriately
+
+ // save the above changes to the User and their audit trail
+
+ // create the application menu based on the user's privileges
+
+ Set appMenu = getMenuBuilder().getMenu(
+ SystemProperties.getProperty(SystemProperties.APPLICATION_MENU_SET_NAME), dataAccessService);
+ bean.setMenu(appMenu != null ? appMenu : new HashSet());
+ Set businessDirectMenu = getMenuBuilder().getMenu(
+ SystemProperties.getProperty(SystemProperties.BUSINESS_DIRECT_MENU_SET_NAME),
+ dataAccessService);
+ bean.setBusinessDirectMenu(businessDirectMenu != null ? businessDirectMenu : new HashSet());
+
+ bean.setUser(userCopy);
+ }
+ }
+
+ return bean;
+ }
+
+ private void createUserIfNecessary(User user) {
+ logger.debug(EELFLoggerDelegate.debugLogger, "createUser: " + user.getOrgUserId());
+ User user1 = new User();
+ user1.setEmail(user.getEmail());
+ user1.setEmail(user.getEmail());
+ user1.setFirstName(user.getFirstName());
+ user1.setHrid(user.getHrid());
+ user1.setJobTitle(user.getJobTitle());
+ user1.setLastName(user.getLastName());
+ user1.setLoginId(user.getLoginId());
+ user1.setOrgManagerUserId(user.getOrgManagerUserId());
+ user1.setMiddleInitial(user.getMiddleInitial());
+ user1.setOrgCode(user.getOrgCode());
+ user1.setOrgId(user.getOrgId());
+ user1.setPhone(user.getPhone());
+ user1.setOrgUserId(user.getOrgUserId());
+ user1.setActive(user.getActive());
+ user1.setLastLoginDate(new Date());
+
+ try {
+ dataAccessService.saveDomainObject(user1, null);
+ logger.debug(EELFLoggerDelegate.debugLogger, "createdUser Successfully: " + user.getOrgUserId());
+ } catch (Exception ex) {
+ logger.error(EELFLoggerDelegate.errorLogger, "createUserIfNecessary failed", ex);
+ }
+
+ }
+
+ private boolean userHasActiveRoles(User user) {
+ boolean hasActiveRole = false;
+ @SuppressWarnings("rawtypes")
+ Iterator roles = user.getRoles().iterator();
+ while (roles.hasNext()) {
+ Role role = (Role) roles.next();
+ if (role.getActive()) {
+ hasActiveRole = true;
+ break;
+ }
+ }
+ return hasActiveRole;
+ }
+
+ private boolean userHasRoleFunctions(User user) {
+ boolean hasRoleFunctions = false;
+ @SuppressWarnings("rawtypes")
+ Iterator roles = user.getRoles().iterator();
+ while (roles.hasNext()) {
+ Role role = (Role) roles.next();
+ if (role.getActive() && role.getRoleFunctions() != null && !role.getRoleFunctions().isEmpty()) {
+ hasRoleFunctions = true;
+ break;
+ }
+ }
+ return hasRoleFunctions;
+ }
+
+ private User findUser(LoginBean bean, HttpServletRequest request) throws Exception {
+ User user = userApiService.getUser(bean.getUserid(), request);
+ user.setId(getUserIdByOrgUserId(user.getOrgUserId()));
+ user.setLoginId(bean.getUserid());
+ logger.debug(EELFLoggerDelegate.debugLogger, "findUser: Returning final user roles and permissions", user.toString());
+ return user;
+ }
+
+ private Long getUserIdByOrgUserId(String orgUserId) {
+ Map<String, String> params = new HashMap<>();
+ params.put("orgUserId", orgUserId);
+ @SuppressWarnings("rawtypes")
+ List list = dataAccessService.executeNamedQuery("getUserIdByorgUserId", params, null);
+ Long userId = null;
+ if (list != null && !list.isEmpty())
+ userId = (Long) list.get(0);
+ return userId;
+ }
+
+ @SuppressWarnings("rawtypes")
+ private User findUser(String loginId, String password) {
+ Map<String, String> params = new HashMap<>();
+ params.put("login_id", loginId);
+ params.put("login_pwd", password);
+ List list = dataAccessService.executeNamedQuery("getUserByLoginIdLoginPwd", params, new HashMap());
+ return (list == null || list.isEmpty()) ? null : (User) list.get(0);
+ }
+
+ @SuppressWarnings("rawtypes")
+ @Override
+ public User findUserWithoutPwd(String loginId) {
+ Map<String, String> params = new HashMap<>();
+ params.put("org_user_id", loginId);
+ List list = dataAccessService.executeNamedQuery("getUserByOrgUserId", params, new HashMap());
+ return (list == null || list.isEmpty()) ? null : (User) list.get(0);
+ }
+
+ private MenuBuilder getMenuBuilder() {
+ return new MenuBuilder();
+ }
+
+} \ No newline at end of file