From 15843133cb53eaa3c0ffbdcbdbfc581819a5fcdc Mon Sep 17 00:00:00 2001 From: "Kishore Reddy, Gujja (kg811t)" Date: Thu, 12 Apr 2018 15:30:01 -0400 Subject: pom, new modules changes Issue-ID: PORTAL-254 portal/SDK release 2.3.0, domain, sdk aaf modules Change-Id: I4308550f295620d10d049fef3a88db3365a48a6f Signed-off-by: Kishore Reddy, Gujja (kg811t) --- .../service/LoginExternalAuthServiceImpl.java | 251 +++++++++++++++++++++ 1 file changed, 251 insertions(+) create mode 100644 ecomp-sdk/epsdk-aaf/src/main/java/org/onap/portalsdk/external/authorization/service/LoginExternalAuthServiceImpl.java (limited to 'ecomp-sdk/epsdk-aaf/src/main/java/org/onap/portalsdk/external/authorization/service/LoginExternalAuthServiceImpl.java') diff --git a/ecomp-sdk/epsdk-aaf/src/main/java/org/onap/portalsdk/external/authorization/service/LoginExternalAuthServiceImpl.java b/ecomp-sdk/epsdk-aaf/src/main/java/org/onap/portalsdk/external/authorization/service/LoginExternalAuthServiceImpl.java new file mode 100644 index 00000000..a0eee23d --- /dev/null +++ b/ecomp-sdk/epsdk-aaf/src/main/java/org/onap/portalsdk/external/authorization/service/LoginExternalAuthServiceImpl.java @@ -0,0 +1,251 @@ +/*- + * ============LICENSE_START========================================== + * ONAP Portal SDK + * =================================================================== + * Copyright (C) 2017 AT&T Intellectual Property. All rights reserved. + * =================================================================== + * + * Unless otherwise specified, all software contained herein is licensed + * under the Apache License, Version 2.0 (the "License"); + * you may not use this software except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + * Unless otherwise specified, all documentation contained herein is licensed + * under the Creative Commons License, Attribution 4.0 Intl. (the "License"); + * you may not use this documentation except in compliance with the License. + * You may obtain a copy of the License at + * + * https://creativecommons.org/licenses/by/4.0/ + * + * Unless required by applicable law or agreed to in writing, documentation + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + * ============LICENSE_END============================================ + * + * ECOMP is a trademark and service mark of AT&T Intellectual Property. + */ +package org.onap.portalsdk.external.authorization.service; + +import java.util.Date; +import java.util.HashMap; +import java.util.HashSet; +import java.util.Iterator; +import java.util.List; +import java.util.Map; +import java.util.Set; + +import javax.servlet.http.HttpServletRequest; + +import org.onap.portalsdk.core.command.LoginBean; +import org.onap.portalsdk.core.logging.logic.EELFLoggerDelegate; +import org.onap.portalsdk.core.menu.MenuBuilder; +import org.onap.portalsdk.core.service.DataAccessService; +import org.onap.portalsdk.core.service.LoginServiceCentralizedImpl; +import org.onap.portalsdk.core.util.SystemProperties; +import org.onap.portalsdk.core.web.support.AppUtils; +import org.onap.portalsdk.core.web.support.UserUtils; +import org.onap.portalsdk.core.domain.Role; +import org.onap.portalsdk.core.domain.User; +import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.stereotype.Service; + +@Service("loginExternalAuthService") +public class LoginExternalAuthServiceImpl implements LoginExternalAuthService { + + private static final EELFLoggerDelegate logger = EELFLoggerDelegate.getLogger(LoginServiceCentralizedImpl.class); + + @Autowired + private DataAccessService dataAccessService; + + @Autowired + private UserApiService userApiService; + + @Override + public LoginBean findUser(LoginBean bean, String menuPropertiesFilename, + @SuppressWarnings("rawtypes") Map additionalParams, HttpServletRequest request) throws Exception { + return findUser(bean, menuPropertiesFilename, additionalParams, true, request); + } + + @Override + @SuppressWarnings("rawtypes") + public LoginBean findUser(LoginBean bean, String menuPropertiesFilename, Map additionalParams, + boolean matchPassword, HttpServletRequest request) throws Exception { + + User user; + if (bean.getUserid() != null) { + user = findUser(bean, request); + } else { + if (matchPassword) + user = findUser(bean.getLoginId(), bean.getLoginPwd()); + else + user = findUserWithoutPwd(bean.getLoginId()); + } + + if (user != null) { + if (AppUtils.isApplicationLocked() + && !UserUtils.hasRole(user, SystemProperties.getProperty(SystemProperties.SYS_ADMIN_ROLE_ID))) { + bean.setLoginErrorMessage(SystemProperties.MESSAGE_KEY_LOGIN_ERROR_APPLICATION_LOCKED); + } + + // raise an error if the user is inactive + if (!user.getActive()) { + bean.setLoginErrorMessage(SystemProperties.MESSAGE_KEY_LOGIN_ERROR_USER_INACTIVE); + } + + if (!userHasActiveRoles(user)) { + bean.setLoginErrorMessage(SystemProperties.MESSAGE_KEY_LOGIN_ERROR_USER_INACTIVE); + } + // only login the user if no errors have occurred + if (bean.getLoginErrorMessage() == null) { + + // this will be a snapshot of the user's information as + // retrieved from the database + User userCopy = null; + try { + userCopy = (User) user.clone(); + } catch (CloneNotSupportedException ex) { + // Never happens + logger.error(EELFLoggerDelegate.errorLogger, "findUser failed", ex); + } + + User appuser = findUserWithoutPwd(user.getLoginId()); + + if (appuser == null && userHasRoleFunctions(user)) { + createUserIfNecessary(user); + } else { + appuser.setLastLoginDate(new Date()); + + // update the last logged in date for the user + dataAccessService.saveDomainObject(appuser, additionalParams); + } + // update the audit log of the user + // Check for the client device type and set log attributes + // appropriately + + // save the above changes to the User and their audit trail + + // create the application menu based on the user's privileges + + Set appMenu = getMenuBuilder().getMenu( + SystemProperties.getProperty(SystemProperties.APPLICATION_MENU_SET_NAME), dataAccessService); + bean.setMenu(appMenu != null ? appMenu : new HashSet()); + Set businessDirectMenu = getMenuBuilder().getMenu( + SystemProperties.getProperty(SystemProperties.BUSINESS_DIRECT_MENU_SET_NAME), + dataAccessService); + bean.setBusinessDirectMenu(businessDirectMenu != null ? businessDirectMenu : new HashSet()); + + bean.setUser(userCopy); + } + } + + return bean; + } + + private void createUserIfNecessary(User user) { + logger.debug(EELFLoggerDelegate.debugLogger, "createUser: " + user.getOrgUserId()); + User user1 = new User(); + user1.setEmail(user.getEmail()); + user1.setEmail(user.getEmail()); + user1.setFirstName(user.getFirstName()); + user1.setHrid(user.getHrid()); + user1.setJobTitle(user.getJobTitle()); + user1.setLastName(user.getLastName()); + user1.setLoginId(user.getLoginId()); + user1.setOrgManagerUserId(user.getOrgManagerUserId()); + user1.setMiddleInitial(user.getMiddleInitial()); + user1.setOrgCode(user.getOrgCode()); + user1.setOrgId(user.getOrgId()); + user1.setPhone(user.getPhone()); + user1.setOrgUserId(user.getOrgUserId()); + user1.setActive(user.getActive()); + user1.setLastLoginDate(new Date()); + + try { + dataAccessService.saveDomainObject(user1, null); + logger.debug(EELFLoggerDelegate.debugLogger, "createdUser Successfully: " + user.getOrgUserId()); + } catch (Exception ex) { + logger.error(EELFLoggerDelegate.errorLogger, "createUserIfNecessary failed", ex); + } + + } + + private boolean userHasActiveRoles(User user) { + boolean hasActiveRole = false; + @SuppressWarnings("rawtypes") + Iterator roles = user.getRoles().iterator(); + while (roles.hasNext()) { + Role role = (Role) roles.next(); + if (role.getActive()) { + hasActiveRole = true; + break; + } + } + return hasActiveRole; + } + + private boolean userHasRoleFunctions(User user) { + boolean hasRoleFunctions = false; + @SuppressWarnings("rawtypes") + Iterator roles = user.getRoles().iterator(); + while (roles.hasNext()) { + Role role = (Role) roles.next(); + if (role.getActive() && role.getRoleFunctions() != null && !role.getRoleFunctions().isEmpty()) { + hasRoleFunctions = true; + break; + } + } + return hasRoleFunctions; + } + + private User findUser(LoginBean bean, HttpServletRequest request) throws Exception { + User user = userApiService.getUser(bean.getUserid(), request); + user.setId(getUserIdByOrgUserId(user.getOrgUserId())); + logger.debug(EELFLoggerDelegate.debugLogger, "findUser: Returning final user roles and permissions", user.toString()); + return user; + } + + private Long getUserIdByOrgUserId(String orgUserId) { + Map params = new HashMap<>(); + params.put("orgUserId", orgUserId); + @SuppressWarnings("rawtypes") + List list = dataAccessService.executeNamedQuery("getUserIdByorgUserId", params, null); + Long userId = null; + if (list != null && !list.isEmpty()) + userId = (Long) list.get(0); + return userId; + } + + @SuppressWarnings("rawtypes") + private User findUser(String loginId, String password) { + Map params = new HashMap<>(); + params.put("login_id", loginId); + params.put("login_pwd", password); + List list = dataAccessService.executeNamedQuery("getUserByLoginIdLoginPwd", params, new HashMap()); + return (list == null || list.isEmpty()) ? null : (User) list.get(0); + } + + @SuppressWarnings("rawtypes") + @Override + public User findUserWithoutPwd(String loginId) { + Map params = new HashMap<>(); + params.put("org_user_id", loginId); + List list = dataAccessService.executeNamedQuery("getUserByOrgUserId", params, new HashMap()); + return (list == null || list.isEmpty()) ? null : (User) list.get(0); + } + + private MenuBuilder getMenuBuilder() { + return new MenuBuilder(); + } + +} -- cgit 1.2.3-korg