diff options
Diffstat (limited to 'vid-app-common/src/main/java/org/openecomp/vid/roles')
4 files changed, 172 insertions, 0 deletions
diff --git a/vid-app-common/src/main/java/org/openecomp/vid/roles/EcompRole.java b/vid-app-common/src/main/java/org/openecomp/vid/roles/EcompRole.java new file mode 100644 index 00000000..5242f5aa --- /dev/null +++ b/vid-app-common/src/main/java/org/openecomp/vid/roles/EcompRole.java @@ -0,0 +1,5 @@ +package org.openecomp.vid.roles; + +public enum EcompRole { + READ; +} diff --git a/vid-app-common/src/main/java/org/openecomp/vid/roles/Role.java b/vid-app-common/src/main/java/org/openecomp/vid/roles/Role.java new file mode 100644 index 00000000..d4ded530 --- /dev/null +++ b/vid-app-common/src/main/java/org/openecomp/vid/roles/Role.java @@ -0,0 +1,48 @@ +package org.openecomp.vid.roles; + + +/** + * Created by Oren on 7/1/17. + */ +public class Role { + + private EcompRole ecompRole; + + private String subscribeName; + + private String serviceType; + + private String tenant; + + public Role(EcompRole ecompRole, String serviceName, String serviceType, String tenant) { + this.ecompRole = ecompRole; + this.subscribeName = serviceName; + this.serviceType = serviceType; + this.tenant = tenant; + } + + public EcompRole getEcompRole() { + return ecompRole; + } + + + public String getSubscribeName() { + return subscribeName; + } + + public void setSubscribeName(String subscribeName) { + this.subscribeName = subscribeName; + } + + public String getServiceType() { + return serviceType; + } + + + public String getTenant() { + return tenant; + } + + + +} diff --git a/vid-app-common/src/main/java/org/openecomp/vid/roles/RoleProvider.java b/vid-app-common/src/main/java/org/openecomp/vid/roles/RoleProvider.java new file mode 100644 index 00000000..99645a10 --- /dev/null +++ b/vid-app-common/src/main/java/org/openecomp/vid/roles/RoleProvider.java @@ -0,0 +1,62 @@ +package org.openecomp.vid.roles; + +import org.openecomp.portalsdk.core.logging.logic.EELFLoggerDelegate; +import org.openecomp.portalsdk.core.web.support.UserUtils; + +import javax.servlet.http.HttpServletRequest; +import java.util.ArrayList; +import java.util.HashMap; +import java.util.List; + +/** + * Created by Oren on 7/1/17. + */ +public class RoleProvider { + + private static final EELFLoggerDelegate LOG = EELFLoggerDelegate.getLogger(RoleProvider.class); + final String readPermissionString = "read"; + + public static List<String> extractRoleFromSession(HttpServletRequest request) { + + return new ArrayList<String>(); + + } + + public List<Role> getUserRoles(HttpServletRequest request) { + List<Role> roleList = new ArrayList<>(); + HashMap roles = UserUtils.getRoles(request); + for (Object role : roles.keySet()) { + org.openecomp.portalsdk.core.domain.Role sdkRol = (org.openecomp.portalsdk.core.domain.Role) roles.get(role); + try { + if (sdkRol.getName().contains(readPermissionString)) + continue; + String[] roleParts = splitRole((sdkRol.getName())); + roleList.add(createRoleFromStringArr(roleParts)); + } catch (Exception e) { + LOG.error("Failed to parse permission", e); + + } + } + + return roleList; + } + + public String[] splitRole(String roleAsString) { + return roleAsString.split("_"); + } + + public boolean userPermissionIsReadOnly(List<Role> roles) { + + return (!(roles.size() > 0)); + } + + public Role createRoleFromStringArr(String[] roleParts) { + if (roleParts.length > 2) { + return new Role(EcompRole.READ, roleParts[0], roleParts[1], roleParts[2]); + } else { + return new Role(EcompRole.READ, roleParts[0], roleParts[1], null); + } + } + +} + diff --git a/vid-app-common/src/main/java/org/openecomp/vid/roles/RoleValidator.java b/vid-app-common/src/main/java/org/openecomp/vid/roles/RoleValidator.java new file mode 100644 index 00000000..e26c5231 --- /dev/null +++ b/vid-app-common/src/main/java/org/openecomp/vid/roles/RoleValidator.java @@ -0,0 +1,57 @@ +package org.openecomp.vid.roles; + +import org.openecomp.vid.mso.rest.RequestDetails; + +import java.util.List; +import java.util.Map; + +/** + * Created by Oren on 7/12/17. + */ +public class RoleValidator { + + private List<Role> userRoles; + + public RoleValidator(List<Role> roles) { + this.userRoles = roles; + } + + public boolean isSubscriberPermitted(String subscriberName) { + for (Role role : userRoles) { + if (role.getSubscribeName().equals(subscriberName)) + return true; + } + return false; + } + + public boolean isServicePermitted(String subscriberName, String serviceType) { + for (Role role : userRoles) { + if (role.getSubscribeName().equals(subscriberName) && role.getServiceType().equals(serviceType)) + return true; + } + return false; + } + + public boolean isMsoRequestValid(RequestDetails mso_request) { + try { + String globalSubscriberIdRequested = (String) ((Map) ((Map) mso_request.getAdditionalProperties().get("requestDetails")).get("subscriberInfo")).get("globalSubscriberId"); + String serviceType = (String) ((Map) ((Map) mso_request.getAdditionalProperties().get("requestDetails")).get("requestParameters")).get("subscriptionServiceType"); + return isServicePermitted(globalSubscriberIdRequested, serviceType); + } catch (Exception e) { + //Until we'll get the exact information regarding the tenants and the global customer id, we'll return true on unknown requests to mso + return true; + } +// return false; + } + + public boolean isTenantPermitted(String globalCustomerId, String serviceType, String tenant) { + for (Role role : userRoles) { + if (role.getSubscribeName().equals(globalCustomerId) + && role.getServiceType().equals(serviceType) + && (role.getTenant() == null || role.getTenant().equals(tenant))) { + return true; + } + } + return false; + } +} |