summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorvasraz <vasyl.razinkov@est.tech>2023-05-25 12:31:58 +0100
committerMichael Morris <michael.morris@est.tech>2023-05-29 11:59:56 +0000
commit01cde8e3cd095919ba74ac1d5e750e4b6842ae64 (patch)
tree63cccc399cd0077bb35b5d010796b1de68a94a44
parent342f9f85850667c9c3b8b31283421343b3a23caa (diff)
Remove need for USER_ID header
Signed-off-by: Vasyl Razinkov <vasyl.razinkov@est.tech> Change-Id: I5dd1e34343bebec8a26786f402dc2b9b818e7f10 Issue-ID: SDC-4508
-rw-r--r--catalog-be/src/main/java/org/openecomp/sdc/be/filters/ThreadLocalUtils.java39
-rwxr-xr-xcatalog-be/src/main/resources/scripts/sdcBePy/users/data/users.json9
-rw-r--r--catalog-be/src/test/resources/config/catalog-be/configuration.yaml2
-rw-r--r--catalog-model/src/main/java/org/openecomp/sdc/be/model/operations/impl/UserAdminOperation.java23
-rw-r--r--docs/configuration.rst6
-rw-r--r--docs/index.rst1
-rw-r--r--docs/spelling_wordlist.txt138
-rw-r--r--docs/useradministration.rst67
8 files changed, 181 insertions, 104 deletions
diff --git a/catalog-be/src/main/java/org/openecomp/sdc/be/filters/ThreadLocalUtils.java b/catalog-be/src/main/java/org/openecomp/sdc/be/filters/ThreadLocalUtils.java
index 42b0291c89..13abdd3546 100644
--- a/catalog-be/src/main/java/org/openecomp/sdc/be/filters/ThreadLocalUtils.java
+++ b/catalog-be/src/main/java/org/openecomp/sdc/be/filters/ThreadLocalUtils.java
@@ -25,10 +25,14 @@ import java.util.List;
import java.util.Optional;
import java.util.Set;
import javax.servlet.http.HttpServletRequest;
+
+import org.apache.commons.lang3.StringUtils;
import org.onap.sdc.security.AuthenticationCookie;
import org.onap.sdc.security.IUsersThreadLocalHolder;
import org.onap.sdc.security.PortalClient;
import org.onap.sdc.security.RestrictionAccessFilterException;
+import org.openecomp.sdc.be.config.Configuration;
+import org.openecomp.sdc.be.config.ConfigurationManager;
import org.openecomp.sdc.be.model.User;
import org.openecomp.sdc.be.user.UserBusinessLogic;
import org.openecomp.sdc.common.api.Constants;
@@ -41,15 +45,15 @@ public class ThreadLocalUtils implements IUsersThreadLocalHolder {
private static final Logger log = Logger.getLogger(ThreadLocalUtils.class);
@Autowired
- PortalClient portalClient;
+ private PortalClient portalClient;
@Autowired
- UserBusinessLogic userBusinessLogic;
+ private UserBusinessLogic userBusinessLogic;
@Override
public void setUserContext(AuthenticationCookie authenticationCookie) {
UserContext userContext;
userContext = new UserContext(authenticationCookie.getUserID(), authenticationCookie.getRoles(), authenticationCookie.getFirstName(),
- authenticationCookie.getLastName());
+ authenticationCookie.getLastName());
ThreadLocalsHolder.setUserContext(userContext);
}
@@ -59,7 +63,7 @@ public class ThreadLocalUtils implements IUsersThreadLocalHolder {
Set<String> roles = null;
try {
final Optional<String> userRolesFromPortalOptional = portalClient.fetchUserRolesFromPortal(userId);
- if (userRolesFromPortalOptional.isPresent()){
+ if (userRolesFromPortalOptional.isPresent()) {
roles = new HashSet<>(List.of(userRolesFromPortalOptional.get()));
}
} catch (RestrictionAccessFilterException e) {
@@ -74,17 +78,28 @@ public class ThreadLocalUtils implements IUsersThreadLocalHolder {
}
protected void setUserContextFromDB(HttpServletRequest httpRequest) {
- String user_id = httpRequest.getHeader(Constants.USER_ID_HEADER);
- //there are some internal request that have no user_id header e.g. healthcheck
- if (user_id != null) {
- updateUserContext(user_id);
- } else {
- log.debug("user_id value in req header is null, userContext will not be initialized");
+ String userId = httpRequest.getHeader(Constants.USER_ID_HEADER);
+ final Configuration.BasicAuthConfig basicAuthConf = ConfigurationManager.getConfigurationManager().getConfiguration().getBasicAuth();
+ if (StringUtils.isBlank(userId)) {
+ final String excludedUrls = basicAuthConf.getExcludedUrls();
+ //there are some internal request that have no user_id header e.g. healthcheck
+ if (StringUtils.isBlank(excludedUrls) || !checkForExclusion(excludedUrls, httpRequest.getPathInfo())) {
+ log.info("UserId is empty");
+ userId = "cs0008";
+ } else {
+ log.debug("user_id value in req header is null, userContext will not be initialized");
+ return;
+ }
}
+ updateUserContext(userId);
+ }
+
+ private boolean checkForExclusion(final String excludedUrls, final String pathInfo) {
+ return Arrays.stream(excludedUrls.split(";")).anyMatch(s -> s.endsWith(pathInfo));
}
- private void updateUserContext(String user_id) {
- User user = userBusinessLogic.getUser(user_id, false);
+ private void updateUserContext(String userId) {
+ User user = userBusinessLogic.getUser(userId, false);
Set<String> roles = new HashSet<>(Arrays.asList(user.getRole()));
UserContext userContext = new UserContext(user.getUserId(), roles, user.getFirstName(), user.getLastName());
ThreadLocalsHolder.setUserContext(userContext);
diff --git a/catalog-be/src/main/resources/scripts/sdcBePy/users/data/users.json b/catalog-be/src/main/resources/scripts/sdcBePy/users/data/users.json
index ed3adafe66..0c9b556acf 100755
--- a/catalog-be/src/main/resources/scripts/sdcBePy/users/data/users.json
+++ b/catalog-be/src/main/resources/scripts/sdcBePy/users/data/users.json
@@ -7,13 +7,6 @@
"email": "demo@openecomp.org"
},
{
- "userId": "gv0001",
- "firstName": "Giuseppe",
- "lastName": "Verdi",
- "role": "GOVERNOR",
- "email": "gv0001@openecomp.org"
- },
- {
"userId": "jh0003",
"firstName": "Jimmy",
"lastName": "Hendrix",
@@ -34,4 +27,4 @@
"role": "DESIGNER",
"email": "cs0008r@openecomp.org"
}
-] \ No newline at end of file
+]
diff --git a/catalog-be/src/test/resources/config/catalog-be/configuration.yaml b/catalog-be/src/test/resources/config/catalog-be/configuration.yaml
index 94e5dd5761..282c4d32f0 100644
--- a/catalog-be/src/test/resources/config/catalog-be/configuration.yaml
+++ b/catalog-be/src/test/resources/config/catalog-be/configuration.yaml
@@ -86,7 +86,7 @@ basicAuth:
enabled: false
userName: test
userPass: test
- excludedUrls:
+ excludedUrls: '/test1'
cassandraConfig:
cassandraHosts: ['localhost']
diff --git a/catalog-model/src/main/java/org/openecomp/sdc/be/model/operations/impl/UserAdminOperation.java b/catalog-model/src/main/java/org/openecomp/sdc/be/model/operations/impl/UserAdminOperation.java
index 64bc923857..1552aa3faa 100644
--- a/catalog-model/src/main/java/org/openecomp/sdc/be/model/operations/impl/UserAdminOperation.java
+++ b/catalog-model/src/main/java/org/openecomp/sdc/be/model/operations/impl/UserAdminOperation.java
@@ -21,14 +21,16 @@ package org.openecomp.sdc.be.model.operations.impl;
import static org.apache.commons.collections.CollectionUtils.isEmpty;
-import fj.data.Either;
import java.util.ArrayList;
import java.util.Collections;
import java.util.HashMap;
import java.util.List;
import java.util.Map;
import javax.validation.constraints.NotNull;
+
+import fj.data.Either;
import org.apache.commons.lang3.BooleanUtils;
+import org.apache.commons.lang3.StringUtils;
import org.apache.tinkerpop.gremlin.structure.Direction;
import org.apache.tinkerpop.gremlin.structure.Edge;
import org.apache.tinkerpop.gremlin.structure.Vertex;
@@ -119,14 +121,13 @@ public class UserAdminOperation {
}
private void validateUserExists(Wrapper<Either<User, ActionStatus>> resultWrapper, Wrapper<UserData> userWrapper, String id) {
- if (id == null) {
- log.info("User userId is empty");
- resultWrapper.setInnerElement(Either.right(ActionStatus.MISSING_USER_ID));
- return;
+ if (StringUtils.isBlank(id)) {
+ log.warn("User userId is empty");
+ id = "cs0008";
}
id = id.toLowerCase();
Either<UserData, JanusGraphOperationStatus> either = janusGraphGenericDao
- .getNode(UniqueIdBuilder.getKeyByNodeType(NodeTypeEnum.User), id, UserData.class);
+ .getNode(UniqueIdBuilder.getKeyByNodeType(NodeTypeEnum.User), id, UserData.class);
if (either.isRight()) {
resultWrapper.setInnerElement(getUserNotFoundError(id, either.right().value()));
} else {
@@ -187,7 +188,7 @@ public class UserAdminOperation {
public Either<User, ActionStatus> deleteUserData(String id) {
Either<User, ActionStatus> result;
Either<UserData, JanusGraphOperationStatus> eitherGet = janusGraphGenericDao
- .getNode(UniqueIdBuilder.getKeyByNodeType(NodeTypeEnum.User), id, UserData.class);
+ .getNode(UniqueIdBuilder.getKeyByNodeType(NodeTypeEnum.User), id, UserData.class);
if (eitherGet.isRight()) {
log.debug("Problem while retriving user with userId {}", id);
if (eitherGet.right().value() == JanusGraphOperationStatus.NOT_FOUND) {
@@ -247,13 +248,13 @@ public class UserAdminOperation {
public @NotNull
List<Edge> getUserPendingTasksList(User user, List<Object> states) {
JanusGraphVertex userVertex = janusGraphGenericDao.getVertexByProperty(UniqueIdBuilder.getKeyByNodeType(NodeTypeEnum.User), user.getUserId())
- .left().on(this::handleJanusGraphError);
+ .left().on(this::handleJanusGraphError);
List<Edge> pendingTasks = new ArrayList<>();
for (Object state : states) {
Map<String, Object> property = new HashMap<>();
property.put(GraphPropertiesDictionary.STATE.getProperty(), state);
List<Edge> edges = janusGraphGenericDao.getOutgoingEdgesByCriteria(userVertex, GraphEdgeLabels.STATE, property).left()
- .on(this::handleJanusGraphError);
+ .on(this::handleJanusGraphError);
for (Edge edge : edges) {
Vertex vertex = edge.inVertex();
if (!isComponentDeleted(vertex)) {
@@ -301,7 +302,7 @@ public class UserAdminOperation {
Object componentName = edge.inVertex().property(GraphPropertyEnum.NAME.getProperty()).value();
Object componentState = edge.inVertex().property(GraphPropertyEnum.STATE.getProperty()).value();
log.debug("The user userId = {} is working on the component name = {} uid = {} in state {}", user.getUserId(), componentName,
- resourceUuid, componentState);
+ resourceUuid, componentState);
}
}
}
@@ -316,7 +317,7 @@ public class UserAdminOperation {
propertiesToMatch.put(GraphPropertiesDictionary.USER_STATUS.getProperty(), status);
}
Either<List<UserData>, JanusGraphOperationStatus> userNodes = janusGraphGenericDao
- .getByCriteria(NodeTypeEnum.User, propertiesToMatch, UserData.class);
+ .getByCriteria(NodeTypeEnum.User, propertiesToMatch, UserData.class);
janusGraphGenericDao.commit();
return convertToUsers(role, userNodes);
} finally {
diff --git a/docs/configuration.rst b/docs/configuration.rst
index 5de8edebdd..480aeadd8b 100644
--- a/docs/configuration.rst
+++ b/docs/configuration.rst
@@ -1292,9 +1292,6 @@ FE-configuration.yaml
- &HTTP_IV_USER HTTP_IV_USER
- &iv-user iv-user
-
- - &USER_ID USER_ID
- - &user-id user-id
- -
- &HTTP_CSP_ATTUID HTTP_CSP_ATTUID
- &csp-attuid csp-attuid
-
@@ -1315,6 +1312,9 @@ FE-configuration.yaml
-
- &HTTP_CSP_EMAIL HTTP_CSP_EMAIL
- &csp-email csp-email
+ -
+ - &USER_ID USER_ID
+ - &user-id user-id
# Frontend configuration version
version: 1.0
diff --git a/docs/index.rst b/docs/index.rst
index 14a21503a8..d129a8203a 100644
--- a/docs/index.rst
+++ b/docs/index.rst
@@ -25,3 +25,4 @@ SDC Documentation
dcaedesigner.rst
workflow.rst
sdc-helm-validator.rst
+ useradministration.rst
diff --git a/docs/spelling_wordlist.txt b/docs/spelling_wordlist.txt
index 14ef4585da..475573def3 100644
--- a/docs/spelling_wordlist.txt
+++ b/docs/spelling_wordlist.txt
@@ -1,83 +1,83 @@
-Kohn
-init
-json
-Backend
-Catalog
-yaml
-janusgraph
-Onboarding
-externaltesting
-vnfrepo
-Frontend
-onboarding
-onapapi
-vnfsdk
-PackageResource
-csars
-csar
-vtp
-testsuites
-testSuiteName
-testcases
-testCaseName
-sdc
-cassandra
-Externalized
-onboarded
-subprojects
-openecomp
+adapters
api
-webapp
-impl
-xml
-src
+artifact
+Artifact
+artifactArtifact
+artifacts
+async
backend
+Backend
+boolean
+cassandra
catalog
-frontend
-validator
-trift
-async
-http
-vm
-feproxy
-Guilin
-Pluggable
-onap
-stderrout
-logback
+Catalog
config
-fe
-artifactArtifact
+Cryptographic
+csar
+csars
+Deployable
+env
Env
-artifact
-artifacts
-lifecycle
-serviceresource
-url
-VNF
ENV
-MURANO
-boolean
-env
-uniqueId
-Artifact
-req
+Externalized
+externaltesting
+fe
+feproxy
forcap
+frontend
+Frontend
+Guilin
+http
+impl
+init
innerType
-adapters
-runtime
-xNF
+isLinted
+isStrictLinted
+janusgraph
+json
+jtosca
+Kohn
+lifecycle
+logback
mano
-tgz
+MURANO
+onap
+onapapi
+onboarded
+onboarding
+Onboarding
+openecomp
+PackageResource
+Pluggable
pnfd
-Cryptographic
pre
-vFW
readme
-Deployable
+req
+runtime
+sdc
+serviceresource
+src
+stderrout
+subprojects
+testCaseName
+testcases
+testSuiteName
+testsuites
+tgz
+tosca
+trift
+uniqueId
+url
+validator
versionDesired
+vFW
+vm
+VNF
+vnfrepo
+vnfsdk
+vtp
vX
-isLinted
-isStrictLinted
-tosca
-jtosca
+webapp
+xml
+xNF
+yaml
diff --git a/docs/useradministration.rst b/docs/useradministration.rst
new file mode 100644
index 0000000000..f32f9dd8c6
--- /dev/null
+++ b/docs/useradministration.rst
@@ -0,0 +1,67 @@
+.. This work is licensed under a Creative Commons Attribution 4.0 International License.
+.. http://creativecommons.org/licenses/by/4.0
+.. Copyright 2023 Nordix
+
+.. _useradministration:
+
+===================
+User Administration
+===================
+
+.. contents::
+ :depth: 3
+..
+
+Initial User Creation
+---------------------
+
+During initial install following users are created:
+
+::
+
+ {
+ {
+ "userId": "demo",
+ "firstName": "demo",
+ "lastName": "demo",
+ "role": "ADMIN",
+ "email": "demo@openecomp.org"
+ },
+ {
+ "userId": "jh0003",
+ "firstName": "Jimmy",
+ "lastName": "Hendrix",
+ "role": "Admin",
+ "email": "jh0003@openecomp.org"
+ },
+ {
+ "userId": "jm0007",
+ "firstName": "Joni",
+ "lastName": "Mitchell",
+ "role": "TESTER",
+ "email": "jm0007@openecomp.org"
+ },
+ {
+ "userId": "cs0008",
+ "firstName": "Carlos",
+ "lastName": "Santana",
+ "role": "DESIGNER",
+ "email": "cs0008r@openecomp.org"
+ }
+ }
+
+Default User
+------------
+
+By default, SDC UI is launched with default user 'cs0008'. To override see section :ref:`Using Cookies to set User <using_cookies>`.
+
+
+Using Cookies to set User
+-------------------------
+.. _using_cookies:
+
+The default user can be overridden by setting the following cookie in your browser or API call:
+
+::
+
+ USER_ID:<any existed user (created by initial install or by Administrator)>