Remove need for USER_ID header

Signed-off-by: Vasyl Razinkov <vasyl.razinkov@est.tech> Change-Id: I5dd1e34343bebec8a26786f402dc2b9b818e7f10 Issue-ID: SDC-4508 (cherry picked from commit 01cde8e3cd095919ba74ac1d5e750e4b6842ae64)
author: vasraz <vasyl.razinkov@est.tech> 2023-05-25 12:31:58 +0100
committer: Vasyl Razinkov <vasyl.razinkov@est.tech> 2023-05-29 13:31:18 +0000
commit: 1b0e69117a85ada58e5c6642b47962293e3f8af1 (patch)
tree: 1fb5a98b7e7b2915043ac638f659bf8788bd1edf
parent: 79d071d42c2016c1bddd5a8a177fb2b462889134 (diff)
8 files changed, 181 insertions, 104 deletions
diff --git a/catalog-be/src/main/java/org/openecomp/sdc/be/filters/ThreadLocalUtils.java b/catalog-be/src/main/java/org/openecomp/sdc/be/filters/ThreadLocalUtils.java
index 42b0291c89..13abdd3546 100644
--- a/catalog-be/src/main/java/org/openecomp/sdc/be/filters/ThreadLocalUtils.java
+++ b/catalog-be/src/main/java/org/openecomp/sdc/be/filters/ThreadLocalUtils.java
@@ -25,10 +25,14 @@ import java.util.List;
 import java.util.Optional;
 import java.util.Set;
 import javax.servlet.http.HttpServletRequest;
+
+import org.apache.commons.lang3.StringUtils;
 import org.onap.sdc.security.AuthenticationCookie;
 import org.onap.sdc.security.IUsersThreadLocalHolder;
 import org.onap.sdc.security.PortalClient;
 import org.onap.sdc.security.RestrictionAccessFilterException;
+import org.openecomp.sdc.be.config.Configuration;
+import org.openecomp.sdc.be.config.ConfigurationManager;
 import org.openecomp.sdc.be.model.User;
 import org.openecomp.sdc.be.user.UserBusinessLogic;
 import org.openecomp.sdc.common.api.Constants;
@@ -41,15 +45,15 @@ public class ThreadLocalUtils implements IUsersThreadLocalHolder {
 
     private static final Logger log = Logger.getLogger(ThreadLocalUtils.class);
     @Autowired
-    PortalClient portalClient;
+    private PortalClient portalClient;
     @Autowired
-    UserBusinessLogic userBusinessLogic;
+    private UserBusinessLogic userBusinessLogic;
 
     @Override
     public void setUserContext(AuthenticationCookie authenticationCookie) {
         UserContext userContext;
         userContext = new UserContext(authenticationCookie.getUserID(), authenticationCookie.getRoles(), authenticationCookie.getFirstName(),
-            authenticationCookie.getLastName());
+                authenticationCookie.getLastName());
         ThreadLocalsHolder.setUserContext(userContext);
     }
 
@@ -59,7 +63,7 @@ public class ThreadLocalUtils implements IUsersThreadLocalHolder {
             Set<String> roles = null;
             try {
                 final Optional<String> userRolesFromPortalOptional = portalClient.fetchUserRolesFromPortal(userId);
-                if (userRolesFromPortalOptional.isPresent()){
+                if (userRolesFromPortalOptional.isPresent()) {
                     roles = new HashSet<>(List.of(userRolesFromPortalOptional.get()));
                 }
             } catch (RestrictionAccessFilterException e) {
@@ -74,17 +78,28 @@ public class ThreadLocalUtils implements IUsersThreadLocalHolder {
     }
 
     protected void setUserContextFromDB(HttpServletRequest httpRequest) {
-        String user_id = httpRequest.getHeader(Constants.USER_ID_HEADER);
-        //there are some internal request that have no user_id header e.g. healthcheck
-        if (user_id != null) {
-            updateUserContext(user_id);
-        } else {
-            log.debug("user_id value in req header is null, userContext will not be initialized");
+        String userId = httpRequest.getHeader(Constants.USER_ID_HEADER);
+        final Configuration.BasicAuthConfig basicAuthConf = ConfigurationManager.getConfigurationManager().getConfiguration().getBasicAuth();
+        if (StringUtils.isBlank(userId)) {
+            final String excludedUrls = basicAuthConf.getExcludedUrls();
+            //there are some internal request that have no user_id header e.g. healthcheck
+            if (StringUtils.isBlank(excludedUrls) || !checkForExclusion(excludedUrls, httpRequest.getPathInfo())) {
+                log.info("UserId is empty");
+                userId = "cs0008";
+            } else {
+                log.debug("user_id value in req header is null, userContext will not be initialized");
+                return;
+            }
         }
+        updateUserContext(userId);
+    }
+
+    private boolean checkForExclusion(final String excludedUrls, final String pathInfo) {
+        return Arrays.stream(excludedUrls.split(";")).anyMatch(s -> s.endsWith(pathInfo));
     }
 
-    private void updateUserContext(String user_id) {
-        User user = userBusinessLogic.getUser(user_id, false);
+    private void updateUserContext(String userId) {
+        User user = userBusinessLogic.getUser(userId, false);
         Set<String> roles = new HashSet<>(Arrays.asList(user.getRole()));
         UserContext userContext = new UserContext(user.getUserId(), roles, user.getFirstName(), user.getLastName());
         ThreadLocalsHolder.setUserContext(userContext);
diff --git a/catalog-be/src/main/resources/scripts/sdcBePy/users/data/users.json b/catalog-be/src/main/resources/scripts/sdcBePy/users/data/users.json
index ed3adafe66..0c9b556acf 100755
--- a/catalog-be/src/main/resources/scripts/sdcBePy/users/data/users.json
+++ b/catalog-be/src/main/resources/scripts/sdcBePy/users/data/users.json
@@ -7,13 +7,6 @@
     "email": "demo@openecomp.org"
   },
   {
-    "userId": "gv0001",
-    "firstName": "Giuseppe",
-    "lastName": "Verdi",
-    "role": "GOVERNOR",
-    "email": "gv0001@openecomp.org"
-  },
-  {
     "userId": "jh0003",
     "firstName": "Jimmy",
     "lastName": "Hendrix",
@@ -34,4 +27,4 @@
     "role": "DESIGNER",
     "email": "cs0008r@openecomp.org"
   }
-]
-\ No newline at end of file
+]
diff --git a/catalog-be/src/test/resources/config/catalog-be/configuration.yaml b/catalog-be/src/test/resources/config/catalog-be/configuration.yaml
index 94e5dd5761..282c4d32f0 100644
--- a/catalog-be/src/test/resources/config/catalog-be/configuration.yaml
+++ b/catalog-be/src/test/resources/config/catalog-be/configuration.yaml
@@ -86,7 +86,7 @@ basicAuth:
   enabled: false
   userName: test
   userPass: test
-  excludedUrls:
+  excludedUrls: '/test1'
 
 cassandraConfig:
     cassandraHosts: ['localhost']
diff --git a/catalog-model/src/main/java/org/openecomp/sdc/be/model/operations/impl/UserAdminOperation.java b/catalog-model/src/main/java/org/openecomp/sdc/be/model/operations/impl/UserAdminOperation.java
index 64bc923857..1552aa3faa 100644
--- a/catalog-model/src/main/java/org/openecomp/sdc/be/model/operations/impl/UserAdminOperation.java
+++ b/catalog-model/src/main/java/org/openecomp/sdc/be/model/operations/impl/UserAdminOperation.java
@@ -21,14 +21,16 @@ package org.openecomp.sdc.be.model.operations.impl;
 
 import static org.apache.commons.collections.CollectionUtils.isEmpty;
 
-import fj.data.Either;
 import java.util.ArrayList;
 import java.util.Collections;
 import java.util.HashMap;
 import java.util.List;
 import java.util.Map;
 import javax.validation.constraints.NotNull;
+
+import fj.data.Either;
 import org.apache.commons.lang3.BooleanUtils;
+import org.apache.commons.lang3.StringUtils;
 import org.apache.tinkerpop.gremlin.structure.Direction;
 import org.apache.tinkerpop.gremlin.structure.Edge;
 import org.apache.tinkerpop.gremlin.structure.Vertex;
@@ -119,14 +121,13 @@ public class UserAdminOperation {
     }
 
     private void validateUserExists(Wrapper<Either<User, ActionStatus>> resultWrapper, Wrapper<UserData> userWrapper, String id) {
-        if (id == null) {
-            log.info("User userId  is empty");
-            resultWrapper.setInnerElement(Either.right(ActionStatus.MISSING_USER_ID));
-            return;
+        if (StringUtils.isBlank(id)) {
+            log.warn("User userId is empty");
+            id = "cs0008";
         }
         id = id.toLowerCase();
         Either<UserData, JanusGraphOperationStatus> either = janusGraphGenericDao
-            .getNode(UniqueIdBuilder.getKeyByNodeType(NodeTypeEnum.User), id, UserData.class);
+                .getNode(UniqueIdBuilder.getKeyByNodeType(NodeTypeEnum.User), id, UserData.class);
         if (either.isRight()) {
             resultWrapper.setInnerElement(getUserNotFoundError(id, either.right().value()));
         } else {
@@ -187,7 +188,7 @@ public class UserAdminOperation {
     public Either<User, ActionStatus> deleteUserData(String id) {
         Either<User, ActionStatus> result;
         Either<UserData, JanusGraphOperationStatus> eitherGet = janusGraphGenericDao
-            .getNode(UniqueIdBuilder.getKeyByNodeType(NodeTypeEnum.User), id, UserData.class);
+                .getNode(UniqueIdBuilder.getKeyByNodeType(NodeTypeEnum.User), id, UserData.class);
         if (eitherGet.isRight()) {
             log.debug("Problem while retriving user with userId {}", id);
             if (eitherGet.right().value() == JanusGraphOperationStatus.NOT_FOUND) {
@@ -247,13 +248,13 @@ public class UserAdminOperation {
     public @NotNull
     List<Edge> getUserPendingTasksList(User user, List<Object> states) {
         JanusGraphVertex userVertex = janusGraphGenericDao.getVertexByProperty(UniqueIdBuilder.getKeyByNodeType(NodeTypeEnum.User), user.getUserId())
-            .left().on(this::handleJanusGraphError);
+                .left().on(this::handleJanusGraphError);
         List<Edge> pendingTasks = new ArrayList<>();
         for (Object state : states) {
             Map<String, Object> property = new HashMap<>();
             property.put(GraphPropertiesDictionary.STATE.getProperty(), state);
             List<Edge> edges = janusGraphGenericDao.getOutgoingEdgesByCriteria(userVertex, GraphEdgeLabels.STATE, property).left()
-                .on(this::handleJanusGraphError);
+                    .on(this::handleJanusGraphError);
             for (Edge edge : edges) {
                 Vertex vertex = edge.inVertex();
                 if (!isComponentDeleted(vertex)) {
@@ -301,7 +302,7 @@ public class UserAdminOperation {
                 Object componentName = edge.inVertex().property(GraphPropertyEnum.NAME.getProperty()).value();
                 Object componentState = edge.inVertex().property(GraphPropertyEnum.STATE.getProperty()).value();
                 log.debug("The user userId = {} is working on the component name = {} uid = {} in state {}", user.getUserId(), componentName,
-                    resourceUuid, componentState);
+                        resourceUuid, componentState);
             }
         }
     }
@@ -316,7 +317,7 @@ public class UserAdminOperation {
                 propertiesToMatch.put(GraphPropertiesDictionary.USER_STATUS.getProperty(), status);
             }
             Either<List<UserData>, JanusGraphOperationStatus> userNodes = janusGraphGenericDao
-                .getByCriteria(NodeTypeEnum.User, propertiesToMatch, UserData.class);
+                    .getByCriteria(NodeTypeEnum.User, propertiesToMatch, UserData.class);
             janusGraphGenericDao.commit();
             return convertToUsers(role, userNodes);
         } finally {
diff --git a/docs/configuration.rst b/docs/configuration.rst
index 5de8edebdd..480aeadd8b 100644
--- a/docs/configuration.rst
+++ b/docs/configuration.rst
@@ -1292,9 +1292,6 @@ FE-configuration.yaml
             - &HTTP_IV_USER HTTP_IV_USER
             - &iv-user iv-user
         -
-            - &USER_ID USER_ID
-            - &user-id user-id
-        -
             - &HTTP_CSP_ATTUID HTTP_CSP_ATTUID
             - &csp-attuid csp-attuid
         -
@@ -1315,6 +1312,9 @@ FE-configuration.yaml
         -
             - &HTTP_CSP_EMAIL HTTP_CSP_EMAIL
             - &csp-email csp-email
+        -
+            - &USER_ID USER_ID
+            - &user-id user-id
 
     # Frontend configuration version
     version: 1.0
diff --git a/docs/index.rst b/docs/index.rst
index 14a21503a8..d129a8203a 100644
--- a/docs/index.rst
+++ b/docs/index.rst
@@ -25,3 +25,4 @@ SDC Documentation
    dcaedesigner.rst
    workflow.rst
    sdc-helm-validator.rst
+   useradministration.rst
diff --git a/docs/spelling_wordlist.txt b/docs/spelling_wordlist.txt
index 14ef4585da..475573def3 100644
--- a/docs/spelling_wordlist.txt
+++ b/docs/spelling_wordlist.txt
@@ -1,83 +1,83 @@
-Kohn
-init
-json
-Backend
-Catalog
-yaml
-janusgraph
-Onboarding
-externaltesting
-vnfrepo
-Frontend
-onboarding
-onapapi
-vnfsdk
-PackageResource
-csars
-csar
-vtp
-testsuites
-testSuiteName
-testcases
-testCaseName
-sdc
-cassandra
-Externalized
-onboarded
-subprojects
-openecomp
+adapters
 api
-webapp
-impl
-xml
-src
+artifact
+Artifact
+artifactArtifact
+artifacts
+async
 backend
+Backend
+boolean
+cassandra
 catalog
-frontend
-validator
-trift
-async
-http
-vm
-feproxy
-Guilin
-Pluggable
-onap
-stderrout
-logback
+Catalog
 config
-fe
-artifactArtifact
+Cryptographic
+csar
+csars
+Deployable
+env
 Env
-artifact
-artifacts
-lifecycle
-serviceresource
-url
-VNF
 ENV
-MURANO
-boolean
-env
-uniqueId
-Artifact
-req
+Externalized
+externaltesting
+fe
+feproxy
 forcap
+frontend
+Frontend
+Guilin
+http
+impl
+init
 innerType
-adapters
-runtime
-xNF
+isLinted
+isStrictLinted
+janusgraph
+json
+jtosca
+Kohn
+lifecycle
+logback
 mano
-tgz
+MURANO
+onap
+onapapi
+onboarded
+onboarding
+Onboarding
+openecomp
+PackageResource
+Pluggable
 pnfd
-Cryptographic
 pre
-vFW
 readme
-Deployable
+req
+runtime
+sdc
+serviceresource
+src
+stderrout
+subprojects
+testCaseName
+testcases
+testSuiteName
+testsuites
+tgz
+tosca
+trift
+uniqueId
+url
+validator
 versionDesired
+vFW
+vm
+VNF
+vnfrepo
+vnfsdk
+vtp
 vX
-isLinted
-isStrictLinted
-tosca
-jtosca
+webapp
+xml
+xNF
+yaml
diff --git a/docs/useradministration.rst b/docs/useradministration.rst
new file mode 100644
index 0000000000..f32f9dd8c6
--- /dev/null
+++ b/docs/useradministration.rst
@@ -0,0 +1,67 @@
+.. This work is licensed under a Creative Commons Attribution 4.0 International License.
+.. http://creativecommons.org/licenses/by/4.0
+.. Copyright 2023 Nordix
+
+.. _useradministration:
+
+===================
+User Administration
+===================
+
+.. contents::
+   :depth: 3
+..
+
+Initial User Creation
+---------------------
+
+During initial install following users are created:
+
+::
+
+    {
+      {
+        "userId": "demo",
+        "firstName": "demo",
+        "lastName": "demo",
+        "role": "ADMIN",
+        "email": "demo@openecomp.org"
+      },
+      {
+        "userId": "jh0003",
+        "firstName": "Jimmy",
+        "lastName": "Hendrix",
+        "role": "Admin",
+        "email": "jh0003@openecomp.org"
+      },
+      {
+        "userId": "jm0007",
+        "firstName": "Joni",
+        "lastName": "Mitchell",
+        "role": "TESTER",
+        "email": "jm0007@openecomp.org"
+      },
+      {
+        "userId": "cs0008",
+        "firstName": "Carlos",
+        "lastName": "Santana",
+        "role": "DESIGNER",
+        "email": "cs0008r@openecomp.org"
+      }
+    }
+
+Default User
+------------
+
+By default, SDC UI is launched with default user 'cs0008'. To override see section :ref:`Using Cookies to set User <using_cookies>`.
+
+
+Using Cookies to set User
+-------------------------
+.. _using_cookies:
+
+The default user can be overridden by setting the following cookie in your browser or API call:
+
+::
+
+    USER_ID:<any existed user (created by initial install or by Administrator)>
author	vasraz <vasyl.razinkov@est.tech>	2023-05-25 12:31:58 +0100
committer	Vasyl Razinkov <vasyl.razinkov@est.tech>	2023-05-29 13:31:18 +0000
commit	1b0e69117a85ada58e5c6642b47962293e3f8af1 (patch)
tree	1fb5a98b7e7b2915043ac638f659bf8788bd1edf
parent	79d071d42c2016c1bddd5a8a177fb2b462889134 (diff)