diff options
author | vasraz <vasyl.razinkov@est.tech> | 2023-05-25 12:31:58 +0100 |
---|---|---|
committer | Michael Morris <michael.morris@est.tech> | 2023-05-29 11:59:56 +0000 |
commit | 01cde8e3cd095919ba74ac1d5e750e4b6842ae64 (patch) | |
tree | 63cccc399cd0077bb35b5d010796b1de68a94a44 /catalog-be/src/main/java/org/openecomp | |
parent | 342f9f85850667c9c3b8b31283421343b3a23caa (diff) |
Remove need for USER_ID header
Signed-off-by: Vasyl Razinkov <vasyl.razinkov@est.tech>
Change-Id: I5dd1e34343bebec8a26786f402dc2b9b818e7f10
Issue-ID: SDC-4508
Diffstat (limited to 'catalog-be/src/main/java/org/openecomp')
-rw-r--r-- | catalog-be/src/main/java/org/openecomp/sdc/be/filters/ThreadLocalUtils.java | 39 |
1 files changed, 27 insertions, 12 deletions
diff --git a/catalog-be/src/main/java/org/openecomp/sdc/be/filters/ThreadLocalUtils.java b/catalog-be/src/main/java/org/openecomp/sdc/be/filters/ThreadLocalUtils.java index 42b0291c89..13abdd3546 100644 --- a/catalog-be/src/main/java/org/openecomp/sdc/be/filters/ThreadLocalUtils.java +++ b/catalog-be/src/main/java/org/openecomp/sdc/be/filters/ThreadLocalUtils.java @@ -25,10 +25,14 @@ import java.util.List; import java.util.Optional; import java.util.Set; import javax.servlet.http.HttpServletRequest; + +import org.apache.commons.lang3.StringUtils; import org.onap.sdc.security.AuthenticationCookie; import org.onap.sdc.security.IUsersThreadLocalHolder; import org.onap.sdc.security.PortalClient; import org.onap.sdc.security.RestrictionAccessFilterException; +import org.openecomp.sdc.be.config.Configuration; +import org.openecomp.sdc.be.config.ConfigurationManager; import org.openecomp.sdc.be.model.User; import org.openecomp.sdc.be.user.UserBusinessLogic; import org.openecomp.sdc.common.api.Constants; @@ -41,15 +45,15 @@ public class ThreadLocalUtils implements IUsersThreadLocalHolder { private static final Logger log = Logger.getLogger(ThreadLocalUtils.class); @Autowired - PortalClient portalClient; + private PortalClient portalClient; @Autowired - UserBusinessLogic userBusinessLogic; + private UserBusinessLogic userBusinessLogic; @Override public void setUserContext(AuthenticationCookie authenticationCookie) { UserContext userContext; userContext = new UserContext(authenticationCookie.getUserID(), authenticationCookie.getRoles(), authenticationCookie.getFirstName(), - authenticationCookie.getLastName()); + authenticationCookie.getLastName()); ThreadLocalsHolder.setUserContext(userContext); } @@ -59,7 +63,7 @@ public class ThreadLocalUtils implements IUsersThreadLocalHolder { Set<String> roles = null; try { final Optional<String> userRolesFromPortalOptional = portalClient.fetchUserRolesFromPortal(userId); - if (userRolesFromPortalOptional.isPresent()){ + if (userRolesFromPortalOptional.isPresent()) { roles = new HashSet<>(List.of(userRolesFromPortalOptional.get())); } } catch (RestrictionAccessFilterException e) { @@ -74,17 +78,28 @@ public class ThreadLocalUtils implements IUsersThreadLocalHolder { } protected void setUserContextFromDB(HttpServletRequest httpRequest) { - String user_id = httpRequest.getHeader(Constants.USER_ID_HEADER); - //there are some internal request that have no user_id header e.g. healthcheck - if (user_id != null) { - updateUserContext(user_id); - } else { - log.debug("user_id value in req header is null, userContext will not be initialized"); + String userId = httpRequest.getHeader(Constants.USER_ID_HEADER); + final Configuration.BasicAuthConfig basicAuthConf = ConfigurationManager.getConfigurationManager().getConfiguration().getBasicAuth(); + if (StringUtils.isBlank(userId)) { + final String excludedUrls = basicAuthConf.getExcludedUrls(); + //there are some internal request that have no user_id header e.g. healthcheck + if (StringUtils.isBlank(excludedUrls) || !checkForExclusion(excludedUrls, httpRequest.getPathInfo())) { + log.info("UserId is empty"); + userId = "cs0008"; + } else { + log.debug("user_id value in req header is null, userContext will not be initialized"); + return; + } } + updateUserContext(userId); + } + + private boolean checkForExclusion(final String excludedUrls, final String pathInfo) { + return Arrays.stream(excludedUrls.split(";")).anyMatch(s -> s.endsWith(pathInfo)); } - private void updateUserContext(String user_id) { - User user = userBusinessLogic.getUser(user_id, false); + private void updateUserContext(String userId) { + User user = userBusinessLogic.getUser(userId, false); Set<String> roles = new HashSet<>(Arrays.asList(user.getRole())); UserContext userContext = new UserContext(user.getUserId(), roles, user.getFirstName(), user.getLastName()); ThreadLocalsHolder.setUserContext(userContext); |