summaryrefslogtreecommitdiffstats
path: root/catalog-be/src/main/java
diff options
context:
space:
mode:
authorvasraz <vasyl.razinkov@est.tech>2023-05-25 12:31:58 +0100
committerMichael Morris <michael.morris@est.tech>2023-05-29 11:59:56 +0000
commit01cde8e3cd095919ba74ac1d5e750e4b6842ae64 (patch)
tree63cccc399cd0077bb35b5d010796b1de68a94a44 /catalog-be/src/main/java
parent342f9f85850667c9c3b8b31283421343b3a23caa (diff)
Remove need for USER_ID header
Signed-off-by: Vasyl Razinkov <vasyl.razinkov@est.tech> Change-Id: I5dd1e34343bebec8a26786f402dc2b9b818e7f10 Issue-ID: SDC-4508
Diffstat (limited to 'catalog-be/src/main/java')
-rw-r--r--catalog-be/src/main/java/org/openecomp/sdc/be/filters/ThreadLocalUtils.java39
1 files changed, 27 insertions, 12 deletions
diff --git a/catalog-be/src/main/java/org/openecomp/sdc/be/filters/ThreadLocalUtils.java b/catalog-be/src/main/java/org/openecomp/sdc/be/filters/ThreadLocalUtils.java
index 42b0291c89..13abdd3546 100644
--- a/catalog-be/src/main/java/org/openecomp/sdc/be/filters/ThreadLocalUtils.java
+++ b/catalog-be/src/main/java/org/openecomp/sdc/be/filters/ThreadLocalUtils.java
@@ -25,10 +25,14 @@ import java.util.List;
import java.util.Optional;
import java.util.Set;
import javax.servlet.http.HttpServletRequest;
+
+import org.apache.commons.lang3.StringUtils;
import org.onap.sdc.security.AuthenticationCookie;
import org.onap.sdc.security.IUsersThreadLocalHolder;
import org.onap.sdc.security.PortalClient;
import org.onap.sdc.security.RestrictionAccessFilterException;
+import org.openecomp.sdc.be.config.Configuration;
+import org.openecomp.sdc.be.config.ConfigurationManager;
import org.openecomp.sdc.be.model.User;
import org.openecomp.sdc.be.user.UserBusinessLogic;
import org.openecomp.sdc.common.api.Constants;
@@ -41,15 +45,15 @@ public class ThreadLocalUtils implements IUsersThreadLocalHolder {
private static final Logger log = Logger.getLogger(ThreadLocalUtils.class);
@Autowired
- PortalClient portalClient;
+ private PortalClient portalClient;
@Autowired
- UserBusinessLogic userBusinessLogic;
+ private UserBusinessLogic userBusinessLogic;
@Override
public void setUserContext(AuthenticationCookie authenticationCookie) {
UserContext userContext;
userContext = new UserContext(authenticationCookie.getUserID(), authenticationCookie.getRoles(), authenticationCookie.getFirstName(),
- authenticationCookie.getLastName());
+ authenticationCookie.getLastName());
ThreadLocalsHolder.setUserContext(userContext);
}
@@ -59,7 +63,7 @@ public class ThreadLocalUtils implements IUsersThreadLocalHolder {
Set<String> roles = null;
try {
final Optional<String> userRolesFromPortalOptional = portalClient.fetchUserRolesFromPortal(userId);
- if (userRolesFromPortalOptional.isPresent()){
+ if (userRolesFromPortalOptional.isPresent()) {
roles = new HashSet<>(List.of(userRolesFromPortalOptional.get()));
}
} catch (RestrictionAccessFilterException e) {
@@ -74,17 +78,28 @@ public class ThreadLocalUtils implements IUsersThreadLocalHolder {
}
protected void setUserContextFromDB(HttpServletRequest httpRequest) {
- String user_id = httpRequest.getHeader(Constants.USER_ID_HEADER);
- //there are some internal request that have no user_id header e.g. healthcheck
- if (user_id != null) {
- updateUserContext(user_id);
- } else {
- log.debug("user_id value in req header is null, userContext will not be initialized");
+ String userId = httpRequest.getHeader(Constants.USER_ID_HEADER);
+ final Configuration.BasicAuthConfig basicAuthConf = ConfigurationManager.getConfigurationManager().getConfiguration().getBasicAuth();
+ if (StringUtils.isBlank(userId)) {
+ final String excludedUrls = basicAuthConf.getExcludedUrls();
+ //there are some internal request that have no user_id header e.g. healthcheck
+ if (StringUtils.isBlank(excludedUrls) || !checkForExclusion(excludedUrls, httpRequest.getPathInfo())) {
+ log.info("UserId is empty");
+ userId = "cs0008";
+ } else {
+ log.debug("user_id value in req header is null, userContext will not be initialized");
+ return;
+ }
}
+ updateUserContext(userId);
+ }
+
+ private boolean checkForExclusion(final String excludedUrls, final String pathInfo) {
+ return Arrays.stream(excludedUrls.split(";")).anyMatch(s -> s.endsWith(pathInfo));
}
- private void updateUserContext(String user_id) {
- User user = userBusinessLogic.getUser(user_id, false);
+ private void updateUserContext(String userId) {
+ User user = userBusinessLogic.getUser(userId, false);
Set<String> roles = new HashSet<>(Arrays.asList(user.getRole()));
UserContext userContext = new UserContext(user.getUserId(), roles, user.getFirstName(), user.getLastName());
ThreadLocalsHolder.setUserContext(userContext);