aboutsummaryrefslogtreecommitdiffstats
path: root/catalog-be/src/main/java/org/openecomp/sdc/be/servlets
diff options
context:
space:
mode:
Diffstat (limited to 'catalog-be/src/main/java/org/openecomp/sdc/be/servlets')
-rw-r--r--catalog-be/src/main/java/org/openecomp/sdc/be/servlets/ElementServlet.java24
-rw-r--r--catalog-be/src/main/java/org/openecomp/sdc/be/servlets/ResourcesServlet.java47
-rw-r--r--catalog-be/src/main/java/org/openecomp/sdc/be/servlets/ServiceServlet.java41
3 files changed, 88 insertions, 24 deletions
diff --git a/catalog-be/src/main/java/org/openecomp/sdc/be/servlets/ElementServlet.java b/catalog-be/src/main/java/org/openecomp/sdc/be/servlets/ElementServlet.java
index 5e4085cf33..578319208c 100644
--- a/catalog-be/src/main/java/org/openecomp/sdc/be/servlets/ElementServlet.java
+++ b/catalog-be/src/main/java/org/openecomp/sdc/be/servlets/ElementServlet.java
@@ -33,6 +33,8 @@ import java.util.ArrayList;
import java.util.HashMap;
import java.util.List;
import java.util.Map;
+import java.util.Set;
+import java.util.stream.Collectors;
import javax.inject.Inject;
import javax.servlet.ServletContext;
import javax.servlet.http.HttpServletRequest;
@@ -79,9 +81,10 @@ import org.openecomp.sdc.be.ui.model.UiCategories;
import org.openecomp.sdc.be.user.UserBusinessLogic;
import org.openecomp.sdc.common.api.Constants;
import org.openecomp.sdc.common.log.wrappers.Logger;
+import org.openecomp.sdc.common.util.Multitenancy;
import org.openecomp.sdc.exception.ResponseFormat;
import org.springframework.stereotype.Controller;
-
+import org.keycloak.representations.AccessToken;
@Path("/v1/")
/**
*
@@ -522,8 +525,23 @@ public class ElementServlet extends BeGenericServlet {
log.debug("failed to get followed resources services ");
return buildErrorResponse(followedResourcesServices.right().value());
}
- Object data = RepresentationUtils.toRepresentation(followedResourcesServices.left().value());
- return buildOkResponse(getComponentsUtils().getResponseFormat(ActionStatus.OK), data);
+ Multitenancy keyaccess= new Multitenancy();
+ if (keyaccess.multiTenancyCheck()) {
+ AccessToken.Access realmAccess = keyaccess.getAccessToken(request).getRealmAccess();
+ Set<String> realmroles = realmAccess.getRoles();
+ Map<String, List<? extends Component>> dataResponse = new HashMap<>();
+ followedResourcesServices.left().value().entrySet().stream()
+ .forEach(component->{component.setValue(component.getValue().stream().filter(cm->realmroles.stream()
+ .anyMatch(role->cm.getTenant().equals(role))).collect(Collectors.toList()));
+ dataResponse.put(component.getKey(), component.getValue());
+ });
+ Object data = RepresentationUtils.toRepresentation(dataResponse);
+ return buildOkResponse(getComponentsUtils().getResponseFormat(ActionStatus.OK), data);
+ }
+ else{
+ Object data = RepresentationUtils.toRepresentation(followedResourcesServices.left().value());
+ return buildOkResponse(getComponentsUtils().getResponseFormat(ActionStatus.OK), data);
+ }
} catch (Exception e) {
BeEcompErrorManager.getInstance().logBeRestApiGeneralError("Get Followed Resources / Services Categories");
log.debug("Getting followed resources/services failed with exception", e);
diff --git a/catalog-be/src/main/java/org/openecomp/sdc/be/servlets/ResourcesServlet.java b/catalog-be/src/main/java/org/openecomp/sdc/be/servlets/ResourcesServlet.java
index d84e40c3d8..08f26fff4a 100644
--- a/catalog-be/src/main/java/org/openecomp/sdc/be/servlets/ResourcesServlet.java
+++ b/catalog-be/src/main/java/org/openecomp/sdc/be/servlets/ResourcesServlet.java
@@ -35,6 +35,7 @@ import java.io.File;
import java.io.IOException;
import java.util.List;
import java.util.Map;
+import java.util.Set;
import javax.inject.Inject;
import javax.servlet.ServletContext;
import javax.servlet.http.HttpServletRequest;
@@ -56,6 +57,7 @@ import org.glassfish.jersey.media.multipart.FormDataContentDisposition;
import org.glassfish.jersey.media.multipart.FormDataParam;
import org.json.JSONException;
import org.json.JSONObject;
+import org.keycloak.representations.AccessToken;
import org.openecomp.sdc.be.components.impl.ComponentInstanceBusinessLogic;
import org.openecomp.sdc.be.components.impl.CsarValidationUtils;
import org.openecomp.sdc.be.components.impl.ImportUtils;
@@ -87,6 +89,7 @@ import org.openecomp.sdc.common.log.wrappers.Logger;
import org.openecomp.sdc.common.util.ValidationUtils;
import org.openecomp.sdc.common.zip.exception.ZipException;
import org.openecomp.sdc.exception.ResponseFormat;
+import org.openecomp.sdc.common.util.Multitenancy;
import org.springframework.stereotype.Controller;
@Loggable(prepend = true, value = Loggable.DEBUG, trim = false)
@@ -115,11 +118,12 @@ public class ResourcesServlet extends AbstractValidationsServlet {
@Consumes(MediaType.APPLICATION_JSON)
@Produces(MediaType.APPLICATION_JSON)
@Operation(description = "Create Resource", method = "POST", summary = "Returns created resource", responses = {
- @ApiResponse(content = @Content(array = @ArraySchema(schema = @Schema(implementation = Resource.class)))),
- @ApiResponse(responseCode = "201", description = "Resource created"),
- @ApiResponse(responseCode = "403", description = "Restricted operation"),
- @ApiResponse(responseCode = "400", description = "Invalid content / Missing content"),
- @ApiResponse(responseCode = "409", description = "Resource already exist")})
+ @ApiResponse(content = @Content(array = @ArraySchema(schema = @Schema(implementation = Resource.class)))),
+ @ApiResponse(responseCode = "201", description = "Resource created"),
+ @ApiResponse(responseCode = "403", description = "Restricted operation"),
+ @ApiResponse(responseCode = "400", description = "Invalid content / Missing content"),
+ @ApiResponse(responseCode = "409", description = "Resource already exist"),
+ @ApiResponse(responseCode = "401", description = "Unauthorized Tenant")})
@PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE)
public Response createResource(@Parameter(description = "Resource object to be created", required = true) String data,
@Context final HttpServletRequest request, @HeaderParam(value = Constants.USER_ID_HEADER) String userId)
@@ -148,14 +152,33 @@ public class ResourcesServlet extends AbstractValidationsServlet {
response = buildErrorResponse(convertResponse.right().value());
return response;
}
+ Multitenancy keyaccess = new Multitenancy();
Resource resource = convertResponse.left().value();
- Resource createdResource = resourceBusinessLogic.createResource(resource, AuditingActionEnum.CREATE_RESOURCE, modifier, null, null);
- Object representation = RepresentationUtils.toRepresentation(createdResource);
- response = buildOkResponse(getComponentsUtils().getResponseFormat(ActionStatus.CREATED), representation);
- responseWrapper.setInnerElement(response);
- loggerSupportability
- .log(LoggerSupportabilityActions.CREATE_RESOURCE, resource.getComponentMetadataForSupportLog(), StatusCode.COMPLETE,
- "Resource successfully created user {}", userId);
+ if (keyaccess.multiTenancyCheck())
+ {
+ AccessToken.Access realmAccess = keyaccess.getAccessToken(request).getRealmAccess();
+ Set<String> realmroles = realmAccess.getRoles();
+ boolean match = realmroles.contains(resource.getTenant());
+ if (match) {
+ Resource createdResource = resourceBusinessLogic.createResource(resource, AuditingActionEnum.CREATE_RESOURCE, modifier, null, null);
+ Object representation = RepresentationUtils.toRepresentation(createdResource);
+ response = buildOkResponse(getComponentsUtils().getResponseFormat(ActionStatus.CREATED), representation);
+ responseWrapper.setInnerElement(response);
+ loggerSupportability
+ .log(LoggerSupportabilityActions.CREATE_RESOURCE, resource.getComponentMetadataForSupportLog(), StatusCode.COMPLETE,
+ "Resource successfully created user {}", userId);
+ } else {
+ return Response.status(401, "Unauthorized Tenant").build();
+ }
+ } else {
+ Resource createdResource = resourceBusinessLogic.createResource(resource, AuditingActionEnum.CREATE_RESOURCE, modifier, null, null);
+ Object representation = RepresentationUtils.toRepresentation(createdResource);
+ response = buildOkResponse(getComponentsUtils().getResponseFormat(ActionStatus.CREATED), representation);
+ responseWrapper.setInnerElement(response);
+ loggerSupportability
+ .log(LoggerSupportabilityActions.CREATE_RESOURCE, resource.getComponentMetadataForSupportLog(), StatusCode.COMPLETE,
+ "Resource successfully created user {}", userId);
+ }
}
return responseWrapper.getInnerElement();
} catch (final IOException | ZipException e) {
diff --git a/catalog-be/src/main/java/org/openecomp/sdc/be/servlets/ServiceServlet.java b/catalog-be/src/main/java/org/openecomp/sdc/be/servlets/ServiceServlet.java
index fcac7dce35..3c2b72be2a 100644
--- a/catalog-be/src/main/java/org/openecomp/sdc/be/servlets/ServiceServlet.java
+++ b/catalog-be/src/main/java/org/openecomp/sdc/be/servlets/ServiceServlet.java
@@ -41,6 +41,7 @@ import java.lang.reflect.Type;
import java.util.ArrayList;
import java.util.List;
import java.util.Map;
+import java.util.Set;
import javax.inject.Inject;
import javax.servlet.ServletContext;
import javax.servlet.http.HttpServletRequest;
@@ -92,10 +93,11 @@ import org.openecomp.sdc.common.log.elements.LoggerSupportability;
import org.openecomp.sdc.common.log.enums.LoggerSupportabilityActions;
import org.openecomp.sdc.common.log.enums.StatusCode;
import org.openecomp.sdc.common.log.wrappers.Logger;
+import org.openecomp.sdc.common.util.Multitenancy;
import org.openecomp.sdc.common.zip.exception.ZipException;
import org.openecomp.sdc.exception.ResponseFormat;
import org.springframework.stereotype.Controller;
-
+import org.keycloak.representations.AccessToken;
@Loggable(prepend = true, value = Loggable.DEBUG, trim = false)
@Path("/v1/catalog")
@Server(url = "/sdc2/rest")
@@ -127,7 +129,8 @@ public class ServiceServlet extends AbstractValidationsServlet {
@ApiResponse(content = @Content(array = @ArraySchema(schema = @Schema(implementation = Service.class)))),
@ApiResponse(responseCode = "201", description = "Service created"), @ApiResponse(responseCode = "403", description = "Restricted operation"),
@ApiResponse(responseCode = "400", description = "Invalid content / Missing content"),
- @ApiResponse(responseCode = "409", description = "Service already exist")})
+ @ApiResponse(responseCode = "409", description = "Service already exist"),
+ @ApiResponse(responseCode = "401", description = "Unauthorized Tenant")})
@PermissionAllowed(AafPermission.PermNames.INTERNAL_ALL_VALUE)
public Response createService(@Parameter(description = "Service object to be created", required = true) String data,
@Context final HttpServletRequest request, @HeaderParam(value = Constants.USER_ID_HEADER) String userId) {
@@ -141,15 +144,35 @@ public class ServiceServlet extends AbstractValidationsServlet {
if (convertResponse.isRight()) {
throw new ByResponseFormatComponentException(convertResponse.right().value());
}
+ Multitenancy keyaccess = new Multitenancy();
Service service = convertResponse.left().value();
- Either<Service, ResponseFormat> actionResponse = serviceBusinessLogic.createService(service, modifier);
- if (actionResponse.isRight()) {
- log.debug("Failed to create service");
- throw new ByResponseFormatComponentException(actionResponse.right().value());
+ if (keyaccess.multiTenancyCheck()) {
+ AccessToken.Access realmAccess = keyaccess.getAccessToken(request).getRealmAccess();
+ Set<String> realmroles = realmAccess.getRoles();
+ boolean match = realmroles.contains(service.getTenant());
+ if (match) {
+ Either<Service, ResponseFormat> actionResponse = serviceBusinessLogic.createService(service, modifier);
+ if (actionResponse.isRight()) {
+ log.debug("Failed to create service");
+ throw new ByResponseFormatComponentException(actionResponse.right().value());
+ }
+ loggerSupportability.log(LoggerSupportabilityActions.CREATE_SERVICE, service.getComponentMetadataForSupportLog(), StatusCode.COMPLETE,
+ "Service {} has been created by user {} ", service.getName(), userId);
+ return buildOkResponse(getComponentsUtils().getResponseFormat(ActionStatus.CREATED), actionResponse.left().value());
+ } else {
+ log.debug("Unauthorized Tenant");
+ return Response.status(401, "Unauthorized Tenant").build();
+ }
+ } else {
+ Either<Service, ResponseFormat> actionResponse = serviceBusinessLogic.createService(service, modifier);
+ if (actionResponse.isRight()) {
+ log.debug("Failed to create service");
+ throw new ByResponseFormatComponentException(actionResponse.right().value());
+ }
+ loggerSupportability.log(LoggerSupportabilityActions.CREATE_SERVICE, service.getComponentMetadataForSupportLog(), StatusCode.COMPLETE,
+ "Service {} has been created by user {} ", service.getName(), userId);
+ return buildOkResponse(getComponentsUtils().getResponseFormat(ActionStatus.CREATED), actionResponse.left().value());
}
- loggerSupportability.log(LoggerSupportabilityActions.CREATE_SERVICE, service.getComponentMetadataForSupportLog(), StatusCode.COMPLETE,
- "Service {} has been created by user {} ", service.getName(), userId);
- return buildOkResponse(getComponentsUtils().getResponseFormat(ActionStatus.CREATED), actionResponse.left().value());
}
public Either<Service, ResponseFormat> parseToService(String serviceJson, User user) {