diff options
Diffstat (limited to 'catalog-be/src/main/java/org/openecomp/sdc/be/user/UserBusinessLogic.java')
-rw-r--r-- | catalog-be/src/main/java/org/openecomp/sdc/be/user/UserBusinessLogic.java | 637 |
1 files changed, 222 insertions, 415 deletions
diff --git a/catalog-be/src/main/java/org/openecomp/sdc/be/user/UserBusinessLogic.java b/catalog-be/src/main/java/org/openecomp/sdc/be/user/UserBusinessLogic.java index a56607d4ce..e1cac1c7ed 100644 --- a/catalog-be/src/main/java/org/openecomp/sdc/be/user/UserBusinessLogic.java +++ b/catalog-be/src/main/java/org/openecomp/sdc/be/user/UserBusinessLogic.java @@ -21,309 +21,280 @@ package org.openecomp.sdc.be.user; import fj.data.Either; +import org.apache.commons.collections.CollectionUtils; +import org.apache.commons.lang3.StringUtils; import org.apache.tinkerpop.gremlin.structure.Edge; -import org.openecomp.sdc.be.config.BeEcompErrorManager; +import org.openecomp.sdc.be.components.impl.exceptions.ByActionStatusComponentException; import org.openecomp.sdc.be.dao.api.ActionStatus; -import org.openecomp.sdc.be.dao.neo4j.GraphPropertiesDictionary; -import org.openecomp.sdc.be.dao.janusgraph.JanusGraphGenericDao; import org.openecomp.sdc.be.dao.utils.UserStatusEnum; +import org.openecomp.sdc.be.facade.operations.UserOperation; import org.openecomp.sdc.be.impl.ComponentsUtils; import org.openecomp.sdc.be.model.LifecycleStateEnum; import org.openecomp.sdc.be.model.User; -import org.openecomp.sdc.be.model.operations.api.IUserAdminOperation; -import org.openecomp.sdc.be.model.operations.api.StorageOperationStatus; +import org.openecomp.sdc.be.model.operations.impl.UserAdminOperation; import org.openecomp.sdc.be.resources.data.auditing.AuditingActionEnum; import org.openecomp.sdc.common.api.UserRoleEnum; -import org.openecomp.sdc.common.log.wrappers.Logger; +import org.openecomp.sdc.common.datastructure.UserContext; import org.openecomp.sdc.common.kpi.api.ASDCKpiApi; +import org.openecomp.sdc.common.log.enums.EcompLoggerErrorCode; +import org.openecomp.sdc.common.log.wrappers.Logger; +import org.openecomp.sdc.common.util.ThreadLocalsHolder; import org.openecomp.sdc.exception.ResponseFormat; -import org.springframework.beans.factory.annotation.Autowired; -import org.springframework.stereotype.Component; -import javax.annotation.Resource; import java.util.ArrayList; -import java.util.HashMap; +import java.util.Arrays; +import java.util.HashSet; import java.util.List; -import java.util.Map; +import java.util.Objects; +import java.util.stream.Collectors; + +import static org.openecomp.sdc.be.resources.data.auditing.AuditingActionEnum.ADD_USER; +import static org.openecomp.sdc.be.resources.data.auditing.AuditingActionEnum.GET_USERS_LIST; +import static org.openecomp.sdc.be.resources.data.auditing.AuditingActionEnum.UPDATE_USER; -@Component("userBusinessLogic") -public class UserBusinessLogic implements IUserBusinessLogic { +@org.springframework.stereotype.Component +public class UserBusinessLogic { private static final Logger log = Logger.getLogger(UserBusinessLogic.class); + private static final String IN_CERTIFICATION_CHECKED_OUT = "in-certification/checked-out"; + private static final String UNKNOWN = "UNKNOWN"; private static UserAdminValidator userAdminValidator = UserAdminValidator.getInstance(); - @Resource - private IUserAdminOperation userAdminOperation; - @Resource - private ComponentsUtils componentsUtils; - @Autowired - private JanusGraphGenericDao janusGraphDao; + private final UserAdminOperation userAdminOperation; + private final ComponentsUtils componentsUtils; + private final UserOperation facadeUserOperation; - @Override - public Either<User, ActionStatus> getUser(String userId, boolean inTransaction) { - return userAdminOperation.getUserData(userId, inTransaction); + public UserBusinessLogic(UserAdminOperation userAdminOperation, ComponentsUtils componentsUtils, UserOperation facadeUserOperation) { + this.userAdminOperation = userAdminOperation; + this.componentsUtils = componentsUtils; + this.facadeUserOperation = facadeUserOperation; } - @Override - public Either<User, ResponseFormat> createUser(User modifier, User newUser) { - - ResponseFormat responseFormat; - String modifierUserId = modifier.getUserId(); - - if (modifierUserId == null) { - modifier.setUserId("UNKNOWN"); - log.debug("createUser method - user header is missing"); - responseFormat = componentsUtils.getResponseFormat(ActionStatus.MISSING_INFORMATION); - handleAuditing(modifier, null, null, responseFormat, AuditingActionEnum.ADD_USER); - return Either.right(responseFormat); + public User getUser(String userId, boolean inTransaction) { + Either<User, ActionStatus> result = userAdminOperation.getUserData(userId, inTransaction); + if (result.isRight()) { + handleUserAccessAuditing(userId, result.right().value()); + throw new ByActionStatusComponentException(result.right().value(), userId); } - - Either<User, ActionStatus> eitherCreator = getUser(modifierUserId, false); - if (eitherCreator.isRight() || eitherCreator.left().value() == null) { - log.debug("createUser method - user is not listed. userId = {}", modifier.getUserId()); - responseFormat = componentsUtils.getResponseFormat(ActionStatus.RESTRICTED_OPERATION); - handleAuditing(modifier, null, null, responseFormat, AuditingActionEnum.ADD_USER); - return Either.right(responseFormat); + User user = result.left().value(); + if (user == null) { + handleUserAccessAuditing(userId, ActionStatus.GENERAL_ERROR); + throw new ByActionStatusComponentException(ActionStatus.GENERAL_ERROR); } + return user; + } - modifier = eitherCreator.left().value(); - if (!modifier.getRole().equals(UserRoleEnum.ADMIN.getName())) { - log.debug("createUser method - user is not admin = {}", modifier.getUserId()); - responseFormat = componentsUtils.getResponseFormat(ActionStatus.RESTRICTED_OPERATION); - handleAuditing(modifier, null, null, responseFormat, AuditingActionEnum.ADD_USER); - return Either.right(responseFormat); + public User getUser(String userId) { + UserContext userContext = ThreadLocalsHolder.getUserContext(); + if (Objects.isNull(userContext) || Objects.isNull(userContext.getUserId())) { + log.info("USER_NOT_FOUND, user=" + userId); + handleUserAccessAuditing(userId, ActionStatus.USER_NOT_FOUND); + throw new ByActionStatusComponentException(ActionStatus.USER_NOT_FOUND, userId); + } + if (Objects.isNull(userContext.getUserRoles())){ + userContext.setUserRoles(new HashSet<>()); } + return convertUserContextToUser(userContext); + } - // verify user not exist - User userFromDb = new User(); - Either<User, ActionStatus> eitherUserInDB = getUser(newUser.getUserId(), false); - if (eitherUserInDB.isRight()) { - ActionStatus status = eitherUserInDB.right().value(); - if (!ActionStatus.USER_NOT_FOUND.equals(status) && !ActionStatus.USER_INACTIVE.equals(status)) { - responseFormat = componentsUtils.getResponseFormat(eitherUserInDB.right().value(), newUser.getUserId()); - handleAuditing(modifier, null, null, responseFormat, AuditingActionEnum.ADD_USER); - return Either.right(responseFormat); - } - } else {// User exist in DB - userFromDb = eitherUserInDB.left().value(); - if (userFromDb.getStatus() == UserStatusEnum.ACTIVE) { - responseFormat = componentsUtils.getResponseFormatByUserId(ActionStatus.USER_ALREADY_EXIST, newUser.getUserId()); - log.debug("createUser method - user with id {} already exist with id: {}", modifier.getUserId(), userFromDb.getUserId()); - handleAuditing(modifier, null, null, responseFormat, AuditingActionEnum.ADD_USER); - return Either.right(responseFormat); - } + protected User convertUserContextToUser(UserContext userContext) { + User user = new User(); + user.setUserId(userContext.getUserId()); + user.setFirstName(userContext.getFirstName()); + user.setLastName(userContext.getLastName()); + boolean userHasRoles = userContext.getUserRoles().iterator().hasNext(); + user.setRole(!userHasRoles ? null : userContext.getUserRoles().iterator().next()); + user.setStatus(userHasRoles ? UserStatusEnum.ACTIVE : UserStatusEnum.INACTIVE); + return user; + } + + public boolean hasActiveUser(String userId) { + UserContext userContext = ThreadLocalsHolder.getUserContext(); + if (Objects.isNull(userContext) || Objects.isNull(userContext.getUserId()) ) { + handleUserAccessAuditing(userId, ActionStatus.USER_NOT_FOUND); + return false; + } + if (Objects.isNull(userContext.getUserRoles()) || userContext.getUserRoles().isEmpty()){ + handleUserAccessAuditing(userId, ActionStatus.USER_INACTIVE); + return false; } + return true; + } + public User createUser(String modifierUserId, User newUser) { + + User modifier = getValidModifier(modifierUserId, newUser.getUserId(), AuditingActionEnum.ADD_USER); + + // verify user not exist + String newUserId = newUser.getUserId(); + Either<User, ActionStatus> eitherUserInDB = verifyNewUser(newUserId); newUser.setStatus(UserStatusEnum.ACTIVE); - // validate Email - if (newUser.getEmail() != null && !userAdminValidator.validateEmail(newUser.getEmail())) { - log.debug("createUser method - user has invalid email = {}", modifier.getUserId()); - responseFormat = componentsUtils.getResponseFormat(ActionStatus.INVALID_EMAIL_ADDRESS, newUser.getEmail()); - handleAuditing(modifier, null, null, responseFormat, AuditingActionEnum.ADD_USER); - return Either.right(responseFormat); - } + validateEmail(newUser); - // validate Role - if (newUser.getRole() == null || newUser.getRole().length() == 0) { - newUser.setRole(Role.DESIGNER.name()); - } else { - if (!userAdminValidator.validateRole(newUser.getRole())) { - log.debug("createUser method - user has invalid role = {}", modifier.getUserId()); - responseFormat = componentsUtils.getResponseFormat(ActionStatus.INVALID_ROLE, newUser.getRole()); - handleAuditing(modifier, null, null, responseFormat, AuditingActionEnum.ADD_USER); - return Either.right(responseFormat); - } - } + validateRole(newUser); // handle last login if user is import if (newUser.getLastLoginTime() == null) { newUser.setLastLoginTime(0L); } - Either<User, StorageOperationStatus> addOrUpdateUserReq; - - if (ActionStatus.USER_INACTIVE.equals(eitherUserInDB.right().value())) { // user - // exist - // with - // inactive - // state - // - - // update - // user - // data + User createdUser; + if (ActionStatus.USER_INACTIVE.equals(eitherUserInDB.right().value())) { // user inactive - update state // exist newUser.setLastLoginTime(0L); - addOrUpdateUserReq = userAdminOperation.updateUserData(newUser); - - } else { // user not exist - create new user - - if (newUser.getUserId() != null && !userAdminValidator.validateUserId(newUser.getUserId())) { - log.debug("createUser method - user has invalid userId = {}", modifier.getUserId()); - responseFormat = componentsUtils.getResponseFormat(ActionStatus.INVALID_USER_ID, newUser.getUserId()); - handleAuditing(modifier, null, null, responseFormat, AuditingActionEnum.ADD_USER); - return Either.right(responseFormat); + createdUser = userAdminOperation.updateUserData(newUser); + } else { // user does not exist - create new user + if (!userAdminValidator.validateUserId(newUserId)) { + log.debug("createUser method - user has invalid userId = {}", newUser.getUserId()); + throw new ByActionStatusComponentException(ActionStatus.INVALID_USER_ID, newUserId); } - addOrUpdateUserReq = userAdminOperation.saveUserData(newUser); - } - - if (addOrUpdateUserReq.isRight() || addOrUpdateUserReq.left().value() == null) { - log.debug("createUser method - failed to create user"); - Either.right(componentsUtils.getResponseFormat(componentsUtils.convertFromStorageResponse(addOrUpdateUserReq.right().value()))); + createdUser = userAdminOperation.saveUserData(newUser); } - log.debug("createUser method - user created"); - User createdUser = addOrUpdateUserReq.left().value(); - responseFormat = componentsUtils.getResponseFormat(ActionStatus.CREATED); + ResponseFormat responseFormat = componentsUtils.getResponseFormat(ActionStatus.CREATED); handleAuditing(modifier, null, createdUser, responseFormat, AuditingActionEnum.ADD_USER); - return Either.left(createdUser); + getFacadeUserOperation().updateUserCache(UserOperationEnum.CREATE, createdUser.getUserId(), createdUser.getRole()); + return createdUser; } - @Override - public Either<User, ResponseFormat> updateUserRole(User modifier, String userIdToUpdate, String userRole) { - - ResponseFormat responseFormat; - String modifierUserId = modifier.getUserId(); - - if (modifierUserId == null) { - modifier.setUserId("UNKNOWN"); - log.debug("updateUserRole method - user header is missing"); - responseFormat = componentsUtils.getResponseFormat(ActionStatus.MISSING_INFORMATION); - handleAuditing(modifier, null, null, responseFormat, AuditingActionEnum.UPDATE_USER); - return Either.right(responseFormat); + private void validateRole(User newUser) { + if (newUser.getRole() == null || newUser.getRole().length() == 0) { + newUser.setRole(Role.DESIGNER.name()); + } else { + if (!userAdminValidator.validateRole(newUser.getRole())) { + log.debug("createUser method - user has invalid role = {}", newUser.getUserId()); + throw new ByActionStatusComponentException(ActionStatus.INVALID_ROLE, newUser.getRole()); + } } + } - Either<User, ActionStatus> eitherCreator = getUser(modifierUserId, false); - if (eitherCreator.isRight() || eitherCreator.left().value() == null) { - log.debug("updateUserRole method - user is not listed. userId = {}", modifier.getUserId()); - responseFormat = componentsUtils.getResponseFormat(ActionStatus.RESTRICTED_OPERATION); - handleAuditing(modifier, null, null, responseFormat, AuditingActionEnum.UPDATE_USER); - return Either.right(responseFormat); + private void validateEmail(User newUser) { + if (newUser.getEmail() != null && !userAdminValidator.validateEmail(newUser.getEmail())) { + log.debug("createUser method - user has invalid email = {}", newUser.getUserId()); + throw new ByActionStatusComponentException(ActionStatus.INVALID_EMAIL_ADDRESS, newUser.getEmail()); } + } - modifier = eitherCreator.left().value(); - if (!modifier.getRole().equals(UserRoleEnum.ADMIN.getName())) { - log.debug("updateUserRole method - user is not admin. userId = {}", modifier.getUserId()); - responseFormat = componentsUtils.getResponseFormat(ActionStatus.RESTRICTED_OPERATION); - handleAuditing(modifier, null, null, responseFormat, AuditingActionEnum.UPDATE_USER); - return Either.right(responseFormat); + private Either<User, ActionStatus> verifyNewUser(String newUserId) { + Either<User, ActionStatus> eitherUserInDB = getUserData(newUserId); + if (eitherUserInDB.isRight()) { + ActionStatus status = eitherUserInDB.right().value(); + if (!ActionStatus.USER_NOT_FOUND.equals(status) && !ActionStatus.USER_INACTIVE.equals(status)) { + componentsUtils.auditAdminUserActionAndThrowException(ADD_USER, null, null, null, status, newUserId); + } + } else {// User exist in DB + User userFromDb = eitherUserInDB.left().value(); + if (userFromDb.getStatus() == UserStatusEnum.ACTIVE) { + log.debug("createUser method - user with id {} already exist with id: {}", newUserId, userFromDb.getUserId()); + componentsUtils.auditAdminUserActionAndThrowException(ADD_USER, null, null, null, ActionStatus.USER_ALREADY_EXIST, newUserId); + } } + return eitherUserInDB; + } - if (modifier.getUserId().equals(userIdToUpdate)) { - log.debug("updateUserRole method - admin role can only be updated by other admin. userId = {}", modifier.getUserId()); - responseFormat = componentsUtils.getResponseFormat(ActionStatus.UPDATE_USER_ADMIN_CONFLICT); - handleAuditing(modifier, null, null, responseFormat, AuditingActionEnum.UPDATE_USER); - return Either.right(responseFormat); + public Either<User, ActionStatus> verifyNewUserForPortal(String newUserId) { + Either<User, ActionStatus> eitherUserInDB = getUserData(newUserId); + if (eitherUserInDB.isRight()) { + ActionStatus status = eitherUserInDB.right().value(); + if (!ActionStatus.USER_NOT_FOUND.equals(status) && !ActionStatus.USER_INACTIVE.equals(status)) { + componentsUtils.auditAdminUserActionAndThrowException(ADD_USER, null, null, null, status, newUserId); + } } - Either<User, ActionStatus> userToUpdateReq = getUser(userIdToUpdate, false); - if (userToUpdateReq.isRight() || userToUpdateReq.left().value() == null) { - log.debug("updateUserRole method - user not found. userId = {}", modifier.getUserId()); - responseFormat = componentsUtils.getResponseFormat(ActionStatus.USER_NOT_FOUND, userIdToUpdate); - handleAuditing(modifier, null, null, responseFormat, AuditingActionEnum.UPDATE_USER); - return Either.right(responseFormat); + return eitherUserInDB; + } + + private Either<User, ActionStatus> getUserData(String newUserId) { + if (newUserId == null) { + log.error(EcompLoggerErrorCode.DATA_ERROR, "", "","Create user - new user id is missing"); + throw new ByActionStatusComponentException(ActionStatus.MISSING_INFORMATION); } - if (!userAdminValidator.validateRole(userRole)) { - log.debug("updateUserRole method - user has invalid role = {}", modifier.getUserId()); - responseFormat = componentsUtils.getResponseFormat(ActionStatus.INVALID_ROLE, userRole); - handleAuditing(modifier, null, null, responseFormat, AuditingActionEnum.UPDATE_USER); - return Either.right(responseFormat); + return userAdminOperation.getUserData(newUserId, false); + } + + public User updateUserRole(String modifierUserId, String userIdToUpdate, String userRole) { + + User modifier = getValidModifier(modifierUserId, userIdToUpdate, UPDATE_USER); + User userToUpdate = getUser(userIdToUpdate, false); + validateChangeRoleToAllowedRoles(userRole); + + List<Edge> userPendingTasks = userAdminOperation.getUserPendingTasksList(userToUpdate, getChangeRoleStateLimitations(userToUpdate)); + if (!userPendingTasks.isEmpty()) { + log.debug("updateUserRole method - User cannot be updated, user have pending projects userId {}", userIdToUpdate); + String userInfo = userToUpdate.getFirstName() + " " + userToUpdate.getLastName() + '(' + userToUpdate.getUserId() + ')'; + componentsUtils.auditAdminUserActionAndThrowException(UPDATE_USER, modifier, userToUpdate, null, ActionStatus.CANNOT_UPDATE_USER_WITH_ACTIVE_ELEMENTS, userInfo, IN_CERTIFICATION_CHECKED_OUT); } + Role newRole = Role.valueOf(userRole); User newUser = new User(); - newUser.setRole(userRole); + newUser.setRole(newRole.name()); newUser.setUserId(userIdToUpdate); - User userToUpdate = userToUpdateReq.left().value(); - // if(!userRole.equals(UserRoleEnum.ADMIN.getName())){ //this is in - // comment until admin will be able to do do check-in/check-out from the - // UI - Either<List<Edge>, StorageOperationStatus> userPendingTasksReq = getPendingUserPendingTasksWithCommit(userToUpdate); - if (userPendingTasksReq.isRight()) { - log.debug("updateUserRole method - failed to get user pending tasks list userId {}", userIdToUpdate); - return Either.right(componentsUtils.getResponseFormat(componentsUtils.convertFromStorageResponse(userPendingTasksReq.right().value()))); - } + User updatedUser = userAdminOperation.updateUserData(newUser); + handleAuditing(modifier, userToUpdate, updatedUser, componentsUtils.getResponseFormat(ActionStatus.OK), UPDATE_USER); + getFacadeUserOperation().updateUserCache(UserOperationEnum.CHANGE_ROLE, updatedUser.getUserId(), updatedUser.getRole()); + return updatedUser; + } - List<Edge> userPendingTasks = userPendingTasksReq.left().value(); - if (!userPendingTasks.isEmpty()) { - log.debug("updateUserRole method - User canot be updated, user have pending projects userId {}", userIdToUpdate); + private void validateChangeRoleToAllowedRoles(String userRole) { + List<String> allowedRoles = Arrays.asList(UserRoleEnum.DESIGNER.getName(), UserRoleEnum.ADMIN.getName()); + if (!allowedRoles.contains(userRole)){ + throw new ByActionStatusComponentException(ActionStatus.INVALID_ROLE, userRole); + } + } - String userTasksStatusForErrorMessage = getUserPendingTaskStatusByRole(UserRoleEnum.valueOf(userToUpdate.getRole())); - String userInfo = userToUpdate.getFirstName() + " " + userToUpdate.getLastName() + '(' + userToUpdate.getUserId() + ')'; - responseFormat = componentsUtils.getResponseFormat(ActionStatus.CANNOT_UPDATE_USER_WITH_ACTIVE_ELEMENTS, userInfo, userTasksStatusForErrorMessage); - handleAuditing(modifier, userToUpdate, userToUpdate, responseFormat, AuditingActionEnum.UPDATE_USER); - return Either.right(responseFormat); + User getValidModifier(String modifierUserId, String userIdHandle, AuditingActionEnum actionEnum) { + if (modifierUserId == null) { + log.error(EcompLoggerErrorCode.DATA_ERROR, "", "", "user modifier is missing"); + throw new ByActionStatusComponentException(ActionStatus.MISSING_INFORMATION); } - // } - Either<User, StorageOperationStatus> updateUserReq = userAdminOperation.updateUserData(newUser); - if (updateUserReq.isRight() || updateUserReq.left().value() == null) { - log.debug("updateUser method - failed to update user data. userId = {}", modifier.getUserId()); - return Either.right(componentsUtils.getResponseFormat(componentsUtils.convertFromStorageResponse(updateUserReq.right().value()))); + User modifier = getUser(modifierUserId, false); + if (!modifier.getRole().equals(UserRoleEnum.ADMIN.getName())) { + log.debug("user is not admin. Id = {}", modifier.getUserId()); + componentsUtils.auditAdminUserActionAndThrowException(actionEnum, modifier, null, null, ActionStatus.RESTRICTED_OPERATION); } - responseFormat = componentsUtils.getResponseFormat(ActionStatus.OK); - User updatedUser = updateUserReq.left().value(); - handleAuditing(modifier, userToUpdate, updatedUser, responseFormat, AuditingActionEnum.UPDATE_USER); - return Either.left(updatedUser); + if (modifier.getUserId().equals(userIdHandle)) { + log.debug("admin user cannot act on self. Id = {}", modifier.getUserId()); + componentsUtils.auditAdminUserActionAndThrowException(actionEnum, modifier, null, null, ActionStatus.UPDATE_USER_ADMIN_CONFLICT); + } + return modifier; } - public Either<List<User>, ResponseFormat> getAllAdminUsers() { + public List<User> getAllAdminUsers() { Either<List<User>, ActionStatus> response = userAdminOperation.getAllUsersWithRole(Role.ADMIN.name(), null); - if (response.isRight()) { - ResponseFormat responseFormat = componentsUtils.getResponseFormat(response.right().value()); - return Either.right(responseFormat); + throw new ByActionStatusComponentException(response.right().value()); } - return Either.left(response.left().value()); + return response.left().value(); } - @Override - public Either<List<User>, ResponseFormat> getUsersList(String modifierAttId, List<String> roles, String rolesStr) { - ResponseFormat responseFormat; - User user = new User(); + public List<User> getUsersList(String modifierAttId, List<String> roles, String rolesStr) { if (modifierAttId == null) { - user.setUserId("UNKNOWN"); - responseFormat = componentsUtils.getResponseFormat(ActionStatus.MISSING_INFORMATION); - handleGetUsersListAuditing(user, responseFormat, rolesStr); - return Either.right(responseFormat); + throw new ByActionStatusComponentException(ActionStatus.MISSING_INFORMATION); } - Either<User, ActionStatus> userResult = getUser(modifierAttId, false); - if (userResult.isRight()) { - user.setUserId(modifierAttId); - if (userResult.right().value().equals(ActionStatus.USER_NOT_FOUND)) { - responseFormat = componentsUtils.getResponseFormat(ActionStatus.RESTRICTED_OPERATION); - } else { - responseFormat = componentsUtils.getResponseFormat(userResult.right().value()); - } - BeEcompErrorManager.getInstance().logBeUserMissingError("Get users per roles", modifierAttId); - - handleGetUsersListAuditing(user, responseFormat, rolesStr); - return Either.right(responseFormat); - } - user = userResult.left().value(); - Either<List<User>, ResponseFormat> getResponse = null; - List<User> resultList = new ArrayList<>(); - if (roles != null && !roles.isEmpty()) { + User user = getUser(modifierAttId, false); + Either<List<User>, ResponseFormat> getResponse; + List<User> userList = new ArrayList<>(); + if (!CollectionUtils.isEmpty(roles)) { for (String role : roles) { if (!userAdminValidator.validateRole(role)) { - responseFormat = componentsUtils.getResponseFormat(ActionStatus.INVALID_ROLE, role); - handleGetUsersListAuditing(user, responseFormat, rolesStr); - return Either.right(responseFormat); + componentsUtils.auditAdminUserActionAndThrowException(GET_USERS_LIST, user, null, null, ActionStatus.INVALID_ROLE, role); } getResponse = getUsersPerRole(role, user, rolesStr); - resultList.addAll(getResponse.left().value()); + userList.addAll(getResponse.left().value()); } } else { rolesStr = "All"; getResponse = getUsersPerRole(null, user, rolesStr); - resultList.addAll(getResponse.left().value()); + userList.addAll(getResponse.left().value()); } - responseFormat = componentsUtils.getResponseFormat(ActionStatus.OK); - handleGetUsersListAuditing(user, responseFormat, rolesStr); - return Either.left(resultList); + handleGetUsersListAuditing(user, componentsUtils.getResponseFormat(ActionStatus.OK), rolesStr); + return userList; } - private Either<List<User>, ResponseFormat> getUsersPerRole(String role, User user, String rolesStr) { + Either<List<User>, ResponseFormat> getUsersPerRole(String role, User user, String rolesStr) { ResponseFormat responseFormat; Either<List<User>, ActionStatus> response = userAdminOperation.getAllUsersWithRole(role, UserStatusEnum.ACTIVE.name()); if (response.isRight()) { @@ -331,135 +302,37 @@ public class UserBusinessLogic implements IUserBusinessLogic { handleGetUsersListAuditing(user, responseFormat, rolesStr); return Either.right(responseFormat); } - return Either.left(response.left().value()); + List<User> users = response.left().value() + .stream() + .filter(u-> StringUtils.isNotEmpty(u.getUserId())) + .collect(Collectors.toList()); + return Either.left(users); } private void handleGetUsersListAuditing(User user, ResponseFormat responseFormat, String details) { componentsUtils.auditGetUsersList(user, details, responseFormat); } - private void handleAuditing(User modifier, User userBefor, User userAfter, ResponseFormat responseFormat, AuditingActionEnum actionName) { - componentsUtils.auditAdminUserAction(actionName, modifier, userBefor, userAfter, responseFormat); + private void handleAuditing(User modifier, User userBefore, User userAfter, ResponseFormat responseFormat, AuditingActionEnum actionName) { + componentsUtils.auditAdminUserAction(actionName, modifier, userBefore, userAfter, responseFormat); } private void handleUserAccessAuditing(User user, ResponseFormat responseFormat) { componentsUtils.auditUserAccess(user, responseFormat); } - @Override - public Either<User, ResponseFormat> deActivateUser(User modifier, String userUniuqeIdToDeactive) { - - ResponseFormat responseFormat; - String userId = modifier.getUserId(); - - if (userId == null) { - modifier.setUserId("UNKNOWN"); - log.debug("deActivateUser method - user header is missing"); - responseFormat = componentsUtils.getResponseFormat(ActionStatus.MISSING_INFORMATION); - handleAuditing(modifier, null, null, responseFormat, AuditingActionEnum.DELETE_USER); - return Either.right(responseFormat); - } - - Either<User, ActionStatus> eitherCreator = getUser(userId, false); - if (eitherCreator.isRight() || eitherCreator.left().value() == null) { - log.debug("deActivateUser method - user is not listed. userId = {}", modifier.getUserId()); - responseFormat = componentsUtils.getResponseFormat(ActionStatus.RESTRICTED_OPERATION); - handleAuditing(modifier, null, null, responseFormat, AuditingActionEnum.DELETE_USER); - return Either.right(responseFormat); - } - - modifier = eitherCreator.left().value(); - - if (!modifier.getRole().equals(UserRoleEnum.ADMIN.getName())) { - log.debug("deActivateUser method - user is not admin. userId = {}", modifier.getUserId()); - responseFormat = componentsUtils.getResponseFormat(ActionStatus.RESTRICTED_OPERATION); - handleAuditing(modifier, null, null, responseFormat, AuditingActionEnum.DELETE_USER); - return Either.right(responseFormat); - } - - if (modifier.getUserId().equals(userUniuqeIdToDeactive)) { - log.debug("deActivateUser deActivateUser - admin can only be deactivate by other admin. userId = {}", modifier.getUserId()); - responseFormat = componentsUtils.getResponseFormat(ActionStatus.DELETE_USER_ADMIN_CONFLICT); - handleAuditing(modifier, null, null, responseFormat, AuditingActionEnum.DELETE_USER); - return Either.right(responseFormat); - } - - Either<User, ActionStatus> getUserToDeleteResponse = getUser(userUniuqeIdToDeactive, false); - if (getUserToDeleteResponse.isRight() || getUserToDeleteResponse.left().value() == null) { - log.debug("deActivateUser method - failed to get user by id {}", userUniuqeIdToDeactive); - responseFormat = componentsUtils.getResponseFormat(ActionStatus.USER_NOT_FOUND, userUniuqeIdToDeactive); - handleAuditing(modifier, null, null, responseFormat, AuditingActionEnum.DELETE_USER); - return Either.right(componentsUtils.getResponseFormat(getUserToDeleteResponse.right().value(), userUniuqeIdToDeactive)); - } - - User userToDeactivate = getUserToDeleteResponse.left().value(); - if (userToDeactivate.getStatus().equals(UserStatusEnum.INACTIVE)) { - log.debug("deActivateUser method - User already inactive", userUniuqeIdToDeactive); - responseFormat = componentsUtils.getResponseFormat(ActionStatus.USER_NOT_FOUND, userUniuqeIdToDeactive); - handleAuditing(modifier, null, null, responseFormat, AuditingActionEnum.DELETE_USER); - return Either.right(responseFormat); - } - - Either<List<Edge>, StorageOperationStatus> userPendingTasksReq = getPendingUserPendingTasksWithCommit(userToDeactivate); - if (userPendingTasksReq.isRight()) { - log.debug("deActivateUser method - failed to get user pending tasks list", userUniuqeIdToDeactive); - return Either.right(componentsUtils.getResponseFormat(componentsUtils.convertFromStorageResponse(userPendingTasksReq.right().value()))); - } - - List<Edge> userPendingTasks = userPendingTasksReq.left().value(); - if (userPendingTasks.size() > 0) { - log.debug("deActivateUser method - User canot be deleted, user have pending projects", userUniuqeIdToDeactive); - - String userTasksStatusForErrorMessage = getUserPendingTaskStatusByRole(UserRoleEnum.valueOf(userToDeactivate.getRole())); - String userInfo = userToDeactivate.getFirstName() + " " + userToDeactivate.getLastName() + '(' + userToDeactivate.getUserId() + ')'; - responseFormat = componentsUtils.getResponseFormat(ActionStatus.CANNOT_DELETE_USER_WITH_ACTIVE_ELEMENTS, userInfo, userTasksStatusForErrorMessage); - handleAuditing(modifier, userToDeactivate, userToDeactivate, responseFormat, AuditingActionEnum.DELETE_USER); - return Either.right(responseFormat); - } - - Either<User, StorageOperationStatus> deactivateUserReq = userAdminOperation.deActivateUser(userToDeactivate); - if (deactivateUserReq.isRight()) { - log.debug("deActivateUser method - failed to deactivate user", userUniuqeIdToDeactive); - return Either.right(componentsUtils.getResponseFormat(componentsUtils.convertFromStorageResponse(deactivateUserReq.right().value()))); - } - User deactivateUser = deactivateUserReq.left().value(); - responseFormat = componentsUtils.getResponseFormat(ActionStatus.OK); - handleAuditing(modifier, userToDeactivate, null, responseFormat, AuditingActionEnum.DELETE_USER); - return Either.left(deactivateUser); + private void handleUserAccessAuditing(String userId, ActionStatus status, String... params) { + componentsUtils.auditUserAccess(new User(userId), status, params); } - @Override - public Either<User, ResponseFormat> authorize(User authUser) { - - ResponseFormat responseFormat; - + public User authorize(User authUser) { String userId = authUser.getUserId(); - if (userId == null) { - authUser.setUserId("UNKNOWN"); - log.debug("deActivateUser method - user header is missing"); - responseFormat = componentsUtils.getResponseFormat(ActionStatus.MISSING_INFORMATION); - handleUserAccessAuditing(authUser, responseFormat); - return Either.right(responseFormat); + log.debug("authorize method - user id is missing"); + throw new ByActionStatusComponentException(ActionStatus.MISSING_INFORMATION); } - Either<User, ActionStatus> eitherCreator = getUser(userId, false); - if (eitherCreator.isRight()) { - if (eitherCreator.right().value() == ActionStatus.USER_NOT_FOUND || eitherCreator.right().value() == ActionStatus.USER_INACTIVE) { - responseFormat = componentsUtils.getResponseFormat(ActionStatus.RESTRICTED_ACCESS); - handleUserAccessAuditing(authUser, responseFormat); - return Either.right(responseFormat); - } else { - return Either.right(componentsUtils.getResponseFormatByUser(eitherCreator.right().value(), authUser)); - } - } else { - if (eitherCreator.left().value() == null) { - responseFormat = componentsUtils.getResponseFormat(ActionStatus.GENERAL_ERROR); - return Either.right(responseFormat); - } - } - - User user = eitherCreator.left().value(); + User user = getUser(userId, false); String firstName = authUser.getFirstName(); if (firstName != null && !firstName.isEmpty() && !firstName.equals(user.getFirstName())) { @@ -479,27 +352,17 @@ public class UserBusinessLogic implements IUserBusinessLogic { // last login time stamp handle user.setLastLoginTime(); - Either<User, StorageOperationStatus> updateUserReq = userAdminOperation.updateUserData(user); - - if (updateUserReq.isRight()) { - responseFormat = componentsUtils.getResponseFormatByUser(eitherCreator.right().value(), user); - handleUserAccessAuditing(user, responseFormat); - return Either.right(componentsUtils.getResponseFormatByUser(eitherCreator.right().value(), user)); - } - - User updatedUser = updateUserReq.left().value(); - + User updatedUser = userAdminOperation.updateUserData(user); Long lastLoginTime = user.getLastLoginTime(); if (lastLoginTime != null) { updatedUser.setLastLoginTime(lastLoginTime); } else { - updatedUser.setLastLoginTime(new Long(0)); + updatedUser.setLastLoginTime(0L); } - responseFormat = componentsUtils.getResponseFormat(ActionStatus.OK); - handleUserAccessAuditing(updatedUser, responseFormat); + handleUserAccessAuditing(updatedUser.getUserId(), ActionStatus.OK); ASDCKpiApi.countUsersAuthorizations(); - return Either.left(updatedUser); + return updatedUser; } /* @@ -512,32 +375,14 @@ public class UserBusinessLogic implements IUserBusinessLogic { String userId = updatedUserCred.getUserId(); if (userId == null) { - updatedUserCred.setUserId("UNKNOWN"); + updatedUserCred.setUserId(UNKNOWN); log.debug("updateUserCredentials method - user header is missing"); responseFormat = componentsUtils.getResponseFormat(ActionStatus.MISSING_INFORMATION); handleUserAccessAuditing(updatedUserCred, responseFormat); return Either.right(responseFormat); } - Either<User, ActionStatus> eitherCreator = getUser(userId, false); - if (eitherCreator.isRight()) { - ActionStatus status = eitherCreator.right().value(); - if (status == ActionStatus.USER_NOT_FOUND || status == ActionStatus.USER_INACTIVE) { - responseFormat = componentsUtils.getResponseFormat(ActionStatus.RESTRICTED_ACCESS); - handleUserAccessAuditing(updatedUserCred, responseFormat); - return Either.right(responseFormat); - } else { - return Either.right(componentsUtils.getResponseFormatByUser(status, updatedUserCred)); - } - } else { - if (eitherCreator.left().value() == null) { - responseFormat = componentsUtils.getResponseFormat(ActionStatus.GENERAL_ERROR); - return Either.right(responseFormat); - } - } - - User user = eitherCreator.left().value(); - + User user = getUser(userId, false); String firstName = updatedUserCred.getFirstName(); if (firstName != null && !firstName.isEmpty() && !firstName.equals(user.getFirstName())) { user.setFirstName(firstName); @@ -561,69 +406,31 @@ public class UserBusinessLogic implements IUserBusinessLogic { user.setLastLoginTime(updatedUserCred.getLastLoginTime()); } - Either<User, StorageOperationStatus> updateUserReq = userAdminOperation.updateUserData(user); - - if (updateUserReq.isRight()) { - responseFormat = componentsUtils.getResponseFormatByUser(eitherCreator.right().value(), user); - handleUserAccessAuditing(user, responseFormat); - return Either.right(componentsUtils.getResponseFormatByUser(eitherCreator.right().value(), user)); - } - - User updatedUser = updateUserReq.left().value(); - + User updatedUser = userAdminOperation.updateUserData(user); responseFormat = componentsUtils.getResponseFormat(ActionStatus.OK); handleUserAccessAuditing(updatedUser, responseFormat); return Either.left(updatedUser); } - private Either<List<Edge>, StorageOperationStatus> getPendingUserPendingTasksWithCommit(User user) { - - Either<List<Edge>, StorageOperationStatus> result = null; - - try { - UserRoleEnum userRole = UserRoleEnum.valueOf(user.getRole()); - Map<String, Object> properties = new HashMap<>(); - switch (userRole) { + private List<Object> getChangeRoleStateLimitations(User user) { + UserRoleEnum role = UserRoleEnum.valueOf(user.getRole()); + List<Object> properties = new ArrayList<>(); + switch (role) { case DESIGNER: case PRODUCT_STRATEGIST: case PRODUCT_MANAGER: - properties.put(GraphPropertiesDictionary.STATE.getProperty(), LifecycleStateEnum.NOT_CERTIFIED_CHECKOUT.name()); - return userAdminOperation.getUserPendingTasksList(user, properties); - case TESTER: - properties.put(GraphPropertiesDictionary.STATE.getProperty(), LifecycleStateEnum.CERTIFICATION_IN_PROGRESS.name()); - return userAdminOperation.getUserPendingTasksList(user, properties); case ADMIN: - properties.put(GraphPropertiesDictionary.STATE.getProperty(), LifecycleStateEnum.CERTIFICATION_IN_PROGRESS.name()); - properties.put(GraphPropertiesDictionary.STATE.getProperty(), LifecycleStateEnum.NOT_CERTIFIED_CHECKOUT.name()); - return userAdminOperation.getUserPendingTasksList(user, properties); + properties.add(LifecycleStateEnum.NOT_CERTIFIED_CHECKOUT.name()); + break; + case TESTER: + // For tester we allow change role even if there are pending task (per US468155 in 1810) default: - return Either.left(new ArrayList<>()); - } - } finally { - // commit will be perform outside!!! - if (result == null || result.isRight()) { - log.debug("getUserPendingTasksList failed to perform fetching"); - janusGraphDao.rollback(); - } else { - janusGraphDao.commit(); - } } + return properties; } - private String getUserPendingTaskStatusByRole(UserRoleEnum role) { - - switch (role) { - case DESIGNER: - case PRODUCT_STRATEGIST: - case PRODUCT_MANAGER: - return "checked-out"; - - case TESTER: - return "in-certification"; - case ADMIN: - return "in-certification/checked-out"; - default: - return ""; - } + public UserOperation getFacadeUserOperation() { + return facadeUserOperation; } + } |