diff options
Diffstat (limited to 'asdc-controller/src/main')
7 files changed, 235 insertions, 32 deletions
diff --git a/asdc-controller/src/main/java/org/onap/so/asdc/SecurityFilters.java b/asdc-controller/src/main/java/org/onap/so/asdc/SecurityFilters.java new file mode 100644 index 0000000000..29c9d8f952 --- /dev/null +++ b/asdc-controller/src/main/java/org/onap/so/asdc/SecurityFilters.java @@ -0,0 +1,41 @@ +/*- + * ============LICENSE_START======================================================= + * ONAP - SO + * ================================================================================ + * Copyright (C) 2017 - 2019 AT&T Intellectual Property. All rights reserved. + * ================================================================================ + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * ============LICENSE_END========================================================= + */ + +package org.onap.so.asdc; + +import org.springframework.boot.web.servlet.FilterRegistrationBean; +import org.springframework.context.annotation.Bean; +import org.springframework.context.annotation.Configuration; +import org.springframework.context.annotation.Profile; +import org.springframework.core.Ordered; + +@Configuration +@Profile("!test & aaf") +public class SecurityFilters { + + @Bean + public FilterRegistrationBean<SoCadiFilter> loginRegistrationBean() { + FilterRegistrationBean<SoCadiFilter> filterRegistrationBean = new FilterRegistrationBean<>(); + filterRegistrationBean.setFilter(new SoCadiFilter()); + filterRegistrationBean.setName("cadiFilter"); + filterRegistrationBean.setOrder(Ordered.HIGHEST_PRECEDENCE); + return filterRegistrationBean; + } +} diff --git a/asdc-controller/src/main/java/org/onap/so/asdc/SoCadiFilter.java b/asdc-controller/src/main/java/org/onap/so/asdc/SoCadiFilter.java new file mode 100644 index 0000000000..52144e264e --- /dev/null +++ b/asdc-controller/src/main/java/org/onap/so/asdc/SoCadiFilter.java @@ -0,0 +1,117 @@ +/*- + * ============LICENSE_START======================================================= + * ONAP SO + * ================================================================================ + * Copyright (C) 2017-2018 AT&T Intellectual Property. All rights + * reserved. + * ================================================================================ + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * ============LICENSE_END============================================ + * =================================================================== + * + */ +package org.onap.so.asdc; + +import javax.servlet.FilterConfig; +import javax.servlet.ServletException; +import org.onap.aaf.cadi.config.Config; +import org.onap.aaf.cadi.filter.CadiFilter; +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; +import org.springframework.beans.factory.annotation.Value; +import org.springframework.context.annotation.Profile; +import org.springframework.stereotype.Component; + +@Component +@Profile("!test & aaf") +public class SoCadiFilter extends CadiFilter { + + protected final Logger logger = LoggerFactory.getLogger(SoCadiFilter.class); + + private static String AFT_ENVIRONMENT_VAR = "AFT_ENVIRONMENT"; + private static String AAF_API_VERSION = "aaf_api_version"; + + @Value("${mso.config.cadi.cadiLoglevel:#{null}}") + private String cadiLoglevel; + + @Value("${mso.config.cadi.cadiKeyFile:#{null}}") + private String cadiKeyFile; + + @Value("${mso.config.cadi.cadiTruststorePassword:#{null}}") + private String cadiTrustStorePassword; + + @Value("${mso.config.cadi.cadiTrustStore:#{null}}") + private String cadiTrustStore; + + @Value("${mso.config.cadi.cadiLatitude:#{null}}") + private String cadiLatitude; + + @Value("${mso.config.cadi.cadiLongitude:#{null}}") + private String cadiLongitude; + + @Value("${mso.config.cadi.aafEnv:#{null}}") + private String aafEnv; + + @Value("${mso.config.cadi.aafApiVersion:#{null}}") + private String aafApiVersion; + + @Value("${mso.config.cadi.aafRootNs:#{null}}") + private String aafRootNs; + + @Value("${mso.config.cadi.aafId:#{null}}") + private String aafMechId; + + @Value("${mso.config.cadi.aafPassword:#{null}}") + private String aafMechIdPassword; + + @Value("${mso.config.cadi.aafLocateUrl:#{null}}") + private String aafLocateUrl; + + @Value("${mso.config.cadi.aafUrl:#{null}}") + private String aafUrl; + + @Value("${mso.config.cadi.apiEnforcement:#{null}}") + private String apiEnforcement; + + private void checkIfNullProperty(String key, String value) { + /* + * When value is null, it is not defined in application.yaml set nothing in System properties + */ + if (value != null) { + System.setProperty(key, value); + } + } + + @Override + public void init(FilterConfig filterConfig) throws ServletException { + checkIfNullProperty(Config.CADI_LOGLEVEL, cadiLoglevel); + checkIfNullProperty(Config.CADI_KEYFILE, cadiKeyFile); + checkIfNullProperty(Config.CADI_TRUSTSTORE, cadiTrustStore); + checkIfNullProperty(Config.CADI_TRUSTSTORE_PASSWORD, cadiTrustStorePassword); + checkIfNullProperty(Config.CADI_LATITUDE, cadiLatitude); + checkIfNullProperty(Config.CADI_LONGITUDE, cadiLongitude); + checkIfNullProperty(Config.AAF_ENV, aafEnv); + checkIfNullProperty(Config.AAF_API_VERSION, aafApiVersion); + checkIfNullProperty(Config.AAF_ROOT_NS, aafRootNs); + checkIfNullProperty(Config.AAF_APPID, aafMechId); + checkIfNullProperty(Config.AAF_APPPASS, aafMechIdPassword); + checkIfNullProperty(Config.AAF_LOCATE_URL, aafLocateUrl); + checkIfNullProperty(Config.AAF_URL, aafUrl); + checkIfNullProperty(Config.CADI_API_ENFORCEMENT, apiEnforcement); + // checkIfNullProperty(AFT_ENVIRONMENT_VAR, aftEnv); + logger.debug(" *** init Filter Config *** "); + super.init(filterConfig); + } + + +} diff --git a/asdc-controller/src/main/java/org/onap/so/asdc/WebSecurityConfigImpl.java b/asdc-controller/src/main/java/org/onap/so/asdc/WebSecurityConfigImpl.java index b45b4f0749..8722d193fe 100644 --- a/asdc-controller/src/main/java/org/onap/so/asdc/WebSecurityConfigImpl.java +++ b/asdc-controller/src/main/java/org/onap/so/asdc/WebSecurityConfigImpl.java @@ -22,27 +22,57 @@ package org.onap.so.asdc; import org.onap.so.security.MSOSpringFirewall; import org.onap.so.security.WebSecurityConfig; +import org.springframework.context.annotation.Bean; +import org.springframework.context.annotation.Configuration; +import org.springframework.context.annotation.Profile; +import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder; import org.springframework.security.config.annotation.web.builders.HttpSecurity; import org.springframework.security.config.annotation.web.builders.WebSecurity; import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity; +import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter; import org.springframework.security.web.firewall.StrictHttpFirewall; import org.springframework.util.StringUtils; +@Configuration @EnableWebSecurity public class WebSecurityConfigImpl extends WebSecurityConfig { - @Override - protected void configure(HttpSecurity http) throws Exception { - http.csrf().disable().authorizeRequests().antMatchers("/manage/health", "/manage/info").permitAll() - .antMatchers("/**").hasAnyRole(StringUtils.collectionToDelimitedString(getRoles(), ",")).and() - .httpBasic(); + @Profile({"basic", "test"}) + @Bean + public WebSecurityConfigurerAdapter basicAuth() { + return new WebSecurityConfigurerAdapter() { + @Override + protected void configure(HttpSecurity http) throws Exception { + http.csrf().disable().authorizeRequests().antMatchers("/manage/health", "/manage/info").permitAll() + .antMatchers("/**").hasAnyRole(StringUtils.collectionToDelimitedString(getRoles(), ",")).and() + .httpBasic(); + } + + @Override + public void configure(WebSecurity web) throws Exception { + super.configure(web); + StrictHttpFirewall firewall = new MSOSpringFirewall(); + web.httpFirewall(firewall); + } + + @Override + protected void configure(AuthenticationManagerBuilder auth) throws Exception { + auth.userDetailsService(WebSecurityConfigImpl.this.userDetailsService()) + .passwordEncoder(WebSecurityConfigImpl.this.passwordEncoder()); + } + + }; } - @Override - public void configure(WebSecurity web) throws Exception { - super.configure(web); - StrictHttpFirewall firewall = new MSOSpringFirewall(); - web.httpFirewall(firewall); + @Profile("aaf") + @Bean + public WebSecurityConfigurerAdapter noAuth() { + return new WebSecurityConfigurerAdapter() { + @Override + protected void configure(HttpSecurity http) throws Exception { + http.authorizeRequests().anyRequest().permitAll(); + } + }; } } diff --git a/asdc-controller/src/main/java/org/onap/so/asdc/installer/ToscaResourceStructure.java b/asdc-controller/src/main/java/org/onap/so/asdc/installer/ToscaResourceStructure.java index 3f1b080ec1..dcb49478f4 100644 --- a/asdc-controller/src/main/java/org/onap/so/asdc/installer/ToscaResourceStructure.java +++ b/asdc-controller/src/main/java/org/onap/so/asdc/installer/ToscaResourceStructure.java @@ -25,7 +25,6 @@ package org.onap.so.asdc.installer; import java.io.File; import java.nio.file.Paths; import java.util.List; -import org.onap.so.logger.LoggingAnchor; import org.onap.sdc.api.notification.IArtifactInfo; import org.onap.sdc.tosca.parser.api.ISdcCsarHelper; import org.onap.sdc.tosca.parser.impl.SdcToscaParserFactory; @@ -52,10 +51,10 @@ import org.onap.so.db.catalog.beans.VfModule; import org.onap.so.db.catalog.beans.VfModuleCustomization; import org.onap.so.db.catalog.beans.VnfResourceCustomization; import org.onap.so.logger.ErrorCode; +import org.onap.so.logger.LoggingAnchor; import org.onap.so.logger.MessageEnum; import org.slf4j.Logger; import org.slf4j.LoggerFactory; -import org.springframework.beans.factory.annotation.Value; public class ToscaResourceStructure { diff --git a/asdc-controller/src/main/java/org/onap/so/asdc/installer/heat/ToscaResourceInstaller.java b/asdc-controller/src/main/java/org/onap/so/asdc/installer/heat/ToscaResourceInstaller.java index 8d51d5b894..240bb83862 100644 --- a/asdc-controller/src/main/java/org/onap/so/asdc/installer/heat/ToscaResourceInstaller.java +++ b/asdc-controller/src/main/java/org/onap/so/asdc/installer/heat/ToscaResourceInstaller.java @@ -182,6 +182,12 @@ public class ToscaResourceInstaller { protected static final String SKIP_POST_INST_CONF = "skip_post_instantiation_configuration"; + private static final String CONTROLLER_ACTOR = "controller_actor"; + + private static final String CDS_MODEL_NAME = "cds_model_name"; + + private static final String CDS_MODEL_VERSION = "cds_model_version"; + @Autowired protected ServiceRepository serviceRepo; @@ -577,7 +583,7 @@ public class ToscaResourceInstaller { String resourceSeqStr = resouceSequence.stream().collect(Collectors.joining(",")); service.setResourceOrder(resourceSeqStr); - logger.debug(" resourceSeq for service uuid(" + service.getModelUUID() + ") : " + resourceSeqStr); + logger.debug(" resourceSeq for service uuid {}: {}", service.getModelUUID(), resourceSeqStr); } @@ -638,8 +644,7 @@ public class ToscaResourceInstaller { String jsonStr = objectMapper.writeValueAsString(resouceRequest); jsonStr = jsonStr.replace("\"", "\\\""); - logger.debug( - "resource request for resource customization id (" + resourceCustomizationUuid + ") : " + jsonStr); + logger.debug("resource request for resource customization id {}: {}", resourceCustomizationUuid, jsonStr); return jsonStr; } catch (JsonProcessingException e) { logger.error("resource input could not be deserialized for resource customization id (" @@ -682,8 +687,8 @@ public class ToscaResourceInstaller { networkCustomization.setResourceInput( getResourceInput(toscaResourceStruct, networkCustomization.getModelCustomizationUUID())); service.getNetworkCustomizations().add(networkCustomization); - logger.debug("No NetworkResourceName found in TempNetworkHeatTemplateLookup for " - + networkResourceModelName); + logger.debug("No NetworkResourceName found in TempNetworkHeatTemplateLookup for {}", + networkResourceModelName); } } @@ -975,8 +980,8 @@ public class ToscaResourceInstaller { pnfResourceCustomization.setBlueprintName(getStringValue(properties.get(SDNC_MODEL_NAME))); pnfResourceCustomization.setBlueprintVersion(getStringValue(properties.get(SDNC_MODEL_VERSION))); pnfResourceCustomization.setSkipPostInstConf(getBooleanValue(properties.get(SKIP_POST_INST_CONF))); + pnfResourceCustomization.setControllerActor(getStringValue(properties.get(CONTROLLER_ACTOR))); pnfResourceCustomization.setPnfResources(pnfResource); - return pnfResourceCustomization; } @@ -1008,25 +1013,25 @@ public class ToscaResourceInstaller { String vfCustomizationCategory = vfEntityDetails.getMetadata().getValue(SdcPropertyNames.PROPERTY_NAME_CATEGORY); - logger.debug("VF Category is : " + vfCustomizationCategory); + logger.debug("VF Category is: {} ", vfCustomizationCategory); String vfCustomizationUUID = vfEntityDetails.getMetadata().getValue(SdcPropertyNames.PROPERTY_NAME_CUSTOMIZATIONUUID); - logger.debug("VFCustomizationUUID=" + vfCustomizationUUID); + logger.debug("VFCustomizationUUID= {}", vfCustomizationUUID); IResourceInstance vfNotificationResource = vfResourceStructure.getResourceInstance(); // Make sure the VF ResourceCustomizationUUID from the notification and tosca customizations match before // comparing their VF Modules UUID's - logger.debug("Checking if Notification VF ResourceCustomizationUUID: " - + vfNotificationResource.getResourceCustomizationUUID() + " matches Tosca VF Customization UUID: " - + vfCustomizationUUID); + logger.debug( + "Checking if Notification VF ResourceCustomizationUUID: {} matches Tosca VF Customization UUID: {}", + vfNotificationResource.getResourceCustomizationUUID(), vfCustomizationUUID); if (vfCustomizationUUID.equals(vfNotificationResource.getResourceCustomizationUUID())) { - logger.debug("vfCustomizationUUID: " + vfCustomizationUUID - + " matches vfNotificationResource CustomizationUUID"); + logger.debug("vfCustomizationUUID: {} matches vfNotificationResource CustomizationUUID ", + vfCustomizationUUID); VnfResourceCustomization vnfResource = createVnfResource(vfEntityDetails, toscaResourceStruct, service); @@ -1038,7 +1043,7 @@ public class ToscaResourceInstaller { for (VfModuleStructure vfModuleStructure : vfResourceStructure.getVfModuleStructure()) { - logger.debug("vfModuleStructure:" + vfModuleStructure.toString()); + logger.debug("vfModuleStructure: {}", vfModuleStructure); List<IEntityDetails> vfModuleEntityList = getEntityDetails(toscaResourceStruct, @@ -1087,7 +1092,7 @@ public class ToscaResourceInstaller { if (!CollectionUtils.isEmpty(seqResult)) { String resultStr = seqResult.stream().collect(Collectors.joining(",")); vnfResource.setVnfcInstanceGroupOrder(resultStr); - logger.debug("vnfcGroupOrder result for service uuid(" + service.getModelUUID() + ") : " + resultStr); + logger.debug("vnfcGroupOrder result for service uuid {}: {}", service.getModelUUID(), resultStr); } // add this vnfResource with existing vnfResource for this service addVnfCustomization(service, vnfResource); @@ -1197,7 +1202,7 @@ public class ToscaResourceInstaller { watchdogDistributionStatusRepository.saveAndFlush(distributionStatus); } catch (ObjectOptimisticLockingFailureException e) { - logger.debug("ObjectOptimisticLockingFailureException in processWatchdog : " + e.toString()); + logger.debug("ObjectOptimisticLockingFailureException in processWatchdog : {} ", e); throw e; } } @@ -1401,7 +1406,6 @@ public class ToscaResourceInstaller { ResourceStructure resourceStructure) { Metadata serviceMetadata = toscaResourceStructure.getServiceMetadata(); - List<Service> services = serviceRepo.findByModelUUID(serviceMetadata.getValue(SdcPropertyNames.PROPERTY_NAME_UUID)); Service service; @@ -1438,6 +1442,10 @@ public class ToscaResourceInstaller { generateNamingValue = "true".equalsIgnoreCase(generateNaming); } service.setOnapGeneratedNaming(generateNamingValue); + service.setBlueprintName(serviceMetadata.getValue(CDS_MODEL_NAME)); + service.setBlueprintVersion(serviceMetadata.getValue(CDS_MODEL_VERSION)); + service.setSkipPostInstConf(Boolean.valueOf(serviceMetadata.getValue(SKIP_POST_INST_CONF))); + service.setControllerActor(serviceMetadata.getValue(CONTROLLER_ACTOR)); } @@ -2028,8 +2036,8 @@ public class ToscaResourceInstaller { ObjectMapper objectMapper = new ObjectMapper(); jsonStr = objectMapper.writeValueAsString(resouceRequest); jsonStr = jsonStr.replace("\"", "\\\""); - logger.debug("vfcResource request for resource customization id (" + resourceCustomizationUuid + ") : " - + jsonStr); + logger.debug("vfcResource request for resource customization id {}: {}", resourceCustomizationUuid, + jsonStr); } catch (JsonProcessingException e) { logger.debug("Json Exception: {}", e.getMessage()); logger.error("Exception occurred", e); @@ -2382,6 +2390,14 @@ public class ToscaResourceInstaller { if (minInstances != null && minInstances.length() > 0) { vfModuleCustomization.setMinInstances(Integer.valueOf(minInstances)); } + + String skipPostInstConfText = getLeafPropertyValue(vfModuleEntityDetails, SKIP_POST_INST_CONF); + + if (skipPostInstConfText != null) { + vfModuleCustomization.setSkipPostInstConf( + Boolean.parseBoolean(getLeafPropertyValue(vfModuleEntityDetails, SKIP_POST_INST_CONF))); + } + return vfModuleCustomization; } @@ -2576,7 +2592,7 @@ public class ToscaResourceInstaller { Boolean.parseBoolean(getLeafPropertyValue(entityDetails, SKIP_POST_INST_CONF))); } - + vnfResourceCustomization.setControllerActor(getLeafPropertyValue(entityDetails, CONTROLLER_ACTOR)); vnfResourceCustomization.setVnfResources(vnfResource); vnfResourceCustomization.setAvailabilityZoneMaxCount(Integer.getInteger( entityDetails.getMetadata().getValue(SdcPropertyNames.PROPERTY_NAME_AVAILABILITYZONECOUNT))); diff --git a/asdc-controller/src/main/resources/application-aaf.yaml b/asdc-controller/src/main/resources/application-aaf.yaml new file mode 100644 index 0000000000..e69de29bb2 --- /dev/null +++ b/asdc-controller/src/main/resources/application-aaf.yaml diff --git a/asdc-controller/src/main/resources/application-basic.yaml b/asdc-controller/src/main/resources/application-basic.yaml new file mode 100644 index 0000000000..e69de29bb2 --- /dev/null +++ b/asdc-controller/src/main/resources/application-basic.yaml |