summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorSonsino, Ofir (os0695) <os0695@intl.att.com>2018-11-16 15:01:29 +0200
committerSonsino, Ofir (os0695) <os0695@intl.att.com>2018-11-17 12:51:54 +0200
commit9a86fc5f609066fb90587c7ccf4a2c340565d79c (patch)
treebc692161b16e4a877abd2d550cb288731889e5ab
parent0ce80fac351ec9450ae6905ef4ac5c550649e8f7 (diff)
Turn role management off by default
Change-Id: Ib8cf6d2a556c249f742ead7e628ae7039918c5c2 Issue-ID: VID-348 Signed-off-by: Sonsino, Ofir (os0695) <os0695@intl.att.com>
-rw-r--r--docs/administration.rst5
-rw-r--r--docs/configuration.rst3
-rwxr-xr-xepsdk-app-onap/src/main/webapp/WEB-INF/conf/system.properties2
-rwxr-xr-xepsdk-app-onap/src/main/webapp/WEB-INF/conf/system_template.properties2
-rw-r--r--vid-app-common/src/main/java/org/onap/vid/roles/RoleValidator.java10
-rw-r--r--vid-app-common/src/test/resources/WEB-INF/conf/system.properties2
6 files changed, 23 insertions, 1 deletions
diff --git a/docs/administration.rst b/docs/administration.rst
index 7227e702d..1eec480ce 100644
--- a/docs/administration.rst
+++ b/docs/administration.rst
@@ -23,4 +23,7 @@ Actions
| ``curl -X POST 'http://vid.api.simpledemo.onap.org:8080/vid/change-management/vnf_workflow_relation' -H 'Accept-Encoding: gzip, deflate' -H 'Content-Type:application/json' -d '{"workflowsDetails":[{"workflowName":"VNF In Place Software Update","vnfDetails":{"UUID":"X-X-X-X","invariantUUID":"Y-Y-Y-Y"}}, {"workflowName":"VNF Scale Out","vnfDetails":{"UUID":"X-X-X-X","invariantUUID":"Y-Y-Y-Y"}}]}'``
- | **VoLTE E2E services deployment support**
- | VID supports VoLTE E2E services deployment. In order to trigger the E2E flow, the service category in the model (as SDC generates it) has to be set to "E2E Service". \ No newline at end of file
+ | VID supports VoLTE E2E services deployment. In order to trigger the E2E flow, the service category in the model (as SDC generates it) has to be set to "E2E Service".
+
+- | **Role management support**
+ | VID supports role management for its users with AAF integration. This feature is turned off by default. In order to activate it, update "role_management_activated" value in system.properties to "true". \ No newline at end of file
diff --git a/docs/configuration.rst b/docs/configuration.rst
index 6357d5aac..ab757387c 100644
--- a/docs/configuration.rst
+++ b/docs/configuration.rst
@@ -18,6 +18,9 @@ system.properties file
``db.password``
The password for the VID database
+``role_management_activated``
+ Role management activation flag, "false" by defauly. Change to "true" in order to activate this feature.
+
``aai.server.url.base``
Base URL for the A&AI server
diff --git a/epsdk-app-onap/src/main/webapp/WEB-INF/conf/system.properties b/epsdk-app-onap/src/main/webapp/WEB-INF/conf/system.properties
index 049ebf0dd..6dd885a43 100755
--- a/epsdk-app-onap/src/main/webapp/WEB-INF/conf/system.properties
+++ b/epsdk-app-onap/src/main/webapp/WEB-INF/conf/system.properties
@@ -106,6 +106,8 @@ decryption_key = AGLDdG4D04BKm2IxIWEr8o==
element_map_file_path = app/fusionapp/files/
element_map_icon_path = app/fusionapp/icons/
+role_management_activated = false
+
#aai related properties
#aai.server.url.base=https://aai.api.openecomp.org:8443/aai/
#aai.server.url=https://aai.api.openecomp.org:8443/aai/v8/
diff --git a/epsdk-app-onap/src/main/webapp/WEB-INF/conf/system_template.properties b/epsdk-app-onap/src/main/webapp/WEB-INF/conf/system_template.properties
index 06a2e6b53..177a35770 100755
--- a/epsdk-app-onap/src/main/webapp/WEB-INF/conf/system_template.properties
+++ b/epsdk-app-onap/src/main/webapp/WEB-INF/conf/system_template.properties
@@ -63,6 +63,8 @@ decryption_key = ${VID_DECRYPTION_KEY}
element_map_file_path = /tmp
element_map_icon_path = app/vid/icons/
+role_management_activated = false
+
#aai related properties
aai.server.url.base=https://${VID_AAI_HOST}:${VID_AAI_PORT}/aai/
aai.server.url=https://${VID_AAI_HOST}:${VID_AAI_PORT}/aai/v13/
diff --git a/vid-app-common/src/main/java/org/onap/vid/roles/RoleValidator.java b/vid-app-common/src/main/java/org/onap/vid/roles/RoleValidator.java
index f4f17facb..7ac5708ee 100644
--- a/vid-app-common/src/main/java/org/onap/vid/roles/RoleValidator.java
+++ b/vid-app-common/src/main/java/org/onap/vid/roles/RoleValidator.java
@@ -1,5 +1,6 @@
package org.onap.vid.roles;
+import org.onap.portalsdk.core.util.SystemProperties;
import org.onap.vid.mso.rest.RequestDetails;
import java.util.List;
@@ -10,6 +11,7 @@ import java.util.Map;
*/
public class RoleValidator {
+ private boolean disableRoles = SystemProperties.getProperty("role_management_activated") == "false";
private List<Role> userRoles;
public RoleValidator(List<Role> roles) {
@@ -17,6 +19,8 @@ public class RoleValidator {
}
public boolean isSubscriberPermitted(String subscriberName) {
+ if(this.disableRoles) return true;
+
for (Role role : userRoles) {
if (role.getSubscribeName().equals(subscriberName))
return true;
@@ -25,6 +29,8 @@ public class RoleValidator {
}
public boolean isServicePermitted(String subscriberName, String serviceType) {
+ if(this.disableRoles) return true;
+
for (Role role : userRoles) {
if (role.getSubscribeName().equals(subscriberName) && role.getServiceType().equals(serviceType))
return true;
@@ -33,6 +39,8 @@ public class RoleValidator {
}
public boolean isMsoRequestValid(RequestDetails mso_request) {
+ if(this.disableRoles) return true;
+
try {
String globalSubscriberIdRequested = (String) ((Map) ((Map) mso_request.getAdditionalProperties().get("requestDetails")).get("subscriberInfo")).get("globalSubscriberId");
String serviceType = (String) ((Map) ((Map) mso_request.getAdditionalProperties().get("requestDetails")).get("requestParameters")).get("subscriptionServiceType");
@@ -45,6 +53,8 @@ public class RoleValidator {
}
public boolean isTenantPermitted(String globalCustomerId, String serviceType, String tenantName) {
+ if(this.disableRoles) return true;
+
for (Role role : userRoles) {
if (role.getSubscribeName().equals(globalCustomerId)
&& role.getServiceType().equals(serviceType)
diff --git a/vid-app-common/src/test/resources/WEB-INF/conf/system.properties b/vid-app-common/src/test/resources/WEB-INF/conf/system.properties
index 6a8a1a37a..f9d510a78 100644
--- a/vid-app-common/src/test/resources/WEB-INF/conf/system.properties
+++ b/vid-app-common/src/test/resources/WEB-INF/conf/system.properties
@@ -71,6 +71,8 @@ application_name = Virtual Infrastructure Deployment
element_map_file_path = app/fusionapp/files/
element_map_icon_path = app/fusionapp/icons/
+role_management_activated = false
+
#aai related properties
#dev server
#ist servers