Introduce WithPermissionProperties as validation-points for RoleValidator

Issue-ID: VID-758 Change-Id: Id8f1f6faeb10a92cf20ca9a17879bc7e745526b0 Signed-off-by: Einat Vinouze <einat.vinouze@intl.att.com> Signed-off-by: Ittay Stern <ittay.stern@att.com>
author: Einat Vinouze <einat.vinouze@intl.att.com> 2020-01-27 15:49:13 +0200
committer: Ittay Stern <ittay.stern@att.com> 2020-01-28 07:27:01 +0200
commit: e95a7b89aaac965e89d96eba59968a351cb77f40 (patch)
tree: 85206d342637697a3611195bf6135d123c0a3cee /vid-app-common/src/main/java/org/onap/vid/controller/AsyncInstantiationController.java
parent: 79a8f61035752620b50a0fb42d98361f21962cd9 (diff)
1 files changed, 7 insertions, 2 deletions
diff --git a/vid-app-common/src/main/java/org/onap/vid/controller/AsyncInstantiationController.java b/vid-app-common/src/main/java/org/onap/vid/controller/AsyncInstantiationController.java
index 6c8a37262..4b03ea4d9 100644
--- a/vid-app-common/src/main/java/org/onap/vid/controller/AsyncInstantiationController.java
+++ b/vid-app-common/src/main/java/org/onap/vid/controller/AsyncInstantiationController.java
@@ -33,7 +33,9 @@ import org.onap.vid.model.ServiceInfo;
 import org.onap.vid.model.serviceInstantiation.ServiceInstantiation;
 import org.onap.vid.mso.MsoResponseWrapper2;
 import org.onap.vid.properties.Features;
+import org.onap.vid.roles.PermissionProperties;
 import org.onap.vid.roles.RoleProvider;
+import org.onap.vid.roles.RoleValidator;
 import org.onap.vid.services.AsyncInstantiationBusinessLogic;
 import org.onap.vid.services.AuditService;
 import org.onap.vid.utils.SystemPropertiesWrapper;
@@ -165,8 +167,11 @@ public class AsyncInstantiationController extends VidRestrictedBaseController {
     }
 
     private void throwExceptionIfAccessDenied(ServiceInstantiation request, HttpServletRequest httpServletRequest, String userId) {
-        if (featureManager.isActive(Features.FLAG_1906_INSTANTIATION_API_USER_VALIDATION) && !roleProvider.getUserRolesValidator(httpServletRequest).isServicePermitted(request.getGlobalSubscriberId(), request.getSubscriptionServiceType())) {
-            throw new AccessDeniedException(String.format("User %s is not allowed to make this request", userId));
+        if (featureManager.isActive(Features.FLAG_1906_INSTANTIATION_API_USER_VALIDATION)) {
+            RoleValidator roleValidator = roleProvider.getUserRolesValidator(httpServletRequest);
+            if (!roleValidator.isServicePermitted(new PermissionProperties(request.getGlobalSubscriberId(), request.getSubscriptionServiceType()))) {
+                throw new AccessDeniedException(String.format("User %s is not allowed to make this request", userId));
+            }
         }
     }
 }
author	Einat Vinouze <einat.vinouze@intl.att.com>	2020-01-27 15:49:13 +0200
committer	Ittay Stern <ittay.stern@att.com>	2020-01-28 07:27:01 +0200
commit	e95a7b89aaac965e89d96eba59968a351cb77f40 (patch)
tree	85206d342637697a3611195bf6135d123c0a3cee /vid-app-common/src/main/java/org/onap/vid/controller/AsyncInstantiationController.java
parent	79a8f61035752620b50a0fb42d98361f21962cd9 (diff)