diff options
| author |   Ittay Stern <ittay.stern@att.com> | 2020-01-28 05:55:11 +0000 |
|---|---|---|
| committer |   Gerrit Code Review <gerrit@onap.org> | 2020-01-28 05:55:11 +0000 |
| commit | 657353741044c8cda2bbca64e2fc235837428f25 (patch) | |
| tree | f479513d31f3d9ff209c4eeaf45531af5b925245 /vid-app-common/src/main/java/org/onap/vid/controller | |
| parent | ae5156453ebf0c8c81c5aa2f791bb527dbf344ad (diff) | |
| parent | e95a7b89aaac965e89d96eba59968a351cb77f40 (diff) | |
Merge "Introduce WithPermissionProperties as validation-points for RoleValidator"
Diffstat (limited to 'vid-app-common/src/main/java/org/onap/vid/controller')
| -rw-r--r-- | vid-app-common/src/main/java/org/onap/vid/controller/AaiController2.java | 3 | ||||
| -rw-r--r-- | vid-app-common/src/main/java/org/onap/vid/controller/AsyncInstantiationController.java | 9 |
2 files changed, 9 insertions, 3 deletions
diff --git a/vid-app-common/src/main/java/org/onap/vid/controller/AaiController2.java b/vid-app-common/src/main/java/org/onap/vid/controller/AaiController2.java index 6431282e7..dcbd9b9e4 100644 --- a/vid-app-common/src/main/java/org/onap/vid/controller/AaiController2.java +++ b/vid-app-common/src/main/java/org/onap/vid/controller/AaiController2.java @@ -33,6 +33,7 @@ import org.onap.vid.model.aaiTree.Network; import org.onap.vid.model.aaiTree.RelatedVnf; import org.onap.vid.model.aaiTree.VpnBinding; import org.onap.vid.properties.Features; +import org.onap.vid.roles.PermissionProperties; import org.onap.vid.roles.RoleProvider; import org.onap.vid.services.AaiService; import org.springframework.beans.factory.annotation.Autowired; @@ -94,7 +95,7 @@ public class AaiController2 extends VidRestrictedBaseController { final boolean isEditPermitted = roleProvider .getUserRolesValidator(request) - .isServicePermitted(subscriberId, serviceType); + .isServicePermitted(new PermissionProperties(subscriberId, serviceType)); return new Permissions(isEditPermitted); } diff --git a/vid-app-common/src/main/java/org/onap/vid/controller/AsyncInstantiationController.java b/vid-app-common/src/main/java/org/onap/vid/controller/AsyncInstantiationController.java index 6c8a37262..4b03ea4d9 100644 --- a/vid-app-common/src/main/java/org/onap/vid/controller/AsyncInstantiationController.java +++ b/vid-app-common/src/main/java/org/onap/vid/controller/AsyncInstantiationController.java @@ -33,7 +33,9 @@ import org.onap.vid.model.ServiceInfo; import org.onap.vid.model.serviceInstantiation.ServiceInstantiation; import org.onap.vid.mso.MsoResponseWrapper2; import org.onap.vid.properties.Features; +import org.onap.vid.roles.PermissionProperties; import org.onap.vid.roles.RoleProvider; +import org.onap.vid.roles.RoleValidator; import org.onap.vid.services.AsyncInstantiationBusinessLogic; import org.onap.vid.services.AuditService; import org.onap.vid.utils.SystemPropertiesWrapper; @@ -165,8 +167,11 @@ public class AsyncInstantiationController extends VidRestrictedBaseController { } private void throwExceptionIfAccessDenied(ServiceInstantiation request, HttpServletRequest httpServletRequest, String userId) { - if (featureManager.isActive(Features.FLAG_1906_INSTANTIATION_API_USER_VALIDATION) && !roleProvider.getUserRolesValidator(httpServletRequest).isServicePermitted(request.getGlobalSubscriberId(), request.getSubscriptionServiceType())) { - throw new AccessDeniedException(String.format("User %s is not allowed to make this request", userId)); + if (featureManager.isActive(Features.FLAG_1906_INSTANTIATION_API_USER_VALIDATION)) { + RoleValidator roleValidator = roleProvider.getUserRolesValidator(httpServletRequest); + if (!roleValidator.isServicePermitted(new PermissionProperties(request.getGlobalSubscriberId(), request.getSubscriptionServiceType()))) { + throw new AccessDeniedException(String.format("User %s is not allowed to make this request", userId)); + } } } } |