diff options
author | Einat Vinouze <einat.vinouze@intl.att.com> | 2020-01-28 17:29:10 +0200 |
---|---|---|
committer | Ittay Stern <ittay.stern@att.com> | 2020-01-29 21:31:17 +0200 |
commit | f4993218ce5204a3e8b4527e40f71d5fdc5d1de9 (patch) | |
tree | 89b81955e9349ec2bf51badc57049e59d2d979f3 /vid-app-common/src/main/java/org/onap/vid/controller | |
parent | c0cbcef18427ec1d0edfb872385f128352487464 (diff) |
RoleValidatorByOwningEntity permits by PermissionPropertiesOwningEntity
PermissionPropertiesOwningEntity is sharing a parent interface
with PermissionPropertiesServiceType: WithPermissionProperties.
Issue-ID: VID-758
Change-Id: I90c04cb8d4331d68329f3a12329244f09c6bc184
Signed-off-by: Einat Vinouze <einat.vinouze@intl.att.com>
Signed-off-by: Ittay Stern <ittay.stern@att.com>
Diffstat (limited to 'vid-app-common/src/main/java/org/onap/vid/controller')
-rw-r--r-- | vid-app-common/src/main/java/org/onap/vid/controller/AaiController2.java | 4 | ||||
-rw-r--r-- | vid-app-common/src/main/java/org/onap/vid/controller/AsyncInstantiationController.java | 8 |
2 files changed, 8 insertions, 4 deletions
diff --git a/vid-app-common/src/main/java/org/onap/vid/controller/AaiController2.java b/vid-app-common/src/main/java/org/onap/vid/controller/AaiController2.java index dcbd9b9e4..2d7a9253e 100644 --- a/vid-app-common/src/main/java/org/onap/vid/controller/AaiController2.java +++ b/vid-app-common/src/main/java/org/onap/vid/controller/AaiController2.java @@ -33,7 +33,7 @@ import org.onap.vid.model.aaiTree.Network; import org.onap.vid.model.aaiTree.RelatedVnf; import org.onap.vid.model.aaiTree.VpnBinding; import org.onap.vid.properties.Features; -import org.onap.vid.roles.PermissionProperties; +import org.onap.vid.roles.PermissionPropertiesSubscriberAndServiceType; import org.onap.vid.roles.RoleProvider; import org.onap.vid.services.AaiService; import org.springframework.beans.factory.annotation.Autowired; @@ -95,7 +95,7 @@ public class AaiController2 extends VidRestrictedBaseController { final boolean isEditPermitted = roleProvider .getUserRolesValidator(request) - .isServicePermitted(new PermissionProperties(subscriberId, serviceType)); + .isServicePermitted(new PermissionPropertiesSubscriberAndServiceType(subscriberId, serviceType)); return new Permissions(isEditPermitted); } diff --git a/vid-app-common/src/main/java/org/onap/vid/controller/AsyncInstantiationController.java b/vid-app-common/src/main/java/org/onap/vid/controller/AsyncInstantiationController.java index 4b03ea4d9..ce8bbb50c 100644 --- a/vid-app-common/src/main/java/org/onap/vid/controller/AsyncInstantiationController.java +++ b/vid-app-common/src/main/java/org/onap/vid/controller/AsyncInstantiationController.java @@ -33,7 +33,7 @@ import org.onap.vid.model.ServiceInfo; import org.onap.vid.model.serviceInstantiation.ServiceInstantiation; import org.onap.vid.mso.MsoResponseWrapper2; import org.onap.vid.properties.Features; -import org.onap.vid.roles.PermissionProperties; +import org.onap.vid.roles.AllPermissionProperties; import org.onap.vid.roles.RoleProvider; import org.onap.vid.roles.RoleValidator; import org.onap.vid.services.AsyncInstantiationBusinessLogic; @@ -169,7 +169,11 @@ public class AsyncInstantiationController extends VidRestrictedBaseController { private void throwExceptionIfAccessDenied(ServiceInstantiation request, HttpServletRequest httpServletRequest, String userId) { if (featureManager.isActive(Features.FLAG_1906_INSTANTIATION_API_USER_VALIDATION)) { RoleValidator roleValidator = roleProvider.getUserRolesValidator(httpServletRequest); - if (!roleValidator.isServicePermitted(new PermissionProperties(request.getGlobalSubscriberId(), request.getSubscriptionServiceType()))) { + if (!roleValidator.isServicePermitted(new AllPermissionProperties( + request.getGlobalSubscriberId(), + request.getSubscriptionServiceType(), + request.getOwningEntityId())) + ) { throw new AccessDeniedException(String.format("User %s is not allowed to make this request", userId)); } } |