From fa9080bc0e2be3198aebbe1da20af73ed91376ce Mon Sep 17 00:00:00 2001 From: "Sonsino, Ofir (os0695)" Date: Fri, 16 Nov 2018 15:01:29 +0200 Subject: Turn role management off by default (cherrypicked from casablanca) Change-Id: Id8611389b80c3a693c989ce3421f08435ad05d2f Issue-ID: VID-448 Signed-off-by: Wojciech Sliwka Signed-off-by: Ittay Stern --- .../java/org/onap/vid/roles/RoleValidator.java | 47 ++++++++++++++-------- 1 file changed, 30 insertions(+), 17 deletions(-) (limited to 'vid-app-common/src/main/java/org/onap') diff --git a/vid-app-common/src/main/java/org/onap/vid/roles/RoleValidator.java b/vid-app-common/src/main/java/org/onap/vid/roles/RoleValidator.java index 315e22dd7..4b92b6413 100644 --- a/vid-app-common/src/main/java/org/onap/vid/roles/RoleValidator.java +++ b/vid-app-common/src/main/java/org/onap/vid/roles/RoleValidator.java @@ -7,9 +7,9 @@ * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at - * + * * http://www.apache.org/licenses/LICENSE-2.0 - * + * * Unless required by applicable law or agreed to in writing, software * distributed under the License is distributed on an "AS IS" BASIS, * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. @@ -20,49 +20,60 @@ package org.onap.vid.roles; -import org.onap.vid.mso.rest.RequestDetails; - import java.util.List; import java.util.Map; +import org.onap.portalsdk.core.util.SystemProperties; +import org.onap.vid.mso.rest.RequestDetails; /** * Created by Oren on 7/12/17. */ public class RoleValidator { - private boolean disableRoles = true; - private List userRoles; + private boolean disableRoles; + private final List userRoles; public RoleValidator(List roles) { this.userRoles = roles; + disableRoles = SystemProperties.getProperty("role_management_activated").equals("false"); } public boolean isSubscriberPermitted(String subscriberName) { - if (this.disableRoles) return true; + if (this.disableRoles) { + return true; + } for (Role role : userRoles) { - if (role.getSubscribeName().equals(subscriberName)) + if (role.getSubscribeName().equals(subscriberName)) { return true; + } } return false; } public boolean isServicePermitted(String subscriberName, String serviceType) { - if (this.disableRoles) return true; + if (this.disableRoles) { + return true; + } for (Role role : userRoles) { - if (role.getSubscribeName().equals(subscriberName) && role.getServiceType().equals(serviceType)) + if (role.getSubscribeName().equals(subscriberName) && role.getServiceType().equals(serviceType)) { return true; + } } return false; } - public boolean isMsoRequestValid(RequestDetails mso_request) { - if (this.disableRoles) return true; + boolean isMsoRequestValid(RequestDetails msoRequest) { + if (this.disableRoles) { + return true; + } try { - String globalSubscriberIdRequested = (String) ((Map) ((Map) mso_request.getAdditionalProperties().get("requestDetails")).get("subscriberInfo")).get("globalSubscriberId"); - String serviceType = (String) ((Map) ((Map) mso_request.getAdditionalProperties().get("requestDetails")).get("requestParameters")).get("subscriptionServiceType"); + String globalSubscriberIdRequested = (String) ((Map) ((Map) msoRequest.getAdditionalProperties() + .get("requestDetails")).get("subscriberInfo")).get("globalSubscriberId"); + String serviceType = (String) ((Map) ((Map) msoRequest.getAdditionalProperties().get("requestDetails")) + .get("requestParameters")).get("subscriptionServiceType"); return isServicePermitted(globalSubscriberIdRequested, serviceType); } catch (Exception e) { //Until we'll get the exact information regarding the tenants and the global customer id, we'll return true on unknown requests to mso @@ -71,12 +82,14 @@ public class RoleValidator { } public boolean isTenantPermitted(String globalCustomerId, String serviceType, String tenantName) { - if (this.disableRoles) return true; + if (this.disableRoles) { + return true; + } for (Role role : userRoles) { if (role.getSubscribeName().equals(globalCustomerId) - && role.getServiceType().equals(serviceType) - && (role.getTenant() == null || role.getTenant().equalsIgnoreCase(tenantName))) { + && role.getServiceType().equals(serviceType) + && (role.getTenant() == null || role.getTenant().equalsIgnoreCase(tenantName))) { return true; } } -- cgit 1.2.3-korg