2 * ============LICENSE_START====================================================
4 * ===========================================================================
5 * Copyright (c) 2018 AT&T Intellectual Property. All rights reserved.
6 * Modifications Copyright (C) 2019 IBM.
7 * ===========================================================================
8 * Licensed under the Apache License, Version 2.0 (the "License");
9 * you may not use this file except in compliance with the License.
10 * You may obtain a copy of the License at
12 * http://www.apache.org/licenses/LICENSE-2.0
14 * Unless required by applicable law or agreed to in writing, software
15 * distributed under the License is distributed on an "AS IS" BASIS,
16 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
17 * See the License for the specific language governing permissions and
18 * limitations under the License.
19 * ============LICENSE_END====================================================
23 package org.onap.aaf.auth.batch.helpers;
25 import java.io.IOException;
26 import java.io.PrintStream;
27 import java.util.ArrayList;
28 import java.util.Date;
29 import java.util.Iterator;
30 import java.util.List;
31 import java.util.SortedMap;
32 import java.util.TreeMap;
34 import org.onap.aaf.auth.dao.cass.UserRoleDAO;
35 import org.onap.aaf.auth.dao.cass.UserRoleDAO.Data;
36 import org.onap.aaf.auth.env.AuthzTrans;
37 import org.onap.aaf.cadi.CadiException;
38 import org.onap.aaf.cadi.util.CSV;
39 import org.onap.aaf.misc.env.Env;
40 import org.onap.aaf.misc.env.TimeTaken;
41 import org.onap.aaf.misc.env.Trans;
42 import org.onap.aaf.misc.env.util.Chrono;
44 import com.datastax.driver.core.ResultSet;
45 import com.datastax.driver.core.Row;
46 import com.datastax.driver.core.Session;
47 import com.datastax.driver.core.SimpleStatement;
48 import com.datastax.driver.core.Statement;
50 public class UserRole implements Cloneable, CacheChange.Data {
52 public static final String UR = "ur";
53 public static final String APPROVE_UR = "ur";
55 private static final String SEPARATOR = "\",\"";
58 private static final String LOG_FMT = "%s UserRole - %s: %s-%s (%s, %s) expiring %s";
59 private static final String REPLAY_FMT = "%s|%s|%s|%s|%s\n";
60 private static final String DELETE_FMT = "# %s\n" + REPLAY_FMT;
62 private static final List<UserRole> data = new ArrayList<>();
63 private static final SortedMap<String,List<UserRole>> byUser = new TreeMap<>();
64 private static final SortedMap<String,List<UserRole>> byRole = new TreeMap<>();
65 private static final CacheChange<UserRole> cache = new CacheChange<>();
66 private static PrintStream urDelete = System.out;
67 private static PrintStream urRecover = System.err;
68 private static int totalLoaded;
72 public static final Creator<UserRole> v2_0_11 = new Creator<UserRole>() {
74 public UserRole create(Row row) {
75 return new UserRole(row.getString(0), row.getString(1), row.getString(2),row.getString(3),row.getTimestamp(4));
79 public String select() {
80 return "select user,role,ns,rname,expires from authz.user_role";
84 public UserRole(String user, String ns, String rname, Date expires) {
85 urdd = new UserRoleDAO.Data();
87 urdd.role = ns + '.' + rname;
90 urdd.expires = expires;
93 public UserRole(String user, String role, String ns, String rname, Date expires) {
94 urdd = new UserRoleDAO.Data();
99 urdd.expires = expires;
102 public static List<UserRole> getData() {
106 public static SortedMap<String, List<UserRole>> getByUser() {
110 public static SortedMap<String, List<UserRole>> getByRole() {
114 public static void load(Trans trans, Session session, Creator<UserRole> creator) {
115 load(trans,session,creator,null,new DataLoadVisitor());
118 public static void load(Trans trans, Session session, Creator<UserRole> creator, Visitor<UserRole> visitor ) {
119 load(trans,session,creator,null,visitor);
122 public static void loadOneRole(Trans trans, Session session, Creator<UserRole> creator, String role, Visitor<UserRole> visitor) {
123 load(trans,session,creator,"role='" + role +"' ALLOW FILTERING;",visitor);
126 public static void loadOneUser(Trans trans, Session session, Creator<UserRole> creator, String user, Visitor<UserRole> visitor ) {
127 load(trans,session,creator,"user='" + user + '\'',visitor);
130 public static void load(Trans trans, CSV csv, Creator<UserRole> creator, Visitor<UserRole> visitor) throws IOException, CadiException {
131 // public UserRole(String user, String role, String ns, String rname, Date expires) {
133 visitor.visit(new UserRole(row.get(1),row.get(2),row.get(3),row.get(4),
134 new Date(Long.parseLong(row.get(6)))))
138 private static void load(Trans trans, Session session, Creator<UserRole> creator, String where, Visitor<UserRole> visitor) {
139 String query = creator.query(where);
140 trans.debug().log( "query: " + query );
141 TimeTaken tt = trans.start("Read UserRoles", Env.REMOTE);
145 Statement stmt = new SimpleStatement( query );
146 results = session.execute(stmt);
151 tt = trans.start("Load UserRole", Env.SUB);
153 iterateResults(creator, results.iterator(), visitor);
158 trans.debug().log("Loaded",totalLoaded,"UserRoles");
162 private static void iterateResults(Creator<UserRole> creator, Iterator<Row> iter, Visitor<UserRole> visit ) {
164 while (iter.hasNext()) {
167 UserRole ur = creator.create(row);
172 public static class DataLoadVisitor implements Visitor<UserRole> {
174 public void visit(UserRole ur) {
177 List<UserRole> lur = byUser.get(ur.urdd.user);
179 lur = new ArrayList<>();
180 byUser.put(ur.urdd.user, lur);
184 lur = byRole.get(ur.urdd.role);
186 lur = new ArrayList<>();
187 byRole.put(ur.urdd.role, lur);
193 public int totalLoaded() {
197 public int deleted() {
202 public void expunge() {
205 List<UserRole> lur = byUser.get(urdd.user);
210 lur = byRole.get(urdd.role);
216 public static void setDeleteStream(PrintStream ds) {
220 public static void setRecoverStream(PrintStream ds) {
224 public static long count(Trans trans, Session session) {
225 String query = "select count(*) from authz.user_role LIMIT 1000000;";
226 trans.info().log( "query: " + query );
227 TimeTaken tt = trans.start("Count Namespaces", Env.REMOTE);
230 Statement stmt = new SimpleStatement(query).setReadTimeoutMillis(12000);
231 results = session.execute(stmt);
232 return results.one().getLong(0);
238 public UserRoleDAO.Data urdd() {
242 public String user() {
246 public String role() {
254 public String rname() {
258 public Date expires() {
262 public void expires(Date time) {
266 public String toString() {
267 return "\"" + urdd.user + SEPARATOR + urdd.role + SEPARATOR + urdd.ns + SEPARATOR + urdd.rname + SEPARATOR
268 + Chrono.dateOnlyStamp(urdd.expires);
271 public static UserRole get(String u, String r) {
272 List<UserRole> lur = byUser.get(u);
274 for (UserRole ur : lur) {
276 if (ur.urdd.role.equals(r)) {
284 // SAFETY - DO NOT DELETE USER ROLES DIRECTLY FROM BATCH FILES!!!
285 // We write to a file, and validate. If the size is iffy, we email Support
286 public void delayDelete(AuthzTrans trans, String text, boolean dryRun) {
287 String dt = Chrono.dateTime(urdd.expires);
289 trans.info().printf(LOG_FMT,text,"Would Delete",urdd.user,urdd.role,urdd.ns,urdd.rname,dt);
291 trans.info().printf(LOG_FMT,text,"Staged Deletion",urdd.user,urdd.role,urdd.ns,urdd.rname,dt);
293 urDelete.printf(DELETE_FMT,text,urdd.user,urdd.role,dt,urdd.ns,urdd.rname);
294 urRecover.printf(REPLAY_FMT,urdd.user,urdd.role,dt,urdd.ns,urdd.rname);
296 cache.delayedDelete(this);
302 * Calls expunge() for all deleteCached entries
304 public static void resetLocalData() {
305 cache.resetLocalData();
308 public void row(final CSV.Writer csvw, String tag) {
309 csvw.row(tag,user(),role(),ns(),rname(),Chrono.dateOnlyStamp(expires()),expires().getTime());
312 public void row(final CSV.Writer csvw, String tag, String reason) {
313 csvw.row(tag,user(),role(),ns(),rname(),Chrono.dateOnlyStamp(expires()),expires().getTime(),reason);
316 public static Data row(List<String> row) {
317 Data data = new Data();
318 data.user = row.get(1);
319 data.role = row.get(2);
320 data.ns = row.get(3);
321 data.rname = row.get(4);
322 data.expires = new Date(Long.parseLong(row.get(6)));
326 public static void batchDelete(StringBuilder sb, List<String> row) {
327 sb.append("DELETE from authz.user_role WHERE user='");
328 sb.append(row.get(1));
329 sb.append("' AND role='");
330 sb.append(row.get(2));
334 public static void batchExtend(StringBuilder sb, List<String> row, Date newDate ) {
335 sb.append("UPDATE authz.user_role SET expires='");
336 sb.append(Chrono.dateTime(newDate));
337 sb.append("' WHERE user='");
338 sb.append(row.get(1));
339 sb.append("' AND role='");
340 sb.append(row.get(2));
344 public void batchExtend(StringBuilder sb, Date newDate) {
345 sb.append("UPDATE authz.user_role SET expires='");
346 sb.append(Chrono.dateTime(newDate));
347 sb.append("' WHERE user='");
349 sb.append("' AND role='");
354 public void batchUpdateExpires(StringBuilder sb) {
355 sb.append("UPDATE authz.user_role SET expires='");
356 sb.append(Chrono.dateTime(expires()));
357 sb.append("' WHERE user='");
359 sb.append("' AND role='");
364 public static String histMemo(String fmt, List<String> row) {
366 if(row.size()>7) { // Reason included
367 reason = String.format("%s removed from %s because %s",
368 row.get(1),row.get(2),row.get(7));
370 reason = String.format(fmt, row.get(1),row.get(2), row.get(5));
375 public static String histSubject(List<String> row) {
376 return row.get(1) + '|' + row.get(2);
379 public static void clear() {
383 cache.resetLocalData();