2 * ============LICENSE_START====================================================
4 * ===========================================================================
5 * Copyright (c) 2018 AT&T Intellectual Property. All rights reserved.
6 * ===========================================================================
7 * Licensed under the Apache License, Version 2.0 (the "License");
8 * you may not use this file except in compliance with the License.
9 * You may obtain a copy of the License at
11 * http://www.apache.org/licenses/LICENSE-2.0
13 * Unless required by applicable law or agreed to in writing, software
14 * distributed under the License is distributed on an "AS IS" BASIS,
15 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
16 * See the License for the specific language governing permissions and
17 * limitations under the License.
18 * ============LICENSE_END====================================================
22 package org.onap.aaf.auth.batch.reports;
25 import java.io.IOException;
26 import java.util.Date;
27 import java.util.HashMap;
29 import java.util.TreeMap;
31 import org.onap.aaf.auth.batch.Batch;
32 import org.onap.aaf.auth.batch.helpers.Cred;
33 import org.onap.aaf.auth.batch.helpers.Cred.Instance;
34 import org.onap.aaf.auth.batch.helpers.UserRole;
35 import org.onap.aaf.auth.batch.helpers.Visitor;
36 import org.onap.aaf.auth.env.AuthzTrans;
37 import org.onap.aaf.auth.org.Organization;
38 import org.onap.aaf.auth.org.Organization.Identity;
39 import org.onap.aaf.auth.org.OrganizationException;
40 import org.onap.aaf.cadi.util.CSV;
41 import org.onap.aaf.cadi.util.CSV.Writer;
42 import org.onap.aaf.misc.env.APIException;
43 import org.onap.aaf.misc.env.Env;
44 import org.onap.aaf.misc.env.TimeTaken;
45 import org.onap.aaf.misc.env.util.Chrono;
48 public class NotInOrg extends Batch {
50 private static final String NOT_IN_ORG = "NotInOrg";
51 private static final String CSV = ".csv";
52 private static final String INFO = "info";
53 private Map<String, CSV.Writer> writerList;
54 private Map<String, CSV.Writer> whichWriter;
57 private Writer notInOrgW;
58 private Writer notInOrgDeleteW;
60 public NotInOrg(AuthzTrans trans) throws APIException, IOException, OrganizationException {
62 trans.info().log("Starting Connection Process");
64 TimeTaken tt0 = trans.start("Cassandra Initialization", Env.SUB);
66 TimeTaken tt = trans.start("Connect to Cluster", Env.REMOTE);
68 session = cluster.connect();
73 // Load Cred. We don't follow Visitor, because we have to gather up everything into Identity Anyway
74 Cred.load(trans, session);
76 // Create Intermediate Output
77 writerList = new HashMap<>();
78 whichWriter = new TreeMap<>();
79 logDir = new File(logDir());
83 String sdate = Chrono.dateOnlyStamp(now);
84 File file = new File(logDir,NOT_IN_ORG + sdate +CSV);
85 CSV csv = new CSV(file);
86 notInOrgW = csv.writer(false);
87 notInOrgW.row(INFO,NOT_IN_ORG,Chrono.dateOnlyStamp(now),0);
88 writerList.put(NOT_IN_ORG,notInOrgW);
90 // These will have been double-checked by the Organization, and can be deleted immediately.
91 String fn = NOT_IN_ORG+"Delete";
92 file = new File(logDir,fn + sdate +CSV);
93 CSV csvDelete = new CSV(file);
94 notInOrgDeleteW = csvDelete.writer(false);
95 notInOrgDeleteW.row(INFO,fn,Chrono.dateOnlyStamp(now),0);
96 writerList.put(NOT_IN_ORG,notInOrgW);
104 protected void run(AuthzTrans trans) {
106 Map<String,Boolean> checked = new TreeMap<String, Boolean>();
107 trans.info().log("Process Organization Identities");
108 trans.info().log("User Roles");
110 final AuthzTrans transNoAvg = trans.env().newTransNoAvg();
111 UserRole.load(trans, session, UserRole.v2_0_11, new Visitor<UserRole>() {
113 public void visit(UserRole ur) {
115 if(!check(transNoAvg, checked, ur.user())) {
116 ur.row(whichWriter(transNoAvg,ur.user()));
118 } catch (OrganizationException e) {
119 trans.error().log(e, "Error Decrypting X509");
124 trans.info().log("Checking for Creds without IDs");
126 for (Cred cred : Cred.data.values()) {
127 if(!check(transNoAvg,checked, cred.id)) {
128 CSV.Writer cw = whichWriter(transNoAvg, cred.id);
129 for(Instance inst : cred.instances) {
136 * Do we delete now? Or work on Revocation semantics
138 trans.info().log("Checking for X509s without IDs");
139 X509.load(trans, session, new Visitor<X509>() {
141 public void visit(X509 x509) {
143 for(Certificate cert : Factory.toX509Certificate(x509.x509)) {
144 X509Certificate xc = (X509Certificate)cert;
146 if(!check(transNoAvg,checked, (X))) {
147 x509.row(notInOrgW,);
150 } catch (CertificateException | IOException e) {
151 trans.error().log(e, "Error Decrypting X509");
156 } catch (OrganizationException e) {
162 private Writer whichWriter(AuthzTrans transNoAvg, String id) {
163 Writer w = whichWriter.get(id);
165 w = org.mayAutoDelete(transNoAvg, id)?
168 whichWriter.put(id,w);
173 private boolean check(AuthzTrans trans, Map<String, Boolean> checked, String id) throws OrganizationException {
174 Boolean rv = checked.get(id);
176 if(isSpecial(id)) { // do not check against org... too important to delete.
179 Organization org = trans.org();
181 Identity identity = org.getIdentity(trans, id);
185 throw new OrganizationException("No Organization Found for " + id + ": required for processing");
193 protected void _close(AuthzTrans trans) {
195 for(CSV.Writer cw : writerList.values()) {