2 * ============LICENSE_START====================================================
4 * ===========================================================================
5 * Copyright (c) 2018 AT&T Intellectual Property. All rights reserved.
6 * ===========================================================================
7 * Licensed under the Apache License, Version 2.0 (the "License");
8 * you may not use this file except in compliance with the License.
9 * You may obtain a copy of the License at
11 * http://www.apache.org/licenses/LICENSE-2.0
13 * Unless required by applicable law or agreed to in writing, software
14 * distributed under the License is distributed on an "AS IS" BASIS,
15 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
16 * See the License for the specific language governing permissions and
17 * limitations under the License.
18 * ============LICENSE_END====================================================
22 package org.onap.aaf.auth.dao.hl;
24 import java.util.ArrayList;
25 import java.util.Date;
26 import java.util.HashMap;
27 import java.util.List;
30 import java.util.TreeSet;
32 import org.onap.aaf.auth.dao.cass.PermDAO;
33 import org.onap.aaf.auth.dao.cass.RoleDAO;
34 import org.onap.aaf.auth.dao.cass.Status;
35 import org.onap.aaf.auth.dao.cass.UserRoleDAO;
36 import org.onap.aaf.auth.env.AuthzTrans;
37 import org.onap.aaf.auth.layer.Result;
40 * PermLookup is a Storage class for the various pieces of looking up Permission
41 * during Transactions to avoid duplicate processing
48 private AuthzTrans trans;
51 private Result<List<UserRoleDAO.Data>> userRoles = null;
52 private Result<List<RoleDAO.Data>> roles = null;
53 private Result<Set<String>> permNames = null;
54 private Result<List<PermDAO.Data>> perms = null;
56 private PermLookup() {}
58 static PermLookup get(AuthzTrans trans, Question q, String user) {
60 Map<String, PermLookup> permMap = trans.get(Question.PERMS, null);
61 if (permMap == null) {
62 trans.put(Question.PERMS, permMap = new HashMap<>());
64 lp = permMap.get(user);
68 lp = new PermLookup();
72 permMap.put(user, lp);
77 public Result<List<UserRoleDAO.Data>> getUserRoles() {
78 if (userRoles==null) {
79 userRoles = q.userRoleDAO.readByUser(trans,user);
80 if (userRoles.isOKhasData()) {
81 List<UserRoleDAO.Data> lurdd = new ArrayList<>();
82 Date now = new Date();
83 for (UserRoleDAO.Data urdd : userRoles.value) {
84 if (urdd.expires.after(now)) { // Remove Expired
88 if (lurdd.size()==0) {
89 return userRoles = Result.err(Status.ERR_UserNotFound,
90 "%s not found or not associated with any Roles: ",
93 return userRoles = Result.ok(lurdd);
103 public Result<List<RoleDAO.Data>> getRoles() {
105 Result<List<UserRoleDAO.Data>> rur = getUserRoles();
107 List<RoleDAO.Data> lrdd = new ArrayList<>();
108 for (UserRoleDAO.Data urdata : rur.value) {
109 // Gather all permissions from all Roles
110 if (urdata.ns==null || urdata.rname==null) {
111 return Result.err(Status.ERR_BadData,"DB Content Error: nulls in User Role %s %s", urdata.user,urdata.role);
113 Result<List<RoleDAO.Data>> rlrd = q.roleDAO.read(
114 trans, urdata.ns, urdata.rname);
116 lrdd.addAll(rlrd.value);
120 return roles = Result.ok(lrdd);
122 return roles = Result.err(rur);
129 public Result<Set<String>> getPermNames() {
130 if (permNames==null) {
131 Result<List<RoleDAO.Data>> rlrd = getRoles();
133 Set<String> pns = new TreeSet<>();
134 for (RoleDAO.Data rdata : rlrd.value) {
135 pns.addAll(rdata.perms(false));
137 return permNames = Result.ok(pns);
139 return permNames = Result.err(rlrd);
146 public Result<List<PermDAO.Data>> getPerms(boolean lookup) {
148 // Note: It should be ok for a Valid user to have no permissions -
149 // Jonathan 8/12/2013
150 Result<Set<String>> rss = getPermNames();
152 List<PermDAO.Data> lpdd = new ArrayList<>();
153 for (String perm : rss.value) {
155 Result<String[]> ap = PermDAO.Data.decodeToArray(trans, q, perm);
158 Result<List<PermDAO.Data>> rlpd = q.permDAO.read(perm,trans,ap.value);
159 if (rlpd.isOKhasData()) {
160 for (PermDAO.Data pData : rlpd.value) {
165 trans.error().log("In getPermsByUser, for", user, perm);
168 Result<PermDAO.Data> pr = PermDAO.Data.decode(trans, q, perm);
170 trans.error().log("In getPermsByUser, for", user, pr.errorString());
177 return perms = Result.ok(lpdd);
179 return perms = Result.err(rss);