2 * ============LICENSE_START====================================================
4 * ===========================================================================
5 * Copyright (c) 2018 AT&T Intellectual Property. All rights reserved.
6 * ===========================================================================
7 * Licensed under the Apache License, Version 2.0 (the "License");
8 * you may not use this file except in compliance with the License.
9 * You may obtain a copy of the License at
11 * http://www.apache.org/licenses/LICENSE-2.0
13 * Unless required by applicable law or agreed to in writing, software
14 * distributed under the License is distributed on an "AS IS" BASIS,
15 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
16 * See the License for the specific language governing permissions and
17 * limitations under the License.
18 * ============LICENSE_END====================================================
22 package org.onap.aaf.auth.cmd.perm;
24 import org.onap.aaf.auth.cmd.AAFcli;
25 import org.onap.aaf.auth.cmd.Cmd;
26 import org.onap.aaf.auth.cmd.Param;
27 import org.onap.aaf.auth.rserv.HttpMethods;
28 import org.onap.aaf.cadi.CadiException;
29 import org.onap.aaf.cadi.LocatorException;
30 import org.onap.aaf.cadi.client.Future;
31 import org.onap.aaf.cadi.client.Rcli;
32 import org.onap.aaf.cadi.client.Retryable;
33 import org.onap.aaf.misc.env.APIException;
35 import aaf.v2_0.PermRequest;
36 import aaf.v2_0.RoleRequest;
43 public class Create extends Cmd {
44 public Create(Perm parent) {
45 super(parent,"create",
46 new Param("type",true),
47 new Param("instance",true),
48 new Param("action", true),
49 new Param("role[,role]* (to Grant to)", false)
54 public int _exec(final int index, final String ... args) throws CadiException, APIException, LocatorException {
55 return same(new Retryable<Integer>() {
57 public Integer code(Rcli<?> client) throws CadiException, APIException {
59 final PermRequest pr = new PermRequest();
60 pr.setType(args[idx++]);
61 pr.setInstance(args[idx++]);
62 pr.setAction(args[idx++]);
63 String roleCommas = (args.length>idx)?args[idx++]:null;
64 String[] roles = roleCommas==null?null:roleCommas.split("\\s*,\\s*");
65 boolean force = aafcli.forceString()!=null;
68 if(roles!=null && force) { // Make sure Roles are Created
69 RoleRequest rr = new RoleRequest();
70 for(String role : roles) {
72 Future<RoleRequest> fr = client.create(
74 getDF(RoleRequest.class),
77 fr.get(AAFcli.timeout());
80 pw().println("Created Role [" + role + ']');
85 pw().println("Role [" + role + "] does not exist, and cannot be created.");
86 return 206 /*HttpStatus.PARTIAL_CONTENT_206*/;
91 // Set Start/End commands
93 setQueryParamsOn(client);
94 Future<PermRequest> fp = client.create(
96 getDF(PermRequest.class),
99 if(fp.get(AAFcli.timeout())) {
101 pw().println("Created Permission");
103 if(aafcli.forceString()!=null) { // Make sure Roles are Created
104 RoleRequest rr = new RoleRequest();
105 for(String role : roles) {
107 Future<RoleRequest> fr = client.create(
109 getDF(RoleRequest.class),
112 fr.get(AAFcli.timeout());
123 if(201!=(rv=((Perm)parent)._exec(0,
124 new String[] {"grant",pr.getType(),pr.getInstance(),pr.getAction(),roleCommas}))) {
125 rv = 206 /*HttpStatus.PARTIAL_CONTENT_206*/;
127 } catch (LocatorException e) {
128 throw new CadiException(e);
133 if(rv==409 && force) {
136 pw().println("Permission Creation Accepted, but requires Approvals before actualizing");
138 pw().println("You need to grant the roles after approval.");
149 public void detailedHelp(int _indent, StringBuilder sb) {
150 int indent = _indent;
151 detailLine(sb,indent,"Create a Permission with:");
152 detailLine(sb,indent+=2,"type - A Namespace qualified identifier identifying the kind of");
153 detailLine(sb,indent+11,"resource to be protected");
154 detailLine(sb,indent,"instance - A name that distinguishes a particular instance of resource");
155 detailLine(sb,indent,"action - What kind of action is allowed");
156 detailLine(sb,indent,"role(s) - Perms granted to these Comma separated Role(s)");
157 detailLine(sb,indent+11,"Nonexistent role(s) will be created, if in same namespace");
159 detailLine(sb,indent+2,"Note: Instance and Action can be a an '*' (enter \\\\* on Unix Shell)");
160 api(sb,indent,HttpMethods.POST,"authz/perm",PermRequest.class,true);