2 * ============LICENSE_START====================================================
4 * ===========================================================================
5 * Copyright (c) 2018 AT&T Intellectual Property. All rights reserved.
7 * Modifications Copyright (C) 2018 IBM.
8 * ===========================================================================
9 * Licensed under the Apache License, Version 2.0 (the "License");
10 * you may not use this file except in compliance with the License.
11 * You may obtain a copy of the License at
13 * http://www.apache.org/licenses/LICENSE-2.0
15 * Unless required by applicable law or agreed to in writing, software
16 * distributed under the License is distributed on an "AS IS" BASIS,
17 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
18 * See the License for the specific language governing permissions and
19 * limitations under the License.
20 * ============LICENSE_END====================================================
24 package org.onap.aaf.auth.cmd.perm;
26 import org.onap.aaf.auth.cmd.AAFcli;
27 import org.onap.aaf.auth.cmd.Cmd;
28 import org.onap.aaf.auth.cmd.Param;
29 import org.onap.aaf.auth.rserv.HttpMethods;
30 import org.onap.aaf.cadi.CadiException;
31 import org.onap.aaf.cadi.LocatorException;
32 import org.onap.aaf.cadi.client.Future;
33 import org.onap.aaf.cadi.client.Rcli;
34 import org.onap.aaf.cadi.client.Retryable;
35 import org.onap.aaf.misc.env.APIException;
38 import aaf.v2_0.RolePermRequest;
45 public class Grant extends Cmd {
46 private static final String[] options = {"grant","ungrant"};
48 public Grant(Perm parent) {
50 new Param(optionsToString(options),true),
51 new Param("type",true),
52 new Param("instance",true),
53 new Param("action",true),
54 new Param("role[,role]*",false)
59 public int _exec(final int index, final String ... args) throws CadiException, APIException, LocatorException {
60 return same(new Retryable<Integer>() {
62 public Integer code(Rcli<?> client) throws CadiException, APIException {
64 String action = args[idx++];
65 int option = whichOption(options, action);
67 RolePermRequest rpr = new RolePermRequest();
69 pk.setType(args[idx++]);
70 pk.setInstance(args[idx++]);
71 pk.setAction(args[idx++]);
75 Future<RolePermRequest> frpr = null;
77 String[] roles = args[idx].split(",");
80 for (String role : roles) {
83 // You can request to Grant Permission to a Role
84 setQueryParamsOn(client);
87 getDF(RolePermRequest.class),
90 strA = "Granted Permission [";
93 // You can request to UnGrant Permission to a Role
94 setQueryParamsOn(client);
96 "/authz/role/" + role + "/perm",
97 getDF(RolePermRequest.class),
100 strA = "UnGranted Permission [";
101 strB = "] from Role [";
103 if (frpr.get(AAFcli.timeout())) {
104 pw().println(strA + pk.getType() + '|' + pk.getInstance() + '|' + pk.getAction()
107 if (frpr.code()==202) {
108 pw().print("Permission Role ");
109 pw().print(option==0?"Granted":"Ungranted");
110 pw().println(" Accepted, but requires Approvals before actualizing");
116 return frpr==null?0:frpr.code();
122 public void detailedHelp(int indent, StringBuilder sb) {
123 detailLine(sb,indent,"Grant a Permission to a Role or Roles OR");
124 detailLine(sb,indent,"Ungrant a Permission from a Role or Roles");
125 detailLine(sb,indent,"see Create for definitions of type,instance and action");
126 api(sb,indent,HttpMethods.POST,"authz/role/perm",RolePermRequest.class,true);
127 api(sb,indent,HttpMethods.DELETE,"authz/role/<role>/perm",RolePermRequest.class,false);