2 * ============LICENSE_START====================================================
4 * ===========================================================================
5 * Copyright (c) 2018 AT&T Intellectual Property. All rights reserved.
6 * ===========================================================================
7 * Licensed under the Apache License, Version 2.0 (the "License");
8 * you may not use this file except in compliance with the License.
9 * You may obtain a copy of the License at
11 * http://www.apache.org/licenses/LICENSE-2.0
13 * Unless required by applicable law or agreed to in writing, software
14 * distributed under the License is distributed on an "AS IS" BASIS,
15 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
16 * See the License for the specific language governing permissions and
17 * limitations under the License.
18 * ============LICENSE_END====================================================
22 package org.onap.aaf.auth.cmd.role;
24 import java.util.Collections;
25 import java.util.Comparator;
27 import javax.xml.datatype.XMLGregorianCalendar;
29 import org.onap.aaf.auth.cmd.AAFcli;
30 import org.onap.aaf.auth.cmd.BaseCmd;
31 import org.onap.aaf.cadi.CadiException;
32 import org.onap.aaf.cadi.client.Future;
33 import org.onap.aaf.cadi.client.Rcli;
34 import org.onap.aaf.cadi.client.Retryable;
35 import org.onap.aaf.misc.env.APIException;
36 import org.onap.aaf.misc.env.util.Chrono;
39 import aaf.v2_0.Perms;
41 import aaf.v2_0.Roles;
42 import aaf.v2_0.UserRole;
43 import aaf.v2_0.UserRoles;
47 public class List extends BaseCmd<Role> {
48 private static final String XXXX_XX_XX = "XXXX-XX-XX";
49 private static final String LIST_ROLES_BY_NAME = "list roles for role";
51 public List(Role parent) {
53 cmds.add(new ListByUser(this));
54 cmds.add(new ListByRole(this));
55 cmds.add(new ListByNS(this));
56 cmds.add(new ListByNameOnly(this));
57 cmds.add(new ListByPerm(this));
58 cmds.add(new ListActivity(this));
61 // Package Level on purpose
62 abstract class ListRoles extends Retryable<Integer> {
63 protected int list(Future<Roles> fr,Rcli<?> client, String header) throws APIException, CadiException {
64 if (fr.get(AAFcli.timeout())) {
66 if (aafcli.isDetailed()) {
67 for (aaf.v2_0.Role r : fr.value.getRole()) {
68 Future<Perms> fp = client.read(
69 "/authz/perms/role/"+r.getName()+(aafcli.isDetailed()?"?ns":""),
72 if (fp.get(AAFcli.timeout())) {
76 perms.getPerm().addAll(fp.value.getPerm());
81 report(fr.value,perms,null,header);
89 private final static String roleFormat = "%-56s Expires %s\n";
90 private final static String roleFormatNoDate = "%-61s\n";
91 private final static String roleExpiredFormat = "%-53s !!! EXPIRED !!! %s\n";
92 private final static String permFormat = " %-30s %-30s %-15s\n";
95 private static final Comparator<aaf.v2_0.Role> roleCompare = new Comparator<aaf.v2_0.Role>() {
97 public int compare(aaf.v2_0.Role a, aaf.v2_0.Role b) {
98 return a.getName().compareTo(b.getName());
101 public void report(Roles roles, Perms perms, UserRoles urs, String ... str) {
103 XMLGregorianCalendar now = Chrono.timeStamp().normalize();
104 if (roles==null || roles.getRole().isEmpty()) {
105 pw().println("<No Roles Found>");
106 } else if (aafcli.isDetailed()){
107 if (str[0].toLowerCase().contains(LIST_ROLES_BY_NAME)) {
108 String description = roles.getRole().get(0).getDescription();
109 if (description == null) description = "";
110 reportColHead("%-80s\n","Description: " + description);
113 String fullFormat = roleFormat+permFormat;
114 reportColHead(fullFormat,"[ROLE NS].Name","","[PERM NS].Type","Instance","Action");
115 Collections.sort(roles.getRole(),roleCompare);
116 for (aaf.v2_0.Role r : roles.getRole()) {
117 String roleName = r.getName();
118 String ns = r.getNs();
119 if (aafcli.isTest()) {
121 pw().format(roleFormat, roleName,XXXX_XX_XX);
123 pw().format(roleFormat, "["+ns+"]"+roleName.substring(ns.length()),XXXX_XX_XX);
130 fullname = ns+'.'+roleName;
132 UserRole ur = get(fullname,urs);
133 if (ur!=null && now.compare(ur.getExpires().normalize())>0) {
135 pw().format(roleExpiredFormat, roleName,Chrono.dateOnlyStamp(ur.getExpires()));
137 pw().format(roleExpiredFormat, "["+ns+"]."+roleName,Chrono.dateOnlyStamp(ur.getExpires()));
141 pw().format(roleFormat, roleName,ur!=null?Chrono.dateOnlyStamp(ur.getExpires()):"");
143 pw().format(roleFormat, "["+ns+"]."+roleName,ur!=null?Chrono.dateOnlyStamp(ur.getExpires()):"");
148 for (Pkey pkey : r.getPerms()) {
149 Perm perm = get(pkey,perms);
150 if (perm==null || perm.getNs()==null) {
151 pw().format(permFormat,
156 String ns1 = perm.getNs();
157 pw().format(permFormat,
158 '['+ns1+"]"+perm.getType().substring(ns1.length()),
165 String fullFormat = roleFormat;
166 reportColHead(fullFormat,"ROLE Name","","PERM Type","Instance","Action");
167 Collections.sort(roles.getRole(),roleCompare);
168 for (aaf.v2_0.Role r : roles.getRole()) {
170 String roleName = r.getName();
171 if (!aafcli.isTest()) {
172 UserRole ur = get(roleName,urs);
173 if (ur!=null && now.compare(ur.getExpires().normalize())>0) {
174 pw().format(roleExpiredFormat, roleName+"*",Chrono.dateOnlyStamp(ur.getExpires()));
176 pw().format(roleFormat, roleName,ur!=null?Chrono.dateOnlyStamp(ur.getExpires()):"");
179 pw().format(roleFormat, roleName,XXXX_XX_XX);
182 pw().format(roleFormatNoDate, r.getName());
183 for (Pkey perm : r.getPerms()) {
184 pw().format(permFormat,
193 private Perm get(Pkey pkey, Perms perms) {
195 for (Perm p : perms.getPerm()) {
196 if (pkey.getAction().equals(p.getAction()) &&
197 pkey.getInstance().equals(p.getInstance()) &&
198 pkey.getType().equals(p.getType())) {
205 // The assumption is that these UserRoles are already pulled in by User... no need to check
206 private UserRole get(String roleName, UserRoles urs) {
208 for (UserRole ur : urs.getUserRole()) {
209 if (roleName.equals(ur.getRole())) {