2 * ============LICENSE_START====================================================
4 * ===========================================================================
5 * Copyright (c) 2018 AT&T Intellectual Property. All rights reserved.
7 * Modification Copyright (c) 2019 IBM
8 * ===========================================================================
9 * Licensed under the Apache License, Version 2.0 (the "License");
10 * you may not use this file except in compliance with the License.
11 * You may obtain a copy of the License at
13 * http://www.apache.org/licenses/LICENSE-2.0
15 * Unless required by applicable law or agreed to in writing, software
16 * distributed under the License is distributed on an "AS IS" BASIS,
17 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
18 * See the License for the specific language governing permissions and
19 * limitations under the License.
20 * ============LICENSE_END====================================================
24 package org.onap.aaf.auth.cmd.role;
26 import java.util.Collections;
27 import java.util.Comparator;
29 import javax.xml.datatype.XMLGregorianCalendar;
31 import org.onap.aaf.auth.cmd.AAFcli;
32 import org.onap.aaf.auth.cmd.BaseCmd;
33 import org.onap.aaf.cadi.CadiException;
34 import org.onap.aaf.cadi.client.Future;
35 import org.onap.aaf.cadi.client.Rcli;
36 import org.onap.aaf.cadi.client.Retryable;
37 import org.onap.aaf.misc.env.APIException;
38 import org.onap.aaf.misc.env.util.Chrono;
41 import aaf.v2_0.Perms;
43 import aaf.v2_0.Roles;
44 import aaf.v2_0.UserRole;
45 import aaf.v2_0.UserRoles;
49 public class List extends BaseCmd<Role> {
50 private static final String XXXX_XX_XX = "XXXX-XX-XX";
51 private static final String LIST_ROLES_BY_NAME = "list roles for role";
53 public List(Role parent) {
55 cmds.add(new ListByUser(this));
56 cmds.add(new ListByRole(this));
57 cmds.add(new ListByNS(this));
58 cmds.add(new ListByNameOnly(this));
59 cmds.add(new ListByPerm(this));
60 cmds.add(new ListActivity(this));
63 // Package Level on purpose
64 abstract class ListRoles extends Retryable<Integer> {
65 protected int list(Future<Roles> fr,Rcli<?> client, String header) throws APIException, CadiException {
66 if (fr.get(AAFcli.timeout())) {
68 if (aafcli.isDetailed()) {
69 for (aaf.v2_0.Role r : fr.value.getRole()) {
70 Future<Perms> fp = client.read(
71 "/authz/perms/role/"+r.getName()+(aafcli.isDetailed()?"?ns":""),
74 if (fp.get(AAFcli.timeout())) {
78 perms.getPerm().addAll(fp.value.getPerm());
83 report(fr.value,perms,null,header);
91 private static final String roleFormat = "%-56s Expires %s\n";
92 private static final String roleFormatNoDate = "%-61s\n";
93 private static final String roleExpiredFormat = "%-53s !!! EXPIRED !!! %s\n";
94 private static final String permFormat = " %-30s %-30s %-15s\n";
97 private static final Comparator<aaf.v2_0.Role> roleCompare = new Comparator<aaf.v2_0.Role>() {
99 public int compare(aaf.v2_0.Role a, aaf.v2_0.Role b) {
100 return a.getName().compareTo(b.getName());
103 public void report(Roles roles, Perms perms, UserRoles urs, String ... str) {
105 XMLGregorianCalendar now = Chrono.timeStamp().normalize();
106 if (roles==null || roles.getRole().isEmpty()) {
107 pw().println("<No Roles Found>");
108 } else if (aafcli.isDetailed()){
109 if (str[0].toLowerCase().contains(LIST_ROLES_BY_NAME)) {
110 String description = roles.getRole().get(0).getDescription();
111 if (description == null) {
114 reportColHead("%-80s\n","Description: " + description);
117 String fullFormat = roleFormat+permFormat;
118 reportColHead(fullFormat,"[ROLE NS].Name","","[PERM NS].Type","Instance","Action");
119 Collections.sort(roles.getRole(),roleCompare);
120 for (aaf.v2_0.Role r : roles.getRole()) {
121 String roleName = r.getName();
122 String ns = r.getNs();
123 if (aafcli.isTest()) {
125 pw().format(roleFormat, roleName,XXXX_XX_XX);
127 pw().format(roleFormat, "["+ns+"]"+roleName.substring(ns.length()),XXXX_XX_XX);
134 fullname = ns+'.'+roleName;
136 UserRole ur = get(fullname,urs);
137 if (ur!=null && now.compare(ur.getExpires().normalize())>0) {
139 pw().format(roleExpiredFormat, roleName,Chrono.dateOnlyStamp(ur.getExpires()));
141 pw().format(roleExpiredFormat, "["+ns+"]."+roleName,Chrono.dateOnlyStamp(ur.getExpires()));
145 pw().format(roleFormat, roleName,ur!=null?Chrono.dateOnlyStamp(ur.getExpires()):"");
147 pw().format(roleFormat, "["+ns+"]."+roleName,ur!=null?Chrono.dateOnlyStamp(ur.getExpires()):"");
152 for (Pkey pkey : r.getPerms()) {
153 Perm perm = get(pkey,perms);
154 if (perm==null || perm.getNs()==null) {
155 pw().format(permFormat,
160 String ns1 = perm.getNs();
161 pw().format(permFormat,
162 '['+ns1+"]"+perm.getType().substring(ns1.length()),
169 String fullFormat = roleFormat;
170 reportColHead(fullFormat,"ROLE Name","","PERM Type","Instance","Action");
171 Collections.sort(roles.getRole(),roleCompare);
172 for (aaf.v2_0.Role r : roles.getRole()) {
174 String roleName = r.getName();
175 if (!aafcli.isTest()) {
176 UserRole ur = get(roleName,urs);
177 if (ur!=null && now.compare(ur.getExpires().normalize())>0) {
178 pw().format(roleExpiredFormat, roleName+"*",Chrono.dateOnlyStamp(ur.getExpires()));
180 pw().format(roleFormat, roleName,ur!=null?Chrono.dateOnlyStamp(ur.getExpires()):"");
183 pw().format(roleFormat, roleName,XXXX_XX_XX);
186 pw().format(roleFormatNoDate, r.getName());
187 for (Pkey perm : r.getPerms()) {
188 pw().format(permFormat,
197 private Perm get(Pkey pkey, Perms perms) {
199 for (Perm p : perms.getPerm()) {
200 if (pkey.getAction().equals(p.getAction()) &&
201 pkey.getInstance().equals(p.getInstance()) &&
202 pkey.getType().equals(p.getType())) {
209 // The assumption is that these UserRoles are already pulled in by User... no need to check
210 private UserRole get(String roleName, UserRoles urs) {
212 for (UserRole ur : urs.getUserRole()) {
213 if (roleName.equals(ur.getRole())) {