2 * ============LICENSE_START====================================================
4 * ===========================================================================
5 * Copyright (c) 2018 AT&T Intellectual Property. All rights reserved.
6 * ===========================================================================
7 * Licensed under the Apache License, Version 2.0 (the "License");
8 * you may not use this file except in compliance with the License.
9 * You may obtain a copy of the License at
11 * http://www.apache.org/licenses/LICENSE-2.0
13 * Unless required by applicable law or agreed to in writing, software
14 * distributed under the License is distributed on an "AS IS" BASIS,
15 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
16 * See the License for the specific language governing permissions and
17 * limitations under the License.
18 * ============LICENSE_END====================================================
22 package org.onap.aaf.auth.cmd.user;
24 import org.onap.aaf.auth.cmd.AAFcli;
25 import org.onap.aaf.auth.cmd.Cmd;
26 import org.onap.aaf.auth.cmd.Param;
27 import org.onap.aaf.auth.rserv.HttpMethods;
28 import org.onap.aaf.cadi.CadiException;
29 import org.onap.aaf.cadi.LocatorException;
30 import org.onap.aaf.cadi.client.Future;
31 import org.onap.aaf.cadi.client.Rcli;
32 import org.onap.aaf.cadi.client.Retryable;
33 import org.onap.aaf.misc.env.APIException;
35 import aaf.v2_0.UserRoleRequest;
43 public class Role extends Cmd {
44 private static final String[] options = {"add", "del", "setTo","extend"};
45 public Role(User parent) {
46 super(parent, "role", new Param(optionsToString(options), true), new Param("user", true), new Param(
47 "role[,role]* (!REQ S)", false));
51 public int _exec(final int index, final String ... args) throws CadiException, APIException, LocatorException {
52 return same(new Retryable<Integer>() {
54 public Integer code(Rcli<?> client) throws CadiException, APIException {
56 String key = args[idx++];
57 int option = whichOption(options, key);
58 final String user = fullID(args[idx++]);
60 UserRoleRequest urr = new UserRoleRequest();
62 // Set Start/End commands
68 if (args.length < 5) {
69 throw new CadiException(build(new StringBuilder("Too few args: "), null).toString());
71 String[] roles = args[idx++].split(",");
72 for (String role : roles) {
73 String verb = null,participle=null;
75 // You can request to be added or removed from role.
76 setQueryParamsOn(client);
79 fp = client.create("/authz/userRole", getDF(UserRoleRequest.class), urr);
81 participle = "] to User [" ;
84 fp = client.delete("/authz/userRole/" + urr.getUser() + '/' + urr.getRole(), Void.class);
86 participle = "] from User [" ;
89 fp = client.update("/authz/userRole/extend/" + urr.getUser() + '/' + urr.getRole());
91 participle = "] to User [" ;
94 throw new CadiException("Invalid action [" + key + ']');
96 if (fp.get(AAFcli.timeout())) {
98 pw().print(" Role [");
99 pw().print(urr.getRole());
100 pw().print(participle);
101 pw().print(urr.getUser());
106 pw().print("UserRole ");
107 pw().print(option == 0 ? "Creation" : option==1?"Deletion":"Extension");
108 pw().println(" Accepted, but requires Approvals before actualizing");
112 pw().println("Failed with code 404: UserRole is not found, or you do not have permission to view");
121 // option 2 is setTo command (an update call)
122 String allRoles = "";
123 if (idx < args.length)
124 allRoles = args[idx++];
126 urr.setRole(allRoles);
127 fp = client.update("/authz/userRole/user", getDF(UserRoleRequest.class), urr);
128 if (fp.get(AAFcli.timeout())) {
129 pw().println("Set User's Roles to [" + allRoles + "]");
134 return fp == null ? 0 : fp.code();
140 public void detailedHelp(int indent, StringBuilder sb) {
141 detailLine(sb, indent, "Add OR Delete a User to/from a Role OR");
142 detailLine(sb, indent, "Set a User's Roles to the roles supplied");
143 detailLine(sb, indent + 2, "user - ID of User");
144 detailLine(sb, indent + 2, "role(s) - Role or Roles to which to add the User");
146 detailLine(sb, indent + 2, "Note: this is the same as \"role user add...\" except allows");
147 detailLine(sb, indent + 2, "assignment of user to multiple roles");
148 detailLine(sb, indent + 2, "WARNING: Roles supplied with setTo will be the ONLY roles attached to this user");
149 detailLine(sb, indent + 2, "If no roles are supplied, user's roles are reset.");
150 api(sb, indent, HttpMethods.POST, "authz/userRole", UserRoleRequest.class, true);
151 api(sb, indent, HttpMethods.DELETE, "authz/userRole/<user>/<role>", Void.class, false);
152 api(sb, indent, HttpMethods.PUT, "authz/userRole/<user>", UserRoleRequest.class, false);