2 * ============LICENSE_START====================================================
4 * ===========================================================================
5 * Copyright (c) 2018 AT&T Intellectual Property. All rights reserved.
6 * ===========================================================================
7 * Licensed under the Apache License, Version 2.0 (the "License");
8 * you may not use this file except in compliance with the License.
9 * You may obtain a copy of the License at
11 * http://www.apache.org/licenses/LICENSE-2.0
13 * Unless required by applicable law or agreed to in writing, software
14 * distributed under the License is distributed on an "AS IS" BASIS,
15 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
16 * See the License for the specific language governing permissions and
17 * limitations under the License.
18 * ============LICENSE_END====================================================
22 package org.onap.aaf.auth.gui.pages;
24 import java.io.IOException;
25 import java.net.ConnectException;
26 import java.util.ArrayList;
27 import java.util.List;
29 import org.onap.aaf.auth.env.AuthzEnv;
30 import org.onap.aaf.auth.env.AuthzTrans;
31 import org.onap.aaf.auth.gui.AAF_GUI;
32 import org.onap.aaf.auth.gui.BreadCrumbs;
33 import org.onap.aaf.auth.gui.Page;
34 import org.onap.aaf.auth.gui.Table;
35 import org.onap.aaf.auth.gui.Table.Cells;
36 import org.onap.aaf.auth.gui.table.AbsCell;
37 import org.onap.aaf.auth.gui.table.CheckBoxCell;
38 import org.onap.aaf.auth.gui.table.CheckBoxCell.ALIGN;
39 import org.onap.aaf.auth.gui.table.RefCell;
40 import org.onap.aaf.auth.gui.table.TableData;
41 import org.onap.aaf.auth.gui.table.TextCell;
42 import org.onap.aaf.auth.gui.table.TextInputCell;
43 import org.onap.aaf.auth.validation.Validator;
44 import org.onap.aaf.cadi.CadiException;
45 import org.onap.aaf.cadi.aaf.AAFPermission;
46 import org.onap.aaf.cadi.client.Future;
47 import org.onap.aaf.cadi.client.Rcli;
48 import org.onap.aaf.cadi.client.Retryable;
49 import org.onap.aaf.misc.env.APIException;
50 import org.onap.aaf.misc.env.Env;
51 import org.onap.aaf.misc.env.Slot;
52 import org.onap.aaf.misc.env.TimeTaken;
53 import org.onap.aaf.misc.env.util.Chrono;
54 import org.onap.aaf.misc.xgen.Cache;
55 import org.onap.aaf.misc.xgen.Mark;
56 import org.onap.aaf.misc.xgen.html.HTMLGen;
60 import aaf.v2_0.Roles;
61 import aaf.v2_0.UserRole;
62 import aaf.v2_0.UserRoles;
65 * Detail Page for Permissions
70 public class RoleDetail extends Page {
71 public static final String HREF = "/gui/roledetail";
72 public static final String NAME = "RoleDetail";
73 private static final String BLANK = "";
75 public RoleDetail(final AAF_GUI gui, Page ... breadcrumbs) throws APIException, IOException {
76 super(gui.env, NAME, HREF, new String[] {"role","ns"},
77 new BreadCrumbs(breadcrumbs),
78 new Table<AAF_GUI,AuthzTrans>("Role Details",gui.env.newTransNoAvg(),
79 new Model(gui.env),"class=detail")
84 * Implement the table content for Permissions Detail
89 private static class Model extends TableData<AAF_GUI,AuthzTrans> {
90 private static final String ACCESS = "access";
91 private Slot sRoleName,sRole,sUserRole,sMayWrite,sMayApprove,sMark,sNS;
92 public Model(AuthzEnv env) {
93 sRoleName = env.slot(NAME+".role");
94 sRole = env.slot(NAME+".data.role");
95 sUserRole = env.slot(NAME+".data.userrole");
96 sMayWrite = env.slot(NAME+"mayWrite");
97 sMayApprove = env.slot(NAME+"mayApprove");
98 sMark = env.slot(NAME+"mark");
99 sNS = env.slot(NAME+".ns");
103 * @see org.onap.aaf.auth.gui.table.TableData#prefix(org.onap.aaf.misc.xgen.html.State, com.att.inno.env.Trans, org.onap.aaf.misc.xgen.Cache, org.onap.aaf.misc.xgen.html.HTMLGen)
106 public void prefix(final AAF_GUI gui, final AuthzTrans trans, final Cache<HTMLGen> cache, final HTMLGen hgen) {
107 final String pRole = trans.get(sRoleName, null);
108 Validator v = new Validator();
109 if(!v.isNull("Role",pRole).err()) {
110 if(!pRole.startsWith(trans.user())) {
115 trans.warn().printf("Error in PermDetail Request: %s", v.errs());
121 gui.clientAsUser(trans.getUserPrincipal(), new Retryable<Boolean>() {
123 public Boolean code(Rcli<?> client) throws CadiException, ConnectException, APIException {
124 TimeTaken tt = trans.start("AAF Role Details",Env.REMOTE);
126 Future<Roles> fr = client.read("/authz/roles/"+pRole+"?ns",gui.getDF(Roles.class));
127 Future<UserRoles> fur = client.read("/authz/userRoles/role/"+pRole,gui.getDF(UserRoles.class));
128 if (fr.get(AAF_GUI.TIMEOUT)) {
129 List<Role> roles = fr.value.getRole();
130 if (!roles.isEmpty()) {
131 Role role = fr.value.getRole().get(0);
132 trans.put(sRole, role);
133 Boolean mayWrite = trans.fish(new AAFPermission(role.getNs(),ACCESS,":role:"+role.getName(),"write"));
134 trans.put(sMayWrite,mayWrite);
135 Boolean mayApprove = trans.fish(new AAFPermission(role.getNs(),ACCESS,":role:"+role.getName(),"approve"));
136 trans.put(sMayApprove, mayApprove);
138 if (mayWrite || mayApprove) {
139 Mark js = new Mark();
140 Mark fn = new Mark();
142 .function(fn,"touchedDesc")
143 .li("d=document.getElementById('descText');",
144 "if (d.orig == undefined ) {",
145 " d.orig = d.value;",
146 " d.addEventListener('keyup',changedDesc);",
147 " d.removeEventListener('keypress',touchedDesc);",
149 .function(fn,"changedDesc")
151 "dcb=document.getElementById('descCB');",
152 "d=document.getElementById('descText');",
153 "dcb.checked= (d.orig != d.value)"
157 Mark mark = new Mark();
158 hgen.incr(mark,"form","method=post");
159 trans.put(sMark, mark);
163 trans.error().printf("Error calling AAF for Roles in GUI, Role Detail %d: %s",fr.code(),fr.body());
167 if (fur.get(AAF_GUI.TIMEOUT)) {
168 trans.put(sUserRole, fur.value.getUserRole());
170 trans.error().printf("Error calling AAF for UserRoles in GUI, Role Detail %d: %s",fr.code(),fr.body());
180 } catch (Exception e) {
181 trans.error().log(e);
186 public Cells get(final AuthzTrans trans, final AAF_GUI gui) {
187 final String pRole = trans.get(sRoleName, null);
188 final Role role = trans.get(sRole,null);
189 ArrayList<AbsCell[]> rv = new ArrayList<>();
192 boolean mayWrite = trans.get(sMayWrite, false);
193 boolean mayApprove = trans.get(sMayApprove, false);
195 String desc = (role.getDescription()!=null?role.getDescription():BLANK);
196 rv.add(new AbsCell[]{
197 new TextCell("Role:","width=45%"),
198 new TextCell(pRole)});
200 rv.add(new AbsCell[]{
201 new TextCell("Description:","width=45%"),
202 new TextInputCell("description","textInput",desc,"id=descText","onkeypress=touchedDesc()"),
203 new CheckBoxCell("desc",ALIGN.left, "changed","id=descCB", "style=visibility: hidden"),
205 rv.add(AbsCell.HLINE);
206 rv.add(new AbsCell[] {
207 new TextCell("Associated Permissions:","width=25%"),
208 new TextCell("UnGrant","width=10%"),
211 rv.add(new AbsCell[]{
212 new TextCell("Description:","width=45%"),
213 new TextCell(desc)});
215 boolean protectedRole = role.getName().endsWith(".owner") ||
216 role.getName().endsWith(".admin");
217 boolean first = true;
218 for (Pkey r : role.getPerms()) {
219 String key=r.getType() + '|' + r.getInstance() + '|' + r.getAction();
221 rv.add(new AbsCell[] {
223 protectedRole && r.getType().endsWith(".access")
224 ?new TextCell("protected","class=protected") // Do not allow ungranting of basic NS perms
225 :new CheckBoxCell("perm.ungrant",key),
226 new TextCell("","width=10%"),
231 rv.add(new AbsCell[] {
232 new TextCell("Associated Permissions:","width=45%"),
237 rv.add(new AbsCell[] {
246 rv.add(AbsCell.HLINE);
249 rv.add(new AbsCell[] {
250 new TextCell("Users in Role:","width=25%"),
251 new TextCell("Delete","width=10%"),
252 new TextCell("Extend","width=10%")
255 List<UserRole> userroles = trans.get(sUserRole,null);
256 if (userroles!=null) {
257 for (UserRole ur : userroles) {
258 String tag = "userrole";
260 rv.add(new AbsCell[] {
262 new CheckBoxCell(tag+".delete", ur.getUser()),
263 new CheckBoxCell(tag+".extend", ur.getUser()),
264 new TextCell(ur.getUser()),
265 new TextCell(Chrono.dateOnlyStamp(ur.getExpires())
272 rv.add(new AbsCell[] {
273 new RefCell("See History",RoleHistory.HREF + "?role=" + pRole,false,"class=greenbutton")
276 rv.add(new AbsCell[]{
277 new TextCell("Role:"),
278 new TextCell(pRole)});
280 rv.add(new AbsCell[] {new TextCell("*** Data Unavailable ***")});
282 return new Cells(rv, null);
286 * @see org.onap.aaf.auth.gui.table.TableData#postfix(org.onap.aaf.misc.xgen.html.State, com.att.inno.env.Trans, org.onap.aaf.misc.xgen.Cache, org.onap.aaf.misc.xgen.html.HTMLGen)
289 public void postfix(AAF_GUI state, AuthzTrans trans, final Cache<HTMLGen> cache, final HTMLGen hgen) {
290 final Mark mark = trans.get(sMark, null);
292 hgen.tagOnly("input", "type=submit", "value=Submit");
293 final String pNS = trans.get(sNS, null);
294 if (pNS!=null && pNS.length()>0) {
295 hgen.leaf(mark,HTMLGen.A,"href="+NsDetail.HREF+"?ns="+pNS,"class=greenbutton").text("Back").end(mark);