2 * ============LICENSE_START====================================================
4 * ===========================================================================
5 * Copyright (c) 2018 AT&T Intellectual Property. All rights reserved.
6 * ===========================================================================
7 * Licensed under the Apache License, Version 2.0 (the "License");
8 * you may not use this file except in compliance with the License.
9 * You may obtain a copy of the License at
11 * http://www.apache.org/licenses/LICENSE-2.0
13 * Unless required by applicable law or agreed to in writing, software
14 * distributed under the License is distributed on an "AS IS" BASIS,
15 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
16 * See the License for the specific language governing permissions and
17 * limitations under the License.
18 * ============LICENSE_END====================================================
22 package org.onap.aaf.auth.service;
24 import java.util.Date;
26 import javax.servlet.http.HttpServletRequest;
28 import org.onap.aaf.auth.dao.DAOException;
29 import org.onap.aaf.auth.dao.cass.NsType;
30 import org.onap.aaf.auth.env.AuthzTrans;
31 import org.onap.aaf.auth.layer.Result;
32 import org.onap.aaf.auth.service.mapper.Mapper;
34 public interface AuthzService<NSS,PERMS,PERMKEY,ROLES,USERS,USERROLES,DELGS,CERTS,KEYS,REQUEST,HISTORY,ERR,APPROVALS> {
35 public Mapper<NSS,PERMS,PERMKEY,ROLES,USERS,USERROLES,DELGS,CERTS,KEYS,REQUEST,HISTORY,ERR,APPROVALS> mapper();
37 /***********************************
39 ***********************************/
46 * @throws DAOException
49 public Result<Void> createNS(AuthzTrans trans, REQUEST request, NsType type);
57 public Result<Void> addAdminNS(AuthzTrans trans, String ns, String id);
65 public Result<Void> delAdminNS(AuthzTrans trans, String ns, String id);
74 public Result<Void> addResponsibleNS(AuthzTrans trans, String ns, String id);
83 public Result<Void> delResponsibleNS(AuthzTrans trans, String ns, String id);
93 public Result<Void> createNsAttrib(AuthzTrans trans, String ns, String key, String value);
103 public Result<?> updateNsAttrib(AuthzTrans trans, String ns, String key, String value);
112 public Result<Void> deleteNsAttrib(AuthzTrans trans, String ns, String key);
121 public Result<KEYS> readNsByAttrib(AuthzTrans trans, String key);
130 public Result<NSS> getNSbyName(AuthzTrans trans, String ns, boolean full);
138 public Result<NSS> getNSbyAdmin(AuthzTrans trans, String user, boolean full);
146 public Result<NSS> getNSbyResponsible(AuthzTrans trans, String user, boolean full);
154 public Result<NSS> getNSbyEither(AuthzTrans trans, String user, boolean full);
162 public Result<NSS> getNSsChildren(AuthzTrans trans, String parent);
170 public Result<Void> updateNsDescription(AuthzTrans trans, REQUEST req);
178 * @throws DAOException
180 public Result<Void> deleteNS(AuthzTrans trans, String ns);
182 /***********************************
184 ***********************************/
190 * @throws DAOException
191 * @throws MappingException
193 public Result<Void> createPerm(AuthzTrans trans, REQUEST rreq);
200 * @throws DAOException
202 public Result<PERMS> getPermsByType(AuthzTrans trans, String perm);
212 public Result<PERMS> getPermsByName(AuthzTrans trans, String type,
213 String instance, String action);
216 * Gets all the permissions for a user across all the roles it is assigned to
222 public Result<PERMS> getPermsByUser(AuthzTrans trans, String userName);
225 * Gets all the permissions for a user across all the roles it is assigned to, filtered by NS (Scope)
232 public Result<PERMS> getPermsByUserScope(AuthzTrans trans, String user, String[] scopes);
236 * Gets all the permissions for a user across all the roles it is assigned to
238 * Add AAF Perms representing the "MayUser" calls if
240 * 2) User has equivalent permission
247 public Result<PERMS> getPermsByUser(AuthzTrans trans, PERMS perms, String userName);
251 * Gets all the permissions for a user across all the roles it is assigned to
257 public Result<PERMS> getPermsByRole(AuthzTrans trans, String roleName);
265 public Result<PERMS> getPermsByNS(AuthzTrans trans, String ns);
274 * @param origInstance
278 public Result<Void> renamePerm(AuthzTrans trans, REQUEST rreq, String origType, String origInstance, String origAction);
286 public Result<Void> updatePermDescription(AuthzTrans trans, REQUEST req);
294 public Result<Void> resetPermRoles(AuthzTrans trans, REQUEST from);
303 public Result<Void> deletePerm(AuthzTrans trans, REQUEST from);
315 Result<Void> deletePerm(AuthzTrans trans, String perm, String type, String action);
317 /***********************************
319 ***********************************/
327 * @throws DAOException
330 public Result<Void> createRole(AuthzTrans trans, REQUEST req);
338 public Result<ROLES> getRolesByName(AuthzTrans trans, String role);
345 * @throws DAOException
347 public Result<ROLES> getRolesByUser(AuthzTrans trans, String user);
355 public Result<ROLES> getRolesByNS(AuthzTrans trans, String user);
363 public Result<ROLES> getRolesByNameOnly(AuthzTrans trans, String name);
373 public Result<ROLES> getRolesByPerm(AuthzTrans trans, String type, String instance, String action);
381 public Result<Void> updateRoleDescription(AuthzTrans trans, REQUEST req);
388 * @throws DAOException
390 public Result<Void> addPermToRole(AuthzTrans trans, REQUEST rreq);
398 * @throws DAOException
400 Result<Void> delPermFromRole(AuthzTrans trans, REQUEST rreq);
403 * Itemized key delete
411 public Result<Void> delPermFromRole(AuthzTrans trans, String role, String type, String instance, String action);
419 * @throws DAOException
420 * @throws MappingException
422 public Result<Void> deleteRole(AuthzTrans trans, String role);
430 public Result<Void> deleteRole(AuthzTrans trans, REQUEST req);
432 /***********************************
434 ***********************************/
442 Result<Void> createUserCred(AuthzTrans trans, REQUEST from);
450 Result<Void> resetUserCred(AuthzTrans trans, REQUEST from);
459 Result<Void> extendUserCred(AuthzTrans trans, REQUEST from, String days);
467 public Result<USERS> getCredsByNS(AuthzTrans trans, String ns);
475 public Result<USERS> getCredsByID(AuthzTrans trans, String id);
484 public Result<CERTS> getCertInfoByID(AuthzTrans trans, HttpServletRequest req, String id);
492 public Result<Void> deleteUserCred(AuthzTrans trans, REQUEST credReq);
501 public Result<Date> doesCredentialMatch(AuthzTrans trans, REQUEST credReq);
509 public Result<Date> validateBasicAuth(AuthzTrans trans, String basicAuth);
517 public Result<USERS> getUsersByRole(AuthzTrans trans, String role);
525 public Result<USERS> getUserInRole(AuthzTrans trans, String user, String role);
535 public Result<USERS> getUsersByPermission(AuthzTrans trans,String type, String instance, String action);
540 /***********************************
542 ***********************************/
551 public Result<Void> createUserRole(AuthzTrans trans, REQUEST request);
559 public Result<USERROLES> getUserRolesByRole(AuthzTrans trans, String role);
567 public Result<USERROLES> getUserRolesByUser(AuthzTrans trans, String user);
570 * Note: Removed "resetRolesForUsers" because it was too dangerous, and
571 * removed "resetUsersForRoles" because it was being misused.
581 public Result<Void> extendUserRole(AuthzTrans trans, String user,
591 * @throws DAOException
593 public Result<Void> deleteUserRole(AuthzTrans trans, String usr, String role);
597 /***********************************
599 ***********************************/
607 public Result<HISTORY> getHistoryByUser(AuthzTrans trans, String user, int[] yyyymm, int sort);
617 public Result<HISTORY> getHistoryByRole(AuthzTrans trans, String subj, int[] yyyymm, int sort);
627 public Result<HISTORY> getHistoryByPerm(AuthzTrans trans, String subj, int[] yyyymm, int sort);
637 public Result<HISTORY> getHistoryByNS(AuthzTrans trans, String subj, int[] yyyymm, int sort);
647 public Result<HISTORY> getHistoryBySubject(AuthzTrans trans, String subject, String target, int[] yyyymm, int sort);
649 /***********************************
651 ***********************************/
659 public Result<Void> createDelegate(AuthzTrans trans, REQUEST reqDelegate);
668 public Result<Void> updateDelegate(AuthzTrans trans, REQUEST reqDelegate);
678 public Result<Void> deleteDelegate(AuthzTrans trans, REQUEST reqDelegate);
686 public Result<Void> deleteDelegate(AuthzTrans trans, String userName);
695 public Result<DELGS> getDelegatesByUser(AuthzTrans trans, String user);
704 public Result<DELGS> getDelegatesByDelegate(AuthzTrans trans, String delegate);
706 /***********************************
708 ***********************************/
717 public Result<Void> updateApproval(AuthzTrans trans, APPROVALS approvals);
725 public Result<APPROVALS> getApprovalsByUser(AuthzTrans trans, String user);
733 public Result<APPROVALS> getApprovalsByTicket(AuthzTrans trans, String ticket);
741 public Result<APPROVALS> getApprovalsByApprover(AuthzTrans trans, String approver);
749 public Result<Void> cacheClear(AuthzTrans trans, String cname);
758 public Result<Void> cacheClear(AuthzTrans trans, String cname, int[] segment);
764 public void dbReset(AuthzTrans trans);