2 * ============LICENSE_START====================================================
4 * ===========================================================================
5 * Copyright (c) 2018 AT&T Intellectual Property. All rights reserved.
6 * ===========================================================================
7 * Licensed under the Apache License, Version 2.0 (the "License");
8 * you may not use this file except in compliance with the License.
9 * You may obtain a copy of the License at
11 * http://www.apache.org/licenses/LICENSE-2.0
13 * Unless required by applicable law or agreed to in writing, software
14 * distributed under the License is distributed on an "AS IS" BASIS,
15 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
16 * See the License for the specific language governing permissions and
17 * limitations under the License.
18 * ============LICENSE_END====================================================
22 package org.onap.aaf.auth.service.api;
24 import static org.onap.aaf.auth.layer.Result.OK;
25 import static org.onap.aaf.auth.rserv.HttpMethods.DELETE;
26 import static org.onap.aaf.auth.rserv.HttpMethods.GET;
27 import static org.onap.aaf.auth.rserv.HttpMethods.POST;
28 import static org.onap.aaf.auth.rserv.HttpMethods.PUT;
30 import javax.servlet.http.HttpServletRequest;
31 import javax.servlet.http.HttpServletResponse;
33 import org.eclipse.jetty.http.HttpStatus;
34 import org.onap.aaf.auth.dao.cass.Status;
35 import org.onap.aaf.auth.env.AuthzTrans;
36 import org.onap.aaf.auth.layer.Result;
37 import org.onap.aaf.auth.service.AAF_Service;
38 import org.onap.aaf.auth.service.Code;
39 import org.onap.aaf.auth.service.facade.AuthzFacade;
40 import org.onap.aaf.auth.service.mapper.Mapper.API;
42 public class API_Roles {
43 public static void init(AAF_Service authzAPI, AuthzFacade facade) throws Exception {
45 * puts a new role in Authz DB
47 authzAPI.route(POST,"/authz/role",API.ROLE_REQ, new Code(facade,"Create Role",true) {
51 HttpServletRequest req,
52 HttpServletResponse resp) throws Exception {
53 Result<Void> r = context.createRole(trans, req, resp);
57 resp.setStatus(HttpStatus.CREATED_201);
59 case Status.ACC_Future:
60 resp.setStatus(HttpStatus.ACCEPTED_202);
63 context.error(trans,resp,r);
72 authzAPI.route(GET, "/authz/roles/:role", API.ROLES, new Code(facade,"GetRolesByFullName",true) {
75 HttpServletRequest req,
76 HttpServletResponse resp) throws Exception {
78 Result<Void> r = context.getRolesByName(trans, resp, pathParam(req, "role"));
81 resp.setStatus(HttpStatus.OK_200);
84 context.error(trans,resp,r);
92 * gets all Roles by user name
94 authzAPI.route(GET, "/authz/roles/user/:name", API.ROLES, new Code(facade,"GetRolesByUser",true) {
97 HttpServletRequest req,
98 HttpServletResponse resp) throws Exception {
100 Result<Void> r = context.getRolesByUser(trans, resp, pathParam(req, "name"));
103 resp.setStatus(HttpStatus.OK_200);
106 context.error(trans,resp,r);
113 * gets all Roles by Namespace
115 authzAPI.route(GET, "/authz/roles/ns/:ns", API.ROLES, new Code(facade,"GetRolesByNS",true) {
118 HttpServletRequest req,
119 HttpServletResponse resp) throws Exception {
121 Result<Void> r = context.getRolesByNS(trans, resp, pathParam(req, "ns"));
124 resp.setStatus(HttpStatus.OK_200);
127 context.error(trans,resp,r);
133 * gets all Roles by Name without the Namespace
135 authzAPI.route(GET, "/authz/roles/name/:name", API.ROLES, new Code(facade,"GetRolesByNameOnly",true) {
138 HttpServletRequest req,
139 HttpServletResponse resp) throws Exception {
140 Result<Void> r = context.getRolesByNameOnly(trans, resp, pathParam(req, ":name"));
143 resp.setStatus(HttpStatus.OK_200);
146 context.error(trans,resp,r);
152 * Deletes a Role from Authz DB by Object
154 authzAPI.route(DELETE,"/authz/role",API.ROLE_REQ, new Code(facade,"Delete Role",true) {
158 HttpServletRequest req,
159 HttpServletResponse resp) throws Exception {
160 Result<Void> r = context.deleteRole(trans, req, resp);
164 resp.setStatus(HttpStatus.OK_200);
167 context.error(trans,resp,r);
177 * Deletes a Role from Authz DB by Key
179 authzAPI.route(DELETE,"/authz/role/:role",API.ROLE, new Code(facade,"Delete Role",true) {
183 HttpServletRequest req,
184 HttpServletResponse resp) throws Exception {
185 Result<Void> r = context.deleteRole(trans, resp, pathParam(req,":role"));
189 resp.setStatus(HttpStatus.OK_200);
192 context.error(trans,resp,r);
201 * Add a Permission to a Role (Grant)
203 authzAPI.route(POST,"/authz/role/perm",API.ROLE_PERM_REQ, new Code(facade,"Add Permission to Role",true) {
207 HttpServletRequest req,
208 HttpServletResponse resp) throws Exception {
210 Result<Void> r = context.addPermToRole(trans, req, resp);
214 resp.setStatus(HttpStatus.CREATED_201);
217 context.error(trans,resp,r);
224 * Get all Roles by Permission
226 authzAPI.route(GET,"/authz/roles/perm/:type/:instance/:action",API.ROLES,new Code(facade,"GetRolesByPerm",true) {
229 HttpServletRequest req,
230 HttpServletResponse resp) throws Exception {
232 Result<Void> r = context.getRolesByPerm(trans, resp,
233 pathParam(req, "type"),
234 pathParam(req, "instance"),
235 pathParam(req, "action"));
238 resp.setStatus(HttpStatus.OK_200);
241 context.error(trans,resp,r);
247 * Set a role's description
249 authzAPI.route(PUT,"/authz/role",API.ROLE_REQ,new Code(facade,"Set Description for role",true) {
253 HttpServletRequest req,
254 HttpServletResponse resp) throws Exception {
256 Result<Void> r = context.updateRoleDescription(trans, req, resp);
259 resp.setStatus(HttpStatus.OK_200);
262 context.error(trans,resp,r);
268 * Set a permission's roles to roles given
270 authzAPI.route(PUT,"/authz/role/perm",API.ROLE_PERM_REQ,new Code(facade,"Set a Permission's Roles",true) {
274 HttpServletRequest req,
275 HttpServletResponse resp) throws Exception {
277 Result<Void> r = context.resetPermRoles(trans, req, resp);
280 resp.setStatus(HttpStatus.OK_200);
283 context.error(trans,resp,r);
289 * Delete a Permission from a Role
290 * With multiple perms
292 authzAPI.route(DELETE,"/authz/role/:role/perm",API.ROLE_PERM_REQ, new Code(facade,"Delete Permission from Role",true) {
296 HttpServletRequest req,
297 HttpServletResponse resp) throws Exception {
298 Result<Void> r = context.delPermFromRole(trans, req, resp);
302 resp.setStatus(HttpStatus.OK_200);
305 context.error(trans,resp,r);
312 * Delete a Permission from a Role by key only
314 authzAPI.route(DELETE,"/authz/role/:role/perm/:type/:instance/:action",API.ROLE_PERM_REQ, new Code(facade,"Delete Permission from Role",true) {
318 HttpServletRequest req,
319 HttpServletResponse resp) throws Exception {
320 Result<Void> r = context.delPermFromRole(trans, resp,
321 pathParam(req,":role"),
322 pathParam(req,":type"),
323 pathParam(req,":instance"),
324 pathParam(req,":action"));
328 resp.setStatus(HttpStatus.OK_200);
331 context.error(trans,resp,r);