2 * ============LICENSE_START====================================================
4 * ===========================================================================
5 * Copyright (c) 2018 AT&T Intellectual Property. All rights reserved.
6 * ===========================================================================
7 * Licensed under the Apache License, Version 2.0 (the "License");
8 * you may not use this file except in compliance with the License.
9 * You may obtain a copy of the License at
11 * http://www.apache.org/licenses/LICENSE-2.0
13 * Unless required by applicable law or agreed to in writing, software
14 * distributed under the License is distributed on an "AS IS" BASIS,
15 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
16 * See the License for the specific language governing permissions and
17 * limitations under the License.
18 * ============LICENSE_END====================================================
22 package org.onap.aaf.auth.service.api;
24 import static org.onap.aaf.auth.layer.Result.OK;
25 import static org.onap.aaf.auth.rserv.HttpMethods.DELETE;
26 import static org.onap.aaf.auth.rserv.HttpMethods.GET;
27 import static org.onap.aaf.auth.rserv.HttpMethods.POST;
28 import static org.onap.aaf.auth.rserv.HttpMethods.PUT;
30 import javax.servlet.http.HttpServletRequest;
31 import javax.servlet.http.HttpServletResponse;
33 import org.eclipse.jetty.http.HttpStatus;
34 import org.onap.aaf.auth.env.AuthzTrans;
35 import org.onap.aaf.auth.layer.Result;
36 import org.onap.aaf.auth.service.AAF_Service;
37 import org.onap.aaf.auth.service.Code;
38 import org.onap.aaf.auth.service.facade.AuthzFacade;
39 import org.onap.aaf.auth.service.mapper.Mapper.API;
46 public class API_UserRole {
48 * Normal Init level APIs
54 public static void init(final AAF_Service authzAPI, AuthzFacade facade) throws Exception {
56 * Request User Role Access
58 authzAPI.route(POST,"/authz/userRole",API.USER_ROLE_REQ,new Code(facade,"Request User Role Access", true) {
60 public void handle(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp) throws Exception {
61 Result<Void> r = context.requestUserRole(trans, req, resp);
64 resp.setStatus(HttpStatus.CREATED_201);
67 context.error(trans,resp,r);
74 * Get UserRoles by Role
76 authzAPI.route(GET,"/authz/userRoles/role/:role",API.USER_ROLES,new Code(facade,"Get UserRoles by Role", true) {
78 public void handle(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp) throws Exception {
79 Result<Void> r = context.getUserRolesByRole(trans, resp, pathParam(req,":role"));
82 resp.setStatus(HttpStatus.OK_200);
85 context.error(trans,resp,r);
91 * Get UserRoles by User
93 authzAPI.route(GET,"/authz/userRoles/user/:user",API.USER_ROLES,new Code(facade,"Get UserRoles by User", true) {
95 public void handle(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp) throws Exception {
96 Result<Void> r = context.getUserRolesByUser(trans, resp, pathParam(req,":user"));
99 resp.setStatus(HttpStatus.OK_200);
102 context.error(trans,resp,r);
108 * REMOVE dangerous resetUsersForRole and resetRolesForUser APIs
110 final Result<Object> removeAPI = Result.err(Result.ERR_NotFound,"API Removed, use /authz/userRole instead.");
112 * Update roles attached to user in path
114 authzAPI.route(PUT,"/authz/userRole/user",API.USER_ROLE_REQ,new Code(facade,"Update Roles for a user", true) {
116 public void handle(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp) throws Exception {
117 context.error(trans,resp,removeAPI);
123 * Update users attached to role in path
125 authzAPI.route(PUT,"/authz/userRole/role",API.USER_ROLE_REQ,new Code(facade,"Update Users for a role", true) {
127 public void handle(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp) throws Exception {
128 context.error(trans,resp,removeAPI);
133 * END REMOVE Dangerous API
138 * Extend Expiration Date (according to Organizational rules)
140 authzAPI.route(PUT, "/authz/userRole/extend/:user/:role", API.VOID, new Code(facade,"Extend Expiration", true) {
142 public void handle(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp) throws Exception {
143 Result<Void> r = context.extendUserRoleExpiration(trans,resp,pathParam(req,":user"),pathParam(req,":role"));
146 resp.setStatus(HttpStatus.OK_200);
149 context.error(trans,resp,r);
158 * Create a new ID/Credential
160 authzAPI.route(DELETE,"/authz/userRole/:user/:role",API.VOID,new Code(facade,"Delete User Role", true) {
162 public void handle(AuthzTrans trans, HttpServletRequest req, HttpServletResponse resp) throws Exception {
163 Result<Void> r = context.deleteUserRole(trans, resp, pathParam(req,":user"),pathParam(req,":role"));
166 resp.setStatus(HttpStatus.OK_200);
169 context.error(trans,resp,r);