1 /*******************************************************************************
\r
2 * ============LICENSE_START====================================================
\r
4 * * ===========================================================================
\r
5 * * Copyright © 2017 AT&T Intellectual Property. All rights reserved.
\r
6 * * Copyright © 2017 Amdocs
\r
7 * * ===========================================================================
\r
8 * * Licensed under the Apache License, Version 2.0 (the "License");
\r
9 * * you may not use this file except in compliance with the License.
\r
10 * * You may obtain a copy of the License at
\r
12 * * http://www.apache.org/licenses/LICENSE-2.0
\r
14 * * Unless required by applicable law or agreed to in writing, software
\r
15 * * distributed under the License is distributed on an "AS IS" BASIS,
\r
16 * * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
\r
17 * * See the License for the specific language governing permissions and
\r
18 * * limitations under the License.
\r
19 * * ============LICENSE_END====================================================
\r
21 * * ECOMP is a trademark and service mark of AT&T Intellectual Property.
\r
23 ******************************************************************************/
\r
24 package com.att.cmd.perm;
\r
26 import com.att.aft.dme2.internal.jetty.http.HttpStatus;
\r
27 import com.att.cadi.CadiException;
\r
28 import com.att.cadi.LocatorException;
\r
29 import com.att.cadi.client.Future;
\r
30 import com.att.cadi.client.Rcli;
\r
31 import com.att.cadi.client.Retryable;
\r
32 import com.att.cmd.AAFcli;
\r
33 import com.att.cmd.Cmd;
\r
34 import com.att.cmd.Param;
\r
35 import com.att.cssa.rserv.HttpMethods;
\r
36 import com.att.inno.env.APIException;
\r
38 import aaf.v2_0.PermRequest;
\r
39 import aaf.v2_0.RoleRequest;
\r
45 public class Create extends Cmd {
\r
46 public Create(Perm parent) {
\r
47 super(parent,"create",
\r
48 new Param("type",true),
\r
49 new Param("instance",true),
\r
50 new Param("action", true),
\r
51 new Param("role[,role]* (to Grant to)", false)
\r
56 public int _exec(final int index, final String ... args) throws CadiException, APIException, LocatorException {
\r
57 return same(new Retryable<Integer>() {
\r
59 public Integer code(Rcli<?> client) throws CadiException, APIException {
\r
61 final PermRequest pr = new PermRequest();
\r
62 pr.setType(args[idx++]);
\r
63 pr.setInstance(args[idx++]);
\r
64 pr.setAction(args[idx++]);
\r
65 String roleCommas = (args.length>idx)?args[idx++]:null;
\r
66 String[] roles = roleCommas==null?null:roleCommas.split("\\s*,\\s*");
\r
67 boolean force = aafcli.forceString()!=null;
\r
70 if(roles!=null && force) { // Make sure Roles are Created
\r
71 RoleRequest rr = new RoleRequest();
\r
72 for(String role : roles) {
\r
74 Future<RoleRequest> fr = client.create(
\r
76 getDF(RoleRequest.class),
\r
79 fr.get(AAFcli.timeout());
\r
82 pw().println("Created Role [" + role + ']');
\r
87 pw().println("Role [" + role + "] does not exist, and cannot be created.");
\r
88 return HttpStatus.PARTIAL_CONTENT_206;
\r
93 // Set Start/End commands
\r
95 setQueryParamsOn(client);
\r
96 Future<PermRequest> fp = client.create(
\r
98 getDF(PermRequest.class),
\r
101 if(fp.get(AAFcli.timeout())) {
\r
103 pw().println("Created Permission");
\r
105 if(aafcli.forceString()!=null) { // Make sure Roles are Created
\r
106 RoleRequest rr = new RoleRequest();
\r
107 for(String role : roles) {
\r
109 Future<RoleRequest> fr = client.create(
\r
111 getDF(RoleRequest.class),
\r
114 fr.get(AAFcli.timeout());
\r
125 if(201!=(rv=((Perm)parent)._exec(0,
\r
126 new String[] {"grant",pr.getType(),pr.getInstance(),pr.getAction(),roleCommas}))) {
\r
127 rv = HttpStatus.PARTIAL_CONTENT_206;
\r
129 } catch (LocatorException e) {
\r
130 throw new CadiException(e);
\r
135 if(rv==409 && force) {
\r
137 } else if(rv==202) {
\r
138 pw().println("Permission Creation Accepted, but requires Approvals before actualizing");
\r
140 pw().println("You need to grant the roles after approval.");
\r
151 public void detailedHelp(int _indent, StringBuilder sb) {
\r
152 int indent = _indent;
\r
153 detailLine(sb,indent,"Create a Permission with:");
\r
154 detailLine(sb,indent+=2,"type - A Namespace qualified identifier identifying the kind of");
\r
155 detailLine(sb,indent+11,"resource to be protected");
\r
156 detailLine(sb,indent,"instance - A name that distinguishes a particular instance of resource");
\r
157 detailLine(sb,indent,"action - What kind of action is allowed");
\r
158 detailLine(sb,indent,"role(s) - Perms granted to these Comma separated Role(s)");
\r
159 detailLine(sb,indent+11,"Nonexistent role(s) will be created, if in same namespace");
\r
161 detailLine(sb,indent+2,"Note: Instance and Action can be a an '*' (enter \\\\* on Unix Shell)");
\r
162 api(sb,indent,HttpMethods.POST,"authz/perm",PermRequest.class,true);
\r