1 /*******************************************************************************
\r
2 * ============LICENSE_START====================================================
\r
4 * * ===========================================================================
\r
5 * * Copyright © 2017 AT&T Intellectual Property. All rights reserved.
\r
6 * * ===========================================================================
\r
7 * * Licensed under the Apache License, Version 2.0 (the "License");
\r
8 * * you may not use this file except in compliance with the License.
\r
9 * * You may obtain a copy of the License at
\r
11 * * http://www.apache.org/licenses/LICENSE-2.0
\r
13 * * Unless required by applicable law or agreed to in writing, software
\r
14 * * distributed under the License is distributed on an "AS IS" BASIS,
\r
15 * * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
\r
16 * * See the License for the specific language governing permissions and
\r
17 * * limitations under the License.
\r
18 * * ============LICENSE_END====================================================
\r
20 * * ECOMP is a trademark and service mark of AT&T Intellectual Property.
\r
22 ******************************************************************************/
\r
23 package com.att.cmd.role;
\r
25 import java.util.ArrayList;
\r
26 import java.util.HashMap;
\r
28 import com.att.cadi.CadiException;
\r
29 import com.att.cadi.LocatorException;
\r
30 import com.att.cadi.client.Future;
\r
31 import com.att.cadi.client.Rcli;
\r
32 import com.att.cadi.client.Retryable;
\r
33 import com.att.cmd.AAFcli;
\r
34 import com.att.cmd.Cmd;
\r
35 import com.att.cmd.Param;
\r
36 import com.att.cssa.rserv.HttpMethods;
\r
37 import com.att.inno.env.APIException;
\r
38 import com.att.inno.env.util.Chrono;
\r
40 import aaf.v2_0.Nss;
\r
41 import aaf.v2_0.Pkey;
\r
42 import aaf.v2_0.Roles;
\r
43 import aaf.v2_0.Users;
\r
49 public class ListByUser extends Cmd {
\r
50 private static final String HEADER = "List Roles for User ";
\r
52 public ListByUser(List parent) {
\r
53 super(parent,"user",
\r
54 new Param("id",true));
\r
58 public int _exec( int idx, final String ... args) throws CadiException, APIException, LocatorException {
\r
59 String user=args[idx];
\r
60 String realm = getOrgRealm();
\r
61 final String fullUser;
\r
62 if (user.indexOf('@') < 0 && realm != null) {
\r
63 fullUser = user + '@' + realm;
\r
68 return same(new Retryable<Integer>() {
\r
70 public Integer code(Rcli<?> client) throws CadiException, APIException {
\r
72 Future<Roles> fp = client.read(
\r
73 "/authz/roles/user/"+fullUser,
\r
76 if(fp.get(AAFcli.timeout())) {
\r
77 Future<Nss> fn = null;
\r
78 ArrayList<String> roleNss = null;
\r
79 ArrayList<String> permNss = null;
\r
80 HashMap<String, Boolean> expiredMap = new HashMap<String, Boolean>();
\r
81 if (aafcli.isDetailed()) {
\r
82 roleNss = new ArrayList<String>();
\r
83 permNss = new ArrayList<String>();
\r
84 for(aaf.v2_0.Role p : fp.value.getRole()) {
\r
85 String roleNs = p.getName();
\r
87 roleNs = p.getName().substring(0,roleNs.lastIndexOf('.'));
\r
88 fn = client.read("/authz/nss/"+roleNs,getDF(Nss.class));
\r
89 } while (!fn.get(AAFcli.timeout()));
\r
90 roleNss.add(roleNs);
\r
92 for(Pkey perm : p.getPerms()) {
\r
93 if (perm.getType().contains(roleNs)) {
\r
94 permNss.add(roleNs);
\r
96 Future<Nss> fpn = null;
\r
97 String permType = perm.getType();
\r
98 String permNs = permType;
\r
100 permNs = permType.substring(0,permNs.lastIndexOf('.'));
\r
101 fpn = client.read("/authz/nss/"+permNs,getDF(Nss.class));
\r
102 } while (!fpn.get(AAFcli.timeout()));
\r
103 permNss.add(permNs);
\r
109 if (fp.value != null) {
\r
110 for(aaf.v2_0.Role p : fp.value.getRole()) {
\r
111 Future<Users> fu = client.read(
\r
112 "/authz/userRole/"+fullUser+"/"+p.getName(),
\r
115 if (fu.get(5000)) {
\r
116 if(fu.value != null) {
\r
117 for (Users.User u : fu.value.getUser()) {
\r
118 if(u.getExpires().normalize().compare(Chrono.timeStamp().normalize()) > 0) {
\r
119 expiredMap.put(p.getName(), new Boolean(false));
\r
121 expiredMap.put(p.getName(), new Boolean(true));
\r
129 ((List)parent).report(fp,roleNss,permNss,expiredMap,HEADER,fullUser);
\r
139 public void detailedHelp(int indent, StringBuilder sb) {
\r
140 detailLine(sb,indent,HEADER);
\r
141 api(sb,indent,HttpMethods.GET,"authz/roles/user/<user>",Roles.class,true);
\r