authz-cmd/src/main/java/com/att/cmd/role/ListByUser.java

   1 /*******************************************************************************\r
   2  * ============LICENSE_START====================================================\r
   3  * * org.onap.aaf\r
   4  * * ===========================================================================\r
   5  * * Copyright © 2017 AT&T Intellectual Property. All rights reserved.\r
   6  * * ===========================================================================\r
   7  * * Licensed under the Apache License, Version 2.0 (the "License");\r
   8  * * you may not use this file except in compliance with the License.\r
   9  * * You may obtain a copy of the License at\r
  10  * * \r
  11  *  *      http://www.apache.org/licenses/LICENSE-2.0\r
  12  * * \r
  13  *  * Unless required by applicable law or agreed to in writing, software\r
  14  * * distributed under the License is distributed on an "AS IS" BASIS,\r
  15  * * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\r
  16  * * See the License for the specific language governing permissions and\r
  17  * * limitations under the License.\r
  18  * * ============LICENSE_END====================================================\r
  19  * *\r
  20  * * ECOMP is a trademark and service mark of AT&T Intellectual Property.\r
  21  * *\r
  22  ******************************************************************************/\r
  23 package com.att.cmd.role;\r
  24 \r
  25 import java.util.ArrayList;\r
  26 import java.util.HashMap;\r
  27 \r
  28 import com.att.cadi.CadiException;\r
  29 import com.att.cadi.LocatorException;\r
  30 import com.att.cadi.client.Future;\r
  31 import com.att.cadi.client.Rcli;\r
  32 import com.att.cadi.client.Retryable;\r
  33 import com.att.cmd.AAFcli;\r
  34 import com.att.cmd.Cmd;\r
  35 import com.att.cmd.Param;\r
  36 import com.att.cssa.rserv.HttpMethods;\r
  37 import com.att.inno.env.APIException;\r
  38 import com.att.inno.env.util.Chrono;\r
  39 \r
  40 import aaf.v2_0.Nss;\r
  41 import aaf.v2_0.Pkey;\r
  42 import aaf.v2_0.Roles;\r
  43 import aaf.v2_0.Users;\r
  44 \r
  45 /**\r
  46  * p\r
  47  *\r
  48  */\r
  49 public class ListByUser extends Cmd {\r
  50         private static final String HEADER = "List Roles for User ";\r
  51         \r
  52         public ListByUser(List parent) {\r
  53                 super(parent,"user", \r
  54                                 new Param("id",true)); \r
  55         }\r
  56 \r
  57         @Override\r
  58         public int _exec( int idx, final String ... args) throws CadiException, APIException, LocatorException {\r
  59                 String user=args[idx];\r
  60                 String realm = getOrgRealm();\r
  61                 final String fullUser;\r
  62                 if (user.indexOf('@') < 0 && realm != null) {\r
  63                     fullUser = user + '@' + realm;\r
  64                 } else {\r
  65                     fullUser = user;\r
  66                 }\r
  67 \r
  68                 return same(new Retryable<Integer>() {\r
  69                         @Override\r
  70                         public Integer code(Rcli<?> client) throws CadiException, APIException {\r
  71 \r
  72                                 Future<Roles> fp = client.read(\r
  73                                                 "/authz/roles/user/"+fullUser, \r
  74                                                 getDF(Roles.class)\r
  75                                                 );\r
  76                                 if(fp.get(AAFcli.timeout())) {\r
  77                                         Future<Nss> fn = null;\r
  78                                         ArrayList<String> roleNss = null;\r
  79                                         ArrayList<String> permNss = null;\r
  80                                         HashMap<String, Boolean> expiredMap = new HashMap<String, Boolean>();\r
  81                                         if (aafcli.isDetailed()) {\r
  82                                                 roleNss = new ArrayList<String>();\r
  83                                                 permNss = new ArrayList<String>();\r
  84                                                 for(aaf.v2_0.Role p : fp.value.getRole()) {\r
  85                                                         String roleNs = p.getName();\r
  86                                                         do {\r
  87                                                                 roleNs = p.getName().substring(0,roleNs.lastIndexOf('.'));\r
  88                                                                 fn = client.read("/authz/nss/"+roleNs,getDF(Nss.class));\r
  89                                                         } while (!fn.get(AAFcli.timeout()));\r
  90                                                         roleNss.add(roleNs);\r
  91         \r
  92                                                         for(Pkey perm : p.getPerms()) {\r
  93                                                                 if (perm.getType().contains(roleNs)) {\r
  94                                                                     permNss.add(roleNs);\r
  95                                                                 } else {\r
  96                                                                         Future<Nss> fpn = null;\r
  97                                                                         String permType = perm.getType();\r
  98                                                                         String permNs = permType;\r
  99                                                                         do {\r
 100                                                                                 permNs = permType.substring(0,permNs.lastIndexOf('.'));\r
 101                                                                                 fpn = client.read("/authz/nss/"+permNs,getDF(Nss.class));\r
 102                                                                         } while (!fpn.get(AAFcli.timeout()));\r
 103                                                                         permNss.add(permNs);\r
 104                                                                 }\r
 105                                                         }\r
 106                                                 }\r
 107                                         }\r
 108                                         \r
 109                                         if (fp.value != null) {\r
 110                                                 for(aaf.v2_0.Role p : fp.value.getRole()) {\r
 111                                                         Future<Users> fu = client.read(\r
 112                                                                         "/authz/userRole/"+fullUser+"/"+p.getName(), \r
 113                                                                         getDF(Users.class)\r
 114                                                                         );\r
 115                                                         if (fu.get(5000)) {\r
 116                                                                 if(fu.value != null) {\r
 117                                                                     for (Users.User u : fu.value.getUser()) {\r
 118                                                                         if(u.getExpires().normalize().compare(Chrono.timeStamp().normalize()) > 0) {\r
 119                                                                                 expiredMap.put(p.getName(), new Boolean(false));\r
 120                                                                         } else {\r
 121                                                                                 expiredMap.put(p.getName(), new Boolean(true));\r
 122                                                                         }\r
 123                                                                     }\r
 124                                                                 }\r
 125                                                         }\r
 126                                                 }       \r
 127                                         }\r
 128                                         \r
 129                                         ((List)parent).report(fp,roleNss,permNss,expiredMap,HEADER,fullUser);\r
 130                                 } else {\r
 131                                         error(fp);\r
 132                                 }\r
 133                                 return fp.code();\r
 134                         }\r
 135                 });\r
 136         }\r
 137         \r
 138         @Override\r
 139         public void detailedHelp(int indent, StringBuilder sb) {\r
 140                 detailLine(sb,indent,HEADER);\r
 141                 api(sb,indent,HttpMethods.GET,"authz/roles/user/<user>",Roles.class,true);\r
 142         }\r
 143 \r
 144 \r
 145 }\r