1 /*******************************************************************************
\r
2 * ============LICENSE_START====================================================
\r
4 * * ===========================================================================
\r
5 * * Copyright © 2017 AT&T Intellectual Property. All rights reserved.
\r
6 * * ===========================================================================
\r
7 * * Licensed under the Apache License, Version 2.0 (the "License");
\r
8 * * you may not use this file except in compliance with the License.
\r
9 * * You may obtain a copy of the License at
\r
11 * * http://www.apache.org/licenses/LICENSE-2.0
\r
13 * * Unless required by applicable law or agreed to in writing, software
\r
14 * * distributed under the License is distributed on an "AS IS" BASIS,
\r
15 * * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
\r
16 * * See the License for the specific language governing permissions and
\r
17 * * limitations under the License.
\r
18 * * ============LICENSE_END====================================================
\r
20 * * ECOMP is a trademark and service mark of AT&T Intellectual Property.
\r
22 ******************************************************************************/
\r
23 package com.att.cmd.role;
\r
25 import com.att.cadi.CadiException;
\r
26 import com.att.cadi.LocatorException;
\r
27 import com.att.cadi.client.Future;
\r
28 import com.att.cadi.client.Rcli;
\r
29 import com.att.cadi.client.Retryable;
\r
30 import com.att.cmd.AAFcli;
\r
31 import com.att.cmd.Cmd;
\r
32 import com.att.cmd.Param;
\r
33 import com.att.cssa.rserv.HttpMethods;
\r
34 import com.att.inno.env.APIException;
\r
36 import aaf.v2_0.UserRoleRequest;
\r
42 public class User extends Cmd {
\r
43 private final static String[] options = {"add","del","setTo","extend"};
\r
44 public User(Role parent) {
\r
45 super(parent,"user",
\r
46 new Param(optionsToString(options),true),
\r
47 new Param("role",true),
\r
48 new Param("id[,id]* (not required for setTo)",false));
\r
52 public int _exec(final int index, final String ... args) throws CadiException, APIException, LocatorException {
\r
53 return same(new Retryable<Integer>() {
\r
55 public Integer code(Rcli<?> client) throws CadiException, APIException {
\r
57 String realm = getOrgRealm();
\r
58 String action = args[idx++];
\r
59 int option = whichOption(options, action);
\r
60 UserRoleRequest urr = new UserRoleRequest();
\r
61 urr.setRole(args[idx++]);
\r
62 // Set Start/End commands
\r
65 Future<?> fp = null;
\r
68 String[] ids = args[idx++].split(",");
\r
69 String verb=null,participle=null;
\r
70 // You can request to be added or removed from role.
\r
71 setQueryParamsOn(client);
\r
73 for(String id: ids) {
\r
74 if (id.indexOf('@') < 0 && realm != null) id += '@' + realm;
\r
80 getDF(UserRoleRequest.class),
\r
83 participle = "] to Role [" ;
\r
87 "/authz/userRole/"+urr.getUser()+'/'+urr.getRole(),
\r
90 participle = "] from Role [" ;
\r
93 fp = client.update("/authz/userRole/extend/" + urr.getUser() + '/' + urr.getRole());
\r
95 participle = "] in Role [" ;
\r
98 default: // actually, should never get here...
\r
99 throw new CadiException("Invalid action [" + action + ']');
\r
101 if(fp.get(AAFcli.timeout())) {
\r
103 pw().print(" User [");
\r
104 pw().print(urr.getUser());
\r
105 pw().print(participle);
\r
106 pw().print(urr.getRole());
\r
109 switch(fp.code()) {
\r
111 pw().print("User Role ");
\r
112 pw().print(action);
\r
113 pw().println(" is Accepted, but requires Approvals before actualizing");
\r
117 pw().println("Failed with code 404: UserRole is not found, or you do not have permission to view");
\r
126 String allUsers = "";
\r
127 if (idx < args.length)
\r
128 allUsers = args[idx++];
\r
129 StringBuilder finalUsers = new StringBuilder();
\r
130 for (String u : allUsers.split(",")) {
\r
132 if (u.indexOf('@') < 0 && realm != null) u += '@' + realm;
\r
133 if (finalUsers.length() > 0) finalUsers.append(",");
\r
134 finalUsers.append(u);
\r
138 urr.setUser(finalUsers.toString());
\r
139 fp = client.update(
\r
140 "/authz/userRole/role",
\r
141 getDF(UserRoleRequest.class),
\r
143 if(fp.get(AAFcli.timeout())) {
\r
144 pw().println("Set the Role to Users [" + allUsers + "]");
\r
149 return fp==null?0:fp.code();
\r
155 public void detailedHelp(int indent, StringBuilder sb) {
\r
156 detailLine(sb,indent,"Add OR Delete a User to/from a Role OR");
\r
157 detailLine(sb,indent,"Set a User's Roles to the roles supplied");
\r
158 detailLine(sb,indent+2,"role - Name of Role to create");
\r
159 detailLine(sb,indent+2,"id(s) - ID or IDs to add to the Role");
\r
161 detailLine(sb,indent+2,"Note: this is the same as \"user role add...\" except allows");
\r
162 detailLine(sb,indent+2,"assignment of role to multiple userss");
\r
163 detailLine(sb,indent+2,"WARNING: Users supplied with setTo will be the ONLY users attached to this role");
\r
164 detailLine(sb,indent+2,"If no users are supplied, the users attached to this role are reset.");
\r
165 api(sb,indent,HttpMethods.POST,"authz/userRole",UserRoleRequest.class,true);
\r
166 api(sb,indent,HttpMethods.DELETE,"authz/userRole/<user>/<role>",Void.class,false);
\r
167 api(sb,indent,HttpMethods.PUT,"authz/userRole/<role>",UserRoleRequest.class,false);
\r