2 * ============LICENSE_START=======================================================
4 * ================================================================================
5 * Copyright (C) 2017 AT&T Intellectual Property. All rights reserved.
6 * ================================================================================
7 * Licensed under the Apache License, Version 2.0 (the "License");
8 * you may not use this file except in compliance with the License.
9 * You may obtain a copy of the License at
11 * http://www.apache.org/licenses/LICENSE-2.0
13 * Unless required by applicable law or agreed to in writing, software
14 * distributed under the License is distributed on an "AS IS" BASIS,
15 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
16 * See the License for the specific language governing permissions and
17 * limitations under the License.
18 * ============LICENSE_END=========================================================
21 package org.openecomp.sdc.be.components.impl;
23 import java.util.Date;
25 import org.openecomp.sdc.be.config.BeEcompErrorManager;
26 import org.openecomp.sdc.be.dao.api.ActionStatus;
27 import org.openecomp.sdc.be.datatypes.enums.NodeTypeEnum;
28 import org.openecomp.sdc.be.impl.ComponentsUtils;
29 import org.openecomp.sdc.be.model.ConsumerDefinition;
30 import org.openecomp.sdc.be.model.User;
31 import org.openecomp.sdc.be.model.operations.api.IGraphLockOperation;
32 import org.openecomp.sdc.be.model.operations.api.StorageOperationStatus;
33 import org.openecomp.sdc.be.model.operations.impl.ConsumerOperation;
34 import org.openecomp.sdc.be.resources.data.ConsumerData;
35 import org.openecomp.sdc.be.resources.data.auditing.AuditingActionEnum;
36 import org.openecomp.sdc.be.user.IUserBusinessLogic;
37 import org.openecomp.sdc.be.user.Role;
38 import org.openecomp.sdc.common.config.EcompErrorName;
39 import org.openecomp.sdc.common.util.ValidationUtils;
40 import org.openecomp.sdc.exception.ResponseFormat;
41 import org.slf4j.Logger;
42 import org.slf4j.LoggerFactory;
43 import org.springframework.stereotype.Component;
45 import fj.data.Either;
47 @Component("ConsumerBusinessLogic")
48 public class ConsumerBusinessLogic extends BaseBusinessLogic {
50 private static final String CONSUMER_NAME = "Consumer name";
51 private static final String CONSUMER_SALT = "Consumer salt";
52 private static final String CONSUMER_PW = "Consumer password";
54 @javax.annotation.Resource
55 private IUserBusinessLogic userAdmin;
57 @javax.annotation.Resource
58 private ComponentsUtils componentsUtils;
60 @javax.annotation.Resource
61 private ConsumerOperation consumerOperation;
63 @javax.annotation.Resource
64 private IGraphLockOperation graphLockOperation;
66 private static Logger log = LoggerFactory.getLogger(ConsumerBusinessLogic.class.getName());
68 public Either<ConsumerDefinition, ResponseFormat> createConsumer(User user, ConsumerDefinition consumer) {
70 Either<User, ResponseFormat> userValidation = validateUser(user, consumer, AuditingActionEnum.ADD_ECOMP_USER_CREDENTIALS);
72 if (userValidation.isRight()) {
73 return Either.right(userValidation.right().value());
75 checkFieldsForOverrideAttempt(consumer);
76 user = userValidation.left().value();
77 consumer.setLastModfierAtuid(user.getUserId());
79 Either<ConsumerDefinition, ResponseFormat> consumerValidationResponse = validateConsumer(consumer, user, AuditingActionEnum.ADD_ECOMP_USER_CREDENTIALS);
80 if (consumerValidationResponse.isRight()) {
81 ResponseFormat responseFormat = consumerValidationResponse.right().value();
82 componentsUtils.auditConsumerCredentialsEvent(AuditingActionEnum.ADD_ECOMP_USER_CREDENTIALS, consumer, responseFormat, user);
83 return Either.right(responseFormat);
85 String consumerName = consumer.getConsumerName();
86 StorageOperationStatus lockResult = graphLockOperation.lockComponent(consumerName, NodeTypeEnum.ConsumerCredentials);
87 if (!lockResult.equals(StorageOperationStatus.OK)) {
88 BeEcompErrorManager.getInstance().processEcompError(EcompErrorName.BeFailedLockObjectError, "createConsumer");
89 BeEcompErrorManager.getInstance().logBeFailedLockObjectError("createConsumer", NodeTypeEnum.ConsumerCredentials.getName(), consumerName);
90 log.debug("Failed to lock consumer {} error - {}", consumerName, lockResult);
91 ResponseFormat responseFormat = componentsUtils.getResponseFormat(ActionStatus.GENERAL_ERROR);
93 componentsUtils.auditConsumerCredentialsEvent(AuditingActionEnum.ADD_ECOMP_USER_CREDENTIALS, consumer, responseFormat, user);
94 return Either.right(responseFormat);
97 Either<ConsumerData, StorageOperationStatus> getResponse = consumerOperation.getCredentials(consumerName);
98 if (getResponse.isLeft() && getResponse.left().value() != null) {
99 return updateConsumer(consumer, user, true);
102 Date date = new Date();
103 consumer.setConsumerDetailsLastupdatedtime(date.getTime());
104 consumer.setConsumerLastAuthenticationTime(Long.valueOf(0));
106 Either<ConsumerData, StorageOperationStatus> createResponse = consumerOperation.createCredentials(new ConsumerData(consumer));
108 if (createResponse.isRight()) {
109 ResponseFormat responseFormat = componentsUtils.getResponseFormat(componentsUtils.convertFromStorageResponseForConsumer(createResponse.right().value()));
110 componentsUtils.auditConsumerCredentialsEvent(AuditingActionEnum.ADD_ECOMP_USER_CREDENTIALS, consumer, responseFormat, user);
111 return Either.right(responseFormat);
113 log.debug("Consumer created successfully!!!");
114 consumer = new ConsumerDefinition(createResponse.left().value().getConsumerDataDefinition());
115 ResponseFormat responseFormat = componentsUtils.getResponseFormat(ActionStatus.CREATED);
116 componentsUtils.auditConsumerCredentialsEvent(AuditingActionEnum.ADD_ECOMP_USER_CREDENTIALS, consumer, responseFormat, user);
117 return Either.left(consumer);
119 graphLockOperation.unlockComponent(consumerName, NodeTypeEnum.ConsumerCredentials);
123 private Either<User, ResponseFormat> validateUser(User user, ConsumerDefinition consumer, AuditingActionEnum auditAction) {
125 if (user.getUserId() == null || user.getUserId().trim().isEmpty()) {
126 log.debug("createEcompUser method - user is missing. userId={}", user.getUserId());
127 ResponseFormat responseFormat = componentsUtils.getResponseFormat(ActionStatus.MISSING_INFORMATION);
128 log.debug("audit before sending response");
129 componentsUtils.auditConsumerCredentialsEvent(auditAction, consumer, responseFormat, user);
130 return Either.right(responseFormat);
132 log.debug("get user from DB");
133 Either<User, ActionStatus> eitherCreator = userAdmin.getUser(user.getUserId(), false);
134 if (eitherCreator.isRight() || eitherCreator.left().value() == null) {
135 log.debug("createEcompUser method - user is not listed. userId={}", user.getUserId());
136 ResponseFormat responseFormat = componentsUtils.getResponseFormat(ActionStatus.RESTRICTED_ACCESS);
137 log.debug("audit before sending response");
138 componentsUtils.auditConsumerCredentialsEvent(auditAction, consumer, responseFormat, user);
139 return Either.right(responseFormat);
142 user = eitherCreator.left().value();
143 // validate user role
144 log.debug("validate user role");
145 if (!user.getRole().equals(Role.ADMIN.name())) {
146 log.info("role {} is not allowed to perform this action", user.getRole());
147 ResponseFormat responseFormat = componentsUtils.getResponseFormat(ActionStatus.RESTRICTED_OPERATION);
148 log.debug("audit before sending response");
149 componentsUtils.auditConsumerCredentialsEvent(auditAction, consumer, responseFormat, user);
150 return Either.right(responseFormat);
152 return Either.left(user);
155 private Either<ConsumerDefinition, ResponseFormat> validateConsumer(ConsumerDefinition consumer, User user, AuditingActionEnum audatingAction) {
156 Either<ConsumerDefinition, ResponseFormat> validateConsumerName = validateConsumerName(consumer);
157 if (validateConsumerName.isRight()) {
158 return Either.right(validateConsumerName.right().value());
160 Either<ConsumerDefinition, ResponseFormat> validateConsumerPassword = validateConsumerPassword(consumer);
161 if (validateConsumerPassword.isRight()) {
162 return Either.right(validateConsumerPassword.right().value());
164 consumer = validateConsumerPassword.left().value();
165 Either<ConsumerDefinition, ResponseFormat> validateEcompUserSalt = validateConsumerSalt(consumer);
166 if (validateEcompUserSalt.isRight()) {
167 return Either.right(validateEcompUserSalt.right().value());
169 return Either.left(consumer);
173 private Either<ConsumerDefinition, ResponseFormat> validateConsumerName(ConsumerDefinition consumer) {
174 String name = consumer.getConsumerName();
175 if (!ValidationUtils.validateStringNotEmpty(name)) {
176 log.debug("Consumer name cannot be empty.");
177 return Either.right(componentsUtils.getResponseFormat(ActionStatus.MISSING_DATA, CONSUMER_NAME));
179 if (!ValidationUtils.validateConsumerName(name)) {
180 log.debug("Consumer name is invalid.");
181 return Either.right(componentsUtils.getResponseFormat(ActionStatus.INVALID_CONTENT_PARAM, CONSUMER_NAME));
183 if (!ValidationUtils.validateLength(name, ValidationUtils.CONSUMER_NAME_MAX_LENGTH)) {
184 log.debug("Consumer name exceeds limit.");
185 return Either.right(componentsUtils.getResponseFormat(ActionStatus.EXCEEDS_LIMIT, CONSUMER_NAME, String.valueOf(ValidationUtils.CONSUMER_NAME_MAX_LENGTH)));
187 if (!ValidationUtils.isUTF8Str(name)) {
188 log.debug("Consumer name includes non UTF 8 characters.");
189 return Either.right(componentsUtils.getResponseFormat(ActionStatus.INVALID_CONTENT_PARAM, CONSUMER_NAME));
192 return Either.left(consumer);
195 private Either<ConsumerDefinition, ResponseFormat> validateConsumerPassword(ConsumerDefinition consumer) {
196 String password = consumer.getConsumerPassword();
197 if (!ValidationUtils.validateStringNotEmpty(password)) {
198 log.debug("Consumer password cannot be empty.");
199 return Either.right(componentsUtils.getResponseFormat(ActionStatus.MISSING_DATA, CONSUMER_PW));
201 if (password.length() != ValidationUtils.CONSUMER_PASSWORD_LENGTH) {
202 log.debug("Consumer password length is not valid.");
203 return Either.right(componentsUtils.getResponseFormat(ActionStatus.INVALID_LENGTH, CONSUMER_PW));
205 consumer.setConsumerPassword(password.toLowerCase());
206 if (!ValidationUtils.validateConsumerPassSalt(consumer.getConsumerPassword())) {
207 log.debug("Consumer password is invalid.");
208 return Either.right(componentsUtils.getResponseFormat(ActionStatus.INVALID_CONTENT_PARAM, CONSUMER_PW));
211 return Either.left(consumer);
214 private Either<ConsumerDefinition, ResponseFormat> validateConsumerSalt(ConsumerDefinition consumer) {
215 String salt = consumer.getConsumerSalt();
216 if (!ValidationUtils.validateStringNotEmpty(salt)) {
217 log.debug("Consumer salt cannot be empty.");
218 return Either.right(componentsUtils.getResponseFormat(ActionStatus.MISSING_DATA, CONSUMER_SALT));
220 if (salt.length() != ValidationUtils.CONSUMER_SALT_LENGTH) {
221 log.debug("Consumer salt length is not valid.");
222 return Either.right(componentsUtils.getResponseFormat(ActionStatus.INVALID_LENGTH, CONSUMER_SALT));
224 if (!ValidationUtils.validateConsumerPassSalt(salt)) {
225 log.debug("Consumer salt is invalid.");
226 return Either.right(componentsUtils.getResponseFormat(ActionStatus.INVALID_CONTENT_PARAM, CONSUMER_SALT));
229 return Either.left(consumer);
232 public Either<ConsumerDefinition, ResponseFormat> getConsumer(String consumerId, User user) {
233 ConsumerDefinition tmpConsumer = new ConsumerDefinition();
234 tmpConsumer.setConsumerName(consumerId);
235 // In case of filter (southbound) call
237 Either<User, ResponseFormat> userValidation = validateUser(user, tmpConsumer, AuditingActionEnum.GET_ECOMP_USER_CREDENTIALS);
238 if (userValidation.isRight()) {
239 return Either.right(userValidation.right().value());
241 user = userValidation.left().value();
243 Either<ConsumerData, StorageOperationStatus> getResult = consumerOperation.getCredentials(consumerId);
244 if (getResult.isRight()) {
245 ActionStatus action = componentsUtils.convertFromStorageResponseForConsumer(getResult.right().value());
246 ResponseFormat responseFormat;
247 if (action == ActionStatus.ECOMP_USER_NOT_FOUND) {
248 responseFormat = componentsUtils.getResponseFormat(action, consumerId);
250 responseFormat = componentsUtils.getResponseFormat(action);
252 componentsUtils.auditConsumerCredentialsEvent(AuditingActionEnum.GET_ECOMP_USER_CREDENTIALS, tmpConsumer, responseFormat, user);
253 return Either.right(responseFormat);
255 ConsumerDefinition consumer = new ConsumerDefinition(getResult.left().value().getConsumerDataDefinition());
256 ResponseFormat responseFormat = componentsUtils.getResponseFormat(ActionStatus.OK);
257 componentsUtils.auditConsumerCredentialsEvent(AuditingActionEnum.GET_ECOMP_USER_CREDENTIALS, consumer, responseFormat, user);
258 return Either.left(consumer);
261 public Either<ConsumerDefinition, ResponseFormat> getConsumer(String consumerId) {
262 return getConsumer(consumerId, null);
265 public Either<ConsumerDefinition, ResponseFormat> deleteConsumer(String consumerId, User user) {
266 ConsumerDefinition tmpConsumer = new ConsumerDefinition();
267 tmpConsumer.setConsumerName(consumerId);
268 Either<User, ResponseFormat> userValidation = validateUser(user, tmpConsumer, AuditingActionEnum.DELETE_ECOMP_USER_CREDENTIALS);
269 if (userValidation.isRight()) {
270 return Either.right(userValidation.right().value());
272 user = userValidation.left().value();
273 Either<ConsumerData, StorageOperationStatus> deleteResult = consumerOperation.deleteCredentials(consumerId);
274 if (deleteResult.isRight()) {
275 ActionStatus action = componentsUtils.convertFromStorageResponseForConsumer(deleteResult.right().value());
276 ResponseFormat responseFormat;
277 if (action == ActionStatus.ECOMP_USER_NOT_FOUND) {
278 responseFormat = componentsUtils.getResponseFormat(action, consumerId);
280 responseFormat = componentsUtils.getResponseFormat(action);
282 componentsUtils.auditConsumerCredentialsEvent(AuditingActionEnum.DELETE_ECOMP_USER_CREDENTIALS, tmpConsumer, responseFormat, user);
283 return Either.right(responseFormat);
285 ConsumerDefinition consumer = new ConsumerDefinition(deleteResult.left().value().getConsumerDataDefinition());
286 ResponseFormat responseFormat = componentsUtils.getResponseFormat(ActionStatus.OK);
287 componentsUtils.auditConsumerCredentialsEvent(AuditingActionEnum.DELETE_ECOMP_USER_CREDENTIALS, consumer, responseFormat, user);
288 return Either.left(consumer);
291 public Either<ConsumerDefinition, ResponseFormat> updateConsumer(ConsumerDefinition consumer, User modifier, boolean isCreateRequest) {
292 Either<ConsumerData, StorageOperationStatus> updateResult = consumerOperation.updateCredentials(new ConsumerData(consumer));
293 if (updateResult.isRight()) {
294 ResponseFormat responseFormat = componentsUtils.getResponseFormat(componentsUtils.convertFromStorageResponseForConsumer(updateResult.right().value()));
295 return Either.right(responseFormat);
297 consumer = new ConsumerDefinition(updateResult.left().value().getConsumerDataDefinition());
298 return Either.left(consumer);
301 private void checkFieldsForOverrideAttempt(ConsumerDefinition consumer) {
302 if (consumer.getConsumerDetailsLastupdatedtime() != null) {
303 log.info("Consumer Details Last updated time cannot be defined by user. This field will be overridden by the application");
305 if (consumer.getConsumerLastAuthenticationTime() != null) {
306 log.info("Consumer Last Authentication time cannot be defined by user. This field will be overridden by the application");
308 if (consumer.getLastModfierAtuid() != null) {
309 log.info("Consumer Last Modifier USER_ID cannot be defined by user. This field will be overridden by the application");