2 * ============LICENSE_START=======================================================
4 * ================================================================================
5 * Copyright (C) 2020 AT&T Intellectual Property. All rights reserved.
6 * ================================================================================
7 * Licensed under the Apache License, Version 2.0 (the "License");
8 * you may not use this file except in compliance with the License.
9 * You may obtain a copy of the License at
11 * http://www.apache.org/licenses/LICENSE-2.0
13 * Unless required by applicable law or agreed to in writing, software
14 * distributed under the License is distributed on an "AS IS" BASIS,
15 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
16 * See the License for the specific language governing permissions and
17 * limitations under the License.
18 * ============LICENSE_END=========================================================
21 package org.openecomp.sdc.be.filters;
23 import org.onap.sdc.security.AuthenticationCookie;
24 import org.onap.sdc.security.IUsersThreadLocalHolder;
25 import org.onap.sdc.security.PortalClient;
26 import org.onap.sdc.security.RestrictionAccessFilterException;
27 import org.openecomp.sdc.be.model.User;
28 import org.openecomp.sdc.be.user.UserBusinessLogic;
29 import org.openecomp.sdc.common.api.Constants;
30 import org.openecomp.sdc.common.datastructure.UserContext;
31 import org.openecomp.sdc.common.log.wrappers.Logger;
32 import org.openecomp.sdc.common.util.ThreadLocalsHolder;
33 import org.springframework.beans.factory.annotation.Autowired;
35 import javax.servlet.http.HttpServletRequest;
36 import java.util.Arrays;
37 import java.util.HashSet;
40 public class ThreadLocalUtils implements IUsersThreadLocalHolder {
43 PortalClient portalClient;
46 UserBusinessLogic userBusinessLogic;
48 private static final Logger log = Logger.getLogger(ThreadLocalUtils.class);
51 public void setUserContext(AuthenticationCookie authenticationCookie) {
52 UserContext userContext;
53 userContext = new UserContext(authenticationCookie.getUserID(), authenticationCookie.getRoles(), authenticationCookie.getFirstName(), authenticationCookie.getLastName());
54 ThreadLocalsHolder.setUserContext(userContext);
58 protected void setUserContext(HttpServletRequest httpRequest) {
60 String user_id = httpRequest.getHeader(Constants.USER_ID_HEADER);
61 if (user_id != null) {
62 String userRolesFromPortal = null;
63 Set<String> roles = null;
65 userRolesFromPortal = portalClient.fetchUserRolesFromPortal(user_id);
66 roles = new HashSet<>(Arrays.asList(userRolesFromPortal));
67 } catch (RestrictionAccessFilterException e) {
68 log.debug("Failed to fetch user ID - {} from portal", user_id);
69 log.debug(e.getMessage());
71 UserContext userContext = new UserContext(user_id, roles, null, null);
72 ThreadLocalsHolder.setUserContext(userContext);
73 } else log.debug("user_id value in req header is null, userContext will not be initialized");
76 protected void setUserContextFromDB(HttpServletRequest httpRequest) {
77 String user_id = httpRequest.getHeader(Constants.USER_ID_HEADER);
78 //there are some internal request that have no user_id header e.g. healthcheck
79 if (user_id != null) {
80 updateUserContext(user_id);
81 } else log.debug("user_id value in req header is null, userContext will not be initialized");
84 protected void setUserContextFromDB(AuthenticationCookie authenticationCookie) {
85 String user_id = authenticationCookie.getUserID();
86 updateUserContext(user_id);
89 private void updateUserContext(String user_id) {
90 User user = userBusinessLogic.getUser(user_id, false);
91 Set<String> roles = new HashSet<>(Arrays.asList(user.getRole()));
92 UserContext userContext = new UserContext(user_id, roles, user.getFirstName(), user.getLastName());
93 ThreadLocalsHolder.setUserContext(userContext);