2 * ================================================================================
4 * ================================================================================
5 * Copyright (C) 2017 AT&T Intellectual Property
6 * ================================================================================
7 * Licensed under the Apache License, Version 2.0 (the "License");
8 * you may not use this file except in compliance with the License.
9 * You may obtain a copy of the License at
11 * http://www.apache.org/licenses/LICENSE-2.0
13 * Unless required by applicable law or agreed to in writing, software
14 * distributed under the License is distributed on an "AS IS" BASIS,
15 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
16 * See the License for the specific language governing permissions and
17 * limitations under the License.
18 * ================================================================================
20 package org.openecomp.portalapp.portal.service;
22 import java.util.ArrayList;
23 import java.util.HashMap;
24 import java.util.List;
26 import javax.annotation.PostConstruct;
28 import org.apache.cxf.common.util.StringUtils;
29 import org.hibernate.Session;
30 import org.hibernate.SessionFactory;
31 import org.hibernate.Transaction;
32 import org.openecomp.portalapp.portal.domain.EPApp;
33 import org.openecomp.portalapp.portal.domain.EPRole;
34 import org.openecomp.portalapp.portal.domain.EPUser;
35 import org.openecomp.portalapp.portal.domain.EPUserApp;
36 import org.openecomp.portalapp.portal.domain.UserIdRoleId;
37 import org.openecomp.portalapp.portal.domain.UserRole;
38 import org.openecomp.portalapp.portal.logging.aop.EPMetricsLog;
39 import org.openecomp.portalapp.portal.logging.format.EPAppMessagesEnum;
40 import org.openecomp.portalapp.portal.logging.logic.EPLogUtil;
41 import org.openecomp.portalapp.portal.transport.AppNameIdIsAdmin;
42 import org.openecomp.portalapp.portal.transport.AppsListWithAdminRole;
43 import org.openecomp.portalapp.portal.utils.EPSystemProperties;
44 import org.openecomp.portalapp.portal.utils.EcompPortalUtils;
45 import org.openecomp.portalsdk.core.logging.logic.EELFLoggerDelegate;
46 import org.openecomp.portalsdk.core.service.DataAccessService;
47 import org.openecomp.portalsdk.core.util.SystemProperties;
48 import org.springframework.beans.factory.annotation.Autowired;
49 import org.springframework.context.annotation.EnableAspectJAutoProxy;
50 import org.springframework.stereotype.Service;
51 import org.springframework.transaction.annotation.Transactional;
53 @Service("adminRolesService")
55 @org.springframework.context.annotation.Configuration
56 @EnableAspectJAutoProxy
58 public class AdminRolesServiceImpl implements AdminRolesService {
60 private Long SYS_ADMIN_ROLE_ID = 1L;
61 private Long ACCOUNT_ADMIN_ROLE_ID = 999L;
62 private Long ECOMP_APP_ID = 1L;
64 EELFLoggerDelegate logger = EELFLoggerDelegate.getLogger(AdminRolesServiceImpl.class);
67 private SessionFactory sessionFactory;
69 private DataAccessService dataAccessService;
71 SearchService searchService;
73 EPAppService appsService;
78 SYS_ADMIN_ROLE_ID = Long.valueOf(SystemProperties.getProperty(EPSystemProperties.SYS_ADMIN_ROLE_ID));
79 ACCOUNT_ADMIN_ROLE_ID = Long.valueOf(SystemProperties.getProperty(EPSystemProperties.ACCOUNT_ADMIN_ROLE_ID));
80 ECOMP_APP_ID = Long.valueOf(SystemProperties.getProperty(EPSystemProperties.ECOMP_APP_ID));
81 } catch(Exception e) {
82 logger.error(EELFLoggerDelegate.errorLogger, EcompPortalUtils.getStackTrace(e));
87 @SuppressWarnings("unchecked")
88 public AppsListWithAdminRole getAppsWithAdminRoleStateForUser(String orgUserId) {
89 AppsListWithAdminRole appsListWithAdminRole = null;
92 List<EPUser> userList = dataAccessService.getList(EPUser.class, " where org_user_id = '" + orgUserId + "'", null,
94 HashMap<Long, Long> appsUserAdmin = new HashMap<Long, Long>();
95 if (userList.size() > 0) {
96 EPUser user = userList.get(0);
97 List<EPUserApp> userAppList = null;
99 userAppList = dataAccessService.getList(EPUserApp.class,
100 " where userId = " + user.getId() + " and role.id = " + ACCOUNT_ADMIN_ROLE_ID, null, null);
101 } catch (Exception e) {
102 logger.error(EELFLoggerDelegate.errorLogger, EcompPortalUtils.getStackTrace(e));
103 EPLogUtil.logEcompError(EPAppMessagesEnum.BeDaoSystemError);
105 for (EPUserApp userApp : userAppList) {
106 appsUserAdmin.put(userApp.getAppId(), userApp.getUserId());
110 appsListWithAdminRole = new AppsListWithAdminRole();
111 appsListWithAdminRole.orgUserId = orgUserId;
112 List<EPApp> appsList = null;
114 appsList = dataAccessService.getList(EPApp.class, " where enabled = 'Y'", null, null);
115 } catch (Exception e) {
116 logger.error(EELFLoggerDelegate.errorLogger, EcompPortalUtils.getStackTrace(e));
117 EPLogUtil.logEcompError(EPAppMessagesEnum.BeDaoSystemError);
119 for (EPApp app : appsList) {
120 AppNameIdIsAdmin appNameIdIsAdmin = new AppNameIdIsAdmin();
121 appNameIdIsAdmin.id = app.getId();
122 appNameIdIsAdmin.appName = app.getName();
123 appNameIdIsAdmin.isAdmin = new Boolean(appsUserAdmin.containsKey(app.getId()));
124 appNameIdIsAdmin.restrictedApp = app.isRestrictedApp();
125 appsListWithAdminRole.appsRoles.add(appNameIdIsAdmin);
127 } catch (Exception e) {
128 logger.error(EELFLoggerDelegate.errorLogger, "Exception occurred while performing AdminRolesServiceImpl.getAppsWithAdminRoleStateForUser operation, Details:"
129 + EcompPortalUtils.getStackTrace(e));
132 return appsListWithAdminRole;
135 private static final Object syncRests = new Object();
138 @SuppressWarnings("unchecked")
139 public boolean setAppsWithAdminRoleStateForUser(AppsListWithAdminRole newAppsListWithAdminRoles) {
140 boolean result = false;
141 // No changes if no new roles list or no userId.
142 if (!StringUtils.isEmpty(newAppsListWithAdminRoles.orgUserId) && newAppsListWithAdminRoles.appsRoles != null) {
143 synchronized (syncRests) {
144 List<EPApp> apps = appsService.getAppsFullList();
145 HashMap<Long, EPApp> enabledApps = new HashMap<Long, EPApp>();
146 for (EPApp app : apps) {
147 if (app.getEnabled().booleanValue()) {
148 enabledApps.put(app.getId(), app);
151 List<AppNameIdIsAdmin> newAppsWhereUserIsAdmin = new ArrayList<AppNameIdIsAdmin>();
152 for (AppNameIdIsAdmin adminRole : newAppsListWithAdminRoles.appsRoles) {
153 // user Admin role may be added only for enabled apps
154 if (adminRole.isAdmin.booleanValue() && enabledApps.containsKey(adminRole.id)) {
155 newAppsWhereUserIsAdmin.add(adminRole);
159 boolean createNewUser = false;
160 String orgUserId = newAppsListWithAdminRoles.orgUserId.trim();
161 List<EPUser> localUserList = dataAccessService.getList(EPUser.class, " where org_user_id='" + orgUserId + "'",
163 List<EPUserApp> oldAppsWhereUserIsAdmin = new ArrayList<EPUserApp>();
164 if (localUserList.size() > 0) {
165 EPUser tmpUser = localUserList.get(0);
166 oldAppsWhereUserIsAdmin = dataAccessService.getList(EPUserApp.class,
167 " where userId = " + tmpUser.getId() + " and role.id = " + ACCOUNT_ADMIN_ROLE_ID, null,
169 if (oldAppsWhereUserIsAdmin.size() > 0 || newAppsWhereUserIsAdmin.size() > 0) {
172 } else if (newAppsWhereUserIsAdmin.size() > 0) {
173 // we create new user only if he has Admin Role for any App
174 createNewUser = true;
176 if (user != null || createNewUser) {
177 Session localSession = null;
178 Transaction transaction = null;
180 localSession = sessionFactory.openSession();
181 transaction = localSession.beginTransaction();
183 user = this.searchService.searchUserByUserId(orgUserId);
185 // insert the user with active true in order to
187 user.setActive(true);
188 localSession.save(EPUser.class.getName(), user);
191 for (EPUserApp oldUserApp : oldAppsWhereUserIsAdmin) {
192 // user Admin role may be deleted only for enabled
194 if (enabledApps.containsKey(oldUserApp.getAppId())) {
195 localSession.delete(oldUserApp);
198 for (AppNameIdIsAdmin appNameIdIsAdmin : newAppsWhereUserIsAdmin) {
199 EPApp app = (EPApp) localSession.get(EPApp.class, appNameIdIsAdmin.id);
200 EPRole role = (EPRole) localSession.get(EPRole.class, new Long(ACCOUNT_ADMIN_ROLE_ID));
201 EPUserApp newUserApp = new EPUserApp();
202 newUserApp.setUserId(user.getId());
203 newUserApp.setApp(app);
204 newUserApp.setRole(role);
205 localSession.save(EPUserApp.class.getName(), newUserApp);
207 transaction.commit();
209 } catch (Exception e) {
210 EPLogUtil.logEcompError(EPAppMessagesEnum.BeDaoSystemError);
211 logger.error(EELFLoggerDelegate.errorLogger, "setAppsWithAdminRoleStateForUser: exception in point 2 = "
212 + EcompPortalUtils.getStackTrace(e));
214 transaction.rollback();
215 } catch (Exception ex) {
216 EPLogUtil.logEcompError(EPAppMessagesEnum.BeExecuteRollbackError);
217 logger.error(EELFLoggerDelegate.errorLogger, "setAppsWithAdminRoleStateForUser: exception in point 3 = "
218 + EcompPortalUtils.getStackTrace(ex));
222 localSession.close();
223 } catch (Exception e) {
224 EPLogUtil.logEcompError(EPAppMessagesEnum.BeDaoCloseSessionError);
225 logger.error(EELFLoggerDelegate.errorLogger, "setAppsWithAdminRoleStateForUser: exception in point 4 = "
226 + EcompPortalUtils.getStackTrace(e));
236 @SuppressWarnings("unchecked")
238 public boolean isSuperAdmin(EPUser user) {
239 if ((user != null) /* && (user.getId() == null) */ && (user.getOrgUserId() != null)) {
240 String sql = "SELECT user.USER_ID, user.ORG_USER_ID, userrole.ROLE_ID, userrole.APP_ID FROM fn_user_role userrole "
241 + "INNER JOIN fn_user user ON user.USER_ID = userrole.USER_ID " + "WHERE user.ORG_USER_ID = '"
242 + user.getOrgUserId() + "' " + "AND userrole.ROLE_ID = '" + SYS_ADMIN_ROLE_ID + "' "
243 + "AND userrole.APP_ID = '" + ECOMP_APP_ID + "';";
245 List<UserRole> userRoleList = dataAccessService.executeSQLQuery(sql, UserIdRoleId.class, null);
246 if (userRoleList != null && userRoleList.size() > 0) {
249 } catch (Exception e) {
250 EPLogUtil.logEcompError(EPAppMessagesEnum.BeDaoSystemError);
251 logger.error(EELFLoggerDelegate.errorLogger, "Exception occurred while executing isSuperAdmin operation, Details: "
252 + EcompPortalUtils.getStackTrace(e));
257 // User currentUser = user != null ? (User)
258 // dataAccessService.getDomainObject(User.class, user.getId(), null) :
260 // if (currentUser != null && currentUser.getId() != null) {
261 // for (UserApp userApp : currentUser.getUserApps()) {
262 // if (userApp.getApp().getId().equals(ECOMP_APP_ID) &&
263 // userApp.getRole().getId().equals(SYS_ADMIN_ROLE_ID)) {
264 // // Super Administrator role is global, no need to keep iterating
273 public boolean isAccountAdmin(EPUser user) {
275 EPUser currentUser = user != null
276 ? (EPUser) dataAccessService.getDomainObject(EPUser.class, user.getId(), null) : null;
277 if (currentUser != null && currentUser.getId() != null) {
278 for (EPUserApp userApp : currentUser.getEPUserApps()) {
279 if (!userApp.getApp().getId().equals(ECOMP_APP_ID)
280 && userApp.getRole().getId().equals(ACCOUNT_ADMIN_ROLE_ID)) {
281 // Account Administrator sees only the applications
282 // he/she is Administrator
287 } catch (Exception e) {
288 EPLogUtil.logEcompError(EPAppMessagesEnum.BeDaoSystemError);
289 logger.error(EELFLoggerDelegate.errorLogger, "Exception occurred while executing isAccountAdmin operation, Details: "
290 + EcompPortalUtils.getStackTrace(e));
295 public boolean isUser(EPUser user) {
297 EPUser currentUser = user != null
298 ? (EPUser) dataAccessService.getDomainObject(EPUser.class, user.getId(), null) : null;
299 if (currentUser != null && currentUser.getId() != null) {
300 for (EPUserApp userApp : currentUser.getEPUserApps()) {
301 if (!userApp.getApp().getId().equals(ECOMP_APP_ID)) {
302 EPRole role = userApp.getRole();
303 if (!role.getId().equals(SYS_ADMIN_ROLE_ID) && !role.getId().equals(ACCOUNT_ADMIN_ROLE_ID)) {
304 if (role.getActive()) {
311 } catch (Exception e) {
312 EPLogUtil.logEcompError(EPAppMessagesEnum.BeDaoSystemError);
313 logger.error(EELFLoggerDelegate.errorLogger, "Exception occurred while executing isUser operation, Details: "
314 + EcompPortalUtils.getStackTrace(e));