2 * ============LICENSE_START==========================================
4 * ===================================================================
5 * Copyright (C) 2017 AT&T Intellectual Property. All rights reserved.
6 * ===================================================================
8 * Unless otherwise specified, all software contained herein is licensed
9 * under the Apache License, Version 2.0 (the "License");
10 * you may not use this software except in compliance with the License.
11 * You may obtain a copy of the License at
13 * http://www.apache.org/licenses/LICENSE-2.0
15 * Unless required by applicable law or agreed to in writing, software
16 * distributed under the License is distributed on an "AS IS" BASIS,
17 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
18 * See the License for the specific language governing permissions and
19 * limitations under the License.
21 * Unless otherwise specified, all documentation contained herein is licensed
22 * under the Creative Commons License, Attribution 4.0 Intl. (the "License");
23 * you may not use this documentation except in compliance with the License.
24 * You may obtain a copy of the License at
26 * https://creativecommons.org/licenses/by/4.0/
28 * Unless required by applicable law or agreed to in writing, documentation
29 * distributed under the License is distributed on an "AS IS" BASIS,
30 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
31 * See the License for the specific language governing permissions and
32 * limitations under the License.
34 * ============LICENSE_END============================================
38 package org.onap.portalapp.portal.service;
40 import java.util.Date;
41 import java.util.HashMap;
42 import java.util.HashSet;
43 import java.util.List;
47 import org.apache.commons.lang.StringUtils;
48 import org.onap.portalapp.command.EPLoginBean;
49 import org.onap.portalapp.portal.domain.EPUser;
50 import org.onap.portalapp.portal.logging.aop.EPMetricsLog;
51 import org.onap.portalapp.portal.logging.format.EPAppMessagesEnum;
52 import org.onap.portalapp.portal.logging.logic.EPLogUtil;
53 import org.onap.portalapp.util.EPUserUtils;
54 import org.onap.portalsdk.core.logging.logic.EELFLoggerDelegate;
55 import org.onap.portalsdk.core.menu.MenuBuilder;
56 import org.onap.portalsdk.core.onboarding.exception.CipherUtilException;
57 import org.onap.portalsdk.core.onboarding.util.CipherUtil;
58 import org.onap.portalsdk.core.service.DataAccessService;
59 import org.onap.portalsdk.core.service.support.FusionService;
60 import org.onap.portalsdk.core.util.SystemProperties;
61 import org.onap.portalsdk.core.web.support.AppUtils;
62 import org.springframework.beans.factory.annotation.Autowired;
63 import org.springframework.context.annotation.EnableAspectJAutoProxy;
64 import org.springframework.stereotype.Service;
65 import org.springframework.transaction.annotation.Transactional;
67 @Service("eploginService")
69 @org.springframework.context.annotation.Configuration
70 @EnableAspectJAutoProxy
72 public class EPLoginServiceImpl extends FusionService implements EPLoginService {
73 EELFLoggerDelegate logger = EELFLoggerDelegate.getLogger(EPLoginServiceImpl.class);
76 private DataAccessService dataAccessService;
80 * @see org.onap.portalapp.portal.service.EPLoginService#findUser(org.openecomp.portalapp.command.EPLoginBean, java.lang.String, java.util.HashMap)
82 @SuppressWarnings("rawtypes")
83 public EPLoginBean findUser(EPLoginBean bean, String menuPropertiesFilename, HashMap additionalParams)
85 return findUser(bean, menuPropertiesFilename, additionalParams, true);
90 * @see org.onap.portalapp.portal.service.EPLoginService#findUser(org.onap.portalapp.command.EPLoginBean, java.lang.String, java.util.HashMap, boolean)
92 @SuppressWarnings("rawtypes")
93 public EPLoginBean findUser(EPLoginBean bean, String menuPropertiesFilename_ignored, HashMap additionalParams,
94 boolean matchPassword) throws Exception {
96 EPUser userCopy = null;
98 if (bean.getOrgUserId() != null) {
99 user = (EPUser) findUser(bean);
102 user = (EPUser) findUser(bean.getLoginId(), bean.getLoginPwd());
104 user = (EPUser) findUserWithoutPwd(bean.getLoginId());
107 // run this command to fetch more information from the lazily loaded
110 // This is funny - commenting out the following method call
111 // 1. What are we doing with the returned values of the following two
113 // 2. Use a guest user scenario - user object will be null - clealry,
115 // 3. A check of if(user !=null) is made AFTER these bogus calls :) - If
116 // these calls WERE doing anything significat (which they are not),
117 // shouln't they have been moved inside that if check?
119 // user.getEPUserApps();
122 // 1. This method is clearly doing more than 'getting roles' - Not a
124 // 2. Also, there is no null check - guest user scenarios will break the
125 // code with NPE - added the check - Do not want to remove the call
126 // altogether - not sure how it will effect things.
131 // raise an error if the portal application is locked and the user
133 // have system administrator privileges
134 if (AppUtils.isApplicationLocked()
135 && !EPUserUtils.hasRole(user, SystemProperties.getProperty(SystemProperties.SYS_ADMIN_ROLE_ID))) {
136 bean.setLoginErrorMessage(SystemProperties.MESSAGE_KEY_LOGIN_ERROR_APPLICATION_LOCKED);
137 EPLogUtil.logEcompError(logger, EPAppMessagesEnum.BeUserAdminPrivilegesInfo, user.getLoginId());
140 // raise an error if the user is inactive
141 if (!user.getActive()) {
142 bean.setLoginErrorMessage(SystemProperties.MESSAGE_KEY_LOGIN_ERROR_USER_INACTIVE);
143 EPLogUtil.logEcompError(logger, EPAppMessagesEnum.BeUserInactiveWarning, user.getLoginId());
146 // only login the user if no errors have occurred
147 if (bean.getLoginErrorMessage() == null) {
149 // this will be a snapshot of the user's information as
150 // retrieved from the database
151 userCopy = (EPUser) user.clone();
153 // update the last logged in date for the user
154 user.setLastLoginDate(new Date());
155 getDataAccessService().saveDomainObject(user, additionalParams);
157 // create the application menu based on the user's privileges
158 MenuBuilder menuBuilder = new MenuBuilder();
159 Set appMenu = menuBuilder.getMenu(
160 SystemProperties.getProperty(SystemProperties.APPLICATION_MENU_SET_NAME), dataAccessService);
161 bean.setMenu(appMenu != null ? appMenu : new HashSet());
162 Set businessDirectMenu = menuBuilder.getMenu(
163 SystemProperties.getProperty(SystemProperties.BUSINESS_DIRECT_MENU_SET_NAME),
165 bean.setBusinessDirectMenu(businessDirectMenu != null ? businessDirectMenu : new HashSet());
167 bean.setUser(userCopy);
171 EPLogUtil.logEcompError(logger, EPAppMessagesEnum.BeUserMissingError, bean.getOrgUserId());
178 * Searches the fn_user table for a row that matches the specified login_id
179 * and login_pwd values.
183 * @return EPUser object; null on error or if no match.
185 @SuppressWarnings({ "rawtypes", "unchecked" })
186 private EPUser findUser(String loginId, String password) {
187 Map<String, String> params = new HashMap<>();
188 params.put("login_id", loginId);
189 List<EPUser> list = null;
191 list = dataAccessService.executeNamedQuery("getEPUserByLoginId", params, new HashMap());
192 for (EPUser user : list) {
194 if (StringUtils.isNotBlank(user.getLoginPwd())) {
195 final String dbDecryptedPwd = CipherUtil.decryptPKC(user.getLoginPwd());
196 if (dbDecryptedPwd.equals(password)) {
200 } catch (CipherUtilException e) {
201 logger.error(EELFLoggerDelegate.errorLogger, "findUser() failed", e);
205 } catch (Exception e) {
206 EPLogUtil.logEcompError(logger, EPAppMessagesEnum.BeDaoSystemError, e);
207 logger.error(EELFLoggerDelegate.errorLogger, "findUser failed on " + loginId, e);
212 @SuppressWarnings("rawtypes")
213 public EPUser findUserWithoutPwd(String loginId) {
214 Map<String, String> params = new HashMap<>();
215 params.put("login_id", loginId);
218 list = dataAccessService.executeNamedQuery("getEPUserByLoginId", params, new HashMap());
219 } catch (Exception e) {
220 EPLogUtil.logEcompError(logger, EPAppMessagesEnum.BeDaoSystemError, e);
221 logger.error(EELFLoggerDelegate.errorLogger, "findUserWithoutPwd failed on " + loginId, e);
223 return (list == null || list.isEmpty()) ? null : (EPUser) list.get(0);
227 * Searches the fn_user table for a row that matches the value of the bean's
228 * Organization User ID property.
231 * @return EPUser object; null on error or if no match.
233 @SuppressWarnings("rawtypes")
234 private EPUser findUser(EPLoginBean bean) {
235 Map<String, String> params = new HashMap<>();
236 params.put("org_user_id", bean.getOrgUserId());
239 list = dataAccessService.executeNamedQuery("getEPUserByOrgUserId", params, new HashMap());
240 } catch (Exception e) {
241 EPLogUtil.logEcompError(logger, EPAppMessagesEnum.BeDaoSystemError, e);
242 logger.error(EELFLoggerDelegate.errorLogger, "findUser(EPLoginBean) failed", e);
244 return (list == null || list.isEmpty()) ? null : (EPUser) list.get(0);
247 public DataAccessService getDataAccessService() {
248 return dataAccessService;
251 public void setDataAccessService(DataAccessService dataAccessService) {
252 this.dataAccessService = dataAccessService;