2 * ============LICENSE_START==========================================
4 * ===================================================================
5 * Copyright (C) 2017 AT&T Intellectual Property. All rights reserved.
6 * ===================================================================
8 * Unless otherwise specified, all software contained herein is licensed
9 * under the Apache License, Version 2.0 (the "License");
10 * you may not use this software except in compliance with the License.
11 * You may obtain a copy of the License at
13 * http://www.apache.org/licenses/LICENSE-2.0
15 * Unless required by applicable law or agreed to in writing, software
16 * distributed under the License is distributed on an "AS IS" BASIS,
17 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
18 * See the License for the specific language governing permissions and
19 * limitations under the License.
21 * Unless otherwise specified, all documentation contained herein is licensed
22 * under the Creative Commons License, Attribution 4.0 Intl. (the "License");
23 * you may not use this documentation except in compliance with the License.
24 * You may obtain a copy of the License at
26 * https://creativecommons.org/licenses/by/4.0/
28 * Unless required by applicable law or agreed to in writing, documentation
29 * distributed under the License is distributed on an "AS IS" BASIS,
30 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
31 * See the License for the specific language governing permissions and
32 * limitations under the License.
34 * ============LICENSE_END============================================
36 * ECOMP is a trademark and service mark of AT&T Intellectual Property.
38 package org.onap.portalapp.portal.service;
40 import java.util.Date;
41 import java.util.HashMap;
42 import java.util.HashSet;
43 import java.util.List;
47 import org.onap.portalapp.command.EPLoginBean;
48 import org.onap.portalapp.portal.domain.EPUser;
49 import org.onap.portalapp.portal.logging.aop.EPMetricsLog;
50 import org.onap.portalapp.portal.logging.format.EPAppMessagesEnum;
51 import org.onap.portalapp.portal.logging.logic.EPLogUtil;
52 import org.onap.portalapp.util.EPUserUtils;
53 import org.onap.portalsdk.core.logging.logic.EELFLoggerDelegate;
54 import org.onap.portalsdk.core.menu.MenuBuilder;
55 import org.onap.portalsdk.core.service.DataAccessService;
56 import org.onap.portalsdk.core.service.support.FusionService;
57 import org.onap.portalsdk.core.util.SystemProperties;
58 import org.onap.portalsdk.core.web.support.AppUtils;
59 import org.springframework.beans.factory.annotation.Autowired;
60 import org.springframework.context.annotation.EnableAspectJAutoProxy;
61 import org.springframework.stereotype.Service;
62 import org.springframework.transaction.annotation.Transactional;
64 @Service("eploginService")
66 @org.springframework.context.annotation.Configuration
67 @EnableAspectJAutoProxy
69 public class EPLoginServiceImpl extends FusionService implements EPLoginService {
70 EELFLoggerDelegate logger = EELFLoggerDelegate.getLogger(EPLoginServiceImpl.class);
73 private DataAccessService dataAccessService;
77 * @see org.openecomp.portalapp.portal.service.EPLoginService#findUser(org.openecomp.portalapp.command.EPLoginBean, java.lang.String, java.util.HashMap)
79 @SuppressWarnings("rawtypes")
80 public EPLoginBean findUser(EPLoginBean bean, String menuPropertiesFilename, HashMap additionalParams)
82 return findUser(bean, menuPropertiesFilename, additionalParams, true);
87 * @see org.openecomp.portalapp.portal.service.EPLoginService#findUser(org.openecomp.portalapp.command.EPLoginBean, java.lang.String, java.util.HashMap, boolean)
89 @SuppressWarnings("rawtypes")
90 public EPLoginBean findUser(EPLoginBean bean, String menuPropertiesFilename_ignored, HashMap additionalParams,
91 boolean matchPassword) throws Exception {
93 EPUser userCopy = null;
95 if (bean.getOrgUserId() != null) {
96 user = (EPUser) findUser(bean);
99 user = (EPUser) findUser(bean.getLoginId(), bean.getLoginPwd());
101 user = (EPUser) findUserWithoutPwd(bean.getLoginId());
104 // run this command to fetch more information from the lazily loaded
107 // This is funny - commenting out the following method call
108 // 1. What are we doing with the returned values of the following two
110 // 2. Use a guest user scenario - user object will be null - clealry,
112 // 3. A check of if(user !=null) is made AFTER these bogus calls :) - If
113 // these calls WERE doing anything significat (which they are not),
114 // shouln't they have been moved inside that if check?
116 // user.getEPUserApps();
119 // 1. This method is clearly doing more than 'getting roles' - Not a
121 // 2. Also, there is no null check - guest user scenarios will break the
122 // code with NPE - added the check - Do not want to remove the call
123 // altogether - not sure how it will effect things.
128 // raise an error if the portal application is locked and the user
130 // have system administrator privileges
131 if (AppUtils.isApplicationLocked()
132 && !EPUserUtils.hasRole(user, SystemProperties.getProperty(SystemProperties.SYS_ADMIN_ROLE_ID))) {
133 bean.setLoginErrorMessage(SystemProperties.MESSAGE_KEY_LOGIN_ERROR_APPLICATION_LOCKED);
134 EPLogUtil.logEcompError(logger, EPAppMessagesEnum.BeUserAdminPrivilegesInfo, user.getLoginId());
137 // raise an error if the user is inactive
138 if (!user.getActive()) {
139 bean.setLoginErrorMessage(SystemProperties.MESSAGE_KEY_LOGIN_ERROR_USER_INACTIVE);
140 EPLogUtil.logEcompError(logger, EPAppMessagesEnum.BeUserInactiveWarning, user.getLoginId());
143 // only login the user if no errors have occurred
144 if (bean.getLoginErrorMessage() == null) {
146 // this will be a snapshot of the user's information as
147 // retrieved from the database
148 userCopy = (EPUser) user.clone();
150 // update the last logged in date for the user
151 user.setLastLoginDate(new Date());
152 getDataAccessService().saveDomainObject(user, additionalParams);
154 // create the application menu based on the user's privileges
155 MenuBuilder menuBuilder = new MenuBuilder();
156 Set appMenu = menuBuilder.getMenu(
157 SystemProperties.getProperty(SystemProperties.APPLICATION_MENU_SET_NAME), dataAccessService);
158 bean.setMenu(appMenu != null ? appMenu : new HashSet());
159 Set businessDirectMenu = menuBuilder.getMenu(
160 SystemProperties.getProperty(SystemProperties.BUSINESS_DIRECT_MENU_SET_NAME),
162 bean.setBusinessDirectMenu(businessDirectMenu != null ? businessDirectMenu : new HashSet());
164 bean.setUser(userCopy);
168 EPLogUtil.logEcompError(logger, EPAppMessagesEnum.BeUserMissingError, bean.getOrgUserId());
175 * Searches the fn_user table for a row that matches the specified login_id
176 * and login_pwd values.
180 * @return EPUser object; null on error or if no match.
182 @SuppressWarnings("rawtypes")
183 private EPUser findUser(String loginId, String password) {
184 Map<String, String> params = new HashMap<>();
185 params.put("login_id", loginId);
186 params.put("login_pwd", password);
189 list = dataAccessService.executeNamedQuery("getEPUserByLoginIdLoginPwd", params, new HashMap());
190 } catch (Exception e) {
191 EPLogUtil.logEcompError(logger, EPAppMessagesEnum.BeDaoSystemError, e);
192 logger.error(EELFLoggerDelegate.errorLogger, "findUser failed on " + loginId, e);
194 return (list == null || list.isEmpty()) ? null : (EPUser) list.get(0);
197 @SuppressWarnings("rawtypes")
198 public EPUser findUserWithoutPwd(String loginId) {
199 Map<String, String> params = new HashMap<>();
200 params.put("login_id", loginId);
203 list = dataAccessService.executeNamedQuery("getEPUserByLoginId", params, new HashMap());
204 } catch (Exception e) {
205 EPLogUtil.logEcompError(logger, EPAppMessagesEnum.BeDaoSystemError, e);
206 logger.error(EELFLoggerDelegate.errorLogger, "findUserWithoutPwd failed on " + loginId, e);
208 return (list == null || list.isEmpty()) ? null : (EPUser) list.get(0);
212 * Searches the fn_user table for a row that matches the value of the bean's
213 * Organization User ID property.
216 * @return EPUser object; null on error or if no match.
218 @SuppressWarnings("rawtypes")
219 private EPUser findUser(EPLoginBean bean) {
220 Map<String, String> params = new HashMap<>();
221 params.put("org_user_id", bean.getOrgUserId());
224 list = dataAccessService.executeNamedQuery("getEPUserByOrgUserId", params, new HashMap());
225 } catch (Exception e) {
226 EPLogUtil.logEcompError(logger, EPAppMessagesEnum.BeDaoSystemError, e);
227 logger.error(EELFLoggerDelegate.errorLogger, "findUser(EPLoginBean) failed", e);
229 return (list == null || list.isEmpty()) ? null : (EPUser) list.get(0);
232 public DataAccessService getDataAccessService() {
233 return dataAccessService;
236 public void setDataAccessService(DataAccessService dataAccessService) {
237 this.dataAccessService = dataAccessService;