2 * ================================================================================
\r
4 * ================================================================================
\r
5 * Copyright (C) 2017 AT&T Intellectual Property
\r
6 * ================================================================================
\r
7 * Licensed under the Apache License, Version 2.0 (the "License");
\r
8 * you may not use this file except in compliance with the License.
\r
9 * You may obtain a copy of the License at
\r
11 * http://www.apache.org/licenses/LICENSE-2.0
\r
13 * Unless required by applicable law or agreed to in writing, software
\r
14 * distributed under the License is distributed on an "AS IS" BASIS,
\r
15 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
\r
16 * See the License for the specific language governing permissions and
\r
17 * limitations under the License.
\r
18 * ================================================================================
\r
20 package org.openecomp.portalapp.portal.service;
\r
22 import java.util.Date;
\r
23 import java.util.HashMap;
\r
24 import java.util.HashSet;
\r
25 import java.util.List;
\r
26 import java.util.Set;
\r
28 import org.springframework.beans.factory.annotation.Autowired;
\r
29 import org.springframework.context.annotation.EnableAspectJAutoProxy;
\r
30 import org.springframework.stereotype.Service;
\r
31 import org.springframework.transaction.annotation.Transactional;
\r
33 import org.openecomp.portalsdk.core.logging.logic.EELFLoggerDelegate;
\r
34 import org.openecomp.portalsdk.core.menu.MenuBuilder;
\r
35 import org.openecomp.portalsdk.core.service.DataAccessService;
\r
36 import org.openecomp.portalsdk.core.service.support.FusionService;
\r
37 import org.openecomp.portalsdk.core.util.SystemProperties;
\r
38 import org.openecomp.portalsdk.core.web.support.AppUtils;
\r
39 import org.openecomp.portalapp.command.EPLoginBean;
\r
40 import org.openecomp.portalapp.portal.domain.EPUser;
\r
41 import org.openecomp.portalapp.portal.logging.aop.EPMetricsLog;
\r
42 import org.openecomp.portalapp.portal.logging.format.EPAppMessagesEnum;
\r
43 import org.openecomp.portalapp.portal.logging.logic.EPLogUtil;
\r
44 import org.openecomp.portalapp.util.EPUserUtils;
\r
46 @Service("eploginService")
\r
48 @org.springframework.context.annotation.Configuration
\r
49 @EnableAspectJAutoProxy
\r
51 public class EPLoginServiceImpl extends FusionService implements EPLoginService {
\r
52 EELFLoggerDelegate logger = EELFLoggerDelegate.getLogger(EPLoginServiceImpl.class);
\r
55 private DataAccessService dataAccessService;
\r
59 * @see org.openecomp.portalapp.portal.service.EPLoginService#findUser(org.openecomp.portalapp.command.EPLoginBean, java.lang.String, java.util.HashMap)
\r
61 @SuppressWarnings("rawtypes")
\r
62 public EPLoginBean findUser(EPLoginBean bean, String menuPropertiesFilename, HashMap additionalParams)
\r
64 return findUser(bean, menuPropertiesFilename, additionalParams, true);
\r
69 * @see org.openecomp.portalapp.portal.service.EPLoginService#findUser(org.openecomp.portalapp.command.EPLoginBean, java.lang.String, java.util.HashMap, boolean)
\r
71 @SuppressWarnings("rawtypes")
\r
72 public EPLoginBean findUser(EPLoginBean bean, String menuPropertiesFilename_ignored, HashMap additionalParams,
\r
73 boolean matchPassword) throws Exception {
\r
75 EPUser userCopy = null;
\r
77 if (bean.getOrgUserId() != null) {
\r
78 user = (EPUser) findUser(bean);
\r
81 user = (EPUser) findUser(bean.getLoginId(), bean.getLoginPwd());
\r
83 user = (EPUser) findUserWithoutPwd(bean.getLoginId());
\r
86 // run this command to fetch more information from the lazily loaded
\r
89 // This is funny - commenting out the following method call
\r
90 // 1. What are we doing with the returned values of the following two
\r
91 // methods? Nothing.
\r
92 // 2. Use a guest user scenario - user object will be null - clealry,
\r
94 // 3. A check of if(user !=null) is made AFTER these bogus calls :) - If
\r
95 // these calls WERE doing anything significat (which they are not),
\r
96 // shouln't they have been moved inside that if check?
\r
98 // user.getEPUserApps();
\r
101 // 1. This method is clearly doing more than 'getting roles' - Not a
\r
103 // 2. Also, there is no null check - guest user scenarios will break the
\r
104 // code with NPE - added the check - Do not want to remove the call
\r
105 // altogether - not sure how it will effect things.
\r
107 if (user != null) {
\r
110 // raise an error if the portal application is locked and the user
\r
112 // have system administrator privileges
\r
113 if (AppUtils.isApplicationLocked()
\r
114 && !EPUserUtils.hasRole(user, SystemProperties.getProperty(SystemProperties.SYS_ADMIN_ROLE_ID))) {
\r
115 bean.setLoginErrorMessage(SystemProperties.MESSAGE_KEY_LOGIN_ERROR_APPLICATION_LOCKED);
\r
116 EPLogUtil.logEcompError(logger, EPAppMessagesEnum.BeUserAdminPrivilegesInfo, user.getLoginId());
\r
119 // raise an error if the user is inactive
\r
120 if (!user.getActive()) {
\r
121 bean.setLoginErrorMessage(SystemProperties.MESSAGE_KEY_LOGIN_ERROR_USER_INACTIVE);
\r
122 EPLogUtil.logEcompError(logger, EPAppMessagesEnum.BeUserInactiveWarning, user.getLoginId());
\r
125 // only login the user if no errors have occurred
\r
126 if (bean.getLoginErrorMessage() == null) {
\r
128 // this will be a snapshot of the user's information as
\r
129 // retrieved from the database
\r
130 userCopy = (EPUser) user.clone();
\r
132 // update the last logged in date for the user
\r
133 user.setLastLoginDate(new Date());
\r
134 getDataAccessService().saveDomainObject(user, additionalParams);
\r
136 // create the application menu based on the user's privileges
\r
137 MenuBuilder menuBuilder = new MenuBuilder();
\r
138 Set appMenu = menuBuilder.getMenu(
\r
139 SystemProperties.getProperty(SystemProperties.APPLICATION_MENU_SET_NAME), dataAccessService);
\r
140 bean.setMenu(appMenu != null ? appMenu : new HashSet());
\r
141 Set businessDirectMenu = menuBuilder.getMenu(
\r
142 SystemProperties.getProperty(SystemProperties.BUSINESS_DIRECT_MENU_SET_NAME),
\r
143 dataAccessService);
\r
144 bean.setBusinessDirectMenu(businessDirectMenu != null ? businessDirectMenu : new HashSet());
\r
146 bean.setUser(userCopy);
\r
150 EPLogUtil.logEcompError(logger, EPAppMessagesEnum.BeUserMissingError, bean.getOrgUserId());
\r
157 * Searches the fn_user table for a row that matches the specified login_id
\r
158 * and login_pwd values.
\r
162 * @return EPUser object; null on error or if no match.
\r
164 private EPUser findUser(String loginId, String password) {
\r
165 List<?> list = null;
\r
167 StringBuffer criteria = new StringBuffer();
\r
168 criteria.append(" where login_id = '").append(loginId).append("'").append(" and login_pwd = '").append(password)
\r
172 list = getDataAccessService().getList(EPUser.class, criteria.toString(), null, null);
\r
173 } catch (Exception e) {
\r
174 EPLogUtil.logEcompError(logger, EPAppMessagesEnum.BeDaoSystemError, e);
\r
175 logger.error(EELFLoggerDelegate.errorLogger, "findUser(String) failed on " + loginId, e);
\r
178 return (list == null || list.size() == 0) ? null : (EPUser) list.get(0);
\r
183 * @see org.openecomp.portalapp.portal.service.EPLoginService#findUserWithoutPwd(java.lang.String)
\r
186 public EPUser findUserWithoutPwd(String loginId) {
\r
187 List<?> list = null;
\r
189 StringBuffer criteria = new StringBuffer();
\r
190 criteria.append(" where login_id = '").append(loginId).append("'");
\r
193 list = getDataAccessService().getList(EPUser.class, criteria.toString(), null, null);
\r
194 } catch (Exception e) {
\r
195 EPLogUtil.logEcompError(logger, EPAppMessagesEnum.BeDaoSystemError, e);
\r
196 String message = "findUserWithoutPwd failed on " + loginId;
\r
197 logger.error(EELFLoggerDelegate.errorLogger, message, e);
\r
200 return (list == null || list.size() == 0) ? null : (EPUser) list.get(0);
\r
204 * Searches the fn_user table for a row that matches the value of the bean's
\r
205 * Organization User ID property.
\r
208 * @return EPUser object; null on error or if no match.
\r
210 private EPUser findUser(EPLoginBean bean) {
\r
211 List<?> list = null;
\r
213 StringBuffer criteria = new StringBuffer();
\r
214 criteria.append(" where orgUserId = '").append(bean.getOrgUserId()).append("'");
\r
217 list = getDataAccessService().getList(EPUser.class, criteria.toString(), null, null);
\r
218 } catch (Exception e) {
\r
219 EPLogUtil.logEcompError(logger, EPAppMessagesEnum.BeDaoSystemError, e);
\r
220 logger.error(EELFLoggerDelegate.errorLogger, "findUser(EPLoginBean) failed", e);
\r
223 return (list == null || list.size() == 0) ? null : (EPUser) list.get(0);
\r
226 public DataAccessService getDataAccessService() {
\r
227 return dataAccessService;
\r
230 public void setDataAccessService(DataAccessService dataAccessService) {
\r
231 this.dataAccessService = dataAccessService;
\r