2 * ================================================================================
\r
4 * ================================================================================
\r
5 * Copyright (C) 2017 AT&T Intellectual Property
\r
6 * ================================================================================
\r
7 * Licensed under the Apache License, Version 2.0 (the "License");
\r
8 * you may not use this file except in compliance with the License.
\r
9 * You may obtain a copy of the License at
\r
11 * http://www.apache.org/licenses/LICENSE-2.0
\r
13 * Unless required by applicable law or agreed to in writing, software
\r
14 * distributed under the License is distributed on an "AS IS" BASIS,
\r
15 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
\r
16 * See the License for the specific language governing permissions and
\r
17 * limitations under the License.
\r
18 * ================================================================================
\r
20 package org.openecomp.portalapp.util;
\r
22 import java.util.Enumeration;
\r
23 import java.util.HashMap;
\r
24 import java.util.HashSet;
\r
25 import java.util.Iterator;
\r
26 import java.util.List;
\r
27 import java.util.Set;
\r
28 import java.util.UUID;
\r
30 import javax.servlet.ServletContext;
\r
31 import javax.servlet.http.HttpServletRequest;
\r
32 import javax.servlet.http.HttpSession;
\r
34 import org.openecomp.portalapp.portal.domain.EPRole;
\r
35 import org.openecomp.portalapp.portal.domain.EPUser;
\r
36 import org.openecomp.portalapp.portal.domain.EPUserApp;
\r
37 import org.openecomp.portalapp.portal.utils.EcompPortalUtils;
\r
38 import org.openecomp.portalsdk.core.domain.RoleFunction;
\r
39 import org.openecomp.portalsdk.core.exception.SessionExpiredException;
\r
40 import org.openecomp.portalsdk.core.lm.FusionLicenseManager;
\r
41 import org.openecomp.portalsdk.core.logging.logic.EELFLoggerDelegate;
\r
42 import org.openecomp.portalsdk.core.menu.MenuBuilder;
\r
43 import org.openecomp.portalsdk.core.service.DataAccessService;
\r
44 import org.openecomp.portalsdk.core.util.SystemProperties;
\r
45 import org.openecomp.portalsdk.core.web.support.AppUtils;
\r
46 import org.springframework.beans.factory.annotation.Autowired;
\r
48 public class EPUserUtils {
\r
50 private static EELFLoggerDelegate logger = EELFLoggerDelegate.getLogger(EPUserUtils.class);
\r
52 private final static Long ACCOUNT_ADMIN_ROLE_ID = 999L;
\r
54 public static final String ALL_ROLE_FUNCTIONS = "allRoleFunctions";
\r
56 private static DataAccessService dataAccessService;
\r
59 * Gets the EPUser object from the session.
\r
62 * HttpServletRequest
\r
63 * @return EPUser object that was created upon login
\r
64 * @throws SessionExpiredException
\r
65 * if no session exists.
\r
67 public static EPUser getUserSession(HttpServletRequest request) {
\r
68 HttpSession session = AppUtils.getSession(request);
\r
69 if (session == null)
\r
70 throw new SessionExpiredException();
\r
71 return (EPUser) session.getAttribute(SystemProperties.getProperty(SystemProperties.USER_ATTRIBUTE_NAME));
\r
75 * Establishes the user's portal session
\r
78 * HttpServletRequest
\r
81 * @param applicationMenuData
\r
83 * @param businessDirectMenuData
\r
85 * @param loginMethod_ignored
\r
86 * How the user authenticated; ignored
\r
87 * @param allRoleFunctions
\r
88 * Set of user's roles
\r
90 @SuppressWarnings("rawtypes")
\r
91 public static void setUserSession(HttpServletRequest request, EPUser user, Set applicationMenuData,
\r
92 Set businessDirectMenuData, String loginMethod_ignored, List<RoleFunction> allRoleFunctions) {
\r
93 HttpSession session = request.getSession(true);
\r
95 // clear the current user session to avoid any conflicts
\r
96 EPUserUtils.clearUserSession(request);
\r
97 session.setAttribute(SystemProperties.getProperty(SystemProperties.USER_ATTRIBUTE_NAME), user);
\r
99 getAllRoleFunctions(allRoleFunctions, session);
\r
101 getRoleFunctions(request);
\r
103 // truncate the role (and therefore the role function) data to save
\r
104 // memory in the session
\r
105 user.setEPRoles(null);
\r
106 session.setAttribute(SystemProperties.getProperty(SystemProperties.USER_NAME), user.getFullName());
\r
108 ServletContext context = session.getServletContext();
\r
109 int licenseVerificationFlag = 3;
\r
111 licenseVerificationFlag = (Integer) context.getAttribute("licenseVerification");
\r
112 } catch (Exception e) {
\r
113 logger.error(EELFLoggerDelegate.errorLogger, "setUserSession failed to get licenseVerification attribute",
\r
116 switch (licenseVerificationFlag) {
\r
117 case FusionLicenseManager.DEVELOPER_LICENSE:
\r
118 session.setAttribute(SystemProperties.getProperty(SystemProperties.APP_DISPLAY_NAME),
\r
119 "My Portal [Development Version]");
\r
121 case FusionLicenseManager.EXPIRED_LICENSE:
\r
122 session.setAttribute(SystemProperties.getProperty(SystemProperties.APP_DISPLAY_NAME),
\r
123 "My Portal [LICENSE EXPIRED]");
\r
125 case FusionLicenseManager.VALID_LICENSE:
\r
126 session.setAttribute(SystemProperties.getProperty(SystemProperties.APP_DISPLAY_NAME), "My Portal");
\r
129 session.setAttribute(SystemProperties.getProperty(SystemProperties.APP_DISPLAY_NAME),
\r
130 "My Portal [INVALID LICENSE]");
\r
134 session.setAttribute(SystemProperties.getProperty(SystemProperties.APPLICATION_MENU_ATTRIBUTE_NAME),
\r
135 MenuBuilder.filterMenu(applicationMenuData, request));
\r
136 session.setAttribute(SystemProperties.getProperty(SystemProperties.BUSINESS_DIRECT_MENU_ATTRIBUTE_NAME),
\r
137 MenuBuilder.filterMenu(businessDirectMenuData, request));
\r
141 * Creates a set of role function names and stores the set as a session
\r
144 * @param allRoleFunctions
\r
145 * List of role functions.
\r
149 private static void getAllRoleFunctions(List<RoleFunction> allRoleFunctions, HttpSession session) {
\r
150 if (allRoleFunctions == null)
\r
152 Set<String> roleFnSet = new HashSet<String>();
\r
153 for (RoleFunction roleFn : allRoleFunctions)
\r
154 roleFnSet.add(roleFn.getCode());
\r
155 session.setAttribute(ALL_ROLE_FUNCTIONS, roleFnSet);
\r
159 * Removes all stored attributes from the user's session
\r
162 * HttpServletRequest
\r
163 * @throws SessionExpiredException
\r
164 * if no session exists
\r
166 private static void clearUserSession(HttpServletRequest request) {
\r
167 HttpSession session = AppUtils.getSession(request);
\r
168 if (session == null)
\r
169 throw new SessionExpiredException();
\r
171 // removes all stored attributes from the current user's session
\r
172 session.removeAttribute(SystemProperties.getProperty(SystemProperties.USER_ATTRIBUTE_NAME));
\r
173 session.removeAttribute(SystemProperties.getProperty(SystemProperties.APPLICATION_MENU_ATTRIBUTE_NAME));
\r
174 session.removeAttribute(SystemProperties.getProperty(SystemProperties.BUSINESS_DIRECT_MENU_ATTRIBUTE_NAME));
\r
175 session.removeAttribute(SystemProperties.getProperty(SystemProperties.ROLES_ATTRIBUTE_NAME));
\r
176 session.removeAttribute(SystemProperties.getProperty(SystemProperties.ROLE_FUNCTIONS_ATTRIBUTE_NAME));
\r
180 * Builds a set of role functions and sets a session attribute with it.
\r
183 * HttpServletRequest
\r
184 * @return Set of role functions that was built.
\r
186 @SuppressWarnings({ "rawtypes", "unchecked" })
\r
187 private static Set getRoleFunctions(HttpServletRequest request) {
\r
188 HashSet roleFunctions = null;
\r
190 HttpSession session = request.getSession();
\r
191 roleFunctions = (HashSet) session
\r
192 .getAttribute(SystemProperties.getProperty(SystemProperties.ROLE_FUNCTIONS_ATTRIBUTE_NAME));
\r
194 if (roleFunctions == null) {
\r
195 HashMap roles = getRoles(request);
\r
196 roleFunctions = new HashSet();
\r
198 Iterator i = roles.keySet().iterator();
\r
200 while (i.hasNext()) {
\r
201 Long roleKey = (Long) i.next();
\r
202 EPRole role = (EPRole) roles.get(roleKey);
\r
204 Iterator j = role.getRoleFunctions().iterator();
\r
206 while (j.hasNext()) {
\r
207 RoleFunction function = (RoleFunction) j.next();
\r
208 roleFunctions.add(function.getCode());
\r
212 session.setAttribute(SystemProperties.getProperty(SystemProperties.ROLE_FUNCTIONS_ATTRIBUTE_NAME),
\r
216 return roleFunctions;
\r
220 * Gets role information from the user session, in the cached user object.
\r
221 * As a side effect sets a session variable with the roles.
\r
224 * HttpServletRequest
\r
225 * @return Map of role ID to role object
\r
227 @SuppressWarnings("rawtypes")
\r
228 private static HashMap getRoles(HttpServletRequest request) {
\r
229 HashMap roles = null;
\r
231 HttpSession session = AppUtils.getSession(request);
\r
232 roles = (HashMap) session.getAttribute(SystemProperties.getProperty(SystemProperties.ROLES_ATTRIBUTE_NAME));
\r
234 // if roles are not already cached, let's grab them from the user
\r
236 if (roles == null) {
\r
237 EPUser user = getUserSession(request);
\r
239 // get all user roles (including the tree of child roles)
\r
240 roles = getAllUserRoles(user);
\r
242 session.setAttribute(SystemProperties.getProperty(SystemProperties.ROLES_ATTRIBUTE_NAME), roles);
\r
249 * Builds a map of role ID to role object.
\r
253 * @return Map of role ID to role object
\r
255 @SuppressWarnings({ "rawtypes", "unchecked" })
\r
256 private static HashMap getAllUserRoles(EPUser user) {
\r
257 HashMap roles = new HashMap();
\r
258 Iterator i = user.getEPRoles().iterator();
\r
260 while (i.hasNext()) {
\r
261 EPRole role = (EPRole) i.next();
\r
263 if (role.getActive()) {
\r
264 roles.put(role.getId(), role);
\r
266 // let's take a recursive trip down the tree to add all child
\r
268 addChildRoles(role, roles);
\r
272 // Additionally; the account admin role is overloaded between ecomp
\r
273 // portal and partners; lets also include that
\r
274 Iterator<EPUserApp> appRolesIterator = user.getEPUserApps().iterator();
\r
275 while (appRolesIterator.hasNext()) {
\r
276 EPRole role = (EPRole) appRolesIterator.next().getRole();
\r
278 if (role.getActive() && role.getId().equals(ACCOUNT_ADMIN_ROLE_ID)) {
\r
279 roles.put(role.getId(), role);
\r
281 // let's take a recursive trip down the tree to add all child
\r
283 addChildRoles(role, roles);
\r
291 * Adds all child roles of the specified role to the map of roles.
\r
296 * Maps role id to role object
\r
298 @SuppressWarnings({ "rawtypes", "unchecked" })
\r
299 private static void addChildRoles(EPRole role, HashMap roles) {
\r
300 Set childRoles = role.getChildRoles();
\r
302 if (childRoles != null && childRoles.size() > 0) {
\r
303 Iterator j = childRoles.iterator();
\r
304 while (j.hasNext()) {
\r
305 EPRole childRole = (EPRole) j.next();
\r
307 if (childRole.getActive()) {
\r
308 roles.put(childRole.getId(), childRole);
\r
310 addChildRoles(childRole, roles);
\r
317 public static boolean hasRole(EPUser user, String roleKey) {
\r
318 return getAllUserRoles(user).keySet().contains(new Long(roleKey));
\r
321 public static DataAccessService getDataAccessService() {
\r
322 return dataAccessService;
\r
326 public void setDataAccessService(DataAccessService dataAccessService) {
\r
327 EPUserUtils.dataAccessService = dataAccessService;
\r
331 * Gets the user's ID from the user object in the session
\r
334 * HttpServletRequest
\r
335 * @return Integer ID of current user
\r
337 public static int getUserId(HttpServletRequest request) {
\r
338 return getUserIdAsLong(request).intValue();
\r
342 * Gets the user's ID from the user object in the session
\r
345 * HttpServletREquest
\r
346 * @return Long ID of current user
\r
348 public static Long getUserIdAsLong(HttpServletRequest request) {
\r
349 Long userId = new Long(SystemProperties.getProperty(SystemProperties.APPLICATION_USER_ID));
\r
350 if (request != null) {
\r
351 if (getUserSession(request) != null) {
\r
352 userId = getUserSession(request).getId();
\r
359 * Gets the request ID from the request.
\r
362 * HttpServletRequest
\r
363 * @return Request ID
\r
365 public static String getRequestId(HttpServletRequest request) {
\r
366 Enumeration<String> headerNames = request.getHeaderNames();
\r
368 String requestId = "";
\r
370 while (headerNames.hasMoreElements()) {
\r
371 String headerName = (String) headerNames.nextElement();
\r
372 logger.debug(EELFLoggerDelegate.debugLogger,
\r
373 "One header is " + headerName + " : " + request.getHeader(headerName));
\r
374 if (headerName.equalsIgnoreCase(SystemProperties.ECOMP_REQUEST_ID)) {
\r
375 requestId = request.getHeader(headerName);
\r
379 } catch (Exception e) {
\r
380 logger.error(EELFLoggerDelegate.errorLogger, "HEADER!!!! Exception : " + EcompPortalUtils.getStackTrace(e));
\r
383 return (requestId.isEmpty() ? UUID.randomUUID().toString() : requestId);
\r
387 * Gets the full URL from the request.
\r
390 * HttpServletRequest
\r
393 public static String getFullURL(HttpServletRequest request) {
\r
394 if (request != null) {
\r
395 StringBuffer requestURL = request.getRequestURL();
\r
396 String queryString = request.getQueryString();
\r
398 if (queryString == null) {
\r
399 return requestURL.toString();
\r
401 return requestURL.append('?').append(queryString).toString();
\r