2 * ============LICENSE_START==========================================
4 * ===================================================================
5 * Copyright (C) 2019 AT&T Intellectual Property. All rights reserved.
6 * ===================================================================
7 * Modifications Copyright (c) 2019 Samsung
8 * ===================================================================
10 * Unless otherwise specified, all software contained herein is licensed
11 * under the Apache License, Version 2.0 (the "License");
12 * you may not use this software except in compliance with the License.
13 * You may obtain a copy of the License at
15 * http://www.apache.org/licenses/LICENSE-2.0
17 * Unless required by applicable law or agreed to in writing, software
18 * distributed under the License is distributed on an "AS IS" BASIS,
19 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
20 * See the License for the specific language governing permissions and
21 * limitations under the License.
23 * Unless otherwise specified, all documentation contained herein is licensed
24 * under the Creative Commons License, Attribution 4.0 Intl. (the "License");
25 * you may not use this documentation except in compliance with the License.
26 * You may obtain a copy of the License at
28 * https://creativecommons.org/licenses/by/4.0/
30 * Unless required by applicable law or agreed to in writing, documentation
31 * distributed under the License is distributed on an "AS IS" BASIS,
32 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
33 * See the License for the specific language governing permissions and
34 * limitations under the License.
36 * ============LICENSE_END============================================
41 package org.onap.portal.service;
43 import java.util.HashMap;
44 import java.util.List;
46 import java.util.SortedSet;
47 import java.util.TreeSet;
48 import org.onap.portal.domain.db.ep.EpAppFunction;
49 import org.onap.portal.domain.db.fn.FnApp;
50 import org.onap.portal.domain.db.fn.FnRole;
51 import org.onap.portal.domain.dto.transport.CentralV2Role;
52 import org.onap.portal.exception.RoleFunctionException;
53 import org.onap.portal.logging.logic.EPLogUtil;
54 import org.onap.portal.service.ep.EpAppFunctionService;
55 import org.onap.portal.service.fn.FnRoleService;
56 import org.onap.portal.utils.EPCommonSystemProperties;
57 import org.onap.portal.utils.EPUserUtils;
58 import org.onap.portal.utils.EcompPortalUtils;
59 import org.onap.portal.utils.PortalConstants;
60 import org.onap.portalsdk.core.logging.logic.EELFLoggerDelegate;
61 import org.onap.portalsdk.core.util.SystemProperties;
62 import org.springframework.beans.factory.annotation.Autowired;
63 import org.springframework.http.HttpEntity;
64 import org.springframework.http.HttpMethod;
65 import org.springframework.http.ResponseEntity;
66 import org.springframework.stereotype.Service;
67 import org.springframework.web.client.RestTemplate;
70 public class ExternalAccessRolesService {
72 private static final String APP_ROLE_NAME_PARAM = "appRoleName";
73 private static final String GET_ROLE_TO_UPDATE_IN_EXTERNAL_AUTH_SYSTEM = "getRoletoUpdateInExternalAuthSystem";
74 private static final String GET_PORTAL_APP_ROLES_QUERY = "getPortalAppRoles";
75 private static final String GET_ROLE_FUNCTION_QUERY = "getRoleFunction";
76 private static final String FUNCTION_CODE_PARAMS = "functionCode";
77 private static final String AND_FUNCTION_CD_EQUALS = " and function_cd = '";
78 private static final String OWNER = ".owner";
79 private static final String ADMIN = ".admin";
80 private static final String ACCOUNT_ADMINISTRATOR = ".Account_Administrator";
81 private static final String FUNCTION_PIPE = "|";
82 private static final String EXTERNAL_AUTH_PERMS = "perms";
83 private static final String EXTERNAL_AUTH_ROLE_DESCRIPTION = "description";
84 private static final String IS_EMPTY_JSON_STRING = "{}";
85 private static final String CONNECTING_TO_EXTERNAL_AUTH_SYSTEM_LOG_MESSAGE = "Connecting to External Auth system";
86 private static final String APP_ID = "appId";
87 private static final String ROLE_NAME = "name";
88 private static final String APP_ID_EQUALS = " app_id = ";
90 private static EELFLoggerDelegate logger = EELFLoggerDelegate.getLogger(ExternalAccessRolesService.class);
91 private RestTemplate template = new RestTemplate();
93 private final FnRoleService fnRoleService;
94 private final EpAppFunctionService epAppFunctionService;
97 public ExternalAccessRolesService(FnRoleService fnRoleService,
98 EpAppFunctionService epAppFunctionService) {
99 this.fnRoleService = fnRoleService;
100 this.epAppFunctionService = epAppFunctionService;
103 public String getFunctionCodeType(String roleFuncItem) {
105 if ((roleFuncItem.contains(FUNCTION_PIPE) && roleFuncItem.contains("menu"))
106 || (!roleFuncItem.contains(FUNCTION_PIPE) && roleFuncItem.contains("menu"))) {
108 } else if (checkIfCodeHasNoPipesAndHasTypeUrl(roleFuncItem) || checkIfCodeHasPipesAndHasTypeUrl(roleFuncItem)
109 || checkIfCodeHasNoPipesAndHasNoTypeUrl(roleFuncItem)) {
111 } else if (roleFuncItem.contains(FUNCTION_PIPE)
112 && (!roleFuncItem.contains("menu") || roleFuncItem.contains("url"))) {
113 type = EcompPortalUtils.getFunctionType(roleFuncItem);
118 private boolean checkIfCodeHasNoPipesAndHasTypeUrl(String roleFuncItem) {
119 return !roleFuncItem.contains(FUNCTION_PIPE) && roleFuncItem.contains("url");
122 private boolean checkIfCodeHasPipesAndHasTypeUrl(String roleFuncItem) {
123 return roleFuncItem.contains(FUNCTION_PIPE) && roleFuncItem.contains("url");
126 private boolean checkIfCodeHasNoPipesAndHasNoTypeUrl(String roleFuncItem) {
127 return !roleFuncItem.contains(FUNCTION_PIPE) && !roleFuncItem.contains("url");
130 public List<FnRole> getPortalAppRoleInfo(Long roleId) {
131 return fnRoleService.retrieveAppRoleByRoleIdWhereAppIdIsNull(roleId);
134 public ResponseEntity<String> getUserRolesFromExtAuthSystem(String name, HttpEntity<String> getUserRolesEntity) {
135 logger.debug(EELFLoggerDelegate.debugLogger, "Connecting to external system to get current user roles");
136 ResponseEntity<String> getResponse = template
137 .exchange(SystemProperties.getProperty(EPCommonSystemProperties.EXTERNAL_CENTRAL_ACCESS_URL)
138 + "roles/user/" + name, HttpMethod.GET, getUserRolesEntity, String.class);
139 if (getResponse.getStatusCode().value() == 200) {
140 logger.debug(EELFLoggerDelegate.debugLogger,
141 "getAllUserRoleFromExtAuthSystem: Finished GET user roles from external system and received user roles {}",
142 getResponse.getBody());
144 logger.error(EELFLoggerDelegate.errorLogger,
145 "getAllUserRoleFromExtAuthSystem: Failed GET user roles from external system and received user roles {}",
146 getResponse.getBody());
147 EPLogUtil.logExternalAuthAccessAlarm(logger, getResponse.getStatusCode());
152 public Map<String, FnRole> getAppRoleNamesWithUnderscoreMap(FnApp app) {
153 final Map<String, FnRole> currentRolesInDB = new HashMap<>();
154 List<FnRole> getCurrentRoleList = null;
155 final Map<String, Long> appParams = new HashMap<>();
156 if (app.getId().equals(PortalConstants.PORTAL_APP_ID)) {
157 getCurrentRoleList = fnRoleService.retrieveAppRolesWhereAppIdIsNull();
159 appParams.put("appId", app.getId());
160 getCurrentRoleList = fnRoleService.retrieveAppRolesByAppId(app.getId());
162 for (FnRole role : getCurrentRoleList) {
163 currentRolesInDB.put(role.getRoleName()
164 .replaceAll(EcompPortalUtils.EXTERNAL_CENTRAL_AUTH_ROLE_HANDLE_SPECIAL_CHARACTERS, "_"), role);
166 return currentRolesInDB;
169 public List<CentralV2Role> createCentralRoleObject(List<FnApp> app, List<FnRole> roleInfo,
170 List<CentralV2Role> roleList) throws RoleFunctionException {
171 for (FnRole role : roleInfo) {
172 List<EpAppFunction> cenRoleFuncList = epAppFunctionService
173 .getAppRoleFunctionList(role.getId(), app.get(0).getId());
174 SortedSet<EpAppFunction> roleFunctionSet = new TreeSet<>();
175 for (EpAppFunction roleFunc : cenRoleFuncList) {
176 String functionCode = EcompPortalUtils.getFunctionCode(roleFunc.getFunctionCd());
177 functionCode = EPUserUtils.decodeFunctionCode(functionCode);
178 String type = getFunctionCodeType(roleFunc.getFunctionCd());
179 String action = getFunctionCodeAction(roleFunc.getFunctionCd());
180 EpAppFunction cenRoleFunc = new EpAppFunction(role.getId(), functionCode,
181 roleFunc.getFunctionName(), null, type, action, null);
182 roleFunctionSet.add(cenRoleFunc);
184 SortedSet<CentralV2Role> childRoles = new TreeSet<>();
185 SortedSet<CentralV2Role> parentRoles = new TreeSet<>();
186 CentralV2Role cenRole;
187 if (role.getAppRoleId() == null) {
188 cenRole = CentralV2Role.builder().id(role.getId()).created(role.getCreated())
189 .modified(role.getModified()).createdId(role.getCreatedId().getUserId())
190 .modifiedId(role.getModifiedId().getUserId()).rowNum(role.getRowNum()).name(role.getRoleName())
191 .active(role.getActiveYn()).priority(role.getPriority()).roleFunctions(roleFunctionSet)
192 .childRoles(childRoles).parentRoles(parentRoles).build();
194 cenRole = CentralV2Role.builder().id(role.getAppRoleId())
195 .created(role.getCreated()).modified(role.getModified()).createdId(role.getCreatedId().getUserId())
196 .modifiedId(role.getModifiedId().getUserId()).rowNum(role.getRowNum()).name(role.getRoleName())
197 .active(role.getActiveYn()).priority(role.getPriority()).roleFunctions(roleFunctionSet)
198 .childRoles(childRoles).parentRoles(parentRoles).build();
200 roleList.add(cenRole);
205 private String getFunctionCodeAction(String roleFuncItem) {
206 return (!roleFuncItem.contains(FUNCTION_PIPE)) ? "*" : EcompPortalUtils.getFunctionAction(roleFuncItem);
209 public List<FnRole> getAppRoles(Long appId) {
210 List<FnRole> applicationRoles;
213 applicationRoles = fnRoleService.retrieveAppRolesWhereAppIdIsNull();
215 applicationRoles = fnRoleService.retrieveAppRolesByAppId(appId);
217 } catch (Exception e) {
218 logger.error(EELFLoggerDelegate.errorLogger, "getAppRoles: failed", e);
221 return applicationRoles;