2 * ============LICENSE_START=======================================================
4 * ================================================================================
5 * Copyright © 2017 AT&T Intellectual Property. All rights reserved.
6 * Copyright © 2017 Amdocs
7 * ================================================================================
8 * Licensed under the Apache License, Version 2.0 (the "License");
9 * you may not use this file except in compliance with the License.
10 * You may obtain a copy of the License at
12 * http://www.apache.org/licenses/LICENSE-2.0
14 * Unless required by applicable law or agreed to in writing, software
15 * distributed under the License is distributed on an "AS IS" BASIS,
16 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
17 * See the License for the specific language governing permissions and
18 * limitations under the License.
19 * ============LICENSE_END=========================================================
21 * ECOMP is a trademark and service mark of AT&T Intellectual Property.
23 package org.onap.aai.sparky.security.portal;
26 import java.io.IOException;
27 import java.text.MessageFormat;
28 import java.util.LinkedHashSet;
29 import java.util.List;
31 import javax.servlet.http.HttpServletRequest;
33 import org.onap.aai.sparky.security.EcompSso;
34 import org.onap.aai.sparky.security.portal.config.PortalAuthenticationConfig;
35 import org.onap.aai.sparky.viewandinspect.config.TierSupportUiConstants;
36 import org.openecomp.portalsdk.core.onboarding.crossapi.IPortalRestAPIService;
37 import org.openecomp.portalsdk.core.onboarding.exception.PortalAPIException;
38 import org.openecomp.portalsdk.core.restful.domain.EcompRole;
39 import org.openecomp.portalsdk.core.restful.domain.EcompUser;
40 import org.slf4j.Logger;
41 import org.slf4j.LoggerFactory;
44 * Responds to ECOMP Portal's REST queries for user and role information and management.
46 public class PortalRestAPIServiceImpl implements IPortalRestAPIService {
48 private static final Logger LOG = LoggerFactory.getLogger(PortalRestAPIServiceImpl.class);
49 private static final String ERROR_MESSAGE = "Failed to {0} user [loginId:{1}]";
52 * @return the userManager
54 public UserManager getUserManager() {
59 * @param userManager the userManager to set
61 public void setUserManager(UserManager userManager) {
62 this.userManager = userManager;
68 public static Logger getLog() {
73 * @return the errorMessage
75 public static String getErrorMessage() {
79 private UserManager userManager;
82 * Initialise user manager.
84 public PortalRestAPIServiceImpl() {
85 userManager = new UserManager(new File(TierSupportUiConstants.USERS_FILE_LOCATION));
88 /////////////////////////////////////////////////////////////////////////////
90 /////////////////////////////////////////////////////////////////////////////
96 * com.att.fusion.core.onboarding.crossapi.IPortalRestAPIService#pushUser(com.att.fusion.core.
97 * restful.domain.EcompUser)
100 public void pushUser(EcompUser user) throws PortalAPIException {
101 LOG.debug("Push user [loginId:" + user.getLoginId() + "]");
103 if (userManager.getUser(user.getLoginId()).isPresent()) {
104 String message = getMessage(ERROR_MESSAGE, "push", user.getLoginId())
105 + ", user is already stored";
107 throw new PortalAPIException(message);
111 userManager.pushUser(user);
112 } catch (IOException e) {
113 String message = getMessage(ERROR_MESSAGE, "push", user.getLoginId());
114 LOG.error(message, e);
115 throw new PortalAPIException(message, e);
122 * @see com.att.fusion.core.onboarding.crossapi.IPortalRestAPIService#editUser(java.lang.String,
123 * com.att.fusion.core.restful.domain.EcompUser)
126 public void editUser(String loginId, EcompUser user) throws PortalAPIException {
127 LOG.debug("Edit user [loginId:" + loginId + "]");
129 userManager.getUser(loginId).orElseThrow(() -> {
130 String message = getMessage(ERROR_MESSAGE, "edit", loginId) + ", unknown user";
132 return new PortalAPIException(message);
136 userManager.editUser(loginId, user);
137 } catch (IOException e) {
138 String message = getMessage(ERROR_MESSAGE, "edit", loginId);
139 LOG.error(message, e);
140 throw new PortalAPIException(message, e);
147 * @see com.att.fusion.core.onboarding.crossapi.IPortalRestAPIService#getUser(java.lang.String)
150 public EcompUser getUser(String loginId) throws PortalAPIException {
151 LOG.debug("Get user [loginId:" + loginId + "]");
152 return userManager.getUser(loginId).orElseThrow(() -> {
153 String message = getMessage(ERROR_MESSAGE, "get", loginId) + ", unknown user";
155 return new PortalAPIException(message);
162 * @see com.att.fusion.core.onboarding.crossapi.IPortalRestAPIService#getUsers()
165 public List<EcompUser> getUsers() throws PortalAPIException {
166 LOG.debug("Get users");
167 return userManager.getUsers();
171 public String getUserId(HttpServletRequest request) throws PortalAPIException {
172 return EcompSso.validateEcompSso(request);
175 /////////////////////////////////////////////////////////////////////////////
177 /////////////////////////////////////////////////////////////////////////////
182 * @see com.att.fusion.core.onboarding.crossapi.IPortalRestAPIService#getAvailableRoles()
185 public List<EcompRole> getAvailableRoles(String role) throws PortalAPIException {
186 LOG.debug("Get available roles");
187 return UserManager.getRoles();
194 * com.att.fusion.core.onboarding.crossapi.IPortalRestAPIService#getUserRoles(java.lang.String)
197 public List<EcompRole> getUserRoles(String loginId) throws PortalAPIException {
198 LOG.debug("Get user roles");
199 return userManager.getUserRoles(loginId);
206 * com.att.fusion.core.onboarding.crossapi.IPortalRestAPIService#pushUserRole(java.lang.String,
210 public void pushUserRole(String loginId, List<EcompRole> roles) throws PortalAPIException {
211 LOG.debug("Push user role [loginId:" + loginId + "]");
213 EcompUser user = getUser(loginId);
215 user.setRoles(new LinkedHashSet<EcompRole>(roles));
217 user.setRoles(new LinkedHashSet<EcompRole>());
219 editUser(loginId, user);
220 } catch (PortalAPIException e) {
221 String message = getMessage(ERROR_MESSAGE, "push role", loginId);
223 throw new PortalAPIException(message, e);
227 /////////////////////////////////////////////////////////////////////////////
228 // Security interface
229 /////////////////////////////////////////////////////////////////////////////
235 * com.att.fusion.core.onboarding.crossapi.IPortalRestAPIService#isAppAuthenticated(javax.servlet.
236 * http.HttpServletRequest)
239 public boolean isAppAuthenticated(HttpServletRequest request) throws PortalAPIException {
240 LOG.debug("Authentication request");
241 PortalAuthenticationConfig config = PortalAuthenticationConfig.getInstance();
242 String restUsername = request.getHeader(PortalAuthenticationConfig.PROP_USERNAME);
243 String restPassword = request.getHeader(PortalAuthenticationConfig.PROP_PASSWORD);
244 return restUsername != null && restPassword != null && restUsername.equals(config.getUsername())
245 && restPassword.equals(config.getPassword());
248 private String getMessage(String message, Object... args) {
249 MessageFormat formatter = new MessageFormat("");
250 formatter.applyPattern(message);
251 return formatter.format(args);