2 * ============LICENSE_START=======================================================
4 * ================================================================================
5 * Copyright (C) 2017 AT&T Intellectual Property. All rights reserved.
6 * Modifications Copyright (C) 2018 Nokia. All rights reserved.
7 * ================================================================================
8 * Licensed under the Apache License, Version 2.0 (the "License");
9 * you may not use this file except in compliance with the License.
10 * You may obtain a copy of the License at
12 * http://www.apache.org/licenses/LICENSE-2.0
14 * Unless required by applicable law or agreed to in writing, software
15 * distributed under the License is distributed on an "AS IS" BASIS,
16 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
17 * See the License for the specific language governing permissions and
18 * limitations under the License.
19 * ============LICENSE_END=========================================================
22 package org.onap.vid.roles;
24 import com.fasterxml.jackson.core.JsonProcessingException;
25 import com.fasterxml.jackson.databind.ObjectMapper;
26 import io.joshworks.restclient.http.HttpResponse;
27 import org.onap.portalsdk.core.logging.logic.EELFLoggerDelegate;
28 import org.onap.portalsdk.core.web.support.UserUtils;
29 import org.onap.vid.aai.AaiResponse;
30 import org.onap.vid.aai.exceptions.RoleParsingException;
31 import org.onap.vid.model.ModelConstants;
32 import org.onap.vid.model.Subscriber;
33 import org.onap.vid.model.SubscriberList;
34 import org.onap.vid.services.AaiService;
35 import org.springframework.beans.factory.annotation.Autowired;
36 import org.springframework.stereotype.Component;
38 import javax.servlet.http.HttpServletRequest;
42 * Created by Oren on 7/1/17.
46 public class RoleProvider {
48 private static final EELFLoggerDelegate LOG = EELFLoggerDelegate.getLogger(RoleProvider.class);
49 final String readPermissionString = "read";
50 SubscriberList subscribers;
51 ObjectMapper om = new ObjectMapper();
53 private AaiService aaiService;
55 public static List<String> extractRoleFromSession(HttpServletRequest request) {
57 return new ArrayList<String>();
62 LOG.debug(EELFLoggerDelegate.debugLogger, "Role provider => init method started");
63 HttpResponse<SubscriberList> subscribersResponse = aaiService.getFullSubscriberList();
64 subscribers = subscribersResponse.getBody();
65 LOG.debug(EELFLoggerDelegate.debugLogger, "Role provider => init method finished");
68 public List<Role> getUserRoles(HttpServletRequest request) {
69 String logPrefix = "Role Provider (" + UserUtils.getUserId(request) + ") ==>";
71 LOG.debug(EELFLoggerDelegate.debugLogger, logPrefix + "Entering to get user role for user " + UserUtils.getUserId(request));
73 List<Role> roleList = new ArrayList<>();
75 Map roles = UserUtils.getRoles(request);
76 for (Object role : roles.keySet()) {
77 org.onap.portalsdk.core.domain.Role sdkRol = (org.onap.portalsdk.core.domain.Role) roles.get(role);
79 LOG.debug(EELFLoggerDelegate.debugLogger, logPrefix + "Role " + sdkRol.getName() + " is being proccessed");
81 if (sdkRol.getName().contains(readPermissionString)) {
82 LOG.debug(EELFLoggerDelegate.debugLogger, logPrefix + " Role " + sdkRol.getName() + " contain " + readPermissionString);
86 String[] roleParts = splitRole((sdkRol.getName()), logPrefix);
87 roleList.add(createRoleFromStringArr(roleParts, logPrefix));
88 String msg = String.format(logPrefix + " User %s got permissions %s", UserUtils.getUserId(request), Arrays.toString(roleParts));
89 LOG.debug(EELFLoggerDelegate.debugLogger, msg);
90 } catch (Exception e) {
91 LOG.error(logPrefix + " Failed to parse permission");
99 public String[] splitRole(String roleAsString, String logPrefix) {
100 LOG.debug(EELFLoggerDelegate.debugLogger, logPrefix + "Spliting role = " + roleAsString + "With delimeter = " + ModelConstants.ROLE_DELIMITER);
101 return roleAsString.split(ModelConstants.ROLE_DELIMITER);
104 public boolean userPermissionIsReadOnly(List<Role> roles) {
106 return (!(roles.size() > 0));
109 public boolean userPermissionIsReadLogs(List<Role> roles){
110 for(Role role: roles){
111 if(role.getServiceType().equals("LOGS")){
112 if(role.getTenant().equals("PERMITTED")){
120 private String replaceSubscriberNameToGlobalCustomerID(String subscriberName, String logPrefix) throws JsonProcessingException {
121 if (subscribers == null) {
122 LOG.debug(EELFLoggerDelegate.debugLogger, "replaceSubscriberNameToGlobalCustomerID calling init method");
125 LOG.debug(EELFLoggerDelegate.debugLogger, logPrefix + "subscribers list size is " + subscribers.customer.size() + " with the values " + om.writeValueAsString(subscribers.customer));
126 LOG.debug(EELFLoggerDelegate.debugLogger, logPrefix + "subscribers list size is " + subscribers.customer.size() + " with the values " + om.writeValueAsString(subscribers.customer));
129 Optional<Subscriber> s = subscribers.customer.stream().filter(x -> x.subscriberName.equals(subscriberName)).findFirst();
130 //Fixing bug of logging "optional get" before isPresent
131 String replacement = s.isPresent() ? s.get().globalCustomerId : "";
132 LOG.debug(EELFLoggerDelegate.debugLogger, logPrefix + "Subscribername " + subscriberName + " changed to " + replacement);
136 public Role createRoleFromStringArr(String[] roleParts, String rolePrefix) throws JsonProcessingException, RoleParsingException {
137 String globalCustomerID = replaceSubscriberNameToGlobalCustomerID(roleParts[0], rolePrefix);
139 if (roleParts.length > 2) {
140 return new Role(EcompRole.READ, globalCustomerID, roleParts[1], roleParts[2]);
142 return new Role(EcompRole.READ, globalCustomerID, roleParts[1], null);
144 } catch (ArrayIndexOutOfBoundsException e) {
145 if (roleParts.length > 0)
146 LOG.debug(EELFLoggerDelegate.debugLogger, "Could not parse role ", roleParts[0]);
148 LOG.debug(EELFLoggerDelegate.debugLogger, "Got empty role, Could not parse it ");
151 throw new RoleParsingException();