[sdc.git] /

/*
 * Copyright © 2016-2018 European Support Limited
 *
 * Licensed under the Apache License, Version 2.0 (the "License");
 * you may not use this file except in compliance with the License.
 * You may obtain a copy of the License at
 *
 *   http://www.apache.org/licenses/LICENSE-2.0
 *
 * Unless required by applicable law or agreed to in writing, software
 * distributed under the License is distributed on an "AS IS" BASIS,
 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 * See the License for the specific language governing permissions and
 * limitations under the License.
 */
package org.openecomp.sdc.itempermissions.dao.impl;

import static org.openecomp.sdc.itempermissions.notifications.NotificationConstants.ITEM_ID_PROP;
import static org.openecomp.sdc.itempermissions.notifications.NotificationConstants.ITEM_NAME_PROP;
import static org.openecomp.sdc.itempermissions.notifications.NotificationConstants.PERMISSION_CHANGED;
import static org.openecomp.sdc.itempermissions.notifications.NotificationConstants.PERMISSION_GRANTED;
import static org.openecomp.sdc.itempermissions.notifications.NotificationConstants.PERMISSION_ITEM;
import static org.openecomp.sdc.itempermissions.notifications.NotificationConstants.PERMISSION_USER;

import java.util.Collection;
import java.util.HashMap;
import java.util.Map;
import java.util.Optional;
import java.util.Set;
import org.openecomp.sdc.common.errors.CoreException;
import org.openecomp.sdc.common.errors.ErrorCategory;
import org.openecomp.sdc.common.errors.ErrorCode;
import org.openecomp.sdc.common.errors.Messages;
import org.openecomp.sdc.common.session.SessionContextProviderFactory;
import org.openecomp.sdc.itempermissions.PermissionsManager;
import org.openecomp.sdc.itempermissions.PermissionsServices;
import org.openecomp.sdc.itempermissions.impl.types.PermissionTypes;
import org.openecomp.sdc.itempermissions.type.ItemPermissionsEntity;
import org.openecomp.sdc.logging.api.Logger;
import org.openecomp.sdc.logging.api.LoggerFactory;
import org.openecomp.sdc.notification.dtos.Event;
import org.openecomp.sdc.notification.services.NotificationPropagationManager;
import org.openecomp.sdc.notification.services.SubscriptionService;
import org.openecomp.sdc.versioning.AsdcItemManager;
import org.openecomp.sdc.versioning.types.Item;

/**
 * Created by ayalaben on 6/18/2017.
 */
public class PermissionsManagerImpl implements PermissionsManager {

    private static final Logger LOGGER = LoggerFactory.getLogger(PermissionsManagerImpl.class);
    private static final String CHANGE_PERMISSIONS = "Change_Item_Permissions";
    private PermissionsServices permissionsServices;
    private AsdcItemManager asdcItemManager;
    private NotificationPropagationManager notifier;
    private SubscriptionService subscriptionService;

    public PermissionsManagerImpl(PermissionsServices permissionsServices, AsdcItemManager asdcItemManager,
                                  NotificationPropagationManager notificationPropagationManager, SubscriptionService subscriptionService) {
        this.permissionsServices = permissionsServices;
        this.asdcItemManager = asdcItemManager;
        this.notifier = notificationPropagationManager;
        this.subscriptionService = subscriptionService;
    }

    @Override
    public Collection<ItemPermissionsEntity> listItemPermissions(String itemId) {
        return permissionsServices.listItemPermissions(itemId);
    }

    @Override
    public Set<String> listUserPermittedItems(String userId, String permission) {
        return permissionsServices.listUserPermittedItems(userId, permission);
    }

    @Override
    public void updateItemPermissions(String itemId, String permission, Set<String> addedUsersIds, Set<String> removedUsersIds) {
        String currentUser = SessionContextProviderFactory.getInstance().createInterface().get().getUser().getUserId();
        if (!permissionsServices.isAllowed(itemId, currentUser, CHANGE_PERMISSIONS)) {
            throw new CoreException(
                new ErrorCode.ErrorCodeBuilder().withMessage(Messages.PERMISSIONS_ERROR.getErrorMessage()).withId(Messages.PERMISSIONS_ERROR.name())
                    .withCategory(ErrorCategory.SECURITY).build());
        }
        if (permission.equals(PermissionTypes.Owner.name())) {
            if (addedUsersIds.size() == 1) {
                asdcItemManager.updateOwner(itemId, addedUsersIds.iterator().next());
            } else {
                throw new CoreException(new ErrorCode.ErrorCodeBuilder().withMessage(Messages.PERMISSIONS_OWNER_ERROR.getErrorMessage())
                    .withId(Messages.PERMISSIONS_OWNER_ERROR.name()).withCategory(ErrorCategory.SECURITY).build());
            }
        }
        permissionsServices.updateItemPermissions(itemId, permission, addedUsersIds, removedUsersIds);
        sendNotifications(itemId, permission, addedUsersIds, removedUsersIds, currentUser);
    }

    private void sendNotifications(String itemId, String permission, Set<String> addedUsersIds, Set<String> removedUsersIds, String userName) {
        Item item = asdcItemManager.get(itemId);
        addedUsersIds.forEach(affectedUser -> {
            notifyUser(userName, true, item.getName(), itemId, affectedUser, permission);
            subscriptionService.subscribe(affectedUser, itemId);
        });
        removedUsersIds.forEach(affectedUser -> {
            notifyUser(userName, false, item.getName(), itemId, affectedUser, permission);
            subscriptionService.unsubscribe(affectedUser, itemId);
        });
    }

    private void notifyUser(String userName, boolean granted, String itemName, String itemId, String affectedUser, String permission) {
        Map<String, Object> details = new HashMap<>();
        details.put(PERMISSION_ITEM, permission);
        details.put(ITEM_ID_PROP, itemId);
        details.put(ITEM_NAME_PROP, itemName);
        details.put(PERMISSION_GRANTED, granted);
        details.put(PERMISSION_USER, userName);
        PermissionEvent permissionEvent = new PermissionEvent(PERMISSION_CHANGED, affectedUser, details, affectedUser);
        try {
            notifier.directNotification(permissionEvent, affectedUser);
        } catch (Exception e) {
            LOGGER.error("Failed to send notification on permission changed for user '" + affectedUser + "'");
        }
    }

    @Override
    public boolean isAllowed(String itemId, String userId, String action) {
        return permissionsServices.isAllowed(itemId, userId, action);
    }

    @Override
    public Optional<String> getUserItemPermission(String itemId, String userId) {
        return permissionsServices.getUserItemPermission(itemId, userId);
    }

    @Override
    public void deleteItemPermissions(String itemId) {
        permissionsServices.deleteItemPermissions(itemId);
    }

    private class PermissionEvent implements Event {

        private String eventType;
        private String originatorId;
        private Map<String, Object> attributes;
        private String entityId;

        private PermissionEvent(String eventType, String originatorId, Map<String, Object> attributes, String entityId) {
            this.eventType = eventType;
            this.originatorId = originatorId;
            this.attributes = attributes;
            this.entityId = entityId;
        }

        @Override
        public String getEventType() {
            return eventType;
        }

        @Override
        public String getOriginatorId() {
            return originatorId;
        }

        @Override
        public Map<String, Object> getAttributes() {
            return attributes;
        }

        @Override
        public String getEntityId() {
            return entityId;
        }
    }
}