gerrit.onap Code Review - portal/sdk.git/blob

   1 /*-
   2  * ================================================================================
   3  * ECOMP Portal SDK
   4  * ================================================================================
   5  * Copyright (C) 2017 AT&T Intellectual Property
   6  * ================================================================================
   7  * Licensed under the Apache License, Version 2.0 (the "License");
   8  * you may not use this file except in compliance with the License.
   9  * You may obtain a copy of the License at
  10  *
  11  *      http://www.apache.org/licenses/LICENSE-2.0
  12  *
  13  * Unless required by applicable law or agreed to in writing, software
  14  * distributed under the License is distributed on an "AS IS" BASIS,
  15  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  16  * See the License for the specific language governing permissions and
  17  * limitations under the License.
  18  * ================================================================================
  19  */
  20 package org.openecomp.portalapp.service;
  21
  22 import java.util.ArrayList;
  23 import java.util.Iterator;
  24 import java.util.List;
  25 import java.util.Set;
  26 import java.util.SortedSet;
  27 import java.util.TreeSet;
  28
  29 import javax.servlet.http.HttpServletRequest;
  30
  31 import org.openecomp.portalsdk.core.auth.LoginStrategy;
  32 import org.openecomp.portalsdk.core.domain.Role;
  33 import org.openecomp.portalsdk.core.domain.User;
  34 import org.openecomp.portalsdk.core.domain.UserApp;
  35 import org.openecomp.portalsdk.core.logging.logic.EELFLoggerDelegate;
  36 import org.openecomp.portalsdk.core.onboarding.client.AppContextManager;
  37 import org.openecomp.portalsdk.core.onboarding.crossapi.IPortalRestAPIService;
  38 import org.openecomp.portalsdk.core.onboarding.exception.PortalAPIException;
  39 import org.openecomp.portalsdk.core.onboarding.listener.PortalTimeoutHandler;
  40 import org.openecomp.portalsdk.core.restful.domain.EcompRole;
  41 import org.openecomp.portalsdk.core.restful.domain.EcompUser;
  42 import org.openecomp.portalsdk.core.service.RoleService;
  43 import org.openecomp.portalsdk.core.service.UserProfileService;
  44 import org.openecomp.portalsdk.core.service.WebServiceCallService;
  45 import org.openecomp.portalsdk.core.util.JSONUtil;
  46 import org.openecomp.portalsdk.core.util.SystemProperties;
  47 import org.openecomp.portalsdk.core.web.support.UserUtils;
  48 import org.slf4j.MDC;
  49 import org.springframework.context.ApplicationContext;
  50
  51 /**
  52  * Implements the REST API interface to answer requests made by Portal app about
  53  * users and active sessions.
  54  *
  55  * Since an instance of this class will be instantiated by the OnBoarding
  56  * servlet from the ecompFW library, we cannot use Spring injections here. This
  57  * 'injection' is done indirectly using AppContextManager class.
  58  *
  59  * @author Ikram Ikramullah
  60  *
  61  */
  62 public class OnBoardingApiServiceImpl implements IPortalRestAPIService {
  63
  64         private RoleService roleService;
  65         private UserProfileService userProfileService;
  66         private IAdminAuthExtension adminAuthExtensionServiceImpl;
  67
  68         private LoginStrategy loginStrategy;
  69
  70         EELFLoggerDelegate logger = EELFLoggerDelegate.getLogger(OnBoardingApiServiceImpl.class);
  71
  72         public OnBoardingApiServiceImpl() {
  73                 // Defend against null-pointer exception during server startup
  74                 // that was caused by a spurious Spring annotation on this class.
  75                 ApplicationContext appContext = AppContextManager.getAppContext();
  76                 if (appContext == null)
  77                         throw new RuntimeException("OnBoardingApiServiceImpl ctor failed to get appContext");
  78                 roleService = appContext.getBean(RoleService.class);
  79                 userProfileService = appContext.getBean(UserProfileService.class);
  80                 loginStrategy = appContext.getBean(LoginStrategy.class);
  81                 // initialize the base class definition for Admin Auth Extension
  82                 adminAuthExtensionServiceImpl = appContext.getBean(IAdminAuthExtension.class);
  83         }
  84
  85         private void setCurrentAttributes(User user, EcompUser userJson) {
  86
  87                 user.setEmail(userJson.getEmail());
  88                 user.setFirstName(userJson.getFirstName());
  89                 user.setHrid(userJson.getHrid());
  90                 user.setJobTitle(userJson.getJobTitle());
  91                 user.setLastName(userJson.getLastName());
  92                 user.setLoginId(userJson.getLoginId());
  93                 user.setOrgManagerUserId(userJson.getOrgManagerUserId());
  94                 user.setMiddleInitial(userJson.getMiddleInitial());
  95                 user.setOrgCode(userJson.getOrgCode());
  96                 user.setOrgId(userJson.getOrgId());
  97                 user.setPhone(userJson.getPhone());
  98                 user.setOrgUserId(userJson.getOrgUserId());
  99                 user.setActive(userJson.isActive());
 100                 // user.setRoles(new TreeSet(userJson.getRoles()));
 101         }
 102
 103         @Override
 104         public void pushUser(EcompUser userJson) throws PortalAPIException {
 105
 106                 if (logger.isDebugEnabled())
 107                         logger.debug(EELFLoggerDelegate.debugLogger, "pushUser was invoked: {}", userJson);
 108                 User user = new User();
 109                 String response = "";
 110                 try {
 111                         // Set input attributes to the object obout to be saved
 112                         setCurrentAttributes(user, userJson);
 113                         user.setRoles(new TreeSet<Role>());
 114                         user.setUserApps(new TreeSet<UserApp>());
 115                         user.setPseudoRoles(new TreeSet<Role>());
 116                         userProfileService.saveUser(user);
 117                         logger.debug(EELFLoggerDelegate.debugLogger, "push user success.");
 118
 119                         // After successful creation, call admin auth extension
 120                         if (adminAuthExtensionServiceImpl != null) {
 121                                 try {
 122                                         adminAuthExtensionServiceImpl.saveUserExtension(user);
 123                                 } catch (Exception ex) {
 124                                         logger.error("pushUser: saveUserExtension failed", ex);
 125                                 }
 126                         }
 127
 128                         response = "push user success.";
 129                         response = JSONUtil.convertResponseToJSON(response);
 130                 } catch (Exception e) {
 131                         response = "OnboardingApiService.pushUser failed";
 132                         logger.error(EELFLoggerDelegate.errorLogger, response, e);
 133                         throw new PortalAPIException(response, e);
 134                 } finally {
 135                         MDC.remove(SystemProperties.MDC_TIMER);
 136                 }
 137         }
 138
 139         @Override
 140         public void editUser(String loginId, EcompUser userJson) throws PortalAPIException {
 141
 142                 if (logger.isDebugEnabled())
 143                         logger.debug(EELFLoggerDelegate.debugLogger, "OnboardingApi editUser was invoked with loginID {}, JSON {}",
 144                                         loginId, userJson);
 145                 User editUser = new User();
 146                 String response = "";
 147                 try {
 148                         setCurrentAttributes(editUser, userJson);
 149                         if (editUser.getOrgUserId() != null) {
 150                                 editUser.setLoginId(editUser.getOrgUserId());
 151                         }
 152                         User domainUser = userProfileService.getUserByLoginId(loginId);
 153                         if (domainUser != null)
 154                                 domainUser = JSONUtil.mapToDomainUser(domainUser, editUser);
 155                         else
 156                                 domainUser = editUser;
 157                         userProfileService.saveUser(domainUser);
 158                         logger.debug(EELFLoggerDelegate.debugLogger, "edit user success.");
 159
 160                         // After successful edit, call the admin auth extension
 161                         if (adminAuthExtensionServiceImpl != null) {
 162                                 try {
 163                                         adminAuthExtensionServiceImpl.editUserExtension(domainUser);
 164                                 } catch (Exception ex) {
 165                                         logger.error("editUser: editUserExtension failed", ex);
 166                                 }
 167                         }
 168
 169                         response = "edit user success.";
 170                         response = JSONUtil.convertResponseToJSON(response);
 171                 } catch (Exception e) {
 172                         response = "OnboardingApiService.editUser failed";
 173                         logger.error(EELFLoggerDelegate.errorLogger, response, e);
 174                         throw new PortalAPIException(response, e);
 175                 } finally {
 176                         MDC.remove(SystemProperties.MDC_TIMER);
 177                 }
 178
 179                 // return response;
 180         }
 181
 182         @Override
 183         public EcompUser getUser(String loginId) throws PortalAPIException {
 184                 try {
 185                         if (logger.isDebugEnabled())
 186                                 logger.debug(EELFLoggerDelegate.debugLogger, "## REST API ## loginId: {}", loginId);
 187                         User user = userProfileService.getUserByLoginId(loginId);
 188                         if (user == null) {
 189                                 logger.info(EELFLoggerDelegate.debugLogger, "User + " + loginId + " doesn't exist");
 190                                 return null;
 191                                 // Unfortunately, Portal is not ready to accept proper error
 192                                 // response yet ..
 193                                 // commenting throw clauses until portal is ready
 194                                 // throw new PortalAPIException("User + " + loginId + " doesn't
 195                                 // exist");
 196                         } else
 197                                 return UserUtils.convertToEcompUser(user);
 198                 } catch (Exception e) {
 199                         String response = "OnboardingApiService.getUser failed";
 200                         logger.error(EELFLoggerDelegate.errorLogger, response, e);
 201                         return null;
 202                         // Unfortunately, Portal is not ready to accept proper error response
 203                         // yet .. commenting throw clauses until portal is ready
 204                         // throw new PortalAPIException(response, e);
 205                 }
 206
 207         }
 208
 209         @Override
 210         public List<EcompUser> getUsers() throws PortalAPIException {
 211                 try {
 212                         List<User> users = userProfileService.findAllActive();
 213                         List<EcompUser> ecompUsers = new ArrayList<EcompUser>();
 214                         for (User user : users)
 215                                 ecompUsers.add(UserUtils.convertToEcompUser(user));
 216                         return ecompUsers;
 217                 } catch (Exception e) {
 218                         String response = "OnboardingApiService.getUsers failed";
 219                         logger.error(EELFLoggerDelegate.errorLogger, response, e);
 220                         throw new PortalAPIException(response, e);
 221                 }
 222         }
 223
 224         @Override
 225         public List<EcompRole> getAvailableRoles(String requestedLoginId) throws PortalAPIException {
 226                 try {
 227                         List<Role> roles = roleService.getActiveRoles(requestedLoginId);
 228                         List<EcompRole> ecompRoles = new ArrayList<EcompRole>();
 229                         for (Role role : roles)
 230                                 ecompRoles.add(UserUtils.convertToEcompRole(role));
 231                         return ecompRoles;
 232                 } catch (Exception e) {
 233                         String response = "OnboardingApiService.getAvailableRoles failed";
 234                         logger.error(EELFLoggerDelegate.errorLogger, response, e);
 235                         throw new PortalAPIException(response, e);
 236                 }
 237         }
 238
 239         @Override
 240         public void pushUserRole(String loginId, List<EcompRole> rolesJson) throws PortalAPIException {
 241                 String response = "";
 242                 try {
 243                         if (logger.isDebugEnabled())
 244                                 logger.debug(EELFLoggerDelegate.debugLogger, "## REST API ## loginId: {}, roles Json {}", loginId,
 245                                                 rolesJson);
 246                         User user = userProfileService.getUserByLoginId(loginId);
 247                         /*
 248                          * List<EcompRole> ecompRoles = mapper.readValue(rolesJson,
 249                          * TypeFactory.defaultInstance().constructCollectionType(List.class,
 250                          * EcompRole.class));
 251                          */
 252                         SortedSet<Role> roles = new TreeSet<Role>();
 253                         for (EcompRole role : rolesJson) {
 254                                 roles.add(roleService.getRole(loginId,role.getId()));
 255                         }
 256                         // Replace existing roles with new ones
 257                         replaceExistingRoles(roles, user);
 258
 259                         logger.debug(EELFLoggerDelegate.debugLogger, "push user role success.");
 260
 261                         // After successful creation, call admin auth extension
 262                         if (adminAuthExtensionServiceImpl != null) {
 263                                 try {
 264                                         adminAuthExtensionServiceImpl.saveUserRoleExtension(roles, user);
 265                                 } catch (Exception ex) {
 266                                         logger.error("pushUserRole: saveUserRoleExtension failed", ex);
 267                                 }
 268                         }
 269                         response = "push user role success.";
 270                         response = JSONUtil.convertResponseToJSON(response);
 271
 272                 } catch (Exception e) {
 273                         response = "OnboardingApiService.pushUserRole failed";
 274                         logger.error(EELFLoggerDelegate.errorLogger, response, e);
 275                         throw new PortalAPIException(response, e);
 276                 } finally {
 277                         MDC.remove(SystemProperties.MDC_TIMER);
 278                 }
 279
 280         }
 281
 282         @Override
 283         public List<EcompRole> getUserRoles(String loginId) throws PortalAPIException {
 284                 if (logger.isDebugEnabled())
 285                         logger.debug(EELFLoggerDelegate.debugLogger, "## REST API ## loginId: {}", loginId);
 286                 List<EcompRole> ecompRoles = new ArrayList<EcompRole>();
 287                 try {
 288                         User user = userProfileService.getUserByLoginId(loginId);
 289                         SortedSet<Role> currentRoles = null;
 290                         if (user != null) {
 291                                 currentRoles = user.getRoles();
 292                                 if (currentRoles != null)
 293                                         for (Role role : currentRoles)
 294                                                 ecompRoles.add(UserUtils.convertToEcompRole(role));
 295                         }
 296                         return ecompRoles;
 297                 } catch (Exception e) {
 298                         String response = "OnboardingApiService.getUserRoles failed";
 299                         logger.error(EELFLoggerDelegate.errorLogger, response, e);
 300                         throw new PortalAPIException(response, e);
 301                 }
 302         }
 303
 304         @SuppressWarnings("unchecked")
 305         private void replaceExistingRoles(SortedSet<Role> roles, User user) {
 306                 // 1. remove existing roles
 307                 Set<UserApp> userApps = user.getUserApps();
 308                 Iterator<UserApp> appsItr = userApps.iterator();
 309                 while (appsItr.hasNext()) {
 310                         UserApp tempUserApp = appsItr.next();
 311                         boolean roleFound = false;
 312                         for (Role role : roles) {
 313                                 if (tempUserApp.getRole().getId().equals(role.getId())) {
 314                                         roleFound = true;
 315                                         break;
 316                                 }
 317                         }
 318                         if (!roleFound)
 319                                 appsItr.remove();
 320                 }
 321                 user.setUserApps(userApps);
 322                 userProfileService.saveUser(user);
 323
 324                 // 2. add new roles
 325                 user.setRoles(roles);
 326                 userProfileService.saveUser(user);
 327         }
 328
 329         @Override
 330         public boolean isAppAuthenticated(HttpServletRequest request) throws PortalAPIException {
 331                 WebServiceCallService securityService = AppContextManager.getAppContext().getBean(WebServiceCallService.class);
 332                 try {
 333                         String appUser = request.getHeader("username");
 334                         String password = request.getHeader("password");
 335                         // System.out.println("username = " + appUser);
 336                         // System.out.println("password = " + password);
 337                         boolean flag = securityService.verifyRESTCredential(null, appUser, password);
 338                         // System.out.println("username = " + appUser);
 339                         // System.out.println("password = " + password);
 340                         return flag;
 341
 342                 } catch (Exception e) {
 343                         String response = "OnboardingApiService.isAppAuthenticated failed";
 344                         logger.error(EELFLoggerDelegate.errorLogger, response, e);
 345                         throw new PortalAPIException(response, e);
 346                 }
 347         }
 348
 349         public String getSessionTimeOuts() throws Exception {
 350                 return PortalTimeoutHandler.gatherSessionExtensions();
 351         }
 352
 353         public void updateSessionTimeOuts(String sessionMap) throws Exception {
 354                 PortalTimeoutHandler.updateSessionExtensions(sessionMap);
 355         }
 356
 357         @Override
 358         public String getUserId(HttpServletRequest request) throws PortalAPIException {
 359                 return loginStrategy.getUserId(request);
 360         }
 361 }