* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
private static final int total=0;
private static final int pending=1;
private static final int approved=2;
private static final int total=0;
private static final int pending=1;
private static final int approved=2;
public static final String NEED_APPROVALS = "NeedApprovals";
private static final String EXTEND = "Extend";
private static final String EXPIRED_OWNERS = "ExpiredOwners";
public static final String NEED_APPROVALS = "NeedApprovals";
private static final String EXTEND = "Extend";
private static final String EXPIRED_OWNERS = "ExpiredOwners";
public Analyze(AuthzTrans trans) throws APIException, IOException, OrganizationException {
super(trans.env());
trans.info().log("Starting Connection Process");
public Analyze(AuthzTrans trans) throws APIException, IOException, OrganizationException {
super(trans.env());
trans.info().log("Starting Connection Process");
TimeTaken tt0 = trans.start("Cassandra Initialization", Env.SUB);
try {
TimeTaken tt = trans.start("Connect to Cluster", Env.REMOTE);
TimeTaken tt0 = trans.start("Cassandra Initialization", Env.SUB);
try {
TimeTaken tt = trans.start("Connect to Cluster", Env.REMOTE);
expireRange = new ExpireRange(trans.env().access());
sdate = Chrono.dateOnlyStamp(now);
for( List<Range> lr : expireRange.ranges.values()) {
expireRange = new ExpireRange(trans.env().access());
sdate = Chrono.dateOnlyStamp(now);
for( List<Range> lr : expireRange.ranges.values()) {
// Setup New Approvals file
futureRange = expireRange.newFutureRange();
File file = new File(logDir(),NEED_APPROVALS + sdate +CSV);
// Setup New Approvals file
futureRange = expireRange.newFutureRange();
File file = new File(logDir(),NEED_APPROVALS + sdate +CSV);
needApproveCW = approveCSV.writer();
needApproveCW.row(INFO,NEED_APPROVALS,sdate,1);
writerList.put(NEED_APPROVALS,needApproveCW);
needApproveCW = approveCSV.writer();
needApproveCW.row(INFO,NEED_APPROVALS,sdate,1);
writerList.put(NEED_APPROVALS,needApproveCW);
// Setup Extend Approvals file
file = new File(logDir(),EXTEND + sdate +CSV);
CSV extendCSV = new CSV(env.access(),file);
extendCW = extendCSV.writer();
extendCW.row(INFO,EXTEND,sdate,1);
writerList.put(EXTEND,extendCW);
// Setup Extend Approvals file
file = new File(logDir(),EXTEND + sdate +CSV);
CSV extendCSV = new CSV(env.access(),file);
extendCW = extendCSV.writer();
extendCW.row(INFO,EXTEND,sdate,1);
writerList.put(EXTEND,extendCW);
////////////////////
// Load all Notifieds, and either add to local Data, or mark for Deletion.
ln.loadAll(noAvg,expireRange.approveDelete,deleteCW);
////////////////////
// Load all Notifieds, and either add to local Data, or mark for Deletion.
ln.loadAll(noAvg,expireRange.approveDelete,deleteCW);
// Hold Good Tickets to keyed User/Role for UserRole Step
Map<String,Ticket> mur = new TreeMap<>();
try {
Approval.load(trans, session, Approval.v2_0_17);
// Hold Good Tickets to keyed User/Role for UserRole Step
Map<String,Ticket> mur = new TreeMap<>();
try {
Approval.load(trans, session, Approval.v2_0_17);
////////////////////
final Map<UUID,Ticket> goodTickets = new TreeMap<>();
tt = trans.start("Analyze Expired Futures",Trans.SUB);
////////////////////
final Map<UUID,Ticket> goodTickets = new TreeMap<>();
tt = trans.start("Analyze Expired Futures",Trans.SUB);
Set<String> approvers = new TreeSet<>();
tt = trans.start("Connect Approvals with Futures",Trans.SUB);
try {
Set<String> approvers = new TreeSet<>();
tt = trans.start("Connect Approvals with Futures",Trans.SUB);
try {
if(org.isRevoked(noAvg, appr.getApprover())) {
deleteCW.comment("Approver ID is revoked");
Approval.row(deleteCW, appr);
if(org.isRevoked(noAvg, appr.getApprover())) {
deleteCW.comment("Approver ID is revoked");
Approval.row(deleteCW, appr);
*/
Map<String,Pending> pendingApprs = new HashMap<>();
Map<String,Pending> pendingTemp = new HashMap<>();
*/
Map<String,Pending> pendingApprs = new HashMap<>();
Map<String,Pending> pendingTemp = new HashMap<>();
tt = trans.start("Analyze Good Tickets",Trans.SUB);
try {
for(Ticket ticket : goodTickets.values()) {
tt = trans.start("Analyze Good Tickets",Trans.SUB);
try {
for(Ticket ticket : goodTickets.values()) {
// To Approve:
// Always must have at least 1 owner
if((state[owner][total]>0 && state[owner][approved]>0) &&
// If there are no Supervisors, that's ok
// To Approve:
// Always must have at least 1 owner
if((state[owner][total]>0 && state[owner][approved]>0) &&
// If there are no Supervisors, that's ok
- (state[supervisor][total]==0 ||
- // But if there is a Supervisor, they must have approved
+ (state[supervisor][total]==0 ||
+ // But if there is a Supervisor, they must have approved
GregorianCalendar gc = new GregorianCalendar();
gc.add(GregorianCalendar.DAY_OF_WEEK, 5);
Date remind = gc.getTime();
GregorianCalendar gc = new GregorianCalendar();
gc.add(GregorianCalendar.DAY_OF_WEEK, 5);
Date remind = gc.getTime();
for(Entry<String, Pending> es : pendingApprs.entrySet()) {
Pending p = es.getValue();
for(Entry<String, Pending> es : pendingApprs.entrySet()) {
Pending p = es.getValue();
|| p.earliest().after(remind)) {
p.row(needApproveCW,es.getKey());
}
|| p.earliest().after(remind)) {
p.row(needApproveCW,es.getKey());
}
Owners are treated specially in next section.
Regular roles are checked against Date Ranges. If match Date Range, write out to appropriate file.
Owners are treated specially in next section.
Regular roles are checked against Date Ranges. If match Date Range, write out to appropriate file.
try {
tt = trans.start("Analyze UserRoles, storing Owners",Trans.SUB);
Set<String> specialCommented = new HashSet<>();
try {
tt = trans.start("Analyze UserRoles, storing Owners",Trans.SUB);
Set<String> specialCommented = new HashSet<>();
// Cannot just delete owners, unless there is at least one left. Process later
if ("owner".equals(ur.rname())) {
Set<UserRole> urs = owners.get(ur.role());
// Cannot just delete owners, unless there is at least one left. Process later
if ("owner".equals(ur.rname())) {
Set<UserRole> urs = owners.get(ur.role());
/**
Now Process Owners, one owner Role at a time, ensuring one is left,
/**
Now Process Owners, one owner Role at a time, ensuring one is left,
Otherwise, write to ExpiredOwners Report
*/
tt = trans.start("Analyze Owners Separately",Trans.SUB);
Otherwise, write to ExpiredOwners Report
*/
tt = trans.start("Analyze Owners Separately",Trans.SUB);
final CSV ownerCSV = new CSV(env.access(),file);
CSV.Writer expOwner = ownerCSV.writer();
expOwner.row(INFO,EXPIRED_OWNERS,sdate,2);
final CSV ownerCSV = new CSV(env.access(),file);
CSV.Writer expOwner = ownerCSV.writer();
expOwner.row(INFO,EXPIRED_OWNERS,sdate,2);
for (UserRole ur : sur) {
if (goodOwners >= minOwners) {
Range r = writeAnalysis(noAvg, ur);
for (UserRole ur : sur) {
if (goodOwners >= minOwners) {
Range r = writeAnalysis(noAvg, ur);
/**
* Check for Expired Credentials
*/
try {
// Load Cred. We don't follow Visitor, because we have to gather up everything into Identity Anyway
Cred.load(trans, session);
/**
* Check for Expired Credentials
*/
try {
// Load Cred. We don't follow Visitor, because we have to gather up everything into Identity Anyway
Cred.load(trans, session);
tt = trans.start("Analyze Expired Credentials",Trans.SUB);
try {
for (Cred cred : Cred.data.values()) {
tt = trans.start("Analyze Expired Credentials",Trans.SUB);
try {
for (Cred cred : Cred.data.values()) {
private Approval findApproval(UserRole ur) {
Approval existing = null;
List<Approval> apprs = Approval.byUser.get(ur.user());
private Approval findApproval(UserRole ur) {
Approval existing = null;
List<Approval> apprs = Approval.byUser.get(ur.user());
for(Approval appr : apprs) {
if(ur.role().equals(appr.getRole()) &&
appr.getMemo().contains(Chrono.dateOnlyStamp(ur.expires()))) {
for(Approval appr : apprs) {
if(ur.role().equals(appr.getRole()) &&
appr.getMemo().contains(Chrono.dateOnlyStamp(ur.expires()))) {
private void writeAnalysis(AuthzTrans noAvg, Cred cred, Instance inst) {
if(cred!=null && inst!=null) {
Range r = expireRange.getRange("cred", inst.expires);
private void writeAnalysis(AuthzTrans noAvg, Cred cred, Instance inst) {
if(cred!=null && inst!=null) {
Range r = expireRange.getRange("cred", inst.expires);