- * them to the request object. Portal specifies a Hibernate mappings from
- * the Role class to the fn_role_v view, which ensures that only Portal
- * (app_id is null) roles are fetched.
+ * them to the request object. Portal specifies a Hibernate mappings from the
+ * Role class to the fn_role_v view, which ensures that only Portal (app_id is
+ * null) roles are fetched.
- public Map<String, Object> toggleRole(HttpServletRequest request, HttpServletResponse response, @PathVariable("appId") Long appId,
- @PathVariable("roleId") Long roleId) throws Exception {
+ public Map<String, Object> toggleRole(HttpServletRequest request, HttpServletResponse response,
+ @PathVariable("appId") Long appId, @PathVariable("roleId") Long roleId) throws Exception {
- public Map<String, Object> removeRole(HttpServletRequest request, HttpServletResponse response, @PathVariable("appId") Long appId,
- @PathVariable("roleId") Long roleId) throws Exception {
+ public Map<String, Object> removeRole(HttpServletRequest request, HttpServletResponse response,
+ @PathVariable("appId") Long appId, @PathVariable("roleId") Long roleId) throws Exception {
@RequestMapping(value = { "/portalApi/role/saveRole/{appId}" }, method = RequestMethod.POST)
public Map<String, Object> saveRole(HttpServletRequest request, HttpServletResponse response,
@PathVariable("appId") Long appId) throws Exception {
@RequestMapping(value = { "/portalApi/role/saveRole/{appId}" }, method = RequestMethod.POST)
public Map<String, Object> saveRole(HttpServletRequest request, HttpServletResponse response,
@PathVariable("appId") Long appId) throws Exception {
- roleFunction.setCode(externalAccessRolesService.encodeFunctionCode(roleFunction.getCode()));
- roleFunction.setCode(roleFunction.getType() + PIPE + roleFunction.getCode() + PIPE
- + roleFunction.getAction());
+ if (EcompPortalUtils.checkFunctionCodeHasEncodePattern(roleFunction.getCode()))
+ roleFunction.setCode(roleFunction.getType() + PIPE
+ + EcompPortalUtils.encodeFunctionCode(roleFunction.getCode()) + PIPE
+ + roleFunction.getAction());
+ else
+ roleFunction.setCode(roleFunction.getType() + PIPE + roleFunction.getCode() + PIPE
+ + roleFunction.getAction());
- ObjectMapper mapper = new ObjectMapper();
- EPApp requestedApp = appService.getApp(appId);
- if (isAuthorizedUser(user, requestedApp)) {
- fieldsValidation(requestedApp);
- if (requestedApp.getCentralAuth()) {
- CentralV2Role answer = externalAccessRolesService.getRoleInfo(roleId, requestedApp.getUebKey());
- logger.info(EELFLoggerDelegate.applicationLogger, "role_id" + roleId);
- Map<String, Object> model = new HashMap<>();
- model.put("availableRoleFunctions", mapper.writeValueAsString(
- externalAccessRolesService.getRoleFuncList(requestedApp.getUebKey())));
- model.put("availableRoles",
- mapper.writeValueAsString(getAvailableChildRoles(requestedApp.getUebKey(), roleId)));
- model.put("role", mapper.writeValueAsString(answer));
- JsonMessage msg = new JsonMessage(mapper.writeValueAsString(model));
- JSONObject j = new JSONObject(msg);
- response.getWriter().write(j.toString());
- } else
- throw new NonCentralizedAppException(requestedApp.getName());
- } else {
- logger.info(EELFLoggerDelegate.auditLogger,
- "RoleManageController.getRoleFunctionList, Unauthorized user");
- SendErrorForUnauthorizedUser(response, user);
- }
+ ObjectMapper mapper = new ObjectMapper();
+ EPApp requestedApp = appService.getApp(appId);
+ if (isAuthorizedUser(user, requestedApp)) {
+ fieldsValidation(requestedApp);
+ if (requestedApp.getCentralAuth()) {
+ CentralV2Role answer = externalAccessRolesService.getRoleInfo(roleId, requestedApp.getUebKey());
+ logger.info(EELFLoggerDelegate.applicationLogger, "role_id" + roleId);
+ Map<String, Object> model = new HashMap<>();
+ model.put("availableRoleFunctions", mapper
+ .writeValueAsString(externalAccessRolesService.getRoleFuncList(requestedApp.getUebKey())));
+ model.put("availableRoles",
+ mapper.writeValueAsString(getAvailableChildRoles(requestedApp.getUebKey(), roleId)));
+ model.put("role", mapper.writeValueAsString(answer));
+ JsonMessage msg = new JsonMessage(mapper.writeValueAsString(model));
+ JSONObject j = new JSONObject(msg);
+ response.getWriter().write(j.toString());
+ } else
+ throw new NonCentralizedAppException(requestedApp.getName());
+ } else {
+ logger.info(EELFLoggerDelegate.auditLogger,
+ "RoleManageController.getRoleFunctionList, Unauthorized user");
+ SendErrorForUnauthorizedUser(response, user);
+ }
- EPApp requestedApp = appService.getApp(appId);
- if (isAuthorizedUser(user, requestedApp)) {
- fieldsValidation(requestedApp);
- if (requestedApp.getCentralAuth()) {
- List<CentralV2RoleFunction> answer = null;
- Map<String, Object> model = new HashMap<>();
- ObjectMapper mapper = new ObjectMapper();
- answer = externalAccessRolesService.getRoleFuncList(requestedApp.getUebKey());
- model.put("availableRoleFunctions", answer);
- JsonMessage msg = new JsonMessage(mapper.writeValueAsString(model));
- JSONObject j = new JSONObject(msg);
- response.getWriter().write(j.toString());
- } else
- throw new NonCentralizedAppException(requestedApp.getName());
- } else {
- logger.info(EELFLoggerDelegate.auditLogger,
- "RoleManageController.getRoleFunctionList, Unauthorized user");
- EcompPortalUtils.setBadPermissions(user, response, "createAdmin");
- response.getWriter().write("Unauthorized User");
- }
+ EPApp requestedApp = appService.getApp(appId);
+ if (isAuthorizedUser(user, requestedApp)) {
+ fieldsValidation(requestedApp);
+ if (requestedApp.getCentralAuth()) {
+ List<CentralV2RoleFunction> answer = null;
+ Map<String, Object> model = new HashMap<>();
+ ObjectMapper mapper = new ObjectMapper();
+ answer = externalAccessRolesService.getRoleFuncList(requestedApp.getUebKey());
+ model.put("availableRoleFunctions", answer);
+ JsonMessage msg = new JsonMessage(mapper.writeValueAsString(model));
+ JSONObject j = new JSONObject(msg);
+ response.getWriter().write(j.toString());
+ } else
+ throw new NonCentralizedAppException(requestedApp.getName());
+ } else {
+ logger.info(EELFLoggerDelegate.auditLogger,
+ "RoleManageController.getRoleFunctionList, Unauthorized user");
+ EcompPortalUtils.setBadPermissions(user, response, "createAdmin");
+ response.getWriter().write("Unauthorized User");
+ }
EPUser user = EPUserUtils.getUserSession(request);
boolean saveOrUpdateResponse = false;
try {
EPApp requestedApp = appService.getApp(appId);
if (isAuthorizedUser(user, requestedApp)) {
fieldsValidation(requestedApp);
EPUser user = EPUserUtils.getUserSession(request);
boolean saveOrUpdateResponse = false;
try {
EPApp requestedApp = appService.getApp(appId);
if (isAuthorizedUser(user, requestedApp)) {
fieldsValidation(requestedApp);
: EcompAuditLog.CD_ACTIVITY_EXTERNAL_AUTH_UPDATE_FUNCTION;
logExterlaAuthRoleFunctionActivity(code, requestedUser, app, activityCode);
}
} else
throw new NonCentralizedAppException(requestedApp.getName() + " is not Centralized Application");
} else {
: EcompAuditLog.CD_ACTIVITY_EXTERNAL_AUTH_UPDATE_FUNCTION;
logExterlaAuthRoleFunctionActivity(code, requestedUser, app, activityCode);
}
} else
throw new NonCentralizedAppException(requestedApp.getName() + " is not Centralized Application");
} else {
EcompPortalUtils.setBadPermissions(user, response, "createAdmin");
return new PortalRestResponse<>(PortalRestStatusEnum.ERROR, "Unauthorized User", "Failure");
}
EcompPortalUtils.setBadPermissions(user, response, "createAdmin");
return new PortalRestResponse<>(PortalRestStatusEnum.ERROR, "Unauthorized User", "Failure");
}
- MDC.put(EPCommonSystemProperties.AUDITLOG_BEGIN_TIMESTAMP,
- EPEELFLoggerAdvice.getCurrentDateTimeUTC());
- MDC.put(EPCommonSystemProperties.AUDITLOG_END_TIMESTAMP,
- EPEELFLoggerAdvice.getCurrentDateTimeUTC());
- EcompPortalUtils.calculateDateTimeDifferenceForLog(
- MDC.get(EPCommonSystemProperties.AUDITLOG_BEGIN_TIMESTAMP),
+ MDC.put(EPCommonSystemProperties.AUDITLOG_BEGIN_TIMESTAMP, EPEELFLoggerAdvice.getCurrentDateTimeUTC());
+ MDC.put(EPCommonSystemProperties.AUDITLOG_END_TIMESTAMP, EPEELFLoggerAdvice.getCurrentDateTimeUTC());
+ EcompPortalUtils.calculateDateTimeDifferenceForLog(MDC.get(EPCommonSystemProperties.AUDITLOG_BEGIN_TIMESTAMP),
MDC.get(EPCommonSystemProperties.AUDITLOG_END_TIMESTAMP));
logger.info(EELFLoggerDelegate.auditLogger,
EPLogUtil.formatAuditLogMessage("RoleManageController.saveRoleFunction", activityCode,
MDC.get(EPCommonSystemProperties.AUDITLOG_END_TIMESTAMP));
logger.info(EELFLoggerDelegate.auditLogger,
EPLogUtil.formatAuditLogMessage("RoleManageController.saveRoleFunction", activityCode,
String newfunctionCodeFormat = EcompPortalUtils.getFunctionCode(domainRoleFunction.getCode());
String newfunctionTypeFormat = EcompPortalUtils.getFunctionType(domainRoleFunction.getCode());
String newfunctionActionFormat = EcompPortalUtils.getFunctionAction(domainRoleFunction.getCode());
String newfunctionCodeFormat = EcompPortalUtils.getFunctionCode(domainRoleFunction.getCode());
String newfunctionTypeFormat = EcompPortalUtils.getFunctionType(domainRoleFunction.getCode());
String newfunctionActionFormat = EcompPortalUtils.getFunctionAction(domainRoleFunction.getCode());
public PortalRestResponse<String> removeRoleFunction(HttpServletRequest request, HttpServletResponse response,
@RequestBody String roleFunc, @PathVariable("appId") Long appId) throws Exception {
EPUser user = EPUserUtils.getUserSession(request);
public PortalRestResponse<String> removeRoleFunction(HttpServletRequest request, HttpServletResponse response,
@RequestBody String roleFunc, @PathVariable("appId") Long appId) throws Exception {
EPUser user = EPUserUtils.getUserSession(request);
+
+ if (roleFunc!=null) {
+ SecureString secureString = new SecureString(roleFunc);
+
+ Validator validator = VALIDATOR_FACTORY.getValidator();
+ Set<ConstraintViolation<SecureString>> constraintViolations = validator.validate(secureString);
+
+ if(!constraintViolations.isEmpty()){
+ logger.error(EELFLoggerDelegate.errorLogger, "removeRoleFunction: Failed");
+ return new PortalRestResponse<>(PortalRestStatusEnum.ERROR, "Data is not valid", "ERROR");
+ }
+ }
+
- public List<CentralizedApp> getCentralizedAppRoles(HttpServletRequest request, HttpServletResponse response, String userId) throws IOException {
+ public List<CentralizedApp> getCentralizedAppRoles(HttpServletRequest request, HttpServletResponse response, String userId) {
+ if(userId!=null) {
+ SecureString secureString = new SecureString(userId);
+
+ Validator validator = VALIDATOR_FACTORY.getValidator();
+ Set<ConstraintViolation<SecureString>> constraintViolations = validator.validate(secureString);
+
+ if(!constraintViolations.isEmpty()){
+ logger.error(EELFLoggerDelegate.errorLogger, "removeRoleFunction: Failed");
+ return null;
+ }
+ }
+
- if (adminRolesService.isAccountAdmin(user) || adminRolesService.isSuperAdmin(user) || adminRolesService.isRoleAdmin(user)) {
- applicationsList = externalAccessRolesService.getCentralizedAppsOfUser(userId);
- } else {
- logger.info(EELFLoggerDelegate.auditLogger,
- "RoleManageController.getCentralizedAppRoles, Unauthorized user");
- EcompPortalUtils.setBadPermissions(user, response, "createAdmin");
- }
+ if (adminRolesService.isAccountAdmin(user) || adminRolesService.isSuperAdmin(user)
+ || adminRolesService.isRoleAdmin(user)) {
+ applicationsList = externalAccessRolesService.getCentralizedAppsOfUser(userId);
+ } else {
+ logger.info(EELFLoggerDelegate.auditLogger,
+ "RoleManageController.getCentralizedAppRoles, Unauthorized user");
+ EcompPortalUtils.setBadPermissions(user, response, "createAdmin");
+ }
@RequestMapping(value = { "/portalApi/syncRoles" }, method = RequestMethod.POST, produces = "application/json")
public PortalRestResponse<String> syncRoles(HttpServletRequest request, HttpServletResponse response,
@RequestBody Long appId) {
@RequestMapping(value = { "/portalApi/syncRoles" }, method = RequestMethod.POST, produces = "application/json")
public PortalRestResponse<String> syncRoles(HttpServletRequest request, HttpServletResponse response,
@RequestBody Long appId) {
EcompPortalUtils.setBadPermissions(user, response, "createAdmin");
return new PortalRestResponse<>(PortalRestStatusEnum.ERROR, "Unauthorized User", "Failure");
}
EcompPortalUtils.setBadPermissions(user, response, "createAdmin");
return new PortalRestResponse<>(PortalRestStatusEnum.ERROR, "Unauthorized User", "Failure");
}
@RequestMapping(value = { "/portalApi/syncFunctions" }, method = RequestMethod.POST, produces = "application/json")
public PortalRestResponse<String> syncFunctions(HttpServletRequest request, HttpServletResponse response,
@RequestBody Long appId) {
@RequestMapping(value = { "/portalApi/syncFunctions" }, method = RequestMethod.POST, produces = "application/json")
public PortalRestResponse<String> syncFunctions(HttpServletRequest request, HttpServletResponse response,
@RequestBody Long appId) {
EcompPortalUtils.setBadPermissions(user, response, "createAdmin");
return new PortalRestResponse<>(PortalRestStatusEnum.ERROR, "Unauthorized User", "Failure");
}
EcompPortalUtils.setBadPermissions(user, response, "createAdmin");
return new PortalRestResponse<>(PortalRestStatusEnum.ERROR, "Unauthorized User", "Failure");
}
AuditLog auditLog = new AuditLog();
auditLog.setUserId(user.getId());
auditLog.setActivityCode(activityCode);
auditLog.setAffectedRecordId(user.getOrgUserId());
AuditLog auditLog = new AuditLog();
auditLog.setUserId(user.getId());
auditLog.setActivityCode(activityCode);
auditLog.setAffectedRecordId(user.getOrgUserId());
public PortalRestResponse<String> bulkUploadRoleFunc(HttpServletRequest request, HttpServletResponse response,
@RequestBody UploadRoleFunctionExtSystem data, @PathVariable("appId") Long appId) {
EPUser user = EPUserUtils.getUserSession(request);
public PortalRestResponse<String> bulkUploadRoleFunc(HttpServletRequest request, HttpServletResponse response,
@RequestBody UploadRoleFunctionExtSystem data, @PathVariable("appId") Long appId) {
EPUser user = EPUserUtils.getUserSession(request);
- String activityCode = EcompAuditLog.CD_ACTIVITY_EXTERNAL_AUTH_UPDATE_ROLE_AND_FUNCTION;
- String code = data.getName()+","+data.getType()+ PIPE + data.getInstance() + PIPE + data.getAction();
- logExterlaAuthRoleFunctionActivity(code , user, app, activityCode);
+ String activityCode = EcompAuditLog.CD_ACTIVITY_EXTERNAL_AUTH_UPDATE_ROLE_AND_FUNCTION;
+ String code = data.getName() + "," + data.getType() + PIPE + data.getInstance() + PIPE
+ + data.getAction();
+ logExterlaAuthRoleFunctionActivity(code, user, app, activityCode);
EcompPortalUtils.setBadPermissions(user, response, "createAdmin");
return new PortalRestResponse<>(PortalRestStatusEnum.ERROR, "Unauthorized User", "Failure");
}
EcompPortalUtils.setBadPermissions(user, response, "createAdmin");
return new PortalRestResponse<>(PortalRestStatusEnum.ERROR, "Unauthorized User", "Failure");
}