-/*-\r
- * ================================================================================\r
- * ECOMP Portal\r
- * ================================================================================\r
- * Copyright (C) 2017 AT&T Intellectual Property\r
- * ================================================================================\r
- * Licensed under the Apache License, Version 2.0 (the "License");\r
- * you may not use this file except in compliance with the License.\r
- * You may obtain a copy of the License at\r
- * \r
- * http://www.apache.org/licenses/LICENSE-2.0\r
- * \r
- * Unless required by applicable law or agreed to in writing, software\r
- * distributed under the License is distributed on an "AS IS" BASIS,\r
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\r
- * See the License for the specific language governing permissions and\r
- * limitations under the License.\r
- * ================================================================================\r
- */\r
-package org.openecomp.portalapp.portal.service;\r
-\r
-import java.util.ArrayList;\r
-import java.util.HashMap;\r
-import java.util.List;\r
-\r
-import javax.annotation.PostConstruct;\r
-\r
-import org.apache.cxf.common.util.StringUtils;\r
-import org.hibernate.Session;\r
-import org.hibernate.SessionFactory;\r
-import org.hibernate.Transaction;\r
-import org.springframework.beans.factory.annotation.Autowired;\r
-import org.springframework.context.annotation.EnableAspectJAutoProxy;\r
-import org.springframework.stereotype.Service;\r
-import org.springframework.transaction.annotation.Transactional;\r
-\r
-import org.openecomp.portalsdk.core.logging.logic.EELFLoggerDelegate;\r
-import org.openecomp.portalsdk.core.service.DataAccessService;\r
-import org.openecomp.portalsdk.core.util.SystemProperties;\r
-import org.openecomp.portalapp.portal.domain.EPApp;\r
-import org.openecomp.portalapp.portal.domain.EPRole;\r
-import org.openecomp.portalapp.portal.domain.EPUser;\r
-import org.openecomp.portalapp.portal.domain.EPUserApp;\r
-import org.openecomp.portalapp.portal.domain.UserIdRoleId;\r
-import org.openecomp.portalapp.portal.domain.UserRole;\r
-import org.openecomp.portalapp.portal.logging.aop.EPMetricsLog;\r
-import org.openecomp.portalapp.portal.logging.format.EPAppMessagesEnum;\r
-import org.openecomp.portalapp.portal.logging.logic.EPLogUtil;\r
-import org.openecomp.portalapp.portal.transport.AppNameIdIsAdmin;\r
-import org.openecomp.portalapp.portal.transport.AppsListWithAdminRole;\r
-import org.openecomp.portalapp.portal.utils.EPCommonSystemProperties;\r
-import org.openecomp.portalapp.portal.utils.EcompPortalUtils;\r
-\r
-@Service("adminRolesService")\r
-@Transactional\r
-@org.springframework.context.annotation.Configuration\r
-@EnableAspectJAutoProxy\r
-\r
-public class AdminRolesServiceImpl implements AdminRolesService {\r
-\r
- private Long SYS_ADMIN_ROLE_ID = 1L;\r
- private Long ACCOUNT_ADMIN_ROLE_ID = 999L;\r
- private Long ECOMP_APP_ID = 1L;\r
-\r
- EELFLoggerDelegate logger = EELFLoggerDelegate.getLogger(AdminRolesServiceImpl.class);\r
-\r
- @Autowired\r
- private SessionFactory sessionFactory;\r
- @Autowired\r
- private DataAccessService dataAccessService;\r
- @Autowired\r
- SearchService searchService;\r
- @Autowired\r
- EPAppService appsService;\r
-\r
- @PostConstruct\r
- private void init() {\r
- try {\r
- SYS_ADMIN_ROLE_ID = Long.valueOf(SystemProperties.getProperty(EPCommonSystemProperties.SYS_ADMIN_ROLE_ID));\r
- ACCOUNT_ADMIN_ROLE_ID = Long.valueOf(SystemProperties.getProperty(EPCommonSystemProperties.ACCOUNT_ADMIN_ROLE_ID));\r
- ECOMP_APP_ID = Long.valueOf(SystemProperties.getProperty(EPCommonSystemProperties.ECOMP_APP_ID));\r
- } catch(Exception e) {\r
- logger.error(EELFLoggerDelegate.errorLogger, EcompPortalUtils.getStackTrace(e));\r
- }\r
- }\r
- \r
- @Override\r
- @EPMetricsLog\r
- @SuppressWarnings("unchecked")\r
- public AppsListWithAdminRole getAppsWithAdminRoleStateForUser(String orgUserId) {\r
- AppsListWithAdminRole appsListWithAdminRole = null;\r
-\r
- try {\r
- List<EPUser> userList = dataAccessService.getList(EPUser.class, " where orgUserId = '" + orgUserId + "'", null,\r
- null);\r
- HashMap<Long, Long> appsUserAdmin = new HashMap<Long, Long>();\r
- if (userList.size() > 0) {\r
- EPUser user = userList.get(0);\r
- List<EPUserApp> userAppList = null;\r
- try {\r
- userAppList = dataAccessService.getList(EPUserApp.class,\r
- " where userId = " + user.getId() + " and role.id = " + ACCOUNT_ADMIN_ROLE_ID, null, null);\r
- } catch (Exception e) {\r
- logger.error(EELFLoggerDelegate.errorLogger, EcompPortalUtils.getStackTrace(e));\r
- EPLogUtil.logEcompError(EPAppMessagesEnum.BeDaoSystemError);\r
- }\r
- for (EPUserApp userApp : userAppList) {\r
- appsUserAdmin.put(userApp.getAppId(), userApp.getUserId());\r
- }\r
- }\r
-\r
- appsListWithAdminRole = new AppsListWithAdminRole();\r
- appsListWithAdminRole.orgUserId = orgUserId;\r
- List<EPApp> appsList = null;\r
- try {\r
- appsList = dataAccessService.getList(EPApp.class, " where ( enabled = 'Y' or id = " + ECOMP_APP_ID + ")", null, null);\r
- } catch (Exception e) {\r
- logger.error(EELFLoggerDelegate.errorLogger, EcompPortalUtils.getStackTrace(e));\r
- EPLogUtil.logEcompError(EPAppMessagesEnum.BeDaoSystemError);\r
- }\r
- for (EPApp app : appsList) {\r
- AppNameIdIsAdmin appNameIdIsAdmin = new AppNameIdIsAdmin();\r
- appNameIdIsAdmin.id = app.getId();\r
- appNameIdIsAdmin.appName = app.getName(); \r
- appNameIdIsAdmin.isAdmin = new Boolean(appsUserAdmin.containsKey(app.getId()));\r
- appNameIdIsAdmin.restrictedApp = app.isRestrictedApp();\r
- appsListWithAdminRole.appsRoles.add(appNameIdIsAdmin);\r
- }\r
- } catch (Exception e) {\r
- logger.error(EELFLoggerDelegate.errorLogger, "Exception occurred while performing AdminRolesServiceImpl.getAppsWithAdminRoleStateForUser operation, Details:"\r
- + EcompPortalUtils.getStackTrace(e));\r
- }\r
-\r
- return appsListWithAdminRole;\r
- }\r
-\r
- private static final Object syncRests = new Object();\r
-\r
- @Override\r
- @EPMetricsLog\r
- @SuppressWarnings("unchecked")\r
- public boolean setAppsWithAdminRoleStateForUser(AppsListWithAdminRole newAppsListWithAdminRoles) {\r
- boolean result = false;\r
- // No changes if no new roles list or no userId.\r
- if (!StringUtils.isEmpty(newAppsListWithAdminRoles.orgUserId) && newAppsListWithAdminRoles.appsRoles != null) {\r
- synchronized (syncRests) {\r
- List<EPApp> apps = appsService.getAppsFullList();\r
- HashMap<Long, EPApp> enabledApps = new HashMap<Long, EPApp>();\r
- for (EPApp app : apps) {\r
- if (app.getEnabled().booleanValue() || app.getId() == ECOMP_APP_ID) {\r
- enabledApps.put(app.getId(), app);\r
- }\r
- }\r
- List<AppNameIdIsAdmin> newAppsWhereUserIsAdmin = new ArrayList<AppNameIdIsAdmin>();\r
- for (AppNameIdIsAdmin adminRole : newAppsListWithAdminRoles.appsRoles) {\r
- // user Admin role may be added only for enabled apps\r
- if (adminRole.isAdmin.booleanValue() && enabledApps.containsKey(adminRole.id)) {\r
- newAppsWhereUserIsAdmin.add(adminRole);\r
- }\r
- }\r
- EPUser user = null;\r
- boolean createNewUser = false;\r
- String orgUserId = newAppsListWithAdminRoles.orgUserId.trim();\r
- List<EPUser> localUserList = dataAccessService.getList(EPUser.class, " where org_user_id='" + orgUserId + "'",\r
- null, null);\r
- List<EPUserApp> oldAppsWhereUserIsAdmin = new ArrayList<EPUserApp>();\r
- if (localUserList.size() > 0) {\r
- EPUser tmpUser = localUserList.get(0);\r
- oldAppsWhereUserIsAdmin = dataAccessService.getList(EPUserApp.class,\r
- " where userId = " + tmpUser.getId() + " and role.id = " + ACCOUNT_ADMIN_ROLE_ID, null,\r
- null);\r
- if (oldAppsWhereUserIsAdmin.size() > 0 || newAppsWhereUserIsAdmin.size() > 0) {\r
- user = tmpUser;\r
- }\r
- } else if (newAppsWhereUserIsAdmin.size() > 0) {\r
- // we create new user only if he has Admin Role for any App\r
- createNewUser = true;\r
- }\r
- if (user != null || createNewUser) {\r
- Session localSession = null;\r
- Transaction transaction = null;\r
- try {\r
- localSession = sessionFactory.openSession();\r
- transaction = localSession.beginTransaction();\r
- if (createNewUser) {\r
- user = this.searchService.searchUserByUserId(orgUserId);\r
- if (user != null) {\r
- // insert the user with active true in order to\r
- // pass login phase.\r
- user.setActive(true);\r
- localSession.save(EPUser.class.getName(), user);\r
- }\r
- }\r
- for (EPUserApp oldUserApp : oldAppsWhereUserIsAdmin) {\r
- // user Admin role may be deleted only for enabled\r
- // apps\r
- if (enabledApps.containsKey(oldUserApp.getAppId())) {\r
- localSession.delete(oldUserApp);\r
- }\r
- }\r
- for (AppNameIdIsAdmin appNameIdIsAdmin : newAppsWhereUserIsAdmin) {\r
- EPApp app = (EPApp) localSession.get(EPApp.class, appNameIdIsAdmin.id);\r
- EPRole role = (EPRole) localSession.get(EPRole.class, new Long(ACCOUNT_ADMIN_ROLE_ID));\r
- EPUserApp newUserApp = new EPUserApp();\r
- newUserApp.setUserId(user.getId());\r
- newUserApp.setApp(app);\r
- newUserApp.setRole(role);\r
- localSession.save(EPUserApp.class.getName(), newUserApp);\r
- }\r
- transaction.commit();\r
- result = true;\r
- } catch (Exception e) {\r
- EPLogUtil.logEcompError(logger, EPAppMessagesEnum.BeDaoSystemError, e);\r
- logger.error(EELFLoggerDelegate.errorLogger, "setAppsWithAdminRoleStateForUser: exception in point 2", e);\r
- try {\r
- transaction.rollback();\r
- } catch (Exception ex) {\r
- EPLogUtil.logEcompError(logger, EPAppMessagesEnum.BeExecuteRollbackError, e);\r
- logger.error(EELFLoggerDelegate.errorLogger, "setAppsWithAdminRoleStateForUser: exception in point 3", ex);\r
- }\r
- } finally {\r
- try {\r
- localSession.close();\r
- } catch (Exception e) {\r
- EPLogUtil.logEcompError(logger, EPAppMessagesEnum.BeDaoCloseSessionError, e);\r
- logger.error(EELFLoggerDelegate.errorLogger, "setAppsWithAdminRoleStateForUser: exception in point 4", e);\r
- }\r
- }\r
- }\r
- }\r
- }\r
-\r
- return result;\r
- }\r
-\r
- @SuppressWarnings("unchecked")\r
- @Override\r
- public boolean isSuperAdmin(EPUser user) {\r
- if ((user != null) /* && (user.getId() == null) */ && (user.getOrgUserId() != null)) {\r
- String sql = "SELECT user.USER_ID, user.org_user_id, userrole.ROLE_ID, userrole.APP_ID FROM fn_user_role userrole "\r
- + "INNER JOIN fn_user user ON user.USER_ID = userrole.USER_ID " + "WHERE user.org_user_id = '"\r
- + user.getOrgUserId() + "' " + "AND userrole.ROLE_ID = '" + SYS_ADMIN_ROLE_ID + "' "\r
- + "AND userrole.APP_ID = '" + ECOMP_APP_ID + "';";\r
- try {\r
- List<UserRole> userRoleList = dataAccessService.executeSQLQuery(sql, UserIdRoleId.class, null);\r
- if (userRoleList != null && userRoleList.size() > 0) {\r
- return true;\r
- }\r
- } catch (Exception e) {\r
- EPLogUtil.logEcompError(logger, EPAppMessagesEnum.BeDaoSystemError, e);\r
- logger.error(EELFLoggerDelegate.errorLogger, "Exception occurred while executing isSuperAdmin operation", e);\r
- }\r
- }\r
- // else\r
- // {\r
- // User currentUser = user != null ? (User)\r
- // dataAccessService.getDomainObject(User.class, user.getId(), null) :\r
- // null;\r
- // if (currentUser != null && currentUser.getId() != null) {\r
- // for (UserApp userApp : currentUser.getUserApps()) {\r
- // if (userApp.getApp().getId().equals(ECOMP_APP_ID) &&\r
- // userApp.getRole().getId().equals(SYS_ADMIN_ROLE_ID)) {\r
- // // Super Administrator role is global, no need to keep iterating\r
- // return true;\r
- // }\r
- // }\r
- // }\r
- // }\r
- return false;\r
- }\r
-\r
- public boolean isAccountAdmin(EPUser user) {\r
- try {\r
- EPUser currentUser = user != null\r
- ? (EPUser) dataAccessService.getDomainObject(EPUser.class, user.getId(), null) : null;\r
- if (currentUser != null && currentUser.getId() != null) {\r
- for (EPUserApp userApp : currentUser.getEPUserApps()) {\r
- if (//!userApp.getApp().getId().equals(ECOMP_APP_ID)\r
- // && \r
- userApp.getRole().getId().equals(ACCOUNT_ADMIN_ROLE_ID)) {\r
- // Account Administrator sees only the applications\r
- // he/she is Administrator\r
- return true;\r
- }\r
- }\r
- }\r
- } catch (Exception e) {\r
- EPLogUtil.logEcompError(logger, EPAppMessagesEnum.BeDaoSystemError, e);\r
- logger.error(EELFLoggerDelegate.errorLogger, "Exception occurred while executing isAccountAdmin operation", e);\r
- }\r
- return false;\r
- }\r
-\r
- public boolean isUser(EPUser user) {\r
- try {\r
- EPUser currentUser = user != null\r
- ? (EPUser) dataAccessService.getDomainObject(EPUser.class, user.getId(), null) : null;\r
- if (currentUser != null && currentUser.getId() != null) {\r
- for (EPUserApp userApp : currentUser.getEPUserApps()) {\r
- if (!userApp.getApp().getId().equals(ECOMP_APP_ID)) {\r
- EPRole role = userApp.getRole();\r
- if (!role.getId().equals(SYS_ADMIN_ROLE_ID) && !role.getId().equals(ACCOUNT_ADMIN_ROLE_ID)) {\r
- if (role.getActive()) {\r
- return true;\r
- }\r
- }\r
- }\r
- }\r
- }\r
- } catch (Exception e) {\r
- EPLogUtil.logEcompError(logger, EPAppMessagesEnum.BeDaoSystemError, e);\r
- logger.error(EELFLoggerDelegate.errorLogger, "Exception occurred while executing isUser operation", e);\r
- }\r
- return false;\r
- }\r
-\r
- @Override\r
- @EPMetricsLog\r
- public List<EPRole> getRolesByApp(EPUser user, Long appId) {\r
- List<EPRole> list = new ArrayList<>();\r
- String sql = "SELECT * FROM FN_ROLE WHERE APP_ID = " + appId;\r
- @SuppressWarnings("unchecked")\r
- List<EPRole> roles = dataAccessService.executeSQLQuery(sql, EPRole.class, null);\r
- for (EPRole role: roles) {\r
- list.add(role);\r
- }\r
- return list;\r
- }\r
-}\r
+/*-
+ * ================================================================================
+ * ECOMP Portal
+ * ================================================================================
+ * Copyright (C) 2017 AT&T Intellectual Property
+ * ================================================================================
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ * ================================================================================
+ */
+package org.openecomp.portalapp.portal.service;
+
+import java.util.ArrayList;
+import java.util.HashMap;
+import java.util.List;
+
+import javax.annotation.PostConstruct;
+
+import org.apache.cxf.common.util.StringUtils;
+import org.hibernate.Session;
+import org.hibernate.SessionFactory;
+import org.hibernate.Transaction;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.context.annotation.EnableAspectJAutoProxy;
+import org.springframework.stereotype.Service;
+import org.springframework.transaction.annotation.Transactional;
+
+import org.openecomp.portalsdk.core.logging.logic.EELFLoggerDelegate;
+import org.openecomp.portalsdk.core.service.DataAccessService;
+import org.openecomp.portalsdk.core.util.SystemProperties;
+import org.openecomp.portalapp.portal.domain.EPApp;
+import org.openecomp.portalapp.portal.domain.EPRole;
+import org.openecomp.portalapp.portal.domain.EPUser;
+import org.openecomp.portalapp.portal.domain.EPUserApp;
+import org.openecomp.portalapp.portal.domain.UserIdRoleId;
+import org.openecomp.portalapp.portal.domain.UserRole;
+import org.openecomp.portalapp.portal.logging.aop.EPMetricsLog;
+import org.openecomp.portalapp.portal.logging.format.EPAppMessagesEnum;
+import org.openecomp.portalapp.portal.logging.logic.EPLogUtil;
+import org.openecomp.portalapp.portal.transport.AppNameIdIsAdmin;
+import org.openecomp.portalapp.portal.transport.AppsListWithAdminRole;
+import org.openecomp.portalapp.portal.utils.EPCommonSystemProperties;
+import org.openecomp.portalapp.portal.utils.EcompPortalUtils;
+
+@Service("adminRolesService")
+@Transactional
+@org.springframework.context.annotation.Configuration
+@EnableAspectJAutoProxy
+
+public class AdminRolesServiceImpl implements AdminRolesService {
+
+ private Long SYS_ADMIN_ROLE_ID = 1L;
+ private Long ACCOUNT_ADMIN_ROLE_ID = 999L;
+ private Long ECOMP_APP_ID = 1L;
+
+ EELFLoggerDelegate logger = EELFLoggerDelegate.getLogger(AdminRolesServiceImpl.class);
+
+ @Autowired
+ private SessionFactory sessionFactory;
+ @Autowired
+ private DataAccessService dataAccessService;
+ @Autowired
+ SearchService searchService;
+ @Autowired
+ EPAppService appsService;
+
+ @PostConstruct
+ private void init() {
+ try {
+ SYS_ADMIN_ROLE_ID = Long.valueOf(SystemProperties.getProperty(EPCommonSystemProperties.SYS_ADMIN_ROLE_ID));
+ ACCOUNT_ADMIN_ROLE_ID = Long.valueOf(SystemProperties.getProperty(EPCommonSystemProperties.ACCOUNT_ADMIN_ROLE_ID));
+ ECOMP_APP_ID = Long.valueOf(SystemProperties.getProperty(EPCommonSystemProperties.ECOMP_APP_ID));
+ } catch(Exception e) {
+ logger.error(EELFLoggerDelegate.errorLogger, EcompPortalUtils.getStackTrace(e));
+ }
+ }
+
+ @Override
+ @EPMetricsLog
+ @SuppressWarnings("unchecked")
+ public AppsListWithAdminRole getAppsWithAdminRoleStateForUser(String orgUserId) {
+ AppsListWithAdminRole appsListWithAdminRole = null;
+
+ try {
+ List<EPUser> userList = dataAccessService.getList(EPUser.class, " where orgUserId = '" + orgUserId + "'", null,
+ null);
+ HashMap<Long, Long> appsUserAdmin = new HashMap<Long, Long>();
+ if (userList.size() > 0) {
+ EPUser user = userList.get(0);
+ List<EPUserApp> userAppList = null;
+ try {
+ userAppList = dataAccessService.getList(EPUserApp.class,
+ " where userId = " + user.getId() + " and role.id = " + ACCOUNT_ADMIN_ROLE_ID, null, null);
+ } catch (Exception e) {
+ logger.error(EELFLoggerDelegate.errorLogger, EcompPortalUtils.getStackTrace(e));
+ EPLogUtil.logEcompError(EPAppMessagesEnum.BeDaoSystemError);
+ }
+ for (EPUserApp userApp : userAppList) {
+ appsUserAdmin.put(userApp.getAppId(), userApp.getUserId());
+ }
+ }
+
+ appsListWithAdminRole = new AppsListWithAdminRole();
+ appsListWithAdminRole.orgUserId = orgUserId;
+ List<EPApp> appsList = null;
+ try {
+ appsList = dataAccessService.getList(EPApp.class, " where ( enabled = 'Y' or id = " + ECOMP_APP_ID + ")", null, null);
+ } catch (Exception e) {
+ logger.error(EELFLoggerDelegate.errorLogger, EcompPortalUtils.getStackTrace(e));
+ EPLogUtil.logEcompError(EPAppMessagesEnum.BeDaoSystemError);
+ }
+ for (EPApp app : appsList) {
+ AppNameIdIsAdmin appNameIdIsAdmin = new AppNameIdIsAdmin();
+ appNameIdIsAdmin.id = app.getId();
+ appNameIdIsAdmin.appName = app.getName();
+ appNameIdIsAdmin.isAdmin = new Boolean(appsUserAdmin.containsKey(app.getId()));
+ appNameIdIsAdmin.restrictedApp = app.isRestrictedApp();
+ appsListWithAdminRole.appsRoles.add(appNameIdIsAdmin);
+ }
+ } catch (Exception e) {
+ logger.error(EELFLoggerDelegate.errorLogger, "Exception occurred while performing AdminRolesServiceImpl.getAppsWithAdminRoleStateForUser operation, Details:"
+ + EcompPortalUtils.getStackTrace(e));
+ }
+
+ return appsListWithAdminRole;
+ }
+
+ private static final Object syncRests = new Object();
+
+ @Override
+ @EPMetricsLog
+ @SuppressWarnings("unchecked")
+ public boolean setAppsWithAdminRoleStateForUser(AppsListWithAdminRole newAppsListWithAdminRoles) {
+ boolean result = false;
+ // No changes if no new roles list or no userId.
+ if (!StringUtils.isEmpty(newAppsListWithAdminRoles.orgUserId) && newAppsListWithAdminRoles.appsRoles != null) {
+ synchronized (syncRests) {
+ List<EPApp> apps = appsService.getAppsFullList();
+ HashMap<Long, EPApp> enabledApps = new HashMap<Long, EPApp>();
+ for (EPApp app : apps) {
+ if (app.getEnabled().booleanValue() || app.getId() == ECOMP_APP_ID) {
+ enabledApps.put(app.getId(), app);
+ }
+ }
+ List<AppNameIdIsAdmin> newAppsWhereUserIsAdmin = new ArrayList<AppNameIdIsAdmin>();
+ for (AppNameIdIsAdmin adminRole : newAppsListWithAdminRoles.appsRoles) {
+ // user Admin role may be added only for enabled apps
+ if (adminRole.isAdmin.booleanValue() && enabledApps.containsKey(adminRole.id)) {
+ newAppsWhereUserIsAdmin.add(adminRole);
+ }
+ }
+ EPUser user = null;
+ boolean createNewUser = false;
+ String orgUserId = newAppsListWithAdminRoles.orgUserId.trim();
+ List<EPUser> localUserList = dataAccessService.getList(EPUser.class, " where org_user_id='" + orgUserId + "'",
+ null, null);
+ List<EPUserApp> oldAppsWhereUserIsAdmin = new ArrayList<EPUserApp>();
+ if (localUserList.size() > 0) {
+ EPUser tmpUser = localUserList.get(0);
+ oldAppsWhereUserIsAdmin = dataAccessService.getList(EPUserApp.class,
+ " where userId = " + tmpUser.getId() + " and role.id = " + ACCOUNT_ADMIN_ROLE_ID, null,
+ null);
+ if (oldAppsWhereUserIsAdmin.size() > 0 || newAppsWhereUserIsAdmin.size() > 0) {
+ user = tmpUser;
+ }
+ } else if (newAppsWhereUserIsAdmin.size() > 0) {
+ // we create new user only if he has Admin Role for any App
+ createNewUser = true;
+ }
+ if (user != null || createNewUser) {
+ Session localSession = null;
+ Transaction transaction = null;
+ try {
+ localSession = sessionFactory.openSession();
+ transaction = localSession.beginTransaction();
+ if (createNewUser) {
+ user = this.searchService.searchUserByUserId(orgUserId);
+ if (user != null) {
+ // insert the user with active true in order to
+ // pass login phase.
+ user.setActive(true);
+ localSession.save(EPUser.class.getName(), user);
+ }
+ }
+ for (EPUserApp oldUserApp : oldAppsWhereUserIsAdmin) {
+ // user Admin role may be deleted only for enabled
+ // apps
+ if (enabledApps.containsKey(oldUserApp.getAppId())) {
+ localSession.delete(oldUserApp);
+ }
+ }
+ for (AppNameIdIsAdmin appNameIdIsAdmin : newAppsWhereUserIsAdmin) {
+ EPApp app = (EPApp) localSession.get(EPApp.class, appNameIdIsAdmin.id);
+ EPRole role = (EPRole) localSession.get(EPRole.class, new Long(ACCOUNT_ADMIN_ROLE_ID));
+ EPUserApp newUserApp = new EPUserApp();
+ newUserApp.setUserId(user.getId());
+ newUserApp.setApp(app);
+ newUserApp.setRole(role);
+ localSession.save(EPUserApp.class.getName(), newUserApp);
+ }
+ transaction.commit();
+ result = true;
+ } catch (Exception e) {
+ EPLogUtil.logEcompError(logger, EPAppMessagesEnum.BeDaoSystemError, e);
+ logger.error(EELFLoggerDelegate.errorLogger, "setAppsWithAdminRoleStateForUser: exception in point 2", e);
+ try {
+ transaction.rollback();
+ } catch (Exception ex) {
+ EPLogUtil.logEcompError(logger, EPAppMessagesEnum.BeExecuteRollbackError, e);
+ logger.error(EELFLoggerDelegate.errorLogger, "setAppsWithAdminRoleStateForUser: exception in point 3", ex);
+ }
+ } finally {
+ try {
+ localSession.close();
+ } catch (Exception e) {
+ EPLogUtil.logEcompError(logger, EPAppMessagesEnum.BeDaoCloseSessionError, e);
+ logger.error(EELFLoggerDelegate.errorLogger, "setAppsWithAdminRoleStateForUser: exception in point 4", e);
+ }
+ }
+ }
+ }
+ }
+
+ return result;
+ }
+
+ @SuppressWarnings("unchecked")
+ @Override
+ public boolean isSuperAdmin(EPUser user) {
+ if ((user != null) /* && (user.getId() == null) */ && (user.getOrgUserId() != null)) {
+ String sql = "SELECT user.USER_ID, user.org_user_id, userrole.ROLE_ID, userrole.APP_ID FROM fn_user_role userrole "
+ + "INNER JOIN fn_user user ON user.USER_ID = userrole.USER_ID " + "WHERE user.org_user_id = '"
+ + user.getOrgUserId() + "' " + "AND userrole.ROLE_ID = '" + SYS_ADMIN_ROLE_ID + "' "
+ + "AND userrole.APP_ID = '" + ECOMP_APP_ID + "';";
+ try {
+ List<UserRole> userRoleList = dataAccessService.executeSQLQuery(sql, UserIdRoleId.class, null);
+ if (userRoleList != null && userRoleList.size() > 0) {
+ return true;
+ }
+ } catch (Exception e) {
+ EPLogUtil.logEcompError(logger, EPAppMessagesEnum.BeDaoSystemError, e);
+ logger.error(EELFLoggerDelegate.errorLogger, "Exception occurred while executing isSuperAdmin operation", e);
+ }
+ }
+ // else
+ // {
+ // User currentUser = user != null ? (User)
+ // dataAccessService.getDomainObject(User.class, user.getId(), null) :
+ // null;
+ // if (currentUser != null && currentUser.getId() != null) {
+ // for (UserApp userApp : currentUser.getUserApps()) {
+ // if (userApp.getApp().getId().equals(ECOMP_APP_ID) &&
+ // userApp.getRole().getId().equals(SYS_ADMIN_ROLE_ID)) {
+ // // Super Administrator role is global, no need to keep iterating
+ // return true;
+ // }
+ // }
+ // }
+ // }
+ return false;
+ }
+
+ public boolean isAccountAdmin(EPUser user) {
+ try {
+ EPUser currentUser = user != null
+ ? (EPUser) dataAccessService.getDomainObject(EPUser.class, user.getId(), null) : null;
+ if (currentUser != null && currentUser.getId() != null) {
+ for (EPUserApp userApp : currentUser.getEPUserApps()) {
+ if (//!userApp.getApp().getId().equals(ECOMP_APP_ID)
+ // &&
+ userApp.getRole().getId().equals(ACCOUNT_ADMIN_ROLE_ID)) {
+ // Account Administrator sees only the applications
+ // he/she is Administrator
+ return true;
+ }
+ }
+ }
+ } catch (Exception e) {
+ EPLogUtil.logEcompError(logger, EPAppMessagesEnum.BeDaoSystemError, e);
+ logger.error(EELFLoggerDelegate.errorLogger, "Exception occurred while executing isAccountAdmin operation", e);
+ }
+ return false;
+ }
+
+ public boolean isUser(EPUser user) {
+ try {
+ EPUser currentUser = user != null
+ ? (EPUser) dataAccessService.getDomainObject(EPUser.class, user.getId(), null) : null;
+ if (currentUser != null && currentUser.getId() != null) {
+ for (EPUserApp userApp : currentUser.getEPUserApps()) {
+ if (!userApp.getApp().getId().equals(ECOMP_APP_ID)) {
+ EPRole role = userApp.getRole();
+ if (!role.getId().equals(SYS_ADMIN_ROLE_ID) && !role.getId().equals(ACCOUNT_ADMIN_ROLE_ID)) {
+ if (role.getActive()) {
+ return true;
+ }
+ }
+ }
+ }
+ }
+ } catch (Exception e) {
+ EPLogUtil.logEcompError(logger, EPAppMessagesEnum.BeDaoSystemError, e);
+ logger.error(EELFLoggerDelegate.errorLogger, "Exception occurred while executing isUser operation", e);
+ }
+ return false;
+ }
+
+ @Override
+ @EPMetricsLog
+ public List<EPRole> getRolesByApp(EPUser user, Long appId) {
+ List<EPRole> list = new ArrayList<>();
+ String sql = "SELECT * FROM FN_ROLE WHERE APP_ID = " + appId;
+ @SuppressWarnings("unchecked")
+ List<EPRole> roles = dataAccessService.executeSQLQuery(sql, EPRole.class, null);
+ for (EPRole role: roles) {
+ list.add(role);
+ }
+ return list;
+ }
+}