+ if (isLoggedInUserRoleAdminofApp) {
+ if (deletedRolesByApprover.size() > 0) {
+ List<ExternalAccessUserRoleDetail> newUpdatedRoles = new ArrayList<>();
+ for (ExternalAccessUserRoleDetail userRole : userRoleListMatchingInExtAuthAndLocal) {
+ for (EcompRole role : deletedRolesByApprover) {
+ if ((userRole.getName().substring(app.getAuthNamespace().length() + 1))
+ .equals(role.getName())) {
+ newUpdatedRoles.add(userRole);
+ }
+ }
+ }
+ if (newUpdatedRoles.size() > 0) {
+ userRoleListMatchingInExtAuthAndLocal = new ArrayList<>(newUpdatedRoles);
+ } else {
+ userRoleListMatchingInExtAuthAndLocal = new ArrayList<>();
+ currentUserRolesToUpdate = new HashMap<>();
+
+ }
+
+ } else {
+ userRoleListMatchingInExtAuthAndLocal = new ArrayList<>();
+ currentUserRolesToUpdate = new HashMap<>();
+
+ }
+ }
+
+ // Check if user roles does not exists in local but still there in External Central Auth System delete them all
+ for (ExternalAccessUserRoleDetail userRole : userRoleListMatchingInExtAuthAndLocal) {
+ if (!(currentUserRolesToUpdate
+ .containsKey(userRole.getName().substring(app.getAuthNamespace().length() + 1)))) {
+ HttpEntity<String> entity = new HttpEntity<>(headers);
+ logger.debug(EELFLoggerDelegate.debugLogger,
+ "updateUserRolesInExternalSystem: Connecting to external system to DELETE user role {}",
+ userRole.getName());
+ ResponseEntity<String> deleteResponse = template.exchange(
+ SystemProperties
+ .getProperty(EPCommonSystemProperties.EXTERNAL_CENTRAL_ACCESS_URL)
+ + "userRole/" + name + "/" + userRole.getName(),
+ HttpMethod.DELETE, entity, String.class);
+ logger.debug(EELFLoggerDelegate.debugLogger,
+ "updateUserRolesInExternalSystem: Finished DELETE operation in external system for user role {} and the response is {}",
+ userRole.getName(), deleteResponse.getBody());
+ }
+ }
+ // Check if user roles does not exists in External Central Auth System add them all
+ for (RoleInAppForUser addUserRole : roleInAppUserNonDupls) {
+ if (!(currentUserRolesInExternalSystem
+ .containsKey(app.getAuthNamespace() + "." + addUserRole.getRoleName().replaceAll(
+ EcompPortalUtils.EXTERNAL_CENTRAL_AUTH_ROLE_HANDLE_SPECIAL_CHARACTERS,
+ "_")))) {
+ ExternalAccessUser extUser = new ExternalAccessUser(name,
+ app.getAuthNamespace() + "." + addUserRole.getRoleName().replaceAll(
+ EcompPortalUtils.EXTERNAL_CENTRAL_AUTH_ROLE_HANDLE_SPECIAL_CHARACTERS,
+ "_"));
+ String formattedUserRole = mapper.writeValueAsString(extUser);
+ HttpEntity<String> entity = new HttpEntity<>(formattedUserRole, headers);
+ logger.debug(EELFLoggerDelegate.debugLogger,
+ "updateUserRolesInExternalSystem: Connecting to external system for user {} and POST {}",
+ name, addUserRole.getRoleName());
+ ResponseEntity<String> addResponse = template
+ .exchange(SystemProperties
+ .getProperty(EPCommonSystemProperties.EXTERNAL_CENTRAL_ACCESS_URL)
+ + "userRole", HttpMethod.POST, entity, String.class);
+ logger.debug(EELFLoggerDelegate.debugLogger,
+ "updateUserRolesInExternalSystem: Finished adding user role in external system {} and added user role {}",
+ addResponse.getBody(), addUserRole.getRoleName());
+ if (addResponse.getStatusCode().value() != 201
+ && addResponse.getStatusCode().value() != 404) {
+ logger.debug(EELFLoggerDelegate.debugLogger,
+ "Finished POST operation in external system but unable to save user role",
+ addResponse.getBody(),
+ addUserRole.getRoleName());
+ throw new Exception(addResponse.getBody());
+ }
+ }
+ }
+ } catch (HttpClientErrorException e) {
+ logger.error(EELFLoggerDelegate.errorLogger,
+ "updateUserRolesInExternalSystem: Failed to add user role for application {} due to {}",
+ app.getId(), e);
+ if (e.getStatusCode() == HttpStatus.FORBIDDEN) {
+ logger.error(EELFLoggerDelegate.errorLogger, "Please enter the valid systemUser",
+ orgUserId);
+ throw new HttpClientErrorException(HttpStatus.FORBIDDEN,
+ "Please enter the valid systemUser");
+ }
+ if (e.getStatusCode() == HttpStatus.NOT_FOUND) {
+ logger.error(EELFLoggerDelegate.errorLogger, "Please enter the valid role");
+ throw new HttpClientErrorException(HttpStatus.NOT_FOUND, "Please enter the valid role");
+ }
+ EPLogUtil.logExternalAuthAccessAlarm(logger, HttpStatus.BAD_REQUEST);
+ throw e;
+ } catch (Exception e) {
+ logger.error(EELFLoggerDelegate.errorLogger,
+ "updateUserRolesInExternalSystem: Failed to add user role for application {} due to {}",
+ app.getId(), e);
+ EPLogUtil.logExternalAuthAccessAlarm(logger, HttpStatus.BAD_REQUEST);
+ throw e;