Code Review / aai / aai-common.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | review | tree
raw | inline | side by side
Use data owner attribute instead of owning entity for OwnerCheck
[aai/aai-common.git] / aai-core / src / main / java / org / onap / aai / introspection / sideeffect / OwnerCheck.java
diff --git a/aai-core/src/main/java/org/onap/aai/introspection/sideeffect/OwnerCheck.java b/aai-core/src/main/java/org/onap/aai/introspection/sideeffect/OwnerCheck.java
index 4ece377..c383f0c 100644 (file)
--- a/aai-core/src/main/java/org/onap/aai/introspection/sideeffect/OwnerCheck.java
+++ b/aai-core/src/main/java/org/onap/aai/introspection/sideeffect/OwnerCheck.java
@@ -20,24 +20,23 @@
 
 package org.onap.aai.introspection.sideeffect;
 
-import java.io.UnsupportedEncodingException;
-import java.net.URISyntaxException;
-
-import java.util.List;
-import java.util.Map.Entry;
-import java.util.Optional;
+import org.apache.commons.lang3.ObjectUtils;
 import org.apache.tinkerpop.gremlin.structure.Vertex;
-import org.apache.tinkerpop.gremlin.structure.VertexProperty;
-import org.onap.aai.edges.exceptions.AmbiguousRuleChoiceException;
-import org.onap.aai.edges.exceptions.EdgeRuleNotFoundException;
 import org.onap.aai.exceptions.AAIException;
 import org.onap.aai.introspection.Introspector;
 import org.onap.aai.schema.enums.PropertyMetadata;
 import org.onap.aai.serialization.db.DBSerializer;
 import org.onap.aai.serialization.engines.TransactionalGraphEngine;
+import org.springframework.util.CollectionUtils;
+
+import java.util.Map.Entry;
+import java.util.Optional;
 
 public class OwnerCheck extends SideEffect {
 
+    public static final String READ_ONLY_SUFFIX = "_readOnly";
+    private static final String DATA_OWNER = "data-owner";
+
     public OwnerCheck(Introspector obj, Vertex self, TransactionalGraphEngine dbEngine, DBSerializer serializer) {
         super(obj, self, dbEngine, serializer);
     }
@@ -55,21 +54,15 @@ public class OwnerCheck extends SideEffect {
     }
 
     public static boolean isAuthorized(java.util.Set<String> groups, Vertex vertex) {
-        if (groups != null && !groups.isEmpty()) {
-            List<Vertex> owningEntity = vertex.graph().traversal()
-                .V(vertex)
-                .bothE("org.onap.relationships.inventory.BelongsTo")
-                .otherV()
-                .has("aai-node-type", "owning-entity")
-                .toList();
-
-            if(!owningEntity.isEmpty()) {
-                VertexProperty owningEntityName = owningEntity.get(0).property("owning-entity-name");
-
-                return groups.contains(owningEntityName.orElseGet(null));
+        if (!CollectionUtils.isEmpty(groups)) {
+            Object dataOwnerProperty = vertex.property(DATA_OWNER).orElse(null);
+            if (ObjectUtils.isNotEmpty(dataOwnerProperty)) {
+                String dataOwner = dataOwnerProperty.toString();
+                String dataOwnerWithReadAccess = dataOwner + READ_ONLY_SUFFIX;
+                return groups.stream()
+                    .anyMatch(group -> group.equals(dataOwner) || group.equals(dataOwnerWithReadAccess));
             }
         }
-
         return true;
     }
 
This holds the model, annotations and common modules used across the Resources and Traversal micro services