import org.onap.aaf.auth.batch.helpers.Cred;
import org.onap.aaf.auth.batch.helpers.Cred.Instance;
import org.onap.aaf.auth.batch.helpers.UserRole;
-import org.onap.aaf.auth.batch.helpers.Visitor;
import org.onap.aaf.auth.env.AuthzTrans;
import org.onap.aaf.auth.org.Organization;
import org.onap.aaf.auth.org.Organization.Identity;
private static final String INFO = "info";
private Map<String, CSV.Writer> writerList;
private Map<String, CSV.Writer> whichWriter;
- private File logDir;
private Date now;
private Writer notInOrgW;
private Writer notInOrgDeleteW;
// Create Intermediate Output
writerList = new HashMap<>();
whichWriter = new TreeMap<>();
- logDir = new File(logDir());
- logDir.mkdirs();
now = new Date();
String sdate = Chrono.dateOnlyStamp(now);
- File file = new File(logDir,NOT_IN_ORG + sdate +CSV);
- CSV csv = new CSV(file);
+ File file = new File(logDir(),NOT_IN_ORG + sdate +CSV);
+ CSV csv = new CSV(env.access(),file);
notInOrgW = csv.writer(false);
notInOrgW.row(INFO,NOT_IN_ORG,Chrono.dateOnlyStamp(now),0);
writerList.put(NOT_IN_ORG,notInOrgW);
// These will have been double-checked by the Organization, and can be deleted immediately.
String fn = NOT_IN_ORG+"Delete";
- file = new File(logDir,fn + sdate +CSV);
- CSV csvDelete = new CSV(file);
+ file = new File(logDir(),fn + sdate +CSV);
+ CSV csvDelete = new CSV(env.access(),file);
notInOrgDeleteW = csvDelete.writer(false);
notInOrgDeleteW.row(INFO,fn,Chrono.dateOnlyStamp(now),0);
writerList.put(NOT_IN_ORG,notInOrgW);
trans.info().log("User Roles");
final AuthzTrans transNoAvg = trans.env().newTransNoAvg();
- UserRole.load(trans, session, UserRole.v2_0_11, new Visitor<UserRole>() {
- @Override
- public void visit(UserRole ur) {
- try {
- if(!check(transNoAvg, checked, ur.user())) {
- ur.row(whichWriter(transNoAvg,ur.user()));
- }
- } catch (OrganizationException e) {
- trans.error().log(e, "Error Decrypting X509");
+ UserRole.load(trans, session, UserRole.v2_0_11, ur -> {
+ try {
+ if(!check(transNoAvg, checked, ur.user())) {
+ ur.row(whichWriter(transNoAvg,ur.user()),UserRole.UR);
}
+ } catch (OrganizationException e) {
+ trans.error().log(e, "Error Decrypting X509");
}
});
}
}
- /*
- * Do we delete now? Or work on Revocation semantics
- *
- trans.info().log("Checking for X509s without IDs");
- X509.load(trans, session, new Visitor<X509>() {
- @Override
- public void visit(X509 x509) {
- try {
- for(Certificate cert : Factory.toX509Certificate(x509.x509)) {
- X509Certificate xc = (X509Certificate)cert;
- xc.getSubjectDN();
- if(!check(transNoAvg,checked, (X))) {
- x509.row(notInOrgW,);
- }
- }
- } catch (CertificateException | IOException e) {
- trans.error().log(e, "Error Decrypting X509");
- }
- }
- });
- */
} catch (OrganizationException e) {
trans.info().log(e);
}
private Writer whichWriter(AuthzTrans transNoAvg, String id) {
Writer w = whichWriter.get(id);
if(w==null) {
- w = org.mayAutoDelete(transNoAvg, id)?
+ w = org.isRevoked(transNoAvg, id)?
notInOrgDeleteW:
notInOrgW;
whichWriter.put(id,w);