import org.onap.aaf.auth.dao.cass.FutureDAO;
import org.onap.aaf.auth.dao.cass.Namespace;
import org.onap.aaf.auth.dao.cass.NsDAO;
+import org.onap.aaf.auth.dao.cass.NsDAO.Data;
import org.onap.aaf.auth.dao.cass.NsSplit;
import org.onap.aaf.auth.dao.cass.NsType;
import org.onap.aaf.auth.dao.cass.PermDAO;
import org.onap.aaf.auth.dao.cass.RoleDAO;
import org.onap.aaf.auth.dao.cass.Status;
import org.onap.aaf.auth.dao.cass.UserRoleDAO;
-import org.onap.aaf.auth.dao.cass.NsDAO.Data;
import org.onap.aaf.auth.dao.hl.Question.Access;
import org.onap.aaf.auth.env.AuthzTrans;
import org.onap.aaf.auth.env.AuthzTrans.REQD_TYPE;
import org.onap.aaf.auth.layer.Result;
import org.onap.aaf.auth.org.Executor;
import org.onap.aaf.auth.org.Organization;
-import org.onap.aaf.auth.org.OrganizationException;
import org.onap.aaf.auth.org.Organization.Expiration;
import org.onap.aaf.auth.org.Organization.Identity;
import org.onap.aaf.auth.org.Organization.Policy;
+import org.onap.aaf.auth.org.OrganizationException;
public class Function {
public static final String FOP_PERM = "perm";
public static final String FOP_ROLE = "role";
public static final String FOP_USER_ROLE = "user_role";
- private static final List<Identity> NO_ADDL_APPROVE = new ArrayList<Identity>();
+ private static final List<Identity> NO_ADDL_APPROVE = new ArrayList<>();
private static final String ROOT_NS = Define.ROOT_NS();
// First Action should ALWAYS be "write", see "CreateRole"
public final Question q;
if (result.notOK()) {
if (sb == null) {
sb = new StringBuilder();
- ao = new ArrayList<String>();
+ ao = new ArrayList<>();
}
sb.append(result.details);
sb.append('\n');
if (rrdc.isOKhasData()) {
for (RoleDAO.Data rdd : rrdc.value) {
// Remove old Role from Perms, save them off
- List<PermDAO.Data> lpdd = new ArrayList<PermDAO.Data>();
+ List<PermDAO.Data> lpdd = new ArrayList<>();
for(String p : rdd.perms(false)) {
Result<PermDAO.Data> rpdd = PermDAO.Data.decode(trans,q,p);
if(rpdd.isOKhasData()) {
if (rpdc.isOKhasData()) {
for (PermDAO.Data pdd : rpdc.value) {
// Remove old Perm from Roles, save them off
- List<RoleDAO.Data> lrdd = new ArrayList<RoleDAO.Data>();
+ List<RoleDAO.Data> lrdd = new ArrayList<>();
for(String rl : pdd.roles(false)) {
Result<RoleDAO.Data> rrdd = RoleDAO.Data.decode(trans,q,rl);
pd.action = Question.ASTERIX;
pd.description = "AAF Namespace Write Access";
- rd.perms = new HashSet<String>();
+ rd.perms = new HashSet<>();
rd.perms.add(pd.encode());
eb.log(q.roleDAO.create(trans, rd));
- pd.roles = new HashSet<String>();
+ pd.roles = new HashSet<>();
pd.roles.add(rd.encode());
eb.log(q.permDAO.create(trans, pd));
}
pd.action = Question.READ;
pd.description = "AAF Namespace Read Access";
- rd.perms = new HashSet<String>();
+ rd.perms = new HashSet<>();
rd.perms.add(pd.encode());
eb.log(q.roleDAO.create(trans, rd));
- pd.roles = new HashSet<String>();
+ pd.roles = new HashSet<>();
pd.roles.add(rd.encode());
eb.log(q.permDAO.create(trans, pd));
}
private Result<Void> checkValidID(AuthzTrans trans, Date now, String user) {
Organization org = trans.org();
- if (user.endsWith(org.getRealm())) {
+ if (org.supportsRealm(user)) {
try {
if (org.getIdentity(trans, user) == null) {
return Result.err(Status.ERR_Denied,
continue;
}
// Remove old Perm from Roles, save them off
- List<RoleDAO.Data> lrdd = new ArrayList<RoleDAO.Data>();
+ List<RoleDAO.Data> lrdd = new ArrayList<>();
for(String rl : pdd.roles(false)) {
Result<RoleDAO.Data> rrdd = RoleDAO.Data.decode(trans,q,rl);
continue;
}
// Remove old Role from Perms, save them off
- List<PermDAO.Data> lpdd = new ArrayList<PermDAO.Data>();
+ List<PermDAO.Data> lpdd = new ArrayList<>();
for(String p : rdd.perms(false)) {
Result<PermDAO.Data> rpdd = PermDAO.Data.decode(trans,q,p);
if(rpdd.isOKhasData()) {
}
Date now = new Date();
List<UserRoleDAO.Data> list = rurdd.value;
- List<String> rv = new ArrayList<String>(list.size()); // presize
+ List<String> rv = new ArrayList<>(list.size()); // presize
for (UserRoleDAO.Data urdd : rurdd.value) {
if (includeExpired || urdd.expires.after(now)) {
rv.add(urdd.user);
Organization org = trans.org();
// For Reapproval, only check Owners.. Do Supervisors, etc, separately
List<Identity> approvers = op.equals(FUTURE_OP.A)?NO_ADDL_APPROVE:org.getApprovers(trans, user);
- List<Identity> owners = new ArrayList<Identity>();
+ List<Identity> owners = new ArrayList<>();
if (nsd != null) {
Result<List<UserRoleDAO.Data>> rrbr = q.userRoleDAO
.readByRole(trans, nsd.name + Question.DOT_OWNER);