import org.onap.aaf.cadi.client.Retryable;
import org.onap.aaf.cadi.util.Vars;
import org.onap.aaf.misc.env.APIException;
-import org.onap.aaf.misc.env.Slot;
import org.onap.aaf.misc.env.Data.TYPE;
+import org.onap.aaf.misc.env.Slot;
import org.onap.aaf.misc.env.util.IPValidator;
import org.onap.aaf.misc.env.util.Split;
import org.onap.aaf.misc.xgen.Cache;
import org.onap.aaf.misc.xgen.DynamicCode;
+import org.onap.aaf.misc.xgen.Mark;
import org.onap.aaf.misc.xgen.html.HTMLGen;
import aaf.v2_0.Error;
cache.dynamic(hgen, new DynamicCode<HTMLGen,AAF_GUI, AuthzTrans>() {
@Override
public void code(final AAF_GUI gui, final AuthzTrans trans,final Cache<HTMLGen> cache, final HTMLGen hgen) throws APIException, IOException {
-trans.info().log("Step 1");
+ trans.info().log("Step 1");
final Artifact arti = new Artifact();
final String machine = trans.get(sMachine,null);
final String ca = trans.get(sCA, null);
// These checks to not apply to deletions
if(!CMArtiChangeForm.DELETE.equals(trans.get(sCmd, ""))) {
- // Disallow IP entries, except by special Permission
- if (!trans.fish(getPerm(ca,"ip"))) {
- boolean ok=true;
- if (IPValidator.ip(machine)) {
- ok=false;
- }
- if (ok) {
- for (String s: arti.getSans()) {
- if (IPValidator.ip(s)) {
- ok=false;
- break;
- }
- }
- }
- if (!ok) {
- hgen.p("Policy Failure: IPs in certificates are only allowed by Exception.");
- return;
- }
- }
-
- // Disallow Domain based Definitions without exception
- if (machine.startsWith("*")) { // Domain set
- if (!trans.fish(getPerm(ca, "domain"))) {
- hgen.p("Policy Failure: Domain Artifact Declarations are only allowed by Exception.");
- return;
- }
- }
+ // Disallow IP entries, except by special Permission
+ if (!trans.fish(getPerm(ca,"ip"))) {
+ boolean ok=true;
+ if (IPValidator.ip(machine)) {
+ ok=false;
+ }
+ if (ok) {
+ for (String s: arti.getSans()) {
+ if (IPValidator.ip(s)) {
+ ok=false;
+ break;
+ }
+ }
+ }
+ if (!ok) {
+ hgen.p("Policy Failure: IPs in certificates are only allowed by Exception.");
+ return;
+ }
+ }
+
}
arti.setMechid((String)trans.get(sID,null));
if (f==null) {
hgen.p("Unknown Command");
} else {
- if (f.body().contains("%")) {
+ if (f.code() > 201) {
Error err = gui.getDF(Error.class).newData().in(TYPE.JSON).load(f.body()).asObject();
- hgen.p(Vars.convert(err.getText(),err.getVariables()));
+ if(f.body().contains("%") ) {
+ hgen.p(Vars.convert(err.getText(),err.getVariables()));
+ } else {
+ int colon = err.getText().indexOf(':');
+ if(colon>0) {
+ hgen.p(err.getMessageId() + ": " + err.getText().substring(0, colon));
+ Mark bq = new Mark();
+ hgen.incr(bq,"blockquote");
+ for(String em : Split.splitTrim('\n', err.getText().substring(colon+1))) {
+ hgen.p(em);
+ }
+ hgen.end(bq);
+ } else {
+ hgen.p(err.getMessageId() + ": " + err.getText());
+ }
+ }
} else {
hgen.p(arti.getMechid() + " on " + arti.getMachine() + ": " + f.body());
}