* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
- *
+ *
* http://www.apache.org/licenses/LICENSE-2.0
- *
+ *
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
package org.onap.aaf.auth.locate.service;
import java.util.List;
-import java.util.UUID;
import org.onap.aaf.auth.dao.cass.ConfigDAO;
import org.onap.aaf.auth.dao.cass.ConfigDAO.Data;
import org.onap.aaf.auth.locate.mapper.Mapper;
import org.onap.aaf.auth.locate.validation.LocateValidator;
import org.onap.aaf.cadi.aaf.AAFPermission;
-import org.onap.aaf.misc.env.APIException;
import locate.v1_0.Endpoints;
import locate.v1_0.MgmtEndpoint;
import locate.v1_1.Configuration;
import locate.v1_1.Configuration.Props;
-public class LocateServiceImpl<IN,OUT,ERROR>
+public class LocateServiceImpl<IN,OUT,ERROR>
implements LocateService<IN,OUT,Endpoints,MgmtEndpoints,Configuration,ERROR> {
private Mapper<IN,OUT,Endpoints,MgmtEndpoints,Configuration,ERROR> mapper;
protected LocateDAO locateDAO;
private ConfigDAO configDAO;
private boolean permToRegister;
-
- public LocateServiceImpl(AuthzTrans trans, AAF_Locate locate, Mapper<IN,OUT,Endpoints,MgmtEndpoints,Configuration,ERROR> mapper) throws APIException {
+
+ public LocateServiceImpl(AuthzTrans trans, AAF_Locate locate, Mapper<IN,OUT,Endpoints,MgmtEndpoints,Configuration,ERROR> mapper){
this.mapper = mapper;
this.locateDAO = locate.locateDAO;
this.configDAO = locate.configDAO;
permToRegister = false; //TODO Setup a Configuration for this
}
-
+
public Mapper<IN,OUT,Endpoints,MgmtEndpoints,Configuration,ERROR> mapper() {return mapper;}
@Override
@Override
public Result<Void> putMgmtEndPoints(AuthzTrans trans, MgmtEndpoints meps) {
LocateValidator v = new LocateValidator().mgmt_endpoints(meps, false);
- if(v.err()) {
+ if (v.err()) {
return Result.err(Result.ERR_BadData,v.errs());
}
int count = 0;
- for(MgmtEndpoint me : meps.getMgmtEndpoint()) {
- if(permToRegister) {
+ StringBuilder denied = null;
+ for (MgmtEndpoint me : meps.getMgmtEndpoint()) {
+ if (permToRegister) {
int dot = me.getName().lastIndexOf('.'); // Note: Validator checks for NS for getName()
- AAFPermission p = new AAFPermission(me.getName().substring(0,dot),"locator",me.getName(),"write");
- if(trans.fish(p)) {
- LocateDAO.Data data = mapper.locateData(me);
- locateDAO.update(trans, data, true);
- ++count;
- } else {
- return Result.err(Result.ERR_Denied,"May not register service (needs " + p.getKey() + ')');
+ AAFPermission p = new AAFPermission(me.getName().substring(0,dot),"locator",me.getHostname(),"write");
+ if (!trans.fish(p)) {
+ if(denied==null) {
+ denied = new StringBuilder("May not register service(s):");
+ }
+
+ denied.append("\n\t");
+ denied.append(p.getKey());
+ denied.append(')');
+ continue;
}
- } else { //TODO if(MechID is part of Namespace) {
- LocateDAO.Data data = mapper.locateData(me);
- locateDAO.update(trans, data, true);
- ++count;
}
+ LocateDAO.Data data = mapper.locateData(me);
+ locateDAO.update(trans, data, true);
+ ++count;
}
- if(count>0) {
+ if (count>0) {
return Result.ok();
} else {
- return Result.err(Result.ERR_NotFound, "No endpoints found");
+ return denied==null?Result.err(Result.ERR_NotFound, "No endpoints found")
+ :Result.err(Result.ERR_Security,denied.toString());
}
}
@Override
public Result<Void> removeMgmtEndPoints(AuthzTrans trans, MgmtEndpoints meps) {
LocateValidator v = new LocateValidator().mgmt_endpoint_key(meps);
- if(v.err()) {
+ if (v.err()) {
return Result.err(Result.ERR_BadData,v.errs());
}
int count = 0;
- for(MgmtEndpoint me : meps.getMgmtEndpoint()) {
- int dot = me.getName().lastIndexOf('.'); // Note: Validator checks for NS for getName()
- AAFPermission p = new AAFPermission(me.getName().substring(0,dot),"locator",me.getHostname(),"write");
- if(trans.fish(p)) {
- LocateDAO.Data data = mapper.locateData(me);
- data.port_key = UUID.randomUUID();
- locateDAO.delete(trans, data, false);
- ++count;
- } else {
- return Result.err(Result.ERR_Denied,"May not register service (needs " + p.getKey() + ')');
- }
+ StringBuilder denied = null;
+ for (MgmtEndpoint me : meps.getMgmtEndpoint()) {
+ if (permToRegister) {
+ int dot = me.getName().lastIndexOf('.'); // Note: Validator checks for NS for getName()
+ AAFPermission p = new AAFPermission(me.getName().substring(0,dot),"locator",me.getHostname(),"write");
+ if (!trans.fish(p)) {
+ if(denied==null) {
+ denied = new StringBuilder("May not deregister service(s):");
+ }
+
+ denied.append("\n\t");
+ denied.append(p.getKey());
+ denied.append(')');
+ continue;
+ }
+ }
+ LocateDAO.Data data = mapper.locateData(me);
+ locateDAO.delete(trans, data, true);
+ ++count;
}
- if(count>0) {
+ if (count>0) {
return Result.ok();
} else {
- return Result.err(Result.ERR_NotFound, "No endpoints found");
+ return denied==null?Result.err(Result.ERR_NotFound, "No endpoints found")
+ :Result.err(Result.ERR_Security,denied.toString());
}
}
///// ADDED v1_1
/* (non-Javadoc)
* @see org.onap.aaf.auth.locate.service.LocateService#getConfig(org.onap.aaf.auth.env.AuthzTrans, java.lang.String, java.lang.String)
+ *
+ * Note: "id" is put in, in case we need to filter, or direct data change in the future by Permission
*/
@Override
public Result<Configuration> getConfig(AuthzTrans trans, String id, String type) {
Configuration c = new Configuration();
c.setName(type);
Props p;
-
- if(dr.isOKhasData()) {
- for(ConfigDAO.Data data : dr.value) {
+
+ if (dr.isOKhasData()) {
+ for (ConfigDAO.Data data : dr.value) {
p = new Props();
p.setTag(data.tag);
p.setValue(data.value);
}
}
return Result.ok(c);
- //return Result.err(Result.ERR_NotImplemented,"not done yet");
}
Code Review / aaf / authz.git / blobdiff