import org.onap.aaf.auth.dao.cass.CertDAO;
import org.onap.aaf.auth.dao.cass.CredDAO;
import org.onap.aaf.auth.dao.cass.DelegateDAO;
+import org.onap.aaf.auth.dao.cass.DelegateDAO.Data;
import org.onap.aaf.auth.dao.cass.FutureDAO;
import org.onap.aaf.auth.dao.cass.HistoryDAO;
import org.onap.aaf.auth.dao.cass.Namespace;
import org.onap.aaf.auth.dao.cass.RoleDAO;
import org.onap.aaf.auth.dao.cass.Status;
import org.onap.aaf.auth.dao.cass.UserRoleDAO;
-import org.onap.aaf.auth.dao.cass.DelegateDAO.Data;
import org.onap.aaf.auth.dao.hl.Question;
import org.onap.aaf.auth.dao.hl.Question.Access;
import org.onap.aaf.auth.env.AuthzTrans;
import org.onap.aaf.auth.rserv.Pair;
import org.onap.aaf.auth.service.MayChange;
import org.onap.aaf.cadi.aaf.marshal.CertsMarshal;
+import org.onap.aaf.cadi.util.Split;
import org.onap.aaf.cadi.util.Vars;
import org.onap.aaf.misc.env.Env;
import org.onap.aaf.misc.env.TimeTaken;
@Override
public Result<PermDAO.Data> perm(AuthzTrans trans, Request req) {
PermRequest from = (PermRequest)req;
- Result<NsSplit> nss = q.deriveNsSplit(trans, from.getType());
+ String type = from.getType();
+ if(type==null) {
+ return Result.err(Result.ERR_BadData, "Invalid Perm Type");
+ }
PermDAO.Data pd = new PermDAO.Data();
- if (nss.isOK()) {
- pd.ns=nss.value.ns;
- pd.type = nss.value.name;
- pd.instance = from.getInstance();
- pd.action = from.getAction();
- pd.description = from.getDescription();
- trans.checkpoint(pd.fullPerm(), Env.ALWAYS);
- return Result.ok(pd);
- } else {
- return Result.err(nss);
+ if(type.contains("@")) {
+ String[] split = Split.splitTrim(':', type);
+ pd.ns = split[0];
+ pd.type=split.length>1?split[1]:"";
+ pd.instance = from.getInstance();
+ pd.action = from.getAction();
+ pd.description = from.getDescription();
+ return Result.ok(pd);
+ } else {
+ Result<NsSplit> nss = q.deriveNsSplit(trans, from.getType());
+ if (nss.isOK()) {
+ pd.ns=nss.value.ns;
+ pd.type = nss.value.name;
+ pd.instance = from.getInstance();
+ pd.action = from.getAction();
+ pd.description = from.getDescription();
+ trans.checkpoint(pd.fullPerm(), Env.ALWAYS);
+ return Result.ok(pd);
+ } else {
+ return Result.err(nss);
+ }
}
}
CredDAO.Data to = new CredDAO.Data();
to.id=from.getId();
to.ns = Question.domain2ns(to.id);
- String passwd = from.getPassword();
- if (requiresPass) {
- String ok = trans.org().isValidPassword(trans, to.id,passwd);
- if (ok.length()>0) {
- return Result.err(Status.ERR_BadData,ok);
- }
+ to.type = from.getType();
+ if(to.type!=null && to.type==CredDAO.FQI) {
+ to.cred = null;
} else {
- to.type=0;
- }
- if (passwd != null) {
- to.cred = ByteBuffer.wrap(passwd.getBytes());
- to.type = CredDAO.RAW;
- } else {
- to.type = 0;
- }
-
+ String passwd = from.getPassword();
+ if (requiresPass) {
+ String ok = trans.org().isValidPassword(trans, to.id,passwd);
+ if (ok.length()>0) {
+ return Result.err(Status.ERR_BadData,ok);
+ }
+ } else {
+ to.type=0;
+ }
+ if (passwd != null) {
+ to.cred = ByteBuffer.wrap(passwd.getBytes());
+ to.type = CredDAO.RAW;
+ } else {
+ to.type = CredDAO.FQI;
+ }
+ }
+
// Note: Ensure requested EndDate created will match Organization Password Rules
// P.S. Do not apply TempPassword rule here. Do that when you know you are doing a Create/Reset (see Service)
to.expires = getExpires(trans.org(),Expiration.Password,base,from.getId());