--- /dev/null
+/*******************************************************************************\r
+ * ============LICENSE_START====================================================\r
+ * * org.onap.aaf\r
+ * * ===========================================================================\r
+ * * Copyright © 2017 AT&T Intellectual Property. All rights reserved.\r
+ * * ===========================================================================\r
+ * * Licensed under the Apache License, Version 2.0 (the "License");\r
+ * * you may not use this file except in compliance with the License.\r
+ * * You may obtain a copy of the License at\r
+ * * \r
+ * * http://www.apache.org/licenses/LICENSE-2.0\r
+ * * \r
+ * * Unless required by applicable law or agreed to in writing, software\r
+ * * distributed under the License is distributed on an "AS IS" BASIS,\r
+ * * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\r
+ * * See the License for the specific language governing permissions and\r
+ * * limitations under the License.\r
+ * * ============LICENSE_END====================================================\r
+ * *\r
+ * * ECOMP is a trademark and service mark of AT&T Intellectual Property.\r
+ * *\r
+ ******************************************************************************/\r
+package org.onap.aaf.dao.aaf.hl;\r
+\r
+import org.onap.aaf.authz.env.AuthzTrans;\r
+import org.onap.aaf.authz.layer.Result;\r
+import org.onap.aaf.authz.org.Executor;\r
+import org.onap.aaf.dao.aaf.cass.NsSplit;\r
+import org.onap.aaf.dao.aaf.cass.NsDAO.Data;\r
+\r
+public class CassExecutor implements Executor {\r
+\r
+ private Question q;\r
+ private Function f;\r
+ private AuthzTrans trans;\r
+\r
+ public CassExecutor(AuthzTrans trans, Function f) {\r
+ this.trans = trans;\r
+ this.f = f;\r
+ this.q = this.f.q;\r
+ }\r
+\r
+ @Override\r
+ public boolean hasPermission(String user, String ns, String type, String instance, String action) {\r
+ return isGranted(user, ns, type, instance, action);\r
+ }\r
+\r
+ @Override\r
+ public boolean inRole(String name) {\r
+ Result<NsSplit> nss = q.deriveNsSplit(trans, name);\r
+ if(nss.notOK())return false;\r
+ return q.roleDAO.read(trans, nss.value.ns,nss.value.name).isOKhasData();\r
+ }\r
+\r
+ public boolean isGranted(String user, String ns, String type, String instance, String action) {\r
+ return q.isGranted(trans, user, ns, type, instance,action);\r
+ }\r
+\r
+ @Override\r
+ public String namespace() throws Exception {\r
+ Result<Data> res = q.validNSOfDomain(trans,trans.user());\r
+ if(res.isOK()) {\r
+ String user[] = trans.user().split("\\.");\r
+ return user[user.length-1] + '.' + user[user.length-2];\r
+ }\r
+ throw new Exception(res.status + ' ' + res.details);\r
+ }\r
+\r
+ @Override\r
+ public String id() {\r
+ return trans.user();\r
+ }\r
+\r
+}\r