+++ /dev/null
-/*******************************************************************************\r
- * ============LICENSE_START====================================================\r
- * * org.onap.aaf\r
- * * ===========================================================================\r
- * * Copyright © 2017 AT&T Intellectual Property. All rights reserved.\r
- * * ===========================================================================\r
- * * Licensed under the Apache License, Version 2.0 (the "License");\r
- * * you may not use this file except in compliance with the License.\r
- * * You may obtain a copy of the License at\r
- * * \r
- * * http://www.apache.org/licenses/LICENSE-2.0\r
- * * \r
- * * Unless required by applicable law or agreed to in writing, software\r
- * * distributed under the License is distributed on an "AS IS" BASIS,\r
- * * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\r
- * * See the License for the specific language governing permissions and\r
- * * limitations under the License.\r
- * * ============LICENSE_END====================================================\r
- * *\r
- * * ECOMP is a trademark and service mark of AT&T Intellectual Property.\r
- * *\r
- ******************************************************************************/\r
-package org.onap.aaf.cmd.perm;\r
-\r
-import org.onap.aaf.cmd.AAFcli;\r
-import org.onap.aaf.cmd.Cmd;\r
-import org.onap.aaf.cmd.Param;\r
-import org.onap.aaf.cssa.rserv.HttpMethods;\r
-\r
-import com.att.aft.dme2.internal.jetty.http.HttpStatus;\r
-import org.onap.aaf.cadi.CadiException;\r
-import org.onap.aaf.cadi.LocatorException;\r
-import org.onap.aaf.cadi.client.Future;\r
-import org.onap.aaf.cadi.client.Rcli;\r
-import org.onap.aaf.cadi.client.Retryable;\r
-import org.onap.aaf.inno.env.APIException;\r
-\r
-import aaf.v2_0.PermRequest;\r
-import aaf.v2_0.RoleRequest;\r
-\r
-/**\r
- * \r
- *\r
- */\r
-public class Create extends Cmd {\r
- public Create(Perm parent) {\r
- super(parent,"create", \r
- new Param("type",true), \r
- new Param("instance",true),\r
- new Param("action", true),\r
- new Param("role[,role]* (to Grant to)", false)\r
- );\r
- }\r
-\r
- @Override\r
- public int _exec(final int index, final String ... args) throws CadiException, APIException, LocatorException {\r
- return same(new Retryable<Integer>() {\r
- @Override\r
- public Integer code(Rcli<?> client) throws CadiException, APIException {\r
- int idx = index;\r
- final PermRequest pr = new PermRequest(); \r
- pr.setType(args[idx++]);\r
- pr.setInstance(args[idx++]);\r
- pr.setAction(args[idx++]);\r
- String roleCommas = (args.length>idx)?args[idx++]:null;\r
- String[] roles = roleCommas==null?null:roleCommas.split("\\s*,\\s*");\r
- boolean force = aafcli.forceString()!=null;\r
- int rv;\r
- \r
- if(roles!=null && force) { // Make sure Roles are Created\r
- RoleRequest rr = new RoleRequest();\r
- for(String role : roles) {\r
- rr.setName(role);;\r
- Future<RoleRequest> fr = client.create(\r
- "/authz/role",\r
- getDF(RoleRequest.class),\r
- rr\r
- );\r
- fr.get(AAFcli.timeout());\r
- switch(fr.code()){\r
- case 201:\r
- pw().println("Created Role [" + role + ']');\r
- break;\r
- case 409:\r
- break;\r
- default: \r
- pw().println("Role [" + role + "] does not exist, and cannot be created.");\r
- return HttpStatus.PARTIAL_CONTENT_206;\r
- }\r
- }\r
- }\r
-\r
- // Set Start/End commands\r
- setStartEnd(pr);\r
- setQueryParamsOn(client);\r
- Future<PermRequest> fp = client.create(\r
- "/authz/perm",\r
- getDF(PermRequest.class),\r
- pr\r
- );\r
- if(fp.get(AAFcli.timeout())) {\r
- rv = fp.code();\r
- pw().println("Created Permission");\r
- if(roles!=null) {\r
- if(aafcli.forceString()!=null) { // Make sure Roles are Created\r
- RoleRequest rr = new RoleRequest();\r
- for(String role : roles) {\r
- rr.setName(role);;\r
- Future<RoleRequest> fr = client.create(\r
- "/authz/role",\r
- getDF(RoleRequest.class),\r
- rr\r
- );\r
- fr.get(AAFcli.timeout());\r
- switch(fr.code()){\r
- case 201:\r
- case 409:break;\r
- default: \r
- \r
- }\r
- }\r
- }\r
- \r
- try {\r
- if(201!=(rv=((Perm)parent)._exec(0, \r
- new String[] {"grant",pr.getType(),pr.getInstance(),pr.getAction(),roleCommas}))) {\r
- rv = HttpStatus.PARTIAL_CONTENT_206;\r
- }\r
- } catch (LocatorException e) {\r
- throw new CadiException(e);\r
- }\r
- }\r
- } else {\r
- rv = fp.code();\r
- if(rv==409 && force) {\r
- rv = 201;\r
- } else if(rv==202) {\r
- pw().println("Permission Creation Accepted, but requires Approvals before actualizing");\r
- if (roles!=null)\r
- pw().println("You need to grant the roles after approval.");\r
- } else {\r
- error(fp);\r
- }\r
- }\r
- return rv;\r
- }\r
- });\r
- }\r
- \r
- @Override\r
- public void detailedHelp(int _indent, StringBuilder sb) {\r
- int indent = _indent;\r
- detailLine(sb,indent,"Create a Permission with:");\r
- detailLine(sb,indent+=2,"type - A Namespace qualified identifier identifying the kind of");\r
- detailLine(sb,indent+11,"resource to be protected");\r
- detailLine(sb,indent,"instance - A name that distinguishes a particular instance of resource");\r
- detailLine(sb,indent,"action - What kind of action is allowed");\r
- detailLine(sb,indent,"role(s) - Perms granted to these Comma separated Role(s)");\r
- detailLine(sb,indent+11,"Nonexistent role(s) will be created, if in same namespace");\r
- sb.append('\n');\r
- detailLine(sb,indent+2,"Note: Instance and Action can be a an '*' (enter \\\\* on Unix Shell)");\r
- api(sb,indent,HttpMethods.POST,"authz/perm",PermRequest.class,true);\r
- }\r
-\r
-}\r
Code Review / aaf / authz.git / blobdiff