--- /dev/null
+/*******************************************************************************\r
+ * ============LICENSE_START====================================================\r
+ * * org.onap.aaf\r
+ * * ===========================================================================\r
+ * * Copyright © 2017 AT&T Intellectual Property. All rights reserved.\r
+ * * ===========================================================================\r
+ * * Licensed under the Apache License, Version 2.0 (the "License");\r
+ * * you may not use this file except in compliance with the License.\r
+ * * You may obtain a copy of the License at\r
+ * * \r
+ * * http://www.apache.org/licenses/LICENSE-2.0\r
+ * * \r
+ * * Unless required by applicable law or agreed to in writing, software\r
+ * * distributed under the License is distributed on an "AS IS" BASIS,\r
+ * * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\r
+ * * See the License for the specific language governing permissions and\r
+ * * limitations under the License.\r
+ * * ============LICENSE_END====================================================\r
+ * *\r
+ * * ECOMP is a trademark and service mark of AT&T Intellectual Property.\r
+ * *\r
+ ******************************************************************************/\r
+package org.onap.aaf.cmd.role;\r
+\r
+import java.util.ArrayList;\r
+import java.util.HashMap;\r
+\r
+import org.onap.aaf.cmd.AAFcli;\r
+import org.onap.aaf.cmd.Cmd;\r
+import org.onap.aaf.cmd.Param;\r
+import org.onap.aaf.cssa.rserv.HttpMethods;\r
+\r
+import org.onap.aaf.cadi.CadiException;\r
+import org.onap.aaf.cadi.LocatorException;\r
+import org.onap.aaf.cadi.client.Future;\r
+import org.onap.aaf.cadi.client.Rcli;\r
+import org.onap.aaf.cadi.client.Retryable;\r
+import org.onap.aaf.inno.env.APIException;\r
+import org.onap.aaf.inno.env.util.Chrono;\r
+\r
+import aaf.v2_0.Nss;\r
+import aaf.v2_0.Pkey;\r
+import aaf.v2_0.Roles;\r
+import aaf.v2_0.Users;\r
+\r
+/**\r
+ * p\r
+ *\r
+ */\r
+public class ListByUser extends Cmd {\r
+ private static final String HEADER = "List Roles for User ";\r
+ \r
+ public ListByUser(List parent) {\r
+ super(parent,"user", \r
+ new Param("id",true)); \r
+ }\r
+\r
+ @Override\r
+ public int _exec( int idx, final String ... args) throws CadiException, APIException, LocatorException {\r
+ String user=args[idx];\r
+ String realm = getOrgRealm();\r
+ final String fullUser;\r
+ if (user.indexOf('@') < 0 && realm != null) {\r
+ fullUser = user + '@' + realm;\r
+ } else {\r
+ fullUser = user;\r
+ }\r
+\r
+ return same(new Retryable<Integer>() {\r
+ @Override\r
+ public Integer code(Rcli<?> client) throws CadiException, APIException {\r
+\r
+ Future<Roles> fp = client.read(\r
+ "/authz/roles/user/"+fullUser, \r
+ getDF(Roles.class)\r
+ );\r
+ if(fp.get(AAFcli.timeout())) {\r
+ Future<Nss> fn = null;\r
+ ArrayList<String> roleNss = null;\r
+ ArrayList<String> permNss = null;\r
+ HashMap<String, Boolean> expiredMap = new HashMap<String, Boolean>();\r
+ if (aafcli.isDetailed()) {\r
+ roleNss = new ArrayList<String>();\r
+ permNss = new ArrayList<String>();\r
+ for(aaf.v2_0.Role p : fp.value.getRole()) {\r
+ String roleNs = p.getName();\r
+ do {\r
+ roleNs = p.getName().substring(0,roleNs.lastIndexOf('.'));\r
+ fn = client.read("/authz/nss/"+roleNs,getDF(Nss.class));\r
+ } while (!fn.get(AAFcli.timeout()));\r
+ roleNss.add(roleNs);\r
+ \r
+ for(Pkey perm : p.getPerms()) {\r
+ if (perm.getType().contains(roleNs)) {\r
+ permNss.add(roleNs);\r
+ } else {\r
+ Future<Nss> fpn = null;\r
+ String permType = perm.getType();\r
+ String permNs = permType;\r
+ do {\r
+ permNs = permType.substring(0,permNs.lastIndexOf('.'));\r
+ fpn = client.read("/authz/nss/"+permNs,getDF(Nss.class));\r
+ } while (!fpn.get(AAFcli.timeout()));\r
+ permNss.add(permNs);\r
+ }\r
+ }\r
+ }\r
+ }\r
+ \r
+ if (fp.value != null) {\r
+ for(aaf.v2_0.Role p : fp.value.getRole()) {\r
+ Future<Users> fu = client.read(\r
+ "/authz/userRole/"+fullUser+"/"+p.getName(), \r
+ getDF(Users.class)\r
+ );\r
+ if (fu.get(5000)) {\r
+ if(fu.value != null) {\r
+ for (Users.User u : fu.value.getUser()) {\r
+ if(u.getExpires().normalize().compare(Chrono.timeStamp().normalize()) > 0) {\r
+ expiredMap.put(p.getName(), new Boolean(false));\r
+ } else {\r
+ expiredMap.put(p.getName(), new Boolean(true));\r
+ }\r
+ }\r
+ }\r
+ }\r
+ } \r
+ }\r
+ \r
+ ((List)parent).report(fp,roleNss,permNss,expiredMap,HEADER,fullUser);\r
+ } else {\r
+ error(fp);\r
+ }\r
+ return fp.code();\r
+ }\r
+ });\r
+ }\r
+ \r
+ @Override\r
+ public void detailedHelp(int indent, StringBuilder sb) {\r
+ detailLine(sb,indent,HEADER);\r
+ api(sb,indent,HttpMethods.GET,"authz/roles/user/<user>",Roles.class,true);\r
+ }\r
+\r
+\r
+}\r